last executing test programs:

16m26.72576568s ago: executing program 2 (id=419):
pidfd_send_signal$auto_PIDFD_SIGNAL_PROCESS_GROUP(0xffffffffffffffff, 0xfffffff0, &(0x7f00000001c0)={@siginfo_0_0={0x755dbcfc, 0x5, 0x0, @_sigsys={0x0, 0x2b, 0x8}}}, 0x4)
r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
socket(0x2b, 0x1, 0x0)
socket(0x2b, 0x1, 0x1)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe\x00', 0x2000, 0x0)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB="2f212abd"], 0x14}}, 0x4000000)
ioctl$auto_VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000340)='/dev/snd/midiC2D3\x00', 0x2001, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000180)={[0x1ff, 0xd5b, 0xc, 0x37, 0x948a, 0x2, 0x15f4da0a, 0x1, 0x3, 0x300000000000600, 0x40080000001, 0x7, 0x6d3c, 0x5, 0x200, 0xfffffffffffffffe]}, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/tracing/buffer_subbuf_size_kb\x00', 0x40000, 0x0)
readv$auto(r2, 0x0, 0x4)
ioctl$auto_IOCTL_VMCI_SET_NOTIFY(0xffffffffffffffff, 0x7cb, 0x0)
ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x1)

16m25.729297121s ago: executing program 2 (id=424):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000001500), 0xffffffffffffffff)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="010026bd7000fedbdf2502", @ANYBLOB="cf92346d144c76e6d310eb66d5b1a41675c7b8106687b7cdb236e753e9e37d05ab2235afeade5f2f0e618c0aff3f8a"], 0x1c}, 0x1, 0x0, 0x0, 0x44020}, 0x850)
read$auto(0xffffffffffffffff, 0x0, 0x20)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
ioctl$auto(0xffffffffffffffff, 0x6f2d, 0xffffffffffffffff)
statmount$auto(&(0x7f0000000000)={0xfffffffb, @raw=0x6, 0xfffffffffffffe01, 0x8001, 0x9}, &(0x7f0000000080)={0xfce6, 0x7, 0x5, 0x8, 0x4, 0xfffffffeffffffff, 0x10000, 0x5, 0x6, 0x7, 0x0, 0xf, 0x4, 0x40, 0x1000, 0x8, 0x8, 0x3c747d, 0x3, 0x6, 0x1, 0x2, 0x80000000, 0x4, 0x5, 0xc13, [0x2, 0xcf, 0x3, 0x2, 0x1, 0x1, 0xfffffffffffffffc, 0x7, 0x7ff, 0x7fffffff, 0xffff, 0x401, 0x100000000, 0x1, 0xfffffffffffffe01, 0x3, 0x1, 0x2, 0x6, 0x1b, 0x0, 0x6, 0xfffffffffffffff8, 0x6, 0x7, 0x1, 0x6, 0x658, 0x8000, 0x3, 0x10, 0xa8836aa, 0x400, 0xec, 0x5, 0x9, 0x9, 0x9, 0xf, 0x802, 0x1912, 0x2, 0x7c83, 0x200, 0x35, 0x44a], "fa71631ce6105e96a0f57cfefec0ef9a86901a2c2856b379e0865c1a8afc6f67d379691f3260145fe3babbfcdc8c206d88b690e1604cc5880b549cf360cba1f519597888f890ee75665f376ec03271484adf94c7b8260f5ee00fbe417d5b18f8560ec3e8dc92e1136fbd4ec30ae73705fcd078b5d3c4103489867026e3a5940dafed50a92ed382e4d25a08508fbbb49311e26a6c5b9ff148b4242d197a987e2f60194677818dca9c2eafb022168a76e47816e4bec642ab602ddeaa3194329ddbcabb4880855d8704b3360267a16a88e34b98641c5865da1a78296453917d51b5784900707b8b4ad591073e2f4c14df4a7f2fb5c3033071c93e4abd9d8aafc485cf472c36b28999fe61dd65fcfb0842664738397faa56f83f21db6082dfdb676dfc76cd97147365be47d28a62633e18cadbd4eeb1df3d7adcb3953227b2564ea813d4d89cddcb48f5cdd520eead828b014f6a671fa0d57c49424b476f7a9acb3e1dbbe2ad55ee32e9dc29375735b43f9c1bb38add8566c6ded3f821f3a6d2f1a28d93b5c626caae83b3e808b149e2bd25635447d5e02ab2318f7ff173fc084a9704ea5eecc56aad2bfdb84c3773ea4425b6fb6d3577a0cc29f4031081524399d1d371b3233b220957dc94f3ce7847c07b37b20b8240b90df9aa083cc08546707f749163cc8b3f5ded322014c8a655a5da933714fc2e0ee999ca400da8276b8104e97a52dca59c385b1142dfb355680321a552c3c4340e5b4487491632eda1bfa5fdb1ec4bd7426afe69ead35a30f935d8f26700bbb8db0c85bac0b2c62a5182725bfa88371e191cbb616de909497c7cc3bde53a1a40c3e0edec50942f5a17078672b2874d30fe6b1c3ebf49452f6a3451cf38e80a030967136f3944c254a51c131584d2bd3e9ac5aa998ef5fe7fc6407a581e741513ec53bad74fdb687debd8d67edbdc4065cea01991c7edb1a66d50957798b11612d5c98d3bbbf9ca928be29b347ae34ac758b43be642c71b68894995a14c2686e84c5793de4dbad6730c556f69875c3a55c39ee054b258cb7b39da8162defdbf6c7c8711115f3a8f61258406f3d9af9589f8aa18497b6323339e4ff91bcd39191e50fd6539bb7473e5f244cddcedd24821bc130e7b8ab0b89c75850b3d62ce44b0b15ce228cd3d64d782aead21f3d77c4702b19d8cf8f0fedb099b01a111be8b6890e35b061f0a74b90e024c0ae91ceda3dac141cb524c8f389c7e4ebeab3231a4293e8df89f42292197d731c79cd0fc7d69c7aee6f99ba7006c6ff7e70435b2fbb8777940ccb6a855ce6f534e31bb52e15be1208ff83d89ea09ec2740e6fb7d15e118e264d836684c71ac6e515945070444bea6b773122f7ed228fd4ebe5769b08d37873408366eed592bd72956124c5196cf0a7be6ff04b93031b8c3b05c3c6508f52e60452654d4c6d1df6cc0cac32a19a884ca5e96ad79a64b3b02600e263556219f1b5afcb567cc6f236bcef1753c28a8daf92c8aecbba56e7b80e87013022fb5bd16b74a35ff0cf4f99ca12e59830e9f8e033c96e4ba7d5c42e536ef058a309c7cde99a1186a5c0e847cf4ed6328a0ebf59ee6d25fddbc2fa79ecdae50fbfe1e498ae2843a30f8417cffabf60a730f28a877cbf97223566fca98c75888d88aef826f98c0c5f882dfcaf1703b54cb1874d8e62ad50024d1912d38884cfb15c249cd71242797a1f18f5edac7342c7b81fe57a1ae1e66d380c37ba7396449106c582ddffb3566d49ae53e81217c95047638d1162a06b6352dd384f69e6c2539a451a75a574e7cef9207b094a0f1c20b052186f54df6cdc2245c48771ed7dd98f4a6e33fc42829395c417fb5e5aad57fe99108e1e375643eb062116f9155d9c193bb8627b403fdf81015d703dc23c6d7a00f09706f83c66fda8e56d799609ad60b20b1ee3ecbf80a3e834f1b94cb79fe3549e5f741bdd4b6b9562952b50d0cb3260625b0125ab752218a0c957115d00c0f0c99d33b9a20afb6037fdeceefa7bcd0f25075b530d0f4d20391bd6f44a08a89287b7a60979ccf948481dcaffba3e4af737bf7f09e8e0e261d9b175475efd5d7031520beb35f331f404e0a0df9d856ba0ff6f6e4d73ffeabb18b187736e2b3d81b3e277ba336d34492cd42b7d3774e7bef789dccd25b84a58022b6b1f14d801ac4e19f97e03986dcb948978f1d06a424e8865e2cb6423f6f93ada2bd25dc22569a5e5652f3a7fb615a903e0d4f5a63b671c610185162be6a878c6781dea770919e376c27b9bc2e2ac8d988601988ceccce704e96c4578c40b9fa17a25d8bb47e8fea0f84ec459e557a85af29ba01cf20d46540f3f724a126dcc1f8432a49345c0000523aff155dc09d0af5058518ffc2cc23501d71992da3af9f210c2873b55b5ef58d0c99ea4d5014e8c7ad75ced0270506151c7801f9dd190075c9132443d0a41261ca507b4a3ecebc69c5a571edf4208ef7a4f8e458759b40f901176de77e6286c2f057fb966e754a5371ff0e6ca25a8ad6e8419bb9b30f843d7d0b9e8fc253d5a272ccf62d15d2b9aa02ac060fcae83605c72f812b153b9410cbbc9988a27b8a347c9289c303eb3ae6060736487a847a598cb9c841e0a0dcb1baa253d19c8887f017ce879092ee7d2ad3a6174bc138f88ebba4a94f35db5d797922258df053c4be4564867ce8883118ee80f57f5b62cfae38ad25a1e0d52f6b59ff39eb6128b648b55735d404384c534e1cecddf0e228b45538f8267297a0e718cb5db80fcb3c92d4e3e073bcfa873982a7fe7ed50c4c345804a329d1a02f7c932674041a0dfc48d2f12fbb4f066bb683d5c74a49f65425bb82a29dd54b642e7f95b280fa8df4ca91c5a79a5bf5790ee9a8d43dd9cfd83cf2c14ccd990033b997118a97941ed5eb6d8410303d34eb343921f04d033e4bc64101db1d4bb1e90e20f182de13df08f4b92763a06b6345a209a412539798716e0cbc9134758e03b11de9ba0f63b9acf6fdc28d0cd4aee2938432f1cec1142553c273522c10b4a52e1c21273110a2d8906ef42a85087e72ed9780c6497577b1f07488a3f50f962aef3ecba24c1ab9b822a2dfa987fc70133cbab463f05c2739ce9a1816a05c909fcd31f58d7d7c274f4f6e126722ef4c200001a09a2a877f1ad3562b70202db7122a960d5b7d0ebf1cd1209ea3f9a4564f593794f694d97f4df03ff693569811ffafe0cd0a234b49488f24d1e0623ae0406ab49795744d1dde123b2bf34b4afb1686365d5d2f9ccf5ce4d5dd0f9de182c7e12f66e2b19c9b33f2646f7dee493daab5475d65c1f1169f1616bd4c19eb081aaeb491df76ffa2d6adec9d7fd93bac5d47ba778b91b61e5b62c50752ffaabfe175b02b565d6aee8f9437987b401c58eb609f23c1b42297b79720b9a067feca5ea7db2231f11a46a8a0c0ef1f3fc19d8e3ea9310868c400ab2e82fe4ca6e1497c31f675131dd1941344db6a218a27d822cedf0e86ff78e317509c21a8a88fdabb737449404eb675b50af317619dfe4cc59922262e8b7d4b3d6038dda759a85ecf01aa8c8cb6dfde6e547f454083ced3c1a959717f57bd8fc7024775cb978ee4654dcbccaafa0573fe9ec81cf752fadac75936114fa53f89afb2f61b9faf46d135992e35dc323ce904b5e97907e03d11ff5a07a36afcbe99e405e3932acdf5b4f42d8a0ea7afb7463b5b98b85a21644f3699446612d904f36c68729438dbceb5ba47ef8eb565608e5a4d2311d5ecffde7978863bc3ea7b40dafd1948c8b875078c24818f71c5f26e5df999fcd6eb18e7d87f985d0144d1223a61c723908ba3073f98e2bc85a001366eb8ea1333c135e4fa9a1ab18477d67d8a10076977f5380a6ca700d0dd47149e37dac4ef4db95c3408d7959c7b51f18e0524ff1e9d6a1b71395d19e970a4022f3bb2e8dcd3b6efd24e0ecc4cd8a6709800103329cd3cf4e2107c5dbc62dc7ef75e621b5e1627282eb29742594a272254c36db02f3fe79f1adbc9f9d03cd7245a5d06de663bcc6658fbcba689b2eaf258ba24538d72ab368c6a36effd38437b0b8924fc77eac2dff463d4fa9531f3f8ffd6602c781b9501a5b9eb30d9da5ff6e306a89366df82d6e53cf1a44dbd5135bd73302b32aeb66ec7bfa9de68ec6086af323e6c963612f61fbcd381e65063db918474b6e515c1f333968c1078d400e7a7cf27fe47fccc37014ef9106d4e3bbe5c9833c03d13de811659abc6700fef666512c2a982a9934d236a0bcac285ffdecb36589364574c83bbdbe4fac68e9597992ec5131f5d5e08aaafe38e225134a4ae5dbeb13482b4ff6c044483e069a93b83dddc7b54b3f41517b0f08ae4bbdabf9648fb83c306a501e4a127e083a8009cd75fb78412cc3e3365b4fdf0285cb92262ba95e385bfe32b365aa558324091c860ac3a6a9411417ef736c3a86f55f6d3430ed19ac70f78a644412fa1a58f3766f79d9e7d24cb1570c9feeffd807e1ae9a696fcc3321625540b7e6a268080fa3b39735da93212ebc76e22c74c4965abf96ab416d196642cc6ea4d47e2299507aa17ed1d2d11067a112accdaf32351d9f4540f42bb3722cb81f2483e87c5d3aec919aabc45952912bcfb8fe0e6895b8a2f40632b0b713a1e9bd947ec9b3c88776e3cc4cf54695070335c3a7442fc0b5fb8d2fbf6e9a3aa01664742919f14c2536a126748d2e4f6b899fa061ff608584027c694e445f24aebfe81beb1c1672bcf78f7700cead17c63d90abc37c35bd49a8fa1fb5ed5227ce7af6dc2cde660cc5ee85e15a371b63cafb6794526f231d9b12ac971e06337d006238f74947f0a4bd3ed31a6292fb0ef37a758db8489ecccb28c2a644ecebd0c6a304b92f7c03957a37446ad7463ffff7c7e50d725f4d96b7352f55ec7ea1cdd497832a511c5858ce0b7838eb18ebc5843202abf48dc141c8e078078199548a6071fcb16fcb4cd8248bcfbfca3a99ab9f8b1bde4ec8c4517096c3d49d5eef34c98da7ba46e48d3e9e13a627ecfc24284313e58adc9d3eb9f6409f2b07bb46a2b43a3cae94bec16fcf20787f9f93de570e203b44153ffed4f81af03462786e5c278cef3a6cc8f05f8bea539893d66ee86970f698c89734667099baf4f0471411d001eb4efb6fd52f16c33be670f7d338185925f5051f03894700d461dc6d8f46b3c1bbbbec9075cdb153407a5ec35162ce51dd480fe783be50a6a362c29ed3655f11b4980bc0731ed6889ebe1e9609afb3fcfe449821f1cf37a062edc90fa23e22bb3d8f62f57356b33d3ff30c95bfb5d5c41aef64d801a7b6024c55428789d34fe88625a61ee6c4b8386a41ff53e615d16d11dba137d33e76cef53f7bfd6bfc00e032f280b6d0d405243e09af20701df1406fc43f1b7ae7ee34cee795065276e4a1b8ba08ff368f3497bf610dd8cbae43c6e6fa5dc6f3ef0f14616cab43160b1f1d54bf3c918d39c199a5abf8cbdaff87f745ed38d55eb9028ff096594afa10d2271575528c5fcbed546607ea46ec1b1515c592931b208b1a93e2fb550b32834e7ccd4f1f065b38bff83748fefabcfac043621dab5d15f9c02dbc8eceade7f022b67db854266a30a5e02db4217fa69992efcd7804317dccb7c0a854ab60bdd82abad92b22fe3ec7bdcd81bd24d4736d299a4f8ffe86031e695fd45e093002c0180ecb5427658cbee6991caef84d868d4db5763e7e34dba1ed8adebf3edb34acc8e6164157b4dd4d65cb39cc85bbfd53c3f5edb541ce4d8809348a1a7840ee54b5846ab0d0876448f3667db9f070cbd6a8f75dbd4"}, 0x2c0b, 0x4)

