last executing test programs:

2m48.846001921s ago: executing program 3 (id=100):
socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
unshare$auto(0x40000080)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="10002ca4706b67dbdf251c"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004814)
write$auto(0xffffffffffffffff, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

2m46.744922866s ago: executing program 3 (id=102):
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
writev$auto(0x3, 0x0, 0x8009)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/devices/virtual/net/ifb0/queues/tx-0/byte_queue_limits/limit_max\x00', 0xb02, 0x0)
madvise$auto_MADV_MERGEABLE(0x8, 0x2, 0xc)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000140), 0xffffffffffffffff)
r2 = socket(0xa, 0x801, 0x84)
sysfs$auto(0x2, 0x100000000000036, 0x0)
getsockopt$auto(r2, 0x84, 0x7b, 0x0, 0x0)
sendmsg$auto_OVS_FLOW_CMD_DEL(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="18000000", @ANYRES16=r1, @ANYBLOB="01002dbd7000fddbdf140200000604000180"], 0x18}, 0x1, 0x0, 0x0, 0x40}, 0x800)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000)
mmap$auto(0x3, 0x402000b, 0x2000006, 0xeb1, 0x401, 0xfff)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
io_uring_setup$auto(0x6, 0x0)
sendmsg$auto_NFC_CMD_SE_IO(r2, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x40, 0x0, 0x10, 0x70bd28, 0x25dfdbfe, {}, [@NFC_ATTR_TM_PROTOCOLS={0x8, 0xe, 0x1ff}, @NFC_ATTR_LLC_SDP={0x19, 0x13, 0x0, 0x1, [@generic="cb346a0caa4f84987d5f21dbde98fce43a26e764b5"]}, @NFC_ATTR_DEVICE_POWERED={0x5, 0xc, 0x2c}]}, 0x40}, 0x1, 0x0, 0x0, 0x80}, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
unshare$auto(0x40000080)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/all_slaves_active\x00', 0xb02, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x200, 0x70bd29, 0x25dfdbfb, {}, [@NFSD_A_SERVER_LEASETIME={0x8}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00211459a600fbdbdf250200000008000300000000001b0004"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000229bd70001cdcdf250200000008000308"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)

2m43.617505366s ago: executing program 3 (id=110):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000001340)='u[,&*}\x00\a\x00\x00\x00?\xa4\x1fN\xa1~5Z\xc7\r\f}M4\xa8m\xe6\x19[11\xab\xff-E\xac9(\xb4O\xa0t4h\x9f-gn\x1f\x01\x00\x00\x00\x00\x00\x00\x00\xaeR\x81\r_\x0e\x19\b\x85\bvv(e\xdax)\t\x15\xf6\xc8\xee\x04\x16\xc1\x9a!\x87I7\x8cD&zg\xb0a\xab|E\xde\x14\xee[\xc8\xc0\xa8Nh\x0f\xa3\xdbT\xb3\xb8\xd2F\xa0\xc4]\xaf\xc43&\xe4\x01\x05\xd2\x15\xf8\xf1!\x9d\x92\xbbH\xd3^aD\x87\xd8\xe7\xd2\xf3[r\xc5S&}D[\x97\xf1\xd9\xf8Y\x1c\x03\x84\xb4\xd7\x16\x19\xe5\x17\x10\xd8fcG:\xfbY8\x17w\x98?\x03@\xe5\x02\x05\x93h\xb9\xf7\xef\x84\x8aGlN\a\x1e\x00\x00\x00\x00\x00\x00\x00\xf1p\xeb\xe9(%\x89\xef\x85\xdfr\xce\x00\x00\x00\x00\xff\x00\xa2M\'d\x12\x1c\x12\xca\xa5_\x8d\xdf\xc5\x8d\x19?\xfc~\xb3X\x14\xa7\xa9M\x87\xfcTW\x1bR\xbci\x8d\x8aNEO\xb3~~\xa8\xa6\x894\x80;s\xb7\xa3V\x1b\x14|\x9e\xd4\x05\x85\x0f!\xab-E\'\x97Y\xb7\xe8fMv_\xf8\xa0S\xef\xb7\b\xe7!T.g\x92\x87\t$\x06\xa4\xfb\x83\x8c\x17^\x82\xe7\xd3\xf6q\x1a\xa0\xf82[W\x90\xdd\xe3\xde\xa9\xde\x94`-\x9a\x1e}\xebO*\xb85,v.\xfc5\xba?vlt\xda%\x06a\x15I\x1f\xe3\x05+\x810T2\xf9\x9b\xc7\xd1<w\xd3:\x835\xac\r\x06\xc9\xc1HG\x1c\xd4J\x8aZ%+\xe6/~\xd6\xe1[+Z\xb1\x8d\xc5\x9b\xcfhb\'\x80\xeb7%>\t\x03\xf2\x8d\x8a\x90\xb54\bH<9\xf1\x91 D\x85g,\xaa\xca\xcd\xd5\xcb\x9a\xb1j\xf2F\xce\x14\x92\xf9\xd7\xec\xc5\x1e\x8aq2\xce\x881f\xd7\xd4\x9e\xf6\xb6P\x01\xe8T\xb5X\xb9d-I\xd6\x91\xc3\xe2\x88S\x82l=\x02t$p\t\x8cY\x06\r\x83\xb0\x86\xc6\x84\x1c\xce\xb6\xf0\xdfC\x9fj<\xfe\xa4\x1f\x82L\xe4\x13+H\x00\x00\x00\x00\x00\x00\x00\x01M\x16\xa0\xbeB6\xfb\xa2-\x17\x93Q\x9fKusl5\xa2$M\xb4\x18\x1db\xf3\xce\x8c\xe5Rna\xd5\xbbQ\xc7\xa7+\vH\xc1l\x1bIv\xe8_/file0\x00', 0x40000, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000080)="b088056dcd5d86a53cb1a294bf75ef3ce389db344b65f6d494596aaf19478b6d2b38b99d2eeaadc214a229d5b017edffed772008db5166c53c908a237e0fd47ab1394992f0bafc8d2c663498ebf8204a62e3ec454efe2e013059094dd4895cdee2d718b61463578da821af1bf99f20f925e02b7d129a3b117f8a09118ecb", 0x176, 0x0, 0x9, 0x0, 0x1f, 0xfd}, 0x8}, 0x7, 0x20020000)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1d, 0x2, 0x6)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x1, 0x0)
ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, &(0x7f00000000c0))
r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
write$auto(r5, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$auto_ovs_vport(0xfffffffffffffffe, r4)
write$auto(0x3, 0x0, 0xfffffdef)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
connect$auto(0x3, 0x0, 0x55)
close_range$auto(r1, r2, 0x0)

2m40.885644591s ago: executing program 3 (id=113):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000003b40)={'xfrm0\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r3, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000300), r3)
read$auto(r3, &(0x7f0000000040)='nl80211\x00', 0xbe62)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYRES16=r2], 0x1ac}}, 0x40001)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

2m40.477758078s ago: executing program 3 (id=115):
mmap$auto(0x0, 0x9bc, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
socket(0xa, 0x1, 0x84)
socket(0x23, 0x80805, 0x0)
fanotify_init$auto(0x5, 0x2000000000002)
io_uring_setup$auto(0x3, 0x0)
pipe$auto(0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x48140, 0x0)
socket(0x2, 0x3, 0xa)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x3, 0xa)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x801, 0x106)
socket(0x10, 0x2, 0x0)
socket(0x10, 0x2, 0xc)
socket(0xa, 0x3, 0x3a)
setsockopt$auto(0x400000000000003, 0x29, 0xc8, 0x0, 0x567)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, 0x0, 0x8002, 0x0)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a5, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)

2m38.743446375s ago: executing program 3 (id=121):
r0 = socket(0x2, 0x5, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/wakeup/wakeup7/event_count\x00', 0x1c2580, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000080)=""/86, 0x56)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
getcwd$auto(0x0, 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$auto_SO_SNDLOWAT(r2, 0x1, 0x13, &(0x7f0000003100)='\\?-@\x00', &(0x7f0000003140)=0x8)
setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000005c0)='/sys/devices/virtual/nfc/nfc1/rfkill1/soft\x00', 0xa3182, 0x0)
sendfile$auto(r3, r3, 0x0, 0xffffffff)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff)
bpf$auto(0x11, &(0x7f0000000000)=@batch={0xfffffffffffffffb, 0x44, 0x2, 0x9, 0x81, 0xffffffffffffffff, 0x2, 0x8}, 0xcf)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
ioperm$auto(0x6, 0x18001, 0x80001)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x80000001, 0x8)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
shutdown$auto(0x200000003, 0x2)
ioprio_set$auto(0x7, 0x0, 0xfff)
unshare$auto(0x40000080)
recvmmsg$auto(0x3, 0x0, 0x687bcbd, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x20540, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mbind$auto(0x0, 0x7ff, 0x1, 0x0, 0x1, 0x2)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)

2m23.64538796s ago: executing program 32 (id=121):
r0 = socket(0x2, 0x5, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/wakeup/wakeup7/event_count\x00', 0x1c2580, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000080)=""/86, 0x56)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
getcwd$auto(0x0, 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$auto_SO_SNDLOWAT(r2, 0x1, 0x13, &(0x7f0000003100)='\\?-@\x00', &(0x7f0000003140)=0x8)
setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000005c0)='/sys/devices/virtual/nfc/nfc1/rfkill1/soft\x00', 0xa3182, 0x0)
sendfile$auto(r3, r3, 0x0, 0xffffffff)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff)
bpf$auto(0x11, &(0x7f0000000000)=@batch={0xfffffffffffffffb, 0x44, 0x2, 0x9, 0x81, 0xffffffffffffffff, 0x2, 0x8}, 0xcf)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
ioperm$auto(0x6, 0x18001, 0x80001)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x80000001, 0x8)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
shutdown$auto(0x200000003, 0x2)
ioprio_set$auto(0x7, 0x0, 0xfff)
unshare$auto(0x40000080)
recvmmsg$auto(0x3, 0x0, 0x687bcbd, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x20540, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mbind$auto(0x0, 0x7ff, 0x1, 0x0, 0x1, 0x2)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)

54.049674s ago: executing program 0 (id=437):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000003b40)={'xfrm0\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r3, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000300), r3)
read$auto(r3, &(0x7f0000000040)='nl80211\x00', 0xbe62)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a000500000000000000000008000200", @ANYRES32], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYRES16=r2], 0x1ac}}, 0x40001)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

53.638260371s ago: executing program 0 (id=440):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)={0x34, r1, 0x1b, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x4}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "8987fba55bf4997fbebe00"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
timerfd_create$auto_CLOCK_BOOTTIME_ALARM(0x9, 0x4)
r2 = io_uring_setup$auto(0x1, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/tty53\x00', 0x200, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x109302, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sysfs$auto(0x2, 0x0, 0x0)
epoll_pwait$auto(r2, &(0x7f0000000280)={0x80, 0x1}, 0xfff, 0x5, &(0x7f00000002c0)={0x8}, 0x8)
fsopen$auto(0x0, 0x1)
openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/attr/current\x00', 0x1, 0x0)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/oss\x00', 0xaa102, 0x0)
write$auto(r3, &(0x7f0000000100)='\x00\x00\x00\x00\x00\x00\x00x \xec(\x1d\x98\xe9\xc4\xe8\xfc@6=\xab\xf4\x89\x01\x93\xdc\x19\xffv\'\xa1\xd5\x14\x06S\xae\xadB}\xdf]\x99\xc9\x9f4\xbb\xc5\x81\x9d\x8ak\xdeB\xcbd\xd3\x05\xe4P\x84\xcb\xb8#\x13\nYU\'\x95R\xc8\x9d\xb7*\xe0.\xd2\xdf\x1b\x88D\x8c{k\xcec\xe1\xa2j\xec\xc9\xd2\x98\x94I\x102h\x06\x8c\xa2\xc8\x8a7\xb7t', 0x7ef)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0)
socket(0x2c, 0x5, 0x40000100)
ioperm$auto(0x4, 0x5ad0, 0x8)
r4 = openat$auto_proc_projid_map_operations_base(0xffffffffffffff9c, &(0x7f0000000340)='/proc/self/projid_map\x00', 0x80000, 0x0)
write$auto_proc_projid_map_operations_base(r4, &(0x7f00000001c0)="44f0e9fb071f55117653f04849d699bcacd062b62161bd72061e01c07579fd74f172", 0x22)
modify_ldt$auto(0x1, 0x0, 0x10)
r5 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
pread64$auto(r5, 0x0, 0x7ff, 0x400)
socket(0x2a, 0x1, 0x40000000)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D0\x00', 0x90001, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)

52.597310944s ago: executing program 0 (id=444):
close_range$auto(0x2, 0x8, 0x0)
socket(0x21, 0x2, 0x2) (async)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) (async)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) (async, rerun: 64)
clock_gettime$auto(0x9, &(0x7f0000000000)={0x7, 0xb}) (async, rerun: 64)
madvise$auto(0x110c230000, 0x1, 0x9) (async)
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, 0x0, 0x202a00, 0x0) (async)
futex_wake$auto(&(0x7f00000001c0), 0x5, 0x3, 0xa)
close_range$auto(0x2, 0x8, 0x0) (async)
socket(0x10, 0x2, 0xc) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
r2 = ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async)
clone$auto(0xd2d2, 0x7fffffffffffffff, 0xffffffffffffffff, 0x0, 0x1) (async)
r3 = gettid()
process_vm_readv$auto(r3, &(0x7f0000000040)={0x0, 0x2}, 0x4, &(0x7f00000000c0)={0x0, 0x100000000000002}, 0x6, 0x0)
r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
r5 = ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0)
readahead$auto(r5, 0xeca9, 0x6) (async)
ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [{0x174, 0x400, 0x2}]}) (async)
mmap$auto(0xad, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x900, 0x0)
mmap$auto(0x0, 0x580f, 0x1, 0x8000000008011, 0x3, 0x0) (async, rerun: 64)
ioctl$auto_XFS_IOC_GET_RESBLKS(r2, 0x80105873, &(0x7f00000000c0)={0x3, 0x2}) (rerun: 64)

52.19222706s ago: executing program 0 (id=448):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/irq/2/wakeup\x00', 0x80000, 0x0)
mmap$auto(0x0, 0x400005, 0xffffffffffeffffe, 0x9b72, 0xc76, 0x8000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000200), r1)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f00000001c0)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x44001}, 0x4000000)
mmap$auto(0x0, 0x22009, 0x4000000000df, 0xeb1, 0x401, 0x1)
socket(0xa, 0x3, 0x100)
ioperm$auto(0x7, 0x5ad2, 0x8)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/admmidi2\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/tty/ptyc6/power/runtime_status\x00', 0x4e5743, 0x0)
read$auto(r2, &(0x7f0000000300)='/\x02\x00\x00\x00\xdb\xb7\'6\x87\xad\xfauj\xb1\xbc+\x96Gh\x84*\xdc1\xae\xd7\xa7-vh\xe7K\x82q\xad\xf2\xc3\x03\xf6\xbb\xb6\x00\xabG\xf5\vE\xf0\x1f\xca\xc5\xbfmBL\x14\xd5\xd2W/i%Wp\x8c\xe7x?L\xad\xd1\xdb\x8cF\xf8u\xb5V\xf0UI\x1d\xe8\x12\xc7Mf\xa6\xa1\xad\x81z\x8361\xb0gfFq]`x\xb6\x10\x97\nh\xd6\x01\xa7a\xcfC\xc4\'$\xffX\xc6&\x81\xc80\xf88\xb2\x85\x0f0\x90\xc1!!|7\xfc\xf0\x01\x8cc\xad\x13\x95\xf7p#\xca\x81C\x02g\xc6\v\xf4\xb3\xcci!\x81\xb7W\xec\xf7\xef\xafs`\xb0\x81\x1aS!;p\x98\v\x82?{\xe9\xa3', 0x100000001)
select$auto(0x5, 0x0, 0x0, 0x0, 0x0)
write$auto(0x3, 0x0, 0xfffffffffffffff7)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x48b41, 0x0)
openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000180), 0x20c00, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84)
mincore$auto(0x1000, 0x8001, 0x0)
read$auto(r0, 0x0, 0x410)
mmap$auto(0x0, 0x5, 0xdf, 0x9b72, 0x7, 0x28000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/conf/ip6gre0/mc_forwarding\x00', 0x1400c1, 0x0)
r3 = getpid()
process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000080), 0x1ffffffff}, 0x6, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/bus/usb/004/001\x00', 0x282901, 0x0)

50.965992498s ago: executing program 0 (id=452):
unshare$auto(0x40000080)
semctl$auto_SETVAL(0x0, 0x7, 0x10, 0xfff)
close_range$auto(0x2, 0x8, 0x0)
setsockopt$auto(0xffffffffffffffff, 0x8a, 0xffbffffc, 0x0, 0x80000000)
socket(0x10, 0x2, 0x7fffffff)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/midiC2D0\x00', 0x80102, 0x0)
socket(0x2, 0x80000, 0x9)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/nbd6/trace/enable\x00', 0xe3102, 0x0)
read$auto(0xc8, 0x0, 0x200)
sendfile$auto(r0, r0, 0x0, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x2008000)
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000)
mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4)
lstat$auto(&(0x7f0000000500)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
getcwd$auto(0x0, 0xffffffffffffffff)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
inotify_init1$auto(0x3000000000000)
inotify_add_watch$auto(0x4, 0x0, 0xe6e)
r1 = inotify_init1$auto(0x3000000000000)
inotify_add_watch$auto(r1, 0x0, 0x2)
inotify_add_watch$auto(r1, 0x0, 0x20000e6e)
ioctl$auto(0x4000000000000c8, 0x800454cf, 0x3)
r2 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
ioctl$auto_IOCTL_VMCI_VERSION2(r2, 0x7a7, 0x0)
ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, 0x6)

49.191186872s ago: executing program 0 (id=455):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
unlinkat$auto(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x3800) (async)
unlinkat$auto(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x3800)
mmap$auto(0x0, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x9, 0xe3, 0xeb1, 0xffffffffffffffff, 0x8003) (async)
mmap$auto(0x0, 0x9, 0xe3, 0xeb1, 0xffffffffffffffff, 0x8003)
io_uring_setup$auto(0x1, 0x0) (async)
r0 = io_uring_setup$auto(0x1, 0x0)
socket(0x11, 0x80003, 0x300) (async)
socket(0x11, 0x80003, 0x300)
setsockopt$auto(0xffffffffffffffff, 0xffffffff, 0x1, 0x0, 0x6c)
unshare$auto(0x40000080) (async)
unshare$auto(0x40000080)
prctl$auto_PR_SET_MM_ENV_START(0x5, 0xa, 0x0, 0x89, 0x10)
close_range$auto(0x2, r0, 0x0)
close_range$auto(r0, 0x8, 0x0)
mmap$auto(0xfffffffffffffff9, 0x400000000004, 0x5, 0x40eb1, 0x401, 0x300000000000)
r1 = socket(0x29, 0x2, 0x0)
ioctl$auto(r1, 0x89e2, 0x38)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
migrate_pages$auto(0x0, 0x7f, &(0x7f00000000c0)=0x40, &(0x7f0000000240)=0x1)
fanotify_init$auto(0x5, 0x800) (async)
fanotify_init$auto(0x5, 0x800)
r2 = pipe2$auto(0x0, 0x80)
r3 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000080), 0x10000, 0x0)
ioctl$auto_RTC_PARAM_GET(r3, 0x40187013, &(0x7f0000000100)={0x1, @ptr=0x10000, 0x1}) (async)
ioctl$auto_RTC_PARAM_GET(r3, 0x40187013, &(0x7f0000000100)={0x1, @ptr=0x10000, 0x1})
ioctl$auto(0x1, 0x5761, 0x4) (async)
ioctl$auto(0x1, 0x5761, 0x4)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
open(&(0x7f0000000140)='./cgroup\x00', 0x282a43, 0x55)
fcntl$auto(r4, 0x403, 0x0)
close_range$auto(0x2, 0xa, 0x0)
rename$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='./cgroup\x00')
openat$auto_sco_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x342, 0x0)
socket(0x1e, 0x1, 0x0)
sigaltstack$auto(0x0, 0x0)
sendto$auto(r2, 0x0, 0xfdef, 0x7, &(0x7f0000000440)=@tipc=@name={0x1e, 0x2, 0x0, {{0x1, 0x4}, 0x2}}, 0x8000020) (async)
sendto$auto(r2, 0x0, 0xfdef, 0x7, &(0x7f0000000440)=@tipc=@name={0x1e, 0x2, 0x0, {{0x1, 0x4}, 0x2}}, 0x8000020)

