last executing test programs:

6.498776866s ago: executing program 2 (id=1668):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
r0 = socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
r1 = socket(0xa, 0x1, 0x84)
r2 = getsockopt$auto(r1, 0x84, 0x9, 0x0, &(0x7f0000000000)=0x95)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0xe8, 0x9, 0x2, 0x1, 0x5, 0x4, 0x15f4da0e, 0x8, 0x9, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0)
pwrite64$auto(0xc8, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00,\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x39)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
bind$auto(r0, &(0x7f0000000240)=@sco, 0xfffffffb)
sendmsg$auto_TIPC_NL_MON_PEER_GET(r2, 0x0, 0x0)
getsockopt$auto_SO_RCVMARK(r3, 0x0, 0x4b, &(0x7f0000000000)='}\'.^\x00', &(0x7f00000000c0)=0x7)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL802154_CMD_GET_INTERFACE(r4, &(0x7f0000000300)={0x0, 0xa6, &(0x7f0000000100)={&(0x7f0000000840)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="05032cbd7000fbdbdf2505004000"], 0x14}, 0x1, 0x0, 0x0, 0x4004010}, 0x4040008)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x4)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
kexec_load$auto(0x8, 0x0, 0x0, 0x9)

6.338504611s ago: executing program 3 (id=1669):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
r0 = socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB], 0x14}, 0x1, 0x68, 0x0, 0x24000000}, 0xd0)
sendmsg$auto_NL80211_CMD_STOP_P2P_DEVICE(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000040)={&(0x7f0000000340)={0x14, r2, 0x400, 0x70bd27, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4010}, 0x4000800)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x2, 0x1d2c, 0x3, 0x4, 0x15f4da0e, 0x6, 0x9, 0x100000000000000c, 0x8, 0x4, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0)
pwrite64$auto(0xc8, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00,\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x39)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
poll$auto(&(0x7f0000000240)={r0, 0x3, 0x9}, 0x3, 0x8)
socket(0x2c, 0x1, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
timer_create$auto(0x9, &(0x7f0000000100)={@sival_ptr=0x0, @inferred, 0x1, @_tid=0xffffffffffffffff}, 0x0)
timer_gettime$auto(0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r4 = socket(0xa, 0x801, 0x100)
setsockopt$auto(r4, 0x6, 0x2, 0x0, 0xfb3)

5.96950666s ago: executing program 0 (id=1671):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
socket(0x2, 0x2, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xfffffffffffffffb)
ioctl$auto_SOUND_PCM_READ_CHANNELS(r0, 0x80045006, &(0x7f0000000240))
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_TIOCSETD2(r0, 0x5423, &(0x7f0000000180)="2be8a6ae0d58c4fcc99ef117c3a5148818efd99d6f905cc27795f82a6d93ca5031")
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/007/001\x00', 0xa901, 0x0)
ioctl$auto_USBDEVFS_SUBMITURB32(r1, 0x802c550a, &(0x7f0000000300)=ANY=[@ANYBLOB="020000060000e6ff040000000100400008"])
ioctl$auto(r1, 0x4008550d, r1)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/uvcvideo/parameters/clock\x00', 0xb02, 0x0)
sendfile$auto(r2, r2, 0x0, 0x7ff)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x4)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x60042, 0x0)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x200, 0x0)
write$auto(r3, 0x0, 0x3)
write$auto(0x3, 0x0, 0x100082)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x3)
write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84L\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xff\a\x00\x00\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)

5.499264765s ago: executing program 2 (id=1672):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
socket(0x2b, 0x1, 0x0)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
r1 = syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000980)={0x14, r1, 0x1, 0x70bd31, 0x25dfdbfd}, 0x14}}, 0x24048084)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x103003, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
r3 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0)
pread64$auto(r3, &(0x7f0000000240)='\x03W\x96l\x15\x00'/21, 0x100000002, 0x100000001)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0)
ioctl$auto_BLKFLSBUF(r4, 0x1261, 0x0)
msgctl$auto_MSG_INFO(0x4b, 0xc, &(0x7f00000000c0)={{0x1, 0xee01, 0xee00, 0x80, 0xc, 0x7, 0x38}, 0x0, 0x0, 0x40, 0x56, 0x5, 0xf8, 0x8, 0x1, 0x0, 0x5, @inferred=<r5=>0x0})
prctl$auto(0x1, 0x8, r5, 0x3a, 0x1)

5.219290699s ago: executing program 1 (id=1673):
mmap$auto(0x0, 0x20008, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x4)
socket(0x10, 0x3, 0x6)
socket(0x25, 0x1, 0x3)
r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="f0020000", @ANYRES16=r0, @ANYBLOB="01002dbd7000fedbdf2505000000da0203800800c000e000000204002a000400110008002e00", @ANYRES32, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b32dd7c33b14cc842bc1e", @ANYRES32, @ANYBLOB='\b'], 0x2f0}, 0x1, 0x0, 0x0, 0x40000}, 0x50)
io_uring_setup$auto(0x5d, &(0x7f00000004c0)={0x52, 0xd, 0x6, 0x6, 0x7, 0x8, <r1=>0xffffffffffffffff, [], {0x1, 0x6, 0x8c48, 0x29f, 0x100, 0x2, 0xb831, 0x5, 0x2}, {0x100, 0x20001, 0x52, 0x5, 0xfffffffe, 0x0, 0x76c5, 0x8, 0x100000000}})
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c001b"], 0x1ac}}, 0x40000)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/net/sctp/snmp\x00', 0x4000, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x7}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
r2 = socket(0x1d, 0x2, 0x6)
r3 = socket(0x2, 0x1, 0x0)
ioctl$auto_SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f0000000100)="80970ba1a76dc537a527986e19eb07e65243fe182f8987b997162ec03f54104d2b5c99578c03f986d7746cacdc18378856001a88e7248c237d28f21e15002085c007e67c08200e643b93afbe7ac6d9cef590fadf")
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r4=>0x0})
bind$auto(r2, &(0x7f0000000040)=@can={0x1d, r4, 0xfd}, 0x6a)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x21}}, 0x40)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xc9\xb3\xbc\x8c\x1dga08\x90\x86\xdde\x1cJ\x99\x00\x11\x11\x14\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xfe\x80\x12\x00\x00\x00\x00\x00\x0fo\x84\xfc\x89\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#\x1c\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd8\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xaf\n1\x80\x1a\xbc_\xef\x8b\t\xcc\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xfdef, 0x3)

5.189056949s ago: executing program 3 (id=1674):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
r0 = socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
r1 = socket(0xa, 0x1, 0x84)
r2 = getsockopt$auto(r1, 0x84, 0x9, 0x0, &(0x7f0000000000)=0x95)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0xe8, 0x9, 0x2, 0x1, 0x5, 0x4, 0x15f4da0e, 0x8, 0x9, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0)
pwrite64$auto(0xc8, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00,\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x39)
bind$auto(r0, &(0x7f0000000240)=@sco, 0xfffffffb)
syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff)
sendmsg$auto_TIPC_NL_MON_PEER_GET(r2, 0x0, 0x0)
getsockopt$auto_SO_RCVMARK(r3, 0x0, 0x4b, &(0x7f0000000000)='}\'.^\x00', &(0x7f00000000c0)=0x7)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL802154_CMD_GET_INTERFACE(r4, &(0x7f0000000300)={0x0, 0xa6, &(0x7f0000000100)={&(0x7f0000000840)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="05032cbd7000fbdbdf2505004000"], 0x14}, 0x1, 0x0, 0x0, 0x4004010}, 0x4040008)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x4)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
kexec_load$auto(0x8, 0x0, 0x0, 0x9)

4.93226119s ago: executing program 0 (id=1675):
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
mmap$auto(0x401000000000, 0x40000004020009, 0xc, 0x15, 0xffffffffffffffff, 0x7ffe)
r0 = socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004)
close_range$auto(0x2, 0x8, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket(0x1e, 0x4, 0x0)
r4 = socket(0x1e, 0x4, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
setsockopt$auto(r4, 0x10f, 0x87, 0x0, 0x14)
r5 = getuid()
sendmsg$auto_TIPC_NL_UDP_GET_REMOTEIP(r0, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000001c0)={&(0x7f0000002200)=ANY=[@ANYBLOB="901d0000", @ANYRES16, @ANYBLOB="080a26bd7000ffdbdf2516000000090309800c00e78008009200640101020602bf60393b8e8c11f6cd9517d218fb1332b73000bf0615509cbcfe065420c5a8267e38c3168162b01da5b94d7ecf0e134186aff62b953239185b0eaa5deac2d64935195b895c1a9410cd67f6b3e723b4eda49c1f83d8ad650ffaecdc3f8d2085c1f4a44f5c7f3110806bc714133668fc964068183d21c40bfd007b8014000900fe8000"/174, @ANYRES32=r2, @ANYBLOB="5707be7cd8848e7744de2fb3b8bd1dfbcab32ed5616e3e0b305ea367d9c1a760158c9e347046ff09af0a5f8bdb4724075cf1d6f3b30fceabe162bf7d38c2346cdc953da7703957c1acfd0b58c9848d992fd8d3d4ec080400098008003c00", @ANYRES32=r1, @ANYRES32=0x0, @ANYBLOB="04009b800800340000000000000000ab008680040003808352f74ae947fb23c79111bc17b6bf8c6c3d619fc962743d7d14007e000000000000000000000000000000000004001e8027a418ee81d8d4625e800957f968a786b97aee04fe05f579d40c5406fd0d5e", @ANYRES32=r0, @ANYBLOB="1800698014006600fe8000000000000000000000000000262000358004007d8008002f00", @ANYRES32=r1, @ANYBLOB="080017009507000006008d007b0000002000db8004001b8014007b00fc0100000000000000000000000000000400d0800400ca000400f380b1ac8cc2f2532445cf4f070f70d7db4240319ce22baa1cf45c6edb6123a7506113f7079cc5befdb7efcda99dac56274f77e6b4ca6b73f565baeef0b044e16f50868aedae53adacfda229944027b08ed35e913361503c477b8a27a558d116498ae75b105aef6daa44b7122d40822b426b7c575fbd2a8c94408c1d9b433df908c397a18891960715dcd2690800078004001a8000008305048074f21ce5a5e37b59bba86390d6a50f13a4e57d6930a27e61bdefaba25562857af34f54bbbf8dea09e7a686e70c823e96714d85668df3e2e9e7f9f4ca706ffd6459535b4d95db88cac6366775fe26b4bbabcdf79f129d7a62a73aa01b0ba3f0841be3c22f5235d97787ed04006700ec8e2fde77cc9bd71b33a7b512814872ac7413ad8314006600ff0100000000000000000000000000018500fa00c73c78455c0a7ca08f4b32c31a1d076653e2cf8b4c301619322c2ff6f53738535c3f71b2416c8b2b9c62fbea50ab0e7758015868ff1d31842799499e6d7cc3a5a4406b1c1686ca977cc478d2f25cc58157dc2f243c84004c1095aa042ddf3b1c22441999a56ee9bebe99594a2702bb9059b51571dfe10e6b159308cd4990becdf2000000147ef978ae28b1ef61321c766aa0a3016c8bc6596d6f3c6a9e9446250e8b86a258e6499b151e464b780fd59260cf4ce97e92aad0cb7a986f7e97491d9969dccae556fc5e507aee23f40c83991fe894a004094302893261344a2d78852392bf3585a819f96cfe3ed7a5fecb572454a7c0b2e676dab4d8d7b2357897fd1777ee5c816efdcd4444df833cc7978c7f54cde157e3cf7ccfa646c7235ab050abed6fd8677a46243793bbf5360b4b0d1a50eec2b37b1349afb4bb1e04dd13ef491943ffa0d4ae24374dc12a6fa2470c00ba006e6c38303231310004d47c0d9b4ad7f8f1ba5e1d4ce660da5746da27992b293af0b807528f50d0e6d2b0b41dda172fac34905fdf98d3a9c40763a69180fb674c8ba86a92a8d5c3ac005422a41b56f551334db5df652458ffba182a702b85d440044379ae1df187237977de397d8bfcf368bf761ceed204113d6ced259b58d060e305d661fba532a3f5e7a54f2194e6f22bfb7dfdd1a44892d2d87ee055110e72df2fd4743cfd5aba77251cf3b95e2c491d1454f3e35526fdb2e0daa740925be684ba711ccffeb3d031df3589a7eff265544c8d585cb4b2898ec8788846f49a21fb36b8db2da2ab1ef9a5025880c500f2008c2f10666443f1ac1a8cc60ad8ddc6a49e9e70c93aa8ecefcc6d50059327ce7606eee6f19670a825d18c98b36652368e2425406316cae751284ed1cee6a102b1784aa20c22843d1414e11dea7129fcc0e01e7d043014ffb1f2d13dd923f12beca055612cf1fb886971986086142fea1f2d8a2c46343e77a69c945859eda4921e04c1b15035eae070bd6fb6c8b83a1951480e0cb6c6c32ec2a90d958ba7bbad5a3f609a38e89b66ea6ea05d5e20383b5aa988fe761fec4bd3ec1b467105714c08fd0000000400a98036ffa99410db814df01973d68db033f4ee87aec2a3892d37ad2087ad0def0d948efa748f812c6d02424d38d8c88e1dd5049980f3ce2f4b66266222d08e96478ed174efeaa00b88389ae193eb30c196206d44b7915e039d40785ac0ddfaa1149b3d82a2e7cd7cf432ecdd877519ce49d7d4d9fc821ba8fb40726714cd8775b0d5af9863379226847e153d5a22ca94d7168c52c09d3e11e1b6c74d4b756dc823dd5ab47f79d75b62c0b872872040582510e6927fd5850e5d784d04002b8021164748b4a166dcf1799e5f9b86dac3fe303aa6feb1fe8e8d167a9e0cf465a586cbce8aa60d7b5fec02ac9310746e4c64fa7fef906e4071bd8ab49b95768cdcb0844158fd5df872be0d60a53a437f76359568956a73a35ef06c847f66eb1b00102b01ddbe1b62edc3626eb08ddce6e4285e41f236f4d73b6349f52cfe47010a6362ea7dcc494290bee854dbb918d06a3ada2227eb6dfb9d1346108d2b08f0e207d195c30fd1f65ecf89789aedc304f22e1d151e0b801572b23685b7e575e6743c184802e0e616fca6283f4011441f1638e96e337587558d698a2edd4e06cde17243e4cf12c44c4bf021fc2dee596bd8da56ce7c4a514aa94abdd637ab491b301736b54c14009300fc000000000000000000000000000001000000002300098008000900", @ANYRES32=r5, @ANYRES32=r0, @ANYBLOB="0c001c0006000000000000000800a6000a01010204007580000007020280fd00f980bd303502d572a153126393fcf955a7f3fc4b6effc2938fe89d05c24c13d274de030f62905fda4401fb967408b20b56ddfe2af28a54701b98c669538caf8ea9a9eaf01ab6307a64d7a290268db39ea238256f7e41647035a93ed2b9015bf9febc51c7", @ANYRES32=r3, @ANYBLOB="08001200", @ANYRES32=r1, @ANYBLOB="efaac42583e74436c25ab0b0f91b7d23ad8a318bd1d3aaf26f9dda28d46812e2264fc14f2b4eb8f61f2fb8b603da278bf19b9089193630b756d3e3c6182e240fd5fe1ce4c95d4f7ee6cafa631be1044301c4bb050f1bab91d2f4dc59253c370294736844c3daffee06dbfe9c5c0243f250b1c7a152", @ANYRES32, @ANYBLOB="0000000b00a6002d242940402800003d8dd36080fa7aa05b59b135f2b57c9eda9e52eab69a4c50d5abb614cc556824f73f6691cbca4326fd9b905235abff3f077b5f11cff5ab049e5e24b30acf407b963665f8323be4eecd9e9d9ca15b7561c456b6a8d7b1b6583d8db1671a7cbf986c606cd23097e42e53606aad329982da6d0a14de4362e141689da6e56898d4eecc97defd881a7d2ce5b8a87074f131688557b7a1d8638c0c67e386abf5d922cb90fb9a9ec5715ff287c2ca99a601a00f0146d433caf1aff5bf13395c86eee32620637a3ab607522b6ae1221bb9eac7b3712479e2f8c4a0f821386c3e17ba37e6b1c5df07d6129a6d2353e4d399e55c9fcefe2f2c7ad83c00040004803a000000b0030dea85a2ec43a7936b290b90f49ac78d7bce4ff8f9834e3e1bc51e40efe34a1ce6e0042d61d6c303f58a859d26ccb207e4dd2dd70000"], 0x1d90}, 0x1, 0x0, 0x0, 0x80}, 0x14)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)
recvmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x2, &(0x7f0000000140)={0x0, 0x4da}, 0x6, 0x0, 0x8, 0x7ff}, 0x1000}, 0xffffffff, 0x4, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
sendmsg$auto_NFC_CMD_GET_TARGET(r4, &(0x7f0000000500)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="04002dbd7000fcdbdf2508000000580019009ff882d45e23aa1282d04cf6f328c5effa48c0bbae3ae2f8be187c2bcd4d4af8939e3b33a3fca26ecdfb6cf658dd8575cf557946c440058348f497794ea082a387f37ea716eed5fa530009000000000000000000"], 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x4)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x230)
r6 = prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007)
bpf$auto_BPF_PROG_LOAD(0x5, &(0x7f0000000300)=@bpf_attr_0={0x9a, 0x2, 0x5, 0xc, 0x7eb, r2, 0x5, "e03f43200a26d5ea743998fb7500", 0x0, <r7=>r6, 0x9, 0x1, 0x4, 0x7, r3, r3}, 0x7ff)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r7)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'wlan0\x00'})
io_uring_setup$auto(0x4e8c, 0x0)
madvise$auto(0x0, 0x2003f0, 0x15)

4.807303124s ago: executing program 1 (id=1676):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
r0 = socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0xe8, 0x9, 0x2, 0x1, 0x5, 0x4, 0x15f4da0e, 0x8, 0x9, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0)
pwrite64$auto(0xc8, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00,\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x39)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
bind$auto(r0, &(0x7f0000000240)=@sco, 0xfffffffb)
getsockopt$auto_SO_RCVMARK(r1, 0x0, 0x4b, &(0x7f0000000000)='}\'.^\x00', &(0x7f00000000c0)=0x7)
mmap$auto(0x0, 0x40009, 0x36, 0x9b72, 0x7, 0x28000)
mmap$auto(0x0, 0x800400007, 0x65d, 0xffff, 0xffffffffffffffff, 0x20000000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ram6\x00', 0xc6fc1, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
write$auto(0x3, 0x0, 0x7fffffff)
r2 = epoll_create$auto(0x5)
fremovexattr$auto(r2, &(0x7f0000000000)='&\x00')
read$auto_v4l2_fops_v4l2_dev(r2, &(0x7f0000000280)=""/54, 0x36)
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, 0x0, 0x200, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
socket(0xa, 0x2, 0x88)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000003fc0)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20a02, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0xbff)

4.256207267s ago: executing program 3 (id=1677):
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x129800, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/dummy_hcd.0/usb1/1-0:1.0/usb1-port1/power/control\x00', 0x505000, 0x0)
r0 = socket(0x11, 0x3, 0x9)
r1 = io_uring_setup$auto(0x2, &(0x7f0000000080)={0x80000003, 0x9, 0x4002, 0x6, 0x4, 0x8, <r2=>0xffffffffffffffff, [0x0, 0x0, 0x1], {0x9, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x4000006, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x104, 0x8, 0x100000000}})
ioctl$auto_USBDEVFS_DISCARDURB(r1, 0x550b, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000)
move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2)
ioctl$auto_TUNSETVNETBE(r1, 0x400454de, &(0x7f00000000c0)=0x1000)
sendto$auto(0xffffffffffffffff, 0x0, 0x402, 0xacf8, &(0x7f0000000040)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c)
capset$auto(0x0, &(0x7f0000000000)={0xb213, 0x2c, 0x800})
sendmmsg$auto(r0, &(0x7f0000000100)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000080)={&(0x7f0000000040)='f', 0x69}, 0x1, &(0x7f0000000200), 0x8, 0x3}, 0x6}, 0x2, 0x100)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
ioctl$auto_SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f0000000140)="d5714e88e0b062")
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
fsconfig$auto(r2, 0x0, &(0x7f0000000240)='/sys/devices/platform/dummy_hcd.0/usb1/1-0:1.0/usb1-port1/power/control\x00', &(0x7f0000000ac0)="5509899aac1bb9e1cefe479edc23ccf45f686fbc07b70b54c7193064e0ca9484ada49e268add063c53b74035464bcbc7effac523e066138a666626bb336a59b5683f365a370d37d297ef8928008e82b204515fc606ea843a4da2a5bbf0f5b8b8709a82f0c9b6ed5fa27033ce89587fbe72d2421022751872ddd2010a37cb607f2701e6081888d43a8a1d69f2576c03ceea4544d072910a49e3aab17d57d1c8ea47bc8cb821f5e10286570c8084fbfcdd13413abc4ba16a2378a564270729912aa7b713e7bffbd270eb467eea3b198b85ac8837ce82a48cff3edb4c70bc95b3b7b9a1d7ccb5e82b0432976e98673c953cc8f198bd1ad9e072279330dada06546aa63f559f95be19f96fb3cfa5ec066d427955377a303827663a9873e0e7986b90d5e986ad69d58ce47ade717fe7f5c64900b6b62aa6501a4de64c7b03321b260853a6de1397ea230b1599dc622a449c6c1bb58393c72a8e77b1a0a14c1ac27819417a6cc7a3fd894a9ba1814e828a760652755e89ed9daff874aca06928f1830d34a35005f0f8b08550645c27c7a3d11273695e4a27833e603afaf590a9aeb68638e0fd9139b002526d10dbc9684bc9a4a706830cd74cb770719049c37774662958be139b5580fb46643a78b7cc499f0b4550e3cddc79f49a41455bb5cc63b0821e0610d4422e6f30449dca63125cf920ec6eff70b4ea466b1438b8109ed4cb8e646fb4f9ad10dbba275ddf622f298b7c6285a5247a701f64960bef048e7b6e2dd8579d37a4efdb2f532abeb9910156487b19a08d82da2414c52b41fb4e2b2807d706fc8f5866675162a1e651a96641e1a954d986304e54a47488167dfbde0cf175a54f2fae800c5d76f83f7e70e7b6d882b037737eaf525063cb066118170e23abf09ce966f4da02b0b5e1e6b4f3b97307fac7306b038316eb771f909220593952a9c395575e55d54fc422f61f2b60bbd798a6037bbdeb4ff413ccccbe2003393f29f64dc2c5ab5ae0a45fd31bf633d8fc9bcf36106ef3d9196545af832dc8c70c2b59fb56b0b47eb7ab37b222cf329ac762d783664d7753dbf51a2235db4640dd7927216595edccc321b93c0b9ab1ded09e2c009b1734545f8c85e78bc1533234756d64204de00bab14f52b1e19001bb5102520dc31ef1a0b9f9b7b4f45b80fe953e65576aedf56ab33c3a838e367f1f86fc3166939d88fe5937bc157fed1e820fff46f454a48c358432d038469208647ac1f8068d5e747f5e9d92617db778cc2085ea0490a93cd2fd54bed56df600eda611b42398041c04f2cb91401dafc0d19e50e5e1a8f0f98b0c8d949d42e8d75efd63c8bc0e6d60676f1113db99745a236445f4a00040886f175614f56342655af9db2e4eb71bd2006800e88c49f03687c4ca0bf2fc0f4433d758d0c5354403b306a75807f9410ef78ad3ce061d9566a7bc5f41134689fe563b7bf826dfe7fed466185fe6d1d055e5d0ce430b171c40a9de43a8280965e988ed74452302bcc9882174349de14e7225007cac18fcf9c1e21c6e4684e4c6233b7d503add74965a57ee9c39a40bc19f48f6443617c0372cc60ad69712644f300ecc4f5abeae27b336ec5236edf64afdece4748bc7ff396f9dde4e4c46f44043a72b4a36b286d23f2a66296e17b6d1f58f870d199197fe63715d7f074a8a1d1a462357d627b43bca661f36c3fad6e338321c746d528e120021a3f06ea0ccd434dffb57081247070c7536eb7def953556c51f7d67a666558d2464b8719d9c5736ed6e867c27b7e120b62437c0bc3b2d7e0bb5d061f2dad8e92e5f400cddfd56a60b39ba45b0cc1942e0321c870cf1fb893f82f837da27137bf173daf47c31978e602bddf0026e44ac0a56c1b4bf0736f77fdd387c77ff9f2d9c4db1399fa93939fce88baec91c1696481f8494bb5c69f3d29d1f738881e89431ea50a292f2d89dc1548a14ffc2ee2426b8cad04885b99528c71ac816c3e15afa9db2a44bcc0705af3c37366d57f0e4c090304c0f65f5e10da0d2ff3b0e17d0d468cb70c8f5bc3cb8cbb18097d8170dfa7d9ed59ad8130b637def7d5614c2bdda55662b189f6318bc74fcaca3e486767af3abf6ec0f3143936d9dc875d9cfc32cfb10e01e98d2085419de42d59c6733333618dc1991b86c39a8ffd689d788b2cf071a1979ad24b88a894a7db4eba227e68217fc1b3b6dbe151c4d85df35164cb72626cc975d7a6a9085a7ed9b2c9c7e65cca229ab8813a7f671145a4a02a4cc60c452b4a0ce4b7aded8be0da1cbf3523443a5c932e0b820c4d0b691bc5e82ce42976097eb454ab03f5e8546536080bd0a5a3a47746358be6e9f97952c1c0397f27a60f2d9be7f32729d1c4dcac39d698c7ec250958a3e2c062bd850235729e2f12ee6c530c589315e5ddba063d1586fbf60927f8c8a84f522fd01d950def4dd18c104a149ea0821c7b2d89e1b8dc809aa3c9c4411638d500d3100b49bdd542454c93fe2fb2c52e87edda4404f4818fa29465938a6e08e618f51336feac3ffe890a24d536626bc0e8f917f178ab5a1eed1f5db04f06ce556c4fee69cfbc6fbc3dbd6f0c8b8ff603db97c146fccd6318b8392a41651ccb43f8a0dfd4e53e0b9b0d32e4e3fb5f2cef1067ced3c022b236af098951eefde4c4720af3aa0d87ab521a1745073b68996b36a7f16776dd5a162f06f1e6d89e6ce8a4337866f6d66ec7230e54ea6891bf1c8ea3c9faa0370b80deec42f1ffa10b5ff1fbb09943d69f129b74da86209ceb42b1491caa17c39fd620285b39211aac96bce7dd164325c759a4a1013257255285649bd01f19c4ef32b95e3a15d26f37f20f8e27aef51fcd8b2975ce0d80018693c8c34676e1c9cc214c485054f48e11d508941ccef4e5728fd52f4c7122e632d372d40e1db37f1d1ea662f87e83b89221f8c6f0ed52c4d737c343820f3945385a1dbb1ab8a71823d66b777cddcc7fa42f3ab57348a499ca95e86a482b2af33c508595850c2eacb23ecf6fbfa57c17e5ef899f64377139aedf2720ab21ecc1486d6d06b1cff9c7aa29bb3c9707baf1447abcfb7f4e5bc74125899273ba5cb04415f1feb25118c09d5524ed30efa3e9cb3e849fe96e9aca83d28d24188cfee458b84d7cdc8bb5030bc257d5d06db42c1ff790bdb23770fff084009732daed76c5af8ba53b424c4c3197ff484579798db1396f5e1423e0dafd6f595f6d68b0ba635f1ce052045b2ff66552169bd76524e447f5864849ac5368fc333ab4a4604d2126bae64e230b0a6c6e86de56443aca35850342f1a32aa3cdefabb6ac0c1d233aaf9d254fd1a52e4571da8d07c426721a382e2dc764767d5a6822ff76ac9091ad2b1d14fa783d25286d2a4dfdd29a32d9544598cc83b96dab3b49f345f607e8d7cee9a191dde2cb579bff84d0fb27bb16b5bd5b6f818b6884e7e62a482396b1f51f127e427c1cbfe0fa5fb3d3d9d727f33db6d0d39790245cab8708d02c4ed0d9dca65273a9914d0032db1676078ae3a9cac34127e913605526da9cdc0cd64e97559f81242815cb161f8bf17e0a78595f6ae2030b3119bb1354a65332ae0a38a940dd3858b45aec5adc5b9b516d09bb19545bcc7996dafb4291d92d9dbc73516796911230600c4c2988248f73d6be0de4de0e98fc9248d264100f8711ad6a8c509a20d3620b681ad5864de6cb7f7c5516493ec4d445f173ba6fe6a89a88c6ad05e3fb75a4a82d429ea6b173536b3aa266b6bf39e3ee5eafb4fd9c76bf1fb8cc064b2953b57f03d68c519d4171c8ae9a0acf94d98ee3a2b9021bdf81940a405f153471d7131799ae3ff05f630814a23ae12fd586c6e615e655c964a7dffdcc137778d23cdc014342632b1a47ae4d4434c0627b0b89e4e33f2c2753873762c8d35016d1741020b1bd8a116271a397fe1ac954511fd080f056f19fb1feacdababd6f5069955524f2b7103841d643d697d6772ddfc6a6f37fddbee80073285052627466d137582f99e6bd9967aa9b51e89249f753444aa15ffcd129205669614d84bd6f8349da49de796a635955008b3b1bc6bff834f743e665892fe5bb4e7c39dfb4322990c82f74e7d80d85828000acaaf5fb6944be51fb953ed2e16618b4b85cc9219d0e5ceef9ca1e3adcf3baf9eaee51098e1af7e022d0c638074a4d8febe84aa7f5e4aa3312e72adda9e645ba7c5b974461383b8a95f41762f0d50f99a65065fe44cffe040c3e537f166179792fa568bd119ebf966fee7eac1f603db6351b03a9040ce86caf3bdb2bac23825e1edf880d7141f69b8936a5703bab943a48f33adbd3939bec3fd150505385d88301aefa26203c2ce6494e629840120392a671b21d805270374080109afe777ab333fb2d37a7f8216b8fef0c983644b671a080e8e878786c5f6c751c5d1b9e61e1bbacefa0738f7bf404f2ce10b78c030ac4e45ba3f851e9512f4041e5cb37285838523410ffa326a32ab779b23a223ff3521441860d9aa4ca9e251e6362553cd7c19d3ad7b99aa0a5c15edb2dc2eda125863a8871dcf1265ffbf856131ed3c9cae40132886bc92a9ca7cd561186446f0b67823f93b905e069cc349bc8d643404a3b0d07253727be5db3c13bf0f5d680324535f19110c71ec36dfc3f1bed9128ec503feb978292f08a25b256baad402ec3be3413f9e585588f4ac82604d444c0367429220f619979b1d3949ab5f73282a4977826cd62fd3e6f28ac797ddfee5f47c666d32e29093753776ca7632136da43868312feacb719d2281a006f09dadbb48b69d5390748f85db65d15ce5cc8781c9f2bfc5835c9b46dab152a0fe7fa629be13b123b699e44682fee284259f3877abbacb9054757d2c089e850e05dd57427869c0b94ca573c04c76f4f3ebacbb68a5c7f0dbd2094e37f1f2bc13583c279dc414dfa81a6d3340cc584273cce6d4f03aa98345b1834f99f837fdadb9406451cb65c7ea9d77757dbfe0b067c2feef7f9a6042ea4339416b728d1fc17e4b0d06a20973f80ac08a74193333447653b2014d59ae7e07c2dc60371508f00a1f3fbab1f557874312010ee84612b16d9e3de6687da2766de609d85f02613b11670acb249ff35386c2293ae5ea65899dd1da59563c90fd83b1176e68e52975487a495f8220e91843fa252a208ce8b3c1b9d1423a8c545a8cca335382f07ad6853344b79ca99511d9561affdbb0dad6b22ea8c090c9359928edad684e83f8927b9d4a7ba76e8e360fd68c262b096808624144714a86e84830d37b6a979e4cc6adc1bad72364b1f804d9b88e871ed3b79c187cd3dc19df0f2d28f25644d076af273f7c68756dea933ff3fd82356fd3214fed3fa9730f7e38b447c42f5011d6e68d26cc5b996e0dbe83ed43ad71504ffbe0585d557a5a9091b71d368a239e946531a2f050416072352aaa6c96dd0c762164411ff622e5ee9317a1189dc221f2a015a1a2d19738eff5f8e9cbd51462b17098897a3f1e83b9146ff8ae501aa9ec2452a0609f5d54f61926b2c9c9b98e50c4594b667532c3507760998329d6b2fd25f81dbd4884dcad4a642465508cccabca49bd6d8e2f2f166b31bd4d1d8aa358b8d5a8132536fe0c2829cc52d4df190a3aa5e93172d3e88e68f18173beb7cb0068a6100c9d27e7ea88ccc06956c068eb2293355384c9d33a3544a020834fe9cfd22732323ae79d4d85a9117f854537649c3e6fb7281340fe3f08ad100620ca6dd90ea73fb81333b8caee380800a65505c283489f62138a39efc7d22535903d73983807f6216a4a02aafefa5df2d27612515c0", 0xffffffffffffffff)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
pipe2$auto(&(0x7f0000000000)=<r3=>0xffffffffffffffff, 0x0)
setresuid$auto(0x2, 0x7, 0x8080)
fgetxattr$auto(r3, &(0x7f0000000040)='##[\x00', 0x0, 0x100000001)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8fg\x1b\x04\xad>\x96\xe9IG\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\t\xf8p\xc6\x00\x00\x00\x00\xb9\xac\xde\x0e\x90\x18\xf1\x13I\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd\x14\x81\xbe\xab\xed\xd5MI\x830_\xc2\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xees\xf0\xc2\xad\xae\x99\xeb\xc5\xf0\"\x92\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14\x94o\x1b[\xa8]\x9b\x03\x95\xc3\xad\xad\x1d#oi|\x04\x93N\xfa\x17\xf3b\xf6\x00\x00\x00', 0x0, 0x0)
setpriority$auto_PRIO_PGRP(0x1, 0x0, 0x401)
symlink$auto(&(0x7f0000000080)='.\x00', &(0x7f0000000040)='./file0\x00')
openat2$dir(0xffffffffffffff9c, &(0x7f0000000340)='./file0/../file0\x00', &(0x7f00000002c0)={0x553c81, 0x10, 0x13}, 0x18)
shmat$auto(0x0, 0x0, 0xfffffffc)

