last executing test programs:

23.045837106s ago: executing program 0 (id=192):
r0 = epoll_create$auto(0x3a)
epoll_ctl$auto(r0, 0x1, 0x8000000000000000, 0x0)
ioctl$auto_XFS_IOC_FSBULKSTAT(r0, 0xc0205865, &(0x7f00000002c0)={&(0x7f00000001c0)=0x7, 0x4a, &(0x7f0000000200)="9cc434033f97ba0c4fbeac02cd49b3f89bbddfa0f41a09e02ddb5322d98a3b7489c4b9dda88a536f9f69a6e858af3c98e2397b3fb3ab9fe1576d73379fbf707d", &(0x7f0000000280)})
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0) (async)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0)
socket(0x29, 0x2, 0x0) (async)
socket(0x29, 0x2, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000180), 0x5090c3, 0x0)
mmap$auto(0x7ffffffd, 0x40000c, 0x11, 0x9b72, 0x2, 0x8000) (async)
mmap$auto(0x7ffffffd, 0x40000c, 0x11, 0x9b72, 0x2, 0x8000)
r1 = socket(0x1d, 0x1, 0x7fff)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8000)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0)
writev$auto(r3, &(0x7f0000000080)={&(0x7f0000000040), 0x1000}, 0x3) (async)
writev$auto(r3, &(0x7f0000000080)={&(0x7f0000000040), 0x1000}, 0x3)
socket(0x18, 0x5, 0x1)
syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000240), r1) (async)
syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000240), r1)
msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004)
socket(0x9, 0x2, 0x6)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) (async)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/icmp6\x00', 0xc0000, 0x0)
statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0) (async)
statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0)
ioctl$auto(r4, 0x40104d04, 0x7) (async)
ioctl$auto(r4, 0x40104d04, 0x7)

22.712531144s ago: executing program 0 (id=194):
r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0)
ioctl$auto_FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080))
mmap$auto(0x0, 0x2d56925f, 0xdc, 0x13, r0, 0x100000000)
r1 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000080), 0xc0402, 0x0)
shmat$auto(0xf81, &(0x7f0000000000)='/dev/ptp0\x00', 0x10001)
ioctl$auto_posix_clock_file_operations_posix_clock(r1, 0x40103d02, 0x0)

22.508326051s ago: executing program 0 (id=195):
mmap$auto(0x0, 0x202000b, 0x3, 0x2000f8, 0xfffffffffffffffa, 0x8000)
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$auto(r0, 0x10f, 0x8a, 0x0, 0x14)
r1 = fanotify_init$auto(0x5, 0x2000000000002)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45)
fanotify_mark$auto(r1, 0x451, 0x800000a, r2, 0x0)
mmap$auto(0x0, 0x2020009, 0x290, 0xeb1, 0xfffffffffffffffa, 0xffffffffffffffff)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0xffffffffffffffff, 0x300000000000)
io_uring_setup$auto(0xc, 0x0)
mprotect$auto(0x0, 0x8000000000000001, 0x8)
mprotect$auto(0x0, 0x806121, 0x6)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x1, 0x0)
sendto$auto(0x3, 0x0, 0x13, 0x7, &(0x7f0000000440)=@tipc=@id={0x1e, 0x3, 0x1, {0x4e24}}, 0x20)
setsockopt$auto(0x3, 0x10f, 0x8a, 0x0, 0x14)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
rename$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='./cgroup\x00')

22.192197712s ago: executing program 0 (id=196):
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/usbmon8\x00', 0x801, 0x0)
mmap$auto(0x0, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0)
clock_settime$auto(0xfffffffe, &(0x7f0000000000)={0x100000004, 0x8})
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/power/pm_test\x00', 0x20461, 0x0)
write$auto(r0, &(0x7f00000000c0)='&(--\x00', 0x8)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x400, 0x0)
socket(0x22, 0x1, 0x100)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$auto(0x10, r1, 0x1, 0x7ff)
ptrace$auto_PTRACE_SETREGSET(0x4205, r1, 0x2, 0x9193)
openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x14380, 0x0)
r2 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f00000000c0)={{0x0, 0x2, 0x200800, 0xffffffff, 0xfffffffb}, "0dd7fd004929347eeeccdf0732f77b1f6de0d6d51768a257a97ca5e9ca6310ea"})
ioctl$auto_SNDRV_TIMER_IOCTL_STATUS64(r2, 0x80605414, &(0x7f0000000000)={0x8, 0x3, 0x4, 0xba44, 0x2, 0xc, "e000265b7222b141ecb9fb5793abe8fdffdbcd2c02d3c293fa98882f5336d79fc5b8202cb37f6b6d22c42432352deb58e78afdbae76900"})
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x8, 0x62, 0x80000001, 0x7, 0x1, 0xc, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x401, 0x0)
getrandom$auto(0x0, 0x6000000, 0x3)
madvise$auto(0x0, 0xf663, 0x15)
close_range$auto(0x2, 0x8000, 0xe27)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8000, 0x0)
io_uring_setup$auto(0x40, &(0x7f0000000080)={0x7fffffff, 0xc, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x5, 0x7f, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}})
io_uring_enter$auto(r4, 0x9, 0x820e, 0x29, 0x0, 0x18)
syz_genetlink_get_family_id$auto_psample(0x0, r4)
sendmsg$auto_PSAMPLE_CMD_GET_GROUP(r4, 0x0, 0x0)

21.731731353s ago: executing program 0 (id=199):
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0)
r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cec2\x00', 0x101000, 0x0)
ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f00000000c0)={"58f99464", 0x8, 0x6, 0x1, 0x3, 0x5, "4bb69ec4b3f4c14539898e4c5682f5", "347f00", "a630df9d", "a0ed9959", ["cd9196b8fe1a8a7eb90401a9", "2f9c30017721de33c560b95a", "d3fe6c55a78d6932211c9b69", "ea334f1f1e5e27a1320d6edb"]})
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000048c0)='/dev/dsp1\x00', 0x20000, 0x0)
ioctl$auto_SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000180)="6da6b940dfe114cacac8b7cca871a393aaf922f69708e0")
close_range$auto(0x2, 0x8, 0x0)
r2 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
mmap$auto(0x0, 0x2020005, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_ETHTOOL_MSG_FEC_SET(0xffffffffffffffff, 0x0, 0x20004000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyr4\x00', 0x1, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0)
ioctl$auto_TIOCSTI2(r3, 0x5412, &(0x7f0000000840)="13")
ioctl$auto_TIOCSTI2(r3, 0x5412, 0x0)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\b', @ANYRES16=0x0, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=ANY=[@ANYBLOB="141e00dd7f0038537b7ff52045486a0bdc6901c61ba3777428b50129f254b446ab6e3cd3484bc5bcf0c592fda4190103f7628098f1a4beb3baedae7f610449c0a60af75192dab729c77501353be2d6a1f14874b6bf8502f42e46d89d75ff897b6c7e9ba71ce612dac5b0d20585e9179c0db9e9a4e4d921abdbc02e1f7933ad0634219be36cef0bc6f309551f8711769dfbc465b60f8436f24f87c89bee8aaae1eab8266fb70f08eb1904ebd16797f22648", @ANYRES16=0x0, @ANYBLOB="000326bd7000fedbdf2502000000"], 0x14}, 0x1, 0x0, 0x0, 0x4c894}, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x9}, 0x3, 0x0)
write$auto(0xca, &(0x7f0000000040)='\x045h\xd5\x89|d\v\x00\x00\x00\x00\x81\x00\x00\x00\xf6\xf5\x00\xdf\xff\x00', 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event1\x00', 0x8000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$auto_MACSEC_CMD_UPD_RXSC(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, r4, 0x201, 0x70bd2c, 0x25dfdbfe, {}, [@MACSEC_ATTR_RXSC_CONFIG={0x10, 0x2, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0x4}]}, @MACSEC_ATTR_IFINDEX={0x8}]}, 0x2c}}, 0x480b0)
prctl$auto(0x7, 0x1, 0x0, 0x1, 0x2000000000000)

21.463475123s ago: executing program 0 (id=201):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0)
ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) (async, rerun: 64)
lseek$auto(0x3, 0x7fffffffffffffff, 0x1) (async, rerun: 64)
unshare$auto(0x40000080)
r1 = openat$auto_cgwb_debug_stats_fops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/bdi/8:0/wb_stats\x00', 0x20000, 0x0)
read$auto_cgwb_debug_stats_fops_(r1, &(0x7f0000000300)=""/207, 0xcf)
ioctl$auto(0x3, 0xae41, 0xffffffffffffffff) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
timer_create$auto(0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/swradio11\x00', 0x80002, 0x0)
mmap$auto(0x1000000, 0x9, 0xffb, 0x8000000008011, 0x3, 0x6) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0xffff) (async, rerun: 64)
close_range$auto(0x2, 0x8, 0x0) (async, rerun: 64)
socket(0x2, 0x80802, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffff6, 0x8000) (async)
close_range$auto(0x2, 0xffffffffffffffff, 0x0) (async)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x163340, 0x2a) (async)
r2 = socket(0x2a, 0x2, 0x1)
connect$auto(r2, &(0x7f0000000140)=@qipcrtr={0x2a, 0x1}, 0x57) (async)
write$auto(0x3, 0x0, 0x3f00) (async)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) (async)
socket(0x2b, 0x1, 0x0) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffa, 0x8000) (async, rerun: 64)
getrandom$auto(0x0, 0x6000000, 0x3) (rerun: 64)
mmap$auto(0x0, 0x810004, 0x2000000efb, 0x8000000008011, 0xffffffffffffffff, 0x8000)

18.308104872s ago: executing program 2 (id=207):
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x82002, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
mmap$auto(0x8000000002000, 0x128009, 0x8000000000000001, 0x200000eb1, r0, 0x20000018000)
socket(0x21, 0x2, 0x2)
mmap$auto(0x0, 0x28da, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
mmap$auto(0x0, 0x7ffffffff000, 0x8004, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x7fffffff, 0x7f, 0x2eb1, 0x401, 0x2000000000008000) (async)
mmap$auto(0x0, 0x7fffffff, 0x7f, 0x2eb1, 0x401, 0x2000000000008000)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptywd\x00', 0x4dae02, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_percpu_stats_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x40040, 0x0) (async)
openat$auto_percpu_stats_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x40040, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000140), r2)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r3=>0x0})
sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd7000fddbdf250800030008000300", @ANYRES32=r3], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097d751f33e}, 0x80) (async)
sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd7000fddbdf250800030008000300", @ANYRES32=r3], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097d751f33e}, 0x80)
setsockopt$auto_SO_BROADCAST(0xffffffffffffffff, 0x6, 0x6, &(0x7f00000000c0)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x40)
r4 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x103041, 0x0)
write$auto(r4, &(0x7f0000000200)='ev_\x00\x00\x00\x00\x00`F\xfa\x89\x1a?\xba\x98\xba\xda\x93\xd7\x87\x88\rR\a\x94\a\xc5pd[\xdc\x05c!\xa6\xcc\xb5\xbeoTx\xf1\x96\xc0\x80\xbb\"\x00\xc2\'s\xdd\'\xd0\xc1i\a\xca\x0e\xf8\xc55C_\xfd\xe1\xa3\xeb\xc3\xdd<e3||H{\x8f\xb1\xc1\xa5\xb51\x9dcVE\xa25\x8e\x86m\x13u\b\xcc3v\xb4\xe5L\x83^%nQ<\xc6/\xf8\xa8\n\x1bW\xbf\xe3\xba\xaf\x81 0[F\'\xa6:[-\xdex\xc7\x18G\x85', 0x7)
ioctl$auto_XFS_IOC_READLINK_BY_HANDLE(0xffffffffffffffff, 0xc038586c, &(0x7f0000000280)={0xffffffffffffffff, &(0x7f0000000040)="36382843cbf647a308387752cf206143902799f714d3da792af73a2f51252c2924ba2758ab0a48d458fbe6a143f7d73b7035e954be54776dfb99d2e4055cbc993ef0467a8d1339bfea", 0xfd, 0x0, 0x0, 0x0, 0x0})
close_range$auto(0x2, 0x8, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$auto_KVM_GET_MSRS(r5, 0x4068aea3, &(0x7f0000000080)={0xa8}) (async)
ioctl$auto_KVM_GET_MSRS(r5, 0x4068aea3, &(0x7f0000000080)={0xa8})

14.088205827s ago: executing program 1 (id=211):
mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) (async)
r0 = socket(0xa, 0x1, 0x84) (async)
r1 = io_uring_setup$auto(0x401, 0x0)
bind$auto(r1, &(0x7f0000000040)=@rc={0x1f, @any, 0x8}, 0x7)
r2 = socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
io_uring_setup$auto(0x401, 0x0) (async, rerun: 64)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) (async, rerun: 64)
getsockopt$auto(r2, 0x84, 0x80, 0x0, 0x0) (async)
r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/adsp1\x00', 0x20b42, 0x0)
ioctl$auto_SNDCTL_DSP_GETFMTS(r3, 0x8004500b, &(0x7f00000002c0)="bfe41123e42b44ccb3d11c558c7b") (async)
write$auto(0xca, &(0x7f0000000040)='\x04>\x01\r\xfb\xff\xf6OL\xc8\xbe\x94\xf2\xa2\x00\x00', 0x2d9) (async, rerun: 32)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (rerun: 32)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/nfs4.nametoid/content\x00', 0x2000, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r4, &(0x7f0000000100)=""/135, 0x87) (async, rerun: 32)
getsockopt$auto(r0, 0x84, 0xa, 0x0, 0x0) (rerun: 32)

12.280350815s ago: executing program 1 (id=213):
mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000)
openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = socket(0xa, 0x801, 0x106)
r2 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/oom_adj\x00', 0x48402, 0x0)
read$auto(r2, 0x0, 0x1f42)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) (async)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
fcntl$auto_F_SETPIPE_SZ(r1, 0x407, 0x5)
writev$auto(r3, &(0x7f00000001c0)={0x0, 0x9}, 0x3)
io_uring_register$auto_IORING_UNREGISTER_NAPI(0xffffffffffffffff, 0x1c, 0x0, 0x8)
listen$auto(0x3, 0x100)
ioctl$auto_VHOST_SET_OWNER(r0, 0xaf01, 0x5) (async)
ioctl$auto_VHOST_SET_OWNER(r0, 0xaf01, 0x5)

9.855094877s ago: executing program 1 (id=219):
r0 = clone3$auto(&(0x7f0000000200)={0x5, 0x81, 0x20000000000000, 0x200, 0xbc3, 0xfffffffffffffffa, 0x8, 0x2, 0x2, 0x2, 0x1}, 0xfffffffffffffff7)
rt_sigqueueinfo$auto(r0, 0x81, &(0x7f0000000000)={@siginfo_0_0={0xf9, 0x41, 0x7e73, @_sigfault={0x0, @_trapno=0x1e9}}})
set_mempolicy$auto(0x3, &(0x7f0000000000)=0x7, 0x9)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x40000008000)
unshare$auto(0x40000080)
socket(0x1e, 0x1, 0x0)
r1 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0x101500, 0x0)
readv$auto(r1, 0x0, 0x6)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001780)='/sys/kernel/mm/hugepages/hugepages-1048576kB/demote\x00', 0xa901, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0x401, 0x8000)
syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
bind$auto(0x3, 0x0, 0x6a)
setpgid$auto(0x0, 0xffffffffffffffff)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r3, 0x0, 0x20)
r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
syz_clone(0x2360411, 0x0, 0x0, 0x0, 0x0, 0x0)
write$auto(r2, &(0x7f0000000440)='7\x00\xf6\xf0\xef\xe4s\x95\xf2\x00\x97S\xb9O\xac\xbe\xd6\\J<\x02YK\xd6M\xe6\xe7\xa0\xb8\xc3[\x01\xc5\xe8|\xb0\xb0\x80\xbf\xa5?=i\x88UB\x1d\x8e\xd3\xc2\x949\xb6\xfb\x006\x02\x9c\x83\x14\x13\x99\xc7\xb4)M\xed\tN $\xd4\x90^?J\x92\x9a?\xf8b\x03\xd8\xdd\x84\xdf\x92\xf0\xcd\xd8\xbap\x15\x80\x9eo,\xc8\xf2\x82\xd2\x88\xbeL\xa0\x9b\x86_\xf0?\f<\xf3t7\xb6\x0f\x93\xc79@\xd8x\x9e\xef!\x006\b\xdbWB\x84\xdd\xac\xdau\x86g\x8f\x02@O7\x0f\xf8\x8d(\x9c\xf2NyD\x7f3\x14\x9eg\x86%)\xd6\b\xcd\x1f\x03\x00:\xa6\x83\'\xf4\xf2\x9dd\xf4z\x89\xc5D\xc4\x02\\\x81\xcf\x02Ep\xf6`\xde*\x1dV\x94R+\x94s\x84\xa4\xd4M\xa9\xea\\Vt\xde\xedS\xf8?\x91\xef\xb3 4^\xc9DO\x88Er\xb5\x82b\x8f\xfcd\xe3\x81\xf6\xe4\x16\xe1\x15\xaf\xf2q\xc41\xf5-\xcc\xcfj\x94\xce\xc2>\t=\xe5\"a\xde\x18\xd8\xe8', 0x4)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000)
open(0x0, 0x4242, 0xe1d2b27bdc14aabc)
syz_open_procfs$namespace(0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)