33.991688722s ago: executing program 33 (id=455):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
unlinkat$auto(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x3800) (async)
unlinkat$auto(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x3800)
mmap$auto(0x0, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x9, 0xe3, 0xeb1, 0xffffffffffffffff, 0x8003) (async)
mmap$auto(0x0, 0x9, 0xe3, 0xeb1, 0xffffffffffffffff, 0x8003)
io_uring_setup$auto(0x1, 0x0) (async)
r0 = io_uring_setup$auto(0x1, 0x0)
socket(0x11, 0x80003, 0x300) (async)
socket(0x11, 0x80003, 0x300)
setsockopt$auto(0xffffffffffffffff, 0xffffffff, 0x1, 0x0, 0x6c)
unshare$auto(0x40000080) (async)
unshare$auto(0x40000080)
prctl$auto_PR_SET_MM_ENV_START(0x5, 0xa, 0x0, 0x89, 0x10)
close_range$auto(0x2, r0, 0x0)
close_range$auto(r0, 0x8, 0x0)
mmap$auto(0xfffffffffffffff9, 0x400000000004, 0x5, 0x40eb1, 0x401, 0x300000000000)
r1 = socket(0x29, 0x2, 0x0)
ioctl$auto(r1, 0x89e2, 0x38)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
migrate_pages$auto(0x0, 0x7f, &(0x7f00000000c0)=0x40, &(0x7f0000000240)=0x1)
fanotify_init$auto(0x5, 0x800) (async)
fanotify_init$auto(0x5, 0x800)
r2 = pipe2$auto(0x0, 0x80)
r3 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000080), 0x10000, 0x0)
ioctl$auto_RTC_PARAM_GET(r3, 0x40187013, &(0x7f0000000100)={0x1, @ptr=0x10000, 0x1}) (async)
ioctl$auto_RTC_PARAM_GET(r3, 0x40187013, &(0x7f0000000100)={0x1, @ptr=0x10000, 0x1})
ioctl$auto(0x1, 0x5761, 0x4) (async)
ioctl$auto(0x1, 0x5761, 0x4)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
open(&(0x7f0000000140)='./cgroup\x00', 0x282a43, 0x55)
fcntl$auto(r4, 0x403, 0x0)
close_range$auto(0x2, 0xa, 0x0)
rename$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='./cgroup\x00')
openat$auto_sco_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x342, 0x0)
socket(0x1e, 0x1, 0x0)
sigaltstack$auto(0x0, 0x0)
sendto$auto(r2, 0x0, 0xfdef, 0x7, &(0x7f0000000440)=@tipc=@name={0x1e, 0x2, 0x0, {{0x1, 0x4}, 0x2}}, 0x8000020) (async)
sendto$auto(r2, 0x0, 0xfdef, 0x7, &(0x7f0000000440)=@tipc=@name={0x1e, 0x2, 0x0, {{0x1, 0x4}, 0x2}}, 0x8000020)

9.070723213s ago: executing program 4 (id=557):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram2\x00', 0x14f602, 0x0)
r0 = socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x0, 0x1, 0x9, 0x7, 0x3b, 0x4909b6fb, 0x1ffde, 0x7, 0x6, 0x2, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x2, 0x10000, 0x80, 0x7, 0x40000, 0x7, 0x2000, 0x200, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}, 0x202, 0xd)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = socket(0x11, 0x3, 0x9)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = socket(0x10, 0x2, 0x4)
close_range$auto(0x2, 0x8, 0x0)
r3 = socket(0x1f, 0x2, 0xc)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRES8=r1, @ANYRES8=r3], 0x18}, 0x1, 0x0, 0x0, 0x60008044}, 0x20008000)
write$auto(r2, &(0x7f0000000000)='-\x00', 0xfdef)
mmap$auto(0x0, 0x810004, 0xffb, 0xa000000008011, 0x3, 0x8000)
r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video63\x00', 0x80800, 0x0)
read$auto_v4l2_fops_v4l2_dev(r4, &(0x7f00000001c0)=""/191, 0x1f8)
r5 = socket(0xa, 0x3, 0x3a)
mmap$auto(0x3, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
setsockopt$auto(0x400000000000003, 0x29, 0x6, 0x0, 0x3)
getsockopt$auto(r5, 0x29, 0x36, 0x0, 0x0)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000840), r6)
sendmsg$auto_OVS_CT_LIMIT_CMD_SET(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000006400)=ANY=[@ANYBLOB=' .\x00\x00', @ANYRES16=r7, @ANYBLOB="01000000000000ffff000100000004000180072e0180"], 0x2e20}, 0x1, 0x0, 0x0, 0x2000c040}, 0x4)
preadv$auto(0x3, &(0x7f00000004c0)={0x0, 0x8000000}, 0x3, 0x10000, 0xc)
socket(0x11, 0x800, 0x101)
socket$nl_generic(0x10, 0x3, 0x10)

8.456318951s ago: executing program 4 (id=561):
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x0, 0x0)
r0 = socket(0xa, 0x1, 0x100)
getsockopt$auto_SO_RCVPRIORITY(r0, 0x2, 0x52, &(0x7f00000001c0)='/dev/virtual_nci\x00', &(0x7f0000000240)=0x7)
ioperm$auto(0x7, 0x5ad2, 0x8)
r1 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
pread64$auto(r1, 0x0, 0x7ff, 0x400)
socket(0x1e, 0x1, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x400000000000948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r2, &(0x7f0000000400)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc\x1e\x17\x92B&\x97P\f8P\xf2\xc2\xa77\xa0i\xf0v\x8aS\x97\x1d\b9\x96B\xf7\x95\xfd\x9b\x9a>\xfb\xd4\xc2a;t_\xa5\xc0\xc9\xb7\x87\x01B\x18T\xfb\xf6\xa1\xbd\x1a6\xc9&\xf91\xa2\t\x8c\xbb\xe6p\xd8\xdcDE?nc\xeb\x10*\xb0\xd0\x03\xed\xf8Q\xd6\xba\x01\x99\x9cZa\x99\x06\x1f\x8c\xcf{\xc6\xee\x1c3\x1f\xfb7n\xc9w\x98Q', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
process_mrelease$auto(0xffffffffffffffff, 0x0)
r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
inotify_init1$auto(0x403)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
readv$auto(0xffffffffffffffff, &(0x7f0000000a80)={0x0, 0x200000000003}, 0x3)
mmap$auto(0x0, 0x40000c, 0x0, 0x11, r3, 0x7ffc)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x3)
r4 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
ioctl$auto_MON_IOCX_GET(r4, 0x40189206, &(0x7f00000003c0)={&(0x7f0000000280)={0x8, 0x4, 0x4, 0xce, 0x80, 0x1, 0x48, 0xf9, 0xffffffffffffffff, 0xe528, 0x2, 0x5, 0x5, @iso={0x800, 0x5}, 0x5, 0x1, 0x5, 0x8001}, &(0x7f0000000540)="4c0917578688573fd8149570c526591ad12457dc749e15375b7bebbf6a0b1494c78051640e0d2bfbba08ee5a5ba5abfb278386227cabce8d59ee51db6784230b8682ee6c662505c378da544c2969bcad03f81b31a7c215b53ce32730f3534539d46df9615939284060177bfcde8ddedfe5d7a0c3ed04430342bdef0df30b50aad699d3541ffc8e03c7fb0a90a58d9958edd25b9455468e1b22a22f667d24275857aefe63d45080260458b76548737163af063a47e9499e91ea8facc1292ee3d820cedfd5d88d04441fb53e61eb00000000000080000000", 0xc})
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
r5 = socket(0xa, 0x2, 0x3a)
setsockopt$auto(r5, 0x29, 0x4e, &(0x7f00000000c0)='\x15!\xa8^J/\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91_\vBj\x0eQ\xce\x16\'C\x8c\x01\x80\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\x00\x00\x00\x00\xe4\xa5\xfe\xb5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf7\xad?\xe9>\x90\xb4\xcd#\n)\x7fU\x85\x15\x95<\xa2\x87g\x82,\xb9\x7f\xc8\x02\xbc\x12\x14\x17+F9\xa9\x89\xb4_Ki\xbc\xdc[\xef\x16\xc1\x99\xfe\x0f\xbe\xfdJ|<\xaa\xac\xdc\xad\xd2p\xcc\xa0\x9e\xda1\xfdb\xf1~T\xc4\xf1f\x17\x86N\xa5{\xc9\xaeM(\x1aF]\xa3', 0x10000112)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e24, @loopback}, 0xb)

6.727347327s ago: executing program 4 (id=564):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/oss\x00', 0xaa102, 0x0)
write$auto(r0, &(0x7f0000000100)='\x00\x00\x00\x00\x00\x00\x00x \xec(\x1d\x98\xe9\xc4\xe8\xfc@6=\xab\xf4\x89\x01\x93\xdc\x19\xffv\'\xa1\xd5\x14\x06S\xae\xadB}\xdf]\x99\xc9\x9f4\xbb\xc5\x81\x9d\x8ak\xdeB\xcbd\xd3\x05\xe4P\x84\xcb\xb8#\x13\nYU\'\x95R\xc8\x9d\xb7*\xe0.\xd2\xdf\x1b\x88D\x8c{k\xcec\xe1\xa2j\xec\xc9\xd2\x98\x94I\x102h\x06\x8c\xa2\xc8\x8a7\xb7t', 0x7ef)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0)
socket(0xf, 0x800, 0x8)
ioperm$auto(0x7, 0x5ad2, 0xc)
r1 = openat$auto_proc_projid_map_operations_base(0xffffffffffffff9c, &(0x7f0000000340)='/proc/self/projid_map\x00', 0x80000, 0x0)
write$auto_proc_projid_map_operations_base(r1, &(0x7f0000000080)="44f0e9fbc01fd062b62161bd72061e01c07586fd74bf853907a01ebd1a3cbc31b4801ebfcbaafda55783688acd1fc6f172", 0x31)
modify_ldt$auto(0x1, 0x0, 0x10)
r2 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
pread64$auto(r2, 0x0, 0x7ff, 0x400)
socket(0x2a, 0x1, 0x40000000)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r4 = prctl$auto(0x7f, 0x1, 0x0, 0x100000000000001, 0x870d)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/dummy_hcd.5/usb6/power/autosuspend_delay_ms\x00', 0x88b02, 0x0)
sendfile$auto(r5, r5, 0x0, 0x3)
select$auto(0x12, 0x0, 0x0, &(0x7f0000000240)={[0x202, 0xa, 0xd, 0x6, 0x400000000000948f, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x9, 0x1]}, 0x0)
write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0xa, 0xd, 0x8, 0x0, 0x3, 0x15f4da0a, 0x20000003, 0x3, 0x62, 0x800000008000001f, 0x7, 0xdb17, 0x9, 0x2, 0x8]}, 0x0)
r6 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/kernel/kexec_load_disabled\x00', 0x202, 0x0)
sendfile$auto(r6, r6, 0x0, 0x0)
mmap$auto(0xc, 0x4, 0x5, 0xeb1, 0x405, 0x8000)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0004, 0x19)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
setsockopt$auto_SO_INCOMING_CPU(r2, 0x72, 0x31, &(0x7f0000000040)='\x00', 0x81)
close_range$auto(r4, 0x8, 0x0)

6.328898551s ago: executing program 1 (id=568):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000003b40)={'xfrm0\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r3, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000300), r3)
read$auto(r3, &(0x7f0000000040)='nl80211\x00', 0xbe62)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf2503000000080003000002000006000700008000000800", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a000500000000000000000008000200", @ANYRES32], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYRES16=r2], 0x1ac}}, 0x40001)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

5.033714812s ago: executing program 1 (id=570):
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x55)

4.576026285s ago: executing program 1 (id=571):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x9)
r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8340, 0x0)
ioctl$auto(r0, 0x5403, 0x3)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_hpet_fops_hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x2100, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'caif0\x00', <r2=>0x0})
socket(0xa, 0x3, 0x3a)
setsockopt$auto(0x400000000000003, 0x29, 0xc8, 0x0, 0x567)
r3 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_FLOW_CMD_GET(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x14, r3, 0x400, 0x70bd2c, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x24040071}, 0x800)
connect$auto(r1, &(0x7f0000000080)=@xdp={0x2c, 0x8, r2, 0x13}, 0x3)
socket(0x15, 0x5, 0x4)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r5 = socket(0x2a, 0x2, 0x1)
r6 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000280)='/dev/sg0\x00', 0x418000, 0x0)
getitimer$auto(0x2, &(0x7f0000000040)={{0x8, 0x8001}, {0x0, 0x5}})
ioctl$auto_SCSI_IOCTL_TEST_UNIT_READY(r6, 0x2, &(0x7f00000002c0)="a3ed6f6f68d0c6c50a5921fd30c0b1cb4b65ce2686bb4643fa0b8441b754d8b0de895b6c72af8de1d04b9a139ae0b7cda50f529086d05128e263d381abbd39dec8432e216e901d2baa9372b416c7d0b10d979cd5e5e3b604f974999cb41bd6812310a9075b20953e0b09fd660aa22a7d208618340957ae8a334456ee5a96a2f7ad8e1286cb610f1c6d2e1f4d")
connect$auto(r5, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0xfffffffe}, 0x55)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
close_range$auto(0x2, 0xa, 0x0)
r7 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000008040), 0x2, 0x0)
ioctl$auto_I2C_SMBUS(r7, 0x720, 0x0)
socket(0xa, 0x3, 0x3a)
sendmsg$auto_NL80211_CMD_GET_MPATH(r5, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x78, 0x0, 0x4, 0x70bd28, 0x25dfdbfc, {}, [@NL80211_ATTR_IE_ASSOC_RESP={0x61, 0x80, "810c58b0623ddb6084d748231f1ea07507dfb2a1aafbf57fd31b2cfa1cd328c962ae7c2cce9f91eb529be65fe5d65c09abf2aca6a88d933a605f56b2cd79563212b8be962b5989bac23c721c35321a6c66b638778b43922b4a9ddb38de"}]}, 0x78}, 0x1, 0x0, 0x0, 0x800}, 0x20000000)
setsockopt$auto(0x400000000000003, 0x29, 0xca, 0x0, 0x566)

4.165670813s ago: executing program 4 (id=575):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x6, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x0)
socket(0xa, 0x2, 0x3a)
io_uring_setup$auto(0x52, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x55)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xffff}, 0x1, 0x0, 0x0, 0x9}, 0x100007}, 0x3, 0x0)
recvmmsg$auto(0x3, 0x0, 0x9, 0x47, 0x0)
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETPOLICY(r1, &(0x7f0000000100)={0x0, 0xffffffffffffff94, &(0x7f0000000140)={&(0x7f0000000080)={0x14, r2, 0x2, 0x70bd27, 0x25df9bfc}, 0x14}, 0x1, 0x0, 0x0, 0x20014}, 0x4040084)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
setsockopt$auto(r0, 0x3, 0x3, &(0x7f0000000000)='\'\x00', 0x80000000)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
setgroups$auto(0xe32, 0x0)
prctl$auto(0x23, 0x8, 0x2008, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r3 = socket(0x2, 0x1, 0x0)
listen$auto(0x3, 0x81)
getsockopt$auto(r3, 0x6, 0x26, 0x0, &(0x7f00000000c0)=0x28000)
mmap$auto(0x3, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
socket(0x2, 0x3, 0x2)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0)
mmap$auto(0x0, 0x2, 0xdf, 0xeb1, 0x401, 0x8000)
shutdown$auto(0x200000003, 0x2)

