last executing test programs:

5m25.453096275s ago: executing program 0 (id=284):
r0 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000000), 0x80201, 0x0)
mmap$auto(0xc, 0x6, 0x9, 0x13, r0, 0xfff)
r1 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd26, 0x25dfdbff, {}, [@WGDEVICE_A_FLAGS={0x8, 0x5, 0x7f}, @WGDEVICE_A_PRIVATE_KEY={0x4}, @WGDEVICE_A_IFINDEX={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x140480c5}, 0x8040)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
r4 = fcntl$getown(r0, 0x9)
sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f00000014c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000001480)={&(0x7f0000000200)={0x127c, r3, 0x2, 0x70bd2a, 0x25dfdbfe, {}, [@NL80211_ATTR_SCAN_SSIDS={0x1264, 0x2d, 0x0, 0x1, [@typed={0x14, 0x5a, 0x0, 0x0, @ipv6=@private2}, @nested={0xc, 0x55, 0x0, 0x1, [@typed={0x8, 0xaa, 0x0, 0x0, @fd=r0}]}, @generic="44580bc52b55ab372d6abc3e591c2abf33e513512a4966cb327b2d0467958b06db9228603f24852e305ace755c277a69c5cc5ef6fc32d8e627c0f0b61f612a3acbadc98737d53e691e4007861be39354e5520d46b13fee9ca9c8016a182c842ce889ac5efbafb28b928f0a0c89bec7133091a5c65391daa51cbf34f1a5f11658442202ca467d88d97f3e5e52d560c0d9fdc1fa02b8e4ffb47aef15cd17d8d9417167318b339f3524aa46dfc69867cd1412f0d2c60327cb8cd68a8a191dfdca852f00d5c95dde5f59128aad01edc2c794a702730bca32b1321a8284b8b83def0894c7b3c432816a501f15bf855e97d730aaa7111ce42da452e3c03ca39c30d983f9456f47e64e020bbe7d51b457e8821795b6cbf14798846db8de506b0f15cf95c758e849d96aef32a110a997a663d9896b2e78e7688a42ec5bf9ea74161352b576b260dbdef5b0e3f829720dafe466fa13515f43e14fd377a796b0c36a373c14cb818deef0e83b45a8364e82a4ca8e2118bd7f965bc125831aca4921c19b3382f3ceed63d374706c609bfbecbb62575779b652a67dd80d5eda78327381b2958a404dbbf1274557f8e922f347927de6bd8f337189223f171ada2e53a1a1272fd078fecacd1d34288a585f3d5960417ac1bfe22d711b66549b253777f05b9afe03442185702c45731009113ff02556c9122142ce1c8bd99c52137a76d5d6cdded5bbee99f86cb43a67edfb1e14fc348248a9b1566368886203daf73a9e5132bba75eaae5b0049cb82acd7c4e078ffbc35309007294427b80b025b3a0dde258416439103120c3e45bee8e46ab9164e7b8cb5d7ab93592bd3d79a47c56b8fba3f8aa521f168a988d8600e263d409e095f670f9ded3b73856b36dc1d63bb61830d16ab4401ebebbe0f056dde940a6483b04f94e52c5e995ab5b972d50521a4ee59d2305433e897bbb412b9fe2fe4e5714067bdd4d946d3015e101c1ea8c0b7317a9cf463b916c38d4caa9a9e43bdc60693b5f611ec51e5ff7da44498d51e34a7799bee4c2ac73eea340d4d9848a4c511c73fcc43e243d542cfaedff1edf57c9ff983a7a53cd01bcc1fe4699f3400e3da4e1f1c58db59d1f384011f178153c12c7bab2497f7bb341c8e1758d88f8286018c763a9d2b5afe3b5cfd2ac513506457f03571abdc5a416adcc9fc6e439fe74ba89ec0c4a2d154d67363eafcae948c13d6ab111ccc2a08394c8fcf6f630ada07eba8e611e115e221dfa3fdf32cfe41eb02abec8e228ac212789557e6a6de119f1ba3c982d288748fdcc4b4fc75d56b99af17aabae2ea3df468f53c19f5d01ffb5e0b075648620d94e33e8c14fa669859329d1fd6a3c84556c5b89370f6d31d60139c28cc6d1ec2e5e57e474f305fc7893eb2f2d4f819892d0643ae0447a0c45a2ce137537682a4cfc021b4d0bf80cfee7a7b349802f4c82ac24e310f36671d5afbc276debdcef41d3dbd875ed95e2366c745af0905bd3d247c299712ed1757e8c89799476f0961a966306ad047954c25f1c0b852f42e1f557c5d8e4ec425a5c0e912599e8da517eb200df1a3cba0fcc538f44dba6429ac988ce243acedfe67d4486146367302b28e697a3f3319482e05c25193847cf15fadb47c7bb2d3a5fdfe20334bf3b776b27a2d8ae081e48503a5b56f34dc94dec6ba4eb5b91fb59c13e72664ff565e3c0611dbf34cf175759a5f86032d08bee1fad5f4f154c965887fe7c0323b0d02274db08d91c6072c68561a76ced03ab858dcd1eb435ceb5994e387c8c3982f3391744ed68928b325fc9f2e2c5d356b3c0e3e58d28a1fd4c5a4f2004638500deed606263ade5ce9cfed9887e7e0363ff5715c30b7d84bdb0caf54b72cbd578b5aebbcbac8b0c27c2111bed184b6d3b41eadf3a5a6b3c8b3750ca71355be14aa96c960df045c5f7c3430b5af4490b7867ea96127df999d35b4bf7b3ad4454d2914362d20a99c09c4f0af1ad37f6d093df1b72f40a5b252bec59f59ba7c0cfebedf7b2cac9aef419f13380dee3391ef284df8e19f3429e93411dbc0bc347633e7adf9a53a1e39b267b441bffa924771cb80567542919b62a00c4f8d76086c151e1ea113ca79f2e471b7a7737293bcc06d97c449c645d5787cd54e0771ce3051a2c32cd8a9a6904fd2b0c53e82af738e8b097185dd3402931e8345f7ed2933a37ddd399321876eaf0a4b6e0e24ad660ef3c6342ccbdede5f53bced4dbc1410bc935eb85741bf0f277c2ad428937a1f924fa4d408b2fe76b51a2cf57bdbb2bc0a4a46b36dc3c75b84883444fb219e9a56179f5ef4331d355b85d3518bb161cb6f755562b6aed556e86683d8164270834e42d6415a994a30aee6dc5887e37b08a478376350857110829a4411b54b7b345fe2dceec0a90a292e05b4c908f6f09d307ccd55e401ad35ddb4d51e90f9a0722098114a82222c51d690561c15f86bd87de4ce32e4deccd0de7bf82a554fd79be0920f7e4ed846e5b5b817a5a593b5dfa077d44a4e674136676cf1e8e3bcd1030cf67189d7276f5fa0057ed4ac54f79ec9dcc70f8361d0710408942d958df0564c626fc80f9822ec381492bb45ce56d863011b13e4ba6d94d57bbc02f7c47af44b74ec2b9a42951bea81110e5be157123ec5e11922ef3c1729eb06bc13a838f8274658851c404dd7304a2d26554159ee9834eda5753f017a2f2b737bd973a1a7fb54e6b1a37e772131e515e89f42ffd80ea92e92fc235a1cbcd0088b2a1c9a5eccc3163b09073949c407a6fb251af98fdef6bc4dbdc4f569a562467a685d87b813bf162e8db3ab4a7b82645059754eedab44ce3e6b3bce2616d74f70ff955565067f9bed738a811f8f940b41d4c15cc65ac00d3c1ae9b78884c8f02583e935a4f7fe70b5e982913a6a8948b295282304eabae026b3f56111b754473edf3e9c695a4a233c52250d3321105811939dea05646b038392899b176defcc063de98b27360ad564da3a8fe601bac9c384b5f4cc970e91c4c530d2d4eeab464f90fb64e5ad383776f656f1df35bd210ea94cdbec75f47ffbb6a3befce18ba83b4af2a758e26e691a61440d50cdec08c127fd945e4b4a1d4df3527d9ead5cb93e7c19528227b37d3745faaa0f26d9d58466ecc894a9037683fed062cdd1f85ca21cc3a55f977e45b070db0a40ff88b3d22bda18e72d7911dcdd631a83b0ff6a8a92d9f89d30718628d7b56c7d0ce32fd7546aae09dd4dd2fc72f49b13b9d3a5c08d5ff5acb937aeddd52512e58e3982091c84766611b55464c786b86eef4f97d9bc45aa53ad0bf57258d04737a21d706d373b171a5e188d181b1ef5dbbf193aad616b39daa763d9526bd97f40cf85956199f3b93baf1a5513dc2b60f75303a3bd7055b901b3189878fc248082ea5d7ff2a4888a2eb26447bad8d6d7f5d7c9dab68c9993284ed5bc8f83d98ff7017446fe09a1cb1a6a0d825dc4dee8e2dc89fef08592e1dfd33765a780986e681fbe6b151fd32b814808cc90168211c3fa2d95f92cafd4efeaf19892d44cb7a3180f1ea1e366a23d948513caef8245396c62f49d55cd72044c143ab54b44844c78c6d809cd92b207366f04825c21c2295d157e59e3feb96accf378ebf3ac3e6f2b60cedadb86dfd49375856c92ca9eb847d4b3fa56944c9a1537e3d22862c133f143aff15efb3345987b4a60ae26f66e1ee18e7ff29ca01d89fa05f0929c2e857fba5b1f7ebe31849aa49ff44c1351f419cfab294acfa8b12a1fc03ea66d65cb709bb648d5a36aa3bc934f4c6e5d4637e7319c5f3130f1e478e5a099efd609f9063fdb6e5466aef78352694f092ee0ede6cd7a84e784d901153f626c8854b4fa9da64d73b68a5f88ee64fc2ae8637d5d03660dfc1074b8c8c98f8fc2f7085147811b2c3f36088c4ad46aed4f369349992ec03a69948acf84abfd9f851efce3131575341c8aea2bbd5e69623e17b8e331a931f554131024d9baa3965a7d0630f8f322a9e536ac93527e438777bc567a10577802db9e70e67742e9260637ad1b8e30fba6dfc46f8b7a033704b14532f672236bde42cb578863c72ea412261a9403514eb8e2daa0968d5b6ce678e53dbfd859158ae86f646aeacc497275295ef8e03dabd8b7bdb135ba768e8497c56edc551b1875728e800717bfb215982cb594f845579ec38a485b500d05fdbba8d5b1b91240dd4cd98e41466b6cb4c518786fb0637c3f147890b0781b6a533e97f94c17fe4153cdd97f8c12a176ddf85f68e657ba8368a2849aa36b3d014a5899df0e39115bd1a8d8c930db2090ea7118c68a4b0d65ce341b6fa529923e5b6453f7dfcfad0475b9bf7cb9fef4b400e2c6861102e0044715274ea16ce28743bcdc8eca2b16891bd6850b9c7e5406e65bc463f9821f7619e64240be7afc56a405887ce687f13598fcad4673c78e4dfc5005d98f6f390b659bd57d5ebed2dba0f033f833f128df98acd1940b6380d448ea25239cdb3927f0567f3f48fe5041a6153fb80740c4e1a62f5bfa5b5af25a60acfa8692dda8bb09c46db1c5af82fa22b3cf2313a3d9d3c791503a55e54a02f69057d76b21736d604bfb0b12dbeb0b5100e87a7c89800ea589e41141ea97eba8f9abfdc4cca3b48a3971341348b5e0c34c45a5a0cd8946d299d3868f2c50ed9b2a3ea3d81468fcca261f77c0b43d89eff39009b4611887eaa5b8e460ba68f49ae3c918f27d65ea782c340f05a863e0eef94633e32478fe005799d0076afc624a4ac53dd64b4642c851df115670d941561cff0e0d284249efbe7101d56a789bebb2f27b9ffbfd254213d6d903c230f07c1418f90b38913e6f88bbfa57196279361df674e13723c2b4cf4964f689b7085c05409f33f4434c039ed755b68be77647ddc25b36484c6bb16a9ed7745e92071ba5efe108c63976fdd52bf6259cce270c48de633674e292c6a231e6c7b142308bebce07bfb446fe55cfb065f5df156d707a5fd16aaa3558c6534b19dbc8791c736e587842dfd5192718b9784bc2facb88fff1ea9df625280a6cd23ed68c224e9943fff06cea65463993b460ce2c10f25f087c0fba17ed479c6336795c8c24cc2322dd1520e0beb9b8419bb021a72f41e94e523c9b9da7d19094f24d4b446c36cae419d376e7a717fb911b0fec7711b3b26ee379590a9e007dfb2e163b6798c4003fbad23b3d0062def19090d7f88641e342aa29fbfb3ce84386c75d6749a0b62612acc09007b03f9949dae5e35a909d6410694a11437a6d2245df85c0a2d28b8bd05aa8d3377dd5686eb112aef2ac8e57117f6f5041c1af02d3528aa4f8687f27404112545f448b3f98464d5a58959b1aa11f6ad2f8dc3754c50ef9645610cb72b02267222f8bdb78125d9674de12d9b97df4eb55fb9adeed84ca8f17decd1d8f4813159e77d9ecb95a973814109f28def12b6b11e047c59234aec73ca92771f33782e8993a2682c170848853f467ddc5df20a1d1d4a548e32985bf08d797e28e3ee402fa14d47a6b741b71699c2207510997f1e7dfd4614e1b18dbc41a00f1b7526897ea619278a626df8ed0945c23a7c958bd4f9127789f130096493be9653b29868d5e74e94d3fdd56deb853abfaf0fb40831bd65a7891785b3166bc9be6aa532e6662539d5a1b9357a4f0394ece4e7e4bea94c05ccff94f37c4d4dff32892600a7a97e1803127cedda9941761ae9d2db532497821f94a890d4cd70150e1905b30536f2634dfc62c1ab5854bcc6899350b68af6e8b4d4616e9c1f506d53e8f995f0da18f6298b4098af01be5f", @generic="dab498a710a909efb416ef966511b14acf8db1f58dead85529aa4a6521697ec4318ed82ce92fce60c9a6040dd00db4c1e477381b6edcc519c91d181f39310e2801971f91f3ceed74da2e20d9bdacb5b50f9f4dc4d261e04f27bd707e50c600a236222bfc7a", @generic="ca03c1af5508f5684ee89ae0e4adfca3ad3224d688dd2a39d66121af64679e2321a9213248a76df1aceb76ab2ee5619bc8837a888705e558ddc7770f0540b4539a9831c890d4f0e09407717a5233bc189e01fbd5b11d66b4c9a0675d4c9c3b7ef1c34e334cd97b149ee5539f9b7bb33257ee097679ec502099551a6d9835725a5a1eb6867d75838e3dddea02d33f3bbf72998c491852c5fff08bf5f732e756c06843fe884551d19b76fffa8cf0c4a38d5389bb78ef16bbc2407dbd3fb902", @generic="bfefac71d89581eaa3b0d0e9a1b0f43930f3e63a6ca4931099d6f1c95db512c1bb9a04f112268f595a7e9d30bf6397e85c7029cb4b9bc86bc1bd52412b842a3c9b8802f56f", @generic="bfb6cd65a7aaf6074f42072d3165e7736c05e43473df95fe9dc09d55b0c0197906026ff60b1fdfdb3843e353beb80670cb6974f243c6122985c51b97a27a0ce25c6e91378fa3224c87a2778bca51856b690083f1db24ed220295ba6c04d0ff1c9e87b5f2209a10ebdd4989f3fce82f1cd0a2b947249339e56d59d235e4928207007a53433aefa8d5aa214a72615c674ce729f0cfd2d32f3bc0e78b7ba279c6a79a0a0dfa4463449b028475a22f23adee9b977cac846c336220fad186081c6fc77770208db665f8d49d14ac72fb6ce538", @typed={0x8, 0xce, 0x0, 0x0, @pid=r4}]}, @NL80211_ATTR_VHT_CAPABILITY={0x4}]}, 0x127c}, 0x1, 0x0, 0x0, 0x24004000}, 0x40000)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000001500)={'geneve1\x00', <r5=>0x0})
openat$auto_tracing_mark_fops_trace(0xffffffffffffff9c, &(0x7f0000001540)='/sys/kernel/tracing/trace_marker\x00', 0x10000, 0x0)
r6 = socketpair$auto(0x8, 0x4, 0x78, &(0x7f0000001580)=0x60)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001600), r2)
sendmsg$auto_NET_SHAPER_CMD_CAP_GET(r7, &(0x7f00000016c0)={&(0x7f00000015c0)={0x10, 0x0, 0x0, 0x2200}, 0xc, &(0x7f0000001680)={&(0x7f0000001640)={0x34, r8, 0x4, 0x70bd25, 0x25dfdbfc, {}, [@NET_SHAPER_A_CAPS_SCOPE={0x8, 0x2, 0xd0}, @NET_SHAPER_A_CAPS_SCOPE={0x8, 0x2, 0x7}, @NET_SHAPER_A_CAPS_SCOPE={0x8, 0x2, 0xd}, @NET_SHAPER_A_CAPS_IFINDEX={0x8, 0x1, r5}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x4010)
statx$auto(r6, &(0x7f0000001740)='./file0\x00', 0x0, 0x7, &(0x7f0000001780)={0x80000001, 0x1, 0x9, 0xffffffff, 0x0, <r9=>0x0, 0x4, 0xfff4, 0x400, 0x7fffffff, 0x4, 0x7, {0x1ff, 0x9}, {0xb77, 0x800}, {0x1ff, 0x9}, {0x3ff, 0xa}, 0x801, 0x1, 0xb, 0x11, 0x5, 0xab2d, 0xac, 0x3ff, 0xffff8001, 0x5, 0x9824, 0x1, [0x800, 0x4, 0xfffffffffffffff8, 0x5c9, 0x5, 0x140c, 0x5, 0x3, 0x3]})
lstat$auto(&(0x7f0000001700)='./file0\x00', &(0x7f0000001880)={0x2, 0xd, 0xfffffffffffffff9, 0xea, 0xee01, r9, 0x0, 0x7, 0x3, 0x2, 0x7f, 0x3, 0xa61, 0x0, 0x2, 0x0, 0x800})
write$auto_ftrace_set_event_notrace_pid_fops_trace_events(r6, &(0x7f0000001940)="9242ccb89a25f12cbae5f3f9f09602b8a46ec4cd12df477d3784f638251fc07d0264b9294047555f59e29627fc40af4cebe907d1558a00086db90617bd5c84d7f19842b9611a7a29461e2fc85293e7aa77e6b936942bdab392a71a6250445aea2977357f1a05fe806bc4b20e1df0c0dd40a7528a82e4985d26c704562c25a1336d5ea33fe74adcfd7fb01056b3a4567242d71a99544de28a99db1f42b12fdae17cbb0001bc41e3a58abdcc68f30e069a2b16e756fd285d16e894c1a3afc6c0c81fd0d0e9ecdde9f3f8356fcd94f26936d42b1f1ff1cb385100936f2bd9ea273114ed6cbe993ee7840b32317254c5cab38d2f853f95b90ff9ad13be2ae832", 0xfe)
close_range$auto(r2, r7, 0x6)
r10 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000001a80), r6)
sendmsg$auto_L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, &(0x7f0000001b80)={&(0x7f0000001a40)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000001b40)={&(0x7f0000001ac0)={0x60, r10, 0x10, 0x70bd25, 0x25dfdbfe, {}, [@L2TP_ATTR_VLAN_ID={0x6, 0xe, 0x7}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0xe}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0x8}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x4}, @L2TP_ATTR_IFNAME={0x14, 0x8, 'veth0_macvtap\x00'}, @L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e24}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x5}, @L2TP_ATTR_DEBUG={0x8, 0x11, 0xfff}]}, 0x60}, 0x1, 0x0, 0x0, 0x20000000}, 0x20d4)
chroot$auto(&(0x7f0000001bc0)='./file1\x00')
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000001c00)='/proc/sys/net/ipv4/neigh/bond_slave_1/ucast_solicit\x00', 0x24481, 0x0)
sendmsg$auto_BATADV_CMD_GET_MESH(r6, &(0x7f0000001d00)={&(0x7f0000001c40)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000001cc0)={&(0x7f0000001c80)={0x1c, 0x0, 0x8, 0x70bd28, 0x25dfdbfc, {}, [@BATADV_ATTR_BANDWIDTH_DOWN={0x8, 0x1c, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10000}, 0x80)
r11 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001d80), r7)
sendmsg$auto_NL80211_CMD_COLOR_CHANGE_REQUEST(r2, &(0x7f0000001e40)={&(0x7f0000001d40)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000001e00)={&(0x7f0000001dc0)={0x18, r11, 0x800, 0x70bd25, 0x25dfdbff, {}, [@NL80211_ATTR_WIPHY_DYN_ACK={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x24000081}, 0xc040)
read$auto_memtype_fops_memtype(r6, &(0x7f0000001e80)=""/176, 0xb0)
r12 = socket(0x2b, 0x5, 0x2)
r13 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001f80), r12)
sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000002040)={&(0x7f0000001f40)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000002000)={&(0x7f0000001fc0)={0x1c, r13, 0x2, 0x70bd25, 0x25dfdbff, {}, [@ETHTOOL_A_COALESCE_RATE_SAMPLE_INTERVAL={0x8, 0x17, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4)
ioctl$auto_posix_clock_file_operations_posix_clock(0xffffffffffffffff, 0x8, &(0x7f00000020c0)="19b02dc8923b9f02bc524758c13203c2c35ae55fb95ac48a4208c8142709e588393af92f1125ace79d0896c863079be57a1748f5d4bfd7a7afcde1ab491c8e29e826b6d3429c3bdea79c5ede6cdf9636a569666bd9daa262b1fc96f3d5e6c09efa2e203adbc1b4a455636532afb0151bd0028463eea32d8e682c1d07b14827ae99")

5m20.02523332s ago: executing program 0 (id=303):
r0 = openat$auto_dmaengine_summary_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0xa242, 0x0) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
close_range$auto(r0, 0xa, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket(0x1e, 0x4, 0x0) (async)
r2 = socket(0x1e, 0x4, 0x0) (async)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda\x00', 0x8041, 0x0)
ioctl$auto_SG_GET_RESERVED_SIZE(r3, 0x5380, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0) (async)
setsockopt$auto(r2, 0x10f, 0x87, 0x0, 0x14) (async, rerun: 64)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) (async, rerun: 64)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$auto(r4, 0x10f, 0x87, 0x0, 0x14) (async)
r5 = socket(0x1e, 0x4, 0x0)
setsockopt$auto(r5, 0x10f, 0x87, 0x0, 0x14)
r6 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91) (async)
r7 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/ip6tnl0/accept_dad\x00', 0x242, 0x0)
sendfile$auto(r6, r7, 0x0, 0x7)
r8 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000140), r1)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x18, r8, 0x1, 0x70bd25, 0x25dfdbff, {}, [@HWSIM_ATTR_MULTI_RADIO={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x41}, 0x4004040)

5m9.509382631s ago: executing program 0 (id=338):
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ipvlan1\x00'})
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = socket(0x2, 0xa, 0xa)
futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0)
setsockopt$auto(0x3, 0x1, 0x2b, 0x0, 0x28)
sendmmsg$auto(r0, &(0x7f0000000300)={{&(0x7f0000000140), 0x12, 0x0, 0x7, 0x0, 0x3, 0x1}, 0x7}, 0x8, 0x7fff)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
r1 = socket(0x11, 0x3, 0x9)
r2 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES16=r2], 0x1ac}}, 0x40000)
sendmsg$auto_NL802154_CMD_ABORT_SCAN(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x2c, r2, 0x800, 0x70bd27, 0x25dfdbfb, {}, [@NL802154_ATTR_TX_POWER={0x8, 0xb, 0xfffffff6}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x3ff}, @NL802154_ATTR_SEC_OUT_LEVEL={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24040080}, 0x80)
write$auto_tomoyo_operations_securityfs_if(0xffffffffffffffff, &(0x7f0000000200)="0a1b9a5c3f0f8262cd1aec49ec", 0xd)
capset$auto(0x0, &(0x7f0000000000)={0xfffffffe, 0x9, 0x4a})
setreuid$auto(0x3, 0x7)
ioprio_set$auto(0x2, 0x0, 0x8)
sendmmsg$auto(r1, &(0x7f00000006c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200)="4c03", 0x49}, 0x5, &(0x7f0000000700), 0x5, 0x1}, 0x5}, 0x2, 0x100)
openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, &(0x7f0000000440), 0x8080, 0x0)
readv$auto(0x0, &(0x7f0000000080)={0x0, 0x1e}, 0x3)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
ioctl$auto(r3, 0x560f, 0x1)

5m8.139301714s ago: executing program 0 (id=347):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket(0x2, 0x1, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
connect$auto(0x3, &(0x7f00000018c0)=@in={0x2, 0x300, @loopback}, 0x55)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/power/wakeup_count\x00', 0xc0082, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd7/queue/max_discard_segments\x00', 0x80000, 0x0)
read$auto(r0, 0x0, 0x9)
write$auto(0x3, 0x0, 0xfdef)
r1 = getgid()
newfstatat$auto(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x8, 0x81, 0xef, 0x32, 0xffffffffffffffff, r1, 0x0, 0x4, 0x4, 0x80000000, 0x3, 0x9, 0xf9c4, 0x7fffffff, 0x10, 0x9, 0x163}, 0x8)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22040, 0x75)
socket(0x840000000002, 0x3, 0xff)

5m2.197993456s ago: executing program 0 (id=365):
listxattr$auto(0x0, &(0x7f0000000040)='+\x13\x00', 0xff)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) (async, rerun: 32)
ioctl$auto(0x3, 0x4020ae76, 0x38) (async, rerun: 32)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
munmap$auto(0x1000000, 0x2000000c) (async)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x401, 0x8000)