6.418075342s ago: executing program 32 (id=201):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0)
ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) (async, rerun: 64)
lseek$auto(0x3, 0x7fffffffffffffff, 0x1) (async, rerun: 64)
unshare$auto(0x40000080)
r1 = openat$auto_cgwb_debug_stats_fops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/bdi/8:0/wb_stats\x00', 0x20000, 0x0)
read$auto_cgwb_debug_stats_fops_(r1, &(0x7f0000000300)=""/207, 0xcf)
ioctl$auto(0x3, 0xae41, 0xffffffffffffffff) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
timer_create$auto(0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/swradio11\x00', 0x80002, 0x0)
mmap$auto(0x1000000, 0x9, 0xffb, 0x8000000008011, 0x3, 0x6) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0xffff) (async, rerun: 64)
close_range$auto(0x2, 0x8, 0x0) (async, rerun: 64)
socket(0x2, 0x80802, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffff6, 0x8000) (async)
close_range$auto(0x2, 0xffffffffffffffff, 0x0) (async)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x163340, 0x2a) (async)
r2 = socket(0x2a, 0x2, 0x1)
connect$auto(r2, &(0x7f0000000140)=@qipcrtr={0x2a, 0x1}, 0x57) (async)
write$auto(0x3, 0x0, 0x3f00) (async)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) (async)
socket(0x2b, 0x1, 0x0) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffa, 0x8000) (async, rerun: 64)
getrandom$auto(0x0, 0x6000000, 0x3) (rerun: 64)
mmap$auto(0x0, 0x810004, 0x2000000efb, 0x8000000008011, 0xffffffffffffffff, 0x8000)

6.40768171s ago: executing program 3 (id=226):
mmap$auto(0x100001, 0x400008, 0xdf, 0x11, 0x2, 0xffff)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x8000000401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x2, 0x3)
madvise$auto(0xfffffffffffffffe, 0xffffffffffff0001, 0x15)
mmap$auto(0x0, 0x4, 0x3, 0x20eb1, 0x40000000000a5, 0x8000)
process_vm_readv$auto(0x0, 0x0, 0x40000000005, 0x0, 0xc, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$auto_KVM_GET_MSRS(r2, 0x4068aea3, &(0x7f0000000080)={0x8f})
write$auto(r0, 0x0, 0x100000a3d9)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x40006, 0x21, 0x9b72, 0x7, 0x28000)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/003/001\x00', 0x1, 0x0)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000002480), 0xffffffffffffffff)
ioctl$auto(0xffffffffffffffff, 0x540a, 0x0)
mmap$auto(0xfffffffffffffffc, 0x400008, 0x40, 0x19, 0xffffffffffffffff, 0x800)
socket(0x2b, 0x80000, 0x4)
close_range$auto(0x2, 0x8, 0x0)
madvise$auto(0xffff, 0x100, 0xff00)
socket$nl_generic(0x10, 0x3, 0x10)
process_madvise$auto(r1, &(0x7f0000000100)={&(0x7f00000000c0)="e65e1676daf97687a6497e3449112a88d1645c3582b9e83d644ba48bb5b2b1fa3528c024ed6337ec28bc022c57576df96da2", 0x8}, 0x99a, 0xd7c3, 0x4c14)

5.832195684s ago: executing program 2 (id=227):
write$auto(0xffffffffffffffff, &(0x7f0000000180)='7k\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00,X\xb9\x0e\x11\xfb\x00\x00\x00\x00&!\x8f-\xfb\xea=\xc0\\\xec\xe7D\xe5V\xf1b\xa0\x9a\xa1\x88\xb4\x96\xf5\\\xad4\t\xca\x03\xe4\x15\v]\x00'/67, 0x81) (async)
timerfd_create$auto(0x9, 0x0) (async)
poll$auto(&(0x7f0000000000)={0xffffffffffffffff, 0x6, 0x5}, 0x81, 0x4) (async)
r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg1\x00', 0x4402, 0x0)
mmap$auto_sg_fops_sg(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x4, 0x10, r0, 0x1ba)
mq_open$auto(0x0, 0x7e, 0x9, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) (async)
r1 = socket(0xa, 0x3, 0x3b) (async)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) (async)
prctl$auto(0x3e, 0x2, 0x0, 0x4, 0x1)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) (async)
r2 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, 0x0, 0x103041, 0x0)
write$auto_ftrace_subsystem_filter_fops_trace_events(r2, 0x0, 0x0) (async)
write$auto(0xffffffffffffffff, 0x0, 0x100000a3d7)
mmap$auto(0x0, 0x6e, 0x4, 0xebe, 0xffffffffffffffff, 0x8) (async)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x539040, 0x0) (async)
r3 = clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
ptrace$auto(0x4206, r3, 0x0, 0x200005) (async)
kill$auto(r3, 0x8)
sendmsg$auto_NLBL_CIPSOV4_C_REMOVE(r1, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x40, 0x0, 0x2, 0x70bd2b, 0x25dfdbff, {}, [@NLBL_CIPSOV4_A_MLSCATREM={0x8}, @NLBL_CIPSOV4_A_MLSLVL={0xc, 0x7, 0x0, 0x1, [@typed={0x8, 0x35, 0x0, 0x0, @pid=r3}]}, @NLBL_CIPSOV4_A_TAG={0x5, 0x3, 0x7}, @NLBL_CIPSOV4_A_TAG={0x5, 0x3, 0x10}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x3}]}, 0x40}, 0x1, 0x0, 0x0, 0x40810}, 0x20008000) (async)
r4 = openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x2482, 0x0)
pread64$auto(r4, 0x0, 0x20000000001, 0x7fff) (async)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket(0x10, 0x2, 0x0) (async)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[], 0x68}, 0x1, 0x0, 0x0, 0x4094}, 0x40091) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xfffffffffffffe50, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x20000000}, 0x20040094) (async)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

4.802669882s ago: executing program 2 (id=228):
socket(0x25, 0x1, 0x0) (async)
r0 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000140), 0x180b03, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400)
shutdown$auto(0xffffffffffffffff, 0x2)
r1 = socket(0xa, 0x1, 0x100)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) (async)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
select$auto(0x1, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x5, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x9, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0x1]}, 0x0) (async)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004)
ioctl$auto(0x3, 0x2287, 0xffffffffffffffff) (async)
socket(0x23, 0x80805, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r3 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0)
openat$auto_proc_mem_operations_base(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)
sendfile$auto(r1, r0, &(0x7f00000010c0)=0x4c19, 0x5)
write$auto_proc_mem_operations_base(r3, &(0x7f0000000180)='\x00', 0x80058) (async)
prctl$auto(0x43, 0x17, 0x0, 0x7, 0x0)
prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0)
r4 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/lru_gen_full\x00', 0x0, 0x0) (async)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
sysfs$auto(0x2, 0x44, 0x0) (async)
r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/mpls/conf/caif0/input\x00', 0x82, 0x0)
sendfile$auto(r5, r5, 0x0, 0x7dfff001) (async)
fsopen$auto(0x0, 0x1) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
read$auto_lru_gen_rw_fops_vmscan(r4, &(0x7f00000000c0)=""/4096, 0x1000)

3.525598647s ago: executing program 1 (id=229):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
mmap$auto(0x0, 0x4, 0xffffffffffffffff, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0xaa482, 0x0)
ioctl$auto(r0, 0x40104d14, r0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_test\x00', 0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000001c00)=""/4111, 0x100f)
dup$auto(r0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x82002, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x201, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x261c2, 0x184)
openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000080)='/proc/kpageflags\x00', 0x2, 0x0)
readv$auto(0x3, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400)
ustat$auto(0x801, 0x0)
ustat$auto(0x4, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
r2 = socket(0x2, 0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
socket(0x2, 0x1, 0x106)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
socket(0x2, 0x1, 0x106)
listen$auto(0x3, 0x81)
sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)

3.392354768s ago: executing program 2 (id=230):
lseek$auto(0x3, 0x7fffffffffffffff, 0x1) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
socket(0x2, 0x80802, 0x0)
r0 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a) (async)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, 0x0, 0x9, 0x0, 0x1f, 0x9}, 0x800009}, 0x7, 0x20000000) (async)
lsm_list_modules$auto(0x0, 0x0, 0x0) (async)
setsockopt$auto(0x3, 0x1, 0x2f, 0x0, 0x9) (async)
write$auto(0x3, 0x0, 0xfffffdef) (async)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
connect$auto(0x3, 0x0, 0x54) (async)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x20800, 0x0) (async)
writev$auto(0x3, 0x0, 0x8) (async)
unshare$auto(0x40000080) (async)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r2 = ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
pidfd_send_signal$auto_PIDFD_SELF_THREAD_GROUP(0xffffffffffffb1e0, 0x200, 0x0, 0xfffffffe) (async)
bind$auto(r1, 0x0, 0xfffffffb) (async)
r3 = socket(0x10, 0x2, 0x4) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10) (async)
socket(0x29, 0x800, 0xb) (async)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/cpu/cpu1/hotplug/fail\x00', 0x100, 0x0) (async)
r6 = socket(0x10, 0x2, 0xc)
ioctl$auto_SNDRV_TIMER_IOCTL_CREATE(r2, 0xc02054a5, &(0x7f0000000080)={0x4, <r7=>r6, 0x9, "6e76d26d70a68e38aa34702aa3c365ce"})
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYRESOCT=r7, @ANYRESDEC=r5, @ANYRESOCT=r4], 0x18}, 0x1, 0x0, 0x0, 0x6000c011}, 0x4001081) (async)
write$auto(r3, &(0x7f0000000000)='-\x00', 0xfdef) (async)
r8 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
mmap$auto(0x1, 0x810004, 0xff8, 0x87e, r8, 0x8000)

3.317733455s ago: executing program 3 (id=231):
socket(0x11, 0x80003, 0x300)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff)
epoll_create$auto(0x4)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
mmap$auto(0x3ff, 0x3, 0xffffffff, 0x100000eb1, 0x40000000000a1, 0x4000008000)
r0 = socket(0x11, 0x80003, 0x2fe)
sendfile$auto(0x1, r0, 0x0, 0x8fb5)
r1 = fcntl$auto(0x0, 0x408, 0x100000)
setsockopt$auto_SO_OOBINLINE(0xffffffffffffffff, 0x3, 0xa, &(0x7f0000000080)='nlctrl\x00', 0x2)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r2)
sendmsg$auto_NL80211_CMD_SET_SAR_SPECS(r2, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000005c0)={0x20, r3, 0x1, 0x70bd2b, 0x25dfdbfb, {}, [@NL80211_ATTR_WDEV={0xc, 0x99, 0x1}]}, 0x20}, 0x1, 0x0, 0x0, 0x400c080}, 0x0)
sendmsg$auto_NL80211_CMD_REGISTER_BEACONS(r1, &(0x7f0000001140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000001100)={&(0x7f00000000c0)={0x1024, r3, 0x100, 0x70bd26, 0x25dfdbfc, {}, [@NL80211_ATTR_MLO_LINK_ID={0x5, 0x139, 0x7}, @NL80211_ATTR_TDLS_EXTERNAL_SETUP={0x4}, @NL80211_ATTR_STA_EXT_CAPABILITY={0x1004, 0xac, "5040d151fa65a427011f286f982d3a608c1c7fda775eb4549f225ac2ff5f4af59cad298c702aa865101498e66c2fe259e0751d540c7ac8a7ebd6b2e6dec86be8ddf2e985b10e6b8676f1085c5558eb864034c705859a56ee390422ae141ee58fe87fc8087e1c5756c3371e1a1167bbd132e30676782b53ba587f934fc7a0650544fc94ec2ef3a2c3e066993cfbe643b5796842b5d3c7d7ecfb4b491870e3f32d74aa1bb4326d130b3ccbb4b65d47ef03d118196a25965d99a6f2a556dbfb4786dd0a2fff04533002055cb4e4ca5789a1b699de62f6035ae3b2f0882d2e6108fd7cdbf10004036520fe695ea179eb0f6788d72f0200ddf32d754f2fe0c864908144e5dea29ef4d6300929fd26e9d8cdd337cd4151e242a93c30b44524a9e53d2cece8cd171df6a919e829706bd430ae49eb4923f3af60ec8ad3dea63c07a2a17bf5e4127f1b455ae9b903287d8fa1e86af0021e894b19096b73c55ddc28a6505a57560024c70fdd811323b0fd2d862f536efac55ef7ee9ae0dee8ac6c2c4f59e52a7ba8ecbf7188b4854145b37074da17ee9b228a0d74479c49dafb155c644cbe91c2e8acca629dc028ce49358a75a42087e47fdb1b6bed6ffa281a401ff64d8bb5fdc86808ed886254a8b5c8a1a39a61989350cfc1fadfe7291abedfdb5744e9dba3300a6d1bec44764b64c803c0aa8ba493b997226f92014a72925b3c72aebfc615e6088609861dd47fff5c3e76fc595dfbe363c6540f9c60d08fde507fadb6721222b2233733f1fdcf2d20609f4de5de42ad074d4ad9e17ab138b2bd3793a581230de1be95218f7f239dfe1790d76c1a549749dbd7d12ee1e6a90d7a9b3139aac15318eff0410a8a9b35f60a6307dd76d63077837b637da46de5af5d777bcb00988635889f53aaf577cf189c0fa9395b48cfb4678818738b3827237bdb5db80ad821d39878fabe8e5137506e48ea8cf358c86d472150d7c54b7c5e536f058c9f4fecfef773c2b0a718422ca7dac87f6fbc7441945ba7e1e2e7f77c6906a8df5e2c807ec364bdbf4dc357b9c61f0cbe521d5904d14508e790bf64d4abf6ed1f35c047ec04367aceccff28efa32b7580d8e0800b9ee3a32c0f7ad6da5786fdd9638cfbe7b7f75614f815b55a35d920634f517518b67d1be5e185fc5b82699ccac0d042b20bb36bd74bd953b19ecc9e1c7cb0250dbeb1c296deaf046563a7111b52f8f6353eb108db58df0d92e5476f6806ec13365a992c71bfd0bfdedb478ff3c544ee4d6d2c954ca615d8b9e00bc16714238b3696752a27899bb3d6bb3d8a9f1e6ec7ebfac272d277b4b5b7c564464dbb28616ceca2e36e84eb2e60f7bfa242e3f37c907c25a263fb7549a9e482c3748765ade4ec9254a09953856f7c00c0f2fa17a934b21c102d22279a67f1431e977a80b78df30b01079a49d8b41e12de9d813aca24666f0631b6d9f5ee4a4f167503b59b6257f1a575f7e73f47e5f0b72b7da14988f92746f7d5c442787ef1e7956db35cbce296de802fb6f591b17ac3fb077f5be334a2c19131464e001c2cf4415d7a6765219db4b549dd348f244c8b653162b9ab1645ce9716dd0b43dc5f016f17355cbd894d4d69ace7be5d1293fde27b299f376e8e8a2a41ecf1207e282d6d35734c3b98470e0ffedec896f173b1428a220549cbb804a94a279aca6793aaa4f3b5b7a2c2ccf054b920c13053f69df00f0e40515d2dac6e09b9e238c3fe9c1918136bff0ce0a247d1e025a621604ec30c0e9b3683403c4917686c227f253a1b3bcacc11bccb8f9b654a4b16434efc286f9b545005edca8f59d29a47fc089fd2f64aa81145b746cb7c3238485e50dcb6c5efb393d619a24c8e3913e722ad6f26e7f1e2dde3a10828dfcc41ab7e27d146c2ed321f21a0562c438670bbb1be39151960842c293c8a5151951bf9f70a4b2902a4666b9c9c6b80b471cdd8bb99cc6446b16e588fba72dd11edb862c9d93964fc121d14b4df62467e6141f43633f74c33f14155b489746cb03e4874891af3ee3e782557ee031f5ae9518f66628f902df3b02fc4fb8e4ee3584f8dfd7179aefc9de9eaf654caa74934c6b2a678c35fa4dd23459beb899f6c3fc998bd8053f1615e0661d92ca12c485caa9a06b2e2c863e7974432abad67c6e5ca3f285f09c4588902b5c6d32e9e064f1b02117a899cb751d10840f2e95b4e7b873291069f4a82c672da2437e71b4141c5dc1dcb21c4641b72d39f252aba3ba013a990e8e2a06a3d912595f9f4ce2b50793432ef9cbe4bc6797a252a22a7f0761c3b8ece8f5cbb50e384eb9c2f6d402b468466490e804fdf9e07be5d41116267f4b9b2c872c54a058f39677fd6b247a253653654b16fa61858cfffab935f91fd74f2f36ffa2ffecc8ed475f8751ba5b3fe3e65a17d5c5068a5dd47f4a3b968381ee1b3b2eef5c190ad5c4609ca2565c06493695d73e9c631faa67343a1345330f223c53a76a5dbcd7c5ab32a76b4e15831e916e6aec127d5aa42fa203bb12b2724408b7a63255385ece110eab057b2ed8095a7bb0aaeb80e41a57793c4825727114c5508187aabc69123656e9e5865085dc0f690a2b963963172e605d92fec22666cfe7e1ae5d172b6a957e06274d1a30d3628b523fedb3409a2e261898f34769c907780ebc52ee71aca8013f4b200c3106338976d625205f8f5c9a3e3fbea73638fe2b626c4453f9231ddd8ff8e9f9c7bdcdc603798ac3ce86c1d0888ff9114e3ffe45e25f732944a78f09f01bfa2186d2fa3b2a910485e51bbfeb283c76d3bcef8366feda75ef4cf1179e460236dda05f69c4d7f523c72fe05ec007ca7375279c65c4396d7e5d84f0e5b53a6e8b2b472e75af831c3d9cc0fd20f3d9ee2641fa1a57331d99cff9ffa0231fd3f959a7db78aa21b0a911903b5b0dd9f3893b0027a7d07206a064ca1f837fa423a0db61edab8c41968bd57cf0b2d0eef0d0a972ea01a41498204176af70b9e8831228b96bd6d1ee1467dcc68b7e8550547295a9ce33596327a7c87dee9d076110090df4f78ad0b011ca31600ef5bbc696f432d88f5a169d7e2f028c5e01c2db1be243cb04f815a047b8be0b713325708923b2fb3460bc4bf01a2d53e627d6611d7b44f0b4816ef801d71beab0f70a21347f236bf53fcfe330e64602ce23d572d20c3f2b3bf344144ef3c86fcfc8e6fbbf5c38b6294b8be0e12c958ccac6685c2b2c34a8bb8b01b0eb33df03da74ebaeeb237e526a7655654272f8f67a185cb84584495625e0646f18e2905a57d42f7d4b6a8cdb95e6b3d9111cb21c75ffbbaa7c49d541495e4da7a0a303846486c7b9b768d3ea9419ff23abe438ad42abf5784a3ef63c918b701ef0ba9d9c2acf12bd9395d4ab0d649e782069903b94ac8d3065cfa16da328af1a0e1328ac98461633a9357b7f19ccdb5247cc869a82355ca5ac2d44b8b48ec320c9146865a37c72206e0ab47a21c4eff75e94cfd97616a12b97c63df3ce96ec1e7bdddd6dfe044dff0a10c2aec9bc096db454b58d9758f8397c547b546228b946c95616a5822ace03a280b375642a2eb6808347b192eda666e4a955f073f7119f6a7bf054039ca6f0ec144d82e8a9c0e4006e5d13bb597eebcae555053564b17ff646f8de1229f374e4bc580645a94763398ec1ed4b6f72657f82483d3affab9bce34d3e20cc4bfb364efcf0cedaf2277152ef088755a4bf21842942b1909c9723fd970f9aa739fcf667070e046e8be8da8b0a49d4c4deef6b6fd4da013b7965f113209db86927670b990dfc915839ab5ba72dd483007ea49d484a7692a960e71de1d49875d53244d8655903eba68a36b410a8b07e65d54f53296c4205103b2f45f2b6b5b57fb6705ae2d600c2727fa13b6445bbc0af5655df80815ca299a7c2b37e5c4c483532f9f2daf3d0abe88c63765cbe264b754f5d9f5f64bb87d79da767f3e9ec8e4b85e2f8aa7948a61303301a987cfd67be9fdc47c2114f2044791c2cb1c491e1ab58ab35afe414a450557f2664c59c701f79cd58123e7940989cd9656f1fe91a6325b21c1a8487188b6e08cb863c19eb87520eaefa9987a87ef600daae422db0d60f9272596950ea16e7f0bf528dffb11f73be553afd6a6d0bb57c760390afc717bbb2a6143d8d386c780a76bd35e7fdb324ce2ca9ee21917532b4b58cdf741cef7b1a1b2b87f4b7319c9aa5616ca9c2342db6e8c7c9221ca3a779415eea6b5d7091af89b1731c184ef7bd35dff66f007d53bccd54f9b1324c6420826dee0e40211291e9373872f8704fcb3e7be8046f9dff8dbbc7267e19981a98f4bce2185d1297563e4aa707d7d5d71290b4f1804ef95e3f5f5c89b63214d4ebeef76f5cdeac9d8f7e53ecfdebe1db5462770a9e06702ff0707d652a372fe4c11487ce1ebe1cffb4f5634994bce28305e19aeb3817f4c994fdb17a8bc689a464af8b8c7c52b6f660d0f2d2c711448d3606c07f7ee348c4cc41c8aabca7362ee6552fe06f215056c2091bba61c50181e81563226566be3d13aacb97103d322535eec4fb56b448af5a1d289abcfc839da306a49567cac0af9d9e456e388554c9bf983d700650fc31231ef0d5ce91a88b81044ca7bf2f3b5ffc1f5d8c755792b4e8d0567caed927e45f56da518a096cf8bfc7b042710fbec6b0da34adca1c58576dad12145dd9a2e2d7f215ca1224a3cecea89d6d607d3362eb7faa8cac1713041d054769a6000469b822355c4b29b2b6105034b32f0b34017c10ffaf8f9792a48ed3bec452d3386a21ca634d1013c3935b1dd3ae19930d7a9f135a1ed06c5a8aebf9ca8779849dd7c13e76fa209fcababefd2c89f33af2923e22e241f20c8b61b9e8cb51612a3bf3fa7b26dd4e0cfcb5554a1acb518e9b1dafd44895fbf962dae758354d3cc88c71592d2f53b09bab3bf1bc2adee7dd06575d54b6af433bf284785149d2453dda5322f70795584f6c448812253c2225c4ba865d1b5a42d94625028595fc6ed6ebee06115cebc4e2d09d2aa6063d7962fdf6100945fbe2003b20ae4ca7255e618bd8e1db612865fcb8f3fdce19bbd6920659ca9ebc38e7b5cc1c102c9308cad00fe2eb9df3c7a5fb0fd03afcfbb66a2453c1360d1be78f988dd2387e3e42f3511ec6eab44872a7ffe75ee20abbc333efd2c626e8f1e166a92d5b8718ffeb0b2c2b63b8eaba62f6a6446d1b9feb4ad572e2dc361dc82d2d3573b6a8b66d89689fd88210910fe02dd4e7e0c431f26957d1592b6378e051147df1bdcadd1938896d8e4f13121edc51de7d67bc82436d653191216e0ba8ba19394010eb7d48a7319dd4662750267ec088c8298b38d1c7b58e02a694eaa1c43d8e7e529ab8f3945e727c86c4a2187c20445b2f3a66a7fb622d13fe98d1a96d28f708068befa15cf1c211581338a302f7669ddf2653e10eef1f10287726499aadb9c6788b3a3f200cd2c32977ba748bca8f414e205cd4523806300b024929681f38aff8a09079aa8f9109b218105ea6f0fb914d9ae9c0b052b217cea01f61138e0057540bf51e199cd6d2a9b93cb303060a77fc04258560693e8e17e36376667a09aa61726208914adadc9bfe6c791356dfeb8406dc6a9c949ca1559210409f77bf7876b383f5453d903c7af6c7c5f164d7104cda9d8b32cc97e82d626e31ef49ac6868618709bdf102095360e405c859e4f4ff0e17073be1233012890992198a4ce98111578932f1f081fc21bac7efd13944d39db5834422fa902c5a0c371376821f42876fb3e4c3ef9e6d2cc8245908d333f9c2b6ce8939"}]}, 0x1024}}, 0x800)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
ioctl$auto(r4, 0x4b37, 0x1)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/hung_task_check_interval_secs\x00', 0x88542, 0x0)