4.111400128s ago: executing program 5 (id=576):
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1258, 0xd77, 0x5, 0x7181, 0x1ffde, 0x7, 0x3, 0x9a89, 0x5, 0x80003, 0x4, 0x1fffffffffff, 0xb4, 0x3, 0x2, 0x10007, 0x80, 0x0, 0x0, 0xa, 0x22004, 0x200, 0x4, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0xea4, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x5, 0x1000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000]}, 0x1fe, 0xd)
r0 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_LISTENER_SET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000380)={0x11ec, r0, 0x100, 0x70bd27, 0x25dfdbfe, {}, [@NFSD_A_SERVER_SOCK_ADDR={0x78, 0x1, 0x0, 0x1, [@NFSD_A_SOCK_ADDR={0x71, 0x1, "050a5a0e49eef31a3ffa149a46f1fc79a0cc4e7aeb27d593ba33e3bf157a5e02fabe1132083b67830ed6c48813ea2befa20e326fdb5df9d0476499f5dba11f980477cad6f400ab7541e4e9a042140039f6b5eeec7870969638b7d5ca3d13beb0c9f76a6689844841cafabbeecf"}]}, @NFSD_A_SERVER_SOCK_ADDR={0x60, 0x1, 0x0, 0x1, [@NFSD_A_SOCK_TRANSPORT_NAME={0x6, 0x2, '-\x00'}, @NFSD_A_SOCK_TRANSPORT_NAME={0x18, 0x2, '/dev/mapper/control\x00'}, @NFSD_A_SOCK_TRANSPORT_NAME={0x18, 0x2, '/dev/mapper/control\x00'}, @NFSD_A_SOCK_TRANSPORT_NAME={0x18, 0x2, '/dev/mapper/control\x00'}, @NFSD_A_SOCK_TRANSPORT_NAME={0xb, 0x2, '\')\'&{\'\x00'}]}, @NFSD_A_SERVER_SOCK_ADDR={0x1100, 0x1, 0x0, 0x1, [@NFSD_A_SOCK_TRANSPORT_NAME={0x18, 0x2, '/dev/mapper/control\x00'}, @NFSD_A_SOCK_TRANSPORT_NAME={0x18, 0x2, '/dev/mapper/control\x00'}, @NFSD_A_SOCK_TRANSPORT_NAME={0x18, 0x2, '/dev/mapper/control\x00'}, @NFSD_A_SOCK_ADDR={0xad, 0x1, "6cd5df44016fe744cdd29877d09ecf5b8ca2c5fe73d1eb8dd885321a3ca1a04866e693f0c264015ea315d64dc93387af1f6d03768b8d665c9f5d88b2472fd3c7657cf8d740984b3e20bf894bbcd114ee79681cad649824471d3b088c88f283055717d07d737f7d44b42bfb7cfde92a1fa2a3ba6c02043e26ed8405e64cd864047a002c30747f93ee0a0a843794305c544be815641d0d4b3eeb0be64f14894ea7ac7e832c46f5f9f539"}, @NFSD_A_SOCK_ADDR={0x1004, 0x1, "c9aa54e511009095ff490552d2674a59d354e84278129d9348959c1354b4c0e1f9d490be5e212b682a1524ab1089c349c5997ad6e688a5173b0a35da51c1566838e42fad6123e25a12d4e64d3f08664c8d46580dd751400df8c6838b7c6efb246b45d91b947b1018597f05f46ddfa0d55dfef55b4e13e9be2d115b883f3eaba7b184d9ca14d43ba704fa68e7b4b4638e606827604d050d033e662dce0d60078965b5b1239887b591dfcc6fbf1f8d8d2768a1c27a6ffd3298539c50f645b72a25c4abf185a01436fbb4384f4ff8cf90bd9348b9f298a561e4dd9f24cdc6706eb71997f6089b65dce2b1551a788942ef3ea6423e03555e32a89130e884861b620439cf82123d5f29b40e6f97d7b3d830f9b40512d7f3e8c519a9ea74f5f4e09ab934314eb88adcab936fe9b53517cb7e97d6f9800500430bccab3e165ea2c578afc1352f100e9e5e70544fc9e6a3492bbcf1bc2c70775bded02a8813796ef11ca290dd04d2a7cc4c1826a7a10bd9087fdea216d40756ec6ee87cb685153346e9c645e397b721ff9bad8690488c5f273cccde08caa1f5c6e719fb98573b286f6acc2eb05096598285ae8a5fb908dd1c9bb0f63a95f625086efa5eb164e790bd5de8b40a67c1ee41e8bf70d8ce6b32e658738caa3ee2470416949eca0e9d192c563fdd014c2f7e260cbe833b27d715f543361d958fcd4834b01b0270df66355a56deb70e5fec67ee8279c5cd38740d789e685b519fff86bcdd6e693a6b14d59c03509c57bf7fdaf827eb062def5b41cd459f33355d7e2d09709a9e796dedca4728d3e2bf0fe4230d8f49b7b62565722c141f5c40b95b56039754a92a09e3056bf4f56746a13e7107f0de192fdae6e1b94aeff779207ce4456094aec3baf5c09ae978b333d53229815498fda161959ff690ae5fbfb97d40c616d7b8bc6b9a4eb68f75b10db52cc4d821faede1e597438ebbf71387bd27e799907d750eeb3676d84107f6d0562a713620c87963a6d1c63092bbe6a966b5d4d8ff16d0cb610daade8e09f7657552b683ac1b8f06b1c2517dbbb7a704619a358b294a24b00a35371c7fa9ebceb92854fec590e77130fef4c282be7f7a89cee99986d51516c37e2b379e63134cd63f14bcb892a6b98964e3665a9799554a58253cdc058a2bfbb5cbb0845e372a3ef9e309eb22efb8f1f72fb986ce1520c2644255b521799f3aab81d5304eefde52f6bb80b8a5c44102bdbc3664a8fa7a1e9527362199c88e25cfc77b737f204632aa5990d9cf7e63f9d2c03f31c0723338d576344effd713ff045b17a651e48ed0c81b9e376b2781a20fe379738132dd7d2d87a3a94b82015a54885f304cd5175965f334b2b7241619c43ef6b6e31dcad7ac16df1e9d7ffe79d918b0f6d79e7d6187b5708686a61958c134e7aa6c11c2076a199d9ca7b3e742d932bb49ea68f79abb1cba3ab4aadeb8e752d3cd76e480c5de30c3f823414b58c0bb52ab36c8e73b7710d259f6aee381f56584aa2a0e512e1e442a51565cb556a3913aa63798e585c87e31fa5f40b20210ab0fe6a2f4c6f8872e9424ed93ce1f265285973ddc740c2952c5ce7aeeb2144724203d8b9f8eded9b399ee21e02f55d75abf860000baf9f88d4e2128c7b7e9679c0c1aa7b47ec45fb4ca2a7748ec50c319e812147f81175ce2057e05b5fc7972306f3702929dea26ccb2f2e1953065a77ad86fdac7d41cef357781c37b5de83c0ed34e28c5f6943eaa54c9617ade0bda5f286f6917f2fd002e6a781c3fe19318d0a85f559758fba14ecc483e4212b3a677c35c5b7ac7eecb433b978a89997e8567eeb35d71251f8255ad38afc295142fbf93dac4463aaa3614518c7286e81d1ff04e0d91e02e9d104f10e82ac210f12cd3f48da29083a4e5a1f145e05d0e78a7204cf24e3bfa7fba54a87c1e104ae73a2d2bb9d170aeef4d85f3240b5fc3cc14e9d44417b86643f6c3d89be491b130407fc28351d876cef2956b2b95da6a94383eb45620554a121e356954ac53c26db517216b51d1f278a8689fec19303ae3807ca0b7273441e55ab29827f8a5efa8fa4860be26e1e494a5a78558b62297ed21dddf816a55e669442556114a51a02cafb781526f6ef8a0eece842347c573b0cc1991e9e19c50c874357c69502f3fe5ef3076fa43e467201640853770c0e4219720ea458e39f8f4756fec871a8be4ed06e5983b8874cb8b13b608645cc5dc5a52267677f88e1ee6c01633ee0b7000c136cfe726ac0f41b65381d6968f431ad126137e619f6497eebe833e98f9c7a0e8aa636a375a46d6b69c758e5c27fcc9323a0dfaa19d52368d1f107e166657b8838866940b0dfff3dd53c81ccf4ac813a796c42aed91a20794121de7c2884a310d2572e4ebef05da1390502fc9945e56d218c5fdc36018ca79a63d8d8d80e75061360514de949c416b381f801315aab937cd1a86ec5eb4c0be483f96a738e6786f47e064e081244edef793477ed9013b08c9bcd22807ed335754b8f9fb6c331637cab52ba56862b4acaa7ab3811e4da9b1155e67798ce1ce8eedc93266cda0258c9b6f8fc50c6256e72aedf0af02777320fcd934c1017e090a36677f6adf3bd1b6ba7b95df8eea8c1f142a8f4f2dec041992df2e3dbd040ae3041fc914d8a1f7c148ea70dadb66526331f91bc821924626509916c7a98065590c49ad3e1ebc11f9f1cde7bee7d8fd6ca2709df19d4e74d774d77325ec3c9c042d64b046915ab93f7b8a51cc7e1447ed360363c72096c3d92d72643227e984956838cc4edadf469000447fcf340e0817ff996299ec43b4644a0b4a2c96fae0382f11ba65a4c6dbfab78f9dd7c5d482b253b46b2b82a27bb0adfc368435cc366c1361e7f3d29b6ef11fea2724fafa65dbc0f4a5122ca71796b36b6c53daaa480e5e42a1ab270ef6a3fa751d8e5b717674357221e989648e466a7af0fa1af2cc9a0d81ff3b01a3a423d77d2ca32ff91ff7d9ba8bc72f53ec9dcf4b64767cdeb200549094e07f6cd1f44908d97221252521238a573ad5bdc28ee1332ffe13d45bc8d21d80355405804c0be8d49f3c750b791014ae0a04fa17631f6844df4d05bebd83d55fa8629d10aba65bfd20352ef2ef8503fa3f8aac2bdf53f9ebf13015020570749c5d8fc07f6d3c98a9bf78fda0210bf795f34aa311819dfae51c216a9b27287eafc9f1a4c73dcade16572b8ad834004be0042db76e72bee17d2f79cd6995d03a77f376b3b0a02392e7258a10e0c7bc432a7c52286e87b71dae873dc5730c194e8125fa7c084d9cc84901f01c15802edf55b656e146c3be80627b431b2fbfb3cb195ad001d3d627cf5a721e69d1c32d54ffd83c3dab6ddfaaa63391625074b0d2b5f7fb468ab752fbf0ccd8308b5d7a0812b32d281ee753b1826654efb313ea56f124dafb4a5efd71f93b6169bc86b5c3cd83adc7267c2640a9d51e457f41e0907e8d46d5b0d1dfb447d3cada24d3e813258d9566b6a28ad598bb254011f60f4f18d3e1816d74cac3d3c757837934fe8b3dbef0d5e6cf075360533fde56ac6ab935b3b05b9c034e85b9cdf41ed73e98c5704d17667c3c143e040293c78e0698b192725fe6f7e9fc10aefb44c0baa0993402988a398cde1388c40e0f0fa649008991055b99b86ecb36ece29645dc73a57be76e68aee05359e6f4e0fbd0544492e944fa7d32dbfd525c57274fc5ce83731ef79bfd4cb281d25d54903f55d5e5241447d274ab2fcb5806cea12df73e106955e4e19e12dd3e22bf4eca77203feaa01cb33ac123cc185c703fded8ca63e9850b407a886941b4d8ee6b142e2e03c907b4fece2652ebfdfa52e4d9ce3e3d59fb6b57aee03273801c432ac4b27dda79637df3a5f9675affab6448bae04a6135816689ee91a3104fa8f9c2e79bb34b4b517fc091c47022f2b8dbf29cc84a5767c119c339aec7bfbc6b936507d3b3dc5b13f86ed2ea28112298125e3a3085b6140a92f11d1e8ac64ae3e801df1147c62a143692925909a7c876bd473d0caf30b140957ddca86d1a5569b1530e4d326d04f25544d81230ecaa326f3e206ad304559073ee71b2eba49adfd08bd1f4b95b9fbeeb126d4eadecd613ba83dea1201c92284f919afae333e6e8068e0b66a103585eeb7bdf5ea76079066cc03ee68da16dc9f6d30a1c08e68a99bfeb82f9088916b59e66117c5c40688433608a7dfff1311d068d3b0bd2bfcaa7a185753c1fb3ee2bb16352f56be9c57b0d1003f53ddb5581763020cd184eadb12eca9ca9945e4c8b728b64e9db010dc0a13423505739010f1e026e59eaed493361b111e2488b38f73fa6090f5f999f70b36630e1f786c56e39850439a0cb9bf831cd837a427cc5642266d29f8bff900db7af59628a7bc5b552f4826840d9ae1cd610861c635c9b6b75492d37457169db237e482c247006ca62a25c3f8e6c00e93772d1e7f9da9c0623e54d58a9d5a0ab8ecbd092af59f4d3c1839ca7db8c005ed8c992ed48691d1bba54ec33b252ff1dd5e924514314a8d44659e48d3efbba60fb4cbc0f3bd234560ef0503cf80639e7f0e63b48c88cfd34ac39635d2fdd12c6d8c4a0df53e5164665d801e63a9e18d17643b26d7b2f1c4310930165d2a90c85cad8872434277b7235b1f2449a31ab1ef10ca3660c7de358cced14cd2b90dafb2cb66351542040b60eed29c044e8e89b173b7f4f20a187a44eee873c82dfb5e29b7718aebc71ea4261de7f6b93a077ff40ebadcedc77fd2ced10f776afdaa789d09e4b0caed6cc4476e3b8f38a32918a0e73d8d174ca1db42eaff8f5f701dcfc402a51fb098084fe39348d8550b105124771a3579e0ee42ff74104d81ff4b888ac6ddd1758d96e2a6554dca64fa303bda516d5421efaa9b29996fd5a4e08bbb071e33656be4707fe191f6c1479e92d2a9e1bb790139062a74580a23ce092e60a72c2dbf4a4674ae8461a88114a05f1cd49b666c0fce50e65d7ffd3e51a21861f5f82a95470d38e07bfeff1a9c64caf784609bf14c6a2f172453fcdfb2b25ca6a097406abf0223282bede69700e94140e5cb6336343863e474349f9fc800e9089218d789e020ecd3808a1e3f225485bc3f39f6c568911f2617382ac97ba4152a5cadc94412c280370b752fad378bc9b49bef3efa246afe6eb47e43ca3e0d365f33b2055215dadc15d5b38be578f96729063700c4982ceeebd833d6d2e50ecaa36e0caece6d364720695cae08fd7af026f3806d068921d8fc01fe8bc1d7ffdbfdacd2c32389fb9651ffcc7ce42cbb7e3df2fb90f5bc6c41269a0755efa817ad2649c7003b16ab096868c92d84b12803d74d643548a4d993b0c6ce3c2639e4a63c996dca4ae291901c8b9c4338537193f5c0883d3ec6819a8d560a37d30a480adabc40218fae6faf9ff62967bc501640cbb5144bcce37ed57dfbc223b984e215aedd3fc95864859cca4204530349a98e006cdd4faf3ce1f52decc0a07b59b32cd259b7bc4a17d0584281265c746c8656043b26d43a1bf0f81d05dcb20256452b8c8ff224543c38665f4d870a4808bc86f7d2ebb6f75c3e4520f4be374413745790e087c1ec8bb6d10509b02a901cec7eceb218e98c95ed19060178d408f6a7e39d20e83127e3f5f6105a3d8db474f1188ce4da6fda702bc6d94cff4bdc544a8b3240a81b519db4ac24b9e2efbafac868d1ad540c7a2bf4ee08ec7906af740cb09eae1b35aac63bcc4a160498a1107a10709e06b1fc2a8d2cc9a5eb71e818ef2cab03f3fda92347017c1f4ccb7f719d1aa4cc77c922c"}]}]}, 0x11ec}, 0x1, 0x0, 0x0, 0x804}, 0x4000044)
r1 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
ioctl$auto__ctl_fops_dm_ioctl(r1, 0xfffffffffffffd03, &(0x7f00000001c0))

3.839896256s ago: executing program 5 (id=577):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000003b40)={'xfrm0\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r3, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000300), r3)
read$auto(r3, &(0x7f0000000040)='nl80211\x00', 0xbe62)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf2503000000080003000002000006000700008000000800", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a000500000000000000000008000200", @ANYRES32], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYRES16=r2], 0x1ac}}, 0x40001)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

3.534040831s ago: executing program 5 (id=578):
mmap$auto(0x0, 0x2, 0x9, 0x5a5b, 0xffffffffffffffff, 0x8000)
rt_sigaction$auto(0x1, &(0x7f00000001c0)={&(0x7f0000000080)=0x0, 0x7fffffffffffffff, 0x0, {0x5}}, 0x0, 0x8)
rt_sigaction$auto(0x2, &(0x7f0000000380)={&(0x7f0000000040)=0x0, 0x800000001000009, 0x0, {0x7a}}, 0x0, 0x8)
bind$auto(0xffffffffffffffff, &(0x7f0000000080)=@sco, 0x6b)
socket(0x2, 0x2, 0x3a)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
semctl$auto(0x201, 0x2, 0x13, 0x1)
setsockopt$auto(0x3, 0x0, 0xb, 0x0, 0x17)
r0 = signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0)
read$auto_l2cap_debugfs_fops_(r0, &(0x7f0000000240)=""/177, 0xb1)
r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r1, 0xc0045516, &(0x7f00000001c0)=0x6)
unshare$auto(0x40000080)
socket(0x1e, 0x1, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x8000)
prctl$auto(0x3f, 0x7ff, 0x0, 0x5, 0x5)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
clone$auto(0x100000000021, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x4)

3.307708837s ago: executing program 2 (id=579):
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x55)

2.92851358s ago: executing program 1 (id=580):
mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xb57e, r0, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
sendto$auto(0x3, 0x0, 0x18, 0x101, 0x0, 0x1c)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cpu/0/msr\x00', 0x216fc2, 0x0)
close_range$auto(0x2, 0xa, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x1000)
open(0x0, 0x161342, 0x100)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x20282, 0x0)
lsm_set_self_attr$auto(0xb, &(0x7f0000000200)={0x7, 0x7, 0xffffffffffff7fff, 0x91, "ca51d0d1437ca5d268711c0d334d2dee1271c478464a66fef0023dc3dbfe5b7b02542d35d1d071801a2fc42073371e1620398409e4cc3138dca08d7a0989984870b35d1b9150470a1727982c2b46ed426feec24b689d46fc808a202aba95bd2ca69657bb2a27c031ba1e9f73ac8180f3652bab73569b0ad09b81abb509792ce1416be44d2dd56eadaaa669e6f245e59e9d"}, 0x5, 0x1)
ioctl$auto_UI_DEV_SETUP(r1, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x9, 0x80}, "6a034a07c7b8edb8fc3b39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0x6})
ioctl$auto_UI_DEV_CREATE(r0, 0x5501, 0x0)
r2 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/ksm_stat\x00', 0x2, 0x0)
read$auto_proc_single_file_operations_base(r2, &(0x7f0000000040)=""/228, 0xe4)
unshare$auto(0x40000080)
r3 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x0, 0x0)
msync$auto(0x7, 0x4, 0x4)
mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8e051, r3, 0x0)
mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0)
r4 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000000), 0x101600, 0x0)
ioctl$auto_VHOST_SET_OWNER(r4, 0xaf01, 0x0)
ioctl$auto_VHOST_SET_VRING_CALL(r4, 0x4008af21, &(0x7f0000002600))

2.927830754s ago: executing program 2 (id=581):
r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000540), 0x20000, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000580)={0x80000006, 0x0, 0xd12b, 0xfffffffd, 0x200a})
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x115400, 0x0)
ioctl$auto_SNDRV_RAWMIDI_IOCTL_PARAMS(r1, 0xc0305710, &(0x7f0000000080)={0x1, 0xaa, 0x9, 0x1, 0x10000005, "e7227115127a1e8f00"})
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)

2.543748683s ago: executing program 2 (id=582):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x9)
r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8340, 0x0)
ioctl$auto(r0, 0x5403, 0x3)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_hpet_fops_hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x2100, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'caif0\x00', <r2=>0x0})
socket(0xa, 0x3, 0x3a)
setsockopt$auto(0x400000000000003, 0x29, 0xc8, 0x0, 0x567)
r3 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_FLOW_CMD_GET(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x2c, r3, 0x400, 0x70bd2c, 0x25dfdbfb, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_KEY={0x10, 0x1, 0x0, 0x1, [@nested={0xc, 0x10, 0x0, 0x1, [@nested={0x5, 0x8, 0x0, 0x1, [@generic="1a"]}]}]}, @OVS_FLOW_ATTR_PROBE={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24040071}, 0x800)
connect$auto(r1, &(0x7f0000000080)=@xdp={0x2c, 0x8, r2, 0x13}, 0x3)
socket(0x15, 0x5, 0x4)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r5 = socket(0x2a, 0x2, 0x1)
r6 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000280)='/dev/sg0\x00', 0x418000, 0x0)
getitimer$auto(0x2, &(0x7f0000000040)={{0x8, 0x8001}, {0x0, 0x5}})
ioctl$auto_SCSI_IOCTL_TEST_UNIT_READY(r6, 0x2, &(0x7f00000002c0)="a3ed6f6f68d0c6c50a5921fd30c0b1cb4b65ce2686bb4643fa0b8441b754d8b0de895b6c72af8de1d04b9a139ae0b7cda50f529086d05128e263d381abbd39dec8432e216e901d2baa9372b416c7d0b10d979cd5e5e3b604f974999cb41bd6812310a9075b20953e0b09fd660aa22a7d208618340957ae8a334456ee5a96a2f7ad8e1286cb610f1c6d2e1f4d")
connect$auto(r5, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0xfffffffe}, 0x55)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
close_range$auto(0x2, 0xa, 0x0)
r7 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000008040), 0x2, 0x0)
ioctl$auto_I2C_SMBUS(r7, 0x720, 0x0)
socket(0xa, 0x3, 0x3a)
sendmsg$auto_NL80211_CMD_GET_MPATH(r5, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x78, 0x0, 0x4, 0x70bd28, 0x25dfdbfc, {}, [@NL80211_ATTR_IE_ASSOC_RESP={0x61, 0x80, "810c58b0623ddb6084d748231f1ea07507dfb2a1aafbf57fd31b2cfa1cd328c962ae7c2cce9f91eb529be65fe5d65c09abf2aca6a88d933a605f56b2cd79563212b8be962b5989bac23c721c35321a6c66b638778b43922b4a9ddb38de"}]}, 0x78}, 0x1, 0x0, 0x0, 0x800}, 0x20000000)
setsockopt$auto(0x400000000000003, 0x29, 0xca, 0x0, 0x566)

1.70216469s ago: executing program 2 (id=583):
select$auto(0x9, &(0x7f00000001c0)={[0x4, 0x7ff, 0x6, 0x5, 0x227ddfde, 0x3, 0x2, 0x3, 0x1, 0x6546, 0xd, 0x4, 0x4, 0x8001, 0x3, 0x8000]}, &(0x7f0000000240)={[0x1, 0x70e68720, 0xffff, 0x9a5, 0x6, 0x9, 0x6, 0x2510a364, 0x800, 0x3, 0x3, 0x3ff, 0x6, 0x600000000, 0x8, 0x6]}, &(0x7f0000000440)={[0x2, 0x8001, 0x4, 0x100000000000000, 0x5b5, 0x9, 0x7fff, 0x100, 0x401, 0xc000000000, 0xfffffffffffffffd, 0x3, 0x101, 0xf8, 0x8, 0xb76]}, &(0x7f00000003c0)={0x0, 0x3ce})
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x23, 0x0, 0x8)
socket(0x2, 0x6, 0x106)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/scsi/drivers_autoprobe\x00', 0x141000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000500)=""/4096, 0x1000)
socket(0x21, 0x2, 0x0)
prctl$auto(0x41, 0x3, 0x0, 0xfffffffffffffffc, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x28, 0x801, 0x0)
socket(0x10, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@llc={0x1a, 0x100, 0x6, 0x92, 0x8, 0x9, @random="b8c8bb06799e"}, 0x5)
socket(0xf, 0x3, 0x2)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = open(&(0x7f0000000100)='./bus\x00', 0x14d27e, 0x72)
socket(0x2, 0x1, 0x0)
r3 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/bonding/bond0\x00', 0x18b000, 0x0)
pread64$auto(r3, &(0x7f0000000000)='/proc-NesH\x1fk\xdd\x00\x00\x00\x00\x88\x00\x00\x00\x00\x00:\x19\xf4\xe2\xb7:\x81\xf8\xedl\x9d\x9a\'\xf8D,\xc0x\x1d\xf5JE\xcd7\xc3^\xbc2\xc7\xbf\xe5\x7f\xb93 \xcd${!\x9a`\x96\x86\x96D|\xf0H\x8c\x05:\xae\xa6\x88x@\x97E\x92f\xe3h\x05\x0f9\x9e\v\t\x18\x8b\xec\xd7\xe8<cd+o\xcf\x00\x95\xd5f\xfb\x14\xd4\x96\xe9?|\xc6\xb9\x95q\xe0\x1eMC\x88l\xc6\"\xa6\xdc#\x9b\x96U\x0e\xbb\xa0\xa4\x06\x00\x00\x00\x00\x00\x00\x00\x0e\xbb\xd0(\x9b`O\x06T\xa2\xd8&U?\xc9', 0x8100000041, 0x101)
select$auto(0x6, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x3, 0xfff, 0x1, 0x948b, 0x3, 0x95f4da2d, 0xc, 0x6, 0x62, 0x7, 0x7, 0x6d3f, 0xa, 0x4, 0x5]}, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
mmap$auto(0x4, 0x400008, 0x3, 0x9b72, r2, 0x8000)
r4 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000140), 0x60a41, 0x0)
ioctl$auto_RTC_WKALM_RD(r4, 0x80287010, &(0x7f0000000180)={0x1, 0xee, {0x9c, 0x1000, 0x7ff, 0x7, 0x7, 0x81, 0xfffffffa, 0x1, 0x2}})
mprotect$auto(0x110c238000, 0x1, 0x3)
syz_clone3(&(0x7f0000000340)={0x305000, &(0x7f00000000c0), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000100)={[0x1ff, 0x6, 0x1, 0xfffffffffffffff7, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000021, 0x7, 0x6d3e, 0x7fff, 0x2, 0x6]}, 0x0)
write$auto_def_blk_fops_fs(r2, &(0x7f0000000040)="48fb24e2d443b0f82daf8f0bcb3766a46b486a41c93e483bce4ae43c0296de3b4febeece8096d66b58b766fde455d9807f20e06776015aa45ce329aaca07aac57781c4b91b1bf07ee6eeebf6", 0x4c)
write$auto(0x3, 0x0, 0x100082)
close_range$auto(0x2, 0x8, 0x0)

1.433095228s ago: executing program 5 (id=584):
select$auto(0x5, 0x0, 0x0, 0x0, 0x0)
setfsgid$auto(0x9) (async)
mmap$auto(0x0, 0x8, 0xdf, 0x9b76, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket(0x10, 0x3, 0x6) (async)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030004020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a0001"], 0x68}, 0x1, 0x0, 0x0, 0x4044080}, 0x40090) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) (async)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async)
setresgid$auto(0xffffffffffffffff, 0x0, 0x7fffffffffffffff)

700.123807ms ago: executing program 1 (id=585):
mmap$auto(0xfffffffffffffffd, 0x8, 0x2, 0x9b72, 0x5, 0x0)
socket(0xa, 0x801, 0x106)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/block/ram12/discard_alignment\x00', 0x8000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000080)=""/150, 0x96)
listen$auto(0x3, 0x83)
setsockopt$auto(0x3, 0x1, 0x31, 0x0, 0x9)
ioctl$auto_ECCGETLAYOUT(0xffffffffffffffff, 0x81484d11, &(0x7f0000000280)={0x0, [0xf, 0x3, 0x7ff, 0x9d, 0x2, 0x4, 0x4, 0x2, 0x4, 0x2, 0x9, 0x6, 0xffffff6f, 0x4, 0xc, 0x74, 0x2, 0xea5, 0x1, 0x4, 0x10001, 0x5, 0xfffffff0, 0x8000, 0x10, 0x80000000, 0x7, 0x0, 0x4, 0x10000, 0x5, 0x1, 0x200, 0x200, 0x10001, 0x5, 0x4, 0x8, 0x5, 0x6, 0x4, 0x0, 0x3ff, 0x5, 0x0, 0x10, 0x7, 0x8, 0x100, 0x5, 0xd, 0x6, 0x4, 0x7fffffff, 0x6, 0x6, 0x9f, 0x81, 0xffffffff, 0xced1, 0x1, 0x4, 0x0, 0x4c2a], 0x1913, [{0x80, 0x4}, {0x1, 0x5}, {0x5, 0x4}, {0xd6ed, 0x8}, {0x0, 0x3b81}, {0x5, 0x9}, {0x7, 0x7c}, {0x6, 0x3}]})
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
r1 = fanotify_init$auto(0x200, 0x1)
r2 = open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x84)
fanotify_mark$auto(0x0, 0x31, 0x9, r2, 0x0)
ioctl$auto_USB_RAW_IOCTL_EP_WRITE(r1, 0x40085507, &(0x7f0000000180)={0x4, 0x1, 0x4, "5e6dd71fc609cf442687bc9408b03ea4bf74f1701f83b21b2b3416216f0f99db7d67dba89a3ac318bb5f8178169a0bf9e3876bc8db961057606937a48129b7ce9cf97bb3af5698584759a3f3b350936a96d0b9ce1fc6b6c620a3fb828de7b7338c7be525dcaa8c24b40337e40557db96ac6ef69268d5d55f78691f8de688b03c89bbb40dd3b0d513b129180f624dfe4aa418f18acb6acedab0e124495860a4fd78df34a260061a80e9d4472f4af5f3cf97eb4a96c9752c1afb15a787874a125311ddc88a1ac2831ea1dbebeef8b4b56bb0414dacbee7f3c10d2c"})
bpf$auto(0x0, &(0x7f0000000000)=@task_fd_query={0x7, 0x4, 0x200, 0x39, 0x8, 0xf, 0x1, 0x0, 0x2}, 0x6f4)
open(&(0x7f0000000100)='.\x00', 0x591002, 0x408)

