last executing test programs:

8.140794177s ago: executing program 3 (id=1200):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff)
madvise$auto(0x0, 0x2003f2, 0x15)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
r3 = openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, 0x0, 0x8006, 0x0)
write$auto_proc_uid_map_operations_base(r3, 0x0, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0x1c, r2, 0x1, 0x70bd2c, 0x25dfdbfd, {0x2, 0x0, 0x92}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0x1c}}, 0x4000)
madvise$auto(0x0, 0x200007, 0x19)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/free_buffer\x00', 0x24001, 0x0)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x2000c, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x400000008000)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
open(0x0, 0xa22c0, 0x151)
r4 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r4, 0x107, 0xf, 0x0, 0x6)

6.880316925s ago: executing program 2 (id=1207):
unshare$auto(0x40000080)
r0 = socket(0xa, 0x5, 0x0)
mmap$auto(0x4, 0xa020009, 0x3, 0xeb1, r0, 0x7ffe)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r2)
ioctl$auto_KVM_GET_MSRS(r3, 0x4008ae89, &(0x7f00000000c0)={0xdd, 0x0, [{0x40000073, 0x400, 0x4}]})
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/fs/cifs/mount_params\x00', 0x802, 0x0)
r5 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f0000000640)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\xff\x7f\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc:\xfa\x01\xd1\xa3\xb5\xc2B\xa5\xac:woR^a\xb9}\xe7\xbd\xe1\xf77.\xa3\xd8\xc2T\x95\x13\x91\xb6p\xf3\xb2w\xe6\xd7\x94DW\x97\x90a\xe6c\xfb\x88x\xd5L\xa9\xe4\x82\x04\xb1\x8b\r\xcaP\\\x1aVP\xc9\xa4`\xfd\v\x94\f\xc1\x0fQ\xc9\xdcL\x03\x9c\xbfk\xa6\xb1\xb0\xa1\xeeJ\xd8\xef\xc8t\x9d\x1e=J\x91W\xc6AuJ\xb9Q\xed\xd1\a\x05\x9d\x85\xb7b#r\xcd\xaf\xb7\x9f\xf7\xd2\xae\x0f\x98\xa9&\xb6~\xd4\xbd\xbbr\xb9\xc3\xacH!\xc1\x90K2\x05K@\xee\xac\xe8\xc7\t\xab\xbf\xa3\xedb\xd7\xb5\xd7\x83&\x95\xb2?\x0e\x85\xaaIGu\xd6$\xeb\xb6\xdd\a\x121\a\xac\x1bx#\x87\xa9\x10\x9b\xf8YD\x04ZL\xca\x99]\x8f[\x90[\xa8\xbf\x98\xa6\xe50(zC\xe84*w\x13\x96\xd5\xd0\x877\x12\xbc\xa1\xd0h@|\xf9\xfa\x9b\x17\x94\xb9\xe7\xf3\x15\x05\x91\xe8\x98p\x7f:\xd7s\xd9wo\x82\xda\xec\x91\xb7\xd9;H\x8a\b\x00\x00\x00\x00\x00\x00\x00\x8aZ\x94\x14$X7\xaeW6=^I\x9fQ\r5c\x81\xca]\x97m\x89o\x8f\xd8}P>I\xd0\xb3\x88C\xd7', 0x100000a3d9)
ioctl$auto(0xffffffffffffffff, 0x540a, 0x0)
close_range$auto(0x2, r5, 0x401)
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)
r6 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x80000, 0x0)
poll$auto(&(0x7f0000000180)={<r7=>r6, 0xfff7, 0x9816}, 0x7f, 0x9)
ioctl$auto_VHOST_SET_OWNER(r7, 0xaf01, 0x0)
openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000000), 0x2400, 0x0)
migrate_pages$auto(0x0, 0xa, &(0x7f00000000c0)=0x52a6, &(0x7f0000000140)=0x2)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = socket(0xa, 0x2, 0x3a)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/overlay/parameters/check_copy_up\x00', 0x129882, 0x0)
bind$auto(r9, &(0x7f0000000040)=@generic={0xa, "2c551d000000fe8000"}, 0x66)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'xfrm0\x00'})

6.33477636s ago: executing program 2 (id=1209):
close_range$auto(0x0, 0x5, 0x0)
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
sysfs$auto(0x2, 0x10000000000002f, 0x0)
fsopen$auto(0x0, 0x1)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/loop6\x00', 0x101202, 0x0)
r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video27\x00', 0x241, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/nvmet_rdma/parameters/srq_size\x00', 0x183841, 0x0)
fsconfig$auto_FSCONFIG_CMD_RECONFIGURE(r0, 0x7, &(0x7f0000000040)='%\x00', &(0x7f00000001c0)="db5ece444af866c6ebbe0e50be0ab9097f212a4a5a0e8ca546bb81f685a6729529b8424c73f49dcd1e3ac63fe7fb5b0751044ff2e5dd479da862beaf8eca851bdd6b773c36a0a820cdf0ab6e2b676e895c850fb4ae30dd7c726bfdec3e4584603182d4bc7f0d934458cfdbe80e4a7de62266980140cf08518cc0261ce2988df59c22c21d4c65b95f0da5b8a1cb9793f77d6549afbf526f6a650d898dfb92953c1bd455ad749b4b85d07fe6fcd9d01abb3727537f42bb0a46e1da72db1453d6c237852530f4e3d8f865adfd01a5bf471916a8c782edb499eabd535cebc2597e56f2f516d1194b3973b00f315cb06028ba5f26606e9aa352777c68ef4317a389ec68afb4453268be3097510370f651e234d3ad4a53e59505f767482bc41c470c85a3eee50c407a25694c17fb5632b3fc7141bcd67811db8a3336c0b8636790603ffa5ee860ca9a11812b6405ef73c94370314968d992b936945fa5fb6a1142d8ef04280f7ce80c70015ba3327789b734e5f2e60900fd5336eb24b735bd5ddaf811eb9ae5f38721117c0e6fd51c29e970f58e3cd76785779a62e4a78a98d5265c405fe08fc8030ae0913316392b7299d4d23a9c6267901a6f3ba27c0b6acfcee854397a16c86230522ee5b86553f8e246235931a09f2f88c76e2e502d01eb7705ba234ef83c7dab8a09fc58c45ddf199133bebfe29712330f231af81728d18ad9fd45ea4ad0a02183f42ae6e4eaafae0ed2d42f2bed010166b5b97acff58e5b429f0e9c2062e687f4e9abcd2d27d433aeff088d6a3cf5e1d0adab37f9bfb54822c45467594d83174b40edcb279ebc855b90091a0f2897b27c1bff257bf36a15cd1eceff8db3d1f97f22536df6b975cb4c58112e73698b75b1b6bcdc9ab71efc4d5e9d34327df49a205425ebf71cb9b8e24a153a8dcbd0cebeb9decd1f64e6af054d6106780e072d9867538f15b50044b0b9c56e953ef9e18652fc30037771f6f906550e59e175235ec80a7d641ab54cb50abad17c56976a82deef0bd547eb86d8e3451c4fec04e8e7d513e7f2f9987e6e821f6dfdb88eec16f01785e6c0f07456ad08136d57335db9dfa301f4f1f9ec461024986a8d8bab6764cf9dc1f83e86714657f9601fd0daf9cb62b77c75b5d5745948d51f0d178071b23d08b9f081528aa1f41f5e84872f5480bcdd94aa1fde0282eab5d6f3f1d58fc7a9dd0e3f414672c33fbd5f419055e3136d029671454c4aa1cb18537348d7f0e76b7f3213018150ef47f63bb4e3b1dffeceb832cc6b1b6d8e1a74ad44587fcd5715dd4f5ead1af7dda8fe9b5765e250ea1ee4bc922e291f3697cadf0bc73ec2f80d4efa26f8d933b4e1d4eb7d4a69e2e1f62fa88c2fa5dcecec5f0f5734ab0e837f403ac1f4ad5ea1a5a0c40377a9e7904ec528ff315c7c671f1c83d4649f4bcb7c9e7fc720f5bece63af3501c26e7e490650b15859c447904a6a7bfd71a2985b5bae6cc4c0e1417f8b3a60ccbdddd94c1d34f0badb85a9ca77f7998fa79748281c90b867ecbb9098a741129cb9a1896d0a0265980a12864861d7b770b897536f79d4066634f8db486d3585771575cab9ad8dc8beed501846f36aaa6143f60a9c8e3cf825cc87ec583dec7b3afb3cc09cb498a60646b080597cb2333195b45e8a36c877e8158edfc2f674c2305ba3c0bb233d7b0ce408aa00f7b826330ae1fd4f0f99d826a8fc48ee36257db1044760166603086ff2443244e3553d77f2fc209fbe90e7c6897c037a201fdc04f25500346f775cf47ad7f873db336b95d23663c55d6e290faf36a9dd6d982b8a02fd069e5b9254800cd0ae833df8ed2fe248c17a7909c7224f53cb9d9fa44bf021d06aa3d8c0c9211075ecfb500790f8373fbcc958f37cdc40b468eee6c7e39e788f6d5c0f0e8951e55b3db005a5f9a089cf91a0f3f0c2550d60c08f5bce2eeacd7176f6716dc6ff537a0900e0d7c211227cd999576f8606445f976f40538a7a3b3dc26d530ab1aefb41e1352e5cf992bb6ceffea46e892759d1527578da36ba60ea351b68cb7297c61710c977cc68b406ea6b6999317dbd5256cbe9bd57f9b788eef46a52a60b1d73f39d14078a98c588f52ecb9598160af14233793b1f0a2128d1fbef58f15d53e1f60a1deecd633583c0ac1511bed5090e72b4a172778ad077222081aa1a005839ce6d41a74ca4f2c8c4f513ed55b94c593f85905829763898c52ab7aa2296f6c72b3fb7fcaefb809b3053eae31382becf6e16919b150b08a21ed00a8e81f3ad38bd1b880b6a9b483dc35be9fa8fd6a946a429a0603ba6bc0f071998f1a4491c1a55f10af9d6cca08d65cdd2a5de3286e094fa943b41a37feffcc9f6ce4729628bed290f66d9e232128465defd0c719e698bd9887641f9b33345daf9000a06943ae01ab34c304aef51b45aaef06e31a690a2607efefd447d29d0a419f661ef6a0e6b9dbe5468b93cad938b83a74bcbd8a5604cdb0082c594024992e3643c9f5dba729bb02b6e509fd5865c31b7cfd973e1c0b90191b0febfd9437ccf528dcbba11b873ac5999aa95b27472301b8241a95481bda36624fea93929db5b17f5c5ab918b8468e695a06834b965e84892e91f73cba560d7d9b2edd59c64c2613f07fc95c8e2f2c407aadd3e05e42d78b890a2e4e29a882136f49d454462b67c4e0fe279f42867994d6a8904d18293a2b8c79870e5f291ae45c7ed70f709a6936f0042fbcc8f4a9ccc3adabfacc521ea4a236a16f4dc10d64a775bc180e074ed865d57f9a73cde2e70e18283c5e6ceeac36014f5fa6f75827b1a1861c8abcc1cb66d842199a34155c10f66f9026afb887d6834caa5dadd12dfe3f57a7001df8d59f9c71986957b38fa148000f1473651ee64f92e0ce7148a6229b18a0aa2c4fd2967a08bf28a31cef96404a944ad1501cf4b1d11dda2310452503384a7dfc4d626a0b59df295c42effea869f67f470f42effb7edc505c088f0b7c83a2fa8bdd9a6e5cb167de9942e3b0e36ad82b175813749166f496955694fd722005e878e487910c971522341d5c529bd623a584f0c359b6822fe8580900f86034f2e892cb539af8ec4b09def40a9c5631dc3e2ecba152dd0b1125e2b60a7d5ddf98fb653a3ddf85c27317ce87a7192b51e1c6adb03c330a3fc23489c19d52cf1899c5ed77333df7a69e705694c4e1ba77d2e9b51aa4e3c4e181b2edf82f841fe62c2f93943b2dff321f3b441b6f511f67adf4fffebfff76353f20f0cbc31ad48c6dbeb484158829fda48c03444d5517a66e4b992322ed0f742eb70892e12778dd54e5da376f13a5989ae9cf699be8ffec70f2a860fa2fe4615eace9646f393edd0314b59ad948bba298975302ed88f8c4f96615f8db319c78cd07e7b442cfae77a295104034cf25bcee2f6c2ee14e58a96728ea2118a23654b2ef68966d36f62e63d956f44d2e02cf4a6676b163078babcb417d1be9f58225a6a1174c8f3979bff8186442cc212c298940522320a8513e2ddbd2f0b337fdc3ec1b99d1f6f0fd8f980d3e62913a5a998248ae1ea845f31c20b2f00903acc505f5b78b3ae143c8b9f87d42ec0ab91371aa866caabbdd300ab27e4e383671cf5e7fd048a8c2e50d2765b543c864857f00a8fd13e7d9eb3310eaca9d50ba16c789a4abe42af5fedb24311b0d548a0b3f190e62cc54a3e787090404ae621de2504ff648bafd67db3096ec8efb8df096918ccab6506905b7394de18689d47128ebac7119d0092578a1a97f15a5e89f453a4b916014d75a931a42c273e52d44e6a04397013fa153e476931763665c9b140c157e1f2248850590ecadbae8a9d4489cdf2f967f05bcdf9b2e96571f178a46a6fa043fe3fb0d629451db1f7077c75d8810c01e96e720a2c85726a6b06a91bfdf02f62038e63482c721251cfe01bc47cc7a81da51bf17087af604b38e53a40c99001fd4ab85d73775a4e81738f43ee7b434a78d4c772819acc8f627b87c17bc3442764e67ffc1fe46eefe0365700b6ec5313522beb13aa8f3dcd6c841c09eb1bd55f9fb30b90ca066be1de625b2384eecc0dbfc5afbe8b3ddb3389798d9800d246f8b4a542a4e7732ee9bec7dbb7d66cbc0bdcb821373ea3396fca60a9f5cab168038845e2d5e4d2f0fe50838d8c59eb968f2aa02f5fec3706f289cbb5440fa8f3b2d667acb8a53d0e795bfc4607c8f756ab257739171c3d2a3f15345c1e29ffb356672a95c8eb5a49484ac5ffa4926bf63f1fbe436caabea46e6eb6fb536ed1a66303c4d8825894c3f7010d7c90cd81481f25eb6962d2aa12afa8c114b2fbf1706e1089bb4b692a4463771df784936323fa127213acf40e77dbd5c69f5155b013d74f9b06d2f7947da94d9186bb40580206e00105ee0cf7ddefc2c75f6ba56084789e34156f73db5249fd6d1456d53c7b31d7526120cc56a6f2b60c2306b4bc08757489716d928ce802186dfcf5b5f6ba44fd3e3271f4b9ea893dfb4d230ec7774bdc1b36bfeb6fb1e6199f6b4a61424bb2c2caf442c3971502af26cb2d404b7c7cbcf0ea6ed75cc7463d70ec936914a8573e853d296cafabd76913db4f70e0c401112c07948bb01c42a7b27b6eace3c7c4f468bded5305f23aa3a94ff3f836250c406c33ec9d4eeaccadc18a4abe720a1776fdda17cac1c5392e66d62ed08ed829124974babbe074ed5e325e593cc8e36ad500e489451b14aad568969bee020467f95222e9d6392b28d3dc421529d6bd15c1be0e10ff7d07e715533ba2b8318764096f644d1b7e0a2fbfa2e224e76d09a21db92585f7223b9d82e2a7551f653d787c90afd59826a4286645501182f80681493bfcf2075f1c4a7ea02e78b8f91d1e2a7c3b525663a9cbbf95fb040f62dbca77c82ee04f293c1d6a35a9576537a1ea66ce5bbf492f78f4650b4a501b0c593b416bae76abb29051bfcb08ed65b00d5cfd8129249d9a986a9e44cbb2bc2deba1ba32634538c520e6a251a8461f14e74f09d73ea1c0430442be3135a8de8ec64fac70cb1f24a341749862059af3b125e07e22b67f54d83b2136746d9e26263afea14b6191f7e6208a22ba508758ef1f4b946bc9d0e38e645f6fd40d2806e44223253cbecca87aa89adece30b1e7d039c0da9a4166a5c27508f492e408230151ac5073d136f82d2db3f0d455dd1658db192bd9058fb03b85b3bb79663ab8436050ea8f3ca3e40f027aee0696a5c296d0561d4f0ef486850969dc055c6fd1bafffd1f306b474934536c921f00a06494da79ff8c37a1bba172398b7f8c7e93e068793cc8ee2815ef212e008812ff0c2481cec5b2d8410393b5a9bfbcc0bde31ff40a9b2ff31ede8723d565ec67da7a3479c8bcf0f24fb4e9ac39860e9b0a886bc7a91afd190138d545b4698a5e76f45a0b833f97dfa37cecea7ee485f66eae9b086366bc4c222f00afa43512c3de7feb284b2aa8e0ed411428c83d9d28fd6b20b314b351581cd6d5c90808bec7055f2bf1839059295b1a9347565c6919ee23f1e8b0beb5b10b286afca36ecbc0b497fc2b63f6c42d8d176d1b8be54f2d91a6f9c2b11a10624aaac5e55b1b5115543dbcaa59a20d7912dd1038d656301cc07c80ab92142b600d718d6d1ebd17a714a1591e096d847e86c55463120e7444e80e6d36f83225122fc4f73ff41c32d4ace3d159e50aec9d864fba178773509a94f713a5cb09c1a4e0a01fdd3349ee3578b7003d1f87d78149818752e26a60f0773c55fef090ebd04278f107166f2f6500412a552e7875bd6230b0c9abc0b3da7a834d954ceeee0e", 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
write$auto(0x3, 0x0, 0xfffffdef)

6.236002189s ago: executing program 2 (id=1210):
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8001, 0x0)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20242, 0x0)
ioctl$auto_SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000040))
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nl80211(0x0, r2)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0xffffffffffffffff, 0x5, 0x7)
r4 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x9)
mseal$auto(0x0, 0x7dda, 0x0)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
r5 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
ioctl$auto_PAGEMAP_SCAN(r5, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x8, 0xbff, 0x2c, 0x2c, 0x3, 0x2})
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f00000001c0), r4)
ioctl$auto_SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000080))
r6 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D0\x00', 0x8001, 0x0)
sendmsg$auto_NL80211_CMD_TDLS_MGMT(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000880)={&(0x7f0000000900)=ANY=[@ANYBLOB="59230000fec7f20825c96160ba336e8e8ff7cf1cafee32d204fbe75b0bcb19c6c556174e9e104c8f8397c59ffd9dd3d8c9e636a03117869a0c9ce56875bf6935a8d1a5d12133c1b26f59c82e8b1128f45743ccbd82495056ad57c5b71662e01b564f5d94b000a193", @ANYRES16=r3, @ANYBLOB="00012abd7000fbdbdf2552000000d7017d800800fb00", @ANYRES32=0x0, @ANYBLOB="a4004e800400da80798dba45040494a8599bd6f4bca92b7f20aa596dfbca83be08161db68aa14625c9a38396c91179f3ecab699ff3411a9084f8666691123a9ffe5e0b66d6198e6c5c1ba1ae28e92109846770c8f6c67d8fdbaabc63e004273c0c005700080000000000000008006900", @ANYRES16=r3, @ANYBLOB="1e00d6002f70726f632f7468726561642d73656c662f6f6f6d5f61646a00000008001c00ac1414bb0800b200", @ANYRES32, @ANYBLOB="65f63d67ca4e1a8afdd32492964242d8085e6ab02b3f4d9daa595794b3ff22ca4441d5aa05d22a799e0052bdbca2090919f2bf3d8fd0da62d04620e6a0ac923695cc1d285514ad9d8d7f5b08b09c633e48be7d44b4a159c8005b800400aa8007ac748b328b8f31a4dbc3fcb1e6637127fc4e0e7e2e4a67c4b9431907ca74c731e920a513253bb17fdd6732c7a0e609414210395da490601d3b4bb154e5abfe65f80740a4c4d5f269782e0d8e87bdd111e8c6741e1ce587d6d4013696cf2c69363b1b36ceac42cae7a07ba3e330f078725601b5d4163b6ce269957289a0cf386c668ce1e9c4439530ae63de7e52f536eed322850a4a077f530ecfc853d6a3add1470014893afaf85d17dabf52c961fae8420737c6500f87442689feaf0bd0b308001100", @ANYRES32=0x0, @ANYBLOB="00e8003a013df4340037ca1e775b65302446a3dd62508878ad66345ce900d584efab117c7397ad8f30da08fdf394bae609a8a6cf57b4b653ebb545bbe389d4698aa850bd739534331351189127d2e036daff171c28674350ba7b44725f294501eee3a5449aba2df5b74602b6661a968fb1f6ca33c974559f19"], 0x2dc}}, 0x40040c0)
write$auto(r6, &(0x7f0000000100)='d>*\xd2x\xc7\xbf\xff\x9a\xc01(\x00iM\x9c\bAa\x9e\xe98\xee\x15\xd3\xc5v\x99\f|\xe3\xbf\xd9\xf4C\x14A\xe6k\x105\xee\xc5\xaa$\x16\t?g\xb8b\x12\v*\xf9@B\xd0\xd2\x99{\x8b^\xff@\x83\x02Tvt\xc1_\x98\x9f\x16\xd5Is', 0x100000a3da)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
mlockall$auto(0x800000000000005)
ioctl$auto_NS_GET_MNTNS_ID(0xffffffffffffffff, 0x8008b705, 0x0)
msync$auto(0x1fffefff, 0x1800000ff000000, 0x400000004)

5.676992581s ago: executing program 3 (id=1213):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x1eba02, 0x0)
msgctl$auto_MSG_STAT(0x2, 0xb, &(0x7f00000002c0)={{0x4, <r0=>0x0, 0x0, 0x9, 0x5, 0xffffff68, 0x4}, &(0x7f00000001c0)=0x9, &(0x7f0000000200)=0x8, 0x10, 0x7, 0x3, 0x46, 0x7, 0x6, 0x9f5, 0x22f3, @raw=0xffff7fff, @raw=0x64})
setresuid$auto(0x0, 0x0, r0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/nbd8\x00', 0x9c000, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000400)='/dev/loop0\x00', 0x400400, 0x0)
ioctl$auto_BLKALIGNOFF(r1, 0x127a, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D3\x00', 0x46000, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/mtd/mtd0/bitflip_threshold\x00', 0x2062, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000002680), 0xffffffffffffffff)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/block2mtd/parameters/block2mtd\x00', 0x601, 0x0)
write$auto(r6, &(0x7f0000000240)=',-\t', 0x2000008008)
sendmsg$auto_IPVS_CMD_DEL_DAEMON(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002dbd7000fefbfc250a000000100003800c0001000100000000001e3a6f00ab098839b4e97eca627efb14c42e545974bc6b4bf443ca7be7d4c0890c0e5601eee4499b90368c3643ac1e9c58c84aeb636903d46128a6fbf3a57a565daeb89469abeaf2be57"], 0x24}, 0x1, 0x0, 0x0, 0x40014}, 0x0)
getpgid$auto(0x0)
r7 = socket(0x2, 0x801, 0x106)
r8 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000001600)='/sys/kernel/debug/ieee80211/phy0/netdev:wlan0/rc_rateidx_mask_2ghz\x00', 0x0, 0x0)
read$auto_debugfs_full_proxy_file_operations_internal(r8, 0x0, 0x0)
setsockopt$auto(r7, 0x6, 0x12, 0x0, 0xa1)
sendmsg$auto_IPVS_CMD_SET_SERVICE(r3, &(0x7f0000000ac0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x28014044}, 0x0)
r9 = openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000080), 0x8203, 0x0)
ioctl$auto(r9, 0x80046f45, 0x38)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
mmap$auto(0x0, 0x7f, 0xdf, 0x9b72, 0x2, 0x8000)
r10 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$auto_tomoyo_operations_securityfs_if(r10, &(0x7f0000000100), 0x0)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006)