3.962558404s ago: executing program 0 (id=1678):
ioctl$auto(0xffffffffffffffff, 0x6, 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000600)='/dev/snd/controlC1\x00', 0x82200, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r1, 0xc4c85512, 0x0)
r2 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x15, 0x5, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop8\x00', 0x20041, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0)
io_uring_setup$auto(0x6, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0xa0681, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x7, 0xc45d, 0x80, 0x6, 0x3, 0x2, 0x3, 0x3, 0x62, 0x80000022, 0x7, 0x6d3e, 0x2000000004000009, 0x2, 0x6]}, 0x0)
setsockopt$auto_SO_PREFER_BUSY_POLL(r0, 0xfffffff2, 0x45, &(0x7f0000000040)='MJC802154_HWSIM\x00\xcb\x0fX\xc7\xfdx!\xf7\xb5T\x04\xad\x96\xf4\xbc\xca\xa52UWT1\a\x00\x00\x00\x00\x00\x007\xc9\xa6\x8a', 0x7fffffff)
read$auto(r2, &(0x7f0000000080)='MJC802154_HWSIM\x00\xcb\x0fX\xc7\xfdx!\xf7\xb5T\x04\xad\x96\xf4\xbc\xca\xa52UWT1\a\x00\x00\x00\x00\x00\x007\xc9\xa6\x8a', 0x1060)
r3 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0)
ioctl$auto_UI_DEV_SETUP(r3, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x8, 0x80}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0xa})
ioctl$auto_UI_DEV_CREATE(r3, 0x5501, 0x0)
writev$auto(r3, &(0x7f0000000340)={0x0, 0x18}, 0x8)
ioctl$auto_UI_SET_FFBIT(r3, 0x4004556b, &(0x7f0000000140)=0xc0000)
read$auto_snapshot_fops_user(0xffffffffffffffff, &(0x7f0000000380)=""/218, 0xda)
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000600), 0xffffffffffffffff)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x6)
socket(0xa, 0x1, 0x100)
prctl$auto_PR_RISCV_V_GET_CONTROL(0x46, 0x3, 0x81, 0x7, 0x1ff)
keyctl$auto(0x8, 0xfffffffffffffffd, 0xffffffffffffffff, 0x5092, 0x2)

2.963791356s ago: executing program 0 (id=1679):
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000d80), 0xffffffffffffffff)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x1eba02, 0x0)
setresuid$auto(0x0, 0x0, 0x0)
ioctl$auto_BLKALIGNOFF(r0, 0x127a, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x40000008000)
sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800)
sendmsg$auto_NL80211_CMD_GET_MPATH(r2, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x41811}, 0x40000)
close_range$auto(0x2, 0x8, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$auto_KVM_GET_MSRS(r3, 0x4068aea3, &(0x7f0000000080)={0xc0})
kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x800c000, 0x4800c000, 0x800c000}, 0x4)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/bond0/bonding/fail_over_mac\x00', 0x103b02, 0x0)
sendfile$auto(r5, r5, 0x0, 0x8080000001)
mmap$auto(0x0, 0x2000d, 0x4000000000df, 0x40000000000ebd, 0x401, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0xfdef)

2.96315888s ago: executing program 1 (id=1680):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
r0 = socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
r1 = socket(0xa, 0x1, 0x84)
r2 = getsockopt$auto(r1, 0x84, 0x9, 0x0, &(0x7f0000000000)=0x95)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0xe8, 0x9, 0x2, 0x1, 0x5, 0x4, 0x15f4da0e, 0x8, 0x9, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0)
pwrite64$auto(0xc8, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00,\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x39)
bind$auto(r0, &(0x7f0000000240)=@sco, 0xfffffffb)
syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff)
sendmsg$auto_TIPC_NL_MON_PEER_GET(r2, 0x0, 0x0)
getsockopt$auto_SO_RCVMARK(r3, 0x0, 0x4b, &(0x7f0000000000)='}\'.^\x00', &(0x7f00000000c0)=0x7)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL802154_CMD_GET_INTERFACE(r4, &(0x7f0000000300)={0x0, 0xa6, &(0x7f0000000100)={&(0x7f0000000840)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="05032cbd7000fbdbdf2505004000"], 0x14}, 0x1, 0x0, 0x0, 0x4004010}, 0x4040008)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x4)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
kexec_load$auto(0x8, 0x0, 0x0, 0x9)

2.804629977s ago: executing program 2 (id=1681):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
r0 = socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000", @ANYRES16=r2, @ANYBLOB="01002dbd0900fedbdf257e"], 0x14}, 0x1, 0x68, 0x0, 0x24000000}, 0xd0)
sendmsg$auto_NL80211_CMD_STOP_P2P_DEVICE(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000040)={&(0x7f0000000340)={0x1218, r2, 0x400, 0x70bd27, 0x25dfdbfd, {}, [@NL80211_ATTR_IE_PROBE_RESP={0x105, 0x7f, "8837e2b3db3d9e5f406a9b4c7f8b4db3e32db6617cd579bcc5ef313b91b7f2c8dda2038995755e0e7bb573479cf8cfa37b2a4720328eb959191c3b8920b6e4668f09cce0bd7aa5ad8a5fa72fe80ba2e2f378055fa27ae61eb32bd920cb46905fd88cb0f8e26931629bf74cd70e04384bd9d3e41cd805bbebc347c6a98c3becd1da6070ddb5db01a8f3218ce611c3882da018a8beb0419c8aa518005fbbbadd598395f87edb26ca9ed841c68e34eaf8d73c3f52f2c73fecb98674942368acd0e061cfed35e0c9ce047a065c068e14cf8d065c15facf725229988535e5ef8ca0185ab8edc24e79b0ce807d59e701612160afd246379eb67bc8e7a3e0c694d5bc0501"}, @NL80211_ATTR_CQM={0x1020, 0x5e, 0x0, 0x1, [@nested={0x1014, 0x2e, 0x0, 0x1, [@nested={0x4, 0x112}, @generic="3b7bb7bf3907d514bdb2c1ed840303b0ea20acd45b306adb10bc0c675caefc2b61dca4c034ab2aa01b0b14464316fd84ae71d1787e4ce7620ce0b578e1a16ed22bd812add6d5e5ecc293ac318f6bcb247ee5a5343c452501f493ada8925d16afe4b6261d5697bb1b3bb65a6ebc2a7ba8fb36612f0a875cb1a5de674d59c504e99082048cfdd0950a1e734b45f2a57b1babe473ec012d1206ffb573276a47b0d30f0454a65263b75c788c1b209968f97ac3b97acc2d3ceceef9af00890bcad19759306e1d8d7280d869e925f55f2974a33c6b3976f328aabb0b8947bbca3c4d73d9176e9b325a6f9a0e8a3a1f3680166611b804bc9d4be9cc0ee8dd2bece683773cd65fb7fff75d18ce224fa33ca5f65a8634f3b9cabb9bb836dd56f32162af23927c1ba504584379440b50cc5c5db4c88f9a3b8d59806dadc39231047bd3e8c6d0a96359af6000c3a0ab40f5e27deeee5e798bf6db8c3662c23c4f7221c0a75ddc71ad83d740cfbb7653a1285e06a4b3a8b45aa1479db7eea9f40f748bf8b39b5fe09df138d6681a2b4a8cf2ac00f4edf43364f804032f37850592ff71cbc646613b444c79b225f57031180e1eb61fbfd848502e79367f90613377de685f1285b5af8b552c9d19a1cafb57f4ab97b0e25ae15d0e36363130190673cb0e5f88305d19c5bd0beca686e2d5281ffc90cb815dd2efabdb854c36dafb44c094cba37e13e298668b8a81ca95dded573249ec128c0c64661415f12d8a204ce829728be6e7274c4e71b77dea31e7acd7717a4ab185b3dcca774b90e12fc0d4386f3c23499d4c9f3c0b5778d36187bf211817d1c7622e6dc8c921d0db4068a8f6588f3f296a1638c5fdb0a0f3158429d4752470917e884509b3411cdf7782bbfed75a3106904c748e4d723ed2fabe3a538a887c620d30581b3d203974fae1c26d941bd220c507e03bcdeaeff2cb3137216b3df0452b077081929eb31a881dd9aa6b35660375fe65a6c53552ba46bca23409e4080dbc17df96dd894ebf7f3248b0b9af8140655e6e5bdfcc4050a3654c6670897b3414d106c7ea1ef3a53b55fc9267ac63da86b278410e93e1c5c2f61bde298e4566388eaec5a277797b799567f82103e04542fa2af2d894ed5a17b016ab129e16c752209d40761c73887479a27613beed24c8f44f0f25e6e59e6c69e00ab885a33502a2083d88f52387bb3eb3ac079c8f0e9ec2e66dbf27399efe900ce59b4feac55e5ecf02809968d7d16b784a362548020d992d4a61f7bb60ebc84f175b8c22c0a0cbd9ce0eba1f01652bc2b626734f4d0c708a087b3ee3da203bd6a5eb8209319951febbc7034cb22e1ba358e1139acdb6d98a47c161592a6e2a4637b010e90eb7cf9fad447d23fbaf56302d2cbc7f67ed5a08176c45a37a090c24f4b1ae9c7673ca56735e0f04c5553665bd3237cfdd70591d7f79101363d654641b49866c3c22d6e0f2788e2443f839d5843e3c14fb16c3e3da63bc194376d0891290d1e53a279f09612909c507618a7b240b9bcf74e118dda82d1da2565e9c989e06df404af6b8a02b94721dc099b12a74d65c04b6179a0894c809bfb965a996e5f5f3ae1b1b0228fa82b154c4bf4b7936582736d1ecabac41bafe839abe7d42e9c581d6ceb6ea63a595f1d8ea21bf00be537fd6c00c4007e525878e8188254ddbcdf73ab27c793853294c1a2443c9312f352aab7447d116fb6b68f7613658ef197d52a51855fce33e89dd41d1ac29281e92e216795a2c5eed1f82501db9e9a9bbb6a91f8d9845754637a6ba9e5bcc79b80f83ce627d5405235d4e01cff78c57d1fa237cfae5e0daaf1e2d2b9c81b0fed051af89e13a877da528cb486aff9b6dde684649d112f659c064b27b9975bf8143c111124a9895fae82d6959696dadf1ecae87cfe445e8dfc7c621c3deab5b2eff4b6ab9c7fd6ff9aebe7637dfb6b58f54031bc33c44c660ab0c4185384ecca2b7e8d539f01645f5018f700c6b74d6f68bd56eef88f189eb235e2d87f81360f456a7b2a69fc306f9888c7b90455401cab944f6b5d863157d90da490e4ac03cd254775c06d97462e7f87a63eb18b44fafcd7f1fef0ad216d49795d43fc8cdafa3263fc655b3b283464435443e2c99fb4084aab5a2b64434fa6ca73f83b6497ca0cf2f06f62bfe224df0841b80dbda3271653a19b467b37b0fcc27aa0030eb9be439e595f032d46f289b11785799c6c8e8afe03abd41b0da35c1234bc6f7c130c99a9be8ae372b1b0dc606082d85a59ab332f15e888614ee0859f8312faf9fd36a24237d65403d636859d8da84993210767885b7a6dc9ddd62723ce2b930198c39cd901717daff28a0c4682585fc08d7df3289ce1060901fa61e0b54776df6f0fb0226a5e3d0a0ce3219400083e594acfffa35e8fd9d5763318efba93b2af67f76a01548accc736ba9459a990374f35621c848257721dc9d5d69a9cf27aa642e8608f4b5f0dcb57f588e95196ffd46109868a815940c9d1629db360e2f5fec9aba93038175aff64c1920f435c00cdc97576dc76ab872a53775773c9e3fc3a40b62a78fe68dfc39ca777b351e0c3788dbb5628c8aae462fb7aeb279524a04c2efe67a91f6b3186d0ec75443736980e16aec8043bb75467da061456cc0a788511f52c3b6c0c106da191266a7f901273bf6a56547a0784a20171386860376064a31e0c7270f99e1641a838a3d854db9cb876aa214dae829d059e80576e4befbbb8a1ba1449b18a8f58a08d48865bde51ae8dca989f68928b88096f93a03de2f41c3ac4b65efaffa0d5112ef043289f2e085d37abcd985f192d417b5871fd15140950d0a9d81168e67d19fecd9b63b9c815bb95c77e33ee265a1a2b6bb1c11825e3a67401a4eb55812979fb556c7538461b753ff8ab859d8c474dcf36a037f8048aeebcec9ce432dd48c2ff0db28b7f31354d9e2c67ff160120d620d5074e7dae62b01f428e13d60ca75fce4f6b87ee4000373912f34adf74c687b6f93c72ab3fd813a1c8639e67368ca91e660ed9b81bbc3848ddc6b287582e9e63a10a82aedc220308afb37d24dba49b324ffde9c3dce32e0c102e45149bb99dca6d6047d0eea9521068ac2111445de1fef0da36963966ebc0dffcc212d97fde40106b8145cb8850c0026ef36c68c20d96fd4be9d113fb83b32020bcc4dd76fc44fd2be62a27e19536391d4b38519339880db0d1bda291fc797d8ade1a6ae0ef0ab415123328c7c5de0015ab4dfb198bae2b73f02a62f5d349d2817eb0cbb43259a5f92f14a03d85869483785cc446eba768d6d7773d66a7634f441ef1fcb32f6d9bf02d31c219a5cce97b75ba6e06b9bf726bf722deb7e94aa09bdedda76f35032f226186b7ebb977612a5e3a44465886fa554d4064a54ef02863eab8caade42ce859fb1408c1e6b14746a67613ffa651c581cdfb2c87782bc14aa7e010468fb2d7749e25f2cb5ac72b7b5fdbf5882ed1f1a40855f79d71564c1ff088eb4a6238cafb52cbb83e93273cdc1d2fc47aa648bfa08df50535deb53a09f3957de9fa75f724ac5e742208062429bec30685afa01d420782d29e9bb683e7afd83de02390f649a09d66544c10c33f156d731b7e27810fe363e1a6925e7d68a836d5f4892f4e6966e4369dba8998dd812f95ecd332acce885d1d0d6521542cd2818a15c2442965fbeb708e47414b50acf56f16a1fd08ffb9f5477dbf6d4b1d699c147822257143841d06752bfaef8bf15007215a9a7fa46aa7922d1ba212f6c7da8192159f27325d41db43623b8d0c96c8019dace1df63d93c5946600329366cb7a6ea207b59140f7c6deca6cab9e510a4877014cf2e5f62ee3629f46dca665ad4927d4f181e744f382e1b3f39c9ea8737059468d84794b36e87f07770fdef63654e52ee4743424f5a27184e7e78b73ecf3a091c4a73d0f88931a22e1824793e5a7ca4401d006522e63c24aef462a4f8f4362fdf147b3cefe9f452151c1d8551feed515b8e831255befc327694cd60c510f8d38b766b383a7aefba50eaba55926e968221d06e82e8a04eb233ae4e9f653414c3adcff4fb23ae8d7d07b4dc297b07d64e1156021b32d2bd0d5bbf72e66b54a5a0265da9616de712e9cefe8c6e4cbd14397af093aeb90ae517a3b0358b439c216d398e75fea98ab872a6a18fac0e937b20fb48e20c959b55ff13498e9ef0cabe60a992d74036ee244727475688c2c813bc8333f19fd61ac9ef91559818a09f1aeb04496d5bb4a3ed7d0b679da4a341e4f9c1412242a8bc306ea1beb7a4658754e4b4a3d9113d7bd19f440fb910974f05c9cbf3bf1206eb448c794993744523e2ab7641b108bb1a83ad8afb14632dd44ea8689a1fce08a818878951f82aa51679839a1b2f01076af4daf7a09eb10642faf359829b1786beacf7b08504792898e446323f126615bb3eda78b785fe77a31448549419a58899f2c99dcae3e186ee134475a265f58f14795f5bd9282b1d31592ecf74b71055a484dd6367dc0d8dd2a9f77c27bf1bfbd6184a48f7dd181cdda1e3b152e461ea2a18ffc3f2022ca17dba1d2df4389bf1dd09156c6e66e83b0542d0861ae66b6d4d53404216d357d8c9e97e56f2d86c377847e591b45c5ff32221208a2b7bbaad8ff74fb89864346ca4df81db90b4fb8ef2029061caf5145c0c6175500db7d88d9b688859fdf4d9c51ecf1a88fa4311f03d1538ea33bffe48e7a121b394c60040e925c2d744d59b9a3378a770b03ec32c90989ff877316b8ff37957cadd5d7e6b2e8333496057cd70305c174dcd638390c850cb0fe50e32d3a53d346332a4455c41efeddedb6c8ee2adc2f35ccfd0f98f7cec17e5ab5035e0744f7ec308b4cbb48b46efe41949fd3c1614d4a53abcf18b356ed5b82dcd6e6c2464cbc7dabaa7cc3a985bf88787424c21914fb3b65e081067a720b4a01b7d3487bbdb73201f6b6ebeea54c4ef44c24ce0a5693e3f7c54427027224ece851004ed03647eeaa191771c9ffb95c73f9fec149f6abef02a154566029de1383462d7e7d5cacacdad4a86e4f125e9e069e5ef0a6d1b18374dfeb6a1e29fcfb076b7a1d8db425e8a8a293cba2ca69e725c508d63d2a57b20f07aa42e56212a74f978dd7f3d39f8a2f2e78f6cff4a4eb01b96e2e4d82e0b93fe9afa3ccdc7430270ff1c85fa180b0cdf7a7ee544ca14a3595366b640b386144b5f5fdfef6ae8e33e9a5321462b9d6c9dd991a8046569edc6055c59f7d989f219cc26a9563e9082da403037096e67305243a0382d1f5abc96e607506a970aea30c0530b1501038e760ee55079f5e3cd5bd6a2033134fba881a26b57dc317dd925ae8fe80e362ded0a6203961f74edf54fc1f8c75d9a9a1adc02f2aed47f8c3df69d778f66d8e372df4c6d8e0840bd9362143f5e55d69ff364e5d081f4f3cf0359af279ffa5d8440d8a4fb31eaf3260e92ab4c19f234b693085f818b57224536f6c1a1749fbe6aead24f72be945cd0e6eb9e0aab7e0ec99eb9662dbd0108daad9e81e991fd610543d477a3546a382bc36c8c3652b527c537ec361ddba083125e1ecfa7841e3efdd491a23b17e804584c249c388592c6bfbe8ed8dddbc8b6dbcc2fca6a3a37fcecab4945f8c5a1b2b6d77074eaa9dcafaef8504a808c4e573bdac3e30bf0f33d0458ff6a8b3484cdd9af2f9d0242e8f3ec700d58aca853c6c5b4c6db538e2b26d04bee7216bac69f4a3294da29c6d7f25f77ea4678187ab4bf9ae6db07579d05b857794827677a9c5a36d5c2d80fdb6f507ab51b7e0ec", @nested={0x4, 0xe}, @nested={0x4, 0x68}, @nested={0x4, 0xcf}]}, @typed={0x5, 0xee, 0x0, 0x0, @str='\x00'}]}, @NL80211_ATTR_SPLIT_WIPHY_DUMP={0x4}, @NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, "e640229435d0b0c20f41d496f46fe01814df377cbc677f82566d"}, @NL80211_ATTR_MLO_TTLM_DLINK={0x8c, 0x148, "372006f827f69c2232e18f284e84bef8e1ee92e0f1d9c875b89d43abcb15a252f160dcd532548c6d8ba9eb6cd4ba9375c480b05b159deb3bf27697486ad08322c3ac0e3bd56a5626ab1a8711fb21fe76cd08aa459540b4532c840cb17d05dbc6620cbf80ae214fe8f6cf1bdc1e72b0a6079e2d3e133538e687357f38504a6413acc0e84509153fec"}, @NL80211_ATTR_FILS_ERP_RRK={0xe, 0xfc, "1fe75868af738cdfd10e"}, @NL80211_ATTR_MESH_PEER_AID={0x6, 0xed, 0x5256}, @NL80211_ATTR_KEY_SEQ={0x14, 0xa, "ddbf139dddb41598cfea06c4812ac474"}]}, 0x1218}, 0x1, 0x0, 0x0, 0x4010}, 0x4000800)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x2, 0x1d2c, 0x3, 0x4, 0x15f4da0e, 0x6, 0x9, 0x100000000000000c, 0x8, 0x4, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0)
pwrite64$auto(0xc8, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00,\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x39)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
poll$auto(&(0x7f0000000240)={r0, 0x3, 0x9}, 0x3, 0x8)
socket(0x2c, 0x1, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
timer_create$auto(0x9, &(0x7f0000000100)={@sival_ptr=0x0, @inferred, 0x1, @_tid=0xffffffffffffffff}, 0x0)
timer_gettime$auto(0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r4 = socket(0xa, 0x801, 0x100)
setsockopt$auto(r4, 0x6, 0x2, 0x0, 0xfb3)

2.107112308s ago: executing program 3 (id=1682):
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/vidtv.0/i2c-0/dvb/dvb0.dvr0/uevent\x00', 0x183800, 0x0)
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r0, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x4, 0x200000ffff, 0xfffffffffffffffa, 0x8000)
r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/pagetypeinfo\x00', 0x43102, 0x0)
read$auto_proc_iter_file_ops_compat_inode(r1, &(0x7f0000000180)=""/178, 0xb2)
io_uring_setup$auto(0x59, 0x0)
ioctl$auto_RTC_UIE_ON(0xffffffffffffffff, 0x7003, 0x4)
socket(0x15, 0x5, 0x0)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff)
r2 = pidfd_open$auto(0x1, 0x5)
syz_clone3(&(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0, 0x0, {r2}}, 0x58)
clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x5)
r3 = socket(0xa, 0x5, 0x0)
getsockopt$auto(r3, 0x84, 0x24, 0x0, 0x0)
syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000040), r3)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
ioctl$auto_USB_RAW_IOCTL_RUN(r2, 0x5501, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/nbd12\x00', 0x6600, 0x0)

2.049232969s ago: executing program 1 (id=1683):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
r0 = socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
r1 = socket(0xa, 0x1, 0x84)
r2 = getsockopt$auto(r1, 0x84, 0x9, 0x0, &(0x7f0000000000)=0x95)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0xe8, 0x9, 0x2, 0x1, 0x5, 0x4, 0x15f4da0e, 0x8, 0x9, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0)
pwrite64$auto(0xc8, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00,\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x39)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
bind$auto(r0, &(0x7f0000000240)=@sco, 0xfffffffb)
sendmsg$auto_TIPC_NL_MON_PEER_GET(r2, 0x0, 0x0)
getsockopt$auto_SO_RCVMARK(r3, 0x0, 0x4b, &(0x7f0000000000)='}\'.^\x00', &(0x7f00000000c0)=0x7)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL802154_CMD_GET_INTERFACE(r4, &(0x7f0000000300)={0x0, 0xa6, &(0x7f0000000100)={&(0x7f0000000840)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="05032cbd7000fbdbdf2505004000"], 0x14}, 0x1, 0x0, 0x0, 0x4004010}, 0x4040008)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x4)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
kexec_load$auto(0x8, 0x0, 0x0, 0x9)

1.570772804s ago: executing program 2 (id=1684):
mmap$auto(0x0, 0x20008, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x4)
socket(0x10, 0x3, 0x6)
socket(0x25, 0x1, 0x3)
r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="f0020000", @ANYRES16=r0, @ANYBLOB="01002dbd7000fedbdf2505000000da0203800800c000e000000204002a000400110008002e00", @ANYRES32, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b32dd7c33b14cc842bc1e", @ANYRES32, @ANYBLOB='\b'], 0x2f0}, 0x1, 0x0, 0x0, 0x40000}, 0x50)
io_uring_setup$auto(0x5d, &(0x7f00000004c0)={0x52, 0xd, 0x6, 0x6, 0x7, 0x8, <r1=>0xffffffffffffffff, [], {0x1, 0x6, 0x8c48, 0x29f, 0x100, 0x2, 0xb831, 0x5, 0x2}, {0x100, 0x20001, 0x52, 0x5, 0xfffffffe, 0x0, 0x76c5, 0x8, 0x100000000}})
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c001b"], 0x1ac}}, 0x40000)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/net/sctp/snmp\x00', 0x4000, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x7}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
r2 = socket(0x1d, 0x2, 0x6)
r3 = socket(0x2, 0x1, 0x0)
ioctl$auto_SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f0000000100)="80970ba1a76dc537a527986e19eb07e65243fe182f8987b997162ec03f54104d2b5c99578c03f986d7746cacdc18378856001a88e7248c237d28f21e15002085c007e67c08200e643b93afbe7ac6d9cef590fadf")
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r4=>0x0})
bind$auto(r2, &(0x7f0000000040)=@can={0x1d, r4, 0xfd}, 0x6a)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x21}}, 0x40)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xc9\xb3\xbc\x8c\x1dga08\x90\x86\xdde\x1cJ\x99\x00\x11\x11\x14\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xfe\x80\x12\x00\x00\x00\x00\x00\x0fo\x84\xfc\x89\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#\x1c\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd8\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xaf\n1\x80\x1a\xbc_\xef\x8b\t\xcc\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xfdef, 0x3)

1.231024532s ago: executing program 0 (id=1685):
mmap$auto(0x0, 0x20008, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x4)
socket(0x10, 0x3, 0x6)
socket(0x25, 0x1, 0x3)
r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="f0020000", @ANYRES16=r0, @ANYBLOB="01002dbd7000fedbdf2505000000da0203800800c000e000000204002a000400110008002e00", @ANYRES32, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b32dd7c33b14cc842bc1e", @ANYRES32, @ANYBLOB='\b'], 0x2f0}, 0x1, 0x0, 0x0, 0x40000}, 0x50)
io_uring_setup$auto(0x5d, &(0x7f00000004c0)={0x52, 0xd, 0x6, 0x6, 0x7, 0x8, <r1=>0xffffffffffffffff, [], {0x1, 0x6, 0x8c48, 0x29f, 0x100, 0x2, 0xb831, 0x5, 0x2}, {0x100, 0x20001, 0x52, 0x5, 0xfffffffe, 0x0, 0x76c5, 0x8, 0x100000000}})
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c001b"], 0x1ac}}, 0x40000)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/net/sctp/snmp\x00', 0x4000, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x7}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
r2 = socket(0x1d, 0x2, 0x6)
r3 = socket(0x2, 0x1, 0x0)
ioctl$auto_SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f0000000100)="80970ba1a76dc537a527986e19eb07e65243fe182f8987b997162ec03f54104d2b5c99578c03f986d7746cacdc18378856001a88e7248c237d28f21e15002085c007e67c08200e643b93afbe7ac6d9cef590fadf")
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r4=>0x0})
bind$auto(r2, &(0x7f0000000040)=@can={0x1d, r4, 0xfd}, 0x6a)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x21}}, 0x40)
close_range$auto(0x2, 0x8, 0x0)
pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xc9\xb3\xbc\x8c\x1dga08\x90\x86\xdde\x1cJ\x99\x00\x11\x11\x14\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xfe\x80\x12\x00\x00\x00\x00\x00\x0fo\x84\xfc\x89\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#\x1c\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd8\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xaf\n1\x80\x1a\xbc_\xef\x8b\t\xcc\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xfdef, 0x3)