2.981431191s ago: executing program 1 (id=232):
statmount$auto(&(0x7f0000000200)={0xffffffff, @raw=0x2, 0x4, 0xffffffffffffffff, 0xa}, &(0x7f00000004c0)={0x4, 0x799b8630, 0x0, 0x7, 0x3, 0xf, 0x7, 0x1, 0x2, 0x9ec6, 0x4, 0x80000000, 0x8, 0x8, 0x2, 0x8, 0xfffffffffffffffd, 0x1, 0x7fd, 0x53, 0x7, 0xf6, 0x8001, 0x1, 0x8ec, 0x4, 0x369, 0x9, 0x1ff, 0x5, 0xffff6918, [0x1, 0x7, 0x1ff, 0xead, 0x6c81, 0x5, 0xffffffff80000001, 0x8, 0x5, 0x0, 0x80000000, 0x0, 0x2, 0x517f, 0x90, 0x5, 0xaa, 0x401, 0x33, 0xfa7, 0x5, 0x5, 0x7, 0xffffffffffffffff, 0x0, 0x400, 0xffffffffffffff9c, 0x6, 0xb, 0x9, 0x99, 0x7f, 0x1, 0x7, 0x3, 0x73d8, 0x21, 0xdaf, 0x9, 0x3, 0x100000000, 0x0, 0x7], "bc2689b1e5e6ab55c997e2f44fa88016d4d97300ecf71350a981894937bc8110a5e0df5177891a5e9f67524231a5551113e1029e248748d64bbf3c5e098e80e61b724b75fb511f09e0ce9fcdbd6131579579387949baf10318f8e45ed9b9745045b63710eac1938c3cce9f91ea219cc8b13ebc27495933b345783734a5f494f58cb12e32317e9fedab8e283f343cf82c15b6a0a10cbd4102a6c8cfc0482e564eae9d915e8f8c1fc40c2425caea7ae2342673b780d179ea01462d45387a11bc095bc898211d7055d5aefa31d8"}, 0x3, 0x10004) (async)
socket(0x25, 0x1, 0x0) (async)
r0 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000140), 0x180b03, 0x0) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
mmap$auto(0x8, 0x20009, 0x4000000000df, 0xeb3, r0, 0x8c00)
shutdown$auto(0xffffffffffffffff, 0x2) (async)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000380)='/sys/kernel/debug/lru_gen_full\x00', 0xc0000, 0x0) (async)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
select$auto(0x4000007, 0x0, 0x0, &(0x7f0000000040)={[0x100000000, 0x5, 0xd, 0x8fd6, 0x948b, 0x3, 0x6, 0x3, 0x3, 0x80000001, 0x80000001, 0x7, 0x1, 0x9, 0x5, 0x1]}, 0x0)
openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000340)='/proc/thread-self/oom_adj\x00', 0x234581, 0x0) (async)
r2 = pidfd_open$auto(0x1, 0x0)
readv$auto(r2, &(0x7f0000000a80)={0x0, 0x10003}, 0x1)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async, rerun: 64)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) (async, rerun: 64)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000010c0), 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETPOLICY(r3, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f00000003c0)=ANY=[@ANYRESHEX=r4, @ANYRES16=r4, @ANYBLOB="010325bd7000ffdbdf250a00000008000a0003000000090002007664706100000000d7ef324000054efa88d7d0961ea809d9c9e3996fb78434578ac006c575e2c4330cc126f7cfb009961a96c1e6dc622876956d275516070630a98de2bca75e3aaf84f606e64ae2fd1886b55d0fb47c2161ad21bd058a41481d2f83ac312906d74ad7ab98ce10a06aceb154b377a290350cb463bead7405e5db9973c41743ed6d810ed5af1c816f99474f464e2c46a987df6e764c843e04c5c9f2bb62"], 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0xc040810)
msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004)
ioctl$auto(0x3, 0x2287, 0xffffffffffffffff) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
r5 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000000240)='/proc/thread-self/mem\x00', 0x12401, 0x0) (async)
openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/debug/tracing/set_event_pid\x00', 0x40000, 0x0) (async)
r6 = open(0x0, 0x22240, 0x154)
fcntl$auto(r6, 0x400, 0x1)
ioctl$auto_BCH_IOCTL_DATA(r6, 0x4070bc0a, &(0x7f0000000280)={0x5, 0x7e, 0x80, 0x100, {0x14ac7879, 0x9, 0x8000000000000000}, {0x8, 0x200000000001, 0x8}, @migrate={0x4}}) (async)
openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/mem\x00', 0x44002, 0x0) (async)
write$auto_proc_mem_operations_base(r5, &(0x7f0000000180)='\x00', 0x80058) (async)
prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) (async, rerun: 64)
prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) (rerun: 64)

2.536255674s ago: executing program 2 (id=233):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21)
unshare$auto(0x40000080)
socket(0x23, 0x1, 0x8)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x40}, 0xa)
write$auto(r0, 0x0, 0x100000a3d9)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x109401, 0x0)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, 0x0, 0x180b03, 0x0)
unshare$auto(0x40000080)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000002480), 0xffffffffffffffff)
sendmsg$auto_TIPC_NL_MON_GET(r1, &(0x7f00000083c0)={0x0, 0x0, &(0x7f0000008380)={&(0x7f0000003680)={0x14, r2, 0x32f, 0x70bd2a, 0x25dfdbff, {0x12, 0x0, 0xf0}}, 0x14}, 0x1, 0x0, 0x0, 0x4801}, 0x8080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2506, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x3a32182}, 0xed7138b}, 0x2, 0x9)
recvmmsg$auto(0x4, 0x0, 0x7, 0xe, 0x0)

2.280118199s ago: executing program 3 (id=234):
r0 = openat$auto_rfcomm_sock_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000180), 0x200, 0x0)
lseek$auto(r0, 0x8000, 0x0)
ioperm$auto(0x3, 0xe, 0x2000000000000149)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/bond0/bonding/ad_actor_key\x00', 0x40000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000040)=""/44, 0x2c)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r2 = io_uring_setup$auto(0x6, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
fadvise64$auto(0xffffffffffffffff, 0x0, 0xffffffff80000001, 0x8)
mmap$auto(0x0, 0x99, 0xdf, 0xeb1, 0x401, 0x8000)
sysfs$auto(0x2, 0xd, 0x0)
r3 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r3, 0x8, 0x0, 0x0, 0x0)
r4 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r4, 0x8, 0x0, 0x0, 0x0)
socket(0x2, 0x5, 0x0)
r5 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x49080, 0x0)
mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8e051, r5, 0x0)
mmap$auto(0x0, 0xe, 0xfffffffffffffff9, 0x800008000801f, r2, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
listen$auto(0x3, 0x83)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
clone$auto(0x21, 0x7, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6)
recvmmsg$auto(0x3, 0x0, 0x10000, 0xfffff801, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
setregid$auto(0x81, 0x5)

1.975476687s ago: executing program 3 (id=235):
mmap$auto(0x4, 0xd, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/soft_watchdog\x00', 0x101201, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000b80)='/proc/sys/kernel/kptr_restrict\x00', 0x202, 0x0)
read$auto(r0, 0x0, 0xb5)
write$auto(0x3, 0x0, 0xfdef)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
prlimit64$auto(0xffffffffffffffff, 0x101, 0x0, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(', 0xa)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1c00, 0x0)
getpid()
r1 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
mmap$auto(0x0, 0x9, 0xdf, 0x9b72, 0x2, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
fcntl$auto(0x3, 0x4, 0xa553)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
select$auto(0x7, 0x0, &(0x7f0000000080)={[0x5, 0xc0b, 0x3, 0x16, 0x1001, 0xffffffffffffffff, 0xf, 0x9, 0xb, 0x1, 0x7ff, 0xffffffffffffffff, 0x5, 0x0, 0x1, 0x80000001]}, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0)
ioctl$auto_dvb_demux_fops_dmxdev(r2, 0x800a6f2f, 0x0)
openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000002000), 0x40, 0x0)
ioctl$auto__ctl_fops_dm_ioctl(r1, 0xfffffffffffffd02, 0x0)
pipe2$auto(&(0x7f00000000c0)=<r3=>0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f00000001c0), r3)
openat$auto_component_list_fops_(0xffffffffffffff9c, &(0x7f0000000200), 0x84000, 0x0)

1.920288852s ago: executing program 1 (id=236):
socket(0x26, 0x80805, 0x0)
mmap$auto(0x0, 0x400008, 0xdb, 0x9b72, 0x2, 0x8000)
setsockopt$auto(0x3, 0x10000000084, 0x11, 0x0, 0x8) (async)
mmap$auto(0x0, 0x202000a, 0x5, 0x2000eb1, 0xfffffffffffffffa, 0x2000008002) (async)
r0 = socket(0x5, 0x801, 0x33a2)
mmap$auto(0x0, 0x20002000c, 0xdf, 0x20eb1, r0, 0x8000) (async)
unshare$auto(0x40000080) (async)
openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x82802, 0x0) (async)
r1 = openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x8081, 0x0) (async)
close_range$auto(0xffffffffffffffff, 0x8, 0x0) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) (async)
fadvise64$auto_POSIX_FADV_SEQUENTIAL(0xffffffffffffffff, 0xca, 0x7, 0x2) (async, rerun: 32)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/igmp\x00', 0x100, 0x0) (rerun: 32)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) (async)
fcntl$getown(r1, 0x9) (async)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x40102, 0x0)
pread64$auto(r2, 0x0, 0x40000000f42c, 0x585) (async, rerun: 32)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0) (async, rerun: 32)
socket(0x29, 0x2, 0x0) (async)
openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r4 = prctl$auto(0x6, 0x3, 0x0, 0x8000000000000005, 0x20000000000) (async)
write$auto(r3, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9)
r5 = getpid()
mremap$auto(0x0, 0x6, 0x3fd7, 0x0, 0x20000020000000) (async)
process_vm_readv$auto(r5, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) (async)
ioctl$auto(0x3, 0x0, r4)

