last executing test programs:

24m14.135222296s ago: executing program 1 (id=806):
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
r0 = socket(0x11, 0x80003, 0x300)
mmap$auto(0x0, 0x400008, 0xfffffffffffffffb, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mmap$auto(0x1000, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
clone$auto(0x2, 0x81, 0x0, 0x0, 0x3)
syz_clone3(&(0x7f00000004c0)={0x82000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D0\x00', 0x8000, 0x0)
name_to_handle_at$auto(0xffffffffffffffff, &(0x7f00000001c0)='/\x00', &(0x7f0000000200)={0x0, 0x200}, 0x0, 0x1001)
setsockopt$auto(r0, 0x107, 0x12, 0x0, 0x4)
r1 = socket(0x11, 0x3, 0x9)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48})
openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/events/vmalloc/free_vmap_area_noflush/trigger\x00', 0x2301, 0x0)
sendmmsg$auto(r1, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000480)={&(0x7f0000000240)='L\fX\x00', 0x49}, 0x4, 0x0, 0x5, 0x11}, 0x5}, 0x2, 0x100)

24m12.78177306s ago: executing program 1 (id=809):
mmap$auto(0x0, 0x1, 0x8001, 0x1b, 0x2, 0xfe8)
openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x8a581, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001140)='/sys/module/ib_iser/parameters/max_sectors\x00', 0x20a42, 0x0)
sendfile$auto(r0, r0, 0x0, 0x4f64a1d2)
connect$auto(0xffffffffffffffff, 0x0, 0x54)
r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x4a402, 0x0)
read$auto(r1, 0x0, 0x1f40)
r2 = prctl$auto_PR_SET_MM_START_BRK(0x7fffffff, 0x6, 0xffffffffffffffff, 0xb8, 0x6ad)
ioctl$auto_XFS_IOC_ALLOCSP(0xffffffffffffffff, 0x4030580a, &(0x7f00000000c0)={0x400, 0x4, 0xd, 0x8, 0x34, <r3=>0xffffffffffffffff})
fcntl$auto(r2, 0x3, r3)
r4 = openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/mac80211_hwsim/hwsim13\x00', 0x20000, 0x0)
ioctl$auto_XFS_IOC_DIOINFO(r4, 0x800c581e, &(0x7f0000000080)={0xffffffac, 0x0, 0x7})
r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x62881, 0x0)
writev$auto(r5, &(0x7f0000000200)={0x0, 0x7}, 0x3)
setresuid$auto(0x0, 0xffffffffffffffff, 0x200)
mlockall$auto(0x2)
open_tree_attr$auto(0xffffffffffffff9c, 0x0, 0x4, 0x0, 0x1)
bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0xe, 0x4, 0x8080, 0x4, 0x8, 0xc, 0xffffffffffffffff, 0x4, 0x7ff}, 0xb)
write$auto(0x3, 0x0, 0xfdf3)

24m12.707961054s ago: executing program 3 (id=811):
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x2003f0, 0x15)
mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/renderD128\x00', 0x20300, 0x0)
r2 = socket(0xa, 0x5, 0x0)
pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x00\rs\x1cJ\x99\x00:c\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x1)
bpf$auto(0x40000000, &(0x7f0000000100)=@iter_create={<r3=>r1, 0x81}, 0x96)
bpf$auto(0x18, &(0x7f0000000040)=@raw_tracepoint={0x0, 0xffffffffffffffff, 0x0, 0x800}, 0x92)
connect$auto(0x3, 0x0, 0x54)
getsockopt$auto(r2, 0x84, 0x1d, 0x0, 0x0)
read$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffffff, &(0x7f0000000100)=""/153, 0x99)
getpid()
mincore$auto(0x1000, 0x8001, 0x0)
r4 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x80040, 0x40, 0xe}, 0x18)
setresuid$auto(0x0, 0x2, 0x0)
fremovexattr$auto(r4, &(0x7f0000000000)='system.posix_acl_access\x00')
r5 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/manager\x00', 0x40802, 0x0)
mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
ioctl$auto(r6, 0x560d, 0x7)
fspick$auto(r3, &(0x7f0000000200)='./file0\x00', 0x8)
read$auto(r5, 0x0, 0xb4d3)
semget$auto(0x0, 0x13c, 0x1ff)

24m11.631846629s ago: executing program 2 (id=812):
prctl$auto(0x41555856, 0x4, 0x2008, 0x0, 0xc0d)
epoll_pwait2$auto(0x3, 0x0, 0x4, 0x0, 0x0, 0x7ff6)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xfffffeff, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x2, 0x83, 0x101, 0x17f, 0x2}, {0xff, 0x1, 0x52, 0x5, 0x1, 0x40, 0x4, 0x8, 0x100000004}})
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x2800, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = getsockopt$auto(0xffffffffffffffff, 0x84, 0x71, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0)
read$auto(r1, 0x0, 0x20)
ioctl$auto_BLKSECDISCARD(0xffffffffffffffff, 0x127d, 0x0)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_METER_CMD_SET(r3, 0x0, 0x40)
r4 = open(0x0, 0x22240, 0x154)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
sysfs$auto(0x2, 0x100000000000038, 0x0)
fsopen$auto(0x0, 0x1)
execveat$auto(r4, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
rename$auto(&(0x7f0000000000)='./file0\x00', 0x0)
unshare$auto(0x40000080)
r5 = openat$auto_fault_around_bytes_fops_(0xffffffffffffff9c, &(0x7f0000000100), 0x608080, 0x0)
dup$auto(r0)
read$auto(r5, &(0x7f0000000140)='\x00', 0x6)

24m11.602008194s ago: executing program 1 (id=813):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x4, 0x0, 0x40eb1, 0x401, 0xfffffffffffffffd)
r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
write$auto(0xca, &(0x7f00000000c0)='\x04>\x00\x02\x18\x00\x00\xd3b\x01\xbd\x9b@\xb0\x00\x00\x00\x84\xa2\\\x15\xc4>\xa9\x82,\xf9y\xc7p\xf1w\xbe\xde\xe8\xc3\x01#\xcc\tF\xb6\x95\xeeH\xf8}v\xb3\xcb(\xa90Abe\xc3\x8c\xcc\xe7\xb8\x00F\x89#\xb4\xf0F\xa1\xd5\x1e\x8f\t\x9dZ~\xea\xa3\x93\xc2\x04\xe1;b\x99\x85\x00\x00\x00\xe2E\x00\x00-a\xb6n\xbc\xb4=\xf8\xce\x01\x1f]\x85|\xce\xd7\xff\xff\xd3lb\xc5\xee\xdb\xcb\xbb\xd8\x00\x80\x00\x00\xe9e\xe5\x80\x1c\x02\"\xa7&8U\xfd\xdc\x15\xae\xfa5\xb8}\x0e\xb4:\x91\xbb5\xd3{\xb2\xd0\xc0\x93=\xf8E\xceO\x1e\xd5\x8f\xdf\xaa\x1c\xfd\xb0h\xd8\xbc\xecA\xa6\xde\xd1=\xfd)d\x8f\vk\x1c+\xf7, \xf8]\xb3\xe9B\x02\f\'\xcf0\x06', 0x1ff)
ioctl$auto_VHOST_SET_OWNER(r0, 0xaf01, 0x5)
getsockopt$auto(0xffffffffffffffff, 0x29, 0x30, 0x0, 0x0)
openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/mem\x00', 0x100, 0x0)
openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, 0x0, 0x28082, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/system/cpu/cpu1/hotplug/target\x00', 0x800, 0x0)
read$auto(r1, 0x0, 0x7)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x149802, 0x0)
mknod$auto(0x0, 0x20e9, 0x103)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
r2 = socket(0x2, 0x1, 0x84)
listen$auto(0x3, 0x81)
ioctl$auto(0x3, 0x800005411, 0x38)
mmap$auto(0x1000, 0x4, 0xdf, 0x100009b72, r2, 0x8000)
io_uring_setup$auto(0x800085, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24044010}, 0xc0)
mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/rose11/tx_queue_len\x00', 0x0, 0x0)
read$auto(r3, 0x0, 0x20)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/loginuid\x00', 0x40002, 0x0)
setfsuid$auto(0xee00)
setfsuid$auto(0xee01)

24m0.595714745s ago: executing program 1 (id=815):
socket(0xa, 0x5, 0x0) (async)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/dev_snmp6/bridge_slave_1\x00', 0x111800, 0x0)
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000)
io_uring_setup$auto(0x7, 0x0)
setsockopt$auto(0x3, 0x10000000084, 0x72, 0x0, 0xc)

24m0.277158871s ago: executing program 1 (id=816):
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/security/tomoyo/stat\x00', 0x40802, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
r1 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000240), 0xa002, 0x0)
writev$auto(r1, 0x0, 0x100)
mmap$auto(0x0, 0x20008, 0x4000000000df, 0xeb1, r0, 0x8000)
ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/dummy0/mtu\x00', 0xe3542, 0x0)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
r3 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0)
readv$auto(r3, &(0x7f0000000680)={&(0x7f0000000540), 0x40200}, 0x3)
ioctl$auto_SNDCTL_DSP_SPEED(r2, 0xc0045002, 0x0)
ppoll$auto(&(0x7f0000000000)={r2, 0x40}, 0x2, 0x0, 0x0, 0x8)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0)
ioctl$auto_SNDCTL_DSP_SYNC(r2, 0x5001, 0xfffffffffffffffc)
modify_ldt$auto(0x1, 0x0, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0)
ioctl$auto_ECCGETSTATS(0xffffffffffffffff, 0x80104d12, &(0x7f0000000280)={0x101, 0x0, 0x800, 0x6})
r4 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0xc0000, 0x0)
pread64$auto(r4, 0x0, 0x5, 0x8000400)
r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
sendmsg$auto_OVS_FLOW_CMD_NEW(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="01df250100000000000000000003"], 0x14}, 0x1, 0x0, 0x0, 0x2004c080}, 0x4000044)
waitid$auto_P_PID(0x1, 0x0, &(0x7f0000000380)={@siginfo_0_0={0xf58, 0x4, 0x1ff, @_timer={<r6=>0xffffffffffffffff, 0x2, @sival_int=0xfffffffe, 0xc}}}, 0x7, &(0x7f0000000440)={{0x9, 0x32}, {0x0, 0x25c3}, 0x9, 0x7, 0x8, 0x2, 0x6, 0x5, 0x7, 0x2, 0x6, 0x5, 0x5, 0x800, 0x58ae, 0xfffffffffffffffa})
r7 = prctl$auto(0x3e, 0x1, r6, 0x1, 0x0)
write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(r7, 0x0, 0x20000080)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x40, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
r8 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/wireless\x00', 0x80, 0x0)
pread64$auto(r8, 0x0, 0x201, 0xc000)

24m0.27687891s ago: executing program 2 (id=818):
open(&(0x7f0000000100)='.\x00', 0x430042, 0x40f)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
r1 = openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0)
fadvise64$auto_POSIX_FADV_NORMAL(r1, 0x40000000000000d, 0x2009, 0x0)
write$auto(0x3, 0x0, 0x7fffffff)
mmap$auto(0x0, 0x400008, 0xdf, 0x19, 0x2, 0x400000000008000)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x40201, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, 0x0, 0x2400c080)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000004d40), 0xffffffffffffffff)
sendmsg$auto_MACSEC_CMD_DEL_RXSC(r3, &(0x7f0000007500)={0x0, 0x30, &(0x7f00000074c0)={&(0x7f0000000240)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002abd7000fedbdf25020000000800010033766f2fd8e39c82180b2a269b74cd028ffb1d4b095240c88443ce6435fccfb62f21e511665424f974011410ff0e9bcc8d98dc1f5129ad09a8a443d4792f4769ffa0ada4f61cb875bf153944de2cdbeebf7e38f7de00434d677a80722c4bf3f66009a79497df9d44efa2", @ANYRES32=0x0, @ANYBLOB="100002800c0001000300000000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x80)
write$auto(r2, 0x0, 0xac1)
connect$auto(0x3, 0x0, 0x55)
mmap$auto(0x0, 0x128009, 0xdf, 0x18, r1, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
process_madvise$auto_PIDFD_SELF_THREAD_GROUP(0xffffffffffffb1e0, &(0x7f0000000140)={&(0x7f0000000000)="75069306718961289362e447303b5943cb6da353036498c823d4148aeeec98ef1d3c18058651f24eb225ecce17d85d22e4bae47c749fb6da2f5267c2daeb5eaec03b57c3c82ae241c3c6d0ddd2fd220443ef2cd1bde1726c1c5608763de0c70b8b2c44c6b5ff5be2fc1d7ae88f4c29e4e63f543cdc4e3122dab03c9d8934e1947870dddcfc87a9a65d0a36faa2691a4cb3c04e3e4a38cebcf6ce3ffcea8aea93617c8887bf47345489346803c41c0bac9e55d851388657f48debb807c036e0be4858", 0xd7c9}, 0x200, 0x2, 0xffffffff)
r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/ip_forward\x00', 0x2002, 0x0)
r6 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/ip_local_port_range\x00', 0x20202, 0x0)
sendfile$auto(r5, r6, 0x0, 0x4)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f00000001c0), 0x8a400, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)

24m0.141274365s ago: executing program 0 (id=819):
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
r0 = socket(0x11, 0x80003, 0x300)
mmap$auto(0x0, 0x400008, 0xfffffffffffffffb, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mmap$auto(0x1000, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
clone$auto(0x2, 0x81, 0x0, 0x0, 0x3)
syz_clone3(&(0x7f00000004c0)={0x82000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D0\x00', 0x8000, 0x0)
name_to_handle_at$auto(0xffffffffffffffff, &(0x7f00000001c0)='/\x00', &(0x7f0000000200)={0x0, 0x200}, 0x0, 0x1001)
setsockopt$auto(r0, 0x107, 0x12, 0x0, 0x4)
r1 = socket(0x11, 0x3, 0x9)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48})
openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/events/vmalloc/free_vmap_area_noflush/trigger\x00', 0x2301, 0x0)
sendmmsg$auto(r1, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000480)={&(0x7f0000000240)='L\fX\x00', 0x49}, 0x4, 0x0, 0x5, 0x11}, 0x5}, 0x2, 0x100)

23m58.976410002s ago: executing program 3 (id=820):
r0 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/binderfs/binder0\x00', 0x0, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
timer_create$auto(0x1, 0x0, 0x0)
timer_settime$auto(0x0, 0x9, &(0x7f00000000c0)={{0x400000000f, 0x10007}, {0x9}}, 0x0)
timer_gettime$auto(0x0, 0x0)
ioctl$auto_BINDER_GET_NODE_INFO_FOR_REF(r0, 0xc018620c, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyua\x00', 0x20804, 0x0)
r1 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000040)='/dev/binderfs/binder1\x00', 0x189160, 0x0)
ioctl$auto_BINDER_ENABLE_ONEWAY_SPAM_DETECTION(r1, 0x40046210, 0x0)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x200008, 0x19)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x1, 0x0)
setsockopt$auto(0x3, 0x10f, 0x8a, 0x0, 0x3)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/ext4/sda1/mb_groups\x00', 0x109180, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/all_slaves_active\x00', 0xb02, 0x0)
sendmsg$auto_NL80211_CMD_ABORT_SCAN(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001980)=ANY=[@ANYBLOB="000428bd7000fddbdf2572000000d5074801df1af0ebe5aff861f90fef1cd29caf556101167b1ccb2741bde9cc96d71b7295da0b178f3145eaa4a00a4fa9fcb281c65c30c1430b48e6f91275f00ee96d06f7e6bd05c1af7b9c0ee013ca8dc3e82a4f7efb413a0b9cd35763b92ded7ee1b9336e0bc7d12d0f26083a168c6a2ee064b2d0f1ae837a4f045fc61d947670f450a56dcff9232275db4c9bdfa9497da2c52e0bf4761f0c22b4a637f951ae926928aa18a8b30cc0c74aecb71862892bac4bf26d65323f9a420a2b0a08b7ae78d2b6c8ab635ddc019192eecf0609683042ca1b7f925fb94234d9a499ac22ca7fb11491478430dfcd6d86fff6598161d76b7688b3af1608daa3de12cffc0dfbfc732073ffd2d967b6a291a471822d0b8c681a370cbb192ac9c7e8f7b2b4119a6549a60dfb08b96f50b9b4143460618f0747ce7330fd6cdc4f79bd47e9420972292f97e72501e07fbf574ddb144caf67a5105d344c669dfa56ee1fd9d0b3c98c72eb8c6c942f9aab5830f2c719947168f101b599369e682da9ba5d3c6019ed6c6c6c376e41e3357455077aa8c321e40f034c6f81eb69767672c53adbfe236c5a49a15ddea8a657a818a8e8ea921fdc11d6034e40ab2afc5e2919de79af646f82d79ca078372f3f1328b25e0718e7f64be83d58a4cbe12ffe3505307434554c96d7095051a6704101a23fb2baf5b81401da72b5213552a7cb54ee801d26f6efb25c3d20c03768e9ffb6b50546735f5d1b553f73d5f8c36a5aa5ab5a5d4e08b910e6f29a52e77d53e27c4827b5bc154c11e8f2625d0c5d8e15a138a0fd72c9458d72bd8be57afa648a003f5d909c0a7aa1062546407f019695df71228ee704c4fe870bca3c4f3d5183aa4f4f19e9bfcf9b282241ee6eabaab6777f72b0b1e52a498464978fa44e2d9a73935efe46b0c3e91fee32949f032740bd3b018c1eb330ce7d0a44553ff12a25f20ed41aefc8b12f4374f1dcdaeae16345ec004ba3bf0d5bf39037bd4b73fb2a6d5022198f3bcf9d623c4f706ae5b3ba632c112424ad5d673f38e3c673c50552731151cb53dd9ec9699d375b451d8f4e2457e5eab34766a66b031dcdcae85e67939edb373588801a5ea82f8d266aa78341c0e1104f2b0dd5ee0c081f3855a06bec389a29645871ea53b10e19e44737951756ecc062dedfccc3fd84aae13d3c5c8328379756f42b1cf8e9453e9491033f2ede522c8daa0577152799451358694c3771169411150f5066a243d6f869671a4a924602cdfa5a35e4cf303cf7271afb702c93a6101275319153d7c88c112b7d1331db47415023ec18b7d558967f82e7970b1616d8cd1bd5deda3f90bcddec801412e8a4ceb854241bcfe0850c7495399338b41ae01528fe5da8296d5cb4a0a5e4ca8c82327da83c0999ab91549f5a08c1ded5d54509bc60b3afbace2fea3c7817aeed4fefc038e86bc77be0029dc5a8f70d41770990583da9b943c9f7c646888171188a9ca40b58b7ff2066bc657dcf369fc8faf74576f61347b0d4016854d5701cacce7eb0ee48f3a302b5892649dad4c910e27976e0ba3f781fb9fc8908904b03455d8d45a6875a18a97da67e91b9f43424c58ceac55ab788fd91097db30ef891cf659dca25f64300f52b544b4be462724803171a0c4328472c3c9a863dbb331029066f55a0e8ef1c3852c3f19c2bbd71c17852bcf22a125ff854592c146258ba99fe1a9dcca3e1a9178ecd0d6096d0642bd1639d547d475dbe4e30b62a0db806e865000b5fac63f537cebc8a4f133843c9d333f566c82a3b2e4a947be01743c36af38975d7396bf804fabf5a102e86ebc9dc18a0f07b5c5ca355cae4000b95f759e53717ec4ccee0778f3cf3f1b3d8a38aa7c56b416d94066f8a4c6f1fe1fc48c4eda755adb52ef60d249a07bac8e7c2e800ac1c7a57e52aff48d219746d31bab3c429e01c4bbd5d46e9a15af19b2f263b7ae60e60052f89a6d0e74e02d27ad64474f19abfb467bfa835e7a9e89f4792bb33bd0eb478a7521ad9728ce1623a4f32aae2f7e7cf41acf10d79d7e2c0e36ba780fa9a7299d1355bcde4c630cb0a0e9e4e2257330751aba40badc2784cd46e4fab142aee3346248010f83527ab291667f9ccbed3394c7799b5764bb29b394c"], 0x7ec}, 0x1, 0x0, 0x0, 0x40000}, 0x4000)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'pimreg0\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r3)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000001540)={'netdevsim0\x00', <r5=>0x0})
sendmsg$auto_NET_SHAPER_CMD_GROUP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000240)={0x14, r4, 0x300, 0x70bd29, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x44000}, 0x14)
sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000004c0)={&(0x7f00000009c0)={0xdc, 0x0, 0x800, 0x70bd25, 0x25dfdbff, {}, [@ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0xa}, @ETHTOOL_A_PAUSE_HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1737}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_PAUSE_HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xba6c}, @ETHTOOL_A_HEADER_FLAGS={0x7, 0x3, 0x8}, @ETHTOOL_A_HEADER_FLAGS={0x0, 0x3, 0x5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}, @ETHTOOL_A_PAUSE_RX={0x5, 0x3, 0x5}, @ETHTOOL_A_PAUSE_RX={0x5, 0x3, 0xfc}, @ETHTOOL_A_PAUSE_TX={0x5, 0x4, 0x8}, @ETHTOOL_A_PAUSE_TX={0x5, 0x4, 0xd9}, @ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vxcan1\x00'}]}]}, 0xdc}}, 0x8000)
r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0)
write$auto_tty_fops_tty_io(r6, &(0x7f0000000580)="7fd0a917413f68eb6b28d5eea7d1553f6595c094f1f855eb8d8776e6bd8f81c440da3fe3433f8243402fc2752caac5da7a03bbb5adf685740635a6bc231c6cf093b7cf0e4dd07f10b2dc12791aa3ebded3cfe2e4befc0e02d2e064b1db3adc8b2ec1c0378efff268086d6cb998b8dedfb7f20d06b7b091e974de1c1a4ce3d378d91b7639d914ba86b1f18337bb06e3619af99e68dfac380ab153fc75a2159d8efbbf7436752c964490346cf1558249979fc61ee71509560d14bdd0922e50904f3a4b2ae1bfc4f6bb9e08f16afd6baa53cf87077be5bcca2829dd4133da071a6fd072ed5568670a5d171e3deee5576bf571a016c162ca369182f202dbe49839df8d4c438dacdd6cdd67c21e2ed9be20baeff5e5019313d5e6e5a0e93eab61be5dec2c7e144cf9d73fd945c25ff11d5d5aa26bf8ab2e06098b8aeb05c1f29c1a30d268d82768b3350c3efcdac39334de0f6406a1aed635e0c55412ff73b0222d67be6bdd185478d502b492c41696ce6f88609795409aa0841dbc7cb222f0cb239b19d9499fdc45988f0290af0666c37b93f047d45b17cbe7c9332c63ad46c6aa871e4b351efa4fbfb88cfa0281f465d1a970939c2d6c45c50ade06f0bb98ed66623b887de325c0f42ab530b649ea29757af9464c18dea186a0bbc62ce209a3be8e86e8f710323cb899d806caf575cb73a419c0804afd4c8a329a2afaebb87291e9fdfd2ca0edebfc4fb7b1e281fa3e6ac387aebfc92107f4251aa8c96a4c6d7599933c2c489a7696e8e42d88b572fa46bead2c96f619030ab70026f14f91bbf0a4c1b3ed74c564d6ae3eefeef94d37e19701513ff7713a52ebfd8f251dc303455de00d1ee3ed3e204bed2901a644056193fc7e00ce10aa6463892a7881a51893af629f7bd8801ce4c44c7ff2decdb6a69d9ed48ff79661ba9ec4a84dd222d3b40e4abf56222b97db9aa646a67e5031a57d570030f41b09529298f1acddbcd1f0ff6a30cb2a2d5eaecd774bbf897477cc1e55488f3493b6aa6908d24b032cbda24f956f7f262d992838923efde7e8ed0558872451d7bd6a4769ecd47c6d0a125a6e638df6f67793901a67071c506d010930b01ce541aa43f9110d874311d18a8ea50fb1907e8d17c3932e0c12c7d6f7c145209ab81105649fc0c5266063bd8c6a16319a82ff5d236122d53e15d6a7fcb16245d7754f3ffbf659a141cbd29286176fe445deebd5dd18baae1bbdfedbe4bd3453c50fb2f6c22505ecd768ad0703624ebf7b924dc7e8e93ea94c8a6a9f0372351b5a4aaadf89a86faf5241e47be7e6790676fbf8abcc6ef89b9f6ce10600e21815ec6d2c580b5c30ada6b956a07d9964e93419856df00b06245d0743ac2b595097007165cbb17c6a492a6eb0559712e5f89ee86b7a2c46acf9b8d8b2c7a85092966aca97f114635c64f6eb44ad927423a3bc434b267c23d364ee5671d3dcbcca02ffbb633b3c9e6f", 0xfdef)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, 0x0, 0x10004010)

23m51.46310585s ago: executing program 0 (id=821):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = fanotify_init$auto(0x5, 0x0)
r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/input/event2\x00', 0xc0200, 0x0)
ioctl$auto_EVIOCGKEYCODE(r1, 0x80084504, 0x0)
shmctl$auto_IPC_SET(0x0, 0x1, &(0x7f0000000200)={{0x55, 0xffffffffffffffff, 0x0, 0x29, 0xa, 0xffff0001, 0xb84b}, 0x5, 0x511, 0x2, 0x4, @inferred=0xffffffffffffffff, @inferred, 0xc0, 0x0, 0x0, 0x0})
setuid$auto(0x1f)
fanotify_mark$auto(r0, 0x205, 0xa, r0, 0x0)
recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000380)={{&(0x7f00000001c0)="a36d3fa58cc14c483eaeefbda25ed11e6584b0e06b6f7d2a0920bb3dac705aa384572b6a4be4e53907a7b258", 0x7fff, 0x0, 0x9, 0x0, 0x2, 0x9}, 0x2}, 0xfffffffd, 0x3, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0)
ppoll$auto(0x0, 0x7f, 0x0, &(0x7f00000001c0)={0x3}, 0x8)
mount$auto(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='nfs\x00', 0x1, &(0x7f00000001c0))
openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/loginuid\x00', 0x0, 0x0)
write$auto_proc_pid_attr_operations_base(0xffffffffffffffff, &(0x7f0000000280)="e6eec9f1147ef5a4e8", 0x9)
r2 = socket(0xa, 0x3, 0x2f)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40811}, 0x4000013)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="5e0027b4839f3015398d3b61", @ANYRES32, @ANYRES32=r2], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_ila(&(0x7f0000000f80), 0xffffffffffffffff)
sendmsg$auto_ILA_CMD_DEL(r3, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000001000)={&(0x7f0000000fc0)={0x14, r4, 0x1, 0x70bd28, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x44884)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'ip6gre0\x00'})
sendmsg$auto_ILA_CMD_DEL(r2, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, r4, 0x200, 0x70bd2a, 0x25dfdbfe}, 0x14}}, 0x1)
r5 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

23m51.244759633s ago: executing program 2 (id=822):
prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2)
socket(0x10, 0x0, 0x65)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_proc_gid_map_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/gid_map\x00', 0x40000, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@hci={0x1f, 0x4, 0x2}, 0x6e)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
r1 = socket(0x2b, 0x1, 0x1)
socketpair$auto(0xfffffffe, 0x1, 0x8000000000000000, 0x0)
ioctl$auto(r1, 0x89a0, 0x4)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x3ff)
syz_genetlink_get_family_id$auto_nl80211(0x0, r0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, 0x0, 0x8)
unshare$auto(0x40000080)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/afs/cells\x00', 0x4a801, 0x0)
write$auto_proc_reg_file_ops_compat_inode(r2, &(0x7f0000000280)="978693dc87b1c1fd2f1eb908a830a927544df29604e114be47d79b044b1020", 0x1f)
mmap$auto(0x0, 0x2020009, 0x800000003, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
setsockopt$auto(0xffffffffffffffff, 0xfffffffb, 0x837, 0x0, 0x8001)
sendto$auto(0x3, 0x0, 0x100000000, 0x8, 0x0, 0x1c)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
io_uring_register$auto_IORING_REGISTER_PBUF_RING(0xffffffffffffffff, 0x16, 0x0, 0x5)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)

23m50.944493814s ago: executing program 1 (id=823):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000)
r0 = socket(0x11, 0x80003, 0x300)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
setsockopt$auto_SO_OOBINLINE(0xffffffffffffffff, 0x3, 0xa, 0x0, 0x2)
close_range$auto(0x2, 0xa, 0x0)
r1 = socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmsg$auto_NL80211_CMD_ADD_LINK(r0, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000008}, 0xc, &(0x7f0000000280)={&(0x7f00000000c0)={0x178, 0x0, 0x800, 0x70bd25, 0x25dfdbff, {}, [@NL80211_ATTR_RECEIVE_MULTICAST={0x4}, @NL80211_ATTR_HE_BSS_COLOR={0x14, 0x11b, 0x0, 0x1, [@NL80211_HE_BSS_COLOR_ATTR_COLOR={0x5, 0x1, 0x13}, @NL80211_HE_BSS_COLOR_ATTR_COLOR={0x5, 0x1, 0x4}]}, @NL80211_ATTR_TX_RATES={0x13c, 0x5a, 0x0, 0x1, [@nested={0x8, 0xd2, 0x0, 0x1, [@nested={0x4, 0x139}]}, @generic="9bd01e807acdbc43189ec46814b73041a3cbd8ff7005fe200e7c112e613c8657c1022d38d1c9da59229f476a452a9290f8ea297fa9a681a4bb19260dd3969242d3acf669df83d1de991e3576a22d63fc0366d55175d6535fb833b4f32b84c31fcacd216b2b1a26777b565ab5", @generic="693e89ca59872cff7a2bde3c77e952fb749fb487ad0b27332ffbe729bfad2873eb0919a0d19feff916e655c4c035e570c9b954d7d539b828603e1af583ecbfaee9af948954fd2211ab0eb8f5f111cac7a044e27131746ee83a5a33cf421db4973013ba24aed59ba7dc9da4c7f5e12cfd4f76d379a0b30d07ec60d66147dd101e6cd7e94799a4827624219e578e86db8135afa5523db7f29ce4a87a049f1eb128d1b508ba7034fcd30355df77f2123129efd03f6bc5aa482332d35c366e5c1d344714b30b"]}, @NL80211_ATTR_TXQ_MEMORY_LIMIT={0x8, 0x10b, 0x4}, @NL80211_ATTR_WIPHY_FREQ_HINT={0x8}]}, 0x178}, 0x1, 0x0, 0x0, 0x20008000}, 0x40000)
epoll_wait$auto(r1, &(0x7f0000000400)={0x1, 0xa}, 0x17a285d3, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dri/card0\x00', 0x440, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
openat$auto_rfcomm_sock_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x40040, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r2 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r2, 0x107, 0x1, 0x0, 0x8004)
r3 = socket(0x10, 0x2, 0x4)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'dummy0\x00'})
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00')
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00'], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x2404c000)
write$auto(r3, &(0x7f0000000000)='-\x00', 0x2fb)
pkey_mprotect$auto(0x6, 0x8001, 0x8, 0x2)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
close_range$auto(0x2, 0xa, 0x0)

23m50.572458382s ago: executing program 3 (id=824):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000)
r0 = socket(0x11, 0x80003, 0x300)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
setsockopt$auto_SO_OOBINLINE(0xffffffffffffffff, 0x3, 0xa, 0x0, 0x2)
close_range$auto(0x2, 0xa, 0x0)
r1 = socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmsg$auto_NL80211_CMD_ADD_LINK(r0, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000008}, 0xc, &(0x7f0000000280)={&(0x7f00000000c0)={0x178, 0x0, 0x800, 0x70bd25, 0x25dfdbff, {}, [@NL80211_ATTR_RECEIVE_MULTICAST={0x4}, @NL80211_ATTR_HE_BSS_COLOR={0x14, 0x11b, 0x0, 0x1, [@NL80211_HE_BSS_COLOR_ATTR_COLOR={0x5, 0x1, 0x13}, @NL80211_HE_BSS_COLOR_ATTR_COLOR={0x5, 0x1, 0x4}]}, @NL80211_ATTR_TX_RATES={0x13c, 0x5a, 0x0, 0x1, [@nested={0x8, 0xd2, 0x0, 0x1, [@nested={0x4, 0x139}]}, @generic="9bd01e807acdbc43189ec46814b73041a3cbd8ff7005fe200e7c112e613c8657c1022d38d1c9da59229f476a452a9290f8ea297fa9a681a4bb19260dd3969242d3acf669df83d1de991e3576a22d63fc0366d55175d6535fb833b4f32b84c31fcacd216b2b1a26777b565ab5", @generic="693e89ca59872cff7a2bde3c77e952fb749fb487ad0b27332ffbe729bfad2873eb0919a0d19feff916e655c4c035e570c9b954d7d539b828603e1af583ecbfaee9af948954fd2211ab0eb8f5f111cac7a044e27131746ee83a5a33cf421db4973013ba24aed59ba7dc9da4c7f5e12cfd4f76d379a0b30d07ec60d66147dd101e6cd7e94799a4827624219e578e86db8135afa5523db7f29ce4a87a049f1eb128d1b508ba7034fcd30355df77f2123129efd03f6bc5aa482332d35c366e5c1d344714b30b"]}, @NL80211_ATTR_TXQ_MEMORY_LIMIT={0x8, 0x10b, 0x4}, @NL80211_ATTR_WIPHY_FREQ_HINT={0x8}]}, 0x178}, 0x1, 0x0, 0x0, 0x20008000}, 0x40000)
epoll_wait$auto(r1, &(0x7f0000000400)={0x1, 0xa}, 0x17a285d3, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dri/card0\x00', 0x440, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
openat$auto_rfcomm_sock_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x40040, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r2 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r2, 0x107, 0x1, 0x0, 0x8004)
r3 = socket(0x10, 0x2, 0x4)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'dummy0\x00'})
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00')
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c00000014"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x2404c000)
write$auto(r3, &(0x7f0000000000)='-\x00', 0x2fb)
pkey_mprotect$auto(0x6, 0x8001, 0x8, 0x2)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
close_range$auto(0x2, 0xa, 0x0)

23m42.456548972s ago: executing program 3 (id=825):
r0 = set_tid_address$auto(0x0)
ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, r0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r1, 0x0, 0x1cb)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x9, 0x400007, 0xdf, 0x40012, 0x2, 0x5)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/netdevsim3/sriov_numvfs\x00', 0x10b142, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/mac80211_hwsim/hwsim1/ieee80211/phy1/rfkill3/state\x00', 0x102, 0x0)
sendfile$auto(r2, r3, 0x0, 0x5)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/pcrypt/pencrypt/parallel_cpumask\x00', 0x80302, 0x0)
sendfile$auto(r4, r4, 0x0, 0x7ffff000)
kexec_load$auto(0x2000000000000009, 0x7, 0x0, 0x1003e0000)
close_range$auto(0x2, 0x8, 0xfffffffd)
madvise$auto(0x0, 0x2000040080000004, 0xe)
write$auto(0xffffffffffffffff, &(0x7f0000000240)='802.15.4 MAC\x00', 0x3)
r5 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/pagemap\x00', 0x30180, 0x0)
epoll_ctl$auto(r3, 0x6, r5, &(0x7f0000000180)={0xef9, 0x3})
connect$auto(0x3, &(0x7f00000000c0)=@llc={0x1a, 0x338, 0x5e, 0x1, 0x6, 0x5, @local}, 0x10)
modify_ldt$auto(0xf, &(0x7f0000000040)="30d5f2e400b6ff4ae6e3a46b4710f7e47d7d332ae0d02eba2e8f0128bbe22386", 0x4)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/ip6_vti0/stable_secret\x00', 0x2, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x7)
r6 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000480)='/dev/video18\x00', 0x802, 0x0)
write$auto_v4l2_fops_v4l2_dev(r6, &(0x7f00000004c0)="c9432739b5580773", 0x8)
r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0)
poll$auto(&(0x7f0000000000)={0xffffffffffffffff, 0x3, 0x4}, 0xb, 0x7)
write$auto_ocfs2_control_fops_stack_user(r7, &(0x7f0000003900)='\t', 0x1)
syz_open_procfs$namespace(0x0, &(0x7f00000001c0)='ns/time\x00')
madvise$auto(0x5, 0xffffffffffff0005, 0x9)

23m42.084084048s ago: executing program 0 (id=826):
mmap$auto(0x0, 0x1, 0x8001, 0x1b, 0x2, 0xfe8)
openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x8a581, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001140)='/sys/module/ib_iser/parameters/max_sectors\x00', 0x20a42, 0x0)
sendfile$auto(r0, r0, 0x0, 0x4f64a1d2)
connect$auto(0xffffffffffffffff, 0x0, 0x54)
r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x4a402, 0x0)
read$auto(r1, 0x0, 0x1f40)
r2 = prctl$auto_PR_SET_MM_START_BRK(0x7fffffff, 0x6, 0xffffffffffffffff, 0xb8, 0x6ad)
ioctl$auto_XFS_IOC_ALLOCSP(0xffffffffffffffff, 0x4030580a, &(0x7f00000000c0)={0x400, 0x4, 0xd, 0x8, 0x34, <r3=>0xffffffffffffffff})
fcntl$auto(r2, 0x3, r3)
r4 = openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/mac80211_hwsim/hwsim13\x00', 0x20000, 0x0)
ioctl$auto_XFS_IOC_DIOINFO(r4, 0x800c581e, &(0x7f0000000080)={0xffffffac, 0x0, 0x7})
r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x62881, 0x0)
writev$auto(r5, &(0x7f0000000200)={0x0, 0x7}, 0x3)
setresuid$auto(0x0, 0xffffffffffffffff, 0x200)
mlockall$auto(0x2)
open_tree_attr$auto(0xffffffffffffff9c, 0x0, 0x4, 0x0, 0x1)
write$auto(0x3, 0x0, 0xfdf3)

23m40.084944683s ago: executing program 0 (id=827):
prctl$auto(0x41555856, 0x4, 0x2008, 0x0, 0xc0d)
epoll_pwait2$auto(0x3, 0x0, 0x4, 0x0, 0x0, 0x7ff6)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xfffffeff, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x2, 0x83, 0x101, 0x17f, 0x2}, {0xff, 0x1, 0x52, 0x5, 0x1, 0x40, 0x4, 0x8, 0x100000004}})
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x2800, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = getsockopt$auto(0xffffffffffffffff, 0x84, 0x71, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0)
read$auto(r1, 0x0, 0x20)
ioctl$auto_BLKSECDISCARD(0xffffffffffffffff, 0x127d, 0x0)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_METER_CMD_SET(r3, 0x0, 0x40)
r4 = open(0x0, 0x22240, 0x154)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
sysfs$auto(0x2, 0x100000000000038, 0x0)
fsopen$auto(0x0, 0x1)
execveat$auto(r4, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
rename$auto(&(0x7f0000000000)='./file0\x00', 0x0)
unshare$auto(0x40000080)
r5 = openat$auto_fault_around_bytes_fops_(0xffffffffffffff9c, &(0x7f0000000100), 0x608080, 0x0)
dup$auto(r0)
read$auto(r5, &(0x7f0000000140)='\x00', 0x6)