4m51.479531339s ago: executing program 0 (id=398):
open(0x0, 0x2a002, 0x32)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x2c, 0x940, 0x1ffde, 0x3, 0x6, 0x2, 0x9, 0x5, 0x2, 0x4, 0xb0, 0x7, 0x2, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd]}, 0x1fe, 0x81)
r0 = socket(0x10, 0x80002, 0x0)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000007a80), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_MODULE_FW_FLASH_ACT(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000700)={0x14, r1, 0x199, 0x70bd2d, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x90}, 0x40)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYRESOCT=0x0, @ANYBLOB="9e7c17b6"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r2 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
syz_genetlink_get_family_id$auto_nl802154(0x0, r0)
socket$nl_generic(0x10, 0x3, 0x10)
sendfile$auto(0x6, 0x3, 0x0, 0xc01)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
recvfrom$auto(r0, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)

4m35.551340731s ago: executing program 32 (id=398):
open(0x0, 0x2a002, 0x32)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x2c, 0x940, 0x1ffde, 0x3, 0x6, 0x2, 0x9, 0x5, 0x2, 0x4, 0xb0, 0x7, 0x2, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd]}, 0x1fe, 0x81)
r0 = socket(0x10, 0x80002, 0x0)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000007a80), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_MODULE_FW_FLASH_ACT(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000700)={0x14, r1, 0x199, 0x70bd2d, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x90}, 0x40)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYRESOCT=0x0, @ANYBLOB="9e7c17b6"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r2 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
syz_genetlink_get_family_id$auto_nl802154(0x0, r0)
socket$nl_generic(0x10, 0x3, 0x10)
sendfile$auto(0x6, 0x3, 0x0, 0xc01)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
recvfrom$auto(r0, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)

2m36.4396602s ago: executing program 3 (id=934):
r0 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/block/nbd5/hctx0/sched_tags_bitmap\x00', 0x800, 0x0)
read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r0, &(0x7f00000002c0)=""/243, 0xf3)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x8, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000)
madvise$auto(0x0, 0xffffffffffff0004, 0x19)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xffffffffffffff91, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
r1 = io_uring_setup$auto(0x6, 0x0)
r2 = getpid()
r3 = socket(0xa, 0x2, 0x3a)
setsockopt$auto(r3, 0x29, 0x37, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5', 0x8)
r4 = gettid()
rt_tgsigqueueinfo$auto(r2, r4, 0x21, &(0x7f0000000400)={@siginfo_0_0={0x3, 0x1c51, 0xfffffffe, @_sigsys={0x0, 0x2, 0xffffffff}}})
sendmsg$auto_OVS_DP_CMD_DEL(r1, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="c2d00000", @ANYRES16=0x0, @ANYBLOB="20ab28bd7000fedbdf250200000008000200", @ANYRES32=r2, @ANYBLOB="390001002f7379732f6b65726e656c2f64656275672f626c6f636b2f6e6264352f68637478302f73636865645f746167735f6269746d617000000000"], 0x58}, 0x1, 0x0, 0x0, 0x20000050}, 0x8000)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x200000c1)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)

2m35.96541503s ago: executing program 3 (id=937):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = socket(0x22, 0x1, 0x3)
mmap$auto(0x0, 0xffffffff, 0xdf, 0xeb2, r0, 0x4000008000)
r1 = socket(0x2, 0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = memfd_create$auto(0x0, 0xe)
r3 = socket(0x2, 0x1, 0x106)
connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x55)
setsockopt$auto(r3, 0x1, 0x21, 0x0, 0x9)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @loopback}, 0x6a)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
write$auto(0x3, 0x0, 0xfdf3)
shutdown$auto(0x200000003, 0x2)
io_uring_setup$auto(0x9, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
mmap$auto(0x3, 0x4, 0x4000000000dc, 0x40eb2, 0xa1c, 0x8)
madvise$auto(0xffffffffffffffff, 0xffffffff7fffffff, 0x40000019)
madvise$auto(0xf, 0x4, 0x9)
syz_genetlink_get_family_id$auto_ovs_meter(0x0, 0xffffffffffffffff)
socket(0x8, 0x5, 0x6)
pipe2$auto(&(0x7f0000000000)=r2, 0x1)
r4 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r4, &(0x7f0000000840)="4c9b6e", 0x3)
socket(0x8, 0x0, 0x4)
read$auto(0x3, 0x0, 0xfdef)

2m34.285298761s ago: executing program 3 (id=946):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
open(&(0x7f0000000800)='./file0\x00', 0x1636c0, 0x154)
fcntl$auto(0x3, 0x400, 0x9ec0000000000000)
open(&(0x7f0000000000)='./file0\x00', 0x4242, 0x0)
r0 = open(&(0x7f0000000040)='./file0\x00', 0x10677d, 0x0)
r1 = socket(0x2, 0x1, 0x0)
syz_genetlink_get_family_id$auto_ethtool(0x0, r1)
write$auto(0x3, 0x0, 0xfffffdef)
mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000)
getsockname$auto(r0, &(0x7f0000000000)=@in={0x2, 0x4e23, @local}, 0x0)
close_range$auto(0x2, 0xa, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
r2 = openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy1/hwflags\x00', 0x20000, 0x0)
read$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(r2, 0x0, 0x0)

2m33.886514392s ago: executing program 3 (id=949):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x848000000015, 0x805, 0x0)
bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x6b)
connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @loopback}, 0x55)
sendmsg$auto_OVS_DP_CMD_GET(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x50}, 0x0)
sendmsg$auto_OVS_DP_CMD_GET(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=ANY=[], 0xd000}, 0x1, 0x0, 0x0, 0x50}, 0x0)
openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000640)='/dev/cpu/1/cpuid\x00', 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r2 = openat$auto_wakeup_sources_stats_fops_wakeup(0xffffffffffffff9c, &(0x7f0000000100), 0x100, 0x0)
pread64$auto(r2, 0x0, 0xd, 0x7)
r3 = openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bluetooth/hci0/rfkill9/power/autosuspend_delay_ms\x00', 0x2c8000, 0x0)
r4 = getpid()
socket$nl_generic(0x10, 0x3, 0x10)
r5 = open(&(0x7f00000000c0)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc)
flock$auto(r5, 0x6)
r6 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc)
flock$auto(r6, 0x2)
close_range$auto(0x2, 0x8000, 0x0)
process_vm_readv$auto(r4, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x400, 0x0)
r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:20/adr\x00', 0x60080, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r7, &(0x7f0000000080)=""/58, 0x3a)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc4c85513, &(0x7f0000000140)={{@inferred=0xffffffffffffffff, 0x4, 0x6, 0x40, "a82097eec5c875bac7510a4df631409d2b3bc2ca10bcc934b1718932205cb037ac630eb9bc2d4c481e6eb6b4", @inferred=r4}, 0x1, @integer=@value=[0x7, 0x7, 0x17c5, 0x5, 0x8, 0xf335, 0x9, 0x5c, 0x1, 0x1, 0x9, 0x0, 0x1, 0x4, 0x6, 0x9, 0x1, 0xffffffffffffffff, 0x2, 0x7fffffff, 0x5, 0xc, 0x1, 0x7f, 0xbd, 0xe0, 0xffffffffffffffff, 0x6, 0xd, 0x5, 0x7f, 0x2, 0x3, 0x8000, 0x3, 0x6, 0x0, 0x5, 0xffff, 0x5, 0x800, 0xc46e, 0x5, 0x5, 0x2, 0x806, 0x5, 0x8001, 0xc, 0x95fb, 0x6c8, 0x800, 0x101, 0x0, 0x9, 0x1, 0x3, 0x7, 0xfffffffffffffff7, 0x8, 0x4, 0x7, 0x0, 0x6, 0x7d1, 0x0, 0x3649b8d0, 0x5a05, 0xffffffffffffffff, 0x8000000000000000, 0xffffffffffffffff, 0x98, 0x4b, 0x3148fede, 0x528, 0x1, 0x9, 0x0, 0x827c, 0xcb, 0x5, 0x9, 0x4000000000000000, 0x9, 0xff, 0x8000, 0x3, 0x1, 0x8, 0x100, 0x3, 0x6, 0x5, 0x7, 0x5, 0x3, 0x81, 0xe, 0x9, 0x9, 0xc, 0x6, 0x6, 0x1e39, 0x4, 0x3, 0x2, 0x2, 0x7ff, 0x800, 0x275, 0x1b70000000000, 0x7fff, 0x100, 0x4, 0xfffffffffffff356, 0x4, 0x3, 0x8, 0x4, 0xfffffffffffffff7, 0x3, 0x81, 0x6, 0x7, 0x3, 0xb4, 0x7f], "8ee90ee8602a90671128c85d7d3cf5fce0e266c3536bb2d368497f5456779131bbcfc8f010adffedd7cb3448fdb563c153dd25cc2796c67c22384249ba0c0d1d7084a523dcac9bfb123bffd5990d83976177a0ecb585063868841ac6c79d8df430c79311a3e968fbf63479be5c257875f0fb20e7966ff8bd959586aafc10898a"})

2m33.560534339s ago: executing program 3 (id=951):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00')
mmap$auto(0x0, 0x1, 0x4000000000df, 0x44eb2, 0x3, 0x300000000000)
mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x20000000)
mmap$auto(0x7ef5, 0x2020009, 0x3, 0xeb5, 0xfffffffffffffffa, 0x8000)
r0 = io_uring_setup$auto(0x1, 0x0)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000000c0), r0)
futex$auto(0x0, 0x1, 0x0, 0x0, 0x0, 0xa0000001)
utimensat$auto(r0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x143, 0xfffffffffffffffc}, 0x7)
mprotect$auto(0x1ffff000, 0x400040, 0x6)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000229bd70090000004a0003000000000008"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$auto_BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="8b632abd7000fedbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x14}, 0x40000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/firmware/acpi/interrupts/ff_pmtimer\x00', 0x6a040, 0x0)
mprotect$auto(0x1ffff000, 0x8000000000000004, 0xd)
acct$auto(&(0x7f0000000000)='}\x00')
acct$auto(0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

2m33.275125566s ago: executing program 3 (id=953):
mmap$auto(0x0, 0x4020009, 0xe2, 0xeb1, 0xffffffffffffffff, 0x3) (async)
r0 = socket(0x23, 0x5, 0x0)
listen$auto(r0, 0x5ed) (async, rerun: 32)
sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004080}, 0x80) (async, rerun: 32)
ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x7, 0x8001}, 0x7f, 0x0, &(0x7f00000001c0)={0x3}, 0x8) (async)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\t\xf8p\xc6nA6\x1a\xb9\xac\xde\x0e\x90\x18\xf1\x13I\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd\x14\x81\xbe\xab\xed\xd5MI\x830_\xc2\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14\x94o\x1b[\xa8]\x9b\x03\x95\xc3\xad\xad\x1d#oi|\x04\x93N\xfa\x17\xf3b\xf6\xcf\x00'/236, 0x4, 0x0)
getcwd$auto(0x0, 0xffffffffffffffff) (async)
mount_setattr$auto(0x5, 0x0, 0x8000, &(0x7f0000000640)={0x0, 0xf6, 0x100000, @inferred=<r1=>0xffffffffffffffff}, 0x283) (async, rerun: 32)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/pci0000:00/0000:00:03.0/virtio0/vendor\x00', 0x400, 0x0) (async, rerun: 32)
mmap$auto(0xffffffffff7ffffa, 0x80000004, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) (async)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
ioctl$auto_RTC_IRQP_READ(r1, 0x8008700b, &(0x7f0000000280)=0x4) (async)
socket(0x2, 0x80002, 0x73) (async)
socket(0xa, 0x1, 0x84) (async)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) (async)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (async)
setsockopt$auto(0x3, 0x10000000084, 0x18, 0x0, 0x8)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000240)=""/5, 0x5)
openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/meminfo\x00', 0x0, 0x0) (async)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/ip6_tables_targets\x00', 0x400000, 0x0) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
msgget$auto(0xa, 0x77d9) (async)
msgrcv$auto(0x0, 0x0, 0xffc, 0x1, 0xb1) (async)
msgctl$auto(0x0, 0x0, 0x0) (async)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async)
msgget$auto(0x4, 0xfffffff9) (async)
madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async)
mmap$auto(0x7, 0x1, 0xfffffffffffffff9, 0x10, 0x5, 0x2) (async)
prctl$auto(0x29, 0x5, 0x0, 0x0, 0x0)

2m18.165266245s ago: executing program 33 (id=953):
mmap$auto(0x0, 0x4020009, 0xe2, 0xeb1, 0xffffffffffffffff, 0x3) (async)
r0 = socket(0x23, 0x5, 0x0)
listen$auto(r0, 0x5ed) (async, rerun: 32)
sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004080}, 0x80) (async, rerun: 32)
ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x7, 0x8001}, 0x7f, 0x0, &(0x7f00000001c0)={0x3}, 0x8) (async)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\t\xf8p\xc6nA6\x1a\xb9\xac\xde\x0e\x90\x18\xf1\x13I\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd\x14\x81\xbe\xab\xed\xd5MI\x830_\xc2\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14\x94o\x1b[\xa8]\x9b\x03\x95\xc3\xad\xad\x1d#oi|\x04\x93N\xfa\x17\xf3b\xf6\xcf\x00'/236, 0x4, 0x0)
getcwd$auto(0x0, 0xffffffffffffffff) (async)
mount_setattr$auto(0x5, 0x0, 0x8000, &(0x7f0000000640)={0x0, 0xf6, 0x100000, @inferred=<r1=>0xffffffffffffffff}, 0x283) (async, rerun: 32)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/pci0000:00/0000:00:03.0/virtio0/vendor\x00', 0x400, 0x0) (async, rerun: 32)
mmap$auto(0xffffffffff7ffffa, 0x80000004, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) (async)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
ioctl$auto_RTC_IRQP_READ(r1, 0x8008700b, &(0x7f0000000280)=0x4) (async)
socket(0x2, 0x80002, 0x73) (async)
socket(0xa, 0x1, 0x84) (async)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) (async)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (async)
setsockopt$auto(0x3, 0x10000000084, 0x18, 0x0, 0x8)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000240)=""/5, 0x5)
openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/meminfo\x00', 0x0, 0x0) (async)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/ip6_tables_targets\x00', 0x400000, 0x0) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
msgget$auto(0xa, 0x77d9) (async)
msgrcv$auto(0x0, 0x0, 0xffc, 0x1, 0xb1) (async)
msgctl$auto(0x0, 0x0, 0x0) (async)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async)
msgget$auto(0x4, 0xfffffff9) (async)
madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async)
mmap$auto(0x7, 0x1, 0xfffffffffffffff9, 0x10, 0x5, 0x2) (async)
prctl$auto(0x29, 0x5, 0x0, 0x0, 0x0)

51.694234622s ago: executing program 4 (id=1430):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
fstat$auto(0xffffffffffffffff, &(0x7f0000000000)={0x5, 0x9, 0x0, 0x103, 0xee01, 0x0, 0x0, 0x7a, 0xfd3, 0x2, 0xec, 0x4, 0x2, 0x1, 0x4, 0xfffffffffffffff8})
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='!\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x44}, 0x40090)
mlockall$auto(0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
move_pages$auto(0x0, 0xd0, 0x0, 0x0, 0x0, 0x2)
r0 = socket(0x1d, 0x2, 0x7)
getsockopt$auto(r0, 0x6b, 0x3, 0xfffffffffffffffe, 0x0)
r1 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r1, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x2000000, 0x1}, 0x5}, 0x3, 0x0)
r2 = socket(0x1d, 0x2, 0x6)
sendmsg$auto_ETHTOOL_MSG_PLCA_GET_STATUS(r2, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001400)={0x14, 0x0, 0x8, 0x70bd27, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x4000)
r3 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/lru_gen_full\x00', 0x202, 0x0)
close_range$auto(r3, r2, 0x8000)
r4 = syz_genetlink_get_family_id$auto_ncsi(&(0x7f0000000100), r2)
sendmsg$auto_NCSI_CMD_SET_PACKAGE_MASK(r2, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r4, 0x200, 0x70bd25, 0x25dfdbff, {}, [@NCSI_ATTR_PACKAGE_ID={0x8, 0x3, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40800}, 0x0)
sendmsg$auto_NCSI_CMD_SEND_CMD(r1, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x2c, r4, 0x400, 0x70bd2b, 0x25dfdbfb, {}, [@NCSI_ATTR_PACKAGE_ID={0x8, 0x3, 0x7}, @NCSI_ATTR_CHANNEL_ID={0x8, 0x4, 0x8}, @NCSI_ATTR_CHANNEL_ID={0x8, 0x4, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x54)

51.154961287s ago: executing program 4 (id=1431):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/nullb0\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x810004, 0x40000000000ffb, 0x8000000008011, 0x3, 0x8000)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x9)
mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="3ae90f7c", @ANYRES16=0x0, @ANYBLOB="01002bbd7000ffdbdf2502"], 0x14}, 0x1, 0x0, 0x0, 0x8044}, 0x4001090)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000)
io_uring_setup$auto(0x6, 0x0)
getsockopt$auto(0x4, 0x1, 0x47, 0x0, 0x0)
read$auto(0x3, 0x0, 0x400000)

49.453918925s ago: executing program 4 (id=1439):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2)
syz_clone(0x40100100, &(0x7f0000000000), 0x0, 0x0, 0x0, &(0x7f0000000100))
mprotect$auto(0x0, 0x8000000000000001, 0x6)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
unshare$auto(0x200)
r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00')
setns(r0, 0x0)
clone$auto(0xfffffffe20000, 0x2, 0xfffffffffffffffc, 0xfffffffffffffffc, 0x800ffffffff)
close_range$auto(r0, 0xffffffffffffffff, 0x4)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket(0x2, 0x3, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/time\x00')
openat$auto_nsim_pp_hold_fops_netdev(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/netdevsim/netdevsim0/ports/2/pp_hold\x00', 0x8100, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
setpriority$auto(0x2, 0x7, 0xfffffff9)
syz_clone3(&(0x7f0000000380)={0x4008000, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180), {0x40}, &(0x7f00000001c0)=""/146, 0x92, &(0x7f0000000280)=""/41, &(0x7f00000002c0)=[0xffffffffffffffff, 0xffffffffffffffff], 0x2}, 0x58)
mmap$auto(0x9, 0x7, 0x4, 0x12, 0x10000000000400, 0x7)

47.740696693s ago: executing program 4 (id=1445):
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000326bd7000fedbdf250200000800130001"], 0x24}, 0x1, 0x0, 0x0, 0x4c894}, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4)
adjtimex$auto(&(0x7f0000000100)={0xe9, 0x0, 0x7fffffffffffffff, 0x1, 0x4220, 0x200, 0xf6, 0x0, 0xa27, 0x534, 0x9, {0x10001, 0x2}, 0xe, 0x7f, 0x2, 0x4, 0x0, 0x4, 0x93c3, 0x84b, 0x10000, 0x2181, 0x1ff})
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xfffffffffffffe80, 0x0, 0x1, 0x0, 0x0, 0x8080}, 0x40)

47.260498909s ago: executing program 4 (id=1448):
rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}}) (async)
clock_settime$auto(0x0, &(0x7f0000000000)={0x100000000, 0xfffffffffffffff9}) (async, rerun: 64)
mmap$auto(0x0, 0x20007, 0xffff, 0xeb1, 0x405, 0x8000) (async, rerun: 64)
socketpair$auto(0x400001d, 0x2, 0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0) (async)
open(0x0, 0x22240, 0x118) (async)
r0 = socket(0x2, 0x1, 0x0)
setsockopt$auto(r0, 0x1, 0x3e, 0x0, 0x7)
connect$auto(0x3, &(0x7f00000001c0)=@in={0x2, 0x4e21, @rand_addr=0x64010102}, 0x55) (async, rerun: 32)
ioctl$auto(0x3, 0x800005411, 0x38) (async, rerun: 32)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/vm/compact_unevictable_allowed\x00', 0xa00, 0x0)
pread64$auto(r1, 0x0, 0xb20, 0x9)

46.246211185s ago: executing program 4 (id=1455):
openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id\x00', 0x82204, 0x0)
r0 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_TIPC_NL_UDP_GET_REMOTEIP(r1, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000000340)=ANY=[@ANYBLOB, @ANYBLOB="f024e4c0cd3ac509da5da76a4737ca563b6195d1dc5167c68e7f92d61d773cfdc1e7aebfe0a5e85bb8d1acbfe0f6482c053f8deea61f50430499de8d4b55bc638aaf81c54fc9d45971c00f562ff4e42c30c437ef67320ae5a3c075147cb3cbd94e58f8d144301830cf8430cb585d6540bba9ea06f31f262dca98e82fa78b91920d2840048f417586454cf2d17a26359a6c748e1c9fdbab9499ff52ca7755abe68a04071e908fad1db937ac", @ANYBLOB="151f2cbd7000fbdbdf251600000004000180"], 0x18}, 0x1, 0x0, 0x0, 0x44010}, 0x20000080)
ioctl$auto_RTC_PARAM_SET(r0, 0x40187014, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_REQ_SET_REG(r2, &(0x7f0000002140)={0x0, 0x0, &(0x7f0000002100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="01002dbd7000fddbd64e8a42aab6e521e2c81f0b0000251b000000"], 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x40000)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/irq/15/smp_affinity_list\x00', 0x20201, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r4, &(0x7f0000000100)=""/125, 0x7d)
socket(0x23, 0x2, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mincore$auto(0x1000, 0x8001, 0x0)
r5 = socket(0xa, 0x801, 0x84)
getsockopt$auto(r5, 0x84, 0x73, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket(0xa, 0x1, 0x84)
getsockopt$auto(r6, 0x84, 0x1b, 0x0, &(0x7f0000000040)=0x400)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYBLOB='N\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
r7 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000)
getrandom$auto(&(0x7f00000032c0)='%{{\'\x00', 0x80000001, 0x8)
sendmsg$auto_NETDEV_CMD_DEV_GET(r1, &(0x7f00000005c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000580)={&(0x7f0000000440)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="02002abd7000fedbdf250100000008000100", @ANYRES32=0x0, @ANYBLOB="4bc19bba282df868441e31544a81e776ba55aaffb361a1", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x50)
recvmmsg$auto(r7, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)

45.926220813s ago: executing program 34 (id=1455):
openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id\x00', 0x82204, 0x0)
r0 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_TIPC_NL_UDP_GET_REMOTEIP(r1, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000000340)=ANY=[@ANYBLOB, @ANYBLOB="f024e4c0cd3ac509da5da76a4737ca563b6195d1dc5167c68e7f92d61d773cfdc1e7aebfe0a5e85bb8d1acbfe0f6482c053f8deea61f50430499de8d4b55bc638aaf81c54fc9d45971c00f562ff4e42c30c437ef67320ae5a3c075147cb3cbd94e58f8d144301830cf8430cb585d6540bba9ea06f31f262dca98e82fa78b91920d2840048f417586454cf2d17a26359a6c748e1c9fdbab9499ff52ca7755abe68a04071e908fad1db937ac", @ANYBLOB="151f2cbd7000fbdbdf251600000004000180"], 0x18}, 0x1, 0x0, 0x0, 0x44010}, 0x20000080)
ioctl$auto_RTC_PARAM_SET(r0, 0x40187014, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_REQ_SET_REG(r2, &(0x7f0000002140)={0x0, 0x0, &(0x7f0000002100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="01002dbd7000fddbd64e8a42aab6e521e2c81f0b0000251b000000"], 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x40000)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/irq/15/smp_affinity_list\x00', 0x20201, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r4, &(0x7f0000000100)=""/125, 0x7d)
socket(0x23, 0x2, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mincore$auto(0x1000, 0x8001, 0x0)
r5 = socket(0xa, 0x801, 0x84)
getsockopt$auto(r5, 0x84, 0x73, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket(0xa, 0x1, 0x84)
getsockopt$auto(r6, 0x84, 0x1b, 0x0, &(0x7f0000000040)=0x400)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYBLOB='N\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
r7 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000)
getrandom$auto(&(0x7f00000032c0)='%{{\'\x00', 0x80000001, 0x8)
sendmsg$auto_NETDEV_CMD_DEV_GET(r1, &(0x7f00000005c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000580)={&(0x7f0000000440)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="02002abd7000fedbdf250100000008000100", @ANYRES32=0x0, @ANYBLOB="4bc19bba282df868441e31544a81e776ba55aaffb361a1", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x50)
recvmmsg$auto(r7, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)