1.428352309s ago: executing program 3 (id=237):
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0)
ioctl$auto_TCSBRKP2(r0, 0x5425, &(0x7f0000000240)="65520f57ee3d3d795bae555259fd568b54489e2fae3bcd09175526820a5c1f8ba4dcccdcdcc56831a16cf9dc8f13097b697dc69118ff6451f2c5579409ab14a0ef8eb987d22f3800158581593918e759e8d55e6cab1d18fc9c81e51b0aa0dae844fad07c5d3a1ead4cb172c4bbdb10bc5be59ddcada8e0c9036eddfc222d78e0944a0464e1e2601fe833bac790")
write$auto_tty_fops_tty_io(r0, &(0x7f00000001c0)="352c8efa610c0bcf83a4ebdb040000000000000021cb2dc4e9956b244b19a48bb5e0d12df9735b745b9554dfb0ad77a37be296ebe6f598901d632a206d9bb0", 0x81)
ioctl$auto(r0, 0x200000, 0x38)
mmap$auto(0x10000, 0x80000000, 0x2000000000df, 0x9b7f, 0xfffffffffffffffe, 0x8000)
ustat$auto(0x801, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv6/conf/default/stable_secret\x00', 0x209e02, 0x0)
write$auto_proc_sys_file_operations_proc_sysctl(r2, 0x0, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0xff1, 0x8000)
io_uring_setup$auto(0x10, 0x0)
read$auto_lowpan_enable_fops_(r3, &(0x7f0000000340)=""/208, 0xd0)
bpf$auto(0x5, 0x0, 0x102)
getpid()
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0x8010, 0x788b)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x503002, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x1a1203, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r4, 0xc0045002, 0x0)
write$auto(0x3, 0x0, 0xffd8)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/graphics/fbcon/cursor_blink\x00', 0x111000, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000164c0), 0xffffffffffffffff)
mmap$auto(0x0, 0xb, 0xdf, 0xeb1, 0x401, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4002, 0x80000003, 0x7, 0x8, 0xffffffffffffffff, [0x0, 0x1, 0x9], {0xffffffff, 0x6, 0x400010, 0x2a1, 0x103, 0x7d, 0x101, 0x6, 0x2000}, {0x400100, 0x6, 0xfe000000, 0x7, 0x1, 0xdc, 0x76c5, 0x8, 0x100000000}})
mmap$auto(0x9, 0xe983, 0xdf, 0xeb1, r5, 0x6)

468.434007ms ago: executing program 3 (id=238):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$auto(0x3, 0x200000000001, 0x2e, 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/pci0000:00/0000:00:03.0/resource1\x00', 0x0, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0)
write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)='\t', 0x1)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0)
read$auto(r1, 0x0, 0x20)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
unshare$auto(0x40000080)
r2 = clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x5)
getsid$auto(r2)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r3, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0)
socket(0x18, 0x5, 0x1)
ioctl$auto_XFS_IOC_EXCHANGE_RANGE(0xffffffffffffffff, 0x40285881, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/status\x00', 0x109480, 0x0)
mmap$auto(0x0, 0x3, 0x1000000000001, 0x8000000008011, 0x3, 0x0)