1.150293181s ago: executing program 1 (id=1686):
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
mmap$auto(0x401000000000, 0x40000004020009, 0xc, 0x15, 0xffffffffffffffff, 0x7ffe)
r0 = socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004)
close_range$auto(0x2, 0x8, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket(0x1e, 0x4, 0x0)
r4 = socket(0x1e, 0x4, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
setsockopt$auto(r4, 0x10f, 0x87, 0x0, 0x14)
r5 = getuid()
sendmsg$auto_TIPC_NL_UDP_GET_REMOTEIP(r0, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000001c0)={&(0x7f0000002200)=ANY=[@ANYBLOB="901d0000", @ANYRES16, @ANYBLOB="080a26bd7000ffdbdf2516000000090309800c00e78008009200640101020602bf60393b8e8c11f6cd9517d218fb1332b73000bf0615509cbcfe065420c5a8267e38c3168162b01da5b94d7ecf0e134186aff62b953239185b0eaa5deac2d64935195b895c1a9410cd67f6b3e723b4eda49c1f83d8ad650ffaecdc3f8d2085c1f4a44f5c7f3110806bc714133668fc964068183d21c40bfd007b8014000900fe8000"/174, @ANYRES32=r2, @ANYBLOB="5707be7cd8848e7744de2fb3b8bd1dfbcab32ed5616e3e0b305ea367d9c1a760158c9e347046ff09af0a5f8bdb4724075cf1d6f3b30fceabe162bf7d38c2346cdc953da7703957c1acfd0b58c9848d992fd8d3d4ec080400098008003c00", @ANYRES32=r1, @ANYRES32=0x0, @ANYBLOB="04009b800800340000000000000000ab008680040003808352f74ae947fb23c79111bc17b6bf8c6c3d619fc962743d7d14007e000000000000000000000000000000000004001e8027a418ee81d8d4625e800957f968a786b97aee04fe05f579d40c5406fd0d5e", @ANYRES32=r0, @ANYBLOB="1800698014006600fe8000000000000000000000000000262000358004007d8008002f00", @ANYRES32=r1, @ANYBLOB="080017009507000006008d007b0000002000db8004001b8014007b00fc0100000000000000000000000000000400d0800400ca000400f380b1ac8cc2f2532445cf4f070f70d7db4240319ce22baa1cf45c6edb6123a7506113f7079cc5befdb7efcda99dac56274f77e6b4ca6b73f565baeef0b044e16f50868aedae53adacfda229944027b08ed35e913361503c477b8a27a558d116498ae75b105aef6daa44b7122d40822b426b7c575fbd2a8c94408c1d9b433df908c397a18891960715dcd2690800078004001a8000008305048074f21ce5a5e37b59bba86390d6a50f13a4e57d6930a27e61bdefaba25562857af34f54bbbf8dea09e7a686e70c823e96714d85668df3e2e9e7f9f4ca706ffd6459535b4d95db88cac6366775fe26b4bbabcdf79f129d7a62a73aa01b0ba3f0841be3c22f5235d97787ed04006700ec8e2fde77cc9bd71b33a7b512814872ac7413ad8314006600ff0100000000000000000000000000018500fa00c73c78455c0a7ca08f4b32c31a1d076653e2cf8b4c301619322c2ff6f53738535c3f71b2416c8b2b9c62fbea50ab0e7758015868ff1d31842799499e6d7cc3a5a4406b1c1686ca977cc478d2f25cc58157dc2f243c84004c1095aa042ddf3b1c22441999a56ee9bebe99594a2702bb9059b51571dfe10e6b159308cd4990becdf2000000147ef978ae28b1ef61321c766aa0a3016c8bc6596d6f3c6a9e9446250e8b86a258e6499b151e464b780fd59260cf4ce97e92aad0cb7a986f7e97491d9969dccae556fc5e507aee23f40c83991fe894a004094302893261344a2d78852392bf3585a819f96cfe3ed7a5fecb572454a7c0b2e676dab4d8d7b2357897fd1777ee5c816efdcd4444df833cc7978c7f54cde157e3cf7ccfa646c7235ab050abed6fd8677a46243793bbf5360b4b0d1a50eec2b37b1349afb4bb1e04dd13ef491943ffa0d4ae24374dc12a6fa2470c00ba006e6c38303231310004d47c0d9b4ad7f8f1ba5e1d4ce660da5746da27992b293af0b807528f50d0e6d2b0b41dda172fac34905fdf98d3a9c40763a69180fb674c8ba86a92a8d5c3ac005422a41b56f551334db5df652458ffba182a702b85d440044379ae1df187237977de397d8bfcf368bf761ceed204113d6ced259b58d060e305d661fba532a3f5e7a54f2194e6f22bfb7dfdd1a44892d2d87ee055110e72df2fd4743cfd5aba77251cf3b95e2c491d1454f3e35526fdb2e0daa740925be684ba711ccffeb3d031df3589a7eff265544c8d585cb4b2898ec8788846f49a21fb36b8db2da2ab1ef9a5025880c500f2008c2f10666443f1ac1a8cc60ad8ddc6a49e9e70c93aa8ecefcc6d50059327ce7606eee6f19670a825d18c98b36652368e2425406316cae751284ed1cee6a102b1784aa20c22843d1414e11dea7129fcc0e01e7d043014ffb1f2d13dd923f12beca055612cf1fb886971986086142fea1f2d8a2c46343e77a69c945859eda4921e04c1b15035eae070bd6fb6c8b83a1951480e0cb6c6c32ec2a90d958ba7bbad5a3f609a38e89b66ea6ea05d5e20383b5aa988fe761fec4bd3ec1b467105714c08fd0000000400a98036ffa99410db814df01973d68db033f4ee87aec2a3892d37ad2087ad0def0d948efa748f812c6d02424d38d8c88e1dd5049980f3ce2f4b66266222d08e96478ed174efeaa00b88389ae193eb30c196206d44b7915e039d40785ac0ddfaa1149b3d82a2e7cd7cf432ecdd877519ce49d7d4d9fc821ba8fb40726714cd8775b0d5af9863379226847e153d5a22ca94d7168c52c09d3e11e1b6c74d4b756dc823dd5ab47f79d75b62c0b872872040582510e6927fd5850e5d784d04002b8021164748b4a166dcf1799e5f9b86dac3fe303aa6feb1fe8e8d167a9e0cf465a586cbce8aa60d7b5fec02ac9310746e4c64fa7fef906e4071bd8ab49b95768cdcb0844158fd5df872be0d60a53a437f76359568956a73a35ef06c847f66eb1b00102b01ddbe1b62edc3626eb08ddce6e4285e41f236f4d73b6349f52cfe47010a6362ea7dcc494290bee854dbb918d06a3ada2227eb6dfb9d1346108d2b08f0e207d195c30fd1f65ecf89789aedc304f22e1d151e0b801572b23685b7e575e6743c184802e0e616fca6283f4011441f1638e96e337587558d698a2edd4e06cde17243e4cf12c44c4bf021fc2dee596bd8da56ce7c4a514aa94abdd637ab491b301736b54c14009300fc000000000000000000000000000001000000002300098008000900", @ANYRES32=r5, @ANYRES32=r0, @ANYBLOB="0c001c0006000000000000000800a6000a01010204007580000007020280fd00f980bd303502d572a153126393fcf955a7f3fc4b6effc2938fe89d05c24c13d274de030f62905fda4401fb967408b20b56ddfe2af28a54701b98c669538caf8ea9a9eaf01ab6307a64d7a290268db39ea238256f7e41647035a93ed2b9015bf9febc51c7", @ANYRES32=r3, @ANYBLOB="08001200", @ANYRES32=r1, @ANYBLOB="efaac42583e74436c25ab0b0f91b7d23ad8a318bd1d3aaf26f9dda28d46812e2264fc14f2b4eb8f61f2fb8b603da278bf19b9089193630b756d3e3c6182e240fd5fe1ce4c95d4f7ee6cafa631be1044301c4bb050f1bab91d2f4dc59253c370294736844c3daffee06dbfe9c5c0243f250b1c7a152", @ANYRES32, @ANYBLOB="0000000b00a6002d242940402800003d8dd36080fa7aa05b59b135f2b57c9eda9e52eab69a4c50d5abb614cc556824f73f6691cbca4326fd9b905235abff3f077b5f11cff5ab049e5e24b30acf407b963665f8323be4eecd9e9d9ca15b7561c456b6a8d7b1b6583d8db1671a7cbf986c606cd23097e42e53606aad329982da6d0a14de4362e141689da6e56898d4eecc97defd881a7d2ce5b8a87074f131688557b7a1d8638c0c67e386abf5d922cb90fb9a9ec5715ff287c2ca99a601a00f0146d433caf1aff5bf13395c86eee32620637a3ab607522b6ae1221bb9eac7b3712479e2f8c4a0f821386c3e17ba37e6b1c5df07d6129a6d2353e4d399e55c9fcefe2f2c7ad83c00040004803a000000b0030dea85a2ec43a7936b290b90f49ac78d7bce4ff8f9834e3e1bc51e40efe34a1ce6e0042d61d6c303f58a859d26ccb207e4dd2dd70000"], 0x1d90}, 0x1, 0x0, 0x0, 0x80}, 0x14)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
sendmsg$auto_NFC_CMD_GET_TARGET(r4, &(0x7f0000000500)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="04002dbd7000fcdbdf2508000000580019009ff882d45e23aa1282d04cf6f328c5effa48c0bbae3ae2f8be187c2bcd4d4af8939e3b33a3fca26ecdfb6cf658dd8575cf557946c440058348f497794ea082a387f37ea716eed5fa530009000000000000000000"], 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x4)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x230)
r6 = prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007)
bpf$auto_BPF_PROG_LOAD(0x5, &(0x7f0000000300)=@bpf_attr_0={0x9a, 0x2, 0x5, 0xc, 0x7eb, r2, 0x5, "e03f43200a26d5ea743998fb7500", 0x0, <r7=>r6, 0x9, 0x1, 0x4, 0x7, r3, r3}, 0x7ff)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r7)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'wlan0\x00'})
io_uring_setup$auto(0x4e8c, 0x0)
madvise$auto(0x0, 0x2003f0, 0x15)

1.093872043s ago: executing program 3 (id=1687):
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
mmap$auto(0x401000000000, 0x40000004020009, 0xc, 0x15, 0xffffffffffffffff, 0x7ffe)
r0 = socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004)
close_range$auto(0x2, 0x8, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket(0x1e, 0x4, 0x0)
r4 = socket(0x1e, 0x4, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
setsockopt$auto(r4, 0x10f, 0x87, 0x0, 0x14)
r5 = getuid()
sendmsg$auto_TIPC_NL_UDP_GET_REMOTEIP(r0, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000001c0)={&(0x7f0000002200)=ANY=[@ANYBLOB="901d0000", @ANYRES16, @ANYBLOB="080a26bd7000ffdbdf2516000000090309800c00e78008009200640101020602bf60393b8e8c11f6cd9517d218fb1332b73000bf0615509cbcfe065420c5a8267e38c3168162b01da5b94d7ecf0e134186aff62b953239185b0eaa5deac2d64935195b895c1a9410cd67f6b3e723b4eda49c1f83d8ad650ffaecdc3f8d2085c1f4a44f5c7f3110806bc714133668fc964068183d21c40bfd007b8014000900fe8000"/174, @ANYRES32=r2, @ANYBLOB="5707be7cd8848e7744de2fb3b8bd1dfbcab32ed5616e3e0b305ea367d9c1a760158c9e347046ff09af0a5f8bdb4724075cf1d6f3b30fceabe162bf7d38c2346cdc953da7703957c1acfd0b58c9848d992fd8d3d4ec080400098008003c00", @ANYRES32=r1, @ANYRES32=0x0, @ANYBLOB="04009b800800340000000000000000ab008680040003808352f74ae947fb23c79111bc17b6bf8c6c3d619fc962743d7d14007e000000000000000000000000000000000004001e8027a418ee81d8d4625e800957f968a786b97aee04fe05f579d40c5406fd0d5e", @ANYRES32=r0, @ANYBLOB="1800698014006600fe8000000000000000000000000000262000358004007d8008002f00", @ANYRES32=r1, @ANYBLOB="080017009507000006008d007b0000002000db8004001b8014007b00fc0100000000000000000000000000000400d0800400ca000400f380b1ac8cc2f2532445cf4f070f70d7db4240319ce22baa1cf45c6edb6123a7506113f7079cc5befdb7efcda99dac56274f77e6b4ca6b73f565baeef0b044e16f50868aedae53adacfda229944027b08ed35e913361503c477b8a27a558d116498ae75b105aef6daa44b7122d40822b426b7c575fbd2a8c94408c1d9b433df908c397a18891960715dcd2690800078004001a8000008305048074f21ce5a5e37b59bba86390d6a50f13a4e57d6930a27e61bdefaba25562857af34f54bbbf8dea09e7a686e70c823e96714d85668df3e2e9e7f9f4ca706ffd6459535b4d95db88cac6366775fe26b4bbabcdf79f129d7a62a73aa01b0ba3f0841be3c22f5235d97787ed04006700ec8e2fde77cc9bd71b33a7b512814872ac7413ad8314006600ff0100000000000000000000000000018500fa00c73c78455c0a7ca08f4b32c31a1d076653e2cf8b4c301619322c2ff6f53738535c3f71b2416c8b2b9c62fbea50ab0e7758015868ff1d31842799499e6d7cc3a5a4406b1c1686ca977cc478d2f25cc58157dc2f243c84004c1095aa042ddf3b1c22441999a56ee9bebe99594a2702bb9059b51571dfe10e6b159308cd4990becdf2000000147ef978ae28b1ef61321c766aa0a3016c8bc6596d6f3c6a9e9446250e8b86a258e6499b151e464b780fd59260cf4ce97e92aad0cb7a986f7e97491d9969dccae556fc5e507aee23f40c83991fe894a004094302893261344a2d78852392bf3585a819f96cfe3ed7a5fecb572454a7c0b2e676dab4d8d7b2357897fd1777ee5c816efdcd4444df833cc7978c7f54cde157e3cf7ccfa646c7235ab050abed6fd8677a46243793bbf5360b4b0d1a50eec2b37b1349afb4bb1e04dd13ef491943ffa0d4ae24374dc12a6fa2470c00ba006e6c38303231310004d47c0d9b4ad7f8f1ba5e1d4ce660da5746da27992b293af0b807528f50d0e6d2b0b41dda172fac34905fdf98d3a9c40763a69180fb674c8ba86a92a8d5c3ac005422a41b56f551334db5df652458ffba182a702b85d440044379ae1df187237977de397d8bfcf368bf761ceed204113d6ced259b58d060e305d661fba532a3f5e7a54f2194e6f22bfb7dfdd1a44892d2d87ee055110e72df2fd4743cfd5aba77251cf3b95e2c491d1454f3e35526fdb2e0daa740925be684ba711ccffeb3d031df3589a7eff265544c8d585cb4b2898ec8788846f49a21fb36b8db2da2ab1ef9a5025880c500f2008c2f10666443f1ac1a8cc60ad8ddc6a49e9e70c93aa8ecefcc6d50059327ce7606eee6f19670a825d18c98b36652368e2425406316cae751284ed1cee6a102b1784aa20c22843d1414e11dea7129fcc0e01e7d043014ffb1f2d13dd923f12beca055612cf1fb886971986086142fea1f2d8a2c46343e77a69c945859eda4921e04c1b15035eae070bd6fb6c8b83a1951480e0cb6c6c32ec2a90d958ba7bbad5a3f609a38e89b66ea6ea05d5e20383b5aa988fe761fec4bd3ec1b467105714c08fd0000000400a98036ffa99410db814df01973d68db033f4ee87aec2a3892d37ad2087ad0def0d948efa748f812c6d02424d38d8c88e1dd5049980f3ce2f4b66266222d08e96478ed174efeaa00b88389ae193eb30c196206d44b7915e039d40785ac0ddfaa1149b3d82a2e7cd7cf432ecdd877519ce49d7d4d9fc821ba8fb40726714cd8775b0d5af9863379226847e153d5a22ca94d7168c52c09d3e11e1b6c74d4b756dc823dd5ab47f79d75b62c0b872872040582510e6927fd5850e5d784d04002b8021164748b4a166dcf1799e5f9b86dac3fe303aa6feb1fe8e8d167a9e0cf465a586cbce8aa60d7b5fec02ac9310746e4c64fa7fef906e4071bd8ab49b95768cdcb0844158fd5df872be0d60a53a437f76359568956a73a35ef06c847f66eb1b00102b01ddbe1b62edc3626eb08ddce6e4285e41f236f4d73b6349f52cfe47010a6362ea7dcc494290bee854dbb918d06a3ada2227eb6dfb9d1346108d2b08f0e207d195c30fd1f65ecf89789aedc304f22e1d151e0b801572b23685b7e575e6743c184802e0e616fca6283f4011441f1638e96e337587558d698a2edd4e06cde17243e4cf12c44c4bf021fc2dee596bd8da56ce7c4a514aa94abdd637ab491b301736b54c14009300fc000000000000000000000000000001000000002300098008000900", @ANYRES32=r5, @ANYRES32=r0, @ANYBLOB="0c001c0006000000000000000800a6000a01010204007580000007020280fd00f980bd303502d572a153126393fcf955a7f3fc4b6effc2938fe89d05c24c13d274de030f62905fda4401fb967408b20b56ddfe2af28a54701b98c669538caf8ea9a9eaf01ab6307a64d7a290268db39ea238256f7e41647035a93ed2b9015bf9febc51c7", @ANYRES32=r3, @ANYBLOB="08001200", @ANYRES32=r1, @ANYBLOB="efaac42583e74436c25ab0b0f91b7d23ad8a318bd1d3aaf26f9dda28d46812e2264fc14f2b4eb8f61f2fb8b603da278bf19b9089193630b756d3e3c6182e240fd5fe1ce4c95d4f7ee6cafa631be1044301c4bb050f1bab91d2f4dc59253c370294736844c3daffee06dbfe9c5c0243f250b1c7a152", @ANYRES32, @ANYBLOB="0000000b00a6002d242940402800003d8dd36080fa7aa05b59b135f2b57c9eda9e52eab69a4c50d5abb614cc556824f73f6691cbca4326fd9b905235abff3f077b5f11cff5ab049e5e24b30acf407b963665f8323be4eecd9e9d9ca15b7561c456b6a8d7b1b6583d8db1671a7cbf986c606cd23097e42e53606aad329982da6d0a14de4362e141689da6e56898d4eecc97defd881a7d2ce5b8a87074f131688557b7a1d8638c0c67e386abf5d922cb90fb9a9ec5715ff287c2ca99a601a00f0146d433caf1aff5bf13395c86eee32620637a3ab607522b6ae1221bb9eac7b3712479e2f8c4a0f821386c3e17ba37e6b1c5df07d6129a6d2353e4d399e55c9fcefe2f2c7ad83c00040004803a000000b0030dea85a2ec43a7936b290b90f49ac78d7bce4ff8f9834e3e1bc51e40efe34a1ce6e0042d61d6c303f58a859d26ccb207e4dd2dd70000"], 0x1d90}, 0x1, 0x0, 0x0, 0x80}, 0x14)
recvmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x2, &(0x7f0000000140)={0x0, 0x4da}, 0x6, 0x0, 0x8, 0x7ff}, 0x1000}, 0xffffffff, 0x4, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
sendmsg$auto_NFC_CMD_GET_TARGET(r4, &(0x7f0000000500)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="04002dbd7000fcdbdf2508000000580019009ff882d45e23aa1282d04cf6f328c5effa48c0bbae3ae2f8be187c2bcd4d4af8939e3b33a3fca26ecdfb6cf658dd8575cf557946c440058348f497794ea082a387f37ea716eed5fa530009000000000000000000"], 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x4)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x230)
r6 = prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007)
bpf$auto_BPF_PROG_LOAD(0x5, &(0x7f0000000300)=@bpf_attr_0={0x9a, 0x2, 0x5, 0xc, 0x7eb, r2, 0x5, "e03f43200a26d5ea743998fb7500", 0x0, <r7=>r6, 0x9, 0x1, 0x4, 0x7, r3, r3}, 0x7ff)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r7)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'wlan0\x00'})
io_uring_setup$auto(0x4e8c, 0x0)
madvise$auto(0x0, 0x2003f0, 0x15)

938.197165ms ago: executing program 2 (id=1688):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
ioctl$auto_BTRFS_IOC_SCRUB_PROGRESS(r0, 0xc400941d, &(0x7f0000000500)={0x40a, 0x3, 0x3ac, 0x8, {0x1, 0x4, 0xb, 0x3, 0x8, 0x4, 0x9, 0x2, 0xe, 0xa5, 0x1, 0x4, 0x0, 0xf, 0xff}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x40, r2, 0x1b, 0x70bd26, 0x25dfdbfb, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x10, 0x3, 0x0, 0x1, [@nested={0xc, 0x3, 0x0, 0x1, [@typed={0x8, 0x9, 0x0, 0x0, @fd}]}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f1779048590828847"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r3 = socket(0x2, 0x1, 0x0)
bpf$auto_BPF_OBJ_GET_INFO_BY_FD(0xf, &(0x7f00000002c0)=@test={<r4=>r3, 0x0, 0x856, 0x189, 0x8, 0x7fff, 0x7fff, 0x10000, 0xc91a, 0x7, 0x5, 0x3, 0x3, 0x3, 0x6}, 0x1)
mmap$auto(0x0, 0xa00006, 0x400002, 0x40ebe, 0xffffffffffffffff, 0x300000000000)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x3f)
sendmsg$auto_ETHTOOL_MSG_PSE_SET(0xffffffffffffffff, 0x0, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0)
r5 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0)
write$auto(r5, &(0x7f0000000200)='/de\xef\xe7audio1\x00', 0xa3d9)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
write$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f0000001680)="a7", 0x80000)
mmap$auto(0x0, 0x30009, 0x4000000000df, 0x4000eb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000040)=""/105, 0x69)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0xa40, 0x0)

245.019126ms ago: executing program 0 (id=1689):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @local}, 0x54)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x9a6, 0xe000)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
r0 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
openat$auto_sco_debugfs_fops_(0xffffffffffffff9c, 0x0, 0x242, 0x0)
r1 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_TREAD64(r1, 0x400454a4, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
pread64$auto(r0, &(0x7f0000000200)='/proc/self/net/ip6_tables_targets\x00', 0x34b, 0x10000)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
unshare$auto(0x40000080)
write$auto(0xca, &(0x7f00000000c0)='\x04>\x01\x01\x00J:\xdd\xfc\xb6\xc6\x0f\xaf\xe3\x0f\xd1V\xb1yz\\\xa6\xed\ag+\xa3p(\xe2\x1b\xdc7\x1b\xc4TM}\xce\x90\xfa9\x957\xec\xd8\xe0TC\x86\xad\xe1G\xc7\xd4\x96\x12h\x84;Y\xe2\x03i\xa1)`\n\xc3\xfeR\x06\x03\xf5/@\xf0\'\xb9\xdf\xe1\xef\v\x19B\xc0\xe2\xac\xa5^\x01D\xef\xaf#\xbc\xa5\xf9J\xdc\xc3),=1\b\x05\x9d\x82\xd4\'\xe8\xfe\xfd\x9a\x9f\x00\x00\x00\x00\x00\x00\x00\x00', 0x7f)
mmap$auto(0x0, 0xe983, 0xdf, 0x400000000000eb1, 0xffffffffffffffff, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000002480), 0xffffffffffffffff)
sendmsg$auto_TIPC_NL_MON_GET(0xffffffffffffffff, &(0x7f00000083c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4801}, 0x8080)
msgctl$auto(0x9, 0x1ff, 0x0)
openat$auto_fake_panic_fops_(0xffffffffffffff9c, 0x0, 0x8000, 0x0)

192.313459ms ago: executing program 1 (id=1690):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
r0 = socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
r1 = socket(0xa, 0x1, 0x84)
r2 = getsockopt$auto(r1, 0x84, 0x9, 0x0, &(0x7f0000000000)=0x95)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0xe8, 0x9, 0x2, 0x1, 0x5, 0x4, 0x15f4da0e, 0x8, 0x9, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0)
pwrite64$auto(0xc8, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00,\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x39)
bind$auto(r0, &(0x7f0000000240)=@sco, 0xfffffffb)
syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff)
sendmsg$auto_TIPC_NL_MON_PEER_GET(r2, 0x0, 0x0)
getsockopt$auto_SO_RCVMARK(r3, 0x0, 0x4b, &(0x7f0000000000)='}\'.^\x00', &(0x7f00000000c0)=0x7)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL802154_CMD_GET_INTERFACE(r4, &(0x7f0000000300)={0x0, 0xa6, &(0x7f0000000100)={&(0x7f0000000840)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="05032cbd7000fbdbdf2505004000"], 0x14}, 0x1, 0x0, 0x0, 0x4004010}, 0x4040008)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x4)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
kexec_load$auto(0x8, 0x0, 0x0, 0x9)

92.035862ms ago: executing program 3 (id=1691):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
r0 = socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
r1 = socket(0xa, 0x1, 0x84)
r2 = getsockopt$auto(r1, 0x84, 0x9, 0x0, &(0x7f0000000000)=0x95)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0xe8, 0x9, 0x2, 0x1, 0x5, 0x4, 0x15f4da0e, 0x8, 0x9, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0)
pwrite64$auto(0xc8, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00,\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x39)
bind$auto(r0, &(0x7f0000000240)=@sco, 0xfffffffb)
syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff)
sendmsg$auto_TIPC_NL_MON_PEER_GET(r2, 0x0, 0x0)
getsockopt$auto_SO_RCVMARK(r3, 0x0, 0x4b, &(0x7f0000000000)='}\'.^\x00', &(0x7f00000000c0)=0x7)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL802154_CMD_GET_INTERFACE(r4, &(0x7f0000000300)={0x0, 0xa6, &(0x7f0000000100)={&(0x7f0000000840)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="05032cbd7000fbdbdf2505004000"], 0x14}, 0x1, 0x0, 0x0, 0x4004010}, 0x4040008)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x4)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
kexec_load$auto(0x8, 0x0, 0x0, 0x9)

0s ago: executing program 2 (id=1692):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sysfs$auto(0x2, 0x43, 0x0)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0)
write$auto(r0, &(0x7f00000002c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef`\xd8\x9c\xf7?:\x1a\xc62\x911e\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\b};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xff\x7f\xd0UV\x11\xcb\xdd\x81\xbe\xde\f/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7\x00\x85Z\x06?\x12\x98\x0f)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1;\xe4pd$\xd7\x1b\v\x82\r\f\xd0Hq\xd9\r\x88#\x89\x8d\xcd\x1e\x87N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8HR+\a\xb7R\t\n+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb\xc8^\xa4\xe2\x05\x91|\x123\xc3:\xfd\xee\x04a\xc8\x12\xce\xa2\x12\xcb\x8c\x87f\xebGQ\xe9\x96\xd5E\x13a\xb7\x057<&\xe0\x94\xa7\xfb\x9d;\xfa\xb1\x1b4a,\'\xb2Ym\xe1:\xbf\x8cs\x06\xa3u\x8d!\n\x80-\x9a\xbb;\xf4\xf3\xe1\x97\xfc8\xff\xa7\\\x8b\xf9\x95\x10$\xef\x1a #b\xfb\xfe\xe9\x06fK0\xdd\x84T,\xfa\xb5\x00\x83d\xbba\xd7\n\x92l\xdfAN\x9d\xcb\x96\xc7\xe8\xe6\x8bC\xeb\xc7EZ\xc8\x1a\x81nf\tZ-sZ\x13n\xec\xa9\xbf\xd0$\xb9\xd8\x00\x00\x00\x00\x00\x00\x00', 0x5)
socket(0x2, 0x3, 0x2)
rseq$auto(&(0x7f00000004c0)={0x12, 0x401, 0x3, 0x6, 0xfffffeff, 0x2}, 0x8002, 0x0, 0x8)
clock_nanosleep$auto(0xfffefffe, 0xb, &(0x7f0000000340)={0x100000000000002}, 0x0)
socket(0x2, 0x80002, 0x73)
ioctl$auto_USBDEVFS_CLAIMINTERFACE(0xffffffffffffffff, 0x8004550f, 0x0)
r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0)
read$auto(r1, 0x0, 0x1f40)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
r2 = openat$auto_short_retry_limit_ops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy2/short_retry_limit\x00', 0x50000, 0x0)
r3 = landlock_create_ruleset$auto(&(0x7f00000000c0)={0x9, 0x2, 0x4}, 0x9, 0x9)
r4 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$auto_BINDER_SET_CONTEXT_MGR(r3, 0x40046207, &(0x7f00000006c0)="6c03a55c111a1191e709985061e186f5e2447cd82a9047cc0a4fbe87d24ce2d4dcd6c8a53c01d9af592024bc205fa1eec2c85f94bfd9cddc991d49e62326bbbc8d1fb517de0d9550a087bfd1dd3acefbe7e0536cc41634d64ea8292fecc781a03aac1ec47de3a87ecab45a326cb8966832c96d7b9dcfefa82351b18293827047ad603e19bf4208fe7ad92493c41f347cfce3c9c8bd7e0a7dc5dabb1c0ff35801fdfc55cab8292e5cecea872a63af794c59ba29b3642db93d40d5c93b43bf15be9b55acd7d557fdcb6584241295bac8d628699945d1e2fe53")
r5 = openat$auto_binder_features_fops_(0xffffffffffffff9c, &(0x7f0000000100)='/dev/binderfs/features/freeze_notification\x00', 0x40000, 0x0)
pread64$auto(r5, 0x0, 0x2, 0x7a)
r6 = setfsuid$auto(0xee00)
r7 = setfsuid$auto(0xee01)
setresuid$auto(r6, r7, r6)
sendmsg$auto_OVS_VPORT_CMD_DEL(r3, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000500)={0x1a0, r4, 0x10, 0x70bd27, 0x25dfdbfc, {}, [@OVS_VPORT_ATTR_UPCALL_STATS={0x148, 0xa, 0x0, 0x1, [@nested={0xb7, 0x102, 0x0, 0x1, [@typed={0x8, 0x7e, 0x0, 0x0, @u32=0x101}, @generic="56067a4ea913d339db21ed48496784afbe844f5803103c0c78822a91e4cd3e9c7e7b82ece48b00d41138b4722205d6a658d79d9206d9040a7021907d43d546c5f7b333581b3e0d4960e0ad593a7370404e9f0161cb91781ac9b53857e331c25d08fd3c45f3373ded0262e85665109429c39bf684967b64f7d4ef4d61b36d2b7ba9a0b3861cbc69b8950196d005ed062f663fdad003e3adb2eaad06423c100bd03a9b95fa8a11cc89012ab6"]}, @typed={0x8, 0x2b, 0x0, 0x0, @uid=r6}, @typed={0x14, 0xf6, 0x0, 0x0, @ipv6=@mcast1}, @generic="3cdf89b39433504e69867caf346f6c925d14009694a5e28e4947397d92dfb095cdd77366e93a4a070920a6534f22ad5c012eb56310d5f361f0b45314beb9b5e0450fe74fc266a8a2e54cd832e3e26109adf98cf6181079a52e5a2b87462095e42e302c4c2c74162e8b4aee81c66026ba"]}, @OVS_VPORT_ATTR_STATS={0x44, 0x6, {0x8001, 0x5, 0x8, 0x5, 0x7fffffff, 0xa, 0x2, 0xc9}}]}, 0x1a0}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000)
mmap$auto(0x0, 0x4020009, 0xdf, 0x8000000000000011, r2, 0x8000)
r8 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/mnt\x00')
r9 = pipe$auto(0x0)
ioctl$auto(r9, 0x9004b70b, r8)

kernel console output (not intermixed with test programs):