23m40.0846413s ago: executing program 2 (id=828):
open(&(0x7f0000000100)='.\x00', 0x430042, 0x40f)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
r1 = openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0)
fadvise64$auto_POSIX_FADV_NORMAL(r1, 0x40000000000000d, 0x2009, 0x0)
write$auto(0x3, 0x0, 0x7fffffff)
mmap$auto(0x0, 0x400008, 0xdf, 0x19, 0x2, 0x400000000008000)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x40201, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, 0x0, 0x2400c080)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000004d40), 0xffffffffffffffff)
sendmsg$auto_MACSEC_CMD_DEL_RXSC(r3, &(0x7f0000007500)={0x0, 0x30, &(0x7f00000074c0)={&(0x7f0000000240)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002abd7000fedbdf25020000000800010033766f2fd8e39c82180b2a269b74cd028ffb1d4b095240c88443ce6435fccfb62f21e511665424f974011410ff0e9bcc8d98dc1f5129ad09a8a443d4792f4769ffa0ada4f61cb875bf153944de2cdbeebf7e38f7de00434d677a80722c4bf3f66009a79497df9d44efa2", @ANYRES32=0x0, @ANYBLOB="100002800c0001000300000000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x80)
write$auto(r2, 0x0, 0xac1)
connect$auto(0x3, 0x0, 0x55)
mmap$auto(0x0, 0x128009, 0xdf, 0x18, r1, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
process_madvise$auto_PIDFD_SELF_THREAD_GROUP(0xffffffffffffb1e0, &(0x7f0000000140)={&(0x7f0000000000)="75069306718961289362e447303b5943cb6da353036498c823d4148aeeec98ef1d3c18058651f24eb225ecce17d85d22e4bae47c749fb6da2f5267c2daeb5eaec03b57c3c82ae241c3c6d0ddd2fd220443ef2cd1bde1726c1c5608763de0c70b8b2c44c6b5ff5be2fc1d7ae88f4c29e4e63f543cdc4e3122dab03c9d8934e1947870dddcfc87a9a65d0a36faa2691a4cb3c04e3e4a38cebcf6ce3ffcea8aea93617c8887bf47345489346803c41c0bac9e55d851388657f48debb807c036e0be4858", 0xd7c9}, 0x200, 0x2, 0xffffffff)
r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/ip_forward\x00', 0x2002, 0x0)
r6 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/ip_local_port_range\x00', 0x20202, 0x0)
sendfile$auto(r5, r6, 0x0, 0x4)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)

23m35.061610024s ago: executing program 32 (id=823):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000)
r0 = socket(0x11, 0x80003, 0x300)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
setsockopt$auto_SO_OOBINLINE(0xffffffffffffffff, 0x3, 0xa, 0x0, 0x2)
close_range$auto(0x2, 0xa, 0x0)
r1 = socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmsg$auto_NL80211_CMD_ADD_LINK(r0, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000008}, 0xc, &(0x7f0000000280)={&(0x7f00000000c0)={0x178, 0x0, 0x800, 0x70bd25, 0x25dfdbff, {}, [@NL80211_ATTR_RECEIVE_MULTICAST={0x4}, @NL80211_ATTR_HE_BSS_COLOR={0x14, 0x11b, 0x0, 0x1, [@NL80211_HE_BSS_COLOR_ATTR_COLOR={0x5, 0x1, 0x13}, @NL80211_HE_BSS_COLOR_ATTR_COLOR={0x5, 0x1, 0x4}]}, @NL80211_ATTR_TX_RATES={0x13c, 0x5a, 0x0, 0x1, [@nested={0x8, 0xd2, 0x0, 0x1, [@nested={0x4, 0x139}]}, @generic="9bd01e807acdbc43189ec46814b73041a3cbd8ff7005fe200e7c112e613c8657c1022d38d1c9da59229f476a452a9290f8ea297fa9a681a4bb19260dd3969242d3acf669df83d1de991e3576a22d63fc0366d55175d6535fb833b4f32b84c31fcacd216b2b1a26777b565ab5", @generic="693e89ca59872cff7a2bde3c77e952fb749fb487ad0b27332ffbe729bfad2873eb0919a0d19feff916e655c4c035e570c9b954d7d539b828603e1af583ecbfaee9af948954fd2211ab0eb8f5f111cac7a044e27131746ee83a5a33cf421db4973013ba24aed59ba7dc9da4c7f5e12cfd4f76d379a0b30d07ec60d66147dd101e6cd7e94799a4827624219e578e86db8135afa5523db7f29ce4a87a049f1eb128d1b508ba7034fcd30355df77f2123129efd03f6bc5aa482332d35c366e5c1d344714b30b"]}, @NL80211_ATTR_TXQ_MEMORY_LIMIT={0x8, 0x10b, 0x4}, @NL80211_ATTR_WIPHY_FREQ_HINT={0x8}]}, 0x178}, 0x1, 0x0, 0x0, 0x20008000}, 0x40000)
epoll_wait$auto(r1, &(0x7f0000000400)={0x1, 0xa}, 0x17a285d3, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dri/card0\x00', 0x440, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
openat$auto_rfcomm_sock_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x40040, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r2 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r2, 0x107, 0x1, 0x0, 0x8004)
r3 = socket(0x10, 0x2, 0x4)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'dummy0\x00'})
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00')
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00'], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x2404c000)
write$auto(r3, &(0x7f0000000000)='-\x00', 0x2fb)
pkey_mprotect$auto(0x6, 0x8001, 0x8, 0x2)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
close_range$auto(0x2, 0xa, 0x0)

23m34.899333983s ago: executing program 3 (id=830):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000)
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
r1 = socket(0x25, 0x1, 0x5)
socket(0xa, 0x2, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ram14\x00', 0x400, 0x0)
mmap$auto(0x0, 0x0, 0xdf, 0xebe, r0, 0x8000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
fcntl$auto_F_GETOWNER_UIDS(r3, 0x11, 0x5)
ioctl$auto(r2, 0x401870cc, r2)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
mmap$auto(0x1000000, 0x4000100000001, 0x8, 0x40eb3, r1, 0x300000000000)
socketpair$auto(0xb, 0x9, 0x800, 0x0)
socket(0xa, 0x801, 0x84)
setsockopt$auto(0x3, 0x10000000084, 0x25, 0x0, 0x90)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x80040, 0x0)
openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000140), 0x8a700, 0x0)
ioctl$auto(0x3, 0xc040563e, 0x38)
openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000180), 0x86902, 0x0)
fcntl$auto(0x3, 0x402, 0x9ec0000000000000)
r4 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000080), 0xcad00, 0x0)
ioctl$auto_USB_RAW_IOCTL_EP_WRITE(r4, 0x40085507, &(0x7f00000000c0)={0x8a38, 0x81, 0x6f7af55d})

23m32.79993718s ago: executing program 0 (id=831):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000)
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
r1 = socket(0x25, 0x1, 0x5)
socket(0xa, 0x2, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ram14\x00', 0x400, 0x0)
mmap$auto(0x0, 0x0, 0xdf, 0xebe, r0, 0x8000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
fcntl$auto_F_GETOWNER_UIDS(r3, 0x11, 0x5)
ioctl$auto(r2, 0x401870cc, r2)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
mmap$auto(0x1000000, 0x4000100000001, 0x8, 0x40eb3, r1, 0x300000000000)
socketpair$auto(0xb, 0x9, 0x800, 0x0)
socket(0xa, 0x801, 0x84)
setsockopt$auto(0x3, 0x10000000084, 0x25, 0x0, 0x90)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x80040, 0x0)
openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000140), 0x8a700, 0x0)
ioctl$auto(0x3, 0xc040563e, 0x38)
openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000180), 0x86902, 0x0)
r4 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000080), 0xcad00, 0x0)
getsockopt$auto_SO_MARK(r2, 0x3, 0x24, &(0x7f0000000040)='\x01\x80\x1e\x00\x00\x00\x00\x00\x00\x00\xff\xffO3\xbd\xe9\x00\x84\xc8dz)Hn!H\xdc\xb6\xf8\x1b\f6`\xc6\xa4A\xcf\x11?\x00\xf5\xc8\x00\x00\x00\x00', &(0x7f00000001c0)=0x6)
ioctl$auto_USB_RAW_IOCTL_EP_WRITE(r4, 0x40085507, &(0x7f00000000c0)={0x8a38, 0x81, 0x6f7af55d})

23m28.525070512s ago: executing program 2 (id=832):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fb0\x00', 0x8002, 0x0)
preadv$auto(r0, &(0x7f0000000000)={0x0, 0xffffffff}, 0x6, 0x8, 0x5)

23m28.490084799s ago: executing program 3 (id=833):
open(&(0x7f0000000100)='.\x00', 0x430042, 0x40f)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
r1 = openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0)
fadvise64$auto_POSIX_FADV_NORMAL(r1, 0x40000000000000d, 0x2009, 0x0)
write$auto(0x3, 0x0, 0x7fffffff)
mmap$auto(0x0, 0x400008, 0xdf, 0x19, 0x2, 0x400000000008000)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x40201, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, 0x0, 0x2400c080)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000004d40), 0xffffffffffffffff)
sendmsg$auto_MACSEC_CMD_DEL_RXSC(r3, &(0x7f0000007500)={0x0, 0x30, &(0x7f00000074c0)={&(0x7f0000000240)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002abd7000fedbdf25020000000800010033766f2fd8e39c82180b2a269b74cd028ffb1d4b095240c88443ce6435fccfb62f21e511665424f974011410ff0e9bcc8d98dc1f5129ad09a8a443d4792f4769ffa0ada4f61cb875bf153944de2cdbeebf7e38f7de00434d677a80722c4bf3f66009a79497df9d44efa2", @ANYRES32=0x0, @ANYBLOB="100002800c0001000300000000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x80)
write$auto(r2, 0x0, 0xac1)
connect$auto(0x3, 0x0, 0x55)
mmap$auto(0x0, 0x128009, 0xdf, 0x18, r1, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
process_madvise$auto_PIDFD_SELF_THREAD_GROUP(0xffffffffffffb1e0, &(0x7f0000000140)={&(0x7f0000000000)="75069306718961289362e447303b5943cb6da353036498c823d4148aeeec98ef1d3c18058651f24eb225ecce17d85d22e4bae47c749fb6da2f5267c2daeb5eaec03b57c3c82ae241c3c6d0ddd2fd220443ef2cd1bde1726c1c5608763de0c70b8b2c44c6b5ff5be2fc1d7ae88f4c29e4e63f543cdc4e3122dab03c9d8934e1947870dddcfc87a9a65d0a36faa2691a4cb3c04e3e4a38cebcf6ce3ffcea8aea93617c8887bf47345489346803c41c0bac9e55d851388657f48debb807c036e0be4858", 0xd7c9}, 0x200, 0x2, 0xffffffff)
r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/ip_forward\x00', 0x2002, 0x0)
sendfile$auto(r5, 0xffffffffffffffff, 0x0, 0x4)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f00000001c0), 0x8a400, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)

23m26.516280325s ago: executing program 0 (id=834):
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x1, 0x3, 0x0, 0x80000001, 0x7, 0x6d39, 0x5, 0x2, 0x1]}, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x2, 0x9)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000001500), 0xffffffffffffffff)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(r0, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000000080)={0x1c, r1, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@NETDEV_A_QUEUE_TYPE={0x8, 0x3, 0x46d}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x9, 0x3, 0x16, 0x93f, 0x1ffe0, 0x3, 0x6, 0x2, 0x0, 0x5, 0xfff, 0xf, 0xb0, 0x1, 0x5, 0x7, 0x9, 0x7, 0x0, 0x0, 0x0, 0x200, 0xfffffffe, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, [0x6, 0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000, 0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3043, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x10000000000, 0x0, 0x3, 0x0, 0x0, 0x0, 0x11, 0x8000000000000001]}, 0x1fe, 0x10081)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r2 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa503}, 0x800}, 0x7, 0x4008)

23m26.51608777s ago: executing program 2 (id=835):
close_range$auto(0x2, 0xa, 0x0)
socket(0xa, 0x2, 0x0)
socket(0xa, 0x3, 0xff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec31\x00', 0x900, 0x0)
ioctl$auto_CEC_S_MODE(r1, 0x40046109, &(0x7f0000002c40)=0xd0)
ioctl$auto_CEC_DQEVENT(r1, 0xc0506107, 0x0)
ioctl$auto_CEC_DQEVENT(r1, 0xc0506107, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, &(0x7f0000000080)="edd4a3b5a03ebe1d0a26830c556ebf0be08eebdd7f8d99cf50f68921d54e993b889553abc1b6b5b58c16258f427f620c60ecdd2f87d81b60893ea7b78dff4eb7e547912e79cff9edb38c7d584e7606c4ff560ed22259d9050942bb82e4")
prctl$auto_PR_GET_SPECULATION_CTRL(0x34, 0x10, 0x7ff, 0x8000, 0x8)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x200, 0xf7ffffffffffffff, 0x3e83)
madvise$auto(0x0, 0x2003f0, 0x15)
open(0x0, 0x261c2, 0x84)
fallocate$auto(0x8000000000000003, 0x8, 0xd, 0x7fffffffffffffff)
madvise$auto(0x0, 0x200007, 0x19)
write$auto(0xffffffffffffffff, 0x0, 0x7)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x20400, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000140), 0x1a3780, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0xffffffffffffffff, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x6, 0x1, 0x948b, 0x3, 0x1, 0x3, 0x80000000, 0x5f, 0x7ffffffd, 0x7, 0x6d3f, 0x7, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x814)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
sendmsg$auto_ETHTOOL_MSG_RSS_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x8040}, 0x40048004)

23m0.558135175s ago: executing program 33 (id=834):
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x1, 0x3, 0x0, 0x80000001, 0x7, 0x6d39, 0x5, 0x2, 0x1]}, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x2, 0x9)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000001500), 0xffffffffffffffff)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(r0, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000000080)={0x1c, r1, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@NETDEV_A_QUEUE_TYPE={0x8, 0x3, 0x46d}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x9, 0x3, 0x16, 0x93f, 0x1ffe0, 0x3, 0x6, 0x2, 0x0, 0x5, 0xfff, 0xf, 0xb0, 0x1, 0x5, 0x7, 0x9, 0x7, 0x0, 0x0, 0x0, 0x200, 0xfffffffe, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, [0x6, 0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000, 0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3043, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x10000000000, 0x0, 0x3, 0x0, 0x0, 0x0, 0x11, 0x8000000000000001]}, 0x1fe, 0x10081)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r2 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa503}, 0x800}, 0x7, 0x4008)

23m0.354157629s ago: executing program 34 (id=835):
close_range$auto(0x2, 0xa, 0x0)
socket(0xa, 0x2, 0x0)
socket(0xa, 0x3, 0xff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec31\x00', 0x900, 0x0)
ioctl$auto_CEC_S_MODE(r1, 0x40046109, &(0x7f0000002c40)=0xd0)
ioctl$auto_CEC_DQEVENT(r1, 0xc0506107, 0x0)
ioctl$auto_CEC_DQEVENT(r1, 0xc0506107, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, &(0x7f0000000080)="edd4a3b5a03ebe1d0a26830c556ebf0be08eebdd7f8d99cf50f68921d54e993b889553abc1b6b5b58c16258f427f620c60ecdd2f87d81b60893ea7b78dff4eb7e547912e79cff9edb38c7d584e7606c4ff560ed22259d9050942bb82e4")
prctl$auto_PR_GET_SPECULATION_CTRL(0x34, 0x10, 0x7ff, 0x8000, 0x8)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x200, 0xf7ffffffffffffff, 0x3e83)
madvise$auto(0x0, 0x2003f0, 0x15)
open(0x0, 0x261c2, 0x84)
fallocate$auto(0x8000000000000003, 0x8, 0xd, 0x7fffffffffffffff)
madvise$auto(0x0, 0x200007, 0x19)
write$auto(0xffffffffffffffff, 0x0, 0x7)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x20400, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000140), 0x1a3780, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0xffffffffffffffff, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x6, 0x1, 0x948b, 0x3, 0x1, 0x3, 0x80000000, 0x5f, 0x7ffffffd, 0x7, 0x6d3f, 0x7, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x814)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
sendmsg$auto_ETHTOOL_MSG_RSS_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x8040}, 0x40048004)

22m57.143025262s ago: executing program 35 (id=833):
open(&(0x7f0000000100)='.\x00', 0x430042, 0x40f)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
r1 = openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0)
fadvise64$auto_POSIX_FADV_NORMAL(r1, 0x40000000000000d, 0x2009, 0x0)
write$auto(0x3, 0x0, 0x7fffffff)
mmap$auto(0x0, 0x400008, 0xdf, 0x19, 0x2, 0x400000000008000)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x40201, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, 0x0, 0x2400c080)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000004d40), 0xffffffffffffffff)
sendmsg$auto_MACSEC_CMD_DEL_RXSC(r3, &(0x7f0000007500)={0x0, 0x30, &(0x7f00000074c0)={&(0x7f0000000240)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002abd7000fedbdf25020000000800010033766f2fd8e39c82180b2a269b74cd028ffb1d4b095240c88443ce6435fccfb62f21e511665424f974011410ff0e9bcc8d98dc1f5129ad09a8a443d4792f4769ffa0ada4f61cb875bf153944de2cdbeebf7e38f7de00434d677a80722c4bf3f66009a79497df9d44efa2", @ANYRES32=0x0, @ANYBLOB="100002800c0001000300000000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x80)
write$auto(r2, 0x0, 0xac1)
connect$auto(0x3, 0x0, 0x55)
mmap$auto(0x0, 0x128009, 0xdf, 0x18, r1, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
process_madvise$auto_PIDFD_SELF_THREAD_GROUP(0xffffffffffffb1e0, &(0x7f0000000140)={&(0x7f0000000000)="75069306718961289362e447303b5943cb6da353036498c823d4148aeeec98ef1d3c18058651f24eb225ecce17d85d22e4bae47c749fb6da2f5267c2daeb5eaec03b57c3c82ae241c3c6d0ddd2fd220443ef2cd1bde1726c1c5608763de0c70b8b2c44c6b5ff5be2fc1d7ae88f4c29e4e63f543cdc4e3122dab03c9d8934e1947870dddcfc87a9a65d0a36faa2691a4cb3c04e3e4a38cebcf6ce3ffcea8aea93617c8887bf47345489346803c41c0bac9e55d851388657f48debb807c036e0be4858", 0xd7c9}, 0x200, 0x2, 0xffffffff)
r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/ip_forward\x00', 0x2002, 0x0)
sendfile$auto(r5, 0xffffffffffffffff, 0x0, 0x4)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f00000001c0), 0x8a400, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)

19m54.099450821s ago: executing program 5 (id=1316):
openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x8a581, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x4a402, 0x0)
read$auto(r0, 0x0, 0x1f40)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x62881, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
setresuid$auto(0x0, 0xffffffffffffffff, 0x200)
mlockall$auto(0x2)
open_tree_attr$auto(0xffffffffffffff9c, 0x0, 0x4, 0x0, 0x1)
write$auto(0x3, 0x0, 0xfdf3) (fail_nth: 5)

19m53.708419779s ago: executing program 5 (id=1318):
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xa3, 0xeb1, r0, 0x8000)
socketpair$auto(0x1, 0x3, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0xfffd, 0x8000, 0x0)
symlink$auto(&(0x7f0000000000)='.\x00', &(0x7f0000000040)='./file0\x00')
openat2$dir(0xffffffffffffff9c, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000002c0)={0x101000, 0x0, 0x12}, 0x18)
sendmmsg$auto(0x3, 0x0, 0x7878, 0x7000000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
r1 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r1, 0x6, 0x0, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x2, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
close_range$auto(0x2, 0x8, 0x0)
r2 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000180), r1)
sendmsg$auto_NL802154_CMD_SET_LBT_MODE(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="39fa6ec3bf125fa7bcdf53908958627222703b60b12dead59ea5906897336aea1db161696bb46f1aa841f90832185e7d532e35e86c24c0b4f387ad6282ca390dbba8df3e967334901320c4731cc28fbfa81a182ffd04eabbfbed5e97928d1b576995bdbe6f3f9b9589563c5e7edcff9603c56ffb8e08e84876", @ANYRES16=r2, @ANYBLOB="00022dbd7000fcdbdf2512000000fb003080280081800400a28014003800fc02000000000000000000000000000008000800", @ANYRES32=r0, @ANYBLOB="04004e801d2b22032763f79d6b17a20166e5c0d3b432a64747b941eb43392be207c392fa99fdb5df573a0e0dee5073417dbcd731fef85c2d37508360a4c82245a4cdaa314e93116a93d0ba9edb01e808398ec8acc9584d57d570af98fc47cdf274b40f0481e338ebc77c24ebf9513a5af2dc39a9ec61514b8367ee1a203ed7a8a746b4b7bdeef50ee990c3127b17caff18ee5f00d0bd5d60fe261f31cfb9c3af1c3b5ef68fe7bf368eb0b8a864e691dc7c68c26b29d79f26e8e6cd4549341b028aac1be11e48c95a803109538886c388eae713000800160005000000"], 0x118}, 0x1, 0x0, 0x0, 0x5}, 0x4008000)
getpriority$auto_PRIO_PGRP(0x1, 0x0)
openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
sendto$auto(0xffffffffffffffff, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe80fffe040100"}, 0x1c)
mmap$auto(0x83, 0x2020009, 0x8, 0xebf, 0xfffffffffffffffa, 0x2)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram4\x00', 0x0, 0x0)
prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x4, 0xffd, 0x12, 0x3, 0x0)
ioctl$auto(0x3, 0x4020565a, 0x38)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000100)='/dev/binderfs/binder0\x00', 0x800, 0x0)
socket(0x1e, 0x1, 0x0)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x10303f, 0x0)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000480)='/dev/sda1\x00', 0x4004, 0x0)
ioctl$auto_IOC_PR_RELEASE(r3, 0x401070ca, 0x0)

19m52.340432051s ago: executing program 5 (id=1323):
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/default/forwarding\x00', 0x141241, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/cpu/offline\x00', 0x800, 0x0)
read$auto(r1, &(0x7f00000000c0)='/sys/devices/platform/vhci_hcd.7/usb23/23-0:1.0/ep_81/interval\x00', 0x3)
pwrite64$auto(r0, &(0x7f0000000000)='./cgroup/memory.pressure\x00', 0x6bc, 0x5)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_REQ_SET_REG(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000002100)={&(0x7f0000000100)=ANY=[@ANYRES64=r3, @ANYRES64=r0], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x840)
readahead$auto(r0, 0x4, 0x4)
sysfs$auto(0x1003, 0x401, 0x0)
unshare$auto(0x40000080)
write$auto(0xffffffffffffffff, &(0x7f0000000200)='/de\xef\xe7a=v^\x951\x00\f\'\x8b\xd9\xfeN\xcd#)\x8c\x89>-o\xd7\x8f$\xac\xfc\xa2\xccm\x0e \xfb\xe5\xe9\x92\xaa\xef\x84$\x84Ia>6pV;{\'\xaa\xbeC\x14\xb6\xd2\xf6\xb7\xcd\xf6P\x05X\x1dK\x18\x99\x02\xb3\x0fY0\x80\x99\xe3\x0e\xa2D\xc0\xecE\x86\xd9J\x9c\xa8\x98\x02\xdb\xf1\x81TMpS\xc5\xab\xa1\x1bG\v>\x03\xf7\xe1\xaf\xe3\x04\xc3 ffF\x0f\xa6}\xa3\xa8\xd1\xe2\xd0QG\xa6\xa6\x8e7\x80\xd9\xd0\xdf\xad\xb1\x15\xca\xbb\xd5j\x94\xc6<\x18\x15\xcc\x8d\x14\xd8\xb8L\x03\xdd~\xe7%\xcb\xdd\xda!\xd45Z\xd0\xfc\x1b\xf0\xe1\xd6:\xd7\xe9N\xc1W\xe3\xae\xe9\xb27>k\xf8\xdf\xe1\xf9\xcc\xcb\v\x01D\xc3\xa9T\xb9UY\xaf\xa4\xe4\xfec\xa3\x9bI@\xb7w\xf8\x14\xc0\xd5\xd5\x95\a\xf5e\xfa\x94M\xb8%a\xa53fc\x95\'\xedc\xc5\xad\x7fM\xb4\xf39\x82\xdf8Y)\x8e\xa6\x0e[\xe1\x88\x1d\x0f[j\xe9\x83\x11\x1e\xca2\xba\xdb\xe4\b%\n\xcb\xbar\xf8\x84\xb0\x00$V\xa6`;\xfao\xe6A\x1b\xf2d\xfc\xb4}\xecP\x80h\xfb\x9f3e}\x8edq\x86\x00\xe0bb\x16\xb1kM\xc6GW#-\xf6\x17$BW\x83J\xd7g\xf1\xc0\xbf\x03>\xf2\xeb g\xb7\x14\xc6\xc7\xc9]\xce.\x82Y\x98\tg\v\x11a\v\xb4\xab\x12\xc7', 0x8)
mmap$auto(0x0, 0xdf33, 0xe2, 0xeb1, 0x405, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000", @ANYRES16=r5, @ANYBLOB="e3b7a7a246aa3ba3df033aca2f80c23e3251bde500fddbdf2519000000"], 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x48000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14fa02, 0x0)
sendfile$auto(0x2, 0x3, 0x0, 0xc3e0)
mmap$auto(0x0, 0x1ff, 0xdf, 0x200000810, 0xffffffffffffffff, 0x8000)
madvise$auto(0x0, 0x200007, 0x19)
madvise$auto(0x0, 0x2003f0, 0x15)
write$auto(0x3, 0x0, 0x100082)
r6 = io_uring_setup$auto(0x6, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x29a02, 0x0)
socket(0xa, 0x3, 0x3a)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000001080)='/dev/v4l-touch5\x00', 0x2040, 0x0)
read$auto_v4l2_fops_v4l2_dev(r6, &(0x7f0000000180)=""/31, 0x1f)
openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, 0x0, 0x0, 0x0)

19m50.229139666s ago: executing program 5 (id=1332):
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0)
socket(0x29, 0x2, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9)
r0 = getpid()
process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x100, 0x0)
ioctl$auto(0x3, 0x400454ca, 0x38)
select$auto(0x9, 0x0, 0x0, &(0x7f0000000200)={[0x8001ff, 0x7, 0xd, 0x8fd6, 0x948d, 0x3, 0x80, 0x3, 0x6, 0x8000000000000001, 0x7, 0x2, 0xd, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)

19m49.568092603s ago: executing program 5 (id=1336):
openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x8a581, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
bpf$auto_BPF_BTF_LOAD(0x12, &(0x7f0000000040)=@bpf_attr_7={@btf_id=0x400, 0x10001}, 0xc)
r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x4a402, 0x0)
read$auto(r0, 0x0, 0x1f40)
writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x7}, 0x3)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0x0, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/pci0000:00/waiting_for_supplier\x00', 0x80800, 0x0)
sendfile$auto(0x1, r2, 0x0, 0x400007ffff000)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
r3 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r3, 0x6, 0x0, 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x181482, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
socket(0x2, 0x3, 0xa)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x2000000a, 0xb8, 0x10, 0x4, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36cf3ce63f", <r4=>0x0, 0xffffffffffffffff, 0x5, 0x7, 0x7, 0x6}, 0xf)
bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_ifindex=r4, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x92)
setresuid$auto(0x0, 0xffffffffffffffff, 0x200)
mlockall$auto(0x2)
open_tree_attr$auto(0xffffffffffffff9c, 0x0, 0x4, 0x0, 0x1)
write$auto(0x3, 0x0, 0xfdf3)
getgid()
r5 = getegid()
setregid$auto(r5, r5)
shmctl$auto_IPC_STAT(0x4, 0x2, &(0x7f0000000140)={{0xe000001, 0xee01, 0xffffffffffffffff, 0x6b34, 0x6, 0xc, 0x5}, 0x0, 0x8001, 0x2000000000c2, 0x9, @inferred=0xffffffffffffffff, @raw=0x3, 0x7, 0x0, &(0x7f0000000100)="c0d3e0e6255a25e75d0345a39ec32cadb0d9c2d9cbe84477", &(0x7f0000000240)="3f8e2709292780d1d49cb452fe1ecbe574f5be4849a81d5024f83446c45f8bba7bcf4b469e217812b56099db88fcee22503d71439f3cbc06fdc2cb439bab6f473a267fb930317ecda986632a03e1df0ac49963bf5aefd820b31a551510dfaf30e53172015029f98c91d81c5f13944eefd78dc5d1152878f68e9e745535411f164845bcec4e181bbd23894ba3ae6c671d039a77d1c84f1e61f3b9083df8e5c597e7eccfbb6a2239570cd18a3467e641107c65ec0a07b17624d99fdcf2ac14429a983c5db94e215094f175762c5d591df9ebd1ae267e1c4ef8488a63cd67f91046fee9a9102dabbf7c12e9b2e5320f01e04759f09e85d4b7e0ffe1b8e28ffddc"})

19m48.402939822s ago: executing program 5 (id=1338):
r0 = socket(0x10, 0x2, 0x0)
syz_genetlink_get_family_id$auto_ethtool(0x0, r0)
sendmsg$auto_ETHTOOL_MSG_WOL_SET(r0, 0x0, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0xa0202, 0x0)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
mmap$auto(0x0, 0x20009, 0x4000020000df, 0xeb1, 0xffffffffffffffff, 0x8000)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
close_range$auto(0x2, 0xa, 0x0)
socket(0xa, 0x2, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
ioctl$auto(0x3, 0x400454ca, 0x38)
capget$auto(0x0, 0xfffffffffffffffe)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
ioctl$auto_XFS_IOC_FREESP(0xffffffffffffffff, 0x4030580b, &(0x7f0000000000)={0x714, 0x8, 0xd, 0xc, 0x8, <r1=>0x0})
r2 = prctl$auto(0x1000000003b, 0x1, r1, 0x5, 0x7)
setsockopt$auto(r2, 0x5, 0x77e3ebeb, &(0x7f0000000180)=',+-\x00', 0x950)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
r3 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000080), r0)
sendmsg$auto_OVS_VPORT_CMD_DEL(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r3, 0x300, 0x70bd2b, 0x25dfdbfd, {}, [@OVS_VPORT_ATTR_TYPE={0x8, 0x2, 0x8d5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)
lstat$auto(0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
eventfd2$auto(0xa0, 0x0)

19m33.281975395s ago: executing program 36 (id=1338):
r0 = socket(0x10, 0x2, 0x0)
syz_genetlink_get_family_id$auto_ethtool(0x0, r0)
sendmsg$auto_ETHTOOL_MSG_WOL_SET(r0, 0x0, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0xa0202, 0x0)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
mmap$auto(0x0, 0x20009, 0x4000020000df, 0xeb1, 0xffffffffffffffff, 0x8000)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
close_range$auto(0x2, 0xa, 0x0)
socket(0xa, 0x2, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
ioctl$auto(0x3, 0x400454ca, 0x38)
capget$auto(0x0, 0xfffffffffffffffe)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
ioctl$auto_XFS_IOC_FREESP(0xffffffffffffffff, 0x4030580b, &(0x7f0000000000)={0x714, 0x8, 0xd, 0xc, 0x8, <r1=>0x0})
r2 = prctl$auto(0x1000000003b, 0x1, r1, 0x5, 0x7)
setsockopt$auto(r2, 0x5, 0x77e3ebeb, &(0x7f0000000180)=',+-\x00', 0x950)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
r3 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000080), r0)
sendmsg$auto_OVS_VPORT_CMD_DEL(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r3, 0x300, 0x70bd2b, 0x25dfdbfd, {}, [@OVS_VPORT_ATTR_TYPE={0x8, 0x2, 0x8d5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)
lstat$auto(0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
eventfd2$auto(0xa0, 0x0)

7.303069269s ago: executing program 4 (id=5217):
r0 = inotify_init1$auto(0x3000000000000)
inotify_add_watch$auto(r0, 0x0, 0x1000e6e)
openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
socket(0x1e, 0x1, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80302, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0x1, 0x8fd6, 0x948b, 0x3, 0x3392, 0x4, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0x200000000eb1, 0x401, 0x8000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0x9, 0x6, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r3=>0x0})
r4 = waitid$auto_P_PIDFD(0x3, r0, &(0x7f0000000340)={@_si_pad}, 0xd, &(0x7f00000003c0)={{0x1000, 0x7ce}, {0x10001}, 0x80000001, 0x9, 0x800, 0x0, 0x99e1, 0x9, 0x3ff, 0x9, 0xbb, 0x8205, 0x3, 0xe, 0x0, 0xe})
msgctl$auto_MSG_INFO(0x5, 0xc, &(0x7f0000000280)={{0x9, 0xffffffffffffffff, <r5=>0xffffffffffffffff, 0x2, 0x287f, 0x2, 0x3}, 0x0, 0x0, 0x7fffffff, 0x9, 0x2, 0xffffffff, 0xfffffffffffffffe, 0x7fff, 0xfc2, 0x27f, @inferred=0xffffffffffffffff, @inferred=r4})
setresgid$auto(0xffffffffffffffff, 0xffffffffffffffff, r5)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32=r3, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100000000000000000008000200", @ANYRES32=r3, @ANYBLOB="060006ff05000000080003009b"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x17, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x5ff4, 0x1)
mkdir$auto(&(0x7f0000000000)='./cgroup.cpu/cpuset.cpus\x00', 0x8cd)
set_mempolicy$auto(0x6, &(0x7f0000000000)=0x3, 0x21)