4.576419791s ago: executing program 3 (id=1217):
r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000400)='/dev/cec8\x00', 0x801, 0x0)
ioctl$auto_CEC_RECEIVE(r0, 0xc0386106, &(0x7f0000000440)={0x6, 0x0, 0x9, 0xe, 0x57a264ea, 0x4, "8b18edde614da7b18065030120308dda", 0xb, 0x8, 0x3, 0x1, 0x2, 0x2, 0x5})
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000340)='/proc/fs/cifs/LookupCacheEnabled\x00', 0x8a241, 0x0)
mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x18bc00, 0x0)
close_range$auto(0x0, r1, 0x0)
openat$auto_set_tracer_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/current_tracer\x00', 0x1, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r6 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x8080, 0x0)
ioctl$auto_SOUND_MIXER_READ_CAPS2(r6, 0x80044dfc, &(0x7f0000000080))
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="000090000000000fff0c0005800800010000000000000000800100000000", @ANYRES32=0x0, @ANYBLOB="180001801400020064756d6d793000"/24], 0x40}}, 0x24048084)
r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r1)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_DEL_PMK(r3, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYRESOCT, @ANYRES16=r7, @ANYBLOB="06012dbd7000fc2fdf257c0000001e005500ea378ae800000000006b78255a09f3c276a9108f6d5d99a242548700f07e5e0000060012008d0000000c00248008006f000000000000000000", @ANYRES32=r2, @ANYBLOB="060096000600000008007700010000000400ff000c0099000b0000000000000004000b00"], 0x6c}, 0x1, 0x0, 0x0, 0x24040080}, 0x4002041)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/nr4/broadcast\x00', 0x400, 0x0)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyx2\x00', 0x202041, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x3)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101840, 0x0)
socketpair$auto(0xb, 0xc, 0x1000, 0x0)
semctl$auto(0x3, 0x4010, 0x3, 0x9)
r8 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0)
write$auto(r8, 0x0, 0xc3)

4.420111544s ago: executing program 3 (id=1220):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0x149182, 0x0)
write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)='\t', 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000002ec0), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000002f80)={&(0x7f0000000040)={0x34, r2, 0x1, 0x70bd29, 0x25dfdbff, {}, [@ETHTOOL_A_LINKMODES_LANES={0x8, 0x9, 0x4}, @ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x11}, 0x24000802)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/module/workqueue/parameters/default_affinity_scope\x00', 0x1b9242, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), r4)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000240)={0x4c, r5, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@HWSIM_ATTR_RADIO_NAME={0x2d, 0x11, '/P\x13jE\f\xf9r\xf5\xa3\xd2\x84y\xf9*\x9b\"\x1c\xa4l-\x19\xfd\xa4\xf4y\x02\xc2\x96\xfa\x84L\x12\xcd\x83\xf7\x12\xd3\xc4\x1e]'}, @HWSIM_ATTR_PMSR_SUPPORT={0x8, 0x1a, 0x0, 0x1, [@NL80211_PMSR_ATTR_TYPE_CAPA={0x4}]}]}, 0x4c}, 0x1, 0x3f000000, 0x0, 0x4008040}, 0x40800)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001f00), r6)
sendmsg$auto_NBD_CMD_STATUS(r6, &(0x7f00000023c0)={0x0, 0x0, &(0x7f0000002380)={&(0x7f0000002000)={0x1c, r7, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x8001}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40004}, 0x4008050)
sendfile$auto(r3, r3, 0x0, 0x5)

3.885032528s ago: executing program 1 (id=1221):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r0 = socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
io_uring_setup$auto(0xf0, &(0x7f0000000180)={0x6, 0x18, 0xd64, 0xc852, 0x6, 0x7, r0, [0x1, 0x401, 0x1000], {0x7, 0x5, 0x1, 0x4, 0x95, 0xf4c, 0x7fff, 0xfffffffb, 0x65f29f6d}, {0x3, 0xadc, 0x10000, 0x0, 0x5, 0xffffffff, 0x1000, 0x54f, 0x5}})
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
close_range$auto(0x2, 0xa, 0x0)
socket(0xa, 0x2, 0x0)
r1 = socket(0xa, 0x3, 0xff)
connect$auto(r1, &(0x7f00000018c0)=@generic={0xa}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x103080, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r3)
ioctl$auto_KVM_GET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)={0x2, 0x0, [{0x40000106, 0x400, 0x718c1257}]})

3.794827586s ago: executing program 2 (id=1222):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop2\x00', 0x24040, 0x0)
ioctl$auto_BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000240)={"ef65ce6c00cf81000000ffffffffffffff291d000000000700", 0x3ff, 0x408, 0xffc, 0x400004, 0x200000000040000d})
ioctl$auto_BLKTRACETEARDOWN(r0, 0x1276, 0x0)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/irq/13/spurious\x00', 0x43102, 0x0)
read$auto_proc_iter_file_ops_compat_inode(r1, &(0x7f0000000180)=""/178, 0xb2)
unshare$auto(0x40000080)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0)
mmap$auto(0x1002, 0xc, 0x4, 0x200000eb0, 0x401, 0x705cf82a)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r2 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408)
write$auto(r2, 0x0, 0xfffffdf1)
linkat$auto(r2, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000)
mknod$auto(&(0x7f0000000040)='&&\x00', 0xcb, 0x6862)
utimes$auto(&(0x7f00000000c0)=':,\x00', 0x0)
mprotect$auto(0x0, 0x8000000000000001, 0x8)

2.719215666s ago: executing program 0 (id=1223):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0x1c, r1, 0x1, 0x70bd2c, 0x25dfdbfd, {0x2, 0x0, 0xf5}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0x1c}}, 0x4000)

2.619995684s ago: executing program 3 (id=1224):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130)
r0 = open(0x0, 0x10840, 0x0)
fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d)
mmap$auto(0x0, 0x1, 0xfd5, 0x12, r0, 0x0)
mmap$auto(0x9, 0x1ff, 0x4, 0x14, 0x3, 0x0)
mmap$auto(0xfffffffffffffff9, 0x2000a, 0x100000000009f, 0xeb2, 0x401, 0x8000)
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x668401, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/zram0/reset\x00', 0xa001, 0x0)
write$auto(r2, &(0x7f0000000040)='7\x00\\\xa0\x01\x00\x01\x00\x00\x00\x00\x00\xc7k', 0x81)
write$auto(r1, &(0x7f00000000c0)='/dev/audio1\x00', 0x100000a3d9)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x3, 0x0, 0xfffffffffffffffc, 0x2}, 0xed7138c}, 0x2, 0x9)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x8800, 0x0)
r3 = socket(0xa, 0x5, 0x84)
sendto$auto(r3, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000070000003f"}, 0x1c)

2.488029259s ago: executing program 0 (id=1225):
r0 = socket(0x10, 0x2, 0x14)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="100000000214af"], 0x14}, 0x1, 0x0, 0x0, 0x20000045}, 0x24000044)
write$auto(r0, &(0x7f0000000100)='\x00', 0xfffffffffffffffa)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/dummy_hcd.7/usb8/remove\x00', 0xa001, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
mbind$auto(0x2000, 0x100000008, 0x2100000000, 0x0, 0x6, 0x2)
sysfs$auto(0x2, 0x17, 0x0)
r1 = fsopen$auto(0x0, 0xb)
fsconfig$auto_SHMEM_HUGE_NEVER(r1, 0x1, &(0x7f0000000000)='-\x00', &(0x7f0000000040), 0x0)
setrlimit$auto(0x7ffb, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x40004)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
syz_clone3(&(0x7f0000000340)={0x1045100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0)
read$auto(r2, 0x0, 0x39b8)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd15/queue/scheduler\x00', 0x103a42, 0x0)
syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f0000000100), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_DEBUG_GET(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2c, r4, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@ETHTOOL_A_DEBUG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/vhci_hcd.4/usb17/17-0:1.0/usb17-port2/over_current_count\x00', 0xda1b42b350925096, 0x0)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)

2.165209052s ago: executing program 1 (id=1226):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
openat$auto_uhid_fops_uhid(0xffffffffffffff9c, 0x0, 0x2201, 0x0)
ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0)
openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter\x00', 0x40001, 0x0)
r0 = setfsuid$auto(0xee00)
r1 = setfsuid$auto(0xee01)
setresuid$auto(r0, r1, r0)
lstat$auto(&(0x7f0000000080)='./file0\x00', &(0x7f0000000280)={0x0, 0x8, 0x9, 0x5, <r2=>0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xf, 0x5, 0x4, 0x8, 0x800, 0xcf8, 0x68b, 0x5f7, 0x1002692a, 0x8})
r3 = setfsuid$auto(0xee00)
setreuid$auto(r3, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x0)
socket(0x1d, 0x2, 0x6)
r4 = socket(0x2, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r5=>0x0})
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r5, 0xfd}, 0x6a)
io_uring_setup$auto(0x6, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x6e642, 0x0)
setresuid$auto(r1, r2, r3)
mmap$auto(0x0, 0x20009, 0x5, 0xeb2, 0x8, 0x1008000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_NFC_CMD_DEACTIVATE_TARGET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x2004c080}, 0x4000000)

1.783648935s ago: executing program 0 (id=1227):
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
io_uring_setup$auto(0x406, 0x0)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x2000000)
mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000)

1.567348974s ago: executing program 2 (id=1228):
memfd_secret$auto(0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x1, 0x0)
socket(0x1a, 0x1, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.6/usb7/7-0:1.0/ep_81/direction\x00', 0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000001100)=""/4106, 0x100a)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
listmount$auto(&(0x7f0000000100)={0x1f, @raw, 0x80000002, 0xfffffffffffffff7, 0x2}, 0x0, 0xf4240, 0x1)
socket(0x2b, 0x1, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
mlockall$auto(0x800000000000005)
madvise$auto(0x0, 0x200007, 0x19)
socket(0x15, 0x80002, 0x70)
r3 = openat$auto_split_huge_pages_fops_huge_memory(0xffffffffffffff9c, &(0x7f0000000040), 0x60000, 0x0)
write$auto_split_huge_pages_fops_huge_memory(r3, &(0x7f0000000180)="99628767d99bf1f86a0bd4cea6daafa715230814f73250b1e6ca1285c39ed6f1eedbcdc8926a77b72eceb3b7c6ae471854d7420b5ec11b4a342f8aad8715c2e5ab736aca13857cde9a6b3e9065109ac654ec32363c05842c495e5b8a2e5b8e9286d434eaa20cd680ce0daab36d5907d7792e5eb017f83ed153a05ac111e2ca31c63fe4ae1efa094b0c5903ee2995099c3487f666d6c06f96db703d018be6356d10b34b3e718ec82fe5aff6b11e0978dd4e2380c2012f3806ff1ca2198942c493536c3db2b46ef8f8a83019", 0xcb)
connect$auto(0xffffffffffffffff, 0x0, 0x54)
write$auto(0xca, &(0x7f0000000000)='\x04>\x01\x01\x00\x00\x00\x00\x01_\x9e\x99:R\xcc\x96\b\'\x02\xb0\x93l\xeb\x87\r\b\x87\x14\xf8e6\x9c%\xb6\x9a\\S\xa2(Q\xcc', 0x7f)
openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000340)='/sys/kernel/tracing/events/vmalloc/purge_vmap_area_lazy/enable\x00', 0x883, 0x0)

1.546418775s ago: executing program 0 (id=1229):
mmap$auto(0x0, 0x5, 0x3, 0x17, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x7ffffffff000, 0x8004, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
ioprio_set$auto(0x2, 0x800000000, 0x8)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x24, r2, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}]}, 0x24}, 0x1, 0x0, 0x0, 0x801}, 0x80)
r3 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000004440), 0xffffffffffffffff)
sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004540)={&(0x7f00000000c0)=ANY=[], 0x8d}, 0x1, 0x0, 0x0, 0x10}, 0x2000000)
sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r3, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HfR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x842}, 0x80)

1.490863961s ago: executing program 1 (id=1230):
close_range$auto(0x0, 0x5, 0x0)
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/loop6\x00', 0x101202, 0x0)
mmap$auto(0x0, 0x4, 0x1ff, 0x40eb1, 0x401, 0x300000000001)
r0 = socket(0x2, 0x1, 0x106)
bind$auto(r0, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x3, 0x4001}, 0x4006b)
mmap$auto(0x0, 0x30009, 0x4000000000df, 0x4000eb1, 0x401, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000002740), 0xffffffffffffffff)
mremap$auto(0x3, 0x8, 0x1f449f79, 0x23, 0x0)
sendmsg$auto_NL802154_CMD_GET_SEC_DEV(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x50)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x3)
madvise$auto(0x0, 0x2003f2, 0x15)
madvise$auto(0x0, 0x1010001, 0x100000003)
madvise$auto(0x1000, 0x400050, 0x9)
write$auto(r1, 0x0, 0x53)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
munmap$auto(0x8000, 0xffffffff)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/unix\x00', 0x121040, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r3 = timerfd_create$auto(0x1, 0x0)
timerfd_settime$auto(r3, 0x3, &(0x7f0000000000)={{0x10, 0x3ff}, {0x10, 0x9}}, 0x0)
read$auto(0xffffffffffffffff, 0x0, 0x2004000020)
pread64$auto(r2, 0x0, 0x7fffffff, 0x1)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd8\x00', 0x0, 0x0)

1.434541929s ago: executing program 3 (id=1231):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff)
madvise$auto(0x0, 0x2003f2, 0x15)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
r3 = openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, 0x0, 0x8006, 0x0)
write$auto_proc_uid_map_operations_base(r3, 0x0, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0x1c, r2, 0x1, 0x70bd2c, 0x25dfdbfd, {0x2, 0x0, 0xf0}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0x1c}}, 0x4000)
madvise$auto(0x0, 0x200007, 0x19)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/free_buffer\x00', 0x24001, 0x0)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x2000c, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x400000008000)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
open(0x0, 0xa22c0, 0x151)
r4 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r4, 0x107, 0xf, 0x0, 0x6)

1.344610583s ago: executing program 1 (id=1232):
socket$nl_generic(0x10, 0x3, 0x10) (async)
unshare$auto(0x40000080) (async)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1200, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async)
r1 = socket(0x2b, 0x3, 0x3)
listen$auto(0x3, 0x8) (async)
mmap$auto(0x0, 0x2020009, 0x20000006, 0xeb1, r1, 0x8000) (async, rerun: 64)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff) (async, rerun: 64)
r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15) (async)
r3 = socket(0x23, 0x2, 0x0)
sendto$auto(r3, 0x0, 0x8000000008000, 0x0, 0x0, 0x80) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
close_range$auto(0x2, 0x8, 0x0) (async, rerun: 32)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/advisor_max_cpu\x00', 0xa001, 0x0) (rerun: 32)
ioctl$auto_PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f0000000100)={0x60, 0x2, 0x110000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x0, 0x7f, 0x0, 0x2, 0x0, 0x2}) (async)
r4 = socket(0xa, 0x801, 0x84)
r5 = getpid()
process_vm_readv$auto(r5, 0x0, 0x1, &(0x7f0000000280)={&(0x7f0000000180)="4c03f283e548a7e1067d89d2c43e88291f00f6f6b69abb73fbfd00c343b80a9ab9cd46f24daa2f342fa136b9f88e4c69b515a6644135d295feb03eb1ca37a6bd30a5e21b51a41271d24e8f792aaf9b0983f6d563fe0d94a652532c437b77c96a420a3eaa13678a2daac00793b5d6c00c64b64f798230caa5abfc79f28a1454b9be7870143bc92128986565cd19afb29bd7f4939aac412a52530e41a47ad11c1f5c8b499c4388c6311f726e552f4631a071db9aa316633829c419b12410cb73da5108cca78da63bc881dba64dd18aa5", 0x5763}, 0x6, 0x0) (async, rerun: 32)
setsockopt$auto(r4, 0x10000000084, 0x9, 0x0, 0x9c) (async, rerun: 32)
ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(r2, 0x7ab, 0x0) (async)
mmap$auto(0x0, 0x81, 0x8, 0x40000eb1, 0xfffffffffffffffa, 0x7) (async)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async, rerun: 32)
setsockopt$auto(0x3, 0x1, 0x10, 0x0, 0x9) (async, rerun: 32)
io_uring_setup$auto(0x1, 0x0) (async)
connect$auto(0x3, 0x0, 0x55)
ioctl$auto(0x3, 0x89e0, 0x38) (async)
mmap$auto(0x0, 0x0, 0x10002, 0xffffffffffffffff, r3, 0x8000)

1.334923367s ago: executing program 0 (id=1233):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), r0)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000240)={0x44, r1, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@HWSIM_ATTR_RADIO_NAME={0x2d, 0x11, '/P\x13jE\f\xf9r\xf5\xa3\xd2\x84y\xf9*\x9b\"\x1c\xa4l-\x19\xfd\xa4\xf4y\x02\xc2\x96\xfa\x84L\x12\xcd\x83\xf7\x12\xd3\xc4\x1e]'}]}, 0x44}, 0x1, 0x4001, 0x0, 0x4008040}, 0x40800)

521.75845ms ago: executing program 0 (id=1234):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
r1 = syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000980)={0x14, r1, 0x1, 0x70bd31, 0x25dfdbfd}, 0x14}}, 0x24048084)
madvise$auto(0x0, 0x200007, 0x19)
getcpu$auto(0xfffffffffffffffc, 0xffffffffffffffff, 0xfffffffffffffffd)
fanotify_init$auto(0x65, 0x2)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
unshare$auto(0x20000080)
syz_clone3(&(0x7f0000000380)={0x2c022000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0}, 0x58)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0)
sendmsg$auto_NL80211_CMD_DEL_TX_TS(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000200)={&(0x7f0000000480)={0x26c, 0x0, 0x100, 0x70bd2c, 0x25dfdbff, {}, [@NL80211_ATTR_KEY_DATA={0x15, 0x7, "f6ff64389b62872b26f97bc80d052696ab"}, @NL80211_ATTR_MESH_ID={0x22, 0x18, "3eed9b1465d94ee937d70efbcdd93f95cb35b0d61936ae811703d63b6d71"}, @NL80211_ATTR_SAR_SPEC={0x208, 0x12c, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS={0x124, 0x2, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x1}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xa}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x2}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x1}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x48}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x9}]}, {0x2c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x6}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0xd}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x4}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x401}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x200}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x7}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x1000}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x8}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x7}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x8}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x6}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xfffffffd}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xffff1e6d}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x452}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x7f}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x4}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x2}]}, {0x4}, {0x24, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xbb02}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x9}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0xb19}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x20}]}]}, @NL80211_SAR_ATTR_SPECS={0xe0, 0x2, 0x0, 0x1, [{0x34, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x497819ce}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x9}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x100}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xc59b}]}, {0x34, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x18}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x4}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7ff}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0xc6000000}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7}]}, {0x34, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x9}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x4}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x20000}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x7fff}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0xd}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x5}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x7}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7fff}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x100}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x5}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x8}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xfff}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x6}]}]}]}, @NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM={0x6, 0xfb, 0x3}, @NL80211_ATTR_AP_ISOLATE={0x5, 0x60, 0x4}, @NL80211_ATTR_TDLS_EXTERNAL_SETUP={0x4}]}, 0x26c}, 0x1, 0x0, 0x0, 0x24040081}, 0x40094)
r2 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0)
pread64$auto(r2, &(0x7f0000000240)='\x03W\x96l\x15\x00\x00\x00\x00\xf4\x00\x00\x00 \x00\x00\x00\x00\x00\x00\x00', 0x100000002, 0x100000001)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x101c82, 0x0)
r3 = prctl$auto(0x42, 0x0, 0x0, 0x1, 0x0)
ioctl$auto_BLKROSET(r3, 0x125d, 0x0)
mmap$auto(0xfffffffffffffffc, 0x40009, 0xdf, 0x9b72, r2, 0xfffffffffffffc01)
madvise$auto(0x6, 0x1, 0x7fffffff)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0)

248.609816ms ago: executing program 2 (id=1235):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/oom_adj\x00', 0x980, 0x0)
read$auto(r0, 0x0, 0x4)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x4)
r2 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
write$auto(r2, &(0x7f0000000040)='nbd\x00', 0x4)
r3 = openat$auto_state_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x1e9482, 0x0)
read$auto_state_fops_(r3, &(0x7f0000000180)=""/61, 0xfffffeeb)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x401, 0x0)
socket(0x2a, 0x2, 0x0)

184.46017ms ago: executing program 1 (id=1236):
r0 = socket(0xa, 0x2, 0x0)
sendto$auto(r0, 0x0, 0x402, 0xacf8, &(0x7f0000000000)=@generic={0xa, "e2e13d0ee94e00"}, 0x1b)

