last executing test programs:

25m50.563266418s ago: executing program 2 (id=14):
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
getsockopt$auto_SO_RCVBUF(r0, 0x8, 0x8, &(0x7f0000000040)='\\*)A\x00', &(0x7f0000000100)=0xfffffffe)
prctl$auto(0x3e, 0x5, 0x0, 0x1, 0xfffffffffffffffd)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mq_open$auto(&(0x7f0000000000)='\\*)A\x00', 0x10007e, 0x9, 0x0)
write$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
io_uring_register$auto_IORING_REGISTER_FILES_UPDATE2(0xffffffffffffffff, 0xe, 0x0, 0x9)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000)
madvise$auto(0x0, 0x200007, 0x19)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x100000040ebf, 0x4, 0x300000000000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x201, 0x0)
clone$auto(0x8000000000000005, 0x7fff, 0x0, 0x0, 0x2)
mbind$auto(0x0, 0x8000000000000002, 0x100000000, 0x0, 0x6, 0x2)
io_uring_setup$auto(0x2, &(0x7f0000000080)={0x5, 0x9, 0x4002, 0x6, 0x4, 0x8, 0xffffffffffffffff, [], {0x9, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x4000006, 0x2000}, {0x180, 0x1, 0x52, 0x4000001, 0x1, 0x40, 0x104, 0x8, 0x100000000}})

25m49.363933544s ago: executing program 2 (id=19):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x4, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
setsockopt$auto(r1, 0x10f, 0x87, 0x0, 0x14)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)
recvmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x2, &(0x7f0000000140)={0x0, 0x4da}, 0x6, 0x0, 0x8, 0x7ff}, 0x1000}, 0xffffffff, 0x4, 0x0)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_SET_WIPHY(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010029bd7073000000001400000008000300", @ANYRES32], 0x24}, 0x1, 0x1400, 0x0, 0xaee2e45ddcc9e3a5}, 0x20040080)
sendmsg$auto_NL80211_CMD_ABORT_SCAN(r0, &(0x7f0000000a40)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000a00)={&(0x7f0000000300)={0x6f8, r2, 0x20, 0x70bd27, 0x25dfdbfd, {}, [@NL80211_ATTR_BEACON_HEAD={0x6d9, 0xe, "d746c94ab0d671b83ca357eec2b26a0e88589f1569f3c3ff0949849c0c37065ae7f9b1f33344a5e784848f21aad6c852580c08b1bca21715919b3d076ee938881e3227bb4019353270e7bc6ae36dade74847cb861febce3b997323b2b5d88a3d4db2c6e56eda5bc99bd9afb226713303ef6a1ca0e179e2f1a87754959497d31ff38e8471658c08f82f8fca8ba0e4567371cb1b31022d7f11c7797b0fe3493a7d276b92fcdf0db7ad08e24ed5ef6c63b615d77a9d258c1697df29efb5742fc2152bebe5485b024ca7e3595b596d43a357a964e03d0b58b8a31ba81e07c7db29026f9af3510b0dd2938befe56a709098452fdd45f551b3df1f503afcbb4b08366d3710d60254bc306d92e38e2ac8e8bbb84e1502c8de673986ddd5e2d2bf00a4c1435540f97496431eef124df35c30ed8d2578b508c2e4ac8f44673b67df02244433cc8c0999948ae07cbb69a4ea163c74cc9529a16386c610e73407fdd3b5c5e7d0d3debb656f4c1af666e960890e998d26b3e62088106212c73936f63df13a03e84e810f2a3a734854e49b43f3d147b983c1e9380bd54eabe5e295f5cf444ec2a3958d558b52072af65ff98437f627b73cb31dcfd9f0d0c4a41be69c675ff2c99405a9818653a6d35fcb5069b9b59ceb6a888f756a320702dfa657907fc3836091049773334d1ab90db0b65bee6646e53e35b7ed894168380d4091813a0c2307c865e1194a84e8989f797d70eaa6a2f398c490b8213e144159c09e984a65dcb94cdf269a158b91b0d413aa62c5df3e0cda8c1ad2be1462339c0f28bd5fcefce5875b16d96e142b4f1bde5472a5a248eb047b974cc15c2b790722dc9132224814bb95e0d977d53f02b33e22c9b03dc44d3f70e848af286e55637a02f6978f688087d8a619652ef8e797565be0cd06449210f1003db1415004e391ec0a2c2c5a65ebaa7d2a514108be92a24c78637c2b97096e1cac405a8ea09e1912ae5dc133756903988ba935ba6c9e54ce0c0e9a63e133b0a58afb68444f4ab361e4018cd58f7aeefaf501722a3792aa32f875d636f52cad369aa0b25ee13389bf9aa529e36d51d03296fb40ef701b5c1580ee9ec238de420206a6601bc7c28e2ff2a0adbbcddf7d0cebbb6de6f89bb41a0cdbeebc861e2d1c32f2cd2eac58f31a723eeee1aea7cddd25df90a7ed22827a984ef7132bc2cd50688c4e347c8a1799a07adc0f7ffbdb7eeb08f2c9be5d964da57aeedb962abe5ebe40b15c1dd89611e1c954ff08a37f6a5ddef2465d68b06d5e26841c8df83ce069fe11bd3c4ed3be3be2f24b775f9cfa9ad23c21ccc04c35d62069a126fb144ce1b01752eff3999f1f2e2864fc6ae72a811c8d748407887a9bbcf64e5a284f23219c0c4781a6d44a0cfd489e4c30b4bfd0c46eb09933e6f754b649455851632706ca4f1e1019289f013cc398da8ab902c2eca7dd54412c0df690cce020216e9f0c87cb05948c01f97ce0e067563d88c4885a4d347a9312f8e8a83c9926556ff3761ec26fc69ef3459acf5e4e4e8bb5a04f7f0c873b5c0f4e09d885d41fe45ebb676747c9b52eb303b5a471ffdc90a4e69aec75e6d3f5088884461ccfa8438b939f2a1d34227ffb2e970a57a7287650587349d161313082f9d6c00860da94be5228714125e36d906ecd2d236aa4e80f154f7d2a60d81aa24563dd2bdd4ff3f7e8bcf7fdb629ee9dde68f8687d5cbcdbeec4b7f01a062e15634f5df276a46c532fd9a98be3d7fe097e112b2576d632ce69884f94f3dfd701b4181242dbaf3d31f171111473942a1ff0238111af3103cf8e7947d20eb0b366a0027e685ba249a766431c7a487b6e54da6ab8c3414a23bafa49414138a3e85a0e071744c19a07e312bff19e9c7f2ef4f7fa747dcc13145064f4e849fa0270d1ebba7006547bfbc1504101ddeebac41ca9f432bcf225f016f4b6a757b8e4124334f15367aade1e93aa8dfb073da96225fa293102eaaf2650774f0c1115cfd79a080985c6ddc65592824b41787eba244bf537c5a2b607a772e431b8192f4865e729bcc5414e2d713977a29db1a6ebf0b342c03fedabd82a71e3f1aec1bc14bf3b425856d4ffa71a1a9a2f75140df29c40f72da45dfb1924d6b00ecbf0e94b886c68a59548b26f131337689a0cd141b2963c970a5eb93b4c38cbc3ae33e033e160f6118d2238aa454fb03f9099c2014a5286ce2be264c589732882d191ff5004e8ef9761071e699a47db965589c2de7733670c50b690f14fc7b3d72ea237d0652649ad43bad61e773c562f430659142a10d2287d09e0de34fe833de9de3230e6d21239c013dc149490227b82adeb45e60bc015d2bbbde866e21c05da2f82d0bc5b0da265cb28401e19c695117cd7b4c31c34d768d414697cf6e20258c9b3dbc97354cdbc99c19a6663d94b7982ce5dfb689dce2ec41dded158d3631884859cf3793889dd0f95ef64be110d0f"}, @NL80211_ATTR_WIPHY_RETRY_SHORT={0x5, 0x3d, 0x81}]}, 0x6f8}}, 0x40080)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0)
write$auto_fuse_dev_operations_fuse_i(r5, &(0x7f0000000440)="1100000000000000000000000000010000", 0x11)
openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000240), 0x840, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
getsockopt$auto_SO_DEBUG(r5, 0x1, 0x1, &(0x7f0000000100)='},:(.!/\x00', &(0x7f00000001c0))
r6 = getpid()
r7 = setfsuid$auto(0xee01)
setresuid$auto(0x0, r7, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000001f00)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000001ec0)={&(0x7f00000033c0)={0x1470, r2, 0x8, 0x70bd29, 0x25dfdbfc, {}, [@NL80211_ATTR_CQM={0x369, 0x5e, 0x0, 0x1, [@nested={0xfc, 0x137, 0x0, 0x1, [@typed={0x8, 0xb7, 0x0, 0x0, @ipv4=@private=0xa010100}, @typed={0xe8, 0x93, 0x0, 0x0, @binary="c7fb6d2aea8a9abb530998d2e3db97ab33b3353c0d213d2cca202662c077b3282e9cd1b82fbdb14d282e7c14d4043e729e848f8d3ff951a016aa52f04eeaf8c7b655a4d5627518fe03f6bcf0eca939a70903115252bec95076f0dba6cf2a6e16a95472472e11fd7a12f7cb23151afc14982e5639e4ba3d51b8e8be0d820c10695b7ebd6504b4ba2565803df940e3514034daca36d4e3aa57863346f28678dbd14238af8e9da77c1b68240f9b18cb785c8d655fb1eaf5ec27b58518d83a3832e6d33a1a4fc4efe0b6ea4adaf26f4e80deb0a95d67e585ecbbe3a3ab28a0c287c350524ba2"}, @typed={0x8, 0xa2, 0x0, 0x0, @pid=r6}]}, @generic="0c7bca135190d9ab29869a42a0b8325aa184c13dcbfd025d00ce8ed964bdba50d3a0f412d7599356c5cc79a20da377aeb1c5b355822032de3d90830dafdf0c7f4785afd7a4ddbc4f102acc38e4e0478378f772678789afbfb2b15a1981a23266e0a0305af035d9a33b727ce5cf6b552ee7c1eda2698bc7bebb3fdc0e1e1e25b3bbd518f759148dc552077bbed05c7f9269886acddc5aec0cdf01bca8b73b7e39383e06b2ffd7172d5dd4f6cc016638e6d69f27b839076e", @typed={0x5, 0xd0, 0x0, 0x0, @str='\x00'}, @typed={0x8, 0x33, 0x0, 0x0, @u32=0x600}, @generic="17c3f700f16ac22990636f47f0656f6b6936fc8a1a311cc455d80867b107ee05e7f9cdd618c2e567d7ecf79d31299e454638c353025f02993e34f49f359cae1d1331b7825f8a74589ed21b6bf747a9252fed8098c8060701628dea85a58d8050d1b0db4714d70e61993df7505679e7b251b63920a95758d755aebd9b840fae0921c213776a4b0aac279a66c35342d4d69c2e8d774dec61452cacf3c1091e8e81c0ffed25ea42cf900834b407ddd40572209af6d976d80aef5f2d28f64148ea7d16990f5b5bdddd37", @typed={0x8, 0x81, 0x0, 0x0, @uid=r7}, @generic="a628948c7a1e2e056a527b0dfa36b28f18abe1527d8e6ccfceffff4bcb81b8895328329cbf360938b2dd30306bad7ed61a33bbcda75632fbd8d568c61be4e204369afb563b49f34b897af9c6a6e82fd748c47bd71b6ea3f5797c4859c0c22a1d8f44c97cd017820f005ba1a3088f6debaca719ace433ee08ed36bc8a0ab6a37e7a4527018645c2a135e9a39e924155021d2da840fa0c90bd1d7a4dc883b5dcd3da7ad50b1279c247835ee799b7f72d7b783199985a1fc822c045f662eb7090b5cd947b7b20d2c02f69d61eb2647d6b65facf"]}, @NL80211_ATTR_CSA_IES={0x10b0, 0xb9, 0x0, 0x1, [@nested={0x10a1, 0x1f, 0x0, 0x1, [@generic="83762722cf3353b0cf177f0dacf2316636b2de6efe30116667f43b2d2ef5d4e77bf9d46456813e521ed1d5b66aae0cbee315d7bc133fd792d5d466190dc13abcda0d28221a46b5bedf6bc29b466f5d38ab9d364b26615e7c8dd485c253871192bb377f1c56f0e4cf8ecaba8f76b983e8760d1a4c7cc67bdb744f66e2e23b1afff0af49896d71a69b76ab4f025c41157da0925ee3cf09efdff0", @nested={0x4, 0x149}, @generic="a938244aa4fe98c96c15b86b030a9784705a3e4d1e2cdebcf3f7d5130f3b335af9d77f8696223b94af78a7a143516a5e7c66abc2ca3874aa58112f4d7bd1c084b1f4b63d3f676b517300e727849fe17095e4ca018e7d4ee32d79c323b46779f4960ef0bad52dbd55bc043b4f4741eca24d1c886f088ebb327730e66870c7cdf063a3072443a8bbd6f74362f9f5b9e1efdc321f31467924dca8a7d9f75b389d20f2d18af1124943254db04fcdcac58bcfb3068315968ce6d9357bd572537a80711172223ca3d1a2ff21684dd4f4c37fc65f88054471ae621ce11775f02b4852e718f6e86e861872fae6fb526d3db6583c70a6e6412c088caf6a481a5fc9681b81e71f105c3401edba52235d8516cc5d16ea12ff402e8702cf63686cf3b4f65620fe6a21e5364e0326816ecff081b331add741303f49c140cbd978f477b8c6616ab91e09b3523723205172be148069daaeba6e7fc0f3e3e6e5979b016e6d4640175a39835c42e47f6b10d6b9bd2f4424966fe3d7746fb20098d092104dc90989700135b53f663609336411c8408738e98e355a06f295d35d896a72be83cbb5e84bc5fbe584afb1df1faba5483a500a9386521826df97736e6fbfd12777f09af9de80831d0323427e18406b2db3e051ab91d779665e69d2c676e79d6121384a45be197d59dbfbdb5c6edac52c4dac3e882a79edcb4e8793daadb7c0097a9057fd0efa5011a9dd7277eae815e551aaefca7afe74f4951f8789fe4d0d5bdda26cbd42e578ddb9cfa44086b8d975864031bdd1fb72ba87c819891e26721d197aee24d7484eec7f42a6035649790a535a88d0514aaaa58dc9f1568bb02f315876be7e84e7dfb824be8cac52fb4f06057804cab0719887a18920a17263e6e9c9f9639f1d6eee6a6d97ab46af107733539f336806d6acf77f78dae06245945e441248bd9b82eb97455a0025d189529a4322ad267d308ffc7401fe940d996ec8fda1c9fe2a9442d3fb0c55c82a74fa216eb8dc3d46fa09f22691de74f64826d49d7bae410e35df9eaa0725a9beb9499657da1a3921f138afa05420b70415b3bc8885495f7afc04dede98cbb9285e068ed3401b27b0147e66a835c44cad65bd8738cc2b60dcec20b19867c187aa679ae14fa021321ccaeabd4f6832c0229d2dc9a1ce9218d5c8e4e040a03b14701978df5bcfd22b957d2e901888ce556d9e63d8d4bc7609b8705b06d98fb7aba8ae0eb44825d4d46896e61fe7abc15c10bb6743bafcce24c91a937ebef08d4723e033d66a7c2b10775f9e2eb42fd776202805efec1a019e2124e05f49b79bfb32d503a8deadecf7780a01ac8b2840e5bd6c8bc0078962c480b7b3ec3f58816aa5e3532cf841c6606d0d6bb643ad0ded99bd8448ea78414d3e7bb049585c9b12d80811675cd6653c76693cd2337e64ae133178cc620dc365fe1cd6bd5e51333f63aa5eee0c9219d0b19322e37651063b78f9857d7e6e39faa833328189eab4dd8c199371688a77bd3855537f1b6a2d376e48c8bb1a99e5df4c9a24c5b82ac5a19be8ca7a76e057bd91c3933268d47be9cb3123f370b3cde125e68fd86e8bffb93e8383b583c386f0072c65f1266018b5f9b509eb57b4e217bae1749fef8beb4714ea30ed83ecb9a01f3bd41a47d77aab6e95fe4c5059a10358c64b1e705a322dc09933594a74eb52e8cbc96e293b0d26ab61075c1f9c2c71de57c3266b18d593e10c7390390b541336193e54755ffaf3cd8bcc1c265be1e4ce5c78d94deff4bcfe11f0d8e71de04724ea732fc1333dfe586c665579a49301be6200812c33a3363866cbbbee0f3341958e194bbe5ce640d9d2725b90d6914365f3671ef0cb1a31af731af3365bab7ff4b1265913685fab26b3ed30ec17cb86f317f3fd864013ecf1b7de1f9634d306d08449c41ad9e2c9b64ea55200c03fd2b996a172ca348da347d1bff7338bda7df6a34c370d32d7ad1efc0abc81ae2462dc28defd58e7e7c31c9397598b78e7ffe1a59fc308224c0ee542b4d1bc16048e68041c15bb82ebeac5e775591c23843681875664a63fb09fcb24710715c07ea3c343d2a3fde0e7b6d5ba164f82f4719508c577aad12d74e64e48502e8c082f1d2dc998fc4503a71dd400623798516c59436c8a2d08256614e40400dcf3e8bb026c044abde75c2e6fd35b154503669b0b0bc00e8caa6c1960a3c427d24551d3b4f8487a58a340c68c242cff6b9d5636ff51d1aaaacbfdb8b4ee33bb056c77a8e9fba4fa7eb6ae7a38b3371b4907515342ef2fea277bebef271e6984402c5a9ad123a742a7164e184674153db2e51990f066db7a18c4d16f059ccc4f3e656d8683b12825d522c20f64c6b16d7346f96b5db72fa7f968861f560be54fb2f270583399066b58eecdc3e7f6b0bd2ab114d39652fb3685e9366bb61ce9dae50ce904aa1c105fc4efa6f8ee224fd9f5cb9cb186d02835f8031696e06bdea56d04650b2b767c656635bd7489d17e36d31a46a84f5902e4dfd3bfaf15b2d34db2913954c51f8e8afb873b5326ae185e4b51de3ba4cd367374f8f483dad1dab835e22fd77a63cfe679a580fffa6d165460de996409cd379df0b89e349418f14925c67f3b045bcaabf899c0bab7c5df0ca2234dbfccd46ed4bcb2f3add2a5198d94ee9a5312a4f0b1165a1e21288de925734f609c30603cf20004fd8ef218e770cd88765cf6e4cdf96ae3de021e78b7c0859911ec7a34d782383d816d3518b3e25a8b117f5f75ab2d2e3a7c72100dea05e6e6c57729b8e3cb8531d0977a369b03bdeaf1e68c2cf46e01b976d9b388dce00e71e766fa4e68486df7c75316ea2d0b5ba3effe8eaeae258de0ebd9b374033831e6eb64edd0153f6d8982cb5acc8550f2ea1ed5105376189f61bfaa74fc272c69d61570d54d76f3303b37da1f4a201f740cd081fee8a0d97055e0ab5894e72a3a2a53c5df3fda79b8a61a674e42bd45e1690eb792d26533e3f45fbb08957a28e27633d87e71e6f7b31e00d59fbbc6bcff8bde4f2cd11f2cbb19e062802eba5e90fb8aa65ed3b27c5b83747fc4ecb5bc6ac423149579db949640cb8ab21f17520e24be76adc88e78c5689b92f15234bd2cfd41fbe81f2f5638e6b8b9216d33fde9acde536f8e5fd2a8192aa3907a922b324181979bd1fa8be1d34a160b8f734de8d67be14c68a60c32d3297c767fd81a467bf76a1823733e6a30072c19c858a152540f4db6bd56a78e13ff42e599c3b52aa23f1ffef33b6d2e3a4c69c10b89b00206beb4270c8afc01d6cd76c65dd70d3852dac08ce6ad3be3d73326fd6e2315ea10bd5652261d98dd86ecc017373a552e9f357f3b5ca541af751ba438cc78916027125e1195b74407a3a3756edce22dba1bcbf8f80dfbe17eef712683b71a110dddc6831d62449324b09cbb335be6f041c0d204092dba2b22dc836eecdb41159b04282ce1cc16cb4d34745fa3a4683c188d60c3d17773871286235358d05ed7e07abd0dcf57f4eb092b938a5e3bfac8ec84fff1f85f3f752dc73a52317a9f057b93ddb1f8d7c3fb8fdf623c2ff20041d55f3372c51a6211ef11d647f52e3f5db35768729ff0a5ab7cec9e3d45cdaab32c64d46ec262eb84e10a861050cf9fa99cf01a68d7e1bec19ffed1c69f5d0e469bf3ed4ae11b7b8cb678b080ffa33ee57e20b9d50ef52f1a32ab2a4a102b7a7fb8da0e4b04004caa79c9609f341a6f6b3c1904234f519b12ca31407670be1d6b7b7efc22b288ad56a6c64d187295084b04cf8ca1456f002c1cb6c99170a3d68e1ddd5fc56bbd3bb5e9055bf5501b85211a9485b244e3a772d23c43d1b1aa20227fa9bcbaff47fffabfadf07df41dcc4ab34c66de34b86f27a5125bc20e1e8c5e63bfcae9dfef83b005ea8e14b9199a8bc3762a5ec4aadc9bf9a147fe3fe63709c99ea7722bd36c5a3c5b69155b46440e6694d5e13a5492277a8ba4c79a29eb6c5bf5525092cf47dd9234a5bfaa79cb935f0bb843fc2134939d0bae168ae2fbd1ea1e88b539d26ca094e915dc5612abf71d17d53ab38727ad60dff42700d7bd8461758ad2f881349a4b3ad7431368cccdd3c827c5095aa8dbbd780b4639f8d09a0d7b3903168bbfca4d169a0281fa6e20723933232f3c85ae2d743d14764aa2419dde8f1988f2aae40350dcc7ff94b8c19eda33b1ec8856183bd5c5732c8a71b3c15013c10eea2556e8ede07c9e2a3b804a9107ce50b68c069d63225e59d74b86667f445fec2f9aed161638de7a292f9a3c2942e74b2383a861a1a5c270a009db4c967b338b7ed6fe777c0f33da80fcd20ef2cb893e419fb98fb1bb0cb9c4835d9cc657a759aedba4ad9ddefc97f900cce6180322a887bb500926bf04faa541b7175ffcb0a23c97625ad75ee09129e77664c8cf808dfdcefc80f72544cf5654805651899a54159916be3627ea553f3571dbc9e82ac29d2cb086e9771d11bd1bf931a837e927f4df89e544885b16d8a26c8a27e310e5d54c5ec81edd39608f410a145f84143faac93b27ddf53cb7b430216156b39e0eb70ddd8f2d9bedf27a13719bad2638b23833cfe29c75fa8d9cf6adcdc5736313aafcef882963513abb95b6ff46b4b956fd0d33cdea7b95f462224f56f22089ceed5cb6a4e0a7a98251b74c789befaea587d86cadbd96f5def5c1246fd248c01733f1a83abb4dc1ddfba27b7bcaadcad03d3c5f66802fb02a860e36a902a58c5fc8d580b70960ed1a2457638bb101e2112b37c03b973a781d9431052d42bdc05a7ed79003a1d69dc6c833b1140c3afa53fa580a58ea0c818b1465ba152c32c4efe73d13a262fdc11341ac90662d1a7af90a7bbee52ca82196dc517b04e9eb340a5c887c95945a123d11aa8c8a13dd1de35276e147defb334c0b865e21e99a379c6658291b1b04f51375399197ec29ac1f435258176771ae55be48e73ac2722f935a14f148ede3aef25d36032806c88aeed2744a06222be44ba9dc08f0336ae3f6dbac3aa70afff1df97a3bf2ee60ba87c78d15f0780a7a73d3a125627ac4ddb36fca014427330c3804fa88274839456aa3d89d9961b38ebeb187bec0d8399fd815d44d9c289de8887760d75b5ee6191bbf9b6eb97efe8da1649be938dcd994d0595d49961e05aaa18276f7e9ba876493f307d4f0d13d5b11dc39b41a3df95783cf3b4e7bc13f7c5450e7101806dd38b72ca8cebb0805e95bb140d93a86950c201b45b84e4a430a2c7d79369db00998d70a2bee354f374ec3c25870f555a936a1ab24ef6d86d22cb8aa08cddb0aa83ee4d357d165f42055a3548e6145b7f16eb494bf3d9418e84836c71b7798f71ab992472e4fa35d148f98794cac12b0c17ad5f3b303c69e45c8c748cb3f0677547a98ec017d3179c46b7a50fb80516e2841a608956618da36e992251acad034de400146acc82b1b76dbd5f76fc7648e8e6a700a72d1202f96c72a781cf7b33c13df0fa8e9011c43d1fd3eba9c66367d677307f18b05acc3f986a2cce96362f7c7c3ed4de018156f8d638a0da4cdf50e3688d7c31d9b80b5bd4b3acc03f160c50aa66b679521b67ebc3224b54451b0326f93354474b43f4106d79b913789944aa4c61ee3974961c1f1d4e37f9dcc1ab98c1f40c4833c1842b913bb56fd69c1b8f55e76473bca6e0e4efaddfef5ba109e26e72d68a481f795d04199be1d84c4275f90ff5c50ad905eab01a5fbdedbc637aa5b6f6acef7a8e90e4860a322155d40929faffd51d781a6518a997faebd4d902ade410e6ea32ef1c925a2cdea150f13f8ea35db2"]}, @nested={0x4, 0xa6}, @typed={0x4, 0x77}]}, @NL80211_ATTR_CNTDWN_OFFS_BEACON={0x29, 0xba, "8a9740d55adcaefe50b1797cb10892da185b79bad7aa34bb51f0dc0fdd6ee03d6375f9a0d8"}, @NL80211_ATTR_KEY_DATA={0x14, 0x7, "9238fbc3514aef7e368d78f2f326c8bd"}]}, 0x1470}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x230)
setgroups$auto(0xe32, 0x0)
write$auto(0x3, 0x0, 0xffd8)
clone$auto(0x3, 0x981d, &(0x7f0000000a80)=0xfffffffc, &(0x7f0000000ac0)=0xa8, 0x5)

25m47.532350497s ago: executing program 2 (id=21):
r0 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/block/nbd14/sched/write0_next_rq\x00', 0x143000, 0x0)
read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r0, &(0x7f0000000040)=""/60, 0x3c) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) (async)
socket(0x11, 0x80003, 0x300) (async, rerun: 64)
set_tid_address$auto(&(0x7f00000000c0)=0x5) (async, rerun: 64)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab83, 0x0) (async)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x41040, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000001180), 0x101000, 0x0) (async, rerun: 32)
close_range$auto(0x2, 0x8, 0x2) (async, rerun: 32)
socket(0x1d, 0x3, 0x1)
r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x82401, 0x0)
ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
msgget$auto(0xc, 0x77d9) (async)
msgrcv$auto(0x0, 0x0, 0xff9, 0x4, 0x3)
msgsnd$auto(0x0, &(0x7f0000000000)={0x1, 0x5}, 0x8, 0x9) (async)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x101, 0x0) (async)
ioctl$auto(0x3, 0xae41, r4) (async, rerun: 64)
ioctl$auto_KVM_GET_MSRS(r3, 0x4004ae99, 0x0) (async, rerun: 64)
sendmsg$auto_HWSIM_CMD_DEL_RADIO(r1, &(0x7f0000001a00)={0x0, 0x0, &(0x7f00000019c0)={&(0x7f0000000080)={0x1c, r2, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@HWSIM_ATTR_RADIO_ID={0x8, 0xa, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000080}, 0x4851)

25m47.282476805s ago: executing program 2 (id=23):
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
socket(0xa, 0x2, 0x3a)
socket(0x23, 0x80805, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x5, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = socketcall$auto(0xa, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae60, 0x10000000000402)
ioctl$auto(0x3, 0xae41, r1)
r3 = ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0)
migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2)
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
socket(0xa, 0x1, 0x84)
recvmmsg$auto(r3, &(0x7f0000000400)={{&(0x7f0000000180)="9682e9aed3e19bd8e00e35735c848aa0fd08eb481372f78b0bf66bc0e09b3702bdcc4a9ed742c4558712b125adce6b64e3c36867d29f55a527680d01a772ee45c0c5965754ff30e67f027ed5437bd39638e7f312f580242f05cb214de1ba4c2c172962ff09b07da482b278d711e3721811cc2573cb472b37817d3abdd0270ada5acf9bf1455f1ad1a06fe124e34504365a364c07546434bda3517ac480cb00d6da8bcb5344b0b2d505f927f5826aa5c8b15478e1ef40ca90", 0x1, &(0x7f0000000340)={&(0x7f0000000240)="b5f82197a4ffd1afdd3bb630b6cb22160b70a5769252d6eabfdd23df3bec02bfa570567401211e280ff898f481caf1f4ea07e6784abd01d9afe4b6f60725c4bfbf79c80da623d7cc4b930ba64c9e8a95697dc34c7008b5145f7ffe41bb93ffa165dc0c68c8e636674709b79d4414ae7c7e232371318db09f3a713af527c8d593af835ea8424efb31b66e3c9a133925c632abd782d68215d09a61eb7dc3fe857893c20fcf85d1d46cf07167aced572909da46c15cdf0d14dc802a56b3bacb553683ba35ef282148edb9a4b4f458c18fa1f64818fa270ce0d8186148575dd1587b9ece73d07ada10bb4ab68e6467b501f1b37e178dad8c973a36182f4a3eb2ce", 0xa1}, 0xff, &(0x7f0000000380)="daf606104059f1364d8b133f56f06dfc488daccc5be6f06240d1c71a5a0cb0c6fd040cac7cb44c21b93137638bf4bff8d642522daecae65239488110baff15b9ada1db0e709c8ef0646f4a4306ae70e8adbc52cfbfceb9a5fb4767953649026fce889e0938be62fd3a9f5d513a930bee487126e3", 0x9, 0x4}, 0x5}, 0xa3b, 0x9, &(0x7f0000000440)={0x0, 0x3})
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd15/queue/scheduler\x00', 0x103a42, 0x0)
write$auto(0x3, 0x0, 0x7fffffff)

25m46.484284819s ago: executing program 2 (id=28):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x28, 0x1, 0x0)
setsockopt$auto(0xffffffffffffffff, 0x3, 0x3c, 0x0, 0x3)
syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\x84q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa24X@\xadD\xf8\x9d\xf3 \xd2]\xc4\x13G\x1d\x04!\xc1\xeb.e$\xfb\xa3KU\xcf\xc1\x7fFD\x99\xf5v\v\x9dS\xc11P\xa3\xe9\xb0SqL\x85\xea\xb2\x9cY\x83.I\xca\x92\x1c\xc4\x13CV=\x92\x17c\x87iOt\x14On\x15=\v\xf0 \xc5\x8b~\xd6\xd4\xc7\xa3a\x1c\x06\x17\xb3\x88\x8c\xf1L\xba\x89a\xfd\xa5\xc6\x7fU\x00\xe5\x9b', 0x5)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd2/queue/io_timeout\x00', 0x129882, 0x0)
sendfile$auto(r0, r0, 0x0, 0x8)
getpid()
unshare$auto(0x8000000)
semtimedop$auto(0x0, &(0x7f0000000000)={0x7, 0x9, 0x36ec}, 0x1f4, 0x0)
unshare$auto(0x5)
r1 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f00000000c0)={{0x0, 0x2, 0x200800, 0xffffffff, 0xfffffffb}, "0dd7fd004929347eeeccdf0732f77b1f6de0d6d51768a257a97ca5e9ca6310ea"})
ioctl$auto_SNDRV_TIMER_IOCTL_STATUS64(r1, 0x80605414, &(0x7f0000000000)={0x6, 0x3, 0x200, 0xba44, 0x2, 0xb, "e00026e8fdffdbcd2c02d3c293faa80c2f5336d79fc5b8202cb37f6b6d22c42432352deb58e78afdbae70400"})
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0x20000000000e31, 0x40000000000a5, 0x8000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x100000009b72, 0x2, 0x8000)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x5, 0x20000000)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9)
listen$auto(0x3, 0x81)
bpf$auto(0x0, 0x0, 0x6f4)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000080), r2)
sendmsg$auto_GTP_CMD_GETPDP(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x14, r3, 0x3a401f830d8a7339, 0x70bd26, 0x25dfdbfe}, 0x14}}, 0x0)
madvise$auto(0x7ffffffd, 0x70, 0x1ff)
pread64$auto(0xffffffffffffffff, 0x0, 0x80000000, 0x9fffffffd)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mseal$auto(0x0, 0x7dda, 0x0)