6.314519294s ago: executing program 4 (id=5221):
io_uring_setup$auto(0x6, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/memory/memory15/online\x00', 0xa001, 0x0)
write$auto(r0, &(0x7f0000000140)='0[.[\x00', 0xcd04)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/lru_gen/enabled\x00', 0xb02, 0x0)
sendfile$auto(r1, r1, 0x0, 0x1)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = open$dir(0x0, 0x42, 0x3)
r3 = open_tree$auto(r2, 0x0, 0x9001)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r6=>0x0})
sendmsg$auto_NL80211_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x57, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYRES16=r4, @ANYRESDEC=r5, @ANYRES16=r5, @ANYRES8=r0, @ANYRES8=r2, @ANYRESHEX=r4, @ANYRES32=r4, @ANYBLOB="45a77efd0a765817a8c4e7ebbae518f6be79321f", @ANYRES64=r5, @ANYRES8=r6], 0x1c}, 0x1, 0x0, 0x0, 0x4000001}, 0x4000084)
r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r4)
sendmsg$auto_NL80211_CMD_GET_WIPHY(r4, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r7, @ANYBLOB="810b25bd7080fbdbdf250100"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004)
sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000180)={&(0x7f00000011c0)=ANY=[@ANYBLOB="ec2b70c50000", @ANYRES16=r7, @ANYBLOB="02002abd7000fbdbdf251f000000d4067f00a080036e59471a35044ba72478180b739bf3b2320c69364f629197642ca537bb9705b27779d9eb373714619d1f4a4dfc206bd046dbbe22d49fc54ce21514e8f118d079dc7f2ec3fa24401036e3ce728826af10ef7879286b782388b879aa4112448a73d852a8e06378d08d24a70dfcb096fde92e2ac26b5aa515988a8746c7729c3d51d122b52ec476f6197487150e0a0a7f7a5ad104000aaf5dc42dbea101c51c98f190b643f908afddc941f25f034dc0d0d0272c4749b2601fa23552763561204cba662108951b1189aa22c0dc1af1b67180b59af07d0f5edfeb1f0567b570dfe499dc79e18cbeb8fc22230ef20f064778881ae0ecb873afbc7920aa4601f25e9421f9c2ce7e6ab8f3ef9e708c066ee7c74318743aa7abd3b48852a97cee517f47369ac84d6b1f4447a2445ebee2b3065adcbe8954d1c74eb36d176a9b0b1043b3e61d6dc967b22c3ccfb43e501bef84c6cdc0fbfa583c253b2e9add9752c3765214f55541551edcc9c6365ad1c3537d06e93962234c66326510129b4d151205db5ab43cb5a9f83ef13f157b06d32055508b3053f5b081fff4dd337dd667f1939efa501768796c3ccbc11cdf3fb6be01e990694112f26238157da542de43c00344b4e35519d0fbf06905f9c6fc63ee5adb088777149ddb73800f1cf5d4c5ccea823979bc743e5d186b2617ee0a670ccc5f0dd117bf71f45e4129c86f87df0332fbc93199a1c0054a739373668bd7df0bd0cfee1a4ef097f4b5332b9d0a04895f9f87d5c63e74f6a100ded2770c7b6249fb14796e2901be2baabb2c4279a2265295648e044945f382fa01c640a92a03b7db0778e1f2b9dbc6d2e6a5d843b6bb6f88342608152f5d87cd5fa7b3e80bedb72985215f8c90b8b0732ef2dc918c5b59307e63124e5b847a93032f5ce949357dd52236735f8948bd8ad3552a64f7ebf0ce2d0a5e16efd5c1102bc102ef5e8da0a38e72c93fd3f18fc5843ac62151fa4874c2e31121766a32c53a25b33f8fd9beed72dea6c074761088f48c408e6f002babac2a3ca6d913d18cf4963103dfd04b65dc0b7ebc7eeebadd98e4b9efcf83a4bdefc31510c821d128821b2872d4a0d30223f679e2542024eca9e6e99bedf82cc536f1f6b06902219ed7f407b8fbbbfbe05422c5444dd2d68d20e4392d7c5b47e2d88e5afbe7babb4dceca1e5280ea9edab0447bbdbcf5affb1bab0c429c8997d9d5c9475f5c72ceb6705731dfb29e82b3a1a860b0c00312101f0923a1398a34edc34d6fcaabd5ff52b88cb1bf4592b635ef07b7e315a938e8aa6ecb67f98de863f290ffda11b6848d3e12a545537cb2bd8f2804b7521410f0ab095954b3d5e0b599e4b41f5dafbb56fcde0b8a74cf0132ad25065e87a8d043d7d572c85194b518a1af9350b9b267509e709213aec451b7dbff20ec27d808afbf726d98f4736f45b5f373f728bbb97cf978236faed16d352731d5077200364fcdc5fa6b33d8e487e6790f4add458a2ae66fe34d8a47d3344cae06948bdc8230bbccc8cc84e63d345a109604a1663efca50eeea03a49bb54b4ef4dccef46fbe4163e51fe55b3e6680c49e63bc20669436f8136e421a85a67c8ef1738f7512702e10e613669113d0a8868e7d5a66203f0e297159f048386486632777088d77fbb7efa0654e597281ac4f450fdd698a439aeeb18f66ab069f0dcd482b8b6d8886b3317555c01c304e6e4973d3414dae270975ef164416afe66d6f87145d70e23e949d87098e5cd007f95c07362e3023bd37234bebcfdce69d74e150e1d98773d3ba5c9d489ff9f937ec139160fc1e9e93470c261cb269417feb87f3246e8b8803eb7c099756af745301938534b72a5c5707580048944f1c557658d3a83c0eecd7eb726fe524eb6f37f5e8955dfa85d6977c7ecd0a89dcf4c1940d8cd15f25c43d7e05efebe24df07ab17c90015edc16e7dff3eb1269e29b5095e852c3a5ce7f31229591d24dd4d6d9058bf9f813a18f0fef6e8c65df265f2922c4dac35a77cef24d41cc592fa4c655ed6c12d5e2a43254e859d4d863e8471d85f40b10df38693bfe4bb2db47f028a3fb92434df2a848ef9c365f707fa8477a68f4547fe3726ea0179ba002bef7658c2b446c21d1ad761db76fa97b52b9b03ef874da3890c1beae6413e9cb84ae6325c674eef20d31d057c4d4b0f2805b15c22a6c6f16924d2d9943dc91615a00649b0e26c9e90f6a40e7c1cc24a0e456b2af3562097daf442e89d46e749551dfa0a6706f9ddf336283e6cee493aac17a06dce7f7e767cb8b00d28e93485c41b0d15010db3d0f5d1acd83c4f04cdad8f92142edcedd1731623103b42f9aae4ff83b09c826dd00a80e611d9820ca6a76bb081ba3f5e532b5ebc49abcbbfb54a432f994ca2c3514d9be5799432c2bcffdbb6a1194e248d1ca526273c8cd79ca23a24ec7d22457c74135cc903411ba04f5dd9fc037a8092003100ff0e761aee613b16cd988f5a05ae76bfbff42bb64af49a92dfd67c4e7d4c53b6c8e3d84b7921b05498d159340768b3d60f31ea06a5f95c893894a3a810ec0a9841b9e4fa0544064271f32f2e58809f6d20a853b2769f1a8d57558c5b2fdc45eac0b3c9827add2f165bd205a4472486d1597c1517766a7363e435c3d3394baa1e2f08968e3865a1e57eeb4a00ab590000e0005c8037a4d5c32d672f394319dc9485bc4782eed6c5da1629bcf191f84e64c800805ff55e5f30e043943efb89c73311979b67521a9049da2570d944a9debc59f23181e1dee261b8e34f3a7add13a3277b3dfe3acbef2e4b034e80d85b076ef35c5e3f7d9dca6ac212ce52974520507e57ce818ec60bc9ba4dbaacc2eae95e21545113d49680218ae18e1ae8187d24038d01bd2b150895e53effb5703853ff0eb309f3f2903366c9312a88554c9d8caaa29463b0278601e3312b2e07bc2cf35a1ecfd86121666b71cc4d00f50352ed4286cbdf35710d57538e95c704000b80f0b02f44ebd9eba8ccc5f5f900b20a3f3623470260a0b2a3e3ed3a20d1f05dbccf065247f7bfa2cfc9194efe0a2d860279da6d059ca0e9e12de11007b027b936ba53123a2d7695cb2db05fb911f6ac97f01c451d60835f2f91568df566aaf0811a0c5dc0de1173f3103ea6b5c2509eee140281800400f68004001380be60586c7e9f0747a8e4e592ada65dfc0bf22d23ba0e3e2f07b55674f019c63db1ee3b4e5b8409f99ac9b8b153f34f6b8d724621619092f982b2f85d7139edc4da2263be9ea1ef446d42fca04c86f808948e97554c1db56666e0e0cc80a06a8eda81a7184958d1743ee960e7b2cd7526a104661424ae122f471ea88453d855d7e483e985aaefff44b94db02952765ae03f20c38b41ec96700aea142493ae76d3048d8f7de3d078e85d9d5d4cdf114cc126bb3aa9f6277d1b9b1c1bf016e6747820b4fa3646979115db6746c9b9b66afd139688ae14fcda1117f5d7f882e63721786edff9db2c33740c2da414f9c29792b66daa65514e2435e2715ff8640a5effc73e5f618478879f63b7a55f3355073b7ddd57e3b025653dd8c32f873cdf6cab1173f5891c42abddd2b2ee54922de0393e9cdb5d640009bc140f93f83459efb427d71ad3304f2bf2c7b4d0a4ddb0794b635a94cc2de5fe6ddb4a1c69241877d6fe44804ff95ef0842e6c4c0697afad2e9708002c00", @ANYRES32, @ANYBLOB="04000f808d212b73c10adc1cac942ab8a14129f6b2b9e47000ee6611d53442b33aff9cd4365e0eaf72f5f7ba9d007a180af5e2162d12128b8bcd4a3501bf5f21ec79f03046a0fbb6cdb55dddc8e67c5d9958383367790bd1cbe1645eed969a51b0506f76790d80dda60ee111ca44fddaef79a3bd1dd21e880977481d9ed58e30380e5f804f550d1b68a4e5040036000c002e014000000000000000fb00c700d4eb120fb990f312f6dc1cd1e2fabc17153e9e0bbaa255bfea657b66e5ef6d5c44b7851528115b5080920b3f7a5edb8c5c6ae63c4a8cdf26b60506f9d7c3e977b7c1e05b8754f234b727319ae25f75a8362c0ff160b5f62b0de762efb0f9db7ffec3550c9d534a1176d18e6d6f61566315b529b950f78d46ac1820c550cd6f077c640ec35a5249f5a5aa9df7105aa8c530c3a17f7e1e1990295c5930330f21228ad9a4e30a7223df2f8a594967f607d338a8269c20259a25c9d884f6e6f07412d5c19b28e02d333fef616a1d3bf2edf35e8b6bb815996fca3b386d3ba3f98e2e9116f6422a6f544d72c6ec9f31440c2b49d2df2a61faf400"], 0xbec}, 0x1, 0x0, 0x0, 0x4000000}, 0x80)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
bind$auto(0x3, &(0x7f0000000040)=@ax25={0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x3}, 0x6e)
prctl$auto_PR_GET_TID_ADDRESS(0x28, 0x2, 0x0, 0x0, 0x40)
setitimer$auto(0x7, 0x0, 0x0)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000002c0), 0xffffffffffffffff)

6.266261587s ago: executing program 8 (id=5222):
io_uring_setup$auto(0x6, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/memory/memory15/online\x00', 0xa001, 0x0)
write$auto(r0, &(0x7f0000000140)='0[.[\x00', 0xcd04)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/lru_gen/enabled\x00', 0xb02, 0x0)
sendfile$auto(r1, r1, 0x0, 0x1)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = open$dir(0x0, 0x42, 0x3)
r3 = open_tree$auto(r2, 0x0, 0x9001)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r6=>0x0})
sendmsg$auto_NL80211_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x57, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYRES16=r4, @ANYRESDEC=r5, @ANYRES16=r5, @ANYRES8=r0, @ANYRES8=r2, @ANYRESHEX=r4, @ANYRES32=r4, @ANYBLOB="45a77efd0a765817a8c4e7ebbae518f6be79321f", @ANYRES64=r5, @ANYRES8=r6], 0x1c}, 0x1, 0x0, 0x0, 0x4000001}, 0x4000084)
r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r4)
sendmsg$auto_NL80211_CMD_GET_WIPHY(r4, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r7, @ANYBLOB="810b25bd7080fbdbdf250100"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004)
sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000180)={&(0x7f00000011c0)=ANY=[@ANYBLOB="ec2b70c50000", @ANYRES16=r7, @ANYBLOB="02002abd7000fbdbdf251f000000d4067f00a080036e59471a35044ba72478180b739bf3b2320c69364f629197642ca537bb9705b27779d9eb373714619d1f4a4dfc206bd046dbbe22d49fc54ce21514e8f118d079dc7f2ec3fa24401036e3ce728826af10ef7879286b782388b879aa4112448a73d852a8e06378d08d24a70dfcb096fde92e2ac26b5aa515988a8746c7729c3d51d122b52ec476f6197487150e0a0a7f7a5ad104000aaf5dc42dbea101c51c98f190b643f908afddc941f25f034dc0d0d0272c4749b2601fa23552763561204cba662108951b1189aa22c0dc1af1b67180b59af07d0f5edfeb1f0567b570dfe499dc79e18cbeb8fc22230ef20f064778881ae0ecb873afbc7920aa4601f25e9421f9c2ce7e6ab8f3ef9e708c066ee7c74318743aa7abd3b48852a97cee517f47369ac84d6b1f4447a2445ebee2b3065adcbe8954d1c74eb36d176a9b0b1043b3e61d6dc967b22c3ccfb43e501bef84c6cdc0fbfa583c253b2e9add9752c3765214f55541551edcc9c6365ad1c3537d06e93962234c66326510129b4d151205db5ab43cb5a9f83ef13f157b06d32055508b3053f5b081fff4dd337dd667f1939efa501768796c3ccbc11cdf3fb6be01e990694112f26238157da542de43c00344b4e35519d0fbf06905f9c6fc63ee5adb088777149ddb73800f1cf5d4c5ccea823979bc743e5d186b2617ee0a670ccc5f0dd117bf71f45e4129c86f87df0332fbc93199a1c0054a739373668bd7df0bd0cfee1a4ef097f4b5332b9d0a04895f9f87d5c63e74f6a100ded2770c7b6249fb14796e2901be2baabb2c4279a2265295648e044945f382fa01c640a92a03b7db0778e1f2b9dbc6d2e6a5d843b6bb6f88342608152f5d87cd5fa7b3e80bedb72985215f8c90b8b0732ef2dc918c5b59307e63124e5b847a93032f5ce949357dd52236735f8948bd8ad3552a64f7ebf0ce2d0a5e16efd5c1102bc102ef5e8da0a38e72c93fd3f18fc5843ac62151fa4874c2e31121766a32c53a25b33f8fd9beed72dea6c074761088f48c408e6f002babac2a3ca6d913d18cf4963103dfd04b65dc0b7ebc7eeebadd98e4b9efcf83a4bdefc31510c821d128821b2872d4a0d30223f679e2542024eca9e6e99bedf82cc536f1f6b06902219ed7f407b8fbbbfbe05422c5444dd2d68d20e4392d7c5b47e2d88e5afbe7babb4dceca1e5280ea9edab0447bbdbcf5affb1bab0c429c8997d9d5c9475f5c72ceb6705731dfb29e82b3a1a860b0c00312101f0923a1398a34edc34d6fcaabd5ff52b88cb1bf4592b635ef07b7e315a938e8aa6ecb67f98de863f290ffda11b6848d3e12a545537cb2bd8f2804b7521410f0ab095954b3d5e0b599e4b41f5dafbb56fcde0b8a74cf0132ad25065e87a8d043d7d572c85194b518a1af9350b9b267509e709213aec451b7dbff20ec27d808afbf726d98f4736f45b5f373f728bbb97cf978236faed16d352731d5077200364fcdc5fa6b33d8e487e6790f4add458a2ae66fe34d8a47d3344cae06948bdc8230bbccc8cc84e63d345a109604a1663efca50eeea03a49bb54b4ef4dccef46fbe4163e51fe55b3e6680c49e63bc20669436f8136e421a85a67c8ef1738f7512702e10e613669113d0a8868e7d5a66203f0e297159f048386486632777088d77fbb7efa0654e597281ac4f450fdd698a439aeeb18f66ab069f0dcd482b8b6d8886b3317555c01c304e6e4973d3414dae270975ef164416afe66d6f87145d70e23e949d87098e5cd007f95c07362e3023bd37234bebcfdce69d74e150e1d98773d3ba5c9d489ff9f937ec139160fc1e9e93470c261cb269417feb87f3246e8b8803eb7c099756af745301938534b72a5c5707580048944f1c557658d3a83c0eecd7eb726fe524eb6f37f5e8955dfa85d6977c7ecd0a89dcf4c1940d8cd15f25c43d7e05efebe24df07ab17c90015edc16e7dff3eb1269e29b5095e852c3a5ce7f31229591d24dd4d6d9058bf9f813a18f0fef6e8c65df265f2922c4dac35a77cef24d41cc592fa4c655ed6c12d5e2a43254e859d4d863e8471d85f40b10df38693bfe4bb2db47f028a3fb92434df2a848ef9c365f707fa8477a68f4547fe3726ea0179ba002bef7658c2b446c21d1ad761db76fa97b52b9b03ef874da3890c1beae6413e9cb84ae6325c674eef20d31d057c4d4b0f2805b15c22a6c6f16924d2d9943dc91615a00649b0e26c9e90f6a40e7c1cc24a0e456b2af3562097daf442e89d46e749551dfa0a6706f9ddf336283e6cee493aac17a06dce7f7e767cb8b00d28e93485c41b0d15010db3d0f5d1acd83c4f04cdad8f92142edcedd1731623103b42f9aae4ff83b09c826dd00a80e611d9820ca6a76bb081ba3f5e532b5ebc49abcbbfb54a432f994ca2c3514d9be5799432c2bcffdbb6a1194e248d1ca526273c8cd79ca23a24ec7d22457c74135cc903411ba04f5dd9fc037a8092003100ff0e761aee613b16cd988f5a05ae76bfbff42bb64af49a92dfd67c4e7d4c53b6c8e3d84b7921b05498d159340768b3d60f31ea06a5f95c893894a3a810ec0a9841b9e4fa0544064271f32f2e58809f6d20a853b2769f1a8d57558c5b2fdc45eac0b3c9827add2f165bd205a4472486d1597c1517766a7363e435c3d3394baa1e2f08968e3865a1e57eeb4a00ab590000e0005c8037a4d5c32d672f394319dc9485bc4782eed6c5da1629bcf191f84e64c800805ff55e5f30e043943efb89c73311979b67521a9049da2570d944a9debc59f23181e1dee261b8e34f3a7add13a3277b3dfe3acbef2e4b034e80d85b076ef35c5e3f7d9dca6ac212ce52974520507e57ce818ec60bc9ba4dbaacc2eae95e21545113d49680218ae18e1ae8187d24038d01bd2b150895e53effb5703853ff0eb309f3f2903366c9312a88554c9d8caaa29463b0278601e3312b2e07bc2cf35a1ecfd86121666b71cc4d00f50352ed4286cbdf35710d57538e95c704000b80f0b02f44ebd9eba8ccc5f5f900b20a3f3623470260a0b2a3e3ed3a20d1f05dbccf065247f7bfa2cfc9194efe0a2d860279da6d059ca0e9e12de11007b027b936ba53123a2d7695cb2db05fb911f6ac97f01c451d60835f2f91568df566aaf0811a0c5dc0de1173f3103ea6b5c2509eee140281800400f68004001380be60586c7e9f0747a8e4e592ada65dfc0bf22d23ba0e3e2f07b55674f019c63db1ee3b4e5b8409f99ac9b8b153f34f6b8d724621619092f982b2f85d7139edc4da2263be9ea1ef446d42fca04c86f808948e97554c1db56666e0e0cc80a06a8eda81a7184958d1743ee960e7b2cd7526a104661424ae122f471ea88453d855d7e483e985aaefff44b94db02952765ae03f20c38b41ec96700aea142493ae76d3048d8f7de3d078e85d9d5d4cdf114cc126bb3aa9f6277d1b9b1c1bf016e6747820b4fa3646979115db6746c9b9b66afd139688ae14fcda1117f5d7f882e63721786edff9db2c33740c2da414f9c29792b66daa65514e2435e2715ff8640a5effc73e5f618478879f63b7a55f3355073b7ddd57e3b025653dd8c32f873cdf6cab1173f5891c42abddd2b2ee54922de0393e9cdb5d640009bc140f93f83459efb427d71ad3304f2bf2c7b4d0a4ddb0794b635a94cc2de5fe6ddb4a1c69241877d6fe44804ff95ef0842e6c4c0697afad2e9708002c00", @ANYRES32, @ANYBLOB="04000f808d212b73c10adc1cac942ab8a14129f6b2b9e47000ee6611d53442b33aff9cd4365e0eaf72f5f7ba9d007a180af5e2162d12128b8bcd4a3501bf5f21ec79f03046a0fbb6cdb55dddc8e67c5d9958383367790bd1cbe1645eed969a51b0506f76790d80dda60ee111ca44fddaef79a3bd1dd21e880977481d9ed58e30380e5f804f550d1b68a4e5040036000c002e014000000000000000fb00c700d4eb120fb990f312f6dc1cd1e2fabc17153e9e0bbaa255bfea657b66e5ef6d5c44b7851528115b5080920b3f7a5edb8c5c6ae63c4a8cdf26b60506f9d7c3e977b7c1e05b8754f234b727319ae25f75a8362c0ff160b5f62b0de762efb0f9db7ffec3550c9d534a1176d18e6d6f61566315b529b950f78d46ac1820c550cd6f077c640ec35a5249f5a5aa9df7105aa8c530c3a17f7e1e1990295c5930330f21228ad9a4e30a7223df2f8a594967f607d338a8269c20259a25c9d884f6e6f07412d5c19b28e02d333fef616a1d3bf2edf35e8b6bb815996fca3b386d3ba3f98e2e9116f6422a6f544d72c6ec9f31440c2b49d2df2a61faf400"], 0xbec}, 0x1, 0x0, 0x0, 0x4000000}, 0x80)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
bind$auto(0x3, &(0x7f0000000040)=@ax25={0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x3}, 0x6e)
prctl$auto_PR_GET_TID_ADDRESS(0x28, 0x2, 0x0, 0x0, 0x40)
setitimer$auto(0x7, 0x0, 0x0)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000002c0), 0xffffffffffffffff)

4.591298273s ago: executing program 6 (id=5227):
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
sendmsg$auto_ETHTOOL_MSG_FEC_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x80}, 0xac8fe2812c61ec00)
mmap$auto(0x0, 0x20009, 0x8, 0xeb1, 0x401, 0x40008000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x9, 0x0)
r1 = socket(0x2, 0x5, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x2, 0x1, 0x1)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
sendmmsg$auto(r1, &(0x7f0000000100)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f0000000000)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x200009}, 0x1}, 0x2, 0x0)
socket(0x11, 0x80003, 0x300)
socket(0xb, 0x0, 0x8000)
pipe$auto(0x0)
unshare$auto(0x40000080)
setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x400000000008000)
close_range$auto(r1, 0x8, 0x0)
socket(0x2b, 0x1, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
statx$auto(r2, 0x0, 0x6d7, 0x6, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)

4.525082343s ago: executing program 4 (id=5228):
socket(0x2, 0x80000, 0x300)
openat$auto_suspend_stats_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x20800, 0x0)
unshare$auto(0x40000080)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/set_event\x00', 0x20c8c2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x44, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0)
mmap$auto(0x0, 0x9, 0x24de, 0x16, 0x401, 0xd5be)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x2381, 0x0)
ioctl$auto(0x3, 0xc0585605, 0x38)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/\x98@dio1\x00', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x11}}, 0x6a)
sendfile$auto(0x1, 0x3, 0x0, 0x7ff)
ioctl$auto_USBDEVFS_DISCONNECT_CLAIM(r1, 0x8108551b, &(0x7f0000000180)={0x3, 0x8dd, "c52a759bf0234ba2b0937b93b6a79d10c1e30cfad64e47f156c0720013beebd77ef25574a3d8273a18114a6b3b55ad2b677ad3bb306d2645ec93f1fdfdee09a2091725b1a0c450e1325ecf05a4ad7238eb07cf3a682534f44c2bae999035e64eb850a3d728be01fdcecfdb963a5b380f10efa5cad18e9beb17029e812665c4d9238d0c83f0b3e5c15a229964081d71e7d0b7b8c25f203b69d7550b198dc1652edf17b23fe2508525268fae97323ab882162d4fd69f096224f368f429931000c892c982753189fbe214c6c1c97a484a8b843ff1e6769c844575329f672c20e2a67c2208d9caa546b7440f30f403330afb7e96274d791fef7f71d1ec341a2845bf"})
sendto$auto(0x3, 0x0, 0x2000f, 0x101, 0x0, 0x1c)
shmctl$auto(0x0, 0xd, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
recvmmsg$auto(0x3, 0x0, 0xfffe, 0x6, 0x0)

4.523292297s ago: executing program 8 (id=5229):
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
mmap$auto(0x0, 0x8, 0x1000000004, 0x8b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x15, 0x4, 0x18)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1100af"], 0x1ac}, 0x1, 0x0, 0x0, 0x26004814}, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0)
socket(0x29, 0x2, 0x0)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000040)='/dev/usbmon32\x00', 0x0, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x24600, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000280), r0)
sendmsg$auto_NL80211_CMD_TDLS_CHANNEL_SWITCH(r1, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x14, r2, 0x300, 0x70bd26, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000000)
socket$nl_generic(0x10, 0x3, 0x10)
select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x0, 0xd, 0x2, 0x948b, 0x3, 0x15f4da0a, 0x1, 0x3, 0x62, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffa]}, 0x0)
landlock_create_ruleset$auto(0x0, 0x0, 0x1)
openat$auto_tracing_readme_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/README\x00', 0xc00, 0x0)
process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x100, 0x0)

4.503076086s ago: executing program 7 (id=5230):
set_mempolicy$auto(0x2005, &(0x7f0000000080)=0x87e, 0x5)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) (async)
openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f0000000340), 0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0) (async)
r1 = socket$nl_generic(0x11, 0x3, 0x10)
bind$auto(r1, &(0x7f0000000200)=@generic={0x11, "0000000000000000d29e006300"}, 0x80) (async)
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) (async)
mount$auto(0x0, &(0x7f0000000100)='}[,&*}\x00', &(0x7f0000000080)='nfsd\x00', 0x10001, 0x0) (async)
chdir$auto(&(0x7f0000000000)='}[,&*}\x00') (async)
setfsuid$auto(0xee00) (async)
lchown$auto(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
socket(0x2, 0x1, 0x0) (async)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/kernel/tainted\x00', 0x28002, 0x0) (async)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) (async, rerun: 64)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) (rerun: 64)
read$auto(r3, 0x0, 0x20)
writev$auto(r2, &(0x7f00000001c0)={0x0, 0x45}, 0x1)
r4 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_SET_SAR_SPECS(r4, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f0000000480)={0x1c, r5, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@NL80211_ATTR_BEACON_HEAD={0x6, 0xe, "1c36"}]}, 0x1c}, 0x1, 0x0, 0x0, 0x6040000}, 0x20008810) (async, rerun: 32)
r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptya5\x00', 0x400000, 0x0) (rerun: 32)
r7 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC1\x00', 0x40001, 0x0)
r8 = semctl$auto_GETPID(0x9, 0x7f, 0xb, 0xffffffff80000000)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_INFO(r7, 0xc1105511, &(0x7f0000000200)={{@raw=0x6, 0x2, 0x4, 0x6, "e94a1ce8e3316c38e2a2538481fc169dc016a9b8b2a8122e3aba2f221fa023c5eac45668513e1c103acc2fd4", @inferred=r8}, 0x0, 0x9, 0xfffffff8, @raw, @integer64={0x200, 0x41, 0x6}, "7dd277fa0c91ab6910e0f77f116a2ce71efd18d49f2407541e9c4098aa06b9362c48ba4a0ecdd2e613433228047172b60231e1f938cd105757a20820e751bc79"}) (async, rerun: 32)
ioctl$auto_TIOCGSID2(r6, 0x5429, &(0x7f00000000c0)="7f3fb7507d8f1ba1d98dade43cc2c59f9398332e18cccc97788ba0fd0952eab338a624afc27b6376e2364110577576839b04015b436327223899a74cc150231196d1890951eb7d6292437825f0f4c885dbc98acfb0aff9999a4de9795e0e07819b884609b38446b3196be9bea7c95c950c018faec27be156029820f45b66d9c8492f05baad6768709c7f4d6213e896a419be0a2c42d520671864e0febd25dd441c7509918baf1e") (async, rerun: 32)
write$auto(0x3, 0x0, 0xfdf3)

3.428375135s ago: executing program 8 (id=5231):
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram6\x00', 0x4040, 0x0)
preadv2$auto(0x3, 0x0, 0x5, 0xffffffffffffffff, 0x7, 0x2a)
write$auto_tty_fops_tty_io(r0, &(0x7f0000000200)="352c8efa610c0bcf83a4ebdb040000000000000021cb244b19a48bb5e0d12df9735b745b9554dfb0ad77a37be296ebe6f598901d632a206d9bb056d8c8d9a5b4cf165c931477ba53f3a80c522fc11555ea", 0x51)
mmap$auto(0x0, 0x0, 0x2, 0x410, 0xffffffffffffffff, 0x3)
ioctl$auto(0xffffffffffffffff, 0x8912, 0x38)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xfffffffffffffffe, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400)
shutdown$auto(0xffffffffffffffff, 0x2)
r1 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0xc0000, 0x0)
mmap$auto(0x0, 0x1, 0x9, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r2 = fanotify_init$auto(0x3, 0x3)
syz_clone3(&(0x7f0000000180)={0x31466c7a6c56d22f, 0x0, 0x0, 0x0, {0x32}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r3 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$auto_VHOST_SET_FEATURES(r3, 0x4008af00, &(0x7f0000000000)=0x200000000)
read$auto(r3, 0x0, 0x3ff)
close_range$auto(0x2, 0xa, 0x0)
socket(0xa, 0x2, 0x88)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
mmap$auto(0x77, 0x400008, 0x8, 0x40000000001a, r2, 0xfffffffeffff208e)
pread64$auto(r1, 0x0, 0x7ff, 0x400)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0x1, 0x0, 0x0, 0x0, 0x0)
write$auto(r4, 0x0, 0x100000a3d9)
ustat$auto(0x801, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)

3.340499403s ago: executing program 7 (id=5232):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
fsconfig$auto(r0, 0x2, 0x0, 0x0, 0x0)
pidfd_open$auto(0x0, 0xfffffffe)
socket(0x2, 0x1, 0x106)
bind$auto(0x3, &(0x7f0000000040)=@sco={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x6a)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
socket(0xa, 0x5, 0x3)
ioctl$auto(0xffffffffffffffff, 0xab07, 0xffffffffffffffff)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
syz_genetlink_get_family_id$auto_thermal(0x0, 0xffffffffffffffff)
setsockopt$auto(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x10000)
select$auto(0x12, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x62, 0x8000001f, 0x40007, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x0)
connect$auto(0x3, &(0x7f00000000c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
sync_file_range$auto(0xffffffffffffffff, 0x0, 0x8, 0xbeb)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
madvise$auto(0x0, 0x200007, 0x8)
madvise$auto(0x0, 0x2003f0, 0x15)
mmap$auto(0x0, 0x234, 0xdb, 0x2000000000eb1, 0x401, 0x8000)

3.267050008s ago: executing program 6 (id=5233):
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x10, 0x2, 0x15)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x3f}, 0x1, 0x0, 0x0, 0x400c014}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r1, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/tty36\x00', 0x0, 0x0)
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0)
close_range$auto(0x2, 0x8, 0x0)
memfd_create$auto(&(0x7f00000008c0)='/sys/kernel/debug/x86/boot_params/data\x00', 0x0)
fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d)
fallocate$auto(0x8000000000000003, 0x3, 0xf, 0x280000000)
r2 = set_tid_address$auto(0x0)
ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, r2)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000040)={0x1, 0x0, 0x1}, 0x18)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(0xffffffffffffffff, 0x0, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r3, 0x8000)
madvise$auto(0x0, 0x2000040080040008, 0xe)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/system/machinecheck/machinecheck0/bank6\x00', 0x2101, 0x0)
write$auto(r4, &(0x7f0000000240)='802.15.4 MAC\x00', 0x3)
connect$auto(0x3, &(0x7f00000000c0)=@llc={0x1a, 0x338, 0x5e, 0x1, 0x6, 0x5, @local}, 0x10)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/ip6_vti0/stable_secret\x00', 0x2, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x7)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0)

3.002927292s ago: executing program 4 (id=5234):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x6, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_proc_pid_set_comm_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/comm\x00', 0x800, 0x0)
r0 = openat$auto_nsim_pp_hold_fops_netdev(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/netdevsim/netdevsim1/ports/3/pp_hold\x00', 0x101001, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x0)
io_uring_setup$auto(0x6, 0x0)
r1 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000400), 0x80001, 0x0)
ioctl$auto(r1, 0x3b8e, r0) (fail_nth: 8)

2.385566104s ago: executing program 7 (id=5235):
r0 = epoll_create$auto(0x8)
epoll_ctl$auto(r0, 0x1, 0x8000000000000000, 0x0)
ioctl$auto_SG_GET_SG_TABLESIZE(r0, 0x227f, &(0x7f0000000480)="037765d94ed428e122c73c1097760235b778f9873205349b16a9dd0912f278ce8efb08520ea4cf4b8264ba11906bbc230529920e37825a6f31f5f6e8f80da01610dc7af8fc305f7e027ee8e10a2e16a9d756e9869b581252fb3ba66aa9d52ecfc8acd74c7517b0b6344b32850ccfbe402abf542edc39f82c01d2d1a11f3719e468f3021ab924457ae218c0c50d3581b707a468089b8ced3ee286d06f91904991ef2cb715e279c788165013c966bc3f297b6e9824a26eb482c189c90a46b9b762093126471b1517d891e6a5d74fdc83adca22f66f9b329e1fe8ef951b429a815a91f96990337263feeb38b9c017a330e0b2fa9447264f17bc00a128dcbc6dfccf004be2641fd072dab8bd230c506dab07fd2ff12cb6baf9fc8a677c9e7bc033f80f97e003fdf8959b445dbc8af62b7df719bd3490d4319950aac6ac5ac623f05eb1633cb22e39b47c904a9fa13b8f61485988bebe169c736dddccb31bd13c78d8935941c994afb2beaf4935ca7432eaa8f5608e4ebf03306cb35d8d45c81ff1159542d23b44adff2331df06ec1172deb24acd8b8d27bb1d7f101cce487c8b1d0ac5a9516c5f514844bd7967a3877c265a273c90c034a8573f1f24eb28af507bd004fef9947628255b143317568cb7ccd7199205be458530c4138acb96043f1501a7a5549e9678ea07212c182b768e5531771c7be75d7c29f96a8738777b3fe1642c2c5bea0503af16ce8a3a57b9c8c5b7d22dafc747d46897b7e7b0a91d3e9892098fe8c8387d4497c02b78cbf1effc93ecf7da71e817caca18f1dc667ac7f121c123be80dd5dd1ccc170b7d554bee98126a4efa4b253a5659bec2fb87afd3665bfbf610c933e7e963519dc4b92d4722f508de174cec94bc9688c5247bded0079a4feb39df38e4fb3d16d6e1eb18543f73e27510abe9f1c301928c8fef9b188ee8fc4c688be863a1ffef9fed8779334f561ae30ecc571a3448064e41079b64cef07ff8905d7e55e8b8a51aaf7f86d90a58f582cd5cd6f55272ee6d5368ea59c35cb1cadbfe38a0012dcd44fd8cc85f71ca510aef02b84b6cd8ef29baabbbf20445e2e325e6025043f497d519e34bb695cd2c450fd58ba86719f97958110712bcee9f875cbdc5eadf97e5cbeff86a1eb62b500ff83fbd69d2d865546ba65734a8d8c55880de44b16b502d1b2f30aaba8a31c556ae5d0f519d26eea4c7443508ee9cc09090e74242d5d23bff97f2526053394b1eb18c78c3b09feb1b7580bc5cc81c73090df6d63648f26241749733be41a36d88e87cf8ddffa797dc83441a1e4f55b7bd97f43731bad7ab8c9048e5af9e2774e83dc2431f417ecb215d014ef6bc84fa378c49c7730528db52f5942635e4150954e4809085112e918977317e98226e861947183cd92870734d2e6a96c57e70356aad47b000a112fab1ccc64e990bcc6f77d0d4274c87447f6962327e21a4781eeef6606b864236434a601eeb08b6e5acb59c7267e169aa4b6ed2139dd494461eeb6bb510d22c18449f3c23f9ca293080a9f96fce5debe599f81bc48baa5c1aa083ce68a0d45803d3b492d32eb0fd4d0774070e87f0ce75da841063c080860177cd051e3ddbce544d36916bdbeb90fc37c7a24960b24fb34767ca9470759b879a2a179f7372e7d81028a9111645ca63df5596ce5a15aa06a30531cf32b220a9a4a208cd2e8d9b79aaa714401c4bfb9a2d95b161ba2c82930c8fda7a4871fbc553117468ee74099dfe0fcec4742dc0340033242d658bb2280583648f85ae1c14e396b5310a0fdacafcf33cc98325be7acc9df685bb520080a2d83935f98dff16bf7e3427fe6b848d82b060fd973d121470af4c74c6544ef750e2c9e6e7f551ac787a127367ca545807aed7cc6d51214610ead9a46511fff95d322bf4836b948a4b6fbca1ab2b26db1f4493c7c68ff04f0dc669d0c8e4d8ffe8fda7ee99c48e1992075982b6ff0ac7ef32a527767d7f1598c47adaf90d73b4202d3efb8a9206e10c20075fb3338aa517a30e21d9295e60e01af85c50ded314e33f5953db90878fba8da2961fe73c88ab7a5966d8114ef14a35995b00045fc769329976a07f7536b8ef122a356abc6dbe820086c7008e6ece61084aaf27766bdf72970272b5c13dbce8b02cfb55235a0498c78eadc4f3c3d27b9afc62c4d786579d3c1269215d2352fa5049a50cc0cbb1ffd9883ca612e94e3bc80bab03946fd0785497338b521b69552fdcf9d782d070d814488f1a53d7c5cf825f4c903ac7a536197e81ebd156b0ce3289a50624faab19f86a8d8f2803f21c43d3ee227f9634717711e96b080f2e0436d5570b2b1c4a490c82e740aa2adf3e79c16410a95626c14632fc0ac38e00f4798bad2515b8535c5128c5a3c2979af58fc5adaf2914ad237799dc35340ee4be73a930b8d2b6c986128804c8ed8f03b19c3a96ee5d171ccbde19e76e22b6be4f53d726de68ad0dfaae7552316bad0e6b2872ec852e03c57926810c62981888e6007bbd870f96848883ad584d29a09353b70a32956bd66f36680a30ce7e9875db48c979fe4e822d6bdd585e64cb8ab9046c0a76279fdd5b8c7a11fa286b760ac2a4a68fa491826faf4cc8c503bf525e9d829568bc0f8853d567a9e69b3f377e8af09c5f175b27cad1ff9ca430669df4a743edebb596d7c2e45ff1f88ca5e7723644323f72b00256a56f1e4f0b7f88be6a78fd39a6028bff043fe48848fd22a4f1a1e18bc868b0f50e8db3942d40d478ea98ee9dad1e72fa7f40d4945a3e0e0757972af0d47a386940fb3e29cc7441c55e8f3c9e09a8cba46174ac5c82e28f966d444329a1a64c49b1f344876673bb8b292a4cd4aa8288ca4cf63917692267dd15baebb6672a35b6d3ab0faa6ac378338142514a909bf2c5eddc5f4ddfdce42e35e9d6f16f2e0740b8ad302b7fbfb8de0f2658cdd9c5b7c4c6d28dd7d3ab7469db3ea17522954e6f5c134122889739d7031d43de0610610506a1cf8e96316c4b1eba7dea9c0614212b54056eea6f01b30977636136adb2c506e468be0153b99844e0f8eabc8148d7ac7c9ca80b65e4133a31ef35c3d2908abb3ca2999116e8edee4772d4bc768364134ccf0edc20c2e22740ee71c6900de70e8d0faf65840192ab744de4c297b99cf2d9de53cc5e202a4b2b855d707abea9e052e49921cba2460c23e647b925e314a0f45bfcf6bdc1be103eb853c307dd0d8fe4ef5f5ae484b004b4c771fa62e5e52b75cbecd9f0cd5d5cdb688adf8bd7692e6d7734ee69a826b72a830a2d476578e875e1282b6ed0a5ca6080b55e763ad31ec294ae4e366e0821d65d272676c3b2734c24cf3380b9df924e1b26a3365ac795ed1fa3ba91102fd78edacadd9ca4f988b3fa1ca836c4bff228fd134662655a893594d3ed82d4dcfbc2f161afb8db1e926f42dd798c1ccdf45f57208a99ecd541be66c5037160b6b7d0c193d756423fc78401a648f375866073a02ee444da58cbbd336a3e139f4dd2c3a005dcfe6adfe6ab2140060378a8e69950038b9a5aadfce4d25b09a3c0667e8d6af81d72d15418fea1e018ba8a1ccef96d8c5a4524f754957ca4fa2952b35ff1ca70bc740ceb9b43891ca02f6d6f58e35264806d5d5525f00a161ae7f814f487dc4cf507f518546c8733b9303ef6b5e3b89cb2f8ebd6ed84c2740aaaf54dea0d9a225b9abffcc66359fb11f9b197227ebaf7b9bf4100a8ac539de1ab6dcf9a7e048250e8ed3e6295877a6722d4a17238d96b66c06282d5e7f1d9e99c650aa9d91a5c315da31df7b9510483a660e4034490cb27578d91f120372678fde5e7fc95d489b5c8f948e882e0ff5c4d5873c3fbaec7b4385b48d1970297e7a53e9440ee5e4c24f86605bcd12c2dc93fc6a8c54624d6a38fb361c45f5932a3cf9bcd99ef840c94d461f71a898cddc0edc6fa985db33edaadfd9c90bb883306f198685431ce2a02dda9384413a458c5cd0b8a044e738110ca6b1b68aaf2ee90a1c208d3a6d824fc4a0a503f0453c6744b12434079e54cc7a3a1d57b3905b90f6b863b2a9c3b71b2960d9ccb4981c921cc69157ca2616d3a38a84fd1b5b2b4ef96a9b65bf9e0b55a9f946c7664893d8ebf08baaaf2f8d41e28520b9bd9da65e40f598bcbf542f6a2dc494af8b7102d38ba322f7b3a8e68d27c20c1e08c579f4af1ae92ba507bc741fb09f0ee25ef7ab722cd783617cc87b010908f2608369b807c7d3ff29ec68c645931e3fcdba3bacebc6530bd3df1a4ae9a42ff3b51a509b0ae1cc27bb6a7c49f8eae55d1172cd2beb08d902cf1100e9671a9b3b5814e905f31947edb69f18a851cddc5109251c1367c87f8dc0450a27edd3674f5777dd26c650aee4db444407f7baa41b699eb08f2195ab89233aa53bf56e7f735016f5d7a44a180c0bb7202bf9907bac41d291e6389784524881895c6e78d522247fe8be2848fc90737132dd1371443936ac252e44d0602a9ae6e7122b7f4ca6c808a942586c40d42773ffddc0330a678130d839613060f7f8481f5ff9ea326dfcb2b1ac83df81c2d056cea039268f7254a877998fc98d10175483586830bb2ad31b3d12614e267e63a9a1d60ad4ef314ad829dce551def68cbfa3d4cc6ec07dbeea58d4733b71f09d79a32f251a84ab89c5638a0118210170c71cf2c2d109f76083d95c094a88a25f17ac5d79fba92469670aaeda7b5687a8a21a5c2e055bf5c232a49767510c8d73a4085aad4e2f35611a54712330dc024629af7d032ed6e910fcc8ec88dd6e4a826304f38215df270c1ef304b314f49ee83ea4ca0ad2598765c40201ffbf1dc86f2a21b63702fc175c6a0b448ee0e94077ac833e84c427cee86596304a645e9a971c36abb2d0823ceb0570edf37ca148737c3f7a18dd8abef7ddc0cff1c4e209bab06449bfd2b7e7051845ce7314374be8e629712abe24aacd7ff671042b2e4daf22aa2c51aff8227267f32802edf8d5aef1ea835b2b8eaccff1366ad17d0e9d4bbc2ad098601e4beec0bee478953225998307cbf231398c7002b912a5ea44c6092d3b3ba362e0eb55572f4c89e1cdea1f2893ae6681ee0aa7d3201175ad7a7f74106960f04d4529b0fddf8f5eba5cdf6d8deff1fedd41e450b2b55f52f057986cc373a767e88be85cdd27b4f561df3d5b824d6c0e1d50373cf523e71efb01aa3d01e7f598e72362ad81d86ac97f4cde0d7a510f8a9e51548f3a90d2953cc5c485bcb47af829df916d99f4b7c5f6ee81d43d582b193144d253e1dc14380b89acff93a7390a948acc9188c3f96676162b8b440cd2c195f5db66eed66d166fa5abbd1ac43ce36ef85a57f3ad3a426455c9339634d5ab9d55c02b1ca94c9542c22049adcfabb766920fdda82b979a317506e56b1b23bacbcd1afea06d42c4f958037b682440f182a48d34e89c49dc33fb5c1b8c85a46b5e8cb3069269909baf603193c0fe9d8256b338e2d0af066253a4073f17e535ceb0ca041309d252cbcfabf95811bd140c8288caaab33cb77773f2c85f89b5357970dfeb6c353a31fe7e043f5508e0c768b841ba9e46a4fe627482aa4d585d16fbf3dce69551183fbbd50dc08216d4ff5eb9d4b26fe3abb402723f0bed3539b7a8ce13f08e36857d95334171e5d930db41f95950f147e590282ca971eba35db20c641bef90938ac2b8843e8655adfa43d4beac52457232644d00af1c57415949000b3de1bfee23f89fa0feece66942e7a62eda41c59b0a9cc9368a359c8927e789422589ec9e771d5b7d3b2fb74ab4dbf571b3d332436fe156fb")
mmap$auto(0x0, 0x4000b, 0x7, 0x9b72, 0x7, 0x28000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r2)
ioctl$auto_KVM_GET_MSRS(r1, 0xc008ae88, &(0x7f0000000140)={0x2, 0x0, [{0x40000072, 0x400, 0x1000000000000010}]})
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
read$auto_proc_pid_maps_operations_internal(r0, &(0x7f0000000040)=""/13, 0xd)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x9, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40)
execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000100)=&(0x7f0000000300)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\xf20/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a0\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5\x94\xd0\xf5\xe7\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00')