0s ago: executing program 1 (id=1237):
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = openat$auto_proc_timers_operations_base(0xffffffffffffff9c, &(0x7f0000000140), 0x40000, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xcfk', 0x81)
getsockopt$auto_SO_DOMAIN(0xffffffffffffffff, 0xf99, 0x27, &(0x7f0000000040)='-&\x00', &(0x7f0000000100)=0x100203)
open(0x0, 0x22240, 0x155)
sysfs$auto(0x2, 0xe, 0x0)
lsm_list_modules$auto(0x0, 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/pci0000:00/0000:00:00.0/power_state\x00', 0x40, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/nbd1/queue/read_ahead_kb\x00', 0xa001, 0x0)
write$auto(r1, &(0x7f0000000000)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\x92\xa3\x99\xc4 \xbcr^\x9f\x8a\a\xd7\x19\xb8k\xa2\xce\xdb\xab?\xecZ\xb4\x068\xae\b\x1e~\xe0{\x1f\xf6^\x92\xdfDng', 0x80)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_PVERSION(r2, 0x80045500, 0x0)
r3 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0)
ioctl$auto_dvb_demux_fops_dmxdev(r3, 0x403c6f2b, 0x0)
socket(0x2, 0x1, 0x106)
bind$auto(0x3, 0x0, 0x6a)
ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, 0x0)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
mmap$auto(0x0, 0x7, 0xe3, 0x400009b72, r3, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0xe1, 0x83ae, 0x6)
madvise$auto(0x7fffffff, 0x0, 0x9)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
mbind$auto(0x2000, 0x100000008, 0x2100000000, 0x0, 0x6, 0x2)
futex_wake$auto(0x0, 0x4, 0x1, 0x9)
mincore$auto(0x1000, 0x4000000, 0x0)
preadv$auto(r0, &(0x7f0000000200)={0x0, 0x101}, 0x9, 0x1ff, 0x5)

kernel console output (not intermixed with test programs):