25m43.960084655s ago: executing program 2 (id=35):
ptrace$auto(0xc, 0x0, 0x9, 0xfffffffffffff6de)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x62, 0x0)
fsconfig$auto_SHMEM_HUGE_DENY(0xffffffffffffffff, 0x0, &(0x7f0000000140)='\\!:\x00', 0x0, 0xffffffffffffffff)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0)
r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$auto_dma_heap_fops_dma_heap(r1, 0xffffffffffdffe00, &(0x7f0000000140))
r2 = epoll_create$auto(0x8800001)
pipe2$auto(0x0, 0x0)
epoll_ctl$auto(r2, 0x1, r0, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x9, 0xc00000072, 0x8b72, 0x1000000002, 0x8000)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
getgid()
ioctl$auto(0x3, 0x400454ca, 0x38)
mmap$auto(0x0, 0x400008, 0xdf, 0x100000009b72, 0x2, 0x8000)
sendmsg$auto_NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="00032cbd18000091455390fa31070c55acb1b7cb4f42a6ff2197933038d7c1e0b2ef2427270e8d"], 0x14}, 0x1, 0x0, 0x0, 0x24000010}, 0x20000804)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x6}, 0x8)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd7/queue/max_discard_segments\x00', 0x80000, 0x0)
process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000780)="9f15db8b91663ac5460168cd65be7cb4380376ee13c9681f0720974292ada886e03defcce8135ce62b5fb46daeb0dabb1c27702e514b43ac82d29d708b1579d9320217b6015367297dd5497ee8b1f94e2597812db95e667e2001fca7ec91418e4c08cd6d14a8dd9e7d22156b98ca1ebe21312f6f33f04eead3d855c507c8d409834d1e678f415d98cc74ffa6bd018edfeb95e4d55ef8d35e10b39bac44f91cd33f012ce293", 0xffffffff}, 0x6, 0x0)
pipe2$auto(0x0, 0x80)
statx$auto(0xffffffffffffffff, &(0x7f00000000c0)='./cgroup\x00', 0x7ff, 0x2, &(0x7f0000000200)={0x5, 0x9, 0x0, 0x5, 0x0, 0x0, 0xa267, 0x8, 0x3, 0x7, 0x401, 0x0, {0x4000000000000004, 0x400}, {0x5, 0xefd7}, {0x5, 0x8}, {0x1, 0x49}, 0x6, 0xff, 0x80000000, 0x40, 0x1, 0x8, 0xffff, 0x101, 0x2, 0x2, 0x5, 0x6, [0x406, 0x0, 0x9, 0x100000000, 0x8, 0x10000, 0x100, 0x10]})
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/block2mtd/parameters/block2mtd\x00', 0x601, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000)

25m28.380038766s ago: executing program 32 (id=35):
ptrace$auto(0xc, 0x0, 0x9, 0xfffffffffffff6de)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x62, 0x0)
fsconfig$auto_SHMEM_HUGE_DENY(0xffffffffffffffff, 0x0, &(0x7f0000000140)='\\!:\x00', 0x0, 0xffffffffffffffff)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0)
r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$auto_dma_heap_fops_dma_heap(r1, 0xffffffffffdffe00, &(0x7f0000000140))
r2 = epoll_create$auto(0x8800001)
pipe2$auto(0x0, 0x0)
epoll_ctl$auto(r2, 0x1, r0, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x9, 0xc00000072, 0x8b72, 0x1000000002, 0x8000)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
getgid()
ioctl$auto(0x3, 0x400454ca, 0x38)
mmap$auto(0x0, 0x400008, 0xdf, 0x100000009b72, 0x2, 0x8000)
sendmsg$auto_NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="00032cbd18000091455390fa31070c55acb1b7cb4f42a6ff2197933038d7c1e0b2ef2427270e8d"], 0x14}, 0x1, 0x0, 0x0, 0x24000010}, 0x20000804)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x6}, 0x8)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd7/queue/max_discard_segments\x00', 0x80000, 0x0)
process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000780)="9f15db8b91663ac5460168cd65be7cb4380376ee13c9681f0720974292ada886e03defcce8135ce62b5fb46daeb0dabb1c27702e514b43ac82d29d708b1579d9320217b6015367297dd5497ee8b1f94e2597812db95e667e2001fca7ec91418e4c08cd6d14a8dd9e7d22156b98ca1ebe21312f6f33f04eead3d855c507c8d409834d1e678f415d98cc74ffa6bd018edfeb95e4d55ef8d35e10b39bac44f91cd33f012ce293", 0xffffffff}, 0x6, 0x0)
pipe2$auto(0x0, 0x80)
statx$auto(0xffffffffffffffff, &(0x7f00000000c0)='./cgroup\x00', 0x7ff, 0x2, &(0x7f0000000200)={0x5, 0x9, 0x0, 0x5, 0x0, 0x0, 0xa267, 0x8, 0x3, 0x7, 0x401, 0x0, {0x4000000000000004, 0x400}, {0x5, 0xefd7}, {0x5, 0x8}, {0x1, 0x49}, 0x6, 0xff, 0x80000000, 0x40, 0x1, 0x8, 0xffff, 0x101, 0x2, 0x2, 0x5, 0x6, [0x406, 0x0, 0x9, 0x100000000, 0x8, 0x10000, 0x100, 0x10]})
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/block2mtd/parameters/block2mtd\x00', 0x601, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000)

21m15.66472637s ago: executing program 3 (id=753):
r0 = timerfd_create$auto(0x0, 0x0)
timerfd_gettime$auto(r0, &(0x7f0000000040)={{0x2, 0xd21}, {0x29e2, 0x3ff}})
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa001, 0x0)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x58481, 0x0)
mmap$auto(0x0, 0x810004, 0xffa, 0x8000000008011, r2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
unshare$auto(0x40000080)
r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x0, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r3, 0xc0045516, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0)
socket(0x11, 0x3, 0x9)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D2\x00', 0xabd95a63435ed0bc, 0x0)
write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xfffffffffffffffe, 0x1, 0x948b, 0x9, 0x15f4da07, 0x6, 0x10, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x2, 0xd8]}, 0x0)
mmap$auto(0x100000000000000, 0x30007, 0x2, 0x4000eb5, r1, 0x7)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000002d80), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ETHTOOL_MSG_MODULE_GET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[], 0x18}, 0x1, 0x0, 0x0, 0xc08d1}, 0x20008895)
r6 = open(&(0x7f0000000200)='./file0\x00', 0x1c1342, 0x100)
copy_file_range$auto(r6, 0x0, r6, 0x0, 0x2, 0x0)
pwrite64$auto(0xffffffffffffffff, &(0x7f0000000140)='-$!\x00\xfa\xef\t\xa4\xe9\xb2r\x8cQ \xa6\xb7v\x93\xb6\b\xba\xfe\x1e\xab\xe7KC6z\x1a\xf0\x83~\xcd\x9a\x83\b\xb6\xb2\xd6PR\xbe\xec\xea\t\xde.\xc6%\x16\xc8\\\xb2\xe86\xe1\x84k\xa8\x02\xcb\xc9 \x1flY\xcb\xfa\xd9\xe0\xb8\x93\x12\xbc\xcf\xc2\'\x90\x9d\x1c\xb0\x1d\xb8\x80\xb4V\x9c\xf6J\xe8\"\xef@\xcd t\xe8\xe9Ip\xa74\x82\xb0\x9a\xecj\x9f\x8f\x9a\xe22\x8e\xce1\x9d\x0fW\xe7\xfb\"[\x17\x83\xfc}\xc7\xab\x93\xe4\x1ekP1\x01\bB\xbf*a\x93\xbd\xa7\xc8', 0x5, 0x4)
r7 = socket(0x10, 0xa, 0x705)
sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="f4ffffff", @ANYBLOB="01002b"], 0x14}, 0x1, 0x0, 0x0, 0x8044}, 0x4001090)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000)
sendmmsg$auto(r7, &(0x7f0000000340)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)="d7976b124e874c63c613cbbad9017d4e5ee8244ad4a3fd417955780e3dead18f6024c5c5990c221f65f1e02ff9a5ec671bd87301c774f50a825b5aedf8c230db64677fa97cc4d5200c5fa57512feb9516b714fc6446510c163f30d4a4ba9d770cad438e560305218059189b6df567ea36f91ebd1d4ad8e8696127501a7a88b9392feee87a1e20f7bf14dd387cc16a5a398273f33ed91099dfddfe993f599a05ab4536a10ae70083bbdb2265d41343d49aa57b926aadc2d0e208bf439c5690aa3a59bba70a02a2a5fc52a19fd74334d5eb788f10dbe245db55fc77ba8159bf9b75e28edd5ca8255549d84a6", 0x7b2}, 0x2, &(0x7f0000000340), 0x7, 0xa505}, 0x4}, 0x7, 0x8)
ioctl$auto_UDMABUF_CREATE_LIST(r6, 0x40087543, &(0x7f0000000000)={0x2, 0x101, [{r5, 0x0, 0x6, 0x4}, {<r8=>r5, 0x0, 0x1, 0xfffffffffffffff3}]})
ioctl$auto_RNDGETENTCNT2(r8, 0x80045200, &(0x7f0000000040)=0x7)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)

21m14.01205687s ago: executing program 3 (id=755):
open(&(0x7f0000000180)='./file0\x00', 0x400000, 0x57e) (async)
open(&(0x7f0000000180)='./file0\x00', 0x400000, 0x57e)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) (async)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
r0 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
r1 = open_tree$auto(r0, &(0x7f0000000040)='./file0\x00', 0x3)
setsockopt$auto(r1, 0x8, 0x9, &(0x7f00000000c0)='#@\x00', 0x3)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x5, 0x0)
r2 = socket(0xb, 0x6, 0x4)
get_robust_list$auto(0x0, 0x0, 0x0) (async)
get_robust_list$auto(0x0, 0x0, 0x0)
r3 = openat$auto_output_bpc_fops_(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/dri/vkms/Writeback-1/output_bpc\x00', 0x101000, 0x0)
lseek$auto(r3, 0x7fffffffffffffff, 0x1)
setsockopt$auto(r2, 0x10f, 0x87, 0x0, 0x14)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) (async)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)
recvmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x2, &(0x7f0000000140)={0x0, 0x4da}, 0x6, 0x0, 0x8, 0x7ff}, 0x1000}, 0xffffffff, 0x4, 0x0) (async)
recvmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x2, &(0x7f0000000140)={0x0, 0x4da}, 0x6, 0x0, 0x8, 0x7ff}, 0x1000}, 0xffffffff, 0x4, 0x0)
r4 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000c40)='/proc/self/syscall\x00', 0x40002, 0x0)
read$auto_proc_single_file_operations_base(r4, &(0x7f00000001c0)=""/164, 0xa4)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xaba}, 0x1, 0x0, 0x0, 0xc}, 0x7}, 0x3, 0x0) (async)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xaba}, 0x1, 0x0, 0x0, 0xc}, 0x7}, 0x3, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x230)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/query\x00', 0x200000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) (async)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_BLKTRACESETUP2(r1, 0xc0481273, &(0x7f0000000300)={"3cbaef38c2291a07e381cefc27c8884a0095257b09753199fe0c58e183b8a795", 0x7f, 0x5, 0x3ff, 0x1, 0x40})
sigaltstack$auto(0x0, &(0x7f00000003c0)={&(0x7f0000000180)="69cc8d0de6b41511259c289f8eba5cd9efe7b46018e5bfce1b542499858929869392667f4a67831f37b948cef0c793b831f019cb998179b02af53526d479eaa474255b4bad7cce70b58305c3c789dddea82c3a78568db57899f6372003e4f0fe7c68c3e6b59956bfca", 0x9, 0x8})
open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) (async)
open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0)
ppoll$auto(0x0, 0x7f, 0x0, &(0x7f00000001c0)={0x5}, 0x8) (async)
ppoll$auto(0x0, 0x7f, 0x0, &(0x7f00000001c0)={0x5}, 0x8)
mount$auto(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='nfs\x00\x00', 0x200, &(0x7f00000001c0))
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)

21m12.907065219s ago: executing program 3 (id=756):
madvise$auto(0xfffffffffffffffd, 0x7ffffffffffffffb, 0x200)
fsopen$auto(0x0, 0x1)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x101202, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x280, 0x0)
ioctl$auto_SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000100))
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
poll$auto(&(0x7f0000000080)={r0, 0x5, 0x4}, 0x6, 0xffffffff)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0x2, 0x2, 0x0)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
sendmmsg$auto(0x3, 0x0, 0x9a5, 0x47ffff7a)
mmap$auto(0xfffffffffffffffc, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r2 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/oom_adj\x00', 0x3a1e40, 0x0)
read$auto(r2, 0x0, 0x4)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3)
r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x38080, 0x0)
pread64$auto(r4, 0x0, 0x7, 0x6)
process_madvise$auto_MADV_DOFORK(0xffffffffffffffff, 0x0, 0x0, 0xb, 0x9)
openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x68082, 0x0)
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
mmap$auto(0x0, 0x2a, 0xdf, 0x4009b72, 0x1000, 0x6)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
r5 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100)
copy_file_range$auto(r5, 0x0, r5, 0x0, 0x2, 0x0)
io_setup$auto(0x1, 0x0)

21m11.825368051s ago: executing program 3 (id=761):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001140)='/sys/devices/pci0000:00/0000:00:03.0/irq\x00', 0x80100, 0x0)
mmap$auto(0x2, 0x2020009, 0x126, 0xf6, 0xffffffffffffffff, 0x2)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x100842, 0x0)
ioctl$auto_SNDCTL_TMR_CONTINUE(r1, 0x5404, 0x0)
mmap$auto(0x0, 0x200000002020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mkdir$auto(&(0x7f0000000040)='./file0\x00', 0x2)
getcwd$auto(0x0, 0xffffffffffffffff)
r2 = inotify_init1$auto(0x3000000000000)
inotify_add_watch$auto(r2, 0x0, 0x2)
lsetxattr$auto(&(0x7f0000000d40)='./file0\x00', &(0x7f0000000280)='security.caility\xf6\x06\xa1\xcd\xd3<\x81\a(\xa2f*\xaf\xc8\x02\xe9\x14\x8fE2k\x19{\xd4\xf2\xdf\x80\x9c\x87\x86\xde20\x8e\x1cN\xd40\xd3Z\xf3K\x98vW\x7f\x94Z\x0e>\x85S&#\x9f\x8d1\x13NZ2\xe5\x96\xce\xf15\xb3v\xa8R\x05\x94\x8c\x1df\x11\xbd\xd0\x7fu\xc7{\xe1\xff\xff\xc4\xbb\x17\xd5\xee\xd8\x143\xed\xc4|\xd3\f\x05\f\x95\xce\xbf9\xc8\xf1m\b\x00\x00\x009\x8b\x02\x89\xed`\xb4\xcb\xb3O\x97X\xe3\xd0j\xa5\xd0\x9e*\xf9|\xd9\xc2\xf4X\xc9[\xfa\xcf\xa3\xeb\x05EOgaA\xb1@f\x93F0\x8cR\xc5\xb6\x16\xfa\xe7\x13\x00\x02\xf4\x80\xe3\tV\xf3\xa3T\x90\f-\xdd\\\xcf\x10\'\xd2\xf4MP\x87vB\xefJ\xeb\xb3\\\x88\x18` \xca\x8faI\x89\xb6\x91\x1ae\xd2\xad\xbe\xb3\xe6\bX]\xd7\x81.\xd2\xed\xc4\x9f\xb5~\xb4\xc6^\x97\xc3\xa2\x16\x99\xfc\x00_\xe6\xb0G\xe9`\xb4+2\x93\n9 EU\x1e\xb4\xbeVt\x89\xf9\xc7\xe1`4O\x00\x00\x00\x00\xa5\xe0\xf5\xb2\x00\x00t\x10\"\x15\xbc\xdb\x92\xff\xa7\xe1Vv\xe5*\xc5\xe1r\xf5\xa4Cw\x1c/?\xbcn\xe3\x8aX\xfc\xe9,\xca,9\xda\xad\x87\xb1\xb2\xff#\xd3\x17l6\xa0\xd8\x1b\xad8\a\xfc%\xa6(\xcb\x97(\x16\x81\xbf\xc6\xdbw\x13!\xc9\xc6\xc3\xfbc\xfe\x83\xcd\x16 e\xcd\x91y@\xe2\xd8{\xec\xbb\xbb\x1d5\t\xed>\xa9&\xce\xfc\xab[\xae\xa1\x94\b\xcc/-\a\x00\x00\x00\x00\x00\x00\x00)\x17CI\xb7\xf35\xfc\xe8(\xfa\t2\xafQ8}\xd8\xbb\xe4nlR\xf8\xc9\xf2\xa3\xe5\x83\r\t\xb96d\xd6\x1e\xbd*\xa4\xc9\xcbE2\xe9\x81\xc3\xc3\x8a\x15\xcb\xf2\x03\x00\x00\x00\x00\x00\x00\x00!dJ+\xd2\x01#v\xd8BgB`\x8alP\r\x04\xce\x04$\xaag\xb6\xdb6-0>\xb3u\xd4\xdb\xd8~\xb0\f\xd0\xa9\x9e\xa0\xc7\xf7\'\x8d\xab\xae\x035\xa8f\xe5\xfe\xfc\xc0\xb1rR\xae54\x13\x1c8=\x92\xc3=w\x89\xbb\xfb)\x94p\xc18`G', 0x0, 0x2, 0x0)
ioctl$auto_SNDCTL_TMR_CONTINUE(r1, 0x5404, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
move_pages$auto(0x0, 0x5, &(0x7f0000000000)=&(0x7f0000000280), &(0x7f00000003c0)=0x1, 0x0, 0x403)
mmap$auto(0xfffffffffffffffc, 0x20009, 0x4000000000df, 0xebd, 0x401, 0x7ffe)
getsockname$auto(0xffffffffffffffff, 0x0, 0x0)
r3 = fsopen$auto(0x0, 0x1)
fsconfig$auto_EROFS_MOUNT_DAX_NEVER(r3, 0x4, &(0x7f0000000100)='\x00', &(0x7f0000000140), 0xffffff9c)
ioctl$auto_FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f00000003c0)={0xaaaf, 0x2, 0x7, 0x6, '\x00', [{0x5, 0x256, 0x109, 0x537, 0x3, 0xe}, {0x76a, 0x40, 0x3ff, 0x9, 0x3, 0x4}], [{0xf7, 0x0, 0x7fff, 0x4, 0x1, 0x9}, {0x6, 0x0, 0x5, 0xd, 0x2004000000008, 0x6}, {0x5, 0x800, 0x1, 0x6a, 0x408, 0xffffffffffffffc0}, {0x1, 0x4, 0x80, 0x2, 0x5, 0x1}, {0x7, 0x3, 0x5, 0x400, 0xacc, 0x1}, {0x7, 0x929b, 0x8, 0x4, 0x803ffd}, {0x7fffffff, 0xffffffff, 0x0, 0x2d9f7627, 0x4, 0x9}]})
pread64$auto(r0, 0x0, 0x8001, 0x7)
read$auto_proc_pid_maps_operations_internal(0xffffffffffffffff, 0x0, 0x0)
prctl$auto(0x26, 0x1, 0x0, 0x0, 0x0)
lsm_get_self_attr$auto(0x64, &(0x7f0000000080)={0x0, 0x1, 0x7fffffffffffbfff}, &(0x7f0000002440)=0x1f9, 0x0)
socket(0xa, 0x3, 0x3a)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xf, 0x3, 0x3a)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
getcwd$auto(0x0, 0xffffffffffffffff)
inotify_init1$auto(0x3000000000000)

21m8.476126164s ago: executing program 3 (id=769):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/dummy_hcd.2/usb3/authorized\x00', 0x81, 0x0) (async)
r1 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$auto_UI_END_FF_UPLOAD(r1, 0x406855c9, &(0x7f0000000080)={0x6, 0x9, {0x101, 0x6, 0x1000, {0x2000, 0x4}, {0x7, 0x8}, @rumble={0x33, 0x2415}}, {0x5, 0x3, 0x2000, {0x2, 0xa}, {0x2, 0x70d}, @condition=[{0x7fff, 0xfff9, 0x9, 0xbb43, 0x34a, 0x4}, {0x0, 0x0, 0x10, 0x17a, 0x9, 0x4f}]}})
process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0x5}, 0xffffffffffffffff, 0x0, 0x6, 0x0) (async)
r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8001, 0x0)
setresuid$auto(0x2, 0x7, 0x8080)
ioctl$auto_SCSI_IOCTL_SEND_COMMAND2(r2, 0x1, &(0x7f0000000000))
r3 = socket(0x10, 0x2, 0xc)
syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000002c0), 0xffffffffffffffff) (async)
sendmsg$auto_CTRL_CMD_GETPOLICY(r3, &(0x7f0000000100)={0x0, 0xfffffffffffffcae, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[], 0x51}, 0x1, 0x0, 0x0, 0x408c}, 0x10004010) (async)
r4 = syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$auto_IEEE802154_ASSOCIATE_REQ(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000440)={&(0x7f0000000500)=ANY=[@ANYBLOB="c34be3fb8440509808", @ANYRES16=r4, @ANYBLOB="100029bd7000ffaddf2501ece75114000d00000000000c000500960000000000000005001300fa00000008ca095abbc4ac7a8408000000769df16105001a"], 0x40}, 0x1, 0x0, 0x0, 0x4000004}, 0x20000000) (async)
sendmsg$auto_IEEE802154_DISASSOCIATE_REQ(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[], 0x64}, 0x1, 0x0, 0x0, 0x20004000}, 0x20024001) (async)
sendmsg$auto_IEEE802154_DISASSOCIATE_REQ(r3, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB="ac000000", @ANYRES16=r4, @ANYBLOB="000125bd7000fcdbdf250300000084001e00ea2b065eb534981382027e2d159d80db23e57d88c6bbb619b401a1ef99bc4457350947dd148d6f7877ecac28ac4983acc8782decc5fa84f2981963654624416f542fbb9fde2cf2a079b9984bed765f7dcffe69dcf91d18c79376f99ff3f1e49577ddf537d566515d66c1cc245bb5afe0d9c3f2cd7abc8451e5ff270a64c0cb0d912903124c1554418c0e5f34f914000100626f6e"], 0xac}, 0x1, 0x0, 0x0, 0x4c805}, 0x0)
r5 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/security/tomoyo/query\x00', 0x2, 0x0)
writev$auto(r5, &(0x7f0000000140)={&(0x7f00000000c0), 0xd2bb}, 0x4) (async)
pread64$auto(0xffffffffffffffff, 0x0, 0x8, 0x7fff) (async)
close_range$auto(0x2, 0x8, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = gettid()
kill$auto(r7, 0x11) (async)
migrate_pages$auto(r7, 0x7, &(0x7f0000000300)=0x4, &(0x7f00000004c0)=0x8) (async)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000000400), r6) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (async)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
write$auto(r0, &(0x7f0000000080)='0\x81=\"\xad\xff\x8d\xf9P\x18\xa4\xb0\xb4\xd9\x82=\xe1P\x05\x00\xfb&\xe8\xbf\x901\a2\xa2X`\a\xf1y\xb3\"=', 0x48da5489)

21m7.014421416s ago: executing program 3 (id=772):
mmap$auto(0x0, 0x2021007, 0x2000004, 0xeb1, 0xffffffffffffffff, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
timer_settime$auto(0x1, 0x3, 0x0, 0x0)
r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x80403, 0x0)
socket(0xa, 0x3, 0x8)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
ioctl$auto(r0, 0x400454ca, 0x38)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/pts/ptmx\x00', 0x42c901, 0x0)
ioctl$auto(r1, 0x4bfa, 0x9)
r2 = fcntl$getown(r0, 0x9)
r3 = prctl$auto(0x79, 0x7, r2, 0x4d, 0x3)
getrlimit$auto(0x80, 0x0)
ioctl$auto_TUNSETVNETLE2(r0, 0x400454dc, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x3, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x0, 0xffffeffe, 0x2)
openat$auto_bm_register_operations_binfmt_misc(0xffffffffffffff9c, 0x0, 0x181441, 0x0)
rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8)
r4 = gettid()
r5 = getpid()
rt_tgsigqueueinfo$auto(r4, r5, 0xb, &(0x7f0000000400)={@siginfo_0_0={0x1, 0x6, 0x8000, @_timer={r2, 0x1ff, @sival_int=0x9a, 0x40}}})
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x1, 0x6)
setsockopt$auto(r3, 0x6, 0x20, 0x0, 0xfb3)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000)
socket(0x2, 0x3, 0x6)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0xa, 0x2, 0x73)

20m51.8965468s ago: executing program 33 (id=772):
mmap$auto(0x0, 0x2021007, 0x2000004, 0xeb1, 0xffffffffffffffff, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
timer_settime$auto(0x1, 0x3, 0x0, 0x0)
r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x80403, 0x0)
socket(0xa, 0x3, 0x8)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
ioctl$auto(r0, 0x400454ca, 0x38)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/pts/ptmx\x00', 0x42c901, 0x0)
ioctl$auto(r1, 0x4bfa, 0x9)
r2 = fcntl$getown(r0, 0x9)
r3 = prctl$auto(0x79, 0x7, r2, 0x4d, 0x3)
getrlimit$auto(0x80, 0x0)
ioctl$auto_TUNSETVNETLE2(r0, 0x400454dc, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x3, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x0, 0xffffeffe, 0x2)
openat$auto_bm_register_operations_binfmt_misc(0xffffffffffffff9c, 0x0, 0x181441, 0x0)
rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8)
r4 = gettid()
r5 = getpid()
rt_tgsigqueueinfo$auto(r4, r5, 0xb, &(0x7f0000000400)={@siginfo_0_0={0x1, 0x6, 0x8000, @_timer={r2, 0x1ff, @sival_int=0x9a, 0x40}}})
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x1, 0x6)
setsockopt$auto(r3, 0x6, 0x20, 0x0, 0xfb3)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000)
socket(0x2, 0x3, 0x6)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0xa, 0x2, 0x73)

17m58.613147196s ago: executing program 4 (id=1275):
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
ioctl$auto_TIOCNOTTY2(r0, 0x5422, &(0x7f0000000040)="16b8717b9eaafe72064f13ca2530f4ffad80ccc2f0cbb5f1d19dafd5a1c805c9f06253e94e86ccdfea1c4ab339d1efb6a04b0cbb80049df2325df69c56f15675acc5069992879d6602d0925fadc8d3c05e30792a80da67a2868c8ba6b3c60c27854c29e8d8ef04b351e8be")
ioctl$auto_SNDCTL_TMR_CONTINUE(r0, 0x5404, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

17m58.362002721s ago: executing program 4 (id=1276):
mkdir$auto(&(0x7f0000000200)='./file0\x00', 0x1ff)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0)
ioctl$auto(0x4000000000000c8, 0x400454d9, 0x3)
mmap$auto(0x0, 0x400007, 0xdf, 0x15, 0xffffffffffffffff, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1a9402, 0x0)
vmsplice$auto(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000300)="c57cad18a7a6dabde8b72a0b38fa1d9981f7a3586905a895969bd0e92906e19b64627c3d3026bcfa54d8f0e8bfa013876cbf00b341d2664e160972d158e66eb21ed9ea0ae842c06463dc4a1a1c3907d644a0bd8bddec2ad2e8098123a4f5c9db8fd8f2f23ec5", 0x2}, 0xf, 0x0)
r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/oom_adj\x00', 0x0, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x20a00, 0x0)
r2 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000180), 0x40900, 0x0)
ioctl$auto_UBI_IOCATT(r2, 0x40186f40, 0x0)
ioctl$auto_UBI_IOCDET(r2, 0x40046f41, 0x0)
ioctl$auto_BLKGETNRZONES(0xffffffffffffffff, 0x80041285, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioprio_set$auto(0x3, 0x0, 0x4b34)
sendmsg$auto_TIPC_NL_MEDIA_GET(0xffffffffffffffff, 0x0, 0x48010)
read$auto(r0, 0x0, 0x1f40)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x404b03, 0x0)
writev$auto(r3, 0x0, 0x6)
waitid$auto_P_ALL(0x0, 0x7, &(0x7f0000000080)={@siginfo_0_0={0x5, 0xc, 0x3, @_sigfault={&(0x7f0000000240)="dc8c063a18a2bf8d0414a364bbcd7bc2e77880e54cc165541b41d857384358a7518cd203f9ec6d784cf9281b1af7b92576f1b0a800b7249cec7999c6f22705930c3ce52ee7dd5f3df866bc3897f79e4ae723bbf196cb615e8dffbef45ed2e3ea88834ff4d9f635ca77c19551f12b5ca0afd13ae48f7c23168e193f871267", @_addr_pkey={"51f8a4f03add1297", 0xff}}}}, 0x7, &(0x7f0000000380)={{0x8000000000000001, 0x7}, {0x2, 0x5}, 0x7, 0x4, 0xffffffffffffffff, 0x837, 0x9, 0xfffffffffffffffd, 0x0, 0x297, 0x2000007fffffff, 0x3b8, 0x40, 0x6, 0x8, 0x6a})
openat$auto_ns_file_operations_nsfs(0xffffffffffffff9c, 0x0, 0xf81e09f4e322f53a, 0x0)
openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x820181, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2200, 0x0)
r4 = openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, 0x0, 0x20000, 0x0)
ioctl$auto_XFS_IOC_EXCHANGE_RANGE(r4, 0x40285881, 0x0)

17m56.515092209s ago: executing program 4 (id=1282):
mmap$auto(0x0, 0x2020009, 0x8000000000000006, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
r0 = socket(0xa, 0x1, 0x84)
getsockopt$auto(r0, 0x0, 0x487, 0x0, 0x0)
r1 = socket(0xa, 0x2, 0x0)
r2 = landlock_create_ruleset$auto(&(0x7f0000000140)={0xdaa0, 0x1, 0x9}, 0x9, 0x0)
landlock_restrict_self$auto(r2, 0x3)
r3 = bpf$auto_BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)=@iter_create={r1, 0x100}, 0x2)
r4 = syz_genetlink_get_family_id$auto_nlbl_unlbl(&(0x7f0000000280), r2)
sendmsg$auto_NLBL_UNLABEL_C_STATICREMOVE(r3, &(0x7f0000000400)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000003c0)={&(0x7f00000010c0)=ANY=[@ANYBLOB="2827d2cc9d9d36baf67c43490c16000000", @ANYRES16=r4, @ANYBLOB="000425bd7000fddbdf2504000000080005000000000004000700080005000a010102"], 0x28}, 0x1, 0x0, 0x0, 0x2000c044}, 0x24040000)
sendmsg$auto_NLBL_UNLABEL_C_STATICADDDEF(r0, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="30151000", @ANYRES16=r4, @ANYBLOB="32032bbd7000fedbdf25060000001400060064766d727030000000000000000000000800050000000000"], 0x30}, 0x1, 0x0, 0x0, 0x10}, 0x20008805)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/class/net/bonding_masters\x00', 0x100, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f00000000c0)=""/4096, 0x1000)
socket(0x2, 0x1, 0x0)
setsockopt$auto(0x3, 0x1, 0x4a, 0x0, 0x9)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
r6 = socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, 0x0, 0x3, 0x0)
r7 = wait4$auto(0x0, &(0x7f0000000000)=0x7, 0x4, &(0x7f0000000040)={{0x6}, {0xdf, 0x7}, 0x1, 0x20000000000, 0x6, 0x6, 0x2, 0x6, 0x3, 0xfd00, 0x100000000, 0xc4, 0x80, 0xc4, 0x1, 0x7})
capset$auto(&(0x7f0000000100)={0xea, r7}, &(0x7f0000000140)={0x0, 0x9, 0x421})
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
write$auto(0x4, 0x0, 0x100082)
socket(0x2, 0x3, 0xa)
mmap$auto(0x0, 0x6, 0x96e, 0x40eb2, 0xffffffffffffffff, 0x308000000000)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
write$auto(0x3, 0x0, 0xfdef)
recvfrom$auto(0x4, 0x0, 0x101d0, 0x3ffffd, 0x0, 0x0)
ioctl$auto_SNDCTL_DSP_SUBDIVIDE(r6, 0xc0045009, &(0x7f0000000180)="e58458caf7e3e8a84c29510f487e81e2b81536e2a786fbfbc16dcd7b816ab42d3d4ff7e76900b48b7d25ad010502b7dc5e3aad41b15c75afe92e57332807da8539395efffa85675767b95b1714cdd40e1aea8b89996b62e32cce9a402d4d25f80e60f2cf6205b0a428b4aab761cd46d5786d32e98e0a72f58aa24a90d9ff41bf71b33eb8bf95daf92020752f3870486fce108de38b457f3bd447953bbe43f587b9c5363f4170354943748cb736c4699f064873e2831009519d49df26336895038bdf7ced67a2a677497cf043f9e07316957988c44c5d8c44c1368ef0a3655f0054f3d03b5b0e5a83df98135ba86f55ae011e65bc1290d5f31933")
migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2)

17m55.882866849s ago: executing program 4 (id=1285):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1)
mmap$auto(0x0, 0x7, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000380)="7a47301037954c081c9a0bb84bb7b04ef84993eab91abe1686f43e43d786e964e8f04455bd620de9f3fb6d65e6c078c1a672c549dbc7876cb528ba081a81d884bfc00dd4eef57cedc0cc4156ff6a5b0aa8ba9511fe2b07c6e7f4732fe36ba218aa5b0ff402f2e6adb8ea60886c1e52c60d7d87e4c0551386501763ad098eb2b9602f83b2a643399f10dfdb0f4018b401be4db675d0acf8d348c26acf338cbe20fcb76439ca602a3c022f4463a8820f1c6f865d24e058af98f0c48bf552c3f6cc28c09d9054347db3c28701c67fa1e57d81b881638b518dd8e24969b7fd10406fcf6eb9bb66bf56ed7568510c72b380fa6efbca845bde90f7672708000000000000003513")
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket(0xf, 0x3, 0x2)
lseek$auto(0x3, 0x7fffffffffffffff, 0x5)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
socket(0x10, 0x2, 0x0)
setsockopt$auto(0xffffffffffffffff, 0x6, 0xc, 0x0, 0x4)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x123002, 0x0)
write$auto(r1, &(0x7f0000000080)='/dev/audio\x00', 0x80000000)
execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
execve$auto(&(0x7f0000000280)='./file0\x00', 0x0, 0x0)
ioctl$auto_SNDCTL_DSP_SYNC(r1, 0x5001, 0x0)
ioctl$auto_SNDCTL_DSP_GETODELAY(r1, 0x80045017, &(0x7f0000000180))
ioctl$auto(0xc8, 0x800454e1, 0x5c8d)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
read$auto(0x3, 0x0, 0x8080)
sendmsg$auto_SMC_NETLINK_DUMP_UEID(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0}, 0x1, 0x0, 0x0, 0x40015}, 0x4)
mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4)
write$auto(0xffffffffffffffff, 0x0, 0x81)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
write$auto(0x3, 0x0, 0x100082)
ioctl$auto(0x1, 0x541b, 0x8)