5.022167238s ago: executing program 1 (id=1662):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
inotify_rm_watch$auto(0xffffffffffffffff, 0x84e4)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0)
madvise$auto(0x0, 0x2000040080000004, 0xe)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = io_uring_setup$auto(0x8e3e, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptys1\x00', 0x20400, 0x0)
ioctl$auto_TIOCSWINSZ2(r2, 0x5414, 0x0)
modify_ldt$auto(0x1, 0x0, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
r3 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x501940, 0x0)
write$auto_sg_fops_sg(r3, &(0x7f00000000c0)="a1ba24b57d711f4e59f1811652787c5101cb0829a875b2d9578d9655abf7c485c8de20d5960e8c62ec71394cfe643c1d66616df32faac3d9971e269890fc975cb7ec23cec2fb8d61dd015954fe6ce3c1cb410e8a6ee8e2c6c7b3552fef0f6fad5b76832b31f15ab17e2fb67a0ccc17ae93ab9fd848ba3a602bf250428c99aee4d32f213fce9a32e1ca51fa3dbf51", 0x8e)
ioctl$auto(r0, 0x81, r1)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
r4 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0)
ioctl$auto_VHOST_SET_FEATURES2(r4, 0x4008af00, 0x0)
madvise$auto(0xfffffffffffffffd, 0xffffffffffff0002, 0x19)
fallocate$auto(0xffffffffffffffff, 0x1, 0x9, 0x80000000)
mmap$auto(0x2, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x100000000, 0x15)
madvise$auto(0x0, 0x1010001, 0x100000003)
setgroups$auto(0xe32, &(0x7f0000000040)=0x9)
uname$auto(&(0x7f0000000280)={"017a23d49d4e4f89b7bb66d0528142ad4998ea9c70c06d0408e91b30b0b0d300722823e67e78003cff84dfc2528569e4ca4367c6216df84c3958d96ed2c499caff", "1e2157148e99091f121521269985a6a599863e135818f2ccc77a864d50fd1b2447c13d33dfb37033d53d69c4ff062abf19efab53fd75a00d4af7dbdef66e913103", "1fa81ccc6ffd05b516bdc4046cdfee68955b5ae48f8a322b6a0e4d8233d9491029f04050fca8a76d8b02739e3347e73f0f398e219952ca06e6c78655a70e097917", "0749ebba3d6f1ed9c077eeeb6deae36535af268af804ea0614e6c5ef0445f6fb05bec835636e440d94396dbeef246ceff774a1af2e8884df1be20351da9874f6fa", "4fbb5ffd975d9cf0800c3bf9046b1351f7371fcaea1fac30b4de0ac23b4d950cba906c482378f4337fe941454b8dbd36e51d285c95a92a20bec5a9907616fad85e", "d802740973602ea52b49799bc04ddb3c4e8995a5f9bd70c8c718fc2ebdffc648dd1195b4ac34305e0d8651eee2435736984e421114030659dd79fedec147e0e6ee"})
madvise$auto(0x0, 0x200007, 0x19)

2.767835141s ago: executing program 1 (id=1675):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x3, 0x6)
lsm_list_modules$auto(0x0, 0x0, 0x2)
close_range$auto(0x2, r0, 0x2)
socket(0xa, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0)
unshare$auto(0x40000080)
clock_nanosleep$auto(0x2, 0x1000, 0x0, 0x0)
r1 = getpid()
msgctl$auto(0x20000005, 0x401, &(0x7f0000000280)={{0x0, 0xffffffffffffffff, 0x0, 0x8, 0x1000, 0x8000, 0x3}, &(0x7f0000000080)=0x3, 0x0, 0x407f, 0x8, 0x3, 0x78, 0x7fffffffffbfffff, 0x6a7b, 0x7, 0x4, @inferred, @inferred=r1})
lstat$auto(0x0, &(0x7f0000000340)={0xebc, 0xd90, 0x7, 0x12, 0xee01, 0xee00, 0x0, 0x3, 0x0, 0x0, 0x1dd6, 0x4, 0x10000, 0x7, 0x8000000000000002, 0x8, 0xf})
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/net\x00')
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x11, 0x3, 0x2)
socket(0x21, 0x2, 0xa)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
socketpair$auto(0x3, 0x5, 0x7, 0x0)
getsockopt$auto(0x6, 0x110, 0x6, 0xffffffffffffffff, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/scsi/device_info\x00', 0x48041, 0x0)
r2 = socket(0xa, 0x3, 0x3a)
mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0)
epoll_wait$auto(r2, &(0x7f0000000000)={0x7, 0x9}, 0x7ff, 0x6)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
setsockopt$auto(0x400000000000003, 0x29, 0xca, 0x0, 0x567)
writev$auto(0x4, &(0x7f0000002bc0)={0x0, 0x7}, 0x7)
stat$auto(0x0, 0x0)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001080), 0xffffffffffffffff)
read$auto(0xffffffffffffffff, 0x0, 0x1f36)

2.761639239s ago: executing program 6 (id=1683):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/firmware/acpi/interrupts/gpe02\x00', 0x2, 0x0)
sendfile$auto(r0, r0, 0x0, 0x9)

2.696257255s ago: executing program 6 (id=1676):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/nullb0\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x810004, 0x40000000000ffb, 0x8000000008011, 0x3, 0x8000)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x9)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x8044}, 0x4001090)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000)
r0 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
io_uring_setup$auto(0x6, 0x0)
socket(0xa, 0x2, 0x0)
mmap$auto(0x0, 0x20006, 0xdf, 0xeb1, 0x0, 0x8000)
getsockopt$auto(0x4, 0x1, 0x47, 0x0, 0x0)
read$auto(0x3, 0x0, 0x400000)

2.454571976s ago: executing program 2 (id=1677):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/tty/ptyxd/power/control\x00', 0x101000, 0x0)
sendfile$auto(r0, r0, 0x0, 0x9)

2.279009785s ago: executing program 1 (id=1679):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/nullb0\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x810004, 0x40000000000ffb, 0x8000000008011, 0x3, 0x8000)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x9)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="3ae90f7c", @ANYRES16=0x0], 0x14}, 0x1, 0x0, 0x0, 0x8044}, 0x4001090)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000)
r0 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
io_uring_setup$auto(0x6, 0x0)
socket(0xa, 0x2, 0x0)
mmap$auto(0x0, 0x20006, 0xdf, 0xeb1, 0x0, 0x8000)
getsockopt$auto(0x4, 0x1, 0x47, 0x0, 0x0)
read$auto(0x3, 0x0, 0x400000)

2.25328401s ago: executing program 2 (id=1680):
r0 = openat$auto_ocfs2_control_fops_stack_user(0xffffffffffffff9c, &(0x7f0000002bc0), 0x400, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/platform/snd_aloop.0/sound/card1/id\x00', 0x48a22, 0x0)
read$auto(r1, 0x0, 0x13)
setresuid$auto(0x8, 0x8, 0x0)
setfsuid$auto(0x0)
mkdir$auto(&(0x7f00000003c0)='}[,&*}\x00', 0x6)
chroot$auto(&(0x7f0000000000)='}[,&*}\x00')
write$auto(r1, 0x0, 0x8)
read$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000000140)=""/66, 0x42)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/rpc/auth.unix.gid/content\x00', 0x200, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r2, &(0x7f0000000040)=""/104, 0x68)

2.10388609s ago: executing program 2 (id=1681):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/nullb0\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x810004, 0x40000000000ffb, 0x8000000008011, 0x3, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="3ae90f7c", @ANYRES16=0x0], 0x14}, 0x1, 0x0, 0x0, 0x8044}, 0x4001090)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000)
io_uring_setup$auto(0x6, 0x0)
getsockopt$auto(0x4, 0x1, 0x47, 0x0, 0x0)
read$auto(0x3, 0x0, 0x400000)

1.979850472s ago: executing program 6 (id=1682):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/nullb0\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x810004, 0x40000000000ffb, 0x8000000008011, 0x3, 0x8000)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x9)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x8044}, 0x4001090)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000)
r0 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
io_uring_setup$auto(0x6, 0x0)
socket(0xa, 0x2, 0x0)
mmap$auto(0x0, 0x20006, 0xdf, 0xeb1, 0x0, 0x8000)
getsockopt$auto(0x4, 0x1, 0x47, 0x0, 0x0)
read$auto(0x3, 0x0, 0x400000)

1.757682759s ago: executing program 1 (id=1685):
r0 = socket(0x11, 0x3, 0x9)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000100), r1)
sendmsg$auto_NL802154_CMD_GET_SEC_LEVEL(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x1c, r2, 0xf01, 0x70bd2c, 0x25dfdbff, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40084}, 0x40)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
statx$auto(0xffffff9c, 0x0, 0x1000, 0x803, 0x0)
ioctl$auto(0x3, 0x8912, 0x46)
r3 = gettid()
r4 = socket(0x2, 0x80802, 0x0)
bind$auto(r4, &(0x7f0000000080)=@in={0x2, 0x4e24, @empty}, 0x6b)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4)
connect$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xfffe}, 0x55)
rt_sigqueueinfo$auto(r3, 0x10, &(0x7f0000000000)={@siginfo_0_0={0x7, 0x7, 0xfffffffa, @_rt={r3, 0x0, @sival_ptr=0x0}}})
sendmsg$auto_NL802154_CMD_DEL_SEC_DEVKEY(r0, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000140)={0x4c, r2, 0x400, 0x70bd25, 0x25dfdbff, {}, [@NL802154_ATTR_SCAN_CHANNELS={0x8, 0x21, 0xe68}, @NL802154_ATTR_EXTENDED_ADDR={0xc, 0x17, 0x7}, @NL802154_ATTR_PID={0x8, 0x1c, r3}, @NL802154_ATTR_IFNAME={0x14, 0x4, 'syz_tun\x00'}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0xfa}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4001}, 0x0)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48})
r5 = openat$auto_proc_gid_map_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/gid_map\x00', 0x20002, 0x0)
write$auto_proc_gid_map_operations_base(r5, 0x0, 0x0)
r6 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/input/event2\x00', 0x2a482, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x2, 0x9)
recvfrom$auto(0x4, 0x0, 0x101d0, 0x3ffffd, 0x0, 0x0)
recvmmsg$auto(0x4, &(0x7f0000000200)={{0x0, 0x4, &(0x7f0000000140)={0x0, 0x4da}, 0x4, 0x0, 0x8, 0x800}, 0x1000}, 0xffffffff, 0x0, 0x0)
sendmsg$auto_NETDEV_CMD_NAPI_GET(r7, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000780)={0x1c, 0x0, 0x1, 0x70bd2d, 0x259fdbfb, {}, [@NETDEV_A_NAPI_ID={0x8, 0x2, 0x3}]}, 0x1c}}, 0x0)
ioctl$auto_evdev_fops_evdev(r6, 0x80044584, 0x0)

1.496502587s ago: executing program 2 (id=1686):
socket(0xa, 0x2, 0x0) (async)
setsockopt$auto(0x3, 0x0, 0x80, 0x0, 0xe)
mmap$auto(0x0, 0x400003, 0x7f, 0x9b72, 0x2, 0x8000) (async)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0xffffffffffff0004, 0x19) (async)
madvise$auto(0x0, 0x80000001, 0x8) (async)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
madvise$auto(0x0, 0x0, 0x3ff)

1.445658771s ago: executing program 5 (id=1687):
socket(0x2, 0x1, 0x106) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
get_robust_list$auto(0x0, 0x0, 0x0)
r0 = socket(0x80000000000000a, 0x2, 0x0)
getsockopt$auto(r0, 0x11, 0x65, 0x0, 0x0)
listen$auto(0x3, 0x9)
ioctl$auto(0x3, 0x80000541b, 0xb551)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa) (async)
mlockall$auto(0x7) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x40342, 0x22) (async)
mmap$auto(0x0, 0x8, 0xe1, 0x209b72, 0x7fffffff7f, 0x8000) (async)
socket(0x21, 0x2, 0x2)
connect$auto(0x5, 0x0, 0x9) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
madvise$auto(0x8000, 0x2000040080000007, 0x6) (async)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
ioctl$auto(r1, 0x4b4a, 0x9)
socket(0x2b, 0x1, 0x1) (async)
setsockopt$auto(0x3, 0x11e, 0x1, 0x0, 0x9) (async)
clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9)

1.242261612s ago: executing program 5 (id=1688):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/firmware/acpi/interrupts/gpe02\x00', 0x2, 0x0)
sendfile$auto(r0, r0, 0x0, 0x9) (fail_nth: 3)

1.21924602s ago: executing program 6 (id=1689):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/firmware/acpi/interrupts/gpe02\x00', 0x2, 0x0)
r1 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/lru_gen\x00', 0x0, 0x0)
r2 = socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
getsockopt$auto(r2, 0x84, 0x7a, 0x0, &(0x7f0000000000)=0x9b)
read$auto_lru_gen_rw_fops_vmscan(r1, &(0x7f00000000c0)=""/4096, 0x1000)
read$auto(0x3, 0x0, 0x7)
sendfile$auto(r0, r0, 0x0, 0xb)

1.101841305s ago: executing program 6 (id=1690):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/vkms/graphics/fb0/state\x00', 0xc2481, 0x0)
write$auto(r0, &(0x7f0000000040)='0\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
mmap$auto(0x1, 0xef3, 0x47d, 0x15, r0, 0x5)

827.675578ms ago: executing program 1 (id=1691):
r0 = openat$auto_ocfs2_control_fops_stack_user(0xffffffffffffff9c, &(0x7f0000002bc0), 0x400, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/platform/snd_aloop.0/sound/card1/id\x00', 0x48a22, 0x0)
read$auto(r1, 0x0, 0x13)
setresuid$auto(0x8, 0x8, 0x0)
setfsuid$auto(0x0)
mkdir$auto(&(0x7f00000003c0)='}[,&*}\x00', 0x6)
chroot$auto(&(0x7f0000000000)='}[,&*}\x00')
write$auto(r1, 0x0, 0x8)
read$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000000140)=""/66, 0x42)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/rpc/auth.unix.gid/content\x00', 0x200, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r2, &(0x7f0000000040)=""/104, 0x68)

827.101489ms ago: executing program 2 (id=1699):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/nullb0\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x810004, 0x40000000000ffb, 0x8000000008011, 0x3, 0x8000)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x9)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x8044}, 0x4001090)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000)
r0 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
io_uring_setup$auto(0x6, 0x0)
socket(0xa, 0x2, 0x0)
mmap$auto(0x0, 0x20006, 0xdf, 0xeb1, 0x0, 0x8000)
getsockopt$auto(0x4, 0x1, 0x47, 0x0, 0x0)
read$auto(0x3, 0x0, 0x400000)

826.597522ms ago: executing program 5 (id=1700):
socket(0x1f, 0x2, 0x7)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) (async)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x30}, 0x1, 0x0, 0x0, 0x881}, 0x8000) (async)
socket$nl_generic(0x10, 0x3, 0x10)
writev$auto(0x3, &(0x7f0000000100)={&(0x7f0000000340), 0x7111}, 0x8)

682.028876ms ago: executing program 1 (id=1692):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/nullb0\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x810004, 0x40000000000ffb, 0x8000000008011, 0x3, 0x8000)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x9)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x8044}, 0x4001090)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000)
r0 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
io_uring_setup$auto(0x6, 0x0)
socket(0xa, 0x2, 0x0)
mmap$auto(0x0, 0x20006, 0xdf, 0xeb1, 0x0, 0x8000)
getsockopt$auto(0x4, 0x1, 0x47, 0x0, 0x0)
read$auto(0x3, 0x0, 0x400000)

681.769915ms ago: executing program 5 (id=1693):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
setsockopt$auto(0xffffffffffffffff, 0x1, 0xd, &(0x7f0000000000)='\xa0\x8b\x82\xb4\xa0O\xc9\xed_Q\xd1X2\xd9\xcd\x01W146F\xf7\xf4u\xbf\xce\xad)\xa5/\xa9\xc9\xe6Gn+\x11u\x1e\x8e\x8f\x89\x19C\xdf\xc1*\xcb\x10\b\xf9\xed\xeak\xb0\xea\t\xddx\xf5w\xaeu\xd1WL!\x98W\x1f\xf1\x97$\xdb\x9f\x97\xbc\xa80ro\x16\xc4\x8c\xd1\xf8\xc16h0\xa03\xb4vr~\x824\xed9\xe0$a\xad\xd3\x16+\xc5b\xb5,A\xba\xd6\xee\x9b\xdf2\x03;$R*\xd9iy\x0e\xbe\xe32\xfd\x1d\x94\x8bC\xe9\x8b7\x83;\xa1H\xe1\xbd\x8eW\xb5\xf9\x98\xcf\xef\xf4m\x96S\xcf\xdb\xe8[\xff\xa6?^1B\xda*\xc4\t$`V\xdc\x03&\xd1\xcf\xe9}\x859wKR\xf9\x1e\xbfH\\\x0ev\x891\xd0\xfe\xfb_\xa4\x87\xf7\x1c\x8a0\x1f\xbd\x8fq\x80BJ\xad6{\x93%\xc8\x81l\x17\bk\xf8\xa4\xb1\xdd\xd0\xde\xfdJS\xbf\a{o7\xc0\xe7i|\xab\a\xa8\xf1\xacmU\x98^\x12\x1b\xc7\xa6@\x1d\x8d4S\x06\xa6]\x9d{4\xf5\xf2\t\xb7\xc9\x06\xb6\xd0\x89\x8a\xdf\xb5\x06vb6\n^\xd8DZG \xbbR#\xb5p\xe6]r\x06\x8f\nV\xed\x04\xf8\xce\xca6\xdfwf\xfeJ\bryV', 0x5)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="01002cbd7000fbdbdf250a0080"], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x20008810)
pwrite64$auto(r0, &(0x7f0000000300)='\xa0\x8b\x82\xb4\xa0O\xc9\xed_Q\xd1X2\xd9\xcd\x01W146F\xf7\xf4u\xbf\xce\xad)\xa5/\xa9\xc9\xe6Gn+\x11u\x1e\x8e\x8f\x89\x19C\xdf\xc1*\xcb\x10\b\xf9\xed\xeak\xb0\xea\t\xddx\xf5w\xaeu\xd1WL!\x98W\x1f\xf1\x97$\xdb\x9f\x97\xbc\xa80ro\x16\xc4\x8c\xd1\xf8\xc16h0\xa03\xb4vr~\x824\xed9\xe0$a\xad\xd3\x16+\xc5b\xb5,A\xba\xd6\xee\x9b\xdf2\x03;$R*\xd9iy\x0e\xbe\xe32\xfd\x1d\x94\x8bC\xe9\x8b7\x83;\xa1H\xe1\xbd\x8eW\xb5\xf9\x98\xcf\xef\xf4m\x96S\xcf\xdb\xe8[\xff\xa6?^1B\xda*\xc4\t$`V\xdc\x03&\xd1\xcf\xe9}\x859wKR\xf9\x1e\xbfH\\\x0ev\x891\xd0\xfe\xfb_\xa4\x87\xf7\x1c\x8a0\x1f\xbd\x8fq\x80BJ\xad6{\x93%\xc8\x81l\x17\bk\xf8\xa4\xb1\xdd\xd0\xde\xfdJS\xbf\a{o7\xc0\xe7i|\xab\a\xa8\xf1\xacmU\x98^\x12\x1b\xc7\xa6@\x1d\x8d4S\x06\xa6]\x9d{4\xf5\xf2\t\xb7\xc9\x06\xb6\xd0\x89\x8a\xdf\xb5\x06vb6\n^\xd8DZG \xbbR#\xb5p\xe6]r\x06\x8f\nV\xed\x04\xf8\xce\xca6\xdfwf\xfeJ\bryV', 0x80000000, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='J'], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

681.269432ms ago: executing program 6 (id=1702):
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
openat$auto_kernel_debug_fops_orangefs_debugfs(0xffffffffffffff9c, 0x0, 0x800, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/scsi_mod/parameters/max_luns\x00', 0x2080, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000001b40)=""/4096, 0x1000)
syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff)
mmap$auto(0x8000000000000000, 0x20008, 0xdf, 0xeb1, 0x401, 0x108000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_pid_set_timerslack_ns_operations_base(0xffffffffffffff9c, 0x0, 0x117041, 0x0)
r1 = openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/config/nvmet/discovery_nqn\x00', 0x189002, 0x0)
write$auto_configfs_file_operations_configfs_internal(r1, &(0x7f0000000140)="8e", 0x1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x806, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL802154_CMD_SET_CCA_MODE(r3, 0x0, 0x800)
getitimer$auto(0x1, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'macvlan1\x00', <r4=>0x0})
sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000000)={0x1c, 0x0, 0x30f4b0fcc8d9477d, 0x70bd2d, 0x25dfdbfc, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8}, 0x4000044)
r5 = socket(0xa, 0x5, 0x84)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
mbind$auto(0x0, 0x100000004, 0x4, 0x0, 0x20000000000006, 0x2)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000)
mount$auto(0x0, 0x0, 0x0, 0x0, 0x0)
sendto$auto(r5, 0x0, 0x401, 0x101, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c)
close_range$auto(0x2, 0x8, 0x0)

515.82704ms ago: executing program 5 (id=1694):
r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010029bd7000fadbdf250600000008000300", @ANYRES32=r2], 0x24}, 0x1, 0x0, 0x0, 0x20040010}, 0x20000084)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$auto_IOAM6_CMD_ADD_NAMESPACE(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)={0x24, r4, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@IOAM6_ATTR_NS_DATA={0x8, 0x2, 0x62075dd9}, @IOAM6_ATTR_NS_ID={0x6, 0x1, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x8800}, 0x8840)
sendmsg$auto_IOAM6_CMD_ADD_SCHEMA(r1, &(0x7f0000000580)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)={0x3b8, r4, 0x200, 0x70bd2b, 0x25dfdbfd, {}, [@IOAM6_ATTR_SC_DATA={0x394, 0x5, "d2e3291ae8b93c5ad1d59ebcd653a1c6ab78c7640e29bfdc1cc6c1b381416486645fe757a629bb29711ec09a50ba311f451c31620f7c3740e34cf4702dfceab7377230185e3c7e22de1b6b6b7eb420bd20b1de22dc60744841eeaa80afbd95c0d5808a624c09002813d55680832ca83e5ce0d3ff54bf3f1a65de1979e932e822a835c05a61a194d6bc7593a2833683a93529aa21b3a8057b785eb976bb8a8b4ad42897310643fbca810028c055d37acaa433eec13f9dd10afcbfcbf120519ea373b80e9ca35957e4187ca4a9277a77d72aa3713391e80cdd97c017b4d393b5ab14ca7ffdc7dd62bc1cbc03e816fb7307e3a2d2139818445f6b7663b46b9460ff726b6899f66d92803def7b582c759cda5d5b224381ad450e627069096be3d88807d8efe55e6c0d26a3e94d26aa7e4d764c015caa13bc4d794a52ba7914b0f06e2ca8765ed38363c63d00d22ac5480600baa3fb765c8fffa9907ac8bc047a52b862ac1ab8bb49719ef12e17fbcdc09cb83e5dd26bf18a34dfe846dd13887d5abea09fd8785f3ec9afb7a36b9f0a82276e4a4f32081f9bc59028b6ea39d26939ed492f61d2d66903fdb9dcbe13822c4665ecb43cc2509158359a431fbd0f730d5f2990d473be4796e8f295c132993352d13b48ff8214a815754b08b8cc429eee49c9e18286a63fa7c0c82c5e9a38bffe388642c08ac4549cfff05dc1cc5f99691d604e1350777ad0841bb0ed04b4369dcecea961e2b9b8fdc24afa76b25d453aaa2c0e29a1bd4be22bcf22fb07aa5742cb8a2e88f5aec24ce765754844b11dbcd05ebb83fd7ead076699e8d1eee5115fa0236ac9036a210aa70793dc8f2b1e36d9e4e4bde33099ead17f2f379f10a641fe312a1128e27a268e65b3e2983d3146011825b47994adb4a6fda9e12eceba9c9fdbd201e8f4977eacfcab13989cf53a5ee17b6890449dbda4ac942269eef227599e28523d334bb244eb635c6ed018ec1be5771789cc51ba6c0bf1c3a3eab7b16a40fd8f2932fe62fbc70b0faa648255fb06fca36024a87ed2eadeab3b02c54823737403362facba201e82a31924c409d3611d74c7cdbf1f1e00181d169fd9640e514e0f53ee4985cd44e6a20e5552d91087dd45043c109c153eeea49e2dd41c654e9e41bb8aca2879ece6d6cf9b60035695092c4fd2107e69a3695e5f3f24259f7330ce1b15c30c73ddfc9c3d824610d10c8b04c070fca1479682ec0805c8f9943406273f9175a74c42e838a382e82e49d720106f94efa0c977b2d98c168aa893"}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0x4ec}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0xfffffff8}]}, 0x3b8}, 0x1, 0x0, 0x0, 0x4000011}, 0x4000001)
syslog$auto(0x4, &(0x7f0000000040)='..\x00', 0x7)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4)
r5 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/user\x00')
getdents64$auto(r5, 0x0, 0x489)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_SET_WIPHY(r6, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8001}, 0x40080)

158.262754ms ago: executing program 2 (id=1695):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/nullb0\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x810004, 0x40000000000ffb, 0x8000000008011, 0x3, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="3ae90f7c"], 0x14}, 0x1, 0x0, 0x0, 0x8044}, 0x4001090)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000)
io_uring_setup$auto(0x6, 0x0)
getsockopt$auto(0x4, 0x1, 0x47, 0x0, 0x0)
read$auto(0x3, 0x0, 0x400000)

0s ago: executing program 5 (id=1696):
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
r0 = fcntl$auto(0x3, 0x400, 0x9ec0000000000000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
socket(0xa, 0x801, 0x84)
socket(0x2, 0x1, 0x0)
socket(0x1, 0x2, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sysfs$auto(0x2, 0x10000000000002e, 0x0)
fsopen$auto(0x0, 0x1)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x0)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
move_pages$auto(r1, 0x1002, 0x0, 0x0, 0x0, 0x2)
fcntl$auto(r0, 0x400, r1)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)

kernel console output (not intermixed with test programs):