t_tree+0x92/0x320
[  103.565659][ T6360]  path_mount+0x7d0/0x23d0
[  103.565688][ T6360]  ? __pfx_path_mount+0x10/0x10
[  103.565712][ T6360]  ? lockdep_hardirqs_on+0x78/0x100
[  103.565752][ T6360]  ? putname+0xb1/0x110
[  103.565777][ T6360]  ? kmem_cache_free+0x124/0x6a0
[  103.565823][ T6360]  ? __x64_sys_mount+0x293/0x310
[  103.565851][ T6360]  __x64_sys_mount+0x293/0x310
[  103.565881][ T6360]  ? __pfx___x64_sys_mount+0x10/0x10
[  103.565921][ T6360]  do_syscall_64+0x106/0xf80
[  103.565955][ T6360]  ? clear_bhb_loop+0x40/0x90
[  103.565990][ T6360]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.566017][ T6360] RIP: 0033:0x7fabb339c799
[  103.566042][ T6360] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  103.566065][ T6360] RSP: 002b:00007fabb4266028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  103.566090][ T6360] RAX: ffffffffffffffda RBX: 00007fabb3616090 RCX: 00007fabb339c799
[  103.566105][ T6360] RDX: 00002000000001c0 RSI: 00002000000000c0 RDI: 0000000000000000
[  103.566121][ T6360] RBP: 00007fabb3432c99 R08: 0000000000000000 R09: 0000000000000000
[  103.566137][ T6360] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000
[  103.566153][ T6360] R13: 00007fabb3616128 R14: 00007fabb3616090 R15: 00007ffd3c2943d8
[  103.566190][ T6360]  </TASK>
[  107.047873][ T6405] .^: entered promiscuous mode
[  107.048584][ T6406] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  107.349341][ T6411] Invalid ELF header magic: != ELF
[  108.096351][ T6425] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  108.138313][   T30] audit: type=1804 audit(1773680003.702:4): pid=6425 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.104" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  109.496924][ T6466] FAULT_INJECTION: forcing a failure.
[  109.496924][ T6466] name failslab, interval 1, probability 0, space 0, times 0
[  109.539976][ T6467] zswap: compressor � not available
[  109.546754][ T6466] CPU: 0 UID: 0 PID: 6466 Comm: syz.0.111 Not tainted syzkaller #0 PREEMPT(full) 
[  109.546790][ T6466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  109.546806][ T6466] Call Trace:
[  109.546815][ T6466]  <TASK>
[  109.546826][ T6466]  dump_stack_lvl+0x100/0x190
[  109.546874][ T6466]  should_fail_ex.cold+0x5/0xa
[  109.546907][ T6466]  should_failslab+0xc2/0x120
[  109.546936][ T6466]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  109.546975][ T6466]  ? security_file_alloc+0x34/0x2c0
[  109.547007][ T6466]  ? trace_kmem_cache_alloc+0xf3/0x120
[  109.547043][ T6466]  security_file_alloc+0x34/0x2c0
[  109.547076][ T6466]  init_file+0x95/0x480
[  109.547108][ T6466]  alloc_empty_file+0x73/0x1c0
[  109.547141][ T6466]  dentry_open+0x46/0xd0
[  109.547173][ T6466]  acct_on+0x189/0x9e0
[  109.547212][ T6466]  ? __pfx_acct_on+0x10/0x10
[  109.547252][ T6466]  ? bpf_lsm_capable+0x9/0x10
[  109.547280][ T6466]  ? security_capable+0x80/0x260
[  109.547325][ T6466]  __x64_sys_acct+0x81/0x1e0
[  109.547362][ T6466]  ? lockdep_hardirqs_on+0x78/0x100
[  109.547398][ T6466]  do_syscall_64+0x106/0xf80
[  109.547433][ T6466]  ? clear_bhb_loop+0x40/0x90
[  109.547466][ T6466]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.547494][ T6466] RIP: 0033:0x7fb19079c799
[  109.547516][ T6466] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  109.547542][ T6466] RSP: 002b:00007fb19165f028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3
[  109.547568][ T6466] RAX: ffffffffffffffda RBX: 00007fb190a15fa0 RCX: 00007fb19079c799
[  109.547586][ T6466] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000100
[  109.547602][ T6466] RBP: 00007fb190832c99 R08: 0000000000000000 R09: 0000000000000000
[  109.547626][ T6466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  109.547642][ T6466] R13: 00007fb190a16038 R14: 00007fb190a15fa0 R15: 00007ffe1ac9a4b8
[  109.547681][ T6466]  </TASK>
[  109.970959][ T6469] Setting dangerous option i915.mitigations - tainting kernel
[  110.014747][ T6482] netlink: 326 bytes leftover after parsing attributes in process `syz.1.113'.
[  111.056573][ T6506] vivid-007: =================  START STATUS  =================
[  111.096722][ T6506] vivid-007: Generate PTS: true
[  111.101705][ T6506] vivid-007: Generate SCR: true
[  111.140874][ T6506] tpg source WxH: 320x240 (Y'CbCr)
[  111.155641][ T6506] tpg field: 1
[  111.159035][ T6506] tpg crop: (0,0)/320x240
[  111.173813][ T6506] tpg compose: (0,0)/320x240
[  111.199771][ T6506] tpg colorspace: 8
[  111.209936][ T6506] tpg transfer function: 0/0
[  111.223258][ T6506] tpg Y'CbCr encoding: 0/0
[  111.234913][   T30] audit: type=1804 audit(1773680006.811:5): pid=6508 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.118" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  111.286745][ T6506] tpg quantization: 0/0
[  111.306407][ T6506] tpg RGB range: 0/2
[  111.310360][ T6506] vivid-007: ==================  END STATUS  ==================
[  112.264277][ T6522] NFSD: Failed to start, no listeners configured.
[  112.810395][ T6530] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input7
[  114.038570][ T6553] kvm: vcpu 4: requested lapic timer restore with starting count register 0x390=4294967104 (137438947328 ns) > initial count (6624 ns). Using initial count to start timer.
[  114.526718][ T6563] ptp ptp0: new virtual clock ptp1
[  114.547595][ T6563] ptp ptp0: new virtual clock ptp2
[  114.571078][ T6563] ptp ptp0: new virtual clock ptp3
[  114.599093][ T6563] ptp ptp0: guarantee physical clock free running
[  115.042522][ T6582] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  116.066819][ T6598] FAULT_INJECTION: forcing a failure.
[  116.066819][ T6598] name fail_futex, interval 1, probability 0, space 0, times 1
[  116.117454][ T6598] CPU: 1 UID: 0 PID: 6598 Comm: syz.2.139 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  116.117479][ T6598] Tainted: [U]=USER
[  116.117484][ T6598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  116.117493][ T6598] Call Trace:
[  116.117498][ T6598]  <TASK>
[  116.117505][ T6598]  dump_stack_lvl+0x100/0x190
[  116.117531][ T6598]  should_fail_ex.cold+0x5/0xa
[  116.117548][ T6598]  get_futex_key+0x1d2/0x1620
[  116.117567][ T6598]  ? __pfx_get_futex_key+0x10/0x10
[  116.117582][ T6598]  ? futex_hash+0x2c5/0x380
[  116.117603][ T6598]  futex_wake+0xea/0x530
[  116.117625][ T6598]  ? __pfx_futex_wake+0x10/0x10
[  116.117653][ T6598]  do_futex+0x32b/0x350
[  116.117671][ T6598]  ? __pfx_do_futex+0x10/0x10
[  116.117693][ T6598]  __x64_sys_futex+0x34f/0x4d0
[  116.117711][ T6598]  ? fdget_pos+0x2c0/0x380
[  116.117726][ T6598]  ? __pfx___x64_sys_futex+0x10/0x10
[  116.117743][ T6598]  ? ksys_write+0x1ac/0x250
[  116.117755][ T6598]  ? __pfx_ksys_write+0x10/0x10
[  116.117773][ T6598]  do_syscall_64+0x106/0xf80
[  116.117792][ T6598]  ? clear_bhb_loop+0x40/0x90
[  116.117809][ T6598]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.117823][ T6598] RIP: 0033:0x7f6c7159c799
[  116.117836][ T6598] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  116.117849][ T6598] RSP: 002b:00007f6c7252b0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  116.117870][ T6598] RAX: ffffffffffffffda RBX: 00007f6c71815fa8 RCX: 00007f6c7159c799
[  116.117879][ T6598] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f6c71815fac
[  116.117888][ T6598] RBP: 00007f6c71815fa0 R08: 0000000000000000 R09: 0000000000000000
[  116.117897][ T6598] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  116.117905][ T6598] R13: 00007f6c71816038 R14: 00007ffe3c765d20 R15: 00007ffe3c765e08
[  116.117924][ T6598]  </TASK>
[  117.564600][ T6625] random: crng reseeded on system resumption
[  117.686821][   T30] audit: type=1804 audit(1773680013.248:6): pid=6617 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.142" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  118.065489][ T6643] bond0: option lp_interval: invalid value (0x00060000)
[  118.087072][ T6643] bond0: option lp_interval: allowed values 1 - 2147483647
[  118.611899][ T6654] kvm: vcpu 4: requested lapic timer restore with starting count register 0x390=4294967104 (137438947328 ns) > initial count (6624 ns). Using initial count to start timer.
[  118.986434][ T6659] can0: slcan on ttyS2.
[  119.317435][ T6658] can0 (unregistered): slcan off ttyS2.
[  119.812170][ T6691] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input8
[  120.468528][ T6708] syz.1.158 uses obsolete (PF_INET,SOCK_PACKET)
[  120.701643][ T6708] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  121.047257][   T30] audit: type=1804 audit(1773680016.606:7): pid=6718 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.159" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  125.555811][ T6804] netlink: 326 bytes leftover after parsing attributes in process `syz.2.176'.
[  125.592966][ T6804] bridge0: port 2(bridge_slave_1) entered disabled state
[  125.601525][ T6804] bridge0: port 1(bridge_slave_0) entered disabled state
[  126.421725][ T6814] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10
[  127.259263][   T30] audit: type=1800 audit(1773680022.823:8): pid=6834 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.183" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0
[  127.328039][ T6828] NFSD: Failed to start, no listeners configured.
[  127.481674][ T6824] kvm: kvm [6820]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0xc1) = 0x2
[  128.745839][ T6858] kvm: vcpu 4: requested lapic timer restore with starting count register 0x390=4294967104 (137438947328 ns) > initial count (6624 ns). Using initial count to start timer.
[  128.824485][   T30] audit: type=1804 audit(1773680024.372:9): pid=6856 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.191" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  129.291695][ T6869] netlink: 146 bytes leftover after parsing attributes in process `syz.3.193'.
[  129.413766][   T30] audit: type=1804 audit(1773680024.972:10): pid=6866 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.192" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  129.605992][ T6874] netlink: 318 bytes leftover after parsing attributes in process `syz.3.194'.
[  130.075909][ T6889] zram: Added device: zram1
[  130.161732][ T6891] NFSD: Failed to start, no listeners configured.
[  130.925835][   T30] audit: type=1804 audit(1773680026.461:11): pid=6905 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.202" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  131.814784][ T6922] NFSD: Failed to start, no listeners configured.
[  132.368322][ T6943] process 'syz.2.212' launched ':,' with NULL argv: empty string added
[  132.640257][ T6939] NFSD: Failed to start, no listeners configured.
[  132.721771][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  132.729606][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  134.514613][ T6983] zswap: compressor  not available
[  135.868706][ T7006] openvswitch: .^: Dropping previously announced user features
[  139.628507][ T7077] NFSD: Failed to start, no listeners configured.
[  139.748310][ T7087] mmap: syz.3.243 (7087) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  140.042551][ T7090] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  141.779576][ T7119] synth uevent: /bus/mei: unknown uevent action string
[  141.978863][ T7122] netlink: 'syz.0.253': attribute type 1 has an invalid length.
[  143.515069][ T7146] Zero length message leads to an empty skb
[  143.537184][ T7147] zswap: compressor  not available
[  143.908376][ T7162] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input11
[  145.229252][ T7194] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  145.522312][   T30] audit: type=1804 audit(1773680041.074:12): pid=7200 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.269" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  150.470646][ T7299] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  152.682326][   T30] audit: type=1804 audit(1773680048.240:13): pid=7347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.303" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  157.244074][ T7433] process 'syz.3.319' launched './file0' with NULL argv: empty string added
[  158.075538][ T7454] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE�r��҄y�*�"�l-���y–��
[  158.198956][ T7452] zswap: compressor  not available
[  158.237066][ T7454] debugfs: '!PjE�r��҄y�*�"�l-���y–��L̓���]' already exists in 'ieee80211'
[  158.355079][   T30] audit: type=1804 audit(1773680053.897:14): pid=7464 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.326" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
��I��jn����9�_U���VQ8��j@:Un M��%U�x[  160.216697][ T7492] NFSD: Failed to start, no listeners configured.
[  161.064553][ T7522] netlink: 334 bytes leftover after parsing attributes in process `syz.3.339'.
[  161.163178][ T7525] netlink: 342 bytes leftover after parsing attributes in process `syz.3.339'.
[  162.104678][   T30] audit: type=1804 audit(1773680057.636:15): pid=7543 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.341" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  162.143247][ T7547] NFSD: Failed to start, no listeners configured.
[  162.592644][ T7538] random: crng reseeded on system resumption
[  164.227720][ T7585] NFSD: Failed to start, no listeners configured.
[  166.400190][ T7598] program syz.2.350 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  167.084813][   T30] audit: type=1804 audit(1773680062.633:16): pid=7633 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.357" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  167.474887][   T30] audit: type=1804 audit(1773680063.013:17): pid=7636 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.358" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  167.621492][   T30] audit: type=1804 audit(1773680063.053:18): pid=7636 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.358" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  168.470925][   T30] audit: type=1804 audit(1773680064.012:19): pid=7651 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.362" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  169.331883][ T7686] capability: warning: `syz.0.371' uses 32-bit capabilities (legacy support in use)
[  169.537470][   T30] audit: type=1804 audit(1773680065.072:20): pid=7684 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.370" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  171.122382][ T7712] netlink: 12 bytes leftover after parsing attributes in process `syz.0.372'.
[  172.387213][   T30] audit: type=1804 audit(1773680067.920:21): pid=7736 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.382" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  173.276015][ T7756] netlink: 3 bytes leftover after parsing attributes in process `syz.3.386'.
[  176.165883][   T30] audit: type=1804 audit(1773680071.708:22): pid=7797 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.394" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  178.496894][ T7861] block2mtd: error: cannot open device /sys/module/block2mtd/parameters/block2mtd
[  181.681968][   T30] audit: type=1804 audit(1773680077.226:23): pid=7901 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.417" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  183.556248][ T7958] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input12
[  184.174111][ T7974] netlink: 'syz.1.428': attribute type 9 has an invalid length.
[  184.214895][ T7974] netlink: 330 bytes leftover after parsing attributes in process `syz.1.428'.
[  184.489716][ T7983] FAULT_INJECTION: forcing a failure.
[  184.489716][ T7983] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  184.552944][ T7983] CPU: 0 UID: 0 PID: 7983 Comm: syz.1.430 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  184.552983][ T7983] Tainted: [U]=USER
[  184.552991][ T7983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  184.553005][ T7983] Call Trace:
[  184.553013][ T7983]  <TASK>
[  184.553022][ T7983]  dump_stack_lvl+0x100/0x190
[  184.553073][ T7983]  should_fail_ex.cold+0x5/0xa
[  184.553102][ T7983]  _copy_from_user+0x2e/0xd0
[  184.553131][ T7983]  copy_msghdr_from_user+0x9f/0x4f0
[  184.553161][ T7983]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  184.553192][ T7983]  ? rcu_is_watching+0x12/0xc0
[  184.553225][ T7983]  ? ___sys_recvmsg+0x177/0x1a0
[  184.553249][ T7983]  ? kfree+0x2ec/0x6b0
[  184.553284][ T7983]  ___sys_recvmsg+0xdd/0x1a0
[  184.553311][ T7983]  ? __pfx____sys_recvmsg+0x10/0x10
[  184.553356][ T7983]  ? __pfx___might_resched+0x10/0x10
[  184.553403][ T7983]  do_recvmmsg+0x301/0x760
[  184.553435][ T7983]  ? __pfx_do_recvmmsg+0x10/0x10
[  184.553458][ T7983]  ? ksys_write+0x190/0x250
[  184.553480][ T7983]  ? ksys_write+0x190/0x250
[  184.553508][ T7983]  ? __mutex_unlock_slowpath+0x15c/0x790
[  184.553552][ T7983]  ? __fget_files+0x21f/0x3d0
[  184.553583][ T7983]  __x64_sys_recvmmsg+0x22a/0x280
[  184.553619][ T7983]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  184.553668][ T7983]  do_syscall_64+0x106/0xf80
[  184.553700][ T7983]  ? clear_bhb_loop+0x40/0x90
[  184.553730][ T7983]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.553755][ T7983] RIP: 0033:0x7f7f1359c799
[  184.553780][ T7983] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  184.553803][ T7983] RSP: 002b:00007f7f143a0028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  184.553827][ T7983] RAX: ffffffffffffffda RBX: 00007f7f13815fa0 RCX: 00007f7f1359c799
[  184.553846][ T7983] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[  184.553860][ T7983] RBP: 00007f7f143a0090 R08: 0000000000000000 R09: 0000000000000000
[  184.553875][ T7983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  184.553889][ T7983] R13: 00007f7f13816038 R14: 00007f7f13815fa0 R15: 00007ffd82721648
[  184.553926][ T7983]  </TASK>
[  185.263538][ T7982] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  185.280720][ T7982] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  185.298220][ T7982] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  185.316219][ T7982] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  185.953417][   T30] audit: type=1804 audit(1773680081.486:24): pid=8014 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.436" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  186.699105][   T30] audit: type=1804 audit(1773680082.226:25): pid=8040 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.440" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  186.983096][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout
[  187.301011][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout
[  187.307099][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout
[  187.381024][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout
[  187.641347][ T8052] can: request_module (can-proto-4) failed.
[  188.176280][ T8075] NFSD: Failed to start, no listeners configured.
[  189.887872][ T8105] zswap: compressor  not available
[  189.895222][ T8108] debugfs: '!PjE�r��҄y�*�"�l-���y–��L̓���]' already exists in 'ieee80211'
[  190.487597][   T30] audit: type=1804 audit(1773680086.026:26): pid=8117 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.457" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  190.817852][ T8114] can: request_module (can-proto-4) failed.
[  191.337753][ T8133] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  191.467535][ T8134] FAULT_INJECTION: forcing a failure.
[  191.467535][ T8134] name fail_futex, interval 1, probability 0, space 0, times 0
[  191.491123][ T8134] CPU: 1 UID: 0 PID: 8134 Comm: syz.1.460 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  191.491149][ T8134] Tainted: [U]=USER
[  191.491154][ T8134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  191.491162][ T8134] Call Trace:
[  191.491168][ T8134]  <TASK>
[  191.491175][ T8134]  dump_stack_lvl+0x100/0x190
[  191.491200][ T8134]  should_fail_ex.cold+0x5/0xa
[  191.491217][ T8134]  get_futex_key+0x1d2/0x1620
[  191.491237][ T8134]  ? __pfx_get_futex_key+0x10/0x10
[  191.491259][ T8134]  futex_wake+0xea/0x530
[  191.491280][ T8134]  ? __pfx_futex_wake+0x10/0x10
[  191.491301][ T8134]  ? __call_rcu_common.constprop.0+0x3f0/0x9b0
[  191.491326][ T8134]  do_futex+0x32b/0x350
[  191.491347][ T8134]  ? __pfx_do_futex+0x10/0x10
[  191.491365][ T8134]  ? __pfx___might_resched+0x10/0x10
[  191.491384][ T8134]  ? blkcg_maybe_throttle_current+0x5df/0xeb0
[  191.491407][ T8134]  __x64_sys_futex+0x34f/0x4d0
[  191.491427][ T8134]  ? __pfx___x64_sys_futex+0x10/0x10
[  191.491451][ T8134]  do_syscall_64+0x106/0xf80
[  191.491470][ T8134]  ? clear_bhb_loop+0x40/0x90
[  191.491487][ T8134]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.491501][ T8134] RIP: 0033:0x7f7f1359c799
[  191.491515][ T8134] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  191.491528][ T8134] RSP: 002b:00007f7f1437f0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  191.491542][ T8134] RAX: ffffffffffffffda RBX: 00007f7f13816098 RCX: 00007f7f1359c799
[  191.491551][ T8134] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f7f1381609c
[  191.491559][ T8134] RBP: 00007f7f13816090 R08: 0000000000000000 R09: 0000000000000000
[  191.491567][ T8134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  191.491575][ T8134] R13: 00007f7f13816128 R14: 00007ffd82721560 R15: 00007ffd82721648
[  191.491593][ T8134]  </TASK>
[  194.201597][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  194.208021][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  196.013530][ T8227] NFSD: Failed to start, no listeners configured.
[  199.003684][ T8278] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[  201.656928][   T30] audit: type=1804 audit(1773680097.176:27): pid=8308 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.502" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  202.946419][ T8332] NFSD: Failed to start, no listeners configured.
[  205.592941][ T8370] FAULT_INJECTION: forcing a failure.
[  205.592941][ T8370] name failslab, interval 1, probability 0, space 0, times 0
[  205.670954][ T8370] CPU: 1 UID: 0 PID: 8370 Comm: syz.3.514 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  205.670999][ T8370] Tainted: [U]=USER
[  205.671008][ T8370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  205.671024][ T8370] Call Trace:
[  205.671033][ T8370]  <TASK>
[  205.671043][ T8370]  dump_stack_lvl+0x100/0x190
[  205.671089][ T8370]  should_fail_ex.cold+0x5/0xa
[  205.671122][ T8370]  should_failslab+0xc2/0x120
[  205.671151][ T8370]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  205.671190][ T8370]  ? prepare_creds+0x2c/0x950
[  205.671234][ T8370]  prepare_creds+0x2c/0x950
[  205.671275][ T8370]  join_session_keyring+0x17/0x350
[  205.671306][ T8370]  lookup_user_key+0xbf9/0x1300
[  205.671339][ T8370]  ? __pfx_lookup_user_key+0x10/0x10
[  205.671368][ T8370]  ? __pfx_do_futex+0x10/0x10
[  205.671409][ T8370]  ? __pfx_lookup_user_key_possessed+0x10/0x10
[  205.671446][ T8370]  ? xfd_validate_state+0x129/0x190
[  205.671489][ T8370]  keyctl_keyring_link+0x57/0xe0
[  205.671530][ T8370]  __do_sys_keyctl+0x1bf/0x5a0
[  205.671559][ T8370]  do_syscall_64+0x106/0xf80
[  205.671594][ T8370]  ? clear_bhb_loop+0x40/0x90
[  205.671627][ T8370]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.671654][ T8370] RIP: 0033:0x7fabb339c799
[  205.671677][ T8370] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  205.671702][ T8370] RSP: 002b:00007fabb4266028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  205.671728][ T8370] RAX: ffffffffffffffda RBX: 00007fabb3616090 RCX: 00007fabb339c799
[  205.671746][ T8370] RDX: ffffffffffffffff RSI: fffffffffffffffd RDI: 0000000000000008
[  205.671762][ T8370] RBP: 00007fabb3432c99 R08: 0000000000000002 R09: 0000000000000000
[  205.671779][ T8370] R10: 0000000000005092 R11: 0000000000000246 R12: 0000000000000000
[  205.671795][ T8370] R13: 00007fabb3616128 R14: 00007fabb3616090 R15: 00007ffd3c2943d8
[  205.671831][ T8370]  </TASK>
[  207.360728][ T5832] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  208.165351][ T8414] NFSD: Failed to start, no listeners configured.
[  208.302889][ T8412] zswap: compressor � not available
[  208.326649][ T8413] Setting dangerous option i915.mitigations - tainting kernel
[  209.381038][ T5835] Bluetooth: hci0: command 0x0c1a tx timeout
[  209.993118][ T8439] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7fe00
[  210.004157][ T8426] NFSD: Failed to start, no listeners configured.
[  210.049149][ T8439] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  210.156894][ T8439] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  210.184001][ T8439] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  210.213517][ T8439] raw: 0000000000000000 0000000000000000 00000008ffffffff 0000000000000000
[  210.222346][ T8439] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  210.241010][ T8439] head: 0000000000000000 0000000000000000 00000008ffffffff 0000000000000000
[  210.249857][ T8439] head: 00fff00000000003 ffffea0001ff8001 00000000ffffffff 00000000ffffffff
[  210.291126][ T8439] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  210.299875][ T8439] page dumped because: unmovable page
[  210.350693][ T8439] page_owner tracks the page as allocated
[  210.463159][ T8439] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 0, tgid 0 (swapper/0), ts 56644844335, free_ts 22129946390
[  210.522786][ T8439]  post_alloc_hook+0x153/0x170
[  210.527607][ T8439]  get_page_from_freelist+0x111d/0x3140
[  210.577542][ T8439]  __alloc_frozen_pages_noprof+0x27c/0x2ba0
[  210.590992][ T8439]  alloc_pages_mpol+0x1fb/0x550
[  210.595917][ T8439]  alloc_pages_noprof+0x131/0x390
[  210.636267][ T8439]  skb_page_frag_refill+0x365/0x5b0
[  210.646842][ T8439]  try_fill_recv+0x7f1/0x2930
[  210.656387][ T8439]  virtnet_poll+0x154a/0x3a20