17m50.807007668s ago: executing program 4 (id=1300):
mmap$auto(0x0, 0x2020009, 0x3, 0x15, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)={0x38, r1, 0x1, 0x70bd31, 0x25dfdbfd, {}, [@ETHTOOL_A_FEATURES_WANTED={0xc, 0x3, 0x0, 0x1, [@nested={0x8, 0x3, 0x0, 0x1, [@nested={0x4, 0xb0}]}]}, @ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}]}]}, 0x38}}, 0x24048084)
openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x2, 0x0)
lseek$auto(0x3, 0xffffffffff800002, 0x2)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x40004)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
mmap$auto(0x0, 0x600006, 0x2, 0x406b1, 0xffffffffffffffff, 0x300000000000)
bpf$auto(0x5, &(0x7f0000000000)=@info={0xffffffffffffffff, 0x4, 0x1}, 0x171)

17m50.235339178s ago: executing program 4 (id=1302):
r0 = socket(0x15, 0x5, 0x0)
mmap$auto(0xd, 0x400008, 0xdd, 0x9b72, 0x2, 0x6)
mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000)
madvise$auto(0x0, 0x200007, 0x19)
madvise$auto(0x6, 0x8001, 0xffffffff)
io_uring_setup$auto(0x2, &(0x7f0000000080)={0x80000003, 0x9, 0x100, 0x6, 0x4, 0x8, 0xffffffffffffffff, [], {0x9, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x4000006, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x106, 0x8, 0x100000000}})
madvise$auto(0x67, 0x200007, 0x8)
r1 = getpid()
r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x88800, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_REMOVE(r2, 0xc0405519, &(0x7f0000000040)={@inferred=r1, 0x555c, 0xffff, 0x1, "8f9638544ae4bbdf48e497dbb5a3760f9b6b2c854e493a712fcbb4034dde3ba72adae5bfa41dba811bf5488f", @inferred=r1})
syz_open_procfs$namespace(r1, &(0x7f0000000000)='ns/net\x00')
sendmsg$auto_BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x28, 0x0, 0x400, 0x70bd2c, 0x25dfdbfd, {}, [@BATADV_ATTR_BLA_BACKBONE={0xa, 0x21, @multicast}, @BATADV_ATTR_TT_TTVN={0x5, 0x11, 0xf1}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000054}, 0x0)
madvise$auto(0x0, 0x200204, 0x15)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
setresuid$auto(0x0, 0x7, 0x8080)
setfsuid$auto(0x0)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/kallsyms\x00', 0x20100, 0x0)
pread64$auto(r3, 0x0, 0xc, 0x40000000000005)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r5 = socket(0x2, 0xa, 0x1)
r6 = bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_4={0x1f, r5, 0x10000}, 0x10)
mmap$auto(0x0, 0x2009, 0xdffffffffffffff9, 0x8000200008012, r6, 0x8000)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_GET_INTERFACE(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="010b27bd7000fcdbdf250570e700bab9392093a6c2000000"], 0x14}, 0x1, 0x0, 0x0, 0x4000050}, 0x240088e4)
sendmsg$auto_NL80211_CMD_TDLS_MGMT(r0, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r4, 0x100, 0x70bd26, 0x25dfdbfc, {}, [@NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST={0x6, 0xf7, {0x9, 0x6}}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24048804}, 0x84)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy1/force_tx_status\x00', 0x82, 0x0)
writev$auto(0x3, &(0x7f0000000080)={0x0, 0x2}, 0x3)

17m34.732735564s ago: executing program 34 (id=1302):
r0 = socket(0x15, 0x5, 0x0)
mmap$auto(0xd, 0x400008, 0xdd, 0x9b72, 0x2, 0x6)
mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000)
madvise$auto(0x0, 0x200007, 0x19)
madvise$auto(0x6, 0x8001, 0xffffffff)
io_uring_setup$auto(0x2, &(0x7f0000000080)={0x80000003, 0x9, 0x100, 0x6, 0x4, 0x8, 0xffffffffffffffff, [], {0x9, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x4000006, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x106, 0x8, 0x100000000}})
madvise$auto(0x67, 0x200007, 0x8)
r1 = getpid()
r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x88800, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_REMOVE(r2, 0xc0405519, &(0x7f0000000040)={@inferred=r1, 0x555c, 0xffff, 0x1, "8f9638544ae4bbdf48e497dbb5a3760f9b6b2c854e493a712fcbb4034dde3ba72adae5bfa41dba811bf5488f", @inferred=r1})
syz_open_procfs$namespace(r1, &(0x7f0000000000)='ns/net\x00')
sendmsg$auto_BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x28, 0x0, 0x400, 0x70bd2c, 0x25dfdbfd, {}, [@BATADV_ATTR_BLA_BACKBONE={0xa, 0x21, @multicast}, @BATADV_ATTR_TT_TTVN={0x5, 0x11, 0xf1}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000054}, 0x0)
madvise$auto(0x0, 0x200204, 0x15)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
setresuid$auto(0x0, 0x7, 0x8080)
setfsuid$auto(0x0)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/kallsyms\x00', 0x20100, 0x0)
pread64$auto(r3, 0x0, 0xc, 0x40000000000005)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r5 = socket(0x2, 0xa, 0x1)
r6 = bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_4={0x1f, r5, 0x10000}, 0x10)
mmap$auto(0x0, 0x2009, 0xdffffffffffffff9, 0x8000200008012, r6, 0x8000)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_GET_INTERFACE(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="010b27bd7000fcdbdf250570e700bab9392093a6c2000000"], 0x14}, 0x1, 0x0, 0x0, 0x4000050}, 0x240088e4)
sendmsg$auto_NL80211_CMD_TDLS_MGMT(r0, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r4, 0x100, 0x70bd26, 0x25dfdbfc, {}, [@NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST={0x6, 0xf7, {0x9, 0x6}}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24048804}, 0x84)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy1/force_tx_status\x00', 0x82, 0x0)
writev$auto(0x3, &(0x7f0000000080)={0x0, 0x2}, 0x3)

7.059059224s ago: executing program 1 (id=4829):
mmap$auto(0x0, 0x400008, 0x5f, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
unshare$auto(0x40000080)
bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x1, 0xb5, 0x10, 0x7, 0x4, 0xffffffffffffffff, 0xa, "2af051a940806ec05be276cfc83ce63f", 0x0, <r0=>0xffffffffffffffff, 0x5, 0x7, 0xe5, 0x3}, 0x10)
bpf$auto(0x1018, &(0x7f0000000380)=@bpf_attr_4={0x2, r0, 0x0, r0}, 0x92)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/bus/mdio_bus/drivers/RTL8224 2.5Gbps PHY/uevent\x00', 0x2801, 0x0)
openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f000000e680), 0x68182, 0x0)
unshare$auto(0x80)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
r1 = bpf$auto(0x0, 0x0, 0xf)
madvise$auto(0x0, 0x2003f2, 0x15)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r2 = getpgrp(0xffffffffffffffff)
process_vm_readv$auto(r2, &(0x7f0000000280)={&(0x7f0000000180)="ac7011c5af3e765a98984cdce6e7b469b2f28f76dfc0334d7597ef5ca8ed3b8bdf46dfd4c1308c66a5a44e7016d68d661cea680447cfd5558bd5426b335bf5ebe8abc8ff9dba5b83e7dfa8ed4912bb36a94eceea3b35737a1755396dc7e8c78ca0040a7ca6c95ae330ddd12f0b473af301d39a8227d028ec1838b37adf159896bd1f3f9fbb32b9326bdb0e203090ba2da5e773716c250aa4e90443fef6c8466e3d3591125a9b16d2382972a77a6b2e76e0abca0bf39257b5711898290a99e811e56f28199f6ee9f33fe509cbe92790b3738a5ae7e21060faef08a421997880dd2b9bd20068b9750c7d7e6fd556c5400c4f7586", 0xfffffffffffffff5}, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0x0)
mmap$auto(0x4, 0x405, 0x40000000000000e0, 0x2000000000000eb1, r1, 0x20000008004)
select$auto(0x9, 0x0, 0x0, &(0x7f0000000040)={[0xc, 0x5, 0x9, 0x8fd6, 0x2, 0x800000061c9, 0x15f4da0a, 0x53000000000000, 0x7, 0xa, 0x7fffffff, 0xff, 0x1, 0xa6ca, 0x1, 0x1]}, 0x0)
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)
r3 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$auto(r3, 0x8004552d, r3)
close_range$auto(0x2, 0x8, 0x8)
sysfs$auto(0x100002, 0x100000000000027, 0xfffffffffffffbfe)
close_range$auto(0x2, 0x8, 0x0)
keyctl$auto_KEYCTL_SEARCH(0xa, 0x4, 0x8, 0x6, 0x1)
io_uring_setup$auto(0xa, 0x0)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x8040)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/manager\x00', 0x2, 0x0)

6.37411262s ago: executing program 5 (id=4831):
open(0x0, 0x10b040, 0x155)
socket(0x2, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'erspan0\x00'})
mmap$auto(0xc, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8002)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006)
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff)
sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000140)={0x3c, r1, 0x1, 0x703d27, 0x25dfdbfc, {0x1, 0x0, 0x3f00}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [@nested={0xc, 0x1, 0x0, 0x1, [@nested={0x8, 0x1, 0x0, 0x1, [@generic='\x00\x00\x00\x00']}]}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x6}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x4}]}, 0x3c}, 0x1, 0x1000000, 0x0, 0x4}, 0x8880)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/net/rpc/nfsd.fh/channel\x00', 0x88400, 0x0)
openat$auto_component_list_fops_(0xffffffffffffff9c, &(0x7f00000000c0), 0x220440, 0x0)
read$auto(0x3, 0x0, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptyr1\x00', 0x101e81, 0x0)
ioctl$auto_SNDCTL_TMR_CONTINUE(r2, 0x40045431, &(0x7f0000000400)="c2f17e12547ea99cf8790708948cb3720b54f465b5010c3d255f1bb608653d69a5096629ddf9f7255d5b1bbaee54afabc9c8fa2f0cc5d42f0f4a958550feb612bdda2e0840966ad3bbe26eb70dc9f6dd80399624869ce48381e2a593198f2acc0c7c1ef4d5ab1450361553c51c959ca5065208a74ce28ebf4780a165b3e3e25e04d40c1ad1402ce6713fa0779fc88b1807e61968ff07513460bf4b5ec6c1695681968d43a475dc35636a8ef8c84b248affb8bce52c2a26778ba7391f18a8a1b92bf5dff10772ed5ff8ddaacfbbbb8bd3283901ae2b7418ea0506c8")
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
r3 = socket(0x10, 0x2, 0x0)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
recvmmsg$auto(r3, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
r4 = socket(0x2b, 0x1, 0x1)
setsockopt$auto_SO_BSDCOMPAT(r4, 0x6, 0xe, &(0x7f0000000000), 0x80001)

5.607919571s ago: executing program 5 (id=4833):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
r1 = socket(0x10, 0x2, 0x4)
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x58, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_IF1_AGE={0x8, 0x3, 0x200}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8}, @HSR_A_NODE_ADDR_B={0xa}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_IF2_AGE={0x8, 0x4, 0x10}]}, 0x58}, 0x1, 0x0, 0x0, 0x40080}, 0x40090)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01eb"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x3, 0x6)
setsockopt$auto(r2, 0x104000000000010e, 0xb, 0x0, 0x400)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r3 = socket(0x10, 0x2, 0xc)
sendmsg$auto_TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000003740)={&(0x7f0000000000)=ANY=[@ANYBLOB="b1000000", @ANYRES16, @ANYBLOB="01002dbd7000fddbdf25030000000c0001"], 0x20}, 0x1, 0x0, 0x0, 0x41}, 0x40080)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r3, @ANYRES8=r0], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x4000050)
write$auto(r1, &(0x7f0000000000)='-\x00', 0xfdef)

5.513426862s ago: executing program 1 (id=4834):
mmap$auto(0x0, 0x4, 0x1ff, 0x40eb1, 0x401, 0x300000000001)
r0 = socket(0x2, 0x1, 0x106)
bind$auto(r0, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x3, 0x4001}, 0x4006b)
r1 = io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x40009, 0xe1, 0x9b72, 0x7, 0x28000)
r2 = open(&(0x7f0000000100)='.\x00', 0x0, 0x57e)
fcntl$auto_F_ADD_SEALS(r2, 0x410, 0x0)
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001)
close_range$auto(0x2, r1, 0x0)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)

5.477743076s ago: executing program 6 (id=4835):
r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb1\x00', 0x244481, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/zram-control/hot_remove\x00', 0x8001, 0x0)
r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv6/conf/tunl0/disable_policy\x00', 0xd02, 0x0)
getsockopt$auto_SO_PEERGROUPS(r1, 0x9, 0x3b, &(0x7f0000000000)='/sys/class/zram-control/hot_remove\x00', &(0x7f0000000040)=0x2)
sendfile$auto(r1, r2, 0x0, 0x800048)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/acpi/wakeup\x00', 0x48041, 0x0)
write$auto(r4, 0x0, 0x6)
close_range$auto(r1, r3, 0x0)
write$auto(r0, &(0x7f0000000040)='/dev/ptyuc\x00', 0x9)
r5 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000002640)='/dev/ptyuc\x00', 0x8000, 0x0)
ioctl$auto_TIOCGSERIAL(r5, 0x541e, 0x0)

5.111386184s ago: executing program 0 (id=4836):
acct$auto(&(0x7f0000000000)='\x00') (async)
acct$auto(&(0x7f0000000040)='\x00') (async)
acct$auto(&(0x7f0000000080)='\x00')
acct$auto(&(0x7f00000000c0)='\x00') (async)
acct$auto(&(0x7f0000000100)='\x00')
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ram1\x00', 0x40000, 0x0)
readv$auto(r0, &(0x7f00000001c0)={&(0x7f0000000180)="ddcfef079f5ec83918a89da09d6dcdd91f3992b8bb582ccc4e9e42b40d84eedfe3b0dc69e7", 0x8000}, 0x1) (async)
acct$auto(&(0x7f0000000200)='!-/+$\x87(\x00') (async)
pwritev$auto(0xffffffffffffffff, &(0x7f0000001240)={&(0x7f0000000240)="07b0d26de7b8f2ed69c7607d73c567acfd7049b8c0284e74f8df6d5a8dc9bf30eb072d9b7703b4662c19dbec156521149075c77980ed647e2471da86b6c5994a65c5afeedfe71f4a62b58d223c7791bcf5512c2a1e70f032c5a12ae69059afb1de5043c4cc642c1f8e808cc17f1fdc0c19dda79b6213a308e97d949f383907ebdad57da2740d43a33c0523188b677f66c96ee0532603f0f7df0a1a9033936ebc9858a0507f44dca11f186389ae48de7c467325bd9e10e0d7d30447628cbead70e7cf68f9d5126bd1bc218ced5e2b80627311e9a31b424d98a13e734d175f612346965c4104c7e20dd1df188f44db580e1d53ddaf8e12d9abd79cc9ed49e0afeb4c698f2b57aca8e4bd0c8739a80f5b64fb1ace1925e378220da9dd549e052f9019171469704a8057ea8d7b43645a243e489972225b21687c92243ce9cdb48de160fabc9a8e0e6977384614f913294919e7509e1a36efba4612ea44b812c8ceae988c323182e1d0240ad55d5dd1adeac104d5b375c316cc0a6e3cd03ecffb437b7d4a888cf53fcd907873eeddbaaa24edb479e334d3909b600d6df5d80b633d22abc0ad9b373b398af1c976847988afe39296fee69206e3e39f290acbf33470603e9b5df31d2f6bca921e0c9f8389193440dc830f93523662d737cb16545a1507f535a0491b3a3e20ee8bdc5852581c94979d49b298b4dfeb7dc1bf099706d40f73222d7153f5779cd1b56bb9f4e93e782465122dccf51a75bddd461af26467883049b811ce33686601f05ab9bd85e3e6c4fc6e65edd145796edad3d0081e67de2e3a5aac5d3970aa84c87819ac143cee70df0284d62f3e89fe9e495832a3eb51c9babd86d228dd240d7268b77d7a75cb1ee245f35ad055c903782fea2690ded5c932712b78777cf9244a28e6a4f010d3f145c3087a5abef20152faa5a254f589b26367c31cf3dbfd159a8f31509c203374d7ebcb0b286dff2c1cb006de283a8e33d65acb4bbf2672632ceb89eacf41893de537c007c138544826bd45d98b74f409be7ff81dd7f67267fb50567dd3c0de75d688c74c0b311d2b091c10ebc115b5ed37eec8f67456fe03e14a6d5276831a8398dfcc8234cd4ba01817f877a25a26478d5ee74037c6d6974acaa44573c7db9a1aedd4531bcb0aa4753e71191ea92a7c203d732ccfde1758866918ac612c85320ce9e8be37e547464eb6c1fa5cff8957000a5a317f13fb9686d8f2678e08e76c98d3e36a4b4aeacdeac706bdad0a8ee3334cb53dda273f567fbb94454bce276f3c55cc4ce0f40f1d6134f59a31d171ceade05216e3d2f739164c0eceec6dddd9507d9db2d639ede75a52a2f91e4bb8bfa6096daddc4c77d4897981b4c8ea3f63e74b1ee118ca94af346aba842e4bbfd4c5722dffd551b0c8370478f0fd78296dedf25288b83703df5dd35bbabbf56c9f2371c002869623e6a18e95989ba5a84cec1d80cfda58f5280dac3ea2c2d6c2b6e08bfdfbedff5f69adb89b8291d69a03ca9df23a76999d0e62601fff5a7abc103b64080f913bba9681cd90ca35b340c7c5d2d6280cba5bd8188f011f81709fa7607d3dde36d4b6fdb207aaab39d424ee692dd64f4bf5d0d8dca0ca56cf16383125a9a116d3b14bda27a4848ca093ce8b51993986835395192a4fc4b3ac2afd61c9e8b206bc8b78d8967be00ad7204250d032b681546cd096826f7eb2ba3e379797d750c58ffa47604f11d01d6fea699b059a633e02a550ef0474a012939eb471d512c3955e11eedfd71a0eab95013c0597cdec87bec75203c3dca7cce6862b8cd5b00f4663b64d9e6f8e23f8dbef6a438bef7ce97085c23f97a76cbed329d97ea6b76940f54dbb211497970de34c13a8eea092be3442478627f29226f685df5982c3bac930e901985eb9ddf2c039ef929902b11441ae67c4b291b952e0eba077b58ec94b7e0abe3d2386e177a29cf338872dff72ab8174cf14ab7f4c05601cb14c506e0d15218c1aa380e63d1dabb0531efafdbde2dd56c11999bda235ca10efc9c5c509649bac1c8342fc25e0325c094bb1a7eaeb04d2c78e57753d0a6077425a2a6335945002566e74d70cbaa2abcf6b7b419b107ac8322756ce7d28fdcd9ce7bad73e6542fbcfaa99b9ebe1ba0df0c7a15fa4896d2f5013cdb5407c06d0eae5eae4d059b6006950d1ab9439c3607c0a7363e580519ea7f11288424393af114cf99c5835e85a4cb9195c35a9128dc1cac499810a8afcef8cce1bc559a220d91a1ba06710e40b7f8a9fe38f9f1ff2cc4bd54b720134c85e6cb97499e82cd912035a0537aa64950852482a54f789378d95365ea4a37333cce96128a44d6552d4c38528ed710beb2288af2d1023a063e74e3f8ae5a7b32fef7bc28041b8d9bbebb726098ff99c73d88eaa64f3557592d6c29fedd2c3c074c5ac84617d9580d9bd87898fddbea20184ce3903af122e4ee170317aae2b6528def638caa622f3d3d0780d91144d5c54f0d7ace26f11f7891f3521415b92fb5b261f6f4c6615df1cd6d979a81b300245c5cbf4d88c61be56a11c9c6b393c2a4c83d8ce8366d2715bf8535a39f3e0c7b1eeb9c12ff72cac2fb4abb0379efd86d75fc0592befd45e8362d48e5af792f96ad30a9b79b1c795a7b8a606a35f2f63e8ce5b316bc916caacc87c5b1caf294ed238ed90b14f88526f6402804376bd6da42db0bf07fd7ed108de45ff7654f15f954763816f0bf1610d417556445c30b99112141ad6249502f9e6aa0808bbcea84b8ea859b5407aa86c55ee693a4a3e6061266a47fc45dff6ed48658ceb6cdc82fd974b8efb041989b861ea87fb3b5f337116304e86090f2ee09b32de3f8fd0b780cb5fdd76e851d346f1ca75ca74f2a41d6e8a944e173a21e652e4fb2aa6f63f18de681b942d9872e967888064942002cad41d4132e2ecd901b1cc80d200893f80baf7afdb3e087d40c77395f6496da8fad944883f57f5f949166f83ee9de0f95582f879440daae14e4b043332e465c2497da1bfdcf6b797808ca28bd7fd152fcc389f07c5a58d7746b63ce0409c01c7f6c44a75d2f5e33863bc5d9ed8795e17b95d460cf5b00f0b92d2a3de8080deed4e21167f46c8ae113a285d16be54413b381bb1f8aa754488cf45bcf67b09ef9707b8471df29e6c54ba70aff3a0e5afd468b36f949cf4ce1684837ec3308ee0104ee7f9743249696c5e7be613756d464a55f9c65d5ea9a972162edabdc3e642ffa6fb8edf1e2ec20dbffe17d404c311657dac18ee88a48dcdf7a9f2d2cdee666a04c463ca992aad723071f1185d22362287990d20f044113bba71e3462ffd65b21e77f3c256fe31db4eb9d505a944a5c299d18526f7504e7e187e38b0de80983c1f75f145e05aecc7b828c4ac4f62e7ab871572794b3db50e389d280ec4132761b2a407236d9816e970991175d32164b3b5af86796dfea212ec0f6c953cd6ff367779b671fcc90e936e6660fdd6137948c159bd90300e5e56cae12f0075edb72a09944d1dc1c03ff0514ba0d8a6a558c2cff448f96d7bf0dcb8bcf0f2695d525301197376921ac5d6f5c982f51721ed7558b168697f24aa76add3d22a70a626d75d6a139c82f3aba359c137e379918f8e8d4f54431f98d72e63ad67521e4324728ce7f41433679b7b155c35dd3eaa70640250525eceb3b365d31af8ec53bd55a738b7e79329ff73f1d7ed4f22d6ffb4e57e7e546aaaa7d178cc182ea0799be9c3302366d43e327135d1fd796256d5bfb11b8891867278ccd52f40a829417065b17fa556a45c3816b6c0041dfa0e4e53a81caa54e361751657b0e42f07bf41ca5e8cfa38c5d162f8eb295b925b321dd055b870f3fb7fa7ab5dde729a93e13bd5c3c662189987e7a5dfe26d6c06fd8b1d8463a99b13c34e3886a68d2ce175a76c4f87196a1aef50b35498165bc96cc8750cb047266826a22558a998a80376f60e3c976e30ae312e35e49f0aea907fb2e15ef30f62bd12c67b7ae816b7b2ec69289746d56c47e18ced919f12a10837cd178d26fb7c9009027e1ffe941f656b1ebabf4bfbc485a7371f12e1ba2e6e599a07aaa1ff15453cd3728920b1aa130818ff5be10c5e72996db59076e4ec33638b01666f4812ef78cc0068dec3cf4751bd40c4757e522ab01feafc462059064b7792ec4a8cc647e96d74d127a34b4cf7740172200f6caae19350641085e9d84c64036330112130161fe11169610c70dbcb5af0caaab5d4556b6e6485a31fe9f6c8e75dd839dc64d63cf6de7c0b7b311a25edd0296bcd08abd937a91fb802ff02d95a22ff0d93d81991639f6405ab979f6bfeec8667b92232353693be0a957e16f03fcf9554ff61bd908400c5ce0b607e37ddebf2412c237e52b6ccc689ef5e57452bf88c8fcfd9c2d268a54e8f050b658a2118a699710eaaced873e9818a378759941271b36544a951aecde6b3e49e1480726514b49c9738e876cc4a579423a498a78daa35507e0b709b183ede370b7688fd8d4d635d4556144715c513a00ef1c2214214c8dd20dd6385be173f0dadc3a11ecba33120f0465c5f4bbe77c6214cac5a7ff074791752b30b1c7c3f2563743527348796e65f628754b20ee3c463469b7c75785b30284c21419da52ecc60595b7966022ede399cedf3b6e399068a806dce097a7d4e2f7dc230e88d4ebfc240cd38e71c37d3653b127c8cfbf660ddb570c0b75c796238c9de921406599e77baecb30632aeee8648626f676d31d409eb9cbb40958e54f072b7d85d5af36a6405c495b312f6aabe2a752701bcaa5871d3db96d25fcc0298b1d027820b9184002d95962b81a1629672df364dd8d0446351f6df66747672ae5db4635fe2020a818ccd2fee62177c310af8023a2adfe66ed98d152389c9f36647d53446aae4790c2dac816c3ed94e8558fd75667845ae6647cb4bbfcab9765dc3b9e67ffd698ace3a4b073b8b4ee7138407448201697289ee769b977c99855f2c62f03375de2b1520865ff2f4cb85e048371e88bdfe3518d7ec47c3f3c975c7a711be1b5a2ee6fefe81dfee19e72830c2ce26406e77270c27443169f93e67e9841c23e5ee08673ca80f608a62124db7a4384218b825429440a14a8b3f0f12c5c33f41ec73e863ef2fd86ce5ac629600c9aa60f7155cf26d3e60e794c0a6cfc34f8d158b066842f8ddd1c81c3918ef35cde764e58ca10f9bf06c652b8081021f27f7e0fb1ce430c39a2ee1d2a7a19af10014812ae8d16062c7b8c5bb7d32f13f04729e51ca30ea4cf9faa6bcbdfad89e3520491dc8341b0065c1bff220a31df8d707ca5c195de4c2e7ba3060746650af453a8531d6918d2f67e1d8b271dcccf383201f82603875e912ec03e9fadadfdc737478b54716ed1cd741c874bad2ec6344cdf635c7caabf9b9f6b7ebf514b9bc23065c7c92204f32ab5800d06393ff7ae3cdeba37f94db9c414f78b800df9dca71d9cf31c9b26badd82584d8e5923b9ad9e5d5e84785869cefb9084dba1d48afb2b7f525867972e35cfde2e763fa9214c2fa92ee46d51f333a774704cc940b0ad6cb1911826746f7689d8925969b51b91360fc6b3f2a18ca88a37298d96f074b82975e4d2df1ed1b5f566e7760fc910ca8d871db1d523566275c6cd8b227f01bb52c735bfb23a2bd278fcd0589c093896f5ca355ae4d354996fbed4194833a90d80d54a32c5ec035b8c620a5d6e715ad63a9996733e11319fc96cf3bc9ee0ed7ec855b4a6146a74e7727108cb2ee4026b2a7bb239ac0221ac959ae074d09574460ba346e7b"}, 0x4, 0x1000, 0x8) (async)
ioctl$auto_XFS_IOC_PATH_TO_FSHANDLE(0xffffffffffffffff, 0xc0385868, &(0x7f0000001440)={<r1=>r0, &(0x7f0000001280)="c912dde6f551853eca2d620d4510f4c78b33381779a36b7384d2f76e93e7", 0x865, &(0x7f00000012c0)="efc070d250536c7871643cebfbce8b2a54e2e83b01656ee146786be04042337d8f26f9b10719e9a4ef06c828eb38e452f5f15679b49082bf586cd22fb2a7ec34cb8ac483d13690e01cf4cc3b1adaf6fc5bb609d0863810c074c60ef02c7e81eb3fa8cab77ac33d1c7f8ff0ac061e79f56171d44230f6bee825b5fc276dc297a26287b80971875c215b639a98c84671d815c1e5d381399443dad2c2514c6dba2d12498ad6267b4c93a0491de4cd878b8d7547fcc48358b6c188db894bceaa6b012f4b2b164dcb5f3818aef5652be8f51ab7b6fb3b5ceb734c566b56650568ec3e2aa4a1a9", 0x2, &(0x7f00000013c0)="c6e0cf3162b13ea618545bfd119fccfcacd24b90cfb8", &(0x7f0000001400)})
acct$auto(&(0x7f0000001480)=',,[\x00') (async)
recvmmsg$auto(r0, &(0x7f0000001680)={{&(0x7f00000014c0)="22cd8cba95400b2395f024e020", 0x5, &(0x7f00000015c0)={&(0x7f0000001500)="84977d148ba10e7d737f2bdbc63fc03a171eaf12751feacff09be68280e90a4ba8733d1ad7b39e156c0bbf5548f7175c5744fbeb0e12bdc1898bc10ac2dc3ae20a34841d181543a16f3209c16d3f815a0f8870c9289401ddcae325f9e6063662747880b1d211f8c4d87d81ee33c1f1d46ffa6a363e9b04745dd6e23ebde6d2491d0abb3016236d8e1b15fcd2ea5173d08dff5784c8cae051e5fbda3ca0ce43ab8c94f1dfce9b3c12fda27e6150636e3eff8d49ec3b912ff376c3", 0x2}, 0x80, &(0x7f0000001600)="cf0f571559facab3147d18dbf87b04fadba3d42f728637a8ac8f873b5c0bc3c7de824c63117b77d3825f2d1dd55ef22c9a3551863572ba99adb30a1e007be676665eaa2b51763b3b6f8110cbb52b054579f1f85123495a263dd875a8e79072351bb4df5b5754d03c77c31ad87a05d3812940c0eea8904a5d86", 0xfbe5, 0x2}, 0x4}, 0x937, 0x2c, &(0x7f00000016c0)={0x8, 0xbc41}) (async)
ioctl$auto_RTC_UIE_OFF(r1, 0x7004, 0x0) (async)
read$auto_cgwb_debug_stats_fops_(r1, &(0x7f0000001700)=""/51, 0x33) (async)
acct$auto(&(0x7f0000001740)='#*$))\x00')
r2 = openat$auto_dmaengine_summary_fops_(0xffffffffffffff9c, &(0x7f0000001780), 0x20040, 0x0)
r3 = io_uring_setup$auto(0x5, &(0x7f00000017c0)={0x8b85, 0x401, 0xfff, 0x8, 0xfffffffe, 0xa3, <r4=>0xffffffffffffffff, [0xfff, 0xf, 0x80], {0x800, 0xfb64, 0xfffffffc, 0xa, 0x7c, 0x5, 0x6b5, 0xffffffff, 0x8001}, {0x0, 0x401, 0x6, 0x1000, 0xa0cf, 0x9, 0x9, 0x5, 0xf8}}) (async)
openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000001840), 0xcc0, 0x0)
r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000018c0), r4) (async)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000001900)={'veth0_to_hsr\x00', <r6=>0x0}) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001940)={'bond_slave_0\x00', <r7=>0x0})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000001980)={'pimreg0\x00', <r8=>0x0})
sendmsg$auto_ETHTOOL_MSG_FEC_GET(r1, &(0x7f0000001b00)={&(0x7f0000001880)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000001ac0)={&(0x7f00000019c0)={0xe8, r5, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [@ETHTOOL_A_FEC_HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x8}]}, @ETHTOOL_A_FEC_HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}]}, @ETHTOOL_A_FEC_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_FEC_HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gretap0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x101}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x8}]}, @ETHTOOL_A_FEC_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x10000}]}, @ETHTOOL_A_FEC_HEADER={0x4}]}, 0xe8}, 0x1, 0x0, 0x0, 0x5}, 0x4000080)
ioctl$auto_PPPIOCSPASS(r4, 0x40107447, &(0x7f0000001b80)={0x5, &(0x7f0000001b40)={0x8001, 0xb4, 0x66, @inferred=r2}}) (async)
acct$auto(&(0x7f0000001bc0)=',\x00')
r9 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001c40), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_START_SCHED_SCAN(r4, &(0x7f0000001d00)={&(0x7f0000001c00)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000001cc0)={&(0x7f0000001c80)={0x2c, r9, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@NL80211_ATTR_WIPHY_FREQ_HINT={0x8, 0xc9, 0x5}, @NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0xe}, @NL80211_ATTR_SAE_PWE={0x5, 0x12a, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4040}, 0x8000) (async)
preadv2$auto(r4, &(0x7f0000001e00)={&(0x7f0000001d40)="a7c2a0296ca4aac307641e8136f2bb9d8fdbe34a54d37f6c4c769462ff9badab34bcc4dcd0255fbf983b3326e15d0354795be8b9961e7b42a319064e791b0344874a9eef8861bf86b51a45c05ea17bc2b6c5cad3a5a454ff10f176204d0b578fdb4053cb1b29535e0d57a8a7f7a78cccc8f896dd627756e9837869e4270b48a9dcdec8edeac37a5b2727674f1b371d0916", 0x2}, 0x7, 0xffffffff, 0x1, 0xab3b) (async)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000001e40)='/proc/asound/card0/pcm0c/sub5/info\x00', 0x44400, 0x0)