0s ago: executing program 2 (id=239):
r0 = openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f0000000000), 0x8a001, 0x0)
getsockopt$auto_SO_MARK(r0, 0x1, 0x24, &(0x7f0000000040)='/P*)-){\x00', &(0x7f0000000080)=0x4)
mmap$auto(0x0, 0x20009, 0x4, 0x12, 0xffffffffffffffff, 0xf4e)
mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000)
r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r1, &(0x7f0000001bc0)="51426572911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde6727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb08dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e38782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009a3b0424a634681b530dad9ef23f136a10c7287068e57f3c2de45adf0a105c328e0035b97168f4c17aa4610b2e6e1a6ba0b71c06417b7a9497be4a009b19d7162adfd4d7b6490faf3782a920281333ad09b848ab5f4d15534b8c4e43dc9604b0630f8d349b2c80a98fde04693c31cbed7d460edfc0138dcc5d3974e682bbd555ac19625bf6e0607d8803391ec9c2dc41fc4e8bceae4f53507137324dd02914a067d52a577b812ddac4a34765c26a98839b3edb6290abff0c75991d6f8c1bd7540f38a7f25fec2f3539f894c938e1f3cf0ff1e6994d6a6ecc457a482f045ba712a85e8e31afd49c8e3480dc1c36d56ab2eceac6e5a847455d8ef4e3d45cd463c421bd1bce2ca57dd88f0e7ab3446cdfa8cb3914c240936f1738af7009e9131b240b59af55d7e38307b91fc8f00410cfdcfacaa341607a801afa63640091eb00b860700ea882878a8d9838f5597b970366be7d167ddebfe3c9253b5dbf7f30a67ee4d87dccb3c723c20200aa5fc036caf12811b19ce49c81ce328d7b24587353ecb99bafd327e33303cf447b36800d1bed8ee10df527d55c0d5f7506fb11cb1338074113579e665c6f3cffde5a8ee98a7bf3f8157986cf7c1c5dbdedaacbe3946b3d8809dec7387f006c062b93b6b481a806e5544ddeea7218fcc15c25a88164bfd0735e6290167cb2dbf4b4a317ba00b1fc27d203a6cff71ef8fe97a97d8e07af2ce1d0a0a2aa9ede7dd0572325075c83c2ecf866aa01654eff55ebe4e489e72152e6a3090e2348732704eb02997ffd23a63faabfbbbd1", 0x9c7)
ioctl$auto_TIOCSCTTY(r1, 0x540e, &(0x7f0000000280)="476029ed31cdc285b13dc14069ae702829cbae69fa183c2df172d00102a8c367ccdaf7ee9661f06f34439882d33eca00291a3199abb8aa2710a66d4a633807c747d7fc9e2e4b56d7f2aa3fa51c300a27f3e68168e8abd78dc7139f484a2e06cccb32d38608102b23a42f265808ab8c095e2c5e6b1e1d7cf9c30f19dbac45de10eb1b88a38fd36ebc0a8652bb455ed7c33a1d4d585078f5ab4ecc95879f9efab39596e75c0e9acb21b11228ee09eac0f2473e03a80d93092634830ee569c9496ed4855b928bab1d195fc3b4c867ed7643182c2442746a887949b4f0b67c75941cc43185ea93943b527d8fff80b14b1daa1b79432ee973de988424330f9b67")
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r3)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r5=>0x0})
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="2f212cbd7010ca705d845526cc0008000380", @ANYRES32=r5], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x8810)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0xe, 0x0, 0x20)
ioctl$auto_IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0)
shmctl$auto(0x0, 0xd, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001680), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_GET(r7, &(0x7f0000002300)={0x0, 0x0, &(0x7f00000022c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=r6, @ANYBLOB="110325bd7000fedbdf2501"], 0x14}}, 0x10040)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000000), r7)
syz_genetlink_get_family_id$auto_ovs_datapath(0x0, r7)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b74, r7, 0xfff)
socket(0x15, 0x5, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptyed\x00', 0x100, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.247' (ED25519) to the list of known hosts.
[   81.435568][ T5818] cgroup: Unknown subsys name 'net'
[   81.548369][ T5818] cgroup: Unknown subsys name 'cpuset'
[   81.557731][ T5818] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   83.047364][ T5818] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   85.240338][ T5831] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   85.248233][ T5831] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   85.252981][ T5836] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   85.257107][ T5831] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   85.263375][ T5836] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   85.271132][ T5831] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   85.277632][ T5836] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   85.291933][ T5831] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   85.299412][ T5831] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   85.300101][ T5836] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   85.307862][ T5831] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   85.315100][ T5836] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   85.322227][ T5831] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   85.330612][ T5836] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   85.342171][ T5836] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   85.349472][   T52] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   85.349621][ T5836] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   85.366171][ T5150] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   85.373690][   T52] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   85.382807][ T5834] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   85.873777][ T5828] chnl_net:caif_netlink_parms(): no params data found
[   86.050611][ T5827] chnl_net:caif_netlink_parms(): no params data found
[   86.083406][ T5839] chnl_net:caif_netlink_parms(): no params data found
[   86.148387][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.155665][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.163109][ T5828] bridge_slave_0: entered allmulticast mode
[   86.170991][ T5828] bridge_slave_0: entered promiscuous mode
[   86.184153][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.191614][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.198973][ T5828] bridge_slave_1: entered allmulticast mode
[   86.206631][ T5828] bridge_slave_1: entered promiscuous mode
[   86.231080][ T5833] chnl_net:caif_netlink_parms(): no params data found
[   86.325577][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   86.351095][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.358708][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.366016][ T5827] bridge_slave_0: entered allmulticast mode
[   86.373015][ T5827] bridge_slave_0: entered promiscuous mode
[   86.382744][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   86.402544][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.409830][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.417139][ T5827] bridge_slave_1: entered allmulticast mode
[   86.424118][ T5827] bridge_slave_1: entered promiscuous mode
[   86.506441][ T5828] team0: Port device team_slave_0 added
[   86.515728][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   86.525014][ T5839] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.532229][ T5839] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.540044][ T5839] bridge_slave_0: entered allmulticast mode
[   86.547535][ T5839] bridge_slave_0: entered promiscuous mode
[   86.567794][ T5828] team0: Port device team_slave_1 added
[   86.586492][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   86.595905][ T5839] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.603048][ T5839] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.610552][ T5839] bridge_slave_1: entered allmulticast mode
[   86.618167][ T5839] bridge_slave_1: entered promiscuous mode
[   86.636185][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.643309][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.650606][ T5833] bridge_slave_0: entered allmulticast mode
[   86.658410][ T5833] bridge_slave_0: entered promiscuous mode
[   86.668288][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.675573][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.682780][ T5833] bridge_slave_1: entered allmulticast mode
[   86.690990][ T5833] bridge_slave_1: entered promiscuous mode
[   86.759346][ T5827] team0: Port device team_slave_0 added
[   86.768388][ T5827] team0: Port device team_slave_1 added
[   86.797518][ T5839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   86.807694][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0
[   86.814644][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   86.842992][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   86.891455][ T5839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   86.909195][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1
[   86.917375][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   86.943350][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   86.970888][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   87.060925][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   87.104070][ T5839] team0: Port device team_slave_0 added
[   87.111591][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0
[   87.118584][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   87.144550][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   87.179698][ T5839] team0: Port device team_slave_1 added
[   87.186374][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1
[   87.193319][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   87.219652][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   87.237223][ T5828] hsr_slave_0: entered promiscuous mode
[   87.243534][ T5828] hsr_slave_1: entered promiscuous mode
[   87.251815][ T5833] team0: Port device team_slave_0 added
[   87.278921][ T5833] team0: Port device team_slave_1 added
[   87.333832][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_0
[   87.341120][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   87.367667][ T5839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   87.379712][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_1
[   87.386809][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   87.395686][   T52] Bluetooth: hci1: command tx timeout
[   87.412822][ T5839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   87.466981][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0
[   87.474291][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   87.474895][ T5837] Bluetooth: hci2: command tx timeout
[   87.505981][   T52] Bluetooth: hci3: command tx timeout
[   87.506039][ T5834] Bluetooth: hci0: command tx timeout
[   87.512687][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   87.533484][ T5827] hsr_slave_0: entered promiscuous mode
[   87.540454][ T5827] hsr_slave_1: entered promiscuous mode
[   87.546939][ T5827] debugfs: 'hsr0' already exists in 'hsr'
[   87.552712][ T5827] Cannot create hsr debugfs directory
[   87.566820][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1
[   87.573769][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   87.599764][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   87.706929][ T5839] hsr_slave_0: entered promiscuous mode
[   87.713144][ T5839] hsr_slave_1: entered promiscuous mode
[   87.719378][ T5839] debugfs: 'hsr0' already exists in 'hsr'
[   87.725347][ T5839] Cannot create hsr debugfs directory
[   87.762824][ T5833] hsr_slave_0: entered promiscuous mode
[   87.769544][ T5833] hsr_slave_1: entered promiscuous mode
[   87.775938][ T5833] debugfs: 'hsr0' already exists in 'hsr'
[   87.781689][ T5833] Cannot create hsr debugfs directory
[   88.141190][ T5828] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   88.172192][ T5828] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   88.182724][ T5828] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   88.200084][ T5828] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   88.243344][ T5827] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   88.255578][ T5827] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   88.278407][ T5827] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   88.289178][ T5827] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   88.362958][ T5839] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   88.387183][ T5839] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   88.402097][ T5839] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   88.423597][ T5839] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   88.493272][ T5833] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   88.506682][ T5833] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   88.517757][ T5833] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   88.537794][ T5833] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   88.624235][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0
[   88.698495][ T5828] 8021q: adding VLAN 0 to HW filter on device team0
[   88.725223][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.732498][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[   88.752754][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0
[   88.771688][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.778854][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[   88.813718][ T5827] 8021q: adding VLAN 0 to HW filter on device team0
[   88.848153][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0
[   88.868891][   T79] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.876008][   T79] bridge0: port 1(bridge_slave_0) entered forwarding state
[   88.908003][ T5839] 8021q: adding VLAN 0 to HW filter on device team0
[   88.933162][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0
[   88.949727][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.956906][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   88.967794][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.974914][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   88.998430][   T79] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.005587][   T79] bridge0: port 2(bridge_slave_1) entered forwarding state
[   89.043254][ T5833] 8021q: adding VLAN 0 to HW filter on device team0
[   89.102635][   T79] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.109845][   T79] bridge0: port 1(bridge_slave_0) entered forwarding state
[   89.148847][   T79] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.156044][   T79] bridge0: port 2(bridge_slave_1) entered forwarding state
[   89.322484][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0
[   89.412694][ T5828] veth0_vlan: entered promiscuous mode
[   89.448810][ T5828] veth1_vlan: entered promiscuous mode
[   89.478338][ T5834] Bluetooth: hci1: command tx timeout
[   89.556517][ T5834] Bluetooth: hci2: command tx timeout
[   89.559074][ T5828] veth0_macvtap: entered promiscuous mode
[   89.561947][ T5834] Bluetooth: hci3: command tx timeout
[   89.568048][ T5837] Bluetooth: hci0: command tx timeout
[   89.604385][ T5828] veth1_macvtap: entered promiscuous mode
[   89.668305][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0
[   89.678593][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0
[   89.710286][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1
[   89.759575][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0
[   89.778179][   T63] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   89.787946][   T63] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   89.804078][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0
[   89.812925][   T63] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   89.821889][   T63] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   89.890447][ T5827] veth0_vlan: entered promiscuous mode
[   89.903562][ T5827] veth1_vlan: entered promiscuous mode
[   90.006151][   T50] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.007631][ T5839] veth0_vlan: entered promiscuous mode
[   90.014083][   T50] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.041084][ T5827] veth0_macvtap: entered promiscuous mode
[   90.062119][ T5833] veth0_vlan: entered promiscuous mode
[   90.082011][ T5827] veth1_macvtap: entered promiscuous mode
[   90.098353][ T5839] veth1_vlan: entered promiscuous mode
[   90.112770][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.120784][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0
[   90.126567][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1
[   90.136604][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.155423][ T5833] veth1_vlan: entered promiscuous mode
[   90.182667][   T36] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.198608][   T36] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.216953][   T36] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.237765][   T36] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.242360][ T5828] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   90.312588][ T5839] veth0_macvtap: entered promiscuous mode
[   90.359588][ T5833] veth0_macvtap: entered promiscuous mode
[   90.396194][ T5839] veth1_macvtap: entered promiscuous mode
[   90.412074][   T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.429395][ T5833] veth1_macvtap: entered promiscuous mode
[   90.434751][   T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.500484][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0
[   90.536579][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0
[   90.558840][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1
[   90.577781][  T997] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.582352][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1
[   90.594056][  T997] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.616597][ T1344] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.631986][ T1344] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.649146][ T1344] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.659028][ T1344] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.690451][   T63] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.710980][   T63] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.735455][   T63] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.793949][   T63] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.919920][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.931062][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.993991][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.007327][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.022875][ T5929] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   91.202657][   T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.218701][   T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.313031][   T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.337447][   T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.555090][ T5837] Bluetooth: hci1: command tx timeout
[   91.635392][ T5837] Bluetooth: hci0: command tx timeout
[   91.635412][   T52] Bluetooth: hci2: command tx timeout
[   91.635448][   T52] Bluetooth: hci3: command tx timeout
[   91.777815][ T5936] process 'syz.3.4' launched '/dev/fd/3' with NULL argv: empty string added
[   91.866412][ T5939] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[   91.883569][ T5928] mmap: syz.1.2 (5928) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   91.906438][   T24] cfg80211: failed to load regulatory.db
[   92.215490][ T5945] busy
[   92.236816][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   92.415164][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   92.423820][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   92.485114][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   92.493878][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   93.005070][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   93.437851][ T5963] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11'.
[   93.453455][ T5963] Zero length message leads to an empty skb
[   93.467883][ T5963] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11'.
[   93.544951][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   93.680626][   T52] Bluetooth: hci1: command tx timeout
[   93.714872][   T52] Bluetooth: hci0: command tx timeout
[   93.720377][   T52] Bluetooth: hci2: command tx timeout
[   93.724795][ T5834] Bluetooth: hci3: command tx timeout
[   94.025771][ T5977] netlink: 28 bytes leftover after parsing attributes in process `syz.0.13'.
[   94.676414][    T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!!
[   95.225037][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   95.233606][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   95.868605][ T5992] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[   96.555575][ T6018] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   96.646516][ T6010] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[   97.243359][ T6033] capability: warning: `syz.0.25' uses 32-bit capabilities (legacy support in use)