694.649925ms ago: executing program 4 (id=586):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000003b40)={'xfrm0\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r3, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000300), r3)
read$auto(r3, &(0x7f0000000040)='nl80211\x00', 0xbe62)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf250300000008000300000200000600070000800000080002", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a000500000000000000000008000200", @ANYRES32], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYRES16=r2], 0x1ac}}, 0x40001)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

364.27104ms ago: executing program 5 (id=587):
r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080))
fchdir$auto(r0)
rename$auto(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='./file0\x00')

322.035911ms ago: executing program 2 (id=588):
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x55)

294.901482ms ago: executing program 1 (id=589):
mmap$auto(0x0, 0x400008, 0xdf, 0xf1, 0x2, 0x8000)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x8001, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb5, 0x401, 0x300000000000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001040)='/sys/devices/virtual/block/ram7/queue/chunk_sectors\x00', 0x80800, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000180)=""/187, 0xbb)
syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000440), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(r0, 0x0, 0x810)
prctl$auto(0x16, 0x2, 0x2, 0x4000000d, 0x100)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/adsp1\x00', 0x1, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
r3 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0)
r4 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB=']'], 0x1ac}}, 0x40000)
recvmmsg$auto(r4, &(0x7f0000000140)={{0x0, 0x1, &(0x7f0000000080)={0x0, 0x400}, 0x5, 0x0, 0x200002, 0x5}, 0x803}, 0xfffffff9, 0x10, 0x0)
write$auto_proc_clear_refs_operations_internal(r3, 0x0, 0xffffff4b)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x2, 0x2)
ioctl$auto_SNDCTL_DSP_GETODELAY(r2, 0x80045017, 0x0)
io_uring_setup$auto(0x6, 0x0)
openat$auto_split_huge_pages_fops_huge_memory(0xffffffffffffff9c, 0x0, 0x800, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x40000008000)

278.949065ms ago: executing program 4 (id=590):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x4, 0x8000)
kexec_load$auto(0x5, 0x1, &(0x7f0000000180)={@buf=&(0x7f0000000200), 0x2aa7, 0x6c0000c000, 0xc000}, 0x4)
close_range$auto(0x2, 0x8, 0x0)
r0 = socketpair$auto(0x402, 0x0, 0x1, 0x0)
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001)
mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0xf, 0x0)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000200)='}[,&*}/file0\x00', &(0x7f0000000080)={0x220000, 0x0, 0x11}, 0x18)
open(0x0, 0x163340, 0x2a)
r1 = socket(0x2a, 0x2, 0x1)
connect$auto(r1, &(0x7f0000000140)=@qipcrtr={0x2a, 0x1}, 0x57)
getsockopt$auto(0x3, 0x200000000001, 0x1c, 0x0, 0x0)
setsockopt$auto_SO_RCVLOWAT(r0, 0x3, 0x12, &(0x7f0000000000)='@\x00', 0xc)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x800000)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
r2 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0)
write$auto(r2, 0x0, 0xe)
prctl$auto(0x41, 0x3, 0x0, 0x0, 0x0)
clone$auto(0x7, 0x7fffffffffffffff, 0xffffffffffffffff, 0x0, 0x1)

152.643688ms ago: executing program 5 (id=591):
capset$auto(0x0, 0x0)
mmap$auto(0x3, 0x20009, 0x11000, 0xeb1, 0x401, 0x8000)
select$auto(0x0, &(0x7f0000000040)={[0x9, 0x4, 0x34, 0x9, 0x0, 0x1, 0xa, 0x6, 0x5, 0x1, 0x0, 0xcf, 0x5, 0x213, 0x5, 0xb98]}, 0x0, 0x0, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/all/addr_gen_mode\x00', 0xa0202, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
ioctl$auto(r0, 0x4b67, 0x1)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$auto(0x3, 0x541b, 0x38)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r1 = socketpair$auto(0x13fffffd, 0x2, 0xfffffffe, 0x0)
sendmmsg$auto(0xffffffffffffffff, &(0x7f00000001c0)={{0x0, 0x7, 0x0, 0x6, 0x0, 0x85, 0x1001}, 0x5}, 0x2, 0x100)
r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/keys\x00', 0x1c9802, 0x0)
pread64$auto(r2, &(0x7f0000000040)='/proc/scsi/sg/devices\x00', 0x100000001, 0x100)
bpf$auto(0xf7fff011, &(0x7f0000000000)=@test={0xffffffffffffffff, 0x4, 0xfaae, 0x468, 0x9, 0x2, 0x8, 0x3, 0x4, 0x1ff, 0x5, 0xb5, 0x4, 0x806, 0xd9ee}, 0xa3)
writev$auto(r1, &(0x7f0000000240)={&(0x7f0000000800)="2e8a1bf244530b53e2b0f52deb86f376132ce328ef2001eee1c84e4a818b42a97959529ec39fb41da4985825e61761284a67d96b428d34d67ece101bcaacffa5f128f8d7a036ad8effc1f7bcf204df4babc244abf1fbcede6b90c4b039ad9184f292a62d80b8f132530d27a6621584e7ee6503fab452ea5e45d64943713bfba387b0ec84945cee994abfab032a864fef5ab6eeba793e1ed98bb4599b9f751065c597753ecdb41024a5c62ae7daad6392930200e8bd175443538e29e2f263df2dcceb7fb273babbaa268887093dc3d119a48245d033ec41a49307008d3b9e6b0647f1600757a1702cb8fc365ecfde4f581c1effa860c94919650c250422fe7d5aaa9097ce2afe208faa13dd008f90359ff8ed70e208d53002e34ae64b9baf1fd0a6cb1d66888aa9729848160b0f864a389216e5874978f6ec2ebd5dd8ce197894a5fafffd5d61db4f8214b2d08994ac02736128415b96a591c5bc1e3af59dbc29b09493aa5d38715e8e89ac348c0d1d0bc0101ef7196af90f1c787732c135296c7e077ff03d77115afff95fbd51db0ff950686f35d23074bf12100f3ea2ae9903f99b2742b7942915775f988a50633f1366317b30c7610f874bea36e5204e3c803a089e3a78101f562618006bd2e6fc52c22f60ca8ad26ecafe6c6ddd735c4751775aafe71b9dd3a1a9aacfab890401000000b7aae1eb8208ba999f920bcdff9ab78f8501e050ac764540d69789bc63db166037801b8a99bbd86a2798afe2082d854380443b66be4fa708c81c7162cfbf28e9784ccfa9c7c691a97250504a2156733d229ee39d5baa2edd24a935cf9d92c4d9714f3d10749bb5860c38a2821598e42bc662b3b287813602339620f3cbe4f9fa4fa2b156ac789b09fdeed7a1536196e8963e84db0b347fbe53e590bb4b03dee7c81c86e866d3ab5a7928545af3626df66af8080396cdc2a51ba889d88f139febc2ba741c14188fc679ac3ba9b9becb096e348acb733b1c766528ee280f9084672ca2d626d9472e9c186aafb18a5f99ff83c76111b686ad269e8e9fe758a1037197dc0a9871fc0262fd99f88b8ae43ed81a818c1110e163736ac3eac93ea152fa889133057f0f4270d4a74534d1", 0x7}, 0xfffffffffffffffa)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth0/accept_ra_pinfo\x00', 0x2000, 0x0)
read$auto(r3, 0x0, 0x1ff)
write$auto(0x3, 0x0, 0xfdef)