5.086570209s ago: executing program 5 (id=4837):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0xfffffffffffffffd, 0x10000000810004, 0xe, 0x8010000008011, r0, 0x4)
r1 = syz_open_procfs$namespace(0x0, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
bind$auto(r1, 0x0, 0x6a)
close_range$auto(0x2, 0x8, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket(0x2, 0x3, 0x2)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x35}}, 0x54)
connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55)
keyctl$auto(0x6, 0xfffffffffffffffd, 0xee01, 0x0, 0xfff)
mremap$auto(0x0, 0xbfffffffffffffff, 0x401, 0x0, 0x4)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00)
preadv2$auto(r0, 0x0, 0x6, 0x3, 0x4, 0x2a)
ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008012, r4, 0x8000)
mprotect$auto(0x960c, 0x8000000000000001, 0x8004)
r5 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa901, 0x0)
mmap$auto(0x0, 0x202000a, 0x5, 0xfffffffffffffffb, 0xfffffffffffffffa, 0x2)
mmap$auto(0x4, 0xa00006, 0x2, 0x100000000040eb1, 0x602, 0x300000000000)
ioctl$auto_USBDEVFS_DISCSIGNAL(0xffffffffffffffff, 0x8010550e, 0x0)
write$auto_split_huge_pages_fops_huge_memory(0xffffffffffffffff, 0x0, 0x0)
mbind$auto(0x0, 0x2091d2, 0x5, 0x0, 0x6, 0x2)
unshare$auto(0x40000080)
mmap$auto(0xc, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x54}, 0x894)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x800008000)
sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x4040810)
sendmsg$auto_NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000680)=ANY=[@ANYRESOCT=r2, @ANYBLOB="f0e93e4ad85665061f6f00c724a3ae62a78cdef545aefd3eb1c82fed32bab0a8b63820c1f98b9fdcb22226f67b65218fe2e28f6902ee67af64c148f24fce419fa5baa2e161f7089bfb66bcbed42cc1295578c018246a5cca1c5bb2a70ba362e1a575d912e794950d6cf8256684a3f18b650d9fbb0b1784ac655d269837f6941b3e4fdbae9413ee888990937e344936eb234270", @ANYRES32=r2, @ANYBLOB="1b2e45618d06c092188694531aac2d4cec86109344e1953f828007fdf087bfdb5f3a11148af1b768153ab983cca060cfe8cc07f057ab4ce04c55af4731ae006e338e30473fd9134cd6b25d4f6fbb7ebe04c8feee31a7a2eb0ce46ba88b39b525f865d985bc53b75083ad4c6b9556bf7cd366e5cdbf4c0a6d81afb9de327859c285ce3208d6dd05156360b771978ce9dc48ce", @ANYBLOB="30e1d4da07bb23cac7d6e2d67e39c2908bc2ccbea8aabb78da2492696b3216c2d0a2bb2499b3eef78dbdeba83aa3e741700a5673fc03a5937b5f27fe749cc8166058e99dcfc7d9170b3d892a8b0fa2d14e8263dc111d1cebf93260ff6934d701041c0c631fb467644eadca7633ceeb75d92100a5c715db0a621da7ae598dea302a4415dbf357c33c8a0b59661f9013d94fa58af8b671b5d4df1b53f0c47ab19a8282f85fca427a61044e070d09c1a529bf8df749338c9f680b1a718a1b6637cef9855974555898ce0dcd8dc00f836afd0fe68a08f36cb2213e9b874ebe08c011971f635d37", @ANYRESHEX=r1, @ANYRES64=r5], 0x3c}, 0x1, 0x0, 0x0, 0x20000828}, 0x2004c051)

4.794409867s ago: executing program 0 (id=4838):
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/nbd3/queue/atomic_write_max_bytes\x00', 0x400, 0x0)
read$auto(r0, 0x0, 0x9)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
socket(0x2, 0x3, 0x6)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8)
connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x3, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r1)
getpgid(0x0)
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f00000009c0), 0xffffffffffffffff)
sendmsg$auto_IPVS_CMD_SET_SERVICE(r2, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000002a80)={&(0x7f0000000300)={0x24, r3, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_SERVICE={0x10, 0x1, 0x0, 0x1, [@nested={0x4, 0x4}, @nested={0x8, 0x1, 0x0, 0x1, [@nested={0x4, 0x2}]}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x4050}, 0x20008004)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x5, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0)

4.756708064s ago: executing program 1 (id=4839):
open(0x0, 0x10b040, 0x155)
r0 = socket(0x1a, 0xa, 0xfffffffb)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'erspan0\x00'})
mmap$auto(0xc, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8002)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006)
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff)
sendmsg$auto_NBD_CMD_CONNECT(r1, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000140)={0x3c, r2, 0x1, 0x703d27, 0x25dfdbfc, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [@nested={0xc, 0x1, 0x0, 0x1, [@nested={0x8, 0x1, 0x0, 0x1, [@generic='\x00\x00\x00\x00']}]}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x6}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x4}]}, 0x3c}, 0x1, 0x1000000, 0x0, 0x4}, 0x8880)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/net/rpc/nfsd.fh/channel\x00', 0x88400, 0x0)
openat$auto_component_list_fops_(0xffffffffffffff9c, &(0x7f00000000c0), 0x220440, 0x0)
read$auto(0x3, 0x0, 0x0)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptyr1\x00', 0x101e81, 0x0)
ioctl$auto_SNDCTL_TMR_CONTINUE(r3, 0x40045431, &(0x7f0000000400)="c2f17e12547ea99cf8790708948cb3720b54f465b5010c3d255f1bb608653d69a5096629ddf9f7255d5b1bbaee54afabc9c8fa2f0cc5d42f0f4a958550feb612bdda2e0840966ad3bbe26eb70dc9f6dd80399624869ce48381e2a593198f2acc0c7c1ef4d5ab1450361553c51c959ca5065208a74ce28ebf4780a165b3e3e25e04d40c1ad1402ce6713fa0779fc88b1807e61968ff07513460bf4b5ec6c1695681968d43a475dc35636a8ef8c84b248affb8bce52c2a26778ba7391f18a8a1b92bf5dff10772ed5ff8ddaacfbbbb8bd3283901ae2b7418ea0506c8")
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
r4 = socket(0x10, 0x2, 0x0)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYRESHEX=r0, @ANYBLOB="1a00"], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
recvmmsg$auto(r4, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
r5 = socket(0x2b, 0x1, 0x1)
setsockopt$auto_SO_BSDCOMPAT(r5, 0x6, 0xe, &(0x7f0000000000), 0x80001)

4.231348742s ago: executing program 0 (id=4840):
r0 = socket(0x2, 0x801, 0x84)
mmap$auto(0x0, 0x8, 0x80004000000000df, 0x10004000eb1, r0, 0x8000008000)
close_range$auto(0x2, 0x8, 0x0)
sysfs$auto(0x2, 0x100000000000027, 0x0)
fsopen$auto(0x0, 0x1)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000002740)='/dev/input/event0\x00', 0x121042, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event0\x00', 0x2, 0x0)
openat$auto_binder_ctl_fops_binderfs(0xffffffffffffff9c, &(0x7f00000000c0), 0xd85ac1, 0x0)
mbind$auto(0x2, 0x7, 0x0, 0x0, 0x3, 0x7)
mmap$auto(0x0, 0x3, 0xdf, 0xeb1, 0x403, 0x8000)
r1 = socket(0x2, 0x80802, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
socket(0xa, 0x3, 0x3b)
connect$auto(r1, &(0x7f0000000040)=@generic={0x8, "00010100"}, 0x5c)
syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x1a, 0x940, 0x1ffe0, 0x7f, 0x6, 0x2, 0x7f, 0x5, 0xfff, 0x7, 0xb0, 0x9, 0x5, 0x3, 0x5, 0x7, 0x20, 0x0, 0x0, 0x202, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x2, [0x3, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x3, 0x1, 0x0, 0x1, 0x0, 0x7ffd, 0x0, 0x6, 0xffffffffffffffff, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff]}, 0x1fe, 0x81)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r2 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
open(0x0, 0x62240, 0x154)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00'})
r3 = open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2)
setresuid$auto(0x2, 0x5, 0x200)
open_by_handle_at$auto(r3, &(0x7f0000000040)={0x1, 0x2, '\v'}, 0x3ffff)
openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x2000, 0x0)
ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000080)=0x6a)
bpf$auto_BPF_MAP_GET_NEXT_ID(0xc, 0x0, 0xea)

3.597662885s ago: executing program 6 (id=4841):
r0 = getegid() (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = getegid() (async)
fsconfig$auto(r1, 0x400, 0x0, 0x0, r0)
keyctl$auto(0x9, 0x0, 0x0, r2, 0x3) (async)
syz_genetlink_get_family_id$auto_macsec(&(0x7f0000001840), r1) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f00000020c0), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_REPORT_PMSR(r3, &(0x7f0000002240)={0x0, 0x0, &(0x7f0000002200)={&(0x7f0000002100)=ANY=[@ANYBLOB='\"\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010028bd7000fcdbdf250b0000000a000200db1b0f6bd3ff0000"], 0x20}, 0x1, 0x0, 0x0, 0x20040800}, 0x40804)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000240), r5) (async)
sendmsg$auto_NETDEV_CMD_NAPI_GET(r5, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x20000000) (async)
sendmsg$auto_MACSEC_CMD_UPD_TXSA(r1, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000001100)=ANY=[@ANYRESOCT=0x0, @ANYRES16=r3, @ANYRESHEX=0x0, @ANYRES64=r2, @ANYRESHEX=r5], 0x28}, 0x1, 0x0, 0x0, 0x200480c7}, 0x80) (async)
ioctl$auto_FS_IOC_SETFLAGS(r1, 0x40086602, 0x7f)
setresgid$auto(r2, 0x800000a0, 0x8) (async)
getegid() (async)
setfsgid$auto(0x0) (async)
r6 = getpgid(0x0)
io_pgetevents$auto(0x1fe, 0xfffffffffffffffe, 0x3fd, 0x0, 0x0, &(0x7f0000000080)={0xfffffffffffffffc}) (async)
process_vm_writev$auto(r6, &(0x7f0000000180)={&(0x7f0000000000), 0x20000007}, 0x200000000017, &(0x7f0000000040)={&(0x7f0000000080), 0x2}, 0x7, 0x0) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
socket(0x2, 0x80002, 0x73) (async)
socket(0x8, 0x800, 0x83) (async)
sendto$auto(0x3, 0x0, 0x2000f, 0x101, &(0x7f0000000000)=@in={0x2, 0x4e1e, @rand_addr=0x64010100}, 0x1c)
fallocate$auto(0xffffffffffffffff, 0x0, 0x7, 0x4cbd5d) (async)
syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff) (async)
process_madvise$auto_MADV_WIPEONFORK(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f00000000c0)="832a25fb7a3f063f2eefca46a02a6455d567b36157aea67d6b203da7562d7de5f31091c2b11987f6f4597f94e83a4d0be38764bb6616c19bfea34c", 0x5f}, 0x0, 0x12, 0x9) (async)
listen$auto(0x3, 0x81) (async)
accept$auto(0x3, 0x0, 0x0)

3.544844128s ago: executing program 1 (id=4842):
unshare$auto(0x40000080) (async)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/dev_mcast\x00', 0x40280, 0x0)
pread64$auto(r0, &(0x7f00000000c0)='veth1\xe7#\x16T+\xee\x03\xc4\x1c\a\xdfa\x8b[,>\xa9\xd2\xef\xb0\xfb{b^\xef\x93\x97\x06H\xcb\xe7g\xea\x9dE\xc0\xdc\x1e\x02`\x00Z\x9d|\x8f\x92\xe09\xe1hBJL\x1e\"F\xc4\xd0z\xac5+I\xfbb\x9d\x97.]\x95H\f&_\x8d1\x83\x90,\x01\x8ab\xe6P\xb8J\xc4\xc3&\xe3\x05\x7fl\x18\xf40\x18x\x88\x86\xe6{\xdb\x1c\xfef\xf1x\xc9vKq\xd4/N&\x1f\xae\xa8\x9b\xb2\xdbZ\xed\x16a}\xa9gj\xc2mt\x87&\xf7Z\xf1u\xf0\x14\x00\x00\x00\x00\x00\x00\x00i\xb9\xc8\xc6V5]\x06/\xb1`\xd9X\xe5\xfc$\a\xf3S\xbb\xe99\xf1PZ\x81\x8f\xfc\xa4w\\\x84B\x03+\xa2\xe1\xb4\x9dv\xe1\xd7\b9\xc3.\x96I\x98\x00\x00\x00\x00\x00', 0x200000000004, 0xfc) (async, rerun: 64)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async, rerun: 64)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa142, 0x0)
openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x82802, 0x0) (async)
r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/cec10\x00', 0x101901, 0x0)
ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f0000000100)={'\x00', 0x0, 0x6, 0x2, 0x9b3, 0x9, "0200000002000000997e763f222ce1", '\x00', "0001410c", '\x00', ["f5404de9641f0000000060c1", "70d9a9a3af9f39d000000001", "ef5ac4927ad89c5c00"]})
ioctl$auto_CEC_TRANSMIT(r1, 0xc0386105, &(0x7f0000000000)={0x80006, 0x3, 0x7, 0x3, 0x12, 0x7fffffff, "9b2189084142725dff0d933475a77466", 0xb, 0x5, 0x9, 0x5, 0x2, 0x1, 0x2})
r2 = openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000000), 0x48101, 0x0)
write$auto(r2, &(0x7f0000000040)='#[-#\x00', 0x4) (async)
madvise$auto(0x0, 0xffffffffffff0005, 0x17) (async)
r3 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/input/event0\x00', 0x20000, 0x0)
ioctl$auto_EVIOCREVOKE(r3, 0x40044591, &(0x7f0000000040)=0xb) (async, rerun: 32)
prctl$auto(0x29, 0x17000000, 0x0, 0x0, 0x3) (async, rerun: 32)
close_range$auto(0x2, 0x8, 0x0)

3.198978554s ago: executing program 6 (id=4843):
syz_clone(0x40000, 0x0, 0x0, 0x0, 0x0, 0x0)
bind$auto(0x3, 0x0, 0x6a)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0x20)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x140082, 0x0)
r2 = socket(0x2, 0x3, 0x100)
syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_IEEE802154_LLSEC_DEL_DEVKEY(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20008040}, 0x40010)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0xc2b80, 0x0)
syz_open_procfs$namespace(0x0, 0x0)
syz_genetlink_get_family_id$auto_thermal(0x0, r2)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x204880, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101200, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)

3.052473812s ago: executing program 0 (id=4844):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
open$dir(&(0x7f0000000000)='./file0\x00', 0x10000, 0x21)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
recvmmsg$auto(r0, &(0x7f0000000300)={{0x0, 0x6, &(0x7f0000000280)={0x0, 0x1ff}, 0xc, &(0x7f00000001c0), 0xc, 0xa}, 0x5a57}, 0xd, 0x5, 0x0)
close_range$auto(0x2, 0x8, 0x0)

2.554112904s ago: executing program 1 (id=4845):
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x300c00, 0x0) (async)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x300c00, 0x0)
ioctl$auto_TIOCGDEV2(r0, 0x80045432, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) (async)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
r1 = socket(0x2, 0x5, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) (async)
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x8800, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x2b, 0x1, 0x0) (async)
r2 = socket(0x2b, 0x1, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptys1\x00', 0x0, 0x0)
sendmmsg$auto(r2, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x5, 0x2}, 0x10001}, 0x5, 0x20000000) (async)
sendmmsg$auto(r2, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x5, 0x2}, 0x10001}, 0x5, 0x20000000)
r3 = io_uring_setup$auto(0x6, 0x0)
ioctl$auto_UI_DEV_SETUP(r3, 0x405c5503, &(0x7f00000001c0)={{0x4, 0x2cd0, 0x6, 0xd2}, "3fddb0040879dd4a0400a87e6d8d751f823b0fa5ae41d23d00154fc20394f2e1bc33967a34092f60f89c52fcfb1895b9dd9731c00b66eb3e0957f8082af55ebab311238a1c9ab5710c3a2049f24ffcac", 0x18})
ioctl$auto_UBI_IOCATT(0xffffffffffffffff, 0x40186f40, 0x0)
ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0)
ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0) (async)
ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0)
syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff) (async)
syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff)
mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0x401, 0x8000)
mincore$auto(0x1000, 0x4000000, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
getcwd$auto(0x0, 0xffffffffffffffff)
setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8) (async)
setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x67e)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) (async)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)

2.549142232s ago: executing program 5 (id=4846):
openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x183802, 0x0) (async)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x183802, 0x0)
close_range$auto(0x2, 0x8, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
prctl$auto_PR_SYS_DISPATCH_ON(0x1000, 0x1, 0x0, 0xe, 0x4) (async)
r0 = prctl$auto_PR_SYS_DISPATCH_ON(0x1000, 0x1, 0x0, 0xe, 0x4)
mmap$auto(0x0, 0x400008, 0xf98d, 0x9b72, r0, 0x8000)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4)
kexec_load$auto(0x200000000007, 0x1, 0x0, 0x4)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS1\x00', 0x101e81, 0x0) (async)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS1\x00', 0x101e81, 0x0)
mmap$auto(0x0, 0x400008, 0xdc, 0x9b72, 0x2, 0x800008000)
openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x0, 0x0)
close_range$auto(r0, r1, 0x0) (async)
close_range$auto(r0, r1, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/dummy_hcd.4/usb5/5-0:1.0/usb5-port1/quirks\x00', 0x940302, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0)
r3 = socketcall$auto(0x10000, 0x0)
r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$auto(0x3, 0xae60, 0x10000000000402)
ioctl$auto(r5, 0x3, r4)
ioctl$auto(0x3, 0xae41, r3) (async)
ioctl$auto(0x3, 0xae41, r3)
ioctl$auto_KVM_GET_MSRS(r2, 0x4400ae8f, &(0x7f00000000c0)={0xdd})
ioctl$auto_FUSE_DEV_IOC_CLONE(0xffffffffffffffff, 0xe503, 0x0) (async)
ioctl$auto_FUSE_DEV_IOC_CLONE(0xffffffffffffffff, 0xe503, 0x0)
epoll_create$auto(0x3e) (async)
r6 = epoll_create$auto(0x3e)
epoll_ctl$auto(r6, 0x1, 0x8000000000000000, 0x0) (async)
epoll_ctl$auto(r6, 0x1, 0x8000000000000000, 0x0)
mq_notify$auto(r6, &(0x7f0000000340)={@sival_ptr=&(0x7f0000000240)="ddbacadc4fa753064a4aa71d081e0078027d97a88a959d8cb9a33ad9a7fe65b703f4b0c88a653b143296d8112e9e05d73b053b2d348db0ed4dd4214b21fd8e0452a56a1fa863f219061f7f132083b9476b547288b2e964cee16ed9b9e04bcf3ada67dd861396240e9bb75a54beeb38ac63566eb9cd7001dcefd8b262b15d4bcd173d5391c6ccb62fb44bc0413b72cd63ce9b55932fbb2b", @raw=0x6, 0x5}) (async)
mq_notify$auto(r6, &(0x7f0000000340)={@sival_ptr=&(0x7f0000000240)="ddbacadc4fa753064a4aa71d081e0078027d97a88a959d8cb9a33ad9a7fe65b703f4b0c88a653b143296d8112e9e05d73b053b2d348db0ed4dd4214b21fd8e0452a56a1fa863f219061f7f132083b9476b547288b2e964cee16ed9b9e04bcf3ada67dd861396240e9bb75a54beeb38ac63566eb9cd7001dcefd8b262b15d4bcd173d5391c6ccb62fb44bc0413b72cd63ce9b55932fbb2b", @raw=0x6, 0x5})

2.523027292s ago: executing program 0 (id=4847):
mmap$auto(0x0, 0x4, 0x1ff, 0x40eb1, 0x401, 0x300000000001)
r0 = socket(0x2, 0x1, 0x106)
bind$auto(r0, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x3, 0x4001}, 0x4006b)
r1 = io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x40009, 0xe1, 0x9b72, 0x7, 0x28000)
r2 = open(&(0x7f0000000100)='.\x00', 0x0, 0x57e)
fcntl$auto_F_ADD_SEALS(r2, 0x410, 0x0)
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001)
close_range$auto(0x2, r1, 0x0)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)

1.768610245s ago: executing program 6 (id=4848):
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x80002, 0x73)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48})
close_range$auto(0x0, 0xe903, 0x2)
socket(0x1e, 0x4, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = socket(0x15, 0x5, 0x0)
getsockopt$auto(r0, 0x114, 0x2720, 0xfffffffffffffffc, 0x0)
mmap$auto(0x200000000, 0x5, 0x8, 0x40009b72, 0x2, 0x8000)
connect$auto(0x3, 0x0, 0x59)
mmap$auto(0x0, 0x2020009, 0x3, 0x4000000000eb1, 0xfffffffffffffffa, 0x8000)
write$auto(0x1, 0x0, 0x80000000)
munmap$auto(0x8000, 0xffffffff)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85513, &(0x7f0000000100)={{@raw=0xfffffffe, 0x85, 0x20e, 0x9, "669cbbd9e9756f22fdffa188e0f106000000000000000b2f4ab8633824f2d2252ca5f200", @raw=0x6}, 0x0, @integer=@value=[0x42, 0x3, 0x4, 0x6, 0x9, 0xfffffffffffffffb, 0x9, 0x3, 0x101, 0xff, 0x24, 0x4, 0x6, 0x4, 0x7, 0xfffffffffffffffa, 0x1ff, 0x1, 0x400, 0x8, 0x5, 0x2, 0xe294, 0xa2, 0x9, 0x100000000, 0x2, 0x8, 0xae, 0xaeb, 0x3, 0xffffffffffffffff, 0x5, 0x8, 0xfffffffffffffffe, 0x10000, 0x55e2, 0x7, 0x8000, 0xd, 0xffffffffffffffff, 0x6, 0x9, 0x14f3, 0x1ff, 0x1, 0x6e7, 0x3, 0x8, 0x9, 0x0, 0x2, 0x7fffffff, 0x7, 0x9, 0x0, 0x401, 0x9, 0x6, 0x100000001, 0xffffffff, 0x800, 0x8001, 0x5, 0x5ed4, 0x1, 0x7, 0x6, 0x962, 0x5, 0xfff, 0x8, 0xfffffffffffffff7, 0x401, 0x1, 0x3e44, 0x8, 0x4, 0x9, 0x1, 0xc98c, 0x68, 0x2, 0x6, 0x1, 0x3, 0xfffffffffffffffe, 0x4, 0xfffffffffffffffe, 0xffffffffffffffff, 0x55, 0x8, 0x30, 0x2d, 0x0, 0x3, 0x2, 0x0, 0x726, 0x7fffffff, 0x1000, 0x10000, 0x0, 0x4, 0x1, 0xbf, 0x2, 0x4, 0x0, 0x5, 0x1, 0x0, 0x6, 0x9, 0x8000, 0xffff, 0x7, 0x140, 0x0, 0xc7dd, 0xfc05, 0x0, 0x4, 0x6, 0x8, 0x0, 0x0, 0x4], "282f77b07e718ed4d99a34617774e3a82f982e0f05e516c299a28a585e87e0d908e2c8e50de5016f1de5d432da2cc20e951d8fcdc4f791a11996aad5af504c0d9927e62ef70b23a13735a4fe805c1ce1b6b1d83d21bb42794ec925b4547a3d52d4b5210392111e181719fef9d685b6534b171d76ad633f94a608b818600a6c85"})
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/irq/2/name\x00', 0x800, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000000), 0x0)
openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0)
write$auto(r2, 0x0, 0xa3d9)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x1, 0x0)
setsockopt$auto(0x2, 0x1, 0x50, &(0x7f0000000000)='\x00', 0x40)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x8c, 0x0, 0x8, 0x70bd2b, 0x25dfdbfe, {}, [@CTRL_ATTR_FAMILY_NAME={0x8, 0x2, '^&^\x00'}, @CTRL_ATTR_OP={0x8, 0xa, 0x1}, @CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x798}, @CTRL_ATTR_OP={0x8, 0xa, 0xa8d}, @CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x7}, @CTRL_ATTR_FAMILY_NAME={0x6, 0x2, ',\x00'}, @CTRL_ATTR_OP={0x8, 0xa, 0x6}, @CTRL_ATTR_FAMILY_NAME={0x2f, 0x2, '/sys/kernel/debug/tracing/trace_marker_raw\x00'}, @CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x8f}, @CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x2}]}, 0x8c}, 0x1, 0x0, 0x0, 0x48085}, 0x20008000)
openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

1.710502481s ago: executing program 5 (id=4849):
setitimer$auto(0x2, &(0x7f00000000c0)={{0x4, 0x800000000000005}, {0xfffffffffffffffd, 0x9}}, 0x0)
socket(0x2, 0x5, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = io_uring_setup$auto(0x6, 0x0)
r1 = getsockopt$auto(0xffffffffffffffff, 0x5, 0x3, &(0x7f00000003c0)='/sys/devices/virtual/mahwsim/hwsim0/ieee8\xe4\x15y\x04\xa2\xd9N\x1a0/zfkill2/hard\x00\x9b1\x13\xba9\xf5F\xd2\xd8\fT2\xd14Z\xa4kl\x1f\\U\xd3\xe0a1^\x1b\x92cB\xd2\x04\xc4\xf8\xeb\x92=aw\x81\xf3y\xfd\x8b\xe9\x0e\xac\xf2VEd\xccl\xf4\xbb\xc0\xf4\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00.#=\vRq\xe9\xebnZ>\xfb\xe0\xf5?\xee*\xc5~\xf6\x93\xa29\x90u\xf7)\x98\x92T\xd8m\x01\x82\xc3\"\x86E\x1c\x9a\x0e\xc1))s;\xba8Yv\xe7W6', &(0x7f0000000100)=0x3)
setsockopt$auto(r1, 0xb, 0x3, &(0x7f00000001c0)='/sys/devices/virtual/mac80211_hwsim/hwsim0/ieee80211/phy0/rfkill2/hard\x00', 0x8001)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
sysfs$auto(0x2, 0xe, 0x0)
lsm_list_modules$auto(0x0, 0x0, 0x0)
r2 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000280), 0x141182, 0x0)
ioctl$auto_dvb_demux_fops_dmxdev(r2, 0x40146f2c, 0x0)
r3 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000080), 0x4400, 0x0)
ioctl$auto_dvb_demux_fops_dmxdev(r3, 0x40146f2c, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x11, 0x3, 0x9)
openat$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffff9c, 0x0, 0x8202, 0x0)
writev$auto(r0, 0x0, 0x6)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80, 0x0)
socket(0x15, 0x5, 0x0)
fsconfig$auto_SHMEM_HUGE_DENY(0xffffffffffffffff, 0x0, &(0x7f0000000140)='\\!:\x00', 0x0, 0xffffffffffffffff)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x8, 0x810004, 0xffc, 0x16, 0x3, 0x6)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/1:0/min_ratio_fine\x00', 0x80081, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f00000001c0), 0x0)
mremap$auto(0x0, 0xbfffffffffffffff, 0x7ffffffffffffffd, 0x0, 0x7fffffffb000)
openat$auto_nsim_psample_enable_fops_psample(0xffffffffffffff9c, 0x0, 0x169a02, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/tracing/per_cpu/cpu0/buffer_size_kb\x00', 0x800c2, 0x0)

1.282089351s ago: executing program 6 (id=4850):
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x4)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4)
mmap$auto(0x0, 0xd561, 0x10000000000df, 0xeb2, 0xffffffffffffffff, 0x8000)
timer_create$auto(0x2, 0x0, 0x0)
timer_settime$auto(0x0, 0x3, &(0x7f00000000c0)={{0x26b, 0x4}, {0x0, 0x83}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
memfd_create$auto(0x0, 0xe)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x20343, 0x0)
write$auto(r1, &(0x7f0000000000)='//\xf2\x00', 0x80000000)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0x2, 0x1, 0x106)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001d00), r3)
sendmsg$auto_ETHTOOL_MSG_RINGS_SET(r3, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f0000000340)={0x2c, r4, 0x1, 0x70bd2a, 0x25dfdbff, {}, [@ETHTOOL_A_RINGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x90}, 0x80000)
r5 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x842, 0x0)
openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000540), 0x20000, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/devices/virtual/block/nbd11/queue/write_zeroes_max_bytes\x00', 0x0, 0x0)
openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000140), 0x20, 0x0)
poll$auto(&(0x7f0000000180)={r1, 0x3569, 0xb}, 0x800, 0x5)
r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r7=>0x0})
sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002dbd7000fddbdf250800030008000300", @ANYRES32=r7], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097d751f33e}, 0x80)
close_range$auto(r2, r5, 0x6)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D3\x00', 0x1, 0x0)
socket(0x28, 0x1, 0x0)
select$auto(0xb, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x400, 0x0, 0x1, 0x37, 0x8, 0x15f4da07, 0x6, 0x0, 0x171, 0x80000020, 0x8000, 0x7, 0x9, 0x47fff, 0xd8]}, 0x0)

851.205998ms ago: executing program 1 (id=4851):
r0 = openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f0000000040)='/dev/media7\x00', 0x40, 0x0)
ioctl$auto_media_devnode_fops_mc_devnode(r0, 0x80047c05, 0x0)
bpf$auto(0x0, 0x0, 0x6f4)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0)
socket(0xa, 0x1, 0x100)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyr4\x00', 0xa01, 0x0)
process_mrelease$auto(0xffffffffffffffff, 0xa)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xfffffffffffffffb, 0x1, 0xc, 0x3, 0x81, 0x3, 0xffffffffffffffff, 0x3, 0x8000000000400000, 0x3, 0x406d3c, 0x3, 0x2, 0x8000000000000006]}, 0x0)
mmap$auto(0x0, 0x7ffe, 0xe3, 0xeb1, 0x401, 0x8000)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x3000100, 0x0, 0x1, 0x0, 0x10000000000000}, 0x895}, 0x3, 0x0)
r1 = getpid()
process_vm_readv$auto(r1, &(0x7f0000000180)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0)
r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bus/usb/006/001\x00', 0x100, 0x0)
getsockopt$auto_SO_NETNS_COOKIE(r2, 0x80, 0x47, &(0x7f0000000100)='%\xb6\\:(-\x00', &(0x7f0000000140)=0x7)
sysfs$auto(0x2, 0x1d, 0x0)
inotify_init1$auto(0x5)
bpf$auto(0x5, &(0x7f0000000000)=@iter_create={0x15, 0x8}, 0x7)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$auto(0x10, r3, 0x1, 0x7ff)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
ioctl$auto_TIOCSTI2(r4, 0x5412, &(0x7f0000000040)="158f4a2b")
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/ram15/queue/discard_max_hw_bytes\x00', 0x80000, 0x0)
read$auto(r5, 0x0, 0x9)
write$auto(0x3, 0x0, 0xfdef)

581.741986ms ago: executing program 5 (id=4852):
open(0x0, 0x10b040, 0x155)
r0 = socket(0x2, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'erspan0\x00'})
mmap$auto(0xc, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8002)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006)
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff)
sendmsg$auto_NBD_CMD_CONNECT(r1, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000500)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100273d7000fcdbdf2501000000100007800c00018008000180000000000c0002000600ddffffff00000c0005000400000000000000e30d4cb734182c7eded58354e23f85b11c59df68315f61ee5382cbfe0a4bcd2537021a296da756671b0fdf85a53f121b9c809a38fa65bf90781be74b544331b14dc2d8dc2aa994b692108e8c60f2d37246c3e338ece68354c09429baeecb01639693e284a6b8a4aaa43e981efa945f2d97b785489f682b1974376710be349ce13084364a89e7f7241a5432eabc2d02bd49fb177fad8bec0173387ae7d9f1598aaaf5ec7d46ea94c90c3a975628eb34c68a126f02b40bb514d2e4e512ac891c0ef859441dfaad3e4c8598275b9f66d00d89ffeb4a8a2459f902e74e"], 0x3c}, 0x1, 0x1000000, 0x0, 0x4}, 0x8880)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ttybf\x00', 0x301100, 0x0)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x400040, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/net/rpc/nfsd.fh/channel\x00', 0x88400, 0x0)
openat$auto_component_list_fops_(0xffffffffffffff9c, &(0x7f00000000c0), 0x220440, 0x0)
read$auto(0x3, 0x0, 0x0)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptyr1\x00', 0x101e81, 0x0)
ioctl$auto_SNDCTL_TMR_CONTINUE(r3, 0x40045431, &(0x7f0000000400)="c2f17e12547ea99cf8790708948cb3720b54f465b5010c3d255f1bb608653d69a5096629ddf9f7255d5b1bbaee54afabc9c8fa2f0cc5d42f0f4a958550feb612bdda2e0840966ad3bbe26eb70dc9f6dd80399624869ce48381e2a593198f2acc0c7c1ef4d5ab1450361553c51c959ca5065208a74ce28ebf4780a165b3e3e25e04d40c1ad1402ce6713fa0779fc88b1807e61968ff07513460bf4b5ec6c1695681968d43a475dc35636a8ef8c84b248affb8bce52c2a26778ba7391f18a8a1b92bf5dff10772ed5ff8ddaacfbbbb8bd3283901ae2b7418ea0506c8")
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
r4 = socket(0x10, 0x2, 0x0)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), r0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
recvmmsg$auto(r4, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
r5 = socket(0x2b, 0x1, 0x1)
setsockopt$auto_SO_BSDCOMPAT(r5, 0x55, 0xe, &(0x7f0000000000), 0x80001)

563.187721ms ago: executing program 0 (id=4853):
mmap$auto(0x0, 0x4, 0x1ff, 0x40eb1, 0x401, 0x300000000001)
r0 = socket(0x2, 0x1, 0x106)
bind$auto(r0, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x3, 0x4001}, 0x4006b)
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
mmap$auto(0x0, 0x40009, 0xe1, 0x9b72, 0x7, 0x28000)
r1 = open(&(0x7f0000000100)='.\x00', 0x0, 0x57e)
fcntl$auto_F_ADD_SEALS(r1, 0x410, 0x0)
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)