6.416672][ T7367]  __kmalloc_noprof+0xce/0x4f0
[  146.421472][ T7367]  ? d_absolute_path+0x137/0x1b0
[  146.426449][ T7367]  ? tomoyo_encode2+0x100/0x3e0
[  146.431339][ T7367]  tomoyo_encode2+0x100/0x3e0
[  146.436056][ T7367]  tomoyo_realpath_from_path+0x1a7/0x710
[  146.441730][ T7367]  tomoyo_path_number_perm+0x248/0x5b0
[  146.447227][ T7367]  ? tomoyo_path_number_perm+0x235/0x5b0
[  146.452904][ T7367]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  146.458959][ T7367]  ? __pfx_lock_release+0x10/0x10
[  146.464008][ T7367]  ? trace_lock_acquire+0x14e/0x1f0
[  146.469250][ T7367]  ? lock_acquire+0x2f/0xb0
[  146.473776][ T7367]  ? __fget_files+0x40/0x3a0
[  146.478405][ T7367]  ? __fget_files+0x206/0x3a0
[  146.483117][ T7367]  security_file_ioctl+0x9b/0x240
[  146.488169][ T7367]  __x64_sys_ioctl+0xb7/0x200
[  146.492872][ T7367]  do_syscall_64+0xcd/0x250
[  146.497417][ T7367]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.503349][ T7367] RIP: 0033:0x7f2c32785d29
[  146.507800][ T7367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.527445][ T7367] RSP: 002b:00007f2c3369c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  146.535895][ T7367] RAX: ffffffffffffffda RBX: 00007f2c32975fa0 RCX: 00007f2c32785d29
[  146.543982][ T7367] RDX: 0000000000000003 RSI: 0000000000006f2d RDI: 0000000000000003
[  146.551980][ T7367] RBP: 00007f2c3369c090 R08: 0000000000000000 R09: 0000000000000000
[  146.559983][ T7367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  146.567985][ T7367] R13: 0000000000000000 R14: 00007f2c32975fa0 R15: 00007ffd4fffec18
[  146.576008][ T7367]  </TASK>
[  146.579140][    C0] vkms_vblank_simulate: vblank timer overrun
[  146.642415][ T7367] ERROR: Out of memory at tomoyo_realpath_from_path.
[  146.957141][ T7376] netlink: 338 bytes leftover after parsing attributes in process `syz.3.342'.
[  147.011966][ T7376] netlink: 338 bytes leftover after parsing attributes in process `syz.3.342'.
[  147.070710][ T7376] netlink: 134 bytes leftover after parsing attributes in process `syz.3.342'.
[  147.123802][ T7379] netlink: 134 bytes leftover after parsing attributes in process `syz.3.342'.
[  148.509359][ T7407] FAULT_INJECTION: forcing a failure.
[  148.509359][ T7407] name failslab, interval 1, probability 0, space 0, times 0
[  148.552365][ T7407] CPU: 0 UID: 0 PID: 7407 Comm: syz.1.351 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  148.563114][ T7407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  148.573207][ T7407] Call Trace:
[  148.576510][ T7407]  <TASK>
[  148.579463][ T7407]  dump_stack_lvl+0x16c/0x1f0
[  148.584188][ T7407]  should_fail_ex+0x497/0x5b0
[  148.588909][ T7407]  ? fs_reclaim_acquire+0xae/0x150
[  148.594066][ T7407]  should_failslab+0xc2/0x120
[  148.598793][ T7407]  __kmalloc_cache_node_noprof+0x6f/0x3f0
[  148.604557][ T7407]  ? __get_vm_area_node+0x101/0x2f0
[  148.609789][ T7407]  ? lock_acquire.part.0+0x11b/0x380
[  148.615190][ T7407]  __get_vm_area_node+0x101/0x2f0
[  148.620256][ T7407]  ? __mutex_trylock_common+0xea/0x250
[  148.625763][ T7407]  __vmalloc_node_range_noprof+0x26a/0x1530
[  148.631703][ T7407]  ? dvb_demux_do_ioctl+0x54d/0x1340
[  148.637155][ T7407]  ? rcu_is_watching+0x12/0xc0
[  148.641978][ T7407]  ? dvb_demux_do_ioctl+0x54d/0x1340
[  148.647325][ T7407]  ? dvb_demux_do_ioctl+0x496/0x1340
[  148.652670][ T7407]  ? __pfx___mutex_lock+0x10/0x10
[  148.657825][ T7407]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  148.664209][ T7407]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  148.670168][ T7407]  ? dvb_demux_do_ioctl+0x54d/0x1340
[  148.675509][ T7407]  vmalloc_noprof+0x6b/0x90
[  148.680066][ T7407]  ? dvb_demux_do_ioctl+0x54d/0x1340
[  148.685409][ T7407]  dvb_demux_do_ioctl+0x54d/0x1340
[  148.690586][ T7407]  dvb_usercopy+0x165/0x320
[  148.695151][ T7407]  ? __pfx_dvb_demux_do_ioctl+0x10/0x10
[  148.700765][ T7407]  ? __pfx_dvb_usercopy+0x10/0x10
[  148.705829][ T7407]  ? __pfx_lock_release+0x10/0x10
[  148.710905][ T7407]  ? __fget_files+0x206/0x3a0
[  148.715633][ T7407]  dvb_demux_ioctl+0x29/0x40
[  148.720266][ T7407]  ? __pfx_dvb_demux_ioctl+0x10/0x10
[  148.725620][ T7407]  __x64_sys_ioctl+0x190/0x200
[  148.730424][ T7407]  do_syscall_64+0xcd/0x250
[  148.735015][ T7407]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.740965][ T7407] RIP: 0033:0x7f36a8d85d29
[  148.745409][ T7407] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.765230][ T7407] RSP: 002b:00007f36a9c28038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  148.774479][ T7407] RAX: ffffffffffffffda RBX: 00007f36a8f75fa0 RCX: 00007f36a8d85d29
[  148.782489][ T7407] RDX: 0000000000000003 RSI: 0000000000006f2d RDI: 0000000000000003
[  148.790499][ T7407] RBP: 00007f36a9c28090 R08: 0000000000000000 R09: 0000000000000000
[  148.798495][ T7407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  148.806496][ T7407] R13: 0000000000000000 R14: 00007f36a8f75fa0 R15: 00007ffeb1a06cc8
[  148.814528][ T7407]  </TASK>
[  148.817699][    C0] vkms_vblank_simulate: vblank timer overrun
[  148.872628][ T7407] syz.1.351: vmalloc error: size 3, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1
[  148.906165][ T7407] CPU: 0 UID: 0 PID: 7407 Comm: syz.1.351 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  148.916818][ T7407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  148.926915][ T7407] Call Trace:
[  148.930225][ T7407]  <TASK>
[  148.933179][ T7407]  dump_stack_lvl+0x16c/0x1f0
[  148.937903][ T7407]  warn_alloc+0x24d/0x3a0
[  148.942281][ T7407]  ? __pfx_warn_alloc+0x10/0x10
[  148.947181][ T7407]  ? __kmalloc_cache_node_noprof+0x245/0x3f0
[  148.953218][ T7407]  ? __kasan_kmalloc+0x8a/0xb0
[  148.958031][ T7407]  ? __get_vm_area_node+0x1dc/0x2f0
[  148.963277][ T7407]  __vmalloc_node_range_noprof+0xd27/0x1530
[  148.969230][ T7407]  ? rcu_is_watching+0x12/0xc0
[  148.974056][ T7407]  ? dvb_demux_do_ioctl+0x54d/0x1340
[  148.979396][ T7407]  ? dvb_demux_do_ioctl+0x496/0x1340
[  148.984731][ T7407]  ? __pfx___mutex_lock+0x10/0x10
[  148.989801][ T7407]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  148.996698][ T7407]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  149.002639][ T7407]  ? dvb_demux_do_ioctl+0x54d/0x1340
[  149.007980][ T7407]  vmalloc_noprof+0x6b/0x90
[  149.012525][ T7407]  ? dvb_demux_do_ioctl+0x54d/0x1340
[  149.017871][ T7407]  dvb_demux_do_ioctl+0x54d/0x1340
[  149.023047][ T7407]  dvb_usercopy+0x165/0x320
[  149.027612][ T7407]  ? __pfx_dvb_demux_do_ioctl+0x10/0x10
[  149.033210][ T7407]  ? __pfx_dvb_usercopy+0x10/0x10
[  149.038277][ T7407]  ? __pfx_lock_release+0x10/0x10
[  149.043387][ T7407]  ? __fget_files+0x206/0x3a0
[  149.048121][ T7407]  dvb_demux_ioctl+0x29/0x40
[  149.052755][ T7407]  ? __pfx_dvb_demux_ioctl+0x10/0x10
[  149.058090][ T7407]  __x64_sys_ioctl+0x190/0x200
[  149.062904][ T7407]  do_syscall_64+0xcd/0x250
[  149.067454][ T7407]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.073397][ T7407] RIP: 0033:0x7f36a8d85d29
[  149.077848][ T7407] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.097490][ T7407] RSP: 002b:00007f36a9c28038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  149.105997][ T7407] RAX: ffffffffffffffda RBX: 00007f36a8f75fa0 RCX: 00007f36a8d85d29
[  149.114017][ T7407] RDX: 0000000000000003 RSI: 0000000000006f2d RDI: 0000000000000003
[  149.122032][ T7407] RBP: 00007f36a9c28090 R08: 0000000000000000 R09: 0000000000000000
[  149.130061][ T7407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  149.138086][ T7407] R13: 0000000000000000 R14: 00007f36a8f75fa0 R15: 00007ffeb1a06cc8
[  149.146129][ T7407]  </TASK>
[  149.149243][    C0] vkms_vblank_simulate: vblank timer overrun
[  149.188643][ T7407] Mem-Info:
[  149.205234][ T7407] active_anon:39988 inactive_anon:49568 isolated_anon:0
[  149.205234][ T7407]  active_file:17089 inactive_file:39828 isolated_file:0
[  149.205234][ T7407]  unevictable:768 dirty:661 writeback:0
[  149.205234][ T7407]  slab_reclaimable:10561 slab_unreclaimable:95141
[  149.205234][ T7407]  mapped:32054 shmem:80305 pagetables:792
[  149.205234][ T7407]  sec_pagetables:0 bounce:0
[  149.205234][ T7407]  kernel_misc_reclaimable:0
[  149.205234][ T7407]  free:1233310 free_pcp:10502 free_cma:0
[  149.284106][ T7407] Node 0 active_anon:161212kB inactive_anon:198048kB active_file:68356kB inactive_file:159240kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:128668kB dirty:2644kB writeback:0kB shmem:320104kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12240kB pagetables:3184kB sec_pagetables:0kB all_unreclaimable? no
[  149.379141][ T7407] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  149.500003][ T7407] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  149.586630][ T7407] lowmem_reserve[]: 0 2465 2466 0 0
[  149.609863][ T7407] Node 0 DMA32 free:1030116kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:175280kB inactive_anon:197536kB active_file:68356kB inactive_file:158412kB unevictable:1536kB writepending:2644kB present:3129332kB managed:2551336kB mlocked:0kB bounce:0kB free_pcp:8108kB local_pcp:2920kB free_cma:0kB
[  149.757303][ T7407] lowmem_reserve[]: 0 0 0 0 0
[  149.784616][ T7407] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:828kB unevictable:0kB writepending:0kB present:1048580kB managed:876kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  149.902913][ T7407] lowmem_reserve[]: 0 0 0 0 0
[  149.907732][ T7407] Node 1 Normal free:3865300kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:39980kB local_pcp:33416kB free_cma:0kB
[  150.041837][ T7407] lowmem_reserve[]: 0 0 0 0 0
[  150.046642][ T7407] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  150.130345][ T7407] Node 0 DMA32: 3*4kB (ME) 7*8kB (UM) 14*16kB (UME) 60*32kB (UME) 90*64kB (UME) 202*128kB (UME) 128*256kB (UM) 31*512kB (UME) 12*1024kB (UME) 1*2048kB (U) 224*4096kB (M) = 1014308kB
[  150.233218][ T7407] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  150.274702][ T7407] Node 1 Normal: 426*4kB (UME) 176*8kB (UME) 210*16kB (UM) 330*32kB (UME) 254*64kB (UME) 98*128kB (UME) 20*256kB (UM) 18*512kB (UME) 12*1024kB (UME) 10*2048kB (UME) 921*4096kB (M) = 3865352kB
[  150.388553][ T7407] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  150.398181][ T7407] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  150.471146][ T7407] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  150.518338][ T7407] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  150.527688][ T7407] 146001 total pagecache pages
[  150.578348][ T7407] 308 pages in swap cache
[  150.582749][ T7407] Free swap  = 33208kB
[  150.586838][ T7407] Total swap = 124996kB
[  150.638436][ T7407] 2097051 pages RAM
[  150.642308][ T7407] 0 pages HighMem/MovableOnly
[  150.647007][ T7407] 427367 pages reserved
[  150.689226][ T7407] 0 pages cma reserved
[  151.750876][ T7443] db_root: cannot open: ›
[  151.750874][   T29] audit: type=1800 audit(1735473336.521:10): pid=7443 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.361" name="dbroot" dev="configfs" ino=13136 res=0 errno=0
[  153.868175][ T7424] syz.3.356 (7424) used greatest stack depth: 17600 bytes left
[  155.642764][ T7477] netlink: 8 bytes leftover after parsing attributes in process `syz.2.369'.
[  158.311096][ T7507] netlink: 20 bytes leftover after parsing attributes in process `syz.3.377'.
[  158.668723][ T7509] syz.3.378 (7509) used obsolete PPPIOCDETACH ioctl
[  162.959756][ T7575] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9
[  163.043210][ T7579] netlink: 330 bytes leftover after parsing attributes in process `syz.1.394'.
[  163.093704][ T7579] ü: renamed from team0 (while UP)
[  164.199849][ T7592] netlink: 8 bytes leftover after parsing attributes in process `syz.1.397'.
[  164.503647][ T7598] FAULT_INJECTION: forcing a failure.
[  164.503647][ T7598] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  164.528758][ T7598] CPU: 0 UID: 0 PID: 7598 Comm: syz.2.401 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  164.539415][ T7598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  164.549507][ T7598] Call Trace:
[  164.552821][ T7598]  <TASK>
[  164.555779][ T7598]  dump_stack_lvl+0x16c/0x1f0
[  164.560495][ T7598]  should_fail_ex+0x497/0x5b0
[  164.565222][ T7598]  _copy_from_user+0x2e/0xd0
[  164.569849][ T7598]  kstrtoull_from_user+0xc4/0x1a0
[  164.574907][ T7598]  ? __pfx_kstrtoull_from_user+0x10/0x10
[  164.580590][ T7598]  trace_options_core_write+0xd6/0x250
[  164.586089][ T7598]  ? __pfx_trace_options_core_write+0x10/0x10
[  164.592211][ T7598]  ? __pfx_trace_options_core_write+0x10/0x10
[  164.598318][ T7598]  vfs_write+0x24c/0x1150
[  164.602685][ T7598]  ? __fget_files+0x1fc/0x3a0
[  164.607400][ T7598]  ? __pfx___mutex_lock+0x10/0x10
[  164.612462][ T7598]  ? __pfx_vfs_write+0x10/0x10
[  164.617272][ T7598]  ? __fget_files+0x206/0x3a0
[  164.622001][ T7598]  ksys_write+0x12b/0x250
[  164.626367][ T7598]  ? __pfx_ksys_write+0x10/0x10
[  164.631262][ T7598]  do_syscall_64+0xcd/0x250
[  164.635820][ T7598]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.641841][ T7598] RIP: 0033:0x7f2c32785d29
[  164.646378][ T7598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.666038][ T7598] RSP: 002b:00007f2c3369c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  164.674579][ T7598] RAX: ffffffffffffffda RBX: 00007f2c32975fa0 RCX: 00007f2c32785d29
[  164.682671][ T7598] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003
[  164.690676][ T7598] RBP: 00007f2c3369c090 R08: 0000000000000000 R09: 0000000000000000
[  164.698682][ T7598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  164.706687][ T7598] R13: 0000000000000000 R14: 00007f2c32975fa0 R15: 00007ffd4fffec18
[  164.714706][ T7598]  </TASK>
[  164.717801][    C0] vkms_vblank_simulate: vblank timer overrun
[  166.109683][ T7634] FAULT_INJECTION: forcing a failure.
[  166.109683][ T7634] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  166.164658][ T7634] CPU: 0 UID: 0 PID: 7634 Comm: syz.3.410 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  166.175328][ T7634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  166.185419][ T7634] Call Trace:
[  166.188756][ T7634]  <TASK>
[  166.191710][ T7634]  dump_stack_lvl+0x16c/0x1f0
[  166.196425][ T7634]  should_fail_ex+0x497/0x5b0
[  166.201152][ T7634]  _copy_to_user+0x32/0xd0
[  166.205620][ T7634]  simple_read_from_buffer+0xd0/0x160
[  166.211036][ T7634]  proc_fail_nth_read+0x198/0x270
[  166.216113][ T7634]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  166.221724][ T7634]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  166.227330][ T7634]  vfs_read+0x1df/0xbe0
[  166.231531][ T7634]  ? __fget_files+0x1fc/0x3a0
[  166.236330][ T7634]  ? __pfx___mutex_lock+0x10/0x10
[  166.241390][ T7634]  ? __pfx_vfs_read+0x10/0x10
[  166.246117][ T7634]  ? __fget_files+0x206/0x3a0
[  166.250861][ T7634]  ksys_read+0x12b/0x250
[  166.255152][ T7634]  ? __pfx_ksys_read+0x10/0x10
[  166.259985][ T7634]  do_syscall_64+0xcd/0x250
[  166.264538][ T7634]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.270472][ T7634] RIP: 0033:0x7fdccf98473c
[  166.274916][ T7634] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  166.294654][ T7634] RSP: 002b:00007fdcd07cb030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  166.303106][ T7634] RAX: ffffffffffffffda RBX: 00007fdccfb75fa0 RCX: 00007fdccf98473c
[  166.311108][ T7634] RDX: 000000000000000f RSI: 00007fdcd07cb0a0 RDI: 0000000000000005
[  166.319111][ T7634] RBP: 00007fdcd07cb090 R08: 0000000000000000 R09: 0000000000000000
[  166.327115][ T7634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  166.335118][ T7634] R13: 0000000000000000 R14: 00007fdccfb75fa0 R15: 00007ffec9472dc8
[  166.343146][ T7634]  </TASK>
[  166.346252][    C0] vkms_vblank_simulate: vblank timer overrun
[  166.776362][ T7650] netlink: 8 bytes leftover after parsing attributes in process `syz.3.413'.
[  167.123383][ T7653] vivid-013: =================  START STATUS  =================
[  167.155994][ T7653] vivid-013: Generate PTS: true
[  167.184906][ T7653] vivid-013: Generate SCR: true
[  167.207733][ T7653] tpg source WxH: 640x360 (Y'CbCr)
[  167.249472][ T7653] tpg field: 1
[  167.252894][ T7653] tpg crop: 640x360@0x0
[  167.269649][ T7653] tpg compose: 640x360@0x0
[  167.274126][ T7653] tpg colorspace: 8
[  167.303522][ T7653] tpg transfer function: 0/0
[  167.308173][ T7653] tpg Y'CbCr encoding: 0/0
[  167.328404][ T7653] tpg quantization: 0/0
[  167.332617][ T7653] tpg RGB range: 0/2
[  167.348633][ T7653] vivid-013: ==================  END STATUS  ==================
[  167.657697][ T7674] bridge0: port 3(bond0) entered blocking state
[  167.671045][ T7674] bridge0: port 3(bond0) entered disabled state
[  167.677499][ T7674] bond0: entered allmulticast mode
[  167.687707][ T7674] bond_slave_0: entered allmulticast mode
[  167.714920][ T7674] bond_slave_1: entered allmulticast mode
[  167.732130][ T7674] bond0: entered promiscuous mode
[  167.739256][ T7674] bond_slave_0: entered promiscuous mode
[  167.745090][ T7674] bond_slave_1: entered promiscuous mode
[  167.752011][ T7674] bridge0: port 3(bond0) entered blocking state
[  167.758685][ T7674] bridge0: port 3(bond0) entered forwarding state
[  168.093712][ T7680] netlink: 342 bytes leftover after parsing attributes in process `syz.1.420'.
[  172.280015][ T7709] netlink: 'syz.2.428': attribute type 11 has an invalid length.
[  173.724912][ T7734] cgroup: fork rejected by pids controller in /syz3
[  173.926732][ T7772] netlink: 12 bytes leftover after parsing attributes in process `syz.2.437'.
[  173.948176][ T7772] nbd: must specify a size in bytes for the device
[  175.875227][ T7798] can: request_module (can-proto-0) failed.
[  176.073353][ T7799] can: request_module (can-proto-0) failed.
[  176.181260][ T6513] syz.0.162 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  176.452673][ T6513] CPU: 0 UID: 0 PID: 6513 Comm: syz.0.162 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  176.463342][ T6513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  176.473429][ T6513] Call Trace:
[  176.476733][ T6513]  <TASK>
[  176.480154][ T6513]  dump_stack_lvl+0x16c/0x1f0
[  176.484873][ T6513]  dump_header+0x101/0x900
[  176.489336][ T6513]  oom_kill_process+0x270/0xa60
[  176.494225][ T6513]  ? mem_cgroup_out_of_memory+0x8d/0x270
[  176.499899][ T6513]  out_of_memory+0x351/0x1700
[  176.504624][ T6513]  ? __pfx_out_of_memory+0x10/0x10
[  176.509780][ T6513]  ? rcu_read_unlock+0x17/0x60
[  176.514595][ T6513]  ? find_held_lock+0x2d/0x110
[  176.519403][ T6513]  mem_cgroup_out_of_memory+0x207/0x270
[  176.524982][ T6513]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  176.531094][ T6513]  ? do_raw_spin_unlock+0x172/0x230
[  176.536351][ T6513]  try_charge_memcg+0x54c/0xaf0
[  176.541257][ T6513]  ? __pfx_try_charge_memcg+0x10/0x10
[  176.546675][ T6513]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[  176.552174][ T6513]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[  176.557666][ T6513]  ? get_mem_cgroup_from_mm+0x131/0x5f0
[  176.563250][ T6513]  __mem_cgroup_charge+0x9b/0x280
[  176.568317][ T6513]  shmem_alloc_and_add_folio+0x507/0xc00
[  176.573982][ T6513]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  176.579916][ T6513]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  176.586112][ T6513]  ? shmem_huge_global_enabled+0x176/0x250
[  176.591961][ T6513]  ? shmem_allowable_huge_orders+0xcd/0x3e0
[  176.597890][ T6513]  shmem_get_folio_gfp+0x689/0x1530
[  176.603138][ T6513]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  176.608811][ T6513]  ? mark_held_locks+0x9f/0xe0
[  176.613616][ T6513]  ? timestamp_truncate+0x21f/0x2e0
[  176.618858][ T6513]  shmem_write_begin+0x161/0x300
[  176.623835][ T6513]  ? __pfx_shmem_write_begin+0x10/0x10
[  176.629330][ T6513]  ? inode_set_ctime_current+0x2a7/0x900
[  176.635010][ T6513]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1270
[  176.641909][ T6513]  ? __pfx_inode_set_ctime_current+0x10/0x10
[  176.648026][ T6513]  generic_perform_write+0x2ba/0x920
[  176.653367][ T6513]  ? __pfx_generic_perform_write+0x10/0x10
[  176.659209][ T6513]  ? __mark_inode_dirty+0x2a5/0xe50
[  176.664460][ T6513]  ? generic_update_time+0xcf/0xf0
[  176.666438][ T7803] netlink: 330 bytes leftover after parsing attributes in process `syz.3.438'.
[  176.669597][ T6513]  ? mnt_put_write_access_file+0x45/0xf0
[  176.669702][ T6513]  shmem_file_write_iter+0x10e/0x140
[  176.689563][ T6513]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  176.695412][ T6513]  __kernel_write_iter+0x318/0xa80
[  176.700574][ T6513]  ? __pfx___kernel_write_iter+0x10/0x10
[  176.706253][ T6513]  ? get_dump_page+0x15b/0x230
[  176.711073][ T6513]  ? __pfx___might_resched+0x10/0x10
[  176.716407][ T6513]  ? dump_user_range+0x3ae/0x8c0
[  176.721390][ T6513]  dump_user_range+0x389/0x8c0
[  176.726212][ T6513]  ? __pfx_dump_user_range+0x10/0x10
[  176.731561][ T6513]  ? elf_coredump_extra_notes_write+0xbe/0x430
[  176.737760][ T6513]  ? __pfx_writenote+0x10/0x10
[  176.742569][ T6513]  elf_core_dump+0x2787/0x3880
[  176.747386][ T6513]  ? __pfx_elf_core_dump+0x10/0x10
[  176.752538][ T6513]  ? try_to_wake_up+0x949/0x1490
[  176.757517][ T6513]  ? __pfx_lock_release+0x10/0x10
[  176.762630][ T6513]  ? rcu_is_watching+0x12/0xc0
[  176.767441][ T6513]  ? trace_lock_acquire+0x14e/0x1f0
[  176.772683][ T6513]  ? __pfx_sort+0x10/0x10
[  176.777056][ T6513]  ? get_signal+0x23f3/0x2610
[  176.781787][ T6513]  ? do_coredump+0x2dd5/0x43e0
[  176.786600][ T6513]  do_coredump+0x2dd5/0x43e0
[  176.791246][ T6513]  ? __pfx_do_coredump+0x10/0x10
[  176.796222][ T6513]  ? irqentry_exit_to_user_mode+0x13f/0x280
[  176.802244][ T6513]  get_signal+0x23f3/0x2610
[  176.806806][ T6513]  ? __pfx_get_signal+0x10/0x10
[  176.811701][ T6513]  ? __pfx_force_sig+0x10/0x10
[  176.816509][ T6513]  arch_do_signal_or_restart+0x90/0x7e0
[  176.822141][ T6513]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  176.828350][ T6513]  ? trace_irq_disable.constprop.0+0xea/0x140
[  176.834467][ T6513]  irqentry_exit_to_user_mode+0x13f/0x280
[  176.840236][ T6513]  asm_exc_stack_segment+0x26/0x30
[  176.845392][ T6513] RIP: 0033:0x7ff82d385d31
[  176.849839][ T6513] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  176.869485][ T6513] RSP: 002b:0100000000000005 EFLAGS: 00010217
[  176.875594][ T6513] RAX: 0000000000000000 RBX: 00007ff82d576320 RCX: 00007ff82d385d29
[  176.883596][ T6513] RDX: 0000000000000000 RSI: 0100000000000005 RDI: 0000000020003b46
[  176.891599][ T6513] RBP: 00007ff82d401b08 R08: 0000000000000002 R09: 0000000000000000
[  176.899600][ T6513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  176.907602][ T6513] R13: 0000000000000000 R14: 00007ff82d576320 R15: 00007ffca2b488d8
[  176.915634][ T6513]  </TASK>
[  177.018320][ T6513] memory: usage 307192kB, limit 307200kB, failcnt 16919
[  177.025315][ T6513] memory+swap: usage 430932kB, limit 9007199254740988kB, failcnt 0
[  177.034236][ T6513] kmem: usage 2976kB, limit 9007199254740988kB, failcnt 0
[  177.078338][ T6513] Memory cgroup stats for /syz0:
[  177.078620][ T6513] cache 305840128
[  177.087236][ T6513] rss 4390912
[  177.090630][ T6513] rss_huge 0
[  177.093845][ T6513] shmem 305840128
[  177.097503][ T6513] mapped_file 176128
[  177.115104][ T6513] dirty 0
[  177.118099][ T6513] writeback 0
[  177.121494][ T6513] workingset_refault_anon 1479
[  177.126458][ T6513] workingset_refault_file 40
[  177.131226][ T6513] swap 126709760
[  177.135748][ T6513] swapcached 1286144
[  177.139740][ T6513] pgpgin 150584
[  177.143214][ T6513] pgpgout 74530
[  177.146690][ T6513] pgfault 29149
[  177.194511][ T6513] pgmajfault 229
[  177.198189][ T6513] inactive_anon 293240832
[  177.202609][ T6513] active_anon 18276352
[  177.206704][ T6513] inactive_file 0
[  177.238431][ T6513] active_file 0
[  177.241951][ T6513] unevictable 0
[  177.245430][ T6513] hierarchical_memory_limit 314572800
[  177.250952][ T6513] hierarchical_memsw_limit 9223372036854771712
[  177.257136][ T6513] total_cache 305840128
[  177.298341][ T6513] total_rss 4390912
[  177.302197][ T6513] total_rss_huge 0
[  177.305953][ T6513] total_shmem 305840128
[  177.310294][ T6513] total_mapped_file 176128
[  177.314745][ T6513] total_dirty 0
[  177.368443][ T6513] total_writeback 0
[  177.372343][ T6513] total_workingset_refault_anon 1479
[  177.377654][ T6513] total_workingset_refault_file 40
[  177.395441][ T6513] total_swap 126709760
[  177.408850][ T6513] total_swapcached 1286144
[  177.413401][ T6513] total_pgpgin 150584
[  177.417407][ T6513] total_pgpgout 74530
[  177.448425][ T6513] total_pgfault 29149
[  177.452465][ T6513] total_pgmajfault 229
[  177.456558][ T6513] total_inactive_anon 293240832
[  177.461503][ T6513] total_active_anon 18276352
[  177.466112][ T6513] total_inactive_file 0
[  177.470350][ T6513] total_active_file 0
[  177.474372][ T6513] total_unevictable 0
[  177.478529][ T6513] anon_cost 0
[  177.481833][ T6513] file_cost 0
[  177.485151][ T6513] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.162,pid=6534,uid=0
[  177.501494][ T6513] Memory cgroup out of memory: Killed process 6534 (syz.0.162) total-vm:131432kB, anon-rss:4892kB, file-rss:23196kB, shmem-rss:188kB, UID:0 pgtables:128kB oom_score_adj:1000
[  179.660537][   T31] oom_reaper: reaped process 6534 (syz.0.162), now anon-rss:48kB, file-rss:20600kB, shmem-rss:188kB
[  180.340570][ T7846] ima: policy update failed
[  180.375695][   T29] audit: type=1802 audit(8277292048.050:11): pid=7846 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.457" res=0 errno=0
[  180.659095][ T5839] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  180.671041][ T5839] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  180.679377][ T5839] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  180.694418][ T5839] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  180.705422][ T5839] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  180.714068][ T5839] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  182.661839][ T7852] chnl_net:caif_netlink_parms(): no params data found
[  182.798374][ T5839] Bluetooth: hci4: command tx timeout
[  183.313312][ T7892] netlink: 330 bytes leftover after parsing attributes in process `syz.2.467'.