[  210.671355][ T8439]  __napi_poll.constprop.0+0xaf/0x450
[  210.678849][ T8439]  net_rx_action+0xa40/0xf20
[  210.748253][ T8439]  handle_softirqs+0x1eb/0x9e0
[  210.793261][ T8439]  __irq_exit_rcu+0xef/0x150
[  210.827645][ T8439]  irq_exit_rcu+0x9/0x30
[  210.842000][ T8439]  common_interrupt+0xbe/0xe0
[  210.868293][ T8439]  asm_common_interrupt+0x26/0x40
[  210.960901][ T8439] page last free pid 1 tgid 1 stack trace:
[  210.982811][ T8439]  __free_frozen_pages+0x7e1/0x10d0
[  210.988310][ T8439]  free_contig_range+0xde/0x1d0
[  210.997524][ T8439]  destroy_args+0xa8/0x7a0
[  211.021411][ T8439]  debug_vm_pgtable+0x1b66/0x34c0
[  211.036688][ T8439]  do_one_initcall+0x11d/0x760
[  211.080755][ T8439]  kernel_init_freeable+0x6e5/0x7a0
[  211.087102][ T8439]  kernel_init+0x1f/0x1e0
[  211.100588][ T8439]  ret_from_fork+0x754/0xd80
[  211.116912][ T8439]  ret_from_fork_asm+0x1a/0x30
[  211.461092][ T5835] Bluetooth: hci0: command 0x0c1a tx timeout
[  213.413823][ T8503] sctp: [Deprecated]: syz.3.539 (pid 8503) Use of struct sctp_assoc_value in delayed_ack socket option.
[  213.413823][ T8503] Use struct sctp_sack_info instead
[  216.097246][ T8544] random: crng reseeded on system resumption
[  216.177436][ T8548] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input15
[  216.859901][   T30] audit: type=1804 audit(1773680112.396:28): pid=8551 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.549" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  217.270932][ T8537] FAULT_INJECTION: forcing a failure.
[  217.270932][ T8537] name failslab, interval 1, probability 0, space 0, times 0
[  217.315186][ T8537] CPU: 1 UID: 0 PID: 8537 Comm: syz.2.546 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  217.315221][ T8537] Tainted: [U]=USER
[  217.315229][ T8537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  217.315243][ T8537] Call Trace:
[  217.315253][ T8537]  <TASK>
[  217.315263][ T8537]  dump_stack_lvl+0x100/0x190
[  217.315306][ T8537]  should_fail_ex.cold+0x5/0xa
[  217.315334][ T8537]  should_failslab+0xc2/0x120
[  217.315365][ T8537]  __kmalloc_cache_noprof+0x7a/0x6f0
[  217.315400][ T8537]  ? kobject_create_and_add+0x46/0xc0
[  217.315435][ T8537]  kobject_create_and_add+0x46/0xc0
[  217.315465][ T8537]  __add_disk+0x66f/0xe40
[  217.315509][ T8537]  ? find_held_lock+0x2b/0x80
[  217.315539][ T8537]  add_disk_fwnode+0x3d4/0x5c0
[  217.315571][ T8537]  zram_add+0x4d2/0x610
[  217.315605][ T8537]  ? __pfx_zram_add+0x10/0x10
[  217.315663][ T8537]  ? find_held_lock+0x2b/0x80
[  217.315688][ T8537]  ? sysfs_file_kobj+0xe4/0x290
[  217.315725][ T8537]  ? __pfx_hot_add_show+0x10/0x10
[  217.315759][ T8537]  hot_add_show+0x21/0x80
[  217.315792][ T8537]  class_attr_show+0x72/0xa0
[  217.315823][ T8537]  ? __pfx_class_attr_show+0x10/0x10
[  217.315850][ T8537]  sysfs_kf_seq_show+0x217/0x3a0
[  217.315887][ T8537]  seq_read_iter+0x32f/0x1270
[  217.315937][ T8537]  kernfs_fop_read_iter+0x46c/0x610
[  217.315968][ T8537]  ? rw_verify_area+0xce/0x6d0
[  217.315999][ T8537]  ? __pfx_kernfs_fop_read_iter+0x10/0x10
[  217.316016][ T8537]  vfs_read+0x825/0xb30
[  217.316040][ T8537]  ? __pfx_vfs_read+0x10/0x10
[  217.316082][ T8537]  ksys_read+0x12a/0x250
[  217.316094][ T8537]  ? __pfx_ksys_read+0x10/0x10
[  217.316113][ T8537]  do_syscall_64+0x106/0xf80
[  217.316133][ T8537]  ? clear_bhb_loop+0x40/0x90
[  217.316150][ T8537]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.316165][ T8537] RIP: 0033:0x7f6c7159c799
[  217.316178][ T8537] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  217.316191][ T8537] RSP: 002b:00007f6c7252b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  217.316205][ T8537] RAX: ffffffffffffffda RBX: 00007f6c71815fa0 RCX: 00007f6c7159c799
[  217.316214][ T8537] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000009
[  217.316223][ T8537] RBP: 00007f6c71632c99 R08: 0000000000000000 R09: 0000000000000000
[  217.316232][ T8537] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  217.316241][ T8537] R13: 00007f6c71816038 R14: 00007f6c71815fa0 R15: 00007ffe3c765e08
[  217.316260][ T8537]  </TASK>
[  219.904608][   T30] audit: type=1804 audit(1773680115.446:29): pid=8595 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.559" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  220.156492][ T8593] can: request_module (can-proto-4) failed.
[  220.863808][ T8614] netlink: 8 bytes leftover after parsing attributes in process `syz.0.564'.
[  220.873258][ T8614] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  222.623230][   T30] audit: type=1804 audit(1773680118.166:30): pid=8641 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.569" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  223.914357][ T8673] NFSD: Failed to start, no listeners configured.
[  224.139949][ T8674] syz.0.576 uses obsolete (PF_INET,SOCK_PACKET)
[  225.989407][   T30] audit: type=1804 audit(1773680121.526:31): pid=8701 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.583" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  228.203510][   T30] audit: type=1804 audit(1773680123.746:32): pid=8750 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.595" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  231.464083][   T30] audit: type=1804 audit(1773680126.986:33): pid=8798 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.606" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  233.585093][ T8821] kvm: vcpu 4: requested lapic timer restore with starting count register 0x390=4294967104 (137438947328 ns) > initial count (6624 ns). Using initial count to start timer.
[  234.194690][ T8828] NFSD: Failed to start, no listeners configured.
[  237.684411][ T8880] random: crng reseeded on system resumption
[  237.700714][ T8880] Restarting kernel threads ...
[  237.709193][ T8880] Done restarting kernel threads.
[  238.081187][ T8888] kvm: vcpu 4: requested lapic timer restore with starting count register 0x390=4294967104 (137438947328 ns) > initial count (6624 ns). Using initial count to start timer.
[  238.328907][ T8893] FAULT_INJECTION: forcing a failure.
[  238.328907][ T8893] name failslab, interval 1, probability 0, space 0, times 0
[  238.366198][ T8893] CPU: 0 UID: 0 PID: 8893 Comm: syz.2.625 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  238.366237][ T8893] Tainted: [U]=USER
[  238.366245][ T8893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  238.366259][ T8893] Call Trace:
[  238.366267][ T8893]  <TASK>
[  238.366276][ T8893]  dump_stack_lvl+0x100/0x190
[  238.366316][ T8893]  should_fail_ex.cold+0x5/0xa
[  238.366346][ T8893]  should_failslab+0xc2/0x120
[  238.366372][ T8893]  __kmalloc_cache_noprof+0x7a/0x6f0
[  238.366403][ T8893]  ? ovs_dp_cmd_new+0x1af/0xdf0
[  238.366439][ T8893]  ovs_dp_cmd_new+0x1af/0xdf0
[  238.366477][ T8893]  ? __pfx_ovs_dp_cmd_new+0x10/0x10
[  238.366513][ T8893]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280
[  238.366540][ T8893]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280
[  238.366574][ T8893]  genl_family_rcv_msg_doit+0x214/0x300
[  238.366604][ T8893]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  238.366639][ T8893]  ? genl_get_cmd+0x3ef/0x720
[  238.366671][ T8893]  ? bpf_lsm_capable+0x9/0x10
[  238.366696][ T8893]  ? security_capable+0x80/0x260
[  238.366732][ T8893]  ? ns_capable+0xd2/0xf0
[  238.366759][ T8893]  genl_rcv_msg+0x560/0x800
[  238.366789][ T8893]  ? __pfx_genl_rcv_msg+0x10/0x10
[  238.366815][ T8893]  ? __pfx_ovs_dp_cmd_new+0x10/0x10
[  238.366856][ T8893]  netlink_rcv_skb+0x159/0x420
[  238.366892][ T8893]  ? __pfx_genl_rcv_msg+0x10/0x10
[  238.366919][ T8893]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  238.366968][ T8893]  ? netlink_deliver_tap+0x1ae/0xcc0
[  238.367008][ T8893]  genl_rcv+0x28/0x40
[  238.367029][ T8893]  netlink_unicast+0x5aa/0x870
[  238.367070][ T8893]  ? __pfx_netlink_unicast+0x10/0x10
[  238.367119][ T8893]  netlink_sendmsg+0x8b0/0xda0
[  238.367163][ T8893]  ? __pfx_netlink_sendmsg+0x10/0x10
[  238.367196][ T8893]  ? __import_iovec+0x1d2/0x640
[  238.367227][ T8893]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  238.367269][ T8893]  ____sys_sendmsg+0x9e1/0xb70
[  238.367293][ T8893]  ? __pfx_netlink_sendmsg+0x10/0x10
[  238.367331][ T8893]  ? __pfx_____sys_sendmsg+0x10/0x10
[  238.367373][ T8893]  ___sys_sendmsg+0x190/0x1e0
[  238.367403][ T8893]  ? __pfx____sys_sendmsg+0x10/0x10
[  238.367474][ T8893]  __sys_sendmsg+0x170/0x220
[  238.367508][ T8893]  ? __pfx___sys_sendmsg+0x10/0x10
[  238.367565][ T8893]  do_syscall_64+0x106/0xf80
[  238.367597][ T8893]  ? clear_bhb_loop+0x40/0x90
[  238.367633][ T8893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.367659][ T8893] RIP: 0033:0x7f6c7159c799
[  238.367679][ T8893] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  238.367701][ T8893] RSP: 002b:00007f6c7252b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  238.367725][ T8893] RAX: ffffffffffffffda RBX: 00007f6c71815fa0 RCX: 00007f6c7159c799
[  238.367741][ T8893] RDX: 0000000002000000 RSI: 0000200000000080 RDI: 0000000000000003
[  238.367756][ T8893] RBP: 00007f6c7252b090 R08: 0000000000000000 R09: 0000000000000000
[  238.367770][ T8893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  238.367784][ T8893] R13: 00007f6c71816038 R14: 00007f6c71815fa0 R15: 00007ffe3c765e08
[  238.367818][ T8893]  </TASK>
[  238.859875][ T8898] ACPI: \_SB_.LNKS: No IRQ available. Try pci=noacpi or acpi=off
[  239.059450][ T8898] pci 0000:00:01.3: PCI INT A: no GSI
[  239.109248][ T8908] NFSD: Failed to start, no listeners configured.
[  241.905523][ T8958] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input16
[  242.405397][ T8963] FAULT_INJECTION: forcing a failure.
[  242.405397][ T8963] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  242.471202][ T8963] CPU: 1 UID: 0 PID: 8963 Comm: syz.3.641 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  242.471245][ T8963] Tainted: [U]=USER
[  242.471254][ T8963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  242.471283][ T8963] Call Trace:
[  242.471292][ T8963]  <TASK>
[  242.471303][ T8963]  dump_stack_lvl+0x100/0x190
[  242.471348][ T8963]  should_fail_ex.cold+0x5/0xa
[  242.471375][ T8963]  ? prepare_alloc_pages+0x16d/0x5f0
[  242.471408][ T8963]  should_fail_alloc_page+0xeb/0x140
[  242.471439][ T8963]  prepare_alloc_pages+0x1f0/0x5f0
[  242.471476][ T8963]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  242.471516][ T8963]  ? __pfx_css_rstat_updated+0x10/0x10
[  242.471548][ T8963]  ? rcu_is_watching+0x12/0xc0
[  242.471587][ T8963]  ? trace_contention_end.constprop.0+0x15b/0x1b0
[  242.471631][ T8963]  ? rcu_is_watching+0x12/0xc0
[  242.471668][ T8963]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  242.471713][ T8963]  ? lru_gen_add_folio+0x20f/0x13e0
[  242.471758][ T8963]  ? lock_acquire+0x1cf/0x380
[  242.471789][ T8963]  ? find_held_lock+0x2b/0x80
[  242.471812][ T8963]  ? page_table_check_set+0x49a/0xa10
[  242.471838][ T8963]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  242.471882][ T8963]  ? policy_nodemask+0xed/0x4f0
[  242.471921][ T8963]  alloc_pages_mpol+0x1fb/0x550
[  242.471951][ T8963]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  242.471990][ T8963]  folio_alloc_mpol_noprof+0x36/0x340
[  242.472025][ T8963]  vma_alloc_folio_noprof+0xed/0x1d0
[  242.472057][ T8963]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  242.472101][ T8963]  do_anonymous_page+0xb3a/0x1fb0
[  242.472150][ T8963]  __handle_mm_fault+0x1d42/0x2b60
[  242.472196][ T8963]  ? __pfx___handle_mm_fault+0x10/0x10
[  242.472233][ T8963]  ? pte_offset_map_lock+0x174/0x320
[  242.472261][ T8963]  ? find_held_lock+0x2b/0x80
[  242.472298][ T8963]  ? follow_page_pte+0x5b3/0x1400
[  242.472335][ T8963]  handle_mm_fault+0x36d/0xa20
[  242.472376][ T8963]  __get_user_pages+0xf9c/0x34d0
[  242.472419][ T8963]  ? __pfx___get_user_pages+0x10/0x10
[  242.472462][ T8963]  populate_vma_page_range+0x267/0x3f0
[  242.472496][ T8963]  ? __pfx_populate_vma_page_range+0x10/0x10
[  242.472530][ T8963]  ? __pfx_find_vma_intersection+0x10/0x10
[  242.472561][ T8963]  ? do_mmap+0x93f/0x12f0
[  242.472595][ T8963]  __mm_populate+0x107/0x3a0
[  242.472629][ T8963]  ? __pfx___mm_populate+0x10/0x10
[  242.472663][ T8963]  ? up_write+0x290/0x4f0
[  242.472704][ T8963]  vm_mmap_pgoff+0x37f/0x470
[  242.472739][ T8963]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  242.472772][ T8963]  ? do_futex+0x192/0x350
[  242.472804][ T8963]  ? __pfx_do_futex+0x10/0x10
[  242.472834][ T8963]  ? __pfx_do_sys_openat2+0x10/0x10
[  242.472876][ T8963]  ksys_mmap_pgoff+0xe1/0x650
[  242.472913][ T8963]  ? __x64_sys_futex+0x34f/0x4d0
[  242.472945][ T8963]  ? __x64_sys_futex+0x358/0x4d0
[  242.472980][ T8963]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[  242.473009][ T8963]  ? xfd_validate_state+0x129/0x190
[  242.473053][ T8963]  __x64_sys_mmap+0x125/0x190
[  242.473096][ T8963]  do_syscall_64+0x106/0xf80
[  242.473132][ T8963]  ? clear_bhb_loop+0x40/0x90
[  242.473166][ T8963]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  242.473194][ T8963] RIP: 0033:0x7fabb339c799
[  242.473217][ T8963] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  242.473243][ T8963] RSP: 002b:00007fabb4287028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  242.473268][ T8963] RAX: ffffffffffffffda RBX: 00007fabb3615fa0 RCX: 00007fabb339c799
[  242.473286][ T8963] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000
[  242.473302][ T8963] RBP: 00007fabb3432c99 R08: 0000000000000002 R09: 0000000000008000
[  242.473318][ T8963] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[  242.473334][ T8963] R13: 00007fabb3616038 R14: 00007fabb3615fa0 R15: 00007ffd3c2943d8
[  242.473371][ T8963]  </TASK>
[  243.209858][ T8974] Invalid ELF header magic: != ELF
[  248.178302][ T9046] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  248.178441][ T9046] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  248.178532][ T9046] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  248.178621][ T9046] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  249.413873][ T9072] zswap: compressor � not available
[  249.631017][ T5835] Bluetooth: hci1: command 0x0c1a tx timeout
[  250.181042][ T5835] Bluetooth: hci3: command 0x0c1a tx timeout
[  250.191164][ T5835] Bluetooth: hci2: command 0x0c1a tx timeout
[  250.191734][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout
[  251.786220][ T9098] bond0: option slaves: interface -��]���=,D�on?�I|�a �CB does not exist!
[  251.809934][ T9099] netlink: 342 bytes leftover after parsing attributes in process `syz.1.674'.
[  251.845793][ T9098] bond0: option slaves: interface -��]���=,D�on?�I|�a �CB does not exist!
[  252.501187][ T9122] misc userio: Invalid payload size
[  254.789244][ T9159] kvm: vcpu 4: requested lapic timer restore with starting count register 0x390=4294967104 (137438947328 ns) > initial count (6624 ns). Using initial count to start timer.
[  255.242282][ T9163] openvswitch: netlink: Key type 95 is out of range max 32
[  255.624411][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  255.631189][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  256.820096][   T30] audit: type=1804 audit(1773680152.356:34): pid=9205 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.696" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  257.686899][   T30] audit: type=1804 audit(1773680153.126:35): pid=9215 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.697" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  258.414957][ T9222] kvm: vcpu 4: requested lapic timer restore with starting count register 0x390=4294967104 (137438947328 ns) > initial count (6624 ns). Using initial count to start timer.
[  258.450099][ T9224] sp0: Synchronizing with TNC
[  258.554485][ T5832] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[  258.894096][ T9230] cifs: Unknown parameter 'T.�����żc[���$⁍��)��U�ÑnE�-ʙ�l���-��	�-�_������5Z�o��m��fwY�h�*/�xD
lݩ���g�kǐA����7���9���X�a/f�_�AR������xM	�v��p��$^;��q�3���n���-
6��+e�k�����<�k�c�)n.�eM��Na��t��SM��1,'
[  258.948325][ T9234] Console: switching to colour VGA+ 80x25
[  259.059312][ T9235] Console: switching to colour frame buffer device 14x6
[  259.616606][   T30] audit: type=1804 audit(1773680155.156:36): pid=9245 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.705" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  260.014071][ T5835] Bluetooth: hci2: unexpected event 0x03 length: 123 > 11
[  260.581654][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout
[  262.663072][ T5835] Bluetooth: hci2: command 0x0c1a tx timeout
[  262.682789][ T9315] kvm: vcpu 4: requested lapic timer restore with starting count register 0x390=4294967104 (137438947328 ns) > initial count (6624 ns). Using initial count to start timer.
[  262.833115][ T9292] kexec: Could not allocate control_code_buffer
[  263.249451][ T9332] netlink: 'syz.0.724': attribute type 1 has an invalid length.
[  263.309816][ T9334] NFSD: Failed to start, no listeners configured.
[  263.616206][ T9326] tipc: Started in network mode
[  263.621783][ T9326] tipc: Node identity ffffffff, cluster identity 4711
[  263.628671][ T9326] tipc: Node number set to 4294967295
[  266.003590][ T9388] NFSD: Failed to start, no listeners configured.
[  267.710144][ T9411] .^: entered promiscuous mode
[  268.049473][ T9415] zswap: compressor  not available
[  269.403132][ T5831] usb usb40-port2: attempt power cycle
[  269.772250][ T9447] FAULT_INJECTION: forcing a failure.
[  269.772250][ T9447] name failslab, interval 1, probability 0, space 0, times 0
[  269.856131][ T9447] CPU: 1 UID: 0 PID: 9447 Comm: syz.0.746 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  269.856157][ T9447] Tainted: [U]=USER
[  269.856162][ T9447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  269.856171][ T9447] Call Trace:
[  269.856176][ T9447]  <TASK>
[  269.856182][ T9447]  dump_stack_lvl+0x100/0x190
[  269.856208][ T9447]  should_fail_ex.cold+0x5/0xa
[  269.856225][ T9447]  should_failslab+0xc2/0x120
[  269.856240][ T9447]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  269.856261][ T9447]  ? security_inode_alloc+0x3b/0x2c0
[  269.856275][ T9447]  ? lockdep_init_map_type+0x5c/0x250
[  269.856296][ T9447]  security_inode_alloc+0x3b/0x2c0
[  269.856311][ T9447]  inode_init_always_gfp+0xced/0x1040
[  269.856328][ T9447]  alloc_inode+0x8e/0x250
[  269.856347][ T9447]  new_inode+0x22/0x1c0
[  269.856366][ T9447]  shmem_get_inode+0x212/0x1040
[  269.856386][ T9447]  ? __pfx_shmem_get_inode+0x10/0x10
[  269.856403][ T9447]  ? rcu_is_watching+0x12/0xc0
[  269.856422][ T9447]  ? percpu_counter_add_batch+0xb9/0x230
[  269.856444][ T9447]  __shmem_file_setup+0x3ac/0x490
[  269.856463][ T9447]  ? __pfx___shmem_file_setup+0x10/0x10
[  269.856484][ T9447]  ? vm_area_alloc+0x1f/0x160
[  269.856504][ T9447]  shmem_zero_setup+0x96/0x1b0
[  269.856526][ T9447]  __mmap_region+0x2198/0x29e0
[  269.856549][ T9447]  ? __pfx___mmap_region+0x10/0x10
[  269.856566][ T9447]  ? process_measurement+0x1f4/0x2350
[  269.856606][ T9447]  ? __lock_acquire+0x4a5/0x2630
[  269.856623][ T9447]  ? update_cfs_rq_load_avg+0x51/0x550
[  269.856647][ T9447]  ? find_held_lock+0x2b/0x80
[  269.856660][ T9447]  ? finish_task_switch.isra.0+0x200/0xb80
[  269.856675][ T9447]  ? finish_task_switch.isra.0+0x200/0xb80
[  269.856698][ T9447]  ? trace_sched_exit_tp+0x13a/0x180
[  269.856715][ T9447]  ? __schedule+0x1000/0x6120
[  269.856755][ T9447]  ? rcu_is_watching+0x12/0xc0
[  269.856775][ T9447]  ? cap_capable+0x107/0x460
[  269.856799][ T9447]  mmap_region+0x180/0x3e0
[  269.856823][ T9447]  do_mmap+0xc63/0x12f0
[  269.856842][ T9447]  ? __pfx_do_mmap+0x10/0x10
[  269.856857][ T9447]  ? __pfx_down_write_killable+0x10/0x10
[  269.856882][ T9447]  vm_mmap_pgoff+0x29e/0x470
[  269.856900][ T9447]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  269.856917][ T9447]  ? do_futex+0x192/0x350
[  269.856934][ T9447]  ? __pfx_do_futex+0x10/0x10
[  269.856950][ T9447]  ? __pfx_do_sys_openat2+0x10/0x10
[  269.856971][ T9447]  ksys_mmap_pgoff+0xe1/0x650
[  269.856986][ T9447]  ? __x64_sys_futex+0x34f/0x4d0
[  269.857002][ T9447]  ? __x64_sys_futex+0x358/0x4d0
[  269.857020][ T9447]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[  269.857034][ T9447]  ? xfd_validate_state+0x129/0x190
[  269.857057][ T9447]  __x64_sys_mmap+0x125/0x190
[  269.857080][ T9447]  do_syscall_64+0x106/0xf80
[  269.857101][ T9447]  ? clear_bhb_loop+0x40/0x90
[  269.857118][ T9447]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.857133][ T9447] RIP: 0033:0x7fb19079c799
[  269.857146][ T9447] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  269.857160][ T9447] RSP: 002b:00007fb19165f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  269.857174][ T9447] RAX: ffffffffffffffda RBX: 00007fb190a15fa0 RCX: 00007fb19079c799
[  269.857183][ T9447] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000
[  269.857192][ T9447] RBP: 00007fb190832c99 R08: fffffffffffffffa R09: 0000000000008000
[  269.857200][ T9447] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[  269.857209][ T9447] R13: 00007fb190a16038 R14: 00007fb190a15fa0 R15: 00007ffe1ac9a4b8
[  269.857228][ T9447]  </TASK>
[  270.612015][ T5831] usb usb40-port2: unable to enumerate USB device
[  273.076766][ T9461] syz.0.749 (9461) used greatest stack depth: 19672 bytes left
[  273.366517][ T9475] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  273.397537][ T9475] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  273.404139][ T9475] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  273.442141][ T9475] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  273.459947][ T9488] can: request_module (can-proto-0) failed.
[  274.020939][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout
[  275.313938][ T9537] netlink: 342 bytes leftover after parsing attributes in process `syz.3.765'.
[  275.467711][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout
[  275.473928][ T5835] Bluetooth: hci3: command 0x0c1a tx timeout
[  275.481776][ T5835] Bluetooth: hci0: command 0x0c1a tx timeout
[  275.545701][ T9538] kvm: vcpu 4: requested lapic timer restore with starting count register 0x390=4294967104 (137438947328 ns) > initial count (6624 ns). Using initial count to start timer.
[  275.758180][ T9542] kvm: vcpu 4: requested lapic timer restore with starting count register 0x390=4294967104 (137438947328 ns) > initial count (6624 ns). Using initial count to start timer.
[  276.219785][ T9555] FAULT_INJECTION: forcing a failure.
[  276.219785][ T9555] name failslab, interval 1, probability 0, space 0, times 0
[  276.341589][ T9555] CPU: 1 UID: 0 PID: 9555 Comm: syz.3.769 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  276.341639][ T9555] Tainted: [U]=USER
[  276.341649][ T9555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  276.341665][ T9555] Call Trace:
[  276.341673][ T9555]  <TASK>
[  276.341683][ T9555]  dump_stack_lvl+0x100/0x190
[  276.341731][ T9555]  should_fail_ex.cold+0x5/0xa
[  276.341764][ T9555]  ? argv_split+0x173/0x420
[  276.341795][ T9555]  should_failslab+0xc2/0x120
[  276.341824][ T9555]  __kmalloc_noprof+0xe0/0x850
[  276.341864][ T9555]  ? __asan_memcpy+0x3c/0x60
[  276.341902][ T9555]  argv_split+0x173/0x420
[  276.341933][ T9555]  ? __pfx___trace_uprobe_create+0x10/0x10
[  276.341959][ T9555]  trace_probe_create+0x7d/0x100
[  276.341994][ T9555]  ? __pfx_trace_probe_create+0x10/0x10
[  276.342035][ T9555]  create_dyn_event+0xee/0x1d0
[  276.342066][ T9555]  trace_parse_run_command+0x1ab/0x3b0
[  276.342103][ T9555]  ? __pfx_create_dyn_event+0x10/0x10
[  276.342138][ T9555]  vfs_write+0x2aa/0x1070
[  276.342163][ T9555]  ? __pfx_dyn_event_write+0x10/0x10
[  276.342198][ T9555]  ? __pfx_vfs_write+0x10/0x10
[  276.342237][ T9555]  ? __fget_files+0x215/0x3d0
[  276.342267][ T9555]  ? __fget_files+0x21f/0x3d0
[  276.342298][ T9555]  ksys_write+0x12a/0x250
[  276.342319][ T9555]  ? __pfx_ksys_write+0x10/0x10
[  276.342349][ T9555]  do_syscall_64+0x106/0xf80
[  276.342385][ T9555]  ? clear_bhb_loop+0x40/0x90
[  276.342416][ T9555]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.342443][ T9555] RIP: 0033:0x7fabb339c799
[  276.342464][ T9555] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  276.342496][ T9555] RSP: 002b:00007fabb4287028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  276.342522][ T9555] RAX: ffffffffffffffda RBX: 00007fabb3615fa0 RCX: 00007fabb339c799
[  276.342538][ T9555] RDX: 0000000000000001 RSI: 0000200000000000 RDI: 0000000000000005
[  276.342555][ T9555] RBP: 00007fabb3432c99 R08: 0000000000000000 R09: 0000000000000000
[  276.342570][ T9555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  276.342584][ T9555] R13: 00007fabb3616038 R14: 00007fabb3615fa0 R15: 00007ffd3c2943d8
[  276.342618][ T9555]  </TASK>
[  276.571854][ T9560] lo: entered allmulticast mode
[  276.828263][ T9556] lo: left allmulticast mode
[  277.736454][ T9587] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[  278.014124][ T9593] can: request_module (can-proto-4) failed.
[  278.402268][ T9611] netlink: NAT attribute has 18 unknown bytes
[  280.281111][ T9640] FAULT_INJECTION: forcing a failure.
[  280.281111][ T9640] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  280.393361][ T9640] CPU: 1 UID: 0 PID: 9640 Comm: syz.1.792 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  280.393392][ T9640] Tainted: [U]=USER
[  280.393396][ T9640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  280.393404][ T9640] Call Trace:
[  280.393409][ T9640]  <TASK>
[  280.393414][ T9640]  dump_stack_lvl+0x100/0x190
[  280.393439][ T9640]  should_fail_ex.cold+0x5/0xa
[  280.393455][ T9640]  _copy_from_user+0x2e/0xd0
[  280.393477][ T9640]  copy_msghdr_from_user+0x9f/0x4f0
[  280.393493][ T9640]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  280.393510][ T9640]  ? rcu_is_watching+0x12/0xc0