0s ago: executing program 6 (id=4854):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/bus/netdevsim/unlink_device\x00', 0x0, 0x0)
write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
recvmmsg$auto(r0, &(0x7f0000000380)={{&(0x7f0000000080)="d2bf2dad50980bf965a4f844dae882f2b87ba299a1a5557db378d9daced664a14e12a7e53e985f7a20739bef4f6474235465ee1f885a6cd2a18fa9e77253ea59d421ca7663d9af81a1c8b0e20518139f4a193a140ca3c846199b00d80623acf1de58f74c0f17247979aeb483447ace12d44efb5c2874c022ff26957bab32309e02ddf34986efc8b7fb866dfb6d71ea3cc2c731b23e5e5d2b5d236d56667ca6bb1000118fd4790a4633db645144246133", 0x0, &(0x7f0000000280)={&(0x7f0000000180)="3142178c7525df6b02741eb58524a6b09902e456c1bba7c143b41e56c5e4597daf0a793933a3025ce8229d1e5550f33fbf84ad322932ce21e3bd793fd7a2c9ccb39a5007b6fce93f853c8bb4d6fbd7923bea2dea1777be8f3677003f12b65a92011f7c57cbeda720e40c7cddba4a3b9e7aa1c575353a7ea1c2d7d43a441e8e5ed79c13352e06a93f1d6190072e74392cac7db1ab9c7671b519951f1925fce122d1157a0e0f9c15b7f890efac076959e668b9fcf4fd6c43a4c0e860ab6f3b602b131f5e4f96fe1b742fab06d43e2308f9581f4ef1b98b624fc8776524bdd970330b722a513fade360f12b2e6ad6656641fdb3ad1241ca03c4b18ff3895f", 0x40}, 0x6, &(0x7f00000002c0)="42ea400e0550063851a7ab96a52a6d35a2f686229bc3c90ae4df7e3f053891567f87c8733710ae717a0ae964bee86347c22da1021cc8bcb08fd896c83a71244591d59f18c87c709b9cb8bfca87026cfad5079cf361fae4b5cfdd09dcf21104b5f931b33293b367260450985d4f892fb3574661eec2215bd625d055d310ace38a5273c173c6", 0x0, 0x9}, 0x2}, 0x8000, 0x0, &(0x7f00000003c0)={0xfffffffffffffffe, 0xfffffffffffffffd})

kernel console output (not intermixed with test programs):