16m24.764612095s ago: executing program 2 (id=426):
r0 = openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, 0x0, 0xc800)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
adjtimex$auto(&(0x7f0000000000)={0x4, 0x0, 0xcbe9, 0xffff, 0xa, 0x80000000, 0xd37f, 0x0, 0x5, 0xd, 0x3, {0x10, 0x6}, 0xfffffffffffffffc, 0x10002, 0x2, 0x4, 0x0, 0xfffffffdfffffffa, 0x1, 0x20000, 0x9, 0x7, 0x8})
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000001100)='/proc/bus/pci/00/03.0\x00', 0xa0581, 0x0)
write$auto_proc_reg_file_ops_compat_inode(r1, 0x0, 0x0)
writev$auto(r1, 0x0, 0x6)
r2 = gettid()
process_vm_readv$auto(r2, &(0x7f0000000040)={0x0, 0x2}, 0x4, &(0x7f00000000c0)={0x0, 0x100000000000002}, 0x3, 0x0)
read$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(r0, 0x0, 0x0)
madvise$auto(0xfff, 0x100000000, 0x48)
r3 = socket(0x2, 0x3, 0x6)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/zram0/algorithm_params\x00', 0xa001, 0x0)
write$auto(r4, &(0x7f0000000540)='7\x81=\"\xad\xff\x8d\xf9;\x18\xa4\xb0\xb4\xd9\x82=\xe1P~\x17\xfb&L\xeb=j\a\xf1y\xb3\"', 0x81)
r5 = eventfd$auto(0x9)
close_range$auto(r5, r3, 0x7)
getsockopt$auto_SO_DEBUG(r3, 0xff, 0x1, 0x0, 0x0)
syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r3, &(0x7f0000000040)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x40080}, 0x40000)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer\x00', 0x80000, 0x0)

16m22.523631196s ago: executing program 2 (id=432):
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x5, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match\x00', 0x20080, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000280)=""/175, 0xaf)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/pids.max\x00', 0xa0942, 0x0)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x0, 0x0)
mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x5, 0x6, 0x0, 0x200000000000001, 0x368e, 0x2, {0x100000000, 0x4}, 0xff, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x8000000c, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
r3 = socket(0x15, 0x5, 0x0)
ustat$auto(0x801, 0x0)
sendmsg$auto(r3, &(0x7f0000000180)={&(0x7f00000005c0)="5584fe662ddd8fbab19a5cc9360c61e8548618499082d3c82be0b6614c923515306efd36afdd029f64315b9b9530cfb051bdaff904d21f21aaf77567835f50c12233f79b984b70332e70ff8e53b677b532fd29d6ffa2b4e0e97f598dc28cd78d7c220000001faa9098a07a3770d72b20930a7fc6e9a1ab4e2e85c1a901ce59f9b1465f74b70c52bf9bc634af17855f33bf84cd6c9669", 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x4)
sysfs$auto(0x808f, 0x23, 0xd)
fsconfig$auto(0xffffffffffffffff, 0x8, 0x0, 0x0, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/dsp_pipeline/hwec/power/runtime_suspended_time\x00', 0x10d600, 0x0)
sendfile$auto(r4, r4, 0x0, 0x200)
listmount$auto(&(0x7f0000000040)={0x200, @inferred=r0, 0x7f, 0x81, 0x400}, &(0x7f0000000140)=0x10000, 0xf, 0x5)
ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f00000000c0))
socket(0x11, 0x2, 0x1803)
ioctl$auto(0x3, 0x80044944, 0x10000000000402)
r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0)
write$auto(r5, &(0x7f0000000300)='*o\xd3\xa49\xaf\xa9\xe4\xe17\x12\xb3Z\x17I\x82\xdc\xbeiw\xc1\xd1\x8d\x9b\r\x9aR\xe7\x9f\xd8\xab\x16`f\nT\xaa\xfap \xe6\xdaV\xdeD\x8dR5\xd2\xe58\n\xff\x19+\xeb\xb3+\xf6\xc6\a\x00\x00\x00\xf1A\xa5\x95\x1fk\x1f\xff\x99gP\x9e\x88\x97]\x93\xf4\xdd<\xe7p\x0e\xd4C\xdc\x84\v\xafz\xfd\x81\xa3\xb2\xbb\xa4\xd9\xf2P\xa8\xe9\x8f\x13\xa7\x98\x85\xf8\v\aB\xfc\xfa\x14E\xb8y\x884<\xa7\xffyb\x8a\b\xbb\x1b\x13W\xe3\xf7\xd8\x83\xc9\xd7\x8c', 0x6)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff)

16m21.6600883s ago: executing program 2 (id=434):
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
msgctl$auto(0x6, 0x3, 0x0)
pwrite64$auto(0xc8, &(0x7f0000000040)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e#\xae\xa9i8W\xe5Iq\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/231, 0xfdf2, 0x3a)
write$auto(0x3, 0x0, 0x7fffffff)
ioctl$auto_TIOCSETD2(0xffffffffffffffff, 0x5423, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0xa, 0x1, 0x84)
bind$auto(0xffffffffffffffff, 0x0, 0x6a)
mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
socketpair$auto(0x4b9, 0x5, 0x8, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x55)
socket(0x2, 0x3, 0xa)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8)
connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000) (fail_nth: 2)
connect$auto(0x3, &(0x7f00000000c0), 0x55)
write$auto(0x3, 0x0, 0xbc0d)
ioctl$auto_SNDCTL_SEQ_PANIC(0xffffffffffffffff, 0x5111, &(0x7f0000000100)="b68856ede41d25a205ab8cc14886939532867ed2da6ff8c8a0bf1cedf777e7784074053457edbe5886c190fe8418a8d8c6a7e2c5b273702d6c2e7bd84eccd25178aa641a6a4d217d0350b8e0a307724bbb1b85d1db")
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
sysfs$auto(0x2, 0x4d, 0x0)

16m20.92191449s ago: executing program 2 (id=438):
unshare$auto(0x40000080) (async)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x10000000003, 0x4000000000cf, 0x40eb1, 0x401, 0x300000000000) (async)
mmap$auto(0x0, 0x10000000003, 0x4000000000cf, 0x40eb1, 0x401, 0x300000000000)
setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) (async)
setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b)
ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0) (async)
ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f00000003c0))
r0 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) (async)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
setsockopt$auto(r0, 0x200, 0x7, 0x0, 0x4822814e)
syz_clone(0x800000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r1 = syz_clone(0x800000, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x6, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000002)
setsockopt$auto_SO_MAX_PACING_RATE(0xffffffffffffffff, 0x3, 0x2f, &(0x7f0000000300)='\xba\xf13\xa4o\xd3\xd2\xe0v\x95\xe6mAk\x90\xa1\xfd\xb0\xe1\xa6W\x85py\x91Q\xe7\xc9\x05\xce\x17\xe6<0e\x12\xe8/\x16\xf0\xd2\xe5\x06[\vFb\xd6\xc0sTv*\xa6\x97\xb4\xcf\xc8d^\xb1\x7f\xeeH\xd2\xa8\xeb\xad\xdfw\xad\x1e\xcf\x13\xd2\xbbh\xb7\xb1\xa2\x14\xbe=Q\xf3\xd6\x85\x8as\x04\x93\x8c3\n\x9e\xcc\xbdP\x89\xee\xa8\x82\x03\x97\xe6^\x85#\x11T\x8dE\xba\nF\xc2\xe2\x06k\xf0~\xa3\x86h\xc2\xb8\xcfk\x1f', 0x4)
r2 = semctl$auto_IPC_INFO(0x9, 0xacc9, 0x3, 0x6)
move_pages$auto(r2, 0x6, 0x0, 0x0, 0x0, 0x800) (async)
move_pages$auto(r2, 0x6, 0x0, 0x0, 0x0, 0x800)
r3 = pidfd_open$auto(0x0, 0x0)
setns(r3, 0x20000000) (async)
setns(r3, 0x20000000)
linkat$auto(0xffffffffffffffff, 0x0, r3, 0x0, 0x80000000)
r4 = getpgid(0x0)
socket(0x2, 0x1, 0x0)
rt_tgsigqueueinfo$auto(0xffffffffffffffff, r4, 0x8, 0x0)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40)
execve$auto(&(0x7f0000000180)='./file0\x00', &(0x7f0000000100)=&(0x7f0000000080)='\xac\x00', 0x0)
ptrace$auto(0x4206, r1, 0x0, 0x5)
open(&(0x7f0000000040)='./file0\x00', 0x0, 0xa0) (async)
open(&(0x7f0000000040)='./file0\x00', 0x0, 0xa0)
capget$auto(0x0, 0x0)
mmap$auto(0x0, 0x202000c, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
move_pages$auto(0x1, 0x233, 0x0, 0x0, 0x0, 0x8000000000000000)
symlink$auto(0x0, &(0x7f0000000000)='\'--[[\x14+\\\x00')

16m5.673052849s ago: executing program 32 (id=438):
unshare$auto(0x40000080) (async)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x10000000003, 0x4000000000cf, 0x40eb1, 0x401, 0x300000000000) (async)
mmap$auto(0x0, 0x10000000003, 0x4000000000cf, 0x40eb1, 0x401, 0x300000000000)
setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) (async)
setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b)
ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0) (async)
ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f00000003c0))
r0 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) (async)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
setsockopt$auto(r0, 0x200, 0x7, 0x0, 0x4822814e)
syz_clone(0x800000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r1 = syz_clone(0x800000, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x6, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000002)
setsockopt$auto_SO_MAX_PACING_RATE(0xffffffffffffffff, 0x3, 0x2f, &(0x7f0000000300)='\xba\xf13\xa4o\xd3\xd2\xe0v\x95\xe6mAk\x90\xa1\xfd\xb0\xe1\xa6W\x85py\x91Q\xe7\xc9\x05\xce\x17\xe6<0e\x12\xe8/\x16\xf0\xd2\xe5\x06[\vFb\xd6\xc0sTv*\xa6\x97\xb4\xcf\xc8d^\xb1\x7f\xeeH\xd2\xa8\xeb\xad\xdfw\xad\x1e\xcf\x13\xd2\xbbh\xb7\xb1\xa2\x14\xbe=Q\xf3\xd6\x85\x8as\x04\x93\x8c3\n\x9e\xcc\xbdP\x89\xee\xa8\x82\x03\x97\xe6^\x85#\x11T\x8dE\xba\nF\xc2\xe2\x06k\xf0~\xa3\x86h\xc2\xb8\xcfk\x1f', 0x4)
r2 = semctl$auto_IPC_INFO(0x9, 0xacc9, 0x3, 0x6)
move_pages$auto(r2, 0x6, 0x0, 0x0, 0x0, 0x800) (async)
move_pages$auto(r2, 0x6, 0x0, 0x0, 0x0, 0x800)
r3 = pidfd_open$auto(0x0, 0x0)
setns(r3, 0x20000000) (async)
setns(r3, 0x20000000)
linkat$auto(0xffffffffffffffff, 0x0, r3, 0x0, 0x80000000)
r4 = getpgid(0x0)
socket(0x2, 0x1, 0x0)
rt_tgsigqueueinfo$auto(0xffffffffffffffff, r4, 0x8, 0x0)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40)
execve$auto(&(0x7f0000000180)='./file0\x00', &(0x7f0000000100)=&(0x7f0000000080)='\xac\x00', 0x0)
ptrace$auto(0x4206, r1, 0x0, 0x5)
open(&(0x7f0000000040)='./file0\x00', 0x0, 0xa0) (async)
open(&(0x7f0000000040)='./file0\x00', 0x0, 0xa0)
capget$auto(0x0, 0x0)
mmap$auto(0x0, 0x202000c, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
move_pages$auto(0x1, 0x233, 0x0, 0x0, 0x0, 0x8000000000000000)
symlink$auto(0x0, &(0x7f0000000000)='\'--[[\x14+\\\x00')