etooth: hci2: command 0x0c1a tx timeout
[  113.466381][ T6359] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9
[  113.502524][ T6350] FAULT_INJECTION: forcing a failure.
[  113.502524][ T6350] name failslab, interval 1, probability 0, space 0, times 0
[  113.516931][ T6350] CPU: 1 UID: 0 PID: 6350 Comm: syz.1.76 Not tainted syzkaller #0 PREEMPT(full) 
[  113.516978][ T6350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  113.516995][ T6350] Call Trace:
[  113.517005][ T6350]  <TASK>
[  113.517016][ T6350]  dump_stack_lvl+0x100/0x190
[  113.517063][ T6350]  should_fail_ex.cold+0x5/0xa
[  113.517090][ T6350]  ? __register_sysctl_table+0xbe4/0x1650
[  113.517122][ T6350]  should_failslab+0xc2/0x120
[  113.517166][ T6350]  __kmalloc_noprof+0xe0/0x850
[  113.517212][ T6350]  __register_sysctl_table+0xbe4/0x1650
[  113.517256][ T6350]  ? __pfx___register_sysctl_table+0x10/0x10
[  113.517290][ T6350]  ? is_module_address+0x69/0xf0
[  113.517323][ T6350]  ? register_net_sysctl_sz+0x222/0x430
[  113.517371][ T6350]  __devinet_sysctl_register+0x1b9/0x360
[  113.517414][ T6350]  ? trace_kmalloc+0x101/0x130
[  113.517453][ T6350]  ? __pfx___devinet_sysctl_register+0x10/0x10
[  113.517501][ T6350]  ? __asan_memcpy+0x3c/0x60
[  113.517535][ T6350]  devinet_init_net+0x334/0x8d0
[  113.517580][ T6350]  ? __pfx_devinet_init_net+0x10/0x10
[  113.517615][ T6350]  ops_init+0x1e2/0x5f0
[  113.517654][ T6350]  setup_net+0x118/0x3a0
[  113.517691][ T6350]  ? __pfx_setup_net+0x10/0x10
[  113.517723][ T6350]  ? lockdep_init_map_type+0x5c/0x250
[  113.517759][ T6350]  ? mutex_init_lockep+0x110/0x150
[  113.517798][ T6350]  copy_net_ns+0x46f/0x7c0
[  113.517840][ T6350]  create_new_namespaces+0x3ea/0xac0
[  113.517894][ T6350]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  113.517925][ T6350]  ksys_unshare+0x455/0xab0
[  113.517962][ T6350]  ? __pfx_ksys_unshare+0x10/0x10
[  113.518015][ T6350]  __x64_sys_unshare+0x31/0x40
[  113.518048][ T6350]  do_syscall_64+0x106/0xf80
[  113.518083][ T6350]  ? clear_bhb_loop+0x40/0x90
[  113.518117][ T6350]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.518146][ T6350] RIP: 0033:0x7fd40019bf79
[  113.518170][ T6350] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  113.518195][ T6350] RSP: 002b:00007fd400f96028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  113.518222][ T6350] RAX: ffffffffffffffda RBX: 00007fd400416090 RCX: 00007fd40019bf79
[  113.518240][ T6350] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  113.518257][ T6350] RBP: 00007fd4002327e0 R08: 0000000000000000 R09: 0000000000000000
[  113.518273][ T6350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  113.518289][ T6350] R13: 00007fd400416128 R14: 00007fd400416090 R15: 00007ffdfd7e9e68
[  113.518328][ T6350]  </TASK>
[  113.518340][ T6350] sysctl could not get directory: /net/ipv4/conf/default -12
[  115.246653][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  115.252773][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout
[  115.326870][   T51] Bluetooth: hci2: command 0x0c1a tx timeout
[  115.643243][ T6393] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  117.474205][   T29] audit: type=1800 audit(1771196821.656:2): pid=6415 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.86" name="dbroot" dev="configfs" ino=10097 res=0 errno=0
[  120.606761][   T51] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  120.830339][ T6456] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input10
[  122.614802][ T6482] QAT: Invalid ioctl 21531
[  122.699320][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  123.059340][ T6491] QAT: Invalid ioctl 21531
[  123.567156][ T5829] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[  123.974748][ T5829] block nbd0: Receive control failed (result -32)
[  124.276652][ T5833] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[  124.354740][ T5829] block nbd1: Receive control failed (result -32)
[  124.766663][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout
[  126.260708][   T51] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[  126.524667][   T51] block nbd2: Receive control failed (result -32)
[  126.639278][ T6556] QAT: Invalid ioctl 21531
[  127.320654][ T6567] vhci_hcd vhci_hcd.2: invalid port number 16
[  127.477103][ T6567] vhci_hcd vhci_hcd.2: invalid port number 16
[  129.102688][ T6594] netlink: 28 bytes leftover after parsing attributes in process `syz.0.125'.
[  129.648441][ T6601] QAT: Invalid ioctl 21531
[  130.686643][   T51] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  131.827452][   T51] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[  132.345999][ T6655] QAT: Invalid ioctl 21531
[  132.396073][ T5829] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[  132.529524][   T51] block nbd3: Receive control failed (result -32)
[  132.813452][ T6661] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  132.932876][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  132.966593][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  135.936775][ T6712] netlink: 4 bytes leftover after parsing attributes in process `syz.1.149'.
[  138.618620][ T6758] netlink: 28 bytes leftover after parsing attributes in process `syz.3.158'.
[  139.107195][ T6764] netlink: 4 bytes leftover after parsing attributes in process `syz.2.160'.
[  139.235106][ T6774] QAT: Invalid ioctl 21531
[  140.088053][ T6786] netlink: 4 bytes leftover after parsing attributes in process `syz.2.162'.
[  140.150594][ T6786] netlink: 25 bytes leftover after parsing attributes in process `syz.2.162'.
[  142.947686][ T6828] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input11
[  143.347051][ T6840] netlink: 4 bytes leftover after parsing attributes in process `syz.3.171'.
[  143.551727][ T6848] netlink: 4 bytes leftover after parsing attributes in process `syz.2.172'.
[  143.612170][ T6850] QAT: Invalid ioctl 21531
[  143.648444][ T6851] netlink: 25 bytes leftover after parsing attributes in process `syz.2.172'.
[  146.156864][ T6873] binder: 6864:6873 ioctl c018620c 0 returned -1
[  146.272316][ T6885] netlink: 4 bytes leftover after parsing attributes in process `syz.2.183'.
[  146.698839][ T6901] QAT: Invalid ioctl 21531
[  146.737801][ T6903] netlink: 4 bytes leftover after parsing attributes in process `syz.3.184'.
[  146.769547][ T6903] netlink: 25 bytes leftover after parsing attributes in process `syz.3.184'.
[  147.139876][ T6909] QAT: Invalid ioctl 21531
[  147.262720][ T5829] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[  147.305507][ T6911] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input12
[  147.542589][   T51] block nbd4: Receive control failed (result -32)
[  150.022477][   T51] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[  150.151220][ T6954] QAT: Invalid ioctl 21531
[  150.380593][ T6930] kexec: Could not allocate control_code_buffer
[  150.575497][   T51] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  151.019575][ T6970] crash hp: kexec_trylock() failed, kdump image may be inaccurate
[  152.606556][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  152.706658][ T7001] netlink: 4 bytes leftover after parsing attributes in process `syz.2.207'.
[  153.179910][ T7010] bridge0: port 3(team0) entered blocking state
[  153.243406][ T7010] bridge0: port 3(team0) entered disabled state
[  153.313909][ T7010] team0: entered allmulticast mode
[  153.348432][ T7010] team_slave_0: entered allmulticast mode
[  153.371688][ T7010] team_slave_1: entered allmulticast mode
[  153.425801][ T7010] team0: entered promiscuous mode
[  153.477432][ T7010] team_slave_0: entered promiscuous mode
[  153.557936][ T7010] team_slave_1: entered promiscuous mode
[  153.596725][ T7010] bridge0: port 3(team0) entered blocking state
[  153.603156][ T7010] bridge0: port 3(team0) entered forwarding state
[  153.876894][ T6969] kexec: Could not allocate control_code_buffer
[  153.996614][ T7015] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  154.650246][ T7033] bridge0: port 4(gretap0) entered blocking state
[  154.656990][ T7033] bridge0: port 4(gretap0) entered disabled state
[  154.663807][ T7033] gretap0: entered allmulticast mode
[  154.697292][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  154.749779][ T7033] gretap0: entered promiscuous mode
[  154.777775][ T7033] FAULT_INJECTION: forcing a failure.
[  154.777775][ T7033] name failslab, interval 1, probability 0, space 0, times 0
[  154.796141][ T7033] CPU: 1 UID: 0 PID: 7033 Comm: syz.0.214 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  154.796183][ T7033] Tainted: [L]=SOFTLOCKUP
[  154.796192][ T7033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  154.796206][ T7033] Call Trace:
[  154.796215][ T7033]  <TASK>
[  154.796225][ T7033]  dump_stack_lvl+0x100/0x190
[  154.796285][ T7033]  should_fail_ex.cold+0x5/0xa
[  154.796318][ T7033]  should_failslab+0xc2/0x120
[  154.796360][ T7033]  __kvmalloc_node_noprof+0xfa/0xa00
[  154.796396][ T7033]  ? bucket_table_alloc.isra.0+0x88/0x460
[  154.796438][ T7033]  bucket_table_alloc.isra.0+0x88/0x460
[  154.796475][ T7033]  rhashtable_init_noprof+0x43b/0x7d0
[  154.796504][ T7033]  nbp_vlan_init+0x238/0x500
[  154.796538][ T7033]  ? __pfx_nbp_vlan_init+0x10/0x10
[  154.796581][ T7033]  ? br_fdb_add_local+0x43/0x60
[  154.796606][ T7033]  ? __local_bh_enable_ip+0xff/0x120
[  154.796638][ T7033]  br_add_if+0xf79/0x1b40
[  154.796671][ T7033]  ? veth_get_iflink+0x203/0x2c0
[  154.796717][ T7033]  add_del_if+0x114/0x160
[  154.796754][ T7033]  br_dev_siocdevprivate+0x8ac/0x1650
[  154.796792][ T7033]  ? __lock_acquire+0x4a5/0x2630
[  154.796825][ T7033]  ? __pfx_br_dev_siocdevprivate+0x10/0x10
[  154.796874][ T7033]  ? do_raw_spin_lock+0x128/0x260
[  154.796919][ T7033]  ? mark_held_locks+0x40/0x70
[  154.796956][ T7033]  ? netdev_name_node_lookup+0x107/0x150
[  154.796987][ T7033]  ? __mutex_lock+0x26a/0x1b90
[  154.797029][ T7033]  dev_ifsioc+0xc1e/0x1e90
[  154.797066][ T7033]  ? __pfx_dev_ifsioc+0x10/0x10
[  154.797096][ T7033]  ? __pfx___mutex_lock+0x10/0x10
[  154.797163][ T7033]  ? dev_load+0x8e/0x240
[  154.797193][ T7033]  ? dev_load+0x8e/0x240
[  154.797237][ T7033]  dev_ioctl+0x70e/0x1070
[  154.797273][ T7033]  sock_ioctl+0x494/0x6b0
[  154.797301][ T7033]  ? __pfx_sock_ioctl+0x10/0x10
[  154.797325][ T7033]  ? hook_file_ioctl_common+0x146/0x410
[  154.797365][ T7033]  ? __fget_files+0x21f/0x3d0
[  154.797409][ T7033]  ? __pfx_sock_ioctl+0x10/0x10
[  154.797437][ T7033]  __x64_sys_ioctl+0x18e/0x210
[  154.797473][ T7033]  do_syscall_64+0x106/0xf80
[  154.797508][ T7033]  ? clear_bhb_loop+0x40/0x90
[  154.797543][ T7033]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.797572][ T7033] RIP: 0033:0x7ff2b359bf79
[  154.797608][ T7033] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  154.797640][ T7033] RSP: 002b:00007ff2b43bc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  154.797667][ T7033] RAX: ffffffffffffffda RBX: 00007ff2b3816180 RCX: 00007ff2b359bf79
[  154.797686][ T7033] RDX: 0000200000000040 RSI: 00000000000089fc RDI: 0000000000000008
[  154.797703][ T7033] RBP: 00007ff2b36327e0 R08: 0000000000000000 R09: 0000000000000000
[  154.797720][ T7033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  154.797737][ T7033] R13: 00007ff2b3816218 R14: 00007ff2b3816180 R15: 00007ffdbe34c878
[  154.797776][ T7033]  </TASK>
[  155.180584][ T7033] bridge0: port 4(gretap0) entered blocking state
[  155.187205][ T7033] bridge0: port 4(gretap0) entered forwarding state
[  155.360437][ T7030] binder: 7023:7030 ioctl c018620c 0 returned -1
[  156.997019][ T7075] QAT: Invalid ioctl 21531
[  157.282424][ T5829] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[  157.423061][   T51] block nbd5: Receive control failed (result -32)
[  157.592503][ T7083] QAT: Invalid ioctl 21531
[  157.696313][ T7090] netlink: 4 bytes leftover after parsing attributes in process `syz.0.226'.
[  157.755256][ T7085] netlink: 25 bytes leftover after parsing attributes in process `syz.0.226'.
[  159.551020][ T7127] QAT: Invalid ioctl 21531
[  160.187835][ T7144] netlink: 4 bytes leftover after parsing attributes in process `syz.0.235'.
[  160.243312][ T7146] netlink: 25 bytes leftover after parsing attributes in process `syz.0.235'.
[  160.586009][ T5829] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[  160.636412][   T51] block nbd6: Receive control failed (result -32)
[  161.638296][ T7168] mmap: syz.1.242 (7168) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  163.716909][ T7203] QAT: Invalid ioctl 21531
[  164.085156][ T7213] QAT: Invalid ioctl 21531
[  165.135489][ T7184] kexec: Could not allocate control_code_buffer
[  165.542987][ T7235] netlink: 4 bytes leftover after parsing attributes in process `syz.0.254'.
[  165.997122][ T7224] binder: 7222:7224 ioctl c018620c 0 returned -1
[  167.610220][ T7271] QAT: Invalid ioctl 21531
[  168.360763][ T7285] QAT: Invalid ioctl 21531
[  169.593034][ T7303] QAT: Invalid ioctl 21531
[  170.371666][ T5829] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[  170.471852][   T51] block nbd7: Receive control failed (result -32)
[  171.592503][ T7334] QAT: Invalid ioctl 21531
[  171.637011][   T51] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[  171.916902][   T51] block nbd8: Receive control failed (result -32)
[  172.167539][ T7346] QAT: Invalid ioctl 21531
[  172.398892][ T5829] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[  172.472192][   T51] block nbd9: Receive control failed (result -32)
[  173.880189][ T7385] netlink: 4 bytes leftover after parsing attributes in process `syz.0.290'.
[  173.915649][ T7385] netlink: 25 bytes leftover after parsing attributes in process `syz.0.290'.
[  176.225663][ T7430] MTRR 1 not used
[  176.771770][ T7444] netlink: 4 bytes leftover after parsing attributes in process `syz.3.301'.
[  176.829775][ T7445] netlink: 25 bytes leftover after parsing attributes in process `syz.3.301'.
[  176.906223][ T7446] QAT: Invalid ioctl 21531
[  177.491580][ T5829] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[  177.563909][ T7469] netlink: 4 bytes leftover after parsing attributes in process `syz.2.306'.
[  177.597819][ T7469] netlink: 25 bytes leftover after parsing attributes in process `syz.2.306'.
[  177.615812][   T51] block nbd10: Receive control failed (result -32)
[  178.319549][ T7481] netlink: 4 bytes leftover after parsing attributes in process `syz.2.310'.
[  178.358240][ T7481] netlink: 25 bytes leftover after parsing attributes in process `syz.2.310'.
[  178.914133][ T7510] netlink: 4 bytes leftover after parsing attributes in process `syz.1.312'.
[  178.967689][ T7510] netlink: 25 bytes leftover after parsing attributes in process `syz.1.312'.
[  179.830993][   T51] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[  179.858315][ T5829] block nbd11: Receive control failed (result -32)
[  180.352020][ T7542] netlink: 4 bytes leftover after parsing attributes in process `syz.2.319'.
[  180.376993][ T7542] netlink: 25 bytes leftover after parsing attributes in process `syz.2.319'.
[  181.024442][ T7562] netlink: 4 bytes leftover after parsing attributes in process `syz.2.324'.
[  181.065533][ T7562] netlink: 25 bytes leftover after parsing attributes in process `syz.2.324'.
[  182.343778][ T7597] QAT: Invalid ioctl 21531
[  185.649346][ T7652] netlink: 4 bytes leftover after parsing attributes in process `syz.0.340'.
[  185.688510][ T7652] netlink: 25 bytes leftover after parsing attributes in process `syz.0.340'.
[  186.087244][   T29] audit: type=1400 audit(1771196890.306:3): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=7664 comm="syz.2.346"
[  186.107768][ T7667] QAT: Invalid ioctl 21531
[  186.550755][ T7675] netlink: 504 bytes leftover after parsing attributes in process `syz.2.347'.
[  186.602450][ T7675] netlink: 350 bytes leftover after parsing attributes in process `syz.2.347'.
[  187.144191][ T7688] QAT: Invalid ioctl 21531
[  187.431419][   T51] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[  187.494009][ T5829] block nbd12: Receive control failed (result -32)
[  187.846008][ T7707] netlink: 4 bytes leftover after parsing attributes in process `syz.0.354'.
[  187.864635][ T7707] netlink: 25 bytes leftover after parsing attributes in process `syz.0.354'.
[  189.844071][ T7741] QAT: Invalid ioctl 21531
[  190.673692][   T51] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[  190.781752][ T5829] block nbd13: Receive control failed (result -32)
[  191.105054][ T7764] netlink: 4 bytes leftover after parsing attributes in process `syz.2.364'.
[  191.117754][ T7764] netlink: 25 bytes leftover after parsing attributes in process `syz.2.364'.
[  191.132502][   T51] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[  191.286635][ T5829] block nbd14: Receive control failed (result -32)
[  192.237335][ T7785] QAT: Invalid ioctl 21531
[  193.257115][ T7787] binder: 7776:7787 ioctl c018620c 0 returned -1
[  194.375216][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  194.381607][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  194.823719][ T7836] netlink: 4 bytes leftover after parsing attributes in process `syz.2.376'.
[  194.868265][ T7836] netlink: 25 bytes leftover after parsing attributes in process `syz.2.376'.
[  194.979530][ T7838] netlink: 4 bytes leftover after parsing attributes in process `syz.1.377'.
[  195.028295][ T7838] netlink: 25 bytes leftover after parsing attributes in process `syz.1.377'.
[  196.323731][ T7861] QAT: Invalid ioctl 21531
[  197.232386][ T7871] QAT: Invalid ioctl 21531
[  197.780978][ T7879] netlink: 4 bytes leftover after parsing attributes in process `syz.1.389'.
[  197.797707][ T7879] netlink: 25 bytes leftover after parsing attributes in process `syz.1.389'.
[  198.299727][ T7896] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13
[  198.423642][ T7866] rtc_cmos 00:00: Alarms can be up to one day in the future
[  198.435844][ T7898] QAT: Invalid ioctl 21531
[  198.493273][ T7899] netlink: 4 bytes leftover after parsing attributes in process `syz.1.390'.
[  198.530407][ T7890] netlink: 25 bytes leftover after parsing attributes in process `syz.1.390'.
[  198.723044][ T1222] rtc_cmos 00:00: Alarms can be up to one day in the future
[  198.772318][ T7900] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14
[  198.784479][ T1222] rtc_cmos 00:00: Alarms can be up to one day in the future
[  198.805625][ T1222] rtc_cmos 00:00: Alarms can be up to one day in the future
[  198.834046][ T1222] rtc_cmos 00:00: Alarms can be up to one day in the future
[  198.852839][ T1222] rtc rtc0: __rtc_set_alarm: err=-22
[  201.087866][   T51] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[  201.174655][ T7934] binder: 7933:7934 ioctl c018620c 0 returned -1
[  201.227361][ T5829] block nbd15: Receive control failed (result -32)
[  202.164658][ T7954] QAT: Invalid ioctl 21531
[  203.938146][ T7983] netlink: 4 bytes leftover after parsing attributes in process `syz.1.408'.
[  203.986032][ T7983] netlink: 25 bytes leftover after parsing attributes in process `syz.1.408'.
[  204.518193][ T7997] netlink: 4 bytes leftover after parsing attributes in process `syz.1.411'.
[  204.537476][ T7997] netlink: 'syz.1.411': attribute type 1 has an invalid length.
[  204.564904][ T7997] netlink: 13 bytes leftover after parsing attributes in process `syz.1.411'.
[  204.817365][ T7993] netlink: 4 bytes leftover after parsing attributes in process `syz.3.409'.
[  204.889530][ T7993] netlink: 25 bytes leftover after parsing attributes in process `syz.3.409'.
[  205.397863][ T8018] netlink: 4 bytes leftover after parsing attributes in process `syz.1.413'.
[  205.411716][ T8018] netlink: 25 bytes leftover after parsing attributes in process `syz.1.413'.
[  206.605904][ T8057] netlink: 4 bytes leftover after parsing attributes in process `syz.0.420'.
[  206.669703][ T8057] netlink: 25 bytes leftover after parsing attributes in process `syz.0.420'.
[  208.100798][ T8066] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  208.148191][ T8066] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  208.154365][ T8066] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  208.204435][ T8066] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  208.238879][ T8085] QAT: Invalid ioctl 21531
[  209.499176][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  209.921724][ T8125] __nla_validate_parse: 4 callbacks suppressed
[  209.921751][ T8125] netlink: 4 bytes leftover after parsing attributes in process `syz.0.432'.
[  210.023550][ T8127] netlink: 25 bytes leftover after parsing attributes in process `syz.0.432'.
[  210.049750][ T8128] QAT: Invalid ioctl 21531
[  210.206817][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[  210.213055][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout
[  210.219234][   T51] Bluetooth: hci2: command 0x0c1a tx timeout
[  210.933540][ T8152] netlink: 4 bytes leftover after parsing attributes in process `syz.0.437'.
[  210.964293][ T8152] netlink: 25 bytes leftover after parsing attributes in process `syz.0.437'.
[  211.207254][ T8158] netlink: 4 bytes leftover after parsing attributes in process `syz.1.438'.
[  211.234059][ T8148] netlink: 25 bytes leftover after parsing attributes in process `syz.1.438'.
[  211.997054][ T8171] FAULT_INJECTION: forcing a failure.
[  211.997054][ T8171] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  212.030961][ T8171] CPU: 1 UID: 0 PID: 8171 Comm: syz.1.441 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  212.031008][ T8171] Tainted: [L]=SOFTLOCKUP
[  212.031017][ T8171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  212.031046][ T8171] Call Trace:
[  212.031055][ T8171]  <TASK>
[  212.031070][ T8171]  dump_stack_lvl+0x100/0x190
[  212.031116][ T8171]  should_fail_ex.cold+0x5/0xa
[  212.031143][ T8171]  ? prepare_alloc_pages+0x16d/0x5f0
[  212.031191][ T8171]  should_fail_alloc_page+0xeb/0x140
[  212.031235][ T8171]  prepare_alloc_pages+0x1f0/0x5f0
[  212.031285][ T8171]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  212.031327][ T8171]  ? mark_held_locks+0x40/0x70
[  212.031359][ T8171]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  212.031394][ T8171]  ? lockdep_hardirqs_on+0x78/0x100
[  212.031430][ T8171]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  212.031463][ T8171]  ? stack_depot_save_flags+0x479/0x9d0
[  212.031504][ T8171]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  212.031541][ T8171]  ? kasan_save_stack+0x3f/0x50
[  212.031576][ T8171]  ? kasan_save_stack+0x30/0x50
[  212.031608][ T8171]  ? __kasan_slab_alloc+0x89/0x90
[  212.031644][ T8171]  ? __pmd_alloc+0xbf/0x9c0
[  212.031668][ T8171]  ? walk_pgd_range+0x896/0x1eb0
[  212.031701][ T8171]  ? __walk_page_range+0x163/0x820
[  212.031736][ T8171]  ? walk_page_range_mm_unsafe+0x563/0xa10
[  212.031769][ T8171]  ? madvise_guard_install+0x2f9/0x7c0
[  212.031812][ T8171]  ? madvise_vma_behavior+0x109f/0x2ec0
[  212.031840][ T8171]  ? madvise_walk_vmas+0x2fe/0xa90
[  212.031873][ T8171]  ? madvise_do_behavior+0x1ea/0x510
[  212.031900][ T8171]  ? do_madvise+0x195/0x240
[  212.031940][ T8171]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  212.031983][ T8171]  ? policy_nodemask+0xed/0x4f0
[  212.032027][ T8171]  alloc_pages_mpol+0x1fb/0x550
[  212.032070][ T8171]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  212.032121][ T8171]  alloc_pages_noprof+0x131/0x390
[  212.032164][ T8171]  pte_alloc_one+0x1e/0x3e0
[  212.032195][ T8171]  __pte_alloc+0x6d/0x3f0
[  212.032235][ T8171]  ? __pfx___pte_alloc+0x10/0x10
[  212.032275][ T8171]  ? _raw_spin_unlock+0x28/0x50
[  212.032305][ T8171]  ? __pmd_alloc+0x6aa/0x9c0
[  212.032331][ T8171]  walk_pgd_range+0xb83/0x1eb0
[  212.032369][ T8171]  ? __pfx_guard_install_set_pte+0x10/0x10
[  212.032407][ T8171]  ? __pfx_guard_install_pte_entry+0x10/0x10
[  212.032452][ T8171]  ? __pfx_guard_install_set_pte+0x10/0x10
[  212.032499][ T8171]  ? __pfx_guard_install_set_pte+0x10/0x10
[  212.032541][ T8171]  ? __pfx_guard_install_set_pte+0x10/0x10
[  212.032585][ T8171]  ? __pfx_walk_pgd_range+0x10/0x10
[  212.032633][ T8171]  __walk_page_range+0x163/0x820
[  212.032673][ T8171]  ? find_vma+0xbf/0x140
[  212.032711][ T8171]  ? __pfx_find_vma+0x10/0x10
[  212.032753][ T8171]  ? walk_page_test+0x78/0x180
[  212.032791][ T8171]  walk_page_range_mm_unsafe+0x563/0xa10
[  212.032836][ T8171]  ? __pfx_walk_page_range_mm_unsafe+0x10/0x10
[  212.032893][ T8171]  ? __anon_vma_prepare+0x2e2/0x5e0
[  212.032931][ T8171]  madvise_guard_install+0x2f9/0x7c0
[  212.032985][ T8171]  ? __pfx_madvise_guard_install+0x10/0x10
[  212.033032][ T8171]  ? __pfx_guard_install_pud_entry+0x10/0x10
[  212.033071][ T8171]  ? __pfx_guard_install_pmd_entry+0x10/0x10
[  212.033111][ T8171]  ? __pfx_guard_install_pte_entry+0x10/0x10
[  212.033157][ T8171]  ? __pfx_guard_install_set_pte+0x10/0x10
[  212.033204][ T8171]  ? mtree_range_walk+0x6ce/0xcd0
[  212.033239][ T8171]  madvise_vma_behavior+0x109f/0x2ec0
[  212.033268][ T8171]  ? mas_prev_setup.constprop.0+0xb6/0x9c0
[  212.033307][ T8171]  ? __pfx_madvise_vma_behavior+0x10/0x10
[  212.033335][ T8171]  ? mas_prev+0x9b/0xf0
[  212.033372][ T8171]  ? __pfx_mas_prev+0x10/0x10
[  212.033420][ T8171]  ? find_vma_prev+0xd8/0x150
[  212.033459][ T8171]  ? lock_vma_under_rcu+0x1f9/0x590
[  212.033491][ T8171]  ? __pfx_find_vma_prev+0x10/0x10
[  212.033541][ T8171]  ? find_held_lock+0x2b/0x80
[  212.033581][ T8171]  ? madvise_do_behavior+0x1ea/0x510
[  212.033607][ T8171]  ? madvise_do_behavior+0x1ea/0x510
[  212.033641][ T8171]  madvise_walk_vmas+0x2fe/0xa90
[  212.033675][ T8171]  ? __pfx_madvise_walk_vmas+0x10/0x10
[  212.033710][ T8171]  ? find_held_lock+0x2b/0x80
[  212.033757][ T8171]  madvise_do_behavior+0x1ea/0x510
[  212.033783][ T8171]  ? futex_private_hash_put+0x107/0x1c0
[  212.033815][ T8171]  ? __pfx_madvise_do_behavior+0x10/0x10
[  212.033841][ T8171]  ? futex_wake+0x1ad/0x530
[  212.033897][ T8171]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  212.033946][ T8171]  do_madvise+0x195/0x240
[  212.033973][ T8171]  ? __pfx_do_madvise+0x10/0x10
[  212.033999][ T8171]  ? do_futex+0x192/0x350
[  212.034067][ T8171]  __x64_sys_madvise+0xa9/0x110
[  212.034094][ T8171]  ? lockdep_hardirqs_on+0x78/0x100
[  212.034129][ T8171]  do_syscall_64+0x106/0xf80
[  212.034163][ T8171]  ? clear_bhb_loop+0x40/0x90
[  212.034197][ T8171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.034226][ T8171] RIP: 0033:0x7fd40019bf79
[  212.034252][ T8171] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  212.034280][ T8171] RSP: 002b:00007fd400fb7028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  212.034307][ T8171] RAX: ffffffffffffffda RBX: 00007fd400415fa0 RCX: 00007fd40019bf79
[  212.034327][ T8171] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000
[  212.034344][ T8171] RBP: 00007fd4002327e0 R08: 0000000000000000 R09: 0000000000000000
[  212.034362][ T8171] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  212.034378][ T8171] R13: 00007fd400416038 R14: 00007fd400415fa0 R15: 00007ffdfd7e9e68
[  212.034417][ T8171]  </TASK>
[  213.089069][ T8188] netlink: 4 bytes leftover after parsing attributes in process `syz.1.444'.
[  213.158040][ T8188] netlink: 25 bytes leftover after parsing attributes in process `syz.1.444'.
[  213.725123][ T8203] QAT: Invalid ioctl 21531
[  214.583649][ T8209] netlink: 4 bytes leftover after parsing attributes in process `syz.2.449'.
[  214.584298][ T8209] netlink: 25 bytes leftover after parsing attributes in process `syz.2.449'.
[  214.888616][   T51] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[  215.007444][   T51] block nbd16: Receive control failed (result -32)
[  215.092880][ T8233] QAT: Invalid ioctl 21531
[  215.667466][ T8237] netlink: 4 bytes leftover after parsing attributes in process `syz.1.455'.
[  215.719128][ T8237] netlink: 25 bytes leftover after parsing attributes in process `syz.1.455'.
[  215.899941][   T51] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[  216.026536][   T51] block nbd17: Receive control failed (result -32)
[  216.409368][ T8262] netlink: 4 bytes leftover after parsing attributes in process `syz.1.458'.
[  216.481634][ T8252] netlink: 25 bytes leftover after parsing attributes in process `syz.1.458'.
[  217.530703][ T8271] nbd: nbd0 already in use
[  218.247591][ T8278] QAT: Invalid ioctl 21531
[  218.822254][ T8295] netlink: 4 bytes leftover after parsing attributes in process `syz.1.466'.
[  218.844221][ T8295] netlink: 13 bytes leftover after parsing attributes in process `syz.1.466'.
[  219.450749][   T51] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[  219.573449][   T51] block nbd18: Receive control failed (result -32)
[  219.773778][ T8299] netlink: 4 bytes leftover after parsing attributes in process `syz.2.467'.
[  219.833752][ T8304] netlink: 25 bytes leftover after parsing attributes in process `syz.2.467'.
[  220.798748][ T8333] QAT: Invalid ioctl 21531
[  221.624727][ T8356] netlink: 4 bytes leftover after parsing attributes in process `syz.1.477'.
[  221.670207][ T8351] netlink: 'syz.1.477': attribute type 1 has an invalid length.
[  221.700071][ T8351] netlink: 13 bytes leftover after parsing attributes in process `syz.1.477'.
[  221.951999][ T8360] QAT: Invalid ioctl 21531
[  222.729773][ T8374] netlink: 4 bytes leftover after parsing attributes in process `syz.3.480'.
[  222.756875][ T8374] netlink: 25 bytes leftover after parsing attributes in process `syz.3.480'.
[  223.619525][ T8398] QAT: Invalid ioctl 21531
[  224.104540][   T51] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[  224.226170][   T51] block nbd19: Receive control failed (result -32)
[  224.357349][ T8411] netlink: 4 bytes leftover after parsing attributes in process `syz.2.488'.
[  224.415093][ T8419] QAT: Invalid ioctl 21531
[  224.437526][ T8411] netlink: 'syz.2.488': attribute type 1 has an invalid length.
[  224.446140][ T8411] netlink: 13 bytes leftover after parsing attributes in process `syz.2.488'.
[  225.164681][ T8437] netlink: 4 bytes leftover after parsing attributes in process `syz.2.492'.
[  225.256376][ T8428] netlink: 25 bytes leftover after parsing attributes in process `syz.2.492'.
[  226.553556][ T5829] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[  226.684390][   T51] block nbd20: Receive control failed (result -32)
[  226.706653][ T8473] QAT: Invalid ioctl 21531
[  226.818751][ T8476] QAT: Invalid ioctl 21531