[   98.056635][ T6044] Invalid ELF header magic: != ELF
[   98.647167][ T6057] usb usb36: usbfs: process 6057 (syz.3.31) did not claim interface 0 before use
[  100.613605][ T6079] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  101.979265][   T30] audit: type=1326 audit(1761692442.108:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6111 comm="syz.0.44" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4f1178efc9 code=0x0
[  102.762400][ T5837] Bluetooth: hci0: unexpected event 0x36 length: 123 > 7
[  103.679939][ T6132] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6
[  105.296388][ T6164] netlink: zone id is out of range
[  105.314759][ T6164] netlink: zone id is out of range
[  105.331166][ T6168] program syz.1.57 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  105.380076][ T6164] netlink: zone id is out of range
[  105.394193][ T6164] netlink: zone id is out of range
[  105.430795][ T6164] netlink: zone id is out of range
[  105.465716][ T6164] netlink: zone id is out of range
[  105.510857][ T6164] netlink: zone id is out of range
[  105.562114][ T6164] netlink: zone id is out of range
[  105.668597][ T6164] netlink: zone id is out of range
[  105.674767][ T6164] netlink: zone id is out of range
[  106.303829][ T6189] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[  106.329991][ T6189] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  106.391388][ T6189] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  106.404258][ T6189] page_type: f5(slab)
[  106.409895][ T6189] raw: 00fff00000000040 ffff88813ffa7140 dead000000000122 0000000000000000
[  106.419151][ T6189] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  106.429506][ T6189] head: 00fff00000000040 ffff88813ffa7140 dead000000000122 0000000000000000
[  106.511072][ T6189] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  106.577227][ T6189] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  106.606358][ T6189] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  106.628274][ T6189] page dumped because: unmovable page
[  106.643788][ T6189] page_owner tracks the page as allocated
[  106.650485][ T6189] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 36, tgid 36 (kworker/u8:2), ts 105106462488, free_ts 104997018708
[  106.727519][ T6189]  post_alloc_hook+0x1c0/0x230
[  106.736047][ T6189]  get_page_from_freelist+0x10a3/0x3a30
[  106.765379][ T6189]  __alloc_frozen_pages_noprof+0x25f/0x2470
[  106.774736][ T6189]  alloc_pages_mpol+0x1fb/0x550
[  106.785141][ T6189]  new_slab+0x24a/0x360
[  106.789360][ T6189]  ___slab_alloc+0xdae/0x1a60
[  106.804806][ T6189]  __slab_alloc.constprop.0+0x63/0x110
[  106.810550][ T6189]  __kmalloc_node_track_caller_noprof+0x4db/0x8a0
[  106.850983][ T6189]  kmalloc_reserve+0xef/0x2c0
[  106.861123][ T6189]  __alloc_skb+0x166/0x380
[  106.880006][ T6189]  nsim_dev_trap_report_work+0x2b1/0xcf0
[  106.905423][ T6189]  process_one_work+0x9cf/0x1b70
[  106.920756][ T6189]  worker_thread+0x6c8/0xf10
[  106.930891][ T6189]  kthread+0x3c5/0x780
[  106.941105][ T6189]  ret_from_fork+0x675/0x7d0
[  106.951415][ T6189]  ret_from_fork_asm+0x1a/0x30
[  106.964784][ T6189] page last free pid 5833 tgid 5833 stack trace:
[  107.003592][ T6189]  __free_frozen_pages+0x7df/0x1160
[  107.014930][ T6189]  __put_partials+0x130/0x170
[  107.025118][ T6189]  qlist_free_all+0x4d/0x120
[  107.032092][ T6189]  kasan_quarantine_reduce+0x195/0x1e0
[  107.044584][ T6189]  __kasan_slab_alloc+0x69/0x90
[  107.055857][ T6189]  __kmalloc_node_noprof+0x2ff/0x8a0
[  107.068026][ T6189]  __vmalloc_node_range_noprof+0x3e5/0x1480
[  107.081313][ T6189]  __vmalloc_node_noprof+0xad/0xf0
[  107.088132][ T6189]  do_ipt_get_ctl+0x63f/0xa10
[  107.092956][ T6189]  nf_getsockopt+0x7c/0xe0
[  107.099642][ T6189]  ip_getsockopt+0x18c/0x1e0
[  107.104382][ T6189]  tcp_getsockopt+0xa1/0x100
[  107.109514][ T6189]  do_sock_getsockopt+0x34d/0x440
[  107.115103][ T6189]  __sys_getsockopt+0x123/0x1b0
[  107.120200][ T6189]  __x64_sys_getsockopt+0xbd/0x160
[  107.126965][ T6189]  do_syscall_64+0xcd/0xfa0
[  110.188566][ T6317] netlink: 4 bytes leftover after parsing attributes in process `syz.0.78'.
[  111.260701][ T6301] futex_wake_op: syz.2.75 tries to shift op by -2048; fix this program
[  111.431078][ T6337] Invalid ELF header magic: != ELF
[  113.775728][ T6377] Invalid ELF header magic: != ELF
[  113.904017][ T6380] syz.0.89 uses obsolete (PF_INET,SOCK_PACKET)
[  114.952561][ T6407] FAULT_INJECTION: forcing a failure.
[  114.952561][ T6407] name failslab, interval 1, probability 0, space 0, times 0
[  115.025196][ T6407] CPU: 0 UID: 0 PID: 6407 Comm: syz.3.94 Not tainted syzkaller #0 PREEMPT(full) 
[  115.025218][ T6407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  115.025229][ T6407] Call Trace:
[  115.025234][ T6407]  <TASK>
[  115.025240][ T6407]  dump_stack_lvl+0x16c/0x1f0
[  115.025260][ T6407]  should_fail_ex+0x512/0x640
[  115.025282][ T6407]  ? __kmalloc_noprof+0xca/0x880
[  115.025306][ T6407]  should_failslab+0xc2/0x120
[  115.025325][ T6407]  __kmalloc_noprof+0xdd/0x880
[  115.025346][ T6407]  ? proc_create_reg+0xe3/0x180
[  115.025367][ T6407]  ? xfrm_hash_alloc+0xd1/0x100
[  115.025390][ T6407]  ? xfrm_hash_alloc+0xd1/0x100
[  115.025407][ T6407]  xfrm_hash_alloc+0xd1/0x100
[  115.025426][ T6407]  xfrm_state_init+0x15f/0x640
[  115.025449][ T6407]  ? __pfx_xfrm_net_init+0x10/0x10
[  115.025469][ T6407]  xfrm_net_init+0x210/0xcc0
[  115.025492][ T6407]  ? __pfx_xfrm_net_init+0x10/0x10
[  115.025512][ T6407]  ops_init+0x1e2/0x5f0
[  115.025528][ T6407]  setup_net+0x100/0x390
[  115.025542][ T6407]  ? __pfx_setup_net+0x10/0x10
[  115.025557][ T6407]  ? debug_mutex_init+0x37/0x70
[  115.025581][ T6407]  copy_net_ns+0x2f8/0x690
[  115.025598][ T6407]  create_new_namespaces+0x3ea/0xa90
[  115.025619][ T6407]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  115.025637][ T6407]  ksys_unshare+0x45b/0xa40
[  115.025656][ T6407]  ? __pfx_ksys_unshare+0x10/0x10
[  115.025675][ T6407]  ? xfd_validate_state+0x61/0x180
[  115.025701][ T6407]  __x64_sys_unshare+0x31/0x40
[  115.025719][ T6407]  do_syscall_64+0xcd/0xfa0
[  115.025735][ T6407]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.025750][ T6407] RIP: 0033:0x7f951498efc9
[  115.025764][ T6407] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.025777][ T6407] RSP: 002b:00007f95158cb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  115.025791][ T6407] RAX: ffffffffffffffda RBX: 00007f9514be6180 RCX: 00007f951498efc9
[  115.025800][ T6407] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  115.025809][ T6407] RBP: 00007f9514a11f91 R08: 0000000000000000 R09: 0000000000000000
[  115.025817][ T6407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  115.025825][ T6407] R13: 00007f9514be6218 R14: 00007f9514be6180 R15: 00007ffdbf0da9f8
[  115.025844][ T6407]  </TASK>
[  115.174875][ T6405] zswap: compressor  not available
[  115.372832][ T6415] futex_wake_op: syz.1.95 tries to shift op by -2048; fix this program
[  115.386848][ T6415] futex_wake_op: syz.1.95 tries to shift op by -2048; fix this program
[  115.475553][ T6415] FAULT_INJECTION: forcing a failure.
[  115.475553][ T6415] name failslab, interval 1, probability 0, space 0, times 0
[  115.574058][ T6415] CPU: 0 UID: 0 PID: 6415 Comm: syz.1.95 Not tainted syzkaller #0 PREEMPT(full) 
[  115.574095][ T6415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  115.574110][ T6415] Call Trace:
[  115.574119][ T6415]  <TASK>
[  115.574131][ T6415]  dump_stack_lvl+0x16c/0x1f0
[  115.574165][ T6415]  should_fail_ex+0x512/0x640
[  115.574201][ T6415]  ? __kmalloc_cache_noprof+0x5f/0x780
[  115.574243][ T6415]  should_failslab+0xc2/0x120
[  115.574278][ T6415]  __kmalloc_cache_noprof+0x72/0x780
[  115.574320][ T6415]  ? snd_timer_instance_new+0x47/0x2e0
[  115.574358][ T6415]  ? snd_timer_instance_new+0x47/0x2e0
[  115.574387][ T6415]  snd_timer_instance_new+0x47/0x2e0
[  115.574418][ T6415]  snd_seq_timer_open+0x1cc/0x600
[  115.574445][ T6415]  ? __pfx_snd_seq_timer_open+0x10/0x10
[  115.574472][ T6415]  ? find_held_lock+0x2b/0x80
[  115.574503][ T6415]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  115.574538][ T6415]  ? lockdep_hardirqs_on+0x7c/0x110
[  115.574566][ T6415]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  115.574597][ T6415]  queue_use+0xe3/0x250
[  115.574630][ T6415]  snd_seq_queue_alloc+0x2e5/0x5a0
[  115.574673][ T6415]  snd_seq_ioctl_create_queue+0xa9/0x390
[  115.574704][ T6415]  call_seq_client_ctl+0x9f/0x110
[  115.574734][ T6415]  snd_seq_kernel_client_ctl+0x77/0xd0
[  115.574763][ T6415]  alloc_seq_queue+0xda/0x180
[  115.574791][ T6415]  ? __pfx_alloc_seq_queue+0x10/0x10
[  115.574839][ T6415]  ? mark_held_locks+0x49/0x80
[  115.574870][ T6415]  ? _raw_spin_unlock_irq+0x23/0x50
[  115.574893][ T6415]  ? lockdep_hardirqs_on+0x7c/0x110
[  115.574924][ T6415]  snd_seq_oss_open+0x38c/0xa20
[  115.574960][ T6415]  odev_open+0x79/0xc0
[  115.574985][ T6415]  ? __pfx_odev_open+0x10/0x10
[  115.575011][ T6415]  soundcore_open+0x40c/0x580
[  115.575043][ T6415]  ? __pfx_soundcore_open+0x10/0x10
[  115.575070][ T6415]  chrdev_open+0x234/0x6a0
[  115.575099][ T6415]  ? __pfx_apparmor_file_open+0x10/0x10
[  115.575132][ T6415]  ? __pfx_chrdev_open+0x10/0x10
[  115.575160][ T6415]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  115.575194][ T6415]  do_dentry_open+0x982/0x1530
[  115.575224][ T6415]  ? __pfx_chrdev_open+0x10/0x10
[  115.575261][ T6415]  vfs_open+0x82/0x3f0
[  115.575298][ T6415]  path_openat+0x1de4/0x2cb0
[  115.575338][ T6415]  ? __pfx_path_openat+0x10/0x10
[  115.575368][ T6415]  ? __lock_acquire+0xb8a/0x1c90
[  115.575404][ T6415]  do_filp_open+0x20b/0x470
[  115.575432][ T6415]  ? __pfx_do_filp_open+0x10/0x10
[  115.575486][ T6415]  ? alloc_fd+0x471/0x7d0
[  115.575528][ T6415]  do_sys_openat2+0x11b/0x1d0
[  115.575564][ T6415]  ? __pfx_do_sys_openat2+0x10/0x10
[  115.575614][ T6415]  __x64_sys_openat+0x174/0x210
[  115.575651][ T6415]  ? __pfx___x64_sys_openat+0x10/0x10
[  115.575701][ T6415]  do_syscall_64+0xcd/0xfa0
[  115.575731][ T6415]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.575757][ T6415] RIP: 0033:0x7fe7b0f8efc9
[  115.575776][ T6415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.575800][ T6415] RSP: 002b:00007fe7af1ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  115.575824][ T6415] RAX: ffffffffffffffda RBX: 00007fe7b11e5fa0 RCX: 00007fe7b0f8efc9
[  115.575841][ T6415] RDX: 0000000000004000 RSI: 0000200000000100 RDI: ffffffffffffff9c
[  115.575857][ T6415] RBP: 00007fe7b1011f91 R08: 0000000000000000 R09: 0000000000000000
[  115.575873][ T6415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  115.575887][ T6415] R13: 00007fe7b11e6038 R14: 00007fe7b11e5fa0 R15: 00007ffe0e832a18
[  115.575925][ T6415]  </TASK>
[  117.460065][ T6446] ima: policy update failed
[  117.486019][   T30] audit: type=1802 audit(1761692457.598:3): pid=6446 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.103" res=0 errno=0
[  119.320980][ T6506] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  119.388010][ T6478] binder: 6443:6478 ioctl c018620c 0 returned -22
[  119.415039][ T6478] binder: 6443:6478 ioctl c018620c 0 returned -22
[  119.454319][ T6478] binder: 6443:6478 ioctl c018620c 0 returned -22
[  119.480712][ T6478] binder: 6443:6478 ioctl c018620c 0 returned -22
[  119.488201][ T6478] binder: 6443:6478 ioctl c018620c 0 returned -22
[  119.494968][ T6478] binder: 6443:6478 ioctl c018620c 0 returned -22
[  119.515172][ T6478] binder: 6443:6478 ioctl c018620c 0 returned -22
[  120.185174][ T6513] netlink: 28 bytes leftover after parsing attributes in process `syz.3.114'.
[  120.885183][   T30] audit: type=1800 audit(1761692461.008:4): pid=6522 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.116" name="file0" dev="tmpfs" ino=164 res=0 errno=0
[  120.978959][   T30] audit: type=1800 audit(1761692461.038:5): pid=6522 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.116" name="file0" dev="tmpfs" ino=164 res=0 errno=0
[  121.418458][ T6535] netlink: 342 bytes leftover after parsing attributes in process `syz.3.120'.
[  121.443280][ T6536] netlink: 342 bytes leftover after parsing attributes in process `syz.3.120'.
[  121.573897][ T6536] netlink: 8 bytes leftover after parsing attributes in process `syz.3.120'.
[  121.594906][ T6535] netlink: 8 bytes leftover after parsing attributes in process `syz.3.120'.
[  121.663527][ T6539] netlink: 8 bytes leftover after parsing attributes in process `syz.3.120'.
[  121.664824][ T6538] netlink: 8 bytes leftover after parsing attributes in process `syz.3.120'.
[  121.826813][ T6542] random: crng reseeded on system resumption
[  123.314141][ T6568] HfR: entered promiscuous mode
[  125.929846][   T30] audit: type=1800 audit(1761693489.055:6): pid=6620 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.135" name="dbroot" dev="configfs" ino=11822 res=0 errno=0
[  126.908445][ T6638] FAULT_INJECTION: forcing a failure.
[  126.908445][ T6638] name fail_futex, interval 1, probability 0, space 0, times 1
[  126.963795][ T6638] CPU: 1 UID: 0 PID: 6638 Comm: syz.3.140 Not tainted syzkaller #0 PREEMPT(full) 
[  126.963818][ T6638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  126.963826][ T6638] Call Trace:
[  126.963832][ T6638]  <TASK>
[  126.963837][ T6638]  dump_stack_lvl+0x16c/0x1f0
[  126.963858][ T6638]  should_fail_ex+0x512/0x640
[  126.963883][ T6638]  get_futex_key+0x1d0/0x1560
[  126.963904][ T6638]  ? __pfx_get_futex_key+0x10/0x10
[  126.963921][ T6638]  ? futex_private_hash_put+0x176/0x300
[  126.963950][ T6638]  futex_wake+0xea/0x530
[  126.963970][ T6638]  ? futex_wait+0x120/0x380
[  126.963982][ T6638]  ? __pfx_futex_wait+0x10/0x10
[  126.964004][ T6638]  ? __pfx_futex_wake+0x10/0x10
[  126.964029][ T6638]  ? __lock_acquire+0x622/0x1c90
[  126.964052][ T6638]  do_futex+0x1e3/0x350
[  126.964071][ T6638]  ? __pfx_do_futex+0x10/0x10
[  126.964090][ T6638]  ? find_held_lock+0x2b/0x80
[  126.964106][ T6638]  __x64_sys_futex+0x1e0/0x4c0
[  126.964125][ T6638]  ? __fget_files+0x20e/0x3c0
[  126.964155][ T6638]  ? __pfx___x64_sys_futex+0x10/0x10
[  126.964178][ T6638]  ? fdget+0x187/0x210
[  126.964194][ T6638]  do_syscall_64+0xcd/0xfa0
[  126.964211][ T6638]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.964227][ T6638] RIP: 0033:0x7f951498efc9
[  126.964239][ T6638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  126.964255][ T6638] RSP: 002b:00007f951590d0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  126.964268][ T6638] RAX: ffffffffffffffda RBX: 00007f9514be5fa8 RCX: 00007f951498efc9
[  126.964278][ T6638] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f9514be5fac
[  126.964286][ T6638] RBP: 00007f9514be5fa0 R08: 00007f951590e000 R09: 0000000000000000
[  126.964295][ T6638] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  126.964304][ T6638] R13: 00007f9514be6038 R14: 00007ffdbf0da910 R15: 00007ffdbf0da9f8
[  126.964323][ T6638]  </TASK>
[  127.947869][ T6653] RDS: rds_bind could not find a transport for ::ffff:172.20.20.187, load rds_tcp or rds_rdma?
[  127.967026][ T6653] RDS: rds_bind could not find a transport for ::ffff:172.20.20.187, load rds_tcp or rds_rdma?
[  128.108036][ T6660] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  128.258022][ T6664] random: crng reseeded on system resumption
[  128.273555][ T6658] FAULT_INJECTION: forcing a failure.
[  128.273555][ T6658] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  128.325420][ T6658] CPU: 1 UID: 0 PID: 6658 Comm: syz.1.144 Not tainted syzkaller #0 PREEMPT(full) 
[  128.325454][ T6658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  128.325470][ T6658] Call Trace:
[  128.325478][ T6658]  <TASK>
[  128.325487][ T6658]  dump_stack_lvl+0x16c/0x1f0
[  128.325519][ T6658]  should_fail_ex+0x512/0x640
[  128.325559][ T6658]  should_fail_alloc_page+0xe7/0x130
[  128.325594][ T6658]  prepare_alloc_pages+0x3c2/0x610
[  128.325636][ T6658]  __alloc_frozen_pages_noprof+0x18b/0x2470
[  128.325674][ T6658]  ? find_held_lock+0x2b/0x80
[  128.325701][ T6658]  ? is_bpf_text_address+0x8a/0x1a0
[  128.325735][ T6658]  ? bpf_ksym_find+0x124/0x1c0
[  128.325761][ T6658]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  128.325788][ T6658]  ? is_bpf_text_address+0x94/0x1a0
[  128.325818][ T6658]  ? kernel_text_address+0x8d/0x100
[  128.325853][ T6658]  ? __kernel_text_address+0xd/0x40
[  128.325876][ T6658]  ? unwind_get_return_address+0x59/0xa0
[  128.325915][ T6658]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  128.325962][ T6658]  ? policy_nodemask+0xea/0x4e0
[  128.325998][ T6658]  alloc_pages_mpol+0x1fb/0x550
[  128.326028][ T6658]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  128.326058][ T6658]  ? kasan_save_stack+0x33/0x60
[  128.326082][ T6658]  ? kasan_save_track+0x14/0x30
[  128.326108][ T6658]  ? __kasan_kmalloc+0xaa/0xb0
[  128.326132][ T6658]  ? __get_vm_area_node+0x101/0x330
[  128.326169][ T6658]  alloc_pages_noprof+0x131/0x390
[  128.326201][ T6658]  get_free_pages_noprof+0x10/0xb0
[  128.326229][ T6658]  kasan_populate_vmalloc+0x9f/0x2d0
[  128.326255][ T6658]  ? alloc_vmap_area+0x8b5/0x29e0
[  128.326291][ T6658]  alloc_vmap_area+0x960/0x29e0
[  128.326337][ T6658]  ? __pfx_alloc_vmap_area+0x10/0x10
[  128.326376][ T6658]  __get_vm_area_node+0x1ca/0x330
[  128.326415][ T6658]  __vmalloc_node_range_noprof+0x271/0x1480
[  128.326450][ T6658]  ? kernel_clone+0xfc/0x930
[  128.326488][ T6658]  ? kernel_clone+0xfc/0x930
[  128.326524][ T6658]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  128.326567][ T6658]  ? rcu_is_watching+0x12/0xc0
[  128.326596][ T6658]  ? kernel_clone+0xfc/0x930
[  128.326624][ T6658]  __vmalloc_node_noprof+0xad/0xf0
[  128.326668][ T6658]  ? kernel_clone+0xfc/0x930
[  128.326698][ T6658]  copy_process+0x2c77/0x76a0
[  128.326726][ T6658]  ? __pfx___futex_wait+0x10/0x10
[  128.326774][ T6658]  ? __pfx_copy_process+0x10/0x10
[  128.326802][ T6658]  ? futex_private_hash_put+0x176/0x300
[  128.326837][ T6658]  ? futex_private_hash_put+0x18a/0x300
[  128.326874][ T6658]  kernel_clone+0xfc/0x930
[  128.326904][ T6658]  ? __pfx_kernel_clone+0x10/0x10
[  128.326952][ T6658]  __do_sys_clone+0xce/0x120
[  128.326979][ T6658]  ? __pfx___do_sys_clone+0x10/0x10
[  128.327024][ T6658]  ? xfd_validate_state+0x61/0x180
[  128.327055][ T6658]  ? __pfx_do_writev+0x10/0x10
[  128.327088][ T6658]  do_syscall_64+0xcd/0xfa0
[  128.327118][ T6658]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.327143][ T6658] RIP: 0033:0x7fe7b0f8efc9
[  128.327162][ T6658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  128.327185][ T6658] RSP: 002b:00007fe7af1edfe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  128.327210][ T6658] RAX: ffffffffffffffda RBX: 00007fe7b11e5fa0 RCX: 00007fe7b0f8efc9
[  128.327226][ T6658] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  128.327239][ T6658] RBP: 00007fe7b1011f91 R08: 0000000000000000 R09: 0000000000000000
[  128.327253][ T6658] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  128.327266][ T6658] R13: 00007fe7b11e6038 R14: 00007fe7b11e5fa0 R15: 00007ffe0e832a18
[  128.327296][ T6658]  </TASK>
[  128.747387][ T6658] syz.1.144: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  128.764425][ T6658] CPU: 0 UID: 0 PID: 6658 Comm: syz.1.144 Not tainted syzkaller #0 PREEMPT(full) 
[  128.764462][ T6658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  128.764479][ T6658] Call Trace:
[  128.764488][ T6658]  <TASK>
[  128.764498][ T6658]  dump_stack_lvl+0x16c/0x1f0
[  128.764540][ T6658]  warn_alloc+0x248/0x3a0
[  128.764569][ T6658]  ? __pfx_warn_alloc+0x10/0x10
[  128.764598][ T6658]  ? kfree+0x2b8/0x6d0
[  128.764618][ T6658]  ? __get_vm_area_node+0x2cd/0x330
[  128.764659][ T6658]  ? __get_vm_area_node+0x2cd/0x330
[  128.764691][ T6658]  ? __get_vm_area_node+0x208/0x330
[  128.764731][ T6658]  __vmalloc_node_range_noprof+0xaf5/0x1480
[  128.764776][ T6658]  ? kernel_clone+0xfc/0x930
[  128.764815][ T6658]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  128.764857][ T6658]  ? rcu_is_watching+0x12/0xc0
[  128.764886][ T6658]  ? kernel_clone+0xfc/0x930
[  128.764914][ T6658]  __vmalloc_node_noprof+0xad/0xf0
[  128.764948][ T6658]  ? kernel_clone+0xfc/0x930
[  128.764980][ T6658]  copy_process+0x2c77/0x76a0
[  128.765010][ T6658]  ? __pfx___futex_wait+0x10/0x10
[  128.765060][ T6658]  ? __pfx_copy_process+0x10/0x10
[  128.765089][ T6658]  ? futex_private_hash_put+0x176/0x300
[  128.765125][ T6658]  ? futex_private_hash_put+0x18a/0x300
[  128.765162][ T6658]  kernel_clone+0xfc/0x930
[  128.765194][ T6658]  ? __pfx_kernel_clone+0x10/0x10
[  128.765244][ T6658]  __do_sys_clone+0xce/0x120
[  128.765274][ T6658]  ? __pfx___do_sys_clone+0x10/0x10