7m28.952412351s ago: executing program 4 (id=1716):
r0 = socket(0x2, 0x2, 0x1)
getsockopt$auto(r0, 0x1, 0x4, &(0x7f0000000040)='/dev/cec27\x00', &(0x7f0000000080)=0x9)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x3c, r2, 0x1b, 0x74bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0xc, 0x3, 0x0, 0x1, [@nested={0x8, 0x19, 0x0, 0x1, [@nested={0x4, 0x1}]}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "8987714800"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
r3 = socket(0x2, 0x1, 0x106)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast1}, 0x6a)
r4 = getsockopt$auto(r3, 0xfffffffc, 0x7ff, &(0x7f0000000100)='*^\x9d(!{,\x00', &(0x7f0000000140)=0x3)
ioctl$auto_XFS_IOC_PATH_TO_FSHANDLE(r4, 0xc0385868, &(0x7f0000000500)={r3, &(0x7f0000000300)="09cfcead349fc0189457c711253a73f5d5435eab59fa244ecdeaba7057f240457d540de55664daaedd5dde9d5bcd7d6decd8deae1aedbf89da2dcbff046a74d32986c565ce5114ea5ea49a27665c4116d163ebf7d78fbe295e1d57f797411adaca4f90f040fdc5905568173fb64760dcd461b6fbb094b8f03b509618fcadbe87cb9b51ec92e09c0a0c6d31b1dad5fa8634aaffc48c135d6f81bba15226474198edd9359fe6c309d12bed", 0xa5, &(0x7f00000003c0)="dac383d1b1c6f75411cf535febdbf93c1493b6f4f90b285c99f594195f04256e28c1ac7067f6772636811710e8801713acb896a34d3fb42d9fc600e042cb70909e3aa5294818997d7acb46a7e5db255d305cd11d2e68faf266df6a0fcad58a83ed53bfaeca47fec973ae5d336eca62599ccdae529afec16633a5c2b9a312dc9540df7d73c64246fcb561faf83cd648a9d94b656f5f63dce47f1964f21cc8f5efd0201c536d9dd17eafa13260399b63fa97", 0x89d3, &(0x7f0000000480)="b09a6485754c77d58ca2facf62ba006e6ad6579d4707373a966f2c535682413a7e2c881ca8fa3590211836a0406bc0437bd5a78362", &(0x7f00000004c0)=0x7})
vmsplice$auto(r3, &(0x7f00000002c0)={&(0x7f00000001c0)="04f7849296ab1fcd7105ae2e824d8ce8f495bf9a35e45b37d7c612a5674a7a4a270af9823b910c86a6de7ff103c069448cbfa5bc80570da3b0840e2a320ebae56e814f72d9634bc7dcfdab696d9e0128c1a26e9a828f522dd2e8948dfc501b2d4850a861e842541b699cf7a496782d15564d6460e5b2a968e9c1f7e0ae7fbacc29f9a6063f163b7ef18efcb57680929cc416475e9458226dee699a78c12860f2486bc7ff3037a459dddfd0bfb6ae9ce7a60e66dc9162577374c9f0842ee605ac0cb38e6a67edb30c8a7e4b", 0x4}, 0x6, 0xfffff001)
read$auto_proc_sys_file_operations_proc_sysctl(r4, &(0x7f0000000000)=""/43, 0x2b)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
sendmsg$auto_TIPC_NL_ADDR_LEGACY_GET(r3, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000180)=ANY=[@ANYBLOB="a71301cc1c", @ANYRES16=0x0, @ANYBLOB="000126bd7000fedbdf2519000000"], 0x14}, 0x1, 0x0, 0x0, 0x890}, 0x0)
select$auto(0x4, 0x0, &(0x7f0000000080)={[0x209c, 0x8000000000, 0x7, 0x5, 0x1000, 0x100000001, 0x65, 0xf, 0x1, 0x6, 0x1, 0x8000000d59, 0x101, 0xff, 0x3, 0x8007ffff]}, 0x0, 0x0)

7m28.51541621s ago: executing program 4 (id=1719):
r0 = openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000040), 0x2003, 0x0)
bind$auto(r0, &(0x7f00000015c0)=@l2={0x1f, 0x400, @any, 0xffff}, 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x1580, 0x0)
socket(0x10, 0x2, 0x0)
r2 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000001500), 0xffffffffffffffff)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd7000fedbdf2502", @ANYBLOB="cf92346d144c76e6d310eb66d5b1a41675c7b8106687b7cdb236e753e9e37d05ab2235afeade5f2f0e618c0aff3f8abecc8152e66677f25158dcb651e680aa555abbf1fb87fa1e3a8765d0ba9d6c3cb8f4bcbf044bfb2c3996b9f2614110ac44b81055537504bae5d60bf0b7d6c47042ed3d3705ba07f80a545f4161ccf7654c8c"], 0x1c}, 0x1, 0x0, 0x0, 0x44020}, 0x850)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8000)
mmap$auto(0x0, 0x10000, 0x4000000000db, 0xeb1, 0x2, 0x8000)
read$auto(0xffffffffffffffff, 0x0, 0x20)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000000)=ANY=[@ANYBLOB='b\f\x00', @ANYRES16, @ANYBLOB="01002abd7000fcdbdf2514", @ANYRES32, @ANYBLOB], 0x38}, 0x1, 0x0, 0x0, 0x881}, 0x4000)
r4 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000340), 0x8200, 0x0)
ioctl$auto_SW_SYNC_GET_DEADLINE(r4, 0xc0105702, &(0x7f0000000380)={0x3})
shmctl$auto_SHM_LOCK(0x1, 0xb, &(0x7f0000001540)={{0x1, 0x0, <r5=>0xffffffffffffffff, 0x81, 0x2, 0x7, 0x5}, 0x8, 0x0, 0x0, 0x200, @inferred, @raw, 0x6, 0x0, &(0x7f0000001640)="40dc80791d1456d9b38a7c08c8406992d89d99d312aaf7373de5be63ed1112c83fc2656f4e5737e7f4a97f0de2cac19076e51cfcb764fbdc4681c759158af4590cdafbb9d4f3c9ab98512389017ad0ce7efa9aaef7ddf7311acc05dae68d8489703945ab49c49abd10e770a08325b4c571d5630ea0e8d5a6e6ca8422167d9a24cacfe8c73203a78912308f560f6ceae2bd04e7795f840cb62265f08000e2bd57e3f86cfa56113e11edcbff8b307ba998c7bafbc16aae87fe98d35d83257b87eadc6575adbeec6e5ed337e70b62a92a13952e07b00b40415622b14014dff39fc3d52e6e9320663512c84342", &(0x7f0000001440)="3f1ddb071f276c3f9008a91d82a7255381acca89b79841a1419af603648f2f69faf572c8fa0bd96942ec75c8c7c5a0b18ccf3ee6614c246f8554de6dd6250d4078a03e8bbe63665f66ab429446f88b6175432c93f6515d88bea1f46968726c0d1146f871b01cb8acc6c3066d8241b607a164ba1d867de34219a08f1ba65d6450e671871aa3493e08db9c5f639d37f2c06c178afc2235815d6e26e0"})
keyctl$auto(0x5, 0x0, 0x0, r5, 0x0)
ioctl$auto(r0, 0x6f2d, 0xffffffffffffffff)
ioctl$auto_BLKRAGET(0xffffffffffffffff, 0x1263, 0x0)

7m27.437030996s ago: executing program 4 (id=1720):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
syz_clone(0x40100100, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
prctl$auto(0x3e, 0xfffffffffffffff7, 0x0, 0x1, 0x0)
sendmsg$auto_NL80211_CMD_SET_MULTICAST_TO_UNICAST(0xffffffffffffffff, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/scsi/device_info\x00', 0x48041, 0x0)
write$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000140)="22edd92f26639ec0023a8686bd579dcf16f50e9bfa20abfa3ae55be8b5f870918621c10d9e916f6fe4fca6d7515871f05cc91f4246f6515662789a97d863c26cfd02b1cf15933b053fbdab9b", 0x4c)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x10, 0x80002, 0x0)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000240), 0x48000, 0x0)
openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r2, &(0x7f0000000100)='/d-:\xe7J\x00'/23, 0x1eb07fd)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x1, 0x3, 0x1000000, 0x80000001, 0x7, 0x6d3c, 0x5, 0x2, 0x1f]}, 0x0)
socket(0x2, 0x80002, 0x73)
read$auto(0x3, 0x0, 0x80)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r3 = io_uring_setup$auto(0x406, 0x0)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
getrandom$auto(0x0, 0x6000000, 0x3)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/vmallocinfo\x00', 0x100182, 0x0)
bpf$auto(0x8000004, &(0x7f0000000000)=@link_update={0xa, @new_prog_fd=r1, 0x0, @old_prog_fd=0x13b}, 0x8000a3)
socket(0x11, 0x80003, 0x300)
io_uring_enter$auto(0x3, 0xa84, 0x80000001, 0xa, 0x0, 0x46)
io_uring_enter$auto(r3, 0x7, 0x7ffffffb, 0x3, 0x0, 0x3)
move_pages$auto(0x0, 0xa, 0x0, 0x0, 0x0, 0x2)

7m23.3136868s ago: executing program 4 (id=1727):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
uname$auto(0x0)
close_range$auto(0x2, 0x8, 0x0)
r0 = socketpair$auto(0x1e, 0x24, 0x8, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a4, 0xffff)
mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000)
r1 = socket(0x2, 0x2, 0x88)
madvise$auto(0x405, 0xffffffffffff0001, 0x15)
sendmsg$auto_NL80211_CMD_STOP_NAN(0xffffffffffffffff, 0x0, 0x815)
sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_ID(0xffffffffffffffff, 0x0, 0x240080c5)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
writev$auto(r0, 0x0, 0x7)
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001)
mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0x5, 0x0)
chdir$auto(&(0x7f0000000000)='}[,&*}\x00')
r2 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
mmap$auto(0x0, 0x8, 0xe1, 0x209b72, 0x7fffffff7f, 0x8000)
getdents$auto(r2, 0x0, 0x400018)
readv$auto(0x3, 0x0, 0x1)
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, r1, 0x2ffffffffffd)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
r3 = socket(0x1d, 0xa, 0x7)
r4 = socket(0x11, 0x6, 0xffffffff)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'vcan0\x00'})
bind$auto(0x3, &(0x7f0000000040)=@nfc={0x27, 0x0, 0xffffffffffffffff, 0x4}, 0x6a)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'vcan0\x00', <r5=>0x0})
connect$auto(0x3, &(0x7f00000000c0)=@can={0x1d, r5}, 0x18)
sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x404c0c0}, 0x80)
bind$auto(r3, 0x0, 0xfffffff8)

7m22.889129752s ago: executing program 4 (id=1730):
mlockall$auto(0x7)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x9, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff)
openat$auto_iommufd_fops_main(0xffffffffffffff9c, 0x0, 0x80001, 0x0)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002dbd7000f9dbdf250100000005000d001000000005000700100000f0080009009c781e2108000a000800000014001f000000000000000000c0feffff0000000014002000ff01faffffff000000000000000000000600020001"], 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x400c004)