[  280.393530][ T9640]  ? ___sys_recvmsg+0x177/0x1a0
[  280.393542][ T9640]  ? kfree+0x2ec/0x6b0
[  280.393562][ T9640]  ___sys_recvmsg+0xdd/0x1a0
[  280.393576][ T9640]  ? __pfx____sys_recvmsg+0x10/0x10
[  280.393600][ T9640]  ? __pfx___might_resched+0x10/0x10
[  280.393622][ T9640]  do_recvmmsg+0x301/0x760
[  280.393639][ T9640]  ? __pfx_do_recvmmsg+0x10/0x10
[  280.393652][ T9640]  ? ksys_write+0x190/0x250
[  280.393664][ T9640]  ? ksys_write+0x190/0x250
[  280.393678][ T9640]  ? __mutex_unlock_slowpath+0x15c/0x790
[  280.393705][ T9640]  ? __fget_files+0x21f/0x3d0
[  280.393722][ T9640]  __x64_sys_recvmmsg+0x22a/0x280
[  280.393742][ T9640]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  280.393766][ T9640]  do_syscall_64+0x106/0xf80
[  280.393783][ T9640]  ? clear_bhb_loop+0x40/0x90
[  280.393800][ T9640]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.393813][ T9640] RIP: 0033:0x7f7f1359c799
[  280.393826][ T9640] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  280.393838][ T9640] RSP: 002b:00007f7f143a0028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  280.393851][ T9640] RAX: ffffffffffffffda RBX: 00007f7f13815fa0 RCX: 00007f7f1359c799
[  280.393860][ T9640] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[  280.393867][ T9640] RBP: 00007f7f143a0090 R08: 0000000000000000 R09: 0000000000000000
[  280.393875][ T9640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  280.393882][ T9640] R13: 00007f7f13816038 R14: 00007f7f13815fa0 R15: 00007ffd82721648
[  280.393900][ T9640]  </TASK>
[  282.004474][ T9669] netlink: 4 bytes leftover after parsing attributes in process `syz.1.799'.
[  283.142847][ T9694] HfR: entered promiscuous mode
[  283.811061][ T9717] random: crng reseeded on system resumption
[  283.829648][ T9717] Restarting kernel threads ...
[  283.841734][ T9717] Done restarting kernel threads.
[  289.033998][ T9819] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input17
[  289.990288][ T9840] NFSD: Failed to start, no listeners configured.
[  290.289473][ T9848] bond0: option arp_missed_max: invalid value ()
[  290.360636][ T9848] bond0: option arp_missed_max: allowed values 1 - 255
[  290.776113][ T9861] netlink: 4 bytes leftover after parsing attributes in process `syz.2.846'.
[  290.886111][ T9863] netlink: 342 bytes leftover after parsing attributes in process `syz.2.846'.
[  292.430735][ T9895] NFSD: Failed to start, no listeners configured.
[  293.050336][ T9907] .^: entered promiscuous mode
[  296.677418][ T9947] ptp ptp0: delete virtual clock ptp3
[  296.736651][ T9947] ptp ptp0: delete virtual clock ptp2
[  296.771619][ T9946] FAULT_INJECTION: forcing a failure.
[  296.771619][ T9946] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  296.820885][ T9946] CPU: 1 UID: 0 PID: 9946 Comm: syz.2.868 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  296.820921][ T9946] Tainted: [U]=USER
[  296.820928][ T9946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  296.820941][ T9946] Call Trace:
[  296.820949][ T9946]  <TASK>
[  296.820958][ T9946]  dump_stack_lvl+0x100/0x190
[  296.820995][ T9946]  should_fail_ex.cold+0x5/0xa
[  296.821012][ T9946]  _copy_from_user+0x2e/0xd0
[  296.821029][ T9946]  get_timespec64+0x8b/0x1b0
[  296.821044][ T9946]  ? __pfx_get_timespec64+0x10/0x10
[  296.821059][ T9946]  ? count_memcg_events_mm.constprop.0+0x109/0x2a0
[  296.821083][ T9946]  __x64_sys_clock_nanosleep+0x1ce/0x480
[  296.821106][ T9946]  ? __pfx___x64_sys_clock_nanosleep+0x10/0x10
[  296.821127][ T9946]  ? do_user_addr_fault+0x8d6/0x12f0
[  296.821151][ T9946]  do_syscall_64+0x106/0xf80
[  296.821169][ T9946]  ? clear_bhb_loop+0x40/0x90
[  296.821185][ T9946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  296.821198][ T9946] RIP: 0033:0x7f6c7155cfce
[  296.821210][ T9946] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  296.821223][ T9946] RSP: 002b:00007ffe3c765ee8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e6
[  296.821236][ T9946] RAX: ffffffffffffffda RBX: 000055556b6ca500 RCX: 00007f6c7155cfce
[  296.821244][ T9946] RDX: 00007ffe3c765f40 RSI: 0000000000000000 RDI: 0000000000000000
[  296.821252][ T9946] RBP: 00007f6c71817da0 R08: 0000000000000000 R09: 0000000000000000
[  296.821260][ T9946] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000000489bd
[  296.821267][ T9946] R13: 00007f6c7181609c R14: 0000000000048726 R15: 00007f6c71816090
[  296.821284][ T9946]  </TASK>
[  297.203952][ T9947] ptp ptp0: delete virtual clock ptp1
[  297.235939][ T9947] ptp ptp0: only physical clock in use now
[  297.951218][ T9960] zswap: compressor  not available
[  299.802977][ T9987] netlink: 186 bytes leftover after parsing attributes in process `syz.2.877'.
[  299.986817][ T9987] netlink: 186 bytes leftover after parsing attributes in process `syz.2.877'.
[  300.067825][ T9993] netlink: 342 bytes leftover after parsing attributes in process `syz.0.878'.
[  300.217475][ T9996] zswap: compressor  not available
[  300.226513][ T9998] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE�r��҄y�*�"�l-���y–��L̓���]'
[  300.266689][ T9998] CPU: 0 UID: 0 PID: 9998 Comm: syz.3.879 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  300.266732][ T9998] Tainted: [U]=USER
[  300.266741][ T9998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  300.266756][ T9998] Call Trace:
[  300.266765][ T9998]  <TASK>
[  300.266776][ T9998]  dump_stack_lvl+0x100/0x190
[  300.266818][ T9998]  sysfs_warn_dup.cold+0x1c/0x28
[  300.266853][ T9998]  sysfs_do_create_link_sd+0x113/0x140
[  300.266892][ T9998]  sysfs_create_link+0x61/0xc0
[  300.266925][ T9998]  device_add+0x675/0x1950
[  300.266960][ T9998]  ? __pfx_device_add+0x10/0x10
[  300.266989][ T9998]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  300.267034][ T9998]  ? ieee80211_set_bitrate_flags+0x41b/0x6b0
[  300.267077][ T9998]  wiphy_register+0x1e5b/0x2d30
[  300.267125][ T9998]  ? __rtnl_unlock+0xb9/0xf0
[  300.267166][ T9998]  ? netdev_run_todo+0x7a0/0x12c0
[  300.267213][ T9998]  ? __pfx_wiphy_register+0x10/0x10
[  300.267253][ T9998]  ? __asan_memset+0x23/0x50
[  300.267290][ T9998]  ? minstrel_ht_alloc+0x5e6/0x7f0
[  300.267343][ T9998]  ieee80211_register_hw+0x2cfd/0x4140
[  300.267402][ T9998]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  300.267442][ T9998]  ? __pfx___debug_object_init+0x10/0x10
[  300.267490][ T9998]  ? find_held_lock+0x2b/0x80
[  300.267517][ T9998]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  300.267561][ T9998]  ? __hrtimer_setup+0x178/0x280
[  300.267604][ T9998]  mac80211_hwsim_new_radio+0x2847/0x57d0
[  300.267673][ T9998]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  300.267726][ T9998]  hwsim_new_radio_nl+0xc1f/0x1340
[  300.267770][ T9998]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  300.267818][ T9998]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280
[  300.267846][ T9998]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280
[  300.267879][ T9998]  genl_family_rcv_msg_doit+0x214/0x300
[  300.267910][ T9998]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  300.267938][ T9998]  ? genl_get_cmd+0x3ef/0x720
[  300.267969][ T9998]  ? bpf_lsm_capable+0x9/0x10
[  300.267994][ T9998]  ? security_capable+0x80/0x260
[  300.268033][ T9998]  ? ns_capable+0xd2/0xf0
[  300.268061][ T9998]  genl_rcv_msg+0x560/0x800
[  300.268090][ T9998]  ? __pfx_genl_rcv_msg+0x10/0x10
[  300.268115][ T9998]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  300.268175][ T9998]  netlink_rcv_skb+0x159/0x420
[  300.268211][ T9998]  ? __pfx_genl_rcv_msg+0x10/0x10
[  300.268238][ T9998]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  300.268288][ T9998]  ? netlink_deliver_tap+0x1ae/0xcc0
[  300.268327][ T9998]  genl_rcv+0x28/0x40
[  300.268346][ T9998]  netlink_unicast+0x5aa/0x870
[  300.268386][ T9998]  ? __pfx_netlink_unicast+0x10/0x10
[  300.268420][ T9998]  ? __pfx___might_resched+0x10/0x10
[  300.268454][ T9998]  ? __lock_acquire+0x4a5/0x2630
[  300.268497][ T9998]  netlink_sendmsg+0x8b0/0xda0
[  300.268541][ T9998]  ? __pfx_netlink_sendmsg+0x10/0x10
[  300.268576][ T9998]  ? __import_iovec+0x1d2/0x640
[  300.268609][ T9998]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  300.268651][ T9998]  ____sys_sendmsg+0x9e1/0xb70
[  300.268677][ T9998]  ? __pfx_netlink_sendmsg+0x10/0x10
[  300.268719][ T9998]  ? __pfx_____sys_sendmsg+0x10/0x10
[  300.268751][ T9998]  ? try_to_wake_up+0x644/0x1a80
[  300.268783][ T9998]  ___sys_sendmsg+0x190/0x1e0
[  300.268814][ T9998]  ? __pfx____sys_sendmsg+0x10/0x10
[  300.268840][ T9998]  ? futex_private_hash_put+0x107/0x1c0
[  300.268908][ T9998]  __sys_sendmsg+0x170/0x220
[  300.268945][ T9998]  ? __pfx___sys_sendmsg+0x10/0x10
[  300.268980][ T9998]  ? __x64_sys_futex+0x34f/0x4d0
[  300.269037][ T9998]  do_syscall_64+0x106/0xf80
[  300.269072][ T9998]  ? clear_bhb_loop+0x40/0x90
[  300.269104][ T9998]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.269139][ T9998] RIP: 0033:0x7fabb339c799
[  300.269159][ T9998] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  300.269183][ T9998] RSP: 002b:00007fabb4266028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  300.269208][ T9998] RAX: ffffffffffffffda RBX: 00007fabb3616090 RCX: 00007fabb339c799
[  300.269225][ T9998] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000005
[  300.269240][ T9998] RBP: 00007fabb3432c99 R08: 0000000000000000 R09: 0000000000000000
[  300.269256][ T9998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  300.269272][ T9998] R13: 00007fabb3616128 R14: 00007fabb3616090 R15: 00007ffd3c2943d8
[  300.269309][ T9998]  </TASK>
[  303.500459][T10059] netlink: 8 bytes leftover after parsing attributes in process `syz.0.892'.
[  303.629978][T10058] NFSD: Failed to start, no listeners configured.
[  304.187741][T10067] zswap: compressor  not available
[  306.400143][T10115] bridge0: port 3(bond0) entered blocking state
[  306.442406][T10115] bridge0: port 3(bond0) entered disabled state
[  306.448896][T10115] bond0: entered allmulticast mode
[  306.516505][T10115] bond_slave_0: entered allmulticast mode
[  306.569638][T10115] bond_slave_1: entered allmulticast mode
[  306.597370][T10115] bond0: entered promiscuous mode
[  306.640897][T10115] bond_slave_0: entered promiscuous mode
[  306.646800][T10115] bond_slave_1: entered promiscuous mode
[  306.681476][T10115] bridge0: port 3(bond0) entered blocking state
[  306.687942][T10115] bridge0: port 3(bond0) entered forwarding state
[  308.261283][T10134] netlink: 342 bytes leftover after parsing attributes in process `syz.2.909'.
[  308.270325][T10134] IPv6: NLM_F_CREATE should be specified when creating new route
[  308.372321][T10138] netlink: 122 bytes leftover after parsing attributes in process `syz.2.909'.
[  308.488201][T10134] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  308.495700][T10134] IPv6: NLM_F_CREATE should be set when creating new route
[  308.503152][T10134] IPv6: NLM_F_CREATE should be set when creating new route
[  309.772281][T10167] FAULT_INJECTION: forcing a failure.
[  309.772281][T10167] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  309.789685][T10167] CPU: 0 UID: 0 PID: 10167 Comm: syz.2.914 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  309.789712][T10167] Tainted: [U]=USER
[  309.789717][T10167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  309.789729][T10167] Call Trace:
[  309.789735][T10167]  <TASK>
[  309.789740][T10167]  dump_stack_lvl+0x100/0x190
[  309.789767][T10167]  should_fail_ex.cold+0x5/0xa
[  309.789784][T10167]  _copy_from_user+0x2e/0xd0
[  309.789803][T10167]  trace_parse_run_command+0xbb/0x3b0
[  309.789825][T10167]  ? __pfx_create_dyn_event+0x10/0x10
[  309.789847][T10167]  vfs_write+0x2aa/0x1070
[  309.789862][T10167]  ? __pfx_dyn_event_write+0x10/0x10
[  309.789880][T10167]  ? __pfx_vfs_write+0x10/0x10
[  309.789900][T10167]  ? __fget_files+0x215/0x3d0
[  309.789918][T10167]  ? __fget_files+0x21f/0x3d0
[  309.789936][T10167]  ksys_write+0x12a/0x250
[  309.789948][T10167]  ? __pfx_ksys_write+0x10/0x10
[  309.789966][T10167]  do_syscall_64+0x106/0xf80
[  309.789985][T10167]  ? clear_bhb_loop+0x40/0x90
[  309.790002][T10167]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  309.790016][T10167] RIP: 0033:0x7f6c7159c799
[  309.790029][T10167] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  309.790042][T10167] RSP: 002b:00007f6c7250a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  309.790059][T10167] RAX: ffffffffffffffda RBX: 00007f6c71816090 RCX: 00007f6c7159c799
[  309.790069][T10167] RDX: 0000000000000001 RSI: 0000200000000000 RDI: 0000000000000006
[  309.790077][T10167] RBP: 00007f6c71632c99 R08: 0000000000000000 R09: 0000000000000000
[  309.790085][T10167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  309.790092][T10167] R13: 00007f6c71816128 R14: 00007f6c71816090 R15: 00007ffe3c765e08
[  309.790111][T10167]  </TASK>
[  310.497107][T10175] zswap: compressor  not available
[  311.367274][T10196] vivid-007: =================  START STATUS  =================
[  311.379918][T10196] vivid-007: Generate PTS: true
[  311.388984][T10196] vivid-007: Generate SCR: true
[  311.408674][T10196] tpg source WxH: 320x240 (Y'CbCr)
[  311.422099][T10196] tpg field: 1
[  311.482835][T10196] tpg crop: (0,0)/320x240
[  311.522141][T10196] tpg compose: (0,0)/320x240
[  311.533339][T10196] tpg colorspace: 8
[  311.537214][T10196] tpg transfer function: 0/0
[  311.543186][T10196] tpg Y'CbCr encoding: 0/0
[  311.550743][T10196] tpg quantization: 0/0
[  311.562917][T10196] tpg RGB range: 0/2
[  311.572747][T10196] vivid-007: ==================  END STATUS  ==================
[  313.565081][T10242] FAULT_INJECTION: forcing a failure.
[  313.565081][T10242] name failslab, interval 1, probability 0, space 0, times 0
[  313.582119][T10242] CPU: 1 UID: 0 PID: 10242 Comm: syz.3.933 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  313.582162][T10242] Tainted: [U]=USER
[  313.582172][T10242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  313.582187][T10242] Call Trace:
[  313.582196][T10242]  <TASK>
[  313.582206][T10242]  dump_stack_lvl+0x100/0x190
[  313.582252][T10242]  should_fail_ex.cold+0x5/0xa
[  313.582290][T10242]  should_failslab+0xc2/0x120
[  313.582318][T10242]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  313.582358][T10242]  ? __anon_vma_prepare+0xae/0x5e0
[  313.582401][T10242]  ? __pfx_filemap_map_pages+0x10/0x10
[  313.582438][T10242]  __anon_vma_prepare+0xae/0x5e0
[  313.582471][T10242]  ? find_held_lock+0x2b/0x80
[  313.582500][T10242]  ? __pfx_filemap_map_pages+0x10/0x10
[  313.582537][T10242]  __vmf_anon_prepare+0x11f/0x250
[  313.582569][T10242]  do_fault+0x152/0x1990
[  313.582598][T10242]  ? __pmd_alloc+0x3fb/0x950
[  313.582631][T10242]  __handle_mm_fault+0x180f/0x2b60
[  313.582672][T10242]  ? mt_find+0x45e/0x8e0
[  313.582712][T10242]  ? __pfx___handle_mm_fault+0x10/0x10
[  313.582754][T10242]  ? __pfx_mt_find+0x10/0x10
[  313.582823][T10242]  handle_mm_fault+0x36d/0xa20
[  313.582866][T10242]  __get_user_pages+0xf9c/0x34d0
[  313.582910][T10242]  ? __pfx___get_user_pages+0x10/0x10
[  313.582950][T10242]  populate_vma_page_range+0x267/0x3f0
[  313.582985][T10242]  ? __pfx_populate_vma_page_range+0x10/0x10
[  313.583015][T10242]  ? __pfx_find_vma_intersection+0x10/0x10
[  313.583046][T10242]  ? do_mmap+0x93f/0x12f0
[  313.583081][T10242]  __mm_populate+0x107/0x3a0
[  313.583114][T10242]  ? __pfx___mm_populate+0x10/0x10
[  313.583148][T10242]  ? up_write+0x290/0x4f0
[  313.583188][T10242]  vm_mmap_pgoff+0x37f/0x470
[  313.583223][T10242]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  313.583250][T10242]  ? __fget_files+0x215/0x3d0
[  313.583281][T10242]  ? __fget_files+0x21f/0x3d0
[  313.583313][T10242]  ksys_mmap_pgoff+0x3c8/0x650
[  313.583342][T10242]  ? __x64_sys_futex+0x34f/0x4d0
[  313.583374][T10242]  ? __x64_sys_futex+0x358/0x4d0
[  313.583408][T10242]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[  313.583436][T10242]  ? xfd_validate_state+0x129/0x190
[  313.583481][T10242]  __x64_sys_mmap+0x125/0x190
[  313.583523][T10242]  do_syscall_64+0x106/0xf80
[  313.583557][T10242]  ? clear_bhb_loop+0x40/0x90
[  313.583590][T10242]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  313.583617][T10242] RIP: 0033:0x7fabb339c799
[  313.583640][T10242] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  313.583665][T10242] RSP: 002b:00007fabb4287028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  313.583690][T10242] RAX: ffffffffffffffda RBX: 00007fabb3615fa0 RCX: 00007fabb339c799
[  313.583713][T10242] RDX: 0000000000000003 RSI: 0000000000000009 RDI: 0000000000000000
[  313.583734][T10242] RBP: 00007fabb3432c99 R08: 0000000000000003 R09: 0000000000008000
[  313.583750][T10242] R10: 0000000000008012 R11: 0000000000000246 R12: 0000000000000000
[  313.583767][T10242] R13: 00007fabb3616038 R14: 00007fabb3615fa0 R15: 00007ffd3c2943d8
[  313.583804][T10242]  </TASK>
[  313.951050][T10231] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  313.957102][T10231] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  313.991488][T10231] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  314.018894][T10231] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  315.310828][ T5146] Bluetooth: hci1: command 0x0c1a tx timeout
[  316.022279][ T5146] Bluetooth: hci3: command 0x0c1a tx timeout
[  316.030946][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout
[  316.100867][ T5146] Bluetooth: hci2: command 0x0c1a tx timeout
[  316.776948][T10277] kvm: vcpu 4: requested lapic timer restore with starting count register 0x390=4294967104 (137438947328 ns) > initial count (6624 ns). Using initial count to start timer.
[  317.070250][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  317.076924][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  318.456610][T10319] zswap: compressor  not available
[  318.462793][T10321] debugfs: '!PjE�r��҄y�*�"�l-���y–��L̓���]' already exists in 'ieee80211'
[  321.086370][T10374] zswap: compressor  not available
[  321.092326][T10379] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE�r��҄y�*�"�l-���y–��L̓���]'
[  321.152345][T10379] CPU: 1 UID: 0 PID: 10379 Comm: syz.3.962 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  321.152390][T10379] Tainted: [U]=USER
[  321.152400][T10379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  321.152416][T10379] Call Trace:
[  321.152425][T10379]  <TASK>
[  321.152435][T10379]  dump_stack_lvl+0x100/0x190
[  321.152482][T10379]  sysfs_warn_dup.cold+0x1c/0x28
[  321.152522][T10379]  sysfs_do_create_link_sd+0x113/0x140
[  321.152562][T10379]  sysfs_create_link+0x61/0xc0
[  321.152599][T10379]  device_add+0x675/0x1950
[  321.152634][T10379]  ? __pfx_device_add+0x10/0x10
[  321.152664][T10379]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  321.152709][T10379]  ? ieee80211_set_bitrate_flags+0x41b/0x6b0
[  321.152752][T10379]  wiphy_register+0x1e5b/0x2d30
[  321.152800][T10379]  ? __rtnl_unlock+0xb9/0xf0
[  321.152842][T10379]  ? netdev_run_todo+0x7a0/0x12c0
[  321.152890][T10379]  ? __pfx_wiphy_register+0x10/0x10
[  321.152932][T10379]  ? __asan_memset+0x23/0x50
[  321.152969][T10379]  ? minstrel_ht_alloc+0x5e6/0x7f0
[  321.153021][T10379]  ieee80211_register_hw+0x2cfd/0x4140
[  321.153080][T10379]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  321.153119][T10379]  ? __pfx___debug_object_init+0x10/0x10
[  321.153168][T10379]  ? find_held_lock+0x2b/0x80
[  321.153196][T10379]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  321.153240][T10379]  ? __hrtimer_setup+0x178/0x280
[  321.153279][T10379]  mac80211_hwsim_new_radio+0x2847/0x57d0
[  321.153346][T10379]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  321.153404][T10379]  hwsim_new_radio_nl+0xc1f/0x1340
[  321.153451][T10379]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  321.153504][T10379]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280
[  321.153534][T10379]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280
[  321.153571][T10379]  genl_family_rcv_msg_doit+0x214/0x300
[  321.153604][T10379]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  321.153633][T10379]  ? genl_get_cmd+0x3ef/0x720
[  321.153667][T10379]  ? bpf_lsm_capable+0x9/0x10
[  321.153695][T10379]  ? security_capable+0x80/0x260
[  321.153735][T10379]  ? ns_capable+0xd2/0xf0
[  321.153764][T10379]  genl_rcv_msg+0x560/0x800
[  321.153802][T10379]  ? __pfx_genl_rcv_msg+0x10/0x10
[  321.153832][T10379]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  321.153890][T10379]  netlink_rcv_skb+0x159/0x420
[  321.153931][T10379]  ? __pfx_genl_rcv_msg+0x10/0x10
[  321.153960][T10379]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  321.154016][T10379]  ? netlink_deliver_tap+0x1ae/0xcc0
[  321.154060][T10379]  genl_rcv+0x28/0x40
[  321.154083][T10379]  netlink_unicast+0x5aa/0x870
[  321.154129][T10379]  ? __pfx_netlink_unicast+0x10/0x10
[  321.154166][T10379]  ? __pfx___might_resched+0x10/0x10
[  321.154204][T10379]  ? __lock_acquire+0x4a5/0x2630
[  321.154247][T10379]  netlink_sendmsg+0x8b0/0xda0
[  321.154293][T10379]  ? __pfx_netlink_sendmsg+0x10/0x10
[  321.154330][T10379]  ? __import_iovec+0x1d2/0x640
[  321.154366][T10379]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  321.154413][T10379]  ____sys_sendmsg+0x9e1/0xb70
[  321.154439][T10379]  ? __pfx_netlink_sendmsg+0x10/0x10
[  321.154482][T10379]  ? __pfx_____sys_sendmsg+0x10/0x10
[  321.154518][T10379]  ? __pfx_futex_wake_mark+0x10/0x10
[  321.154564][T10379]  ___sys_sendmsg+0x190/0x1e0
[  321.154596][T10379]  ? __pfx____sys_sendmsg+0x10/0x10
[  321.154673][T10379]  __sys_sendmsg+0x170/0x220
[  321.154712][T10379]  ? __pfx___sys_sendmsg+0x10/0x10
[  321.154748][T10379]  ? __x64_sys_futex+0x34f/0x4d0
[  321.154811][T10379]  do_syscall_64+0x106/0xf80
[  321.154848][T10379]  ? clear_bhb_loop+0x40/0x90
[  321.154881][T10379]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.154909][T10379] RIP: 0033:0x7fabb339c799
[  321.154932][T10379] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  321.154957][T10379] RSP: 002b:00007fabb4266028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  321.154983][T10379] RAX: ffffffffffffffda RBX: 00007fabb3616090 RCX: 00007fabb339c799
[  321.155002][T10379] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000005
[  321.155018][T10379] RBP: 00007fabb3432c99 R08: 0000000000000000 R09: 0000000000000000
[  321.155034][T10379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  321.155050][T10379] R13: 00007fabb3616128 R14: 00007fabb3616090 R15: 00007ffd3c2943d8
[  321.155087][T10379]  </TASK>
[  322.131156][T10391] netlink: 12 bytes leftover after parsing attributes in process `syz.3.965'.
[  322.246512][T10389] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7fe00
[  322.362708][T10389] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  322.442665][T10389] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  322.497959][T10389] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  322.554834][T10389] raw: 0000000000000000 0000000000000000 00000008ffffffff 0000000000000000
[  322.635939][T10389] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  322.698574][T10389] head: 0000000000000000 0000000000000000 00000008ffffffff 0000000000000000
[  322.780173][T10389] head: 00fff00000000003 ffffea0001ff8001 00000000ffffffff 00000000ffffffff
[  322.822402][T10389] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  322.920822][T10389] page dumped because: unmovable page
[  322.926292][T10389] page_owner tracks the page as allocated
[  322.991246][T10389] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 0, tgid 0 (swapper/0), ts 56644844335, free_ts 22129946390
[  323.085360][T10389]  post_alloc_hook+0x153/0x170
[  323.105672][T10389]  get_page_from_freelist+0x111d/0x3140
[  323.131174][T10389]  __alloc_frozen_pages_noprof+0x27c/0x2ba0
[  323.151895][T10389]  alloc_pages_mpol+0x1fb/0x550
[  323.183152][T10389]  alloc_pages_noprof+0x131/0x390
[  323.197933][T10389]  skb_page_frag_refill+0x365/0x5b0
[  323.220946][T10389]  try_fill_recv+0x7f1/0x2930
[  323.239985][T10389]  virtnet_poll+0x154a/0x3a20
[  323.255372][T10389]  __napi_poll.constprop.0+0xaf/0x450
[  323.266691][T10389]  net_rx_action+0xa40/0xf20
[  323.286612][T10389]  handle_softirqs+0x1eb/0x9e0
[  323.303307][T10389]  __irq_exit_rcu+0xef/0x150
[  323.311086][T10389]  irq_exit_rcu+0x9/0x30
[  323.338754][T10389]  common_interrupt+0xbe/0xe0
[  323.350882][T10389]  asm_common_interrupt+0x26/0x40
[  323.355984][T10389] page last free pid 1 tgid 1 stack trace:
[  323.416953][T10389]  __free_frozen_pages+0x7e1/0x10d0
[  323.422740][T10389]  free_contig_range+0xde/0x1d0
[  323.431142][T10389]  destroy_args+0xa8/0x7a0
[  323.465482][T10389]  debug_vm_pgtable+0x1b66/0x34c0
[  323.511009][T10389]  do_one_initcall+0x11d/0x760
[  323.521117][T10389]  kernel_init_freeable+0x6e5/0x7a0
[  323.556763][T10389]  kernel_init+0x1f/0x1e0
[  323.565512][T10389]  ret_from_fork+0x754/0xd80
[  323.585794][T10389]  ret_from_fork_asm+0x1a/0x30
[  324.856178][T10437] openvswitch: .^: Dropping previously announced user features
[  325.191210][T10447] NFSD: Failed to start, no listeners configured.
[  325.231452][T10453] block2mtd: error: cannot open device /sys/modu
[  326.395315][T10460] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE�r��҄y�*�"�l-���y–��L̓���]'
[  326.448956][T10460] CPU: 0 UID: 0 PID: 10460 Comm: syz.1.977 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  326.448984][T10460] Tainted: [U]=USER
[  326.448989][T10460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  326.448998][T10460] Call Trace:
[  326.449004][T10460]  <TASK>
[  326.449010][T10460]  dump_stack_lvl+0x100/0x190
[  326.449037][T10460]  sysfs_warn_dup.cold+0x1c/0x28
[  326.449057][T10460]  sysfs_do_create_link_sd+0x113/0x140
[  326.449079][T10460]  sysfs_create_link+0x61/0xc0
[  326.449097][T10460]  device_add+0x675/0x1950