0s ago: executing program 2 (id=592):
mmap$auto(0x0, 0x400008, 0xdf, 0xf1, 0x2, 0x8000)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x8001, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb5, 0x401, 0x300000000000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001040)='/sys/devices/virtual/block/ram7/queue/chunk_sectors\x00', 0x80800, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000180)=""/187, 0xbb)
syz_genetlink_get_family_id$auto_netdev(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(r0, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={0x0}, 0x1, 0x0, 0x0, 0x4000}, 0x810)
prctl$auto(0x16, 0x2, 0x2, 0x4000000d, 0x100)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/adsp1\x00', 0x1, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
r3 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0)
r4 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB=']'], 0x1ac}}, 0x40000)
recvmmsg$auto(r4, &(0x7f0000000140)={{0x0, 0x1, &(0x7f0000000080)={0x0, 0x400}, 0x5, 0x0, 0x200002, 0x5}, 0x803}, 0xfffffff9, 0x10, 0x0)
write$auto_proc_clear_refs_operations_internal(r3, 0x0, 0xffffff4b)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x2, 0x2)
ioctl$auto_SNDCTL_DSP_GETODELAY(r2, 0x80045017, 0x0)
io_uring_setup$auto(0x6, 0x0)
openat$auto_split_huge_pages_fops_huge_memory(0xffffffffffffff9c, 0x0, 0x800, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x40000008000)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.47' (ED25519) to the list of known hosts.
[  100.619636][ T5826] cgroup: Unknown subsys name 'net'
[  100.745671][ T5826] cgroup: Unknown subsys name 'cpuset'
[  100.755407][ T5826] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[  102.193503][   T24] cfg80211: failed to load regulatory.db
[  102.642403][ T5826] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  104.970194][ T5846] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  104.973317][ T5849] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  104.978953][ T5846] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  104.987479][ T5849] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  105.000187][ T5849] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  105.008263][ T5849] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  105.016252][ T5846] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  105.017354][ T5849] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  105.032436][ T5846] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  105.032614][ T5849] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  105.048155][ T5849] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  105.055619][ T5849] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  105.064495][ T5849] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  105.070600][ T5852] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  105.081889][ T5852] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  105.088846][ T5849] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  105.090636][ T5852] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  105.105334][ T5844] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  105.114737][ T5159] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  105.123036][ T5159] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  105.756013][ T5839] chnl_net:caif_netlink_parms(): no params data found
[  105.917667][ T5843] chnl_net:caif_netlink_parms(): no params data found
[  105.990603][ T5845] chnl_net:caif_netlink_parms(): no params data found
[  106.003538][ T5840] chnl_net:caif_netlink_parms(): no params data found
[  106.069289][ T5839] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.077302][ T5839] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.085391][ T5839] bridge_slave_0: entered allmulticast mode
[  106.093034][ T5839] bridge_slave_0: entered promiscuous mode
[  106.103455][ T5839] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.110642][ T5839] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.118243][ T5839] bridge_slave_1: entered allmulticast mode
[  106.126054][ T5839] bridge_slave_1: entered promiscuous mode
[  106.257242][ T5839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  106.287581][ T5843] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.295116][ T5843] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.303418][ T5843] bridge_slave_0: entered allmulticast mode
[  106.310808][ T5843] bridge_slave_0: entered promiscuous mode
[  106.322273][ T5839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  106.369153][ T5843] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.376509][ T5843] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.384011][ T5843] bridge_slave_1: entered allmulticast mode
[  106.392136][ T5843] bridge_slave_1: entered promiscuous mode
[  106.414106][ T5845] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.423773][ T5845] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.431161][ T5845] bridge_slave_0: entered allmulticast mode
[  106.438556][ T5845] bridge_slave_0: entered promiscuous mode
[  106.490550][ T5845] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.500391][ T5845] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.507945][ T5845] bridge_slave_1: entered allmulticast mode
[  106.517385][ T5845] bridge_slave_1: entered promiscuous mode
[  106.557841][ T5839] team0: Port device team_slave_0 added
[  106.579829][ T5840] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.587947][ T5840] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.595931][ T5840] bridge_slave_0: entered allmulticast mode
[  106.603795][ T5840] bridge_slave_0: entered promiscuous mode
[  106.613041][ T5840] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.620278][ T5840] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.628201][ T5840] bridge_slave_1: entered allmulticast mode
[  106.635982][ T5840] bridge_slave_1: entered promiscuous mode
[  106.646072][ T5843] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  106.659427][ T5843] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  106.671792][ T5839] team0: Port device team_slave_1 added
[  106.758825][ T5845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  106.772694][ T5845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  106.815161][ T5843] team0: Port device team_slave_0 added
[  106.823199][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_0
[  106.830208][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  106.856511][ T5839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  106.899605][ T5840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  106.919137][ T5843] team0: Port device team_slave_1 added
[  106.926115][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_1
[  106.933274][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  106.959430][ T5839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  106.973925][ T5845] team0: Port device team_slave_0 added
[  106.984347][ T5840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  107.032632][ T5845] team0: Port device team_slave_1 added
[  107.039661][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_0
[  107.047019][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  107.073364][ T5843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  107.117831][ T5840] team0: Port device team_slave_0 added
[  107.141435][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_1
[  107.148432][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  107.175126][ T5159] Bluetooth: hci1: command tx timeout
[  107.176784][ T5851] Bluetooth: hci2: command tx timeout
[  107.181234][ T5843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  107.187466][ T5159] Bluetooth: hci0: command tx timeout
[  107.215989][ T5840] team0: Port device team_slave_1 added
[  107.231771][ T5159] Bluetooth: hci3: command tx timeout
[  107.289451][ T5839] hsr_slave_0: entered promiscuous mode
[  107.296707][ T5839] hsr_slave_1: entered promiscuous mode
[  107.319108][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0
[  107.326366][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  107.352955][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  107.388420][ T5843] hsr_slave_0: entered promiscuous mode
[  107.395221][ T5843] hsr_slave_1: entered promiscuous mode
[  107.402086][ T5843] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  107.409928][ T5843] Cannot create hsr debugfs directory
[  107.429577][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1
[  107.436760][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  107.462952][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  107.497937][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_0
[  107.505249][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  107.531463][ T5840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  107.551306][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_1
[  107.558404][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  107.585158][ T5840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  107.727697][ T5845] hsr_slave_0: entered promiscuous mode
[  107.734760][ T5845] hsr_slave_1: entered promiscuous mode
[  107.741133][ T5845] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  107.748775][ T5845] Cannot create hsr debugfs directory
[  107.829726][ T5840] hsr_slave_0: entered promiscuous mode
[  107.836411][ T5840] hsr_slave_1: entered promiscuous mode
[  107.843609][ T5840] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  107.851300][ T5840] Cannot create hsr debugfs directory
[  108.249699][ T5839] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  108.270848][ T5839] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  108.285691][ T5839] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  108.307752][ T5839] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  108.404321][ T5843] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  108.416566][ T5843] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  108.428102][ T5843] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  108.463797][ T5843] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  108.552982][ T5840] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  108.566096][ T5840] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  108.597870][ T5840] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  108.637226][ T5840] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  108.658630][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0
[  108.710721][ T5845] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  108.735629][ T5845] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  108.747026][ T5845] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  108.758172][ T5845] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  108.801320][ T5839] 8021q: adding VLAN 0 to HW filter on device team0
[  108.844085][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.851498][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[  108.862315][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.869499][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[  108.977779][ T5843] 8021q: adding VLAN 0 to HW filter on device bond0
[  109.042348][ T5843] 8021q: adding VLAN 0 to HW filter on device team0
[  109.060069][ T2948] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.067312][ T2948] bridge0: port 1(bridge_slave_0) entered forwarding state
[  109.096684][ T2948] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.103914][ T2948] bridge0: port 2(bridge_slave_1) entered forwarding state
[  109.209033][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0
[  109.232037][ T5159] Bluetooth: hci0: command tx timeout
[  109.237719][ T5851] Bluetooth: hci2: command tx timeout
[  109.238657][ T5844] Bluetooth: hci1: command tx timeout
[  109.285110][ T5840] 8021q: adding VLAN 0 to HW filter on device bond0
[  109.311437][ T5844] Bluetooth: hci3: command tx timeout
[  109.337781][ T5845] 8021q: adding VLAN 0 to HW filter on device team0
[  109.368117][ T5840] 8021q: adding VLAN 0 to HW filter on device team0
[  109.397815][ T2948] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.405270][ T2948] bridge0: port 1(bridge_slave_0) entered forwarding state
[  109.426170][ T2948] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.433445][ T2948] bridge0: port 2(bridge_slave_1) entered forwarding state
[  109.464764][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.472077][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[  109.529736][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.537303][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[  109.639460][ T5845] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  109.749057][ T5840] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  109.806830][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0
[  109.885361][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0
[  110.017578][ T5839] veth0_vlan: entered promiscuous mode
[  110.080705][ T5839] veth1_vlan: entered promiscuous mode
[  110.094501][ T5843] veth0_vlan: entered promiscuous mode
[  110.145241][ T5843] veth1_vlan: entered promiscuous mode
[  110.205695][ T5839] veth0_macvtap: entered promiscuous mode
[  110.250401][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0
[  110.259998][ T5839] veth1_macvtap: entered promiscuous mode
[  110.274289][ T5843] veth0_macvtap: entered promiscuous mode
[  110.294764][ T5843] veth1_macvtap: entered promiscuous mode
[  110.330519][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0
[  110.348403][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0
[  110.370214][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1
[  110.388510][ T5843] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  110.397973][ T5843] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  110.407047][ T5843] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  110.416207][ T5843] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  110.440394][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1
[  110.466421][ T5839] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  110.476957][ T5839] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  110.486182][ T5839] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  110.495449][ T5839] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  110.538490][ T5840] 8021q: adding VLAN 0 to HW filter on device batadv0
[  110.577867][ T5845] veth0_vlan: entered promiscuous mode
[  110.640203][ T5845] veth1_vlan: entered promiscuous mode
[  110.746909][ T2972] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  110.767566][ T2972] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  110.806316][ T5840] veth0_vlan: entered promiscuous mode
[  110.855830][ T5845] veth0_macvtap: entered promiscuous mode
[  110.863225][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  110.874891][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  110.883041][ T4569] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  110.885233][ T5845] veth1_macvtap: entered promiscuous mode
[  110.898509][ T4569] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  110.946339][ T5840] veth1_vlan: entered promiscuous mode
[  110.994631][ T5843] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  111.023206][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0
[  111.047042][ T2948] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.057141][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1
[  111.065464][ T2948] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.121387][ T5845] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  111.142745][ T5845] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  111.152912][ T5845] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  111.162307][ T5845] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  111.213782][ T5840] veth0_macvtap: entered promiscuous mode
[  111.294489][ T5840] veth1_macvtap: entered promiscuous mode
[  111.311161][ T5844] Bluetooth: hci2: command tx timeout
[  111.313461][ T5851] Bluetooth: hci1: command tx timeout
[  111.317557][ T5844] Bluetooth: hci0: command tx timeout
[  111.391144][ T5844] Bluetooth: hci3: command tx timeout
[  111.449661][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0
[  111.519414][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1
[  111.582132][ T5840] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  111.610940][ T5840] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  111.619747][ T5840] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  111.637694][ T5840] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  111.801354][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  111.809428][ T2948] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.861375][ T2948] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  112.136527][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  112.164454][ T2972] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  112.280018][ T2972] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  112.321266][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  112.329170][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  112.658571][ T2972] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  112.678168][ T2972] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  112.791696][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  112.800189][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  112.809002][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  112.931109][ T5953] Zero length message leads to an empty skb
[  113.185811][ T5946] ip_vti0: entered allmulticast mode
[  113.391832][ T5844] Bluetooth: hci1: command tx timeout
[  113.397330][ T5844] Bluetooth: hci2: command tx timeout
[  113.403751][ T5851] Bluetooth: hci0: command tx timeout
[  113.472290][ T5844] Bluetooth: hci3: command tx timeout
[  113.980307][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  114.287374][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  114.581904][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  114.751662][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  114.871705][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  118.865472][ T6017] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  118.961083][   T30] audit: type=1806 audit(1749519652.198:2): xattr=04 res=-22
[  122.365306][ T6057] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  123.304718][ T6060] ip_vti0: entered allmulticast mode
[  126.316950][ T5844] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18
[  127.192559][ T6117] netlink: 28 bytes leftover after parsing attributes in process `syz.1.34'.
[  127.337996][ T6117] ipvlan0: entered allmulticast mode
[  127.359082][ T6117] veth0_vlan: entered allmulticast mode
[  127.450536][ T6121] netlink: set zone limit has 8 unknown bytes
[  128.210264][ T6126] can: request_module (can-proto-3) failed.
[  130.704383][ T6143] netlink: 'syz.0.37': attribute type 11 has an invalid length.
[  130.943219][ T6148] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  131.126583][ T6152] random: crng reseeded on system resumption
[  136.678531][ T5992] syz.0.8 (5992) used greatest stack depth: 20344 bytes left
[  138.033247][ T5159] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18
[  138.040770][ T5159] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection
[  138.231423][ T5996] syz.0.8 (5996) used greatest stack depth: 19624 bytes left
[  138.543139][ T5851] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  138.893513][ T5851] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[  141.126531][ T6248] netlink: 28 bytes leftover after parsing attributes in process `syz.0.56'.
[  141.159410][ T6248] ipvlan0: entered allmulticast mode
[  141.165818][ T6248] veth0_vlan: entered allmulticast mode
[  141.286929][ T6248] netlink: set zone limit has 8 unknown bytes
[  141.528511][ T6254] netlink: 28 bytes leftover after parsing attributes in process `syz.2.59'.
[  141.678682][ T6254] netlink: set zone limit has 8 unknown bytes
[  142.281435][ T5851] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  143.159265][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[  143.169239][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  144.572565][ T5851] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  144.581074][ T5851] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  148.184113][ T6345] input: jJǸí¸ü;9ã%vø“û¨l�ÐQ 	J86Ö‘ as /devices/virtual/input/input6
[  149.391813][ T5159] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  149.399589][ T5159] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[  149.422981][ T6357] mmap: syz.1.78 (6357) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  151.275437][ T5851] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  151.282978][ T5851] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[  151.361325][ T5851] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[  151.368816][ T5851] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection
[  152.813175][ T6389] netlink: 28 bytes leftover after parsing attributes in process `syz.3.83'.
[  153.137686][ T6389] netlink: set zone limit has 8 unknown bytes
[  154.771550][ T6405] netlink: 28 bytes leftover after parsing attributes in process `syz.1.87'.
[  154.975717][ T6405] netlink: set zone limit has 8 unknown bytes
[  158.711403][ T5159] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[  158.718911][ T5159] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection
[  158.852082][ T5159] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  158.859575][ T5159] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[  158.912752][ T5159] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  158.920235][ T5159] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  165.388080][ T5159] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  165.397484][ T5159] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[  171.983090][ T6583] netlink: 'syz.2.127': attribute type 11 has an invalid length.
[  172.056261][ T6585] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  172.285261][ T6589] random: crng reseeded on system resumption
[  176.597565][ T6633] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  179.590589][ T6664] netlink: 194 bytes leftover after parsing attributes in process `syz.1.141'.
[  179.948445][ T6675] netlink: 194 bytes leftover after parsing attributes in process `syz.0.152'.
[  180.473522][ T6684] can: request_module (can-proto-0) failed.
[  180.733020][ T5849] Bluetooth: hci1: Received unexpected HCI Event 0x00
[  181.336351][ T6695] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  181.343515][ T6695] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  181.960600][ T6712] netlink: 194 bytes leftover after parsing attributes in process `syz.2.155'.
[  182.682228][ T5849] Bluetooth: hci0: Malformed LE Event: 0x1d
[  185.087634][ T5849] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18
[  185.140757][   T30] audit: type=1800 audit(1749519726.377:3): pid=6761 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.166" name="dbroot" dev="configfs" ino=10074 res=0 errno=0
[  185.556261][ T5852] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  185.575543][ T5852] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  185.583637][ T5852] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  185.592555][ T5852] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  185.600463][ T5852] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  186.148088][ T6769] chnl_net:caif_netlink_parms(): no params data found
[  186.902994][ T6769] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.918030][ T6769] bridge0: port 1(bridge_slave_0) entered disabled state
[  186.951382][ T6769] bridge_slave_0: entered allmulticast mode
[  186.967357][ T6769] bridge_slave_0: entered promiscuous mode
[  187.026659][ T6769] bridge0: port 2(bridge_slave_1) entered blocking state
[  187.072086][ T6769] bridge0: port 2(bridge_slave_1) entered disabled state
[  187.079511][ T6769] bridge_slave_1: entered allmulticast mode
[  187.104528][ T6769] bridge_slave_1: entered promiscuous mode
[  187.142361][ T6801] kAFS: unparsable volume name
[  187.424653][ T6769] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  187.453426][ T6769] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  187.640991][ T5852] Bluetooth: hci4: command tx timeout
[  187.813188][ T6808] netlink: 'syz.0.174': attribute type 16 has an invalid length.
[  187.850963][ T6808] netlink: 326 bytes leftover after parsing attributes in process `syz.0.174'.
[  187.868460][ T6769] team0: Port device team_slave_0 added
[  188.037050][ T6808] veth1_macvtap: left promiscuous mode
[  188.172661][ T6769] team0: Port device team_slave_1 added
[  188.342708][ T6810] kAFS: No cell specified
[  188.532500][ T6817] Setting dangerous option i915.mitigations - tainting kernel
[  188.567532][ T6769] batman_adv: batadv0: Adding interface: batadv_slave_0
[  188.587585][ T6769] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  188.663891][ T6769] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  188.688509][ T6820] can: request_module (can-proto-4) failed.
[  188.773856][ T6769] batman_adv: batadv0: Adding interface: batadv_slave_1