7m21.468881577s ago: executing program 4 (id=1733):
mmap$auto(0x0, 0x400008, 0xfffffffffffffffa, 0x9b72, 0xffffffffffffffff, 0xfff)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop13\x00', 0x207c1, 0x0)
mmap$auto(0x4, 0x40009, 0xdf, 0xfffffffffffffff7, 0x7, 0x28000) (async)
mmap$auto(0x4, 0x40009, 0xdf, 0xfffffffffffffff7, 0x7, 0x28000)
write$auto(0x3, 0x0, 0x8000006)
write$auto(0x1, 0x0, 0x80000000) (async)
write$auto(0x1, 0x0, 0x80000000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x300, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xc, 0x9a, 0x800007fffffff, 0x6, 0x0, 0x10000, 0x1, 0xffffffffffffffff, {0x2100000000, 0x10000}, 0x3, 0x6, 0xfffffffffdffffdd, 0x1008000, 0x0, 0x80000004, 0x0, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x1800}) (async)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xc, 0x9a, 0x800007fffffff, 0x6, 0x0, 0x10000, 0x1, 0xffffffffffffffff, {0x2100000000, 0x10000}, 0x3, 0x6, 0xfffffffffdffffdd, 0x1008000, 0x0, 0x80000004, 0x0, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x1800})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x800, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000ac0), 0xffffffffffffffff)
sendmsg$auto_TCP_METRICS_CMD_GET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000006c0)=ANY=[@ANYBLOB="148e00066a4f8d4518426d474df651d9c3c66ec05da71419177eaf180fc921776a3cdba366bc782698733a8e2b583982", @ANYBLOB="a7b3dda567b40ceed7128fdddb9c58a0b1fcb999874875079d47a29124959cb9ed4bfed277aa799e84f67ecec9ce88c2e05e280737cf239f0da8cb29aab14bed3cac61cc45159c398424dc8af8c4f71247e6dbfa6dd2febda18f5bae923c02a3c7c6ef3034d872958234cdce37560f3bbaec359183a7263232c248bea9e2f889f8d660190247455516f4d46beb08cc821e21ceaa3885b162138be45c13203446c46ff241bbaa90cf1be7f505cedbbd5bb948a2e907c75230683e314e210f62e1b7879d93aca25cf0a193256f1dfe02ba76e8a3a277fb47053589e37913ffa2fc5a4daaa3c5cf3968cd3757c8fa18a164d686530e6587a42dcbac3dc5f4932204a7854798df943d71a8532439c15c1839c93b1b8b7621ad7639", @ANYRESOCT], 0x14}, 0x1, 0x0, 0x0, 0x24000000}, 0xc0) (async)
sendmsg$auto_TCP_METRICS_CMD_GET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000006c0)=ANY=[@ANYBLOB="148e00066a4f8d4518426d474df651d9c3c66ec05da71419177eaf180fc921776a3cdba366bc782698733a8e2b583982", @ANYBLOB="a7b3dda567b40ceed7128fdddb9c58a0b1fcb999874875079d47a29124959cb9ed4bfed277aa799e84f67ecec9ce88c2e05e280737cf239f0da8cb29aab14bed3cac61cc45159c398424dc8af8c4f71247e6dbfa6dd2febda18f5bae923c02a3c7c6ef3034d872958234cdce37560f3bbaec359183a7263232c248bea9e2f889f8d660190247455516f4d46beb08cc821e21ceaa3885b162138be45c13203446c46ff241bbaa90cf1be7f505cedbbd5bb948a2e907c75230683e314e210f62e1b7879d93aca25cf0a193256f1dfe02ba76e8a3a277fb47053589e37913ffa2fc5a4daaa3c5cf3968cd3757c8fa18a164d686530e6587a42dcbac3dc5f4932204a7854798df943d71a8532439c15c1839c93b1b8b7621ad7639", @ANYRESOCT], 0x14}, 0x1, 0x0, 0x0, 0x24000000}, 0xc0)
preadv$auto(r0, &(0x7f0000000040)={0x0, 0xfffffffd}, 0x7, 0x8, 0x5)
socket(0x10, 0x1, 0x1) (async)
socket(0x10, 0x1, 0x1)
socket(0x1, 0x5, 0x0)
socket(0x2, 0x6, 0x0)
epoll_create$auto(0x4)
socket(0x2, 0x4, 0x100) (async)
socket(0x2, 0x4, 0x100)
socket(0x28, 0x1, 0x0)
openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/block/nbd12/hctx0/sched_tags_bitmap\x00', 0x20083, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0xd, 0xd, 0xffffffffffffb7f1, 0x9, 0x2, 0x15f4da0d, 0x1, 0x3, 0x300000000000000, 0x7fffffff, 0x7, 0x6d3c, 0x5, 0x2]}, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sysinfo$auto(0x0)
r4 = socket(0x2, 0x6, 0x0)
getsockopt$auto(r4, 0x10d, 0x1, 0x0, 0x0) (async)
getsockopt$auto(r4, 0x10d, 0x1, 0x0, 0x0)

7m20.668369033s ago: executing program 33 (id=1733):
mmap$auto(0x0, 0x400008, 0xfffffffffffffffa, 0x9b72, 0xffffffffffffffff, 0xfff)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop13\x00', 0x207c1, 0x0)
mmap$auto(0x4, 0x40009, 0xdf, 0xfffffffffffffff7, 0x7, 0x28000) (async)
mmap$auto(0x4, 0x40009, 0xdf, 0xfffffffffffffff7, 0x7, 0x28000)
write$auto(0x3, 0x0, 0x8000006)
write$auto(0x1, 0x0, 0x80000000) (async)
write$auto(0x1, 0x0, 0x80000000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x300, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xc, 0x9a, 0x800007fffffff, 0x6, 0x0, 0x10000, 0x1, 0xffffffffffffffff, {0x2100000000, 0x10000}, 0x3, 0x6, 0xfffffffffdffffdd, 0x1008000, 0x0, 0x80000004, 0x0, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x1800}) (async)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xc, 0x9a, 0x800007fffffff, 0x6, 0x0, 0x10000, 0x1, 0xffffffffffffffff, {0x2100000000, 0x10000}, 0x3, 0x6, 0xfffffffffdffffdd, 0x1008000, 0x0, 0x80000004, 0x0, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x1800})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x800, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000ac0), 0xffffffffffffffff)
sendmsg$auto_TCP_METRICS_CMD_GET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000006c0)=ANY=[@ANYBLOB="148e00066a4f8d4518426d474df651d9c3c66ec05da71419177eaf180fc921776a3cdba366bc782698733a8e2b583982", @ANYBLOB="a7b3dda567b40ceed7128fdddb9c58a0b1fcb999874875079d47a29124959cb9ed4bfed277aa799e84f67ecec9ce88c2e05e280737cf239f0da8cb29aab14bed3cac61cc45159c398424dc8af8c4f71247e6dbfa6dd2febda18f5bae923c02a3c7c6ef3034d872958234cdce37560f3bbaec359183a7263232c248bea9e2f889f8d660190247455516f4d46beb08cc821e21ceaa3885b162138be45c13203446c46ff241bbaa90cf1be7f505cedbbd5bb948a2e907c75230683e314e210f62e1b7879d93aca25cf0a193256f1dfe02ba76e8a3a277fb47053589e37913ffa2fc5a4daaa3c5cf3968cd3757c8fa18a164d686530e6587a42dcbac3dc5f4932204a7854798df943d71a8532439c15c1839c93b1b8b7621ad7639", @ANYRESOCT], 0x14}, 0x1, 0x0, 0x0, 0x24000000}, 0xc0) (async)
sendmsg$auto_TCP_METRICS_CMD_GET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000006c0)=ANY=[@ANYBLOB="148e00066a4f8d4518426d474df651d9c3c66ec05da71419177eaf180fc921776a3cdba366bc782698733a8e2b583982", @ANYBLOB="a7b3dda567b40ceed7128fdddb9c58a0b1fcb999874875079d47a29124959cb9ed4bfed277aa799e84f67ecec9ce88c2e05e280737cf239f0da8cb29aab14bed3cac61cc45159c398424dc8af8c4f71247e6dbfa6dd2febda18f5bae923c02a3c7c6ef3034d872958234cdce37560f3bbaec359183a7263232c248bea9e2f889f8d660190247455516f4d46beb08cc821e21ceaa3885b162138be45c13203446c46ff241bbaa90cf1be7f505cedbbd5bb948a2e907c75230683e314e210f62e1b7879d93aca25cf0a193256f1dfe02ba76e8a3a277fb47053589e37913ffa2fc5a4daaa3c5cf3968cd3757c8fa18a164d686530e6587a42dcbac3dc5f4932204a7854798df943d71a8532439c15c1839c93b1b8b7621ad7639", @ANYRESOCT], 0x14}, 0x1, 0x0, 0x0, 0x24000000}, 0xc0)
preadv$auto(r0, &(0x7f0000000040)={0x0, 0xfffffffd}, 0x7, 0x8, 0x5)
socket(0x10, 0x1, 0x1) (async)
socket(0x10, 0x1, 0x1)
socket(0x1, 0x5, 0x0)
socket(0x2, 0x6, 0x0)
epoll_create$auto(0x4)
socket(0x2, 0x4, 0x100) (async)
socket(0x2, 0x4, 0x100)
socket(0x28, 0x1, 0x0)
openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/block/nbd12/hctx0/sched_tags_bitmap\x00', 0x20083, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0xd, 0xd, 0xffffffffffffb7f1, 0x9, 0x2, 0x15f4da0d, 0x1, 0x3, 0x300000000000000, 0x7fffffff, 0x7, 0x6d3c, 0x5, 0x2]}, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sysinfo$auto(0x0)
r4 = socket(0x2, 0x6, 0x0)
getsockopt$auto(r4, 0x10d, 0x1, 0x0, 0x0) (async)
getsockopt$auto(r4, 0x10d, 0x1, 0x0, 0x0)

3m42.781904599s ago: executing program 3 (id=2249):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
bind$auto(0x3, 0x0, 0x6a)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x40080, 0x0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x9, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r0, 0x0, 0xa3d9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002dbd7000f9dbdf250100000005000d00100000000500070010000000080009f09c781e2108000a000800000014001f000000000000000000c0feffff0000000014002000ff01faffffff000000000000000000000600020001"], 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x400c004)

3m41.410114586s ago: executing program 3 (id=2251):
setsockopt$auto(0x3, 0x6a, 0x7, 0xffffffffffffffff, 0x3)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/arp\x00', 0x101000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$auto_IOAM6_CMD_DEL_SCHEMA(r1, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x34, r2, 0x2, 0x70bd2d, 0x25dfdbfe, {}, [@IOAM6_ATTR_SC_ID={0x8, 0x4, 0x2}, @IOAM6_ATTR_SC_ID={0x8}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0x2}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0xffffff81}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000040)
pread64$auto(r0, 0x0, 0x8, 0x8000)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
unshare$auto(0x40000080)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
socket(0x11, 0xa, 0x300)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0xa)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x9)
mincore$auto(0x1000, 0x8001, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x806, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "00000000000000ff00"}, 0x55)

3m39.007440044s ago: executing program 3 (id=2256):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/irq/default_smp_affinity\x00', 0xc0000, 0x0)
pread64$auto(r0, &(0x7f0000000040)='\x00', 0x8, 0x1ff) (async)
mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) (async)
keyctl$auto(0x2000000000000017, 0x100, 0xdd6a, 0xfffffffffffffffe, 0x4) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000001c0)={0x38, r2, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@ETHTOOL_A_FEATURES_WANTED={0x9, 0x3, 0x0, 0x1, [@generic="ecd180b54a"]}, @ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x24004840}, 0x4000000)

3m38.271658213s ago: executing program 3 (id=2259):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
shmctl$auto_IPC_SET(0x7fa, 0x1, 0x0)
r0 = gettid()
r1 = socket(0x2, 0x1, 0x0)
openat$auto_ptdump_fops_(0xffffffffffffff9c, 0x0, 0x24c0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r2 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0)
ioctl$auto(r3, 0x2285, r2)
syz_genetlink_get_family_id$auto_nl80211(0x0, r1)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mlock$auto(0x3, 0xfffffffffffffffa)
process_vm_readv$auto(r0, &(0x7f0000000040)={0x0, 0x2}, 0x4, &(0x7f00000000c0)={0x0, 0x100000000000002}, 0x3, 0x0)
r4 = openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter\x00', 0x40001, 0x0)
write$auto_ftrace_event_filter_fops_trace_events(r4, 0x0, 0x0)
openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/trigger\x00', 0x1, 0xffeb)
r5 = setfsuid$auto(0xee00)
setreuid$auto(r5, 0x0)
socket(0x10, 0x3, 0x0)
pipe2$auto(0x0, 0x80)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
setrlimit$auto(0x1000000007, 0x0)
keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8)

3m36.495267395s ago: executing program 3 (id=2261):
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/hwdep\x00', 0x20000, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffe, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
memfd_create$auto(0x0, 0x7)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
read$auto(0x3, 0x0, 0x80)

3m35.390794879s ago: executing program 3 (id=2264):
r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
ioctl$auto_XFS_IOC_OPEN_BY_HANDLE(0xffffffffffffffff, 0xc038586b, &(0x7f0000000300)={<r1=>r0, &(0x7f0000000040)="5c521ef5d9235438cb1253c686ba3cbc81f636e61ea2d99b47177337ac4dea2e9def6974041321632061e3586e0f212d35661a9701d2bbf8df25aec682ce99fefa84569c0d535e24427a0a09a077b9b5e5dc50ed3a6183afe80af8f82f85ee49e89408715dbba18103364505d9aebbfcbb36f21b2cace99be726ba47d38f5705211335229ecb08d8919a5b8337e0fbc464658038be964e5f8533c450617446b5463543cc60825be139fdb609282844465f88ddfa69aa0733dd66f4eb302d9fa99d4a6205c2220339", 0x0, &(0x7f0000000140), 0x80, &(0x7f0000000200)="5ffa721ca0195ddae40bf90e96e8cf23ce49471d4624a25dcf1673c95dc4792bc5a5f890cd4dc824ce6de27b8c058c2ea3721679a6f7f37128e8d7ecdc73745a609e8d3ec8044a12cb88c0d2c71e1bcbdc73c2f7921d1c758bd52fa8cad3003334b4e2b88fb46e0752d1693efe99102f552817433661727316b4b3dc36bdf82df447e8f72f", &(0x7f0000000180)=0x1})
ioctl$auto_BLKZEROOUT(r1, 0x127f, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/platform/dummy_hcd.5/driver_override\x00', 0x16e03, 0x0)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
r2 = open(0x0, 0x22040, 0x75)
r3 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100)
copy_file_range$auto(r2, 0x0, r3, 0x0, 0x21c1, 0x0)
mmap$auto(0x4, 0xf58, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x2aa82, 0x0)
mmap$auto(0x0, 0xffffffff, 0xda, 0x9b72, 0x7, 0x5)
io_uring_setup$auto(0x4, &(0x7f0000000280)={0x1, 0xd, 0x800ef, 0x9, 0x0, 0x6, 0xffffffffffffffff, [0x7, 0xc, 0x4], {0x2, 0x4, 0x0, 0x2, 0x80007, 0x0, 0xfefffffa, 0x8, 0x23}, {0x2, 0x7, 0x1, 0x9010, 0x3, 0x7ffffff8, 0x1, 0x8, 0x6}})
r4 = getpid()
process_vm_readv$auto(r4, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0)
prctl$auto(0x23, 0x7, 0x1ff, 0x68, 0x0)
move_pages$auto(0x0, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
ioctl$auto(0x3, 0x400454ca, 0x38)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mlockall$auto(0x7)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000840), r5)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
setgroups$auto(0xe32, 0x0)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop6\x00', 0x8081, 0x0)