2.19498268s ago: executing program 6 (id=5236):
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttynull\x00', 0x201, 0x0)
ioctl$auto_TIOCSTI2(r0, 0x5412, &(0x7f0000000000))
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/asound/seq/drivers\x00', 0x400, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = io_uring_setup$auto(0x6, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_KVM_GET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000040)={0x2})
r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x2100, 0x0)
ioctl$auto_SNDCTL_DSP_SUBDIVIDE(r3, 0xc0045009, &(0x7f0000000040))
close_range$auto(0x2, 0x8, 0x0)
openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000001800)='/dev/mtd0ro\x00', 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_GTP_CMD_NEWPDP(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r5, 0x107, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x44}, 0x4)
openat$auto_proc_pid_set_comm_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/comm\x00', 0x800, 0x0)
r6 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000001700), r1)
sendmsg$auto_SEG6_CMD_SETHMAC(r2, &(0x7f00000017c0)={&(0x7f00000016c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000001780)={&(0x7f0000001740)={0x38, r6, 0x2, 0x70bd25, 0x25dfdbfb, {}, [@SEG6_ATTR_DST={0x14, 0x1, @dev={0xfe, 0x80, '\x00', 0x2c}}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x96}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x6}]}, 0x38}, 0x1, 0x0, 0x0, 0x187a6d4a3365006f}, 0x40010)
openat$auto_nsim_pp_hold_fops_netdev(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/netdevsim/netdevsim1/ports/3/pp_hold\x00', 0x101001, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000000), 0xffffffffffffffff)
msgctl$auto_IPC_STAT(0x3, 0x2, &(0x7f00000002c0)={{0x7, <r9=>0xee00, 0xffffffffffffffff, 0x0, 0x9, 0x9, 0x9c8}, &(0x7f0000000200)=0x7, &(0x7f0000000240)=0x3b, 0x2, 0x141a0, 0xbe20, 0x6, 0x7, 0x3, 0x40, 0xd, @inferred=0xffffffffffffffff})
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)={0x1260, r8, 0x1, 0x70bd2d, 0x25dfdbf9, {}, [@L2TP_ATTR_MRU={0x6, 0x1d, 0xc34}, @L2TP_ATTR_MRU={0x6, 0x1d, 0x46}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x101}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0x1}, @L2TP_ATTR_STATS={0x122b, 0x1e, 0x0, 0x1, [@generic="9388bd570c92deb82a77d78a96a9e21fc08b4d23b59e6fda99671ad817d04d38be81a3054558453f100fe41026d62751", @nested={0xeb, 0x10a, 0x0, 0x1, [@nested={0x4, 0x9d}, @generic="7090b6f4f24686cec093e6b7da9f92dd45886d4e65d5f234f322b39e8b2b6d82b90fdcb0381372378249164d880873dc6d086499b7b3c2ef9cc62167e4cacdd0db00950428b3846a11c2362b6e1d71f198fa58f8f6e3042a439e0497c9c783f78005907eca20275b5de61baca05102e4f4e3fadc6de1c2bc4560b23e3326c2b17c34cbd70a96582dded8b144533bf5d4693fe5e9a89566c031765923217360df813327498bd3e8545581716d6cceb1fec3cac318d4908dbddcd245a6001c84fdf74797eff263645ba33acc2261e49e7479790db564af2a14b413345430ceeca98695fd"]}, @typed={0x8, 0x13d, 0x0, 0x0, @uid=r9}, @nested={0x1010, 0x40, 0x0, 0x1, [@typed={0x9, 0x35, 0x0, 0x0, @str='l2tp\x00'}, @generic="22fce3b83ca6bce981c264909a72f799a9b4fdf0c5172208bca2da192bb82d40a54fc9ed726b1bf1a2d57c93ac5597b48227069df78ca8618c8039d55d853ca87fbc9d05f0bcb00852c15114ad7d9e54ec827d9b29615408e16274b9686a3c70848736db4c9029002dd70c07afa23064d961ebcae380e796b3d1297f9161350874cf992ca5bfc5137a1882ba6263856a952bed5576fad8505f325fe85c1f4e41974e5f7bfbd6ee9bac1d01882d4e704c914256b22e3af9fd6deaf7715617410b66f5172544b76da890791c0e9f6a72c0dfb83e4fc4a1d4a77fcbb3ac1b3046471624fa90e5eb4630a21b4372834003fa6a4318e610ce44bff36e105de43b9dccd4be07b39500c08301fe0b9dc2d6ed73f62392e7e1ef2a26fb43f98ffeb8e3e931a30df6e6a91c4d4b5aa772e3f33c25c1abe048b89392764e89f12934fe587ba86521e20ad84f64a7ed3277098447ed25b38875108614dee72b739667e97272bd2c676744bec7153957bb98dadcca1bf1b8ae7f6720787d56ae4879747d532e27a325039f730da5728516cf7faee632ffbb67891f092320b7b4e4a51b4601fae30f39a3b92525ec057266b3192a0cf7c72c4b5187809d8c30828e491fbfa08deced96bb2144b57f4787f249d420b0d84a403d0cb9c4a9c8d33e49a1dbdf89c6239d8456085475bae3b2896320c3607ace7a4f8246c216c02be6f04ca3bfc26240f69b2b8ef57fc451ed978524dc2153e4ae538d7d1c84f377f45bdd699f4514fa51f5ed36b9ae62f3f0858a44688980757324224ae15914dd1f52bb085ba46f61f6839a1a4004b7715fe4245223660e1ec3436edf9e3c884ddeca3e96ac9e6aea086cc51bcc7096a04bbb0d095f821c26ba1c2d7e66c684b71471e750071c706bbba521ea82121b53d342f5cf0b31d5562e411c9047d59a25ac5b7455bc5665ef9cc15745d01175e209c99122ba9bee7c61aa63040d2d064e792bcf1d559b907efd0898e1b080ca633c893deb4f2479efd8b8793b09db6851700684aa092924a8e46de3cc7fd723e056f9ab0561491ef211f2fb51e0a5d5ec429ae5826f04f7c92df54a59355ec3de2d6e1e9a130b53a597a9ca6588f3ecaf485eed9c65e88748fcd39744eac5146c9302fb48db6024cd39a0ba8f0b602d2da79da1bb8ab09fa46f03090d9112fc2f2091d6fc0c550fb379dc93685f00f82582bdc860f0ef3bcc2577d86e9f223e86587c8d15841f948d7cf04db546f36bda99dabac6ed48b4c034b102d79bb412de5e8654da8c2ddd1b4b035eb57df961a544fc76f42787da3a78104bf4e0ab7c87572364f89caa7b187812d2de5aaef8a0559f307a952c581ae4c8ee22cc23675e0a1206abe8718c492d7c6fb95a2dd778acb6feba3f7e4c1d14dc57ec49ae4eee68408633913b28e00f6d8cecefa08ed8c4fc14f2075b2d2d2cb4ab2077cdaa4853f6b4108e67cb24157f7ccaf6c28f456c768ede3ba1f8413b52ca0e1b083a73a292330e4d3e33c886098d5beeb29952b635dedad1a284c25290a90f05c543e0b70abe641b057e1af4f24acc24513de21f6c3596be6e95054ea56b88e82351e6bd07e1a58144d4e91fb2f4f5f2929932e236e52d5b981ae6836a270663a8e75c5f241e234f6dbe28e456fbe430af9131311a8eb07efc8ed49ee61e9fba346ac089694f9a5a36a59d7ee6efea3168f85b5296ba1197079584853d2d9f4ef04f435c63a990fdb1531337114755e950db7bcff1620ec758dc48ef4f67f2cb7680aabba18609ec15d57a5e316c9ec1e3d3fa4adc954289f62bc5a267b25cfd658397a1551ecf8df5d88ed88fb9b94e7d1b247422140aab1fe6c92dad612c4bc026cccfa962dd02b490d0fab48dd3e98359aa7a263c3c3772e6173569d50d331292f04b623b4024f09495b44de289b4dbb2867b9c8c2d6813ceac103f4b7f2be72f6b513e0748a112132daf190bf37bd4d39945aba4478d098cd1bdb7f7debb06ff2d35de7fc08e7f6553863efa326791d68ef900dfa9d3ef122d2bed648cf62cdfb1c208169b068db008b0324e7d9fb25aec7d52c93f8a9503cb1557548e0d6fef51d8dfac3e302c941275d2f27392bacbe91e162996d8b27187c43ae8e309fb2f390224cbef3ba574284c4d04e4eb2c1bc5a63295ae90c7504d8aaa264d4a3e6b2b1eafd432ed050fa3d775450d0bf605d837d2d0b4fbe610bc57c7b186dcb5db25367acefc7b386813469d66bb5a2239d283cd64a25c4ed2a5ac51a1d7823872c1eb0159ce785f53f684c156c4adc1ea56ec6055429b511ec14a606e59565e23067c2fad1b943338e32b8c0a4241ba2c9ce2df1c42e99a534e7f792726fbb548752b78b9f285c0d113da4a13e6915459b66314b850621242b7e4304d00f8ab728e98b864fbaf5109072075ba88de340eff1ef79ed5099c93ffad1cbb36a1f09818f45ff84b835f7f237e0a4c4621a7a2d287bd0c07d74a12187c9cd9561c7a162a0d3d3a790496da56debf1e19939a2c605491d44aecc979130e6aecbe1956eda52ef5ccefe43565ce337a9558b6439abdc2d9c06c39828a94e0051494fe5a39623ce162ce654ff948ce9f1d9ad6b731ab179888955558805762ad8f3232dbcdf4730ad650b731c930d719f063ba5532bd9d8144e3c4a325f65e371e542a31598cac0a30e23874e0f650031abcd6728297299139583b7bfc66918cb955036787fb4544bc1ef77a6a4d020d4d11aa5460c39b68b4f0656cd8067daf5846f82445a5189e54dd41f7a8f705c6b901dbab31ed2a25e6cd0f7dfd19466cf5e5700ea0603d254040e71cc94318b80f360b748addc399a6865410303cda75e9074d21d5d7b0077e9a873d9e995677cf40e8f308102bece60d6817c40643434c1545724cef696b2cdbd89cd12a455de78c7073436af8f8345685e7017a258808a3c7a694729d6e17f098ce940066d378a74ec943587966773b80d7d7bd82b782269506f133cfe388c33bc980cca566927b5e4da0732609b86717077e53dbfd663ba12681506c72b331e9d446fd6ba344294a3009905f7dbf2bc9493038be0289f772b298b812f78db490a48e4203f84814783c3a0bc9a9e7196dc920169fa4e4cf491c164cc4f5362c50b9635cc8d3740608e37a31066ee1f02e5fb9f257731f1060feb2ae1cd8417a00486129a650ae37a09caa823f59682ada3b6b48bc3fde0bec53e9b6557c8c2c4725240a87ee5b7a5ca6d838eb6958e1adc9f582c9a377c8eb5a81a1c890e8955f721ee47bfecc2a4a54716ae7084135776c9b7f470194887c098b38caf043b8b6050a7f8472cf2a4a6a781c30aa76ef3baae6119d3f2a942164f45195b3df7cd25b2db67da1d015c1c26746c4a42d748db5dd8e369225abd14bf3cf68f3f99d9d7cd6b2cd71551d7e3ce343292ddeedb4746827028037438384924672c14b247bc291ffd8db9d60afa35eaf519a8de30c10fcf1f0922a7aef4531ad15a0fa9e4a37faf73090079f257bdab3cd08d9fbcf75b0c193e6289e376170273c365119640f5609f6722ff682e296db3f55307cf5fdaef3b660a5b19f2898efc7fc785fa544896e550a5188604d16851f0a6df2991f2ca1badf35549ea14bf0d7404699d956c0fa4883a552741d47acc7ae5df7135d8b645171e43c38eab4af902748285240afb33857389ffd07e74ed2717697c8e642e5f56d7a1c4c1f412923ae45fe2cda443c896d8012882a751f3d7bc14893976171f9c9b616880db1d0b1f07f06115fe022eb1e1f951e15b6ebc89d4a7e859ef7fc3ad6141dc312ae80b2411d77bb4874cffa7b27860cc7dc0bace9fdccfc527f13b65b013366a0d62d92d95ec9ac8cdda158820d88c890b958b6cd0711a6c98bd5f497cba9c5a7cc4626813ac3cf16731b65d81072ce41f2cfa4fb621a629548140c8069a2a91b9ba8d3cd0ac0208440b1ebfe741eeed9336199ae15e629c55b29123ada9aa5769adb7b5636bdabfc7bf4752fe63d3819d3515eb83075f99248186d6893055126cc638408295e3f758632b4ffa885d9e26cf308f8522264bd886cf3176225f3e6bd3dcb5e9dbdbdedf1c9d351e7d6c224582d927b90f2c8215c0de000356c6c09cc3eaf261120bab17bdd70c5f3016bfa7898d8f226f672addf27247fa79b9faa4e80dc0b560084901d7b6e09015e873c2fde2b29315921a25a120f241049eb001871bf8c66cf272a08fcb58771c3f5cde79bd2c04eec7e891b14347d2ddfd4bc60224cb06ba58e7c7b58464ab449e5a9eaf673046eee37383d759c9d1b94f661876491ef20dddcf49420f0aae0184507caed4360b016d11c7530431679646420874801934d5f1d23bc8bb919d9ff167f2a67e3545106335bbe0fdb9dcd1d9fa8400f88afd195844f9c3f8b9d5e16e8e8010cb8b4851f5bed683d925ab148ad72d233f08158f767ee2bde7645a0c3720a6cdc47385137dce98faca909a586780e152f6ed9156948891ca5908553a98ab3b594ec0c1d257e4615cd4e54022ceb20a908c0211b78372161177e5c1fa4a386f920f252a31fe7c67513e9e8264e7ec965538d70275e3366dee37f8f369874602056ed80d4f966889b02c66c9ef9d1a79e998c51c6604b5eac063353134cf48aa728bf962ef0438578b62f5a67785c942a9d38917b2a37ac0737f0c323275bd26d344e8ebb1c305c074b7bf2dd47b91c345dc6a1295da3afbeceb2509f42f51d793e1609a5f329a8f8b02384c29fa6e3c650e81d18211ca67723e7eb109c5e9277e50aeaca342acd64a9bff43f07318490d4d9c375a6a49c9e543b0778a021e1d46be2056781bcc3173d1950e045390de5e7327ef6fc3358de04db8f46de9f4b6074e79e4e0efc91a1890e248ba5d05617399d166b5d9a0478c9ccf7d9db0e5814b20112448036bf8d552ee081128b60c3c57f9010610cd9904964d1bfe972d6f7f8cf1d63ef7f9073bfe4b4fca3a1409ecf7cffa18faae2660cc8b96d0af3493f768bb248380d2a85d186daefb2f6420b83341597b3806101e7c031b9efb48b7255c769eb9dcc91be165c000d0e2874432cc0b45de3463959bdd3ecb5d314a0b8071d158da8e7bec3f24be03073fe553fc5ee82ae3470a4013ffbd7cea74891da3a55570c4f59591c13c1027f06fee5f609d52bc7a628beed54539f0d850efb71d3358ad947c21acce26ab56bddc1a82ad5fe2f6584a4794fd056f250f6c56474c93c84852a58f267b9a2a9ade586e05be824b933d35e98d02d276d3a748dd162d0ee2236c64b03410b237e3f874ee18c04335a0aac6e619e049acea4f41cf73d0bfdd0c7ed4a9b853a52095738f7870565d1e487ac789c360445385e865757d58bdc9a241fd5c0afb560cbe6592a9d52ff97a72b7f5a6f41032da57f9239f063fed6d7347e79f674eacfe67f37b91adf00c5eec71e03ab753da69399816f48ca31ad95aec36ce23b1f2971e5867ab2394459e376d90694c5f6465e2c25fea67dff5c1d72f2bae95a319962502a3c722f12cbd18143fc61910dd7e42adbd86b1945979147f7023009684631e7c6a1435938755fe87df681e87f3309f760fb3ae640dfa4228e2c9d2a72551992f7da8bb55de754a5a1d0d0164ea5b2450b77fec566d2eeee5da0c242902166746bf81da63c9364c8da62e9577d129c1f6168224c6e099adbc76f859eb7557a14de0101df6f89f4cdfb45289f60c999e7f78358fbed0420f3833d1a254428d1dd2edd6e9172a247f7be244e897cad3aa7f5b13e4f5312db28613fe8c4"]}, @generic="fcb5e28ee63840570940d8bb8fcff20db013ae1d28de47af776a59f2a3363ac20e1847304e2458a6d2ee04d9967bd9d0ba29c5f7a11c84038b654bd1351123680a29b115f3d0f353bbd01b62525205b6aec7f67cb66f4dd4bb78ed0ee5f352501c98dafaf4748e315ceddc55fc04fb67594a764e0307d03cba733460637df6b63b00d5c28dd893322edc254a24c1da88b4c50ab5f3a4fffbede4d75025b944f06e079a919a94161c8e17952f2feb836769f1dcc76dab8bf42fcbc2337e7ae00a92f84b9d6f1f8040bf56f5aaa571d94276ca1bf30e1e25edace24209767f6ed7df4120a737f4511c0e474cb163456a003f3f7f"]}]}, 0x1260}, 0x1, 0x0, 0x0, 0x40000}, 0x400c004)
sendmsg$auto_L2TP_CMD_NOOP(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x1c, r8, 0x300, 0x70bd2c, 0x25dfdbfc, {}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x80000000}]}, 0x1c}, 0x1, 0x0, 0x0, 0x22000000}, 0x40408d0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x0)
io_uring_setup$auto(0x6, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/input/input0/inhibited\x00', 0x20b42, 0x0)

2.120290693s ago: executing program 4 (id=5237):
io_uring_setup$auto(0x6, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/memory/memory15/online\x00', 0xa001, 0x0)
write$auto(r0, &(0x7f0000000140)='0[.[\x00', 0xcd04)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/lru_gen/enabled\x00', 0xb02, 0x0)
sendfile$auto(r1, r1, 0x0, 0x1)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = open$dir(0x0, 0x42, 0x3)
r3 = open_tree$auto(r2, 0x0, 0x9001)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r6=>0x0})
sendmsg$auto_NL80211_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x57, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYRES16=r4, @ANYRESDEC=r5, @ANYRES16=r5, @ANYRES8=r0, @ANYRES8=r2, @ANYRESHEX=r4, @ANYRES32=r4, @ANYBLOB="45a77efd0a765817a8c4e7ebbae518f6be79321f", @ANYRES64=r5, @ANYRES8=r6], 0x1c}, 0x1, 0x0, 0x0, 0x4000001}, 0x4000084)
r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r4)
sendmsg$auto_NL80211_CMD_GET_WIPHY(r4, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r7, @ANYBLOB="810b25bd7080fbdbdf250100"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004)
sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000180)={&(0x7f00000011c0)=ANY=[@ANYBLOB="ec2b70c50000", @ANYRES16=r7, @ANYBLOB="02002abd7000fbdbdf251f000000d4067f00a080036e59471a35044ba72478180b739bf3b2320c69364f629197642ca537bb9705b27779d9eb373714619d1f4a4dfc206bd046dbbe22d49fc54ce21514e8f118d079dc7f2ec3fa24401036e3ce728826af10ef7879286b782388b879aa4112448a73d852a8e06378d08d24a70dfcb096fde92e2ac26b5aa515988a8746c7729c3d51d122b52ec476f6197487150e0a0a7f7a5ad104000aaf5dc42dbea101c51c98f190b643f908afddc941f25f034dc0d0d0272c4749b2601fa23552763561204cba662108951b1189aa22c0dc1af1b67180b59af07d0f5edfeb1f0567b570dfe499dc79e18cbeb8fc22230ef20f064778881ae0ecb873afbc7920aa4601f25e9421f9c2ce7e6ab8f3ef9e708c066ee7c74318743aa7abd3b48852a97cee517f47369ac84d6b1f4447a2445ebee2b3065adcbe8954d1c74eb36d176a9b0b1043b3e61d6dc967b22c3ccfb43e501bef84c6cdc0fbfa583c253b2e9add9752c3765214f55541551edcc9c6365ad1c3537d06e93962234c66326510129b4d151205db5ab43cb5a9f83ef13f157b06d32055508b3053f5b081fff4dd337dd667f1939efa501768796c3ccbc11cdf3fb6be01e990694112f26238157da542de43c00344b4e35519d0fbf06905f9c6fc63ee5adb088777149ddb73800f1cf5d4c5ccea823979bc743e5d186b2617ee0a670ccc5f0dd117bf71f45e4129c86f87df0332fbc93199a1c0054a739373668bd7df0bd0cfee1a4ef097f4b5332b9d0a04895f9f87d5c63e74f6a100ded2770c7b6249fb14796e2901be2baabb2c4279a2265295648e044945f382fa01c640a92a03b7db0778e1f2b9dbc6d2e6a5d843b6bb6f88342608152f5d87cd5fa7b3e80bedb72985215f8c90b8b0732ef2dc918c5b59307e63124e5b847a93032f5ce949357dd52236735f8948bd8ad3552a64f7ebf0ce2d0a5e16efd5c1102bc102ef5e8da0a38e72c93fd3f18fc5843ac62151fa4874c2e31121766a32c53a25b33f8fd9beed72dea6c074761088f48c408e6f002babac2a3ca6d913d18cf4963103dfd04b65dc0b7ebc7eeebadd98e4b9efcf83a4bdefc31510c821d128821b2872d4a0d30223f679e2542024eca9e6e99bedf82cc536f1f6b06902219ed7f407b8fbbbfbe05422c5444dd2d68d20e4392d7c5b47e2d88e5afbe7babb4dceca1e5280ea9edab0447bbdbcf5affb1bab0c429c8997d9d5c9475f5c72ceb6705731dfb29e82b3a1a860b0c00312101f0923a1398a34edc34d6fcaabd5ff52b88cb1bf4592b635ef07b7e315a938e8aa6ecb67f98de863f290ffda11b6848d3e12a545537cb2bd8f2804b7521410f0ab095954b3d5e0b599e4b41f5dafbb56fcde0b8a74cf0132ad25065e87a8d043d7d572c85194b518a1af9350b9b267509e709213aec451b7dbff20ec27d808afbf726d98f4736f45b5f373f728bbb97cf978236faed16d352731d5077200364fcdc5fa6b33d8e487e6790f4add458a2ae66fe34d8a47d3344cae06948bdc8230bbccc8cc84e63d345a109604a1663efca50eeea03a49bb54b4ef4dccef46fbe4163e51fe55b3e6680c49e63bc20669436f8136e421a85a67c8ef1738f7512702e10e613669113d0a8868e7d5a66203f0e297159f048386486632777088d77fbb7efa0654e597281ac4f450fdd698a439aeeb18f66ab069f0dcd482b8b6d8886b3317555c01c304e6e4973d3414dae270975ef164416afe66d6f87145d70e23e949d87098e5cd007f95c07362e3023bd37234bebcfdce69d74e150e1d98773d3ba5c9d489ff9f937ec139160fc1e9e93470c261cb269417feb87f3246e8b8803eb7c099756af745301938534b72a5c5707580048944f1c557658d3a83c0eecd7eb726fe524eb6f37f5e8955dfa85d6977c7ecd0a89dcf4c1940d8cd15f25c43d7e05efebe24df07ab17c90015edc16e7dff3eb1269e29b5095e852c3a5ce7f31229591d24dd4d6d9058bf9f813a18f0fef6e8c65df265f2922c4dac35a77cef24d41cc592fa4c655ed6c12d5e2a43254e859d4d863e8471d85f40b10df38693bfe4bb2db47f028a3fb92434df2a848ef9c365f707fa8477a68f4547fe3726ea0179ba002bef7658c2b446c21d1ad761db76fa97b52b9b03ef874da3890c1beae6413e9cb84ae6325c674eef20d31d057c4d4b0f2805b15c22a6c6f16924d2d9943dc91615a00649b0e26c9e90f6a40e7c1cc24a0e456b2af3562097daf442e89d46e749551dfa0a6706f9ddf336283e6cee493aac17a06dce7f7e767cb8b00d28e93485c41b0d15010db3d0f5d1acd83c4f04cdad8f92142edcedd1731623103b42f9aae4ff83b09c826dd00a80e611d9820ca6a76bb081ba3f5e532b5ebc49abcbbfb54a432f994ca2c3514d9be5799432c2bcffdbb6a1194e248d1ca526273c8cd79ca23a24ec7d22457c74135cc903411ba04f5dd9fc037a8092003100ff0e761aee613b16cd988f5a05ae76bfbff42bb64af49a92dfd67c4e7d4c53b6c8e3d84b7921b05498d159340768b3d60f31ea06a5f95c893894a3a810ec0a9841b9e4fa0544064271f32f2e58809f6d20a853b2769f1a8d57558c5b2fdc45eac0b3c9827add2f165bd205a4472486d1597c1517766a7363e435c3d3394baa1e2f08968e3865a1e57eeb4a00ab590000e0005c8037a4d5c32d672f394319dc9485bc4782eed6c5da1629bcf191f84e64c800805ff55e5f30e043943efb89c73311979b67521a9049da2570d944a9debc59f23181e1dee261b8e34f3a7add13a3277b3dfe3acbef2e4b034e80d85b076ef35c5e3f7d9dca6ac212ce52974520507e57ce818ec60bc9ba4dbaacc2eae95e21545113d49680218ae18e1ae8187d24038d01bd2b150895e53effb5703853ff0eb309f3f2903366c9312a88554c9d8caaa29463b0278601e3312b2e07bc2cf35a1ecfd86121666b71cc4d00f50352ed4286cbdf35710d57538e95c704000b80f0b02f44ebd9eba8ccc5f5f900b20a3f3623470260a0b2a3e3ed3a20d1f05dbccf065247f7bfa2cfc9194efe0a2d860279da6d059ca0e9e12de11007b027b936ba53123a2d7695cb2db05fb911f6ac97f01c451d60835f2f91568df566aaf0811a0c5dc0de1173f3103ea6b5c2509eee140281800400f68004001380be60586c7e9f0747a8e4e592ada65dfc0bf22d23ba0e3e2f07b55674f019c63db1ee3b4e5b8409f99ac9b8b153f34f6b8d724621619092f982b2f85d7139edc4da2263be9ea1ef446d42fca04c86f808948e97554c1db56666e0e0cc80a06a8eda81a7184958d1743ee960e7b2cd7526a104661424ae122f471ea88453d855d7e483e985aaefff44b94db02952765ae03f20c38b41ec96700aea142493ae76d3048d8f7de3d078e85d9d5d4cdf114cc126bb3aa9f6277d1b9b1c1bf016e6747820b4fa3646979115db6746c9b9b66afd139688ae14fcda1117f5d7f882e63721786edff9db2c33740c2da414f9c29792b66daa65514e2435e2715ff8640a5effc73e5f618478879f63b7a55f3355073b7ddd57e3b025653dd8c32f873cdf6cab1173f5891c42abddd2b2ee54922de0393e9cdb5d640009bc140f93f83459efb427d71ad3304f2bf2c7b4d0a4ddb0794b635a94cc2de5fe6ddb4a1c69241877d6fe44804ff95ef0842e6c4c0697afad2e9708002c00", @ANYRES32, @ANYBLOB="04000f808d212b73c10adc1cac942ab8a14129f6b2b9e47000ee6611d53442b33aff9cd4365e0eaf72f5f7ba9d007a180af5e2162d12128b8bcd4a3501bf5f21ec79f03046a0fbb6cdb55dddc8e67c5d9958383367790bd1cbe1645eed969a51b0506f76790d80dda60ee111ca44fddaef79a3bd1dd21e880977481d9ed58e30380e5f804f550d1b68a4e5040036000c002e014000000000000000fb00c700d4eb120fb990f312f6dc1cd1e2fabc17153e9e0bbaa255bfea657b66e5ef6d5c44b7851528115b5080920b3f7a5edb8c5c6ae63c4a8cdf26b60506f9d7c3e977b7c1e05b8754f234b727319ae25f75a8362c0ff160b5f62b0de762efb0f9db7ffec3550c9d534a1176d18e6d6f61566315b529b950f78d46ac1820c550cd6f077c640ec35a5249f5a5aa9df7105aa8c530c3a17f7e1e1990295c5930330f21228ad9a4e30a7223df2f8a594967f607d338a8269c20259a25c9d884f6e6f07412d5c19b28e02d333fef616a1d3bf2edf35e8b6bb815996fca3b386d3ba3f98e2e9116f6422a6f544d72c6ec9f31440c2b49d2df2a61faf400"], 0xbec}, 0x1, 0x0, 0x0, 0x4000000}, 0x80)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
bind$auto(0x3, &(0x7f0000000040)=@ax25={0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x3}, 0x6e)
prctl$auto_PR_GET_TID_ADDRESS(0x28, 0x2, 0x0, 0x0, 0x40)
setitimer$auto(0x7, 0x0, 0x0)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000002c0), 0xffffffffffffffff)

2.050343985s ago: executing program 8 (id=5238):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
prctl$auto(0x3e, 0x4000000000001, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb2, 0x403, 0x8000)
prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_SURVEY(0xffffffffffffffff, 0x0, 0x14)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
ioctl$auto_PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, 0x0)
openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, 0x0, 0xa00, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) (fail_nth: 33)
close_range$auto(0x0, 0x5, 0x0)

2.02940268s ago: executing program 7 (id=5239):
statmount$auto(0x0, 0x0, 0x1fe, 0xd)
socket$nl_generic(0x10, 0x3, 0x10)
unshare$auto(0x540f)
open(0x0, 0x22240, 0x154)
openat$auto_fake_panic_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x400080, 0x0)
execve$auto(0x0, 0x0, 0x0)
unshare$auto(0x40000080)
r0 = openat$auto_buffer_percent_fops_trace(0xffffffffffffff9c, 0x0, 0x111001, 0x0)
writev$auto(r0, 0x0, 0x8)
tkill$auto(0x0, 0x7)
write$auto(0xca, &(0x7f00000002c0)='\x04>2\x1e!\xe2\x00\x94\xf2\xa2\x00\x00\x8d\xa9p\xcc\xccV\xf9ozi\xb2:\x19\x92r\xcc9\x99f\xc5\xed\x84fe\x8a\x8c\xd3*\xfe\x1dE\xa1W8\x03\xcb\tSK\xb4\x893\xf3Q\x7f\xd1|\xefp\xb1\xb3\xcer8\b=\xa4y\xd4\x88\xbc\xe0\xd1\x03\x108a\x90KG,\xf8\v\x88\xe2+\xcb\xf2v\x8bL\xa6\xaa}\x1b\xa5\xd8\x98\xc9\\f\xccT\xa1\x05\x14\x84\xbb\aF,\xc8\xc7u\x93\xe8?\x92\t\xa9`\xff\x93l\x93\xac\n\xdd\xa4\n\x8e\xec\x14\x02|\xf7\xc4\xa0\x06h\xc0\x8f\xf3g6\xb8\x1a\x18\xf2\x93\t\xe8ips\xa7\x9a\x1cFPi\x13\x89DRSO\x97\xb1\xc3\xb8Q\xa2\xb2\xa8\xc3\xd3\xf9\xd4Y\x8d\x8d\xad\x8f[\xbe\xe5\xf1\x9f\x01s\x8eg\x05\xe8\xf9\x8f\xa6g\v', 0x80)

1.946768907s ago: executing program 6 (id=5240):
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0)
socket(0x29, 0x2, 0x0)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000040)='/dev/usbmon32\x00', 0x0, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x24600, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x0, 0xd, 0x2, 0x948b, 0x3, 0x15f4da0a, 0x1, 0x3, 0x62, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffa]}, 0x0)
futex$auto(&(0x7f00000000c0)=0x2a08, 0xc, 0x1, 0x0, &(0x7f0000000180)=0x5, 0x2a08)
r0 = getpid()
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/rpc/nfsd.fh/channel\x00', 0x8f3b7a51b80ebd01, 0x0)
write$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000040)="202020d1027e0dc0023af10e9bfa1babfa3a3753ca9a20370a", 0x19)
process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0)
io_uring_setup$auto(0x5b, &(0x7f0000000080)={0x7fffffff, 0xd, 0x10000, 0x7, 0x3, 0x7ffffffd, 0xffffffffffffffff, [], {0x6, 0x1ff, 0x8c48, 0x2a2, 0x100, 0x7ffffffb, 0x101, 0x6, 0x3}, {0x100, 0x1, 0x0, 0x5, 0x3, 0x40, 0x76c5, 0x8, 0x100000000}})
mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8300f000)
mmap$auto(0x0, 0x4020009, 0xdf, 0x420000000e31, 0xffffffffffffffff, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/pci0000:00/0000:00:01.3/modalias\x00', 0x22400, 0x0)
read$auto(r2, 0x0, 0x20)
utimes$auto(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x1, 0xfffffffffffffffc})
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x100, 0x0)

1.302359396s ago: executing program 7 (id=5241):
mlockall$auto(0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x2000040080000004, 0xe)
modify_ldt$auto(0x1, 0x0, 0x10)
openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x8001, 0x0)
sigaltstack$auto(&(0x7f0000000180)={0x0, 0x80000001, 0x40b4}, 0x0)
close_range$auto(0x2, 0x8, 0x0)
semctl$auto(0x2, 0x9, 0x939, 0x6)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
syz_clone3(&(0x7f0000000400)={0x1045100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x402, 0x0)
read$auto(r0, 0x0, 0x39b8)
socket(0x2, 0x80002, 0x73)
setsockopt$auto(0x3, 0x6b, 0x800001, 0xffffffffffffffff, 0x211)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0xffffffff)
openat$auto_sc_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000040), 0x22c2, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = getpid()
process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x1, 0x0, 0x6, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x100003, 0x9000000eb1, 0xfffffffffffffffa, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
modify_ldt$auto(0x807ff0000000000, 0x0, 0x40100000000aa)

1.004771751s ago: executing program 8 (id=5242):
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
sendmsg$auto_ETHTOOL_MSG_FEC_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x80}, 0xac8fe2812c61ec00)
mmap$auto(0x0, 0x20009, 0x8, 0xeb1, 0x401, 0x40008000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x9, 0x0)
r1 = socket(0x2, 0x5, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x2, 0x1, 0x1)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
sendmmsg$auto(r1, &(0x7f0000000100)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
close_range$auto(0x0, 0xffffeffe, 0x2)
socket(0x11, 0x80003, 0x300)
socket(0xb, 0x0, 0x8000)
pipe$auto(0x0)
unshare$auto(0x40000080)
setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x400000000008000)
close_range$auto(r1, 0x8, 0x0)
socket(0x2b, 0x1, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
statx$auto(r2, 0x0, 0x6d7, 0x6, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)

879.596095ms ago: executing program 6 (id=5243):
socket(0x2, 0x80000, 0x300)
openat$auto_suspend_stats_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x20800, 0x0)
unshare$auto(0x40000080)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/set_event\x00', 0x20c8c2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x44, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0)
mmap$auto(0x0, 0x9, 0x24de, 0x16, 0x401, 0xd5be)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev6\x00', 0x2381, 0x0)
ioctl$auto(0x3, 0xc0585605, 0x38)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/\x98@dio1\x00', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x11}}, 0x6a)
sendfile$auto(0x1, 0x3, 0x0, 0x7ff)
ioctl$auto_USBDEVFS_DISCONNECT_CLAIM(r1, 0x8108551b, &(0x7f0000000180)={0x3, 0x8dd, "c52a759bf0234ba2b0937b93b6a79d10c1e30cfad64e47f156c0720013beebd77ef25574a3d8273a18114a6b3b55ad2b677ad3bb306d2645ec93f1fdfdee09a2091725b1a0c450e1325ecf05a4ad7238eb07cf3a682534f44c2bae999035e64eb850a3d728be01fdcecfdb963a5b380f10efa5cad18e9beb17029e812665c4d9238d0c83f0b3e5c15a229964081d71e7d0b7b8c25f203b69d7550b198dc1652edf17b23fe2508525268fae97323ab882162d4fd69f096224f368f429931000c892c982753189fbe214c6c1c97a484a8b843ff1e6769c844575329f672c20e2a67c2208d9caa546b7440f30f403330afb7e96274d791fef7f71d1ec341a2845bf"})
sendto$auto(0x3, 0x0, 0x2000f, 0x101, 0x0, 0x1c)
shmctl$auto(0x0, 0xd, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
recvmmsg$auto(0x3, 0x0, 0xfffe, 0x6, 0x0)