[  188.783535][ T6820] process 'syz.1.178' launched './file0' with NULL argv: empty string added
[  188.800934][ T6769] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  188.848644][ T6825] capability: warning: `syz.0.179' uses 32-bit capabilities (legacy support in use)
[  188.863789][ T6769] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  189.214475][ T6769] hsr_slave_0: entered promiscuous mode
[  189.269970][ T6769] hsr_slave_1: entered promiscuous mode
[  189.402133][ T6769] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  189.409845][ T6769] Cannot create hsr debugfs directory
[  189.725899][ T5852] Bluetooth: hci4: command tx timeout
[  189.966377][ T6837] FAULT_INJECTION: forcing a failure.
[  189.966377][ T6837] name failslab, interval 1, probability 0, space 0, times 1
[  189.998556][ T6837] CPU: 0 UID: 0 PID: 6837 Comm: syz.0.180 Tainted: G     U              6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  189.998609][ T6837] Tainted: [U]=USER
[  189.998620][ T6837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  189.998645][ T6837] Call Trace:
[  189.998660][ T6837]  <TASK>
[  189.998678][ T6837]  dump_stack_lvl+0x16c/0x1f0
[  189.998745][ T6837]  should_fail_ex+0x512/0x640
[  189.998794][ T6837]  ? __kmalloc_noprof+0xbf/0x510
[  189.998847][ T6837]  ? __register_sysctl_table+0xb3/0x1900
[  189.998897][ T6837]  should_failslab+0xc2/0x120
[  189.998929][ T6837]  __kmalloc_noprof+0xd2/0x510
[  189.998987][ T6837]  __register_sysctl_table+0xb3/0x1900
[  189.999040][ T6837]  ? is_module_address+0x5f/0xf0
[  189.999092][ T6837]  ? __pfx___register_sysctl_table+0x10/0x10
[  189.999143][ T6837]  ? is_module_address+0x69/0xf0
[  189.999187][ T6837]  ? register_net_sysctl_sz+0x228/0x3e0
[  189.999234][ T6837]  neigh_sysctl_register+0x31f/0x670
[  189.999289][ T6837]  ? __pfx_neigh_proc_base_reachable_time+0x10/0x10
[  189.999343][ T6837]  ? __pfx_neigh_sysctl_register+0x10/0x10
[  189.999396][ T6837]  ? inetdev_init+0x245/0x5a0
[  189.999433][ T6837]  ? inetdev_event+0xc5f/0x18a0
[  189.999471][ T6837]  ? notifier_call_chain+0xbc/0x410
[  189.999518][ T6837]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.999565][ T6837]  devinet_sysctl_register+0xb6/0x200
[  189.999621][ T6837]  inetdev_init+0x2b8/0x5a0
[  189.999667][ T6837]  inetdev_event+0xc5f/0x18a0
[  189.999712][ T6837]  ? ib_netdevice_event+0xfc/0x330
[  189.999753][ T6837]  ? __pfx_inetdev_event+0x10/0x10
[  189.999797][ T6837]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  189.999856][ T6837]  notifier_call_chain+0xbc/0x410
[  189.999892][ T6837]  ? __pfx_inetdev_event+0x10/0x10
[  189.999944][ T6837]  call_netdevice_notifiers_info+0xbe/0x140
[  189.999988][ T6837]  register_netdevice+0x182e/0x2270
[  190.000030][ T6837]  ? idr_alloc+0xdd/0x130
[  190.000076][ T6837]  ? __pfx_register_netdevice+0x10/0x10
[  190.000125][ T6837]  ppp_dev_configure+0x99b/0xc80
[  190.000175][ T6837]  ppp_ioctl+0x17e0/0x2660
[  190.000219][ T6837]  ? find_held_lock+0x2b/0x80
[  190.000248][ T6837]  ? __pfx_ppp_ioctl+0x10/0x10
[  190.000297][ T6837]  ? __fget_files+0x20e/0x3c0
[  190.000359][ T6837]  ? __pfx_ppp_ioctl+0x10/0x10
[  190.000403][ T6837]  __x64_sys_ioctl+0x18e/0x210
[  190.000445][ T6837]  do_syscall_64+0xcd/0x490
[  190.000478][ T6837]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.000510][ T6837] RIP: 0033:0x7ff758d8e929
[  190.000549][ T6837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.000579][ T6837] RSP: 002b:00007ff759b70038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  190.000615][ T6837] RAX: ffffffffffffffda RBX: 00007ff758fb5fa0 RCX: 00007ff758d8e929
[  190.000635][ T6837] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000005
[  190.000653][ T6837] RBP: 00007ff758e10b39 R08: 0000000000000000 R09: 0000000000000000
[  190.000671][ T6837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  190.000689][ T6837] R13: 0000000000000000 R14: 00007ff758fb5fa0 R15: 00007fff1d36db38
[  190.000730][ T6837]  </TASK>
[  190.660080][ T6838] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  190.700973][ T6838] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  190.723811][ T6838] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  190.780754][ T6838] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  190.827468][ T6838] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  190.851363][ T6838] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  190.896497][ T6838] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  190.919561][ T6838] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  190.969814][ T6838] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  190.978396][ T6838] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  191.022216][ T6838] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  191.035995][ T6838] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  191.084254][ T6838] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  191.113602][ T6838] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  191.156990][ T6838] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  191.222370][ T6838] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  191.277370][ T6838] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  191.322247][ T6838] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  191.402224][ T6838] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  191.566103][ T6769] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  191.617715][ T6769] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  191.695176][ T6769] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  191.756532][ T6769] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  192.447286][ T6858] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  192.527488][ T6769] 8021q: adding VLAN 0 to HW filter on device bond0
[  192.674927][ T5852] Bluetooth: hci0: command 0x0c1a tx timeout
[  192.831404][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout
[  192.916400][ T6769] 8021q: adding VLAN 0 to HW filter on device team0
[  192.992586][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout
[  193.058664][ T1160] bridge0: port 1(bridge_slave_0) entered blocking state
[  193.065971][ T1160] bridge0: port 1(bridge_slave_0) entered forwarding state
[  193.151150][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout
[  193.183284][ T1160] bridge0: port 2(bridge_slave_1) entered blocking state
[  193.190552][ T1160] bridge0: port 2(bridge_slave_1) entered forwarding state
[  193.321067][ T5852] Bluetooth: hci4: command 0x0419 tx timeout
[  193.327072][ T6878] queue_state_write: unsupported operation ''
[  193.337560][ T6878] queue_state_write: use 'run', 'start' or 'kick'
[  193.452496][ T6769] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  193.551351][ T6769] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  193.568418][ T6880] FAULT_INJECTION: forcing a failure.
[  193.568418][ T6880] name fail_futex, interval 1, probability 0, space 0, times 1
[  193.643562][ T6880] CPU: 1 UID: 0 PID: 6880 Comm: syz.0.189 Tainted: G     U              6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  193.643603][ T6880] Tainted: [U]=USER
[  193.643610][ T6880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  193.643624][ T6880] Call Trace:
[  193.643632][ T6880]  <TASK>
[  193.643641][ T6880]  dump_stack_lvl+0x16c/0x1f0
[  193.643684][ T6880]  should_fail_ex+0x512/0x640
[  193.643726][ T6880]  get_futex_key+0x1d0/0x1540
[  193.643755][ T6880]  ? bpf_ksym_find+0x124/0x1c0
[  193.643779][ T6880]  ? __pfx_get_futex_key+0x10/0x10
[  193.643806][ T6880]  ? is_bpf_text_address+0x94/0x1a0
[  193.643840][ T6880]  ? kernel_text_address+0x8d/0x100
[  193.643877][ T6880]  ? __kernel_text_address+0xd/0x40
[  193.643918][ T6880]  futex_wait_setup+0x9d/0x550
[  193.643961][ T6880]  __futex_wait+0x194/0x2f0
[  193.643997][ T6880]  ? __pfx___futex_wait+0x10/0x10
[  193.644066][ T6880]  ? __pfx_futex_wake_mark+0x10/0x10
[  193.644209][ T6880]  futex_wait+0xe8/0x380
[  193.644247][ T6880]  ? __pfx_futex_wait+0x10/0x10
[  193.644299][ T6880]  do_futex+0x229/0x350
[  193.644335][ T6880]  ? __pfx_do_futex+0x10/0x10
[  193.644362][ T6880]  ? lockdep_hardirqs_on+0x7c/0x110
[  193.644409][ T6880]  __x64_sys_futex+0x1e0/0x4c0
[  193.644443][ T6880]  ? __pfx___x64_sys_futex+0x10/0x10
[  193.644474][ T6880]  ? do_execveat_common.isra.0+0x4c6/0x610
[  193.644518][ T6880]  do_syscall_64+0xcd/0x490
[  193.644543][ T6880]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.644569][ T6880] RIP: 0033:0x7ff758d8e929
[  193.644591][ T6880] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  193.644614][ T6880] RSP: 002b:00007ff759b700e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  193.644636][ T6880] RAX: ffffffffffffffda RBX: 00007ff758fb5fa8 RCX: 00007ff758d8e929
[  193.644652][ T6880] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007ff758fb5fa8
[  193.644667][ T6880] RBP: 00007ff758fb5fa0 R08: 0000000000000000 R09: 0000000000000000
[  193.644681][ T6880] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff758fb5fac
[  193.644696][ T6880] R13: 0000000000000000 R14: 00007fff1d36da50 R15: 00007fff1d36db38
[  193.644726][ T6880]  </TASK>
[  193.649140][ T6880] netlink: 342 bytes leftover after parsing attributes in process `syz.0.189'.
[  194.752074][ T5852] Bluetooth: hci0: command 0x0c1a tx timeout
[  194.912201][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout
[  194.980608][ T6769] 8021q: adding VLAN 0 to HW filter on device batadv0
[  195.079455][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout
[  195.231247][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout
[  195.391000][ T5852] Bluetooth: hci4: command 0x0419 tx timeout
[  196.831631][ T5852] Bluetooth: hci0: command 0x0c1a tx timeout
[  196.977471][ T6769] veth0_vlan: entered promiscuous mode
[  196.991375][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout
[  197.086161][ T6769] veth1_vlan: entered promiscuous mode
[  197.151007][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout
[  197.248189][ T6769] veth0_macvtap: entered promiscuous mode
[  197.312193][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout
[  197.318062][ T6769] veth1_macvtap: entered promiscuous mode
[  197.380108][ T6769] batman_adv: batadv0: Interface activated: batadv_slave_0
[  197.434530][ T6769] batman_adv: batadv0: Interface activated: batadv_slave_1
[  197.455496][ T6769] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  197.471448][ T5852] Bluetooth: hci4: command 0x0419 tx timeout
[  197.488334][ T6769] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  197.503568][ T6769] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  197.513859][ T6769] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  197.794799][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  197.829326][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  197.954633][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  197.979948][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  198.406277][ T6949] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  198.435143][ T6949] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  198.457919][ T6949] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  198.496128][ T6949] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  198.522621][ T6949] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  199.158868][ T6975] syz.2.205 uses obsolete (PF_INET,SOCK_PACKET)
[  200.351023][ T5852] Bluetooth: hci0: command 0x0c1a tx timeout
[  200.511885][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout
[  200.511909][ T5849] Bluetooth: hci2: command 0x0c1a tx timeout
[  200.511959][ T5849] Bluetooth: hci1: command 0x0c1a tx timeout
[  200.595277][ T5849] Bluetooth: hci4: command 0x0419 tx timeout
[  201.527934][ T7002] netlink: 32 bytes leftover after parsing attributes in process `syz.4.210'.
[  202.467284][ T7063] netlink: 25 bytes leftover after parsing attributes in process `syz.0.219'.
[  203.814458][ T7085] qrtr: Invalid version 0
[  203.857642][   T30] audit: type=1800 audit(1749519745.097:4): pid=7085 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.223" name="trace_pipe" dev="tracefs" ino=1224 res=0 errno=0
[  204.223041][ T7105] netlink: 222 bytes leftover after parsing attributes in process `syz.4.227'.
[  204.428472][ T7105] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[  204.502401][ T7105] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  204.532920][ T7105] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  204.599116][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[  204.608732][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  204.619577][ T7105] page_type: f5(slab)
[  204.629493][ T7105] raw: 00fff00000000040 ffff88801b442280 dead000000000122 0000000000000000
[  204.686947][ T7105] raw: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000
[  204.741513][ T7105] head: 00fff00000000040 ffff88801b442280 dead000000000122 0000000000000000
[  204.792991][ T7105] head: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000
[  204.810939][ T7105] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  204.819995][ T7105] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  204.841130][ T7105] page dumped because: unmovable page
[  204.874698][ T7105] page_owner tracks the page as allocated
[  204.931112][ T7105] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x528c0(GFP_NOWAIT|__GFP_IO|__GFP_FS|__GFP_NORETRY|__GFP_COMP), pid 5504, tgid 5504 (dhcpcd), ts 71291716828, free_ts 37771825279
[  205.009903][ T7105]  post_alloc_hook+0x1c0/0x230
[  205.017203][ T7105]  get_page_from_freelist+0x1321/0x3890
[  205.069669][ T7105]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  205.151892][ T7105]  alloc_pages_mpol+0x1fb/0x550
[  205.160918][ T7105]  new_slab+0x23b/0x330
[  205.168434][ T7105]  ___slab_alloc+0xd9c/0x1940
[  205.188724][ T7105]  __slab_alloc.constprop.0+0x56/0xb0
[  205.200937][ T7105]  __kvmalloc_node_noprof+0x3b1/0x620
[  205.222259][ T7105]  pfifo_fast_init+0x125/0x3b0
[  205.227698][ T7105]  qdisc_create_dflt+0x122/0x490
[  205.258318][ T7105]  mq_init+0x345/0x490
[  205.280955][ T7105]  qdisc_create_dflt+0x122/0x490
[  205.317942][ T7105]  dev_activate+0xaae/0x12d0
[  205.341242][ T7105]  __dev_open+0x43a/0x7d0
[  205.347610][ T7105]  __dev_change_flags+0x55d/0x720
[  205.368624][ T7105]  netif_change_flags+0x8d/0x160
[  205.387161][ T7105] page last free pid 1 tgid 1 stack trace:
[  205.406060][ T7105]  __free_frozen_pages+0x7fe/0x1180
[  205.429628][ T7105]  free_contig_range+0x183/0x4b0
[  205.455440][ T7105]  destroy_args+0x7f6/0xa60
[  205.464481][ T7105]  debug_vm_pgtable+0x13b8/0x2d00
[  205.469986][ T7105]  do_one_initcall+0x120/0x6e0
[  205.488390][ T7105]  kernel_init_freeable+0x5c2/0x900
[  205.499060][ T7105]  kernel_init+0x1c/0x2b0
[  205.505051][ T7105]  ret_from_fork+0x5d4/0x6f0
[  205.510126][ T7105]  ret_from_fork_asm+0x1a/0x30
[  206.657749][ T7147] netlink: 'syz.1.234': attribute type 16 has an invalid length.
[  206.671050][ T7147] netlink: 50 bytes leftover after parsing attributes in process `syz.1.234'.
[  207.456893][ T7156] Invalid ELF header magic: != ELF
[  208.300190][ T7178] netlink: 146 bytes leftover after parsing attributes in process `syz.4.242'.
[  208.321113][   T37] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.347784][ T7180] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size
[  208.719219][   T37] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.136335][   T37] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.457172][   T37] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.194223][ T7212] FAULT_INJECTION: forcing a failure.
[  210.194223][ T7212] name failslab, interval 1, probability 0, space 0, times 0
[  210.282343][ T7212] CPU: 1 UID: 0 PID: 7212 Comm: syz.0.248 Tainted: G     U              6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  210.282406][ T7212] Tainted: [U]=USER
[  210.282418][ T7212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  210.282438][ T7212] Call Trace:
[  210.282450][ T7212]  <TASK>
[  210.282463][ T7212]  dump_stack_lvl+0x16c/0x1f0
[  210.282529][ T7212]  should_fail_ex+0x512/0x640
[  210.282579][ T7212]  ? __kvmalloc_node_noprof+0x124/0x620
[  210.282632][ T7212]  should_failslab+0xc2/0x120
[  210.282667][ T7212]  __kvmalloc_node_noprof+0x137/0x620
[  210.282716][ T7212]  ? bucket_table_alloc.isra.0+0x83/0x460
[  210.282776][ T7212]  ? bucket_table_alloc.isra.0+0x83/0x460
[  210.282824][ T7212]  bucket_table_alloc.isra.0+0x83/0x460
[  210.282878][ T7212]  rhashtable_init_noprof+0x41a/0x7e0
[  210.282950][ T7212]  ? kasan_save_track+0x14/0x30
[  210.283006][ T7212]  fqdir_init+0xb4/0x1f0
[  210.283050][ T7212]  lowpan_frags_init_net+0x2d/0x3a0
[  210.283099][ T7212]  ? __pfx_lowpan_frags_init_net+0x10/0x10
[  210.283134][ T7212]  ops_init+0x1df/0x5f0
[  210.283174][ T7212]  setup_net+0x1ff/0x510
[  210.283206][ T7212]  ? lockdep_init_map_type+0x5c/0x280
[  210.283251][ T7212]  ? __pfx_setup_net+0x10/0x10
[  210.283289][ T7212]  ? debug_mutex_init+0x37/0x70
[  210.283437][ T7212]  copy_net_ns+0x2a6/0x5f0
[  210.283491][ T7212]  create_new_namespaces+0x3ea/0xa90
[  210.283534][ T7212]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  210.283570][ T7212]  ksys_unshare+0x45b/0xa40
[  210.283611][ T7212]  ? __pfx_ksys_unshare+0x10/0x10
[  210.283653][ T7212]  ? xfd_validate_state+0x61/0x180
[  210.283706][ T7212]  __x64_sys_unshare+0x31/0x40
[  210.283750][ T7212]  do_syscall_64+0xcd/0x490
[  210.283787][ T7212]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.283820][ T7212] RIP: 0033:0x7ff758d8e929
[  210.283848][ T7212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.283879][ T7212] RSP: 002b:00007ff759b70038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  210.283910][ T7212] RAX: ffffffffffffffda RBX: 00007ff758fb5fa0 RCX: 00007ff758d8e929
[  210.283943][ T7212] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  210.283961][ T7212] RBP: 00007ff758e10b39 R08: 0000000000000000 R09: 0000000000000000
[  210.283980][ T7212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  210.283998][ T7212] R13: 0000000000000000 R14: 00007ff758fb5fa0 R15: 00007fff1d36db38
[  210.284045][ T7212]  </TASK>
[  211.004031][   T37] bridge_slave_1: left allmulticast mode
[  211.031209][   T37] bridge_slave_1: left promiscuous mode
[  211.038362][   T37] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.172963][   T37] bridge_slave_0: left allmulticast mode
[  211.202861][   T37] bridge_slave_0: left promiscuous mode
[  211.209026][   T37] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.861689][ T7254] RDS: rds_bind could not find a transport for ::ffff:10.1.1.2, load rds_tcp or rds_rdma?
[  212.025172][ T7259] ERROR: Out of memory at tomoyo_memory_ok.
[  212.208934][ T5849] Bluetooth: hci4: unexpected event 0x3e length: 1020 > 260
[  212.208979][ T5849] Bluetooth: hci4: unexpected subevent 0x01 length: 1019 > 18
[  212.679126][ T7270] netlink: 334 bytes leftover after parsing attributes in process `syz.1.255'.
[  212.803342][   T37] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  212.827783][   T37] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  212.849978][   T37] bond0 (unregistering): Released all slaves
[  213.258015][ T7272] netlink: 12 bytes leftover after parsing attributes in process `syz.1.256'.
[  213.323084][ T7272] FAULT_INJECTION: forcing a failure.
[  213.323084][ T7272] name failslab, interval 1, probability 0, space 0, times 0
[  213.348777][ T7272] CPU: 1 UID: 0 PID: 7272 Comm: syz.1.256 Tainted: G     U              6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  213.348830][ T7272] Tainted: [U]=USER
[  213.348840][ T7272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  213.348857][ T7272] Call Trace:
[  213.348868][ T7272]  <TASK>
[  213.348881][ T7272]  dump_stack_lvl+0x16c/0x1f0
[  213.348940][ T7272]  should_fail_ex+0x512/0x640
[  213.348989][ T7272]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  213.349043][ T7272]  should_failslab+0xc2/0x120
[  213.349073][ T7272]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  213.349120][ T7272]  ? __kernfs_iattrs+0xbc/0x3f0
[  213.349165][ T7272]  __kernfs_iattrs+0xbc/0x3f0
[  213.349207][ T7272]  __kernfs_setattr+0x4d/0x3c0
[  213.349252][ T7272]  __kernfs_new_node+0x563/0x8e0
[  213.349302][ T7272]  ? __pfx___kernfs_new_node+0x10/0x10
[  213.349360][ T7272]  ? kernfs_root+0xee/0x2a0
[  213.349407][ T7272]  kernfs_new_node+0x13c/0x1e0
[  213.349454][ T7272]  ? do_raw_spin_lock+0x12c/0x2b0
[  213.349506][ T7272]  __kernfs_create_file+0x53/0x350
[  213.349551][ T7272]  cgroup_addrm_files+0x546/0xc20
[  213.349615][ T7272]  ? __pfx_cgroup_addrm_files+0x10/0x10
[  213.349679][ T7272]  ? css_next_child+0xcf/0x2d0
[  213.349740][ T7272]  ? css_next_descendant_pre+0x58/0x1a0
[  213.349790][ T7272]  css_populate_dir+0x469/0x580
[  213.349834][ T7272]  cgroup_mkdir+0x5cb/0x11f0
[  213.349894][ T7272]  ? __pfx_cgroup_mkdir+0x10/0x10
[  213.349947][ T7272]  kernfs_iop_mkdir+0x111/0x190
[  213.349995][ T7272]  ? bpf_lsm_inode_mkdir+0x9/0x10
[  213.350052][ T7272]  vfs_mkdir+0x593/0x8c0
[  213.350096][ T7272]  do_mkdirat+0x304/0x3e0
[  213.350148][ T7272]  ? __pfx_do_mkdirat+0x10/0x10
[  213.350203][ T7272]  ? getname_flags.part.0+0x1c5/0x550
[  213.350245][ T7272]  __x64_sys_mkdir+0xef/0x140
[  213.350295][ T7272]  do_syscall_64+0xcd/0x490
[  213.350331][ T7272]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.350365][ T7272] RIP: 0033:0x7fd0d438e929
[  213.350392][ T7272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.350423][ T7272] RSP: 002b:00007fd0d51cd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  213.350454][ T7272] RAX: ffffffffffffffda RBX: 00007fd0d45b5fa0 RCX: 00007fd0d438e929
[  213.350474][ T7272] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000200000000480
[  213.350493][ T7272] RBP: 00007fd0d4410b39 R08: 0000000000000000 R09: 0000000000000000
[  213.350512][ T7272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  213.350529][ T7272] R13: 0000000000000000 R14: 00007fd0d45b5fa0 R15: 00007ffdc1426888
[  213.350572][ T7272]  </TASK>
[  213.722501][ T7272] cgroup: cgroup_addrm_files: failed to add cpu.pressure, err=-12
[  214.394745][   T37] hsr_slave_0: left promiscuous mode
[  214.405559][   T37] hsr_slave_1: left promiscuous mode
[  214.413048][   T37] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  214.431650][   T37] batman_adv: batadv0: Removing interface: batadv_slave_0
[  214.465393][   T37] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  214.490931][   T37] batman_adv: batadv0: Removing interface: batadv_slave_1
[  214.580676][   T37] veth1_macvtap: left promiscuous mode
[  214.590594][   T37] veth0_macvtap: left promiscuous mode
[  214.611522][   T37] veth1_vlan: left promiscuous mode
[  214.631221][   T37] veth0_vlan: left promiscuous mode
[  216.180374][   T37] team0 (unregistering): Port device team_slave_1 removed
[  216.296092][   T37] team0 (unregistering): Port device team_slave_0 removed
[  217.629261][ T7296] FAULT_INJECTION: forcing a failure.
[  217.629261][ T7296] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  217.678327][ T7296] CPU: 1 UID: 0 PID: 7296 Comm: syz.0.259 Tainted: G     U              6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  217.678377][ T7296] Tainted: [U]=USER
[  217.678387][ T7296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  217.678405][ T7296] Call Trace:
[  217.678415][ T7296]  <TASK>
[  217.678428][ T7296]  dump_stack_lvl+0x16c/0x1f0
[  217.678483][ T7296]  should_fail_ex+0x512/0x640
[  217.678540][ T7296]  should_fail_alloc_page+0xe7/0x130
[  217.678574][ T7296]  prepare_alloc_pages+0x3c2/0x610
[  217.678613][ T7296]  ? rcu_is_watching+0x12/0xc0
[  217.678650][ T7296]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  217.678717][ T7296]  ? __lock_acquire+0x622/0x1c90
[  217.678767][ T7296]  ? __lock_acquire+0x622/0x1c90
[  217.678812][ T7296]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  217.678855][ T7296]  ? __lock_acquire+0x622/0x1c90
[  217.678904][ T7296]  ? __lock_acquire+0x622/0x1c90
[  217.678946][ T7296]  ? __lock_acquire+0x622/0x1c90
[  217.678985][ T7296]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  217.679036][ T7296]  ? policy_nodemask+0xea/0x4e0
[  217.679069][ T7296]  alloc_pages_mpol+0x1fb/0x550
[  217.679101][ T7296]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  217.679144][ T7296]  folio_alloc_mpol_noprof+0x36/0x2f0
[  217.679184][ T7296]  vma_alloc_folio_noprof+0xed/0x1e0
[  217.679221][ T7296]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  217.679256][ T7296]  ? find_held_lock+0x2b/0x80
[  217.679288][ T7296]  ? __handle_mm_fault+0x1092/0x5490
[  217.679338][ T7296]  __handle_mm_fault+0x2f21/0x5490
[  217.679394][ T7296]  ? __pfx___handle_mm_fault+0x10/0x10
[  217.679440][ T7296]  ? __pte_offset_map_lock+0x174/0x310
[  217.679474][ T7296]  ? find_held_lock+0x2b/0x80
[  217.679504][ T7296]  ? find_held_lock+0x2b/0x80
[  217.679546][ T7296]  ? follow_page_pte+0x3af/0x14c0
[  217.679592][ T7296]  handle_mm_fault+0x589/0xd10
[  217.679646][ T7296]  __get_user_pages+0x589/0x3b80
[  217.679704][ T7296]  ? __pfx_mt_find+0x10/0x10
[  217.679739][ T7296]  ? __pfx___get_user_pages+0x10/0x10
[  217.679792][ T7296]  populate_vma_page_range+0x278/0x3a0
[  217.679836][ T7296]  ? __pfx_populate_vma_page_range+0x10/0x10