[  227.941267][ T8494] netlink: 4 bytes leftover after parsing attributes in process `syz.3.502'.
[  227.994556][ T8484] netlink: 25 bytes leftover after parsing attributes in process `syz.3.502'.
[  228.076938][ T8502] netlink: 4 bytes leftover after parsing attributes in process `syz.1.504'.
[  228.115063][ T8497] netlink: 25 bytes leftover after parsing attributes in process `syz.1.504'.
[  229.120259][   T29] audit: type=1804 audit(1771196933.346:4): pid=8527 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.509" name="/newroot/120/file0" dev="tmpfs" ino=648 res=1 errno=0
[  229.195661][   T29] audit: type=1804 audit(1771196933.416:5): pid=8529 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.509" name="/newroot/120/file0" dev="tmpfs" ino=648 res=1 errno=0
[  229.270618][ T8534] QAT: Invalid ioctl 21531
[  229.490966][   T51] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[  229.656233][   T51] block nbd21: Receive control failed (result -32)
[  229.994110][ T8553] netlink: 4 bytes leftover after parsing attributes in process `syz.1.513'.
[  230.061667][ T8553] netlink: 'syz.1.513': attribute type 1 has an invalid length.
[  230.091562][ T8553] netlink: 13 bytes leftover after parsing attributes in process `syz.1.513'.
[  230.920039][ T8563] netlink: 4 bytes leftover after parsing attributes in process `syz.1.516'.
[  230.942381][ T8563] netlink: 25 bytes leftover after parsing attributes in process `syz.1.516'.
[  231.296068][ T8572] netlink: 4 bytes leftover after parsing attributes in process `syz.0.517'.
[  231.329138][ T8566] netlink: 25 bytes leftover after parsing attributes in process `syz.0.517'.
[  232.234640][ T8581] ipvlan1: entered promiscuous mode
[  232.256611][ T8581] ipvlan1: entered allmulticast mode
[  232.298233][ T8581] veth0_vlan: entered allmulticast mode
[  232.978394][ T8593] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input15
[  233.023338][ T8596] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0
[  233.612009][ T8609] __nla_validate_parse: 1 callbacks suppressed
[  233.612032][ T8609] netlink: 4 bytes leftover after parsing attributes in process `syz.2.525'.
[  233.718557][ T8612] netlink: 'syz.2.525': attribute type 1 has an invalid length.
[  233.836531][ T8612] netlink: 13 bytes leftover after parsing attributes in process `syz.2.525'.
[  233.961165][ T8611] netlink: 4 bytes leftover after parsing attributes in process `syz.0.526'.
[  234.026921][ T8611] netlink: 25 bytes leftover after parsing attributes in process `syz.0.526'.
[  234.047790][ T8619] QAT: Invalid ioctl 21531
[  234.291297][ T8623] QAT: Invalid ioctl 21531
[  234.776326][ T8639] netlink: 4 bytes leftover after parsing attributes in process `syz.1.529'.
[  234.877467][ T8625] netlink: 25 bytes leftover after parsing attributes in process `syz.1.529'.
[  235.427151][ T8649] netlink: 4 bytes leftover after parsing attributes in process `syz.3.541'.
[  235.448607][ T8649] netlink: 13 bytes leftover after parsing attributes in process `syz.3.541'.
[  235.980192][ T8643] netlink: 28 bytes leftover after parsing attributes in process `syz.1.532'.
[  236.046369][ T8643] ipvlan1: entered promiscuous mode
[  236.056776][ T8643] ipvlan1: entered allmulticast mode
[  236.073278][ T8670] netlink: 4 bytes leftover after parsing attributes in process `syz.3.535'.
[  236.086592][ T8643] veth0_vlan: entered allmulticast mode
[  236.423618][   T51] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[  236.481387][ T8682] QAT: Invalid ioctl 21531
[  236.656731][   T51] block nbd22: Receive control failed (result -32)
[  237.097233][ T8695] QAT: Invalid ioctl 21531
[  239.008783][ T8724] __nla_validate_parse: 5 callbacks suppressed
[  239.008798][ T8724] netlink: 28 bytes leftover after parsing attributes in process `syz.2.548'.
[  239.066815][ T8724] ipvlan1: entered promiscuous mode
[  239.077427][ T8724] ipvlan1: entered allmulticast mode
[  239.089046][ T8724] veth0_vlan: entered allmulticast mode
[  239.318633][ T8742] QAT: Invalid ioctl 21531
[  240.352528][ T8780] netlink: 4 bytes leftover after parsing attributes in process `syz.3.557'.
[  240.394828][ T8774] netlink: 4 bytes leftover after parsing attributes in process `syz.1.555'.
[  240.407731][ T8774] netlink: 25 bytes leftover after parsing attributes in process `syz.1.555'.
[  240.449402][ T8781] netlink: 25 bytes leftover after parsing attributes in process `syz.3.557'.
[  240.806820][   T51] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[  240.999468][   T51] block nbd23: Receive control failed (result -32)
[  241.403676][ T8807] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0
[  242.339063][ T8831] netlink: 4 bytes leftover after parsing attributes in process `syz.2.567'.
[  242.390636][ T8824] netlink: 25 bytes leftover after parsing attributes in process `syz.2.567'.
[  243.305883][ T8842] netlink: 4 bytes leftover after parsing attributes in process `syz.1.568'.
[  243.375263][ T8842] netlink: 25 bytes leftover after parsing attributes in process `syz.1.568'.
[  243.757753][ T8850] QAT: Invalid ioctl 21531
[  244.724384][ T8855] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0
[  247.176098][ T8912] netlink: 4 bytes leftover after parsing attributes in process `syz.3.582'.
[  247.196666][ T8912] netlink: 25 bytes leftover after parsing attributes in process `syz.3.582'.
[  247.318882][ T8914] netlink: 4 bytes leftover after parsing attributes in process `syz.0.583'.
[  247.348098][ T8914] netlink: 25 bytes leftover after parsing attributes in process `syz.0.583'.
[  247.691276][ T8918] capability: warning: `syz.3.584' uses 32-bit capabilities (legacy support in use)
[  247.905964][   T51] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[  247.965826][ T8921] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input16
[  247.981470][   T51] block nbd24: Receive control failed (result -32)
[  249.915072][ T8968] netlink: 4 bytes leftover after parsing attributes in process `syz.0.594'.
[  249.943921][ T8982] QAT: Invalid ioctl 21531
[  249.951883][ T8983] QAT: Invalid ioctl 21531
[  249.959441][ T8968] netlink: 25 bytes leftover after parsing attributes in process `syz.0.594'.
[  250.775322][ T8991] ERROR: Out of memory at tomoyo_memory_ok.
[  252.728842][ T9033] netlink: 4 bytes leftover after parsing attributes in process `syz.1.606'.
[  252.768341][ T9035] QAT: Invalid ioctl 21531
[  252.822829][ T9036] netlink: 17 bytes leftover after parsing attributes in process `syz.1.606'.
[  253.815665][ T9063] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0
[  255.682611][ T9088] netlink: 4 bytes leftover after parsing attributes in process `syz.1.619'.
[  255.728335][ T9088] netlink: 17 bytes leftover after parsing attributes in process `syz.1.619'.
[  255.820078][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  255.826632][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  255.965822][ T9099] QAT: Invalid ioctl 21531
[  256.788354][ T9113] netlink: 4 bytes leftover after parsing attributes in process `syz.1.623'.
[  256.834279][ T9113] netlink: 'syz.1.623': attribute type 1 has an invalid length.
[  256.876867][ T9113] netlink: 13 bytes leftover after parsing attributes in process `syz.1.623'.
[  257.277193][ T9127] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0
[  257.895247][ T9139] QAT: Invalid ioctl 21531
[  261.697945][ T9202] QAT: Invalid ioctl 21531
[  261.895299][ T9209] netlink: 4 bytes leftover after parsing attributes in process `syz.3.639'.
[  262.086869][ T9203] netlink: 25 bytes leftover after parsing attributes in process `syz.3.639'.
[  262.930082][ T9232] FAULT_INJECTION: forcing a failure.
[  262.930082][ T9232] name fail_futex, interval 1, probability 0, space 0, times 1
[  263.078142][ T9232] CPU: 1 UID: 0 PID: 9232 Comm: syz.3.647 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  263.078183][ T9232] Tainted: [L]=SOFTLOCKUP
[  263.078192][ T9232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  263.078210][ T9232] Call Trace:
[  263.078219][ T9232]  <TASK>
[  263.078228][ T9232]  dump_stack_lvl+0x100/0x190
[  263.078269][ T9232]  should_fail_ex.cold+0x5/0xa
[  263.078299][ T9232]  should_fail_futex+0x4c/0x60
[  263.078325][ T9232]  __x64_sys_futex+0x1f0/0x4d0
[  263.078358][ T9232]  ? __pfx___x64_sys_futex+0x10/0x10
[  263.078401][ T9232]  do_syscall_64+0x106/0xf80
[  263.078430][ T9232]  ? clear_bhb_loop+0x40/0x90
[  263.078461][ T9232]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  263.078493][ T9232] RIP: 0033:0x7fb4bd99bf79
[  263.078514][ T9232] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  263.078537][ T9232] RSP: 002b:00007ffe33e97608 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  263.078565][ T9232] RAX: ffffffffffffffda RBX: 00000000000402f7 RCX: 00007fb4bd99bf79
[  263.078582][ T9232] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fb4bdc15fac
[  263.078597][ T9232] RBP: 0000000000000032 R08: 0000000000000000 R09: 0000000000000000
[  263.078612][ T9232] R10: 00007ffe33e97710 R11: 0000000000000246 R12: 00007ffe33e97730
[  263.078627][ T9232] R13: 00007fb4bdc15fac R14: 0000000000040329 R15: 00007ffe33e97710
[  263.078662][ T9232]  </TASK>
[  263.799095][ T9261] netlink: 93 bytes leftover after parsing attributes in process `syz.3.647'.
[  264.042534][ T9257] netlink: 93 bytes leftover after parsing attributes in process `syz.3.647'.
[  264.258716][ T9271] QAT: Invalid ioctl 21531
[  264.301457][ T9264] netlink: 4 bytes leftover after parsing attributes in process `syz.1.650'.
[  264.348935][ T9264] netlink: 'syz.1.650': attribute type 1 has an invalid length.
[  264.357296][ T9264] netlink: 13 bytes leftover after parsing attributes in process `syz.1.650'.
[  265.642760][   T51] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[  265.781500][   T51] block nbd25: Receive control failed (result -32)
[  266.177542][ T9314] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0
[  266.705307][ T9319] QAT: Invalid ioctl 21531
[  267.373323][ T9346] netlink: 4 bytes leftover after parsing attributes in process `syz.2.666'.
[  267.416915][ T9346] netlink: 13 bytes leftover after parsing attributes in process `syz.2.666'.
[  267.663808][ T9340] netlink: 4 bytes leftover after parsing attributes in process `syz.0.667'.
[  267.717988][ T9344] netlink: 'syz.0.667': attribute type 1 has an invalid length.
[  267.725763][ T9344] netlink: 13 bytes leftover after parsing attributes in process `syz.0.667'.
[  268.437497][   T51] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[  268.650792][   T51] block nbd26: Receive control failed (result -32)
[  269.215084][ T9386] QAT: Invalid ioctl 21531
[  270.203861][ T9400] netlink: 4 bytes leftover after parsing attributes in process `syz.0.676'.
[  270.248132][ T9400] netlink: 25 bytes leftover after parsing attributes in process `syz.0.676'.
[  270.284276][ T9403] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0
[  270.837223][ T9414] QAT: Invalid ioctl 21531
[  271.180638][   T51] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[  272.120960][ T9434] QAT: Invalid ioctl 21531
[  272.809410][ T9424] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  272.840791][ T9424] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  272.867428][ T9424] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  272.885750][ T9424] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  273.247521][   T51] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[  273.529805][   T51] block nbd27: Receive control failed (result -32)
[  273.648151][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  273.858061][ T9476] netlink: 4 bytes leftover after parsing attributes in process `syz.1.692'.
[  273.928437][ T9478] QAT: Invalid ioctl 21531
[  273.936963][ T9469] netlink: 25 bytes leftover after parsing attributes in process `syz.1.692'.
[  274.692723][ T9493] netlink: 28 bytes leftover after parsing attributes in process `syz.2.695'.
[  274.714862][ T9492] netlink: 4 bytes leftover after parsing attributes in process `syz.3.696'.
[  274.735526][ T9492] netlink: 17 bytes leftover after parsing attributes in process `syz.3.696'.
[  274.849526][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  274.869910][ T9491] bond0: invalid ARP target specified
[  274.893713][ T9495] FAULT_INJECTION: forcing a failure.
[  274.893713][ T9495] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  274.917565][ T9497] QAT: Invalid ioctl 21531
[  274.937165][   T51] Bluetooth: hci2: command 0x0c1a tx timeout
[  274.937222][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout
[  275.026305][ T9493] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  275.140909][ T9495] CPU: 0 UID: 0 PID: 9495 Comm: syz.2.695 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  275.140953][ T9495] Tainted: [L]=SOFTLOCKUP
[  275.140962][ T9495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  275.140977][ T9495] Call Trace:
[  275.140985][ T9495]  <TASK>
[  275.140995][ T9495]  dump_stack_lvl+0x100/0x190
[  275.141041][ T9495]  should_fail_ex.cold+0x5/0xa
[  275.141071][ T9495]  ? prepare_alloc_pages+0x16d/0x5f0
[  275.141115][ T9495]  should_fail_alloc_page+0xeb/0x140
[  275.141159][ T9495]  prepare_alloc_pages+0x1f0/0x5f0
[  275.141208][ T9495]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  275.141249][ T9495]  ? __lock_acquire+0x4a5/0x2630
[  275.141286][ T9495]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  275.141320][ T9495]  ? do_raw_spin_lock+0x128/0x260
[  275.141350][ T9495]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  275.141382][ T9495]  ? find_held_lock+0x2b/0x80
[  275.141422][ T9495]  ? __lock_acquire+0x4a5/0x2630
[  275.141448][ T9495]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  275.141484][ T9495]  ? policy_nodemask+0xed/0x4f0
[  275.141519][ T9495]  alloc_pages_mpol+0x1fb/0x550
[  275.141558][ T9495]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  275.141607][ T9495]  ? __folio_batch_add_and_move+0x5e5/0xc60
[  275.141644][ T9495]  ? __folio_batch_add_and_move+0x5e5/0xc60
[  275.141683][ T9495]  folio_alloc_mpol_noprof+0x36/0x340
[  275.141711][ T9495]  shmem_alloc_folio+0x135/0x160
[  275.141742][ T9495]  shmem_alloc_and_add_folio+0x371/0xd40
[  275.141787][ T9495]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  275.141825][ T9495]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  275.141869][ T9495]  shmem_get_folio_gfp+0x6ab/0x1900
[  275.141912][ T9495]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  275.141949][ T9495]  ? filemap_map_pages+0x9e0/0x2170
[  275.141989][ T9495]  shmem_fault+0x1f9/0xa20
[  275.142023][ T9495]  ? __lock_acquire+0x4a5/0x2630
[  275.142055][ T9495]  ? __pfx_shmem_fault+0x10/0x10
[  275.142097][ T9495]  ? __pfx_filemap_map_pages+0x10/0x10
[  275.142141][ T9495]  __do_fault+0x10d/0x550
[  275.142183][ T9495]  do_fault+0xaf9/0x1a00
[  275.142214][ T9495]  __handle_mm_fault+0x180f/0x2b60
[  275.142250][ T9495]  ? mt_find+0x45e/0x8e0
[  275.142289][ T9495]  ? __pfx___handle_mm_fault+0x10/0x10
[  275.142318][ T9495]  ? __pfx_mt_find+0x10/0x10
[  275.142373][ T9495]  ? find_vma+0xbf/0x140
[  275.142410][ T9495]  ? __pfx_find_vma+0x10/0x10
[  275.142451][ T9495]  handle_mm_fault+0x36d/0xa20
[  275.142489][ T9495]  do_user_addr_fault+0x74c/0x12f0
[  275.142541][ T9495]  exc_page_fault+0x6f/0xd0
[  275.142576][ T9495]  asm_exc_page_fault+0x26/0x30
[  275.142609][ T9495] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  275.142639][ T9495] Code: 93 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 e9 8f 93 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  275.142666][ T9495] RSP: 0018:ffffc90019287d30 EFLAGS: 00050206
[  275.142688][ T9495] RAX: 0000000000000001 RBX: 0000000000001fe4 RCX: 0000000000005b84
[  275.142705][ T9495] RDX: 0000000000000001 RSI: 0000000000004000 RDI: ffffc90004c9d07c
[  275.142722][ T9495] RBP: 0000000000007ba0 R08: 0000000000000001 R09: fffff5200099457f
[  275.142738][ T9495] R10: ffffc90004ca2bff R11: 0000000000000000 R12: 0000000000000000
[  275.142754][ T9495] R13: ffffc90004c9b060 R14: 0000000000007ba0 R15: ffffc90004c9b060
[  275.142789][ T9495]  _copy_from_user+0x98/0xd0
[  275.142823][ T9495]  bpf_prog_create_from_user+0x109/0x2f0
[  275.142864][ T9495]  ? __pfx_seccomp_check_filter+0x10/0x10
[  275.142897][ T9495]  do_seccomp+0x7f7/0x2740
[  275.142937][ T9495]  ? __pfx_do_seccomp+0x10/0x10
[  275.142968][ T9495]  ? __x64_sys_openat+0x12d/0x210
[  275.142998][ T9495]  ? xfd_validate_state+0x129/0x190
[  275.143049][ T9495]  do_syscall_64+0x106/0xf80
[  275.143082][ T9495]  ? clear_bhb_loop+0x40/0x90
[  275.143114][ T9495]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.143142][ T9495] RIP: 0033:0x7f056dd9bf79
[  275.143164][ T9495] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  275.143188][ T9495] RSP: 002b:00007f056eca7028 EFLAGS: 00000246 ORIG_RAX: 000000000000013d
[  275.143212][ T9495] RAX: ffffffffffffffda RBX: 00007f056e016180 RCX: 00007f056dd9bf79
[  275.143230][ T9495] RDX: 0000200000000100 RSI: 0000000000000000 RDI: 0000000000000001
[  275.143246][ T9495] RBP: 00007f056de327e0 R08: 0000000000000000 R09: 0000000000000000
[  275.143262][ T9495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  275.143278][ T9495] R13: 00007f056e016218 R14: 00007f056e016180 R15: 00007ffc9230e388
[  275.143315][ T9495]  </TASK>
[  275.182996][ T9493] batman_adv: batadv0: Removing interface: batadv_slave_0
[  275.697786][ T9493] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  275.736839][ T9493] batman_adv: batadv0: Removing interface: batadv_slave_1
[  276.551467][ T9535] netlink: 4 bytes leftover after parsing attributes in process `syz.3.703'.
[  276.598905][ T9525] netlink: 25 bytes leftover after parsing attributes in process `syz.3.703'.
[  276.940310][ T9542] QAT: Invalid ioctl 21531
[  277.437749][ T9554] QAT: Invalid ioctl 21531
[  278.971589][ T9583] netlink: 4 bytes leftover after parsing attributes in process `syz.1.712'.
[  278.987785][ T9583] netlink: 'syz.1.712': attribute type 1 has an invalid length.
[  278.998523][ T9587] QAT: Invalid ioctl 21531
[  279.003243][ T9583] netlink: 13 bytes leftover after parsing attributes in process `syz.1.712'.
[  279.523452][ T9596] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0
[  280.134392][ T9606] QAT: Invalid ioctl 21531
[  280.302148][ T9607] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input17
[  281.166542][ T5829] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  281.701776][   T51] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[  281.860978][   T51] block nbd28: Receive control failed (result -32)
[  282.960190][ T9654] bridge0: port 4(gretap0) entered blocking state
[  282.975667][ T9654] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  282.989753][ T9654] bridge0: port 4(gretap0) entered disabled state
[  282.999422][ T9654] gretap0: entered allmulticast mode
[  283.007122][ T9654] gretap0: entered promiscuous mode
[  283.013053][ T9654] bridge0: port 4(gretap0) entered blocking state
[  283.019641][ T9654] bridge0: port 4(gretap0) entered forwarding state
[  283.381306][ T9659] netlink: 'syz.0.731': attribute type 11 has an invalid length.
[  283.433898][ T9659] netlink: 'syz.0.731': attribute type 11 has an invalid length.
[  283.457017][ T9659] netlink: 'syz.0.731': attribute type 11 has an invalid length.
[  283.476655][ T9659] netlink: 'syz.0.731': attribute type 11 has an invalid length.
[  283.583785][ T9659] random: crng reseeded on system resumption
[  283.906327][ T9673] QAT: Invalid ioctl 21531
[  284.560553][   T51] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[  284.664924][   T51] block nbd29: Receive control failed (result -32)
[  285.679151][ T9682] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  285.693218][ T9682] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  285.741491][ T9682] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  285.778299][ T9682] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  285.933194][ T9714] QAT: Invalid ioctl 21531
[  286.686783][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  286.846008][ T9728] bond0: invalid ARP target specified
[  286.951579][ T9730] netlink: 28 bytes leftover after parsing attributes in process `syz.1.747'.
[  287.085627][ T9728] FAULT_INJECTION: forcing a failure.
[  287.085627][ T9728] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  287.227808][ T9728] CPU: 0 UID: 0 PID: 9728 Comm: syz.1.747 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  287.227853][ T9728] Tainted: [L]=SOFTLOCKUP
[  287.227862][ T9728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  287.227873][ T9728] Call Trace:
[  287.227878][ T9728]  <TASK>
[  287.227884][ T9728]  dump_stack_lvl+0x100/0x190
[  287.227911][ T9728]  should_fail_ex.cold+0x5/0xa
[  287.227927][ T9728]  ? prepare_alloc_pages+0x16d/0x5f0
[  287.227951][ T9728]  should_fail_alloc_page+0xeb/0x140
[  287.227973][ T9728]  prepare_alloc_pages+0x1f0/0x5f0
[  287.228000][ T9728]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  287.228023][ T9728]  ? __lock_acquire+0x4a5/0x2630
[  287.228046][ T9728]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  287.228067][ T9728]  ? do_raw_spin_lock+0x128/0x260
[  287.228087][ T9728]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  287.228106][ T9728]  ? find_held_lock+0x2b/0x80
[  287.228133][ T9728]  ? __lock_acquire+0x4a5/0x2630
[  287.228150][ T9728]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  287.228173][ T9728]  ? policy_nodemask+0xed/0x4f0
[  287.228196][ T9728]  alloc_pages_mpol+0x1fb/0x550
[  287.228218][ T9728]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  287.228240][ T9728]  ? __folio_batch_add_and_move+0x5e5/0xc60
[  287.228259][ T9728]  ? __folio_batch_add_and_move+0x5e5/0xc60
[  287.228282][ T9728]  folio_alloc_mpol_noprof+0x36/0x340
[  287.228298][ T9728]  shmem_alloc_folio+0x135/0x160
[  287.228315][ T9728]  shmem_alloc_and_add_folio+0x371/0xd40
[  287.228338][ T9728]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  287.228359][ T9728]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  287.228382][ T9728]  shmem_get_folio_gfp+0x6ab/0x1900
[  287.228404][ T9728]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  287.228424][ T9728]  ? filemap_map_pages+0x9e0/0x2170
[  287.228446][ T9728]  shmem_fault+0x1f9/0xa20
[  287.228463][ T9728]  ? __lock_acquire+0x4a5/0x2630
[  287.228480][ T9728]  ? __pfx_shmem_fault+0x10/0x10
[  287.228503][ T9728]  ? __pfx_filemap_map_pages+0x10/0x10
[  287.228526][ T9728]  __do_fault+0x10d/0x550
[  287.228548][ T9728]  do_fault+0xaf9/0x1a00
[  287.228565][ T9728]  __handle_mm_fault+0x180f/0x2b60
[  287.228596][ T9728]  ? mt_find+0x45e/0x8e0
[  287.228619][ T9728]  ? __pfx___handle_mm_fault+0x10/0x10
[  287.228634][ T9728]  ? __pfx_mt_find+0x10/0x10
[  287.228670][ T9728]  ? find_vma+0xbf/0x140
[  287.228704][ T9728]  ? __pfx_find_vma+0x10/0x10
[  287.228747][ T9728]  handle_mm_fault+0x36d/0xa20
[  287.228786][ T9728]  do_user_addr_fault+0x74c/0x12f0
[  287.228825][ T9728]  exc_page_fault+0x6f/0xd0
[  287.228845][ T9728]  asm_exc_page_fault+0x26/0x30
[  287.228860][ T9728] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  287.228876][ T9728] Code: 93 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 e9 8f 93 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  287.228891][ T9728] RSP: 0018:ffffc9001855fd30 EFLAGS: 00050206
[  287.228903][ T9728] RAX: 0000000000000001 RBX: 0000000000001fe4 RCX: 0000000000005b84
[  287.228912][ T9728] RDX: 0000000000000001 RSI: 0000000000004000 RDI: ffffc900184fa07c
[  287.228921][ T9728] RBP: 0000000000007ba0 R08: 0000000000000001 R09: fffff5200309ff7f
[  287.228930][ T9728] R10: ffffc900184ffbff R11: 0000000000000000 R12: 0000000000000000
[  287.228938][ T9728] R13: ffffc900184f8060 R14: 0000000000007ba0 R15: ffffc900184f8060
[  287.228957][ T9728]  _copy_from_user+0x98/0xd0
[  287.228976][ T9728]  bpf_prog_create_from_user+0x109/0x2f0
[  287.228998][ T9728]  ? __pfx_seccomp_check_filter+0x10/0x10
[  287.229017][ T9728]  do_seccomp+0x7f7/0x2740
[  287.229040][ T9728]  ? __pfx_do_seccomp+0x10/0x10
[  287.229056][ T9728]  ? __x64_sys_openat+0x12d/0x210
[  287.229074][ T9728]  ? xfd_validate_state+0x129/0x190
[  287.229102][ T9728]  do_syscall_64+0x106/0xf80
[  287.229119][ T9728]  ? clear_bhb_loop+0x40/0x90
[  287.229137][ T9728]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  287.229151][ T9728] RIP: 0033:0x7fd40019bf79
[  287.229163][ T9728] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  287.229176][ T9728] RSP: 002b:00007fd400fb7028 EFLAGS: 00000246 ORIG_RAX: 000000000000013d
[  287.229189][ T9728] RAX: ffffffffffffffda RBX: 00007fd400415fa0 RCX: 00007fd40019bf79
[  287.229198][ T9728] RDX: 0000200000000100 RSI: 0000000000000000 RDI: 0000000000000001
[  287.229206][ T9728] RBP: 00007fd4002327e0 R08: 0000000000000000 R09: 0000000000000000
[  287.229215][ T9728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  287.229223][ T9728] R13: 00007fd400416038 R14: 00007fd400415fa0 R15: 00007ffdfd7e9e68
[  287.229242][ T9728]  </TASK>
[  287.726942][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  287.806642][   T51] Bluetooth: hci2: command 0x0c1a tx timeout
[  287.813090][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout
[  289.081324][ T9756] futex_wake_op: syz.2.752 tries to shift op by -2048; fix this program
[  289.131311][ T9756] futex_wake_op: syz.2.752 tries to shift op by -2048; fix this program
[  289.175466][ T9758] 0x000000000001-0x000000020000 : ""
[  289.272934][ T9758] ftl_cs: FTL header corrupt!
[  290.196951][ T9773] netlink: 4 bytes leftover after parsing attributes in process `syz.1.753'.
[  290.288215][ T9773] netlink: 'syz.1.753': attribute type 1 has an invalid length.
[  290.393435][ T9773] netlink: 13 bytes leftover after parsing attributes in process `syz.1.753'.
[  290.710342][ T9768] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  290.734387][ T9768] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  290.761321][ T9768] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  290.833513][ T9768] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  291.200248][ T9789] netlink: 4 bytes leftover after parsing attributes in process `syz.0.757'.
[  291.239966][ T9784] netlink: 25 bytes leftover after parsing attributes in process `syz.0.757'.
[  292.205318][ T9782] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  292.215974][ T9782] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  292.224625][ T9782] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  292.242771][ T9782] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  292.252991][ T9783] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  292.494371][ T9807] QAT: Invalid ioctl 21531
[  292.799255][ T5829] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[  292.930587][ T5829] block nbd30: Receive control failed (result -32)
[  293.089702][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  293.169147][ T9817] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0
[  293.450298][ T9827] netlink: 4 bytes leftover after parsing attributes in process `syz.3.765'.
[  293.523470][ T9824] netlink: 'syz.3.765': attribute type 1 has an invalid length.
[  293.532824][ T9824] netlink: 13 bytes leftover after parsing attributes in process `syz.3.765'.
[  293.679929][ T9835] QAT: Invalid ioctl 21531
[  294.296568][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[  294.299890][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[  294.302647][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout
[  294.520081][ T9844] netlink: 4 bytes leftover after parsing attributes in process `syz.3.770'.
[  294.543011][ T9844] netlink: 17 bytes leftover after parsing attributes in process `syz.3.770'.
[  296.606586][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  296.613807][ T9851] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  296.873884][ T9851] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  296.889707][ T9851] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  296.896735][ T9851] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  297.062422][ T9897] MTRR 1 not used
[  297.477227][ T9913] netlink: 4 bytes leftover after parsing attributes in process `syz.1.782'.
[  297.613161][ T9913] netlink: 17 bytes leftover after parsing attributes in process `syz.1.782'.
[  297.670797][ T9899] netlink: 4 bytes leftover after parsing attributes in process `syz.0.780'.
[  297.707670][ T9899] netlink: 17 bytes leftover after parsing attributes in process `syz.0.780'.
[  297.937558][ T9922] bond0: invalid ARP target specified
[  297.950715][ T9922] netlink: 28 bytes leftover after parsing attributes in process `syz.0.785'.
[  297.959933][ T9922] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  297.979298][ T9922] batman_adv: batadv0: Removing interface: batadv_slave_0
[  297.990002][ T9922] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  297.998504][ T9922] batman_adv: batadv0: Removing interface: batadv_slave_1
[  298.025149][ T9927] FAULT_INJECTION: forcing a failure.
[  298.025149][ T9927] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  298.040166][ T9927] CPU: 0 UID: 0 PID: 9927 Comm: syz.0.785 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  298.040206][ T9927] Tainted: [L]=SOFTLOCKUP
[  298.040215][ T9927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  298.040229][ T9927] Call Trace:
[  298.040237][ T9927]  <TASK>
[  298.040246][ T9927]  dump_stack_lvl+0x100/0x190
[  298.040291][ T9927]  should_fail_ex.cold+0x5/0xa
[  298.040315][ T9927]  ? prepare_alloc_pages+0x16d/0x5f0
[  298.040360][ T9927]  should_fail_alloc_page+0xeb/0x140
[  298.040401][ T9927]  prepare_alloc_pages+0x1f0/0x5f0
[  298.040449][ T9927]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  298.040494][ T9927]  ? __lock_acquire+0x4a5/0x2630
[  298.040538][ T9927]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  298.040579][ T9927]  ? do_raw_spin_lock+0x128/0x260
[  298.040616][ T9927]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  298.040650][ T9927]  ? find_held_lock+0x2b/0x80
[  298.040697][ T9927]  ? __lock_acquire+0x4a5/0x2630
[  298.040728][ T9927]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  298.040769][ T9927]  ? policy_nodemask+0xed/0x4f0
[  298.040810][ T9927]  alloc_pages_mpol+0x1fb/0x550
[  298.040852][ T9927]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  298.040893][ T9927]  ? __folio_batch_add_and_move+0x5e5/0xc60