[  183.943142][ T7852] bridge0: port 1(bridge_slave_0) entered blocking state
[  183.966134][ T7852] bridge0: port 1(bridge_slave_0) entered disabled state
[  183.977418][ T7852] bridge_slave_0: entered allmulticast mode
[  183.987333][ T7852] bridge_slave_0: entered promiscuous mode
[  184.050750][ T7852] bridge0: port 2(bridge_slave_1) entered blocking state
[  184.057927][ T7852] bridge0: port 2(bridge_slave_1) entered disabled state
[  184.076500][ T7852] bridge_slave_1: entered allmulticast mode
[  184.087784][ T7852] bridge_slave_1: entered promiscuous mode
[  184.742982][ T7909] FAULT_INJECTION: forcing a failure.
[  184.742982][ T7909] name failslab, interval 1, probability 0, space 0, times 0
[  184.778751][ T7909] CPU: 0 UID: 0 PID: 7909 Comm: syz.2.471 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  184.789406][ T7909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  184.799500][ T7909] Call Trace:
[  184.802809][ T7909]  <TASK>
[  184.805765][ T7909]  dump_stack_lvl+0x16c/0x1f0
[  184.810483][ T7909]  should_fail_ex+0x497/0x5b0
[  184.815198][ T7909]  ? fs_reclaim_acquire+0xae/0x150
[  184.820345][ T7909]  should_failslab+0xc2/0x120
[  184.825058][ T7909]  __kmalloc_noprof+0xce/0x4f0
[  184.829877][ T7909]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  184.835543][ T7909]  ? tomoyo_realpath_from_path+0xbf/0x710
[  184.841303][ T7909]  tomoyo_realpath_from_path+0xbf/0x710
[  184.846892][ T7909]  ? tomoyo_path_number_perm+0x235/0x5b0
[  184.852571][ T7909]  tomoyo_path_number_perm+0x248/0x5b0
[  184.858069][ T7909]  ? tomoyo_path_number_perm+0x235/0x5b0
[  184.863751][ T7909]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  184.869805][ T7909]  ? __pfx_lock_release+0x10/0x10
[  184.874855][ T7909]  ? trace_lock_acquire+0x14e/0x1f0
[  184.879893][ T5839] Bluetooth: hci4: command tx timeout
[  184.880071][ T7909]  ? lock_acquire+0x2f/0xb0
[  184.889957][ T7909]  ? __fget_files+0x40/0x3a0
[  184.894580][ T7909]  ? __fget_files+0x206/0x3a0
[  184.899290][ T7909]  security_file_ioctl+0x9b/0x240
[  184.904350][ T7909]  __x64_sys_ioctl+0xb7/0x200
[  184.909057][ T7909]  do_syscall_64+0xcd/0x250
[  184.913597][ T7909]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.919537][ T7909] RIP: 0033:0x7f2c32785d29
[  184.923974][ T7909] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.943699][ T7909] RSP: 002b:00007f2c3369c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  184.952146][ T7909] RAX: ffffffffffffffda RBX: 00007f2c32975fa0 RCX: 00007f2c32785d29
[  184.960148][ T7909] RDX: 0000000000000000 RSI: 00000000c0046d00 RDI: 0000000000000003
[  184.968144][ T7909] RBP: 00007f2c3369c090 R08: 0000000000000000 R09: 0000000000000000
[  184.976145][ T7909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  184.984142][ T7909] R13: 0000000000000000 R14: 00007f2c32975fa0 R15: 00007ffd4fffec18
[  184.992158][ T7909]  </TASK>
[  185.038435][ T7909] ERROR: Out of memory at tomoyo_realpath_from_path.
[  185.422055][ T7852] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  185.540143][ T7852] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  185.816089][ T7852] team0: Port device team_slave_0 added
[  185.836693][ T7852] team0: Port device team_slave_1 added
[  185.988427][ T7852] batman_adv: batadv0: Adding interface: batadv_slave_0
[  185.995422][ T7852] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  186.069309][ T7852] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  186.102319][ T7852] batman_adv: batadv0: Adding interface: batadv_slave_1
[  186.122869][ T7852] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  186.179790][ T7852] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  186.423147][ T7852] hsr_slave_0: entered promiscuous mode
[  186.446936][ T7852] hsr_slave_1: entered promiscuous mode
[  186.505753][ T7852] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  186.514266][ T7852] Cannot create hsr debugfs directory
[  186.900804][ T7852] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  186.912478][ T7852] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  186.935608][ T7852] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  186.957558][ T7852] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  186.964804][ T5839] Bluetooth: hci4: command tx timeout
[  187.299413][ T7852] 8021q: adding VLAN 0 to HW filter on device bond0
[  187.374739][ T7852] 8021q: adding VLAN 0 to HW filter on device team0
[  187.487073][ T7135] bridge0: port 1(bridge_slave_0) entered blocking state
[  187.495188][ T7135] bridge0: port 1(bridge_slave_0) entered forwarding state
[  187.507933][ T7135] bridge0: port 2(bridge_slave_1) entered blocking state
[  187.515139][ T7135] bridge0: port 2(bridge_slave_1) entered forwarding state
[  187.641564][ T7852] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  187.922787][ T7852] 8021q: adding VLAN 0 to HW filter on device batadv0
[  188.568546][ T7932] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied.
[  188.706574][ T7852] veth0_vlan: entered promiscuous mode
[  188.857834][ T7852] veth1_vlan: entered promiscuous mode
[  188.930823][ T7852] veth0_macvtap: entered promiscuous mode
[  188.956349][ T7852] veth1_macvtap: entered promiscuous mode
[  188.999928][ T7852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  189.039588][ T5839] Bluetooth: hci4: command tx timeout
[  189.046225][ T7852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.069543][ T7852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  189.077215][ T7937] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11
[  189.080074][ T7852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.081200][ T7852] batman_adv: batadv0: Interface activated: batadv_slave_0
[  189.110110][ T7852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  189.121669][ T7852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.131612][ T7852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  189.154708][ T7852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.182397][ T7852] batman_adv: batadv0: Interface activated: batadv_slave_1
[  189.224246][ T7852] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  189.249297][ T7852] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  189.269193][ T7852] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  189.277952][ T7852] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  189.482900][ T7886] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  189.508573][ T7886] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  189.542358][ T7141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  189.555482][ T7141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  190.281821][ T7929] Process accounting resumed
[  190.599255][ T7946] netlink: 28 bytes leftover after parsing attributes in process `syz.2.478'.
[  190.649645][ T7946] veth1_macvtap: entered allmulticast mode
[  191.680806][ T5837] Bluetooth: hci1: command 0x0406 tx timeout
[  191.688965][ T5832] Bluetooth: hci0: command 0x0406 tx timeout
[  191.695121][ T5832] Bluetooth: hci3: command 0x0406 tx timeout
[  191.725512][ T7963] binder: 7962:7963 ioctl 40044900 800000000000003 returned -22
[  194.729228][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  194.735700][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  196.505063][ T8012] binder: 8011:8012 ioctl 40044900 800000000000003 returned -22
[  199.359616][ T8023] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied.
[  199.412891][ T8023] Process accounting resumed
[  201.033966][   T29] audit: type=1806 audit(8277292068.710:12): xattr="." res=0
[  202.340785][ T8092] Invalid ELF header magic: != ELF
[  202.642053][ T8096] binder: 8095:8096 ioctl 40044900 800000000000003 returned -22
[  207.483646][ T8130] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.780757][ T8130] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.027979][ T8130] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.156038][ T8130] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.384345][ T8130] bridge_slave_1: left allmulticast mode
[  208.393730][ T8130] bridge_slave_1: left promiscuous mode
[  208.405777][ T8130] bridge0: port 2(bridge_slave_1) entered disabled state
[  208.443630][ T8130] bridge_slave_0: left allmulticast mode
[  208.456989][ T8130] bridge_slave_0: left promiscuous mode
[  208.476386][ T8130] bridge0: port 1(bridge_slave_0) entered disabled state
[  209.704848][ T8219] nbd: must specify a device to reconfigure
[  210.032146][ T8130] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  210.082437][ T8130] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  210.134149][ T8130] bond0 (unregistering): Released all slaves
[  210.875682][ T8243] netlink: zone id is out of range
[  211.199499][ T8130] hsr_slave_0: left promiscuous mode
[  211.238012][ T8130] hsr_slave_1: left promiscuous mode
[  211.247496][ T8130] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  211.258171][ T8130] batman_adv: batadv0: Removing interface: batadv_slave_0
[  211.284681][ T8130] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  211.313059][ T8130] batman_adv: batadv0: Removing interface: batadv_slave_1
[  211.397964][ T8130] veth1_macvtap: left promiscuous mode
[  211.418898][ T8130] veth0_macvtap: left promiscuous mode
[  211.424652][ T8130] veth1_vlan: left promiscuous mode
[  211.454084][ T8130] veth0_vlan: left promiscuous mode
[  212.765711][ T8130] team0 (unregistering): Port device team_slave_1 removed
[  212.855217][ T8130] team0 (unregistering): Port device team_slave_0 removed
[  219.390261][ T8428] HfR: entered promiscuous mode
[  219.412883][ T8428] netlink: 12 bytes leftover after parsing attributes in process `syz.1.577'.
[  219.430458][ T8428] HfR: left promiscuous mode
[  220.604680][ T8465] can: request_module (can-proto-5) failed.
[  225.407062][ T8578] netlink: 4 bytes leftover after parsing attributes in process `syz.1.597'.
[  225.970808][ T8585] Invalid ELF header magic: != ELF
[  230.259272][ T8627] ICMPv6: process `syz.1.612' is using deprecated sysctl (syscall) net.ipv6.neigh.virt_wifi0.retrans_time - use net.ipv6.neigh.virt_wifi0.retrans_time_ms instead
[  234.085691][ T7745] syz.3.435 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  234.646273][ T7745] CPU: 0 UID: 0 PID: 7745 Comm: syz.3.435 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  234.656929][ T7745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  234.667058][ T7745] Call Trace:
[  234.670367][ T7745]  <TASK>
[  234.673328][ T7745]  dump_stack_lvl+0x16c/0x1f0
[  234.678055][ T7745]  dump_header+0x101/0x900
[  234.682553][ T7745]  oom_kill_process+0x270/0xa60
[  234.687454][ T7745]  ? mem_cgroup_out_of_memory+0x8d/0x270
[  234.693135][ T7745]  out_of_memory+0x351/0x1700
[  234.697871][ T7745]  ? __pfx_out_of_memory+0x10/0x10
[  234.703025][ T7745]  ? rcu_read_unlock+0x17/0x60
[  234.707832][ T7745]  ? find_held_lock+0x2d/0x110
[  234.712648][ T7745]  mem_cgroup_out_of_memory+0x207/0x270
[  234.718238][ T7745]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  234.724349][ T7745]  ? do_raw_spin_unlock+0x172/0x230
[  234.729592][ T7745]  try_charge_memcg+0x54c/0xaf0
[  234.734496][ T7745]  ? __pfx_try_charge_memcg+0x10/0x10
[  234.739913][ T7745]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[  234.745406][ T7745]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[  234.750907][ T7745]  ? get_mem_cgroup_from_mm+0x131/0x5f0
[  234.756494][ T7745]  __mem_cgroup_charge+0x9b/0x280
[  234.761569][ T7745]  shmem_alloc_and_add_folio+0x507/0xc00
[  234.767246][ T7745]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  234.773183][ T7745]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  234.779381][ T7745]  ? shmem_huge_global_enabled+0x176/0x250
[  234.785244][ T7745]  ? shmem_allowable_huge_orders+0xcd/0x3e0
[  234.791191][ T7745]  shmem_get_folio_gfp+0x689/0x1530
[  234.796453][ T7745]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  234.802124][ T7745]  ? find_held_lock+0x2d/0x110
[  234.806932][ T7745]  shmem_write_begin+0x161/0x300
[  234.811910][ T7745]  ? __pfx_shmem_write_begin+0x10/0x10
[  234.817397][ T7745]  ? timestamp_truncate+0x21f/0x2e0
[  234.822643][ T7745]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1270
[  234.829551][ T7745]  generic_perform_write+0x2ba/0x920
[  234.834891][ T7745]  ? __pfx_generic_perform_write+0x10/0x10
[  234.840733][ T7745]  ? inode_needs_update_time.part.0+0x191/0x270
[  234.847025][ T7745]  shmem_file_write_iter+0x10e/0x140
[  234.852359][ T7745]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  234.858226][ T7745]  __kernel_write_iter+0x318/0xa80
[  234.863380][ T7745]  ? __pfx___kernel_write_iter+0x10/0x10
[  234.869057][ T7745]  ? get_dump_page+0x15b/0x230
[  234.873875][ T7745]  ? __pfx___might_resched+0x10/0x10
[  234.879213][ T7745]  dump_user_range+0x389/0x8c0
[  234.884032][ T7745]  ? __pfx_dump_user_range+0x10/0x10
[  234.889363][ T7745]  ? elf_coredump_extra_notes_write+0xbe/0x430
[  234.895562][ T7745]  ? __pfx_writenote+0x10/0x10
[  234.900378][ T7745]  elf_core_dump+0x2787/0x3880
[  234.905199][ T7745]  ? __pfx_elf_core_dump+0x10/0x10
[  234.910339][ T7745]  ? finish_task_switch.isra.0+0x217/0xcc0
[  234.916183][ T7745]  ? lockdep_hardirqs_on+0x7c/0x110
[  234.921458][ T7745]  ? __switch_to+0x749/0x1190
[  234.926237][ T7745]  ? rcu_is_watching+0x12/0xc0
[  234.931041][ T7745]  ? trace_lock_acquire+0x14e/0x1f0
[  234.936281][ T7745]  ? __pfx_sort+0x10/0x10
[  234.940669][ T7745]  ? get_signal+0x23f3/0x2610
[  234.945409][ T7745]  ? do_coredump+0x2dd5/0x43e0
[  234.950233][ T7745]  do_coredump+0x2dd5/0x43e0
[  234.954883][ T7745]  ? __pfx_do_coredump+0x10/0x10
[  234.959865][ T7745]  ? irqentry_exit_to_user_mode+0x13f/0x280
[  234.965874][ T7745]  get_signal+0x23f3/0x2610
[  234.970430][ T7745]  ? __pfx_get_signal+0x10/0x10
[  234.975317][ T7745]  ? rcu_is_watching+0x12/0xc0
[  234.980118][ T7745]  ? trace_irq_disable.constprop.0+0xea/0x140
[  234.986234][ T7745]  arch_do_signal_or_restart+0x90/0x7e0
[  234.991835][ T7745]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  234.998058][ T7745]  ? do_user_addr_fault+0xa4b/0x13f0
[  235.003418][ T7745]  irqentry_exit_to_user_mode+0x13f/0x280
[  235.009186][ T7745]  asm_exc_page_fault+0x26/0x30
[  235.014068][ T7745] RIP: 0033:0x0
[  235.017545][ T7745] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[  235.024933][ T7745] RSP: 002b:000000000000000a EFLAGS: 00010217
[  235.031039][ T7745] RAX: 0000000000000000 RBX: 00007fdccfb76240 RCX: 00007fdccf985d29
[  235.039036][ T7745] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46
[  235.047042][ T7745] RBP: 00007fdccfa01b08 R08: 0000000000000002 R09: 0000000000000000
[  235.055053][ T7745] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  235.063062][ T7745] R13: 0000000000000001 R14: 00007fdccfb76240 R15: 00007ffec9472dc8
[  235.071086][ T7745]  </TASK>
[  235.158388][ T7745] memory: usage 307200kB, limit 307200kB, failcnt 16724
[  235.165909][ T7745] memory+swap: usage 430872kB, limit 9007199254740988kB, failcnt 0
[  235.284650][ T7745] kmem: usage 2800kB, limit 9007199254740988kB, failcnt 0
[  235.310886][ T7745] Memory cgroup stats for /syz3:
[  235.311055][ T7745] cache 311455744
[  235.319738][ T7745] rss 126976
[  235.322964][ T7745] rss_huge 0
[  235.326194][ T7745] shmem 311451648
[  235.379070][ T7745] mapped_file 2998272
[  235.383117][ T7745] dirty 0
[  235.386085][ T7745] writeback 0
[  235.399575][ T7745] workingset_refault_anon 2677
[  235.404440][ T7745] workingset_refault_file 1233
[  235.438523][ T7745] swap 126640128
[  235.442133][ T7745] swapcached 126976
[  235.445960][ T7745] pgpgin 310726
[  235.449509][ T7745] pgpgout 237181
[  235.453075][ T7745] pgfault 98203
[  235.456556][ T7745] pgmajfault 360
[  235.498364][ T7745] inactive_anon 220856320
[  235.503516][ T7745] active_anon 90841088
[  235.507620][ T7745] inactive_file 4096
[  235.511727][ T7745] active_file 0
[  235.515208][ T7745] unevictable 0
[  235.538401][ T7745] hierarchical_memory_limit 314572800
[  235.543833][ T7745] hierarchical_memsw_limit 9223372036854771712
[  235.568449][ T7745] total_cache 311455744
[  235.572666][ T7745] total_rss 126976
[  235.576414][ T7745] total_rss_huge 0
[  235.580768][ T7745] total_shmem 311451648
[  235.584951][ T7745] total_mapped_file 2998272
[  235.608719][ T7745] total_dirty 0
[  235.612230][ T7745] total_writeback 0
[  235.616059][ T7745] total_workingset_refault_anon 2677
[  235.632207][ T7745] total_workingset_refault_file 1233
[  235.637547][ T7745] total_swap 126640128
[  235.658361][ T7745] total_swapcached 126976
[  235.662781][ T7745] total_pgpgin 310726
[  235.666795][ T7745] total_pgpgout 237181
[  235.688849][ T7745] total_pgfault 98203
[  235.692898][ T7745] total_pgmajfault 360
[  235.697007][ T7745] total_inactive_anon 220856320
[  235.728402][ T7745] total_active_anon 90841088
[  235.734845][ T7745] total_inactive_file 4096
[  235.748709][ T7745] total_active_file 0
[  235.752739][ T7745] total_unevictable 0
[  235.769516][ T7745] anon_cost 0
[  235.772920][ T7745] file_cost 0
[  235.776249][ T7745] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.435,pid=7760,uid=0
[  235.828370][ T7745] Memory cgroup out of memory: Killed process 7760 (syz.3.435) total-vm:131432kB, anon-rss:840kB, file-rss:23268kB, shmem-rss:2816kB, UID:0 pgtables:128kB oom_score_adj:1000
[  235.933451][ T8712] ICMPv6: process `syz.2.621' is using deprecated sysctl (syscall) net.ipv6.neigh.virt_wifi0.retrans_time - use net.ipv6.neigh.virt_wifi0.retrans_time_ms instead
[  238.017873][   T31] oom_reaper: reaped process 7760 (syz.3.435), now anon-rss:20kB, file-rss:20584kB, shmem-rss:2816kB
[  238.545931][ T8665] kexec: Could not allocate control_code_buffer
[  242.639464][   T29] audit: type=1800 audit(4294967321.740:13): pid=8859 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.637" name="discovery_nqn" dev="configfs" ino=19002 res=0 errno=0
[  243.734958][ T8870] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  243.822268][ T8870] CIFS mount error: No usable UNC path provided in device string!
[  243.822268][ T8870] 
[  243.877743][ T8870] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  245.444120][ T8901] ima: policy update failed
[  245.470183][   T29] audit: type=1802 audit(4294967324.580:14): pid=8901 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.649" res=0 errno=0
[  246.435357][ T8931] netlink: 12 bytes leftover after parsing attributes in process `syz.4.655'.
[  249.189317][ T8961] crash hp: kexec_trylock() failed, kdump image may be inaccurate
[  249.354673][   T29] audit: type=1800 audit(4294967328.460:15): pid=8976 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.670" name="discovery_nqn" dev="configfs" ino=19239 res=0 errno=0
[  250.025869][ T8994] netlink: 28 bytes leftover after parsing attributes in process `syz.4.676'.
[  250.071694][ T8994] veth0_macvtap: left promiscuous mode
[  250.152329][ T8994] macvtap0: entered allmulticast mode
[  252.039697][ T8944] kexec: Could not allocate control_code_buffer
[  253.093826][ T9065] netlink: 20 bytes leftover after parsing attributes in process `syz.3.699'.
[  253.386228][ T9076] netlink: 28 bytes leftover after parsing attributes in process `syz.2.702'.
[  254.520791][ T9093] netlink: 'syz.1.709': attribute type 1 has an invalid length.
[  254.546745][ T9093] netlink: del zone limit has 8 unknown bytes
[  254.682766][ T9090] crash hp: kexec_trylock() failed, kdump image may be inaccurate
[  254.895882][ T9102] syz.1.712(9102): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[  256.162042][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  256.169403][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  256.294741][ T9078] kexec: Could not allocate control_code_buffer
[  257.223461][ T9148] netlink: 28 bytes leftover after parsing attributes in process `syz.4.725'.
[  257.553852][ T9155] Invalid ELF header magic: != ELF
[  259.352466][ T9184] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  259.378573][ T9184] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  262.470135][ T9241] netlink: 12 bytes leftover after parsing attributes in process `syz.1.754'.
[  262.592601][ T9246] netlink: 28 bytes leftover after parsing attributes in process `syz.4.753'.
[  262.958459][ T9246] bond0: (slave bond_slave_0): Releasing backup interface
[  263.961258][ T9270] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  263.973545][ T9270] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  264.169356][ T9281] Process accounting resumed
[  264.563135][ T9294] netlink: 28 bytes leftover after parsing attributes in process `syz.1.768'.
[  264.689512][ T9294] bond0: (slave bond_slave_0): Releasing backup interface
[  264.740098][ T9294] bond_slave_0 (unregistering): left promiscuous mode
[  264.747109][ T9294] bond_slave_0 (unregistering): left allmulticast mode
[  265.167829][ T9303] netlink: 12 bytes leftover after parsing attributes in process `syz.1.772'.
[  267.231567][ T9342] block nbd12: shutting down sockets
[  267.386361][ T9356] FAULT_INJECTION: forcing a failure.
[  267.386361][ T9356] name failslab, interval 1, probability 0, space 0, times 0
[  267.423407][ T9356] CPU: 0 UID: 0 PID: 9356 Comm: syz.4.786 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  267.434056][ T9356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  267.444139][ T9356] Call Trace:
[  267.447439][ T9356]  <TASK>
[  267.450394][ T9356]  dump_stack_lvl+0x16c/0x1f0
[  267.455120][ T9356]  should_fail_ex+0x497/0x5b0
[  267.459828][ T9356]  ? fs_reclaim_acquire+0xae/0x150
[  267.464982][ T9356]  should_failslab+0xc2/0x120
[  267.469702][ T9356]  __kmalloc_cache_noprof+0x68/0x420
[  267.475042][ T9356]  hwflags_read+0x81/0x1f0
[  267.479506][ T9356]  full_proxy_read+0xfb/0x1b0
[  267.484218][ T9356]  ? __pfx_full_proxy_read+0x10/0x10
[  267.489536][ T9356]  vfs_read+0x1df/0xbe0
[  267.493719][ T9356]  ? __fget_files+0x1fc/0x3a0
[  267.498420][ T9356]  ? __pfx___mutex_lock+0x10/0x10
[  267.503476][ T9356]  ? __pfx_vfs_read+0x10/0x10
[  267.508193][ T9356]  ? __fget_files+0x206/0x3a0
[  267.512920][ T9356]  ksys_read+0x12b/0x250
[  267.517209][ T9356]  ? __pfx_ksys_read+0x10/0x10
[  267.522020][ T9356]  do_syscall_64+0xcd/0x250
[  267.526562][ T9356]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  267.532493][ T9356] RIP: 0033:0x7f7c26785d29
[  267.536948][ T9356] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  267.556586][ T9356] RSP: 002b:00007f7c275ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  267.565035][ T9356] RAX: ffffffffffffffda RBX: 00007f7c26975fa0 RCX: 00007f7c26785d29
[  267.573038][ T9356] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  267.581039][ T9356] RBP: 00007f7c275ae090 R08: 0000000000000000 R09: 0000000000000000
[  267.589040][ T9356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  267.597042][ T9356] R13: 0000000000000000 R14: 00007f7c26975fa0 R15: 00007ffd042c4fa8
[  267.605067][ T9356]  </TASK>
[  267.608242][    C0] vkms_vblank_simulate: vblank timer overrun
[  267.694145][ T9366] netlink: 342 bytes leftover after parsing attributes in process `syz.2.790'.
[  268.706615][ T9396] netlink: 'syz.1.799': attribute type 27 has an invalid length.
[  268.732458][ T9387] netlink: 'syz.2.796': attribute type 3 has an invalid length.
[  268.754897][ T9396] netlink: 334 bytes leftover after parsing attributes in process `syz.1.799'.
[  268.766119][ T9401] scsi_strcpy_devinfo: vendor string 'íÙ/&cžÀ~n]	ò|
[  268.766119][ T9401] MÅ' is too long
[  268.777540][ T9401] scsi_strcpy_devinfo: model string '’Dd5‚ÕK€2bÛ
[  268.777540][ T9401] ††½W�Ïõ›ú «ú' is too long
[  268.779227][ T9403] FAULT_INJECTION: forcing a failure.
[  268.779227][ T9403] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  268.821268][ T9396] netlink: 'syz.1.799': attribute type 2 has an invalid length.
[  268.831783][ T9403] CPU: 1 UID: 0 PID: 9403 Comm: syz.3.801 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  268.842435][ T9403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  268.850422][ T9396] netlink: 674 bytes leftover after parsing attributes in process `syz.1.799'.
[  268.852496][ T9403] Call Trace:
[  268.852510][ T9403]  <TASK>
[  268.852522][ T9403]  dump_stack_lvl+0x16c/0x1f0
[  268.852558][ T9403]  should_fail_ex+0x497/0x5b0
[  268.877111][ T9403]  _copy_to_user+0x32/0xd0
[  268.881575][ T9403]  simple_read_from_buffer+0xd0/0x160
[  268.886988][ T9403]  proc_fail_nth_read+0x198/0x270
[  268.892061][ T9403]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  268.897686][ T9403]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  268.903282][ T9403]  vfs_read+0x1df/0xbe0
[  268.907480][ T9403]  ? __fget_files+0x1fc/0x3a0
[  268.912195][ T9403]  ? __pfx___mutex_lock+0x10/0x10
[  268.917257][ T9403]  ? __pfx_vfs_read+0x10/0x10
[  268.921975][ T9403]  ? __fget_files+0x206/0x3a0
[  268.926695][ T9403]  ksys_read+0x12b/0x250
[  268.930977][ T9403]  ? __pfx_ksys_read+0x10/0x10
[  268.935793][ T9403]  do_syscall_64+0xcd/0x250
[  268.940334][ T9403]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.946261][ T9403] RIP: 0033:0x7fdccf98473c
[  268.950709][ T9403] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  268.970404][ T9403] RSP: 002b:00007fdcd07cb030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  268.978858][ T9403] RAX: ffffffffffffffda RBX: 00007fdccfb75fa0 RCX: 00007fdccf98473c
[  268.986866][ T9403] RDX: 000000000000000f RSI: 00007fdcd07cb0a0 RDI: 0000000000000004
[  268.994873][ T9403] RBP: 00007fdcd07cb090 R08: 0000000000000000 R09: 0000000000000000
[  269.002874][ T9403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.010876][ T9403] R13: 0000000000000000 R14: 00007fdccfb75fa0 R15: 00007ffec9472dc8
[  269.018906][ T9403]  </TASK>
[  269.613298][ T9423] netlink: 'syz.1.807': attribute type 3 has an invalid length.
[  270.483811][ T9450] can: request_module (can-proto-0) failed.
[  270.921574][ T9463] Invalid ELF header len 3
[  271.104072][ T9465] netlink: 342 bytes leftover after parsing attributes in process `syz.3.820'.
[  271.133097][ T9465] netlink: 342 bytes leftover after parsing attributes in process `syz.3.820'.
[  271.156323][ T9465] netlink: 102 bytes leftover after parsing attributes in process `syz.3.820'.