[  217.679876][ T7296]  ? __pfx_find_vma_intersection+0x10/0x10
[  217.679916][ T7296]  ? do_mmap+0x69c/0x1210
[  217.679957][ T7296]  __mm_populate+0x1d8/0x380
[  217.679997][ T7296]  ? __pfx___mm_populate+0x10/0x10
[  217.680040][ T7296]  ? up_write+0x1b2/0x520
[  217.680092][ T7296]  vm_mmap_pgoff+0x362/0x450
[  217.680130][ T7296]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  217.680174][ T7296]  ? __x64_sys_futex+0x1e0/0x4c0
[  217.680212][ T7296]  ? __x64_sys_futex+0x1e9/0x4c0
[  217.680258][ T7296]  ksys_mmap_pgoff+0x7d/0x5c0
[  217.680293][ T7296]  ? xfd_validate_state+0x61/0x180
[  217.680342][ T7296]  __x64_sys_mmap+0x125/0x190
[  217.680391][ T7296]  do_syscall_64+0xcd/0x490
[  217.680426][ T7296]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.680457][ T7296] RIP: 0033:0x7ff758d8e929
[  217.680485][ T7296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.680515][ T7296] RSP: 002b:00007ff759b70038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  217.680543][ T7296] RAX: ffffffffffffffda RBX: 00007ff758fb5fa0 RCX: 00007ff758d8e929
[  217.680564][ T7296] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000
[  217.680583][ T7296] RBP: 00007ff758e10b39 R08: 0000000000000002 R09: 0000000000008000
[  217.680602][ T7296] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[  217.680620][ T7296] R13: 0000000000000000 R14: 00007ff758fb5fa0 R15: 00007fff1d36db38
[  217.680661][ T7296]  </TASK>
[  218.932519][ T5852] Bluetooth: hci4: unexpected event 0x3e length: 508 > 260
[  218.932564][ T5852] Bluetooth: hci4: unexpected subevent 0x02 length: 507 > 260
[  218.952319][ T5852] Bluetooth: hci4: Dropping invalid advertising data
[  218.959444][ T5852] Bluetooth: hci4: unknown advertising packet type: 0xe9
[  219.090280][ T7325] netlink: 194 bytes leftover after parsing attributes in process `syz.0.264'.
[  219.596325][ T7334] device-mapper: ioctl: Invalid ioctl structure: name ¢, dev 7f00010002
[  221.810375][ T7383] netlink: 194 bytes leftover after parsing attributes in process `syz.2.275'.
[  223.597993][   T30] audit: type=1800 audit(1749519764.837:5): pid=7434 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.283" name="discovery_nqn" dev="configfs" ino=14589 res=0 errno=0
[  223.618788][    C1] vkms_vblank_simulate: vblank timer overrun
[  224.494547][ T7451] netlink: 194 bytes leftover after parsing attributes in process `syz.4.287'.
[  225.045424][ T7464] netlink: 'syz.4.289': attribute type 1 has an invalid length.
[  227.656558][ T7529] netlink: 194 bytes leftover after parsing attributes in process `syz.4.298'.
[  228.691321][ T7538] program syz.4.300 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  228.808315][ T7546] netlink: 28 bytes leftover after parsing attributes in process `syz.2.302'.
[  229.820942][ T7556] can: request_module (can-proto-0) failed.
[  231.551862][ T7584] netlink: 194 bytes leftover after parsing attributes in process `syz.4.308'.
[  232.718191][ T7616] FAULT_INJECTION: forcing a failure.
[  232.718191][ T7616] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  232.791131][ T7616] CPU: 1 UID: 0 PID: 7616 Comm: syz.2.312 Tainted: G     U              6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  232.791179][ T7616] Tainted: [U]=USER
[  232.791189][ T7616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  232.791206][ T7616] Call Trace:
[  232.791216][ T7616]  <TASK>
[  232.791228][ T7616]  dump_stack_lvl+0x16c/0x1f0
[  232.791283][ T7616]  should_fail_ex+0x512/0x640
[  232.791333][ T7616]  _copy_from_user+0x2e/0xd0
[  232.791385][ T7616]  copy_msghdr_from_user+0x98/0x160
[  232.791435][ T7616]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  232.791494][ T7616]  ? __pfx__kstrtoull+0x10/0x10
[  232.791541][ T7616]  ___sys_sendmsg+0xfe/0x1d0
[  232.791595][ T7616]  ? __pfx____sys_sendmsg+0x10/0x10
[  232.791665][ T7616]  ? find_held_lock+0x2b/0x80
[  232.791722][ T7616]  __sys_sendmmsg+0x200/0x420
[  232.791766][ T7616]  ? __pfx___sys_sendmmsg+0x10/0x10
[  232.791812][ T7616]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  232.791861][ T7616]  ? fput+0x70/0xf0
[  232.791890][ T7616]  ? ksys_write+0x1ac/0x250
[  232.791934][ T7616]  ? __pfx_ksys_write+0x10/0x10
[  232.791986][ T7616]  __x64_sys_sendmmsg+0x9c/0x100
[  232.792016][ T7616]  ? lockdep_hardirqs_on+0x7c/0x110
[  232.792064][ T7616]  do_syscall_64+0xcd/0x490
[  232.792097][ T7616]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.792130][ T7616] RIP: 0033:0x7f65ce78e929
[  232.792154][ T7616] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  232.792183][ T7616] RSP: 002b:00007f65cf534038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  232.792212][ T7616] RAX: ffffffffffffffda RBX: 00007f65ce9b6080 RCX: 00007f65ce78e929
[  232.792231][ T7616] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003
[  232.792249][ T7616] RBP: 00007f65cf534090 R08: 0000000000000000 R09: 0000000000000000
[  232.792266][ T7616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  232.792283][ T7616] R13: 0000000000000000 R14: 00007f65ce9b6080 R15: 00007ffcabb245e8
[  232.792322][ T7616]  </TASK>
[  234.834779][ T7656] netlink: 194 bytes leftover after parsing attributes in process `syz.2.319'.
[  235.269587][ T7625] netlink: 4 bytes leftover after parsing attributes in process `syz.4.315'.
[  236.768119][ T7687] FAULT_INJECTION: forcing a failure.
[  236.768119][ T7687] name failslab, interval 1, probability 0, space 0, times 0
[  236.860159][ T7687] CPU: 0 UID: 0 PID: 7687 Comm: syz.1.325 Tainted: G     U              6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  236.860208][ T7687] Tainted: [U]=USER
[  236.860219][ T7687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  236.860236][ T7687] Call Trace:
[  236.860244][ T7687]  <TASK>
[  236.860257][ T7687]  dump_stack_lvl+0x16c/0x1f0
[  236.860311][ T7687]  should_fail_ex+0x512/0x640
[  236.860359][ T7687]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  236.860411][ T7687]  should_failslab+0xc2/0x120
[  236.860440][ T7687]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  236.860493][ T7687]  ? __alloc_skb+0x2b2/0x380
[  236.860547][ T7687]  __alloc_skb+0x2b2/0x380
[  236.860593][ T7687]  ? __pfx___alloc_skb+0x10/0x10
[  236.860644][ T7687]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  236.860688][ T7687]  netlink_alloc_large_skb+0x69/0x130
[  236.860727][ T7687]  netlink_sendmsg+0x6a1/0xdd0
[  236.860771][ T7687]  ? __pfx_netlink_sendmsg+0x10/0x10
[  236.860826][ T7687]  ____sys_sendmsg+0xa95/0xc70
[  236.860864][ T7687]  ? copy_msghdr_from_user+0x10a/0x160
[  236.860912][ T7687]  ? __pfx_____sys_sendmsg+0x10/0x10
[  236.860959][ T7687]  ? __pfx__kstrtoull+0x10/0x10
[  236.861006][ T7687]  ___sys_sendmsg+0x134/0x1d0
[  236.861061][ T7687]  ? __pfx____sys_sendmsg+0x10/0x10
[  236.861132][ T7687]  ? find_held_lock+0x2b/0x80
[  236.861221][ T7687]  __sys_sendmmsg+0x200/0x420
[  236.861258][ T7687]  ? __pfx___sys_sendmmsg+0x10/0x10
[  236.861303][ T7687]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  236.861351][ T7687]  ? fput+0x70/0xf0
[  236.861381][ T7687]  ? ksys_write+0x1ac/0x250
[  236.861424][ T7687]  ? __pfx_ksys_write+0x10/0x10
[  236.861475][ T7687]  __x64_sys_sendmmsg+0x9c/0x100
[  236.861514][ T7687]  ? lockdep_hardirqs_on+0x7c/0x110
[  236.861559][ T7687]  do_syscall_64+0xcd/0x490
[  236.861591][ T7687]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.861622][ T7687] RIP: 0033:0x7fd0d438e929
[  236.861647][ T7687] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  236.861676][ T7687] RSP: 002b:00007fd0d51ac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  236.861704][ T7687] RAX: ffffffffffffffda RBX: 00007fd0d45b6080 RCX: 00007fd0d438e929
[  236.861723][ T7687] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003
[  236.861740][ T7687] RBP: 00007fd0d51ac090 R08: 0000000000000000 R09: 0000000000000000
[  236.861757][ T7687] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  236.861773][ T7687] R13: 0000000000000000 R14: 00007fd0d45b6080 R15: 00007ffdc1426888
[  236.861812][ T7687]  </TASK>
[  237.248030][ T7695] program syz.2.326 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  237.288896][ T7695] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  238.715771][ T7725] netlink: 194 bytes leftover after parsing attributes in process `syz.1.329'.
[  239.709365][ T7767] netlink: 'syz.4.335': attribute type 1 has an invalid length.
[  242.398489][ T7806] netlink: 194 bytes leftover after parsing attributes in process `syz.4.339'.
[  243.397934][ T7815] ptrace attach of "./syz-executor exec"[6769] was attempted by "./syz-executor exec"[7815]
[  245.756700][ T7867] netlink: 194 bytes leftover after parsing attributes in process `syz.4.349'.
[  246.166617][ T7881] FAULT_INJECTION: forcing a failure.
[  246.166617][ T7881] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  246.223856][ T7881] CPU: 1 UID: 0 PID: 7881 Comm: syz.4.352 Tainted: G     U              6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  246.223910][ T7881] Tainted: [U]=USER
[  246.223920][ T7881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  246.223952][ T7881] Call Trace:
[  246.223967][ T7881]  <TASK>
[  246.223979][ T7881]  dump_stack_lvl+0x16c/0x1f0
[  246.224034][ T7881]  should_fail_ex+0x512/0x640
[  246.224087][ T7881]  _copy_from_iter+0x29f/0x16f0
[  246.224143][ T7881]  ? __alloc_skb+0x200/0x380
[  246.224193][ T7881]  ? __pfx__copy_from_iter+0x10/0x10
[  246.224248][ T7881]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  246.224297][ T7881]  netlink_sendmsg+0x829/0xdd0
[  246.224343][ T7881]  ? __pfx_netlink_sendmsg+0x10/0x10
[  246.224396][ T7881]  ____sys_sendmsg+0xa95/0xc70
[  246.224437][ T7881]  ? copy_msghdr_from_user+0x10a/0x160
[  246.224486][ T7881]  ? __pfx_____sys_sendmsg+0x10/0x10
[  246.224532][ T7881]  ? __pfx__kstrtoull+0x10/0x10
[  246.224580][ T7881]  ___sys_sendmsg+0x134/0x1d0
[  246.224635][ T7881]  ? __pfx____sys_sendmsg+0x10/0x10
[  246.224705][ T7881]  ? find_held_lock+0x2b/0x80
[  246.224762][ T7881]  __sys_sendmmsg+0x200/0x420
[  246.224798][ T7881]  ? __pfx___sys_sendmmsg+0x10/0x10
[  246.224841][ T7881]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  246.224894][ T7881]  ? fput+0x70/0xf0
[  246.224925][ T7881]  ? ksys_write+0x1ac/0x250
[  246.224968][ T7881]  ? __pfx_ksys_write+0x10/0x10
[  246.225026][ T7881]  __x64_sys_sendmmsg+0x9c/0x100
[  246.225056][ T7881]  ? lockdep_hardirqs_on+0x7c/0x110
[  246.225104][ T7881]  do_syscall_64+0xcd/0x490
[  246.225136][ T7881]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.225168][ T7881] RIP: 0033:0x7f9f88f8e929
[  246.225192][ T7881] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  246.225222][ T7881] RSP: 002b:00007f9f89dab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  246.225251][ T7881] RAX: ffffffffffffffda RBX: 00007f9f891b6080 RCX: 00007f9f88f8e929
[  246.225271][ T7881] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003
[  246.225289][ T7881] RBP: 00007f9f89dab090 R08: 0000000000000000 R09: 0000000000000000
[  246.225307][ T7881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  246.225324][ T7881] R13: 0000000000000000 R14: 00007f9f891b6080 R15: 00007ffe4db915d8
[  246.225363][ T7881]  </TASK>
[  248.826193][ T7929] netlink: 194 bytes leftover after parsing attributes in process `syz.4.361'.
[  249.236120][ T7946] FAULT_INJECTION: forcing a failure.
[  249.236120][ T7946] name failslab, interval 1, probability 0, space 0, times 0
[  249.275517][ T7946] CPU: 0 UID: 0 PID: 7946 Comm: syz.2.364 Tainted: G     U              6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  249.275567][ T7946] Tainted: [U]=USER
[  249.275577][ T7946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  249.275594][ T7946] Call Trace:
[  249.275605][ T7946]  <TASK>
[  249.275616][ T7946]  dump_stack_lvl+0x16c/0x1f0
[  249.275674][ T7946]  should_fail_ex+0x512/0x640
[  249.275729][ T7946]  should_failslab+0xc2/0x120
[  249.275761][ T7946]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  249.275812][ T7946]  ? skb_clone+0x190/0x3f0
[  249.275848][ T7946]  skb_clone+0x190/0x3f0
[  249.275880][ T7946]  netlink_deliver_tap+0xabd/0xd30
[  249.275926][ T7946]  netlink_unicast+0x5df/0x7f0
[  249.275967][ T7946]  ? __pfx_netlink_unicast+0x10/0x10
[  249.276017][ T7946]  netlink_sendmsg+0x8d1/0xdd0
[  249.276062][ T7946]  ? __pfx_netlink_sendmsg+0x10/0x10
[  249.276116][ T7946]  ____sys_sendmsg+0xa95/0xc70
[  249.276154][ T7946]  ? copy_msghdr_from_user+0x10a/0x160
[  249.276206][ T7946]  ? __pfx_____sys_sendmsg+0x10/0x10
[  249.276253][ T7946]  ? __pfx__kstrtoull+0x10/0x10
[  249.276302][ T7946]  ___sys_sendmsg+0x134/0x1d0
[  249.276356][ T7946]  ? __pfx____sys_sendmsg+0x10/0x10
[  249.276429][ T7946]  ? find_held_lock+0x2b/0x80
[  249.276497][ T7946]  __sys_sendmmsg+0x200/0x420
[  249.276531][ T7946]  ? __pfx___sys_sendmmsg+0x10/0x10
[  249.276576][ T7946]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  249.276622][ T7946]  ? fput+0x70/0xf0
[  249.276652][ T7946]  ? ksys_write+0x1ac/0x250
[  249.276697][ T7946]  ? __pfx_ksys_write+0x10/0x10
[  249.276750][ T7946]  __x64_sys_sendmmsg+0x9c/0x100
[  249.276781][ T7946]  ? lockdep_hardirqs_on+0x7c/0x110
[  249.276830][ T7946]  do_syscall_64+0xcd/0x490
[  249.276862][ T7946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.276894][ T7946] RIP: 0033:0x7f65ce78e929
[  249.276920][ T7946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  249.276949][ T7946] RSP: 002b:00007f65cf534038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  249.276978][ T7946] RAX: ffffffffffffffda RBX: 00007f65ce9b6080 RCX: 00007f65ce78e929
[  249.276998][ T7946] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003
[  249.277016][ T7946] RBP: 00007f65cf534090 R08: 0000000000000000 R09: 0000000000000000
[  249.277034][ T7946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  249.277051][ T7946] R13: 0000000000000000 R14: 00007f65ce9b6080 R15: 00007ffcabb245e8
[  249.277091][ T7946]  </TASK>
[  251.198439][ T5852] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  251.198543][ T5852] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  251.213859][ T5852] Bluetooth: hci0: Unknown advertising packet type: 0x7f
[  251.213948][ T5852] Bluetooth: hci0: Malformed LE Event: 0x0d
[  252.754528][ T8009] netlink: 194 bytes leftover after parsing attributes in process `syz.4.372'.
[  254.965273][ T8059] FAULT_INJECTION: forcing a failure.
[  254.965273][ T8059] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  254.996430][ T8059] CPU: 0 UID: 0 PID: 8059 Comm: syz.1.378 Tainted: G     U              6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  254.996477][ T8059] Tainted: [U]=USER
[  254.996487][ T8059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  254.996503][ T8059] Call Trace:
[  254.996513][ T8059]  <TASK>
[  254.996525][ T8059]  dump_stack_lvl+0x16c/0x1f0
[  254.996581][ T8059]  should_fail_ex+0x512/0x640
[  254.996634][ T8059]  _copy_from_user+0x2e/0xd0
[  254.996687][ T8059]  copy_msghdr_from_user+0x98/0x160
[  254.996738][ T8059]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  254.996797][ T8059]  ? kfree+0x24f/0x4d0
[  254.996834][ T8059]  ? __pfx__kstrtoull+0x10/0x10
[  254.996882][ T8059]  ___sys_sendmsg+0xfe/0x1d0
[  254.996934][ T8059]  ? __pfx____sys_sendmsg+0x10/0x10
[  254.997022][ T8059]  ? __pfx___might_resched+0x10/0x10
[  254.997074][ T8059]  __sys_sendmmsg+0x200/0x420
[  254.997110][ T8059]  ? __pfx___sys_sendmmsg+0x10/0x10
[  254.997154][ T8059]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  254.997202][ T8059]  ? fput+0x70/0xf0
[  254.997232][ T8059]  ? ksys_write+0x1ac/0x250
[  254.997275][ T8059]  ? __pfx_ksys_write+0x10/0x10
[  254.997327][ T8059]  __x64_sys_sendmmsg+0x9c/0x100
[  254.997356][ T8059]  ? lockdep_hardirqs_on+0x7c/0x110
[  254.997403][ T8059]  do_syscall_64+0xcd/0x490
[  254.997435][ T8059]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.997467][ T8059] RIP: 0033:0x7fd0d438e929
[  254.997493][ T8059] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.997521][ T8059] RSP: 002b:00007fd0d51ac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  254.997551][ T8059] RAX: ffffffffffffffda RBX: 00007fd0d45b6080 RCX: 00007fd0d438e929
[  254.997571][ T8059] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003
[  254.997590][ T8059] RBP: 00007fd0d51ac090 R08: 0000000000000000 R09: 0000000000000000
[  254.997609][ T8059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  254.997627][ T8059] R13: 0000000000000000 R14: 00007fd0d45b6080 R15: 00007ffdc1426888
[  254.997668][ T8059]  </TASK>
[  255.208835][    C0] vkms_vblank_simulate: vblank timer overrun
[  258.241980][ T8129] FAULT_INJECTION: forcing a failure.
[  258.241980][ T8129] name failslab, interval 1, probability 0, space 0, times 0
[  258.292099][ T8129] CPU: 1 UID: 0 PID: 8129 Comm: syz.1.389 Tainted: G     U              6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  258.292149][ T8129] Tainted: [U]=USER
[  258.292160][ T8129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  258.292177][ T8129] Call Trace:
[  258.292187][ T8129]  <TASK>
[  258.292199][ T8129]  dump_stack_lvl+0x16c/0x1f0
[  258.292254][ T8129]  should_fail_ex+0x512/0x640
[  258.292299][ T8129]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  258.292352][ T8129]  should_failslab+0xc2/0x120
[  258.292383][ T8129]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  258.292431][ T8129]  ? __alloc_skb+0x2b2/0x380
[  258.292486][ T8129]  __alloc_skb+0x2b2/0x380
[  258.292533][ T8129]  ? __pfx___alloc_skb+0x10/0x10
[  258.292587][ T8129]  ? __lock_acquire+0xb8a/0x1c90
[  258.292634][ T8129]  netlink_alloc_large_skb+0x69/0x130
[  258.292675][ T8129]  netlink_sendmsg+0x6a1/0xdd0
[  258.292717][ T8129]  ? __pfx_netlink_sendmsg+0x10/0x10
[  258.292769][ T8129]  ____sys_sendmsg+0xa95/0xc70
[  258.292807][ T8129]  ? copy_msghdr_from_user+0x10a/0x160
[  258.292856][ T8129]  ? __pfx_____sys_sendmsg+0x10/0x10
[  258.292898][ T8129]  ? kfree+0x24f/0x4d0
[  258.292933][ T8129]  ? __pfx__kstrtoull+0x10/0x10
[  258.292977][ T8129]  ___sys_sendmsg+0x134/0x1d0
[  258.293032][ T8129]  ? __pfx____sys_sendmsg+0x10/0x10
[  258.293130][ T8129]  ? __pfx___might_resched+0x10/0x10
[  258.293172][ T8129]  __sys_sendmmsg+0x200/0x420
[  258.293206][ T8129]  ? __pfx___sys_sendmmsg+0x10/0x10
[  258.293250][ T8129]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  258.293299][ T8129]  ? fput+0x70/0xf0
[  258.293328][ T8129]  ? ksys_write+0x1ac/0x250
[  258.293373][ T8129]  ? __pfx_ksys_write+0x10/0x10
[  258.293424][ T8129]  __x64_sys_sendmmsg+0x9c/0x100
[  258.293454][ T8129]  ? lockdep_hardirqs_on+0x7c/0x110
[  258.293503][ T8129]  do_syscall_64+0xcd/0x490
[  258.293536][ T8129]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.293566][ T8129] RIP: 0033:0x7fd0d438e929
[  258.293591][ T8129] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  258.293620][ T8129] RSP: 002b:00007fd0d51ac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  258.293648][ T8129] RAX: ffffffffffffffda RBX: 00007fd0d45b6080 RCX: 00007fd0d438e929
[  258.293667][ T8129] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003
[  258.293685][ T8129] RBP: 00007fd0d51ac090 R08: 0000000000000000 R09: 0000000000000000
[  258.293703][ T8129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  258.293719][ T8129] R13: 0000000000000000 R14: 00007fd0d45b6080 R15: 00007ffdc1426888
[  258.293758][ T8129]  </TASK>
[  264.734120][ T8249] netlink: 538 bytes leftover after parsing attributes in process `syz.1.405'.
[  266.049849][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[  266.065249][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  267.994174][ T8311] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  268.023553][ T8311] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  268.057140][ T8311] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  268.095540][ T8311] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  269.282733][ T5852] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260
[  269.282780][ T5852] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260
[  269.298654][ T5852] Bluetooth: hci1: Unknown advertising packet type: 0x7f
[  269.298681][ T5852] Bluetooth: hci1: adv larger than maximum supported
[  269.305823][ T5852] Bluetooth: hci1: adv larger than maximum supported
[  269.313158][ T5852] Bluetooth: hci1: Malformed LE Event: 0x0d
[  269.456248][ T8357] input input10: cannot allocate more than FF_MAX_EFFECTS effects
[  269.551137][ T5852] Bluetooth: hci0: command 0x0c1a tx timeout
[  270.031557][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout
[  270.111392][ T5852] Bluetooth: hci4: command 0x0419 tx timeout
[  270.119543][ T5849] Bluetooth: hci2: command 0x0c1a tx timeout
[  274.861384][ T8466] vivid-007: =================  START STATUS  =================
[  274.895793][ T8466] vivid-007: Generate PTS: true
[  274.916156][ T8466] vivid-007: Generate SCR: true
[  274.952370][ T8466] tpg source WxH: 320x240 (Y'CbCr)
[  274.959447][ T8466] tpg field: 1
[  274.967383][ T8466] tpg crop: (0,0)/320x240
[  275.012153][ T8466] tpg compose: (0,0)/320x240
[  275.022227][ T8466] tpg colorspace: 8
[  275.026203][ T8466] tpg transfer function: 0/0
[  275.030961][ T8466] tpg Y'CbCr encoding: 0/0
[  275.035541][ T8466] tpg quantization: 0/0
[  275.039738][ T8466] tpg RGB range: 0/2
[  275.044478][ T8466] vivid-007: ==================  END STATUS  ==================
[  275.385019][ T8480] netlink: 8 bytes leftover after parsing attributes in process `syz.4.441'.
[  275.405032][ T8476] can: request_module (can-proto-3) failed.
[  277.150383][ T8504] syz.2.445 (8504) used greatest stack depth: 19064 bytes left
[  278.026738][ T8529] vhci_hcd: invalid port number 48
[  278.032939][ T8529] vhci_hcd: default hub control req: 3038 v2030 i0030 l12336
[  279.552144][ T8550] netlink: 346 bytes leftover after parsing attributes in process `syz.2.454'.
[  280.687271][ T8577] netlink: 8 bytes leftover after parsing attributes in process `syz.4.460'.
[  280.741448][ T8582] netlink: 8 bytes leftover after parsing attributes in process `syz.4.460'.
[  282.264504][ T8601] FAULT_INJECTION: forcing a failure.
[  282.264504][ T8601] name fail_futex, interval 1, probability 0, space 0, times 0
[  282.390066][ T8601] CPU: 0 UID: 0 PID: 8601 Comm: syz.1.461 Tainted: G     U              6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  282.390118][ T8601] Tainted: [U]=USER
[  282.390128][ T8601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  282.390147][ T8601] Call Trace:
[  282.390158][ T8601]  <TASK>
[  282.390171][ T8601]  dump_stack_lvl+0x16c/0x1f0
[  282.390228][ T8601]  should_fail_ex+0x512/0x640
[  282.390285][ T8601]  get_futex_key+0x1d0/0x1540
[  282.390331][ T8601]  ? __pfx_get_futex_key+0x10/0x10
[  282.390384][ T8601]  futex_wake+0xea/0x530
[  282.390435][ T8601]  ? __pfx_futex_wake+0x10/0x10
[  282.390493][ T8601]  ? rcu_is_watching+0x12/0xc0
[  282.390542][ T8601]  do_futex+0x1e3/0x350
[  282.390581][ T8601]  ? __pfx_do_futex+0x10/0x10
[  282.390624][ T8601]  ? __pfx___might_resched+0x10/0x10
[  282.390663][ T8601]  __x64_sys_futex+0x1e0/0x4c0
[  282.390705][ T8601]  ? __pfx_blkcg_maybe_throttle_current+0x10/0x10
[  282.390750][ T8601]  ? __pfx___x64_sys_futex+0x10/0x10
[  282.390791][ T8601]  ? xfd_validate_state+0x61/0x180
[  282.390832][ T8601]  ? __pfx___do_sys_close_range+0x10/0x10
[  282.390895][ T8601]  do_syscall_64+0xcd/0x490
[  282.390928][ T8601]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  282.390960][ T8601] RIP: 0033:0x7fd0d438e929
[  282.390986][ T8601] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  282.391016][ T8601] RSP: 002b:00007fd0d516a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  282.391045][ T8601] RAX: ffffffffffffffda RBX: 00007fd0d45b6248 RCX: 00007fd0d438e929
[  282.391065][ T8601] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fd0d45b624c
[  282.391084][ T8601] RBP: 00007fd0d45b6240 R08: 00007fd0d51ce000 R09: 0000000000000000
[  282.391102][ T8601] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd0d45b624c
[  282.391121][ T8601] R13: 0000000000000000 R14: 00007ffdc14267a0 R15: 00007ffdc1426888
[  282.391162][ T8601]  </TASK>
[  287.423661][ T8673] netlink: 194 bytes leftover after parsing attributes in process `syz.4.479'.
[  288.836371][ T8696] random: crng reseeded on system resumption
[  292.027211][ T8731] netlink: 194 bytes leftover after parsing attributes in process `syz.2.489'.
[  294.893388][ T8775] netlink: 194 bytes leftover after parsing attributes in process `syz.1.499'.
[  295.696751][ T5849] Bluetooth: hci2: ISO packet for unknown connection handle 0
[  295.746235][ T5849] Bluetooth: hci2: ACL packet for unknown connection handle 0
[  296.373682][ T8798] netlink: 12 bytes leftover after parsing attributes in process `syz.1.504'.
[  296.404257][ T8798] netlink: 12 bytes leftover after parsing attributes in process `syz.1.504'.
[  296.492746][ T5852] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  296.519544][ T5852] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  296.531631][ T5852] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  296.545821][ T5852] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  296.554007][ T5852] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  296.948864][ T8812] FAULT_INJECTION: forcing a failure.
[  296.948864][ T8812] name failslab, interval 1, probability 0, space 0, times 0