ute type 1 has an invalid length.
[ 1207.196219][T22959] nbd: error processing sock list
[ 1207.473035][T15804] Bluetooth: hci1: command tx timeout
[ 1207.548210][T22890] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1207.573725][T22890] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1207.597844][T22890] bridge_slave_0: entered allmulticast mode
[ 1207.625866][T22890] bridge_slave_0: entered promiscuous mode
[ 1207.656360][T22890] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1207.687435][T22890] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1207.707086][T22831] Process accounting resumed
[ 1207.716377][T22890] bridge_slave_1: entered allmulticast mode
[ 1207.739296][T22890] bridge_slave_1: entered promiscuous mode
[ 1207.871116][T22890] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1207.914759][T22890] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1208.095581][T22890] team0: Port device team_slave_0 added
[ 1208.129331][T22890] team0: Port device team_slave_1 added
[ 1208.298859][T22890] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1208.332021][T22890] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1208.373927][T22970] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3290'.
[ 1208.466741][T22890] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1208.512420][T22972] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x20000
[ 1208.564187][T22972] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 1208.591919][T22890] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1208.606938][T22977] snd_virmidi snd_virmidi.0: control 4096:33685515:3:y�:1 is already present
[ 1208.621113][T22890] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1208.677677][T22972] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[ 1208.721158][T22890] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1208.744549][T22972] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 1208.815693][T22972] page dumped because: unmovable page
[ 1208.857394][T22972] page_owner tracks the page as allocated
[ 1208.939774][T22972] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x0(), pid 0, tgid 0 (swapper), ts 1569957670, free_ts 0
[ 1208.981667][T22890] hsr_slave_0: entered promiscuous mode
[ 1209.013748][T22890] hsr_slave_1: entered promiscuous mode
[ 1209.038845][T22890] debugfs: 'hsr0' already exists in 'hsr'
[ 1209.055541][T22972]  register_early_stack+0x74/0xaf
[ 1209.071790][T22890] Cannot create hsr debugfs directory
[ 1209.100223][T22972]  init_page_owner+0x4c/0xa10
[ 1209.134560][T22972]  page_ext_init+0x71d/0x780
[ 1209.171078][T22972]  mm_core_init+0x229/0x270
[ 1209.213681][T22972] page_owner free stack trace missing
[ 1209.553104][T15804] Bluetooth: hci1: command tx timeout
[ 1210.222837][T23000] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3294'.
[ 1210.627736][T22890] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1210.932879][T22890] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1210.957453][T15804] Bluetooth: hci0: unexpected event 0x10 length: 124 > 1
[ 1210.960686][T15804] Bluetooth: hci0: hardware error 0x00
[ 1211.070534][T15632] Bluetooth: hci0: unexpected event 0x1c length: 725 > 5
[ 1211.113323][T22890] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1211.209277][T22890] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1211.633302][T15632] Bluetooth: hci1: command tx timeout
[ 1211.984205][T23031] ubi6: attaching mtd0
[ 1212.008213][T23031] ubi6: scanning is finished
[ 1212.031196][T23031] ubi6 error: ubi_read_volume_table: the layout volume was not found
[ 1212.191239][T23031] ubi6 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1212.891724][T22890] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1212.937982][T22890] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 1212.975800][T22890] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1212.994492][T15804] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[ 1213.042796][T22890] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 1213.081501][T22890] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1213.111792][T22890] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 1213.141933][T22890] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1213.185751][T22890] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 1213.577804][T22890] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1213.983359][T22890] 8021q: adding VLAN 0 to HW filter on device team0
[ 1214.002941][T23066] RDS: rds_bind could not find a transport for 7bc:c94c:4e37:70c4::, load rds_tcp or rds_rdma?
[ 1214.081897][T15695] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1214.089091][T15695] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1214.197593][T23071] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3307'.
[ 1214.220802][T15695] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1214.227975][T15695] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1216.365922][T22890] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1217.139645][T23137] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3317'.
[ 1217.888379][T22890] veth0_vlan: entered promiscuous mode
[ 1217.959080][T22890] veth1_vlan: entered promiscuous mode
[ 1218.079211][T22890] veth0_macvtap: entered promiscuous mode
[ 1218.129158][T22890] veth1_macvtap: entered promiscuous mode
[ 1218.262159][T22890] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1218.518289][T22890] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1218.893467][T15642] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1218.948382][T15642] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1219.011638][T15642] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1219.054532][T15642] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1219.197427][T23206] random: crng reseeded on system resumption
[ 1219.799228][T23201] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1219.837137][T23201] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1220.056723][T23202] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1220.093142][T23202] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1220.431230][T23223] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3325'.
[ 1221.706053][T23209] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 5 with max blocks 3 with error 117
[ 1221.831248][T23209] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1221.831248][T23209] 
[ 1222.084336][T23255] can0: slcan on pty238.
[ 1222.214897][T23253] can0 (unregistered): slcan off pty238.
[ 1222.544853][T23264] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3332'.
[ 1222.581794][T23264] netlink: 'syz.6.3332': attribute type 2 has an invalid length.
[ 1223.020668][T23274] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 1224.254485][T23288] netlink: 'syz.0.3337': attribute type 15 has an invalid length.
[ 1224.418261][T23288] netlink: 186 bytes leftover after parsing attributes in process `syz.0.3337'.
[ 1225.690190][T23316] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3342'.
[ 1226.130588][T23327] FAULT_INJECTION: forcing a failure.
[ 1226.130588][T23327] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1226.186141][T23327] CPU: 0 UID: 0 PID: 23327 Comm: syz.5.3345 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1226.186183][T23327] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1226.186193][T23327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1226.186209][T23327] Call Trace:
[ 1226.186217][T23327]  <TASK>
[ 1226.186226][T23327]  dump_stack_lvl+0x100/0x190
[ 1226.186273][T23327]  should_fail_ex.cold+0x5/0xa
[ 1226.186300][T23327]  ? prepare_alloc_pages+0x16d/0x5f0
[ 1226.186335][T23327]  should_fail_alloc_page+0xeb/0x140
[ 1226.186367][T23327]  prepare_alloc_pages+0x1f0/0x5f0
[ 1226.186404][T23327]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[ 1226.186449][T23327]  ? __pfx_stack_trace_save+0x10/0x10
[ 1226.186484][T23327]  ? stack_depot_save_flags+0x27/0x9d0
[ 1226.186524][T23327]  ? kasan_save_stack+0x3f/0x50
[ 1226.186556][T23327]  ? kasan_save_stack+0x30/0x50
[ 1226.186581][T23327]  ? kasan_save_track+0x14/0x30
[ 1226.186609][T23327]  ? kasan_save_stack+0x3f/0x50
[ 1226.186637][T23327]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1226.186685][T23327]  ? __lock_acquire+0x4a5/0x2630
[ 1226.186724][T23327]  ? __lock_acquire+0x4a5/0x2630
[ 1226.186761][T23327]  ? __css_rstat_updated+0x1ce/0x5a0
[ 1226.186820][T23327]  ? lock_acquire+0x1b1/0x370
[ 1226.186868][T23327]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1226.186904][T23327]  ? policy_nodemask+0xed/0x4f0
[ 1226.186933][T23327]  alloc_pages_mpol+0x1fb/0x540
[ 1226.186960][T23327]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1226.186990][T23327]  ? __lock_acquire+0x4a5/0x2630
[ 1226.187027][T23327]  folio_alloc_mpol_noprof+0x36/0x260
[ 1226.187059][T23327]  vma_alloc_folio_noprof+0xed/0x1d0
[ 1226.187090][T23327]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 1226.187129][T23327]  do_anonymous_page+0xb46/0x2050
[ 1226.187164][T23327]  ? rcu_read_unlock+0x2d/0xb0
[ 1226.187204][T23327]  __handle_mm_fault+0x1d2c/0x2a00
[ 1226.187241][T23327]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1226.187269][T23327]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1226.187305][T23327]  ? pte_offset_map_lock+0x174/0x320
[ 1226.187331][T23327]  ? find_held_lock+0x2b/0x80
[ 1226.187367][T23327]  ? follow_page_pte+0x4d0/0x13f0
[ 1226.187399][T23327]  handle_mm_fault+0x37b/0xa30
[ 1226.187438][T23327]  __get_user_pages+0x1178/0x32a0
[ 1226.187476][T23327]  ? __pfx___get_user_pages+0x10/0x10
[ 1226.187529][T23327]  populate_vma_page_range+0x267/0x3f0
[ 1226.187569][T23327]  ? __pfx_populate_vma_page_range+0x10/0x10
[ 1226.187601][T23327]  ? __pfx_find_vma_intersection+0x10/0x10
[ 1226.187644][T23327]  ? do_mmap+0x93f/0x12f0
[ 1226.187675][T23327]  __mm_populate+0x107/0x3a0
[ 1226.187706][T23327]  ? __pfx___mm_populate+0x10/0x10
[ 1226.187738][T23327]  ? up_write+0x28c/0x4f0
[ 1226.187764][T23327]  vm_mmap_pgoff+0x37f/0x470
[ 1226.187796][T23327]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1226.187827][T23327]  ? do_futex+0x192/0x350
[ 1226.187850][T23327]  ? __pfx_do_futex+0x10/0x10
[ 1226.187877][T23327]  ksys_mmap_pgoff+0xe4/0x610
[ 1226.187905][T23327]  ? __x64_sys_futex+0x358/0x4d0
[ 1226.187929][T23327]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[ 1226.187956][T23327]  ? xfd_validate_state+0x129/0x190
[ 1226.187984][T23327]  __x64_sys_mmap+0x125/0x190
[ 1226.188010][T23327]  do_syscall_64+0x115/0x840
[ 1226.188042][T23327]  ? clear_bhb_loop+0x40/0x90
[ 1226.188070][T23327]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1226.188093][T23327] RIP: 0033:0x7f3f4fb9ce59
[ 1226.188112][T23327] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1226.188134][T23327] RSP: 002b:00007f3f50b10028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1226.188156][T23327] RAX: ffffffffffffffda RBX: 00007f3f4fe15fa0 RCX: 00007f3f4fb9ce59
[ 1226.188171][T23327] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000
[ 1226.188184][T23327] RBP: 00007f3f4fc32d6f R08: 0000000000000002 R09: 0000000000008000
[ 1226.188198][T23327] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[ 1226.188212][T23327] R13: 00007f3f4fe16038 R14: 00007f3f4fe15fa0 R15: 00007ffd85896158
[ 1226.188240][T23327]  </TASK>
[ 1226.963918][T23347] netlink: 13 bytes leftover after parsing attributes in process `syz.5.3347'.
[ 1227.757258][T23349] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000
[ 1227.877253][T23349] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff)
[ 1228.010324][T23349] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000
[ 1228.124285][T23349] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 1228.238532][T23349] page dumped because: unmovable page
[ 1228.289355][T23349] page_owner info is not present (never set?)
[ 1232.343688][T15804] block nbd35: Receive control failed (result -32)
[ 1232.875177][   T30] audit: type=1800 audit(2147483792.890:28): pid=23470 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.3375" name="dbroot" dev="configfs" ino=104682 res=0 errno=0
[ 1233.362852][T23483] block nbd0: Cannot use ioctl interface on a netlink controlled device.
[ 1236.060081][T15804] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[ 1237.382604][T23538] futex_wake_op: syz.5.3388 tries to shift op by -2048; fix this program
[ 1237.423531][T23538] futex_wake_op: syz.5.3388 tries to shift op by -2048; fix this program
[ 1238.116272][T15632] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1238.674933][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[ 1238.685640][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[ 1238.833568][T23550] Process accounting paused
[ 1240.195625][T15804] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1240.881526][T23588] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3398'.
[ 1241.731966][T15632] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[ 1241.740295][T15632] Bluetooth: hci1: Invalid handle: 0x3a4a > 0x0eff
[ 1243.485998][T18028] Process accounting resumed
[ 1244.655749][T23636] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3409'.
[ 1245.024022][T23622] Process accounting resumed
[ 1245.266530][T23649] random: crng reseeded on system resumption
[ 1247.378405][T23693] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3420'.
[ 1248.967288][T15804] block nbd36: Receive control failed (result -32)
[ 1249.623975][T23731] random: crng reseeded on system resumption
[ 1250.502160][T23741] FAULT_INJECTION: forcing a failure.
[ 1250.502160][T23741] name failslab, interval 1, probability 0, space 0, times 0
[ 1250.569523][T23741] CPU: 0 UID: 0 PID: 23741 Comm: syz.5.3429 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1250.569562][T23741] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1250.569571][T23741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1250.569585][T23741] Call Trace:
[ 1250.569593][T23741]  <TASK>
[ 1250.569601][T23741]  dump_stack_lvl+0x100/0x190
[ 1250.569643][T23741]  should_fail_ex.cold+0x5/0xa
[ 1250.569673][T23741]  should_failslab+0xc2/0x120
[ 1250.569701][T23741]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[ 1250.569738][T23741]  ? __d_alloc+0x34/0xa40
[ 1250.569768][T23741]  ? __pfx_stack_trace_save+0x10/0x10
[ 1250.569803][T23741]  __d_alloc+0x34/0xa40
[ 1250.569835][T23741]  d_alloc_parallel+0x111/0x14e0
[ 1250.569865][T23741]  ? find_held_lock+0x2b/0x80
[ 1250.569892][T23741]  ? __d_lookup+0x25c/0x4a0
[ 1250.569914][T23741]  ? __pfx_d_alloc_parallel+0x10/0x10
[ 1250.569959][T23741]  ? __d_lookup+0x266/0x4a0
[ 1250.569989][T23741]  lookup_open.isra.0+0x57c/0x11b0
[ 1250.570020][T23741]  ? __pfx_lookup_open.isra.0+0x10/0x10
[ 1250.570061][T23741]  ? lookup_fast+0x2da/0x600
[ 1250.570100][T23741]  path_openat+0xa98/0x31a0
[ 1250.570137][T23741]  ? __pfx_path_openat+0x10/0x10
[ 1250.570175][T23741]  do_file_open+0x20e/0x430
[ 1250.570205][T23741]  ? __pfx_do_file_open+0x10/0x10
[ 1250.570252][T23741]  ? alloc_fd+0x476/0x790
[ 1250.570281][T23741]  ? do_getname+0x191/0x390
[ 1250.570317][T23741]  do_sys_openat2+0x10d/0x1e0
[ 1250.570352][T23741]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1250.570396][T23741]  __x64_sys_openat+0x12d/0x210
[ 1250.570432][T23741]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1250.570471][T23741]  ? ksys_write+0x1ac/0x250
[ 1250.570501][T23741]  ? rcu_is_watching+0x12/0xc0
[ 1250.570530][T23741]  do_syscall_64+0x115/0x840
[ 1250.570561][T23741]  ? clear_bhb_loop+0x40/0x90
[ 1250.570608][T23741]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1250.570632][T23741] RIP: 0033:0x7f3f4fb9ce59
[ 1250.570654][T23741] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1250.570678][T23741] RSP: 002b:00007f3f50b10028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1250.570701][T23741] RAX: ffffffffffffffda RBX: 00007f3f4fe15fa0 RCX: 00007f3f4fb9ce59
[ 1250.570717][T23741] RDX: 0000000000086980 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 1250.570732][T23741] RBP: 00007f3f4fc32d6f R08: 0000000000000000 R09: 0000000000000000
[ 1250.570747][T23741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1250.570761][T23741] R13: 00007f3f4fe16038 R14: 00007f3f4fe15fa0 R15: 00007ffd85896158
[ 1250.570791][T23741]  </TASK>
[ 1251.933304][T23209] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 5 with max blocks 3 with error 117
[ 1251.953422][T23209] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1251.953422][T23209] 
[ 1252.290027][   T30] audit: type=1804 audit(1843104524.000:29): pid=23753 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.3431" name="/newroot/490/file0" dev="tmpfs" ino=2577 res=1 errno=0
[ 1253.941006][T15804] block nbd37: Receive control failed (result -32)
[ 1255.084317][T15804] block nbd38: Receive control failed (result -32)
[ 1255.643662][T23804] ubi1: attaching mtd0
[ 1255.682908][T23804] ubi1 error: ubi_attach_mtd_dev: bad VID header (1) or data offsets (65)
[ 1256.364759][T23824] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3447'.
[ 1256.691317][T23828] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3448'.
[ 1257.430910][T23840] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1257.825269][   T30] audit: type=1800 audit(1843104529.530:30): pid=23851 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.3454" name="discovery_nqn" dev="configfs" ino=106597 res=0 errno=0
[ 1259.620124][T23882] netlink: 146 bytes leftover after parsing attributes in process `syz.0.3458'.
[ 1259.670260][T23883] netlink: 146 bytes leftover after parsing attributes in process `syz.0.3458'.
[ 1259.906662][T23869] kexec: Could not allocate control_code_buffer
[ 1262.822850][T23931] netlink: 302 bytes leftover after parsing attributes in process `syz.5.3468'.
[ 1262.920292][T23937] sd 0:0:1:0: PR command failed: 1026
[ 1262.942381][T23937] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1262.978291][T23937] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1267.112455][T24011] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3487'.
[ 1267.245474][T24009] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3487'.
[ 1268.390973][T15804] block nbd39: Receive control failed (result -32)
[ 1269.149143][T24038] Process accounting resumed
[ 1269.694733][T24050] ubi0: attaching mtd0
[ 1269.754784][T24050] ubi0: scanning is finished
[ 1269.806221][T24050] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1270.100094][T24050] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1270.612867][T24073] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1271.268907][T24079] random: crng reseeded on system resumption
[ 1272.995189][T24106] kAFS: unparsable volume name
[ 1273.330374][T23209] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 5 with max blocks 3 with error 117
[ 1273.388449][T23209] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1273.388449][T23209] 
[ 1273.803851][T15804] Bluetooth: hci1: unexpected event 0x36 length: 123 > 7
[ 1274.902457][T24140] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3515'.
[ 1274.961378][T24141] netlink: 25 bytes leftover after parsing attributes in process `syz.0.3515'.
[ 1275.301881][T24145] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3517'.
[ 1275.366556][   T30] audit: type=1804 audit(1843104547.070:31): pid=24145 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.3517" name="file0" dev="tmpfs" ino=1703 res=1 errno=0
[ 1275.718772][T24131] Process accounting paused
[ 1275.892446][T24159] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3520'.
[ 1277.683096][   T30] audit: type=1800 audit(1843104549.380:32): pid=24169 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3522" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0
[ 1278.392836][T15804] Bluetooth: hci2: unexpected event 0x1d length: 6 > 5
[ 1278.820128][T24210] netlink: 326 bytes leftover after parsing attributes in process `syz.6.3529'.
[ 1279.648357][T24224] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3534'.
[ 1279.723087][T24224] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1279.774458][T24224] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1279.809093][T24224] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1279.859430][T24224] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1283.978364][T24292] kexec: Could not allocate control_code_buffer
[ 1284.857064][T24328] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3553'.
[ 1285.201123][T15804] block nbd40: Receive control failed (result -32)
[ 1285.314033][T24343] netlink: Conntrack attr type has unexpected length (type=3, length=0, expected=8)
[ 1286.253925][T24362] Process accounting resumed
[ 1287.054746][T24374] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3566'.
[ 1287.826510][T24389] futex_wake_op: syz.1.3560 tries to shift op by -2048; fix this program
[ 1288.580140][T24404] ubi0: attaching mtd0
[ 1288.941110][T24404] ubi0: scanning is finished
[ 1289.009112][T24404] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1289.430619][T24404] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1290.225068][T24443] random: crng reseeded on system resumption
[ 1292.478414][T24471] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3585'.
[ 1292.545760][T24472] netlink: 354 bytes leftover after parsing attributes in process `syz.5.3585'.
[ 1292.662012][T24474] syz.6.3586 (24474): attempted to duplicate a private mapping with mremap.  This is not supported.
[ 1294.990553][T24509] openvswitch: ovs_: Dropping previously announced user features
[ 1295.029127][T24511] random: crng reseeded on system resumption
[ 1295.297365][T24516] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3595'.
[ 1295.513460][T24516] vlan1: entered allmulticast mode
[ 1295.935478][T15804] block nbd41: Receive control failed (result -32)
[ 1296.215648][T24538] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3600'.
[ 1296.631421][T24530] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1296.660759][T24530] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1296.702350][T24530] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1296.743114][T24530] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1296.796117][T24530] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1298.113460][T15804] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1298.674534][T15804] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1298.753992][T15804] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1298.852046][T24584] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3611'.
[ 1298.911944][T24591] random: crng reseeded on system resumption
[ 1300.061400][T24603] Process accounting paused
[ 1300.119776][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[ 1300.129437][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[ 1300.834460][T15804] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1300.904851][T24611] FAULT_INJECTION: forcing a failure.
[ 1300.904851][T24611] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1300.993888][T24611] CPU: 0 UID: 0 PID: 24611 Comm: syz.6.3617 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1300.993924][T24611] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1300.993932][T24611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1300.993945][T24611] Call Trace:
[ 1300.993952][T24611]  <TASK>
[ 1300.993960][T24611]  dump_stack_lvl+0x100/0x190
[ 1300.994001][T24611]  should_fail_ex.cold+0x5/0xa
[ 1300.994046][T24611]  _copy_from_user+0x2e/0xd0
[ 1300.994079][T24611]  copy_msghdr_from_user+0x9f/0x4f0
[ 1300.994113][T24611]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1300.994151][T24611]  ? __lock_acquire+0x4a5/0x2630
[ 1300.994193][T24611]  ___sys_recvmsg+0xdd/0x1a0
[ 1300.994229][T24611]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1300.994265][T24611]  ? find_held_lock+0x2b/0x80
[ 1300.994310][T24611]  do_recvmmsg+0x301/0x760
[ 1300.994345][T24611]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1300.994376][T24611]  ? ksys_write+0x190/0x250
[ 1300.994411][T24611]  ? __mutex_unlock_slowpath+0x15d/0x8a0
[ 1300.994445][T24611]  ? kernel_write+0x603/0x6c0
[ 1300.994478][T24611]  ? __fget_files+0x21f/0x3d0
[ 1300.994511][T24611]  __x64_sys_recvmmsg+0x22a/0x280
[ 1300.994538][T24611]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1300.994566][T24611]  ? rcu_is_watching+0x12/0xc0
[ 1300.994596][T24611]  do_syscall_64+0x115/0x840
[ 1300.994628][T24611]  ? clear_bhb_loop+0x40/0x90
[ 1300.994656][T24611]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1300.994680][T24611] RIP: 0033:0x7fe6f159ce59
[ 1300.994698][T24611] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1300.994721][T24611] RSP: 002b:00007fe6f247c028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1300.994742][T24611] RAX: ffffffffffffffda RBX: 00007fe6f1815fa0 RCX: 00007fe6f159ce59
[ 1300.994758][T24611] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[ 1300.994772][T24611] RBP: 00007fe6f247c090 R08: 0000000000000000 R09: 0000000000000000
[ 1300.994786][T24611] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001
[ 1300.994800][T24611] R13: 00007fe6f1816038 R14: 00007fe6f1815fa0 R15: 00007ffe5216b988
[ 1300.994828][T24611]  </TASK>
[ 1302.112398][T15804] block nbd42: Receive control failed (result -32)
[ 1302.390365][T24648] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3623'.
[ 1302.457315][T24648] netlink: 25 bytes leftover after parsing attributes in process `syz.5.3623'.
[ 1302.836918][T24653] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.3624: iget: checksum invalid
[ 1302.913957][T15804] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1303.043598][T24653] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[ 1303.202787][T24653] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.3624: iget: checksum invalid
[ 1303.340727][T24653] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[ 1303.475449][T24653] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.3624: iget: checksum invalid
[ 1303.598267][T15804] block nbd43: Receive control failed (result -32)
[ 1303.627447][T24653] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[ 1303.701553][T24653] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.3624: iget: checksum invalid
[ 1303.759159][T24653] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[ 1303.833991][T24653] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[ 1303.912652][T24653] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[ 1310.383173][T15804] block nbd44: Receive control failed (result -32)
[ 1311.630519][T24764] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 8 with max blocks 11 with error 117
[ 1311.719197][T24764] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1311.719197][T24764] 
[ 1314.207968][T15804] block nbd45: Receive control failed (result -32)
[ 1315.053919][T24833] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3658'.
[ 1316.430246][T24850] Process accounting paused
[ 1316.850363][T24857] netlink: 334 bytes leftover after parsing attributes in process `syz.6.3664'.
[ 1317.719849][T24883] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1317.735734][T24865] : Can't lookup blockdev
[ 1318.192661][T24857] netlink: 334 bytes leftover after parsing attributes in process `syz.6.3664'.
[ 1318.818374][T24909] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3143549974 (100593599168 ns) > initial count (70706024576 ns). Using initial count to start timer.
[ 1319.055603][T24912] netlink: 314 bytes leftover after parsing attributes in process `syz.0.3676'.
[ 1319.128153][T24912] netlink: 314 bytes leftover after parsing attributes in process `syz.0.3676'.
[ 1319.430371][T24915] Process accounting resumed
[ 1320.470208][T24940] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3684'.
[ 1320.535492][T24940] netlink: 354 bytes leftover after parsing attributes in process `syz.0.3684'.
[ 1322.979883][T24981] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3693'.
[ 1323.005178][T24982] Page cache invalidation failure on direct I/O.  Possible data corruption due to collision with buffered I/O!
[ 1323.094608][T24982] File: /dev/mtdblock0 PID: 24982 Comm: syz.5.3689
[ 1324.056729][T24995] netlink: 'syz.5.3695': attribute type 1 has an invalid length.
[ 1324.113109][T24995] netlink: 9 bytes leftover after parsing attributes in process `syz.5.3695'.
[ 1324.617502][T25003] random: crng reseeded on system resumption
[ 1326.874451][T25044] netlink: 'syz.6.3705': attribute type 1 has an invalid length.
[ 1326.923118][T25044] netlink: 9 bytes leftover after parsing attributes in process `syz.6.3705'.
[ 1329.294661][T25080] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.3710: iget: checksum invalid
[ 1329.344562][T25080] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[ 1329.414578][T25080] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.3710: iget: checksum invalid
[ 1329.472869][T25080] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[ 1329.515385][T25080] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.3710: iget: checksum invalid
[ 1329.557360][T25080] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[ 1329.592348][T25080] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.3710: iget: checksum invalid
[ 1329.642271][T25080] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[ 1329.683823][T25080] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[ 1329.741373][T25080] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[ 1329.820694][T25086] Process accounting resumed
[ 1329.998918][T25111] FAULT_INJECTION: forcing a failure.
[ 1329.998918][T25111] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1330.087995][T25111] CPU: 0 UID: 0 PID: 25111 Comm: syz.6.3715 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1330.088036][T25111] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1330.088045][T25111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1330.088060][T25111] Call Trace:
[ 1330.088068][T25111]  <TASK>
[ 1330.088077][T25111]  dump_stack_lvl+0x100/0x190
[ 1330.088123][T25111]  should_fail_ex.cold+0x5/0xa
[ 1330.088153][T25111]  _copy_from_iter+0x1f4/0x1690
[ 1330.088193][T25111]  ? __pfx__copy_from_iter+0x10/0x10
[ 1330.088235][T25111]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[ 1330.088278][T25111]  skb_copy_datagram_from_iter+0x11f/0x720
[ 1330.088323][T25111]  tun_get_user+0x1889/0x3c20
[ 1330.088360][T25111]  ? __pfx_tun_get_user+0x10/0x10
[ 1330.088387][T25111]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1330.088420][T25111]  ? find_held_lock+0x2b/0x80
[ 1330.088450][T25111]  ? tun_get+0x191/0x370
[ 1330.088470][T25111]  ? tun_get+0x191/0x370
[ 1330.088498][T25111]  tun_chr_write_iter+0xdc/0x200
[ 1330.088526][T25111]  vfs_write+0x6ac/0x1070
[ 1330.088565][T25111]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1330.088592][T25111]  ? __pfx_vfs_write+0x10/0x10
[ 1330.088616][T25111]  ? find_held_lock+0x2b/0x80
[ 1330.088659][T25111]  __x64_sys_pwrite64+0x1eb/0x250
[ 1330.088687][T25111]  ? __pfx___x64_sys_pwrite64+0x10/0x10
[ 1330.088721][T25111]  ? rcu_is_watching+0x12/0xc0
[ 1330.088750][T25111]  do_syscall_64+0x115/0x840
[ 1330.088782][T25111]  ? clear_bhb_loop+0x40/0x90
[ 1330.088809][T25111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1330.088832][T25111] RIP: 0033:0x7fe6f159ce59
[ 1330.088851][T25111] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1330.088880][T25111] RSP: 002b:00007fe6f247c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[ 1330.088902][T25111] RAX: ffffffffffffffda RBX: 00007fe6f1815fa0 RCX: 00007fe6f159ce59
[ 1330.088917][T25111] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 00000000000000c8
[ 1330.088931][T25111] RBP: 00007fe6f1632d6f R08: 0000000000000000 R09: 0000000000000000
[ 1330.088945][T25111] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[ 1330.088958][T25111] R13: 00007fe6f1816038 R14: 00007fe6f1815fa0 R15: 00007ffe5216b988
[ 1330.088986][T25111]  </TASK>
[ 1332.485003][T15804] block nbd46: Receive control failed (result -32)
[ 1333.011555][T25166] random: crng reseeded on system resumption
[ 1333.364951][T25174] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3733'.
[ 1333.405955][T25174] netlink: 13 bytes leftover after parsing attributes in process `syz.1.3733'.
[ 1334.155520][T25185] netlink: 504 bytes leftover after parsing attributes in process `syz.1.3736'.
[ 1335.450817][T25217] openvswitch: netlink: IP tunnel attribute has 24 unknown bytes.
[ 1336.214858][T25222] futex_wake_op: syz.6.3745 tries to shift op by -2048; fix this program
[ 1336.256980][T25222] futex_wake_op: syz.6.3745 tries to shift op by -2048; fix this program
[ 1336.750493][T25228] netlink: 'syz.5.3747': attribute type 1 has an invalid length.
[ 1336.791058][T25228] netlink: 9 bytes leftover after parsing attributes in process `syz.5.3747'.
[ 1337.461494][T25245] nvme_fabrics: unknown parameter or missing value '�@�' in ctrl creation request
[ 1338.604327][T25269] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3756'.
[ 1341.945084][T23207] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 5 with max blocks 2 with error 117
[ 1342.038872][T23207] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1342.038872][T23207] 
[ 1342.108481][T25324] mtrr: base(0x1000000) is not aligned on a size(0x0000) boundary
[ 1342.918629][T25339] zswap: compressor  not available
[ 1343.007284][T15804] block nbd47: Receive control failed (result -32)
[ 1344.198739][T15804] block nbd48: Receive control failed (result -32)
[ 1345.449489][T25381] random: crng reseeded on system resumption
[ 1348.436304][T25399] Process accounting resumed
[ 1349.776844][T25449] netlink: 322 bytes leftover after parsing attributes in process `syz.1.3792'.
[ 1351.166114][T25478] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.3796: iget: checksum invalid
[ 1351.212356][T25474] openvswitch: netlink: Key type 68 is out of range max 32
[ 1351.236463][T25478] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[ 1351.335127][T25478] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.3796: iget: checksum invalid
[ 1351.406900][T25478] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[ 1351.455120][T25478] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.3796: iget: checksum invalid
[ 1351.510624][T25478] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[ 1351.533185][T25473] Process accounting resumed
[ 1351.575423][T25478] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.3796: iget: checksum invalid
[ 1351.658120][T25478] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[ 1351.716927][T25478] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[ 1351.768560][T25478] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[ 1352.379135][T15804] block nbd49: Receive control failed (result -32)
[ 1352.543845][T25496] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1352.584322][T25496] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1352.622784][T25496] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1353.529340][T25535] random: crng reseeded on system resumption
[ 1354.033306][T15804] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1354.593056][T15804] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1354.673266][T15804] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1354.978943][T24111] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 5 with max blocks 3 with error 117
[ 1355.060735][T24111] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1355.060735][T24111] 
[ 1359.382173][T25661] random: crng reseeded on system resumption
[ 1360.120828][T15804] block nbd50: Receive control failed (result -32)
[ 1360.324652][T25680] Process accounting paused
[ 1360.484149][T25689] FAULT_INJECTION: forcing a failure.
[ 1360.484149][T25689] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1360.549071][T25689] CPU: 0 UID: 0 PID: 25689 Comm: syz.5.3837 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1360.549109][T25689] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1360.549118][T25689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1360.549132][T25689] Call Trace:
[ 1360.549139][T25689]  <TASK>
[ 1360.549148][T25689]  dump_stack_lvl+0x100/0x190
[ 1360.549191][T25689]  should_fail_ex.cold+0x5/0xa
[ 1360.549220][T25689]  _copy_to_iter+0x1f3/0x1720
[ 1360.549254][T25689]  ? show_sb_opts+0xb4/0xf0
[ 1360.549287][T25689]  ? __pfx__copy_to_iter+0x10/0x10
[ 1360.549317][T25689]  ? __up_read+0x2c1/0x6e0
[ 1360.549343][T25689]  ? __pfx___up_read+0x10/0x10
[ 1360.549365][T25689]  ? seq_read_iter+0xd33/0x1270
[ 1360.549389][T25689]  ? seq_read_iter+0xd33/0x1270
[ 1360.549419][T25689]  seq_read_iter+0xdab/0x1270
[ 1360.549452][T25689]  ? __pfx_seq_read_iter+0x10/0x10
[ 1360.549478][T25689]  vfs_read+0x825/0xb30
[ 1360.549508][T25689]  ? __pfx_vfs_read+0x10/0x10
[ 1360.549568][T25689]  ksys_read+0x12a/0x250
[ 1360.549595][T25689]  ? __pfx_ksys_read+0x10/0x10
[ 1360.549624][T25689]  ? rcu_is_watching+0x12/0xc0
[ 1360.549656][T25689]  do_syscall_64+0x115/0x840
[ 1360.549689][T25689]  ? clear_bhb_loop+0x40/0x90
[ 1360.549719][T25689]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1360.549743][T25689] RIP: 0033:0x7f3f4fb9ce59
[ 1360.549763][T25689] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1360.549786][T25689] RSP: 002b:00007f3f50b10028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1360.549810][T25689] RAX: ffffffffffffffda RBX: 00007f3f4fe15fa0 RCX: 00007f3f4fb9ce59
[ 1360.549825][T25689] RDX: 0000000000001036 RSI: 0000200000000040 RDI: 0000000000000003
[ 1360.549841][T25689] RBP: 00007f3f4fc32d6f R08: 0000000000000000 R09: 0000000000000000
[ 1360.549856][T25689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1360.549870][T25689] R13: 00007f3f4fe16038 R14: 00007f3f4fe15fa0 R15: 00007ffd85896158
[ 1360.549901][T25689]  </TASK>
[ 1361.145238][T25706] random: crng reseeded on system resumption
[ 1361.588104][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[ 1361.596406][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[ 1361.953939][T25694] kexec: Could not allocate control_code_buffer
[ 1366.842711][T25801] block2mtd: too many arguments
[ 1368.832434][T25826] netlink: 504 bytes leftover after parsing attributes in process `syz.1.3868'.
[ 1371.181962][T25881] netlink: 186 bytes leftover after parsing attributes in process `syz.1.3882'.
[ 1371.229870][T15804] block nbd51: Receive control failed (result -32)
[ 1372.114889][T23203] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 5 with max blocks 3 with error 117
[ 1372.189294][T23203] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1372.189294][T23203] 
[ 1374.767397][T25893] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1374.789943][T25893] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1374.808305][T25893] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1374.824675][T25893] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1374.840230][T25893] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1376.462296][T25893] block nbd52: Receive control failed (result -32)
[ 1376.916180][T25893] Bluetooth: hci4: command tx timeout
[ 1378.461935][T25893] block nbd53: Receive control failed (result -32)
[ 1378.581610][T26037] Format for adding new device is "id port_count num_queues" (uint uint uint).
[ 1378.993197][T25893] Bluetooth: hci4: command tx timeout
[ 1379.026732][T25957] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1379.087224][T25957] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1379.105873][T26037] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3907'.
[ 1379.137337][T25957] bridge_slave_0: entered allmulticast mode
[ 1379.179718][T25957] bridge_slave_0: entered promiscuous mode
[ 1379.231062][T25957] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1379.278553][T25957] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1379.319257][T25957] bridge_slave_1: entered allmulticast mode
[ 1379.363709][T25957] bridge_slave_1: entered promiscuous mode
[ 1379.398521][T26057] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3910'.
[ 1379.454733][T26057] IPv6: Can't replace route, no match found
[ 1379.498820][T26057] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3910'.
[ 1379.536354][T26057] IPv6: Can't replace route, no match found
[ 1379.666652][T25957] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1379.737014][T25957] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1380.139987][T25957] team0: Port device team_slave_0 added
[ 1380.226799][T25957] team0: Port device team_slave_1 added
[ 1380.370113][T25957] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1380.418356][T25957] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1380.586662][T25957] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1380.671481][T25957] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1380.712863][T25957] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1380.851967][T25957] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1381.075073][T25893] Bluetooth: hci4: command tx timeout
[ 1381.193891][T25957] hsr_slave_0: entered promiscuous mode
[ 1381.222263][T25957] hsr_slave_1: entered promiscuous mode
[ 1381.264997][T25957] debugfs: 'hsr0' already exists in 'hsr'
[ 1381.303443][T25957] Cannot create hsr debugfs directory
[ 1381.352392][T26082] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3914'.
[ 1383.021298][T25893] block nbd54: Receive control failed (result -32)
[ 1383.041929][T25957] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1383.154091][T25893] Bluetooth: hci4: command tx timeout
[ 1383.407459][T25957] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1383.656774][T25957] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1383.689029][T26092] Process accounting paused
[ 1384.078448][T25957] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1385.220159][T25957] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1385.274661][T25957] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 1385.312631][T25957] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1385.375435][T25957] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 1385.425354][T25957] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1385.466543][T25957] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 1385.503548][T25957] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1385.552480][T25957] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 1385.828059][T26157] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3927'.
[ 1386.333721][T25957] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1386.414927][T25957] 8021q: adding VLAN 0 to HW filter on device team0
[ 1386.467823][T23203] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1386.475015][T23203] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1386.488372][T25893] block nbd55: Receive control failed (result -32)
[ 1386.597651][T24111] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1386.604823][T24111] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1389.151245][T25957] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1389.211685][T26208] random: crng reseeded on system resumption
[ 1390.385578][T26227] kAFS: No cell specified
[ 1390.599275][T25957] veth0_vlan: entered promiscuous mode
[ 1390.693294][T25957] veth1_vlan: entered promiscuous mode
[ 1390.809475][T25957] veth0_macvtap: entered promiscuous mode
[ 1390.857505][T25957] veth1_macvtap: entered promiscuous mode
[ 1390.947499][T25957] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1391.017682][T25957] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1391.119567][T24111] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1391.163256][T24111] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1391.276716][T24111] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1391.311407][T24111] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1392.027914][T23213] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1392.097613][T23213] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1392.322815][T15695] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1392.362772][T15695] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1393.087549][T26266] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1393.957508][T26280] netlink: 'syz.6.3949': attribute type 1 has an invalid length.
[ 1393.984424][T26280] netlink: 9 bytes leftover after parsing attributes in process `syz.6.3949'.
[ 1394.231168][T26289] random: crng reseeded on system resumption
[ 1394.257853][T26283] Invalid ELF header magic: != ELF
[ 1395.431166][T26310] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied.
[ 1398.558272][T26364] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3968'.
[ 1398.690083][T26368] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 1399.233208][T26376] Format for deleting device is "id" (uint).
[ 1401.778546][T26413] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3978'.
[ 1402.242083][T26419] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3981'.
[ 1402.263935][T23211] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 5 with max blocks 3 with error 117
[ 1402.355227][T23211] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1402.355227][T23211] 
[ 1402.399601][T26419] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1402.407006][T26419] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1402.560689][T26419] bridge0: entered promiscuous mode
[ 1407.907428][T26497] random: crng reseeded on system resumption
[ 1409.059638][T26511] random: crng reseeded on system resumption
[ 1410.370188][T26517] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3995'.
[ 1411.690788][T26533] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3997'.
[ 1413.298787][T25893] block nbd56: Receive control failed (result -32)
[ 1415.027524][T26576] random: crng reseeded on system resumption
[ 1415.722374][T26555] Process accounting resumed
[ 1415.970964][T26582] netlink: 'syz.5.4005': attribute type 1 has an invalid length.
[ 1416.014871][T26582] netlink: 9 bytes leftover after parsing attributes in process `syz.5.4005'.
[ 1416.426888][T26589] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3143549974 (100593599168 ns) > initial count (70706024576 ns). Using initial count to start timer.