[  271.351990][ T9461] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  273.211195][ T9504] netlink: 28 bytes leftover after parsing attributes in process `syz.1.832'.
[  273.348849][ T9504] bridge0: port 3(bond0) entered disabled state
[  273.631308][ T9504] bond0 (unregistering): left allmulticast mode
[  273.637762][ T9504] bond_slave_1: left allmulticast mode
[  273.645256][ T9504] bond0 (unregistering): left promiscuous mode
[  273.653177][ T9504] bond_slave_1: left promiscuous mode
[  273.660623][ T9504] bridge0: port 3(bond0) entered disabled state
[  273.681746][ T9504] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  273.696279][ T9504] bond0 (unregistering): Released all slaves
[  276.836504][ T9573] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  276.886572][ T9573] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  277.954220][ T9594] Invalid ELF header magic: != ELF
[  278.570102][ T9603] KVM: debugfs: duplicate directory 9603-3
[  279.069515][ T9595] netlink: 28 bytes leftover after parsing attributes in process `syz.1.852'.
[  281.020538][ T9638] mkiss: ax0: crc mode is auto.
[  281.044322][ T9638] ceph: Failed to parse sending metrics switch value 'J'
[  281.332917][ T9643] netlink: 28 bytes leftover after parsing attributes in process `syz.2.866'.
[  281.852430][ T9643] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  281.873510][ T9643] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  281.892996][ T9643] bond0 (unregistering): Released all slaves
[  282.236314][ T9649] FAULT_INJECTION: forcing a failure.
[  282.236314][ T9649] name failslab, interval 1, probability 0, space 0, times 0
[  282.268301][ T9649] CPU: 1 UID: 0 PID: 9649 Comm: syz.4.876 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  282.279419][ T9649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  282.289517][ T9649] Call Trace:
[  282.292825][ T9649]  <TASK>
[  282.295782][ T9649]  dump_stack_lvl+0x16c/0x1f0
[  282.300504][ T9649]  should_fail_ex+0x497/0x5b0
[  282.305220][ T9649]  ? fs_reclaim_acquire+0xae/0x150
[  282.310373][ T9649]  should_failslab+0xc2/0x120
[  282.315104][ T9649]  __kmalloc_node_noprof+0xd1/0x520
[  282.320346][ T9649]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  282.325850][ T9649]  __kvmalloc_node_noprof+0xad/0x1a0
[  282.331177][ T9649]  seq_read_iter+0x82a/0x12b0
[  282.335888][ T9649]  ? __mutex_trylock_common+0xea/0x250
[  282.341386][ T9649]  kernfs_fop_read_iter+0x414/0x580
[  282.346625][ T9649]  ? rw_verify_area+0xd0/0x700
[  282.351427][ T9649]  vfs_read+0x87f/0xbe0
[  282.355629][ T9649]  ? __pfx_vfs_read+0x10/0x10
[  282.360368][ T9649]  ksys_read+0x12b/0x250
[  282.364644][ T9649]  ? __pfx_ksys_read+0x10/0x10
[  282.369456][ T9649]  do_syscall_64+0xcd/0x250
[  282.373994][ T9649]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  282.379922][ T9649] RIP: 0033:0x7f7c26785d29
[  282.384367][ T9649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  282.404012][ T9649] RSP: 002b:00007f7c275ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  282.412469][ T9649] RAX: ffffffffffffffda RBX: 00007f7c26975fa0 RCX: 00007f7c26785d29
[  282.420477][ T9649] RDX: 00000000000000b5 RSI: 0000000020002c00 RDI: 0000000000000003
[  282.428478][ T9649] RBP: 00007f7c275ae090 R08: 0000000000000000 R09: 0000000000000000
[  282.436476][ T9649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  282.444475][ T9649] R13: 0000000000000000 R14: 00007f7c26975fa0 R15: 00007ffd042c4fa8
[  282.452500][ T9649]  </TASK>
[  282.491293][ T9653] netlink: 326 bytes leftover after parsing attributes in process `syz.1.869'.
[  282.651826][ T9655] netlink: 342 bytes leftover after parsing attributes in process `syz.3.870'.
[  283.068609][ T9667] delete_channel: no stack
[  285.669798][ T9710] FAULT_INJECTION: forcing a failure.
[  285.669798][ T9710] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  285.749245][ T9710] CPU: 0 UID: 0 PID: 9710 Comm: syz.1.882 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  285.759905][ T9710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  285.769999][ T9710] Call Trace:
[  285.773313][ T9710]  <TASK>
[  285.776272][ T9710]  dump_stack_lvl+0x16c/0x1f0
[  285.780993][ T9710]  should_fail_ex+0x497/0x5b0
[  285.785729][ T9710]  _copy_to_iter+0x29b/0x1400
[  285.790464][ T9710]  ? trace_lock_acquire+0x14e/0x1f0
[  285.795713][ T9710]  ? __pfx_lock_release+0x10/0x10
[  285.800777][ T9710]  ? __pfx__copy_to_iter+0x10/0x10
[  285.805932][ T9710]  ? __virt_addr_valid+0x1a4/0x590
[  285.811096][ T9710]  ? __virt_addr_valid+0x5e/0x590
[  285.816173][ T9710]  ? __phys_addr_symbol+0x30/0x80
[  285.821239][ T9710]  ? __check_object_size+0x488/0x710
[  285.826572][ T9710]  seq_read_iter+0xd00/0x12b0
[  285.831300][ T9710]  kernfs_fop_read_iter+0x414/0x580
[  285.836549][ T9710]  ? rw_verify_area+0xd0/0x700
[  285.841356][ T9710]  vfs_read+0x87f/0xbe0
[  285.845553][ T9710]  ? __pfx_vfs_read+0x10/0x10
[  285.850286][ T9710]  ksys_read+0x12b/0x250
[  285.854559][ T9710]  ? __pfx_ksys_read+0x10/0x10
[  285.859392][ T9710]  do_syscall_64+0xcd/0x250
[  285.863938][ T9710]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.869879][ T9710] RIP: 0033:0x7f36a8d85d29
[  285.874320][ T9710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  285.893967][ T9710] RSP: 002b:00007f36a9c28038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  285.902424][ T9710] RAX: ffffffffffffffda RBX: 00007f36a8f75fa0 RCX: 00007f36a8d85d29
[  285.910431][ T9710] RDX: 00000000000000b5 RSI: 0000000020002c00 RDI: 0000000000000003
[  285.918437][ T9710] RBP: 00007f36a9c28090 R08: 0000000000000000 R09: 0000000000000000
[  285.926446][ T9710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  285.934451][ T9710] R13: 0000000000000000 R14: 00007f36a8f75fa0 R15: 00007ffeb1a06cc8
[  285.942477][ T9710]  </TASK>
[  285.961956][ T9713] netlink: 342 bytes leftover after parsing attributes in process `syz.4.883'.
[  289.566203][ T9778] netlink: 330 bytes leftover after parsing attributes in process `syz.3.896'.
[  289.594749][ T9778] ü: renamed from team0 (while UP)
[  289.664357][ T9779] netlink: 342 bytes leftover after parsing attributes in process `syz.4.893'.
[  292.287439][ T9827] netlink: 342 bytes leftover after parsing attributes in process `syz.2.906'.
[  295.305971][ T9855] netlink: 330 bytes leftover after parsing attributes in process `syz.4.912'.
[  295.340793][ T9855] ü: renamed from team0 (while UP)
[  296.207339][ T9876] ptrace attach of "./syz-executor exec"[7852] was attempted by "./syz-executor exec"[9876]
[  296.555790][ T9887] netlink: 350 bytes leftover after parsing attributes in process `syz.4.919'.
[  298.489814][ T9926] netlink: 342 bytes leftover after parsing attributes in process `syz.1.930'.
[  298.586374][ T9932] netlink: 350 bytes leftover after parsing attributes in process `syz.3.931'.
[  299.774634][ T9961] netlink: 4 bytes leftover after parsing attributes in process `syz.2.940'.
[  301.543858][ T9975] netlink: 28 bytes leftover after parsing attributes in process `syz.2.945'.
[  301.570335][ T9975] netdevsim netdevsim2 netdevsim2: entered allmulticast mode
[  302.115554][T10004] Process accounting resumed
[  302.126146][T10004] ACPI: Can not change Invalid GPE/Fixed Event status
[  302.183318][ T9976] delete_channel: no stack
[  304.138695][T10042] netlink: 350 bytes leftover after parsing attributes in process `syz.2.959'.
[  304.319210][   T54] Bluetooth: hci4: command 0x0406 tx timeout
[  309.621305][T10098] openvswitch: netlink: IPv6 tunnel dst address is zero
[  309.969893][T10108] netlink: 342 bytes leftover after parsing attributes in process `syz.2.978'.
[  310.022613][T10110] netlink: 342 bytes leftover after parsing attributes in process `syz.2.978'.
[  311.686637][T10144] netlink: 350 bytes leftover after parsing attributes in process `syz.2.985'.
[  313.031449][   T29] audit: type=1800 audit(4294967392.119:16): pid=10167 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.988" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0
[  317.600750][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  317.607686][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  317.848167][   T54] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  317.862115][   T54] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  317.871446][   T54] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  317.880046][   T54] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  317.890096][   T54] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  317.897614][   T54] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  318.336159][T10242] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1009'.
[  318.495279][T10230] chnl_net:caif_netlink_parms(): no params data found
[  318.927734][T10230] bridge0: port 1(bridge_slave_0) entered blocking state
[  318.948390][T10230] bridge0: port 1(bridge_slave_0) entered disabled state
[  319.024654][T10230] bridge_slave_0: entered allmulticast mode
[  319.044000][T10230] bridge_slave_0: entered promiscuous mode
[  319.070209][T10230] bridge0: port 2(bridge_slave_1) entered blocking state
[  319.088365][T10230] bridge0: port 2(bridge_slave_1) entered disabled state
[  319.189248][T10230] bridge_slave_1: entered allmulticast mode
[  319.196417][T10230] bridge_slave_1: entered promiscuous mode
[  319.317974][T10230] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  319.367581][T10230] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  319.553362][T10230] team0: Port device team_slave_0 added
[  319.580571][T10230] team0: Port device team_slave_1 added
[  319.756189][T10230] batman_adv: batadv0: Adding interface: batadv_slave_0
[  319.776839][T10230] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  319.810562][T10230] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  319.843476][T10230] batman_adv: batadv0: Adding interface: batadv_slave_1
[  319.850973][T10230] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  319.891120][T10230] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  320.001788][   T54] Bluetooth: hci2: command tx timeout
[  320.109366][T10230] hsr_slave_0: entered promiscuous mode
[  320.179059][T10230] hsr_slave_1: entered promiscuous mode
[  320.196950][T10230] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  320.238281][T10230] Cannot create hsr debugfs directory
[  320.902294][T10293] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  320.928417][T10293] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  320.957092][T10293] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  320.979153][T10293] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  321.019797][T10293] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  321.052072][T10293] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  321.090586][T10293] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  321.112195][T10293] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  321.203599][T10293] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  321.250967][T10293] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  321.271346][T10230] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  321.469636][T10293] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  321.480306][T10230] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  321.511991][T10230] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  321.531361][T10230] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  321.615546][T10230] 8021q: adding VLAN 0 to HW filter on device bond0
[  321.665254][T10230] 8021q: adding VLAN 0 to HW filter on device team0
[  321.683834][ T8127] bridge0: port 1(bridge_slave_0) entered blocking state
[  321.691013][ T8127] bridge0: port 1(bridge_slave_0) entered forwarding state
[  321.794617][T10307] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1023'.
[  321.904889][T10308] Process accounting resumed
[  321.983071][T10230] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  321.993495][T10230] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  322.012958][ T8135] bridge0: port 2(bridge_slave_1) entered blocking state
[  322.020126][ T8135] bridge0: port 2(bridge_slave_1) entered forwarding state
[  322.409776][T10230] 8021q: adding VLAN 0 to HW filter on device batadv0
[  322.895010][T10337] netlink: 350 bytes leftover after parsing attributes in process `syz.4.1028'.
[  322.958494][ T5143] Bluetooth: hci0: command 0x0406 tx timeout
[  322.958489][   T54] Bluetooth: hci1: command 0x0406 tx timeout
[  323.118528][   T54] Bluetooth: hci4: command 0x0406 tx timeout
[  323.199581][T10230] veth0_vlan: entered promiscuous mode
[  323.214439][   T54] Bluetooth: hci2: command 0x040f tx timeout
[  323.241800][T10230] veth1_vlan: entered promiscuous mode
[  323.394347][T10230] veth0_macvtap: entered promiscuous mode
[  323.415212][T10230] veth1_macvtap: entered promiscuous mode
[  323.431019][T10230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  323.441668][T10230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  323.452171][T10230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  323.463165][T10230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  323.475122][T10230] batman_adv: batadv0: Interface activated: batadv_slave_0
[  323.486201][T10230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  323.496820][T10230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  323.506735][T10230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  323.517296][T10230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  323.528770][T10230] batman_adv: batadv0: Interface activated: batadv_slave_1
[  323.538944][T10230] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  323.548169][T10230] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  323.557007][T10230] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  323.566380][T10230] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  323.920334][ T8130] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  323.942034][ T8130] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  324.060978][ T8130] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  324.078607][ T8130] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  324.141229][T10355] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1032'.
[  324.431077][T10359] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1033'.
[  325.042298][   T54] Bluetooth: hci0: command 0x0406 tx timeout
[  325.042304][ T5143] Bluetooth: hci1: command 0x0406 tx timeout
[  325.198373][ T5143] Bluetooth: hci4: command 0x0406 tx timeout
[  325.278454][ T5143] Bluetooth: hci2: command 0x040f tx timeout
[  325.300999][T10381] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1040'.
[  326.778372][T10394] netlink: 350 bytes leftover after parsing attributes in process `syz.4.1051'.
[  327.358855][ T5143] Bluetooth: hci2: command 0x040f tx timeout
[  327.645692][T10429] netlink: 350 bytes leftover after parsing attributes in process `syz.4.1050'.
[  327.790396][T10431] netlink: 'syz.5.1052': attribute type 4 has an invalid length.
[  327.790421][T10431] netlink: 314 bytes leftover after parsing attributes in process `syz.5.1052'.
[  328.324921][T10437] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1053'.
[  328.898007][T10442] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1055'.
[  328.950926][T10448] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1057'.
[  329.056534][T10450] netlink: 206 bytes leftover after parsing attributes in process `syz.5.1058'.
[  329.151006][T10450] netlink: 206 bytes leftover after parsing attributes in process `syz.5.1058'.
[  329.438373][ T5143] Bluetooth: hci2: command 0x040f tx timeout
[  329.493148][T10460] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1061'.
[  329.589188][T10461] netlink: 350 bytes leftover after parsing attributes in process `syz.5.1060'.
[  329.894643][T10463] IPVS: length: 11322 != 24
[  329.941023][T10467] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1063'.
[  330.310786][T10478] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1067'.
[  330.333068][T10478] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  330.397413][T10478] batman_adv: batadv0: Removing interface: batadv_slave_0
[  330.419462][T10476] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1066'.
[  330.486361][T10489] FAULT_INJECTION: forcing a failure.
[  330.486361][T10489] name failslab, interval 1, probability 0, space 0, times 0
[  330.486412][T10478] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  330.486437][T10478] batman_adv: batadv0: Removing interface: batadv_slave_1
[  330.544537][T10489] CPU: 1 UID: 0 PID: 10489 Comm: syz.5.1070 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  330.555367][T10489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  330.565454][T10489] Call Trace:
[  330.568756][T10489]  <TASK>
[  330.571697][T10489]  dump_stack_lvl+0x16c/0x1f0
[  330.576423][T10489]  should_fail_ex+0x497/0x5b0
[  330.581136][T10489]  ? fs_reclaim_acquire+0xae/0x150
[  330.586275][T10489]  should_failslab+0xc2/0x120
[  330.590993][T10489]  __kmalloc_noprof+0xce/0x4f0
[  330.595788][T10489]  ? rcu_is_watching+0x12/0xc0
[  330.600583][T10489]  ? kernfs_fop_write_iter+0x223/0x500
[  330.606084][T10489]  kernfs_fop_write_iter+0x223/0x500
[  330.611506][T10489]  vfs_write+0x5ae/0x1150
[  330.615872][T10489]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  330.621723][T10489]  ? __pfx___mutex_lock+0x10/0x10
[  330.626797][T10489]  ? __pfx_vfs_write+0x10/0x10
[  330.631626][T10489]  ksys_write+0x12b/0x250
[  330.635993][T10489]  ? __pfx_ksys_write+0x10/0x10
[  330.640891][T10489]  do_syscall_64+0xcd/0x250
[  330.645443][T10489]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  330.651372][T10489] RIP: 0033:0x7f2855b85d29
[  330.655792][T10489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  330.675402][T10489] RSP: 002b:00007f28569db038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  330.683827][T10489] RAX: ffffffffffffffda RBX: 00007f2855d75fa0 RCX: 00007f2855b85d29
[  330.691806][T10489] RDX: 0000000000000002 RSI: 0000000020000040 RDI: 0000000000000004
[  330.699784][T10489] RBP: 00007f28569db090 R08: 0000000000000000 R09: 0000000000000000
[  330.707756][T10489] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  330.715730][T10489] R13: 0000000000000000 R14: 00007f2855d75fa0 R15: 00007ffe01d9a758
[  330.723716][T10489]  </TASK>
[  330.937959][T10494] netlink: 350 bytes leftover after parsing attributes in process `syz.5.1071'.
[  331.518307][ T5143] Bluetooth: hci2: command 0x040f tx timeout
[  331.728823][T10505] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1075'.
[  331.979547][T10509] netlink: 'syz.1.1077': attribute type 11 has an invalid length.
[  333.081338][T10531] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1085'.
[  333.113358][T10532] netlink: 350 bytes leftover after parsing attributes in process `syz.4.1084'.
[  333.371777][T10539] Invalid ELF header magic: != ELF
[  333.770850][T10550] HfR: entered promiscuous mode
[  333.873454][T10558] FAULT_INJECTION: forcing a failure.
[  333.873454][T10558] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  333.904648][T10558] CPU: 1 UID: 0 PID: 10558 Comm: syz.4.1092 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  333.915476][T10558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  333.925564][T10558] Call Trace:
[  333.928872][T10558]  <TASK>
[  333.931837][T10558]  dump_stack_lvl+0x16c/0x1f0
[  333.936562][T10558]  should_fail_ex+0x497/0x5b0
[  333.941295][T10558]  _copy_to_user+0x32/0xd0
[  333.945772][T10558]  simple_read_from_buffer+0xd0/0x160
[  333.951197][T10558]  proc_fail_nth_read+0x198/0x270
[  333.956271][T10558]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  333.961860][T10558]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  333.967410][T10558]  vfs_read+0x1df/0xbe0
[  333.971561][T10558]  ? __fget_files+0x1fc/0x3a0
[  333.976232][T10558]  ? __pfx___mutex_lock+0x10/0x10
[  333.981265][T10558]  ? __pfx_vfs_read+0x10/0x10
[  333.985986][T10558]  ? __fget_files+0x206/0x3a0
[  333.990721][T10558]  ksys_read+0x12b/0x250
[  333.995000][T10558]  ? __pfx_ksys_read+0x10/0x10
[  333.999808][T10558]  do_syscall_64+0xcd/0x250
[  334.004353][T10558]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.010283][T10558] RIP: 0033:0x7f7c2678473c
[  334.014724][T10558] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  334.034365][T10558] RSP: 002b:00007f7c275ae030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  334.042814][T10558] RAX: ffffffffffffffda RBX: 00007f7c26975fa0 RCX: 00007f7c2678473c
[  334.050818][T10558] RDX: 000000000000000f RSI: 00007f7c275ae0a0 RDI: 0000000000000005
[  334.058803][T10558] RBP: 00007f7c275ae090 R08: 0000000000000000 R09: 0000000000000000
[  334.058823][T10558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  334.058839][T10558] R13: 0000000000000000 R14: 00007f7c26975fa0 R15: 00007ffd042c4fa8
[  334.058869][T10558]  </TASK>
[  334.058967][    C1] vkms_vblank_simulate: vblank timer overrun
[  334.610566][T10587] __nla_validate_parse: 34 callbacks suppressed
[  334.610587][T10587] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1097'.
[  334.873775][T10592] device-mapper: ioctl: Unable to rename non-existent device,  to „
[  334.895808][T10592] lo: entered allmulticast mode
[  334.971399][T10593] lo: left allmulticast mode
[  335.535572][T10616] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1103'.
[  336.768077][T10628] blktrace: Concurrent blktraces are not allowed on sg0
[  336.797869][T10638] netlink: 330 bytes leftover after parsing attributes in process `syz.5.1110'.
[  337.752696][T10658] netlink: 350 bytes leftover after parsing attributes in process `syz.4.1115'.
[  337.943987][T10661] netlink: 350 bytes leftover after parsing attributes in process `syz.5.1116'.
[  338.981776][   T29] audit: type=1800 audit(4294967418.089:17): pid=10678 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1123" name="members" dev="configfs" ino=28275 res=0 errno=0
[  339.002789][T10678] ima: policy update failed
[  339.075362][   T29] audit: type=1802 audit(4294967418.119:18): pid=10678 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.1123" res=0 errno=0
[  339.660627][T10687] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1125'.
[  340.505026][T10702] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1129'.
[  341.530693][ T5143] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  341.783846][T10730] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1137'.
[  342.348485][T10748] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1141'.
[  343.028232][   T29] audit: type=1800 audit(4294967422.129:19): pid=10758 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1145" name="members" dev="configfs" ino=28984 res=0 errno=0
[  343.158617][T10758] ima: policy update failed
[  343.192743][   T29] audit: type=1802 audit(4294967422.299:20): pid=10758 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.5.1145" res=0 errno=0
[  343.486544][T10767] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1147'.
[  343.511163][T10768] netlink: 350 bytes leftover after parsing attributes in process `syz.5.1148'.
[  345.870395][T10811] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1160'.
[  346.417928][T10826] netlink: 350 bytes leftover after parsing attributes in process `syz.5.1163'.
[  347.740845][T10844] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1168'.
[  347.759092][T10854] netlink: 350 bytes leftover after parsing attributes in process `syz.4.1170'.
[  347.824699][T10856] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1172'.
[  347.851864][T10856] ipvlan0: entered allmulticast mode
[  347.857233][T10856] veth0_vlan: entered allmulticast mode
[  348.682988][T10869] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1178'.
[  349.340157][T10880] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1181'.
[  349.572473][T10882] netlink: 350 bytes leftover after parsing attributes in process `syz.5.1182'.
[  349.992335][T10894] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1184'.
[  351.424177][T10905] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1185'.
[  352.325062][T10891] Process accounting paused
[  352.898595][T10931] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1193'.
[  353.743468][T10952] Process accounting resumed
[  353.819858][T10953] Process accounting resumed
[  355.105546][T10981] netlink: 326 bytes leftover after parsing attributes in process `syz.4.1203'.
[  355.132635][T10981] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1203'.
[  355.234811][T10983] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1204'.
[  355.715689][T10993] netlink: 350 bytes leftover after parsing attributes in process `syz.4.1207'.
[  356.122848][T11001] [U] 
[  356.126149][T11001] [U] 
[  356.128892][T11001] [U] 
[  356.131624][T11001] [U] 
[  356.146464][T11001] [U] 
[  356.149228][T11001] [U] 
[  356.151959][T11001] [U] 
[  356.154685][T11001] [U] 
[  356.157918][T11001] [U] 
[  356.160662][T11001] [U] 
[  356.163391][T11001] [U] 
[  356.166116][T11001] [U] 
[  356.216992][T11001] [U] 
[  356.219755][T11001] [U] 
[  356.222474][T11001] [U] 
[  356.225200][T11001] [U] 
[  356.252888][T11001] [U] 
[  356.255660][T11001] [U] 
[  356.258385][T11001] [U] 
[  356.261112][T11001] [U] 
[  356.309559][T11001] [U] 
[  356.312335][T11001] [U] 
[  356.315069][T11001] [U] 
[  356.317796][T11001] [U] 
[  356.397911][T10998] [U] 
[  356.723851][T11003] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1211'.
[  357.081759][T11013] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1215'.
[  357.868642][T11035] __vm_enough_memory: pid: 11035, comm: syz.4.1220, bytes: 4503599627366400 not enough memory for the allocation
[  358.011723][T11035] =======================================================
[  358.011723][T11035] WARNING: The mand mount option has been deprecated and
[  358.011723][T11035]          and is ignored by this kernel. Remove the mand
[  358.011723][T11035]          option from the mount to silence this warning.
[  358.011723][T11035] =======================================================
[  358.092108][T11041] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1221'.