3m19.968145946s ago: executing program 34 (id=2264):
r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
ioctl$auto_XFS_IOC_OPEN_BY_HANDLE(0xffffffffffffffff, 0xc038586b, &(0x7f0000000300)={<r1=>r0, &(0x7f0000000040)="5c521ef5d9235438cb1253c686ba3cbc81f636e61ea2d99b47177337ac4dea2e9def6974041321632061e3586e0f212d35661a9701d2bbf8df25aec682ce99fefa84569c0d535e24427a0a09a077b9b5e5dc50ed3a6183afe80af8f82f85ee49e89408715dbba18103364505d9aebbfcbb36f21b2cace99be726ba47d38f5705211335229ecb08d8919a5b8337e0fbc464658038be964e5f8533c450617446b5463543cc60825be139fdb609282844465f88ddfa69aa0733dd66f4eb302d9fa99d4a6205c2220339", 0x0, &(0x7f0000000140), 0x80, &(0x7f0000000200)="5ffa721ca0195ddae40bf90e96e8cf23ce49471d4624a25dcf1673c95dc4792bc5a5f890cd4dc824ce6de27b8c058c2ea3721679a6f7f37128e8d7ecdc73745a609e8d3ec8044a12cb88c0d2c71e1bcbdc73c2f7921d1c758bd52fa8cad3003334b4e2b88fb46e0752d1693efe99102f552817433661727316b4b3dc36bdf82df447e8f72f", &(0x7f0000000180)=0x1})
ioctl$auto_BLKZEROOUT(r1, 0x127f, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/platform/dummy_hcd.5/driver_override\x00', 0x16e03, 0x0)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
r2 = open(0x0, 0x22040, 0x75)
r3 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100)
copy_file_range$auto(r2, 0x0, r3, 0x0, 0x21c1, 0x0)
mmap$auto(0x4, 0xf58, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x2aa82, 0x0)
mmap$auto(0x0, 0xffffffff, 0xda, 0x9b72, 0x7, 0x5)
io_uring_setup$auto(0x4, &(0x7f0000000280)={0x1, 0xd, 0x800ef, 0x9, 0x0, 0x6, 0xffffffffffffffff, [0x7, 0xc, 0x4], {0x2, 0x4, 0x0, 0x2, 0x80007, 0x0, 0xfefffffa, 0x8, 0x23}, {0x2, 0x7, 0x1, 0x9010, 0x3, 0x7ffffff8, 0x1, 0x8, 0x6}})
r4 = getpid()
process_vm_readv$auto(r4, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0)
prctl$auto(0x23, 0x7, 0x1ff, 0x68, 0x0)
move_pages$auto(0x0, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
ioctl$auto(0x3, 0x400454ca, 0x38)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mlockall$auto(0x7)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000840), r5)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
setgroups$auto(0xe32, 0x0)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop6\x00', 0x8081, 0x0)

3m7.355547621s ago: executing program 1 (id=2307):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0)
mbind$auto(0x9, 0x84, 0x4, 0x0, 0x80000000, 0x7f)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0)
shutdown$auto(0x200000003, 0x2)
mlockall$auto(0x7)
madvise$auto(0x0, 0x2000040080000004, 0xe)
r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x20401, 0x0)
mmap$auto(0x0, 0x8000, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x4604, 0x0)
modify_ldt$auto(0x1, 0x0, 0x10)
modify_ldt$auto(0x807ff0000000000, 0x0, 0x40100000000aa)
recvmmsg$auto(0x3, 0x0, 0x86873cbd, 0xa, 0x0)
getrandom$auto(0x0, 0x6000000, 0x3)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000)
pread64$auto(0xffffffffffffffff, 0x0, 0x20000000001, 0x7fff)

3m2.674330837s ago: executing program 1 (id=2311):
r0 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, 0x0, 0x2dc08f24db163610, 0x0)
openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x40901, 0x0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x9, 0x81, 0xdfffffffffff628e, 0x6, 0xdeb1, 0x808})
socket(0x2b, 0x1, 0x1)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3db)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x4a801, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000)
openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, 0x0, 0x12000, 0x0)
socket(0x3, 0x5, 0x5)
r2 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/mtd0ro\x00', 0x2000, 0x0)
sendmsg$auto_SMC_NETLINK_DISABLE_SEID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, 0x0, 0x1, 0x70bd26, 0x8}, 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x810)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_FLOW_CMD_GET(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYRESDEC=r0], 0x24}, 0x1, 0x0, 0x0, 0x40010}, 0x800)
ioctl$auto_MTDFILEMODE(r2, 0x4d13, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, &(0x7f00000002c0)="3098412d1d2a21f9821bbb6575682f4fa969d6d8f51ad133eb2fb3cd698bac435177fc1942f009b507130df5d599f4ff6031c5518c8e660d59059846f0326039e724f62ba81e019302f5")
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
r4 = eventfd$auto(0x34b)
readv$auto(r4, &(0x7f0000000380)={0x0, 0x8}, 0x4)
read$auto(r4, 0x0, 0xcc9c)
r5 = socket(0xa, 0x5, 0x84)
sendto$auto(r5, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe80fffe000000fe"}, 0x1c)

3m1.387331372s ago: executing program 1 (id=2314):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
r1 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D1p\x00', 0x800, 0x0)
ioctl$auto_SNDRV_PCM_IOCTL_STATUS_EXT64(r1, 0xc0984124, &(0x7f0000000040)={0x4, "c42cc15c", 0x3b3b9ddb, 0x35, 0x5, 0x3, 0x0, 0x3, 0x6, 0x4, 0x3, 0x8, 0x7, 0xa9d7, 0x4, 0xe34e, 0x8, 0x7, 0x9, "1be26a85fca732531c61aa963d5c5c7bdb30eee6"})
mlock$auto(0x1000, 0x6)
mlockall$auto(0x800000000000005)
madvise$auto(0x0, 0x200007, 0x19)
close_range$auto(0x2, 0x8, 0x0)
mlockall$auto(0x7)

3m0.111359s ago: executing program 1 (id=2317):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/dri/vgem/name\x00', 0x40000, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nlctrl(0x0, 0xffffffffffffffff)
r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000540), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_GET_RADIO(r0, &(0x7f0000001900)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f0000000580)={0x14, r1, 0xf3e97f51700e57cf, 0x70bd28, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x884}, 0x8000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
read$auto(r0, &(0x7f0000000000)='*`@\\!#.\\\x00', 0x3)
r3 = socket(0x10, 0x2, 0x4)
write$auto(r3, 0x0, 0x2fb)
syz_genetlink_get_family_id$auto_batadv(0x0, r2)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket(0x2, 0x3, 0xc)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
ioctl$auto(0xc8, 0x801054db, r5)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
sendmsg$auto_NL80211_CMD_SET_WIPHY(r4, 0x0, 0x20040894)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101040, 0x0)
mmap$auto(0x0, 0x40000a, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x8, 0x4000000000df, 0x44eb1, 0x6, 0x300000000000)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', <r8=>0x0})
sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r6, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000080)={0x28, r7, 0x4, 0x70bd2a, 0x25dfdbfc, {}, [@ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}, @ETHTOOL_A_COALESCE_RX_USECS_HIGH={0x8, 0x13, 0x6}]}, 0x28}, 0x1, 0x0, 0x0, 0x4089c}, 0x4000080)
madvise$auto(0x0, 0x20000a, 0x4)
pread64$auto(0xffffffffffffffff, 0x0, 0x594c, 0x7)
r9 = openat$auto_debugfs_devm_entry_ops_file(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/cec/cec16/status\x00', 0x101140, 0x0)
close_range$auto(r9, 0x8, 0xfffffff7)

2m57.908553011s ago: executing program 1 (id=2320):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
mmap$auto(0x0, 0x20009, 0x7, 0xeb1, 0x405, 0x8000)
r0 = socketpair$auto(0x1a, 0x4, 0x8000000000000000, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_START(0xffffffffffffffff, 0x54a0, 0x0)
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[], 0x18}}, 0x0)
connect$auto(0x3, 0x0, 0x54)
mmap$auto(0xffff, 0x20007, 0x6, 0x10000026050973, r0, 0x1010000)
mmap$auto(0x0, 0x101, 0xde, 0x9b70, 0x7, 0x28000)
openat$auto_show_traces_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/available_tracers\x00', 0x40000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8000, 0x0)
io_uring_setup$auto(0x1, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x8000)
r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
open_tree$auto(r1, 0x0, 0xfff)
io_uring_register$auto(0x2, 0x6, 0x0, 0x86)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0xc0189436, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x0)
unshare$auto(0x40000080)
r3 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$auto(r3, 0x40005504, 0xffffffffffffffff)
mknod$auto(&(0x7f00000003c0)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5', 0x20e9, 0x103)
madvise$auto(0x110c230000, 0x8031ca, 0x9)
socket$nl_generic(0x10, 0x3, 0x10)

2m53.596091374s ago: executing program 1 (id=2324):
r0 = openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000040), 0x2003, 0x0)
bind$auto(r0, &(0x7f00000015c0)=@l2={0x1f, 0x400, @any, 0xffff}, 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x1580, 0x0)
socket(0x10, 0x2, 0x0)
r2 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000001500), 0xffffffffffffffff)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd7000fedbdf2502", @ANYBLOB="cf92346d144c76e6d310eb66d5b1a41675c7b8106687b7cdb236e753e9e37d05ab2235afeade5f2f0e618c0aff3f8abecc8152e66677f25158dcb651e680aa555abbf1fb87fa1e3a8765d0ba9d6c3cb8f4bcbf044bfb2c3996b9f2614110ac44b81055537504bae5d60bf0b7d6c47042ed3d3705ba07f80a545f4161ccf7654c8c"], 0x1c}, 0x1, 0x0, 0x0, 0x44020}, 0x850)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8000)
mmap$auto(0x0, 0x10000, 0x4000000000db, 0xeb1, 0x2, 0x8000)
read$auto(0xffffffffffffffff, 0x0, 0x20)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000000)=ANY=[@ANYBLOB='b\f\x00', @ANYBLOB="01002abd7000fcdbdf25140000000c0001", @ANYRES32, @ANYBLOB], 0x38}, 0x1, 0x0, 0x0, 0x881}, 0x4000)
r4 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000340), 0x8200, 0x0)
ioctl$auto_SW_SYNC_GET_DEADLINE(r4, 0xc0105702, &(0x7f0000000380)={0x3})
shmctl$auto_SHM_LOCK(0x1, 0xb, &(0x7f0000001540)={{0x1, 0x0, <r5=>0xffffffffffffffff, 0x81, 0x2, 0x7, 0x5}, 0x8, 0x0, 0x0, 0x200, @inferred, @raw, 0x6, 0x0, &(0x7f0000001640)="40dc80791d1456d9b38a7c08c8406992d89d99d312aaf7373de5be63ed1112c83fc2656f4e5737e7f4a97f0de2cac19076e51cfcb764fbdc4681c759158af4590cdafbb9d4f3c9ab98512389017ad0ce7efa9aaef7ddf7311acc05dae68d8489703945ab49c49abd10e770a08325b4c571d5630ea0e8d5a6e6ca8422167d9a24cacfe8c73203a78912308f560f6ceae2bd04e7795f840cb62265f08000e2bd57e3f86cfa56113e11edcbff8b307ba998c7bafbc16aae87fe98d35d83257b87eadc6575adbeec6e5ed337e70b62a92a13952e07b00b40415622b14014dff39fc3d52e6e9320663512c84342", &(0x7f0000001440)="3f1ddb071f276c3f9008a91d82a7255381acca89b79841a1419af603648f2f69faf572c8fa0bd96942ec75c8c7c5a0b18ccf3ee6614c246f8554de6dd6250d4078a03e8bbe63665f66ab429446f88b6175432c93f6515d88bea1f46968726c0d1146f871b01cb8acc6c3066d8241b607a164ba1d867de34219a08f1ba65d6450e671871aa3493e08db9c5f639d37f2c06c178afc2235815d6e"})
keyctl$auto(0x5, 0x0, 0x0, r5, 0x0)
ioctl$auto(r0, 0x6f2d, 0xffffffffffffffff)
ioctl$auto_BLKRAGET(0xffffffffffffffff, 0x1263, 0x0)

2m38.78885141s ago: executing program 5 (id=2346):
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000001080)='/proc/sys/kernel/random/boot_id\x00', 0x0, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0xc01)
madvise$auto(0x8000000000000000, 0x6, 0xfffffffb)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/hwdep\x00', 0x20000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5)
prctl$auto(0x53564d41, 0x0, 0x0, 0x0, 0x0)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4)
read$auto(0x3, 0x0, 0xf3c)

2m38.118026497s ago: executing program 5 (id=2348):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop12/queue/nr_requests\x00', 0x80302, 0x0)
sendfile$auto(r1, r1, 0x0, 0x2)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
stat$auto(0x0, &(0x7f00000000c0)={0x8, 0x2, 0x5, 0xb4f, 0xffffffffffffffff, <r2=>0xffffffffffffffff, 0x0, 0x6, 0x2, 0x6, 0x9, 0x6477, 0x1, 0x10000, 0xfffffffffffffff9, 0xffffffffffffffff, 0xfff})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'batadv_slave_1\x00'})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r3)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r5=>0x0})
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYRESHEX=r0, @ANYRES16=r4, @ANYRES16=r2, @ANYRES32=r5, @ANYBLOB="04007d80", @ANYRES8=r0], 0x20}, 0x1, 0x0, 0x0, 0x11}, 0x400c0c0)
syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000f40)={'batadv0\x00'})
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
socket(0x2, 0x2, 0x0)
r6 = socket(0x2, 0x1, 0x0)
r7 = socket(0x2a, 0x2, 0x0)
ioctl$auto(r7, 0x8912, 0x38)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x175)
socket(0x2, 0x1, 0x106)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
socket(0x2, 0x1, 0x106)
listen$auto(0x3, 0x81)
sendmmsg$auto(r6, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
shutdown$auto(0x200000003, 0x2)
close_range$auto(0x2, 0x8, 0x0)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)