526.339916ms ago: executing program 4 (id=5244):
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x10, 0x2, 0x15)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x3f}, 0x1, 0x0, 0x0, 0x400c014}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r1, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/tty36\x00', 0x0, 0x0)
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0)
close_range$auto(0x2, 0x8, 0x0)
memfd_create$auto(&(0x7f00000008c0)='/sys/kernel/debug/x86/boot_params/data\x00', 0x0)
fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d)
fallocate$auto(0x8000000000000003, 0x3, 0xf, 0x280000000)
r2 = set_tid_address$auto(0x0)
ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, r2)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000040)={0x1, 0x0, 0x1}, 0x18)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(0xffffffffffffffff, 0x0, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r3, 0x8000)
madvise$auto(0x0, 0x2000040080040008, 0xe)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/system/machinecheck/machinecheck0/bank6\x00', 0x2101, 0x0)
write$auto(r4, &(0x7f0000000240)='802.15.4 MAC\x00', 0x3)
connect$auto(0x3, &(0x7f00000000c0)=@llc={0x1a, 0x338, 0x5e, 0x1, 0x6, 0x5, @local}, 0x10)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/ip6_vti0/stable_secret\x00', 0x2, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x7)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0)

218.528877ms ago: executing program 6 (id=5245):
socket(0x2, 0x80000, 0x300)
openat$auto_suspend_stats_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x20800, 0x0)
unshare$auto(0x40000080)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/set_event\x00', 0x20c8c2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x44, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0)
mmap$auto(0x0, 0x9, 0x24de, 0x16, 0x401, 0xd5be)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev6\x00', 0x2381, 0x0)
ioctl$auto(0x3, 0xc0585605, 0x38)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
r1 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x11}}, 0x6a)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x20000000)
sendfile$auto(0x1, 0x3, 0x0, 0x7ff)
ioctl$auto_USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, &(0x7f0000000180)={0x3, 0x8dd, "c52a759bf0234ba2b0937b93b6a79d10c1e30cfad64e47f156c0720013beebd77ef25574a3d8273a18114a6b3b55ad2b677ad3bb306d2645ec93f1fdfdee09a2091725b1a0c450e1325ecf05a4ad7238eb07cf3a682534f44c2bae999035e64eb850a3d728be01fdcecfdb963a5b380f10efa5cad18e9beb17029e812665c4d9238d0c83f0b3e5c15a229964081d71e7d0b7b8c25f203b69d7550b198dc1652edf17b23fe2508525268fae97323ab882162d4fd69f096224f368f429931000c892c982753189fbe214c6c1c97a484a8b843ff1e6769c844575329f672c20e2a67c2208d9caa546b7440f30f403330afb7e96274d791fef7f71d1ec341a2845bf"})
sendto$auto(0x3, 0x0, 0x2000f, 0x101, 0x0, 0x1c)
shmctl$auto(0x0, 0xd, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
recvmmsg$auto(0x3, 0x0, 0xfffe, 0x6, 0x0)

141.919875ms ago: executing program 7 (id=5246):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x6, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_proc_pid_set_comm_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/comm\x00', 0x800, 0x0)
r0 = openat$auto_nsim_pp_hold_fops_netdev(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/netdevsim/netdevsim1/ports/3/pp_hold\x00', 0x101001, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x0)
io_uring_setup$auto(0x6, 0x0)
r1 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000400), 0x80001, 0x0)
ioctl$auto(r1, 0x3b8e, r0) (fail_nth: 9)

0s ago: executing program 8 (id=5247):
unshare$auto(0x40000080)
mmap$auto(0x0, 0x20009, 0x4400000000df, 0xc157, 0x101000000000000, 0x7)
r0 = prctl$auto(0x3e, 0x9a3f, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xde, 0xeb0, r0, 0x3)
r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(r1, 0x0, 0xb, 0x1)
setitimer$auto(0x2, 0x0, 0x0)
setitimer$auto_ITIMER_VIRTUAL(0x1, 0x0, 0x0)
unshare$auto(0x40000080)
setitimer$auto_ITIMER_REAL(0x0, &(0x7f0000000180)={{0x34c, 0x9}, {0xfffffffffffffffd}}, 0x0)
setitimer$auto(0x5, &(0x7f0000000240)={{0xfea07d8, 0x9d}, {0xfffffffffffffffb, 0x9}}, &(0x7f0000000280)={{0x4, 0x200}, {0x2, 0x6}})
r2 = socket(0x6, 0x1, 0x5)
ioctl$auto_XFS_IOC_ERROR_CLEARALL(0xffffffffffffffff, 0x40085875, &(0x7f00000000c0)={<r3=>r2, 0xf})
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x100, 0x0)
ioctl$auto_SNDRV_PCM_IOCTL_CHANNEL_INFO2(r3, 0x80184132, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/midi2\x00', 0x10401, 0x0)
prctl$auto(0x3a, 0x7fffffff, 0x0, 0x1, 0x1)
write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mmap$auto(0x1000, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
clone$auto(0x2, 0x81, 0x0, 0x0, 0x3)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/irq/12/hwirq\x00', 0x2000, 0x0)
read$auto(r5, 0x0, 0x20)
mmap$auto(0xfff, 0x20009, 0xf808, 0xebe, 0x401, 0x8000)
openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snd/pcmC1D0p\x00', 0x0, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ram4\x00', 0xdd01, 0x0)

kernel console output (not intermixed with test programs):