syzkaller
syzkaller login: [  359.542812][T11059] netlink: 350 bytes leftover after parsing attributes in process `syz.5.1226'.
[  359.641315][T11058] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1225'.
[  360.278906][T11072] Invalid ELF header len 3
[  360.325344][T11073] netlink: 350 bytes leftover after parsing attributes in process `syz.4.1230'.
[  362.103803][T11094] openvswitch: netlink: Flow key attr not present in new flow.
[  362.450260][T11102] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1238'.
[  362.757612][T11109] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1240'.
[  363.178541][T11127] [U] 
[  363.181323][T11127] [U] 
[  363.184076][T11127] [U] 
[  363.186816][T11127] [U] 
[  363.218501][T11127] [U] 
[  363.221386][T11127] [U] 
[  363.224131][T11127] [U] 
[  363.226879][T11127] [U] 
[  363.238417][T11127] [U] 
[  363.241191][T11127] [U] 
[  363.243925][T11127] [U] 
[  363.246666][T11127] [U] 
[  363.274919][T11130] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1245'.
[  363.278497][T11127] [U] 
[  363.286654][T11127] [U] 
[  363.289388][T11127] [U] 
[  363.292113][T11127] [U] 
[  363.338479][T11127] [U] 
[  363.341264][T11127] [U] 
[  363.344007][T11127] [U] 
[  363.346741][T11127] [U] 
[  363.367742][T11120] [U] 
[  364.066479][T11130] ü (unregistering): Port device team_slave_0 removed
[  364.129905][T11130] ü (unregistering): Port device team_slave_1 removed
[  364.535398][T11155] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1250'.
[  365.326490][T11164] Process accounting resumed
[  365.412709][T11170] Process accounting resumed
[  366.675926][T11182] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1258'.
[  367.441251][T11191] mmap: syz.5.1261 (11191): VmData 37527552 exceed data ulimit 3. Update limits or use boot option ignore_rlimit_data.
[  368.399819][T11221] netlink: 'syz.5.1264': attribute type 64 has an invalid length.
[  368.438328][T11221] netlink: 74 bytes leftover after parsing attributes in process `syz.5.1264'.
[  368.516025][T11229] sg_read: process 1244 (syz.1.1266) changed security contexts after opening file descriptor, this is not allowed.
[  368.684352][T11232] nvme_fabrics: missing parameter 'transport=%s'
[  368.728934][T11232] nvme_fabrics: missing parameter 'nqn=%s'
[  368.942985][T11225] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1266'.
[  370.317353][   T29] audit: type=1804 audit(4294967449.419:21): pid=11263 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.1275" name="/newroot/sys/kernel/tracing/set_event_pid" dev="tracefs" ino=1068 res=1 errno=0
[  370.861895][T11267] Invalid ELF header magic: != ELF
[  375.171044][T11307] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1291'.
[  375.256594][T11315] nfsd: Unknown parameter 'nfsd'
[  376.586819][T11335] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1290'.
[  376.921725][T11339] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1292'.
[  377.304827][T11349] netlink: 350 bytes leftover after parsing attributes in process `syz.5.1294'.
[  377.821295][   T29] audit: type=1804 audit(4294967456.929:22): pid=11359 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1295" name="/newroot/sys/kernel/tracing/set_event_pid" dev="tracefs" ino=1068 res=1 errno=0
[  378.172405][T11364] rnbd_client L213: map_device: Parameters missing
[  379.042428][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  379.050875][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  379.611976][   T29] audit: type=1800 audit(4294967458.719:23): pid=11383 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1303" name="dbroot" dev="configfs" ino=31480 res=0 errno=0
[  379.730886][T11388] netlink: 350 bytes leftover after parsing attributes in process `syz.5.1304'.
[  379.963935][T11390] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1305'.
[  382.179322][T11439] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1316'.
[  382.356258][T11440] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1317'.
[  383.748083][T11466] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1323'.
[  383.798915][T11468] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1324'.
[  383.819010][T11466] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  384.102916][T11466] batman_adv: batadv0: Removing interface: batadv_slave_0
[  385.220127][T11492] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1329'.
[  385.833115][T11506] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1331'.
[  385.954413][T11514] netlink: 350 bytes leftover after parsing attributes in process `syz.4.1333'.
[  386.870893][T11524] sctp: [Deprecated]: syz.5.1335 (pid 11524) Use of struct sctp_assoc_value in delayed_ack socket option.
[  386.870893][T11524] Use struct sctp_sack_info instead
[  388.122418][T11544] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1340'.
[  389.324768][T11567] HfR: entered promiscuous mode
[  389.372047][T11567] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1345'.
[  389.450549][T11567] HfR: left promiscuous mode
[  390.783339][T11597] netlink: 'syz.1.1353': attribute type 1 has an invalid length.
[  390.820345][T11597] netlink: 53 bytes leftover after parsing attributes in process `syz.1.1353'.
[  390.875132][T11597] netlink: 'syz.1.1353': attribute type 1 has an invalid length.
[  390.927003][T11597] netlink: 53 bytes leftover after parsing attributes in process `syz.1.1353'.
[  391.240793][T11611] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1356'.
[  391.284831][T11611] nbd: must specify at least one socket
[  391.625957][T11618] openvswitch: netlink: IP tunnel dst address not specified
[  391.697742][   T29] audit: type=1800 audit(4294967470.799:24): pid=11618 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1358" name="lu_gp_id" dev="configfs" ino=32376 res=0 errno=0
[  392.322376][T11629] netlink: 350 bytes leftover after parsing attributes in process `syz.5.1360'.
[  393.020628][T11641] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1362'.
[  393.097465][T11645] netlink: 330 bytes leftover after parsing attributes in process `syz.5.1364'.
[  393.111344][T11645] : renamed from bond_slave_1 (while UP)
[  393.471708][T11658] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1369'.
[  394.080530][T11658] team0 (unregistering): Port device team_slave_0 removed
[  394.099607][T11658] team0 (unregistering): Port device team_slave_1 removed
[  394.186287][T11662] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1370'.
[  394.752013][T11680] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1375'.
[  395.349574][T11690] netlink: 350 bytes leftover after parsing attributes in process `syz.5.1378'.
[  395.976388][T11712] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1383'.
[  396.188235][T11715] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1384'.
[  397.738666][T11748] netlink: 350 bytes leftover after parsing attributes in process `syz.5.1391'.
[  397.888759][T11753] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1392'.
[  398.509853][T11758] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1394'.
[  398.542011][T11761] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1395'.
[  399.334466][T11779] netlink: 'syz.1.1401': attribute type 4 has an invalid length.
[  399.354339][T11779] netlink: 314 bytes leftover after parsing attributes in process `syz.1.1401'.
[  400.203007][T11795] FAULT_INJECTION: forcing a failure.
[  400.203007][T11795] name failslab, interval 1, probability 0, space 0, times 0
[  400.239069][T11795] CPU: 1 UID: 0 PID: 11795 Comm: syz.2.1406 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  400.249893][T11795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  400.259998][T11795] Call Trace:
[  400.263334][T11795]  <TASK>
[  400.266293][T11795]  dump_stack_lvl+0x16c/0x1f0
[  400.271011][T11795]  should_fail_ex+0x497/0x5b0
[  400.275800][T11795]  ? fs_reclaim_acquire+0xae/0x150
[  400.280955][T11795]  should_failslab+0xc2/0x120
[  400.285675][T11795]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  400.291527][T11795]  ? __alloc_skb+0x2b3/0x380
[  400.296166][T11795]  __alloc_skb+0x2b3/0x380
[  400.300621][T11795]  ? __pfx___alloc_skb+0x10/0x10
[  400.305598][T11795]  ? lock_acquire+0x2f/0xb0
[  400.310135][T11795]  netlink_alloc_large_skb+0x69/0x130
[  400.315537][T11795]  netlink_sendmsg+0x689/0xd70
[  400.320334][T11795]  ? __pfx_netlink_sendmsg+0x10/0x10
[  400.325635][T11795]  ____sys_sendmsg+0x9ae/0xb40
[  400.330413][T11795]  ? copy_msghdr_from_user+0x10b/0x160
[  400.335891][T11795]  ? __pfx_____sys_sendmsg+0x10/0x10
[  400.341180][T11795]  ? __lock_acquire+0xcc5/0x3c40
[  400.346134][T11795]  ___sys_sendmsg+0x135/0x1e0
[  400.350827][T11795]  ? __pfx____sys_sendmsg+0x10/0x10
[  400.356045][T11795]  ? trace_lock_acquire+0x14e/0x1f0
[  400.361266][T11795]  __sys_sendmmsg+0x201/0x420
[  400.366136][T11795]  ? __pfx___sys_sendmmsg+0x10/0x10
[  400.371373][T11795]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  400.377375][T11795]  ? fput+0x67/0x440
[  400.381283][T11795]  ? ksys_write+0x1ba/0x250
[  400.385792][T11795]  ? __pfx_ksys_write+0x10/0x10
[  400.390650][T11795]  __x64_sys_sendmmsg+0x9c/0x100
[  400.395599][T11795]  ? lockdep_hardirqs_on+0x7c/0x110
[  400.400807][T11795]  do_syscall_64+0xcd/0x250
[  400.405321][T11795]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.411232][T11795] RIP: 0033:0x7f2c32785d29
[  400.415650][T11795] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  400.435266][T11795] RSP: 002b:00007f2c3369c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  400.443689][T11795] RAX: ffffffffffffffda RBX: 00007f2c32975fa0 RCX: 00007f2c32785d29
[  400.451666][T11795] RDX: 0000000000000003 RSI: 0000000020000080 RDI: 0000000000000004
[  400.459639][T11795] RBP: 00007f2c3369c090 R08: 0000000000000000 R09: 0000000000000000
[  400.467614][T11795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  400.475591][T11795] R13: 0000000000000000 R14: 00007f2c32975fa0 R15: 00007ffd4fffec18
[  400.483584][T11795]  </TASK>
[  400.528885][T11798] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1407'.
[  400.882450][   T29] audit: type=1800 audit(4294967479.989:25): pid=11808 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1411" name="discovery_nqn" dev="configfs" ino=34926 res=0 errno=0
[  401.485223][T11784] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  401.564605][T11827] netlink: 350 bytes leftover after parsing attributes in process `syz.4.1415'.
[  402.378462][T11835] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1420'.
[  403.422201][T11860] netlink: 350 bytes leftover after parsing attributes in process `syz.5.1427'.
[  404.666557][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  404.976300][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  404.990254][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[  405.051006][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  405.060938][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  405.198534][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  405.207272][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  405.215876][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  405.271168][T11893] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1434'.
[  405.680832][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  405.778901][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  405.862825][T11898] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1437'.
[  406.035867][T11901] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1436'.
[  406.082947][T11904] netlink: 350 bytes leftover after parsing attributes in process `syz.5.1438'.
[  406.611319][T11909] FAULT_INJECTION: forcing a failure.
[  406.611319][T11909] name failslab, interval 1, probability 0, space 0, times 0
[  406.652729][T11909] CPU: 0 UID: 0 PID: 11909 Comm: syz.1.1440 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  406.663645][T11909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  406.673722][T11909] Call Trace:
[  406.676997][T11909]  <TASK>
[  406.679935][T11909]  dump_stack_lvl+0x16c/0x1f0
[  406.684637][T11909]  should_fail_ex+0x497/0x5b0
[  406.689317][T11909]  should_failslab+0xc2/0x120
[  406.693995][T11909]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  406.699390][T11909]  ? skb_clone+0x190/0x3f0
[  406.703855][T11909]  skb_clone+0x190/0x3f0
[  406.708149][T11909]  netlink_deliver_tap+0xafd/0xca0
[  406.713300][T11909]  netlink_unicast+0x5e1/0x7f0
[  406.718098][T11909]  ? __pfx_netlink_unicast+0x10/0x10
[  406.723423][T11909]  ? __phys_addr_symbol+0x30/0x80
[  406.728477][T11909]  ? __check_object_size+0x488/0x710
[  406.733771][T11909]  netlink_sendmsg+0x8b8/0xd70
[  406.738543][T11909]  ? __pfx_netlink_sendmsg+0x10/0x10
[  406.743826][T11909]  ____sys_sendmsg+0x9ae/0xb40
[  406.748607][T11909]  ? copy_msghdr_from_user+0x10b/0x160
[  406.754094][T11909]  ? __pfx_____sys_sendmsg+0x10/0x10
[  406.759375][T11909]  ? __lock_acquire+0xcc5/0x3c40
[  406.764310][T11909]  ___sys_sendmsg+0x135/0x1e0
[  406.768995][T11909]  ? __pfx____sys_sendmsg+0x10/0x10
[  406.774199][T11909]  ? trace_lock_acquire+0x14e/0x1f0
[  406.779409][T11909]  __sys_sendmmsg+0x201/0x420
[  406.784104][T11909]  ? __pfx___sys_sendmmsg+0x10/0x10
[  406.789310][T11909]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  406.795291][T11909]  ? fput+0x67/0x440
[  406.799186][T11909]  ? ksys_write+0x1ba/0x250
[  406.803685][T11909]  ? __pfx_ksys_write+0x10/0x10
[  406.808534][T11909]  __x64_sys_sendmmsg+0x9c/0x100
[  406.813469][T11909]  ? lockdep_hardirqs_on+0x7c/0x110
[  406.818668][T11909]  do_syscall_64+0xcd/0x250
[  406.823232][T11909]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.829121][T11909] RIP: 0033:0x7f36a8d85d29
[  406.833525][T11909] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  406.853133][T11909] RSP: 002b:00007f36a9c28038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  406.861550][T11909] RAX: ffffffffffffffda RBX: 00007f36a8f75fa0 RCX: 00007f36a8d85d29
[  406.869525][T11909] RDX: 0000000000000003 RSI: 0000000020000080 RDI: 0000000000000004
[  406.877492][T11909] RBP: 00007f36a9c28090 R08: 0000000000000000 R09: 0000000000000000
[  406.885456][T11909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  406.893422][T11909] R13: 0000000000000000 R14: 00007f36a8f75fa0 R15: 00007ffeb1a06cc8
[  406.901398][T11909]  </TASK>
[  407.610740][T11927] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1444'.
[  408.732766][T11947] openvswitch: HfR: Dropping previously announced user features
[  409.010381][T11953] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1452'.
[  409.059818][T11947] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1449'.
[  409.082265][T11947] HfR: left promiscuous mode
[  409.126898][T11948] netlink: 'syz.5.1449': attribute type 10 has an invalid length.
[  409.352741][T11957] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1454'.
[  409.605922][T11964] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1457'.
[  410.076720][   T54] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  410.102246][   T54] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  410.111619][   T54] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  410.121299][   T54] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  410.141979][   T54] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  410.149436][   T54] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  410.757941][T11971] chnl_net:caif_netlink_parms(): no params data found
[  411.144193][T11971] bridge0: port 1(bridge_slave_0) entered blocking state
[  411.191384][T11971] bridge0: port 1(bridge_slave_0) entered disabled state
[  411.208453][T11971] bridge_slave_0: entered allmulticast mode
[  411.215526][T11971] bridge_slave_0: entered promiscuous mode
[  411.251617][T11971] bridge0: port 2(bridge_slave_1) entered blocking state
[  411.268440][T11971] bridge0: port 2(bridge_slave_1) entered disabled state
[  411.308484][T11971] bridge_slave_1: entered allmulticast mode
[  411.316654][T11971] bridge_slave_1: entered promiscuous mode
[  411.490541][T11971] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  411.555541][T11971] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  411.624714][T11971] team0: Port device team_slave_0 added
[  411.650345][T11971] team0: Port device team_slave_1 added
[  411.656888][T11999] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1463'.
[  411.728863][T11971] batman_adv: batadv0: Adding interface: batadv_slave_0
[  411.728885][T11971] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  411.728914][T11971] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  411.731185][T11971] batman_adv: batadv0: Adding interface: batadv_slave_1
[  411.731204][T11971] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  411.731233][T11971] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  411.822407][T11971] hsr_slave_0: entered promiscuous mode
[  411.840293][T11971] hsr_slave_1: entered promiscuous mode
[  411.842153][T11971] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  411.842300][T11971] Cannot create hsr debugfs directory
[  411.923862][T12002] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1464'.
[  412.247475][T11971] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  412.254399][   T54] Bluetooth: hci3: command tx timeout
[  412.293799][T11971] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  412.317178][T11971] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  412.369465][T11971] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  412.448229][T12013] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1466'.
[  412.533978][T11971] 8021q: adding VLAN 0 to HW filter on device bond0
[  412.632214][T11971] 8021q: adding VLAN 0 to HW filter on device team0
[  412.673168][ T9748] bridge0: port 1(bridge_slave_0) entered blocking state
[  412.680371][ T9748] bridge0: port 1(bridge_slave_0) entered forwarding state
[  412.713704][ T9748] bridge0: port 2(bridge_slave_1) entered blocking state
[  412.720889][ T9748] bridge0: port 2(bridge_slave_1) entered forwarding state
[  412.855066][T11971] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  412.890242][T12018] openvswitch: netlink: nsh attribute has 4 unknown bytes.
[  413.255504][T12031] FAULT_INJECTION: forcing a failure.
[  413.255504][T12031] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  413.279570][T12031] CPU: 0 UID: 0 PID: 12031 Comm: syz.5.1472 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  413.282139][T11971] 8021q: adding VLAN 0 to HW filter on device batadv0
[  413.290368][T12031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  413.290386][T12031] Call Trace:
[  413.290394][T12031]  <TASK>
[  413.290403][T12031]  dump_stack_lvl+0x16c/0x1f0
[  413.290444][T12031]  should_fail_ex+0x497/0x5b0
[  413.290476][T12031]  _copy_from_iter+0x29b/0x1400
[  413.290507][T12031]  ? trace_lock_acquire+0x14e/0x1f0
[  413.290537][T12031]  ? __alloc_skb+0x200/0x380
[  413.290568][T12031]  ? __pfx__copy_from_iter+0x10/0x10
[  413.290598][T12031]  ? __virt_addr_valid+0x1a4/0x590
[  413.290633][T12031]  ? __virt_addr_valid+0x5e/0x590
[  413.290662][T12031]  ? __phys_addr_symbol+0x30/0x80
[  413.290692][T12031]  ? __check_object_size+0x488/0x710
[  413.290730][T12031]  netlink_sendmsg+0x813/0xd70
[  413.290763][T12031]  ? __pfx_netlink_sendmsg+0x10/0x10
[  413.290803][T12031]  ____sys_sendmsg+0x9ae/0xb40
[  413.290830][T12031]  ? copy_msghdr_from_user+0x10b/0x160
[  413.290863][T12031]  ? __pfx_____sys_sendmsg+0x10/0x10
[  413.389212][T12031]  ? __lock_acquire+0xcc5/0x3c40
[  413.394213][T12031]  ? hlock_class+0x4e/0x130
[  413.398760][T12031]  ? __lock_acquire+0x15a9/0x3c40
[  413.403826][T12031]  ___sys_sendmsg+0x135/0x1e0
[  413.408551][T12031]  ? __pfx____sys_sendmsg+0x10/0x10
[  413.413793][T12031]  ? __pfx___lock_acquire+0x10/0x10
[  413.419052][T12031]  ? __pfx___might_resched+0x10/0x10
[  413.424377][T12031]  ? __might_fault+0xe3/0x190
[  413.429107][T12031]  __sys_sendmmsg+0x201/0x420
[  413.433825][T12031]  ? __pfx___sys_sendmmsg+0x10/0x10
[  413.439057][T12031]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  413.445072][T12031]  ? fput+0x67/0x440
[  413.448993][T12031]  ? ksys_write+0x1ba/0x250
[  413.453512][T12031]  ? __pfx_ksys_write+0x10/0x10
[  413.458395][T12031]  __x64_sys_sendmmsg+0x9c/0x100
[  413.463357][T12031]  ? lockdep_hardirqs_on+0x7c/0x110
[  413.468566][T12031]  do_syscall_64+0xcd/0x250
[  413.473089][T12031]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  413.479009][T12031] RIP: 0033:0x7f2855b85d29
[  413.483428][T12031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  413.503142][T12031] RSP: 002b:00007f28569db038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  413.511566][T12031] RAX: ffffffffffffffda RBX: 00007f2855d75fa0 RCX: 00007f2855b85d29
[  413.519547][T12031] RDX: 0000000000000003 RSI: 0000000020000080 RDI: 0000000000000004
[  413.527522][T12031] RBP: 00007f28569db090 R08: 0000000000000000 R09: 0000000000000000
[  413.535497][T12031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  413.543474][T12031] R13: 0000000000000000 R14: 00007f2855d75fa0 R15: 00007ffe01d9a758
[  413.551466][T12031]  </TASK>
[  413.554582][    C0] vkms_vblank_simulate: vblank timer overrun
[  413.965088][T12046] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1475'.
[  414.020822][T12048] ima: policy update failed
[  414.028613][   T29] audit: type=1802 audit(4294967493.129:26): pid=12048 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.5.1474" res=0 errno=0
[  414.257407][T11971] veth0_vlan: entered promiscuous mode
[  414.313397][T11971] veth1_vlan: entered promiscuous mode
[  414.319513][   T54] Bluetooth: hci3: command tx timeout
[  414.406664][T11971] veth0_macvtap: entered promiscuous mode
[  414.415909][T11971] veth1_macvtap: entered promiscuous mode
[  414.430743][T11971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  414.441498][T11971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  414.452415][T11971] batman_adv: batadv0: Interface activated: batadv_slave_0
[  414.463283][T11971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  414.474115][T11971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  414.484346][T11971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  414.495489][T11971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  414.513689][T11971] batman_adv: batadv0: Interface activated: batadv_slave_1