2m30.667798058s ago: executing program 5 (id=2352):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4$auto(r0, 0x0, 0x2, 0x0) (async)
mmap$auto(0x0, 0x20009, 0x7, 0xeb1, 0x405, 0x8000) (async)
mmap$auto(0x0, 0x2020007, 0xffffffffffffffff, 0x8000000000000eb1, 0xffffffffffffffff, 0x8000) (async)
socket(0x2b, 0x1, 0x1)
listen$auto(0x3, 0x81) (async, rerun: 32)
accept$auto(0x3, 0x0, 0x0) (async, rerun: 32)
socket(0x21, 0x2, 0x2)
setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) (async)
statmount$auto(0x0, 0x0, 0x227, 0x0) (async)
r1 = open(&(0x7f0000000040)='./file0\x00', 0x40841, 0x8)
write$auto(r1, 0x0, 0xeffd) (async)
madvise$auto(0x7ff, 0xfffffffffffffb7f, 0x15)
sysfs$auto(0x2, 0x10000000000002a, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000340)='/proc/fs/lockd/nlm_end_grace\x00', 0x48041, 0x0) (async)
lseek$auto(0x3, 0x7fffffffffffffff, 0x1) (async, rerun: 32)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) (async, rerun: 32)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) (async, rerun: 64)
madvise$auto(0x110c230000, 0x8031ca, 0x9) (rerun: 64)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async, rerun: 32)
madvise$auto(0x0, 0xfffffffffffefffd, 0x17) (async, rerun: 32)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x3, 0x0) (async)
madvise$auto(0x0, 0x20499d, 0x9) (async)
futex_waitv$auto(&(0x7f0000000000)={0x8, 0x5d94, 0x4, 0x4}, 0x77, 0x0, 0x0, 0x62bd) (async)
madvise$auto(0x108000, 0x40800034, 0x9) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) (async, rerun: 32)
write$auto(0x3, 0x0, 0xfdef) (rerun: 32)

2m28.898063142s ago: executing program 5 (id=2353):
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x20000, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
read$auto(0x3, 0x0, 0x80)

2m28.079296994s ago: executing program 5 (id=2356):
r0 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0)
bpf$auto(0x6, 0xffffffffffffffff, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socketpair$auto(0xfff, 0x5, 0x10, 0x0)
ioprio_set$auto(0x3, 0x0, 0x4b34)
madvise$auto(0x1ffff000, 0x7, 0x100000000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000)
sysfs$auto(0x2, 0x4d, 0x0)
fsopen$auto(0x0, 0x1)
syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff)
flock$auto(0x6, 0x1)
r1 = socket(0xa, 0x1, 0x84)
ppoll$auto(&(0x7f00000002c0)={r1, 0x1, 0xd75}, 0x2, 0x0, 0x0, 0x8)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r4=>0x0})
sendmsg$auto_NL80211_CMD_SET_WIPHY(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002dbd7000fddbdf250800030008000300", @ANYRES32=r4], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097f751b33e}, 0x80)
sendmsg$auto_NL80211_CMD_GET_COALESCE(r1, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x3c, r2, 0x4, 0x70bd29, 0x25dfdbfb, {}, [@NL80211_ATTR_WDEV={0xc, 0x99, 0x5}, @NL80211_ATTR_COLOR_CHANGE_COLOR={0x5, 0x130, 0x8}, @NL80211_ATTR_STA_EXT_CAPABILITY={0x9, 0xac, "dd424b1054"}, @NL80211_ATTR_OPER_CLASS={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000051}, 0x0)
mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x8001, 0x2)
shmget$auto(0xa, 0x10563, 0x568d1af2)
madvise$auto(0x0, 0xffffffffffff0004, 0x19)
read$auto_proc_pid_maps_operations_internal(r0, &(0x7f00000010c0)=""/4096, 0x1000)
close_range$auto(0x2, 0x8000, 0x0)

2m25.513639391s ago: executing program 5 (id=2359):
r0 = socket(0x2a, 0x1, 0x0)
ioctl$auto_FUSE_DEV_IOC_BACKING_CLOSE(0xffffffffffffffff, 0x4004e502, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x1, 0x1, 0x1000009, 0x3, 0x22, 0x940, 0x9ffde, 0x5, 0x6, 0x3ff, 0x9, 0x1000, 0xfff, 0x4, 0xb0, 0x8, 0x9, 0x3, 0x5, 0x6, 0x6, 0xffffffff, 0x0, 0x3, 0x80, 0x0, [0x3, 0x5, 0x200000000, 0x3ff, 0x0, 0x500, 0xfffffffffffffffd, 0x8, 0x3, 0x0, 0xc72, 0x7ffffffffffffffd, 0x0, 0x1, 0x0, 0x0, 0x40000000004, 0x5, 0x1000000800, 0x0, 0x0, 0x0, 0x9, 0x10000040000000, 0xcea, 0x0, 0xfffffffffffffffc, 0x800000, 0xfffffffffffffffa, 0x8, 0xffffffffffffffff, 0x2, 0x4001, 0xfffffffffffffffd, 0x0, 0xb548, 0x8, 0x0, 0xfffffffffffffff9, 0x0, 0x6c1a, 0x1, 0x0, 0x9f, 0x0, 0x3]}, 0x200, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000)
r1 = socketpair$auto(0x1a, 0x10000001, 0x9, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
r3 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/netdevsim/netdevsim1/health/break_health\x00', 0x101, 0x0)
write$auto(r3, 0x0, 0xef)
read$auto(r2, 0x0, 0x20)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
epoll_ctl$auto(r0, 0x9, r1, 0x0)
writev$auto(r1, &(0x7f0000000040)={0x0, 0x8}, 0x80000003)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f00000000c0), 0x600, 0x0)
socket(0x2, 0x801, 0x100)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r4 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x20100, 0x0)
r5 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(r5, r4, 0x0)
r6 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video0\x00', 0xa200, 0x0)
ioctl$auto(r6, 0xc0585611, r6)
sendmsg$auto_MAC802154_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, 0x0, 0x60000000)
unshare$auto(0x40000080)
mmap$auto_mon_fops_binary_mon_bin(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2000000, 0x10, 0xffffffffffffffff, 0x7f)

2m10.383271889s ago: executing program 35 (id=2359):
r0 = socket(0x2a, 0x1, 0x0)
ioctl$auto_FUSE_DEV_IOC_BACKING_CLOSE(0xffffffffffffffff, 0x4004e502, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x1, 0x1, 0x1000009, 0x3, 0x22, 0x940, 0x9ffde, 0x5, 0x6, 0x3ff, 0x9, 0x1000, 0xfff, 0x4, 0xb0, 0x8, 0x9, 0x3, 0x5, 0x6, 0x6, 0xffffffff, 0x0, 0x3, 0x80, 0x0, [0x3, 0x5, 0x200000000, 0x3ff, 0x0, 0x500, 0xfffffffffffffffd, 0x8, 0x3, 0x0, 0xc72, 0x7ffffffffffffffd, 0x0, 0x1, 0x0, 0x0, 0x40000000004, 0x5, 0x1000000800, 0x0, 0x0, 0x0, 0x9, 0x10000040000000, 0xcea, 0x0, 0xfffffffffffffffc, 0x800000, 0xfffffffffffffffa, 0x8, 0xffffffffffffffff, 0x2, 0x4001, 0xfffffffffffffffd, 0x0, 0xb548, 0x8, 0x0, 0xfffffffffffffff9, 0x0, 0x6c1a, 0x1, 0x0, 0x9f, 0x0, 0x3]}, 0x200, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000)
r1 = socketpair$auto(0x1a, 0x10000001, 0x9, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
r3 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/netdevsim/netdevsim1/health/break_health\x00', 0x101, 0x0)
write$auto(r3, 0x0, 0xef)
read$auto(r2, 0x0, 0x20)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
epoll_ctl$auto(r0, 0x9, r1, 0x0)
writev$auto(r1, &(0x7f0000000040)={0x0, 0x8}, 0x80000003)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f00000000c0), 0x600, 0x0)
socket(0x2, 0x801, 0x100)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r4 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x20100, 0x0)
r5 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(r5, r4, 0x0)
r6 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video0\x00', 0xa200, 0x0)
ioctl$auto(r6, 0xc0585611, r6)
sendmsg$auto_MAC802154_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, 0x0, 0x60000000)
unshare$auto(0x40000080)
mmap$auto_mon_fops_binary_mon_bin(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2000000, 0x10, 0xffffffffffffffff, 0x7f)

1m2.463022921s ago: executing program 0 (id=2450):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8402, 0x0)
mmap$auto(0x0, 0x4020007, 0xfff, 0xeb1, r0, 0xffffffffffffff7d)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mprotect$auto(0x1000, 0x400000, 0x4)
nanosleep$auto(0x0, 0x0)
madvise$auto(0x0, 0x2003f0, 0x15)
mlock$auto(0x5, 0xffff)
r1 = socket(0x18, 0x3, 0x7)
r2 = socket(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r3=>0x0})
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r3}, 0x6a)
mmap$auto(0x0, 0x6, 0xdf, 0x9b72, 0x2, 0x8000)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'vcan0\x00', <r4=>0x0})
connect$auto(0x3, &(0x7f00000018c0)=@can={0x1d, r4}, 0x18)
mmap$auto(0x0, 0x4, 0x4000000000df, 0xf9a, 0x401, 0x300000000000)
msgctl$auto_MSG_INFO(0x21d, 0xc, &(0x7f0000000080)={{0x2, 0xee01, 0xee01, 0x0, 0x2, 0x6, 0x401}, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffff4f, 0x7c4, 0x1, 0x9, 0x8, 0x10, @raw=0x100, @inferred=0xffffffffffffffff})
waitid$auto_P_PGID(0x2, 0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000240)={{0x2, 0x3}, {0x8000, 0xd}, 0xb3, 0xe, 0x8, 0x82, 0x9, 0x1, 0x9, 0x80000000, 0x7, 0x0, 0x5, 0x49, 0x1, 0x6})
msgrcv$auto(0x0, 0x0, 0xffc, 0x7ff, 0xb1)
rseq$auto(0x0, 0x8000, 0x0, 0x6)
socket(0x21, 0x2, 0x0)
r5 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x2a02, 0x0)
io_uring_setup$auto(0x6, 0x0)
write$auto(0x3, 0x0, 0xfdef)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0xaf, 0x6, 0x401, 0x3174, r5, 0x403)