[  298.040930][ T9927]  ? __folio_batch_add_and_move+0x5e5/0xc60
[  298.040973][ T9927]  folio_alloc_mpol_noprof+0x36/0x340
[  298.041015][ T9927]  shmem_alloc_folio+0x135/0x160
[  298.041046][ T9927]  shmem_alloc_and_add_folio+0x371/0xd40
[  298.041089][ T9927]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  298.041127][ T9927]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  298.041172][ T9927]  shmem_get_folio_gfp+0x6ab/0x1900
[  298.041222][ T9927]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  298.041260][ T9927]  ? filemap_map_pages+0x9e0/0x2170
[  298.041301][ T9927]  shmem_fault+0x1f9/0xa20
[  298.041334][ T9927]  ? __lock_acquire+0x4a5/0x2630
[  298.041367][ T9927]  ? __pfx_shmem_fault+0x10/0x10
[  298.041409][ T9927]  ? __pfx_filemap_map_pages+0x10/0x10
[  298.041453][ T9927]  __do_fault+0x10d/0x550
[  298.041494][ T9927]  do_fault+0xaf9/0x1a00
[  298.041525][ T9927]  __handle_mm_fault+0x180f/0x2b60
[  298.041560][ T9927]  ? mt_find+0x45e/0x8e0
[  298.041600][ T9927]  ? __pfx___handle_mm_fault+0x10/0x10
[  298.041629][ T9927]  ? __pfx_mt_find+0x10/0x10
[  298.041688][ T9927]  ? find_vma+0xbf/0x140
[  298.041723][ T9927]  ? __pfx_find_vma+0x10/0x10
[  298.041763][ T9927]  handle_mm_fault+0x36d/0xa20
[  298.041803][ T9927]  do_user_addr_fault+0x74c/0x12f0
[  298.041856][ T9927]  exc_page_fault+0x6f/0xd0
[  298.041891][ T9927]  asm_exc_page_fault+0x26/0x30
[  298.041917][ T9927] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  298.041946][ T9927] Code: 93 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 e9 8f 93 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  298.041973][ T9927] RSP: 0018:ffffc9000c87fd30 EFLAGS: 00050206
[  298.042004][ T9927] RAX: 0000000000000001 RBX: 0000000000001fe4 RCX: 0000000000005b84
[  298.042021][ T9927] RDX: 0000000000000001 RSI: 0000000000004000 RDI: ffffc900065da07c
[  298.042038][ T9927] RBP: 0000000000007ba0 R08: 0000000000000001 R09: fffff52000cbbf7f
[  298.042055][ T9927] R10: ffffc900065dfbff R11: 0000000000000000 R12: 0000000000000000
[  298.042072][ T9927] R13: ffffc900065d8060 R14: 0000000000007ba0 R15: ffffc900065d8060
[  298.042108][ T9927]  _copy_from_user+0x98/0xd0
[  298.042143][ T9927]  bpf_prog_create_from_user+0x109/0x2f0
[  298.042182][ T9927]  ? __pfx_seccomp_check_filter+0x10/0x10
[  298.042215][ T9927]  do_seccomp+0x7f7/0x2740
[  298.042258][ T9927]  ? __pfx_do_seccomp+0x10/0x10
[  298.042288][ T9927]  ? __x64_sys_openat+0x12d/0x210
[  298.042320][ T9927]  ? __pfx___x64_sys_futex+0x10/0x10
[  298.042368][ T9927]  do_syscall_64+0x106/0xf80
[  298.042399][ T9927]  ? clear_bhb_loop+0x40/0x90
[  298.042432][ T9927]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.042458][ T9927] RIP: 0033:0x7ff2b359bf79
[  298.042481][ T9927] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  298.042505][ T9927] RSP: 002b:00007ff2b43dd028 EFLAGS: 00000246 ORIG_RAX: 000000000000013d
[  298.042530][ T9927] RAX: ffffffffffffffda RBX: 00007ff2b3816090 RCX: 00007ff2b359bf79
[  298.042548][ T9927] RDX: 0000200000000100 RSI: 0000000000000000 RDI: 0000000000000001
[  298.042564][ T9927] RBP: 00007ff2b36327e0 R08: 0000000000000000 R09: 0000000000000000
[  298.042580][ T9927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  298.042595][ T9927] R13: 00007ff2b3816128 R14: 00007ff2b3816090 R15: 00007ffdbe34c878
[  298.042633][ T9927]  </TASK>
[  298.687305][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout
[  298.926772][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[  298.936508][ T5833] Bluetooth: hci3: command 0x0c1a tx timeout
[  298.992749][ T5829] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[  299.066520][ T5833] block nbd31: Receive control failed (result -32)
[  300.919460][ T9947] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  300.927301][ T9947] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  300.933671][ T9947] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  300.945437][ T9947] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  301.420984][ T9986] netlink: 4 bytes leftover after parsing attributes in process `syz.2.793'.
[  301.444908][ T9985] netlink: 4 bytes leftover after parsing attributes in process `syz.1.794'.
[  301.456987][ T9984] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0
[  301.487745][ T9986] netlink: 25 bytes leftover after parsing attributes in process `syz.2.793'.
[  301.505418][ T9991] netlink: 17 bytes leftover after parsing attributes in process `syz.1.794'.
[  301.729905][ T5833] Bluetooth: hci0: command 0x0c1a tx timeout
[  301.881464][ T5833] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[  302.031245][ T5833] block nbd32: Receive control failed (result -32)
[  303.007078][ T5833] Bluetooth: hci2: command 0x0c1a tx timeout
[  303.013166][ T5833] Bluetooth: hci3: command 0x0c1a tx timeout
[  303.019216][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout
[  305.333730][T10049] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0
[  305.379764][T10065] netlink: 4 bytes leftover after parsing attributes in process `syz.1.808'.
[  305.427535][T10065] netlink: 17 bytes leftover after parsing attributes in process `syz.1.808'.
[  305.436765][T10055] netlink: 4 bytes leftover after parsing attributes in process `syz.0.810'.
[  305.447518][T10055] netlink: 25 bytes leftover after parsing attributes in process `syz.0.810'.
[  306.075647][ T5829] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[  306.095348][T10079] QAT: Invalid ioctl 21531
[  306.358987][ T5829] block nbd33: Receive control failed (result -32)
[  307.418920][T10100] netlink: 504 bytes leftover after parsing attributes in process `syz.0.819'.
[  307.493252][T10100] netlink: 350 bytes leftover after parsing attributes in process `syz.0.819'.
[  307.654187][T10106] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0
[  307.822295][T10110] QAT: Invalid ioctl 21531
[  308.124146][ T5829] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[  308.408390][T10123] QAT: Invalid ioctl 21531
[  309.269866][T10142] netlink: 4 bytes leftover after parsing attributes in process `syz.0.829'.
[  309.291793][T10135] netlink: 17 bytes leftover after parsing attributes in process `syz.0.829'.
[  309.990265][T10156] netlink: 4 bytes leftover after parsing attributes in process `syz.0.839'.
[  310.081427][T10150] netlink: 17 bytes leftover after parsing attributes in process `syz.0.839'.
[  310.238932][T10153] netlink: 504 bytes leftover after parsing attributes in process `syz.3.831'.
[  310.257780][T10153] netlink: 350 bytes leftover after parsing attributes in process `syz.3.831'.
[  310.639808][T10175] QAT: Invalid ioctl 21531
[  311.509007][T10192] netlink: 4 bytes leftover after parsing attributes in process `syz.0.838'.
[  311.523963][T10192] netlink: 25 bytes leftover after parsing attributes in process `syz.0.838'.
[  313.528840][ T5829] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[  314.040885][T10231] QAT: Invalid ioctl 21531
[  314.792710][ T5829] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[  314.890964][ T5829] block nbd34: Receive control failed (result -32)
[  315.078718][T10247] FAULT_INJECTION: forcing a failure.
[  315.078718][T10247] name failslab, interval 1, probability 0, space 0, times 0
[  315.091594][T10247] CPU: 1 UID: 0 PID: 10247 Comm: syz.2.851 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  315.091636][T10247] Tainted: [L]=SOFTLOCKUP
[  315.091646][T10247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  315.091663][T10247] Call Trace:
[  315.091672][T10247]  <TASK>
[  315.091684][T10247]  dump_stack_lvl+0x100/0x190
[  315.091732][T10247]  should_fail_ex.cold+0x5/0xa
[  315.091765][T10247]  should_failslab+0xc2/0x120
[  315.091817][T10247]  __kmalloc_cache_noprof+0x7a/0x6f0
[  315.091849][T10247]  ? io_wq_create+0x6a/0x9a0
[  315.091892][T10247]  io_wq_create+0x6a/0x9a0
[  315.091932][T10247]  io_uring_alloc_task_context+0x2db/0x54b
[  315.091981][T10247]  ? __pfx_io_uring_alloc_task_context+0x10/0x10
[  315.092026][T10247]  ? alloc_file_pseudo+0x1a5/0x230
[  315.092062][T10247]  __io_uring_add_tctx_node.cold+0x10/0x195
[  315.092106][T10247]  ? __pfx___io_uring_add_tctx_node+0x10/0x10
[  315.092142][T10247]  ? __anon_inode_getfile+0x17c/0x280
[  315.092191][T10247]  io_uring_setup.cold+0x1a25/0x1d09
[  315.092232][T10247]  ? __pfx_io_uring_setup+0x10/0x10
[  315.092270][T10247]  ? __pfx_do_futex+0x10/0x10
[  315.092317][T10247]  ? xfd_validate_state+0x129/0x190
[  315.092364][T10247]  __x64_sys_io_uring_setup+0xc2/0x170
[  315.092404][T10247]  do_syscall_64+0x106/0xf80
[  315.092439][T10247]  ? clear_bhb_loop+0x40/0x90
[  315.092474][T10247]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.092500][T10247] RIP: 0033:0x7f056dd9bf79
[  315.092524][T10247] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  315.092550][T10247] RSP: 002b:00007f056ece9028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[  315.092577][T10247] RAX: ffffffffffffffda RBX: 00007f056e015fa0 RCX: 00007f056dd9bf79
[  315.092596][T10247] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006
[  315.092613][T10247] RBP: 00007f056de327e0 R08: 0000000000000000 R09: 0000000000000000
[  315.092629][T10247] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  315.092645][T10247] R13: 00007f056e016038 R14: 00007f056e015fa0 R15: 00007ffc9230e388
[  315.092682][T10247]  </TASK>
[  315.619808][T10256] netlink: 4 bytes leftover after parsing attributes in process `syz.0.859'.
[  315.693356][T10256] netlink: 17 bytes leftover after parsing attributes in process `syz.0.859'.
[  315.711965][T10252] netlink: 4 bytes leftover after parsing attributes in process `syz.3.852'.
[  315.776840][T10250] netlink: 25 bytes leftover after parsing attributes in process `syz.3.852'.
[  316.419659][T10277] netlink: 4 bytes leftover after parsing attributes in process `syz.1.855'.
[  316.473671][T10269] netlink: 17 bytes leftover after parsing attributes in process `syz.1.855'.
[  316.506860][T10282] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0
[  317.052204][T10286] netlink: 504 bytes leftover after parsing attributes in process `syz.1.857'.
[  317.067321][T10289] QAT: Invalid ioctl 21531
[  317.264055][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  317.270533][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  317.506224][T10294] netlink: 504 bytes leftover after parsing attributes in process `syz.2.861'.
[  317.551934][T10294] netlink: 350 bytes leftover after parsing attributes in process `syz.2.861'.
[  318.130293][T10309] netlink: 4 bytes leftover after parsing attributes in process `syz.2.864'.
[  319.690320][ T5829] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[  319.949417][ T5829] block nbd35: Receive control failed (result -32)
[  320.590258][T10360] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0
[  320.856196][T10359] __nla_validate_parse: 3 callbacks suppressed
[  320.856221][T10359] netlink: 504 bytes leftover after parsing attributes in process `syz.1.872'.
[  322.126952][T10378] netlink: 4 bytes leftover after parsing attributes in process `syz.1.875'.
[  322.152199][T10378] netlink: 'syz.1.875': attribute type 1 has an invalid length.
[  322.204403][T10378] netlink: 13 bytes leftover after parsing attributes in process `syz.1.875'.
[  322.478585][ T5829] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[  323.837729][T10410] netlink: 4 bytes leftover after parsing attributes in process `syz.2.882'.
[  323.867505][T10410] netlink: 25 bytes leftover after parsing attributes in process `syz.2.882'.
[  325.012067][T10421] netlink: 504 bytes leftover after parsing attributes in process `syz.2.885'.
[  325.075819][T10430] netlink: 4 bytes leftover after parsing attributes in process `syz.3.884'.
[  325.125804][T10430] netlink: 25 bytes leftover after parsing attributes in process `syz.3.884'.
[  328.538830][T10479] netlink: 4 bytes leftover after parsing attributes in process `syz.1.894'.
[  328.572014][T10479] netlink: 25 bytes leftover after parsing attributes in process `syz.1.894'.
[  330.421839][T10512] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0
[  331.882057][T10541] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0
[  332.185472][T10521] rtc_cmos 00:00: Alarms can be up to one day in the future
[  332.711241][   T42] rtc_cmos 00:00: Alarms can be up to one day in the future
[  332.721198][   T42] rtc_cmos 00:00: Alarms can be up to one day in the future
[  332.738658][   T42] rtc_cmos 00:00: Alarms can be up to one day in the future
[  332.754253][   T42] rtc_cmos 00:00: Alarms can be up to one day in the future
[  332.793599][   T42] rtc rtc0: __rtc_set_alarm: err=-22
[  332.897737][T10555] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0
[  333.882317][T10574] netlink: 504 bytes leftover after parsing attributes in process `syz.3.913'.
[  333.894652][T10574] netlink: 350 bytes leftover after parsing attributes in process `syz.3.913'.
[  334.496869][T10582] netlink: 4 bytes leftover after parsing attributes in process `syz.1.915'.
[  334.554624][T10582] netlink: 25 bytes leftover after parsing attributes in process `syz.1.915'.
[  336.536933][T10625] netlink: 4 bytes leftover after parsing attributes in process `syz.0.923'.
[  336.557659][T10625] netlink: 'syz.0.923': attribute type 1 has an invalid length.
[  336.565373][T10625] netlink: 13 bytes leftover after parsing attributes in process `syz.0.923'.
[  336.811842][T10598] rtc_cmos 00:00: Alarms can be up to one day in the future
[  336.824053][T10624] netlink: 504 bytes leftover after parsing attributes in process `syz.3.924'.
[  336.850477][T10629] QAT: Invalid ioctl 21531
[  336.926950][T10627] netlink: 350 bytes leftover after parsing attributes in process `syz.3.924'.
[  337.270046][T10634] netlink: 4 bytes leftover after parsing attributes in process `syz.2.927'.
[  337.280289][T10634] netlink: 'syz.2.927': attribute type 1 has an invalid length.
[  337.293923][T10634] netlink: 13 bytes leftover after parsing attributes in process `syz.2.927'.
[  337.525532][T10637] netlink: 'syz.0.929': attribute type 1 has an invalid length.
[  337.710853][ T5938] rtc_cmos 00:00: Alarms can be up to one day in the future
[  337.720509][ T5938] rtc_cmos 00:00: Alarms can be up to one day in the future
[  337.744711][ T5938] rtc_cmos 00:00: Alarms can be up to one day in the future
[  337.777621][ T5938] rtc_cmos 00:00: Alarms can be up to one day in the future
[  337.791147][ T5938] rtc rtc0: __rtc_set_alarm: err=-22
[  338.830525][ T5829] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[  339.149351][ T5829] block nbd36: Receive control failed (result -32)
[  339.365335][T10669] __nla_validate_parse: 2 callbacks suppressed
[  339.365386][T10669] netlink: 504 bytes leftover after parsing attributes in process `syz.2.935'.
[  339.394563][T10669] netlink: 350 bytes leftover after parsing attributes in process `syz.2.935'.
[  339.690750][T10677] netlink: 504 bytes leftover after parsing attributes in process `syz.0.937'.
[  339.727939][T10675] netlink: 350 bytes leftover after parsing attributes in process `syz.0.937'.
[  340.229961][T10681] netlink: 4 bytes leftover after parsing attributes in process `syz.1.938'.
[  340.249395][T10684] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  340.258306][T10681] netlink: 'syz.1.938': attribute type 1 has an invalid length.
[  340.265981][T10681] netlink: 13 bytes leftover after parsing attributes in process `syz.1.938'.
[  340.782430][T10696] netlink: 4 bytes leftover after parsing attributes in process `syz.1.942'.
[  340.792860][T10696] netlink: 'syz.1.942': attribute type 1 has an invalid length.
[  340.801043][T10696] netlink: 13 bytes leftover after parsing attributes in process `syz.1.942'.
[  341.103775][T10702] netlink: 504 bytes leftover after parsing attributes in process `syz.1.943'.
[  341.157602][T10702] netlink: 350 bytes leftover after parsing attributes in process `syz.1.943'.
[  341.204568][T10706] QAT: Invalid ioctl 21531
[  342.219350][   T29] audit: type=1804 audit(1771197046.446:6): pid=10719 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.945" name="/newroot/sys/kernel/tracing/set_event" dev="tracefs" ino=1033 res=1 errno=0
[  342.929216][T10729] QAT: Invalid ioctl 21531
[  343.436082][T10733] netlink: 'syz.2.952': attribute type 1 has an invalid length.
[  343.675870][T10742] netlink: 'syz.0.953': attribute type 1 has an invalid length.
[  344.514731][T10768] nbd: nbd0 already in use
[  344.657584][T10772] QAT: Invalid ioctl 21531
[  345.038099][T10776] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0
[  345.739235][   T29] audit: type=1804 audit(1771197049.966:7): pid=10778 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.961" name="/newroot/229/file0" dev="tmpfs" ino=1244 res=1 errno=0
[  345.823064][   T29] audit: type=1804 audit(1771197050.016:8): pid=10782 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.961" name="/newroot/229/file0" dev="tmpfs" ino=1244 res=1 errno=0
[  345.930027][T10791] __nla_validate_parse: 8 callbacks suppressed
[  345.930052][T10791] netlink: 4 bytes leftover after parsing attributes in process `syz.1.970'.
[  345.999342][T10786] netlink: 'syz.1.970': attribute type 1 has an invalid length.
[  346.007630][T10786] netlink: 13 bytes leftover after parsing attributes in process `syz.1.970'.
[  347.979717][T10821] QAT: Invalid ioctl 21531
[  348.346619][T10819] netlink: 4 bytes leftover after parsing attributes in process `syz.3.966'.
[  348.428864][T10817] netlink: 'syz.3.966': attribute type 1 has an invalid length.
[  348.525902][T10817] netlink: 13 bytes leftover after parsing attributes in process `syz.3.966'.
[  349.732431][T10854] QAT: Invalid ioctl 21531
[  351.010993][T10846] rtc_cmos 00:00: Alarms can be up to one day in the future
[  351.022111][T10873] QAT: Invalid ioctl 21531
[  351.140845][T10877] nbd: nbd0 already in use
[  351.498058][T10880] netlink: 504 bytes leftover after parsing attributes in process `syz.3.983'.
[  351.556558][T10880] netlink: 350 bytes leftover after parsing attributes in process `syz.3.983'.
[  351.709948][ T5938] rtc_cmos 00:00: Alarms can be up to one day in the future
[  351.721008][ T5938] rtc_cmos 00:00: Alarms can be up to one day in the future
[  351.734134][ T5938] rtc_cmos 00:00: Alarms can be up to one day in the future
[  351.743570][ T5938] rtc_cmos 00:00: Alarms can be up to one day in the future
[  351.752860][ T5938] rtc rtc0: __rtc_set_alarm: err=-22
[  353.670795][T10916] QAT: Invalid ioctl 21531
[  354.089303][T10921] QAT: Invalid ioctl 21531
[  355.461167][T10949] netlink: 504 bytes leftover after parsing attributes in process `syz.3.996'.
[  355.480256][T10949] netlink: 350 bytes leftover after parsing attributes in process `syz.3.996'.
[  355.648239][T10918] rtc_cmos 00:00: Alarms can be up to one day in the future
[  355.710107][ T1222] rtc_cmos 00:00: Alarms can be up to one day in the future
[  355.718397][ T1222] rtc_cmos 00:00: Alarms can be up to one day in the future
[  355.725973][ T1222] rtc_cmos 00:00: Alarms can be up to one day in the future
[  355.763404][ T1222] rtc_cmos 00:00: Alarms can be up to one day in the future
[  355.777629][ T1222] rtc rtc0: __rtc_set_alarm: err=-22
[  356.288270][T10967] QAT: Invalid ioctl 21531
[  356.752579][T10978] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1004'.
[  356.813462][T10973] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1004'.
[  357.214865][T10976] binder: 10975:10976 ioctl c018620c 0 returned -1
[  358.040840][T10986] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1007'.
[  358.140791][T10986] netlink: 'syz.1.1007': attribute type 1 has an invalid length.
[  358.175956][T10986] netlink: 13 bytes leftover after parsing attributes in process `syz.1.1007'.
[  358.197960][T10997] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0
[  358.211383][T11006] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1009'.
[  358.237280][T11006] netlink: 'syz.3.1009': attribute type 1 has an invalid length.
[  358.245203][T11006] netlink: 13 bytes leftover after parsing attributes in process `syz.3.1009'.
[  358.963647][T11020] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1011'.
[  359.011312][T11013] netlink: 'syz.0.1011': attribute type 1 has an invalid length.
[  359.049404][T11013] netlink: 13 bytes leftover after parsing attributes in process `syz.0.1011'.
[  359.402496][T11033] nbd: must specify at least one socket
[  360.656944][T11053] QAT: Invalid ioctl 21531
[  361.981253][T11077] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1025'.
[  362.017487][T11077] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1025'.
[  362.112097][T11079] nbd: must specify at least one socket
[  362.756818][T11089] nbd: must specify a size in bytes for the device
[  362.845528][ T5829] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[  364.736776][T11124] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1032'.
[  364.774125][T11128] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1033'.
[  364.796455][T11128] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1033'.
[  364.798919][T11118] netlink: 'syz.1.1032': attribute type 1 has an invalid length.
[  364.823441][T11118] netlink: 13 bytes leftover after parsing attributes in process `syz.1.1032'.
[  365.625665][T11139] netlink: 504 bytes leftover after parsing attributes in process `syz.0.1037'.
[  365.653030][T11139] netlink: 350 bytes leftover after parsing attributes in process `syz.0.1037'.
[  365.904425][T11149] nbd: must specify a size in bytes for the device
[  366.511434][T11165] QAT: Invalid ioctl 21531
[  367.529462][T11174] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0
[  368.690269][T11181] binder: 11180:11181 ioctl c018620c 0 returned -1
[  368.830130][ T5829] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[  369.763459][T11202] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1054'.
[  369.794048][T11202] netlink: 'syz.1.1054': attribute type 1 has an invalid length.
[  369.812171][T11202] netlink: 13 bytes leftover after parsing attributes in process `syz.1.1054'.
[  369.990509][T11214] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1048'.
[  370.005013][T11214] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1048'.
[  370.142115][T11217] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1055'.
[  370.186790][T11217] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1055'.
[  370.336720][T11225] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1057'.
[  370.359663][T11225] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1057'.
[  370.702992][T11240] nbd: must specify at least one socket
[  372.655921][T11275] zswap: compressor  not available
[  373.247814][T11282] QAT: Invalid ioctl 21531
[  373.764360][T11286] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1069'.
[  373.805264][T11286] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1069'.
[  374.541660][T11303] nbd: must specify at least one socket
[  374.620295][ T5829] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[  374.867456][T11301] macvlan1: entered promiscuous mode
[  374.881437][T11301] macvlan1: entered allmulticast mode
[  374.995818][T11301] veth1_vlan: entered allmulticast mode
[  375.161937][T11317] QAT: Invalid ioctl 21531
[  375.320570][T11313] __nla_validate_parse: 1 callbacks suppressed
[  375.320594][T11313] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1075'.
[  375.370347][T11313] netlink: 'syz.2.1075': attribute type 1 has an invalid length.
[  375.396168][   T29] audit: type=1800 audit(1771197079.616:9): pid=11322 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1079" name="dbroot" dev="configfs" ino=34983 res=0 errno=0
[  375.456997][T11313] netlink: 13 bytes leftover after parsing attributes in process `syz.2.1075'.
[  375.720307][T11331] netlink: 252 bytes leftover after parsing attributes in process `syz.3.1081'.
[  375.788998][T11335] netlink: 252 bytes leftover after parsing attributes in process `syz.3.1081'.
[  376.232021][T11349] mkiss: ax0: crc mode is auto.
[  376.315770][T11342] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1083'.
[  376.327307][T11342] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1083'.
[  376.558602][T11356] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1086'.
[  376.588667][T11356] netlink: 'syz.3.1086': attribute type 1 has an invalid length.
[  376.639681][T11356] netlink: 13 bytes leftover after parsing attributes in process `syz.3.1086'.
[  377.117372][T11364] netlink: 504 bytes leftover after parsing attributes in process `syz.0.1089'.
[  377.138819][T11364] netlink: 350 bytes leftover after parsing attributes in process `syz.0.1089'.
[  377.872946][T11383] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0
[  377.902597][T11376] netlink: 'syz.1.1091': attribute type 1 has an invalid length.
[  378.367888][T11360] 
: renamed from ip6tnl0 (while UP)
[  378.692281][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  378.699674][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  379.131506][T11413] QAT: Invalid ioctl 21531
[  379.275620][T11415] netlink: 'syz.0.1096': attribute type 1 has an invalid length.
[  380.711122][T11444] __nla_validate_parse: 7 callbacks suppressed
[  380.711139][T11444] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1103'.
[  380.788305][T11445] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1103'.
[  382.123474][T11478] QAT: Invalid ioctl 21531
[  382.426043][T11492] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1109'.
[  382.446574][T11492] netlink: 'syz.3.1109': attribute type 1 has an invalid length.
[  382.454402][T11492] netlink: 13 bytes leftover after parsing attributes in process `syz.3.1109'.
[  382.766020][T11493] FAULT_INJECTION: forcing a failure.
[  382.766020][T11493] name failslab, interval 1, probability 0, space 0, times 0
[  382.973959][T11493] CPU: 1 UID: 0 PID: 11493 Comm: syz.2.1111 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  382.974010][T11493] Tainted: [L]=SOFTLOCKUP
[  382.974020][T11493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  382.974038][T11493] Call Trace:
[  382.974047][T11493]  <TASK>
[  382.974058][T11493]  dump_stack_lvl+0x100/0x190
[  382.974109][T11493]  should_fail_ex.cold+0x5/0xa
[  382.974144][T11493]  should_failslab+0xc2/0x120
[  382.974187][T11493]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  382.974219][T11493]  ? proc_alloc_inode+0x25/0x200
[  382.974253][T11493]  ? __pfx_proc_alloc_inode+0x10/0x10
[  382.974286][T11493]  proc_alloc_inode+0x25/0x200
[  382.974314][T11493]  alloc_inode+0x68/0x250
[  382.974345][T11493]  new_inode+0x22/0x1c0
[  382.974380][T11493]  proc_pid_make_inode+0x22/0x160
[  382.974411][T11493]  proc_pident_instantiate+0x85/0x310
[  382.974445][T11493]  proc_pident_lookup+0x1e3/0x270
[  382.974481][T11493]  lookup_open.isra.0+0x631/0x11b0
[  382.974520][T11493]  ? __pfx_lookup_open.isra.0+0x10/0x10
[  382.974563][T11493]  ? __pfx___might_resched+0x10/0x10
[  382.974601][T11493]  ? mnt_get_write_access+0x52/0x2f0
[  382.974641][T11493]  ? __pfx_down_write+0x10/0x10
[  382.974680][T11493]  ? mnt_get_write_access+0x1e9/0x2f0
[  382.974723][T11493]  path_openat+0x2291/0x31a0
[  382.974779][T11493]  ? __pfx_path_openat+0x10/0x10
[  382.974835][T11493]  do_file_open+0x20e/0x430
[  382.974887][T11493]  ? __pfx_do_file_open+0x10/0x10
[  382.974944][T11493]  ? __pfx_kfree_link+0x10/0x10
[  382.974990][T11493]  ? alloc_fd+0x476/0x790
[  382.975034][T11493]  ? do_getname+0x191/0x390
[  382.975068][T11493]  do_sys_openat2+0x10d/0x1e0
[  382.975101][T11493]  ? __pfx_do_sys_openat2+0x10/0x10
[  382.975135][T11493]  ? __fget_files+0x21f/0x3d0
[  382.975182][T11493]  __x64_sys_openat+0x12d/0x210
[  382.975215][T11493]  ? __pfx___x64_sys_openat+0x10/0x10
[  382.975263][T11493]  do_syscall_64+0x106/0xf80
[  382.975297][T11493]  ? clear_bhb_loop+0x40/0x90
[  382.975330][T11493]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  382.975359][T11493] RIP: 0033:0x7f056dd9bf79
[  382.975383][T11493] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  382.975412][T11493] RSP: 002b:00007f056eca7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  382.975441][T11493] RAX: ffffffffffffffda RBX: 00007f056e016180 RCX: 00007f056dd9bf79
[  382.975460][T11493] RDX: 0000000000000840 RSI: 0000200000000180 RDI: ffffffffffffff9c
[  382.975479][T11493] RBP: 00007f056de327e0 R08: 0000000000000000 R09: 0000000000000000
[  382.975496][T11493] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  382.975513][T11493] R13: 00007f056e016218 R14: 00007f056e016180 R15: 00007ffc9230e388
[  382.975555][T11493]  </TASK>
[  383.309018][T11503] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1114'.
[  383.372946][T11507] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1114'.
[  383.397659][T11506] FAULT_INJECTION: forcing a failure.
[  383.397659][T11506] name failslab, interval 1, probability 0, space 0, times 0
[  383.411446][T11506] CPU: 0 UID: 0 PID: 11506 Comm: syz.0.1115 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  383.411473][T11506] Tainted: [L]=SOFTLOCKUP
[  383.411478][T11506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  383.411487][T11506] Call Trace:
[  383.411493][T11506]  <TASK>
[  383.411499][T11506]  dump_stack_lvl+0x100/0x190
[  383.411526][T11506]  should_fail_ex.cold+0x5/0xa
[  383.411545][T11506]  should_failslab+0xc2/0x120
[  383.411567][T11506]  __kmalloc_cache_noprof+0x7a/0x6f0
[  383.411583][T11506]  ? trace_pid_list_alloc+0x232/0x480
[  383.411608][T11506]  trace_pid_list_alloc+0x232/0x480
[  383.411630][T11506]  trace_pid_write+0x110/0x460
[  383.411651][T11506]  ? __pfx_trace_pid_write+0x10/0x10
[  383.411685][T11506]  event_pid_write.isra.0+0x1e4/0x800
[  383.411709][T11506]  ? __pfx_event_pid_write.isra.0+0x10/0x10
[  383.411737][T11506]  vfs_write+0x2aa/0x1070
[  383.411757][T11506]  ? __pfx_ftrace_event_npid_write+0x10/0x10
[  383.411780][T11506]  ? __pfx_vfs_write+0x10/0x10
[  383.411799][T11506]  ? __fget_files+0x215/0x3d0
[  383.411823][T11506]  ? __fget_files+0x21f/0x3d0
[  383.411848][T11506]  ksys_write+0x12a/0x250
[  383.411867][T11506]  ? __pfx_ksys_write+0x10/0x10
[  383.411893][T11506]  do_syscall_64+0x106/0xf80
[  383.411912][T11506]  ? clear_bhb_loop+0x40/0x90
[  383.411930][T11506]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  383.411945][T11506] RIP: 0033:0x7ff2b359bf79