 0, times 0
[ 1692.205259][T29917] CPU: 1 UID: 0 PID: 29917 Comm: syz.4.4988 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1692.205299][T29917] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1692.205310][T29917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1692.205324][T29917] Call Trace:
[ 1692.205341][T29917]  <TASK>
[ 1692.205351][T29917]  dump_stack_lvl+0x16c/0x1f0
[ 1692.205392][T29917]  should_fail_ex+0x512/0x640
[ 1692.205434][T29917]  _copy_to_user+0x32/0xd0
[ 1692.205464][T29917]  pagemap_read+0x52c/0x890
[ 1692.205499][T29917]  ? __pfx_pagemap_read+0x10/0x10
[ 1692.205533][T29917]  ? rw_verify_area+0xcf/0x6c0
[ 1692.205566][T29917]  ? __pfx_pagemap_read+0x10/0x10
[ 1692.205593][T29917]  vfs_readv+0x5c1/0x8b0
[ 1692.205627][T29917]  ? __pfx_vfs_readv+0x10/0x10
[ 1692.205655][T29917]  ? find_held_lock+0x2b/0x80
[ 1692.205706][T29917]  ? __fget_files+0x20e/0x3c0
[ 1692.205742][T29917]  ? do_preadv+0x1a6/0x270
[ 1692.205766][T29917]  do_preadv+0x1a6/0x270
[ 1692.205794][T29917]  ? __pfx_do_preadv+0x10/0x10
[ 1692.205829][T29917]  do_syscall_64+0xcd/0x4c0
[ 1692.205868][T29917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1692.205893][T29917] RIP: 0033:0x7f1926d8eba9
[ 1692.205913][T29917] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1692.205937][T29917] RSP: 002b:00007f1927c35038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[ 1692.205961][T29917] RAX: ffffffffffffffda RBX: 00007f1926fd6090 RCX: 00007f1926d8eba9
[ 1692.205979][T29917] RDX: 0000000000000006 RSI: 0000200000000080 RDI: 0040000000000003
[ 1692.205995][T29917] RBP: 00007f1927c35090 R08: 0000000000000005 R09: 0000000000000000
[ 1692.206011][T29917] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000002
[ 1692.206026][T29917] R13: 00007f1926fd6128 R14: 00007f1926fd6090 R15: 00007ffcd7219178
[ 1692.206061][T29917]  </TASK>
[ 1692.639780][T29896] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4992'.
[ 1693.755669][T29943] random: crng reseeded on system resumption
[ 1693.907602][T29945] FAULT_INJECTION: forcing a failure.
[ 1693.907602][T29945] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1693.972044][T29945] CPU: 0 UID: 0 PID: 29945 Comm: syz.7.4995 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1693.972069][T29945] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1693.972075][T29945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1693.972084][T29945] Call Trace:
[ 1693.972089][T29945]  <TASK>
[ 1693.972095][T29945]  dump_stack_lvl+0x16c/0x1f0
[ 1693.972121][T29945]  should_fail_ex+0x512/0x640
[ 1693.972148][T29945]  _copy_from_user+0x2e/0xd0
[ 1693.972164][T29945]  copy_msghdr_from_user+0x98/0x160
[ 1693.972187][T29945]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1693.972211][T29945]  ? kfree+0x24f/0x4d0
[ 1693.972224][T29945]  ? __lock_acquire+0x62e/0x1ce0
[ 1693.972247][T29945]  ___sys_recvmsg+0xdb/0x1a0
[ 1693.972268][T29945]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1693.972299][T29945]  ? __pfx___might_resched+0x10/0x10
[ 1693.972318][T29945]  do_recvmmsg+0x2fe/0x750
[ 1693.972341][T29945]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1693.972366][T29945]  ? __mutex_unlock_slowpath+0x161/0x7b0
[ 1693.972393][T29945]  ? __fget_files+0x20e/0x3c0
[ 1693.972422][T29945]  __x64_sys_recvmmsg+0x22a/0x280
[ 1693.972445][T29945]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1693.972468][T29945]  ? fdget+0x187/0x210
[ 1693.972486][T29945]  do_syscall_64+0xcd/0x4c0
[ 1693.972509][T29945]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1693.972523][T29945] RIP: 0033:0x7ffa3298eba9
[ 1693.972535][T29945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1693.972549][T29945] RSP: 002b:00007ffa30bb4038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1693.972564][T29945] RAX: ffffffffffffffda RBX: 00007ffa32bd6180 RCX: 00007ffa3298eba9
[ 1693.972573][T29945] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[ 1693.972582][T29945] RBP: 00007ffa30bb4090 R08: 0000000000000000 R09: 0000000000000000
[ 1693.972590][T29945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1693.972598][T29945] R13: 00007ffa32bd6218 R14: 00007ffa32bd6180 R15: 00007ffc52e6f8f8
[ 1693.972616][T29945]  </TASK>
[ 1695.642993][T29970] FAULT_INJECTION: forcing a failure.
[ 1695.642993][T29970] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1695.668307][T29970] CPU: 0 UID: 0 PID: 29970 Comm: syz.4.5001 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1695.668334][T29970] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1695.668340][T29970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1695.668349][T29970] Call Trace:
[ 1695.668355][T29970]  <TASK>
[ 1695.668361][T29970]  dump_stack_lvl+0x16c/0x1f0
[ 1695.668388][T29970]  should_fail_ex+0x512/0x640
[ 1695.668413][T29970]  should_fail_alloc_page+0xe7/0x130
[ 1695.668434][T29970]  prepare_alloc_pages+0x3c2/0x610
[ 1695.668456][T29970]  ? rcu_is_watching+0x12/0xc0
[ 1695.668473][T29970]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 1695.668492][T29970]  ? __lock_acquire+0xb97/0x1ce0
[ 1695.668519][T29970]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1695.668537][T29970]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1695.668559][T29970]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1695.668580][T29970]  ? find_held_lock+0x2b/0x80
[ 1695.668600][T29970]  ? __lock_acquire+0xb97/0x1ce0
[ 1695.668618][T29970]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1695.668641][T29970]  ? policy_nodemask+0xea/0x4e0
[ 1695.668662][T29970]  alloc_pages_mpol+0x1fb/0x550
[ 1695.668681][T29970]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1695.668705][T29970]  folio_alloc_mpol_noprof+0x36/0x2f0
[ 1695.668742][T29970]  shmem_alloc_folio+0x135/0x160
[ 1695.668759][T29970]  shmem_alloc_and_add_folio+0x499/0xc20
[ 1695.668782][T29970]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[ 1695.668800][T29970]  ? shmem_allowable_huge_orders+0xcb/0x2f0
[ 1695.668821][T29970]  shmem_get_folio_gfp+0x67f/0x1600
[ 1695.668845][T29970]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[ 1695.668863][T29970]  ? __pfx_timestamp_truncate+0x10/0x10
[ 1695.668884][T29970]  shmem_fault+0x1fe/0xa30
[ 1695.668904][T29970]  ? __pfx_shmem_fault+0x10/0x10
[ 1695.668920][T29970]  ? __lock_acquire+0x62e/0x1ce0
[ 1695.668941][T29970]  ? __pfx___up_read+0x10/0x10
[ 1695.668960][T29970]  ? inode_to_bdi+0x9e/0x160
[ 1695.668983][T29970]  ? __pfx_filemap_map_pages+0x10/0x10
[ 1695.669000][T29970]  __do_fault+0x10d/0x490
[ 1695.669020][T29970]  ? __pfx_filemap_map_pages+0x10/0x10
[ 1695.669036][T29970]  do_pte_missing+0x1a6/0x3ba0
[ 1695.669051][T29970]  ? find_held_lock+0x2b/0x80
[ 1695.669065][T29970]  ? __handle_mm_fault+0x14fd/0x2a50
[ 1695.669083][T29970]  __handle_mm_fault+0x152a/0x2a50
[ 1695.669100][T29970]  ? mt_find+0x3ef/0xa30
[ 1695.669114][T29970]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1695.669128][T29970]  ? __pfx_mt_find+0x10/0x10
[ 1695.669158][T29970]  ? find_vma+0xbf/0x140
[ 1695.669177][T29970]  ? __pfx_find_vma+0x10/0x10
[ 1695.669198][T29970]  handle_mm_fault+0x589/0xd10
[ 1695.669213][T29970]  ? trace_raw_output_exceptions+0x131/0x150
[ 1695.669237][T29970]  do_user_addr_fault+0x7a6/0x1370
[ 1695.669261][T29970]  ? rcu_is_watching+0x12/0xc0
[ 1695.669277][T29970]  exc_page_fault+0x5c/0xb0
[ 1695.669297][T29970]  asm_exc_page_fault+0x26/0x30
[ 1695.669312][T29970] RIP: 0010:rep_movs_alternative+0x4a/0x90
[ 1695.669330][T29970] Code: cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[ 1695.669344][T29970] RSP: 0018:ffffc900039f7b48 EFLAGS: 00050206
[ 1695.669357][T29970] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000000ff8
[ 1695.669366][T29970] RDX: 0000000000000000 RSI: ffff88802702e008 RDI: 0000000000018000
[ 1695.669375][T29970] RBP: 0000000000017ff8 R08: 0000000000000000 R09: ffffed1004e05dff
[ 1695.669384][T29970] R10: ffff88802702efff R11: 0000000000000000 R12: ffff88802702e000
[ 1695.669393][T29970] R13: 0000000000018ff8 R14: 00007ffffffff000 R15: 0000000000000000
[ 1695.669420][T29970]  _copy_to_user+0xbb/0xd0
[ 1695.669448][T29970]  pagemap_read+0x52c/0x890
[ 1695.669478][T29970]  ? __pfx_pagemap_read+0x10/0x10
[ 1695.669509][T29970]  ? rw_verify_area+0xcf/0x6c0
[ 1695.669536][T29970]  ? __pfx_pagemap_read+0x10/0x10
[ 1695.669561][T29970]  vfs_readv+0x5c1/0x8b0
[ 1695.669596][T29970]  ? __pfx_vfs_readv+0x10/0x10
[ 1695.669624][T29970]  ? find_held_lock+0x2b/0x80
[ 1695.669670][T29970]  ? __fget_files+0x20e/0x3c0
[ 1695.669705][T29970]  ? do_preadv+0x1a6/0x270
[ 1695.669726][T29970]  do_preadv+0x1a6/0x270
[ 1695.669751][T29970]  ? __pfx_do_preadv+0x10/0x10
[ 1695.669784][T29970]  do_syscall_64+0xcd/0x4c0
[ 1695.669809][T29970]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1695.669823][T29970] RIP: 0033:0x7f1926d8eba9
[ 1695.669835][T29970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1695.669849][T29970] RSP: 002b:00007f1927c35038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[ 1695.669862][T29970] RAX: ffffffffffffffda RBX: 00007f1926fd6090 RCX: 00007f1926d8eba9
[ 1695.669871][T29970] RDX: 0000000000000006 RSI: 0000200000000080 RDI: 0040000000000003
[ 1695.669880][T29970] RBP: 00007f1927c35090 R08: 0000000000000005 R09: 0000000000000000
[ 1695.669889][T29970] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000002
[ 1695.669900][T29970] R13: 00007f1926fd6128 R14: 00007f1926fd6090 R15: 00007ffcd7219178
[ 1695.669919][T29970]  </TASK>
[ 1697.978506][T29996] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888078001800 pfn:0x78000
[ 1698.004252][T29996] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1698.016688][T29996] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[ 1698.025378][T29996] page_type: f5(slab)
[ 1698.030070][T29996] raw: 00fff00000000240 ffff88801b841b40 ffffea0001d6df90 ffffea0000c10890
[ 1698.038699][T29996] raw: ffff888078001800 0000000000100008 00000000f5000000 0000000000000000
[ 1698.047515][T29996] head: 00fff00000000240 ffff88801b841b40 ffffea0001d6df90 ffffea0000c10890
[ 1698.056720][T29996] head: ffff888078001800 0000000000100008 00000000f5000000 0000000000000000
[ 1698.065870][T29996] head: 00fff00000000001 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[ 1698.085251][T29996] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[ 1698.119599][T29996] page dumped because: unmovable page
[ 1698.125116][T29996] page_owner tracks the page as allocated
[ 1698.144043][T29996] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5869, tgid 5869 (syz-executor), ts 90757637300, free_ts 90689412952
[ 1698.206191][T29996]  post_alloc_hook+0x1c0/0x230
[ 1698.211224][T29996]  get_page_from_freelist+0x132b/0x38e0
[ 1698.216899][T29996]  __alloc_frozen_pages_noprof+0x261/0x23f0
[ 1698.223407][T29996]  alloc_pages_mpol+0x1fb/0x550
[ 1698.228411][T29996]  new_slab+0x247/0x330
[ 1698.238485][T29996]  ___slab_alloc+0xcf2/0x1750
[ 1698.276654][T29996]  __slab_alloc.constprop.0+0x56/0xb0
[ 1698.282193][T29996]  __kmalloc_noprof+0x2f2/0x510
[ 1698.287209][T29996]  fib_create_info+0x53f/0x46b0
[ 1698.292855][T29996]  fib_table_insert+0x177/0x1c40
[ 1698.297986][T29996]  fib_magic+0x4d4/0x5c0
[ 1698.302358][T29996]  fib_add_ifaddr+0x4d2/0x580
[ 1698.309331][T30004] FAULT_INJECTION: forcing a failure.
[ 1698.309331][T30004] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1698.323175][T29996]  fib_netdev_event+0x38a/0x710
[ 1698.328253][T29996]  notifier_call_chain+0xb9/0x410
[ 1698.335717][T29996]  call_netdevice_notifiers_info+0xbe/0x140
[ 1698.349458][T29996]  __dev_notify_flags+0x12c/0x2e0
[ 1698.362566][T29996] page last free pid 5958 tgid 5958 stack trace:
[ 1698.368929][T29996]  __free_frozen_pages+0x7d5/0x10f0
[ 1698.385725][T30004] CPU: 0 UID: 0 PID: 30004 Comm: syz.4.5008 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1698.385763][T30004] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1698.385772][T30004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1698.385787][T30004] Call Trace:
[ 1698.385795][T30004]  <TASK>
[ 1698.385806][T30004]  dump_stack_lvl+0x16c/0x1f0
[ 1698.385845][T30004]  should_fail_ex+0x512/0x640
[ 1698.385886][T30004]  _copy_from_user+0x2e/0xd0
[ 1698.385922][T30004]  copy_msghdr_from_user+0x98/0x160
[ 1698.385960][T30004]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1698.386001][T30004]  ? kfree+0x24f/0x4d0
[ 1698.386024][T30004]  ? __lock_acquire+0x62e/0x1ce0
[ 1698.386063][T30004]  ___sys_recvmsg+0xdb/0x1a0
[ 1698.386099][T30004]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1698.386154][T30004]  ? __pfx___might_resched+0x10/0x10
[ 1698.386188][T30004]  do_recvmmsg+0x2fe/0x750
[ 1698.386229][T30004]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1698.386272][T30004]  ? __mutex_unlock_slowpath+0x161/0x7b0
[ 1698.386319][T30004]  ? __fget_files+0x20e/0x3c0
[ 1698.386355][T30004]  __x64_sys_recvmmsg+0x22a/0x280
[ 1698.386393][T30004]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1698.386441][T30004]  do_syscall_64+0xcd/0x4c0
[ 1698.386479][T30004]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1698.386505][T30004] RIP: 0033:0x7f1926d8eba9
[ 1698.386525][T30004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1698.386549][T30004] RSP: 002b:00007f1927c14038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1698.386573][T30004] RAX: ffffffffffffffda RBX: 00007f1926fd6180 RCX: 00007f1926d8eba9
[ 1698.386591][T30004] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[ 1698.386606][T30004] RBP: 00007f1927c14090 R08: 0000000000000000 R09: 0000000000000000
[ 1698.386622][T30004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1698.386637][T30004] R13: 00007f1926fd6218 R14: 00007f1926fd6180 R15: 00007ffcd7219178
[ 1698.386670][T30004]  </TASK>
[ 1698.388269][T29999] bond0: Unable to set peer notification delay as MII monitoring is disabled
[ 1698.599567][T29996]  __mmdrop+0xd5/0x580
[ 1698.682199][T29996]  __mmput+0x374/0x410
[ 1698.693385][T29996]  mmput+0x62/0x70
[ 1698.697341][T29996]  do_exit+0x7c7/0x2bf0
[ 1698.702517][T30001] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5007'.
[ 1698.747152][T29996]  do_group_exit+0xd3/0x2a0
[ 1698.773045][T29996]  __x64_sys_exit_group+0x3e/0x50
[ 1698.808669][T29996]  x64_sys_call+0x14fa/0x1720
[ 1698.874778][T29996]  do_syscall_64+0xcd/0x4c0
[ 1698.938560][T29996]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1699.802489][T30030] FAULT_INJECTION: forcing a failure.
[ 1699.802489][T30030] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1699.889710][T30030] CPU: 0 UID: 0 PID: 30030 Comm: syz.7.5012 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1699.889737][T30030] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1699.889743][T30030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1699.889752][T30030] Call Trace:
[ 1699.889757][T30030]  <TASK>
[ 1699.889763][T30030]  dump_stack_lvl+0x16c/0x1f0
[ 1699.889789][T30030]  should_fail_ex+0x512/0x640
[ 1699.889814][T30030]  _copy_to_user+0x32/0xd0
[ 1699.889831][T30030]  pagemap_read+0x52c/0x890
[ 1699.889851][T30030]  ? __pfx_pagemap_read+0x10/0x10
[ 1699.889871][T30030]  ? rw_verify_area+0xcf/0x6c0
[ 1699.889887][T30030]  ? __pfx_pagemap_read+0x10/0x10
[ 1699.889903][T30030]  vfs_readv+0x5c1/0x8b0
[ 1699.889921][T30030]  ? __pfx_vfs_readv+0x10/0x10
[ 1699.889937][T30030]  ? find_held_lock+0x2b/0x80
[ 1699.889962][T30030]  ? __fget_files+0x20e/0x3c0
[ 1699.889982][T30030]  ? do_preadv+0x1a6/0x270
[ 1699.889996][T30030]  do_preadv+0x1a6/0x270
[ 1699.890011][T30030]  ? __pfx_do_preadv+0x10/0x10
[ 1699.890031][T30030]  do_syscall_64+0xcd/0x4c0
[ 1699.890054][T30030]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1699.890069][T30030] RIP: 0033:0x7ffa3298eba9
[ 1699.890082][T30030] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1699.890096][T30030] RSP: 002b:00007ffa30bd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[ 1699.890111][T30030] RAX: ffffffffffffffda RBX: 00007ffa32bd6090 RCX: 00007ffa3298eba9
[ 1699.890120][T30030] RDX: 0000000000000006 RSI: 0000200000000080 RDI: 0040000000000003
[ 1699.890129][T30030] RBP: 00007ffa30bd5090 R08: 0000000000000005 R09: 0000000000000000
[ 1699.890138][T30030] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000002
[ 1699.890147][T30030] R13: 00007ffa32bd6128 R14: 00007ffa32bd6090 R15: 00007ffc52e6f8f8
[ 1699.890165][T30030]  </TASK>
[ 1701.150381][T30046] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[ 1701.162092][T30046] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1701.175581][T30046] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 1701.183400][T30046] page_type: f5(slab)
[ 1701.187565][T30046] raw: 00fff00000000040 ffff88801b841b40 ffffea0000c10880 dead000000000004
[ 1701.197034][T30046] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 1701.209486][T30046] head: 00fff00000000040 ffff88801b841b40 ffffea0000c10880 dead000000000004
[ 1701.221837][T30046] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 1701.260936][T30046] head: 00fff00000000001 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[ 1701.419528][T30046] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[ 1701.485338][T30046] page dumped because: unmovable page
[ 1701.557677][T30046] page_owner tracks the page as allocated
[ 1701.616039][T30046] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5869, tgid 5869 (syz-executor), ts 90757637300, free_ts 90689412952
[ 1701.664893][T30056] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5019'.
[ 1701.675136][T30046]  post_alloc_hook+0x1c0/0x230
[ 1701.680198][T30046]  get_page_from_freelist+0x132b/0x38e0
[ 1701.693687][T30046]  __alloc_frozen_pages_noprof+0x261/0x23f0
[ 1701.703809][T30046]  alloc_pages_mpol+0x1fb/0x550
[ 1701.708717][T30046]  new_slab+0x247/0x330
[ 1701.716244][T30046]  ___slab_alloc+0xcf2/0x1750
[ 1701.724345][T30046]  __slab_alloc.constprop.0+0x56/0xb0
[ 1701.737556][T30046]  __kmalloc_noprof+0x2f2/0x510
[ 1701.745790][T30046]  fib_create_info+0x53f/0x46b0
[ 1701.754826][T30046]  fib_table_insert+0x177/0x1c40
[ 1701.763138][T30046]  fib_magic+0x4d4/0x5c0
[ 1701.767583][T30046]  fib_add_ifaddr+0x4d2/0x580
[ 1701.772771][T30046]  fib_netdev_event+0x38a/0x710
[ 1701.777809][T30046]  notifier_call_chain+0xb9/0x410
[ 1701.786494][T30046]  call_netdevice_notifiers_info+0xbe/0x140
[ 1701.793199][T30046]  __dev_notify_flags+0x12c/0x2e0
[ 1701.798274][T30046] page last free pid 5958 tgid 5958 stack trace:
[ 1701.812776][T30046]  __free_frozen_pages+0x7d5/0x10f0
[ 1701.818884][T30046]  __mmdrop+0xd5/0x580
[ 1701.826221][T30046]  __mmput+0x374/0x410
[ 1701.833143][T30046]  mmput+0x62/0x70
[ 1701.837013][T30046]  do_exit+0x7c7/0x2bf0
[ 1701.842552][T30046]  do_group_exit+0xd3/0x2a0
[ 1701.855841][T30046]  __x64_sys_exit_group+0x3e/0x50
[ 1701.875959][T30046]  x64_sys_call+0x14fa/0x1720
[ 1701.886076][T30046]  do_syscall_64+0xcd/0x4c0
[ 1701.933392][T30046]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1705.956294][T30114] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[ 1705.973607][T30114] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1706.041737][T30114] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 1706.128927][T30114] page_type: f5(slab)
[ 1706.176548][T30114] raw: 00fff00000000040 ffff88801b841b40 ffffea0000c10880 dead000000000004
[ 1706.289948][T30114] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 1706.298602][T30114] head: 00fff00000000040 ffff88801b841b40 ffffea0000c10880 dead000000000004
[ 1706.455075][T30114] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 1706.480550][T30114] head: 00fff00000000001 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[ 1706.503773][T30114] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[ 1706.565166][T30114] page dumped because: unmovable page
[ 1706.602977][T30114] page_owner tracks the page as allocated
[ 1706.629823][T30114] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5869, tgid 5869 (syz-executor), ts 90757637300, free_ts 90689412952
[ 1706.748234][T30114]  post_alloc_hook+0x1c0/0x230
[ 1706.797901][T30114]  get_page_from_freelist+0x132b/0x38e0
[ 1706.805977][T30114]  __alloc_frozen_pages_noprof+0x261/0x23f0
[ 1706.818838][T30114]  alloc_pages_mpol+0x1fb/0x550
[ 1706.824308][T30114]  new_slab+0x247/0x330
[ 1706.828493][T30114]  ___slab_alloc+0xcf2/0x1750
[ 1706.835346][T30114]  __slab_alloc.constprop.0+0x56/0xb0
[ 1706.870105][T30114]  __kmalloc_noprof+0x2f2/0x510
[ 1706.876206][T30114]  fib_create_info+0x53f/0x46b0
[ 1706.883373][T30114]  fib_table_insert+0x177/0x1c40
[ 1706.888518][T30114]  fib_magic+0x4d4/0x5c0
[ 1706.888635][T30116] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5033'.
[ 1706.892997][T30114]  fib_add_ifaddr+0x4d2/0x580
[ 1706.917100][T30114]  fib_netdev_event+0x38a/0x710
[ 1707.004794][T30114]  notifier_call_chain+0xb9/0x410
[ 1707.083490][T30114]  call_netdevice_notifiers_info+0xbe/0x140
[ 1707.129472][T30114]  __dev_notify_flags+0x12c/0x2e0
[ 1707.140828][T30114] page last free pid 5958 tgid 5958 stack trace:
[ 1707.161139][T30114]  __free_frozen_pages+0x7d5/0x10f0
[ 1707.187219][T30114]  __mmdrop+0xd5/0x580
[ 1707.223753][T30114]  __mmput+0x374/0x410
[ 1707.265452][T30114]  mmput+0x62/0x70
[ 1707.369658][T30114]  do_exit+0x7c7/0x2bf0
[ 1707.424136][T30114]  do_group_exit+0xd3/0x2a0
[ 1707.428726][T30114]  __x64_sys_exit_group+0x3e/0x50
[ 1707.490026][T30114]  x64_sys_call+0x14fa/0x1720
[ 1707.494779][T30114]  do_syscall_64+0xcd/0x4c0
[ 1707.542534][T30114]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1707.617269][T30136] netlink: 28 bytes leftover after parsing attributes in process `syz.7.5038'.
[ 1707.769529][T30136] bridge_slave_1: left allmulticast mode
[ 1707.781995][T30136] bridge_slave_1: left promiscuous mode
[ 1707.789294][T30136] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1707.919261][T30136] bridge_slave_0: left allmulticast mode
[ 1707.931940][T30136] bridge_slave_0: left promiscuous mode
[ 1707.941059][T30136] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1709.474885][T30169] FAULT_INJECTION: forcing a failure.
[ 1709.474885][T30169] name failslab, interval 1, probability 0, space 0, times 0
[ 1709.502234][T30169] CPU: 1 UID: 0 PID: 30169 Comm: syz.6.5041 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1709.502281][T30169] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1709.502293][T30169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1709.502308][T30169] Call Trace:
[ 1709.502318][T30169]  <TASK>
[ 1709.502329][T30169]  dump_stack_lvl+0x16c/0x1f0
[ 1709.502370][T30169]  should_fail_ex+0x512/0x640
[ 1709.502406][T30169]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 1709.502437][T30169]  should_failslab+0xc2/0x120
[ 1709.502472][T30169]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1709.502500][T30169]  ? fuse_dev_alloc+0x48/0x280
[ 1709.502544][T30169]  fuse_dev_alloc+0x48/0x280
[ 1709.502584][T30169]  fuse_dev_alloc_install+0x13/0x40
[ 1709.502622][T30169]  cuse_channel_open+0x100/0x7f0
[ 1709.502658][T30169]  ? __pfx_cuse_channel_open+0x10/0x10
[ 1709.502696][T30169]  misc_open+0x35d/0x420
[ 1709.502739][T30169]  ? __pfx_misc_open+0x10/0x10
[ 1709.502771][T30169]  chrdev_open+0x234/0x6a0
[ 1709.502806][T30169]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1709.502837][T30169]  ? __pfx_chrdev_open+0x10/0x10
[ 1709.502873][T30169]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[ 1709.502912][T30169]  do_dentry_open+0x982/0x1530
[ 1709.502946][T30169]  ? __pfx_chrdev_open+0x10/0x10
[ 1709.502987][T30169]  vfs_open+0x82/0x3f0
[ 1709.503031][T30169]  path_openat+0x1de4/0x2cb0
[ 1709.503075][T30169]  ? __pfx_path_openat+0x10/0x10
[ 1709.503117][T30169]  do_filp_open+0x20b/0x470
[ 1709.503150][T30169]  ? __pfx_do_filp_open+0x10/0x10
[ 1709.503209][T30169]  ? alloc_fd+0x471/0x7d0
[ 1709.503250][T30169]  do_sys_openat2+0x11b/0x1d0
[ 1709.503289][T30169]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1709.503339][T30169]  __x64_sys_openat+0x174/0x210
[ 1709.503361][T30169]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1709.503400][T30169]  do_syscall_64+0xcd/0x4c0
[ 1709.503443][T30169]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1709.503470][T30169] RIP: 0033:0x7f516678eba9
[ 1709.503493][T30169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1709.503520][T30169] RSP: 002b:00007f5167543038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1709.503546][T30169] RAX: ffffffffffffffda RBX: 00007f51669d6270 RCX: 00007f516678eba9
[ 1709.503565][T30169] RDX: 0000000000041000 RSI: 00002000000001c0 RDI: ffffffffffffff9c
[ 1709.503583][T30169] RBP: 00007f5166811e19 R08: 0000000000000000 R09: 0000000000000000
[ 1709.503601][T30169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1709.503617][T30169] R13: 00007f51669d6308 R14: 00007f51669d6270 R15: 00007ffead158278
[ 1709.503655][T30169]  </TASK>
[ 1711.417982][T30195] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[ 1711.474590][T30195] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1711.489802][T30195] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 1711.507662][T30195] page_type: f5(slab)
[ 1711.517819][T30195] raw: 00fff00000000040 ffff88801b841b40 ffffea0000c10880 dead000000000004
[ 1711.568681][T30195] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 1711.638010][T30195] head: 00fff00000000040 ffff88801b841b40 ffffea0000c10880 dead000000000004
[ 1711.649900][T30195] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 1711.658631][T30195] head: 00fff00000000001 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[ 1711.670809][T30195] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[ 1711.699500][T30195] page dumped because: unmovable page
[ 1711.712819][T30195] page_owner tracks the page as allocated
[ 1711.761392][T30195] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5869, tgid 5869 (syz-executor), ts 90757637300, free_ts 90689412952
[ 1711.870651][T30195]  post_alloc_hook+0x1c0/0x230
[ 1711.875511][T30195]  get_page_from_freelist+0x132b/0x38e0
[ 1711.881420][T30195]  __alloc_frozen_pages_noprof+0x261/0x23f0
[ 1711.887360][T30195]  alloc_pages_mpol+0x1fb/0x550
[ 1711.892448][T30195]  new_slab+0x247/0x330
[ 1711.898469][T30195]  ___slab_alloc+0xcf2/0x1750
[ 1711.903374][T30195]  __slab_alloc.constprop.0+0x56/0xb0
[ 1711.961675][T30195]  __kmalloc_noprof+0x2f2/0x510
[ 1712.034018][T30195]  fib_create_info+0x53f/0x46b0
[ 1712.054910][T30195]  fib_table_insert+0x177/0x1c40
[ 1712.079264][T30195]  fib_magic+0x4d4/0x5c0
[ 1712.121783][T30195]  fib_add_ifaddr+0x4d2/0x580
[ 1712.222726][T30195]  fib_netdev_event+0x38a/0x710
[ 1712.251728][T30195]  notifier_call_chain+0xb9/0x410
[ 1712.256845][T30195]  call_netdevice_notifiers_info+0xbe/0x140
[ 1712.281941][T30195]  __dev_notify_flags+0x12c/0x2e0
[ 1712.287381][T30195] page last free pid 5958 tgid 5958 stack trace:
[ 1712.296084][T30195]  __free_frozen_pages+0x7d5/0x10f0
[ 1712.302626][T30195]  __mmdrop+0xd5/0x580
[ 1712.306969][T30195]  __mmput+0x374/0x410
[ 1712.311675][T30195]  mmput+0x62/0x70
[ 1712.315714][T30195]  do_exit+0x7c7/0x2bf0
[ 1712.360876][T30195]  do_group_exit+0xd3/0x2a0
[ 1712.387081][T30195]  __x64_sys_exit_group+0x3e/0x50
[ 1712.449803][T30195]  x64_sys_call+0x14fa/0x1720
[ 1712.454910][T30195]  do_syscall_64+0xcd/0x4c0
[ 1712.460234][T30195]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1712.467185][T30200] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5047'.
[ 1713.809530][T30230] FAULT_INJECTION: forcing a failure.
[ 1713.809530][T30230] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1713.847184][T30230] CPU: 0 UID: 0 PID: 30230 Comm: syz.6.5053 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1713.847239][T30230] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1713.847248][T30230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1713.847261][T30230] Call Trace:
[ 1713.847269][T30230]  <TASK>
[ 1713.847279][T30230]  dump_stack_lvl+0x16c/0x1f0
[ 1713.847318][T30230]  should_fail_ex+0x512/0x640
[ 1713.847356][T30230]  _copy_from_user+0x2e/0xd0
[ 1713.847381][T30230]  copy_msghdr_from_user+0x98/0x160
[ 1713.847415][T30230]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1713.847453][T30230]  ? kfree+0x24f/0x4d0
[ 1713.847475][T30230]  ? __lock_acquire+0x62e/0x1ce0
[ 1713.847513][T30230]  ___sys_recvmsg+0xdb/0x1a0
[ 1713.847548][T30230]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1713.847601][T30230]  ? __pfx___might_resched+0x10/0x10
[ 1713.847635][T30230]  do_recvmmsg+0x2fe/0x750
[ 1713.847674][T30230]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1713.847716][T30230]  ? __mutex_unlock_slowpath+0x161/0x7b0
[ 1713.847758][T30230]  ? __fget_files+0x20e/0x3c0
[ 1713.847791][T30230]  __x64_sys_recvmmsg+0x22a/0x280
[ 1713.847827][T30230]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1713.847875][T30230]  do_syscall_64+0xcd/0x4c0
[ 1713.847913][T30230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1713.847939][T30230] RIP: 0033:0x7f516678eba9
[ 1713.847958][T30230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1713.847982][T30230] RSP: 002b:00007f5167564038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1713.848007][T30230] RAX: ffffffffffffffda RBX: 00007f51669d6180 RCX: 00007f516678eba9
[ 1713.848024][T30230] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[ 1713.848040][T30230] RBP: 00007f5167564090 R08: 0000000000000000 R09: 0000000000000000
[ 1713.848055][T30230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1713.848070][T30230] R13: 00007f51669d6218 R14: 00007f51669d6180 R15: 00007ffead158278
[ 1713.848102][T30230]  </TASK>
[ 1714.046500][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1714.123576][T30222] bond0: Unable to set peer notification delay as MII monitoring is disabled
[ 1716.141868][T30265] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888078000200 pfn:0x78000
[ 1716.194522][T30265] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1716.263903][T30265] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[ 1716.496647][T30265] page_type: f5(slab)
[ 1716.521741][T30265] raw: 00fff00000000240 ffff88801b841b40 ffffea0001f8a110 ffffea0001d6df90
[ 1716.647891][T30265] raw: ffff888078000200 0000000000100008 00000000f5000000 0000000000000000
[ 1716.736207][T30265] head: 00fff00000000240 ffff88801b841b40 ffffea0001f8a110 ffffea0001d6df90
[ 1716.819945][T30265] head: ffff888078000200 0000000000100008 00000000f5000000 0000000000000000
[ 1716.828713][T30265] head: 00fff00000000001 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[ 1716.977322][T30265] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[ 1717.069498][T30265] page dumped because: unmovable page
[ 1717.075463][T30265] page_owner tracks the page as allocated
[ 1717.082026][T30265] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5869, tgid 5869 (syz-executor), ts 90757637300, free_ts 90689412952
[ 1717.114455][T30265]  post_alloc_hook+0x1c0/0x230
[ 1717.149676][T30265]  get_page_from_freelist+0x132b/0x38e0
[ 1717.169066][T30265]  __alloc_frozen_pages_noprof+0x261/0x23f0
[ 1717.196060][T30265]  alloc_pages_mpol+0x1fb/0x550
[ 1717.229631][T30265]  new_slab+0x247/0x330
[ 1717.233845][T30265]  ___slab_alloc+0xcf2/0x1750
[ 1717.239486][T30265]  __slab_alloc.constprop.0+0x56/0xb0
[ 1717.254336][T30265]  __kmalloc_noprof+0x2f2/0x510
[ 1717.259542][T30265]  fib_create_info+0x53f/0x46b0
[ 1717.264869][T30265]  fib_table_insert+0x177/0x1c40
[ 1717.278724][T30265]  fib_magic+0x4d4/0x5c0
[ 1717.323694][T30265]  fib_add_ifaddr+0x4d2/0x580
[ 1717.328406][T30265]  fib_netdev_event+0x38a/0x710
[ 1717.408285][T30265]  notifier_call_chain+0xb9/0x410
[ 1717.430989][T30265]  call_netdevice_notifiers_info+0xbe/0x140
[ 1717.471411][T30267] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5061'.
[ 1717.515038][T30265]  __dev_notify_flags+0x12c/0x2e0
[ 1717.525191][T30265] page last free pid 5958 tgid 5958 stack trace:
[ 1717.583324][T30265]  __free_frozen_pages+0x7d5/0x10f0
[ 1717.589005][T30265]  __mmdrop+0xd5/0x580
[ 1717.596593][T30265]  __mmput+0x374/0x410
[ 1717.653660][T30265]  mmput+0x62/0x70
[ 1717.657566][T30265]  do_exit+0x7c7/0x2bf0
[ 1717.761645][T30265]  do_group_exit+0xd3/0x2a0
[ 1717.777558][T30265]  __x64_sys_exit_group+0x3e/0x50
[ 1717.842262][T30265]  x64_sys_call+0x14fa/0x1720
[ 1717.846994][T30265]  do_syscall_64+0xcd/0x4c0
[ 1717.852299][T30265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1720.628306][T30319] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5071'.
[ 1720.637662][T30319] bridge_slave_1: left allmulticast mode
[ 1720.644399][T30319] bridge_slave_1: left promiscuous mode
[ 1720.661739][T30319] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1720.687661][T30319] bridge_slave_0: left allmulticast mode
[ 1720.706342][T30319] bridge_slave_0: left promiscuous mode
[ 1720.756448][T30319] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1721.280509][T30334] FAULT_INJECTION: forcing a failure.
[ 1721.280509][T30334] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1721.293939][T30334] CPU: 0 UID: 0 PID: 30334 Comm: syz.4.5072 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1721.293980][T30334] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1721.293990][T30334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1721.294004][T30334] Call Trace:
[ 1721.294014][T30334]  <TASK>
[ 1721.294023][T30334]  dump_stack_lvl+0x16c/0x1f0
[ 1721.294064][T30334]  should_fail_ex+0x512/0x640
[ 1721.294106][T30334]  _copy_from_user+0x2e/0xd0
[ 1721.294134][T30334]  copy_msghdr_from_user+0x98/0x160
[ 1721.294169][T30334]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1721.294209][T30334]  ? kfree+0x24f/0x4d0
[ 1721.294232][T30334]  ? __lock_acquire+0x62e/0x1ce0
[ 1721.294271][T30334]  ___sys_recvmsg+0xdb/0x1a0
[ 1721.294307][T30334]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1721.294362][T30334]  ? __pfx___might_resched+0x10/0x10
[ 1721.294396][T30334]  do_recvmmsg+0x2fe/0x750
[ 1721.294445][T30334]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1721.294487][T30334]  ? __mutex_unlock_slowpath+0x161/0x7b0
[ 1721.294535][T30334]  ? __fget_files+0x20e/0x3c0
[ 1721.294571][T30334]  __x64_sys_recvmmsg+0x22a/0x280
[ 1721.294610][T30334]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1721.294658][T30334]  do_syscall_64+0xcd/0x4c0
[ 1721.294696][T30334]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1721.294722][T30334] RIP: 0033:0x7f1926d8eba9
[ 1721.294743][T30334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1721.294767][T30334] RSP: 002b:00007f1927c35038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1721.294791][T30334] RAX: ffffffffffffffda RBX: 00007f1926fd6090 RCX: 00007f1926d8eba9
[ 1721.294809][T30334] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[ 1721.294824][T30334] RBP: 00007f1927c35090 R08: 0000000000000000 R09: 0000000000000000
[ 1721.294840][T30334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1721.294856][T30334] R13: 00007f1926fd6128 R14: 00007f1926fd6090 R15: 00007ffcd7219178
[ 1721.294890][T30334]  </TASK>
[ 1721.766598][T30339] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888078000200 pfn:0x78000
[ 1721.838242][T30339] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1721.858632][T30339] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[ 1721.905486][T30339] page_type: f5(slab)
[ 1721.949368][T30339] raw: 00fff00000000240 ffff88801b841b40 ffffea0001f8a110 ffffea0001d6df90
[ 1722.002116][T30339] raw: ffff888078000200 0000000000100008 00000000f5000000 0000000000000000
[ 1722.037008][T30339] head: 00fff00000000240 ffff88801b841b40 ffffea0001f8a110 ffffea0001d6df90
[ 1722.055438][T30339] head: ffff888078000200 0000000000100008 00000000f5000000 0000000000000000
[ 1722.120195][T30339] head: 00fff00000000001 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[ 1722.189781][T30339] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[ 1722.198955][T30339] page dumped because: unmovable page
[ 1722.312056][T30339] page_owner tracks the page as allocated
[ 1722.318123][T30339] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5869, tgid 5869 (syz-executor), ts 90757637300, free_ts 90689412952
[ 1722.343952][T30339]  post_alloc_hook+0x1c0/0x230
[ 1722.359571][T30339]  get_page_from_freelist+0x132b/0x38e0
[ 1722.472413][T30339]  __alloc_frozen_pages_noprof+0x261/0x23f0
[ 1722.481750][T30339]  alloc_pages_mpol+0x1fb/0x550
[ 1722.486633][T30339]  new_slab+0x247/0x330
[ 1722.527706][T30339]  ___slab_alloc+0xcf2/0x1750
[ 1722.550041][T30339]  __slab_alloc.constprop.0+0x56/0xb0
[ 1722.562185][T30339]  __kmalloc_noprof+0x2f2/0x510
[ 1722.596773][T30339]  fib_create_info+0x53f/0x46b0
[ 1722.658064][T30339]  fib_table_insert+0x177/0x1c40
[ 1722.694418][T30339]  fib_magic+0x4d4/0x5c0
[ 1722.779748][T30339]  fib_add_ifaddr+0x4d2/0x580
[ 1722.784694][T30339]  fib_netdev_event+0x38a/0x710
[ 1722.790176][T30339]  notifier_call_chain+0xb9/0x410
[ 1722.795549][T30339]  call_netdevice_notifiers_info+0xbe/0x140
[ 1722.802283][T30339]  __dev_notify_flags+0x12c/0x2e0
[ 1722.807422][T30339] page last free pid 5958 tgid 5958 stack trace:
[ 1722.815406][T30339]  __free_frozen_pages+0x7d5/0x10f0
[ 1722.824853][T30339]  __mmdrop+0xd5/0x580
[ 1722.828971][T30339]  __mmput+0x374/0x410
[ 1722.833320][T30339]  mmput+0x62/0x70
[ 1722.839951][T30339]  do_exit+0x7c7/0x2bf0
[ 1722.897624][T30339]  do_group_exit+0xd3/0x2a0
[ 1722.907659][T30339]  __x64_sys_exit_group+0x3e/0x50
[ 1722.935692][T30339]  x64_sys_call+0x14fa/0x1720
[ 1722.959741][T30344] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5074'.
[ 1722.984910][T30339]  do_syscall_64+0xcd/0x4c0
[ 1722.999360][T30339]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1723.946740][T30360] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[ 1724.013810][T30360] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1724.145525][T30360] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 1724.227266][T30360] page_type: f5(slab)
[ 1724.339530][T30360] raw: 00fff00000000040 ffff88801b841b40 0000000000000000 dead000000000001
[ 1724.349218][T30360] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 1724.365982][T30360] head: 00fff00000000040 ffff88801b841b40 0000000000000000 dead000000000001
[ 1724.389031][T30360] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 1724.408909][T30360] head: 00fff00000000001 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[ 1724.422311][T30360] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[ 1724.559055][T30360] page dumped because: unmovable page
[ 1724.565227][T30360] page_owner tracks the page as allocated
[ 1724.571642][T30360] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5869, tgid 5869 (syz-executor), ts 90757637300, free_ts 90689412952
[ 1724.593880][T30360]  post_alloc_hook+0x1c0/0x230
[ 1724.598763][T30360]  get_page_from_freelist+0x132b/0x38e0
[ 1724.605117][T30360]  __alloc_frozen_pages_noprof+0x261/0x23f0
[ 1724.611500][T30360]  alloc_pages_mpol+0x1fb/0x550
[ 1724.616620][T30360]  new_slab+0x247/0x330
[ 1724.625256][T30360]  ___slab_alloc+0xcf2/0x1750
[ 1724.644508][T30360]  __slab_alloc.constprop.0+0x56/0xb0
[ 1724.779697][T30360]  __kmalloc_noprof+0x2f2/0x510
[ 1724.806706][T30360]  fib_create_info+0x53f/0x46b0
[ 1724.817512][T30365] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5086'.
[ 1724.826880][T30360]  fib_table_insert+0x177/0x1c40
[ 1724.837029][T30360]  fib_magic+0x4d4/0x5c0
[ 1724.846775][T30360]  fib_add_ifaddr+0x4d2/0x580
[ 1724.851987][T30360]  fib_netdev_event+0x38a/0x710
[ 1724.857459][T30360]  notifier_call_chain+0xb9/0x410
[ 1724.863371][T30360]  call_netdevice_notifiers_info+0xbe/0x140
[ 1724.869286][T30360]  __dev_notify_flags+0x12c/0x2e0
[ 1724.890601][T30360] page last free pid 5958 tgid 5958 stack trace:
[ 1724.899935][T30360]  __free_frozen_pages+0x7d5/0x10f0
[ 1724.905268][T30360]  __mmdrop+0xd5/0x580
[ 1724.912915][T30360]  __mmput+0x374/0x410
[ 1725.119463][T30360]  mmput+0x62/0x70
[ 1725.132703][T30360]  do_exit+0x7c7/0x2bf0
[ 1725.169602][T30360]  do_group_exit+0xd3/0x2a0
[ 1725.311881][T30360]  __x64_sys_exit_group+0x3e/0x50
[ 1725.376457][T30360]  x64_sys_call+0x14fa/0x1720
[ 1725.461321][T30360]  do_syscall_64+0xcd/0x4c0
[ 1725.548580][T30360]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1725.801867][T30384] FAULT_INJECTION: forcing a failure.
[ 1725.801867][T30384] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1725.841196][T30384] CPU: 0 UID: 0 PID: 30384 Comm: syz.8.5081 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1725.841222][T30384] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1725.841228][T30384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1725.841237][T30384] Call Trace:
[ 1725.841242][T30384]  <TASK>
[ 1725.841248][T30384]  dump_stack_lvl+0x16c/0x1f0
[ 1725.841275][T30384]  should_fail_ex+0x512/0x640
[ 1725.841300][T30384]  should_fail_alloc_page+0xe7/0x130
[ 1725.841321][T30384]  prepare_alloc_pages+0x3c2/0x610
[ 1725.841343][T30384]  ? rcu_is_watching+0x12/0xc0
[ 1725.841361][T30384]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 1725.841379][T30384]  ? __lock_acquire+0xb97/0x1ce0
[ 1725.841406][T30384]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1725.841424][T30384]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1725.841447][T30384]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1725.841469][T30384]  ? find_held_lock+0x2b/0x80
[ 1725.841488][T30384]  ? __lock_acquire+0xb97/0x1ce0
[ 1725.841507][T30384]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1725.841530][T30384]  ? policy_nodemask+0xea/0x4e0
[ 1725.841551][T30384]  alloc_pages_mpol+0x1fb/0x550
[ 1725.841570][T30384]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1725.841595][T30384]  folio_alloc_mpol_noprof+0x36/0x2f0
[ 1725.841617][T30384]  shmem_alloc_folio+0x135/0x160
[ 1725.841633][T30384]  shmem_alloc_and_add_folio+0x499/0xc20
[ 1725.841661][T30384]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[ 1725.841688][T30384]  ? shmem_allowable_huge_orders+0xcb/0x2f0
[ 1725.841722][T30384]  shmem_get_folio_gfp+0x67f/0x1600
[ 1725.841743][T30384]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[ 1725.841761][T30384]  ? __pfx_timestamp_truncate+0x10/0x10
[ 1725.841782][T30384]  shmem_fault+0x1fe/0xa30
[ 1725.841800][T30384]  ? __pfx_shmem_fault+0x10/0x10
[ 1725.841816][T30384]  ? __lock_acquire+0x62e/0x1ce0
[ 1725.841836][T30384]  ? __pfx___up_read+0x10/0x10
[ 1725.841856][T30384]  ? inode_to_bdi+0x9e/0x160
[ 1725.841879][T30384]  ? __pfx_filemap_map_pages+0x10/0x10
[ 1725.841902][T30384]  __do_fault+0x10d/0x490
[ 1725.841922][T30384]  ? __pfx_filemap_map_pages+0x10/0x10
[ 1725.841938][T30384]  do_pte_missing+0x1a6/0x3ba0
[ 1725.841953][T30384]  ? find_held_lock+0x2b/0x80
[ 1725.841968][T30384]  ? __handle_mm_fault+0x14fd/0x2a50
[ 1725.841985][T30384]  __handle_mm_fault+0x152a/0x2a50
[ 1725.842002][T30384]  ? mt_find+0x3ef/0xa30
[ 1725.842017][T30384]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1725.842031][T30384]  ? __pfx_mt_find+0x10/0x10
[ 1725.842054][T30384]  ? find_vma+0xbf/0x140
[ 1725.842072][T30384]  ? __pfx_find_vma+0x10/0x10
[ 1725.842093][T30384]  handle_mm_fault+0x589/0xd10
[ 1725.842109][T30384]  ? trace_raw_output_exceptions+0x131/0x150
[ 1725.842134][T30384]  do_user_addr_fault+0x7a6/0x1370
[ 1725.842157][T30384]  ? rcu_is_watching+0x12/0xc0
[ 1725.842174][T30384]  exc_page_fault+0x5c/0xb0
[ 1725.842194][T30384]  asm_exc_page_fault+0x26/0x30
[ 1725.842209][T30384] RIP: 0010:rep_movs_alternative+0x4a/0x90
[ 1725.842227][T30384] Code: cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[ 1725.842240][T30384] RSP: 0018:ffffc90003467b48 EFLAGS: 00050206
[ 1725.842252][T30384] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000000ff8
[ 1725.842261][T30384] RDX: 0000000000000000 RSI: ffff88802a60a008 RDI: 000000000001b000
[ 1725.842270][T30384] RBP: 000000000001aff8 R08: 0000000000000000 R09: ffffed10054c15ff
[ 1725.842279][T30384] R10: ffff88802a60afff R11: 0000000000000000 R12: ffff88802a60a000
[ 1725.842288][T30384] R13: 000000000001bff8 R14: 00007ffffffff000 R15: 0000000000000000
[ 1725.842307][T30384]  _copy_to_user+0xbb/0xd0