1m1.287885575s ago: executing program 0 (id=2452):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000480)={0x28, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NBD_ATTR_BACKEND_IDENTIFIER={0x5, 0xa, '\\'}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xaa24}]}, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x8880)
close_range$auto(0x2, 0x8, 0x0)
shmctl$auto(0x81, 0xc0f, &(0x7f0000000140)={{0x8, <r2=>0xee00, 0xee01, 0x40, 0x9, 0x6, 0xdf}, 0x4000000, 0x940, 0x1, 0x4, @inferred, @raw=0x9, 0x6, 0x0, &(0x7f0000000100)="29f41f134bb0ec166ff99fcd7ab412f335f6517e83578bfc789549ac3e019a0f83bfcbe048afeab5915cbc1c419b261b78", &(0x7f0000001200)="3a8111bc0b01cfee3e16f6700b27cbf106584bc9bacd769795954ab9550994e78a4f567f6cdb70f139fd3ea313466bc60bcb7520600e39d038579257205e7f594ef9c83b6d2d5b214eb832b733f730729b12aa8b77e3a4df9f0a9eefed5223ca75582170ea6cde5af430563d5f6206b03592ad53b521eb5084eab8a49df9c42d38ef98d84cb5a035f6c59bc8ba6d6460aa6d3f5838123a3c075ab79b9b29ee2f85167f7f2ffdda5cccdc987fb19d931cca7dc66e0c6b9cfdd839899a1d051f5c1a629dca0314e99314056bebdfdde383c53765b1090380b80110381bcb9803dfbb66675b5a51bc0ef4e8d2934f450cd3b5031d6fd08ab732ba96cb53010ca3258a6c0ba1c214b7cbbfa6d8181483ec31c09d7ac0d52b1a7e7479ebc65f64164b09f56a2194ce8d98a97d7f7b33ac292f73897820355280217f9a8f36216fc72b0aee4b17c62d5d641de99bd877f6bb2347b63ec6aa4252bba1e25c689530b0725c5f41975a1f101d119e098e4262c0024c65f5c0c8804ba95c3f9bb45958ed6f0910a1272c45536f036707310c0ff663e865969a88e81a18b8f4ee5cae46c4e98f9b1a0c46e50248595b10dc48c922017e4190cc920a25da7305485af2a8e0fd39cff0d0ba7ade6e18ae812f96b5eff65d0f93ec0a4ed18b1dc71cf840102365a73420831b137b801032936cb2e8d6d83bef3cc9cda2116496d7335e15b6e5b82a3d8c4519284f6670935eb12f538f829c11dd248e61c3d9ced643ae2a8239d008432d4fd4151641b36bf31cf053832a96b9e180918e6e5b125e8f73b12afda7b3ca157598cb9b2d5f80349fbae03ba773b9d901a923e97aa5b80fb650951bf5a4587249c87a3191d19852688f6022b6caa828fb65d1b7a6b25b575f98d74a4a52a3e4619c397184a69ae3aefbc41ff83a7f31023665168cc796bf27908b68445cb1a003c7e40a69d1ebac2153deb860fb392692f0eac5a152f84afe2f6b9397599fb17b387164190aca42a7bcf9591590e622a6f1a5ca6259d0521e295be228e5f6e8e0a1aa83c751b98fd765a471ced2e68c5996564f82dbc8cd2e96a0175cefbb6e6cc6a7ffde412f56e4fba8d2b035f1ab98b1b52628a0fa2d7bb64fafa9e43adbe03977f5d7df39c2238c0e05fe076df5365255ce1752eb86beb5f3333f90fe153cd24d9c6344e4f2deb8befdb3abd03ae5ff4ffe56c32ad336ab5e06c6147e5a9c1560eea9207ed0243a3cc7dc921e184875e2f8a50abd5eb1cca5ac2bab35cabccaf269612332d78b0bc107bdd4cbc31ab31c5bf01f36d1041ec2ef29e78596f82f94ca3376626e361e4bafaffb9b774b46199fab4b2e544152045115bf3dd081b10108d6405c878d61ef6ee0fd4f607afb831ac059a67e9bffa9686326320e4eeb4515ceca60015e2e1fbecb8d7c9071c9bcc33cbc3f153e1d2a8d0069ecf3d23f989ea9ddeba415f8b9a2959d80870177ec8172e48989498ddba60b7f26c165138f233ed62129c431a5450db97826e62e0a03129ffc310234b073ad3227f11149cdd5df4ae55839a68bcc6e2eccc7e2dee4b2333a774207959e7628f03816530d4fb66fe921dc03893ae0a3d7f1a3e9fed83abd7f642cfba6730ccf20bf6eed5e8c24ab10fdd94e0550d043e58cb55b4b384d7cc0b3a589b50969bb87ea405ce54f49ba7053d58be4596a62e3c186401b190e70ec8618bfcb3a4053086de43fc577aa71439e96e3a274ba1cbde739355269a7ba3298bb1f64ab3ac184e1b0fdb46c08c15b3c5479601ea2a3e2573444b401d1dc64898891ea96641b7c2e7f5755d32694286861691cd68a8939907fe4bd043af1a128ead3818c51fc354ffbc073dc068c3c27314542e7f136f2a2ccb30bddf27d0e2940532014ce2b03a158c890b2d254cb2ed397a7a57e4594bf8087679950b0a71814efdabee8bb2a9d398e8addc3f462915b3db0674eac199cd0c80834775769169d925338e4c4ddb3d2dc60f3b019f64188b809ac72143d15f5c1422ca3769797bb8e42388f6042fbc888a9e89b9160b2915e47b3bd148cc2cf3fabe3a50de5448a81e9eb1f7ee13d5e9ca00ac22feebdaa53fb9216d27221b65a22be1db42ea14f63894ea0665188a40327bccacbed0923c7e16c680f8c48fc6419105d27f72c40723b4f488a28794f63d87f35473ed3c0a6dc99465fb6f379c571f57e72c37caab36d6eeb49c7091130e5c5da7b4d29b54cc3f06d4e4b96caf6438e9d5f33bbc231efab4a176901f0b7f921abbddd10886e72dfdf5ba79412218554ef8e94e16df0c135a5e8328892c02005432e9c4c2e0da87c54853bb19fb07a0c50a77eecdae9195773ced2db02e3572c724e7893dbce3898469d3c049a01e764064f152844bc687c5aa43c2e263f8f180cee5cf0d0621a0ea7be2d09dda76d5c1bd608a3ba27fdbedbae4da215dd8f62528e2ec14813bcc98ef76f84265c75dac741931bb851c708623691e00f14e6466a2eb208f055b3599286f306e3f03c75388a7e9392d9d14b27f0f9cca4e1b363cacd7bcdb825cca5b12b4bafb96b7de7ef21cd57928ce01ced4fcd9b333f3d1b66c2105a604c28278aa931003e649a8d7f0c1309491af7fdb1f130fc937e634b4ff89b87342350914e2c6f9d45a5b9cafd104766a17205d6fa5b8a27eb68f4abe918f6f64a89c64bbfdf78b26c4fc45bf7e5568720af99f9798ad43771128d81998dceb0321dd00a8e66709f8e0ec14aaa8177b8e6fbe206c4493f95cd2ab3b9b8d27ee9bfec62e7c2ee63bdb68dd9dfc9b30671dfaa2103cad15b6698688530517e6764e16a8f4c6bf54a1d6b1e1106b9bca5cc549b4ca08e6bab4160874f25f4be831cd3c2fe391c9f4b87a152408abd01c56e96328d43b9d481bc8f8cd8d807993d10f1da8c8e60b3b3c80c50c55970af12054ea110ec249369aa4c5a753f16dedf77aa8e1ff7ef5f7083f655fd5ad0946360bdea9bc88edb31d604662164596d1636d02a86600d3e392c60ad8fc0734725dcfa7072981b77a6bf011e24ee123be3070c7e0c4b36b14f03ed5c5d731dac94a0aab7f8b29586e88ae252149ed6440e0cd3e3a00647c5209e2db5a02ae0cc4891e121c91a22f7676156872f6d078891ff2758dac1626bde52b6527fa3474db3ebd9812108cff577f57dd6931c0e6600347e872775880583fa171374d6d7cf6b414efac2031b3dd04c01c34b8355324f819a8c34923ecb70454248eb55750ae6c8d83c3f58de59ce71c7306a4c7819f196d1b1413501e7de5e63fce9f4ae0f3cf737ef99683cad56c8a69bb217e89e715a190a6a9fe393178f06c2343d80aaf998c97296812d81407f97dc9b6789839c54b571432d4e81e214c640db59efd700a80fa176ad51060bdd0d1410598eee14dd02c71624c367275f2a7e061410e0937694ed9af99b034d82422a78c3352d06f5edd2df825bc68627ee7ce094abe94e5726cbe152f877c1b31d9001ef227c537db431b317479294ad0710522c7e4eee32722c2fd51dec92c9baabfd68bb3d43fd75a0cce1e747a7e44541318a0165ee20e41781a1ff5d3df50da4940d63a57f9d5f1e0550698bdc5f5ac30df504ccea357d7d93f8dc7d603d6ff601a427f3f3a6b43b230247411684ffa01034007e8bd041f2b40b065d4d76c7e92c3a7315741d62c63b045d86cbc1e7b7a26cd48e6bc5f665abf90a8ed5781755e829fb04c6cc5ac7abb3217909e2d2d86759684ff1338643b4fd02d03d72a19f19e2f22ce8f2839c30d66104cf172ed36e8009a0f3627e12b33ab72c1174b9a0bd1cf2ef583e04b3e48a590b8743d73f854958998ec4df889b6d5e8c9d8a8d0fe13a01c11f1f82ad2cef9031a42260ac51743747584eee26c9cf8fee5296cc2cfe65686156fbb07e7766876cf07f26171f1b144fdeedb56d526267cfd18a3759e008cf1071c104841ec86620fc6aabadcf74daac3761bf28392847d1ed33e68a31157d95cc118e573ff663bacf178fee9948f1dadecd27d643f3f8be37935a92bd1e9b00b2095869683d118a58658a3bbf0409de57c31724ca56412dd3cd84323bf89e230f06522af8e9c47ad418c002ab5d33e2cc9f09991f890cefead0133c25e0735ae5c2e5c778b6e4e02fa16e8b93c7f22e2320e11c056c83b7cd75b3e0eb561f7afb0c6ce9b197cecebc1836eedd3ec6eb8721b09b35120c9a8b1e2073a70eccf4ed433523b6e9ef40a164cb6969d012016a2fc0f85b7df59b0fb1377106df624b255a15054b8d37b74d7c14d2400e45fbd7ebe94b781269d4ef33aa9fdb54491b45cbc094f0ae28edf7c00717ee8cf11d67988ce6d6164028d31afbac9df2f12d29eb92734081badc7ff44439b6af636cc83e3ebe2d5de2f6848ac38d57548635d8536df4b72a3aa0a27dd58c1cbf8489209721d90a689a4e7f650a1e4923aa897cb6e21d7433e21e8d2e90912840c489588c83e622d56725b7430ec1a7d350268881da2d9c67cb2373e9712371265efe2b27b59ad37f143257f68a9bc506dd674c86e71d2062f34e78b42d564dbfe48a40f17218e2bc26a347d46e1f17d9428db8e1e85b4e568b157c5df787cc0f5dbe287386ea20b8b92cb24303e44c5bfdfaf4edccf1cfbc82c5b33d85a5f10f7f56ada36dc93f02ba492b071dd1ee33fe9d3adc9ecdd6d11ef018c77230e833edd7df24535b024e3bc67885d0e952f04e113cea46b9d56647e54a34c74c21d4394a7c18125c43cf6f0c724b20429e1f10ba6779bcb524b4c9d376aba1e2a86ba464238ec1c0561efa0c2adad6b594eccff54b251b3fa2718897b92b12d99323cfe1eb3cdf1b45bc05cf5274b8c1a6a5d6909be7e4c3dc8690363c4732a80a99ae2ff3b0571d20942503b6ce7c2f420d26110884901dd8e4096c98e1314a9fcfe5352a64aab1746290c71bfde7694eebe2f491921c6a01a737fabb07d6197c4bbb0f2cc27b08e45b4576e58f9a1c67406a43800e3bfea00599e8ce21ce96ac3f8a211ad509d15d52744f3a661e70fb118a7b631a8d1f600ed1766162f6fb10b51f85beea77d4e0e26caa0f383a193eb528da1b15480a45f18fdc2a43ee39b964f2b841fde2a136ca02579781a5cd2b83205fa5921d5de97a87bd89861d6051e31be8a550c535c88d88b906214b7c36f187e92fe323b16f7f0cf1cc32f1c542860a378ed80bf156e3995cb1b4d7b0cb8451f9cc7daf1f9d009884c396ad6f700a129fcfd9a51120bf7d15c000d489fc90ce868361a50f485a34c8808c5a99eec69647a8295d9b85733289d1a2007b6d495961ec0c811fe556801df6ac8e0fa913743b8114783e4068ccef3ecac97eeccd71449006ef186fb07eb86057b30c43c63e966b35a80e7eb438f1df59bc949d8aa6d6a701f2293451a1ec0468bd6b2fe09cca6cd53370db87b2184acf810ed45342d767a646c52a6bf7e80707c007299c73504ea1ff68c2fe1e41202d283b95b75ee6a60defb25eb98fb5941c2697ddabdace02125b5d60a4c3b2c5a7580c94508155c4441e9b06e77ea080795134b024c9670e833f25ffaa4585769c1b44b590974621d491e0589ec8e4907801f88505cecd11dfdaf2ef0d0d0acfe4d94c8f81c579188c8fc9c6ea92f4c062e27cf5a1f5f2154422fb2e42665fa25742ef85bebce26cc469000c0d0aebb4e47c939f3d2b449dcb28c6dbea26d391ae6e35b580a40f2265d855c5d09f09367172d3179afd65f4e8240fac95b33586dc86f51969d8461afc5380f38721d0d211a35c6383c0d13a51b3678cc519bd"})
shmctl$auto_SHM_STAT(0x0, 0xd, &(0x7f00000001c0)={{0x7, <r3=>0xffffffffffffffff, 0xee00, 0x8, 0x2, 0x4, 0x5}, 0x5, 0x6, 0x7ff, 0x4, @inferred, @raw=0x5, 0x3, 0x0, &(0x7f00000002c0)="9031bb6b311b2515bba268c2b3d53f403b18fe7d72918ed9bb9390e9d8ffe47c568d84178f8770c865d6d5a8a749d8440476c8ab5bf55f6536452d7ca56473602f3cc46d76ca9691ed442b30aa6a6bcaddc157574fa398150cdf196e7d8a24d638f6917b3b333291941c84758ff54aba78b5bfe3a569bba08b944818f036f7c24deac5c7736eea693f1edf40c71f73e8c777f81443e560090bfb6f63e52180c799f86c6ae15e33c2e17575bcb0b181707797d8f42510f273d38c11a6bde4acddbc7198bd0ce30f6978fa7b1fcb4d5542d5c7809ce302c038e99fd6cccbd3f37589fb1edba02842352b", &(0x7f0000002200)="ef862a4c2a07991e54a64dc6462084615f21f77f7baed9139ea6bf0d33d91dbb02453193121c000d431d4a66f597c976bc048b3de68601426a755b99959ac2bc2c5d294d867bbf508336d0a79df1a06b8c078defe633b6d4813b108a7b8cce22d956736786bb8c9c6831298f3ee9fad97bb1002eafe979c83fd5f024116640903e37e499a8155ef63cc1c0a9cfadd8d1140dd6171f4b580e5dab89fa34a284194ee7be48d79c3fdad2d47d3ece438cad60064137ff77913ee3a737a6c2ec87f11058d837c5ea9527aed040018a04d0fb3478921e45da77a3e6fe11c4d6f0672b4ed101827806834c82e4e075bed8aeaffbc3da6fbb1a2b8d503ced3831abbcb671c931c8dc9999a8b48ed6af1ebb20c8d0c7cd45487d888ca6757720d8e97ce7e51ff232d12e1566d8b764a9f805e574ccd7728d1c53501720c48b6a88df9523051e73252095b123b24d52d33cb9c20a510d5288d8261b2eac6b23349761c51b8c6480499fc580bba68a052d3c07af7789ff945cf7b877f7ce83563e4be052bc8c51f0406ac8e7f73bd163c9dfa4f72a683d1b61ef369a7685c331890fa58281795de61b1c95130469530aef3179d001beb35b1e771360ad509d6b0e2c136ebc58cb710b15c0cfe88d87404db2a205f66e9b7dae6fbb7c1062e203d295a788468a29c34c96fb9a5b4950bab2506b387f1c84c9c3d063cb4abff1ce4ab4dcb7ee761b37c337331340d0359cf6432d1a209c934af961d405038912c298919431dd7881483ebddf567cb2b668eaf364fa22a5cacbd0ee42c6d372bbc6ce21f380053f1a2cb463e4d3edfb2285c35427b561eed911e8af1cb48cc3db8f87feeb20b1907c597c90714570d5fa3269541bc3243c83e4fbf779d81f62669739065ac2b2bcbb93a778f7c6ba1518e94cd615560ec1178ed6c66c0b526c966af863a1612388928ba1dcaf861dac566bce7aaf110f88074dcc4fd26a943f7add867c009ca958321be1d903b0c8de7a2da9f826ecea6d58fa20f48f880fbd7dab52b4f332432d533426c4ceb1b8d2238bd3806e789d536141e398ef09f806d34aee55d5858767dacda05f103d9e1e3d309c8d408a18f4b753363bc871f6e707dc5fe2cb1e2a7975ca0fe3f7fbb3d4ca134c9c618f65550a9f8e1834833c7bc47b3fda5b9049f4a64c44d6718e49b7533084a6d0a27cc81a89e7cf8e712329e85bb66e10de272b20a1ee8248c4681b998bae431fb3f0795dc1a2f918feece64c1a0a53d003a8432fb6b62a0cdfb0d7c60f903eecce8f892f49b0fac80fe67fa083712b6b385c2d353daf6c778fbda0bf6aa7b126acb331da1a63c8f7dd3388cf8a033040ca9e740850ec91d08e111f45a71a8d2c7826a9ec8e139a51fb7e4c35b979894be3783b5e9964e8dc86c3e021468af7ab1e9b8149b4245c5e44377c03ac9b7902eff2fb397c5d79abf3734b11c37c6725d7433bc2f844b4c0bd8e3c894c5caffcfde2e366c368f70bb0fe7d28558f01e8c18dc6f6243acb60085e95d89da9f324a71a8f19573689b290cd8c3577ccaa13daaccebd6a1ca7a2bb4e3a869de5615dbf1997ffddc11ae2cf4259c5de9fe489317bbb761903c2874b4e7add311c4375fc2b72c29b7e814f95b0a34e370e6e4ef3a8720f00a4f8f1e0526c9d943183bff10ea9b5e4ac94cdb60a090464d799e1cd27363f1eeccc200453992f476892d1d73c2f8b56aad50e68b22eba39de1ef46407215804476569eff077b67eae7450de35e13c93070b600b119735818f8ee05aa590ca355fd1f42ff35a4b1aaa2c58cfa62d0cea90d4e37cf08de7d2274a8b1278f94805cb30e34032ed28983f7d04ce2f7656a4d24864889b086a3345839ce66a3bdd87b7f8801b6e7b287a0982342cefe0fa1ce8087d18da8121ab1d176cc2fb7bd1fcef2593aa97a0d723cca22f9b42869b5dca2ce541da8b6b232b26eb76b4d1ea36198a8cd9b6493624c16a02b4aaf08586fdfabe3b20198e29cd7ed2db52361250b4b3058c10751e8d1169fe97e74fbf54d616873a97a59c223a01253bba28339db33b06f1dff265bbd3e87809f947d72da03591891fec24de8b8845c2519af02d50c3d3fa4eff48c48caf229da837d70e2f54441ac6b78646bc9a43e067642aec8ed01a478ab11aa7adfac73c87dacd79a1d760b1cfb3c4f2ccd0d80c0080476fb388b11704c017ea0267152986814935979bbef55f789443266bf52b771b04693e2343e3d4d0c1e3bc90671521c8d44270947e44fb90c2b371b4a0cfad38951f79474cb495dd2ebc2420075ebe34f72e759a1907f5a963548bf17973d6047fe0118aea737e63d8c8d22723ce591a94532d243a8a56de9ec526aa2c8f7aa115c0515d031cd1f8b6371df225ed6a6b8d48da6643d31845eceb382544ab65a5b9dcfb79d2d6751e42828498c03fd3b906f4b8950a484ba5d1049f5d19f4c46f61dbf02780df03fc1e41210185713513366eafa059849d9c365733daa3ca10b8377c0720349686644bb8ca7b8c528a1c48d7815b8625518f16f1418ec8ee72c6f8ba46c2dbb34bfffa2d859ea8153b8bd7f244c1f06445bffaf609f7cc1d4bdf86919a008baf6c16f642b876492a0cb4af0b759f2f547a0a5150729cea0ca5ebfd341364c3729f47aa6ddfca8347fcb92325f35cc33d427caf5507b0328058063ac35f59db4cf41e41a3d18fbfa8e92da952287613857be8971d4c6f0d8d0a37a14c4cae3fa9067f58a8475ad61c7074bdfec8cf75dd9ef2a3d44f8ab521683b687c6e6e11da73f069b88e67c1863101038409e0bbac62e0416da8700e7410bef01f7e446ec19281c9936fa211c4e54af55ed6af63a1f99226ecbff4dcd7a74763ea21b52c69f9bc2a48c132728b1acf0c0e928f5bcc3b228786b9f0b7467abdbafb13874d6518b64beadab998c1364af498efd74bfba070dd86b6ca60f9af2bb927b618bc3f638e8386a62b94755522eeb5e5df1a5266f35db2ddfc57b08e37a03ddb8fe7ba0694b2ff4b39d971e773659f0c74169325633a773eb8d683c74429d7aea573c8fe5967b2bc1dd9b801a13bd15e1d4e3bc48962670ec6ba36c4ee97e8766c59e7553dcc53aeb3842f56df7911e0cbf33b3ac932ca5ce82984550594374515840abbccafc8f457e97356606add1787750783d744f4a907db978bb1e1150ef35439103aa81495cb3e688fa4121e44b9cec5a03146ef3d9c318b65fa0a47bbd9cc3499b0c944dfe5e1464335903e51648845afe6a8626d05ddd730d4ac08886566d0ea7ea50b1e7a2f8a0080b272911dcf990aeabbeb47f4ad5c309725e4c070b74ff7bfb1fe873b3b960de69a68c80f9d59dc9ae5b76149f6a42e8d9ff5d61975a0b6b2ab272e6a4ee1cdd70f229962b538491d86f38d13284c38df2eab61e82861922091bf15e7cd110f9f366e989f0ab887f85070a9893a24988732d6d2eacdbb52bacc1ade58f1c7ea74fa0c87a5c1d4f2a78d3ef098c0291b54138d75a43d9283e5361294df2f263e792b87930853c6876a21b77827d7417a9023c937f3d36a25c47a168369b0c4c53404098b2178d022a758f483a25949a030f15ecc8363d545f9d98e4914b8a10023f8d31631b66a273d8419ce94064982abb1ffac623ffc36189e36ca2e8c0fd93358b6e94311c8b02bec4d7c2def3f49f0a031b600df611ad47d2a8d58b892a626f5fb932311b0e11eab70f26313e3de71d1bb1df579971506e2a7e9d3d411743b9b328531e6b1c33e386518e5b1c99f87d222a9e6c8cdee950761ac26d55f962c781d82ace3c9d16fa6478976e07d3dc8c7ed8754df6e470b7ff69c3dfe8f47863d18b5ed3c34aeaf6daa1635097ffe8bb1d69b6e60c768a4a6d978ca0aa79d80f41f028b3762f5bd5c74cb6a62f76a6750d92c07d05120ef1dded451e0d9e3b56282e7852e97f3882c89dd3ea075b35c1c7a75e509ce0deefb06a807d1b0281a41d129bfbf9e9e77c3357673980ea6945a3de99a3b7136d6057970b7075ca9ed89c9872269c2d37b0d483ea5c617c1ba4866a93e7d2103593f8119ba967ee45b0fe4eb85c67f9261c3bbc7bee41e8cb16db1d55f57aa61aa628a55d4aa56186eaf2220a53a297dbd6950acc7ab05e520432497eb01d030684a57e04770b24a51f96440797fd2b7aa804f555a8206f7bc10388e3afbdb88836e2d82c50cee63d7318ffc24aebb082cc2e04093e22c1ce67c13322b8ef3e65ad79c146517d7570dae4a3850a6aae5ef9734eda1164387cb2c55082aedc982867d715b987c7296a1d6e97937c05849705fc6670f767860158b346cb5408052c0a20ae2ce058be9ad68a42036b9fb769b2deb9e6931ec053ba7b77666514283d48a5814a699d687d21bee463c60c3dc588e7ea048f981edccb7c0bc5a8c8f874e9190b1ef6a8b4cc5c4d487220e9fc85b4ec324730436afd5b9db684f5a0b796bf00dcf8060e441858583e28bca7ee7e6c4311e5c1e2d02c96e5c845fa171411cf4347f39d684393dd62d68a8b4b2fc1db6c685d087b9a2ea83b0641fda9aa734d50da70eec292cedb8a45c9feaddfa33f4619195a8ea5f34934e8475bbc4c1ead3acb315a45667b819014418dc51311fc0ef82c62eb65e29305731001e953fec50445ac200ad6fffe9af02ebf4bf3929ce06e73c16ba3b5d8e5d3e58a50763c867fc04659fbdfe9d2d4122a8e9ef30bf6ab940eb4e04179a83041280fe22a01c74a6b6a911ce6df95baa43adc94700df4955c3779d043ed8ab48f5178e80b2f93662d08121dc374f4e9e46ebf27f17b4d86ecf52641de7684039b991f11b8ec461f7caf6232c50f1a7e39b27edf9833ca06781688e07789bc26e1d1dfd0055ed5f34e926b8c71a8b93f57eee2275ec4f6432d94551983f81a3806be5cab70b3c9fcf811b4e6b15b2ce6f362b9f6dfc6bef9ccc8b2c79da999e8e04b44a4b885dbd49353becc0590e57b3f4bf9e38822b3a80735f1a8977abddb0ed45e90dba7b76a137f2787808588e70d0b1d3d540bf3ca69eddc9f86a803877e9fec77c42a75650ccf42a79926cec8b81ec14ad3425a9a78fe692bca47ab15f6cb09bd04a085c7f1e57c3a512c5e5bc55b92ae31237516247cdec989a9a4f63d430774cce7d50a5ee3fe934a614c1257fb66fd8f012c09e7146f981f2c384bb54876b453fbabeba3dd5dd4eca500d6070728c67b7bcaf0060fce32868f8a81d4aed6a70ce0d94b50d1b3f16d9938a09ab7ee1da59e36c007ce2a8a694d14b4f4f0a7eaac37ddf162244d19d5d03552ba37a8593125affc3428551fd41cf8d37be903618d8ec78bf1c2c706dfe601d8019ce3232324c8edca65368ee8ac76bdc139630e055765fb9ba4ae353c74dd94559a1f8e52a7041fb71beac1b638c09f390ab4b7a0a15cde3b48a06f5e523259517d4dbc1af3608e7e675de8aae25bb71003cb0d69808d15dbc343cfa74bd7cf5784901cdf00bf7de454c0d21cf421c16bc734f69d0627cac24487a5c98834a514fc8efb1759c8438e204fa25913571007e24bdd2a1580fc4041004f71f2004a6633d779c05aa73ffa68bd9f4e94e541fe16f952d842c6266aa71cb5121c4a2ebcb13346b501763582cab207def85dc802139fe93d48f453c819ebfdff5e370923a428a955e9becaf688761b9069e3d0fbc949614577351c9b966b1a1efe8b2295fac8ab9557953fa27ab34e809c1ce3b9e17cf8820918078025e1b83791ebce9ca360b1c2fb9a939ff0be222d56ace452b23580421c940c317c02ac2cd"})
msgctl$auto_MSG_STAT_ANY(0x78ec, 0xd, &(0x7f0000000400)={{0x9, <r4=>0x0, 0xffffffffffffffff, 0xfffffff8, 0x7, 0x7, 0xb}, &(0x7f0000000240)=0x6, &(0x7f00000003c0)=0x6, 0x6, 0x4, 0xffffffffffffffff, 0x0, 0x5, 0x4, 0x8, 0x8, @raw=0x800, @raw=0x400})
setresuid$auto(r2, r3, r4)
r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0)
r6 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$auto_VHOST_SET_OWNER(r6, 0xaf01, 0x5)
ioctl$auto(r6, 0x4008af03, r6)
close_range$auto(0x2, 0x8, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
madvise$auto(0xb, 0x40, 0x757a5079)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x100, 0x83, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x1f0, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}})
io_uring_register$auto(0x2, 0x1a, 0x0, 0x83)
ioperm$auto(0x7, 0x6, 0x2)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00')
socket(0x15, 0x5, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r7 = getpid()
process_vm_readv$auto(r7, &(0x7f0000000000)={0x0, 0xfff}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000080), 0x1ffffffff}, 0x6, 0x0)