[  326.449117][T10460]  ? __pfx_device_add+0x10/0x10
[  326.449132][T10460]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  326.449157][T10460]  ? ieee80211_set_bitrate_flags+0x41b/0x6b0
[  326.449180][T10460]  wiphy_register+0x1e5b/0x2d30
[  326.449201][T10460]  ? __rtnl_unlock+0xb9/0xf0
[  326.449223][T10460]  ? netdev_run_todo+0x7a0/0x12c0
[  326.449248][T10460]  ? __pfx_wiphy_register+0x10/0x10
[  326.449269][T10460]  ? __asan_memset+0x23/0x50
[  326.449289][T10460]  ? minstrel_ht_alloc+0x5e6/0x7f0
[  326.449317][T10460]  ieee80211_register_hw+0x2cfd/0x4140
[  326.449347][T10460]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  326.449368][T10460]  ? __pfx___debug_object_init+0x10/0x10
[  326.449394][T10460]  ? find_held_lock+0x2b/0x80
[  326.449408][T10460]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  326.449445][T10460]  ? __hrtimer_setup+0x178/0x280
[  326.449481][T10460]  mac80211_hwsim_new_radio+0x2847/0x57d0
[  326.449539][T10460]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  326.449583][T10460]  ? __asan_memcpy+0x3c/0x60
[  326.449621][T10460]  hwsim_new_radio_nl+0xc1f/0x1340
[  326.449665][T10460]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  326.449713][T10460]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280
[  326.449743][T10460]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280
[  326.449779][T10460]  genl_family_rcv_msg_doit+0x214/0x300
[  326.449811][T10460]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  326.449839][T10460]  ? genl_get_cmd+0x3ef/0x720
[  326.449873][T10460]  ? bpf_lsm_capable+0x9/0x10
[  326.449899][T10460]  ? security_capable+0x80/0x260
[  326.449950][T10460]  ? ns_capable+0xd2/0xf0
[  326.449980][T10460]  genl_rcv_msg+0x560/0x800
[  326.450009][T10460]  ? __pfx_genl_rcv_msg+0x10/0x10
[  326.450036][T10460]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  326.450090][T10460]  netlink_rcv_skb+0x159/0x420
[  326.450129][T10460]  ? __pfx_genl_rcv_msg+0x10/0x10
[  326.450158][T10460]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  326.450213][T10460]  ? netlink_deliver_tap+0x1ae/0xcc0
[  326.450257][T10460]  genl_rcv+0x28/0x40
[  326.450279][T10460]  netlink_unicast+0x5aa/0x870
[  326.450323][T10460]  ? __pfx_netlink_unicast+0x10/0x10
[  326.450360][T10460]  ? __pfx___might_resched+0x10/0x10
[  326.450396][T10460]  ? __lock_acquire+0x4a5/0x2630
[  326.450439][T10460]  netlink_sendmsg+0x8b0/0xda0
[  326.450484][T10460]  ? __pfx_netlink_sendmsg+0x10/0x10
[  326.450520][T10460]  ? __import_iovec+0x1d2/0x640
[  326.450555][T10460]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  326.450601][T10460]  ____sys_sendmsg+0x9e1/0xb70
[  326.450625][T10460]  ? __pfx_netlink_sendmsg+0x10/0x10
[  326.450667][T10460]  ? __pfx_____sys_sendmsg+0x10/0x10
[  326.450702][T10460]  ? __pfx_futex_wake_mark+0x10/0x10
[  326.450749][T10460]  ___sys_sendmsg+0x190/0x1e0
[  326.450779][T10460]  ? __pfx____sys_sendmsg+0x10/0x10
[  326.450849][T10460]  __sys_sendmsg+0x170/0x220
[  326.450886][T10460]  ? __pfx___sys_sendmsg+0x10/0x10
[  326.450927][T10460]  ? __x64_sys_futex+0x34f/0x4d0
[  326.450985][T10460]  do_syscall_64+0x106/0xf80
[  326.451021][T10460]  ? clear_bhb_loop+0x40/0x90
[  326.451055][T10460]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.451083][T10460] RIP: 0033:0x7f7f1359c799
[  326.451104][T10460] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  326.451130][T10460] RSP: 002b:00007f7f143a0028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  326.451156][T10460] RAX: ffffffffffffffda RBX: 00007f7f13815fa0 RCX: 00007f7f1359c799
[  326.451174][T10460] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003
[  326.451191][T10460] RBP: 00007f7f13632c99 R08: 0000000000000000 R09: 0000000000000000
[  326.451208][T10460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  326.451223][T10460] R13: 00007f7f13816038 R14: 00007f7f13815fa0 R15: 00007ffd82721648
[  326.451259][T10460]  </TASK>
[  328.439854][T10498] openvswitch: .^: Dropping previously announced user features
[  329.860678][T10524] netlink: 4 bytes leftover after parsing attributes in process `syz.0.993'.
[  333.818144][T10586] hub 1-0:1.0: USB hub found
[  333.824990][T10586] hub 1-0:1.0: 1 port detected
[  334.326474][T10602] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input19
[  335.040684][T10626] block nbd0: Unsupported socket: should be TCP or UNIX.
[  335.861229][T10644] zswap: compressor  not available
[  335.921736][T10653] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input20
[  338.042145][T10691] netlink: 'syz.2.1031': attribute type 4 has an invalid length.
[  338.071021][T10691] netlink: 'syz.2.1031': attribute type 1 has an invalid length.
[  339.232325][T10714] kvm: vcpu 4: requested lapic timer restore with starting count register 0x390=4294967104 (137438947328 ns) > initial count (6624 ns). Using initial count to start timer.
[  340.825161][T10742] can: request_module (can-proto-4) failed.
[  340.841463][T10749] random: crng reseeded on system resumption
[  341.156760][T10753] FAULT_INJECTION: forcing a failure.
[  341.156760][T10753] name fail_futex, interval 1, probability 0, space 0, times 0
[  341.207119][T10753] CPU: 0 UID: 0 PID: 10753 Comm: syz.1.1045 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  341.207163][T10753] Tainted: [U]=USER
[  341.207172][T10753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  341.207187][T10753] Call Trace:
[  341.207195][T10753]  <TASK>
[  341.207205][T10753]  dump_stack_lvl+0x100/0x190
[  341.207250][T10753]  should_fail_ex.cold+0x5/0xa
[  341.207281][T10753]  get_futex_key+0x1d2/0x1620
[  341.207318][T10753]  ? __pfx_get_futex_key+0x10/0x10
[  341.207353][T10753]  ? find_held_lock+0x2b/0x80
[  341.207378][T10753]  ? futex_wake+0x456/0x530
[  341.207425][T10753]  futex_wake+0xea/0x530
[  341.207463][T10753]  ? __pfx___might_resched+0x10/0x10
[  341.207501][T10753]  ? __pfx_futex_wake+0x10/0x10
[  341.207554][T10753]  do_futex+0x32b/0x350
[  341.207586][T10753]  ? __pfx_do_futex+0x10/0x10
[  341.207616][T10753]  ? do_sock_setsockopt+0x101/0x1d0
[  341.207656][T10753]  ? rcu_is_watching+0x12/0xc0
[  341.207692][T10753]  ? do_sock_setsockopt+0x101/0x1d0
[  341.207728][T10753]  ? kfree+0x2ec/0x6b0
[  341.207765][T10753]  __x64_sys_futex+0x34f/0x4d0
[  341.207803][T10753]  ? __pfx___x64_sys_futex+0x10/0x10
[  341.207836][T10753]  ? __sys_setsockopt+0x139/0x190
[  341.207888][T10753]  do_syscall_64+0x106/0xf80
[  341.207925][T10753]  ? clear_bhb_loop+0x40/0x90
[  341.207958][T10753]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.207984][T10753] RIP: 0033:0x7f7f1359c799
[  341.208006][T10753] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  341.208031][T10753] RSP: 002b:00007f7f143a00e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  341.208056][T10753] RAX: ffffffffffffffda RBX: 00007f7f13815fa8 RCX: 00007f7f1359c799
[  341.208081][T10753] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f7f13815fac
[  341.208098][T10753] RBP: 00007f7f13815fa0 R08: 0000000000000000 R09: 0000000000000000
[  341.208113][T10753] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  341.208129][T10753] R13: 00007f7f13816038 R14: 00007ffd82721560 R15: 00007ffd82721648
[  341.208166][T10753]  </TASK>
[  342.216494][T10787] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1054'.
[  343.330506][T10813] openvswitch: netlink: IP tunnel TTL not specified.
[  343.357337][T10807] zswap: compressor  not available
[  343.760153][T10822] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE�r��҄y�*�"�l-���y–��L̓���]'
[  343.794414][T10822] CPU: 0 UID: 0 PID: 10822 Comm: syz.3.1061 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  343.794441][T10822] Tainted: [U]=USER
[  343.794445][T10822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  343.794454][T10822] Call Trace:
[  343.794459][T10822]  <TASK>
[  343.794465][T10822]  dump_stack_lvl+0x100/0x190
[  343.794492][T10822]  sysfs_warn_dup.cold+0x1c/0x28
[  343.794513][T10822]  sysfs_do_create_link_sd+0x113/0x140
[  343.794534][T10822]  sysfs_create_link+0x61/0xc0
[  343.794553][T10822]  device_add+0x675/0x1950
[  343.794573][T10822]  ? __pfx_device_add+0x10/0x10
[  343.794589][T10822]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  343.794613][T10822]  ? ieee80211_set_bitrate_flags+0x41b/0x6b0
[  343.794636][T10822]  wiphy_register+0x1e5b/0x2d30
[  343.794656][T10822]  ? __rtnl_unlock+0xb9/0xf0
[  343.794686][T10822]  ? netdev_run_todo+0x7a0/0x12c0
[  343.794712][T10822]  ? __pfx_wiphy_register+0x10/0x10
[  343.794733][T10822]  ? __asan_memset+0x23/0x50
[  343.794753][T10822]  ? minstrel_ht_alloc+0x5e6/0x7f0
[  343.794784][T10822]  ieee80211_register_hw+0x2cfd/0x4140
[  343.794815][T10822]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  343.794835][T10822]  ? __pfx___debug_object_init+0x10/0x10
[  343.794861][T10822]  ? find_held_lock+0x2b/0x80
[  343.794875][T10822]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  343.794898][T10822]  ? __hrtimer_setup+0x178/0x280
[  343.794921][T10822]  mac80211_hwsim_new_radio+0x2847/0x57d0
[  343.794956][T10822]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  343.794980][T10822]  ? __asan_memcpy+0x3c/0x60
[  343.795000][T10822]  hwsim_new_radio_nl+0xc1f/0x1340
[  343.795024][T10822]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  343.795051][T10822]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280
[  343.795067][T10822]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280
[  343.795086][T10822]  genl_family_rcv_msg_doit+0x214/0x300
[  343.795103][T10822]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  343.795117][T10822]  ? genl_get_cmd+0x3ef/0x720
[  343.795135][T10822]  ? bpf_lsm_capable+0x9/0x10
[  343.795149][T10822]  ? security_capable+0x80/0x260
[  343.795171][T10822]  ? ns_capable+0xd2/0xf0
[  343.795186][T10822]  genl_rcv_msg+0x560/0x800
[  343.795202][T10822]  ? __pfx_genl_rcv_msg+0x10/0x10
[  343.795217][T10822]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  343.795245][T10822]  netlink_rcv_skb+0x159/0x420
[  343.795273][T10822]  ? __pfx_genl_rcv_msg+0x10/0x10
[  343.795289][T10822]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  343.795319][T10822]  ? netlink_deliver_tap+0x1ae/0xcc0
[  343.795342][T10822]  genl_rcv+0x28/0x40
[  343.795354][T10822]  netlink_unicast+0x5aa/0x870
[  343.795378][T10822]  ? __pfx_netlink_unicast+0x10/0x10
[  343.795398][T10822]  ? __pfx___might_resched+0x10/0x10
[  343.795417][T10822]  ? __lock_acquire+0x4a5/0x2630
[  343.795440][T10822]  netlink_sendmsg+0x8b0/0xda0
[  343.795463][T10822]  ? __pfx_netlink_sendmsg+0x10/0x10
[  343.795482][T10822]  ? __import_iovec+0x1d2/0x640
[  343.795501][T10822]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  343.795525][T10822]  ____sys_sendmsg+0x9e1/0xb70
[  343.795538][T10822]  ? __pfx_netlink_sendmsg+0x10/0x10
[  343.795561][T10822]  ? __pfx_____sys_sendmsg+0x10/0x10
[  343.795580][T10822]  ? __pfx_futex_wake_mark+0x10/0x10
[  343.795603][T10822]  ___sys_sendmsg+0x190/0x1e0
[  343.795621][T10822]  ? __pfx____sys_sendmsg+0x10/0x10
[  343.795660][T10822]  __sys_sendmsg+0x170/0x220
[  343.795680][T10822]  ? __pfx___sys_sendmsg+0x10/0x10
[  343.795699][T10822]  ? __x64_sys_futex+0x34f/0x4d0
[  343.795728][T10822]  do_syscall_64+0x106/0xf80
[  343.795748][T10822]  ? clear_bhb_loop+0x40/0x90
[  343.795769][T10822]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.795784][T10822] RIP: 0033:0x7fabb339c799
[  343.795813][T10822] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  343.795827][T10822] RSP: 002b:00007fabb4287028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  343.795842][T10822] RAX: ffffffffffffffda RBX: 00007fabb3615fa0 RCX: 00007fabb339c799
[  343.795852][T10822] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003
[  343.795861][T10822] RBP: 00007fabb3432c99 R08: 0000000000000000 R09: 0000000000000000
[  343.795869][T10822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  343.795878][T10822] R13: 00007fabb3616038 R14: 00007fabb3615fa0 R15: 00007ffd3c2943d8
[  343.795898][T10822]  </TASK>
[  344.292570][T10825] nbd: socks must be embedded in a SOCK_ITEM attr
[  344.743329][T10834] NFSD: Failed to start, no listeners configured.
[  344.816388][   T30] audit: type=1326 audit(1773680240.356:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10839 comm="syz.0.1066" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb19079c799 code=0x0
[  345.474170][T10830] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  345.484419][T10830] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  345.494730][T10830] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  345.524395][T10830] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  346.012275][T10855] kvm: vcpu 4: requested lapic timer restore with starting count register 0x390=4294967104 (137438947328 ns) > initial count (6624 ns). Using initial count to start timer.
[  346.091982][   T30] audit: type=1800 audit(1773680241.616:38): pid=10865 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1070" name="discovery_nqn" dev="configfs" ino=35429 res=0 errno=0
[  346.405211][T10878] kvm: vcpu 4: requested lapic timer restore with starting count register 0x390=4294967104 (137438947328 ns) > initial count (6624 ns). Using initial count to start timer.
[  346.661160][ T5146] Bluetooth: hci1: command 0x0c1a tx timeout
[  347.540902][ T5146] Bluetooth: hci2: command 0x0c1a tx timeout
[  347.547015][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout
[  347.553115][ T5835] Bluetooth: hci0: command 0x0c1a tx timeout
[  347.893450][T10904] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE�r��҄y�*�"�l-���y–��L̓���]'
[  347.923601][T10904] CPU: 1 UID: 0 PID: 10904 Comm: syz.1.1078 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  347.923649][T10904] Tainted: [U]=USER
[  347.923657][T10904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  347.923673][T10904] Call Trace:
[  347.923682][T10904]  <TASK>
[  347.923692][T10904]  dump_stack_lvl+0x100/0x190
[  347.923738][T10904]  sysfs_warn_dup.cold+0x1c/0x28
[  347.923775][T10904]  sysfs_do_create_link_sd+0x113/0x140
[  347.923815][T10904]  sysfs_create_link+0x61/0xc0
[  347.923857][T10904]  device_add+0x675/0x1950
[  347.923893][T10904]  ? __pfx_device_add+0x10/0x10
[  347.923922][T10904]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  347.923967][T10904]  ? ieee80211_set_bitrate_flags+0x41b/0x6b0
[  347.924010][T10904]  wiphy_register+0x1e5b/0x2d30
[  347.924050][T10904]  ? __rtnl_unlock+0xb9/0xf0
[  347.924090][T10904]  ? netdev_run_todo+0x7a0/0x12c0
[  347.924136][T10904]  ? __pfx_wiphy_register+0x10/0x10
[  347.924178][T10904]  ? __asan_memset+0x23/0x50
[  347.924215][T10904]  ? minstrel_ht_alloc+0x5e6/0x7f0
[  347.924269][T10904]  ieee80211_register_hw+0x2cfd/0x4140
[  347.924328][T10904]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  347.924368][T10904]  ? __pfx___debug_object_init+0x10/0x10
[  347.924423][T10904]  ? find_held_lock+0x2b/0x80
[  347.924451][T10904]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  347.924496][T10904]  ? __hrtimer_setup+0x178/0x280
[  347.924539][T10904]  mac80211_hwsim_new_radio+0x2847/0x57d0
[  347.924606][T10904]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  347.924655][T10904]  ? __asan_memcpy+0x3c/0x60
[  347.924695][T10904]  hwsim_new_radio_nl+0xc1f/0x1340
[  347.924739][T10904]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  347.924790][T10904]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280
[  347.924821][T10904]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280
[  347.924857][T10904]  genl_family_rcv_msg_doit+0x214/0x300
[  347.924886][T10904]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  347.924912][T10904]  ? genl_get_cmd+0x3ef/0x720
[  347.924946][T10904]  ? bpf_lsm_capable+0x9/0x10
[  347.924972][T10904]  ? security_capable+0x80/0x260
[  347.925011][T10904]  ? ns_capable+0xd2/0xf0
[  347.925039][T10904]  genl_rcv_msg+0x560/0x800
[  347.925068][T10904]  ? __pfx_genl_rcv_msg+0x10/0x10
[  347.925097][T10904]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  347.925152][T10904]  netlink_rcv_skb+0x159/0x420
[  347.925190][T10904]  ? __pfx_genl_rcv_msg+0x10/0x10
[  347.925219][T10904]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  347.925267][T10904]  ? netlink_deliver_tap+0x1ae/0xcc0
[  347.925309][T10904]  genl_rcv+0x28/0x40
[  347.925332][T10904]  netlink_unicast+0x5aa/0x870
[  347.925374][T10904]  ? __pfx_netlink_unicast+0x10/0x10
[  347.925420][T10904]  ? __pfx___might_resched+0x10/0x10
[  347.925459][T10904]  ? __lock_acquire+0x4a5/0x2630
[  347.925502][T10904]  netlink_sendmsg+0x8b0/0xda0
[  347.925549][T10904]  ? __pfx_netlink_sendmsg+0x10/0x10
[  347.925586][T10904]  ? __import_iovec+0x1d2/0x640
[  347.925620][T10904]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  347.925663][T10904]  ____sys_sendmsg+0x9e1/0xb70
[  347.925688][T10904]  ? __pfx_netlink_sendmsg+0x10/0x10
[  347.925731][T10904]  ? __pfx_____sys_sendmsg+0x10/0x10
[  347.925766][T10904]  ? __pfx_futex_wake_mark+0x10/0x10
[  347.925812][T10904]  ___sys_sendmsg+0x190/0x1e0
[  347.925844][T10904]  ? __pfx____sys_sendmsg+0x10/0x10
[  347.925920][T10904]  __sys_sendmsg+0x170/0x220
[  347.925957][T10904]  ? __pfx___sys_sendmsg+0x10/0x10
[  347.925993][T10904]  ? __x64_sys_futex+0x34f/0x4d0
[  347.926050][T10904]  do_syscall_64+0x106/0xf80
[  347.926086][T10904]  ? clear_bhb_loop+0x40/0x90
[  347.926118][T10904]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.926147][T10904] RIP: 0033:0x7f7f1359c799
[  347.926171][T10904] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  347.926196][T10904] RSP: 002b:00007f7f143a0028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  347.926222][T10904] RAX: ffffffffffffffda RBX: 00007f7f13815fa0 RCX: 00007f7f1359c799
[  347.926240][T10904] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003
[  347.926257][T10904] RBP: 00007f7f13632c99 R08: 0000000000000000 R09: 0000000000000000
[  347.926273][T10904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  347.926289][T10904] R13: 00007f7f13816038 R14: 00007f7f13815fa0 R15: 00007ffd82721648
[  347.926326][T10904]  </TASK>
[  349.465735][T10930] kvm: vcpu 4: requested lapic timer restore with starting count register 0x390=4294967104 (137438947328 ns) > initial count (6624 ns). Using initial count to start timer.
[  351.363396][T10973] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE�r��҄y�*�"�l-���y–��L̓���]'
[  351.391508][T10973] CPU: 0 UID: 0 PID: 10973 Comm: syz.1.1094 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[  351.391551][T10973] Tainted: [U]=USER
[  351.391561][T10973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  351.391603][T10973] Call Trace:
[  351.391613][T10973]  <TASK>
[  351.391624][T10973]  dump_stack_lvl+0x100/0x190
[  351.391671][T10973]  sysfs_warn_dup.cold+0x1c/0x28
[  351.391720][T10973]  sysfs_do_create_link_sd+0x113/0x140
[  351.391762][T10973]  sysfs_create_link+0x61/0xc0
[  351.391799][T10973]  device_add+0x675/0x1950
[  351.391835][T10973]  ? __pfx_device_add+0x10/0x10
[  351.391865][T10973]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  351.391911][T10973]  ? ieee80211_set_bitrate_flags+0x41b/0x6b0
[  351.391955][T10973]  wiphy_register+0x1e5b/0x2d30
[  351.391995][T10973]  ? __rtnl_unlock+0xb9/0xf0
[  351.392036][T10973]  ? netdev_run_todo+0x7a0/0x12c0
[  351.392083][T10973]  ? __pfx_wiphy_register+0x10/0x10
[  351.392124][T10973]  ? __asan_memset+0x23/0x50
[  351.392161][T10973]  ? minstrel_ht_alloc+0x5e6/0x7f0
[  351.392215][T10973]  ieee80211_register_hw+0x2cfd/0x4140
[  351.392273][T10973]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  351.392313][T10973]  ? __pfx___debug_object_init+0x10/0x10
[  351.392364][T10973]  ? find_held_lock+0x2b/0x80
[  351.392391][T10973]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  351.392435][T10973]  ? __hrtimer_setup+0x178/0x280
[  351.392474][T10973]  mac80211_hwsim_new_radio+0x2847/0x57d0
[  351.392540][T10973]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  351.392585][T10973]  ? __asan_memcpy+0x3c/0x60
[  351.392626][T10973]  hwsim_new_radio_nl+0xc1f/0x1340
[  351.392671][T10973]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  351.392731][T10973]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280
[  351.392762][T10973]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280
[  351.392800][T10973]  genl_family_rcv_msg_doit+0x214/0x300
[  351.392834][T10973]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  351.392861][T10973]  ? genl_get_cmd+0x3ef/0x720
[  351.392898][T10973]  ? bpf_lsm_capable+0x9/0x10
[  351.392925][T10973]  ? security_capable+0x80/0x260
[  351.392967][T10973]  ? ns_capable+0xd2/0xf0
[  351.392996][T10973]  genl_rcv_msg+0x560/0x800
[  351.393029][T10973]  ? __pfx_genl_rcv_msg+0x10/0x10
[  351.393058][T10973]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  351.393110][T10973]  netlink_rcv_skb+0x159/0x420
[  351.393148][T10973]  ? __pfx_genl_rcv_msg+0x10/0x10
[  351.393177][T10973]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  351.393231][T10973]  ? netlink_deliver_tap+0x1ae/0xcc0
[  351.393274][T10973]  genl_rcv+0x28/0x40
[  351.393297][T10973]  netlink_unicast+0x5aa/0x870
[  351.393342][T10973]  ? __pfx_netlink_unicast+0x10/0x10
[  351.393380][T10973]  ? __pfx___might_resched+0x10/0x10
[  351.393417][T10973]  ? __lock_acquire+0x4a5/0x2630
[  351.393460][T10973]  netlink_sendmsg+0x8b0/0xda0
[  351.393506][T10973]  ? __pfx_netlink_sendmsg+0x10/0x10
[  351.393543][T10973]  ? __import_iovec+0x1d2/0x640
[  351.393578][T10973]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  351.393625][T10973]  ____sys_sendmsg+0x9e1/0xb70
[  351.393651][T10973]  ? __pfx_netlink_sendmsg+0x10/0x10
[  351.393692][T10973]  ? __pfx_____sys_sendmsg+0x10/0x10
[  351.393735][T10973]  ? __pfx_futex_wake_mark+0x10/0x10
[  351.393783][T10973]  ___sys_sendmsg+0x190/0x1e0
[  351.393813][T10973]  ? __pfx____sys_sendmsg+0x10/0x10
[  351.393884][T10973]  __sys_sendmsg+0x170/0x220
[  351.393921][T10973]  ? __pfx___sys_sendmsg+0x10/0x10
[  351.393955][T10973]  ? __x64_sys_futex+0x34f/0x4d0
[  351.394006][T10973]  do_syscall_64+0x106/0xf80
[  351.394039][T10973]  ? clear_bhb_loop+0x40/0x90
[  351.394070][T10973]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.394096][T10973] RIP: 0033:0x7f7f1359c799
[  351.394124][T10973] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  351.394149][T10973] RSP: 002b:00007f7f143a0028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  351.394195][T10973] RAX: ffffffffffffffda RBX: 00007f7f13815fa0 RCX: 00007f7f1359c799
[  351.394213][T10973] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003
[  351.394230][T10973] RBP: 00007f7f13632c99 R08: 0000000000000000 R09: 0000000000000000
[  351.394245][T10973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  351.394261][T10973] R13: 00007f7f13816038 R14: 00007f7f13815fa0 R15: 00007ffd82721648
[  351.394298][T10973]  </TASK>
[  351.910932][T10953] block nbd8: shutting down sockets
[  354.095073][T11013] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  354.101531][T11013] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  354.109281][T11013] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  354.147261][T11013] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  355.464977][ T5146] Bluetooth: hci1: command 0x0c1a tx timeout
[  355.680317][T11074] FAULT_INJECTION: forcing a failure.
[  355.680317][T11074] name failslab, interval 1, probability 0, space 0, times 0
[  355.697177][T11074] CPU: 0 UID: 0 PID: 11074 Comm: syz.3.1121 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  355.697207][T11074] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  355.697213][T11074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  355.697223][T11074] Call Trace:
[  355.697228][T11074]  <TASK>
[  355.697234][T11074]  dump_stack_lvl+0x100/0x190
[  355.697260][T11074]  should_fail_ex.cold+0x5/0xa
[  355.697278][T11074]  ? tracepoint_add_func+0x2c5/0xf30
[  355.697292][T11074]  should_failslab+0xc2/0x120
[  355.697307][T11074]  __kmalloc_noprof+0xe0/0x850
[  355.697331][T11074]  ? __pfx_probe_sched_wakeup+0x10/0x10
[  355.697346][T11074]  tracepoint_add_func+0x2c5/0xf30
[  355.697360][T11074]  ? __pfx_probe_sched_wakeup+0x10/0x10
[  355.697374][T11074]  ? __pfx___mutex_lock+0x10/0x10
[  355.697397][T11074]  ? rcu_is_watching+0x12/0xc0
[  355.697420][T11074]  ? __pfx_probe_sched_wakeup+0x10/0x10
[  355.697434][T11074]  tracepoint_probe_register+0xc4/0x110
[  355.697450][T11074]  ? __pfx_tracepoint_probe_register+0x10/0x10
[  355.697464][T11074]  ? __pfx_probe_sched_wakeup+0x10/0x10
[  355.697478][T11074]  ? __lock_acquire+0x4a5/0x2630
[  355.697500][T11074]  tracing_start_sched_switch+0xaf/0x170
[  355.697523][T11074]  __ftrace_event_enable_disable+0x557/0x6f0
[  355.697541][T11074]  __ftrace_set_clr_event_nolock+0x390/0xc30
[  355.697564][T11074]  ftrace_set_clr_event+0x16e/0x330
[  355.697582][T11074]  ? __pfx_ftrace_set_clr_event+0x10/0x10
[  355.697600][T11074]  ? trace_get_user+0x3ae/0xa70
[  355.697619][T11074]  ftrace_event_write+0x259/0x2c0
[  355.697638][T11074]  ? __pfx_ftrace_event_write+0x10/0x10
[  355.697663][T11074]  vfs_write+0x2aa/0x1070
[  355.697677][T11074]  ? __pfx_ftrace_event_write+0x10/0x10
[  355.697697][T11074]  ? __pfx_vfs_write+0x10/0x10
[  355.697717][T11074]  ? __fget_files+0x215/0x3d0
[  355.697735][T11074]  ? __fget_files+0x21f/0x3d0
[  355.697754][T11074]  ksys_write+0x12a/0x250
[  355.697767][T11074]  ? __pfx_ksys_write+0x10/0x10
[  355.697786][T11074]  do_syscall_64+0x106/0xf80
[  355.697805][T11074]  ? clear_bhb_loop+0x40/0x90
[  355.697822][T11074]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.697837][T11074] RIP: 0033:0x7fabb339c799