[  383.411959][T11506] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  383.411973][T11506] RSP: 002b:00007ff2b43fe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  383.411987][T11506] RAX: ffffffffffffffda RBX: 00007ff2b3815fa0 RCX: 00007ff2b359bf79
[  383.411997][T11506] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003
[  383.412005][T11506] RBP: 00007ff2b36327e0 R08: 0000000000000000 R09: 0000000000000000
[  383.412014][T11506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  383.412022][T11506] R13: 00007ff2b3816038 R14: 00007ff2b3815fa0 R15: 00007ffdbe34c878
[  383.412044][T11506]  </TASK>
[  383.708472][T11508] netlink: 186 bytes leftover after parsing attributes in process `syz.3.1113'.
[  384.258068][T11523] QAT: Invalid ioctl 21531
[  384.953862][T11536] QAT: Invalid ioctl 21531
[  385.464307][T11538] zswap: compressor  not available
[  387.487317][T11569] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1128'.
[  387.528135][T11569] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1128'.
[  388.793862][T11588] QAT: Invalid ioctl 21531
[  391.402907][T11614] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1138'.
[  391.428981][T11614] netlink: 350 bytes leftover after parsing attributes in process `syz.3.1138'.
[  391.530578][T11605] zswap: compressor  not available
[  392.020723][T11621] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1139'.
[  392.062351][T11621] netlink: 350 bytes leftover after parsing attributes in process `syz.3.1139'.
[  392.980099][T11637] QAT: Invalid ioctl 21531
[  395.022815][T11668] FAULT_INJECTION: forcing a failure.
[  395.022815][T11668] name failslab, interval 1, probability 0, space 0, times 0
[  395.110045][T11668] CPU: 0 UID: 0 PID: 11668 Comm: syz.3.1148 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  395.110095][T11668] Tainted: [L]=SOFTLOCKUP
[  395.110106][T11668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  395.110122][T11668] Call Trace:
[  395.110131][T11668]  <TASK>
[  395.110142][T11668]  dump_stack_lvl+0x100/0x190
[  395.110187][T11668]  should_fail_ex.cold+0x5/0xa
[  395.110217][T11668]  should_failslab+0xc2/0x120
[  395.110261][T11668]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  395.110299][T11668]  ? proc_alloc_inode+0x25/0x200
[  395.110333][T11668]  ? __pfx_proc_alloc_inode+0x10/0x10
[  395.110365][T11668]  proc_alloc_inode+0x25/0x200
[  395.110394][T11668]  alloc_inode+0x68/0x250
[  395.110426][T11668]  new_inode+0x22/0x1c0
[  395.110460][T11668]  proc_pid_make_inode+0x22/0x160
[  395.110492][T11668]  proc_pident_instantiate+0x85/0x310
[  395.110527][T11668]  proc_pident_lookup+0x1e3/0x270
[  395.110566][T11668]  lookup_open.isra.0+0x631/0x11b0
[  395.110611][T11668]  ? __pfx_lookup_open.isra.0+0x10/0x10
[  395.110654][T11668]  ? __pfx___might_resched+0x10/0x10
[  395.110692][T11668]  ? mnt_get_write_access+0x52/0x2f0
[  395.110731][T11668]  ? __pfx_down_write+0x10/0x10
[  395.110771][T11668]  ? mnt_get_write_access+0x1e9/0x2f0
[  395.110810][T11668]  path_openat+0x2291/0x31a0
[  395.110864][T11668]  ? __pfx_path_openat+0x10/0x10
[  395.110921][T11668]  do_file_open+0x20e/0x430
[  395.110966][T11668]  ? __pfx_do_file_open+0x10/0x10
[  395.111028][T11668]  ? __pfx_kfree_link+0x10/0x10
[  395.111072][T11668]  ? alloc_fd+0x476/0x790
[  395.111115][T11668]  ? do_getname+0x191/0x390
[  395.111148][T11668]  do_sys_openat2+0x10d/0x1e0
[  395.111180][T11668]  ? __pfx_do_sys_openat2+0x10/0x10
[  395.111214][T11668]  ? __fget_files+0x21f/0x3d0
[  395.111261][T11668]  __x64_sys_openat+0x12d/0x210
[  395.111293][T11668]  ? __pfx___x64_sys_openat+0x10/0x10
[  395.111340][T11668]  do_syscall_64+0x106/0xf80
[  395.111376][T11668]  ? clear_bhb_loop+0x40/0x90
[  395.111412][T11668]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  395.111440][T11668] RIP: 0033:0x7fb4bd99bf79
[  395.111465][T11668] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  395.111494][T11668] RSP: 002b:00007fb4be7d8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  395.111522][T11668] RAX: ffffffffffffffda RBX: 00007fb4bdc16090 RCX: 00007fb4bd99bf79
[  395.111541][T11668] RDX: 0000000000000840 RSI: 0000200000000180 RDI: ffffffffffffff9c
[  395.111559][T11668] RBP: 00007fb4bda327e0 R08: 0000000000000000 R09: 0000000000000000
[  395.111577][T11668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  395.111594][T11668] R13: 00007fb4bdc16128 R14: 00007fb4bdc16090 R15: 00007ffe33e974a8
[  395.111633][T11668]  </TASK>
[  396.042885][T11680] QAT: Invalid ioctl 21531
[  396.379653][T11686] QAT: Invalid ioctl 21531
[  398.289048][T11715] QAT: Invalid ioctl 21531
[  399.058120][T11728] QAT: Invalid ioctl 21531
[  401.721898][T11765] bridge0: port 3(gretap0) entered blocking state
[  401.739980][T11765] FAULT_INJECTION: forcing a failure.
[  401.739980][T11765] name failslab, interval 1, probability 0, space 0, times 0
[  401.752716][T11765] CPU: 0 UID: 0 PID: 11765 Comm: syz.3.1166 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  401.752763][T11765] Tainted: [L]=SOFTLOCKUP
[  401.752772][T11765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  401.752789][T11765] Call Trace:
[  401.752797][T11765]  <TASK>
[  401.752809][T11765]  dump_stack_lvl+0x100/0x190
[  401.752856][T11765]  should_fail_ex.cold+0x5/0xa
[  401.752887][T11765]  ? switchdev_deferred_enqueue+0x3e/0x2d0
[  401.752920][T11765]  should_failslab+0xc2/0x120
[  401.752961][T11765]  __kmalloc_noprof+0xe0/0x850
[  401.753003][T11765]  ? __pfx_switchdev_port_attr_set_deferred+0x10/0x10
[  401.753041][T11765]  switchdev_deferred_enqueue+0x3e/0x2d0
[  401.753079][T11765]  switchdev_port_attr_set+0xb5/0x100
[  401.753116][T11765]  __set_ageing_time+0xc2/0x140
[  401.753154][T11765]  ? __pfx___set_ageing_time+0x10/0x10
[  401.753215][T11765]  br_init_port+0x18a/0x210
[  401.753256][T11765]  br_add_if+0x5a4/0x1b40
[  401.753293][T11765]  ? security_capable+0x80/0x260
[  401.753342][T11765]  add_del_if+0x114/0x160
[  401.753380][T11765]  br_dev_siocdevprivate+0x8ac/0x1650
[  401.753420][T11765]  ? __pfx_br_dev_siocdevprivate+0x10/0x10
[  401.753481][T11765]  ? lock_acquire+0x1cf/0x380
[  401.753528][T11765]  ? netdev_name_node_lookup+0x107/0x150
[  401.753558][T11765]  ? __mutex_lock+0x26a/0x1b90
[  401.753601][T11765]  dev_ifsioc+0xc1e/0x1e90
[  401.753637][T11765]  ? __pfx_dev_ifsioc+0x10/0x10
[  401.753666][T11765]  ? __pfx___mutex_lock+0x10/0x10
[  401.753721][T11765]  ? dev_load+0x8e/0x240
[  401.753750][T11765]  ? dev_load+0x8e/0x240
[  401.753789][T11765]  dev_ioctl+0x70e/0x1070
[  401.753826][T11765]  sock_ioctl+0x494/0x6b0
[  401.753854][T11765]  ? __pfx_sock_ioctl+0x10/0x10
[  401.753879][T11765]  ? hook_file_ioctl_common+0x146/0x410
[  401.753920][T11765]  ? __fget_files+0x21f/0x3d0
[  401.753964][T11765]  ? __pfx_sock_ioctl+0x10/0x10
[  401.753992][T11765]  __x64_sys_ioctl+0x18e/0x210
[  401.754029][T11765]  do_syscall_64+0x106/0xf80
[  401.754063][T11765]  ? clear_bhb_loop+0x40/0x90
[  401.754096][T11765]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.754125][T11765] RIP: 0033:0x7fb4bd99bf79
[  401.754149][T11765] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  401.754176][T11765] RSP: 002b:00007fb4be7b7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  401.754203][T11765] RAX: ffffffffffffffda RBX: 00007fb4bdc16180 RCX: 00007fb4bd99bf79
[  401.754222][T11765] RDX: 0000200000000040 RSI: 00000000000089fc RDI: 0000000000000008
[  401.754239][T11765] RBP: 00007fb4bda327e0 R08: 0000000000000000 R09: 0000000000000000
[  401.754255][T11765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  401.754271][T11765] R13: 00007fb4bdc16218 R14: 00007fb4bdc16180 R15: 00007ffe33e974a8
[  401.754310][T11765]  </TASK>
[  401.754347][T11765] gretap0: failed to offload ageing time
[  402.063036][T11765] bridge0: port 3(gretap0) entered disabled state
[  402.090273][T11765] gretap0: entered allmulticast mode
[  402.143264][T11765] gretap0: entered promiscuous mode
[  402.154295][T11765] bridge0: port 3(gretap0) entered blocking state
[  402.160879][T11765] bridge0: port 3(gretap0) entered forwarding state
[  402.200986][T11766] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1167'.
[  402.249334][T11760] netlink: 'syz.2.1167': attribute type 1 has an invalid length.
[  402.257430][T11760] netlink: 13 bytes leftover after parsing attributes in process `syz.2.1167'.
[  402.898808][T11779] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1181'.
[  402.947612][T11779] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1181'.
[  403.200751][T11786] QAT: Invalid ioctl 21531
[  403.931062][T11803] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input18
[  404.664764][T11810] futex_wake_op: syz.1.1179 tries to shift op by -2048; fix this program
[  404.704861][T11810] futex_wake_op: syz.1.1179 tries to shift op by -2048; fix this program
[  404.753932][T11810] 0x000000000001-0x000000020000 : ""
[  404.816839][T11810] ftl_cs: FTL header corrupt!
[  405.792690][T11835] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1184'.
[  405.833409][T11835] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1184'.
[  406.203801][T11841] QAT: Invalid ioctl 21531
[  408.871647][T11865] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1198'.
[  409.306690][T11856] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  409.318126][T11856] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  409.344858][T11856] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  409.355406][T11856] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  409.998564][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  410.980558][T11897] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1196'.
[  410.991674][T11897] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1196'.
[  411.110574][T11908] QAT: Invalid ioctl 21531
[  411.330826][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout
[  411.406571][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[  411.406954][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[  413.897481][T11952] mkiss: ax0: crc mode is auto.
[  413.942255][T11953] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1209'.
[  413.988540][T11924] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  413.994830][T11924] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  414.045504][T11924] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  414.056272][T11953] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1209'.
[  414.120948][T11924] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  414.447024][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  414.638890][T11971] QAT: Invalid ioctl 21531
[  415.046144][T11975] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1213'.
[  415.097160][T11975] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1213'.
[  415.618989][T11962] Invalid ELF header magic: != ELF
[  416.069495][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[  416.075561][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  416.136669][   T51] Bluetooth: hci2: command 0x0c1a tx timeout
[  417.426487][ T5829] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[  417.914766][   T51] block nbd37: Receive control failed (result -32)
[  418.877155][T12035] mkiss: ax0: crc mode is auto.
[  419.680518][T12049] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1227'.
[  419.697607][T12049] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1227'.
[  421.085161][T12075] QAT: Invalid ioctl 21531
[  421.294555][T12081] blktrace: Concurrent blktraces are not allowed on loop2
[  429.700226][T12199] blktrace: Concurrent blktraces are not allowed on loop2
[  430.566669][T12210] QAT: Invalid ioctl 21531
[  432.085802][T12237] netlink: 504 bytes leftover after parsing attributes in process `syz.0.1270'.
[  432.095846][T12237] netlink: 350 bytes leftover after parsing attributes in process `syz.0.1270'.
[  432.361372][T12241] mkiss: ax0: crc mode is auto.
[  434.103085][T12274] blktrace: Concurrent blktraces are not allowed on loop2
[  435.207603][T12291] netlink: 186 bytes leftover after parsing attributes in process `syz.2.1278'.
[  435.653126][T12296] program syz.1.1280 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  435.682441][   T29] audit: type=1807 audit(1771197139.906:10): UNKNOWN=0"�]$|�1j�0B|d���ӉO��+��/��x����WӦ��^��gq%Ḧr�O� res=0
[  435.696352][   T29] audit: type=1802 audit(1771197139.926:11): pid=12296 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.1.1280" res=0 errno=0
[  435.730356][T12295] ima: policy update failed
[  435.779509][   T29] audit: type=1802 audit(1771197139.986:12): pid=12295 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.1280" res=0 errno=0
[  440.148471][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  440.154842][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  440.844814][T12393] mkiss: ax0: crc mode is auto.
[  444.100622][T12436] Invalid ELF header magic: != ELF
[  445.165130][T12464] program syz.3.1313 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  445.181947][   T29] audit: type=1807 audit(1771197149.406:13): UNKNOWN=0"�]$|�1j�0B|d���ӉO��+��/��x����WӦ��^��gq%Ḧr�O� res=0
[  445.285550][   T29] audit: type=1802 audit(1771197149.426:14): pid=12464 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.3.1313" res=0 errno=0
[  445.331562][T12463] ima: policy update failed
[  445.490837][   T29] audit: type=1802 audit(1771197149.556:15): pid=12463 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1313" res=0 errno=0
[  445.906097][T12482] mkiss: ax0: crc mode is auto.
[  446.587816][   T51] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[  446.871121][   T51] block nbd38: Receive control failed (result -32)
[  447.740455][T12509] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1321'.
[  450.116595][T12554] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1329'.
[  450.148605][T12554] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1329'.
[  452.349775][T12577] Invalid ELF header magic: != ELF
[  452.770019][T12597] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1334'.
[  453.059417][T12596] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1337'.
[  453.072660][T12596] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1337'.
[  454.467337][T12626] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1342'.
[  454.497369][T12621] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1342'.
[  457.224907][T12679] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  457.235967][T12679] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  457.254915][T12679] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  457.279382][T12679] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  457.406436][   T51] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  457.960208][T12686] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1355'.
[  458.017511][T12686] netlink: 350 bytes leftover after parsing attributes in process `syz.3.1355'.
[  459.256377][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  459.326433][   T51] Bluetooth: hci2: command 0x0c1a tx timeout
[  459.326513][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout
[  459.512402][ T5829] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[  459.652757][T12715] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1360'.
[  459.712672][ T5829] block nbd39: Receive control failed (result -32)
[  459.945882][T12691] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  459.952182][T12691] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  459.958917][T12691] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  459.965190][T12691] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  460.366372][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  461.527056][T12750] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  461.533299][T12750] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  461.567788][T12750] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  461.573951][T12750] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  461.599498][T12736] Invalid ELF header magic: != ELF
[  463.596384][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout
[  463.602506][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  463.656716][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[  463.656753][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[  463.741804][T12795] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1374'.
[  464.398918][T12815] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  464.424858][T12815] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  464.437889][T12815] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  464.569601][T12815] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  466.516442][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout
[  466.524392][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout
[  466.524388][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  466.617879][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[  467.756150][T12880] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1387'.
[  468.437305][ T5829] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[  468.593033][ T5829] block nbd40: Receive control failed (result -32)
[  468.812536][T12891] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1389'.
[  468.896784][ T5829] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[  469.215697][T12900] netlink: 350 bytes leftover after parsing attributes in process `syz.3.1392'.
[  469.253710][T12903] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1393'.
[  470.622112][T12940] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  470.711977][T12940] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  470.722439][T12940] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  470.730301][T12940] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  471.315559][T12946] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1401'.
[  472.182096][T12959] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1404'.
[  472.806017][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  472.812131][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[  472.818771][ T5833] Bluetooth: hci3: command 0x0c1a tx timeout
[  472.821379][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  473.763517][T12993] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1409'.
[  474.045753][T12976] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[  474.266468][T12976] block nbd41: Receive control failed (result -32)
[  474.671420][T13015] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1412'.
[  478.072855][T12976] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[  478.189733][T12976] block nbd42: Receive control failed (result -32)
[  480.461506][T12976] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[  480.719437][T12976] block nbd43: Receive control failed (result -32)
[  481.759369][T13133] netlink: 504 bytes leftover after parsing attributes in process `syz.0.1433'.
[  481.798744][T13133] netlink: 350 bytes leftover after parsing attributes in process `syz.0.1433'.
[  482.211887][T13151] tipc: Started in network mode
[  482.228011][T13151] tipc: Node identity ffffffff, cluster identity 4711
[  482.252447][T13151] tipc: Node number set to 4294967295
[  482.287289][T13152] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  483.911705][T12976] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[  484.056346][T12976] block nbd44: Receive control failed (result -32)
[  484.783058][T13190] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1442'.
[  484.811774][T13190] netlink: 350 bytes leftover after parsing attributes in process `syz.3.1442'.
[  485.107601][T12976] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[  485.196601][T12976] block nbd45: Receive control failed (result -32)
[  486.851945][T12976] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[  487.053802][T12976] block nbd46: Receive control failed (result -32)
[  488.281390][T13278] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1458'.
[  488.326771][T13278] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1458'.
[  489.811343][T13317] forcing mempool usage for bio_alloc_bioset+0x392/0x850
[  490.369861][T12976] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[  490.765499][T12976] block nbd47: Receive control failed (result -32)
[  492.727321][T13354] Invalid ELF header magic: != ELF
[  495.701465][T12976] Bluetooth: hci1: Malformed LE Event: 0x0b
[  497.057824][T12976] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[  497.145327][T12976] block nbd48: Receive control failed (result -32)
[  501.574777][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  501.585810][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  503.782633][T12976] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[  503.959601][T12976] block nbd49: Receive control failed (result -32)
[  503.996005][T13588] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1510'.
[  504.070630][T13588] netlink: 5 bytes leftover after parsing attributes in process `syz.2.1510'.
[  510.741033][T13693] FAULT_INJECTION: forcing a failure.
[  510.741033][T13693] name failslab, interval 1, probability 0, space 0, times 0
[  510.974979][T13693] CPU: 0 UID: 0 PID: 13693 Comm: syz.2.1531 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  510.975024][T13693] Tainted: [L]=SOFTLOCKUP
[  510.975033][T13693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  510.975049][T13693] Call Trace:
[  510.975058][T13693]  <TASK>
[  510.975068][T13693]  dump_stack_lvl+0x100/0x190
[  510.975109][T13693]  should_fail_ex.cold+0x5/0xa
[  510.975141][T13693]  should_failslab+0xc2/0x120
[  510.975185][T13693]  __kmalloc_cache_noprof+0x7a/0x6f0
[  510.975217][T13693]  ? kvm_dev_ioctl+0xa8d/0x1a80
[  510.975253][T13693]  kvm_dev_ioctl+0xa8d/0x1a80
[  510.975290][T13693]  ? find_held_lock+0x2b/0x80
[  510.975332][T13693]  ? __fget_files+0x215/0x3d0
[  510.975368][T13693]  ? hook_file_ioctl_common+0x146/0x410
[  510.975400][T13693]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  510.975432][T13693]  ? __fget_files+0x21f/0x3d0
[  510.975472][T13693]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  510.975505][T13693]  __x64_sys_ioctl+0x18e/0x210
[  510.975542][T13693]  do_syscall_64+0x106/0xf80
[  510.975576][T13693]  ? clear_bhb_loop+0x40/0x90
[  510.975612][T13693]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  510.975640][T13693] RIP: 0033:0x7f056dd9bf79
[  510.975664][T13693] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  510.975693][T13693] RSP: 002b:00007f056ece9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  510.975720][T13693] RAX: ffffffffffffffda RBX: 00007f056e015fa0 RCX: 00007f056dd9bf79
[  510.975740][T13693] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003
[  510.975757][T13693] RBP: 00007f056de327e0 R08: 0000000000000000 R09: 0000000000000000
[  510.975774][T13693] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  510.975791][T13693] R13: 00007f056e016038 R14: 00007f056e015fa0 R15: 00007ffc9230e388
[  510.975826][T13693]  </TASK>
[  512.159315][T13703] Invalid ELF header magic: != ELF
[  517.342367][T12976] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[  517.609402][T12976] block nbd50: Receive control failed (result -32)
[  517.709168][T13814] block nbd8: Cannot use ioctl interface on a netlink controlled device.
[  519.274157][T12976] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[  519.360316][T12976] block nbd51: Receive control failed (result -32)
[  523.701394][T13899] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1572'.
[  523.715097][T13899] netlink: 350 bytes leftover after parsing attributes in process `syz.3.1572'.
[  524.411298][T13914] futex_wake_op: syz.3.1576 tries to shift op by -1; fix this program
[  524.435894][T13914] FAULT_INJECTION: forcing a failure.
[  524.435894][T13914] name failslab, interval 1, probability 0, space 0, times 0
[  524.472663][T13914] CPU: 0 UID: 0 PID: 13914 Comm: syz.3.1576 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  524.472710][T13914] Tainted: [L]=SOFTLOCKUP
[  524.472721][T13914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  524.472738][T13914] Call Trace:
[  524.472746][T13914]  <TASK>
[  524.472757][T13914]  dump_stack_lvl+0x100/0x190
[  524.472799][T13914]  should_fail_ex.cold+0x5/0xa
[  524.472832][T13914]  should_failslab+0xc2/0x120
[  524.472872][T13914]  __kmalloc_node_noprof+0xe6/0x850
[  524.472909][T13914]  ? alloc_slab_obj_exts+0x4e/0x1c0
[  524.472948][T13914]  alloc_slab_obj_exts+0x4e/0x1c0
[  524.472980][T13914]  new_slab+0x4e7/0x6e0
[  524.473011][T13914]  refill_objects+0x26b/0x400
[  524.473053][T13914]  __pcs_replace_empty_main+0x19f/0x600
[  524.473094][T13914]  kmem_cache_alloc_noprof+0x480/0x6e0
[  524.473129][T13914]  ? do_fanotify_mark+0x2a8d/0x4010
[  524.473181][T13914]  do_fanotify_mark+0x2a8d/0x4010
[  524.473233][T13914]  ? __pfx_do_fanotify_mark+0x10/0x10
[  524.473271][T13914]  ? __x64_sys_futex+0x358/0x4d0
[  524.473306][T13914]  ? xfd_validate_state+0x129/0x190
[  524.473341][T13914]  ? arch_syscall_is_vdso_sigreturn+0xb6/0x200
[  524.473376][T13914]  __x64_sys_fanotify_mark+0xbd/0x160
[  524.473406][T13914]  ? do_syscall_64+0x95/0xf80
[  524.473438][T13914]  ? lockdep_hardirqs_on+0x78/0x100
[  524.473474][T13914]  do_syscall_64+0x106/0xf80
[  524.473508][T13914]  ? clear_bhb_loop+0x40/0x90
[  524.473542][T13914]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  524.473570][T13914] RIP: 0033:0x7fb4bd99bf79
[  524.473593][T13914] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  524.473620][T13914] RSP: 002b:00007fb4be7f9028 EFLAGS: 00000246 ORIG_RAX: 000000000000012d
[  524.473646][T13914] RAX: ffffffffffffffda RBX: 00007fb4bdc15fa0 RCX: 00007fb4bd99bf79
[  524.473666][T13914] RDX: 0000000000008009 RSI: 0000000000000105 RDI: 0000000000000000
[  524.473683][T13914] RBP: 00007fb4bda327e0 R08: 0000000000000000 R09: 0000000000000000
[  524.473697][T13914] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  524.473713][T13914] R13: 00007fb4bdc16038 R14: 00007fb4bdc15fa0 R15: 00007ffe33e974a8
[  524.473749][T13914]  </TASK>
[  527.085649][T13956] futex_wake_op: syz.2.1582 tries to shift op by -1; fix this program
[  527.976539][T12976] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  527.984149][T12976] Bluetooth: hci0: Invalid handle: 0x3a4a > 0x0eff
[  528.456864][T13996] block nbd8: Cannot use ioctl interface on a netlink controlled device.
[  529.864733][T14018] netlink: 504 bytes leftover after parsing attributes in process `syz.0.1593'.
[  529.898370][T14018] netlink: 350 bytes leftover after parsing attributes in process `syz.0.1593'.
[  530.697445][T12976] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[  530.811508][T12976] block nbd52: Receive control failed (result -32)
[  531.425057][T14022] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  531.451255][T14022] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  531.466330][T14022] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  531.486012][T14022] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  531.968100][T12976] Bluetooth: hci0: command 0x0c1a tx timeout
[  532.682133][T14077] block nbd8: Cannot use ioctl interface on a netlink controlled device.
[  533.487855][T12976] Bluetooth: hci2: command 0x0c1a tx timeout
[  533.487902][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[  533.493946][ T5833] Bluetooth: hci1: command 0x0c1a tx timeout
[  533.864276][T14083] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1604'.
[  533.961849][T12976] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[  535.245606][T14116] futex_wake_op: syz.0.1609 tries to shift op by -1; fix this program
[  535.712013][T14127] FAULT_INJECTION: forcing a failure.
[  535.712013][T14127] name failslab, interval 1, probability 0, space 0, times 0
[  535.746424][T14127] CPU: 1 UID: 0 PID: 14127 Comm: syz.0.1613 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  535.746471][T14127] Tainted: [L]=SOFTLOCKUP
[  535.746482][T14127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  535.746500][T14127] Call Trace:
[  535.746510][T14127]  <TASK>
[  535.746522][T14127]  dump_stack_lvl+0x100/0x190
[  535.746569][T14127]  should_fail_ex.cold+0x5/0xa
[  535.746602][T14127]  should_failslab+0xc2/0x120
[  535.746646][T14127]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  535.746684][T14127]  ? __d_alloc+0x34/0xa80
[  535.746727][T14127]  ? security_inode_alloc+0xcf/0x2c0
[  535.746762][T14127]  __d_alloc+0x34/0xa80
[  535.746802][T14127]  ? __ns_ref_active_get+0x9f/0x1b0
[  535.746838][T14127]  path_from_stashed+0x427/0x750
[  535.746879][T14127]  ? do_raw_spin_unlock+0x145/0x1e0
[  535.746929][T14127]  ns_get_path+0x60/0x80
[  535.746969][T14127]  proc_ns_get_link+0x121/0x230
[  535.746999][T14127]  ? __pfx_proc_ns_get_link+0x10/0x10
[  535.747032][T14127]  ? atime_needs_update+0x8b/0x6b0
[  535.747069][T14127]  pick_link+0xd17/0x13c0
[  535.747103][T14127]  ? __pfx_proc_ns_get_link+0x10/0x10
[  535.747135][T14127]  step_into_slowpath+0x9ba/0xf90
[  535.747178][T14127]  ? __pfx_step_into_slowpath+0x10/0x10
[  535.747213][T14127]  ? find_held_lock+0x2b/0x80
[  535.747264][T14127]  path_openat+0xf95/0x31a0
[  535.747317][T14127]  ? __pfx_path_openat+0x10/0x10
[  535.747377][T14127]  do_file_open+0x20e/0x430
[  535.747422][T14127]  ? __pfx_do_file_open+0x10/0x10
[  535.747492][T14127]  ? alloc_fd+0x476/0x790
[  535.747535][T14127]  ? do_getname+0x191/0x390
[  535.747568][T14127]  do_sys_openat2+0x10d/0x1e0
[  535.747600][T14127]  ? __pfx_do_sys_openat2+0x10/0x10
[  535.747634][T14127]  ? __fget_files+0x21f/0x3d0
[  535.747680][T14127]  __x64_sys_openat+0x12d/0x210
[  535.747712][T14127]  ? __pfx___x64_sys_openat+0x10/0x10
[  535.747758][T14127]  do_syscall_64+0x106/0xf80
[  535.747794][T14127]  ? clear_bhb_loop+0x40/0x90
[  535.747829][T14127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  535.747859][T14127] RIP: 0033:0x7ff2b355c84e
[  535.747884][T14127] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  535.747912][T14127] RSP: 002b:00007ff2b43fdec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  535.747940][T14127] RAX: ffffffffffffffda RBX: 00007ff2b43fe6c0 RCX: 00007ff2b355c84e
[  535.747960][T14127] RDX: 0000000000000002 RSI: 00007ff2b43fdf90 RDI: ffffffffffffff9c
[  535.747978][T14127] RBP: 00007ff2b36327e0 R08: 0000000000000000 R09: 0000000000000000
[  535.747996][T14127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  535.748013][T14127] R13: 00007ff2b3816038 R14: 00007ff2b3815fa0 R15: 00007ffdbe34c878