[ 1417.735137][T26599] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1417.757285][T26599] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1417.784347][T26599] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1417.820717][T26599] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1417.871082][T26599] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1418.272671][T26629] netlink: 'syz.5.4018': attribute type 1 has an invalid length.
[ 1418.334513][T26629] netlink: 9 bytes leftover after parsing attributes in process `syz.5.4018'.
[ 1418.993327][T15804] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1419.068625][T26628] netlink: 40 bytes leftover after parsing attributes in process `syz.6.4017'.
[ 1419.794573][T15804] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1419.800824][T25893] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1420.083740][T26661] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1420.136656][   T30] audit: type=1800 audit(4294967468.390:33): pid=26662 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.4023" name="dbroot" dev="configfs" ino=121164 res=0 errno=0
[ 1420.158376][T26661] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1420.878350][T26668] netlink: 186 bytes leftover after parsing attributes in process `syz.6.4025'.
[ 1421.340307][T26684] netlink: 'syz.6.4029': attribute type 1 has an invalid length.
[ 1421.371978][T26684] netlink: 9 bytes leftover after parsing attributes in process `syz.6.4029'.
[ 1421.430072][T26680] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4027'.
[ 1421.874045][T15804] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1422.378507][T15804] block nbd57: Receive control failed (result -32)
[ 1422.996195][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[ 1423.002559][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[ 1423.953126][T15804] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1425.051122][T26736] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4038'.
[ 1425.389385][T26738] FAULT_INJECTION: forcing a failure.
[ 1425.389385][T26738] name failslab, interval 1, probability 0, space 0, times 0
[ 1425.513376][T26738] CPU: 0 UID: 0 PID: 26738 Comm: syz.6.4038 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1425.513416][T26738] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1425.513425][T26738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1425.513439][T26738] Call Trace:
[ 1425.513447][T26738]  <TASK>
[ 1425.513456][T26738]  dump_stack_lvl+0x100/0x190
[ 1425.513504][T26738]  should_fail_ex.cold+0x5/0xa
[ 1425.513533][T26738]  ? tomoyo_realpath_from_path+0xb6/0x690
[ 1425.513577][T26738]  should_failslab+0xc2/0x120
[ 1425.513603][T26738]  __kmalloc_noprof+0xe0/0x850
[ 1425.513622][T26738]  ? kfree+0x1dd/0x6c0
[ 1425.513656][T26738]  tomoyo_realpath_from_path+0xb6/0x690
[ 1425.513693][T26738]  tomoyo_check_open_permission+0x2af/0x3c0
[ 1425.513741][T26738]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 1425.513786][T26738]  ? hook_file_open+0x24e/0x7a0
[ 1425.513834][T26738]  ? path_get+0x61/0x80
[ 1425.513869][T26738]  tomoyo_file_open+0x6b/0x90
[ 1425.513891][T26738]  security_file_open+0xb5/0x1e0
[ 1425.513924][T26738]  do_dentry_open+0x588/0x14d0
[ 1425.513960][T26738]  vfs_open+0x82/0x3f0
[ 1425.513998][T26738]  path_openat+0x208c/0x31a0
[ 1425.514037][T26738]  ? __pfx_path_openat+0x10/0x10
[ 1425.514077][T26738]  do_file_open+0x20e/0x430
[ 1425.514120][T26738]  ? __pfx_do_file_open+0x10/0x10
[ 1425.514166][T26738]  ? alloc_fd+0x476/0x790
[ 1425.514194][T26738]  ? do_getname+0x191/0x390
[ 1425.514229][T26738]  do_sys_openat2+0x10d/0x1e0
[ 1425.514261][T26738]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1425.514304][T26738]  __x64_sys_openat+0x12d/0x210
[ 1425.514338][T26738]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1425.514371][T26738]  ? ksys_write+0x1ac/0x250
[ 1425.514398][T26738]  ? rcu_is_watching+0x12/0xc0
[ 1425.514427][T26738]  do_syscall_64+0x115/0x840
[ 1425.514456][T26738]  ? clear_bhb_loop+0x40/0x90
[ 1425.514483][T26738]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1425.514523][T26738] RIP: 0033:0x7fbf7a39ce59
[ 1425.514542][T26738] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1425.514564][T26738] RSP: 002b:00007fbf7b192028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1425.514586][T26738] RAX: ffffffffffffffda RBX: 00007fbf7a616180 RCX: 00007fbf7a39ce59
[ 1425.514601][T26738] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[ 1425.514615][T26738] RBP: 00007fbf7a432d6f R08: 0000000000000000 R09: 0000000000000000
[ 1425.514629][T26738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1425.514643][T26738] R13: 00007fbf7a616218 R14: 00007fbf7a616180 R15: 00007ffd574dd818
[ 1425.514671][T26738]  </TASK>
[ 1426.179331][T26738] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1427.441206][T15804] block nbd58: Receive control failed (result -32)
[ 1428.500113][T15804] block nbd59: Receive control failed (result -32)
[ 1428.716679][T26774] futex_wake_op: syz.0.4047 tries to shift op by -2048; fix this program
[ 1428.863885][T26787] netlink: 'syz.6.4050': attribute type 1 has an invalid length.
[ 1428.899323][T26787] netlink: 9 bytes leftover after parsing attributes in process `syz.6.4050'.
[ 1430.955065][T26830] random: crng reseeded on system resumption
[ 1432.456351][T15695] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 5 with max blocks 3 with error 117
[ 1432.531159][T15695] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1432.531159][T15695] 
[ 1432.580991][T26855] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 12 with max blocks 29 with error 117
[ 1432.629734][T26855] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1432.629734][T26855] 
[ 1432.664699][T23211] EXT4-fs (sda1): Delayed block allocation failed for inode 2030 at logical offset 1363 with max blocks 22 with error 117
[ 1432.728747][T23211] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1432.728747][T23211] 
[ 1432.995678][T26868] synth uevent: /module/null_blk: unknown uevent action string
[ 1433.105987][T26875] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4065'.
[ 1433.899688][T26890] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.5.4069: iget: checksum invalid
[ 1433.932030][T26890] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[ 1433.969835][T26890] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.5.4069: iget: checksum invalid
[ 1434.070161][T26890] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[ 1434.182311][T26890] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.5.4069: iget: checksum invalid
[ 1434.223348][T26890] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[ 1434.246737][T26890] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.5.4069: iget: checksum invalid
[ 1434.310095][T26890] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[ 1434.357662][T26890] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[ 1434.422187][T26890] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[ 1435.335073][T15804] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[ 1436.294758][T26947] netlink: 'syz.5.4081': attribute type 1 has an invalid length.
[ 1436.326538][T26947] netlink: 9 bytes leftover after parsing attributes in process `syz.5.4081'.
[ 1436.556339][T26951] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4083'.
[ 1436.573138][T15804] block nbd4129: Receive control failed (result -32)
[ 1436.658151][T26951] veth0_macvtap: left promiscuous mode
[ 1436.832173][T26953] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4084'.
[ 1437.399740][T25893] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1437.977940][T26988] netlink: zone id is out of range
[ 1438.006401][T26988] netlink: zone id is out of range
[ 1438.028884][T26988] netlink: zone id is out of range
[ 1438.048820][T26988] netlink: zone id is out of range
[ 1438.116849][T26988] netlink: zone id is out of range
[ 1438.187446][T26988] netlink: zone id is out of range
[ 1438.249661][T26988] netlink: zone id is out of range
[ 1438.314212][T26988] netlink: zone id is out of range
[ 1438.398635][T26988] netlink: zone id is out of range
[ 1438.466952][T26988] netlink: zone id is out of range
[ 1439.175421][   T30] audit: type=1800 audit(4294967487.430:34): pid=27005 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.4095" name="features" dev="configfs" ino=123745 res=0 errno=0
[ 1439.473891][T15804] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1441.055512][T27038] ptrace attach of "ci-qemu-gce-upstream-auto/syz-executor exec"[18104] was attempted by "ci-qemu-gce-upstream-auto/syz-executor exec"[27038]
[ 1442.205108][T27076] random: crng reseeded on system resumption
[ 1443.008153][T27088] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4111'.
[ 1445.656126][T25893] block nbd60: Receive control failed (result -32)
[ 1446.073297][T27147] Process accounting paused
[ 1448.085411][T27156] kexec: Could not allocate control_code_buffer
[ 1449.201916][   T30] audit: type=1800 audit(4294967497.460:35): pid=27210 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.4135" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0
[ 1452.700227][T27293] random: crng reseeded on system resumption
[ 1453.307669][T27309] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.4155: iget: checksum invalid
[ 1453.368474][T27309] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[ 1453.456673][T27309] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.4155: iget: checksum invalid
[ 1453.495700][T27309] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[ 1453.565095][T27309] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.4155: iget: checksum invalid
[ 1453.594849][T25893] block nbd61: Receive control failed (result -32)
[ 1453.647293][T27309] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[ 1453.710986][T27309] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.4155: iget: checksum invalid
[ 1453.817802][T27309] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[ 1453.887348][T27309] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[ 1453.958248][T27309] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[ 1454.669573][T27332] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4160'.
[ 1454.702508][T27332] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1454.730336][T27332] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1455.008040][T27335] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.4162: iget: checksum invalid
[ 1455.049282][T27335] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[ 1455.101560][T27335] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.4162: iget: checksum invalid
[ 1455.153894][T27335] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[ 1455.217592][T27335] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.4162: iget: checksum invalid
[ 1455.277794][T27335] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[ 1455.331608][T27335] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.4162: iget: checksum invalid
[ 1455.379986][T27335] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[ 1455.427594][T27335] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[ 1455.467705][T27335] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[ 1456.926212][T27354] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4167'.
[ 1456.971283][T27354] netlink: 25 bytes leftover after parsing attributes in process `syz.5.4167'.
[ 1457.215351][T27358] netlink: 338 bytes leftover after parsing attributes in process `syz.5.4168'.
[ 1457.309216][T27361] netlink: 338 bytes leftover after parsing attributes in process `syz.5.4168'.
[ 1458.204177][T27378] usb usb3: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1458.347207][T27370] zswap: compressor 000 not available
[ 1460.584573][T27407] netlink: 'syz.5.4177': attribute type 11 has an invalid length.
[ 1460.668285][T27407] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4177'.
[ 1461.073968][T27429] netlink: 326 bytes leftover after parsing attributes in process `syz.0.4182'.
[ 1462.110820][T25893] block nbd62: Receive control failed (result -32)
[ 1462.870515][T25893] block nbd63: Receive control failed (result -32)
[ 1463.198170][T27474] netlink: 334 bytes leftover after parsing attributes in process `syz.6.4189'.
[ 1463.689132][T27486] NFSD: Failed to start, no listeners configured.
[ 1464.151418][T27474] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4189'.
[ 1465.538184][T27536] QAT: Invalid ioctl 21531
[ 1466.815277][T27558] random: crng reseeded on system resumption
[ 1468.202901][T25893] Bluetooth: hci4: unexpected event 0x1c length: 725 > 5
[ 1468.466079][T23209] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 8 with max blocks 1 with error 117
[ 1468.511570][T27598] net_ratelimit: 47 callbacks suppressed
[ 1468.511587][T27598] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[ 1468.583129][T23209] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1468.583129][T23209] 
[ 1468.635912][T23209] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 5 with max blocks 3 with error 117
[ 1468.654700][T25893] block nbd64: Receive control failed (result -32)
[ 1468.725298][T23209] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1468.725298][T23209] 
[ 1468.820526][T23209] EXT4-fs (sda1): Delayed block allocation failed for inode 2030 at logical offset 1360 with max blocks 25 with error 117
[ 1468.909555][T23209] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1468.909555][T23209] 
[ 1468.939783][T27605] vivid-008: =================  START STATUS  =================
[ 1469.000708][T27605] vivid-008: ==================  END STATUS  ==================
[ 1473.800208][T25893] Bluetooth: hci1: Malformed Event: 0x2f
[ 1473.893687][T27694] netlink: 330 bytes leftover after parsing attributes in process `syz.5.4231'.
[ 1476.697547][T27758] vivid-007: =================  START STATUS  =================
[ 1476.738218][T27758] vivid-007: Generate PTS: true
[ 1476.762535][T27758] vivid-007: Generate SCR: true
[ 1476.789359][T27758] tpg source WxH: 320x240 (Y'CbCr)
[ 1476.814448][T27758] tpg field: 1
[ 1476.830220][T27758] tpg crop: (0,0)/320x240
[ 1476.859904][T27758] tpg compose: (0,0)/320x240
[ 1476.881445][T27758] tpg colorspace: 8
[ 1476.898480][T27758] tpg transfer function: 0/0
[ 1476.926489][T27758] tpg Y'CbCr encoding: 0/0
[ 1476.946853][T27758] tpg quantization: 0/0
[ 1476.967264][T27758] tpg RGB range: 0/2
[ 1476.983518][T27758] vivid-007: ==================  END STATUS  ==================
[ 1477.459004][T27751] Process accounting resumed
[ 1481.447748][T27838] hub 1-0:1.0: USB hub found
[ 1481.491600][T27838] hub 1-0:1.0: 1 port detected
[ 1481.752010][T27849] hub 1-0:1.0: USB hub found
[ 1481.845114][T27849] hub 1-0:1.0: 1 port detected
[ 1482.279817][T27866] netlink: 342 bytes leftover after parsing attributes in process `syz.0.4267'.
[ 1483.952024][T25893] block nbd65: Receive control failed (result -32)
[ 1484.239762][T27904] netlink: 25 bytes leftover after parsing attributes in process `syz.5.4276'.
[ 1484.439778][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[ 1484.446366][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[ 1485.092106][T25893] block nbd66: Receive control failed (result -32)
[ 1485.911202][T27937] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(3589.0.32769), cmd(5)
[ 1487.092729][T27949] random: crng reseeded on system resumption
[ 1488.691747][T25893] block nbd67: Receive control failed (result -32)
[ 1489.269777][T27978] can: request_module (can-proto-3) failed.
[ 1490.125411][T28004] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4294'.
[ 1490.204495][T28001] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint
[ 1490.348624][T28001] PCI: Can't parse resource_alignment parameter: �c) ��/��D��|!$����A=en����eg*�&tq��r�=^Nǖ�Yrn��]U��a��P]{Ԍ4:��(D
[ 1492.019410][T28037] device-mapper: ioctl: only supply one of name or uuid, cmd(5)
[ 1492.978251][T28068] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.4306: iget: checksum invalid
[ 1493.199026][T28068] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[ 1493.394952][T28068] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.4306: iget: checksum invalid
[ 1493.598411][T28068] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[ 1493.716521][T28068] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.4306: iget: checksum invalid
[ 1493.840547][T28068] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[ 1493.960919][T28068] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.4306: iget: checksum invalid
[ 1494.076588][T28068] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[ 1494.188712][T28068] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[ 1494.296735][T28068] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[ 1494.682364][T28096] netlink: 342 bytes leftover after parsing attributes in process `syz.0.4312'.
[ 1494.951488][T28104] usb usb21: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1498.298231][T28151] FAULT_INJECTION: forcing a failure.
[ 1498.298231][T28151] name failslab, interval 1, probability 0, space 0, times 0
[ 1498.484627][T28151] CPU: 0 UID: 0 PID: 28151 Comm: syz.6.4322 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1498.484665][T28151] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1498.484674][T28151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1498.484697][T28151] Call Trace:
[ 1498.484705][T28151]  <TASK>
[ 1498.484714][T28151]  dump_stack_lvl+0x100/0x190
[ 1498.484757][T28151]  should_fail_ex.cold+0x5/0xa
[ 1498.484787][T28151]  should_failslab+0xc2/0x120
[ 1498.484814][T28151]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[ 1498.484852][T28151]  ? __d_alloc+0x34/0xa40
[ 1498.484887][T28151]  __d_alloc+0x34/0xa40
[ 1498.484920][T28151]  d_alloc_parallel+0x111/0x14e0
[ 1498.484944][T28151]  ? __lock_acquire+0x4a5/0x2630
[ 1498.484979][T28151]  ? kasan_save_track+0x14/0x30
[ 1498.485001][T28151]  ? __kasan_slab_alloc+0x89/0x90
[ 1498.485024][T28151]  ? kmem_cache_alloc_noprof+0x241/0x6e0
[ 1498.485061][T28151]  ? init_file+0x95/0x480
[ 1498.485096][T28151]  ? __pfx_d_alloc_parallel+0x10/0x10
[ 1498.485122][T28151]  ? lockdep_init_map_type+0x5c/0x250
[ 1498.485160][T28151]  ? lockdep_init_map_type+0x5c/0x250
[ 1498.485201][T28151]  __lookup_slow+0x193/0x460
[ 1498.485237][T28151]  ? __pfx___lookup_slow+0x10/0x10
[ 1498.485293][T28151]  lookup_slow+0x50/0x70
[ 1498.485328][T28151]  path_lookupat+0x5e8/0xc40
[ 1498.485356][T28151]  path_openat+0x1b08/0x31a0
[ 1498.485384][T28151]  ? kasan_save_stack+0x3f/0x50
[ 1498.485405][T28151]  ? kasan_save_stack+0x30/0x50
[ 1498.485430][T28151]  ? kasan_save_track+0x14/0x30
[ 1498.485452][T28151]  ? kmem_cache_alloc_noprof+0x241/0x6e0
[ 1498.485487][T28151]  ? do_getname+0x35/0x390
[ 1498.485519][T28151]  ? do_sys_openat2+0xc5/0x1e0
[ 1498.485557][T28151]  ? __pfx_path_openat+0x10/0x10
[ 1498.485595][T28151]  do_file_open+0x20e/0x430
[ 1498.485626][T28151]  ? __pfx_do_file_open+0x10/0x10
[ 1498.485673][T28151]  ? alloc_fd+0x476/0x790
[ 1498.485709][T28151]  ? do_getname+0x191/0x390
[ 1498.485745][T28151]  do_sys_openat2+0x10d/0x1e0
[ 1498.485780][T28151]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1498.485826][T28151]  __x64_sys_openat+0x12d/0x210
[ 1498.485862][T28151]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1498.485897][T28151]  ? ksys_write+0x1ac/0x250
[ 1498.485926][T28151]  ? rcu_is_watching+0x12/0xc0
[ 1498.485956][T28151]  do_syscall_64+0x115/0x840
[ 1498.485987][T28151]  ? clear_bhb_loop+0x40/0x90
[ 1498.486029][T28151]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1498.486051][T28151] RIP: 0033:0x7fbf7a39ce59
[ 1498.486073][T28151] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1498.486095][T28151] RSP: 002b:00007fbf7b1b3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1498.486116][T28151] RAX: ffffffffffffffda RBX: 00007fbf7a616090 RCX: 00007fbf7a39ce59
[ 1498.486130][T28151] RDX: 000000000075b143 RSI: 0000200000000240 RDI: ffffffffffffff9c
[ 1498.486145][T28151] RBP: 00007fbf7a432d6f R08: 0000000000000000 R09: 0000000000000000
[ 1498.486158][T28151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1498.486171][T28151] R13: 00007fbf7a616128 R14: 00007fbf7a616090 R15: 00007ffd574dd818
[ 1498.486197][T28151]  </TASK>
[ 1500.111064][T25893] block nbd68: Receive control failed (result -32)
[ 1500.469411][T28172] netlink: 6820 bytes leftover after parsing attributes in process `syz.0.4329'.
[ 1502.447461][T25893] block nbd69: Receive control failed (result -32)
[ 1502.698146][T28208] netlink: 25 bytes leftover after parsing attributes in process `syz.5.4335'.
[ 1503.668866][T25893] block nbd70: Receive control failed (result -32)
[ 1507.427006][   T30] audit: type=1800 audit(4294967555.680:36): pid=28312 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.4356" name="dbroot" dev="configfs" ino=130781 res=0 errno=0
[ 1508.100067][   T30] audit: type=1326 audit(4294967556.360:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28323 comm="syz.0.4360" exe="/root/ci-qemu-gce-upstream-auto/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcdcd19ce59 code=0x0
[ 1508.128587][T28302] Process accounting paused
[ 1508.240282][   T30] audit: type=1326 audit(4294967556.470:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28323 comm="syz.0.4360" exe="/root/ci-qemu-gce-upstream-auto/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcdcd19ce59 code=0x0
[ 1510.002337][T28365] netlink: 25 bytes leftover after parsing attributes in process `syz.5.4366'.
[ 1511.464913][T25893] block nbd71: Receive control failed (result -32)
[ 1511.901569][T28384] random: crng reseeded on system resumption
[ 1514.245632][T28433] kAFS: unparsable volume name
[ 1515.310993][T28452] netlink: 25 bytes leftover after parsing attributes in process `syz.6.4384'.
[ 1517.430466][T25893] block nbd72: Receive control failed (result -32)
[ 1519.276880][T28526] netlink: 342 bytes leftover after parsing attributes in process `syz.5.4399'.
[ 1519.668335][T28530] netlink: 17 bytes leftover after parsing attributes in process `syz.5.4400'.
[ 1526.075430][T25893] block nbd73: Receive control failed (result -32)
[ 1532.892365][T25893] block nbd74: Receive control failed (result -32)
[ 1534.041697][T28727] usb usb3: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1534.315444][T28723] zswap: compressor 000 not available
[ 1534.360312][T28708] kexec: Could not allocate control_code_buffer
[ 1534.853013][T28741] ovs_: entered promiscuous mode
[ 1535.536150][T28759] netlink: 9 bytes leftover after parsing attributes in process `syz.6.4452'.
[ 1536.149043][   T30] audit: type=1804 audit(4294967584.412:39): pid=28768 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.4454" name="/newroot/116/file0" dev="tmpfs" ino=627 res=1 errno=0
[ 1536.364345][T28773] CIFS: VFS: UNC: path must begin with // or \\
[ 1536.376706][   T30] audit: type=1804 audit(4294967584.622:40): pid=28773 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.6.4454" name="/newroot/116/file0" dev="tmpfs" ino=627 res=1 errno=0
[ 1536.508318][T28773] Malformed UNC in devname
[ 1536.508318][T28773] 
[ 1536.564508][T28773] CIFS: VFS: Malformed UNC in devname
[ 1537.275700][T28782] Process accounting resumed
[ 1538.289255][T28802] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1538.356457][T28802] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1538.414960][T28802] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1539.001619][T28841] openvswitch: netlink: Flow key attr not present in new flow.
[ 1539.107013][T28846] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.4468: iget: checksum invalid
[ 1539.207603][T28846] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[ 1539.340358][T28846] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.4468: iget: checksum invalid
[ 1539.466884][T28846] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[ 1539.549137][T25893] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1539.559781][T28846] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.4468: iget: checksum invalid
[ 1539.624769][T28846] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[ 1539.654034][T28855] serial 00:02: in use; can't configure
[ 1539.679113][T28846] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.4468: iget: checksum invalid
[ 1539.775705][T28846] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[ 1539.826734][T28846] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[ 1539.862858][T28846] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[ 1540.087624][T28846] Process accounting resumed
[ 1540.428629][T25893] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1540.434711][T15804] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1540.507302][T23209] EXT4-fs (sda1): Delayed block allocation failed for inode 2030 at logical offset 1365 with max blocks 20 with error 117
[ 1540.560071][T23209] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1540.560071][T23209] 
[ 1540.993664][T28896] i2c i2c-0: new_device: Missing parameters
[ 1542.700732][   T30] audit: type=1804 audit(4294967590.955:41): pid=28914 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.6.4482" name="/newroot/sys/kernel/tracing/per_cpu/cpu0/trace" dev="tracefs" ino=4255 res=1 errno=0
[ 1543.332202][T28925] netlink: 342 bytes leftover after parsing attributes in process `syz.0.4486'.
[ 1543.717038][T25893] Bluetooth: hci1: unexpected subevent 0x0c length: 118 > 5
[ 1544.973964][T28976] ima: Unable to open file: /sys/kernel/security/integrity/ima/policy (-26)
[ 1544.999545][T28974] ima: policy update failed
[ 1545.054513][   T30] audit: type=1802 audit(4294967593.316:42): pid=28974 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.6.4499" res=0 errno=0
[ 1545.336915][T28983] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.5.4501: iget: checksum invalid
[ 1545.367439][T28987] netlink: 346 bytes leftover after parsing attributes in process `syz.6.4502'.
[ 1545.393032][T28983] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[ 1545.424474][T28983] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.5.4501: iget: checksum invalid
[ 1545.452578][T28983] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[ 1545.474502][T28983] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.5.4501: iget: checksum invalid
[ 1545.500095][T28983] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[ 1545.523906][T28983] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.5.4501: iget: checksum invalid
[ 1545.552271][T28983] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[ 1545.572351][T28983] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[ 1545.601061][T28983] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[ 1545.750559][T25893] block nbd75: Receive control failed (result -32)
[ 1545.867228][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[ 1545.874161][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[ 1548.696512][T29011] kexec: Could not allocate control_code_buffer
[ 1548.835667][T29035] vivid-007: =================  START STATUS  =================
[ 1548.905507][T29035] vivid-007: Enable Output Cropping: true
[ 1549.075992][T29035] vivid-007: Enable Output Composing: true
[ 1549.203951][T29035] vivid-007: Enable Output Scaler: true
[ 1549.302924][T29035] vivid-007: Tx RGB Quantization Range: Automatic
[ 1549.441939][T29035] vivid-007: Transmit Mode: HDMI
[ 1549.566917][T29035] vivid-007: Hotplug Present: 0x00000000
[ 1549.737032][T29035] vivid-007: RxSense Present: 0x00000000
[ 1549.833122][T29035] vivid-007: EDID Present: 0x00000000
[ 1549.982994][T29035] vivid-007: ==================  END STATUS  ==================
[ 1550.511122][T29062] : Can't lookup blockdev
[ 1550.612982][T25893] Bluetooth: hci1: unexpected event for opcode 0x7c89
[ 1550.776513][T29073] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4520'.
[ 1550.828668][T29074] netlink: 354 bytes leftover after parsing attributes in process `syz.0.4520'.
[ 1553.225603][T29087] EXT4-fs (sda1): Delayed block allocation failed for inode 2030 at logical offset 1368 with max blocks 17 with error 117
[ 1553.316230][T29087] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1553.316230][T29087] 
[ 1554.039214][T29122] netlink: 330 bytes leftover after parsing attributes in process `syz.1.4528'.
[ 1554.160449][T29122] �: renamed from sit0 (while UP)
[ 1557.398678][T29176] usb usb3: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1557.524623][T29166] zswap: compressor 000 not available
[ 1558.024043][T29179] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4537'.
[ 1559.069192][T26945] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1559.085324][T26945] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1559.094194][T26945] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1559.113580][T26945] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1559.127558][T26945] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1559.653133][T25893] block nbd76: Receive control failed (result -32)
[ 1560.032518][T29219] random: crng reseeded on system resumption
[ 1561.064675][T15695] EXT4-fs (sda1): Delayed block allocation failed for inode 2030 at logical offset 1365 with max blocks 3 with error 117
[ 1561.106723][T15695] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1561.106723][T15695] 
[ 1561.196463][T25893] block nbd77: Receive control failed (result -32)
[ 1561.218264][T25893] Bluetooth: hci2: command tx timeout
[ 1561.320689][T15695] EXT4-fs (sda1): Delayed block allocation failed for inode 2030 at logical offset 1343 with max blocks 22 with error 117
[ 1561.413465][T15695] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1561.413465][T15695] 
[ 1562.001246][T29195] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1562.045915][T29195] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1562.090901][T29195] bridge_slave_0: entered allmulticast mode
[ 1562.143519][T29195] bridge_slave_0: entered promiscuous mode
[ 1562.191303][T29195] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1562.237561][T29195] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1562.279264][T29195] bridge_slave_1: entered allmulticast mode
[ 1562.326046][T29195] bridge_slave_1: entered promiscuous mode
[ 1562.508750][T29195] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1562.568958][T26945] block nbd78: Receive control failed (result -32)
[ 1562.592379][T29195] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1562.753653][T29195] team0: Port device team_slave_0 added
[ 1562.816014][T29195] team0: Port device team_slave_1 added
[ 1562.883532][   T30] audit: type=1326 audit(4294967611.155:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29262 comm="syz.6.4555" exe="/root/ci-qemu-gce-upstream-auto/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fbf7a39ce59 code=0x0
[ 1562.923515][T29263] netlink: 25 bytes leftover after parsing attributes in process `syz.5.4554'.
[ 1562.963212][T29195] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1562.991405][T29195] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1563.102465][T29195] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1563.153425][T29195] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1563.178624][T29195] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1563.273385][T29195] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1563.298647][T26945] Bluetooth: hci2: command tx timeout
[ 1563.479083][T29195] hsr_slave_0: entered promiscuous mode
[ 1563.504138][T29195] hsr_slave_1: entered promiscuous mode
[ 1563.524391][T29195] debugfs: 'hsr0' already exists in 'hsr'
[ 1563.543338][T29195] Cannot create hsr debugfs directory
[ 1563.846533][T26945] block nbd79: Receive control failed (result -32)
[ 1564.058270][T25893] block nbd80: Receive control failed (result -32)
[ 1564.430956][T29195] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1564.940325][T29195] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1565.204535][T29195] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1565.378056][T25893] Bluetooth: hci2: command tx timeout
[ 1565.846534][T29195] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1565.866731][T29195] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 1565.885026][T29195] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1565.905205][T29195] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 1565.924166][T29195] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1565.938752][T29195] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 1565.957207][T29195] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1565.979091][T29195] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 1566.139893][T29195] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1566.182270][T29195] 8021q: adding VLAN 0 to HW filter on device team0
[ 1566.206684][T15642] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1566.213877][T15642] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1566.249193][T15642] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1566.256357][T15642] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1567.455853][T25893] Bluetooth: hci2: command tx timeout
[ 1567.589841][T29317] Process accounting paused
[ 1568.207110][T29361] netlink: 25 bytes leftover after parsing attributes in process `syz.5.4575'.
[ 1568.749037][T29195] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1568.846771][T25893] Bluetooth: hci4: ACL packet for unknown connection handle 0
[ 1569.252098][T29374] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4577'.
[ 1569.807931][T29384] blktrace: Concurrent blktraces are not allowed on loop2
[ 1569.969830][T29382] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.4578: iget: checksum invalid
[ 1570.071024][T29382] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[ 1570.135764][T29195] veth0_vlan: entered promiscuous mode
[ 1570.154440][T29382] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.4578: iget: checksum invalid
[ 1570.206118][T29195] veth1_vlan: entered promiscuous mode
[ 1570.216194][T29382] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[ 1570.277335][T29382] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.4578: iget: checksum invalid
[ 1570.324822][T29382] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[ 1570.395011][T29382] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.4578: iget: checksum invalid
[ 1570.464291][T29382] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[ 1570.547433][T29382] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[ 1570.617311][T29382] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[ 1570.664221][T29195] veth0_macvtap: entered promiscuous mode
[ 1570.756808][T29195] veth1_macvtap: entered promiscuous mode
[ 1570.889536][T29195] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1570.984702][T29382] Process accounting paused
[ 1570.999435][T29195] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1571.508886][T17734] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1571.567497][T17734] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1571.674189][T29409] netlink: 13 bytes leftover after parsing attributes in process `syz.5.4584'.
[ 1571.706789][T17734] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1571.741952][T17734] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1572.668598][T25893] block nbd81: Receive control failed (result -32)
[ 1572.702995][T15651] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1572.754588][T15651] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1572.914207][T24107] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1572.955748][T24107] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1573.757055][T29432] FAULT_INJECTION: forcing a failure.
[ 1573.757055][T29432] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1573.778682][T29443] netlink: 25 bytes leftover after parsing attributes in process `syz.5.4591'.
[ 1573.971841][T29432] CPU: 0 UID: 0 PID: 29432 Comm: syz.0.4546 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1573.971880][T29432] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1573.971889][T29432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1573.971903][T29432] Call Trace:
[ 1573.971910][T29432]  <TASK>
[ 1573.971919][T29432]  dump_stack_lvl+0x100/0x190
[ 1573.971963][T29432]  should_fail_ex.cold+0x5/0xa
[ 1573.971987][T29432]  ? prepare_alloc_pages+0x16d/0x5f0
[ 1573.972018][T29432]  should_fail_alloc_page+0xeb/0x140
[ 1573.972048][T29432]  prepare_alloc_pages+0x1f0/0x5f0
[ 1573.972092][T29432]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[ 1573.972133][T29432]  ? __lock_acquire+0x4a5/0x2630
[ 1573.972170][T29432]  ? __lock_acquire+0x4a5/0x2630
[ 1573.972202][T29432]  ? __css_rstat_updated+0x1ce/0x5a0
[ 1573.972236][T29432]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1573.972274][T29432]  ? do_raw_spin_lock+0x128/0x260
[ 1573.972297][T29432]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1573.972321][T29432]  ? find_held_lock+0x2b/0x80
[ 1573.972362][T29432]  ? __lock_acquire+0x4a5/0x2630
[ 1573.972397][T29432]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1573.972429][T29432]  ? policy_nodemask+0xed/0x4f0
[ 1573.972456][T29432]  alloc_pages_mpol+0x1fb/0x540
[ 1573.972483][T29432]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1573.972508][T29432]  ? __folio_batch_add_and_move+0x5e5/0xc60
[ 1573.972530][T29432]  ? __folio_batch_add_and_move+0x5e5/0xc60
[ 1573.972556][T29432]  folio_alloc_mpol_noprof+0x36/0x260
[ 1573.972587][T29432]  shmem_alloc_folio+0x135/0x160
[ 1573.972618][T29432]  shmem_alloc_and_add_folio+0x371/0xd40
[ 1573.972659][T29432]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[ 1573.972696][T29432]  ? shmem_allowable_huge_orders+0x2bd/0x400
[ 1573.972716][T29432]  ? __bpf_trace_sched_util_est_se_tp+0xc0/0xc0
[ 1573.972745][T29432]  shmem_get_folio_gfp+0x6ab/0x1900
[ 1573.972771][T29432]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[ 1573.972799][T29432]  shmem_write_begin+0x1a4/0x420
[ 1573.972823][T29432]  ? __pfx_shmem_write_begin+0x10/0x10
[ 1573.972846][T29432]  ? balance_dirty_pages_ratelimited_flags+0x91/0x1170
[ 1573.972877][T29432]  generic_perform_write+0x292/0xa40
[ 1573.972915][T29432]  ? __pfx_generic_perform_write+0x10/0x10
[ 1573.972951][T29432]  ? file_update_time_flags+0x373/0x500
[ 1573.972986][T29432]  shmem_file_write_iter+0x10e/0x140
[ 1573.973013][T29432]  vfs_write+0x6ac/0x1070
[ 1573.973038][T29432]  ? __pfx_shmem_file_write_iter+0x10/0x10
[ 1573.973066][T29432]  ? __pfx_vfs_write+0x10/0x10
[ 1573.973106][T29432]  ksys_write+0x12a/0x250
[ 1573.973133][T29432]  ? __pfx_ksys_write+0x10/0x10
[ 1573.973159][T29432]  ? rcu_is_watching+0x12/0xc0
[ 1573.973187][T29432]  do_syscall_64+0x115/0x840
[ 1573.973217][T29432]  ? clear_bhb_loop+0x40/0x90
[ 1573.973243][T29432]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1573.973265][T29432] RIP: 0033:0x7f6280f9ce59
[ 1573.973282][T29432] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1573.973303][T29432] RSP: 002b:00007f6281dc5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1573.973323][T29432] RAX: ffffffffffffffda RBX: 00007f6281216090 RCX: 00007f6280f9ce59
[ 1573.973342][T29432] RDX: 000040100000a3d5 RSI: 0000000000000000 RDI: 0000000000000009
[ 1573.973355][T29432] RBP: 00007f6281032d6f R08: 0000000000000000 R09: 0000000000000000
[ 1573.973368][T29432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1573.973381][T29432] R13: 00007f6281216128 R14: 00007f6281216090 R15: 00007ffd471bfc78
[ 1573.973408][T29432]  </TASK>
[ 1574.815340][T26945] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1574.831043][T26945] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1574.839309][T26945] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1574.847474][T26945] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1574.856387][T26945] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1576.114122][T25893] block nbd82: Receive control failed (result -32)
[ 1576.484421][T29482] random: crng reseeded on system resumption
[ 1576.970637][T25893] Bluetooth: hci0: command tx timeout
[ 1577.337358][T29456] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1577.370600][T29456] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1577.402122][T29456] bridge_slave_0: entered allmulticast mode
[ 1577.414205][T29497] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4603'.
[ 1577.436789][T29456] bridge_slave_0: entered promiscuous mode
[ 1577.488083][T29456] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1577.513967][T29456] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1577.546379][T29456] bridge_slave_1: entered allmulticast mode
[ 1577.583584][T29456] bridge_slave_1: entered promiscuous mode
[ 1577.803705][T29456] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1577.842052][T29456] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1577.980231][T29456] team0: Port device team_slave_0 added
[ 1578.015908][T29456] team0: Port device team_slave_1 added
[ 1578.134417][T29456] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1578.167768][T29456] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1578.305128][T29456] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1578.360519][T29456] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1578.392930][T29456] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1578.532580][T29456] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1578.840330][T29456] hsr_slave_0: entered promiscuous mode
[ 1578.886421][T29456] hsr_slave_1: entered promiscuous mode
[ 1578.922923][T29456] debugfs: 'hsr0' already exists in 'hsr'
[ 1578.952240][T29456] Cannot create hsr debugfs directory
[ 1579.050986][T26945] Bluetooth: hci0: command tx timeout
[ 1579.410107][T25893] block nbd83: Receive control failed (result -32)
[ 1580.046326][T29456] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1580.371787][T29456] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1580.727266][T29456] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1581.041845][T29456] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1581.129112][T25893] Bluetooth: hci0: command tx timeout
[ 1582.465864][T29456] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1582.509854][T29456] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 1582.560464][T29456] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1582.621216][T29456] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 1582.681339][T29456] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1582.717744][T29456] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 1582.731704][T29577] netlink: 'syz.0.4619': attribute type 11 has an invalid length.
[ 1582.759501][T29456] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1582.814624][T29456] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 1583.207733][T25893] Bluetooth: hci0: command tx timeout
[ 1583.515166][T29456] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1583.619042][T29456] 8021q: adding VLAN 0 to HW filter on device team0
[ 1583.679082][T17734] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1583.686247][T17734] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1583.988527][T17734] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1583.995699][T17734] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1584.119782][T29605] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4623'.
[ 1585.619360][T25893] block nbd84: Receive control failed (result -32)
[ 1585.844249][T25893] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18
[ 1585.860532][T25893] Bluetooth: hci4: Invalid handle: 0x3a4a > 0x0eff
[ 1586.753657][T29456] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1586.995637][T29456] veth0_vlan: entered promiscuous mode
[ 1587.056815][T29456] veth1_vlan: entered promiscuous mode
[ 1587.157685][T29456] veth0_macvtap: entered promiscuous mode
[ 1587.190297][T29456] veth1_macvtap: entered promiscuous mode
[ 1587.293716][T29456] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1587.357525][T29456] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1587.423497][T24107] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1587.472670][T24107] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1587.502222][T24107] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1587.551575][T24107] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1588.170533][T15642] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1588.262884][T15642] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1588.410445][T15638] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1588.435281][T25893] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[ 1588.442775][T25893] Bluetooth: hci1: Invalid handle: 0x3a4a > 0x0eff
[ 1588.456578][T15638] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1588.820680][T29672] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 1589.072086][T29630] Process accounting resumed
[ 1589.325295][T29679] netlink: 660 bytes leftover after parsing attributes in process `syz.6.4636'.
[ 1589.334711][T29677] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 1589.380070][T29679] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[ 1590.352309][T18028] Process accounting resumed
[ 1591.422126][T29697] Process accounting resumed
[ 1591.663142][T15651] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 5 with max blocks 5 with error 117
[ 1591.755111][T15651] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1591.755111][T15651] 
[ 1592.370614][T29734] random: crng reseeded on system resumption
[ 1594.806982][T29764] input: jJǸ-���9�%v���J86�� as /devices/virtual/input/input33
[ 1594.875926][T29767] Process accounting resumed
[ 1595.172050][T29778] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4655'.
[ 1595.436013][T29774] zswap: compressor  not available
[ 1595.862874][T25893] block nbd85: Receive control failed (result -32)
[ 1598.087569][T29817] random: crng reseeded on system resumption
[ 1598.578007][T25893] block nbd86: Receive control failed (result -32)
[ 1598.688743][T25893] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[ 1598.851141][T29825] futex_wake_op: syz.1.4665 tries to shift op by -2048; fix this program