[  297.028548][ T8812] CPU: 1 UID: 0 PID: 8812 Comm: syz.4.506 Tainted: G     U              6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  297.028598][ T8812] Tainted: [U]=USER
[  297.028608][ T8812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  297.028626][ T8812] Call Trace:
[  297.028636][ T8812]  <TASK>
[  297.028648][ T8812]  dump_stack_lvl+0x16c/0x1f0
[  297.028704][ T8812]  should_fail_ex+0x512/0x640
[  297.028750][ T8812]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  297.028796][ T8812]  should_failslab+0xc2/0x120
[  297.028825][ T8812]  __kmalloc_cache_noprof+0x6a/0x3e0
[  297.028869][ T8812]  ? _raw_spin_unlock+0x28/0x50
[  297.028913][ T8812]  ? snd_ctl_open+0x174/0x5e0
[  297.028965][ T8812]  snd_ctl_open+0x174/0x5e0
[  297.029013][ T8812]  ? __pfx_snd_ctl_open+0x10/0x10
[  297.029058][ T8812]  snd_open+0x1fe/0x450
[  297.029091][ T8812]  ? __pfx_snd_open+0x10/0x10
[  297.029121][ T8812]  chrdev_open+0x231/0x6a0
[  297.029168][ T8812]  ? __pfx_apparmor_file_open+0x10/0x10
[  297.029208][ T8812]  ? __pfx_chrdev_open+0x10/0x10
[  297.029259][ T8812]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  297.029316][ T8812]  do_dentry_open+0x744/0x1c10
[  297.029363][ T8812]  ? __pfx_chrdev_open+0x10/0x10
[  297.029420][ T8812]  vfs_open+0x82/0x3f0
[  297.029459][ T8812]  path_openat+0x1de4/0x2cb0
[  297.029517][ T8812]  ? __pfx_path_openat+0x10/0x10
[  297.029566][ T8812]  ? __lock_acquire+0xb8a/0x1c90
[  297.029612][ T8812]  do_filp_open+0x20b/0x470
[  297.029657][ T8812]  ? __pfx_do_filp_open+0x10/0x10
[  297.029731][ T8812]  ? alloc_fd+0x471/0x7d0
[  297.029785][ T8812]  do_sys_openat2+0x11b/0x1d0
[  297.029819][ T8812]  ? __pfx_do_sys_openat2+0x10/0x10
[  297.029872][ T8812]  __x64_sys_openat+0x174/0x210
[  297.029908][ T8812]  ? __pfx___x64_sys_openat+0x10/0x10
[  297.029960][ T8812]  do_syscall_64+0xcd/0x490
[  297.029994][ T8812]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.030026][ T8812] RIP: 0033:0x7f9f88f8e929
[  297.030052][ T8812] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  297.030081][ T8812] RSP: 002b:00007f9f89dab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  297.030110][ T8812] RAX: ffffffffffffffda RBX: 00007f9f891b6080 RCX: 00007f9f88f8e929
[  297.030129][ T8812] RDX: 0000000000000080 RSI: 0000200000000640 RDI: ffffffffffffff9c
[  297.030148][ T8812] RBP: 00007f9f89010b39 R08: 0000000000000000 R09: 0000000000000000
[  297.030166][ T8812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  297.030183][ T8812] R13: 0000000000000000 R14: 00007f9f891b6080 R15: 00007ffe4db915d8
[  297.030222][ T8812]  </TASK>
[  298.144935][ T8803] chnl_net:caif_netlink_parms(): no params data found
[  298.591276][ T5852] Bluetooth: hci3: command tx timeout
[  298.712157][ T8803] bridge0: port 1(bridge_slave_0) entered blocking state
[  298.719378][ T8803] bridge0: port 1(bridge_slave_0) entered disabled state
[  298.748753][ T8803] bridge_slave_0: entered allmulticast mode
[  298.766899][ T8803] bridge_slave_0: entered promiscuous mode
[  298.802054][ T8803] bridge0: port 2(bridge_slave_1) entered blocking state
[  298.831225][ T8803] bridge0: port 2(bridge_slave_1) entered disabled state
[  298.869596][ T8803] bridge_slave_1: entered allmulticast mode
[  298.893064][ T8803] bridge_slave_1: entered promiscuous mode
[  299.083723][ T8803] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  299.105936][ T8803] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  299.202524][ T8803] team0: Port device team_slave_0 added
[  299.224929][ T8803] team0: Port device team_slave_1 added
[  299.490529][ T8803] batman_adv: batadv0: Adding interface: batadv_slave_0
[  299.529189][ T8803] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  299.600891][ T8803] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  299.623259][ T8803] batman_adv: batadv0: Adding interface: batadv_slave_1
[  299.650934][ T8803] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  299.700977][ T8803] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  300.152585][ T8803] hsr_slave_0: entered promiscuous mode
[  300.159401][ T8803] hsr_slave_1: entered promiscuous mode
[  300.192151][ T8803] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  300.211361][ T8803] Cannot create hsr debugfs directory
[  300.252160][ T8847] random: crng reseeded on system resumption
[  300.671887][ T5852] Bluetooth: hci3: command tx timeout
[  300.708531][ T8856] FAULT_INJECTION: forcing a failure.
[  300.708531][ T8856] name fail_futex, interval 1, probability 0, space 0, times 0
[  300.737026][ T8856] CPU: 1 UID: 0 PID: 8856 Comm: syz.4.514 Tainted: G     U              6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  300.737078][ T8856] Tainted: [U]=USER
[  300.737090][ T8856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  300.737108][ T8856] Call Trace:
[  300.737118][ T8856]  <TASK>
[  300.737131][ T8856]  dump_stack_lvl+0x16c/0x1f0
[  300.737188][ T8856]  should_fail_ex+0x512/0x640
[  300.737252][ T8856]  get_futex_key+0x1d0/0x1540
[  300.737296][ T8856]  ? __pfx_get_futex_key+0x10/0x10
[  300.737330][ T8856]  ? rcu_is_watching+0x12/0xc0
[  300.737362][ T8856]  ? kfree+0x24f/0x4d0
[  300.737415][ T8856]  futex_wake+0xea/0x530
[  300.737466][ T8856]  ? __pfx_futex_wake+0x10/0x10
[  300.737512][ T8856]  ? __pfx_vfs_writev+0x10/0x10
[  300.737561][ T8856]  ? do_writev+0x218/0x340
[  300.737611][ T8856]  do_futex+0x1e3/0x350
[  300.737651][ T8856]  ? __pfx_do_futex+0x10/0x10
[  300.737689][ T8856]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  300.737734][ T8856]  __x64_sys_futex+0x1e0/0x4c0
[  300.737775][ T8856]  ? fput+0x70/0xf0
[  300.737806][ T8856]  ? __pfx___x64_sys_futex+0x10/0x10
[  300.737846][ T8856]  ? __pfx_do_writev+0x10/0x10
[  300.737903][ T8856]  do_syscall_64+0xcd/0x490
[  300.737936][ T8856]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.737970][ T8856] RIP: 0033:0x7f9f88f8e929
[  300.737996][ T8856] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  300.738027][ T8856] RSP: 002b:00007f9f89dab0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  300.738057][ T8856] RAX: ffffffffffffffda RBX: 00007f9f891b6088 RCX: 00007f9f88f8e929
[  300.738078][ T8856] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f9f891b608c
[  300.738097][ T8856] RBP: 00007f9f891b6080 R08: 00007f9f89dcd000 R09: 0000000000000000
[  300.738116][ T8856] R10: 0000000000000007 R11: 0000000000000246 R12: 00007f9f891b608c
[  300.738135][ T8856] R13: 0000000000000000 R14: 00007ffe4db914f0 R15: 00007ffe4db915d8
[  300.738175][ T8856]  </TASK>
[  302.101640][ T8803] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  302.163143][ T8803] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  302.504907][ T8885] netlink: 'syz.1.521': attribute type 19 has an invalid length.
[  302.512865][ T8885] netlink: 334 bytes leftover after parsing attributes in process `syz.1.521'.
[  302.564209][ T8803] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  302.605454][ T8803] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  302.751320][ T5852] Bluetooth: hci3: command tx timeout
[  303.704901][ T8803] 8021q: adding VLAN 0 to HW filter on device bond0
[  303.806956][ T8803] 8021q: adding VLAN 0 to HW filter on device team0
[  303.883000][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[  303.890286][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[  303.940344][ T7744] bridge0: port 2(bridge_slave_1) entered blocking state
[  303.947641][ T7744] bridge0: port 2(bridge_slave_1) entered forwarding state
[  304.029116][   T30] audit: type=1800 audit(6044487321.211:6): pid=8912 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.524" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0
[  304.049529][    C1] vkms_vblank_simulate: vblank timer overrun
[  304.363344][ T8803] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  304.401457][ T8803] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  304.834456][ T5852] Bluetooth: hci3: command tx timeout
[  305.756532][ T8803] 8021q: adding VLAN 0 to HW filter on device batadv0
[  305.984202][ T8947] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[  306.107740][ T8947] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  306.259613][ T8947] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  306.330857][ T8947] page_type: f5(slab)
[  306.345358][ T8947] raw: 00fff00000000040 ffff88801b442280 dead000000000122 0000000000000000
[  306.411201][ T8947] raw: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000
[  306.481094][ T8947] head: 00fff00000000040 ffff88801b442280 dead000000000122 0000000000000000
[  306.490000][ T8947] head: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000
[  306.591802][ T8947] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  306.615471][ T8947] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  306.646771][ T8947] page dumped because: unmovable page
[  306.814253][ T8947] page_owner tracks the page as allocated
[  306.886357][ T8947] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x528c0(GFP_NOWAIT|__GFP_IO|__GFP_FS|__GFP_NORETRY|__GFP_COMP), pid 5504, tgid 5504 (dhcpcd), ts 71291716828, free_ts 37771825279
[  306.927911][ T8959] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13
[  307.135774][ T8947]  post_alloc_hook+0x1c0/0x230
[  307.140766][ T8947]  get_page_from_freelist+0x1321/0x3890
[  307.278586][ T8947]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  307.327798][ T8947]  alloc_pages_mpol+0x1fb/0x550
[  307.355323][ T8947]  new_slab+0x23b/0x330
[  307.359644][ T8947]  ___slab_alloc+0xd9c/0x1940
[  307.415908][ T8947]  __slab_alloc.constprop.0+0x56/0xb0
[  307.431266][ T8947]  __kvmalloc_node_noprof+0x3b1/0x620
[  307.436984][ T8947]  pfifo_fast_init+0x125/0x3b0
[  307.447705][ T8947]  qdisc_create_dflt+0x122/0x490
[  307.480680][ T8947]  mq_init+0x345/0x490
[  307.490906][ T8947]  qdisc_create_dflt+0x122/0x490
[  307.579101][ T8947]  dev_activate+0xaae/0x12d0
[  307.656346][ T8947]  __dev_open+0x43a/0x7d0
[  307.707695][ T8803] veth0_vlan: entered promiscuous mode
[  307.744704][ T8803] veth1_vlan: entered promiscuous mode
[  307.781039][ T8947]  __dev_change_flags+0x55d/0x720
[  307.804309][ T8947]  netif_change_flags+0x8d/0x160
[  307.809320][ T8947] page last free pid 1 tgid 1 stack trace:
[  307.851284][ T8947]  __free_frozen_pages+0x7fe/0x1180
[  307.885258][ T8947]  free_contig_range+0x183/0x4b0
[  307.902574][ T8947]  destroy_args+0x7f6/0xa60
[  307.907215][ T8947]  debug_vm_pgtable+0x13b8/0x2d00
[  307.944441][ T8947]  do_one_initcall+0x120/0x6e0
[  307.949498][ T8947]  kernel_init_freeable+0x5c2/0x900
[  307.960367][ T8947]  kernel_init+0x1c/0x2b0
[  307.965572][ T8947]  ret_from_fork+0x5d4/0x6f0
[  307.974614][ T8947]  ret_from_fork_asm+0x1a/0x30
[  308.690666][ T8803] veth0_macvtap: entered promiscuous mode
[  308.721728][ T8803] veth1_macvtap: entered promiscuous mode
[  308.768947][ T8803] batman_adv: batadv0: Interface activated: batadv_slave_0
[  308.918362][ T8803] batman_adv: batadv0: Interface activated: batadv_slave_1
[  309.191208][ T8803] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  309.213358][ T8803] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  309.262453][ T8803] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  309.281173][ T8803] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  309.669191][ T7744] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  309.712495][ T7744] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  309.890090][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  309.936778][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  310.983030][ T9003] can: request_module (can-proto-3) failed.
[  313.126294][ T5852] Bluetooth: hci3: ISO packet for unknown connection handle 0
[  315.500062][ T9055] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[  315.510894][ T9055] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  315.536123][ T9055] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  315.566339][ T9055] page_type: f5(slab)
[  315.662977][ T9055] raw: 00fff00000000040 ffff88801b442280 dead000000000122 0000000000000000
[  315.672082][ T9055] raw: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000
[  315.732239][ T9055] head: 00fff00000000040 ffff88801b442280 dead000000000122 0000000000000000
[  315.827279][ T9055] head: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000
[  315.861308][ T9055] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  315.891024][ T9055] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  315.959300][ T9055] page dumped because: unmovable page
[  315.970636][ T9055] page_owner tracks the page as allocated
[  315.983172][ T9055] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x528c0(GFP_NOWAIT|__GFP_IO|__GFP_FS|__GFP_NORETRY|__GFP_COMP), pid 5504, tgid 5504 (dhcpcd), ts 71291716828, free_ts 37771825279
[  316.011173][ T9055]  post_alloc_hook+0x1c0/0x230
[  316.023809][ T9055]  get_page_from_freelist+0x1321/0x3890
[  316.029638][ T9055]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  316.048527][ T9055]  alloc_pages_mpol+0x1fb/0x550
[  316.054434][ T9055]  new_slab+0x23b/0x330
[  316.058928][ T9055]  ___slab_alloc+0xd9c/0x1940
[  316.069798][ T9055]  __slab_alloc.constprop.0+0x56/0xb0
[  316.077450][ T9055]  __kvmalloc_node_noprof+0x3b1/0x620
[  316.087578][ T9055]  pfifo_fast_init+0x125/0x3b0
[  316.092775][ T9055]  qdisc_create_dflt+0x122/0x490
[  316.097971][ T9055]  mq_init+0x345/0x490
[  316.107111][ T9055]  qdisc_create_dflt+0x122/0x490
[  316.113138][ T9055]  dev_activate+0xaae/0x12d0
[  316.126751][ T9055]  __dev_open+0x43a/0x7d0
[  316.131631][ T9055]  __dev_change_flags+0x55d/0x720
[  316.136942][ T9055]  netif_change_flags+0x8d/0x160
[  316.146752][ T9055] page last free pid 1 tgid 1 stack trace:
[  316.173518][ T9055]  __free_frozen_pages+0x7fe/0x1180
[  316.178809][ T9055]  free_contig_range+0x183/0x4b0
[  316.193597][ T9055]  destroy_args+0x7f6/0xa60
[  316.198360][ T9055]  debug_vm_pgtable+0x13b8/0x2d00
[  316.213345][ T9055]  do_one_initcall+0x120/0x6e0
[  316.228531][ T9055]  kernel_init_freeable+0x5c2/0x900
[  316.238680][ T9055]  kernel_init+0x1c/0x2b0
[  316.248824][ T9055]  ret_from_fork+0x5d4/0x6f0
[  316.261132][ T9055]  ret_from_fork_asm+0x1a/0x30
[  318.550902][ T9093] can: request_module (can-proto-3) failed.
[  319.670634][ T9106] netlink: 28 bytes leftover after parsing attributes in process `syz.4.557'.
[  319.721191][ T9106] ipvlan0: entered allmulticast mode
[  319.727067][ T9106] veth0_vlan: entered allmulticast mode
[  319.940631][ T9106] netlink: set zone limit has 8 unknown bytes
[  324.314593][ T9178] netlink: 16 bytes leftover after parsing attributes in process `syz.2.573'.
[  324.568144][ T9182] device-mapper: ioctl: name not supplied when creating device
[  327.478079][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[  327.486350][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  329.079979][ T9240] ==================================================================
[  329.088131][ T9240] BUG: KASAN: slab-use-after-free in force_devcd_write+0x312/0x340
[  329.096057][ T9240] Read of size 8 at addr ffff88807e698000 by task syz.4.590/9240
[  329.103882][ T9240] 
[  329.106229][ T9240] CPU: 0 UID: 0 PID: 9240 Comm: syz.4.590 Tainted: G     U              6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  329.106265][ T9240] Tainted: [U]=USER
[  329.106274][ T9240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  329.106289][ T9240] Call Trace:
[  329.106298][ T9240]  <TASK>
[  329.106308][ T9240]  dump_stack_lvl+0x116/0x1f0
[  329.106351][ T9240]  print_report+0xcd/0x680
[  329.106372][ T9240]  ? __virt_addr_valid+0x81/0x610
[  329.106403][ T9240]  ? __phys_addr+0xe8/0x180
[  329.106427][ T9240]  ? force_devcd_write+0x312/0x340
[  329.106450][ T9240]  kasan_report+0xe0/0x110
[  329.106471][ T9240]  ? force_devcd_write+0x312/0x340
[  329.106497][ T9240]  force_devcd_write+0x312/0x340
[  329.106520][ T9240]  ? __pfx_force_devcd_write+0x10/0x10
[  329.106543][ T9240]  ? __debugfs_file_get+0x1fe/0x840
[  329.106565][ T9240]  ? __pfx___debugfs_file_get+0x10/0x10
[  329.106593][ T9240]  full_proxy_write+0x13f/0x200
[  329.106616][ T9240]  ? __pfx_full_proxy_write+0x10/0x10
[  329.106638][ T9240]  vfs_write+0x29d/0x1150
[  329.106675][ T9240]  ? __pfx_vfs_write+0x10/0x10
[  329.106708][ T9240]  ? do_futex+0x122/0x350
[  329.106737][ T9240]  ? __pfx_do_futex+0x10/0x10
[  329.106768][ T9240]  ? fd_install+0x244/0x750
[  329.106816][ T9240]  ? __x64_sys_futex+0x1e0/0x4c0
[  329.106854][ T9240]  ? __x64_sys_futex+0x1e9/0x4c0
[  329.106891][ T9240]  ksys_write+0x12a/0x250
[  329.106925][ T9240]  ? __pfx_ksys_write+0x10/0x10
[  329.106963][ T9240]  do_syscall_64+0xcd/0x490
[  329.106987][ T9240]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.107011][ T9240] RIP: 0033:0x7f9f88f8e929
[  329.107031][ T9240] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  329.107054][ T9240] RSP: 002b:00007f9f89dcc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  329.107077][ T9240] RAX: ffffffffffffffda RBX: 00007f9f891b5fa0 RCX: 00007f9f88f8e929
[  329.107094][ T9240] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000003
[  329.107109][ T9240] RBP: 00007f9f89010b39 R08: 0000000000000000 R09: 0000000000000000
[  329.107124][ T9240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  329.107139][ T9240] R13: 0000000000000000 R14: 00007f9f891b5fa0 R15: 00007ffe4db915d8
[  329.107164][ T9240]  </TASK>
[  329.107172][ T9240] 
[  329.335102][ T9240] Allocated by task 9195:
[  329.339444][ T9240]  kasan_save_stack+0x33/0x60
[  329.344165][ T9240]  kasan_save_track+0x14/0x30
[  329.348877][ T9240]  __kasan_kmalloc+0xaa/0xb0
[  329.353541][ T9240]  smc_stats_init+0x4e/0x160
[  329.358167][ T9240]  ops_init+0x1df/0x5f0
[  329.362363][ T9240]  setup_net+0x1ff/0x510
[  329.366671][ T9240]  copy_net_ns+0x2a6/0x5f0
[  329.371147][ T9240]  create_new_namespaces+0x3ea/0xa90
[  329.376454][ T9240]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  329.382198][ T9240]  ksys_unshare+0x45b/0xa40
[  329.386724][ T9240]  __x64_sys_unshare+0x31/0x40
[  329.391540][ T9240]  do_syscall_64+0xcd/0x490
[  329.396493][ T9240]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.402409][ T9240] 
[  329.404743][ T9240] Freed by task 9195:
[  329.408731][ T9240]  kasan_save_stack+0x33/0x60
[  329.413443][ T9240]  kasan_save_track+0x14/0x30
[  329.418151][ T9240]  kasan_save_free_info+0x3b/0x60
[  329.423226][ T9240]  __kasan_slab_free+0x51/0x70
[  329.428059][ T9240]  kfree+0x2b4/0x4d0
[  329.431991][ T9240]  smc_stats_exit+0x37/0x90
[  329.436534][ T9240]  ops_undo_list+0x2eb/0xab0
[  329.441160][ T9240]  setup_net+0x2e1/0x510
[  329.445523][ T9240]  copy_net_ns+0x2a6/0x5f0
[  329.449967][ T9240]  create_new_namespaces+0x3ea/0xa90
[  329.455279][ T9240]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  329.461032][ T9240]  ksys_unshare+0x45b/0xa40
[  329.465578][ T9240]  __x64_sys_unshare+0x31/0x40
[  329.470474][ T9240]  do_syscall_64+0xcd/0x490
[  329.475019][ T9240]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.481012][ T9240] 
[  329.483384][ T9240] The buggy address belongs to the object at ffff88807e698000
[  329.483384][ T9240]  which belongs to the cache kmalloc-1k of size 1024
[  329.497661][ T9240] The buggy address is located 0 bytes inside of
[  329.497661][ T9240]  freed 1024-byte region [ffff88807e698000, ffff88807e698400)
[  329.511443][ T9240] 
[  329.513780][ T9240] The buggy address belongs to the physical page:
[  329.520325][ T9240] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7e698
[  329.529199][ T9240] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  329.538819][ T9240] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  329.546839][ T9240] page_type: f5(slab)
[  329.550861][ T9240] raw: 00fff00000000040 ffff88801b441dc0 dead000000000100 dead000000000122
[  329.559475][ T9240] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  329.568094][ T9240] head: 00fff00000000040 ffff88801b441dc0 dead000000000100 dead000000000122
[  329.576783][ T9240] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  329.585493][ T9240] head: 00fff00000000003 ffffea0001f9a601 00000000ffffffff 00000000ffffffff
[  329.594220][ T9240] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  329.602905][ T9240] page dumped because: kasan: bad access detected
[  329.609327][ T9240] page_owner tracks the page as allocated
[  329.615145][ T9240] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5193, tgid 5193 (start-stop-daem), ts 40810703184, free_ts 38022421800
[  329.636453][ T9240]  post_alloc_hook+0x1c0/0x230
[  329.641260][ T9240]  get_page_from_freelist+0x1321/0x3890
[  329.646873][ T9240]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  329.652819][ T9240]  alloc_pages_mpol+0x1fb/0x550
[  329.657700][ T9240]  new_slab+0x23b/0x330
[  329.661889][ T9240]  ___slab_alloc+0xd9c/0x1940
[  329.666880][ T9240]  __slab_alloc.constprop.0+0x56/0xb0
[  329.672304][ T9240]  __kmalloc_noprof+0x2f2/0x510
[  329.677191][ T9240]  tomoyo_init_log+0x1385/0x2140
[  329.682164][ T9240]  tomoyo_supervisor+0x302/0x13b0
[  329.687243][ T9240]  tomoyo_env_perm+0x191/0x200
[  329.692074][ T9240]  tomoyo_find_next_domain+0xec2/0x20b0
[  329.697654][ T9240]  tomoyo_bprm_check_security+0x12e/0x1d0
[  329.703410][ T9240]  security_bprm_check+0x1b9/0x1e0
[  329.708569][ T9240]  bprm_execve+0x810/0x1650
[  329.713101][ T9240]  do_execveat_common.isra.0+0x4a5/0x610
[  329.718772][ T9240] page last free pid 1 tgid 1 stack trace:
[  329.724764][ T9240]  __free_frozen_pages+0x7fe/0x1180
[  329.729989][ T9240]  free_contig_range+0x183/0x4b0
[  329.734978][ T9240]  destroy_args+0x7f6/0xa60
[  329.739530][ T9240]  debug_vm_pgtable+0x13b8/0x2d00
[  329.744690][ T9240]  do_one_initcall+0x120/0x6e0
[  329.749483][ T9240]  kernel_init_freeable+0x5c2/0x900
[  329.754728][ T9240]  kernel_init+0x1c/0x2b0
[  329.759114][ T9240]  ret_from_fork+0x5d4/0x6f0
[  329.763746][ T9240]  ret_from_fork_asm+0x1a/0x30
[  329.768900][ T9240] 
[  329.771240][ T9240] Memory state around the buggy address:
[  329.776895][ T9240]  ffff88807e697f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  329.784987][ T9240]  ffff88807e697f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  329.793162][ T9240] >ffff88807e698000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  329.801246][ T9240]                    ^
[  329.805349][ T9240]  ffff88807e698080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  329.813432][ T9240]  ffff88807e698100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  329.821510][ T9240] ==================================================================
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  330.061519][ T9240] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  330.068854][ T9240] CPU: 1 UID: 0 PID: 9240 Comm: syz.4.590 Tainted: G     U              6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  330.080647][ T9240] Tainted: [U]=USER
[  330.084569][ T9240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  330.094659][ T9240] Call Trace:
[  330.097961][ T9240]  <TASK>
[  330.100916][ T9240]  dump_stack_lvl+0x3d/0x1f0
[  330.105733][ T9240]  panic+0x71c/0x800
[  330.109673][ T9240]  ? __pfx_panic+0x10/0x10
[  330.114132][ T9240]  ? mark_held_locks+0x49/0x80
[  330.119031][ T9240]  ? preempt_schedule_thunk+0x16/0x30
[  330.124450][ T9240]  ? force_devcd_write+0x312/0x340
[  330.129682][ T9240]  ? preempt_schedule_common+0x44/0xc0
[  330.135205][ T9240]  ? force_devcd_write+0x312/0x340
[  330.140357][ T9240]  check_panic_on_warn+0xab/0xb0
[  330.145377][ T9240]  end_report+0x107/0x170
[  330.149963][ T9240]  kasan_report+0xee/0x110
[  330.154639][ T9240]  ? force_devcd_write+0x312/0x340
[  330.159819][ T9240]  force_devcd_write+0x312/0x340
[  330.164812][ T9240]  ? __pfx_force_devcd_write+0x10/0x10
[  330.170336][ T9240]  ? __debugfs_file_get+0x1fe/0x840
[  330.175584][ T9240]  ? __pfx___debugfs_file_get+0x10/0x10
[  330.181200][ T9240]  full_proxy_write+0x13f/0x200
[  330.186128][ T9240]  ? __pfx_full_proxy_write+0x10/0x10
[  330.191647][ T9240]  vfs_write+0x29d/0x1150
[  330.196036][ T9240]  ? __pfx_vfs_write+0x10/0x10
[  330.200854][ T9240]  ? do_futex+0x122/0x350
[  330.205225][ T9240]  ? __pfx_do_futex+0x10/0x10
[  330.209947][ T9240]  ? fd_install+0x244/0x750
[  330.214508][ T9240]  ? __x64_sys_futex+0x1e0/0x4c0
[  330.219500][ T9240]  ? __x64_sys_futex+0x1e9/0x4c0
[  330.224479][ T9240]  ksys_write+0x12a/0x250
[  330.228855][ T9240]  ? __pfx_ksys_write+0x10/0x10
[  330.233759][ T9240]  do_syscall_64+0xcd/0x490
[  330.238305][ T9240]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  330.244232][ T9240] RIP: 0033:0x7f9f88f8e929
[  330.248679][ T9240] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  330.268690][ T9240] RSP: 002b:00007f9f89dcc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  330.277160][ T9240] RAX: ffffffffffffffda RBX: 00007f9f891b5fa0 RCX: 00007f9f88f8e929
[  330.285188][ T9240] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000003
[  330.293205][ T9240] RBP: 00007f9f89010b39 R08: 0000000000000000 R09: 0000000000000000
[  330.301225][ T9240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  330.309223][ T9240] R13: 0000000000000000 R14: 00007f9f891b5fa0 R15: 00007ffe4db915d8
[  330.317238][ T9240]  </TASK>
[  330.320642][ T9240] Kernel Offset: disabled
[  330.324993][ T9240] Rebooting in 86400 seconds..