[  535.748052][T14127]  </TASK>
[  536.535635][T14145] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1616'.
[  536.549707][T14145] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1616'.
[  538.978941][T14194] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1625'.
[  539.003550][T14194] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1625'.
[  540.000876][T14208] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1628'.
[  540.102342][T14208] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1628'.
[  543.309597][T14265] NFSD: Failed to start, no listeners configured.
[  544.747474][   T29] audit: type=1326 audit(1771197248.976:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14288 comm="syz.2.1643" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f056dd9bf79 code=0x0
[  544.872965][T14298] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  544.872965][T14298] The task syz.2.1643 (14298) triggered the difference, watch for misbehavior.
[  545.661007][T14304] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  545.712935][T14304] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  545.876562][T14304] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  545.898582][T14304] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  547.651955][T12976] Bluetooth: hci0: command 0x0c1a tx timeout
[  547.728404][T12976] Bluetooth: hci1: command 0x0c1a tx timeout
[  547.886736][T12976] Bluetooth: hci3: command 0x0c1a tx timeout
[  547.976597][T12976] Bluetooth: hci2: command 0x0c1a tx timeout
[  548.123852][T14354] kvm: kvm [14353]: vcpu2, guest rIP: 0xfff0 Unhandled RDMSR(0x40000085)
[  550.430065][T14395] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1661'.
[  550.477477][T14395] netlink: 350 bytes leftover after parsing attributes in process `syz.3.1661'.
[  551.336728][T14410] random: crng reseeded on system resumption
[  553.937643][T14463] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1673'.
[  554.039864][T14460] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1673'.
[  555.219749][T14481] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input19
[  557.684128][T14514] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1684'.
[  557.718993][T14514] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1684'.
[  557.944818][T14517] netlink: 504 bytes leftover after parsing attributes in process `syz.0.1685'.
[  557.957277][T14517] netlink: 350 bytes leftover after parsing attributes in process `syz.0.1685'.
[  558.257098][T14529] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  558.263877][T14529] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  558.281406][T14529] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  558.292081][T14529] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  559.223113][T14545] smpboot: CPU 1 is now offline
[  559.333870][T14549] smpboot: Booting Node 0 Processor 1 APIC 0x1
[  559.343285][T12976] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18
[  559.351016][T12976] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff
[  559.378074][T14549] ------------[ cut here ]------------
[  559.378792][T14549] 
[  559.378798][T14549] ======================================================
[  559.378803][T14549] WARNING: possible circular locking dependency detected
[  559.378810][T14549] syzkaller #0 Tainted: G             L     
[  559.378819][T14549] ------------------------------------------------------
[  559.378823][T14549] syz.2.1692/14549 is trying to acquire lock:
[  559.378831][T14549] ffffffff8e6f5460 (console_owner){-...}-{0:0}, at: console_lock_spinning_enable+0x61/0x80
[  559.378875][T14549] 
[  559.378875][T14549] but task is already holding lock:
[  559.378879][T14549] ffff8880b843b2e0 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x88/0x140
[  559.378917][T14549] 
[  559.378917][T14549] which lock already depends on the new lock.
[  559.378917][T14549] 
[  559.378922][T14549] 
[  559.378922][T14549] the existing dependency chain (in reverse order) is:
[  559.378926][T14549] 
[  559.378926][T14549] -> #4 (&rq->__lock){-.-.}-{2:2}:
[  559.378947][T14549]        _raw_spin_lock_nested+0x31/0x40
[  559.378964][T14549]        raw_spin_rq_lock_nested+0x2c/0x140
[  559.378984][T14549]        _task_rq_lock+0xcf/0x490
[  559.378997][T14549]        cgroup_move_task+0x81/0x2b0
[  559.379010][T14549]        css_set_move_task+0x285/0x600
[  559.379030][T14549]        cgroup_post_fork+0x202/0x9b0
[  559.379050][T14549]        copy_process+0x5f26/0x7a10
[  559.379064][T14549]        kernel_clone+0xfc/0x9a0
[  559.379078][T14549]        user_mode_thread+0xcc/0x110
[  559.379092][T14549]        rest_init+0x21/0x260
[  559.379102][T14549]        start_kernel+0x47f/0x480
[  559.379116][T14549]        x86_64_start_reservations+0x24/0x30
[  559.379132][T14549]        x86_64_start_kernel+0x12b/0x130
[  559.379147][T14549]        common_startup_64+0x13e/0x148
[  559.379160][T14549] 
[  559.379160][T14549] -> #3 (&p->pi_lock){-.-.}-{2:2}:
[  559.379178][T14549]        _raw_spin_lock_irqsave+0x3a/0x60
[  559.379193][T14549]        try_to_wake_up+0xb2/0x1a80
[  559.379212][T14549]        __wake_up_common+0x135/0x1f0
[  559.379228][T14549]        __wake_up+0x31/0x60
[  559.379240][T14549]        tty_port_default_wakeup+0x47/0x60
[  559.379261][T14549]        serial8250_tx_chars+0x68f/0x860
[  559.379282][T14549]        serial8250_handle_irq+0x73e/0xcb0
[  559.379294][T14549]        serial8250_default_handle_irq+0x9e/0x270
[  559.379307][T14549]        serial8250_interrupt+0xf8/0x1d0
[  559.379321][T14549]        __handle_irq_event_percpu+0x232/0x8e0
[  559.379341][T14549]        handle_irq_event+0xab/0x1e0
[  559.379360][T14549]        handle_edge_irq+0x375/0x970
[  559.379377][T14549]        __common_interrupt+0xd8/0x2f0
[  559.379393][T14549]        common_interrupt+0xb9/0xe0
[  559.379405][T14549]        asm_common_interrupt+0x26/0x40
[  559.379418][T14549]        lock_acquire+0x5e/0x380
[  559.379433][T14549]        __page_table_check_zero+0x8c/0x410
[  559.379460][T14549]        post_alloc_hook+0x140/0x170
[  559.379475][T14549]        get_page_from_freelist+0x111d/0x3140
[  559.379491][T14549]        __alloc_frozen_pages_noprof+0x27c/0x2ba0
[  559.379509][T14549]        alloc_pages_mpol+0x1fb/0x550
[  559.379529][T14549]        folio_alloc_mpol_noprof+0x36/0x340
[  559.379542][T14549]        vma_alloc_folio_noprof+0xed/0x1d0
[  559.379554][T14549]        do_wp_page+0x1eef/0x4f00
[  559.379574][T14549]        __handle_mm_fault+0x1ac8/0x2b60
[  559.379588][T14549]        handle_mm_fault+0x36d/0xa20
[  559.379601][T14549]        do_user_addr_fault+0x5a3/0x12f0
[  559.379621][T14549]        exc_page_fault+0x6f/0xd0
[  559.379637][T14549]        asm_exc_page_fault+0x26/0x30
[  559.379649][T14549] 
[  559.379649][T14549] -> #2 (&tty->write_wait){-.-.}-{3:3}:
[  559.379667][T14549]        _raw_spin_lock_irqsave+0x3a/0x60
[  559.379682][T14549]        __wake_up+0x1c/0x60
[  559.379696][T14549]        tty_port_default_wakeup+0x47/0x60
[  559.379718][T14549]        serial8250_tx_chars+0x68f/0x860
[  559.379737][T14549]        serial8250_handle_irq+0x73e/0xcb0
[  559.379750][T14549]        serial8250_default_handle_irq+0x9e/0x270
[  559.379763][T14549]        serial8250_interrupt+0xf8/0x1d0
[  559.379777][T14549]        __handle_irq_event_percpu+0x232/0x8e0
[  559.379797][T14549]        handle_irq_event+0xab/0x1e0
[  559.379816][T14549]        handle_edge_irq+0x375/0x970
[  559.379833][T14549]        __common_interrupt+0xd8/0x2f0
[  559.379849][T14549]        common_interrupt+0xb9/0xe0
[  559.379860][T14549]        asm_common_interrupt+0x26/0x40
[  559.379873][T14549]        _raw_spin_unlock_irqrestore+0x31/0x80
[  559.379889][T14549]        uart_write+0x29d/0xb20
[  559.379907][T14549]        n_tty_write+0x44f/0x12d0
[  559.379920][T14549]        file_tty_write.isra.0+0x4d2/0x890
[  559.379939][T14549]        redirected_tty_write+0xd4/0x120
[  559.379958][T14549]        vfs_write+0x6ac/0x1070
[  559.379974][T14549]        ksys_write+0x12a/0x250
[  559.379991][T14549]        do_syscall_64+0x106/0xf80
[  559.380008][T14549]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  559.380021][T14549] 
[  559.380021][T14549] -> #1 (&port_lock_key){-.-.}-{3:3}:
[  559.380038][T14549]        _raw_spin_lock_irqsave+0x3a/0x60
[  559.380053][T14549]        serial8250_console_write+0x17e/0x1900
[  559.380067][T14549]        console_flush_one_record+0x790/0xe50
[  559.380086][T14549]        console_unlock+0x103/0x260
[  559.380104][T14549]        vprintk_emit+0x407/0x6b0
[  559.380122][T14549]        _printk+0xcf/0x110
[  559.380134][T14549]        register_console.cold+0xc0/0x248
[  559.380147][T14549]        univ8250_console_init+0x6f/0x80
[  559.380167][T14549]        console_init+0x423/0x620
[  559.380185][T14549]        start_kernel+0x305/0x480
[  559.380199][T14549]        x86_64_start_reservations+0x24/0x30
[  559.380215][T14549]        x86_64_start_kernel+0x12b/0x130
[  559.380231][T14549]        common_startup_64+0x13e/0x148
[  559.380244][T14549] 
[  559.380244][T14549] -> #0 (console_owner){-...}-{0:0}:
[  559.380262][T14549]        __lock_acquire+0x14b8/0x2630
[  559.380277][T14549]        lock_acquire+0x1cf/0x380
[  559.380291][T14549]        console_lock_spinning_enable+0x72/0x80
[  559.380329][T14549]        console_flush_one_record+0x739/0xe50
[  559.380349][T14549]        console_unlock+0x103/0x260
[  559.380369][T14549]        vprintk_emit+0x407/0x6b0
[  559.380388][T14549]        _printk+0xcf/0x110
[  559.380400][T14549]        __report_bug.cold+0x15/0x137
[  559.380417][T14549]        report_bug+0xb2/0x220
[  559.380432][T14549]        handle_bug+0x166/0x2a0
[  559.380455][T14549]        exc_invalid_op+0x17/0x50
[  559.380473][T14549]        asm_exc_invalid_op+0x1a/0x20
[  559.380487][T14549]        update_rq_clock+0x40a/0xd20
[  559.380499][T14549]        __schedule+0x1b7d/0x60e0
[  559.380514][T14549]        schedule+0xdd/0x390
[  559.380528][T14549]        schedule_timeout+0x1b2/0x280
[  559.380541][T14549]        __wait_for_common+0x2e7/0x4c0
[  559.380557][T14549]        cpuhp_bringup_ap+0xcb/0x10e0
[  559.380570][T14549]        cpuhp_invoke_callback+0x3ab/0x9a0
[  559.380591][T14549]        __cpuhp_invoke_callback_range+0x158/0x1d0
[  559.380604][T14549]        _cpu_up+0x3f6/0x960
[  559.380616][T14549]        cpu_up+0x1ba/0x230
[  559.380628][T14549]        cpu_subsys_online+0x84/0x190
[  559.380649][T14549]        device_online+0x114/0x1c0
[  559.380664][T14549]        online_store+0x145/0x180
[  559.380679][T14549]        dev_attr_store+0x58/0x80
[  559.380694][T14549]        sysfs_kf_write+0xf2/0x150
[  559.380714][T14549]        kernfs_fop_write_iter+0x3e0/0x5f0
[  559.380730][T14549]        do_iter_readv_writev+0x6ee/0x920
[  559.380747][T14549]        vfs_writev+0x360/0xe10
[  559.380762][T14549]        do_writev+0x13e/0x340
[  559.380778][T14549]        do_syscall_64+0x106/0xf80
[  559.380795][T14549]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  559.380808][T14549] 
[  559.380808][T14549] other info that might help us debug this:
[  559.380808][T14549] 
[  559.380812][T14549] Chain exists of:
[  559.380812][T14549]   console_owner --> &p->pi_lock --> &rq->__lock
[  559.380812][T14549] 
[  559.380833][T14549]  Possible unsafe locking scenario:
[  559.380833][T14549] 
[  559.380836][T14549]        CPU0                    CPU1
[  559.380840][T14549]        ----                    ----
[  559.380843][T14549]   lock(&rq->__lock);
[  559.380851][T14549]                                lock(&p->pi_lock);
[  559.380860][T14549]                                lock(&rq->__lock);
[  559.380869][T14549]   lock(console_owner);
[  559.380877][T14549] 
[  559.380877][T14549]  *** DEADLOCK ***
[  559.380877][T14549] 
[  559.380881][T14549] 12 locks held by syz.2.1692/14549:
[  559.380889][T14549]  #0: ffff8880223a67f8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2aa/0x380
[  559.380926][T14549]  #1: ffff888034b5e420 (sb_writers#7){.+.+}-{0:0}, at: do_writev+0x13e/0x340
[  559.380963][T14549]  #2: ffff88806b38c488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0
[  559.380998][T14549]  #3: ffff88801fafe878 (kn->active#133){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0
[  559.381037][T14549]  #4: ffffffff8f751688 (device_hotplug_lock){+.+.}-{4:4}, at: online_store+0x9a/0x180
[  559.381071][T14549]  #5: ffff8880b8537950 (&dev->mutex){....}-{4:4}, at: device_online+0x27/0x1c0
[  559.381104][T14549]  #6: ffffffff8e680c08 (cpu_add_remove_lock){+.+.}-{4:4}, at: cpu_up+0xbc/0x230
[  559.381136][T14549]  #7: ffffffff8e680b50 (cpu_hotplug_lock){++++}-{0:0}, at: _cpu_up+0x68/0x960
[  559.381167][T14549]  #8: ffffffff8e7dc848 (sparse_irq_lock){+.+.}-{4:4}, at: cpuhp_bringup_ap+0x63/0x10e0
[  559.381198][T14549]  #9: ffff8880b843b2e0 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x88/0x140
[  559.381237][T14549]  #10: ffffffff8e7d58a0 (console_lock){+.+.}-{0:0}, at: _printk+0xcf/0x110
[  559.381268][T14549]  #11: ffffffff8e7d5918 (console_srcu){....}-{0:0}, at: console_flush_one_record+0xfd/0xe50
[  559.381305][T14549] 
[  559.381305][T14549] stack backtrace:
[  559.381315][T14549] CPU: 0 UID: 0 PID: 14549 Comm: syz.2.1692 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  559.381336][T14549] Tainted: [L]=SOFTLOCKUP
[  559.381341][T14549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  559.381351][T14549] Call Trace:
[  559.381357][T14549]  <TASK>
[  559.381362][T14549]  dump_stack_lvl+0x100/0x190
[  559.381383][T14549]  print_circular_bug.cold+0x178/0x1c7
[  559.381406][T14549]  check_noncircular+0x146/0x160
[  559.381425][T14549]  __lock_acquire+0x14b8/0x2630
[  559.381450][T14549]  lock_acquire+0x1cf/0x380
[  559.381466][T14549]  ? console_lock_spinning_enable+0x61/0x80
[  559.381488][T14549]  ? console_lock_spinning_enable+0x4a/0x80
[  559.381510][T14549]  console_lock_spinning_enable+0x72/0x80
[  559.381530][T14549]  ? console_lock_spinning_enable+0x61/0x80
[  559.381550][T14549]  console_flush_one_record+0x739/0xe50
[  559.381572][T14549]  ? __pfx_console_flush_one_record+0x10/0x10
[  559.381595][T14549]  ? is_printk_cpu_sync_owner+0x32/0x40
[  559.381610][T14549]  console_unlock+0x103/0x260
[  559.381629][T14549]  ? __pfx_console_unlock+0x10/0x10
[  559.381650][T14549]  ? do_raw_spin_unlock+0x145/0x1e0
[  559.381669][T14549]  ? _printk+0xcf/0x110
[  559.381683][T14549]  vprintk_emit+0x407/0x6b0
[  559.381705][T14549]  ? __pfx_vprintk_emit+0x10/0x10
[  559.381728][T14549]  _printk+0xcf/0x110
[  559.381741][T14549]  ? __pfx__printk+0x10/0x10
[  559.381756][T14549]  ? __report_bug.cold+0x5/0x137
[  559.381775][T14549]  __report_bug.cold+0x15/0x137
[  559.381792][T14549]  ? update_rq_clock+0x40a/0xd20
[  559.381806][T14549]  ? __pfx___report_bug+0x10/0x10
[  559.381824][T14549]  ? rcu_is_watching+0x12/0xc0
[  559.381843][T14549]  ? __update_load_avg_cfs_rq+0x83b/0xae0
[  559.381860][T14549]  ? update_rq_clock+0x40a/0xd20
[  559.381873][T14549]  report_bug+0xb2/0x220
[  559.381889][T14549]  ? update_rq_clock+0x40a/0xd20
[  559.381902][T14549]  handle_bug+0x166/0x2a0
[  559.381921][T14549]  exc_invalid_op+0x17/0x50
[  559.381941][T14549]  asm_exc_invalid_op+0x1a/0x20
[  559.381955][T14549] RIP: 0010:update_rq_clock+0x40a/0xd20
[  559.381969][T14549] Code: ab 48 0b 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f e9 88 07 b9 09 a8 04 0f 84 df fc ff ff 90 0f 0b 90 e9 d6 fc ff ff 90 <0f> 0b 90 e9 92 fc ff ff 4c 8d 83 40 0b 00 00 48 b8 00 00 00 00 00
[  559.381984][T14549] RSP: 0018:ffffc900037573f0 EFLAGS: 00010046
[  559.381995][T14549] RAX: 0000000000000000 RBX: ffff8880b853b280 RCX: 0000000000000001
[  559.382005][T14549] RDX: 0000000000000046 RSI: ffffffff8de4f364 RDI: ffffffff8c1adb20
[  559.382014][T14549] RBP: ffffc90003757598 R08: 0000000000000001 R09: 0000000000000001
[  559.382023][T14549] R10: ffffffff90d95417 R11: 0000000000000001 R12: ffffffff90d98714
[  559.382032][T14549] R13: ffff8880b853c0c0 R14: ffff88806cecbc80 R15: ffff8880b853b280
[  559.382045][T14549]  ? pick_task_fair+0x85/0x350
[  559.382067][T14549]  __schedule+0x1b7d/0x60e0
[  559.382084][T14549]  ? __lock_acquire+0x4a5/0x2630
[  559.382103][T14549]  ? __pfx___schedule+0x10/0x10
[  559.382119][T14549]  ? find_held_lock+0x2b/0x80
[  559.382139][T14549]  ? schedule+0x2bf/0x390
[  559.382156][T14549]  schedule+0xdd/0x390
[  559.382171][T14549]  schedule_timeout+0x1b2/0x280
[  559.382185][T14549]  ? __pfx_schedule_timeout+0x10/0x10
[  559.382202][T14549]  ? mark_held_locks+0x40/0x70
[  559.382219][T14549]  __wait_for_common+0x2e7/0x4c0
[  559.382236][T14549]  ? __pfx_schedule_timeout+0x10/0x10
[  559.382251][T14549]  ? __pfx___wait_for_common+0x10/0x10
[  559.382270][T14549]  ? mark_held_locks+0x40/0x70
[  559.382285][T14549]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  559.382301][T14549]  ? lockdep_hardirqs_on+0x78/0x100
[  559.382319][T14549]  cpuhp_bringup_ap+0xcb/0x10e0
[  559.382334][T14549]  ? rcu_is_watching+0x12/0xc0
[  559.382353][T14549]  ? trace_cpuhp_enter+0x7c/0x220
[  559.382374][T14549]  ? __pfx_cpuhp_bringup_ap+0x10/0x10
[  559.382388][T14549]  cpuhp_invoke_callback+0x3ab/0x9a0
[  559.382413][T14549]  __cpuhp_invoke_callback_range+0x158/0x1d0
[  559.382429][T14549]  _cpu_up+0x3f6/0x960
[  559.382451][T14549]  cpu_up+0x1ba/0x230
[  559.382466][T14549]  cpu_subsys_online+0x84/0x190
[  559.382489][T14549]  ? __pfx_cpu_subsys_online+0x10/0x10
[  559.382511][T14549]  device_online+0x114/0x1c0
[  559.382528][T14549]  ? __pfx_online_store+0x10/0x10
[  559.382544][T14549]  online_store+0x145/0x180
[  559.382560][T14549]  ? __pfx_online_store+0x10/0x10
[  559.382576][T14549]  ? __print_lock_name+0x61/0x80
[  559.382596][T14549]  ? sysfs_file_kobj+0xe4/0x290
[  559.382616][T14549]  ? sysfs_file_kobj+0xe4/0x290
[  559.382637][T14549]  dev_attr_store+0x58/0x80
[  559.382652][T14549]  ? __pfx_dev_attr_store+0x10/0x10
[  559.382668][T14549]  sysfs_kf_write+0xf2/0x150
[  559.382689][T14549]  kernfs_fop_write_iter+0x3e0/0x5f0
[  559.382709][T14549]  ? __pfx_sysfs_kf_write+0x10/0x10
[  559.382730][T14549]  do_iter_readv_writev+0x6ee/0x920
[  559.382749][T14549]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  559.382770][T14549]  vfs_writev+0x360/0xe10
[  559.382786][T14549]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  559.382803][T14549]  ? lockdep_hardirqs_on+0x78/0x100
[  559.382822][T14549]  ? __pfx_vfs_writev+0x10/0x10
[  559.382839][T14549]  ? fdget_pos+0x2aa/0x380
[  559.382865][T14549]  ? __fget_files+0x21f/0x3d0
[  559.382885][T14549]  ? do_writev+0x13e/0x340
[  559.382901][T14549]  do_writev+0x13e/0x340
[  559.382918][T14549]  ? __pfx_do_writev+0x10/0x10
[  559.382938][T14549]  do_syscall_64+0x106/0xf80
[  559.382955][T14549]  ? clear_bhb_loop+0x40/0x90
[  559.382970][T14549]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  559.382984][T14549] RIP: 0033:0x7f056dd9bf79
[  559.382997][T14549] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  559.383011][T14549] RSP: 002b:00007f056ecc8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  559.383025][T14549] RAX: ffffffffffffffda RBX: 00007f056e016090 RCX: 00007f056dd9bf79
[  559.383034][T14549] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003
[  559.383043][T14549] RBP: 00007f056de327e0 R08: 0000000000000000 R09: 0000000000000000
[  559.383052][T14549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  559.383060][T14549] R13: 00007f056e016128 R14: 00007f056e016090 R15: 00007ffc9230e388
[  559.383074][T14549]  </TASK>
[  560.893366][T14549] debug_locks && !(lock_is_held(&(__rq_lockp(rq))->dep_map) != 0)
[  560.893389][T14549] WARNING: kernel/sched/sched.h:1600 at update_rq_clock+0x40a/0xd20, CPU#0: syz.2.1692/14549
[  560.911294][T14549] Modules linked in:
[  560.915175][T14549] CPU: 0 UID: 0 PID: 14549 Comm: syz.2.1692 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  560.926088][T14549] Tainted: [L]=SOFTLOCKUP
[  560.930391][T14549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  560.940425][T14549] RIP: 0010:update_rq_clock+0x40a/0xd20
[  560.945953][T14549] Code: ab 48 0b 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f e9 88 07 b9 09 a8 04 0f 84 df fc ff ff 90 0f 0b 90 e9 d6 fc ff ff 90 <0f> 0b 90 e9 92 fc ff ff 4c 8d 83 40 0b 00 00 48 b8 00 00 00 00 00
[  560.965550][T14549] RSP: 0018:ffffc900037573f0 EFLAGS: 00010046
[  560.971703][T14549] RAX: 0000000000000000 RBX: ffff8880b853b280 RCX: 0000000000000001
[  560.979657][T14549] RDX: 0000000000000046 RSI: ffffffff8de4f364 RDI: ffffffff8c1adb20
[  560.987612][T14549] RBP: ffffc90003757598 R08: 0000000000000001 R09: 0000000000000001
[  560.995580][T14549] R10: ffffffff90d95417 R11: 0000000000000001 R12: ffffffff90d98714
[  561.003532][T14549] R13: ffff8880b853c0c0 R14: ffff88806cecbc80 R15: ffff8880b853b280
[  561.011485][T14549] FS:  00007f056ecc86c0(0000) GS:ffff88812435a000(0000) knlGS:0000000000000000
[  561.020499][T14549] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  561.027064][T14549] CR2: 00007f056dde96c0 CR3: 000000004046e000 CR4: 00000000003526f0
[  561.035019][T14549] Call Trace:
[  561.038278][T14549]  <TASK>
[  561.041191][T14549]  ? pick_task_fair+0x85/0x350
[  561.046037][T14549]  __schedule+0x1b7d/0x60e0
[  561.050559][T14549]  ? __lock_acquire+0x4a5/0x2630
[  561.055482][T14549]  ? __pfx___schedule+0x10/0x10
[  561.060403][T14549]  ? find_held_lock+0x2b/0x80
[  561.065067][T14549]  ? schedule+0x2bf/0x390
[  561.069386][T14549]  schedule+0xdd/0x390
[  561.073538][T14549]  schedule_timeout+0x1b2/0x280
[  561.078373][T14549]  ? __pfx_schedule_timeout+0x10/0x10
[  561.083733][T14549]  ? mark_held_locks+0x40/0x70
[  561.088490][T14549]  __wait_for_common+0x2e7/0x4c0
[  561.093500][T14549]  ? __pfx_schedule_timeout+0x10/0x10
[  561.098859][T14549]  ? __pfx___wait_for_common+0x10/0x10
[  561.104323][T14549]  ? mark_held_locks+0x40/0x70
[  561.109158][T14549]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  561.115122][T14549]  ? lockdep_hardirqs_on+0x78/0x100
[  561.120339][T14549]  cpuhp_bringup_ap+0xcb/0x10e0
[  561.125174][T14549]  ? rcu_is_watching+0x12/0xc0
[  561.129925][T14549]  ? trace_cpuhp_enter+0x7c/0x220
[  561.134939][T14549]  ? __pfx_cpuhp_bringup_ap+0x10/0x10
[  561.140292][T14549]  cpuhp_invoke_callback+0x3ab/0x9a0
[  561.145568][T14549]  __cpuhp_invoke_callback_range+0x158/0x1d0
[  561.151532][T14549]  _cpu_up+0x3f6/0x960
[  561.155585][T14549]  cpu_up+0x1ba/0x230
[  561.159577][T14549]  cpu_subsys_online+0x84/0x190
[  561.164420][T14549]  ? __pfx_cpu_subsys_online+0x10/0x10
[  561.169869][T14549]  device_online+0x114/0x1c0
[  561.174445][T14549]  ? __pfx_online_store+0x10/0x10
[  561.179464][T14549]  online_store+0x145/0x180
[  561.183951][T14549]  ? __pfx_online_store+0x10/0x10
[  561.188960][T14549]  ? __print_lock_name+0x61/0x80
[  561.193887][T14549]  ? sysfs_file_kobj+0xe4/0x290
[  561.198729][T14549]  ? sysfs_file_kobj+0xe4/0x290
[  561.203570][T14549]  dev_attr_store+0x58/0x80
[  561.208056][T14549]  ? __pfx_dev_attr_store+0x10/0x10
[  561.213236][T14549]  sysfs_kf_write+0xf2/0x150
[  561.217816][T14549]  kernfs_fop_write_iter+0x3e0/0x5f0
[  561.223113][T14549]  ? __pfx_sysfs_kf_write+0x10/0x10
[  561.228310][T14549]  do_iter_readv_writev+0x6ee/0x920
[  561.233584][T14549]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  561.239293][T14549]  vfs_writev+0x360/0xe10
[  561.243695][T14549]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  561.249496][T14549]  ? lockdep_hardirqs_on+0x78/0x100
[  561.254692][T14549]  ? __pfx_vfs_writev+0x10/0x10
[  561.259526][T14549]  ? fdget_pos+0x2aa/0x380
[  561.263936][T14549]  ? __fget_files+0x21f/0x3d0
[  561.268600][T14549]  ? do_writev+0x13e/0x340
[  561.272999][T14549]  do_writev+0x13e/0x340
[  561.277235][T14549]  ? __pfx_do_writev+0x10/0x10
[  561.281985][T14549]  do_syscall_64+0x106/0xf80
[  561.286562][T14549]  ? clear_bhb_loop+0x40/0x90
[  561.291224][T14549]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  561.297105][T14549] RIP: 0033:0x7f056dd9bf79
[  561.301503][T14549] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  561.321190][T14549] RSP: 002b:00007f056ecc8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  561.329703][T14549] RAX: ffffffffffffffda RBX: 00007f056e016090 RCX: 00007f056dd9bf79
[  561.337668][T14549] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003
[  561.345819][T14549] RBP: 00007f056de327e0 R08: 0000000000000000 R09: 0000000000000000
[  561.353781][T14549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  561.361735][T14549] R13: 00007f056e016128 R14: 00007f056e016090 R15: 00007ffc9230e388
[  561.369692][T14549]  </TASK>
[  561.372708][T14549] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  561.379969][T14549] CPU: 0 UID: 0 PID: 14549 Comm: syz.2.1692 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  561.390885][T14549] Tainted: [L]=SOFTLOCKUP
[  561.395188][T14549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  561.405311][T14549] Call Trace:
[  561.408573][T14549]  <TASK>
[  561.411486][T14549]  dump_stack_lvl+0x100/0x190
[  561.416155][T14549]  vpanic+0x552/0x970
[  561.420120][T14549]  ? __pfx_vpanic+0x10/0x10
[  561.424610][T14549]  ? lock_release+0x263/0x320
[  561.429272][T14549]  panic+0xd1/0xe0
[  561.432978][T14549]  ? __pfx_panic+0x10/0x10
[  561.437378][T14549]  check_panic_on_warn.cold+0x19/0x34
[  561.442733][T14549]  ? update_rq_clock+0x40a/0xd20
[  561.447651][T14549]  __warn.cold+0x191/0x348
[  561.452050][T14549]  __report_bug+0x296/0x3d0
[  561.456537][T14549]  ? update_rq_clock+0x40a/0xd20
[  561.461473][T14549]  ? __pfx___report_bug+0x10/0x10
[  561.466479][T14549]  ? rcu_is_watching+0x12/0xc0
[  561.471229][T14549]  ? __update_load_avg_cfs_rq+0x83b/0xae0
[  561.476958][T14549]  ? update_rq_clock+0x40a/0xd20
[  561.481875][T14549]  report_bug+0xb2/0x220
[  561.486103][T14549]  ? update_rq_clock+0x40a/0xd20
[  561.491023][T14549]  handle_bug+0x166/0x2a0
[  561.495340][T14549]  exc_invalid_op+0x17/0x50
[  561.499831][T14549]  asm_exc_invalid_op+0x1a/0x20
[  561.504751][T14549] RIP: 0010:update_rq_clock+0x40a/0xd20
[  561.510278][T14549] Code: ab 48 0b 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f e9 88 07 b9 09 a8 04 0f 84 df fc ff ff 90 0f 0b 90 e9 d6 fc ff ff 90 <0f> 0b 90 e9 92 fc ff ff 4c 8d 83 40 0b 00 00 48 b8 00 00 00 00 00
[  561.529866][T14549] RSP: 0018:ffffc900037573f0 EFLAGS: 00010046
[  561.535915][T14549] RAX: 0000000000000000 RBX: ffff8880b853b280 RCX: 0000000000000001
[  561.543865][T14549] RDX: 0000000000000046 RSI: ffffffff8de4f364 RDI: ffffffff8c1adb20
[  561.551818][T14549] RBP: ffffc90003757598 R08: 0000000000000001 R09: 0000000000000001
[  561.559767][T14549] R10: ffffffff90d95417 R11: 0000000000000001 R12: ffffffff90d98714
[  561.567720][T14549] R13: ffff8880b853c0c0 R14: ffff88806cecbc80 R15: ffff8880b853b280
[  561.575678][T14549]  ? pick_task_fair+0x85/0x350
[  561.580443][T14549]  __schedule+0x1b7d/0x60e0
[  561.584931][T14549]  ? __lock_acquire+0x4a5/0x2630
[  561.589857][T14549]  ? __pfx___schedule+0x10/0x10
[  561.594691][T14549]  ? find_held_lock+0x2b/0x80
[  561.599370][T14549]  ? schedule+0x2bf/0x390
[  561.603683][T14549]  schedule+0xdd/0x390
[  561.607737][T14549]  schedule_timeout+0x1b2/0x280
[  561.612570][T14549]  ? __pfx_schedule_timeout+0x10/0x10
[  561.617940][T14549]  ? mark_held_locks+0x40/0x70
[  561.622689][T14549]  __wait_for_common+0x2e7/0x4c0
[  561.627612][T14549]  ? __pfx_schedule_timeout+0x10/0x10
[  561.632984][T14549]  ? __pfx___wait_for_common+0x10/0x10
[  561.638429][T14549]  ? mark_held_locks+0x40/0x70
[  561.643178][T14549]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  561.648970][T14549]  ? lockdep_hardirqs_on+0x78/0x100
[  561.654240][T14549]  cpuhp_bringup_ap+0xcb/0x10e0
[  561.659081][T14549]  ? rcu_is_watching+0x12/0xc0
[  561.663832][T14549]  ? trace_cpuhp_enter+0x7c/0x220
[  561.668849][T14549]  ? __pfx_cpuhp_bringup_ap+0x10/0x10
[  561.674201][T14549]  cpuhp_invoke_callback+0x3ab/0x9a0
[  561.679568][T14549]  __cpuhp_invoke_callback_range+0x158/0x1d0
[  561.685539][T14549]  _cpu_up+0x3f6/0x960
[  561.689594][T14549]  cpu_up+0x1ba/0x230
[  561.693560][T14549]  cpu_subsys_online+0x84/0x190
[  561.698403][T14549]  ? __pfx_cpu_subsys_online+0x10/0x10
[  561.703853][T14549]  device_online+0x114/0x1c0
[  561.708520][T14549]  ? __pfx_online_store+0x10/0x10
[  561.713553][T14549]  online_store+0x145/0x180
[  561.718048][T14549]  ? __pfx_online_store+0x10/0x10
[  561.723057][T14549]  ? __print_lock_name+0x61/0x80
[  561.727984][T14549]  ? sysfs_file_kobj+0xe4/0x290
[  561.732824][T14549]  ? sysfs_file_kobj+0xe4/0x290
[  561.737683][T14549]  dev_attr_store+0x58/0x80
[  561.742179][T14549]  ? __pfx_dev_attr_store+0x10/0x10
[  561.747363][T14549]  sysfs_kf_write+0xf2/0x150
[  561.751961][T14549]  kernfs_fop_write_iter+0x3e0/0x5f0
[  561.757237][T14549]  ? __pfx_sysfs_kf_write+0x10/0x10
[  561.762425][T14549]  do_iter_readv_writev+0x6ee/0x920
[  561.767871][T14549]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  561.773581][T14549]  vfs_writev+0x360/0xe10
[  561.777989][T14549]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  561.783797][T14549]  ? lockdep_hardirqs_on+0x78/0x100
[  561.789003][T14549]  ? __pfx_vfs_writev+0x10/0x10
[  561.793845][T14549]  ? fdget_pos+0x2aa/0x380
[  561.798278][T14549]  ? __fget_files+0x21f/0x3d0
[  561.802946][T14549]  ? do_writev+0x13e/0x340
[  561.807350][T14549]  do_writev+0x13e/0x340
[  561.811579][T14549]  ? __pfx_do_writev+0x10/0x10
[  561.816332][T14549]  do_syscall_64+0x106/0xf80
[  561.820945][T14549]  ? clear_bhb_loop+0x40/0x90
[  561.825609][T14549]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  561.831488][T14549] RIP: 0033:0x7f056dd9bf79
[  561.835914][T14549] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  561.855505][T14549] RSP: 002b:00007f056ecc8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  561.864259][T14549] RAX: ffffffffffffffda RBX: 00007f056e016090 RCX: 00007f056dd9bf79
[  561.872215][T14549] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003
[  561.880205][T14549] RBP: 00007f056de327e0 R08: 0000000000000000 R09: 0000000000000000
[  561.888160][T14549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  561.896134][T14549] R13: 00007f056e016128 R14: 00007f056e016090 R15: 00007ffc9230e388
[  561.904091][T14549]  </TASK>
[  561.907150][T14549] Kernel Offset: disabled
[  561.911465][T14549] Rebooting in 86400 seconds..