[ 1601.664838][T29876] FAULT_INJECTION: forcing a failure.
[ 1601.664838][T29876] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1601.745002][T29876] CPU: 0 UID: 0 PID: 29876 Comm: syz.6.4676 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1601.745064][T29876] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1601.745074][T29876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1601.745088][T29876] Call Trace:
[ 1601.745096][T29876]  <TASK>
[ 1601.745105][T29876]  dump_stack_lvl+0x100/0x190
[ 1601.745165][T29876]  should_fail_ex.cold+0x5/0xa
[ 1601.745194][T29876]  _copy_to_user+0x32/0xd0
[ 1601.745229][T29876]  simple_read_from_buffer+0xcb/0x170
[ 1601.745258][T29876]  proc_fail_nth_read+0x1af/0x230
[ 1601.745296][T29876]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1601.745334][T29876]  ? rw_verify_area+0xce/0x6d0
[ 1601.745357][T29876]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1601.745392][T29876]  vfs_read+0x1e4/0xb30
[ 1601.745421][T29876]  ? __pfx_vfs_read+0x10/0x10
[ 1601.745446][T29876]  ? __fget_files+0x215/0x3d0
[ 1601.745479][T29876]  ? __fget_files+0x21f/0x3d0
[ 1601.745512][T29876]  ksys_read+0x12a/0x250
[ 1601.745537][T29876]  ? __pfx_ksys_read+0x10/0x10
[ 1601.745565][T29876]  ? rcu_is_watching+0x12/0xc0
[ 1601.745595][T29876]  do_syscall_64+0x115/0x840
[ 1601.745627][T29876]  ? clear_bhb_loop+0x40/0x90
[ 1601.745654][T29876]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1601.745678][T29876] RIP: 0033:0x7fbf7a35d68e
[ 1601.745696][T29876] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1601.745718][T29876] RSP: 002b:00007fbf7b1b2fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1601.745740][T29876] RAX: ffffffffffffffda RBX: 00007fbf7b1b36c0 RCX: 00007fbf7a35d68e
[ 1601.745755][T29876] RDX: 000000000000000f RSI: 00007fbf7b1b30a0 RDI: 0000000000000004
[ 1601.745770][T29876] RBP: 00007fbf7b1b3090 R08: 0000000000000000 R09: 0000000000000000
[ 1601.745784][T29876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1601.745798][T29876] R13: 00007fbf7a616128 R14: 00007fbf7a616090 R15: 00007ffd574dd818
[ 1601.745826][T29876]  </TASK>
[ 1602.359766][T26945] block nbd87: Receive control failed (result -32)
[ 1603.700050][T29906] random: crng reseeded on system resumption
[ 1603.731347][T29904] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4683'.
[ 1603.966016][T29904] team0: Port device team_slave_1 removed
[ 1607.294721][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[ 1607.304297][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[ 1607.864379][T29969] phram: not enough arguments
[ 1609.500859][T30014] ovs_: entered promiscuous mode
[ 1609.622276][T30014] futex_wake_op: syz.5.4705 tries to shift op by -1; fix this program
[ 1610.752749][T30040] FAULT_INJECTION: forcing a failure.
[ 1610.752749][T30040] name failslab, interval 1, probability 0, space 0, times 0
[ 1610.829768][T30040] CPU: 0 UID: 0 PID: 30040 Comm: syz.6.4712 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1610.829807][T30040] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1610.829818][T30040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1610.829832][T30040] Call Trace:
[ 1610.829841][T30040]  <TASK>
[ 1610.829850][T30040]  dump_stack_lvl+0x100/0x190
[ 1610.829896][T30040]  should_fail_ex.cold+0x5/0xa
[ 1610.829927][T30040]  should_failslab+0xc2/0x120
[ 1610.829956][T30040]  __kmalloc_cache_noprof+0x7a/0x6f0
[ 1610.829991][T30040]  ? nl80211_dump_station+0x25e/0xa80
[ 1610.830024][T30040]  nl80211_dump_station+0x25e/0xa80
[ 1610.830058][T30040]  ? __pfx_nl80211_dump_station+0x10/0x10
[ 1610.830119][T30040]  ? kmalloc_reserve+0xf9/0x350
[ 1610.830155][T30040]  ? __asan_memset+0x23/0x50
[ 1610.830192][T30040]  ? __alloc_skb+0x5b7/0x710
[ 1610.830216][T30040]  ? __pfx___alloc_skb+0x10/0x10
[ 1610.830242][T30040]  genl_dumpit+0x125/0x230
[ 1610.830280][T30040]  netlink_dump+0x532/0xd00
[ 1610.830313][T30040]  ? __pfx_netlink_dump+0x10/0x10
[ 1610.830357][T30040]  ? __asan_memset+0x23/0x50
[ 1610.830394][T30040]  ? genl_start+0x67a/0x970
[ 1610.830433][T30040]  __netlink_dump_start+0x6d6/0x990
[ 1610.830468][T30040]  genl_family_rcv_msg_dumpit+0x1e2/0x2e0
[ 1610.830508][T30040]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[ 1610.830554][T30040]  ? __pfx_genl_get_cmd+0x10/0x10
[ 1610.830586][T30040]  ? __pfx_genl_start+0x10/0x10
[ 1610.830619][T30040]  ? __pfx_genl_dumpit+0x10/0x10
[ 1610.830652][T30040]  ? __pfx_genl_done+0x10/0x10
[ 1610.830689][T30040]  ? __dev_queue_xmit+0xa10/0x4950
[ 1610.830723][T30040]  ? __radix_tree_lookup+0x217/0x2b0
[ 1610.830757][T30040]  genl_rcv_msg+0x471/0x800
[ 1610.830796][T30040]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1610.830833][T30040]  ? __pfx_nl80211_dump_station+0x10/0x10
[ 1610.830870][T30040]  netlink_rcv_skb+0x159/0x420
[ 1610.830902][T30040]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1610.830940][T30040]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1610.830984][T30040]  ? netlink_deliver_tap+0x1ae/0xcc0
[ 1610.831018][T30040]  genl_rcv+0x28/0x40
[ 1610.831050][T30040]  netlink_unicast+0x585/0x850
[ 1610.831086][T30040]  ? __pfx_netlink_unicast+0x10/0x10
[ 1610.831127][T30040]  netlink_sendmsg+0x8b0/0xda0
[ 1610.831164][T30040]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1610.831195][T30040]  ? __import_iovec+0x1d2/0x640
[ 1610.831245][T30040]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1610.831275][T30040]  ____sys_sendmsg+0x9e1/0xb70
[ 1610.831307][T30040]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1610.831342][T30040]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1610.831384][T30040]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1610.831419][T30040]  ___sys_sendmsg+0x190/0x1e0
[ 1610.831474][T30040]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1610.831557][T30040]  __sys_sendmsg+0x170/0x220
[ 1610.831603][T30040]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1610.831657][T30040]  ? __x64_sys_futex+0x34f/0x4d0
[ 1610.831698][T30040]  ? rcu_is_watching+0x12/0xc0
[ 1610.831731][T30040]  do_syscall_64+0x115/0x840
[ 1610.831768][T30040]  ? clear_bhb_loop+0x40/0x90
[ 1610.831798][T30040]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1610.831823][T30040] RIP: 0033:0x7fbf7a39ce59
[ 1610.831843][T30040] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1610.831868][T30040] RSP: 002b:00007fbf7b1d4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1610.831891][T30040] RAX: ffffffffffffffda RBX: 00007fbf7a615fa0 RCX: 00007fbf7a39ce59
[ 1610.831907][T30040] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000006
[ 1610.831923][T30040] RBP: 00007fbf7a432d6f R08: 0000000000000000 R09: 0000000000000000
[ 1610.831938][T30040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1610.831953][T30040] R13: 00007fbf7a616038 R14: 00007fbf7a615fa0 R15: 00007ffd574dd818
[ 1610.831984][T30040]  </TASK>
[ 1612.240429][T30053] FAULT_INJECTION: forcing a failure.
[ 1612.240429][T30053] name failslab, interval 1, probability 0, space 0, times 0
[ 1612.360220][T30058] ubi1: attaching mtd0
[ 1612.368976][T30053] CPU: 0 UID: 0 PID: 30053 Comm: syz.1.4714 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1612.369013][T30053] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1612.369022][T30053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1612.369055][T30053] Call Trace:
[ 1612.369063][T30053]  <TASK>
[ 1612.369071][T30053]  dump_stack_lvl+0x100/0x190
[ 1612.369116][T30053]  should_fail_ex.cold+0x5/0xa
[ 1612.369157][T30053]  should_failslab+0xc2/0x120
[ 1612.369186][T30053]  __kmalloc_cache_noprof+0x7a/0x6f0
[ 1612.369221][T30053]  ? landlock_init_hierarchy_log+0xa9/0x820
[ 1612.369263][T30053]  landlock_init_hierarchy_log+0xa9/0x820
[ 1612.369304][T30053]  landlock_merge_ruleset+0x676/0x830
[ 1612.369333][T30053]  ? prepare_creds+0x5ee/0x950
[ 1612.369360][T30053]  __do_sys_landlock_restrict_self+0x2af/0x9e0
[ 1612.369387][T30053]  ? rcu_is_watching+0x12/0xc0
[ 1612.369420][T30053]  do_syscall_64+0x115/0x840
[ 1612.369456][T30053]  ? clear_bhb_loop+0x40/0x90
[ 1612.369485][T30053]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1612.369510][T30053] RIP: 0033:0x7f835ab9ce59
[ 1612.369529][T30053] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1612.369552][T30053] RSP: 002b:00007f835b9a5028 EFLAGS: 00000246 ORIG_RAX: 00000000000001be
[ 1612.369575][T30053] RAX: ffffffffffffffda RBX: 00007f835ae16180 RCX: 00007f835ab9ce59
[ 1612.369590][T30053] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000006
[ 1612.369605][T30053] RBP: 00007f835ac32d6f R08: 0000000000000000 R09: 0000000000000000
[ 1612.369619][T30053] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1612.369633][T30053] R13: 00007f835ae16218 R14: 00007f835ae16180 R15: 00007ffdd34e97b8
[ 1612.369663][T30053]  </TASK>
[ 1612.762209][T30058] ubi1 error: ubi_attach_mtd_dev: bad VID header (1) or data offsets (65)
[ 1614.392213][T30091] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4725'.
[ 1614.424592][T26945] Bluetooth: hci0: unexpected subevent 0x03 length: 123 > 9
[ 1616.819535][T30129] ima: policy update failed
[ 1616.874890][   T30] audit: type=1802 audit(4294967665.182:44): pid=30129 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.4731" res=0 errno=0
[ 1617.276769][T26945] block nbd88: Receive control failed (result -32)
[ 1618.463972][T30165] random: crng reseeded on system resumption
[ 1618.889742][T30163] bond0: option slaves: interface -��� does not exist!
[ 1620.640108][T30157] Process accounting paused
[ 1620.904453][T30177] FAULT_INJECTION: forcing a failure.
[ 1620.904453][T30177] name failslab, interval 1, probability 0, space 0, times 0
[ 1621.004161][T30178] random: crng reseeded on system resumption
[ 1621.032840][T30177] CPU: 0 UID: 0 PID: 30177 Comm: syz.1.4739 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1621.032880][T30177] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1621.032889][T30177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1621.032905][T30177] Call Trace:
[ 1621.032912][T30177]  <TASK>
[ 1621.032921][T30177]  dump_stack_lvl+0x100/0x190
[ 1621.032968][T30177]  should_fail_ex.cold+0x5/0xa
[ 1621.032999][T30177]  should_failslab+0xc2/0x120
[ 1621.033028][T30177]  kmem_cache_alloc_noprof+0x7b/0x6e0
[ 1621.033066][T30177]  ? security_inode_alloc+0x3b/0x2c0
[ 1621.033094][T30177]  ? lockdep_init_map_type+0x5c/0x250
[ 1621.033138][T30177]  security_inode_alloc+0x3b/0x2c0
[ 1621.033166][T30177]  inode_init_always_gfp+0xc77/0xfb0
[ 1621.033201][T30177]  alloc_inode+0x8e/0x250
[ 1621.033238][T30177]  sock_alloc+0x44/0x280
[ 1621.033263][T30177]  ? security_socket_create+0x7f/0x250
[ 1621.033289][T30177]  sock_create_lite+0x82/0x120
[ 1621.033318][T30177]  __netlink_kernel_create+0xbd/0x750
[ 1621.033353][T30177]  ? __pfx___netlink_kernel_create+0x10/0x10
[ 1621.033384][T30177]  ? find_held_lock+0x2b/0x80
[ 1621.033413][T30177]  ? audit_net_init+0x190/0x440
[ 1621.033438][T30177]  ? audit_net_init+0x190/0x440
[ 1621.033471][T30177]  audit_net_init+0x1ae/0x440
[ 1621.033496][T30177]  ? __pfx_audit_net_init+0x10/0x10
[ 1621.033527][T30177]  ? rcu_is_watching+0x12/0xc0
[ 1621.033555][T30177]  ? __pfx_audit_receive+0x10/0x10
[ 1621.033586][T30177]  ? __pfx_audit_multicast_bind+0x10/0x10
[ 1621.033628][T30177]  ? __pfx_audit_multicast_unbind+0x10/0x10
[ 1621.033678][T30177]  ? __kmalloc_noprof+0x320/0x850
[ 1621.033705][T30177]  ? __pfx_audit_net_init+0x10/0x10
[ 1621.033730][T30177]  ops_init+0x1e2/0x5f0
[ 1621.033759][T30177]  setup_net+0x118/0x3a0
[ 1621.033785][T30177]  ? __pfx_setup_net+0x10/0x10
[ 1621.033812][T30177]  ? mutex_init_lockdep+0xf1/0x120
[ 1621.033839][T30177]  copy_net_ns+0x46f/0x7c0
[ 1621.033871][T30177]  create_new_namespaces+0x3ea/0xac0
[ 1621.033918][T30177]  unshare_nsproxy_namespaces+0xf2/0x220
[ 1621.033948][T30177]  ksys_unshare+0x438/0xab0
[ 1621.033982][T30177]  ? __pfx_ksys_unshare+0x10/0x10
[ 1621.034012][T30177]  ? xfd_validate_state+0x129/0x190
[ 1621.034033][T30177]  ? exit_to_user_mode_loop+0xf3/0x670
[ 1621.034077][T30177]  __x64_sys_unshare+0x31/0x40
[ 1621.034109][T30177]  do_syscall_64+0x115/0x840
[ 1621.034140][T30177]  ? clear_bhb_loop+0x40/0x90
[ 1621.034167][T30177]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1621.034189][T30177] RIP: 0033:0x7f835ab9ce59
[ 1621.034207][T30177] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1621.034229][T30177] RSP: 002b:00007f835b9c6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1621.034250][T30177] RAX: ffffffffffffffda RBX: 00007f835ae16090 RCX: 00007f835ab9ce59
[ 1621.034266][T30177] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1621.034281][T30177] RBP: 00007f835ac32d6f R08: 0000000000000000 R09: 0000000000000000
[ 1621.034295][T30177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1621.034308][T30177] R13: 00007f835ae16128 R14: 00007f835ae16090 R15: 00007ffdd34e97b8
[ 1621.034336][T30177]  </TASK>
[ 1621.470043][T30177] audit: cannot initialize netlink socket in namespace
[ 1621.677981][T15692] EXT4-fs (sda1): Delayed block allocation failed for inode 2030 at logical offset 1365 with max blocks 20 with error 117
[ 1621.691352][T15692] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1621.691352][T15692] 
[ 1621.706871][T15692] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 8 with max blocks 5 with error 117
[ 1621.731003][T15692] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1621.731003][T15692] 
[ 1621.798570][T30185] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1621.804864][T30185] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1621.822769][T30185] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1621.837854][T30185] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1621.869842][T30185] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1621.904877][T30185] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1621.943446][T30185] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1621.999479][T30185] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1622.035060][T30185] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1622.336239][   T30] audit: type=1800 audit(4294967670.635:45): pid=30192 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.4742" name="file0" dev="tmpfs" ino=222 res=0 errno=0
[ 1622.605838][T30195] FAULT_INJECTION: forcing a failure.
[ 1622.605838][T30195] name failslab, interval 1, probability 0, space 0, times 0
[ 1622.759038][T30195] CPU: 0 UID: 0 PID: 30195 Comm: syz.5.4743 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1622.759075][T30195] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1622.759083][T30195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1622.759095][T30195] Call Trace:
[ 1622.759102][T30195]  <TASK>
[ 1622.759110][T30195]  dump_stack_lvl+0x100/0x190
[ 1622.759151][T30195]  should_fail_ex.cold+0x5/0xa
[ 1622.759178][T30195]  should_failslab+0xc2/0x120
[ 1622.759204][T30195]  __kmalloc_cache_noprof+0x7a/0x6f0
[ 1622.759255][T30195]  ? kvm_dev_ioctl+0xa8d/0x1a50
[ 1622.759290][T30195]  kvm_dev_ioctl+0xa8d/0x1a50
[ 1622.759331][T30195]  ? find_held_lock+0x2b/0x80
[ 1622.759359][T30195]  ? __fget_files+0x215/0x3d0
[ 1622.759385][T30195]  ? hook_file_ioctl_common+0x149/0x410
[ 1622.759414][T30195]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1622.759447][T30195]  ? __fget_files+0x21f/0x3d0
[ 1622.759477][T30195]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1622.759508][T30195]  __x64_sys_ioctl+0x18e/0x210
[ 1622.759533][T30195]  do_syscall_64+0x115/0x840
[ 1622.759574][T30195]  ? clear_bhb_loop+0x40/0x90
[ 1622.759599][T30195]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1622.759621][T30195] RIP: 0033:0x7f3f4fb9ce59
[ 1622.759637][T30195] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1622.759658][T30195] RSP: 002b:00007f3f50b10028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1622.759678][T30195] RAX: ffffffffffffffda RBX: 00007f3f4fe15fa0 RCX: 00007f3f4fb9ce59
[ 1622.759692][T30195] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000002
[ 1622.759705][T30195] RBP: 00007f3f4fc32d6f R08: 0000000000000000 R09: 0000000000000000
[ 1622.759718][T30195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1622.759730][T30195] R13: 00007f3f4fe16038 R14: 00007f3f4fe15fa0 R15: 00007ffd85896158
[ 1622.759756][T30195]  </TASK>
[ 1623.844431][T25893] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1623.850832][T25893] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1623.934765][T26945] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1623.947645][T26945] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1624.544760][T25893] block nbd89: Receive control failed (result -32)
[ 1625.039070][T30223] Process accounting paused
[ 1625.054877][T30228] random: crng reseeded on system resumption
[ 1625.400396][T30234] futex_wake_op: syz.5.4750 tries to shift op by -2048; fix this program
[ 1625.452040][T30234] futex_wake_op: syz.5.4750 tries to shift op by -2048; fix this program
[ 1625.526803][T30238] 0x000000000001-0x000000020000 : ""
[ 1625.641527][T30238] ftl_cs: FTL header corrupt!
[ 1625.915433][T30241] qrtr: Invalid version 0
[ 1625.985681][T26945] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1625.991781][T25893] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1628.064610][T25893] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1628.070882][T26945] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1629.987642][T30312] netlink: 'syz.5.4764': attribute type 1 has an invalid length.
[ 1630.148156][T25893] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1631.787372][T30343] program syz.0.4771 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1631.852467][T30343] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 1632.633817][T30365] overlayfs: missing 'lowerdir'
[ 1633.774563][T30384] ubi0: attaching mtd0
[ 1633.845365][T30384] ubi0: scanning is finished
[ 1633.919909][T30384] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1634.323031][T30384] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1638.307141][T30467] QAT: failed to copy from user cfg_data.
[ 1638.645184][T25893] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18
[ 1639.872772][T30485] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.4793: iget: checksum invalid
[ 1640.118969][T30485] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[ 1640.246817][T30485] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.4793: iget: checksum invalid
[ 1640.403051][T30485] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[ 1640.537150][T30485] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.4793: iget: checksum invalid
[ 1640.580723][T30492] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22
[ 1640.684076][T30485] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[ 1640.705772][T26945] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1640.806682][T30485] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.4793: iget: checksum invalid
[ 1640.899382][T30485] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[ 1640.981464][T30485] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[ 1641.104660][T30485] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[ 1642.435927][T30538] random: crng reseeded on system resumption
[ 1642.726764][T30546] ubi0: attaching mtd0
[ 1642.765534][T30546] ubi0: scanning is finished
[ 1642.780725][T26945] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1642.874850][T30546] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1643.182537][T30546] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1646.499674][T30606] blktrace: Concurrent blktraces are not allowed on loop2
[ 1646.569008][T30597] netlink: 330 bytes leftover after parsing attributes in process `syz.0.4816'.
[ 1648.229825][T30633] netlink: del zone limit has 4 unknown bytes
[ 1648.431338][   T30] audit: type=1326 audit(4294967696.748:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30625 comm="syz.5.4822" exe="/root/ci-qemu-gce-upstream-auto/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3f4fb9ce59 code=0x0
[ 1648.491233][T30637] FAULT_INJECTION: forcing a failure.
[ 1648.491233][T30637] name failslab, interval 1, probability 0, space 0, times 0
[ 1648.573496][T30637] CPU: 0 UID: 0 PID: 30637 Comm: syz.0.4825 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1648.573533][T30637] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1648.573541][T30637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1648.573554][T30637] Call Trace:
[ 1648.573561][T30637]  <TASK>
[ 1648.573569][T30637]  dump_stack_lvl+0x100/0x190
[ 1648.573609][T30637]  should_fail_ex.cold+0x5/0xa
[ 1648.573635][T30637]  should_failslab+0xc2/0x120
[ 1648.573661][T30637]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[ 1648.573696][T30637]  ? __d_alloc+0x34/0xa40
[ 1648.573733][T30637]  __d_alloc+0x34/0xa40
[ 1648.573763][T30637]  d_alloc_parallel+0x111/0x14e0
[ 1648.573787][T30637]  ? __pfx_widen_string+0x10/0x10
[ 1648.573812][T30637]  ? __lock_acquire+0x4a5/0x2630
[ 1648.573847][T30637]  ? __pfx_d_alloc_parallel+0x10/0x10
[ 1648.573872][T30637]  ? lockdep_init_map_type+0x5c/0x250
[ 1648.573908][T30637]  ? lockdep_init_map_type+0x5c/0x250
[ 1648.573946][T30637]  __lookup_slow+0x193/0x460
[ 1648.573980][T30637]  ? __pfx___lookup_slow+0x10/0x10
[ 1648.574015][T30637]  ? irq_entries_start+0xd0/0xcb0
[ 1648.574042][T30637]  ? irq_entries_start+0xd0/0xcb0
[ 1648.574075][T30637]  lookup_slow+0x50/0x70
[ 1648.574108][T30637]  lookup_noperm_positive_unlocked+0xd5/0x110
[ 1648.574138][T30637]  debugfs_lookup+0xc7/0x150
[ 1648.574174][T30637]  kvm_dev_ioctl+0xf1c/0x1a50
[ 1648.574208][T30637]  ? find_held_lock+0x2b/0x80
[ 1648.574234][T30637]  ? __fget_files+0x215/0x3d0
[ 1648.574257][T30637]  ? hook_file_ioctl_common+0x149/0x410
[ 1648.574285][T30637]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1648.574322][T30637]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1648.574352][T30637]  __x64_sys_ioctl+0x18e/0x210
[ 1648.574375][T30637]  do_syscall_64+0x115/0x840
[ 1648.574403][T30637]  ? clear_bhb_loop+0x40/0x90
[ 1648.574429][T30637]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1648.574451][T30637] RIP: 0033:0x7f6280f9ce59
[ 1648.574468][T30637] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1648.574489][T30637] RSP: 002b:00007f6281de6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1648.574509][T30637] RAX: ffffffffffffffda RBX: 00007f6281215fa0 RCX: 00007f6280f9ce59
[ 1648.574523][T30637] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000005
[ 1648.574535][T30637] RBP: 00007f6281032d6f R08: 0000000000000000 R09: 0000000000000000
[ 1648.574549][T30637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1648.574562][T30637] R13: 00007f6281216038 R14: 00007f6281215fa0 R15: 00007ffd471bfc78
[ 1648.574589][T30637]  </TASK>
[ 1650.437724][T30655] cifs: Unknown parameter '��]3��ڤ����ޟ��j?i�'
[ 1650.759811][T30657] Process accounting resumed
[ 1651.576413][T25893] block nbd90: Receive control failed (result -32)
[ 1651.801393][T15651] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 5 with max blocks 3 with error 117
[ 1651.920447][T15651] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1651.920447][T15651] 
[ 1652.038527][T30683] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4833'.
[ 1652.109528][T30686] netlink: 13 bytes leftover after parsing attributes in process `syz.5.4833'.
[ 1652.213029][T30689] zram: Removed device: zram0
[ 1652.804453][T30702] netlink: 'syz.0.4838': attribute type 4 has an invalid length.
[ 1653.384053][T30712] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4840'.
[ 1653.614508][T25893] block nbd91: Receive control failed (result -32)
[ 1654.951577][T30727] FAULT_INJECTION: forcing a failure.
[ 1654.951577][T30727] name failslab, interval 1, probability 0, space 0, times 0
[ 1655.079495][T30727] CPU: 0 UID: 0 PID: 30727 Comm: syz.6.4843 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1655.079530][T30727] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1655.079538][T30727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1655.079555][T30727] Call Trace:
[ 1655.079562][T30727]  <TASK>
[ 1655.079570][T30727]  dump_stack_lvl+0x100/0x190
[ 1655.079610][T30727]  should_fail_ex.cold+0x5/0xa
[ 1655.079637][T30727]  should_failslab+0xc2/0x120
[ 1655.079662][T30727]  __kmalloc_cache_noprof+0x7a/0x6f0
[ 1655.079693][T30727]  ? kvm_dev_ioctl+0xa8d/0x1a50
[ 1655.079726][T30727]  kvm_dev_ioctl+0xa8d/0x1a50
[ 1655.079759][T30727]  ? find_held_lock+0x2b/0x80
[ 1655.079784][T30727]  ? __fget_files+0x215/0x3d0
[ 1655.079808][T30727]  ? hook_file_ioctl_common+0x149/0x410
[ 1655.079835][T30727]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1655.079866][T30727]  ? __fget_files+0x21f/0x3d0
[ 1655.079894][T30727]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1655.079924][T30727]  __x64_sys_ioctl+0x18e/0x210
[ 1655.079947][T30727]  do_syscall_64+0x115/0x840
[ 1655.079976][T30727]  ? clear_bhb_loop+0x40/0x90
[ 1655.080001][T30727]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1655.080023][T30727] RIP: 0033:0x7fbf7a39ce59
[ 1655.080040][T30727] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1655.080061][T30727] RSP: 002b:00007fbf7b1d4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1655.080080][T30727] RAX: ffffffffffffffda RBX: 00007fbf7a615fa0 RCX: 00007fbf7a39ce59
[ 1655.080095][T30727] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000005
[ 1655.080107][T30727] RBP: 00007fbf7a432d6f R08: 0000000000000000 R09: 0000000000000000
[ 1655.080120][T30727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1655.080132][T30727] R13: 00007fbf7a616038 R14: 00007fbf7a615fa0 R15: 00007ffd574dd818
[ 1655.080158][T30727]  </TASK>
[ 1655.480345][T30740] kexec: Could not allocate control_code_buffer
[ 1655.547141][T30740] Process accounting resumed
[ 1657.483875][T30765] nbd92: detected capacity change from 0 to 549755809408
[ 1657.578767][ T5626] 
[ 1657.581123][ T5626] ======================================================
[ 1657.588135][ T5626] WARNING: possible circular locking dependency detected
[ 1657.595152][ T5626] syzkaller #0 Tainted: G     U       L     
[ 1657.601126][ T5626] ------------------------------------------------------
[ 1657.608134][ T5626] udevd/5626 is trying to acquire lock:
[ 1657.613670][ T5626] ffff888060ec0668 (&nsock->tx_lock){+.+.}-{4:4}, at: nbd_queue_rq+0x428/0x1080
[ 1657.622728][ T5626] 
[ 1657.622728][ T5626] but task is already holding lock:
[ 1657.630081][ T5626] ffff888097600178 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xba/0x1080
[ 1657.638628][ T5626] 
[ 1657.638628][ T5626] which lock already depends on the new lock.
[ 1657.638628][ T5626] 
[ 1657.649028][ T5626] 
[ 1657.649028][ T5626] the existing dependency chain (in reverse order) is:
[ 1657.658034][ T5626] 
[ 1657.658034][ T5626] -> #5 (&cmd->lock){+.+.}-{4:4}:
[ 1657.665245][ T5626]        __mutex_lock+0x1a4/0x1b10
[ 1657.670364][ T5626]        nbd_queue_rq+0xba/0x1080
[ 1657.675392][ T5626]        blk_mq_dispatch_rq_list+0x422/0x1e70
[ 1657.681477][ T5626]        __blk_mq_sched_dispatch_requests+0xcea/0x1620
[ 1657.688338][ T5626]        blk_mq_sched_dispatch_requests+0xd7/0x1c0
[ 1657.694853][ T5626]        blk_mq_run_hw_queue+0x23c/0x670
[ 1657.700513][ T5626]        blk_mq_dispatch_list+0x51d/0x1360
[ 1657.706367][ T5626]        blk_mq_flush_plug_list+0x130/0x600
[ 1657.712267][ T5626]        __blk_flush_plug+0x2c4/0x4b0
[ 1657.717642][ T5626]        __submit_bio+0x584/0x6c0
[ 1657.722673][ T5626]        submit_bio_noacct_nocheck+0x543/0xbf0
[ 1657.728832][ T5626]        submit_bio_noacct+0xd18/0x2000
[ 1657.734384][ T5626]        submit_bh_wbc+0x681/0x890
[ 1657.739502][ T5626]        block_read_full_folio+0x4c8/0x8e0
[ 1657.745303][ T5626]        filemap_read_folio+0xfc/0x3b0
[ 1657.750779][ T5626]        do_read_cache_folio+0x2d7/0x6b0
[ 1657.756409][ T5626]        read_part_sector+0xd1/0x370
[ 1657.761694][ T5626]        adfspart_check_ICS+0x91/0x7d0
[ 1657.767156][ T5626]        bdev_disk_changed+0x7a3/0x1250
[ 1657.772707][ T5626]        blkdev_get_whole+0x187/0x290
[ 1657.778083][ T5626]        bdev_open+0x2c7/0xe40
[ 1657.782856][ T5626]        blkdev_open+0x34e/0x4f0
[ 1657.787811][ T5626]        do_dentry_open+0x6ab/0x14d0
[ 1657.793105][ T5626]        vfs_open+0x82/0x3f0
[ 1657.797706][ T5626]        path_openat+0x208c/0x31a0
[ 1657.802819][ T5626]        do_file_open+0x20e/0x430
[ 1657.807842][ T5626]        do_sys_openat2+0x10d/0x1e0
[ 1657.813087][ T5626]        __x64_sys_openat+0x12d/0x210
[ 1657.818463][ T5626]        do_syscall_64+0x115/0x840
[ 1657.823578][ T5626]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1657.829984][ T5626] 
[ 1657.829984][ T5626] -> #4 (set->srcu){.+.+}-{0:0}:
[ 1657.837105][ T5626]        __synchronize_srcu+0xa2/0x300
[ 1657.842570][ T5626]        blk_mq_quiesce_queue+0x149/0x1c0
[ 1657.848292][ T5626]        wbt_set_lat+0x27a/0x6d0
[ 1657.853241][ T5626]        queue_wb_lat_store+0xc4/0x130
[ 1657.858699][ T5626]        queue_attr_store+0x25f/0x2f0
[ 1657.864087][ T5626]        sysfs_kf_write+0xf2/0x150
[ 1657.869208][ T5626]        kernfs_fop_write_iter+0x3e0/0x5f0
[ 1657.875012][ T5626]        iter_file_splice_write+0x830/0x10a0
[ 1657.880990][ T5626]        direct_splice_actor+0x192/0x6c0
[ 1657.886624][ T5626]        splice_direct_to_actor+0x345/0xa30
[ 1657.892518][ T5626]        do_splice_direct+0x174/0x240
[ 1657.897892][ T5626]        do_sendfile+0xadc/0xe20
[ 1657.902822][ T5626]        __x64_sys_sendfile64+0x1d8/0x220
[ 1657.908558][ T5626]        do_syscall_64+0x115/0x840
[ 1657.913678][ T5626]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1657.920090][ T5626] 
[ 1657.920090][ T5626] -> #3 (&q->q_usage_counter(io)#60){++++}-{0:0}:
[ 1657.928701][ T5626]        blk_alloc_queue+0x610/0x790
[ 1657.933993][ T5626]        blk_mq_alloc_queue+0x174/0x290
[ 1657.939534][ T5626]        __blk_mq_alloc_disk+0x29/0x120
[ 1657.945077][ T5626]        nbd_dev_add+0x492/0xb10
[ 1657.950019][ T5626]        nbd_init+0x291/0x2b0
[ 1657.954702][ T5626]        do_one_initcall+0x121/0x750
[ 1657.959989][ T5626]        kernel_init_freeable+0x6ea/0x7b0
[ 1657.965724][ T5626]        kernel_init+0x1f/0x1e0
[ 1657.970573][ T5626]        ret_from_fork+0x72b/0xd50
[ 1657.975680][ T5626]        ret_from_fork_asm+0x1a/0x30
[ 1657.980972][ T5626] 
[ 1657.980972][ T5626] -> #2 (fs_reclaim){+.+.}-{0:0}:
[ 1657.988187][ T5626]        fs_reclaim_acquire+0xc4/0x100
[ 1657.993652][ T5626]        kmem_cache_alloc_node_noprof+0x53/0x6f0
[ 1657.999989][ T5626]        __alloc_skb+0x140/0x710
[ 1658.004921][ T5626]        tcp_stream_alloc_skb+0x34/0x660
[ 1658.010569][ T5626]        tcp_sendmsg_locked+0x13cd/0x4500
[ 1658.016289][ T5626]        tcp_sendmsg+0x2e/0x50
[ 1658.021060][ T5626]        inet_sendmsg+0xb9/0x140
[ 1658.026011][ T5626]        sock_write_iter+0x4ea/0x5a0
[ 1658.031307][ T5626]        vfs_write+0x6ac/0x1070
[ 1658.036159][ T5626]        ksys_write+0x1f8/0x250
[ 1658.041021][ T5626]        do_syscall_64+0x115/0x840
[ 1658.046147][ T5626]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1658.052568][ T5626] 
[ 1658.052568][ T5626] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}:
[ 1658.060218][ T5626]        lock_sock_nested+0x41/0xf0
[ 1658.065425][ T5626]        inet_shutdown+0x67/0x410
[ 1658.070456][ T5626]        nbd_mark_nsock_dead+0xae/0x5c0
[ 1658.076028][ T5626]        recv_work+0x5fb/0x8c0
[ 1658.080791][ T5626]        process_one_work+0xa0e/0x1980
[ 1658.086245][ T5626]        worker_thread+0x5ef/0xe50
[ 1658.091356][ T5626]        kthread+0x370/0x450
[ 1658.095959][ T5626]        ret_from_fork+0x72b/0xd50
[ 1658.101075][ T5626]        ret_from_fork_asm+0x1a/0x30
[ 1658.106375][ T5626] 
[ 1658.106375][ T5626] -> #0 (&nsock->tx_lock){+.+.}-{4:4}:
[ 1658.114029][ T5626]        __lock_acquire+0x14b8/0x2630
[ 1658.119411][ T5626]        lock_acquire+0x1b1/0x370
[ 1658.124445][ T5626]        __mutex_lock+0x1a4/0x1b10
[ 1658.129584][ T5626]        nbd_queue_rq+0x428/0x1080
[ 1658.134706][ T5626]        blk_mq_dispatch_rq_list+0x422/0x1e70
[ 1658.140783][ T5626]        __blk_mq_sched_dispatch_requests+0xcea/0x1620
[ 1658.147647][ T5626]        blk_mq_sched_dispatch_requests+0xd7/0x1c0
[ 1658.154164][ T5626]        blk_mq_run_hw_queue+0x23c/0x670
[ 1658.159802][ T5626]        blk_mq_dispatch_list+0x51d/0x1360
[ 1658.165617][ T5626]        blk_mq_flush_plug_list+0x130/0x600
[ 1658.171500][ T5626]        __blk_flush_plug+0x2c4/0x4b0
[ 1658.176879][ T5626]        __submit_bio+0x584/0x6c0
[ 1658.181922][ T5626]        submit_bio_noacct_nocheck+0x543/0xbf0
[ 1658.188094][ T5626]        submit_bio_noacct+0xd18/0x2000
[ 1658.193645][ T5626]        submit_bh_wbc+0x681/0x890
[ 1658.198761][ T5626]        block_read_full_folio+0x4c8/0x8e0
[ 1658.204592][ T5626]        filemap_read_folio+0xfc/0x3b0
[ 1658.210077][ T5626]        do_read_cache_folio+0x2d7/0x6b0
[ 1658.215716][ T5626]        read_part_sector+0xd1/0x370
[ 1658.221012][ T5626]        adfspart_check_ICS+0x91/0x7d0
[ 1658.226509][ T5626]        bdev_disk_changed+0x7a3/0x1250
[ 1658.232078][ T5626]        blkdev_get_whole+0x187/0x290
[ 1658.237472][ T5626]        bdev_open+0x2c7/0xe40
[ 1658.242241][ T5626]        blkdev_open+0x34e/0x4f0
[ 1658.247198][ T5626]        do_dentry_open+0x6ab/0x14d0
[ 1658.252497][ T5626]        vfs_open+0x82/0x3f0
[ 1658.257099][ T5626]        path_openat+0x208c/0x31a0
[ 1658.262213][ T5626]        do_file_open+0x20e/0x430
[ 1658.267263][ T5626]        do_sys_openat2+0x10d/0x1e0
[ 1658.272488][ T5626]        __x64_sys_openat+0x12d/0x210
[ 1658.277877][ T5626]        do_syscall_64+0x115/0x840
[ 1658.283011][ T5626]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1658.289425][ T5626] 
[ 1658.289425][ T5626] other info that might help us debug this:
[ 1658.289425][ T5626] 
[ 1658.299651][ T5626] Chain exists of:
[ 1658.299651][ T5626]   &nsock->tx_lock --> set->srcu --> &cmd->lock
[ 1658.299651][ T5626] 
[ 1658.311737][ T5626]  Possible unsafe locking scenario:
[ 1658.311737][ T5626] 
[ 1658.319202][ T5626]        CPU0                    CPU1
[ 1658.324570][ T5626]        ----                    ----
[ 1658.329947][ T5626]   lock(&cmd->lock);
[ 1658.333934][ T5626]                                lock(set->srcu);
[ 1658.340359][ T5626]                                lock(&cmd->lock);
[ 1658.346859][ T5626]   lock(&nsock->tx_lock);
[ 1658.351274][ T5626] 
[ 1658.351274][ T5626]  *** DEADLOCK ***
[ 1658.351274][ T5626] 
[ 1658.359418][ T5626] 3 locks held by udevd/5626:
[ 1658.364092][ T5626]  #0: ffff88807ef24350 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0x41a/0xe40
[ 1658.373422][ T5626]  #1: ffff888035293c98 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x22e/0x670
[ 1658.382920][ T5626]  #2: ffff888097600178 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xba/0x1080
[ 1658.391908][ T5626] 
[ 1658.391908][ T5626] stack backtrace:
[ 1658.397794][ T5626] CPU: 0 UID: 0 PID: 5626 Comm: udevd Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1658.397823][ T5626] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1658.397830][ T5626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1658.397842][ T5626] Call Trace:
[ 1658.397850][ T5626]  <TASK>
[ 1658.397859][ T5626]  dump_stack_lvl+0x100/0x190
[ 1658.397892][ T5626]  print_circular_bug.cold+0x178/0x1c7
[ 1658.397925][ T5626]  check_noncircular+0x146/0x160
[ 1658.397958][ T5626]  __lock_acquire+0x14b8/0x2630
[ 1658.397994][ T5626]  lock_acquire+0x1b1/0x370
[ 1658.398024][ T5626]  ? nbd_queue_rq+0x428/0x1080
[ 1658.398044][ T5626]  ? __pfx___might_resched+0x10/0x10
[ 1658.398066][ T5626]  ? preempt_schedule_thunk+0x16/0x30
[ 1658.398096][ T5626]  __mutex_lock+0x1a4/0x1b10
[ 1658.398126][ T5626]  ? nbd_queue_rq+0x428/0x1080
[ 1658.398145][ T5626]  ? nbd_queue_rq+0x428/0x1080
[ 1658.398166][ T5626]  ? __pfx___mutex_lock+0x10/0x10
[ 1658.398199][ T5626]  ? __bfs+0x150/0x2a0
[ 1658.398223][ T5626]  ? __lock_acquire+0x4a5/0x2630
[ 1658.398256][ T5626]  ? nbd_queue_rq+0x428/0x1080
[ 1658.398274][ T5626]  nbd_queue_rq+0x428/0x1080
[ 1658.398299][ T5626]  ? __pfx_nbd_queue_rq+0x10/0x10
[ 1658.398321][ T5626]  ? lockdep_unlock+0x5a/0xc0
[ 1658.398349][ T5626]  ? __lock_acquire+0xd73/0x2630
[ 1658.398380][ T5626]  blk_mq_dispatch_rq_list+0x422/0x1e70
[ 1658.398419][ T5626]  ? sbitmap_get+0x1d7/0x360
[ 1658.398443][ T5626]  ? __pfx_blk_mq_dispatch_rq_list+0x10/0x10
[ 1658.398477][ T5626]  ? __blk_mq_alloc_driver_tag+0x27a/0x7a0
[ 1658.398511][ T5626]  __blk_mq_sched_dispatch_requests+0xcea/0x1620
[ 1658.398546][ T5626]  ? __pfx___blk_mq_sched_dispatch_requests+0x10/0x10
[ 1658.398583][ T5626]  blk_mq_sched_dispatch_requests+0xd7/0x1c0
[ 1658.398632][ T5626]  blk_mq_run_hw_queue+0x23c/0x670
[ 1658.398662][ T5626]  ? blk_mq_run_hw_queue+0x22e/0x670
[ 1658.398692][ T5626]  blk_mq_dispatch_list+0x51d/0x1360
[ 1658.398728][ T5626]  ? __pfx_blk_mq_dispatch_list+0x10/0x10
[ 1658.398761][ T5626]  ? blk_add_trace_plug+0xf5/0x290
[ 1658.398788][ T5626]  blk_mq_flush_plug_list+0x130/0x600
[ 1658.398808][ T5626]  ? trace_block_plug+0x70/0x220
[ 1658.398831][ T5626]  ? blk_add_rq_to_plug+0x30a/0x540
[ 1658.398850][ T5626]  ? __pfx_wbt_track+0x10/0x10
[ 1658.398879][ T5626]  ? __pfx_blk_mq_flush_plug_list+0x10/0x10
[ 1658.398900][ T5626]  ? blk_mq_submit_bio+0x994/0x2f10
[ 1658.398922][ T5626]  __blk_flush_plug+0x2c4/0x4b0
[ 1658.398953][ T5626]  ? __lock_acquire+0x4a5/0x2630
[ 1658.398986][ T5626]  ? __pfx___blk_flush_plug+0x10/0x10
[ 1658.399020][ T5626]  __submit_bio+0x584/0x6c0
[ 1658.399051][ T5626]  ? __pfx___submit_bio+0x10/0x10
[ 1658.399087][ T5626]  ? submit_bio_noacct_nocheck+0x543/0xbf0
[ 1658.399119][ T5626]  submit_bio_noacct_nocheck+0x543/0xbf0
[ 1658.399153][ T5626]  ? __pfx_submit_bio_noacct_nocheck+0x10/0x10
[ 1658.399187][ T5626]  ? __pfx___might_resched+0x10/0x10
[ 1658.399211][ T5626]  submit_bio_noacct+0xd18/0x2000
[ 1658.399245][ T5626]  submit_bh_wbc+0x681/0x890
[ 1658.399278][ T5626]  block_read_full_folio+0x4c8/0x8e0
[ 1658.399300][ T5626]  ? __pfx_blkdev_get_block+0x10/0x10
[ 1658.399337][ T5626]  ? __pfx_blkdev_read_folio+0x10/0x10
[ 1658.399369][ T5626]  filemap_read_folio+0xfc/0x3b0
[ 1658.399402][ T5626]  ? __pfx_filemap_read_folio+0x10/0x10
[ 1658.399438][ T5626]  do_read_cache_folio+0x2d7/0x6b0
[ 1658.399457][ T5626]  ? __pfx_blkdev_read_folio+0x10/0x10
[ 1658.399491][ T5626]  read_part_sector+0xd1/0x370
[ 1658.399519][ T5626]  ? __pfx_adfspart_check_ICS+0x10/0x10
[ 1658.399549][ T5626]  adfspart_check_ICS+0x91/0x7d0
[ 1658.399579][ T5626]  ? __pfx_seq_buf_printf+0x10/0x10
[ 1658.399608][ T5626]  ? __pfx_adfspart_check_ICS+0x10/0x10
[ 1658.399640][ T5626]  ? __pfx_adfspart_check_ICS+0x10/0x10
[ 1658.399673][ T5626]  bdev_disk_changed+0x7a3/0x1250
[ 1658.399722][ T5626]  ? nbd_open+0x320/0x700
[ 1658.399745][ T5626]  ? __pfx_bdev_disk_changed+0x10/0x10
[ 1658.399780][ T5626]  blkdev_get_whole+0x187/0x290
[ 1658.399811][ T5626]  bdev_open+0x2c7/0xe40
[ 1658.399845][ T5626]  blkdev_open+0x34e/0x4f0
[ 1658.399881][ T5626]  do_dentry_open+0x6ab/0x14d0
[ 1658.399908][ T5626]  ? __pfx_blkdev_open+0x10/0x10
[ 1658.399946][ T5626]  vfs_open+0x82/0x3f0
[ 1658.399979][ T5626]  path_openat+0x208c/0x31a0
[ 1658.400011][ T5626]  ? __pfx_path_openat+0x10/0x10
[ 1658.400044][ T5626]  do_file_open+0x20e/0x430
[ 1658.400073][ T5626]  ? __pfx_do_file_open+0x10/0x10
[ 1658.400109][ T5626]  ? alloc_fd+0x476/0x790
[ 1658.400138][ T5626]  ? do_getname+0x191/0x390
[ 1658.400172][ T5626]  do_sys_openat2+0x10d/0x1e0
[ 1658.400206][ T5626]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1658.400242][ T5626]  ? __sys_recvmsg+0x18c/0x220
[ 1658.400267][ T5626]  ? __pfx___sys_recvmsg+0x10/0x10
[ 1658.400292][ T5626]  __x64_sys_openat+0x12d/0x210
[ 1658.400333][ T5626]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1658.400371][ T5626]  ? rcu_is_watching+0x12/0xc0
[ 1658.400398][ T5626]  do_syscall_64+0x115/0x840
[ 1658.400429][ T5626]  ? clear_bhb_loop+0x40/0x90
[ 1658.400455][ T5626]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1658.400478][ T5626] RIP: 0033:0x7fa6bc0a7407
[ 1658.400496][ T5626] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[ 1658.400518][ T5626] RSP: 002b:00007ffd48e9b440 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[ 1658.400539][ T5626] RAX: ffffffffffffffda RBX: 00007fa6bc765880 RCX: 00007fa6bc0a7407
[ 1658.400554][ T5626] RDX: 00000000000a0800 RSI: 000055e6d934bff0 RDI: ffffffffffffff9c
[ 1658.400569][ T5626] RBP: 000055e6d9344910 R08: 0000000000000000 R09: 0000000000000000
[ 1658.400583][ T5626] R10: 0000000000000000 R11: 0000000000000202 R12: 000055e6d9357e20
[ 1658.400598][ T5626] R13: 000055e6d935c410 R14: 0000000000000000 R15: 000055e6d9357e20
[ 1658.400619][ T5626]  </TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1659.406638][T25957] Process accounting resumed
[ 1659.546656][T25893] block nbd92: Receive control failed (result -32)
[ 1659.874999][ T5626] block nbd92: Send control failed (result -32)
[ 1659.888333][ T5626] block nbd92: Request send failed, requeueing
[ 1659.901929][T27936] block nbd92: Dead connection, failed to find a fallback
[ 1659.924245][T27936] block nbd92: shutting down sockets
[ 1659.931277][T27936] I/O error, dev nbd92, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1659.940751][T27936] Buffer I/O error on dev nbd92, logical block 0, async page read
[ 1660.012014][ T5626] I/O error, dev nbd92, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1660.022205][T30779] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem
[ 1660.041657][T23207] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1660.063445][T30779] EXT4-fs error (device sda1): ext4_discard_preallocations:5696: comm syz.6.4855: Error -117 reading block bitmap for 2
[ 1660.093500][ T5626] Buffer I/O error on dev nbd92, logical block 0, async page read
[ 1660.111152][T30764] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem
[ 1660.134214][T23207] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1660.148191][ T5626] I/O error, dev nbd92, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1660.206358][T23207] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1660.222594][ T5626] Buffer I/O error on dev nbd92, logical block 0, async page read
[ 1660.242435][T30779] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem
[ 1660.253473][T30764] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem
[ 1660.275401][ T5626] I/O error, dev nbd92, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1660.307340][T23207] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1660.323432][ T5626] Buffer I/O error on dev nbd92, logical block 0, async page read
[ 1660.353060][ T5626] I/O error, dev nbd92, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1660.436595][ T5626] Buffer I/O error on dev nbd92, logical block 0, async page read
[ 1660.464608][T23207] bridge_slave_1: left allmulticast mode
[ 1660.480205][T30767] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem
[ 1660.490330][ T5626] I/O error, dev nbd92, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1660.499753][T23207] bridge_slave_1: left promiscuous mode
[ 1660.520989][T23207] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1660.542669][T30767] EXT4-fs error (device sda1): ext4_discard_preallocations:5696: comm syz.0.4853: Error -117 reading block bitmap for 2
[ 1660.569909][ T5626] Buffer I/O error on dev nbd92, logical block 0, async page read
[ 1660.580234][ T5626] I/O error, dev nbd92, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1660.590391][T23207] bridge_slave_0: left allmulticast mode
[ 1660.609841][T23207] bridge_slave_0: left promiscuous mode
[ 1660.621010][ T5626] Buffer I/O error on dev nbd92, logical block 0, async page read
[ 1660.636718][T23207] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1660.647129][T30767] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem
[ 1660.662603][ T5626] I/O error, dev nbd92, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1660.688755][ T5626] Buffer I/O error on dev nbd92, logical block 0, async page read
[ 1660.714196][ T5626] ldm_validate_partition_table(): Disk read failed.
[ 1660.740217][ T5626] I/O error, dev nbd92, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1660.786250][ T5626] Buffer I/O error on dev nbd92, logical block 0, async page read
[ 1660.809978][ T5626] I/O error, dev nbd92, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1660.832539][T23207] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1660.851128][ T5626] Buffer I/O error on dev nbd92, logical block 0, async page read
[ 1660.862929][T23207] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1660.875855][ T5626] Dev nbd92: unable to read RDB block 0
[ 1660.890603][ T5626]  nbd92: unable to read partition table
[ 1660.897266][T23207] bond0 (unregistering): Released all slaves
[ 1660.920980][T30769] EXT4-fs error (device sda1): ext4_discard_preallocations:5696: comm syz.1.4851: Error -117 reading block bitmap for 2
[ 1660.961064][ T5626] ldm_validate_partition_table(): Disk read failed.
[ 1660.991336][ T5626] Dev nbd92: unable to read RDB block 0
[ 1661.025779][ T5626]  nbd92: unable to read partition table
[ 1661.096869][T30769] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem
[ 1661.117781][T23207] hsr_slave_0: left promiscuous mode
[ 1661.140280][T23207] hsr_slave_1: left promiscuous mode
[ 1661.155708][T23207] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1661.179762][T23207] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1661.204633][T23207] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1661.228972][T23207] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1661.261673][T23207] veth1_macvtap: left promiscuous mode
[ 1661.281793][T23207] veth0_macvtap: left promiscuous mode
[ 1661.306676][T23207] veth1_vlan: left promiscuous mode
[ 1661.326886][T23207] veth0_vlan: left promiscuous mode
[ 1661.546431][T23207] team0 (unregistering): Port device team_slave_0 removed
[ 1661.615108][ T5293] 8021q: adding VLAN 0 to HW filter on device eth1
[ 1662.023781][ T5293] 8021q: adding VLAN 0 to HW filter on device eth2
[ 1662.319082][ T5293] 8021q: adding VLAN 0 to HW filter on device eth3
[ 1662.616172][ T5293] 8021q: adding VLAN 0 to HW filter on device eth4