[  128.765321][ T6658]  ? xfd_validate_state+0x61/0x180
[  128.765354][ T6658]  ? __pfx_do_writev+0x10/0x10
[  128.765390][ T6658]  do_syscall_64+0xcd/0xfa0
[  128.765420][ T6658]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.765449][ T6658] RIP: 0033:0x7fe7b0f8efc9
[  128.765471][ T6658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  128.765496][ T6658] RSP: 002b:00007fe7af1edfe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  128.765527][ T6658] RAX: ffffffffffffffda RBX: 00007fe7b11e5fa0 RCX: 00007fe7b0f8efc9
[  128.765545][ T6658] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  128.765560][ T6658] RBP: 00007fe7b1011f91 R08: 0000000000000000 R09: 0000000000000000
[  128.765575][ T6658] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  128.765591][ T6658] R13: 00007fe7b11e6038 R14: 00007fe7b11e5fa0 R15: 00007ffe0e832a18
[  128.765627][ T6658]  </TASK>
[  128.765706][ T6658] Mem-Info:
[  129.178933][ T6658] active_anon:50578 inactive_anon:0 isolated_anon:0
[  129.178933][ T6658]  active_file:15272 inactive_file:40174 isolated_file:0
[  129.178933][ T6658]  unevictable:768 dirty:343 writeback:0
[  129.178933][ T6658]  slab_reclaimable:10836 slab_unreclaimable:92038
[  129.178933][ T6658]  mapped:45542 shmem:43329 pagetables:1216
[  129.178933][ T6658]  sec_pagetables:0 bounce:0
[  129.178933][ T6658]  kernel_misc_reclaimable:0
[  129.178933][ T6658]  free:1292085 free_pcp:12854 free_cma:0
[  129.264527][ T6658] Node 0 active_anon:208612kB inactive_anon:0kB active_file:61088kB inactive_file:160496kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:183868kB dirty:1372kB writeback:0kB shmem:175180kB shmem_thp:2048kB shmem_pmdmapped:2048kB anon_thp:0kB kernel_stack:11652kB pagetables:4712kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  129.328322][ T6658] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:152kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  129.435508][ T6658] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  129.485459][ T6658] lowmem_reserve[]: 0 2485 2487 2487 2487
[  129.568598][ T6658] Node 0 DMA32 free:1247436kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB free_highatomic:0KB active_anon:222112kB inactive_anon:0kB active_file:61088kB inactive_file:160496kB unevictable:1536kB writepending:1372kB zspages:0kB present:3129332kB managed:2545108kB mlocked:0kB bounce:0kB free_pcp:27820kB local_pcp:20504kB free_cma:0kB
[  129.663184][ T6658] lowmem_reserve[]: 0 0 1 1 1
[  129.690210][ T6658] Node 0 Normal free:0kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  129.783568][ T6658] lowmem_reserve[]: 0 0 0 0 0
[  129.788758][ T6658] Node 1 Normal free:3892344kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:17220kB local_pcp:11076kB free_cma:0kB
[  129.825173][ T6658] lowmem_reserve[]: 0 0 0 0 0
[  129.832377][ T6658] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  129.845957][ T6658] Node 0 DMA32: 719*4kB (UM) 395*8kB (U) 364*16kB (UE) 82*32kB (UE) 30*64kB (U) 22*128kB (U) 14*256kB (UM) 8*512kB (UME) 4*1024kB (UM) 1*2048kB (E) 295*4096kB (M) = 1241364kB
[  129.866899][ T6658] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  129.878773][ T6658] Node 1 Normal: 4*4kB (UE) 17*8kB (UME) 24*16kB (UME) 77*32kB (UME) 27*64kB (UME) 8*128kB (UME) 4*256kB (UM) 5*512kB (UM) 2*1024kB (ME) 1*2048kB (E) 947*4096kB (M) = 3892344kB
[  129.896563][ T6658] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  129.906342][ T6658] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  129.915772][ T6658] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  129.961737][ T6658] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  130.009837][ T6658] 104341 total pagecache pages
[  130.014608][ T6658] 0 pages in swap cache
[  130.133904][ T6658] Free swap  = 124996kB
[  130.181474][ T6658] Total swap = 124996kB
[  130.185663][ T6658] 2097051 pages RAM
[  130.249262][ T6658] 0 pages HighMem/MovableOnly
[  130.253977][ T6658] 428684 pages reserved
[  130.258649][ T6658] 0 pages cma reserved
[  132.732277][ T6738] tty tty44: ldisc open failed (-12), clearing slot 43
[  132.860277][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  132.866942][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  133.329416][ T6759] FAULT_INJECTION: forcing a failure.
[  133.329416][ T6759] name failslab, interval 1, probability 0, space 0, times 0
[  133.592928][ T6759] CPU: 1 UID: 0 PID: 6759 Comm: syz.2.156 Not tainted syzkaller #0 PREEMPT(full) 
[  133.592964][ T6759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  133.592981][ T6759] Call Trace:
[  133.592990][ T6759]  <TASK>
[  133.593000][ T6759]  dump_stack_lvl+0x16c/0x1f0
[  133.593034][ T6759]  should_fail_ex+0x512/0x640
[  133.593070][ T6759]  ? fs_reclaim_acquire+0xae/0x150
[  133.593106][ T6759]  should_failslab+0xc2/0x120
[  133.593139][ T6759]  __kmalloc_noprof+0xdd/0x880
[  133.593185][ T6759]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  133.593222][ T6759]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  133.593251][ T6759]  tomoyo_realpath_from_path+0xc2/0x6e0
[  133.593284][ T6759]  ? tomoyo_profile+0x47/0x60
[  133.593318][ T6759]  tomoyo_path_number_perm+0x245/0x580
[  133.593354][ T6759]  ? tomoyo_path_number_perm+0x237/0x580
[  133.593395][ T6759]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  133.593430][ T6759]  ? futex_wake+0x1ad/0x530
[  133.593502][ T6759]  ? find_held_lock+0x2b/0x80
[  133.593527][ T6759]  ? hook_file_ioctl_common+0x145/0x410
[  133.593561][ T6759]  ? __fget_files+0x20e/0x3c0
[  133.593593][ T6759]  security_file_ioctl+0x9b/0x240
[  133.593619][ T6759]  __x64_sys_ioctl+0xb7/0x210
[  133.593655][ T6759]  do_syscall_64+0xcd/0xfa0
[  133.593685][ T6759]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.593710][ T6759] RIP: 0033:0x7f9521f8efc9
[  133.593730][ T6759] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.593753][ T6759] RSP: 002b:00007f95201f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  133.593775][ T6759] RAX: ffffffffffffffda RBX: 00007f95221e6180 RCX: 00007f9521f8efc9
[  133.593792][ T6759] RDX: 0000000000000000 RSI: 0000000000005425 RDI: 0000000000000008
[  133.593806][ T6759] RBP: 00007f9522011f91 R08: 0000000000000000 R09: 0000000000000000
[  133.593822][ T6759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  133.593836][ T6759] R13: 00007f95221e6218 R14: 00007f95221e6180 R15: 00007ffccfab7418
[  133.593874][ T6759]  </TASK>
[  133.593885][ T6759] ERROR: Out of memory at tomoyo_realpath_from_path.
[  133.941678][ T6779] netlink: 350 bytes leftover after parsing attributes in process `syz.1.159'.
[  134.511871][ T6793] netlink: 25 bytes leftover after parsing attributes in process `syz.1.161'.
[  135.518094][ T6805] zswap: compressor  not available
[  136.316334][ T6835] Invalid ELF header magic: != ELF
[  136.825089][ T6799] delete_channel: no stack
[  136.973255][ T6846] tipc: Started in network mode
[  136.978310][ T6846] tipc: Node identity 45e5412, cluster identity 4711
[  137.000573][ T6846] tipc: Node number set to 73290770
[  140.962925][ T6912] FAULT_INJECTION: forcing a failure.
[  140.962925][ T6912] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  141.040451][ T6912] CPU: 0 UID: 0 PID: 6912 Comm: syz.3.171 Not tainted syzkaller #0 PREEMPT(full) 
[  141.040487][ T6912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  141.040501][ T6912] Call Trace:
[  141.040509][ T6912]  <TASK>
[  141.040519][ T6912]  dump_stack_lvl+0x16c/0x1f0
[  141.040552][ T6912]  should_fail_ex+0x512/0x640
[  141.040581][ T6912]  core_sys_select+0x4c5/0xc20
[  141.040601][ T6912]  ? __pfx_core_sys_select+0x10/0x10
[  141.040634][ T6912]  ? read_tsc+0x9/0x20
[  141.040651][ T6912]  ? ktime_get_ts64+0x256/0x400
[  141.040675][ T6912]  kern_select+0x15d/0x1e0
[  141.040687][ T6912]  ? __pfx_kern_select+0x10/0x10
[  141.040702][ T6912]  ? xfd_validate_state+0x61/0x180
[  141.040721][ T6912]  ? __pfx_ksys_write+0x10/0x10
[  141.040739][ T6912]  __x64_sys_select+0xbd/0x160
[  141.040751][ T6912]  ? do_syscall_64+0x91/0xfa0
[  141.040765][ T6912]  ? lockdep_hardirqs_on+0x7c/0x110
[  141.040780][ T6912]  do_syscall_64+0xcd/0xfa0
[  141.040796][ T6912]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.040810][ T6912] RIP: 0033:0x7f951498efc9
[  141.040821][ T6912] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.040834][ T6912] RSP: 002b:00007f951590d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017
[  141.040848][ T6912] RAX: ffffffffffffffda RBX: 00007f9514be5fa0 RCX: 00007f951498efc9
[  141.040857][ T6912] RDX: 00002000000005c0 RSI: 0000000000000000 RDI: 0000000000000005
[  141.040865][ T6912] RBP: 00007f9514a11f91 R08: 00002000000001c0 R09: 0000000000000000
[  141.040873][ T6912] R10: 00002000000006c0 R11: 0000000000000246 R12: 0000000000000000
[  141.040881][ T6912] R13: 00007f9514be6038 R14: 00007f9514be5fa0 R15: 00007ffdbf0da9f8
[  141.040909][ T6912]  </TASK>
[  141.618008][ T6925] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7
[  141.652159][ T6912] netlink: 28 bytes leftover after parsing attributes in process `syz.3.171'.
[  141.664523][ T6912] ipvlan0: entered promiscuous mode
[  141.669729][ T6912] ipvlan0: entered allmulticast mode
[  141.683257][ T6912] veth0_vlan: entered allmulticast mode
[  141.792959][   T30] audit: type=1804 audit(1761693504.907:7): pid=6932 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.172" name="/newroot/sys/kernel/debug/tracing/timestamp_mode" dev="tracefs" ino=151 res=1 errno=0
[  143.468003][ T6953] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  147.200310][ T7001] netlink: 25 bytes leftover after parsing attributes in process `syz.2.187'.
[  148.019289][ T7009] netlink: 342 bytes leftover after parsing attributes in process `syz.2.188'.
[  148.463262][   T30] audit: type=1804 audit(1761693511.573:8): pid=7022 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.190" name="/newroot/51/file0" dev="tmpfs" ino=289 res=1 errno=0
[  148.560871][ T7026] random: crng reseeded on system resumption
[  148.652933][ T7026] vhci_hcd: invalid port number 23
[  148.716297][ T7026] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub.
[  149.990718][ T7054] netlink: 28 bytes leftover after parsing attributes in process `syz.3.197'.
[  150.056435][ T5837] Bluetooth: hci2: unexpected event 0x35 length: 13 > 6
[  151.086803][ T7070] cgroup: fork rejected by pids controller in /syz2
[  156.590342][ T7272] netlink: 8 bytes leftover after parsing attributes in process `syz.2.207'.
[  156.599957][ T7271] netlink: 8 bytes leftover after parsing attributes in process `syz.2.207'.
[  158.000985][ T5837] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  158.001012][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.019571][ T5837] Bluetooth: hci0: Unknown advertising packet type: 0x7f
[  158.019629][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.033556][ T5837] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  158.033577][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.048286][ T5837] Bluetooth: hci0: Unknown advertising packet type: 0x7f
[  158.048317][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.061529][ T5837] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  158.061548][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.076213][ T5837] Bluetooth: hci0: Unknown advertising packet type: 0x7f
[  158.076244][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.089328][ T5837] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  158.089346][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.104905][ T5837] Bluetooth: hci0: Unknown advertising packet type: 0x7f
[  158.104937][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.118038][ T5837] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  158.118057][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.132871][ T5837] Bluetooth: hci0: Unknown advertising packet type: 0x7f
[  158.132901][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.146017][ T5837] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  158.146036][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.160707][ T5837] Bluetooth: hci0: Unknown advertising packet type: 0x7f
[  158.160735][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.173844][ T5837] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  158.173862][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.188697][ T5837] Bluetooth: hci0: Unknown advertising packet type: 0x7f
[  158.188729][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.202588][ T5837] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  158.202610][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.217616][ T5837] Bluetooth: hci0: Unknown advertising packet type: 0x7f
[  158.217649][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.230751][ T5837] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  158.230770][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.245487][ T5837] Bluetooth: hci0: Unknown advertising packet type: 0x7f
[  158.245519][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.258616][ T5837] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  158.258633][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.273430][ T5837] Bluetooth: hci0: Unknown advertising packet type: 0x7f
[  158.273462][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.286612][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.294121][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.301214][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.308698][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.314732][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.322228][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.328193][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.335704][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.341698][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.349159][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.355165][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.362674][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.368663][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.376437][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.382599][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.390094][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.396133][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.404363][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.410344][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.417868][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.425614][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.433145][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.439146][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.446655][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.452726][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.460188][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.466202][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.473729][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.479657][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.487170][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.493132][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.500590][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.507276][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.514792][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.520718][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.528220][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.534178][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.541682][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.547610][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.555118][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.561040][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.568535][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.574503][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.582552][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  158.588504][ T5837] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  158.596003][ T5837] Bluetooth: hci0: Malformed LE Event: 0x0d
[  159.563679][ T7404] FAULT_INJECTION: forcing a failure.
[  159.563679][ T7404] name fail_futex, interval 1, probability 0, space 0, times 0
[  159.577099][ T7404] CPU: 1 UID: 0 PID: 7404 Comm: syz.1.213 Not tainted syzkaller #0 PREEMPT(full) 
[  159.577131][ T7404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  159.577145][ T7404] Call Trace:
[  159.577152][ T7404]  <TASK>
[  159.577162][ T7404]  dump_stack_lvl+0x16c/0x1f0
[  159.577193][ T7404]  should_fail_ex+0x512/0x640
[  159.577233][ T7404]  ? lockdep_unlock+0x64/0xe0
[  159.577261][ T7404]  get_futex_key+0x1d0/0x1560
[  159.577295][ T7404]  ? __pfx_get_futex_key+0x10/0x10
[  159.577324][ T7404]  ? __lock_acquire+0x622/0x1c90
[  159.577363][ T7404]  futex_wake+0xea/0x530
[  159.577397][ T7404]  ? __lock_acquire+0xb8a/0x1c90
[  159.577428][ T7404]  ? __pfx_futex_wake+0x10/0x10
[  159.577469][ T7404]  ? reacquire_held_locks+0xcd/0x1f0
[  159.577503][ T7404]  do_futex+0x1e3/0x350
[  159.577534][ T7404]  ? __pfx_do_futex+0x10/0x10
[  159.577561][ T7404]  ? find_held_lock+0x2b/0x80
[  159.577586][ T7404]  ? mptcp_listen+0x265/0x4a0
[  159.577606][ T7404]  ? rcu_is_watching+0x12/0xc0
[  159.577635][ T7404]  __x64_sys_futex+0x1e0/0x4c0
[  159.577668][ T7404]  ? __pfx_mptcp_listen+0x10/0x10
[  159.577690][ T7404]  ? __pfx___x64_sys_futex+0x10/0x10
[  159.577733][ T7404]  do_syscall_64+0xcd/0xfa0
[  159.577761][ T7404]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.577785][ T7404] RIP: 0033:0x7fe7b0f8efc9
[  159.577803][ T7404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  159.577824][ T7404] RSP: 002b:00007fe7af1ee0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  159.577847][ T7404] RAX: ffffffffffffffda RBX: 00007fe7b11e5fa8 RCX: 00007fe7b0f8efc9
[  159.577863][ T7404] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe7b11e5fac
[  159.577878][ T7404] RBP: 00007fe7b11e5fa0 R08: 00007fe7b0df8000 R09: 0000000000000000
[  159.577892][ T7404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  159.577906][ T7404] R13: 00007fe7b11e6038 R14: 00007ffe0e832930 R15: 00007ffe0e832a18
[  159.577940][ T7404]  </TASK>
[  161.048710][   T30] audit: type=1804 audit(1761693524.157:9): pid=7459 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.215" name="/newroot/59/file0" dev="tmpfs" ino=330 res=1 errno=0
[  162.149768][ T7483] delete_channel: no stack
[  164.110404][ T7495] kafs: addr_prefs: Invalid Command
[  164.217738][ T5837] bt_warn_ratelimited: 23 callbacks suppressed
[  164.217760][ T5837] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260
[  164.224233][ T5837] Bluetooth: hci3: unexpected subevent 0x0e length: 725 > 15
[  164.239037][ T5837] Bluetooth: hci3: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f
[  164.342529][ T7083] syz.2.203 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  164.355244][ T7083] CPU: 1 UID: 0 PID: 7083 Comm: syz.2.203 Not tainted syzkaller #0 PREEMPT(full) 
[  164.355269][ T7083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  164.355279][ T7083] Call Trace:
[  164.355286][ T7083]  <TASK>
[  164.355293][ T7083]  dump_stack_lvl+0x16c/0x1f0
[  164.355318][ T7083]  dump_header+0x101/0x930
[  164.355340][ T7083]  oom_kill_process+0x272/0xa40
[  164.355360][ T7083]  out_of_memory+0x350/0x1700
[  164.355386][ T7083]  ? __pfx_out_of_memory+0x10/0x10
[  164.355418][ T7083]  mem_cgroup_out_of_memory+0x118/0x130
[  164.355452][ T7083]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  164.355497][ T7083]  ? do_raw_spin_unlock+0x172/0x230
[  164.355539][ T7083]  try_charge_memcg+0x695/0xd30
[  164.355574][ T7083]  ? __pfx_try_charge_memcg+0x10/0x10
[  164.355602][ T7083]  ? __print_lock_name+0xa1/0xe0
[  164.355627][ T7083]  ? rcu_read_unlock+0x17/0x60
[  164.355666][ T7083]  charge_memcg+0x8a/0x230
[  164.355697][ T7083]  __mem_cgroup_charge+0x2b/0x1e0
[  164.355730][ T7083]  shmem_alloc_and_add_folio+0x514/0xc20
[  164.355778][ T7083]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  164.355818][ T7083]  ? shmem_allowable_huge_orders+0xd4/0x3f0
[  164.355851][ T7083]  shmem_get_folio_gfp+0x67f/0x1610
[  164.355881][ T7083]  ? __lock_acquire+0xb8a/0x1c90
[  164.355912][ T7083]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  164.355948][ T7083]  shmem_write_begin+0x160/0x300
[  164.355977][ T7083]  ? __pfx_shmem_write_begin+0x10/0x10
[  164.356000][ T7083]  ? timestamp_truncate+0x21e/0x2d0
[  164.356028][ T7083]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1260