[ 1725.842324][T30384]  pagemap_read+0x52c/0x890
[ 1725.842345][T30384]  ? __pfx_pagemap_read+0x10/0x10
[ 1725.842366][T30384]  ? rw_verify_area+0xcf/0x6c0
[ 1725.842381][T30384]  ? __pfx_pagemap_read+0x10/0x10
[ 1725.842397][T30384]  vfs_readv+0x5c1/0x8b0
[ 1725.842416][T30384]  ? __pfx_vfs_readv+0x10/0x10
[ 1725.842432][T30384]  ? find_held_lock+0x2b/0x80
[ 1725.842457][T30384]  ? __fget_files+0x20e/0x3c0
[ 1725.842477][T30384]  ? do_preadv+0x1a6/0x270
[ 1725.842490][T30384]  do_preadv+0x1a6/0x270
[ 1725.842506][T30384]  ? __pfx_do_preadv+0x10/0x10
[ 1725.842526][T30384]  do_syscall_64+0xcd/0x4c0
[ 1725.842551][T30384]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1725.842566][T30384] RIP: 0033:0x7fc69398eba9
[ 1725.842578][T30384] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1725.842591][T30384] RSP: 002b:00007fc69487e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[ 1725.842604][T30384] RAX: ffffffffffffffda RBX: 00007fc693bd6090 RCX: 00007fc69398eba9
[ 1725.842614][T30384] RDX: 0000000000000006 RSI: 0000200000000080 RDI: 0040000000000003
[ 1725.842623][T30384] RBP: 00007fc69487e090 R08: 0000000000000005 R09: 0000000000000000
[ 1725.842631][T30384] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000002
[ 1725.842640][T30384] R13: 00007fc693bd6128 R14: 00007fc693bd6090 R15: 00007ffd031b2bf8
[ 1725.842661][T30384]  </TASK>
[ 1726.376500][T30386] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5082'.
[ 1726.973563][T30404] FAULT_INJECTION: forcing a failure.
[ 1726.973563][T30404] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1727.051594][T30404] CPU: 1 UID: 0 PID: 30404 Comm: syz.8.5084 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1727.051620][T30404] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1727.051626][T30404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1727.051635][T30404] Call Trace:
[ 1727.051641][T30404]  <TASK>
[ 1727.051647][T30404]  dump_stack_lvl+0x16c/0x1f0
[ 1727.051673][T30404]  should_fail_ex+0x512/0x640
[ 1727.051699][T30404]  _copy_from_user+0x2e/0xd0
[ 1727.051722][T30404]  copy_msghdr_from_user+0x98/0x160
[ 1727.051745][T30404]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1727.051768][T30404]  ? kfree+0x24f/0x4d0
[ 1727.051782][T30404]  ? __lock_acquire+0x62e/0x1ce0
[ 1727.051805][T30404]  ___sys_recvmsg+0xdb/0x1a0
[ 1727.051826][T30404]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1727.051856][T30404]  ? __pfx___might_resched+0x10/0x10
[ 1727.051875][T30404]  do_recvmmsg+0x2fe/0x750
[ 1727.051899][T30404]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1727.051923][T30404]  ? __mutex_unlock_slowpath+0x161/0x7b0
[ 1727.051951][T30404]  ? __fget_files+0x20e/0x3c0
[ 1727.051971][T30404]  __x64_sys_recvmmsg+0x22a/0x280
[ 1727.051994][T30404]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1727.052025][T30404]  do_syscall_64+0xcd/0x4c0
[ 1727.052048][T30404]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1727.052063][T30404] RIP: 0033:0x7fc69398eba9
[ 1727.052075][T30404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1727.052089][T30404] RSP: 002b:00007fc69485d038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1727.052104][T30404] RAX: ffffffffffffffda RBX: 00007fc693bd6180 RCX: 00007fc69398eba9
[ 1727.052114][T30404] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[ 1727.052122][T30404] RBP: 00007fc69485d090 R08: 0000000000000000 R09: 0000000000000000
[ 1727.052131][T30404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1727.052140][T30404] R13: 00007fc693bd6218 R14: 00007fc693bd6180 R15: 00007ffd031b2bf8
[ 1727.052158][T30404]  </TASK>
[ 1728.978309][T30438] FAULT_INJECTION: forcing a failure.
[ 1728.978309][T30438] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1729.059645][T30438] CPU: 1 UID: 0 PID: 30438 Comm: syz.8.5093 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1729.059687][T30438] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1729.059697][T30438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1729.059712][T30438] Call Trace:
[ 1729.059721][T30438]  <TASK>
[ 1729.059731][T30438]  dump_stack_lvl+0x16c/0x1f0
[ 1729.059773][T30438]  should_fail_ex+0x512/0x640
[ 1729.059814][T30438]  should_fail_alloc_page+0xe7/0x130
[ 1729.059849][T30438]  prepare_alloc_pages+0x3c2/0x610
[ 1729.059884][T30438]  ? rcu_is_watching+0x12/0xc0
[ 1729.059914][T30438]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 1729.059945][T30438]  ? __lock_acquire+0xb97/0x1ce0
[ 1729.059992][T30438]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1729.060022][T30438]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1729.060059][T30438]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1729.060094][T30438]  ? find_held_lock+0x2b/0x80
[ 1729.060129][T30438]  ? __lock_acquire+0xb97/0x1ce0
[ 1729.060160][T30438]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1729.060198][T30438]  ? policy_nodemask+0xea/0x4e0
[ 1729.060232][T30438]  alloc_pages_mpol+0x1fb/0x550
[ 1729.060265][T30438]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1729.060308][T30438]  folio_alloc_mpol_noprof+0x36/0x2f0
[ 1729.060354][T30438]  shmem_alloc_folio+0x135/0x160
[ 1729.060382][T30438]  shmem_alloc_and_add_folio+0x499/0xc20
[ 1729.060420][T30438]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[ 1729.060453][T30438]  ? shmem_allowable_huge_orders+0xcb/0x2f0
[ 1729.060489][T30438]  shmem_get_folio_gfp+0x67f/0x1600
[ 1729.060527][T30438]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[ 1729.060557][T30438]  ? __pfx_timestamp_truncate+0x10/0x10
[ 1729.060595][T30438]  shmem_fault+0x1fe/0xa30
[ 1729.060626][T30438]  ? __pfx_shmem_fault+0x10/0x10
[ 1729.060653][T30438]  ? __lock_acquire+0x62e/0x1ce0
[ 1729.060688][T30438]  ? __pfx___up_read+0x10/0x10
[ 1729.060721][T30438]  ? inode_to_bdi+0x9e/0x160
[ 1729.060760][T30438]  ? __pfx_filemap_map_pages+0x10/0x10
[ 1729.060788][T30438]  __do_fault+0x10d/0x490
[ 1729.060821][T30438]  ? __pfx_filemap_map_pages+0x10/0x10
[ 1729.060849][T30438]  do_pte_missing+0x1a6/0x3ba0
[ 1729.060876][T30438]  ? find_held_lock+0x2b/0x80
[ 1729.060902][T30438]  ? __handle_mm_fault+0x14fd/0x2a50
[ 1729.060934][T30438]  __handle_mm_fault+0x152a/0x2a50
[ 1729.060965][T30438]  ? mt_find+0x3ef/0xa30
[ 1729.060990][T30438]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1729.061014][T30438]  ? __pfx_mt_find+0x10/0x10
[ 1729.061058][T30438]  ? find_vma+0xbf/0x140
[ 1729.061089][T30438]  ? __pfx_find_vma+0x10/0x10
[ 1729.061123][T30438]  handle_mm_fault+0x589/0xd10
[ 1729.061152][T30438]  ? trace_raw_output_exceptions+0x131/0x150
[ 1729.061192][T30438]  do_user_addr_fault+0x7a6/0x1370
[ 1729.061233][T30438]  ? rcu_is_watching+0x12/0xc0
[ 1729.061263][T30438]  exc_page_fault+0x5c/0xb0
[ 1729.061297][T30438]  asm_exc_page_fault+0x26/0x30
[ 1729.061327][T30438] RIP: 0010:rep_movs_alternative+0x4a/0x90
[ 1729.061357][T30438] Code: cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[ 1729.061381][T30438] RSP: 0018:ffffc9000444fb48 EFLAGS: 00050206
[ 1729.061402][T30438] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000000ff8
[ 1729.061419][T30438] RDX: 0000000000000000 RSI: ffff888065730008 RDI: 000000000001b000
[ 1729.061435][T30438] RBP: 000000000001aff8 R08: 0000000000000000 R09: ffffed100cae61ff
[ 1729.061451][T30438] R10: ffff888065730fff R11: 0000000000000000 R12: ffff888065730000
[ 1729.061468][T30438] R13: 000000000001bff8 R14: 00007ffffffff000 R15: 0000000000000000
[ 1729.061504][T30438]  _copy_to_user+0xbb/0xd0
[ 1729.061535][T30438]  pagemap_read+0x52c/0x890
[ 1729.061570][T30438]  ? __pfx_pagemap_read+0x10/0x10
[ 1729.061606][T30438]  ? rw_verify_area+0xcf/0x6c0
[ 1729.061634][T30438]  ? __pfx_pagemap_read+0x10/0x10
[ 1729.061661][T30438]  vfs_readv+0x5c1/0x8b0
[ 1729.061695][T30438]  ? __pfx_vfs_readv+0x10/0x10
[ 1729.061728][T30438]  ? find_held_lock+0x2b/0x80
[ 1729.061775][T30438]  ? __fget_files+0x20e/0x3c0
[ 1729.061811][T30438]  ? do_preadv+0x1a6/0x270
[ 1729.061834][T30438]  do_preadv+0x1a6/0x270
[ 1729.061862][T30438]  ? __pfx_do_preadv+0x10/0x10
[ 1729.061902][T30438]  do_syscall_64+0xcd/0x4c0
[ 1729.061940][T30438]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1729.061965][T30438] RIP: 0033:0x7fc69398eba9
[ 1729.061984][T30438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1729.062008][T30438] RSP: 002b:00007fc69487e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[ 1729.062030][T30438] RAX: ffffffffffffffda RBX: 00007fc693bd6090 RCX: 00007fc69398eba9
[ 1729.062047][T30438] RDX: 0000000000000006 RSI: 0000200000000080 RDI: 0040000000000003
[ 1729.062064][T30438] RBP: 00007fc69487e090 R08: 0000000000000005 R09: 0000000000000000
[ 1729.062079][T30438] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000002
[ 1729.062094][T30438] R13: 00007fc693bd6128 R14: 00007fc693bd6090 R15: 00007ffd031b2bf8
[ 1729.062129][T30438]  </TASK>
[ 1729.995927][T30447] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5096'.
[ 1730.154983][T30447] bridge_slave_1: left allmulticast mode
[ 1730.189568][T30447] bridge_slave_1: left promiscuous mode
[ 1730.240643][T30447] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1730.297380][T30447] bridge_slave_0: left allmulticast mode
[ 1730.339982][T30447] bridge_slave_0: left promiscuous mode
[ 1730.350077][T30447] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1730.375137][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[ 1730.382086][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[ 1730.408793][T30456] netlink: 290 bytes leftover after parsing attributes in process `syz.8.5100'.
[ 1731.652319][T30482] input: f¬
 as /devices/virtual/input/input40
[ 1733.485876][T30512] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[ 1733.569608][T30512] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1733.578251][T30512] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 1733.819617][T30512] page_type: f5(slab)
[ 1733.842614][T30512] raw: 00fff00000000040 ffff88801b841b40 0000000000000000 dead000000000001
[ 1733.936893][T30512] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 1734.017678][T30512] head: 00fff00000000040 ffff88801b841b40 0000000000000000 dead000000000001
[ 1734.163585][T30512] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 1734.174790][T30512] head: 00fff00000000001 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[ 1734.185114][T30512] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[ 1734.233585][T30512] page dumped because: unmovable page
[ 1734.239226][T30512] page_owner tracks the page as allocated
[ 1734.251674][T30512] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5869, tgid 5869 (syz-executor), ts 90757637300, free_ts 90689412952
[ 1734.304610][T30512]  post_alloc_hook+0x1c0/0x230
[ 1734.310282][T30512]  get_page_from_freelist+0x132b/0x38e0
[ 1734.316124][T30512]  __alloc_frozen_pages_noprof+0x261/0x23f0
[ 1734.322581][T30512]  alloc_pages_mpol+0x1fb/0x550
[ 1734.328798][T30512]  new_slab+0x247/0x330
[ 1734.377247][T30512]  ___slab_alloc+0xcf2/0x1750
[ 1734.387618][T30512]  __slab_alloc.constprop.0+0x56/0xb0
[ 1734.394367][T30512]  __kmalloc_noprof+0x2f2/0x510
[ 1734.399545][T30512]  fib_create_info+0x53f/0x46b0
[ 1734.404647][T30512]  fib_table_insert+0x177/0x1c40
[ 1734.482615][T30512]  fib_magic+0x4d4/0x5c0
[ 1734.508919][T30512]  fib_add_ifaddr+0x4d2/0x580
[ 1734.547604][T30512]  fib_netdev_event+0x38a/0x710
[ 1734.583524][T30512]  notifier_call_chain+0xb9/0x410
[ 1734.614560][T30512]  call_netdevice_notifiers_info+0xbe/0x140
[ 1734.661989][T30512]  __dev_notify_flags+0x12c/0x2e0
[ 1734.693901][T30512] page last free pid 5958 tgid 5958 stack trace:
[ 1734.710693][T30512]  __free_frozen_pages+0x7d5/0x10f0
[ 1734.726054][T30512]  __mmdrop+0xd5/0x580
[ 1734.735876][T30512]  __mmput+0x374/0x410
[ 1734.747628][T30512]  mmput+0x62/0x70
[ 1734.756197][T30512]  do_exit+0x7c7/0x2bf0
[ 1734.769159][T30512]  do_group_exit+0xd3/0x2a0
[ 1734.782669][T30512]  __x64_sys_exit_group+0x3e/0x50
[ 1734.798006][T30512]  x64_sys_call+0x14fa/0x1720
[ 1734.812433][T30512]  do_syscall_64+0xcd/0x4c0
[ 1734.824265][T30512]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1734.951256][T30515] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5111'.
[ 1736.955655][T30555] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1737.032551][T30555] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1737.049736][T30555] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1737.063590][T30555] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1737.852450][T30585] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888078000000 pfn:0x78000
[ 1737.939459][T30585] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1738.131241][T30585] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[ 1738.195433][T30585] page_type: f5(slab)
[ 1738.209495][T30585] raw: 00fff00000000240 ffff88801b841b40 ffffea00017a2810 ffffea0001dea490
[ 1738.249548][T30585] raw: ffff888078000000 0000000000100009 00000000f5000000 0000000000000000
[ 1738.289543][T20833] Bluetooth: hci0: command 0x040f tx timeout
[ 1738.299508][T30585] head: 00fff00000000240 ffff88801b841b40 ffffea00017a2810 ffffea0001dea490
[ 1738.321456][T30585] head: ffff888078000000 0000000000100009 00000000f5000000 0000000000000000
[ 1738.330382][T30585] head: 00fff00000000001 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[ 1738.339579][T30585] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[ 1738.349535][T30585] page dumped because: unmovable page
[ 1738.359281][T30585] page_owner tracks the page as allocated
[ 1738.365848][T30585] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5869, tgid 5869 (syz-executor), ts 90757637300, free_ts 90689412952
[ 1738.393212][T30585]  post_alloc_hook+0x1c0/0x230
[ 1738.398999][T30585]  get_page_from_freelist+0x132b/0x38e0
[ 1738.404793][T30585]  __alloc_frozen_pages_noprof+0x261/0x23f0
[ 1738.413602][T30585]  alloc_pages_mpol+0x1fb/0x550
[ 1738.432464][T30585]  new_slab+0x247/0x330
[ 1738.436654][T30585]  ___slab_alloc+0xcf2/0x1750
[ 1738.453615][T30585]  __slab_alloc.constprop.0+0x56/0xb0
[ 1738.459050][T30585]  __kmalloc_noprof+0x2f2/0x510
[ 1738.464960][T30585]  fib_create_info+0x53f/0x46b0
[ 1738.471672][T30585]  fib_table_insert+0x177/0x1c40
[ 1738.480264][T30585]  fib_magic+0x4d4/0x5c0
[ 1738.484565][T30585]  fib_add_ifaddr+0x4d2/0x580
[ 1738.491785][T30585]  fib_netdev_event+0x38a/0x710
[ 1738.496675][T30585]  notifier_call_chain+0xb9/0x410
[ 1738.511657][T30585]  call_netdevice_notifiers_info+0xbe/0x140
[ 1738.521423][T30585]  __dev_notify_flags+0x12c/0x2e0
[ 1738.526506][T30585] page last free pid 5958 tgid 5958 stack trace:
[ 1738.551253][T30585]  __free_frozen_pages+0x7d5/0x10f0
[ 1738.556732][T30585]  __mmdrop+0xd5/0x580
[ 1738.562828][T30585]  __mmput+0x374/0x410
[ 1738.570028][T30585]  mmput+0x62/0x70
[ 1738.576685][T30585]  do_exit+0x7c7/0x2bf0
[ 1738.582381][T30585]  do_group_exit+0xd3/0x2a0
[ 1738.589720][T30585]  __x64_sys_exit_group+0x3e/0x50
[ 1738.594934][T30585]  x64_sys_call+0x14fa/0x1720
[ 1738.600105][T30585]  do_syscall_64+0xcd/0x4c0
[ 1738.604655][T30585]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1738.613722][T30590] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5122'.
[ 1739.089572][T20833] Bluetooth: hci3: command 0x041b tx timeout
[ 1739.095998][T24825] Bluetooth: hci2: command 0x040f tx timeout
[ 1739.096384][ T5875] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1739.849278][T30618] FAULT_INJECTION: forcing a failure.
[ 1739.849278][T30618] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1739.889662][T30618] CPU: 1 UID: 0 PID: 30618 Comm: syz.4.5127 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1739.889702][T30618] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1739.889711][T30618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1739.889724][T30618] Call Trace:
[ 1739.889732][T30618]  <TASK>
[ 1739.889742][T30618]  dump_stack_lvl+0x16c/0x1f0
[ 1739.889782][T30618]  should_fail_ex+0x512/0x640
[ 1739.889821][T30618]  _copy_from_user+0x2e/0xd0
[ 1739.889849][T30618]  copy_msghdr_from_user+0x98/0x160
[ 1739.889885][T30618]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1739.889925][T30618]  ? kfree+0x24f/0x4d0
[ 1739.889950][T30618]  ? __pfx___schedule+0x10/0x10
[ 1739.889974][T30618]  ___sys_recvmsg+0xdb/0x1a0
[ 1739.889995][T30618]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1739.890025][T30618]  ? __pfx___might_resched+0x10/0x10
[ 1739.890045][T30618]  do_recvmmsg+0x2fe/0x750
[ 1739.890068][T30618]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1739.890093][T30618]  ? __mutex_unlock_slowpath+0x161/0x7b0
[ 1739.890120][T30618]  ? __fget_files+0x20e/0x3c0
[ 1739.890140][T30618]  __x64_sys_recvmmsg+0x22a/0x280
[ 1739.890163][T30618]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1739.890190][T30618]  do_syscall_64+0xcd/0x4c0
[ 1739.890214][T30618]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1739.890230][T30618] RIP: 0033:0x7f1926d8eba9
[ 1739.890243][T30618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1739.890256][T30618] RSP: 002b:00007f1927c14038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1739.890270][T30618] RAX: ffffffffffffffda RBX: 00007f1926fd6180 RCX: 00007f1926d8eba9
[ 1739.890280][T30618] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[ 1739.890288][T30618] RBP: 00007f1927c14090 R08: 0000000000000000 R09: 0000000000000000
[ 1739.890297][T30618] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1739.890306][T30618] R13: 00007f1926fd6218 R14: 00007f1926fd6180 R15: 00007ffcd7219178
[ 1739.890324][T30618]  </TASK>
[ 1740.352374][T30621] FAULT_INJECTION: forcing a failure.
[ 1740.352374][T30621] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1740.432778][T30621] CPU: 1 UID: 0 PID: 30621 Comm: syz.7.5128 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1740.432821][T30621] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1740.432831][T30621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1740.432846][T30621] Call Trace:
[ 1740.432855][T30621]  <TASK>
[ 1740.432865][T30621]  dump_stack_lvl+0x16c/0x1f0
[ 1740.432907][T30621]  should_fail_ex+0x512/0x640
[ 1740.432949][T30621]  _copy_to_user+0x32/0xd0
[ 1740.432978][T30621]  pagemap_read+0x52c/0x890
[ 1740.433013][T30621]  ? __pfx_pagemap_read+0x10/0x10
[ 1740.433047][T30621]  ? rw_verify_area+0xcf/0x6c0
[ 1740.433089][T30621]  ? __pfx_pagemap_read+0x10/0x10
[ 1740.433116][T30621]  vfs_readv+0x5c1/0x8b0
[ 1740.433149][T30621]  ? __pfx_vfs_readv+0x10/0x10
[ 1740.433176][T30621]  ? find_held_lock+0x2b/0x80
[ 1740.433223][T30621]  ? __fget_files+0x20e/0x3c0
[ 1740.433258][T30621]  ? do_preadv+0x1a6/0x270
[ 1740.433282][T30621]  do_preadv+0x1a6/0x270
[ 1740.433309][T30621]  ? __pfx_do_preadv+0x10/0x10
[ 1740.433344][T30621]  do_syscall_64+0xcd/0x4c0
[ 1740.433380][T30621]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1740.433412][T30621] RIP: 0033:0x7ffa3298eba9
[ 1740.433433][T30621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1740.433457][T30621] RSP: 002b:00007ffa30bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[ 1740.433481][T30621] RAX: ffffffffffffffda RBX: 00007ffa32bd5fa0 RCX: 00007ffa3298eba9
[ 1740.433498][T30621] RDX: 0000000000000006 RSI: 0000200000000080 RDI: 0040000000000003
[ 1740.433514][T30621] RBP: 00007ffa30bf6090 R08: 0000000000000005 R09: 0000000000000000
[ 1740.433529][T30621] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000002
[ 1740.433542][T30621] R13: 00007ffa32bd6038 R14: 00007ffa32bd5fa0 R15: 00007ffc52e6f8f8
[ 1740.433577][T30621]  </TASK>
[ 1742.631923][T30651] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5134'.
[ 1744.447001][T30665] netlink: 342 bytes leftover after parsing attributes in process `syz.7.5139'.
[ 1744.468773][T30665] netlink: 342 bytes leftover after parsing attributes in process `syz.7.5139'.
[ 1744.795290][T30671] FAULT_INJECTION: forcing a failure.
[ 1744.795290][T30671] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1744.821517][T30671] CPU: 1 UID: 0 PID: 30671 Comm: syz.7.5141 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1744.821548][T30671] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1744.821554][T30671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1744.821563][T30671] Call Trace:
[ 1744.821568][T30671]  <TASK>
[ 1744.821575][T30671]  dump_stack_lvl+0x16c/0x1f0
[ 1744.821601][T30671]  should_fail_ex+0x512/0x640
[ 1744.821628][T30671]  should_fail_alloc_page+0xe7/0x130
[ 1744.821650][T30671]  prepare_alloc_pages+0x3c2/0x610
[ 1744.821672][T30671]  ? rcu_is_watching+0x12/0xc0
[ 1744.821689][T30671]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 1744.821714][T30671]  ? __lock_acquire+0xb97/0x1ce0
[ 1744.821741][T30671]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1744.821759][T30671]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1744.821781][T30671]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1744.821802][T30671]  ? find_held_lock+0x2b/0x80
[ 1744.821821][T30671]  ? __lock_acquire+0xb97/0x1ce0
[ 1744.821843][T30671]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1744.821874][T30671]  ? policy_nodemask+0xea/0x4e0
[ 1744.821895][T30671]  alloc_pages_mpol+0x1fb/0x550
[ 1744.821914][T30671]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1744.821938][T30671]  folio_alloc_mpol_noprof+0x36/0x2f0
[ 1744.821961][T30671]  shmem_alloc_folio+0x135/0x160
[ 1744.821976][T30671]  shmem_alloc_and_add_folio+0x499/0xc20
[ 1744.821997][T30671]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[ 1744.822016][T30671]  ? shmem_allowable_huge_orders+0xcb/0x2f0
[ 1744.822036][T30671]  shmem_get_folio_gfp+0x67f/0x1600
[ 1744.822057][T30671]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[ 1744.822075][T30671]  ? __pfx_timestamp_truncate+0x10/0x10
[ 1744.822096][T30671]  shmem_fault+0x1fe/0xa30
[ 1744.822114][T30671]  ? __pfx_shmem_fault+0x10/0x10
[ 1744.822130][T30671]  ? __lock_acquire+0x62e/0x1ce0
[ 1744.822150][T30671]  ? __pfx___up_read+0x10/0x10
[ 1744.822170][T30671]  ? inode_to_bdi+0x9e/0x160
[ 1744.822194][T30671]  ? __pfx_filemap_map_pages+0x10/0x10
[ 1744.822212][T30671]  __do_fault+0x10d/0x490
[ 1744.822232][T30671]  ? __pfx_filemap_map_pages+0x10/0x10
[ 1744.822248][T30671]  do_pte_missing+0x1a6/0x3ba0
[ 1744.822264][T30671]  ? find_held_lock+0x2b/0x80
[ 1744.822278][T30671]  ? __handle_mm_fault+0x14fd/0x2a50
[ 1744.822295][T30671]  __handle_mm_fault+0x152a/0x2a50
[ 1744.822313][T30671]  ? mt_find+0x3ef/0xa30
[ 1744.822327][T30671]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1744.822341][T30671]  ? __pfx_mt_find+0x10/0x10
[ 1744.822366][T30671]  ? find_vma+0xbf/0x140
[ 1744.822384][T30671]  ? __pfx_find_vma+0x10/0x10
[ 1744.822404][T30671]  handle_mm_fault+0x589/0xd10
[ 1744.822420][T30671]  ? trace_raw_output_exceptions+0x131/0x150
[ 1744.822444][T30671]  do_user_addr_fault+0x7a6/0x1370
[ 1744.822468][T30671]  ? rcu_is_watching+0x12/0xc0
[ 1744.822485][T30671]  exc_page_fault+0x5c/0xb0
[ 1744.822506][T30671]  asm_exc_page_fault+0x26/0x30
[ 1744.822520][T30671] RIP: 0010:rep_movs_alternative+0x4a/0x90
[ 1744.822538][T30671] Code: cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[ 1744.822552][T30671] RSP: 0018:ffffc90003f3fb48 EFLAGS: 00050206
[ 1744.822564][T30671] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000000ff8
[ 1744.822574][T30671] RDX: 0000000000000000 RSI: ffff888076e5a008 RDI: 000000000001d000
[ 1744.822582][T30671] RBP: 000000000001cff8 R08: 0000000000000000 R09: ffffed100edcb5ff
[ 1744.822591][T30671] R10: ffff888076e5afff R11: 0000000000000000 R12: ffff888076e5a000
[ 1744.822600][T30671] R13: 000000000001dff8 R14: 00007ffffffff000 R15: 0000000000000000
[ 1744.822626][T30671]  _copy_to_user+0xbb/0xd0
[ 1744.822650][T30671]  pagemap_read+0x52c/0x890
[ 1744.822678][T30671]  ? __pfx_pagemap_read+0x10/0x10
[ 1744.822703][T30671]  ? rw_verify_area+0xcf/0x6c0
[ 1744.822718][T30671]  ? __pfx_pagemap_read+0x10/0x10
[ 1744.822734][T30671]  vfs_readv+0x5c1/0x8b0
[ 1744.822753][T30671]  ? __pfx_vfs_readv+0x10/0x10
[ 1744.822769][T30671]  ? find_held_lock+0x2b/0x80
[ 1744.822794][T30671]  ? __fget_files+0x20e/0x3c0
[ 1744.822814][T30671]  ? do_preadv+0x1a6/0x270
[ 1744.822828][T30671]  do_preadv+0x1a6/0x270
[ 1744.822843][T30671]  ? __pfx_do_preadv+0x10/0x10
[ 1744.822870][T30671]  do_syscall_64+0xcd/0x4c0
[ 1744.822893][T30671]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1744.822906][T30671] RIP: 0033:0x7ffa3298eba9
[ 1744.822919][T30671] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1744.822933][T30671] RSP: 002b:00007ffa30bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[ 1744.822945][T30671] RAX: ffffffffffffffda RBX: 00007ffa32bd5fa0 RCX: 00007ffa3298eba9
[ 1744.822957][T30671] RDX: 0000000000000006 RSI: 0000200000000080 RDI: 0040000000000003
[ 1744.822966][T30671] RBP: 00007ffa30bf6090 R08: 0000000000000005 R09: 0000000000000000
[ 1744.822975][T30671] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000002
[ 1744.822983][T30671] R13: 00007ffa32bd6038 R14: 00007ffa32bd5fa0 R15: 00007ffc52e6f8f8
[ 1744.823002][T30671]  </TASK>
[ 1745.506717][T30677] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5142'.
[ 1745.516963][T30674] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888078001a00 pfn:0x78000
[ 1745.674134][T30674] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1745.689582][T30674] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[ 1745.698176][T30674] page_type: f5(slab)
[ 1745.704733][T30674] raw: 00fff00000000240 ffff88801b841b40 ffffea00017a2810 ffffea0001dea490
[ 1745.713500][T30674] raw: ffff888078001a00 0000000000100008 00000000f5000000 0000000000000000
[ 1745.722237][T30674] head: 00fff00000000240 ffff88801b841b40 ffffea00017a2810 ffffea0001dea490
[ 1745.732094][T30674] head: ffff888078001a00 0000000000100008 00000000f5000000 0000000000000000
[ 1745.791570][T30674] head: 00fff00000000001 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[ 1745.880574][T30674] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[ 1745.889543][T30674] page dumped because: unmovable page
[ 1745.894977][T30674] page_owner tracks the page as allocated
[ 1745.906218][T30674] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5869, tgid 5869 (syz-executor), ts 90757637300, free_ts 90689412952
[ 1746.055468][T30674]  post_alloc_hook+0x1c0/0x230
[ 1746.064850][T30674]  get_page_from_freelist+0x132b/0x38e0
[ 1746.163117][T30674]  __alloc_frozen_pages_noprof+0x261/0x23f0
[ 1746.169096][T30674]  alloc_pages_mpol+0x1fb/0x550
[ 1746.227077][T30674]  new_slab+0x247/0x330
[ 1746.280452][T30674]  ___slab_alloc+0xcf2/0x1750
[ 1746.397509][T30674]  __slab_alloc.constprop.0+0x56/0xb0
[ 1746.407695][T30674]  __kmalloc_noprof+0x2f2/0x510
[ 1746.415415][T30674]  fib_create_info+0x53f/0x46b0
[ 1746.427522][T30674]  fib_table_insert+0x177/0x1c40
[ 1746.446149][T30674]  fib_magic+0x4d4/0x5c0
[ 1746.459272][T30674]  fib_add_ifaddr+0x4d2/0x580
[ 1746.479690][T30674]  fib_netdev_event+0x38a/0x710
[ 1746.498611][T30674]  notifier_call_chain+0xb9/0x410
[ 1746.504214][T30674]  call_netdevice_notifiers_info+0xbe/0x140
[ 1746.510354][T30674]  __dev_notify_flags+0x12c/0x2e0
[ 1746.515700][T30674] page last free pid 5958 tgid 5958 stack trace:
[ 1746.523078][T30674]  __free_frozen_pages+0x7d5/0x10f0
[ 1746.529962][T30674]  __mmdrop+0xd5/0x580
[ 1746.534086][T30674]  __mmput+0x374/0x410
[ 1746.538182][T30674]  mmput+0x62/0x70
[ 1746.542188][T30674]  do_exit+0x7c7/0x2bf0
[ 1746.549472][T30674]  do_group_exit+0xd3/0x2a0
[ 1746.555071][T30674]  __x64_sys_exit_group+0x3e/0x50
[ 1746.565661][T30674]  x64_sys_call+0x14fa/0x1720
[ 1746.570526][T30674]  do_syscall_64+0xcd/0x4c0
[ 1746.575074][T30674]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1746.908825][T30699] FAULT_INJECTION: forcing a failure.
[ 1746.908825][T30699] name failslab, interval 1, probability 0, space 0, times 0
[ 1746.973511][T30699] CPU: 0 UID: 0 PID: 30699 Comm: syz.6.5146 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1746.973554][T30699] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1746.973564][T30699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1746.973578][T30699] Call Trace:
[ 1746.973587][T30699]  <TASK>
[ 1746.973596][T30699]  dump_stack_lvl+0x16c/0x1f0
[ 1746.973637][T30699]  should_fail_ex+0x512/0x640
[ 1746.973672][T30699]  ? fs_reclaim_acquire+0xae/0x150
[ 1746.973709][T30699]  ? tomoyo_encode2+0x100/0x3e0
[ 1746.973740][T30699]  should_failslab+0xc2/0x120
[ 1746.973771][T30699]  __kmalloc_noprof+0xd2/0x510
[ 1746.973798][T30699]  ? d_absolute_path+0x136/0x1a0
[ 1746.973837][T30699]  tomoyo_encode2+0x100/0x3e0
[ 1746.973872][T30699]  tomoyo_encode+0x29/0x50
[ 1746.973904][T30699]  tomoyo_realpath_from_path+0x18f/0x6e0
[ 1746.973948][T30699]  tomoyo_path_number_perm+0x245/0x580
[ 1746.973978][T30699]  ? tomoyo_path_number_perm+0x237/0x580
[ 1746.974012][T30699]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1746.974045][T30699]  ? find_held_lock+0x2b/0x80
[ 1746.974105][T30699]  ? hook_file_ioctl_common+0x145/0x410
[ 1746.974156][T30699]  security_file_ioctl+0x9b/0x240
[ 1746.974190][T30699]  __x64_sys_ioctl+0xb7/0x210
[ 1746.974230][T30699]  do_syscall_64+0xcd/0x4c0
[ 1746.974267][T30699]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1746.974292][T30699] RIP: 0033:0x7f516678eba9
[ 1746.974313][T30699] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1746.974336][T30699] RSP: 002b:00007f51675a6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1746.974361][T30699] RAX: ffffffffffffffda RBX: 00007f51669d5fa0 RCX: 00007f516678eba9
[ 1746.974379][T30699] RDX: 0000000000000004 RSI: 0000000000003b8e RDI: 0000000000000006
[ 1746.974395][T30699] RBP: 00007f51675a6090 R08: 0000000000000000 R09: 0000000000000000
[ 1746.974417][T30699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1746.974433][T30699] R13: 00007f51669d6038 R14: 00007f51669d5fa0 R15: 00007ffead158278
[ 1746.974468][T30699]  </TASK>
[ 1746.975997][T30699] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1748.454713][T30728] FAULT_INJECTION: forcing a failure.
[ 1748.454713][T30728] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1748.570416][T30728] CPU: 0 UID: 0 PID: 30728 Comm: syz.8.5152 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1748.570456][T30728] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1748.570465][T30728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1748.570479][T30728] Call Trace:
[ 1748.570487][T30728]  <TASK>
[ 1748.570496][T30728]  dump_stack_lvl+0x16c/0x1f0
[ 1748.570538][T30728]  should_fail_ex+0x512/0x640
[ 1748.570580][T30728]  _copy_from_user+0x2e/0xd0
[ 1748.570600][T30728]  copy_msghdr_from_user+0x98/0x160
[ 1748.570623][T30728]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1748.570647][T30728]  ? kfree+0x24f/0x4d0
[ 1748.570661][T30728]  ? __lock_acquire+0x62e/0x1ce0
[ 1748.570684][T30728]  ___sys_recvmsg+0xdb/0x1a0
[ 1748.570705][T30728]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1748.570736][T30728]  ? __pfx___might_resched+0x10/0x10
[ 1748.570754][T30728]  do_recvmmsg+0x2fe/0x750
[ 1748.570778][T30728]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1748.570802][T30728]  ? __mutex_unlock_slowpath+0x161/0x7b0
[ 1748.570830][T30728]  ? __fget_files+0x20e/0x3c0
[ 1748.570850][T30728]  __x64_sys_recvmmsg+0x22a/0x280
[ 1748.570872][T30728]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1748.570900][T30728]  do_syscall_64+0xcd/0x4c0
[ 1748.570923][T30728]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1748.570938][T30728] RIP: 0033:0x7fc69398eba9
[ 1748.570951][T30728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1748.570965][T30728] RSP: 002b:00007fc69487e038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1748.570979][T30728] RAX: ffffffffffffffda RBX: 00007fc693bd6090 RCX: 00007fc69398eba9
[ 1748.570989][T30728] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[ 1748.570997][T30728] RBP: 00007fc69487e090 R08: 0000000000000000 R09: 0000000000000000
[ 1748.571007][T30728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1748.571015][T30728] R13: 00007fc693bd6128 R14: 00007fc693bd6090 R15: 00007ffd031b2bf8
[ 1748.571032][T30728]  </TASK>
[ 1749.122325][T30735] FAULT_INJECTION: forcing a failure.
[ 1749.122325][T30735] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1749.143027][T30735] CPU: 1 UID: 0 PID: 30735 Comm: syz.7.5154 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1749.143067][T30735] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1749.143076][T30735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1749.143091][T30735] Call Trace:
[ 1749.143100][T30735]  <TASK>
[ 1749.143109][T30735]  dump_stack_lvl+0x16c/0x1f0
[ 1749.143148][T30735]  should_fail_ex+0x512/0x640
[ 1749.143189][T30735]  _copy_to_user+0x32/0xd0
[ 1749.143218][T30735]  pagemap_read+0x52c/0x890
[ 1749.143252][T30735]  ? __pfx_pagemap_read+0x10/0x10
[ 1749.143286][T30735]  ? rw_verify_area+0xcf/0x6c0
[ 1749.143313][T30735]  ? __pfx_pagemap_read+0x10/0x10
[ 1749.143339][T30735]  vfs_readv+0x5c1/0x8b0
[ 1749.143371][T30735]  ? __pfx_vfs_readv+0x10/0x10
[ 1749.143409][T30735]  ? find_held_lock+0x2b/0x80
[ 1749.143455][T30735]  ? __fget_files+0x20e/0x3c0
[ 1749.143488][T30735]  ? do_preadv+0x1a6/0x270
[ 1749.143511][T30735]  do_preadv+0x1a6/0x270
[ 1749.143537][T30735]  ? __pfx_do_preadv+0x10/0x10
[ 1749.143573][T30735]  do_syscall_64+0xcd/0x4c0
[ 1749.143610][T30735]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1749.143636][T30735] RIP: 0033:0x7ffa3298eba9
[ 1749.143656][T30735] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1749.143680][T30735] RSP: 002b:00007ffa30bd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[ 1749.143704][T30735] RAX: ffffffffffffffda RBX: 00007ffa32bd6090 RCX: 00007ffa3298eba9
[ 1749.143719][T30735] RDX: 0000000000000006 RSI: 0000200000000080 RDI: 0040000000000003
[ 1749.143735][T30735] RBP: 00007ffa30bd5090 R08: 0000000000000005 R09: 0000000000000000
[ 1749.143750][T30735] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000002
[ 1749.143766][T30735] R13: 00007ffa32bd6128 R14: 00007ffa32bd6090 R15: 00007ffc52e6f8f8
[ 1749.143800][T30735]  </TASK>
[ 1749.762445][T30742] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888078001a00 pfn:0x78000
[ 1749.800371][T30742] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1749.847188][T30742] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[ 1749.861634][T30742] page_type: f5(slab)
[ 1749.898538][T30742] raw: 00fff00000000240 ffff88801b841b40 ffffea00017a2810 ffffea0001dea490
[ 1749.927262][T30742] raw: ffff888078001a00 0000000000100008 00000000f5000000 0000000000000000
[ 1749.962737][T30742] head: 00fff00000000240 ffff88801b841b40 ffffea00017a2810 ffffea0001dea490
[ 1750.079554][T30742] head: ffff888078001a00 0000000000100008 00000000f5000000 0000000000000000
[ 1750.129555][T30742] head: 00fff00000000001 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[ 1750.174124][T30742] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[ 1750.189857][T30742] page dumped because: unmovable page
[ 1750.201289][T30742] page_owner tracks the page as allocated
[ 1750.207170][T30742] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5869, tgid 5869 (syz-executor), ts 90757637300, free_ts 90689412952
[ 1750.211704][T30736] netlink: 268 bytes leftover after parsing attributes in process `syz.6.5153'.
[ 1750.287994][T30742]  post_alloc_hook+0x1c0/0x230
[ 1750.333936][T30742]  get_page_from_freelist+0x132b/0x38e0
[ 1750.452768][T30742]  __alloc_frozen_pages_noprof+0x261/0x23f0
[ 1750.458989][T30751] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5155'.
[ 1750.468577][T30742]  alloc_pages_mpol+0x1fb/0x550
[ 1750.474563][T30742]  new_slab+0x247/0x330
[ 1750.479047][T30742]  ___slab_alloc+0xcf2/0x1750
[ 1750.485093][T30742]  __slab_alloc.constprop.0+0x56/0xb0
[ 1750.490914][T30742]  __kmalloc_noprof+0x2f2/0x510
[ 1750.499230][T30742]  fib_create_info+0x53f/0x46b0
[ 1750.504337][T30742]  fib_table_insert+0x177/0x1c40
[ 1750.509535][T30742]  fib_magic+0x4d4/0x5c0
[ 1750.513887][T30742]  fib_add_ifaddr+0x4d2/0x580
[ 1750.531173][T30742]  fib_netdev_event+0x38a/0x710
[ 1750.542836][T30742]  notifier_call_chain+0xb9/0x410
[ 1750.606915][T30742]  call_netdevice_notifiers_info+0xbe/0x140
[ 1750.638703][T30742]  __dev_notify_flags+0x12c/0x2e0
[ 1750.661971][T30742] page last free pid 5958 tgid 5958 stack trace:
[ 1750.668465][T30742]  __free_frozen_pages+0x7d5/0x10f0
[ 1750.674568][T30742]  __mmdrop+0xd5/0x580
[ 1750.678879][T30742]  __mmput+0x374/0x410
[ 1750.684955][T30742]  mmput+0x62/0x70
[ 1750.688818][T30742]  do_exit+0x7c7/0x2bf0
[ 1750.693532][T30742]  do_group_exit+0xd3/0x2a0
[ 1750.698330][T30742]  __x64_sys_exit_group+0x3e/0x50
[ 1750.782051][T30742]  x64_sys_call+0x14fa/0x1720
[ 1750.812643][T30742]  do_syscall_64+0xcd/0x4c0
[ 1750.840214][T30742]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1750.935867][T30760] netlink: 28 bytes leftover after parsing attributes in process `syz.7.5159'.
[ 1750.977353][T30762] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5158'.
[ 1751.247128][T30771] FAULT_INJECTION: forcing a failure.
[ 1751.247128][T30771] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1751.281468][T30771] CPU: 1 UID: 0 PID: 30771 Comm: syz.6.5162 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1751.281510][T30771] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1751.281520][T30771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1751.281535][T30771] Call Trace:
[ 1751.281544][T30771]  <TASK>
[ 1751.281555][T30771]  dump_stack_lvl+0x16c/0x1f0
[ 1751.281596][T30771]  should_fail_ex+0x512/0x640
[ 1751.281637][T30771]  _copy_from_user+0x2e/0xd0
[ 1751.281665][T30771]  iommufd_fops_ioctl+0x2f5/0x540
[ 1751.281703][T30771]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[ 1751.281743][T30771]  ? hook_file_ioctl_common+0x145/0x410
[ 1751.281788][T30771]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[ 1751.281825][T30771]  __x64_sys_ioctl+0x18b/0x210
[ 1751.281866][T30771]  do_syscall_64+0xcd/0x4c0
[ 1751.281904][T30771]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1751.281930][T30771] RIP: 0033:0x7f516678eba9
[ 1751.281950][T30771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1751.281981][T30771] RSP: 002b:00007f51675a6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1751.282005][T30771] RAX: ffffffffffffffda RBX: 00007f51669d5fa0 RCX: 00007f516678eba9
[ 1751.282023][T30771] RDX: 0000000000000004 RSI: 0000000000003b8e RDI: 0000000000000006
[ 1751.282038][T30771] RBP: 00007f51675a6090 R08: 0000000000000000 R09: 0000000000000000
[ 1751.282054][T30771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1751.282069][T30771] R13: 00007f51669d6038 R14: 00007f51669d5fa0 R15: 00007ffead158278
[ 1751.282103][T30771]  </TASK>
[ 1751.768231][T30783] netlink: 186 bytes leftover after parsing attributes in process `syz.7.5164'.
[ 1751.820224][T30783] netlink: 186 bytes leftover after parsing attributes in process `syz.7.5164'.
[ 1752.661926][T30796] FAULT_INJECTION: forcing a failure.
[ 1752.661926][T30796] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1752.689617][T30796] CPU: 0 UID: 0 PID: 30796 Comm: syz.7.5167 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1752.689658][T30796] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1752.689668][T30796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1752.689683][T30796] Call Trace:
[ 1752.689692][T30796]  <TASK>
[ 1752.689702][T30796]  dump_stack_lvl+0x16c/0x1f0
[ 1752.689743][T30796]  should_fail_ex+0x512/0x640
[ 1752.689784][T30796]  _copy_from_user+0x2e/0xd0
[ 1752.689822][T30796]  copy_msghdr_from_user+0x98/0x160
[ 1752.689853][T30796]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1752.689877][T30796]  ? kfree+0x24f/0x4d0
[ 1752.689891][T30796]  ? __lock_acquire+0x62e/0x1ce0
[ 1752.689919][T30796]  ___sys_recvmsg+0xdb/0x1a0
[ 1752.689941][T30796]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1752.689972][T30796]  ? __pfx___might_resched+0x10/0x10
[ 1752.689991][T30796]  do_recvmmsg+0x2fe/0x750
[ 1752.690015][T30796]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1752.690041][T30796]  ? __mutex_unlock_slowpath+0x161/0x7b0
[ 1752.690075][T30796]  ? __fget_files+0x20e/0x3c0
[ 1752.690095][T30796]  __x64_sys_recvmmsg+0x22a/0x280
[ 1752.690118][T30796]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1752.690146][T30796]  do_syscall_64+0xcd/0x4c0
[ 1752.690169][T30796]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1752.690184][T30796] RIP: 0033:0x7ffa3298eba9
[ 1752.690196][T30796] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1752.690210][T30796] RSP: 002b:00007ffa30bd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1752.690225][T30796] RAX: ffffffffffffffda RBX: 00007ffa32bd6090 RCX: 00007ffa3298eba9
[ 1752.690234][T30796] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[ 1752.690243][T30796] RBP: 00007ffa30bd5090 R08: 0000000000000000 R09: 0000000000000000
[ 1752.690251][T30796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1752.690260][T30796] R13: 00007ffa32bd6128 R14: 00007ffa32bd6090 R15: 00007ffc52e6f8f8
[ 1752.690278][T30796]  </TASK>
[ 1754.065833][T30801] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1754.108048][T30801] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1754.145141][T30801] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1754.188097][T30801] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1754.356696][T30827] FAULT_INJECTION: forcing a failure.
[ 1754.356696][T30827] name failslab, interval 1, probability 0, space 0, times 0
[ 1754.379525][T30827] CPU: 0 UID: 0 PID: 30827 Comm: syz.8.5172 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1754.379564][T30827] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1754.379574][T30827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1754.379595][T30827] Call Trace:
[ 1754.379604][T30827]  <TASK>
[ 1754.379614][T30827]  dump_stack_lvl+0x16c/0x1f0
[ 1754.379654][T30827]  should_fail_ex+0x512/0x640
[ 1754.379688][T30827]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1754.379721][T30827]  should_failslab+0xc2/0x120
[ 1754.379753][T30827]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1754.379783][T30827]  ? getname_flags.part.0+0x4c/0x550
[ 1754.379824][T30827]  getname_flags.part.0+0x4c/0x550
[ 1754.379864][T30827]  getname_flags+0x93/0xf0
[ 1754.379891][T30827]  do_sys_openat2+0xb8/0x1d0
[ 1754.379928][T30827]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1754.379967][T30827]  ? __fget_files+0x20e/0x3c0
[ 1754.380001][T30827]  __x64_sys_openat+0x174/0x210
[ 1754.380022][T30827]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1754.380043][T30827]  ? ksys_write+0x1ac/0x250
[ 1754.380082][T30827]  do_syscall_64+0xcd/0x4c0
[ 1754.380121][T30827]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1754.380147][T30827] RIP: 0033:0x7fc69398eba9
[ 1754.380168][T30827] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1754.380193][T30827] RSP: 002b:00007fc69487e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1754.380217][T30827] RAX: ffffffffffffffda RBX: 00007fc693bd6090 RCX: 00007fc69398eba9
[ 1754.380234][T30827] RDX: 0000000000000100 RSI: 0000000000000000 RDI: ffffffffffffff9c
[ 1754.380250][T30827] RBP: 00007fc69487e090 R08: 0000000000000000 R09: 0000000000000000
[ 1754.380266][T30827] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1754.380281][T30827] R13: 00007fc693bd6128 R14: 00007fc693bd6090 R15: 00007ffd031b2bf8
[ 1754.380316][T30827]  </TASK>
[ 1754.840111][T30832] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5174'.
[ 1755.170511][T30836] FAULT_INJECTION: forcing a failure.
[ 1755.170511][T30836] name failslab, interval 1, probability 0, space 0, times 0
[ 1755.191092][T30836] CPU: 1 UID: 0 PID: 30836 Comm: syz.6.5175 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1755.191135][T30836] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1755.191144][T30836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1755.191159][T30836] Call Trace:
[ 1755.191167][T30836]  <TASK>
[ 1755.191177][T30836]  dump_stack_lvl+0x16c/0x1f0