[  355.697851][T11074] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  355.697864][T11074] RSP: 002b:00007fabb4287028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  355.697878][T11074] RAX: ffffffffffffffda RBX: 00007fabb3615fa0 RCX: 00007fabb339c799
[  355.697887][T11074] RDX: 0000000000000004 RSI: 0000200000000040 RDI: 0000000000000005
[  355.697904][T11074] RBP: 00007fabb3432c99 R08: 0000000000000000 R09: 0000000000000000
[  355.697913][T11074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  355.697922][T11074] R13: 00007fabb3616038 R14: 00007fabb3615fa0 R15: 00007ffd3c2943d8
[  355.697942][T11074]  </TASK>
[  355.697962][T11074] wakeup trace: Couldn't activate tracepoint probe to kernel_sched_wakeup
[  356.180936][ T5146] Bluetooth: hci2: command 0x0c1a tx timeout
[  356.186986][ T5835] Bluetooth: hci3: command 0x0c1a tx timeout
[  356.193001][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout
[  356.834765][T11103] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input21
[  358.831831][T11141] futex_wake_op: syz.3.1138 tries to shift op by -2048; fix this program
[  358.919264][T11140] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1138'.
[  359.686270][T11167] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1143'.
[  359.816117][T11167] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1143'.
[  362.247616][T11217] .^: entered promiscuous mode
[  362.518302][T11218] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input22
[  363.433048][T11239] synth uevent: /bus/virtio/drivers/virtio_rproc_serial: unknown uevent action string
[  369.290429][T11342] openvswitch: .^: Dropping previously announced user features
[  370.030371][T11361] Invalid ELF header magic: != ELF
[  373.402433][T11414] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE�r��҄y�*�"�l-���y–��L̓���]'
[  373.431099][T11414] CPU: 0 UID: 0 PID: 11414 Comm: syz.0.1204 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  373.431147][T11414] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  373.431158][T11414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  373.431174][T11414] Call Trace:
[  373.431183][T11414]  <TASK>
[  373.431193][T11414]  dump_stack_lvl+0x100/0x190
[  373.431239][T11414]  sysfs_warn_dup.cold+0x1c/0x28
[  373.431285][T11414]  sysfs_do_create_link_sd+0x113/0x140
[  373.431326][T11414]  sysfs_create_link+0x61/0xc0
[  373.431362][T11414]  device_add+0x675/0x1950
[  373.431397][T11414]  ? __pfx_device_add+0x10/0x10
[  373.431426][T11414]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  373.431472][T11414]  ? ieee80211_set_bitrate_flags+0x41b/0x6b0
[  373.431516][T11414]  wiphy_register+0x1e5b/0x2d30
[  373.431552][T11414]  ? __rtnl_unlock+0xb9/0xf0
[  373.431585][T11414]  ? netdev_run_todo+0x7a0/0x12c0
[  373.431610][T11414]  ? __pfx_wiphy_register+0x10/0x10
[  373.431633][T11414]  ? __asan_memset+0x23/0x50
[  373.431653][T11414]  ? minstrel_ht_alloc+0x5e6/0x7f0
[  373.431681][T11414]  ieee80211_register_hw+0x2cfd/0x4140
[  373.431712][T11414]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  373.431733][T11414]  ? __pfx___debug_object_init+0x10/0x10
[  373.431759][T11414]  ? find_held_lock+0x2b/0x80
[  373.431777][T11414]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  373.431800][T11414]  ? __hrtimer_setup+0x178/0x280
[  373.431820][T11414]  mac80211_hwsim_new_radio+0x2847/0x57d0
[  373.431855][T11414]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  373.431878][T11414]  ? __asan_memcpy+0x3c/0x60
[  373.431899][T11414]  hwsim_new_radio_nl+0xc1f/0x1340
[  373.431923][T11414]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  373.431950][T11414]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280
[  373.431966][T11414]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280
[  373.431985][T11414]  genl_family_rcv_msg_doit+0x214/0x300
[  373.432003][T11414]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  373.432017][T11414]  ? genl_get_cmd+0x3ef/0x720
[  373.432035][T11414]  ? bpf_lsm_capable+0x9/0x10
[  373.432050][T11414]  ? security_capable+0x80/0x260
[  373.432075][T11414]  ? ns_capable+0xd2/0xf0
[  373.432090][T11414]  genl_rcv_msg+0x560/0x800
[  373.432108][T11414]  ? __pfx_genl_rcv_msg+0x10/0x10
[  373.432123][T11414]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  373.432151][T11414]  netlink_rcv_skb+0x159/0x420
[  373.432172][T11414]  ? __pfx_genl_rcv_msg+0x10/0x10
[  373.432188][T11414]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  373.432216][T11414]  ? netlink_deliver_tap+0x1ae/0xcc0
[  373.432238][T11414]  genl_rcv+0x28/0x40
[  373.432251][T11414]  netlink_unicast+0x5aa/0x870
[  373.432281][T11414]  ? __pfx_netlink_unicast+0x10/0x10
[  373.432302][T11414]  ? __pfx___might_resched+0x10/0x10
[  373.432323][T11414]  ? __lock_acquire+0x4a5/0x2630
[  373.432347][T11414]  netlink_sendmsg+0x8b0/0xda0
[  373.432371][T11414]  ? __pfx_netlink_sendmsg+0x10/0x10
[  373.432391][T11414]  ? __import_iovec+0x1d2/0x640
[  373.432409][T11414]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  373.432433][T11414]  ____sys_sendmsg+0x9e1/0xb70
[  373.432447][T11414]  ? __pfx_netlink_sendmsg+0x10/0x10
[  373.432470][T11414]  ? __pfx_____sys_sendmsg+0x10/0x10
[  373.432488][T11414]  ? __pfx_futex_wake_mark+0x10/0x10
[  373.432512][T11414]  ___sys_sendmsg+0x190/0x1e0
[  373.432529][T11414]  ? __pfx____sys_sendmsg+0x10/0x10
[  373.432567][T11414]  __sys_sendmsg+0x170/0x220
[  373.432587][T11414]  ? __pfx___sys_sendmsg+0x10/0x10
[  373.432606][T11414]  ? __x64_sys_futex+0x34f/0x4d0
[  373.432635][T11414]  do_syscall_64+0x106/0xf80
[  373.432654][T11414]  ? clear_bhb_loop+0x40/0x90
[  373.432672][T11414]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  373.432687][T11414] RIP: 0033:0x7fb19079c799
[  373.432700][T11414] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  373.432714][T11414] RSP: 002b:00007fb19165f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  373.432729][T11414] RAX: ffffffffffffffda RBX: 00007fb190a15fa0 RCX: 00007fb19079c799
[  373.432739][T11414] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003
[  373.432747][T11414] RBP: 00007fb190832c99 R08: 0000000000000000 R09: 0000000000000000
[  373.432756][T11414] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  373.432768][T11414] R13: 00007fb190a16038 R14: 00007fb190a15fa0 R15: 00007ffe1ac9a4b8
[  373.432796][T11414]  </TASK>
[  374.197344][T11422] random: crng reseeded on system resumption
[  375.488963][T11452] block2mtd: illegal erase size
[  375.504254][T11452] netlink: 'syz.3.1213': attribute type 1 has an invalid length.
[  376.043168][T11463] FAULT_INJECTION: forcing a failure.
[  376.043168][T11463] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  376.089862][T11463] CPU: 0 UID: 0 PID: 11463 Comm: syz.0.1215 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  376.089889][T11463] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  376.089895][T11463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  376.089903][T11463] Call Trace:
[  376.089908][T11463]  <TASK>
[  376.089914][T11463]  dump_stack_lvl+0x100/0x190
[  376.089938][T11463]  should_fail_ex.cold+0x5/0xa
[  376.089955][T11463]  _copy_from_user+0x2e/0xd0
[  376.089971][T11463]  core_sys_select+0x2d0/0xbb0
[  376.089996][T11463]  ? __pfx_core_sys_select+0x10/0x10
[  376.090034][T11463]  ? __pfx_set_user_sigmask+0x10/0x10
[  376.090059][T11463]  ? __pfx_do_futex+0x10/0x10
[  376.090090][T11463]  do_pselect.constprop.0+0x238/0x270
[  376.090130][T11463]  ? __pfx_do_pselect.constprop.0+0x10/0x10
[  376.090166][T11463]  ? __x64_sys_futex+0x358/0x4d0
[  376.090199][T11463]  ? xfd_validate_state+0x129/0x190
[  376.090238][T11463]  __x64_sys_pselect6+0x149/0x1c0
[  376.090267][T11463]  do_syscall_64+0x106/0xf80
[  376.090298][T11463]  ? clear_bhb_loop+0x40/0x90
[  376.090327][T11463]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  376.090352][T11463] RIP: 0033:0x7fb19079c799
[  376.090373][T11463] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  376.090397][T11463] RSP: 002b:00007fb19165f028 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  376.090420][T11463] RAX: ffffffffffffffda RBX: 00007fb190a15fa0 RCX: 00007fb19079c799
[  376.090437][T11463] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000400
[  376.090452][T11463] RBP: 00007fb190832c99 R08: 0000000000000000 R09: 0000000000000000
[  376.090468][T11463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  376.090482][T11463] R13: 00007fb190a16038 R14: 00007fb190a15fa0 R15: 00007ffe1ac9a4b8
[  376.090517][T11463]  </TASK>
[  377.090197][T11477] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [1].
[  377.237911][T11480] zswap: compressor  not available
[  377.248098][T11486] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE�r��҄y�*�"�l-���y–��L̓���]'
[  377.325950][T11486] CPU: 1 UID: 0 PID: 11486 Comm: syz.3.1220 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  377.325980][T11486] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  377.325986][T11486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  377.325995][T11486] Call Trace:
[  377.326000][T11486]  <TASK>
[  377.326012][T11486]  dump_stack_lvl+0x100/0x190
[  377.326039][T11486]  sysfs_warn_dup.cold+0x1c/0x28
[  377.326060][T11486]  sysfs_do_create_link_sd+0x113/0x140
[  377.326081][T11486]  sysfs_create_link+0x61/0xc0
[  377.326100][T11486]  device_add+0x675/0x1950
[  377.326120][T11486]  ? __pfx_device_add+0x10/0x10
[  377.326135][T11486]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  377.326159][T11486]  ? ieee80211_set_bitrate_flags+0x41b/0x6b0
[  377.326184][T11486]  wiphy_register+0x1e5b/0x2d30
[  377.326206][T11486]  ? __rtnl_unlock+0xb9/0xf0
[  377.326227][T11486]  ? netdev_run_todo+0x7a0/0x12c0
[  377.326251][T11486]  ? __pfx_wiphy_register+0x10/0x10
[  377.326273][T11486]  ? __asan_memset+0x23/0x50
[  377.326292][T11486]  ? minstrel_ht_alloc+0x5e6/0x7f0
[  377.326320][T11486]  ieee80211_register_hw+0x2cfd/0x4140
[  377.326351][T11486]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  377.326380][T11486]  ? __pfx___debug_object_init+0x10/0x10
[  377.326407][T11486]  ? find_held_lock+0x2b/0x80
[  377.326422][T11486]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  377.326446][T11486]  ? __hrtimer_setup+0x178/0x280
[  377.326467][T11486]  mac80211_hwsim_new_radio+0x2847/0x57d0
[  377.326502][T11486]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  377.326530][T11486]  hwsim_new_radio_nl+0xc1f/0x1340
[  377.326553][T11486]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  377.326583][T11486]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280
[  377.326599][T11486]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280
[  377.326618][T11486]  genl_family_rcv_msg_doit+0x214/0x300
[  377.326636][T11486]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  377.326650][T11486]  ? genl_get_cmd+0x3ef/0x720
[  377.326668][T11486]  ? bpf_lsm_capable+0x9/0x10
[  377.326682][T11486]  ? security_capable+0x80/0x260
[  377.326704][T11486]  ? ns_capable+0xd2/0xf0
[  377.326719][T11486]  genl_rcv_msg+0x560/0x800
[  377.326736][T11486]  ? __pfx_genl_rcv_msg+0x10/0x10
[  377.326751][T11486]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  377.326780][T11486]  netlink_rcv_skb+0x159/0x420
[  377.326800][T11486]  ? __pfx_genl_rcv_msg+0x10/0x10
[  377.326816][T11486]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  377.326844][T11486]  ? netlink_deliver_tap+0x1ae/0xcc0
[  377.326867][T11486]  genl_rcv+0x28/0x40
[  377.326879][T11486]  netlink_unicast+0x5aa/0x870
[  377.326903][T11486]  ? __pfx_netlink_unicast+0x10/0x10
[  377.326923][T11486]  ? __pfx___might_resched+0x10/0x10
[  377.326942][T11486]  ? __lock_acquire+0x4a5/0x2630
[  377.326965][T11486]  netlink_sendmsg+0x8b0/0xda0
[  377.326991][T11486]  ? __pfx_netlink_sendmsg+0x10/0x10
[  377.327018][T11486]  ? __import_iovec+0x1d2/0x640
[  377.327038][T11486]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  377.327064][T11486]  ____sys_sendmsg+0x9e1/0xb70
[  377.327078][T11486]  ? __pfx_netlink_sendmsg+0x10/0x10
[  377.327101][T11486]  ? __pfx_____sys_sendmsg+0x10/0x10
[  377.327120][T11486]  ? __pfx_futex_wake_mark+0x10/0x10
[  377.327143][T11486]  ___sys_sendmsg+0x190/0x1e0
[  377.327160][T11486]  ? __pfx____sys_sendmsg+0x10/0x10
[  377.327198][T11486]  __sys_sendmsg+0x170/0x220
[  377.327218][T11486]  ? __pfx___sys_sendmsg+0x10/0x10
[  377.327237][T11486]  ? __x64_sys_futex+0x34f/0x4d0
[  377.327266][T11486]  do_syscall_64+0x106/0xf80
[  377.327285][T11486]  ? clear_bhb_loop+0x40/0x90
[  377.327303][T11486]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  377.327317][T11486] RIP: 0033:0x7fabb339c799
[  377.327331][T11486] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  377.327345][T11486] RSP: 002b:00007fabb4266028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  377.327360][T11486] RAX: ffffffffffffffda RBX: 00007fabb3616090 RCX: 00007fabb339c799
[  377.327370][T11486] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000005
[  377.327379][T11486] RBP: 00007fabb3432c99 R08: 0000000000000000 R09: 0000000000000000
[  377.327388][T11486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  377.327397][T11486] R13: 00007fabb3616128 R14: 00007fabb3616090 R15: 00007ffd3c2943d8
[  377.327417][T11486]  </TASK>
[  378.506290][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  378.522094][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  379.588004][T11524] HfR: entered promiscuous mode
[  379.754264][T11530] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE�r��҄y�*�"�l-���y–��L̓���]'
[  379.770962][T11530] CPU: 1 UID: 0 PID: 11530 Comm: syz.0.1233 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  379.771007][T11530] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  379.771017][T11530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  379.771034][T11530] Call Trace:
[  379.771043][T11530]  <TASK>
[  379.771052][T11530]  dump_stack_lvl+0x100/0x190
[  379.771097][T11530]  sysfs_warn_dup.cold+0x1c/0x28
[  379.771134][T11530]  sysfs_do_create_link_sd+0x113/0x140
[  379.771175][T11530]  sysfs_create_link+0x61/0xc0
[  379.771210][T11530]  device_add+0x675/0x1950
[  379.771245][T11530]  ? __pfx_device_add+0x10/0x10
[  379.771275][T11530]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  379.771318][T11530]  ? ieee80211_set_bitrate_flags+0x41b/0x6b0
[  379.771362][T11530]  wiphy_register+0x1e5b/0x2d30
[  379.771402][T11530]  ? __rtnl_unlock+0xb9/0xf0
[  379.771441][T11530]  ? netdev_run_todo+0x7a0/0x12c0
[  379.771483][T11530]  ? __pfx_wiphy_register+0x10/0x10
[  379.771522][T11530]  ? __asan_memset+0x23/0x50
[  379.771557][T11530]  ? minstrel_ht_alloc+0x5e6/0x7f0
[  379.771606][T11530]  ieee80211_register_hw+0x2cfd/0x4140
[  379.771660][T11530]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  379.771699][T11530]  ? __pfx___debug_object_init+0x10/0x10
[  379.771749][T11530]  ? find_held_lock+0x2b/0x80
[  379.771778][T11530]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  379.771832][T11530]  ? __hrtimer_setup+0x178/0x280
[  379.771872][T11530]  mac80211_hwsim_new_radio+0x2847/0x57d0
[  379.771933][T11530]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  379.771979][T11530]  ? __asan_memcpy+0x3c/0x60
[  379.772017][T11530]  hwsim_new_radio_nl+0xc1f/0x1340
[  379.772063][T11530]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  379.772116][T11530]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280
[  379.772146][T11530]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280
[  379.772183][T11530]  genl_family_rcv_msg_doit+0x214/0x300
[  379.772213][T11530]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  379.772240][T11530]  ? genl_get_cmd+0x3ef/0x720
[  379.772272][T11530]  ? bpf_lsm_capable+0x9/0x10
[  379.772299][T11530]  ? security_capable+0x80/0x260
[  379.772339][T11530]  ? ns_capable+0xd2/0xf0
[  379.772367][T11530]  genl_rcv_msg+0x560/0x800
[  379.772400][T11530]  ? __pfx_genl_rcv_msg+0x10/0x10
[  379.772429][T11530]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  379.772483][T11530]  netlink_rcv_skb+0x159/0x420
[  379.772519][T11530]  ? __pfx_genl_rcv_msg+0x10/0x10
[  379.772545][T11530]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  379.772599][T11530]  ? netlink_deliver_tap+0x1ae/0xcc0
[  379.772640][T11530]  genl_rcv+0x28/0x40
[  379.772662][T11530]  netlink_unicast+0x5aa/0x870
[  379.772702][T11530]  ? __pfx_netlink_unicast+0x10/0x10
[  379.772736][T11530]  ? __pfx___might_resched+0x10/0x10
[  379.772768][T11530]  ? __lock_acquire+0x4a5/0x2630
[  379.772806][T11530]  netlink_sendmsg+0x8b0/0xda0
[  379.772854][T11530]  ? __pfx_netlink_sendmsg+0x10/0x10
[  379.772890][T11530]  ? __import_iovec+0x1d2/0x640
[  379.772921][T11530]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  379.772963][T11530]  ____sys_sendmsg+0x9e1/0xb70
[  379.772985][T11530]  ? __pfx_netlink_sendmsg+0x10/0x10
[  379.773022][T11530]  ? __pfx_____sys_sendmsg+0x10/0x10
[  379.773053][T11530]  ? __pfx_futex_wake_mark+0x10/0x10
[  379.773097][T11530]  ___sys_sendmsg+0x190/0x1e0
[  379.773125][T11530]  ? __pfx____sys_sendmsg+0x10/0x10
[  379.773190][T11530]  __sys_sendmsg+0x170/0x220
[  379.773224][T11530]  ? __pfx___sys_sendmsg+0x10/0x10
[  379.773257][T11530]  ? __x64_sys_futex+0x34f/0x4d0
[  379.773306][T11530]  do_syscall_64+0x106/0xf80
[  379.773337][T11530]  ? clear_bhb_loop+0x40/0x90
[  379.773365][T11530]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  379.773389][T11530] RIP: 0033:0x7fb19079c799
[  379.773409][T11530] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  379.773433][T11530] RSP: 002b:00007fb19165f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  379.773456][T11530] RAX: ffffffffffffffda RBX: 00007fb190a15fa0 RCX: 00007fb19079c799
[  379.773472][T11530] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003
[  379.773488][T11530] RBP: 00007fb190832c99 R08: 0000000000000000 R09: 0000000000000000
[  379.773503][T11530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  379.773517][T11530] R13: 00007fb190a16038 R14: 00007fb190a15fa0 R15: 00007ffe1ac9a4b8
[  379.773551][T11530]  </TASK>
[  380.322871][ T5146] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  381.058160][T11552] ------------[ cut here ]------------
[  381.063919][T11552] IS_ERR(old)
[  381.063954][T11552] WARNING: kernel/tracepoint.c:367 at tracepoint_probe_unregister+0x837/0xd10, CPU#1: syz.2.1235/11552
[  381.078399][T11552] Modules linked in:
[  381.082498][T11552] CPU: 1 UID: 0 PID: 11552 Comm: syz.2.1235 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  381.093454][T11552] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  381.098634][T11552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  381.108711][T11552] RIP: 0010:tracepoint_probe_unregister+0x837/0xd10
[  381.115352][T11552] Code: cc e8 6d 2b fe ff 48 8d 73 f0 48 c7 c2 20 dc 09 82 48 c7 c7 40 31 87 8e e8 e6 79 e2 ff eb ba bb fe ff ff ff e8 4a 2b fe ff 90 <0f> 0b 90 eb ac e8 3f 2b fe ff 49 89 dd 45 31 ff 49 be 00 00 00 00
[  381.135780][T11552] RSP: 0018:ffffc90003c778a8 EFLAGS: 00010287
[  381.142059][T11552] RAX: 0000000000008959 RBX: 00000000fffffffe RCX: ffffc900067e9000
[  381.150025][T11552] RDX: 0000000000080000 RSI: ffffffff8209ed16 RDI: ffff88807a791e80
[  381.158460][T11552] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000
[  381.166741][T11552] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff821007e0
[  381.174746][T11552] R13: 0000000000000202 R14: 0000000000000002 R15: ffffffff8f786a60
[  381.182905][T11552] FS:  00007f6c7252b6c0(0000) GS:ffff88812444a000(0000) knlGS:0000000000000000
[  381.191927][T11552] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  381.198506][T11552] CR2: 0000001b30e1aff8 CR3: 0000000025e4c000 CR4: 00000000003526f0
[  381.206500][T11552] Call Trace:
[  381.209770][T11552]  <TASK>
[  381.212720][T11552]  tracing_stop_cmdline_record+0x66/0xa0
[  381.218385][T11552]  __ftrace_event_enable_disable+0x5c4/0x6f0
[  381.224416][T11552]  ftrace_event_set_open+0x224/0x380
[  381.229700][T11552]  do_dentry_open+0x6d8/0x1660
[  381.234498][T11552]  ? __pfx_ftrace_event_set_open+0x10/0x10
[  381.240451][T11552]  vfs_open+0x82/0x3f0
[  381.244669][T11552]  path_openat+0x208c/0x31a0
[  381.249267][T11552]  ? __pfx_path_openat+0x10/0x10
[  381.254239][T11552]  do_file_open+0x20e/0x430
[  381.258731][T11552]  ? __pfx_do_file_open+0x10/0x10
[  381.264160][T11552]  ? alloc_fd+0x476/0x790
[  381.268485][T11552]  ? do_getname+0x191/0x390
[  381.273219][T11552]  do_sys_openat2+0x10d/0x1e0
[  381.277888][T11552]  ? __pfx_do_sys_openat2+0x10/0x10
[  381.283106][T11552]  ? __fget_files+0x21f/0x3d0
[  381.287813][T11552]  __x64_sys_openat+0x12d/0x210
[  381.292699][T11552]  ? __pfx___x64_sys_openat+0x10/0x10
[  381.298070][T11552]  do_syscall_64+0x106/0xf80
[  381.302723][T11552]  ? clear_bhb_loop+0x40/0x90
[  381.307390][T11552]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  381.313289][T11552] RIP: 0033:0x7f6c7159c799
[  381.317695][T11552] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  381.337335][T11552] RSP: 002b:00007f6c7252b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  381.345937][T11552] RAX: ffffffffffffffda RBX: 00007f6c71815fa0 RCX: 00007f6c7159c799
[  381.354044][T11552] RDX: 0000000000020201 RSI: 0000200000000100 RDI: ffffffffffffff9c
[  381.362034][T11552] RBP: 00007f6c71632c99 R08: 0000000000000000 R09: 0000000000000000
[  381.370335][T11552] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  381.378552][T11552] R13: 00007f6c71816038 R14: 00007f6c71815fa0 R15: 00007ffe3c765e08
[  381.386803][T11552]  </TASK>
[  381.389854][T11552] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  381.397119][T11552] CPU: 1 UID: 0 PID: 11552 Comm: syz.2.1235 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  381.408039][T11552] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  381.413212][T11552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  381.423251][T11552] Call Trace:
[  381.426516][T11552]  <TASK>
[  381.429431][T11552]  dump_stack_lvl+0x100/0x190
[  381.434102][T11552]  vpanic+0x552/0x970
[  381.438068][T11552]  ? __pfx_vpanic+0x10/0x10
[  381.442563][T11552]  panic+0xd1/0xe0
[  381.446269][T11552]  ? __pfx_panic+0x10/0x10
[  381.450682][T11552]  check_panic_on_warn.cold+0x19/0x34
[  381.456050][T11552]  ? tracepoint_probe_unregister+0x837/0xd10
[  381.462021][T11552]  __warn.cold+0x191/0x348
[  381.466445][T11552]  __report_bug+0x296/0x3d0
[  381.470949][T11552]  ? tracepoint_probe_unregister+0x837/0xd10
[  381.476934][T11552]  ? __pfx___report_bug+0x10/0x10
[  381.481954][T11552]  ? rcu_is_watching+0x12/0xc0
[  381.486713][T11552]  ? trace_contention_end+0x140/0x180
[  381.492078][T11552]  ? __mutex_lock+0x26a/0x1b90
[  381.496837][T11552]  ? tracepoint_probe_unregister+0x31/0xd10
[  381.502750][T11552]  ? tracepoint_probe_unregister+0x837/0xd10
[  381.508716][T11552]  report_bug+0xb2/0x220
[  381.512947][T11552]  ? tracepoint_probe_unregister+0x837/0xd10
[  381.518912][T11552]  handle_bug+0x16a/0x2a0
[  381.523234][T11552]  exc_invalid_op+0x17/0x50
[  381.527724][T11552]  asm_exc_invalid_op+0x1a/0x20
[  381.532561][T11552] RIP: 0010:tracepoint_probe_unregister+0x837/0xd10
[  381.539135][T11552] Code: cc e8 6d 2b fe ff 48 8d 73 f0 48 c7 c2 20 dc 09 82 48 c7 c7 40 31 87 8e e8 e6 79 e2 ff eb ba bb fe ff ff ff e8 4a 2b fe ff 90 <0f> 0b 90 eb ac e8 3f 2b fe ff 49 89 dd 45 31 ff 49 be 00 00 00 00
[  381.558734][T11552] RSP: 0018:ffffc90003c778a8 EFLAGS: 00010287
[  381.564796][T11552] RAX: 0000000000008959 RBX: 00000000fffffffe RCX: ffffc900067e9000
[  381.572762][T11552] RDX: 0000000000080000 RSI: ffffffff8209ed16 RDI: ffff88807a791e80
[  381.580730][T11552] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000
[  381.588702][T11552] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff821007e0
[  381.596663][T11552] R13: 0000000000000202 R14: 0000000000000002 R15: ffffffff8f786a60
[  381.604624][T11552]  ? __pfx_probe_sched_switch+0x10/0x10
[  381.610170][T11552]  ? tracepoint_probe_unregister+0x836/0xd10
[  381.616141][T11552]  ? tracepoint_probe_unregister+0x836/0xd10
[  381.622130][T11552]  tracing_stop_cmdline_record+0x66/0xa0
[  381.627760][T11552]  __ftrace_event_enable_disable+0x5c4/0x6f0
[  381.633731][T11552]  ftrace_event_set_open+0x224/0x380
[  381.639005][T11552]  do_dentry_open+0x6d8/0x1660
[  381.643755][T11552]  ? __pfx_ftrace_event_set_open+0x10/0x10
[  381.649636][T11552]  vfs_open+0x82/0x3f0
[  381.653694][T11552]  path_openat+0x208c/0x31a0
[  381.658276][T11552]  ? __pfx_path_openat+0x10/0x10
[  381.663204][T11552]  do_file_open+0x20e/0x430
[  381.667693][T11552]  ? __pfx_do_file_open+0x10/0x10
[  381.672717][T11552]  ? alloc_fd+0x476/0x790
[  381.677063][T11552]  ? do_getname+0x191/0x390
[  381.681572][T11552]  do_sys_openat2+0x10d/0x1e0
[  381.686241][T11552]  ? __pfx_do_sys_openat2+0x10/0x10
[  381.691432][T11552]  ? __fget_files+0x21f/0x3d0
[  381.696096][T11552]  __x64_sys_openat+0x12d/0x210
[  381.700933][T11552]  ? __pfx___x64_sys_openat+0x10/0x10
[  381.706300][T11552]  do_syscall_64+0x106/0xf80
[  381.710882][T11552]  ? clear_bhb_loop+0x40/0x90
[  381.715547][T11552]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  381.721426][T11552] RIP: 0033:0x7f6c7159c799
[  381.725831][T11552] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  381.745426][T11552] RSP: 002b:00007f6c7252b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  381.753828][T11552] RAX: ffffffffffffffda RBX: 00007f6c71815fa0 RCX: 00007f6c7159c799
[  381.761787][T11552] RDX: 0000000000020201 RSI: 0000200000000100 RDI: ffffffffffffff9c
[  381.769742][T11552] RBP: 00007f6c71632c99 R08: 0000000000000000 R09: 0000000000000000
[  381.777705][T11552] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  381.785670][T11552] R13: 00007f6c71816038 R14: 00007f6c71815fa0 R15: 00007ffe3c765e08
[  381.793665][T11552]  </TASK>
[  381.796954][T11552] Kernel Offset: disabled
[  381.801277][T11552] Rebooting in 86400 seconds..