[  164.356067][ T7083]  generic_perform_write+0x3c4/0x900
[  164.356122][ T7083]  ? __pfx_generic_perform_write+0x10/0x10
[  164.356160][ T7083]  ? inode_needs_update_time.part.0+0x191/0x270
[  164.356196][ T7083]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  164.356223][ T7083]  shmem_file_write_iter+0x10e/0x140
[  164.356254][ T7083]  __kernel_write_iter+0x31a/0xb10
[  164.356283][ T7083]  ? __pfx___kernel_write_iter+0x10/0x10
[  164.356306][ T7083]  ? __up_read+0x1f8/0x750
[  164.356345][ T7083]  ? dump_user_range+0x756/0xb70
[  164.356376][ T7083]  dump_user_range+0x413/0xb70
[  164.356409][ T7083]  ? __pfx_dump_user_range+0x10/0x10
[  164.356435][ T7083]  ? elf_coredump_extra_notes_write+0xbd/0x4f0
[  164.356477][ T7083]  ? __pfx_writenote+0x10/0x10
[  164.356513][ T7083]  elf_core_dump+0x29c3/0x3c00
[  164.356559][ T7083]  ? __pfx_elf_core_dump+0x10/0x10
[  164.356590][ T7083]  ? check_preempt_wakeup_fair+0x6a6/0x980
[  164.356619][ T7083]  ? find_held_lock+0x2b/0x80
[  164.356642][ T7083]  ? 0xffffffffff600000
[  164.356664][ T7083]  ? rcu_is_watching+0x12/0xc0
[  164.356689][ T7083]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  164.356713][ T7083]  ? lockdep_hardirqs_on+0x7c/0x110
[  164.356795][ T7083]  ? vfs_coredump+0x2b9f/0x5670
[  164.356817][ T7083]  vfs_coredump+0x2b9f/0x5670
[  164.356853][ T7083]  ? __pfx_vfs_coredump+0x10/0x10
[  164.356879][ T7083]  ? __lock_acquire+0x622/0x1c90
[  164.356922][ T7083]  ? lock_acquire+0x179/0x350
[  164.356971][ T7083]  ? is_bpf_text_address+0x8a/0x1a0
[  164.357003][ T7083]  ? bpf_ksym_find+0x124/0x1c0
[  164.357039][ T7083]  ? unwind_get_return_address+0x59/0xa0
[  164.357066][ T7083]  ? arch_stack_walk+0xa6/0x100
[  164.357110][ T7083]  ? stack_trace_save+0x8e/0xc0
[  164.357138][ T7083]  ? __pfx_stack_trace_save+0x10/0x10
[  164.357165][ T7083]  ? stack_depot_save_flags+0x29/0x9c0
[  164.357201][ T7083]  ? __lock_acquire+0xb8a/0x1c90
[  164.357297][ T7083]  ? proc_coredump_connector+0x2d1/0x4f0
[  164.357322][ T7083]  ? __pfx_proc_coredump_connector+0x10/0x10
[  164.357356][ T7083]  ? rcu_is_watching+0x12/0xc0
[  164.357386][ T7083]  get_signal+0x22e1/0x26d0
[  164.357427][ T7083]  ? __pfx_get_signal+0x10/0x10
[  164.357454][ T7083]  ? rcu_is_watching+0x12/0xc0
[  164.357479][ T7083]  ? trace_irq_disable.constprop.0+0xd4/0x120
[  164.357508][ T7083]  arch_do_signal_or_restart+0x8f/0x790
[  164.357538][ T7083]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  164.357585][ T7083]  irqentry_exit_to_user_mode+0x176/0x310
[  164.357614][ T7083]  asm_exc_page_fault+0x26/0x30
[  164.357638][ T7083] RIP: 0033:0x0
[  164.357655][ T7083] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[  164.357666][ T7083] RSP: 002b:000000000000000a EFLAGS: 00010217
[  164.357685][ T7083] RAX: 0000000000000000 RBX: 00007f95221e5fa0 RCX: 00007f9521f8efc9
[  164.357700][ T7083] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46
[  164.357714][ T7083] RBP: 00007f9522011f91 R08: 0000000000000002 R09: 0000000000000000
[  164.357729][ T7083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  164.357743][ T7083] R13: 00007f95221e6038 R14: 00007f95221e5fa0 R15: 00007ffccfab7418
[  164.357781][ T7083]  </TASK>
[  165.005193][ T7083] memory: usage 307200kB, limit 307200kB, failcnt 23764
[  165.012167][ T7083] memory+swap: usage 432188kB, limit 9007199254740988kB, failcnt 0
[  165.020991][ T7083] kmem: usage 3492kB, limit 9007199254740988kB, failcnt 0
[  165.046964][ T7083] Memory cgroup stats for /syz2:
[  165.209266][ T7083] cache 310718464
[  165.218592][ T7083] rss 266240
[  165.221891][ T7083] rss_huge 0
[  165.233219][ T7083] shmem 310718464
[  165.236926][ T7083] mapped_file 20373504
[  165.240974][ T7083] dirty 0
[  165.243886][ T7083] writeback 0
[  165.247198][ T7083] workingset_refault_anon 1053
[  165.251938][ T7083] workingset_refault_file 15
[  165.256775][ T7083] swap 127987712
[  165.260316][ T7083] swapcached 8192
[  165.263926][ T7083] pgpgin 255132
[  165.269677][ T7083] pgpgout 180351
[  165.273218][ T7083] pgfault 106873
[  165.298688][ T7083] pgmajfault 169
[  165.306729][ T7083] inactive_anon 174886912
[  165.311071][ T7083] active_anon 136105984
[  165.315332][ T7083] inactive_file 0
[  165.318953][ T7083] active_file 0
[  165.322414][ T7083] unevictable 0
[  165.326784][ T7083] hierarchical_memory_limit 314572800
[  165.332153][ T7083] hierarchical_memsw_limit 9223372036854771712
[  165.338732][ T7083] total_cache 310718464
[  165.354653][ T7083] total_rss 266240
[  165.358386][ T7083] total_rss_huge 0
[  165.362083][ T7083] total_shmem 310718464
[  165.366832][ T7083] total_mapped_file 20373504
[  165.388158][ T7083] total_dirty 0
[  165.391626][ T7083] total_writeback 0
[  165.396304][ T7083] total_workingset_refault_anon 1053
[  165.401583][ T7083] total_workingset_refault_file 15
[  165.408715][ T7083] total_swap 127987712
[  165.412781][ T7083] total_swapcached 8192
[  165.417381][ T7083] total_pgpgin 255132
[  165.421355][ T7083] total_pgpgout 180351
[  165.426235][ T7083] total_pgfault 106873
[  165.430289][ T7083] total_pgmajfault 169
[  165.435710][ T7083] total_inactive_anon 174886912
[  165.440577][ T7083] total_active_anon 136105984
[  165.453995][ T7083] total_inactive_file 0
[  165.538256][ T7083] total_active_file 0
[  165.542257][ T7083] total_unevictable 0
[  165.615322][ T7083] anon_cost 0
[  165.618624][ T7083] file_cost 0
[  165.621888][ T7083] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.203,pid=7103,uid=0
[  165.673649][ T7083] Memory cgroup out of memory: Killed process 7103 (syz.2.203) total-vm:131608kB, anon-rss:1252kB, file-rss:21668kB, shmem-rss:19968kB, UID:0 pgtables:180kB oom_score_adj:1000
[  166.333677][ T5834] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  166.342432][ T5834] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  166.350233][ T5834] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  166.375991][ T5834] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  166.383566][ T5834] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  166.577723][ T7087] syz.2.203 (7087) used greatest stack depth: 20056 bytes left
[  166.669105][ T7102] syz.2.203 (7102) used greatest stack depth: 19560 bytes left
[  167.128678][ T7508] chnl_net:caif_netlink_parms(): no params data found
[  167.261874][ T7520] random: crng reseeded on system resumption
[  167.900780][ T6767] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.090675][ T6767] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.153483][ T7508] bridge0: port 1(bridge_slave_0) entered blocking state
[  168.190313][ T7508] bridge0: port 1(bridge_slave_0) entered disabled state
[  168.206637][ T7508] bridge_slave_0: entered allmulticast mode
[  168.247874][ T7508] bridge_slave_0: entered promiscuous mode
[  168.272928][ T7508] bridge0: port 2(bridge_slave_1) entered blocking state
[  168.299770][ T7508] bridge0: port 2(bridge_slave_1) entered disabled state
[  168.316559][ T7508] bridge_slave_1: entered allmulticast mode
[  168.324416][ T7508] bridge_slave_1: entered promiscuous mode
[  168.357079][ T6767] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.466237][ T5834] Bluetooth: hci4: command tx timeout
[  168.509800][ T7508] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  168.541814][ T7508] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  168.603256][ T6767] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.662501][ T7548] random: crng reseeded on system resumption
[  168.688764][ T7508] team0: Port device team_slave_0 added
[  168.720678][ T7508] team0: Port device team_slave_1 added
[  168.814728][ T7508] batman_adv: batadv0: Adding interface: batadv_slave_0
[  168.844938][ T7508] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  168.871710][ T7508] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  168.886805][ T7508] batman_adv: batadv0: Adding interface: batadv_slave_1
[  168.961832][ T7508] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  169.022323][ T7508] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  169.341017][ T7508] hsr_slave_0: entered promiscuous mode
[  169.403752][ T7508] hsr_slave_1: entered promiscuous mode
[  169.417464][ T7508] debugfs: 'hsr0' already exists in 'hsr'
[  169.435752][ T7508] Cannot create hsr debugfs directory
[  169.928050][ T6767] bridge_slave_1: left allmulticast mode
[  169.936998][ T6767] bridge_slave_1: left promiscuous mode
[  169.958296][ T6767] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.128162][ T6767] bridge_slave_0: left allmulticast mode
[  170.133851][ T6767] bridge_slave_0: left promiscuous mode
[  170.150091][ T6767] bridge0: port 1(bridge_slave_0) entered disabled state
[  170.537211][ T5834] Bluetooth: hci4: command tx timeout
[  170.915972][ T6767] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  170.932935][ T6767] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  170.943681][ T6767] bond0 (unregistering): Released all slaves
[  171.157567][ T6767] HfR: left promiscuous mode
[  171.326345][ T7607] zswap: compressor  not available
[  171.660357][ T7612] FAULT_INJECTION: forcing a failure.
[  171.660357][ T7612] name failslab, interval 1, probability 0, space 0, times 0
[  171.660396][ T7612] CPU: 1 UID: 0 PID: 7612 Comm: syz.3.238 Not tainted syzkaller #0 PREEMPT(full) 
[  171.660419][ T7612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  171.660430][ T7612] Call Trace:
[  171.660437][ T7612]  <TASK>
[  171.660444][ T7612]  dump_stack_lvl+0x16c/0x1f0
[  171.660476][ T7612]  should_fail_ex+0x512/0x640
[  171.660511][ T7612]  ? kmem_cache_alloc_lru_noprof+0x66/0x6e0
[  171.660542][ T7612]  should_failslab+0xc2/0x120
[  171.660571][ T7612]  kmem_cache_alloc_lru_noprof+0x79/0x6e0
[  171.660595][ T7612]  ? __pfx___might_resched+0x10/0x10
[  171.660622][ T7612]  ? sock_alloc_inode+0x25/0x1c0
[  171.660655][ T7612]  ? __pfx_sock_alloc_inode+0x10/0x10
[  171.660680][ T7612]  ? sock_alloc_inode+0x25/0x1c0
[  171.660706][ T7612]  sock_alloc_inode+0x25/0x1c0
[  171.660733][ T7612]  alloc_inode+0x64/0x240
[  171.660763][ T7612]  sock_alloc+0x40/0x280
[  171.660789][ T7612]  __sock_create+0xc1/0x8d0
[  171.660825][ T7612]  __sys_socket+0x14d/0x260
[  171.660852][ T7612]  ? __x64_sys_openat+0x174/0x210
[  171.660886][ T7612]  ? __pfx___sys_socket+0x10/0x10
[  171.660916][ T7612]  ? xfd_validate_state+0x61/0x180
[  171.660956][ T7612]  __x64_sys_socket+0x72/0xb0
[  171.660985][ T7612]  ? lockdep_hardirqs_on+0x7c/0x110
[  171.661011][ T7612]  do_syscall_64+0xcd/0xfa0
[  171.661040][ T7612]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.661064][ T7612] RIP: 0033:0x7f951498efc9
[  171.661084][ T7612] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.661106][ T7612] RSP: 002b:00007f95158cb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  171.661129][ T7612] RAX: ffffffffffffffda RBX: 00007f9514be6180 RCX: 00007f951498efc9
[  171.661145][ T7612] RDX: 0000000000000001 RSI: 0000000000000005 RDI: 0000000000000018
[  171.661159][ T7612] RBP: 00007f9514a11f91 R08: 0000000000000000 R09: 0000000000000000
[  171.661174][ T7612] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  171.661189][ T7612] R13: 00007f9514be6218 R14: 00007f9514be6180 R15: 00007ffdbf0da9f8
[  171.661224][ T7612]  </TASK>
[  171.661236][ T7612] net_ratelimit: 8 callbacks suppressed
[  171.661247][ T7612] socket: no more sockets
[  171.907330][ T7621] ==================================================================
[  171.907346][ T7621] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x1a6f/0x1e60
[  171.907380][ T7621] Write of size 8 at addr ffffc900039a93e0 by task syz.2.239/7621
[  171.907400][ T7621] 
[  171.907411][ T7621] CPU: 0 UID: 0 PID: 7621 Comm: syz.2.239 Not tainted syzkaller #0 PREEMPT(full) 
[  171.907439][ T7621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  171.907453][ T7621] Call Trace:
[  171.907461][ T7621]  <TASK>
[  171.907471][ T7621]  dump_stack_lvl+0x116/0x1f0
[  171.907497][ T7621]  print_report+0xcd/0x630
[  171.907527][ T7621]  ? __virt_addr_valid+0x81/0x610
[  171.907558][ T7621]  ? sys_imageblit+0x1a6f/0x1e60
[  171.907581][ T7621]  kasan_report+0xe0/0x110
[  171.907609][ T7621]  ? sys_imageblit+0x1a6f/0x1e60
[  171.907637][ T7621]  sys_imageblit+0x1a6f/0x1e60
[  171.907666][ T7621]  ? __pfx_sys_imageblit+0x10/0x10
[  171.907691][ T7621]  ? __pfx__prb_read_valid+0x10/0x10
[  171.907721][ T7621]  ? do_raw_spin_lock+0x12c/0x2b0
[  171.907754][ T7621]  ? css_rstat_updated+0x1c2/0x510
[  171.907785][ T7621]  ? desc_read+0x2ae/0x370
[  171.907819][ T7621]  ? __asan_memcpy+0x3c/0x60
[  171.907842][ T7621]  drm_fbdev_shmem_defio_imageblit+0x20/0x130
[  171.907872][ T7621]  soft_cursor+0x524/0xa10
[  171.907911][ T7621]  ? fb_get_color_depth+0x120/0x250
[  171.907945][ T7621]  bit_cursor+0xe8c/0x17e0
[  171.907983][ T7621]  ? __pfx_bit_cursor+0x10/0x10
[  171.908022][ T7621]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  171.908061][ T7621]  ? get_color+0x1da/0x450
[  171.908089][ T7621]  ? __pfx_bit_cursor+0x10/0x10
[  171.908122][ T7621]  fbcon_cursor+0x40c/0x5a0
[  171.908154][ T7621]  ? __pfx_con_put_char+0x10/0x10
[  171.908182][ T7621]  hide_cursor+0x87/0x220
[  171.908218][ T7621]  do_con_write+0x240c/0x8290
[  171.908246][ T7621]  ? __lock_acquire+0xb8a/0x1c90
[  171.908282][ T7621]  ? __mutex_trylock_common+0xe9/0x250
[  171.908324][ T7621]  ? __pfx_do_con_write+0x10/0x10
[  171.908349][ T7621]  ? __pfx___mutex_trylock_common+0x10/0x10
[  171.908384][ T7621]  ? rcu_is_watching+0x12/0xc0
[  171.908410][ T7621]  ? trace_contention_end+0xdd/0x130
[  171.908443][ T7621]  ? __pfx_con_put_char+0x10/0x10
[  171.908469][ T7621]  con_put_char+0x73/0xa0
[  171.908495][ T7621]  ? __pfx_con_put_char+0x10/0x10
[  171.908522][ T7621]  ? __pfx___mutex_lock+0x10/0x10
[  171.908551][ T7621]  tty_put_char+0xbe/0x160
[  171.908584][ T7621]  ? __pfx_tty_put_char+0x10/0x10
[  171.908616][ T7621]  ? mark_held_locks+0x49/0x80
[  171.908643][ T7621]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  171.908679][ T7621]  do_output_char+0x151/0x840
[  171.908706][ T7621]  n_tty_write+0x4fe/0x11e0
[  171.908741][ T7621]  ? __pfx_n_tty_write+0x10/0x10
[  171.908769][ T7621]  ? trace_kmalloc+0x2b/0xd0
[  171.908795][ T7621]  ? __pfx_woken_wake_function+0x10/0x10
[  171.908830][ T7621]  ? kfree+0x252/0x6d0
[  171.908850][ T7621]  ? __pfx_n_tty_write+0x10/0x10
[  171.908879][ T7621]  file_tty_write.constprop.0+0x503/0x9b0
[  171.908908][ T7621]  redirected_tty_write+0xd4/0x150
[  171.908932][ T7621]  vfs_write+0x7d3/0x11d0
[  171.908957][ T7621]  ? __pfx_redirected_tty_write+0x10/0x10
[  171.908983][ T7621]  ? __pfx_vfs_write+0x10/0x10
[  171.909006][ T7621]  ? find_held_lock+0x2b/0x80
[  171.909037][ T7621]  ksys_write+0x12a/0x250
[  171.909060][ T7621]  ? __pfx_ksys_write+0x10/0x10
[  171.909089][ T7621]  do_syscall_64+0xcd/0xfa0
[  171.909114][ T7621]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.909138][ T7621] RIP: 0033:0x7f9521f8efc9
[  171.909179][ T7621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.909202][ T7621] RSP: 002b:00007f9522d77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  171.909225][ T7621] RAX: ffffffffffffffda RBX: 00007f95221e5fa0 RCX: 00007f9521f8efc9
[  171.909241][ T7621] RDX: 00000000000009c7 RSI: 0000200000001bc0 RDI: 0000000000000004
[  171.909256][ T7621] RBP: 00007f9522011f91 R08: 0000000000000000 R09: 0000000000000000
[  171.909270][ T7621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  171.909284][ T7621] R13: 00007f95221e6038 R14: 00007f95221e5fa0 R15: 00007ffccfab7418
[  171.909313][ T7621]  </TASK>
[  171.909322][ T7621] 
[  171.909329][ T7621] The buggy address belongs to a vmalloc virtual mapping
[  171.909354][ T7621] Memory state around the buggy address:
[  171.909367][ T7621]  ffffc900039a9280: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  171.909384][ T7621]  ffffc900039a9300: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  171.909401][ T7621] >ffffc900039a9380: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  171.909414][ T7621]                                                        ^
[  171.909428][ T7621]  ffffc900039a9400: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  171.909445][ T7621]  ffffc900039a9480: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  171.909458][ T7621] ==================================================================
[  171.914097][ T7621] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  171.914117][ T7621] CPU: 0 UID: 0 PID: 7621 Comm: syz.2.239 Not tainted syzkaller #0 PREEMPT(full) 
[  171.914148][ T7621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  171.914164][ T7621] Call Trace:
[  171.914172][ T7621]  <TASK>
[  171.914182][ T7621]  dump_stack_lvl+0x3d/0x1f0
[  171.914213][ T7621]  vpanic+0x640/0x6f0
[  171.914250][ T7621]  panic+0xca/0xd0
[  171.914283][ T7621]  ? __pfx_panic+0x10/0x10
[  171.914324][ T7621]  ? sys_imageblit+0x1a6f/0x1e60
[  171.914353][ T7621]  ? preempt_schedule_common+0x44/0xc0
[  171.914380][ T7621]  ? preempt_schedule_thunk+0x16/0x30
[  171.914420][ T7621]  check_panic_on_warn+0xab/0xb0
[  171.914455][ T7621]  end_report+0x107/0x170
[  171.914486][ T7621]  kasan_report+0xee/0x110
[  171.914514][ T7621]  ? sys_imageblit+0x1a6f/0x1e60
[  171.914542][ T7621]  sys_imageblit+0x1a6f/0x1e60
[  171.914571][ T7621]  ? __pfx_sys_imageblit+0x10/0x10
[  171.914595][ T7621]  ? __pfx__prb_read_valid+0x10/0x10
[  171.914627][ T7621]  ? do_raw_spin_lock+0x12c/0x2b0
[  171.914661][ T7621]  ? css_rstat_updated+0x1c2/0x510
[  171.914687][ T7621]  ? desc_read+0x2ae/0x370
[  171.914718][ T7621]  ? __asan_memcpy+0x3c/0x60
[  171.914744][ T7621]  drm_fbdev_shmem_defio_imageblit+0x20/0x130
[  171.914771][ T7621]  soft_cursor+0x524/0xa10
[  171.914810][ T7621]  ? fb_get_color_depth+0x120/0x250
[  171.914844][ T7621]  bit_cursor+0xe8c/0x17e0
[  171.914880][ T7621]  ? __pfx_bit_cursor+0x10/0x10
[  171.914918][ T7621]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  171.914956][ T7621]  ? get_color+0x1da/0x450
[  171.914987][ T7621]  ? __pfx_bit_cursor+0x10/0x10
[  171.915020][ T7621]  fbcon_cursor+0x40c/0x5a0
[  171.915050][ T7621]  ? __pfx_con_put_char+0x10/0x10
[  171.915075][ T7621]  hide_cursor+0x87/0x220
[  171.915106][ T7621]  do_con_write+0x240c/0x8290
[  171.915128][ T7621]  ? __lock_acquire+0xb8a/0x1c90
[  171.915157][ T7621]  ? __mutex_trylock_common+0xe9/0x250
[  171.915183][ T7621]  ? __pfx_do_con_write+0x10/0x10
[  171.915203][ T7621]  ? __pfx___mutex_trylock_common+0x10/0x10
[  171.915231][ T7621]  ? rcu_is_watching+0x12/0xc0
[  171.915251][ T7621]  ? trace_contention_end+0xdd/0x130
[  171.915278][ T7621]  ? __pfx_con_put_char+0x10/0x10
[  171.915300][ T7621]  con_put_char+0x73/0xa0
[  171.915331][ T7621]  ? __pfx_con_put_char+0x10/0x10
[  171.915355][ T7621]  ? __pfx___mutex_lock+0x10/0x10
[  171.915380][ T7621]  tty_put_char+0xbe/0x160
[  171.915409][ T7621]  ? __pfx_tty_put_char+0x10/0x10
[  171.915436][ T7621]  ? mark_held_locks+0x49/0x80
[  171.915461][ T7621]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  171.915494][ T7621]  do_output_char+0x151/0x840
[  171.915519][ T7621]  n_tty_write+0x4fe/0x11e0
[  171.915548][ T7621]  ? __pfx_n_tty_write+0x10/0x10
[  171.915573][ T7621]  ? trace_kmalloc+0x2b/0xd0
[  171.915596][ T7621]  ? __pfx_woken_wake_function+0x10/0x10
[  171.915626][ T7621]  ? kfree+0x252/0x6d0
[  171.915643][ T7621]  ? __pfx_n_tty_write+0x10/0x10
[  171.915667][ T7621]  file_tty_write.constprop.0+0x503/0x9b0
[  171.915692][ T7621]  redirected_tty_write+0xd4/0x150
[  171.915713][ T7621]  vfs_write+0x7d3/0x11d0
[  171.915734][ T7621]  ? __pfx_redirected_tty_write+0x10/0x10
[  171.915757][ T7621]  ? __pfx_vfs_write+0x10/0x10
[  171.915775][ T7621]  ? find_held_lock+0x2b/0x80
[  171.915801][ T7621]  ksys_write+0x12a/0x250
[  171.915821][ T7621]  ? __pfx_ksys_write+0x10/0x10
[  171.915845][ T7621]  do_syscall_64+0xcd/0xfa0
[  171.915866][ T7621]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.915886][ T7621] RIP: 0033:0x7f9521f8efc9
[  171.915902][ T7621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.915919][ T7621] RSP: 002b:00007f9522d77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  171.915939][ T7621] RAX: ffffffffffffffda RBX: 00007f95221e5fa0 RCX: 00007f9521f8efc9
[  171.915953][ T7621] RDX: 00000000000009c7 RSI: 0000200000001bc0 RDI: 0000000000000004
[  171.915966][ T7621] RBP: 00007f9522011f91 R08: 0000000000000000 R09: 0000000000000000
[  171.915979][ T7621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  171.915991][ T7621] R13: 00007f95221e6038 R14: 00007f95221e5fa0 R15: 00007ffccfab7418
[  171.916011][ T7621]  </TASK>
[  171.916312][ T7621] Kernel Offset: disabled