[ 1755.191216][T30836]  should_fail_ex+0x512/0x640
[ 1755.191248][T30836]  ? __kmalloc_noprof+0xbf/0x510
[ 1755.191279][T30836]  ? _iommufd_object_alloc+0x23/0x1a0
[ 1755.191313][T30836]  should_failslab+0xc2/0x120
[ 1755.191344][T30836]  __kmalloc_noprof+0xd2/0x510
[ 1755.191380][T30836]  _iommufd_object_alloc+0x23/0x1a0
[ 1755.191416][T30836]  _iommufd_object_alloc_ucmd+0xb2/0x160
[ 1755.191452][T30836]  iommufd_fault_alloc+0x93/0x420
[ 1755.191484][T30836]  iommufd_fops_ioctl+0x34d/0x540
[ 1755.191545][T30836]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[ 1755.191582][T30836]  ? hook_file_ioctl_common+0x145/0x410
[ 1755.191629][T30836]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[ 1755.191662][T30836]  __x64_sys_ioctl+0x18b/0x210
[ 1755.191700][T30836]  do_syscall_64+0xcd/0x4c0
[ 1755.191736][T30836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1755.191762][T30836] RIP: 0033:0x7f516678eba9
[ 1755.191781][T30836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1755.191812][T30836] RSP: 002b:00007f51675a6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1755.191835][T30836] RAX: ffffffffffffffda RBX: 00007f51669d5fa0 RCX: 00007f516678eba9
[ 1755.191852][T30836] RDX: 0000000000000004 RSI: 0000000000003b8e RDI: 0000000000000006
[ 1755.191867][T30836] RBP: 00007f51675a6090 R08: 0000000000000000 R09: 0000000000000000
[ 1755.191882][T30836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1755.191896][T30836] R13: 00007f51669d6038 R14: 00007f51669d5fa0 R15: 00007ffead158278
[ 1755.191928][T30836]  </TASK>
[ 1755.422054][ T5875] Bluetooth: hci0: command 0x040f tx timeout
[ 1755.455272][T30844] FAULT_INJECTION: forcing a failure.
[ 1755.455272][T30844] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1755.499539][T30844] CPU: 0 UID: 0 PID: 30844 Comm: syz.8.5178 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1755.499582][T30844] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1755.499592][T30844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1755.499606][T30844] Call Trace:
[ 1755.499615][T30844]  <TASK>
[ 1755.499625][T30844]  dump_stack_lvl+0x16c/0x1f0
[ 1755.499666][T30844]  should_fail_ex+0x512/0x640
[ 1755.499707][T30844]  _copy_to_user+0x32/0xd0
[ 1755.499737][T30844]  pagemap_read+0x52c/0x890
[ 1755.499772][T30844]  ? __pfx_pagemap_read+0x10/0x10
[ 1755.499808][T30844]  ? rw_verify_area+0xcf/0x6c0
[ 1755.499835][T30844]  ? __pfx_pagemap_read+0x10/0x10
[ 1755.499860][T30844]  vfs_readv+0x5c1/0x8b0
[ 1755.499893][T30844]  ? __pfx_vfs_readv+0x10/0x10
[ 1755.499920][T30844]  ? find_held_lock+0x2b/0x80
[ 1755.499967][T30844]  ? __fget_files+0x20e/0x3c0
[ 1755.500002][T30844]  ? do_preadv+0x1a6/0x270
[ 1755.500026][T30844]  do_preadv+0x1a6/0x270
[ 1755.500053][T30844]  ? __pfx_do_preadv+0x10/0x10
[ 1755.500090][T30844]  do_syscall_64+0xcd/0x4c0
[ 1755.500128][T30844]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1755.500153][T30844] RIP: 0033:0x7fc69398eba9
[ 1755.500174][T30844] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1755.500198][T30844] RSP: 002b:00007fc69487e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[ 1755.500222][T30844] RAX: ffffffffffffffda RBX: 00007fc693bd6090 RCX: 00007fc69398eba9
[ 1755.500239][T30844] RDX: 0000000000000006 RSI: 0000200000000080 RDI: 0040000000000003
[ 1755.500255][T30844] RBP: 00007fc69487e090 R08: 0000000000000005 R09: 0000000000000000
[ 1755.500270][T30844] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000002
[ 1755.500286][T30844] R13: 00007fc693bd6128 R14: 00007fc693bd6090 R15: 00007ffd031b2bf8
[ 1755.500321][T30844]  </TASK>
[ 1755.883500][T30843] FAULT_INJECTION: forcing a failure.
[ 1755.883500][T30843] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1755.936392][T30843] CPU: 1 UID: 0 PID: 30843 Comm: syz.7.5177 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1755.936430][T30843] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1755.936439][T30843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1755.936454][T30843] Call Trace:
[ 1755.936462][T30843]  <TASK>
[ 1755.936472][T30843]  dump_stack_lvl+0x16c/0x1f0
[ 1755.936520][T30843]  should_fail_ex+0x512/0x640
[ 1755.936562][T30843]  _copy_from_user+0x2e/0xd0
[ 1755.936590][T30843]  copy_msghdr_from_user+0x98/0x160
[ 1755.936627][T30843]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1755.936668][T30843]  ? kfree+0x24f/0x4d0
[ 1755.936701][T30843]  ___sys_recvmsg+0xdb/0x1a0
[ 1755.936736][T30843]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1755.936791][T30843]  ? __pfx___might_resched+0x10/0x10
[ 1755.936826][T30843]  do_recvmmsg+0x2fe/0x750
[ 1755.936866][T30843]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1755.936909][T30843]  ? __mutex_unlock_slowpath+0x161/0x7b0
[ 1755.936957][T30843]  ? __fget_files+0x20e/0x3c0
[ 1755.936993][T30843]  __x64_sys_recvmmsg+0x22a/0x280
[ 1755.937031][T30843]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1755.937079][T30843]  do_syscall_64+0xcd/0x4c0
[ 1755.937117][T30843]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1755.937142][T30843] RIP: 0033:0x7ffa3298eba9
[ 1755.937163][T30843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1755.937188][T30843] RSP: 002b:00007ffa30bf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1755.937212][T30843] RAX: ffffffffffffffda RBX: 00007ffa32bd5fa0 RCX: 00007ffa3298eba9
[ 1755.937230][T30843] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[ 1755.937246][T30843] RBP: 00007ffa30bf6090 R08: 0000000000000000 R09: 0000000000000000
[ 1755.937261][T30843] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1755.937277][T30843] R13: 00007ffa32bd6038 R14: 00007ffa32bd5fa0 R15: 00007ffc52e6f8f8
[ 1755.937311][T30843]  </TASK>
[ 1756.172204][ T5875] Bluetooth: hci2: command 0x040f tx timeout
[ 1756.212558][ T5875] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1756.218686][ T5875] Bluetooth: hci3: command 0x041b tx timeout
[ 1757.494199][T30880] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5185'.
[ 1758.053909][T30895] FAULT_INJECTION: forcing a failure.
[ 1758.053909][T30895] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1758.068071][T30895] CPU: 1 UID: 0 PID: 30895 Comm: syz.7.5188 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1758.068111][T30895] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1758.068121][T30895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1758.068135][T30895] Call Trace:
[ 1758.068144][T30895]  <TASK>
[ 1758.068153][T30895]  dump_stack_lvl+0x16c/0x1f0
[ 1758.068194][T30895]  should_fail_ex+0x512/0x640
[ 1758.068235][T30895]  strncpy_from_user+0x3b/0x2e0
[ 1758.068284][T30895]  getname_flags.part.0+0x8f/0x550
[ 1758.068326][T30895]  getname_flags+0x93/0xf0
[ 1758.068353][T30895]  do_sys_openat2+0xb8/0x1d0
[ 1758.068387][T30895]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1758.068424][T30895]  ? __fget_files+0x20e/0x3c0
[ 1758.068455][T30895]  __x64_sys_openat+0x174/0x210
[ 1758.068478][T30895]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1758.068498][T30895]  ? ksys_write+0x1ac/0x250
[ 1758.068536][T30895]  do_syscall_64+0xcd/0x4c0
[ 1758.068573][T30895]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1758.068598][T30895] RIP: 0033:0x7ffa3298eba9
[ 1758.068619][T30895] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1758.068643][T30895] RSP: 002b:00007ffa30bd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1758.068667][T30895] RAX: ffffffffffffffda RBX: 00007ffa32bd6090 RCX: 00007ffa3298eba9
[ 1758.068685][T30895] RDX: 0000000000000100 RSI: 0000000000000000 RDI: ffffffffffffff9c
[ 1758.068701][T30895] RBP: 00007ffa30bd5090 R08: 0000000000000000 R09: 0000000000000000
[ 1758.068717][T30895] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1758.068732][T30895] R13: 00007ffa32bd6128 R14: 00007ffa32bd6090 R15: 00007ffc52e6f8f8
[ 1758.068765][T30895]  </TASK>
[ 1760.123772][T30934] Process accounting resumed
[ 1760.394691][T30944] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[ 1760.483945][T30944] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1760.493428][T30944] ksm flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 1760.501556][T30944] page_type: f5(slab)
[ 1760.505751][T30944] raw: 00fff00000000040 ffff88801b841b40 ffffea0001dea480 dead000000000003
[ 1760.514485][T30944] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 1760.523218][T30944] head: 00fff00000000040 ffff88801b841b40 ffffea0001dea480 dead000000000003
[ 1760.543503][T30944] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 1760.631996][T30944] head: 00fff00000000001 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[ 1760.709800][T30944] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[ 1760.718773][T30944] page dumped because: unmovable page
[ 1760.724576][T30944] page_owner tracks the page as allocated
[ 1760.805221][T30944] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5869, tgid 5869 (syz-executor), ts 90757637300, free_ts 90689412952
[ 1760.912613][T30944]  post_alloc_hook+0x1c0/0x230
[ 1760.917447][T30944]  get_page_from_freelist+0x132b/0x38e0
[ 1760.923200][T30944]  __alloc_frozen_pages_noprof+0x261/0x23f0
[ 1760.923249][T30946] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5198'.
[ 1760.929127][T30944]  alloc_pages_mpol+0x1fb/0x550
[ 1760.949596][T30944]  new_slab+0x247/0x330
[ 1760.953804][T30944]  ___slab_alloc+0xcf2/0x1750
[ 1760.958507][T30944]  __slab_alloc.constprop.0+0x56/0xb0
[ 1760.966946][T30944]  __kmalloc_noprof+0x2f2/0x510
[ 1760.972053][T30944]  fib_create_info+0x53f/0x46b0
[ 1761.005446][T30944]  fib_table_insert+0x177/0x1c40
[ 1761.036773][T30944]  fib_magic+0x4d4/0x5c0
[ 1761.062425][T30944]  fib_add_ifaddr+0x4d2/0x580
[ 1761.067177][T30944]  fib_netdev_event+0x38a/0x710
[ 1761.082365][T30944]  notifier_call_chain+0xb9/0x410
[ 1761.087481][T30944]  call_netdevice_notifiers_info+0xbe/0x140
[ 1761.120726][T30944]  __dev_notify_flags+0x12c/0x2e0
[ 1761.125838][T30944] page last free pid 5958 tgid 5958 stack trace:
[ 1761.144489][T30944]  __free_frozen_pages+0x7d5/0x10f0
[ 1761.152275][T30944]  __mmdrop+0xd5/0x580
[ 1761.156526][T30944]  __mmput+0x374/0x410
[ 1761.163103][T30944]  mmput+0x62/0x70
[ 1761.166986][T30944]  do_exit+0x7c7/0x2bf0
[ 1761.175136][T30944]  do_group_exit+0xd3/0x2a0
[ 1761.188881][T30944]  __x64_sys_exit_group+0x3e/0x50
[ 1761.217606][T30944]  x64_sys_call+0x14fa/0x1720
[ 1761.227831][T30944]  do_syscall_64+0xcd/0x4c0
[ 1761.249922][T30944]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1761.431893][T30960] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input41
[ 1762.131185][T30961] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input42
[ 1763.303071][T30987] FAULT_INJECTION: forcing a failure.
[ 1763.303071][T30987] name failslab, interval 1, probability 0, space 0, times 0
[ 1763.348128][T30987] CPU: 0 UID: 0 PID: 30987 Comm: syz.7.5205 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1763.348155][T30987] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1763.348161][T30987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1763.348170][T30987] Call Trace:
[ 1763.348176][T30987]  <TASK>
[ 1763.348182][T30987]  dump_stack_lvl+0x16c/0x1f0
[ 1763.348208][T30987]  should_fail_ex+0x512/0x640
[ 1763.348230][T30987]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[ 1763.348250][T30987]  should_failslab+0xc2/0x120
[ 1763.348269][T30987]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[ 1763.348287][T30987]  ? __d_alloc+0x32/0xae0
[ 1763.348305][T30987]  ? xas_clear_mark+0x16c/0x3d0
[ 1763.348327][T30987]  __d_alloc+0x32/0xae0
[ 1763.348347][T30987]  d_alloc_pseudo+0x1c/0xc0
[ 1763.348369][T30987]  alloc_file_pseudo+0xcf/0x230
[ 1763.348392][T30987]  ? __pfx_alloc_file_pseudo+0x10/0x10
[ 1763.348413][T30987]  ? find_held_lock+0x2b/0x80
[ 1763.348433][T30987]  __anon_inode_getfile+0xe8/0x280
[ 1763.348452][T30987]  ? __init_waitqueue_head+0xca/0x150
[ 1763.348476][T30987]  iommufd_eventq_init+0xa5/0x230
[ 1763.348494][T30987]  iommufd_fault_alloc+0x184/0x420
[ 1763.348511][T30987]  iommufd_fops_ioctl+0x34d/0x540
[ 1763.348534][T30987]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[ 1763.348557][T30987]  ? hook_file_ioctl_common+0x145/0x410
[ 1763.348584][T30987]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[ 1763.348606][T30987]  __x64_sys_ioctl+0x18b/0x210
[ 1763.348631][T30987]  do_syscall_64+0xcd/0x4c0
[ 1763.348653][T30987]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1763.348671][T30987] RIP: 0033:0x7ffa3298eba9
[ 1763.348683][T30987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1763.348697][T30987] RSP: 002b:00007ffa30bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1763.348712][T30987] RAX: ffffffffffffffda RBX: 00007ffa32bd5fa0 RCX: 00007ffa3298eba9
[ 1763.348722][T30987] RDX: 0000000000000004 RSI: 0000000000003b8e RDI: 0000000000000006
[ 1763.348731][T30987] RBP: 00007ffa30bf6090 R08: 0000000000000000 R09: 0000000000000000
[ 1763.348739][T30987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1763.348748][T30987] R13: 00007ffa32bd6038 R14: 00007ffa32bd5fa0 R15: 00007ffc52e6f8f8
[ 1763.348766][T30987]  </TASK>
[ 1765.101041][T31022] FAULT_INJECTION: forcing a failure.
[ 1765.101041][T31022] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1765.120731][T31022] CPU: 1 UID: 0 PID: 31022 Comm: syz.6.5211 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1765.120771][T31022] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1765.120780][T31022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1765.120792][T31022] Call Trace:
[ 1765.120801][T31022]  <TASK>
[ 1765.120811][T31022]  dump_stack_lvl+0x16c/0x1f0
[ 1765.120851][T31022]  should_fail_ex+0x512/0x640
[ 1765.120890][T31022]  _copy_from_user+0x2e/0xd0
[ 1765.120919][T31022]  copy_msghdr_from_user+0x98/0x160
[ 1765.120955][T31022]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1765.120996][T31022]  ? kfree+0x24f/0x4d0
[ 1765.121020][T31022]  ? __lock_acquire+0x62e/0x1ce0
[ 1765.121057][T31022]  ___sys_recvmsg+0xdb/0x1a0
[ 1765.121090][T31022]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1765.121138][T31022]  ? __pfx___might_resched+0x10/0x10
[ 1765.121172][T31022]  do_recvmmsg+0x2fe/0x750
[ 1765.121213][T31022]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1765.121256][T31022]  ? __mutex_unlock_slowpath+0x161/0x7b0
[ 1765.121304][T31022]  ? __fget_files+0x20e/0x3c0
[ 1765.121341][T31022]  __x64_sys_recvmmsg+0x22a/0x280
[ 1765.121380][T31022]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1765.121428][T31022]  do_syscall_64+0xcd/0x4c0
[ 1765.121466][T31022]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1765.121500][T31022] RIP: 0033:0x7f516678eba9
[ 1765.121522][T31022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1765.121546][T31022] RSP: 002b:00007f5167585038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1765.121571][T31022] RAX: ffffffffffffffda RBX: 00007f51669d6090 RCX: 00007f516678eba9
[ 1765.121588][T31022] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[ 1765.121604][T31022] RBP: 00007f5167585090 R08: 0000000000000000 R09: 0000000000000000
[ 1765.121619][T31022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1765.121635][T31022] R13: 00007f51669d6128 R14: 00007f51669d6090 R15: 00007ffead158278
[ 1765.121671][T31022]  </TASK>
[ 1765.718557][T31028] netlink: 28 bytes leftover after parsing attributes in process `syz.7.5213'.
[ 1765.830334][T31021] nvme_fabrics: missing parameter 'transport=%s'
[ 1765.850298][T31021] nvme_fabrics: missing parameter 'nqn=%s'
[ 1766.672184][T31050] FAULT_INJECTION: forcing a failure.
[ 1766.672184][T31050] name failslab, interval 1, probability 0, space 0, times 0
[ 1766.685995][T31050] CPU: 1 UID: 0 PID: 31050 Comm: syz.7.5218 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1766.686030][T31050] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1766.686036][T31050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1766.686045][T31050] Call Trace:
[ 1766.686051][T31050]  <TASK>
[ 1766.686057][T31050]  dump_stack_lvl+0x16c/0x1f0
[ 1766.686083][T31050]  should_fail_ex+0x512/0x640
[ 1766.686106][T31050]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1766.686126][T31050]  should_failslab+0xc2/0x120
[ 1766.686145][T31050]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1766.686162][T31050]  ? alloc_empty_file+0x55/0x1e0
[ 1766.686187][T31050]  alloc_empty_file+0x55/0x1e0
[ 1766.686208][T31050]  path_openat+0xda/0x2cb0
[ 1766.686224][T31050]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1766.686245][T31050]  ? __pfx_path_openat+0x10/0x10
[ 1766.686267][T31050]  do_filp_open+0x20b/0x470
[ 1766.686284][T31050]  ? __pfx_do_filp_open+0x10/0x10
[ 1766.686329][T31050]  ? alloc_fd+0x471/0x7d0
[ 1766.686365][T31050]  do_sys_openat2+0x11b/0x1d0
[ 1766.686388][T31050]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1766.686411][T31050]  ? __fget_files+0x20e/0x3c0
[ 1766.686430][T31050]  __x64_sys_openat+0x174/0x210
[ 1766.686443][T31050]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1766.686455][T31050]  ? ksys_write+0x1ac/0x250
[ 1766.686477][T31050]  do_syscall_64+0xcd/0x4c0
[ 1766.686501][T31050]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1766.686515][T31050] RIP: 0033:0x7ffa3298eba9
[ 1766.686528][T31050] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1766.686542][T31050] RSP: 002b:00007ffa30bd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1766.686564][T31050] RAX: ffffffffffffffda RBX: 00007ffa32bd6090 RCX: 00007ffa3298eba9
[ 1766.686573][T31050] RDX: 0000000000000100 RSI: 0000000000000000 RDI: ffffffffffffff9c
[ 1766.686582][T31050] RBP: 00007ffa30bd5090 R08: 0000000000000000 R09: 0000000000000000
[ 1766.686591][T31050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1766.686599][T31050] R13: 00007ffa32bd6128 R14: 00007ffa32bd6090 R15: 00007ffc52e6f8f8
[ 1766.686618][T31050]  </TASK>
[ 1767.628987][T31065] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[ 1767.654277][T31065] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1767.706636][T31065] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 1767.741804][T31065] page_type: f5(slab)
[ 1767.836318][T31065] raw: 00fff00000000040 ffff88801b841b40 ffffea0001e0d980 dead000000000004
[ 1768.039566][T31065] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 1768.066823][T31065] head: 00fff00000000040 ffff88801b841b40 ffffea0001e0d980 dead000000000004
[ 1768.140944][T31065] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 1768.180180][T31065] head: 00fff00000000001 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[ 1768.194589][T31065] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[ 1768.211692][T31065] page dumped because: unmovable page
[ 1768.217285][T31065] page_owner tracks the page as allocated
[ 1768.224067][T31065] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5869, tgid 5869 (syz-executor), ts 90757637300, free_ts 90689412952
[ 1768.257238][T31065]  post_alloc_hook+0x1c0/0x230
[ 1768.287005][T31065]  get_page_from_freelist+0x132b/0x38e0
[ 1768.299408][T31065]  __alloc_frozen_pages_noprof+0x261/0x23f0
[ 1768.322349][T31065]  alloc_pages_mpol+0x1fb/0x550
[ 1768.329514][T31071] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5221'.
[ 1768.336964][T31065]  new_slab+0x247/0x330
[ 1768.353071][T31065]  ___slab_alloc+0xcf2/0x1750
[ 1768.358489][T31065]  __slab_alloc.constprop.0+0x56/0xb0
[ 1768.369951][T31065]  __kmalloc_noprof+0x2f2/0x510
[ 1768.374958][T31065]  fib_create_info+0x53f/0x46b0
[ 1768.395599][T31065]  fib_table_insert+0x177/0x1c40
[ 1768.396752][T31081] FAULT_INJECTION: forcing a failure.
[ 1768.396752][T31081] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1768.413987][T31081] CPU: 0 UID: 0 PID: 31081 Comm: syz.6.5224 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1768.414022][T31081] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1768.414030][T31081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1768.414044][T31081] Call Trace:
[ 1768.414052][T31081]  <TASK>
[ 1768.414062][T31081]  dump_stack_lvl+0x16c/0x1f0
[ 1768.414094][T31081]  should_fail_ex+0x512/0x640
[ 1768.414119][T31081]  _copy_from_user+0x2e/0xd0
[ 1768.414137][T31081]  copy_msghdr_from_user+0x98/0x160
[ 1768.414160][T31081]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1768.414184][T31081]  ? kfree+0x24f/0x4d0
[ 1768.414197][T31081]  ? __lock_acquire+0x62e/0x1ce0
[ 1768.414220][T31081]  ___sys_recvmsg+0xdb/0x1a0
[ 1768.414241][T31081]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1768.414272][T31081]  ? __pfx___might_resched+0x10/0x10
[ 1768.414291][T31081]  do_recvmmsg+0x2fe/0x750
[ 1768.414314][T31081]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1768.414339][T31081]  ? __mutex_unlock_slowpath+0x161/0x7b0
[ 1768.414367][T31081]  ? __fget_files+0x20e/0x3c0
[ 1768.414394][T31081]  __x64_sys_recvmmsg+0x22a/0x280
[ 1768.414417][T31081]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1768.414444][T31081]  do_syscall_64+0xcd/0x4c0
[ 1768.414467][T31081]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1768.414482][T31081] RIP: 0033:0x7f516678eba9
[ 1768.414494][T31081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1768.414509][T31081] RSP: 002b:00007f5167585038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1768.414523][T31081] RAX: ffffffffffffffda RBX: 00007f51669d6090 RCX: 00007f516678eba9
[ 1768.414533][T31081] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[ 1768.414541][T31081] RBP: 00007f5167585090 R08: 0000000000000000 R09: 0000000000000000
[ 1768.414550][T31081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1768.414558][T31081] R13: 00007f51669d6128 R14: 00007f51669d6090 R15: 00007ffead158278
[ 1768.414576][T31081]  </TASK>
[ 1768.415710][T31065]  fib_magic+0x4d4/0x5c0
[ 1768.588729][T31072] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5222'.
[ 1768.709151][T31065]  fib_add_ifaddr+0x4d2/0x580
[ 1768.732168][T31065]  fib_netdev_event+0x38a/0x710
[ 1768.756342][T31065]  notifier_call_chain+0xb9/0x410
[ 1768.772846][T31065]  call_netdevice_notifiers_info+0xbe/0x140
[ 1768.798882][T31065]  __dev_notify_flags+0x12c/0x2e0
[ 1768.815001][T31065] page last free pid 5958 tgid 5958 stack trace:
[ 1768.835233][T31065]  __free_frozen_pages+0x7d5/0x10f0
[ 1768.857886][T31065]  __mmdrop+0xd5/0x580
[ 1768.871774][T31065]  __mmput+0x374/0x410
[ 1768.883183][T31065]  mmput+0x62/0x70
[ 1768.891498][T31065]  do_exit+0x7c7/0x2bf0
[ 1768.913601][T31065]  do_group_exit+0xd3/0x2a0
[ 1768.925164][T31065]  __x64_sys_exit_group+0x3e/0x50
[ 1768.938700][T31065]  x64_sys_call+0x14fa/0x1720
[ 1768.951883][T31065]  do_syscall_64+0xcd/0x4c0
[ 1768.966866][T31065]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1769.417077][T31102] FAULT_INJECTION: forcing a failure.
[ 1769.417077][T31102] name failslab, interval 1, probability 0, space 0, times 0
[ 1769.487655][T31102] CPU: 0 UID: 0 PID: 31102 Comm: syz.7.5230 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1769.487680][T31102] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1769.487686][T31102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1769.487695][T31102] Call Trace:
[ 1769.487700][T31102]  <TASK>
[ 1769.487706][T31102]  dump_stack_lvl+0x16c/0x1f0
[ 1769.487733][T31102]  should_fail_ex+0x512/0x640
[ 1769.487755][T31102]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[ 1769.487775][T31102]  should_failslab+0xc2/0x120
[ 1769.487794][T31102]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[ 1769.487811][T31102]  ? find_held_lock+0x2b/0x80
[ 1769.487825][T31102]  ? __alloc_skb+0x2b2/0x380
[ 1769.487848][T31102]  __alloc_skb+0x2b2/0x380
[ 1769.487866][T31102]  ? __pfx___alloc_skb+0x10/0x10
[ 1769.487888][T31102]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 1769.487914][T31102]  netlink_alloc_large_skb+0x69/0x130
[ 1769.487938][T31102]  netlink_sendmsg+0x6a1/0xdd0
[ 1769.487971][T31102]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1769.487995][T31102]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[ 1769.488014][T31102]  __sys_sendto+0x4a3/0x520
[ 1769.488035][T31102]  ? __pfx___sys_sendto+0x10/0x10
[ 1769.488059][T31102]  ? find_held_lock+0x2b/0x80
[ 1769.488088][T31102]  __x64_sys_sendto+0xe0/0x1c0
[ 1769.488107][T31102]  ? do_syscall_64+0x91/0x4c0
[ 1769.488128][T31102]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1769.488149][T31102]  do_syscall_64+0xcd/0x4c0
[ 1769.488171][T31102]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1769.488186][T31102] RIP: 0033:0x7ffa32990a3c
[ 1769.488198][T31102] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[ 1769.488212][T31102] RSP: 002b:00007ffa30bb2ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[ 1769.488226][T31102] RAX: ffffffffffffffda RBX: 00007ffa30bb2fc0 RCX: 00007ffa32990a3c
[ 1769.488236][T31102] RDX: 0000000000000020 RSI: 00007ffa30bb3010 RDI: 0000000000000086
[ 1769.488245][T31102] RBP: 0000000000000000 R08: 00007ffa30bb2f14 R09: 000000000000000c
[ 1769.488254][T31102] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000086
[ 1769.488262][T31102] R13: 00007ffa30bb2f68 R14: 00007ffa30bb3010 R15: 0000000000000000
[ 1769.488280][T31102]  </TASK>
[ 1770.957427][T31130] FAULT_INJECTION: forcing a failure.
[ 1770.957427][T31130] name failslab, interval 1, probability 0, space 0, times 0
[ 1771.012261][T31130] CPU: 0 UID: 0 PID: 31130 Comm: syz.4.5234 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1771.012288][T31130] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1771.012294][T31130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1771.012303][T31130] Call Trace:
[ 1771.012309][T31130]  <TASK>
[ 1771.012316][T31130]  dump_stack_lvl+0x16c/0x1f0
[ 1771.012342][T31130]  should_fail_ex+0x512/0x640
[ 1771.012365][T31130]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1771.012384][T31130]  should_failslab+0xc2/0x120
[ 1771.012403][T31130]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1771.012421][T31130]  ? security_file_alloc+0x34/0x2b0
[ 1771.012443][T31130]  security_file_alloc+0x34/0x2b0
[ 1771.012463][T31130]  init_file+0x93/0x4c0
[ 1771.012485][T31130]  alloc_empty_file+0x73/0x1e0
[ 1771.012506][T31130]  alloc_file_pseudo+0x13a/0x230
[ 1771.012529][T31130]  ? __pfx_alloc_file_pseudo+0x10/0x10
[ 1771.012550][T31130]  ? find_held_lock+0x2b/0x80
[ 1771.012572][T31130]  __anon_inode_getfile+0xe8/0x280
[ 1771.012590][T31130]  ? __init_waitqueue_head+0xca/0x150
[ 1771.012614][T31130]  iommufd_eventq_init+0xa5/0x230
[ 1771.012631][T31130]  iommufd_fault_alloc+0x184/0x420
[ 1771.012649][T31130]  iommufd_fops_ioctl+0x34d/0x540
[ 1771.012672][T31130]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[ 1771.012695][T31130]  ? hook_file_ioctl_common+0x145/0x410
[ 1771.012723][T31130]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[ 1771.012745][T31130]  __x64_sys_ioctl+0x18b/0x210
[ 1771.012770][T31130]  do_syscall_64+0xcd/0x4c0
[ 1771.012794][T31130]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1771.012809][T31130] RIP: 0033:0x7f1926d8eba9
[ 1771.012821][T31130] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1771.012836][T31130] RSP: 002b:00007f1927c56038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1771.012851][T31130] RAX: ffffffffffffffda RBX: 00007f1926fd5fa0 RCX: 00007f1926d8eba9
[ 1771.012860][T31130] RDX: 0000000000000004 RSI: 0000000000003b8e RDI: 0000000000000006
[ 1771.012871][T31130] RBP: 00007f1927c56090 R08: 0000000000000000 R09: 0000000000000000
[ 1771.012880][T31130] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1771.012888][T31130] R13: 00007f1926fd6038 R14: 00007f1926fd5fa0 R15: 00007ffcd7219178
[ 1771.012906][T31130]  </TASK>
[ 1771.663605][T31136] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[ 1771.677871][T31136] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1771.686727][T31136] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 1771.694528][T31136] page_type: f5(slab)
[ 1771.698642][T31136] raw: 00fff00000000040 ffff88801b841b40 ffffea0001e0d980 dead000000000004
[ 1771.783014][T31136] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 1771.845536][T31136] head: 00fff00000000040 ffff88801b841b40 ffffea0001e0d980 dead000000000004
[ 1771.855140][T31136] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 1771.864342][T31136] head: 00fff00000000001 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[ 1771.883480][T31136] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[ 1771.893829][T31136] page dumped because: unmovable page
[ 1771.903389][T31136] page_owner tracks the page as allocated
[ 1771.910427][T31136] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5869, tgid 5869 (syz-executor), ts 90757637300, free_ts 90689412952
[ 1771.947879][T31136]  post_alloc_hook+0x1c0/0x230
[ 1771.953449][T31136]  get_page_from_freelist+0x132b/0x38e0
[ 1771.959967][T31144] FAULT_INJECTION: forcing a failure.
[ 1771.959967][T31144] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1771.979725][T31136]  __alloc_frozen_pages_noprof+0x261/0x23f0
[ 1771.986202][T31144] CPU: 0 UID: 0 PID: 31144 Comm: syz.8.5238 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1771.986243][T31144] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1771.986254][T31144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1771.986268][T31144] Call Trace:
[ 1771.986277][T31144]  <TASK>
[ 1771.986286][T31144]  dump_stack_lvl+0x16c/0x1f0
[ 1771.986314][T31144]  should_fail_ex+0x512/0x640
[ 1771.986340][T31144]  _copy_from_user+0x2e/0xd0
[ 1771.986356][T31144]  copy_msghdr_from_user+0x98/0x160
[ 1771.986379][T31144]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1771.986404][T31144]  ? kfree+0x24f/0x4d0
[ 1771.986417][T31144]  ? __lock_acquire+0x62e/0x1ce0
[ 1771.986440][T31144]  ___sys_recvmsg+0xdb/0x1a0
[ 1771.986461][T31144]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1771.986492][T31144]  ? __pfx___might_resched+0x10/0x10
[ 1771.986511][T31144]  do_recvmmsg+0x2fe/0x750
[ 1771.986534][T31144]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1771.986561][T31144]  ? __mutex_unlock_slowpath+0x161/0x7b0
[ 1771.986589][T31144]  ? __fget_files+0x20e/0x3c0
[ 1771.986609][T31144]  __x64_sys_recvmmsg+0x22a/0x280
[ 1771.986632][T31144]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1771.986660][T31144]  do_syscall_64+0xcd/0x4c0
[ 1771.986683][T31144]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1771.986698][T31144] RIP: 0033:0x7fc69398eba9
[ 1771.986710][T31144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1771.986724][T31144] RSP: 002b:00007fc69487e038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1771.986738][T31144] RAX: ffffffffffffffda RBX: 00007fc693bd6090 RCX: 00007fc69398eba9
[ 1771.986748][T31144] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[ 1771.986756][T31144] RBP: 00007fc69487e090 R08: 0000000000000000 R09: 0000000000000000
[ 1771.986771][T31144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1771.986780][T31144] R13: 00007fc693bd6128 R14: 00007fc693bd6090 R15: 00007ffd031b2bf8
[ 1771.986798][T31144]  </TASK>
[ 1771.987489][T31136]  alloc_pages_mpol+0x1fb/0x550
[ 1772.368922][T31138] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5237'.
[ 1772.420359][T31136]  new_slab+0x247/0x330
[ 1772.483672][T31136]  ___slab_alloc+0xcf2/0x1750
[ 1772.529929][T31136]  __slab_alloc.constprop.0+0x56/0xb0
[ 1772.566568][T31136]  __kmalloc_noprof+0x2f2/0x510
[ 1772.610612][T31136]  fib_create_info+0x53f/0x46b0
[ 1772.639253][T31136]  fib_table_insert+0x177/0x1c40
[ 1772.647739][T31136]  fib_magic+0x4d4/0x5c0
[ 1772.652377][T31136]  fib_add_ifaddr+0x4d2/0x580
[ 1772.657251][T31136]  fib_netdev_event+0x38a/0x710
[ 1772.663248][T31136]  notifier_call_chain+0xb9/0x410
[ 1772.668472][T31136]  call_netdevice_notifiers_info+0xbe/0x140
[ 1772.674791][T31136]  __dev_notify_flags+0x12c/0x2e0
[ 1772.680589][T31136] page last free pid 5958 tgid 5958 stack trace:
[ 1772.687813][T31136]  __free_frozen_pages+0x7d5/0x10f0
[ 1772.694131][T31136]  __mmdrop+0xd5/0x580
[ 1772.698385][T31136]  __mmput+0x374/0x410
[ 1772.702969][T31136]  mmput+0x62/0x70
[ 1772.706884][T31136]  do_exit+0x7c7/0x2bf0
[ 1772.712776][T31136]  do_group_exit+0xd3/0x2a0
[ 1772.721917][T31136]  __x64_sys_exit_group+0x3e/0x50
[ 1772.737769][T31136]  x64_sys_call+0x14fa/0x1720
[ 1772.747972][T31136]  do_syscall_64+0xcd/0x4c0
[ 1772.758119][T31136]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1773.646869][T31178] FAULT_INJECTION: forcing a failure.
[ 1773.646869][T31178] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1773.690736][T31178] CPU: 0 UID: 0 PID: 31178 Comm: syz.7.5246 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1773.690777][T31178] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1773.690786][T31178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1773.690801][T31178] Call Trace:
[ 1773.690809][T31178]  <TASK>
[ 1773.690819][T31178]  dump_stack_lvl+0x16c/0x1f0
[ 1773.690870][T31178]  should_fail_ex+0x512/0x640
[ 1773.690911][T31178]  _copy_to_user+0x32/0xd0
[ 1773.690941][T31178]  iommufd_fault_alloc+0x2c3/0x420
[ 1773.690973][T31178]  iommufd_fops_ioctl+0x34d/0x540
[ 1773.691011][T31178]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[ 1773.691051][T31178]  ? hook_file_ioctl_common+0x145/0x410
[ 1773.691099][T31178]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[ 1773.691137][T31178]  __x64_sys_ioctl+0x18b/0x210
[ 1773.691178][T31178]  do_syscall_64+0xcd/0x4c0
[ 1773.691217][T31178]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1773.691242][T31178] RIP: 0033:0x7ffa3298eba9
[ 1773.691263][T31178] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1773.691287][T31178] RSP: 002b:00007ffa30bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1773.691312][T31178] RAX: ffffffffffffffda RBX: 00007ffa32bd5fa0 RCX: 00007ffa3298eba9
[ 1773.691329][T31178] RDX: 0000000000000004 RSI: 0000000000003b8e RDI: 0000000000000006
[ 1773.691345][T31178] RBP: 00007ffa30bf6090 R08: 0000000000000000 R09: 0000000000000000
[ 1773.691360][T31178] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1773.691376][T31178] R13: 00007ffa32bd6038 R14: 00007ffa32bd5fa0 R15: 00007ffc52e6f8f8
[ 1773.691410][T31178]  </TASK>
[ 1773.691497][T31178] ==================================================================
[ 1773.862552][T31178] BUG: KASAN: slab-use-after-free in iommufd_eventq_fops_release+0x45/0xc0
[ 1773.871143][T31178] Write of size 4 at addr ffff88807e75c804 by task syz.7.5246/31178
[ 1773.879109][T31178] 
[ 1773.881428][T31178] CPU: 0 UID: 0 PID: 31178 Comm: syz.7.5246 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1773.881458][T31178] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1773.881466][T31178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1773.881479][T31178] Call Trace:
[ 1773.881488][T31178]  <TASK>
[ 1773.881497][T31178]  dump_stack_lvl+0x116/0x1f0
[ 1773.881532][T31178]  print_report+0xcd/0x630
[ 1773.881559][T31178]  ? __virt_addr_valid+0x81/0x610
[ 1773.881585][T31178]  ? __phys_addr+0xe8/0x180
[ 1773.881609][T31178]  ? iommufd_eventq_fops_release+0x45/0xc0
[ 1773.881630][T31178]  kasan_report+0xe0/0x110
[ 1773.881655][T31178]  ? iommufd_eventq_fops_release+0x45/0xc0
[ 1773.881678][T31178]  ? __pfx_iommufd_eventq_fops_release+0x10/0x10
[ 1773.881700][T31178]  kasan_check_range+0x100/0x1b0
[ 1773.881733][T31178]  iommufd_eventq_fops_release+0x45/0xc0
[ 1773.881755][T31178]  __fput+0x402/0xb70
[ 1773.881784][T31178]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1773.881817][T31178]  task_work_run+0x14d/0x240
[ 1773.881836][T31178]  ? __pfx_task_work_run+0x10/0x10
[ 1773.881870][T31178]  exit_to_user_mode_loop+0xeb/0x110
[ 1773.881900][T31178]  do_syscall_64+0x41c/0x4c0
[ 1773.881931][T31178]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1773.881952][T31178] RIP: 0033:0x7ffa3298eba9
[ 1773.881969][T31178] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1773.881989][T31178] RSP: 002b:00007ffa30bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1773.882009][T31178] RAX: fffffffffffffff2 RBX: 00007ffa32bd5fa0 RCX: 00007ffa3298eba9
[ 1773.882023][T31178] RDX: 0000000000000004 RSI: 0000000000003b8e RDI: 0000000000000006
[ 1773.882035][T31178] RBP: 00007ffa30bf6090 R08: 0000000000000000 R09: 0000000000000000
[ 1773.882048][T31178] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1773.882060][T31178] R13: 00007ffa32bd6038 R14: 00007ffa32bd5fa0 R15: 00007ffc52e6f8f8
[ 1773.882080][T31178]  </TASK>
[ 1773.882088][T31178] 
[ 1774.077494][T31178] Allocated by task 31178:
[ 1774.081895][T31178]  kasan_save_stack+0x33/0x60
[ 1774.086573][T31178]  kasan_save_track+0x14/0x30
[ 1774.091242][T31178]  __kasan_kmalloc+0xaa/0xb0
[ 1774.095828][T31178]  __kmalloc_noprof+0x223/0x510
[ 1774.100677][T31178]  _iommufd_object_alloc+0x23/0x1a0
[ 1774.105979][T31178]  _iommufd_object_alloc_ucmd+0xb2/0x160
[ 1774.111611][T31178]  iommufd_fault_alloc+0x93/0x420
[ 1774.116632][T31178]  iommufd_fops_ioctl+0x34d/0x540
[ 1774.121654][T31178]  __x64_sys_ioctl+0x18b/0x210
[ 1774.126449][T31178]  do_syscall_64+0xcd/0x4c0
[ 1774.131033][T31178]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1774.136932][T31178] 
[ 1774.139255][T31178] Freed by task 31178:
[ 1774.143307][T31178]  kasan_save_stack+0x33/0x60
[ 1774.147986][T31178]  kasan_save_track+0x14/0x30
[ 1774.152659][T31178]  kasan_save_free_info+0x3b/0x60
[ 1774.157675][T31178]  __kasan_slab_free+0x60/0x70
[ 1774.162445][T31178]  kfree+0x2b4/0x4d0
[ 1774.166337][T31178]  iommufd_object_abort+0x10c/0x170
[ 1774.171560][T31178]  iommufd_fops_ioctl+0x381/0x540
[ 1774.176586][T31178]  __x64_sys_ioctl+0x18b/0x210
[ 1774.181348][T31178]  do_syscall_64+0xcd/0x4c0
[ 1774.185853][T31178]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1774.191759][T31178] 
[ 1774.194074][T31178] The buggy address belongs to the object at ffff88807e75c800
[ 1774.194074][T31178]  which belongs to the cache kmalloc-cg-512 of size 512
[ 1774.208379][T31178] The buggy address is located 4 bytes inside of
[ 1774.208379][T31178]  freed 512-byte region [ffff88807e75c800, ffff88807e75ca00)
[ 1774.222054][T31178] 
[ 1774.224376][T31178] The buggy address belongs to the physical page:
[ 1774.230776][T31178] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7e75c
[ 1774.239525][T31178] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1774.248010][T31178] memcg:ffff8880759b9f01
[ 1774.252233][T31178] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 1774.259768][T31178] page_type: f5(slab)
[ 1774.263739][T31178] raw: 00fff00000000040 ffff88801b84b140 dead000000000100 dead000000000122
[ 1774.272310][T31178] raw: 0000000000000000 0000000080100010 00000000f5000000 ffff8880759b9f01
[ 1774.280884][T31178] head: 00fff00000000040 ffff88801b84b140 dead000000000100 dead000000000122
[ 1774.289545][T31178] head: 0000000000000000 0000000080100010 00000000f5000000 ffff8880759b9f01
[ 1774.298228][T31178] head: 00fff00000000002 ffffea0001f9d701 00000000ffffffff 00000000ffffffff
[ 1774.306916][T31178] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[ 1774.315577][T31178] page dumped because: kasan: bad access detected
[ 1774.322074][T31178] page_owner tracks the page as allocated
[ 1774.327789][T31178] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5249, tgid 5249 (udevd), ts 35255903911, free_ts 34776636967
[ 1774.348540][T31178]  post_alloc_hook+0x1c0/0x230
[ 1774.353393][T31178]  get_page_from_freelist+0x132b/0x38e0
[ 1774.358933][T31178]  __alloc_frozen_pages_noprof+0x261/0x23f0
[ 1774.364817][T31178]  alloc_pages_mpol+0x1fb/0x550
[ 1774.369662][T31178]  new_slab+0x247/0x330
[ 1774.373806][T31178]  ___slab_alloc+0xcf2/0x1750
[ 1774.378471][T31178]  __slab_alloc.constprop.0+0x56/0xb0
[ 1774.383956][T31178]  __kmalloc_node_track_caller_noprof+0x2ee/0x510
[ 1774.390364][T31178]  kmalloc_reserve+0xef/0x2c0
[ 1774.395031][T31178]  __alloc_skb+0x166/0x380
[ 1774.399443][T31178]  alloc_skb_with_frags+0xe0/0x860
[ 1774.404554][T31178]  sock_alloc_send_pskb+0x7fb/0x990
[ 1774.409749][T31178]  unix_dgram_sendmsg+0x3e9/0x17f0
[ 1774.414948][T31178]  sock_write_iter+0x4fc/0x5b0
[ 1774.419712][T31178]  vfs_write+0x7d3/0x11d0
[ 1774.424121][T31178]  ksys_write+0x1f8/0x250
[ 1774.428447][T31178] page last free pid 5246 tgid 5246 stack trace:
[ 1774.434759][T31178]  __free_frozen_pages+0x7d5/0x10f0
[ 1774.439956][T31178]  __put_partials+0x165/0x1c0
[ 1774.444630][T31178]  qlist_free_all+0x4d/0x120
[ 1774.449209][T31178]  kasan_quarantine_reduce+0x195/0x1e0
[ 1774.454745][T31178]  __kasan_slab_alloc+0x69/0x90
[ 1774.459592][T31178]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[ 1774.465044][T31178]  getname_flags.part.0+0x4c/0x550
[ 1774.470158][T31178]  getname_flags+0x93/0xf0
[ 1774.474570][T31178]  do_sys_openat2+0xb8/0x1d0
[ 1774.479173][T31178]  __x64_sys_openat+0x174/0x210
[ 1774.484012][T31178]  do_syscall_64+0xcd/0x4c0
[ 1774.488515][T31178]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1774.494402][T31178] 
[ 1774.496711][T31178] Memory state around the buggy address:
[ 1774.502328][T31178]  ffff88807e75c700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1774.510471][T31178]  ffff88807e75c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1774.518523][T31178] >ffff88807e75c800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1774.526572][T31178]                    ^
[ 1774.530629][T31178]  ffff88807e75c880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1774.538679][T31178]  ffff88807e75c900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1774.546724][T31178] ==================================================================
[ 1774.579677][T31178] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1774.586905][T31178] CPU: 1 UID: 0 PID: 31178 Comm: syz.7.5246 Tainted: G          I         syzkaller #0 PREEMPT(full) 
[ 1774.597846][T31178] Tainted: [I]=FIRMWARE_WORKAROUND
[ 1774.602942][T31178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1774.613011][T31178] Call Trace:
[ 1774.616281][T31178]  <TASK>
[ 1774.619201][T31178]  dump_stack_lvl+0x3d/0x1f0
[ 1774.623798][T31178]  vpanic+0x6e8/0x7a0
[ 1774.627782][T31178]  ? __pfx_vpanic+0x10/0x10
[ 1774.632291][T31178]  ? __pfx_vprintk_emit+0x10/0x10
[ 1774.637324][T31178]  ? iommufd_eventq_fops_release+0x45/0xc0
[ 1774.643145][T31178]  panic+0xca/0xd0
[ 1774.646880][T31178]  ? __pfx_panic+0x10/0x10
[ 1774.651309][T31178]  ? iommufd_eventq_fops_release+0x45/0xc0
[ 1774.657117][T31178]  ? preempt_schedule_common+0x44/0xc0
[ 1774.662597][T31178]  ? preempt_schedule_thunk+0x16/0x30
[ 1774.667972][T31178]  ? check_panic_on_warn+0x1f/0xb0
[ 1774.673086][T31178]  check_panic_on_warn+0xab/0xb0
[ 1774.678055][T31178]  end_report+0x107/0x170
[ 1774.682384][T31178]  kasan_report+0xee/0x110
[ 1774.686812][T31178]  ? iommufd_eventq_fops_release+0x45/0xc0
[ 1774.692617][T31178]  ? __pfx_iommufd_eventq_fops_release+0x10/0x10
[ 1774.699032][T31178]  kasan_check_range+0x100/0x1b0
[ 1774.703973][T31178]  iommufd_eventq_fops_release+0x45/0xc0
[ 1774.709688][T31178]  __fput+0x402/0xb70
[ 1774.713676][T31178]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1774.718873][T31178]  task_work_run+0x14d/0x240
[ 1774.723482][T31178]  ? __pfx_task_work_run+0x10/0x10
[ 1774.728606][T31178]  exit_to_user_mode_loop+0xeb/0x110
[ 1774.733907][T31178]  do_syscall_64+0x41c/0x4c0
[ 1774.738513][T31178]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1774.744412][T31178] RIP: 0033:0x7ffa3298eba9
[ 1774.748826][T31178] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1774.768451][T31178] RSP: 002b:00007ffa30bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1774.776860][T31178] RAX: fffffffffffffff2 RBX: 00007ffa32bd5fa0 RCX: 00007ffa3298eba9
[ 1774.784829][T31178] RDX: 0000000000000004 RSI: 0000000000003b8e RDI: 0000000000000006
[ 1774.792793][T31178] RBP: 00007ffa30bf6090 R08: 0000000000000000 R09: 0000000000000000
[ 1774.800755][T31178] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1774.808719][T31178] R13: 00007ffa32bd6038 R14: 00007ffa32bd5fa0 R15: 00007ffc52e6f8f8
[ 1774.816696][T31178]  </TASK>
[ 1774.820017][T31178] Kernel Offset: disabled
[ 1774.824333][T31178] Rebooting in 86400 seconds..