[  414.529334][T11971] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  414.538075][T11971] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  414.546905][T11971] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  414.555810][T11971] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  414.723784][T12052] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1476'.
[  414.945382][ T8130] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  414.980632][ T8130] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  415.090728][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  415.099056][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  416.285000][T12083] netlink: 1204 bytes leftover after parsing attributes in process `syz.6.1481'.
[  416.398366][   T54] Bluetooth: hci3: command tx timeout
[  416.420784][T12082] FAULT_INJECTION: forcing a failure.
[  416.420784][T12082] name failslab, interval 1, probability 0, space 0, times 0
[  416.434126][T12082] CPU: 1 UID: 0 PID: 12082 Comm: syz.1.1482 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  416.444932][T12082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  416.455019][T12082] Call Trace:
[  416.458323][T12082]  <TASK>
[  416.461282][T12082]  dump_stack_lvl+0x16c/0x1f0
[  416.465999][T12082]  should_fail_ex+0x497/0x5b0
[  416.470725][T12082]  should_failslab+0xc2/0x120
[  416.475447][T12082]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  416.480868][T12082]  ? skb_clone+0x190/0x3f0
[  416.485325][T12082]  skb_clone+0x190/0x3f0
[  416.489606][T12082]  netlink_deliver_tap+0xafd/0xca0
[  416.493191][T12077] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1481'.
[  416.494736][T12082]  netlink_unicast+0x5e1/0x7f0
[  416.494775][T12082]  ? __pfx_netlink_unicast+0x10/0x10
[  416.513675][T12082]  ? __phys_addr_symbol+0x30/0x80
[  416.518743][T12082]  ? __check_object_size+0x488/0x710
[  416.524099][T12082]  netlink_sendmsg+0x8b8/0xd70
[  416.528991][T12082]  ? __pfx_netlink_sendmsg+0x10/0x10
[  416.534326][T12082]  ____sys_sendmsg+0x9ae/0xb40
[  416.539132][T12082]  ? copy_msghdr_from_user+0x10b/0x160
[  416.544634][T12082]  ? __pfx_____sys_sendmsg+0x10/0x10
[  416.549954][T12082]  ? __lock_acquire+0xcc5/0x3c40
[  416.554934][T12082]  ? hlock_class+0x4e/0x130
[  416.559474][T12082]  ? __lock_acquire+0x15a9/0x3c40
[  416.564539][T12082]  ___sys_sendmsg+0x135/0x1e0
[  416.569260][T12082]  ? __pfx____sys_sendmsg+0x10/0x10
[  416.574502][T12082]  ? __pfx___lock_acquire+0x10/0x10
[  416.579860][T12082]  ? __pfx___might_resched+0x10/0x10
[  416.585178][T12082]  ? __might_fault+0xe3/0x190
[  416.589901][T12082]  __sys_sendmmsg+0x201/0x420
[  416.594622][T12082]  ? __pfx___sys_sendmmsg+0x10/0x10
[  416.599879][T12082]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  416.605912][T12082]  ? fput+0x67/0x440
[  416.609857][T12082]  ? ksys_write+0x1ba/0x250
[  416.614398][T12082]  ? __pfx_ksys_write+0x10/0x10
[  416.619293][T12082]  __x64_sys_sendmmsg+0x9c/0x100
[  416.624275][T12082]  ? lockdep_hardirqs_on+0x7c/0x110
[  416.629514][T12082]  do_syscall_64+0xcd/0x250
[  416.634065][T12082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  416.639998][T12082] RIP: 0033:0x7f36a8d85d29
[  416.644447][T12082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  416.664178][T12082] RSP: 002b:00007f36a9c28038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  416.672622][T12082] RAX: ffffffffffffffda RBX: 00007f36a8f75fa0 RCX: 00007f36a8d85d29
[  416.680632][T12082] RDX: 0000000000000003 RSI: 0000000020000080 RDI: 0000000000000004
[  416.688640][T12082] RBP: 00007f36a9c28090 R08: 0000000000000000 R09: 0000000000000000
[  416.696642][T12082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  416.704654][T12082] R13: 0000000000000000 R14: 00007f36a8f75fa0 R15: 00007ffeb1a06cc8
[  416.712678][T12082]  </TASK>
[  416.926000][T12082] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1482'.
[  417.109832][T12093] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1485'.
[  417.173573][T12096] netlink: 342 bytes leftover after parsing attributes in process `syz.6.1486'.
[  417.444314][T12100] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1488'.
[  417.468347][T12101] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1488'.
[  417.553530][T12104] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1489'.
[  417.899342][T12110] netlink: 206 bytes leftover after parsing attributes in process `syz.5.1491'.
[  418.478610][   T54] Bluetooth: hci3: command tx timeout
[  418.879553][T12129] UHID_CREATE from different security context by process 1471 (syz.2.1495), this is not allowed.
[  418.952633][T12135] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1497'.
[  419.064469][T12143] netlink: 'syz.6.1498': attribute type 21 has an invalid length.
[  419.105203][T12143] netlink: 326 bytes leftover after parsing attributes in process `syz.6.1498'.
[  419.247151][T12144] Invalid ELF header magic: != ELF
[  419.313158][T12152] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1500'.
[  420.883835][T12180] scsi_dev_info_list_add_str: bad dev info string ';íÙ/&cŒõ›ú $3' '' ''
[  421.196317][T12187] netlink: 'syz.1.1511': attribute type 1 has an invalid length.
[  421.316656][T12190] netlink: 'syz.1.1511': attribute type 1 has an invalid length.
[  421.368508][T12190] netlink: 'syz.1.1511': attribute type 1 has an invalid length.
[  421.406926][T12190] netlink: 'syz.1.1511': attribute type 1 has an invalid length.
[  421.425054][T12190] netlink: 'syz.1.1511': attribute type 1 has an invalid length.
[  421.435230][T12190] netlink: 'syz.1.1511': attribute type 1 has an invalid length.
[  421.444110][T12190] netlink: 'syz.1.1511': attribute type 1 has an invalid length.
[  421.454845][T12190] netlink: 'syz.1.1511': attribute type 1 has an invalid length.
[  421.466918][T12190] netlink: 'syz.1.1511': attribute type 1 has an invalid length.
[  421.622922][T12201] syz.1.1515 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  422.112759][T12209] __nla_validate_parse: 1 callbacks suppressed
[  422.112783][T12209] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1517'.
[  423.946331][T12239] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1528'.
[  424.403142][T12251] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1532'.
[  424.468861][T12251] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1532'.
[  424.525345][T12251] netlink: 134 bytes leftover after parsing attributes in process `syz.2.1532'.
[  424.536379][T12251] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1532'.
[  424.809906][T12266] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  424.838322][T12266] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  426.215180][T12294] netlink: 1204 bytes leftover after parsing attributes in process `syz.2.1541'.
[  426.413124][T12287] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1541'.
[  427.871652][T12323] netlink: zone id is out of range
[  427.888347][T12323] netlink: zone id is out of range
[  427.902673][T12323] netlink: zone id is out of range
[  427.918457][T12323] netlink: del zone limit has 4 unknown bytes
[  427.945671][T12323] netlink: 6580 bytes leftover after parsing attributes in process `syz.5.1549'.
[  427.964190][T12325] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1550'.
[  428.011933][T12325] FAULT_INJECTION: forcing a failure.
[  428.011933][T12325] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  428.059231][T12325] CPU: 0 UID: 0 PID: 12325 Comm: syz.1.1550 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  428.070069][T12325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  428.080160][T12325] Call Trace:
[  428.083465][T12325]  <TASK>
[  428.086421][T12325]  dump_stack_lvl+0x16c/0x1f0
[  428.091145][T12325]  should_fail_ex+0x497/0x5b0
[  428.095867][T12325]  _copy_from_user+0x2e/0xd0
[  428.100511][T12325]  copy_msghdr_from_user+0x99/0x160
[  428.105753][T12325]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  428.111630][T12325]  ? __lock_acquire+0xcc5/0x3c40
[  428.116604][T12325]  ? hlock_class+0x4e/0x130
[  428.121150][T12325]  ? __lock_acquire+0x15a9/0x3c40
[  428.126210][T12325]  ___sys_sendmsg+0xff/0x1e0
[  428.130844][T12325]  ? __pfx____sys_sendmsg+0x10/0x10
[  428.136082][T12325]  ? __pfx___lock_acquire+0x10/0x10
[  428.141334][T12325]  ? __pfx___might_resched+0x10/0x10
[  428.146658][T12325]  ? __might_fault+0xe3/0x190
[  428.151389][T12325]  __sys_sendmmsg+0x201/0x420
[  428.156112][T12325]  ? __pfx___sys_sendmmsg+0x10/0x10
[  428.161367][T12325]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  428.167404][T12325]  ? fput+0x67/0x440
[  428.171341][T12325]  ? ksys_write+0x1ba/0x250
[  428.175885][T12325]  ? __pfx_ksys_write+0x10/0x10
[  428.180780][T12325]  __x64_sys_sendmmsg+0x9c/0x100
[  428.185759][T12325]  ? lockdep_hardirqs_on+0x7c/0x110
[  428.191007][T12325]  do_syscall_64+0xcd/0x250
[  428.195553][T12325]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  428.201492][T12325] RIP: 0033:0x7f36a8d85d29
[  428.205939][T12325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  428.225585][T12325] RSP: 002b:00007f36a9c28038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  428.234047][T12325] RAX: ffffffffffffffda RBX: 00007f36a8f75fa0 RCX: 00007f36a8d85d29
[  428.242060][T12325] RDX: 0000000000000003 RSI: 0000000020000080 RDI: 0000000000000004
[  428.250065][T12325] RBP: 00007f36a9c28090 R08: 0000000000000000 R09: 0000000000000000
[  428.258070][T12325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  428.266076][T12325] R13: 0000000000000000 R14: 00007f36a8f75fa0 R15: 00007ffeb1a06cc8
[  428.274095][T12325]  </TASK>
[  430.482425][T12364] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  430.508171][T12364] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  430.545623][T12364] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  430.588794][T12364] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  430.617993][T12364] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  430.700041][T12364] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  431.144516][T12381] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1560'.
[  431.758452][   T54] Bluetooth: hci0: command 0x0406 tx timeout
[  432.129379][T12389] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1562'.
[  432.189467][T12389] FAULT_INJECTION: forcing a failure.
[  432.189467][T12389] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  432.343181][T12389] CPU: 0 UID: 0 PID: 12389 Comm: syz.1.1562 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  432.354018][T12389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  432.364106][T12389] Call Trace:
[  432.367404][T12389]  <TASK>
[  432.370357][T12389]  dump_stack_lvl+0x16c/0x1f0
[  432.375070][T12389]  should_fail_ex+0x497/0x5b0
[  432.379782][T12389]  _copy_from_user+0x2e/0xd0
[  432.384407][T12389]  copy_msghdr_from_user+0x99/0x160
[  432.389641][T12389]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  432.395481][T12389]  ? __lock_acquire+0xcc5/0x3c40
[  432.400450][T12389]  ? hlock_class+0x4e/0x130
[  432.404984][T12389]  ? __lock_acquire+0x15a9/0x3c40
[  432.410041][T12389]  ___sys_sendmsg+0xff/0x1e0
[  432.414661][T12389]  ? __pfx____sys_sendmsg+0x10/0x10
[  432.419893][T12389]  ? __pfx___lock_acquire+0x10/0x10
[  432.425149][T12389]  ? __pfx___might_resched+0x10/0x10
[  432.430468][T12389]  ? __might_fault+0xe3/0x190
[  432.435190][T12389]  __sys_sendmmsg+0x201/0x420
[  432.439916][T12389]  ? __pfx___sys_sendmmsg+0x10/0x10
[  432.445166][T12389]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  432.451207][T12389]  ? fput+0x67/0x440
[  432.455140][T12389]  ? ksys_write+0x1ba/0x250
[  432.459674][T12389]  ? __pfx_ksys_write+0x10/0x10
[  432.464567][T12389]  __x64_sys_sendmmsg+0x9c/0x100
[  432.469549][T12389]  ? lockdep_hardirqs_on+0x7c/0x110
[  432.474777][T12389]  do_syscall_64+0xcd/0x250
[  432.479348][T12389]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  432.485278][T12389] RIP: 0033:0x7f36a8d85d29
[  432.489714][T12389] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  432.509359][T12389] RSP: 002b:00007f36a9c28038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  432.517899][T12389] RAX: ffffffffffffffda RBX: 00007f36a8f75fa0 RCX: 00007f36a8d85d29
[  432.525907][T12389] RDX: 0000000000000003 RSI: 0000000020000080 RDI: 0000000000000004
[  432.533910][T12389] RBP: 00007f36a9c28090 R08: 0000000000000000 R09: 0000000000000000
[  432.541917][T12389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  432.550004][T12389] R13: 0000000000000000 R14: 00007f36a8f75fa0 R15: 00007ffeb1a06cc8
[  432.558021][T12389]  </TASK>
[  432.648878][   T54] Bluetooth: hci2: command 0x040f tx timeout
[  432.654951][   T54] Bluetooth: hci1: command 0x0406 tx timeout
[  432.656930][ T5143] Bluetooth: hci3: command 0x0c1a tx timeout
[  433.290569][T12403] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1566'.
[  434.726364][ T5143] Bluetooth: hci3: command 0x0c1a tx timeout
[  436.808354][ T5143] Bluetooth: hci3: command 0x0c1a tx timeout
[  438.841443][T12489] netlink: 342 bytes leftover after parsing attributes in process `syz.6.1585'.
[  439.176022][T12496] futex_wake_op: syz.5.1589 tries to shift op by 64; fix this program
[  440.045973][T12518] openvswitch: netlink: Key 23 has unexpected len 0 expected 2
[  440.481709][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  440.488880][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  444.186756][T12602] netlink: zone id is out of range
[  444.198096][T12602] netlink: set zone limit has 8 unknown bytes
[  444.839746][T12620] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1629'.
[  444.850017][T12620] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1629'.
[  445.141630][T12632] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1631'.
[  449.117510][T12727] netlink: 346 bytes leftover after parsing attributes in process `syz.2.1656'.
[  450.231250][T12748] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1658'.
[  450.269032][T12748] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1658'.
[  454.349657][T12847] FAULT_INJECTION: forcing a failure.
[  454.349657][T12847] name failslab, interval 1, probability 0, space 0, times 0
[  454.362847][T12847] CPU: 0 UID: 0 PID: 12847 Comm: syz.5.1688 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  454.373656][T12847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  454.383748][T12847] Call Trace:
[  454.387056][T12847]  <TASK>
[  454.390012][T12847]  dump_stack_lvl+0x16c/0x1f0
[  454.394719][T12847]  should_fail_ex+0x497/0x5b0
[  454.399425][T12847]  ? fs_reclaim_acquire+0xae/0x150
[  454.404566][T12847]  should_failslab+0xc2/0x120
[  454.409284][T12847]  __kmalloc_noprof+0xce/0x4f0
[  454.414083][T12847]  ? copy_splice_read+0x1a8/0xb90
[  454.419139][T12847]  copy_splice_read+0x1a8/0xb90
[  454.424046][T12847]  ? look_up_lock_class+0x59/0x150
[  454.429186][T12847]  ? __pfx_copy_splice_read+0x10/0x10
[  454.434601][T12847]  ? __pfx_register_lock_class+0x10/0x10
[  454.440302][T12847]  ? __pfx_copy_splice_read+0x10/0x10
[  454.440336][T12847]  do_splice_read+0x282/0x370
[  454.440367][T12847]  splice_direct_to_actor+0x2a4/0xa40
[  454.440396][T12847]  ? __pfx_direct_splice_actor+0x10/0x10
[  454.440430][T12847]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  454.440460][T12847]  ? __fget_files+0x1fc/0x3a0
[  454.440495][T12847]  do_splice_direct+0x178/0x250
[  454.440523][T12847]  ? __pfx_do_splice_direct+0x10/0x10
[  454.440551][T12847]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  454.440583][T12847]  do_sendfile+0xaed/0xe30
[  454.440615][T12847]  ? __pfx_do_sendfile+0x10/0x10
[  454.440641][T12847]  ? __fget_files+0x206/0x3a0
[  454.440678][T12847]  __x64_sys_sendfile64+0x1da/0x220
[  454.440711][T12847]  ? ksys_write+0x1ba/0x250
[  454.440739][T12847]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  454.440782][T12847]  do_syscall_64+0xcd/0x250
[  454.440817][T12847]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  454.440849][T12847] RIP: 0033:0x7f2855b85d29
[  454.440871][T12847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  454.440896][T12847] RSP: 002b:00007f28569db038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  454.440924][T12847] RAX: ffffffffffffffda RBX: 00007f2855d75fa0 RCX: 00007f2855b85d29
[  454.440942][T12847] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[  454.440959][T12847] RBP: 00007f28569db090 R08: 0000000000000000 R09: 0000000000000000
[  454.440976][T12847] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000001
[  454.440993][T12847] R13: 0000000000000000 R14: 00007f2855d75fa0 R15: 00007ffe01d9a758
[  454.441025][T12847]  </TASK>
[  454.883885][T12862] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1693'.
[  454.969094][   T29] audit: type=1800 audit(4294967534.080:27): pid=12866 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.1702" name="discovery_nqn" dev="configfs" ino=39549 res=0 errno=0
[  455.078939][T12868] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1694'.
[  455.407609][T12868] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1694'.
[  455.445763][T12866] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000007: 0000 [#1] PREEMPT SMP KASAN PTI
[  455.458405][T12866] KASAN: null-ptr-deref in range [0x0000000000000038-0x000000000000003f]
[  455.466838][T12866] CPU: 1 UID: 0 PID: 12866 Comm: syz.6.1702 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  455.477633][T12866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  455.487713][T12866] RIP: 0010:sctp_copy_local_addr_list+0x2bc/0x5a0
[  455.494170][T12866] Code: 20 00 0f 85 ac 02 00 00 48 8b 1b 4c 39 fb 0f 84 98 01 00 00 e8 c5 d3 3c f7 48 8d 7b 3d 48 89 f8 48 89 fa 48 c1 e8 03 83 e2 07 <42> 0f b6 04 20 38 d0 7f 08 84 c0 0f 85 86 02 00 00 44 0f b6 6b 3d
[  455.513814][T12866] RSP: 0018:ffffc9000eb778d0 EFLAGS: 00010206
[  455.519958][T12866] RAX: 0000000000000007 RBX: 0000000000000000 RCX: ffffc90010b17000
[  455.527957][T12866] RDX: 0000000000000005 RSI: ffffffff8a5c7b8b RDI: 000000000000003d
[  455.535954][T12866] RBP: ffffc9000eb779b0 R08: 0000000000000001 R09: 0000000000000000
[  455.543950][T12866] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
[  455.551946][T12866] R13: 0000000000000000 R14: 00000000ffffffff R15: ffff88807d77cc48
[  455.559942][T12866] FS:  00007f2d37e876c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  455.568944][T12866] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  455.575554][T12866] CR2: 0000000020000000 CR3: 000000003ba34000 CR4: 00000000003526f0
[  455.583556][T12866] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  455.591553][T12866] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  455.599545][T12866] Call Trace:
[  455.602841][T12866]  <TASK>
[  455.605791][T12866]  ? die_addr+0x3b/0xa0
[  455.609982][T12866]  ? exc_general_protection+0x155/0x230
[  455.615571][T12866]  ? asm_exc_general_protection+0x26/0x30
[  455.621326][T12866]  ? sctp_copy_local_addr_list+0x2ab/0x5a0
[  455.627165][T12866]  ? sctp_copy_local_addr_list+0x2bc/0x5a0
[  455.633010][T12866]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  455.639198][T12866]  ? sctp_auth_asoc_copy_shkeys+0x2a7/0x360
[  455.645131][T12866]  ? sctp_bind_addr_copy+0xe0/0x530
[  455.650354][T12866]  sctp_bind_addr_copy+0xe0/0x530
[  455.655413][T12866]  sctp_connect_new_asoc+0x1d8/0x790
[  455.660740][T12866]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  455.666590][T12866]  ? mark_held_locks+0x9f/0xe0
[  455.671395][T12866]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  455.676981][T12866]  sctp_sendmsg+0x162a/0x1f10
[  455.681699][T12866]  ? __pfx___lock_acquire+0x10/0x10
[  455.686926][T12866]  ? __pfx_sctp_sendmsg+0x10/0x10
[  455.691991][T12866]  ? __pfx_aa_sk_perm+0x10/0x10
[  455.696884][T12866]  ? __pfx_sctp_sendmsg+0x10/0x10
[  455.701940][T12866]  inet_sendmsg+0x119/0x140
[  455.706478][T12866]  __sys_sendto+0x42a/0x4f0
[  455.711020][T12866]  ? __pfx___sys_sendto+0x10/0x10
[  455.716092][T12866]  ? xfd_validate_state+0x5d/0x180
[  455.721222][T12866]  ? arch_syscall_is_vdso_sigreturn+0xb6/0x230
[  455.727408][T12866]  ? syscall_user_dispatch+0x77/0x140
[  455.732808][T12866]  __x64_sys_sendto+0xe0/0x1c0
[  455.737596][T12866]  ? syscall_trace_enter+0x5e/0x260
[  455.742814][T12866]  do_syscall_64+0xcd/0x250
[  455.747337][T12866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  455.753260][T12866] RIP: 0033:0x7f2d36f85d29
[  455.757714][T12866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  455.777341][T12866] RSP: 002b:00007f2d37e87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  455.785762][T12866] RAX: ffffffffffffffda RBX: 00007f2d37175fa0 RCX: 00007f2d36f85d29
[  455.793737][T12866] RDX: 0000000000000401 RSI: 0000000000000000 RDI: 0000000000000007
[  455.801706][T12866] RBP: 00007f2d37001b08 R08: 0000000020000000 R09: 000000000000001c
[  455.809675][T12866] R10: 0000000000000101 R11: 0000000000000246 R12: 0000000000000000
[  455.817647][T12866] R13: 0000000000000000 R14: 00007f2d37175fa0 R15: 00007ffe30dc6978
[  455.825635][T12866]  </TASK>
[  455.828650][T12866] Modules linked in:
[  455.832640][    C1] vkms_vblank_simulate: vblank timer overrun
[  455.839799][T12866] ---[ end trace 0000000000000000 ]---
[  455.875407][T12866] RIP: 0010:sctp_copy_local_addr_list+0x2bc/0x5a0
[  455.882010][T12866] Code: 20 00 0f 85 ac 02 00 00 48 8b 1b 4c 39 fb 0f 84 98 01 00 00 e8 c5 d3 3c f7 48 8d 7b 3d 48 89 f8 48 89 fa 48 c1 e8 03 83 e2 07 <42> 0f b6 04 20 38 d0 7f 08 84 c0 0f 85 86 02 00 00 44 0f b6 6b 3d
[  455.906304][T12866] RSP: 0018:ffffc9000eb778d0 EFLAGS: 00010206
[  455.912498][T12866] RAX: 0000000000000007 RBX: 0000000000000000 RCX: ffffc90010b17000
[  455.920594][T12866] RDX: 0000000000000005 RSI: ffffffff8a5c7b8b RDI: 000000000000003d
[  455.928913][T12866] RBP: ffffc9000eb779b0 R08: 0000000000000001 R09: 0000000000000000
[  455.937016][T12866] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
[  455.945099][T12866] R13: 0000000000000000 R14: 00000000ffffffff R15: ffff88807d77cc48
[  455.953877][T12866] FS:  00007f2d37e876c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  455.962925][T12866] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  455.970249][T12866] CR2: 00007f2855d48178 CR3: 000000003ba34000 CR4: 00000000003526f0
[  455.978363][T12866] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  455.986461][T12866] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  455.994589][T12866] Kernel panic - not syncing: Fatal exception
[  456.000939][T12866] Kernel Offset: disabled
[  456.005252][T12866] Rebooting in 86400 seconds..