59.680592342s ago: executing program 0 (id=2456):
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x24, 0x940, 0x1ffde, 0x3, 0x6, 0x8000002, 0x9, 0x5, 0x2, 0x4, 0xb0, 0x7, 0x32, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, [0x0, 0x0, 0x0, 0x243efbdf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe6e]}, 0x1fe, 0x81) (async)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00'], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x8000) (async)
mprotect$auto(0x8, 0xac, 0xe1e0058000000000) (async)
r0 = socket(0x25, 0x2, 0xfffffffc)
r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/set_event\x00', 0x20001, 0x0)
write$auto(r1, &(0x7f0000000040)='nbd\x00', 0x4) (async, rerun: 32)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async, rerun: 32)
madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async, rerun: 64)
socket(0xa, 0x801, 0x106) (async, rerun: 64)
mmap$auto(0x0, 0x8, 0x2, 0xfffffffffffffffc, 0x5, 0x0) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'veth1_to_bridge\x00'}) (async, rerun: 32)
r3 = socket(0x10, 0x2, 0x4) (rerun: 32)
sendmsg$auto_NFSD_CMD_THREADS_SET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400c7"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) (async)
splice$auto(0x4, 0x0, 0x2, 0x0, 0x1000, 0xf) (async, rerun: 64)
mmap$auto(0x6, 0x40000b, 0x8, 0x9b72, 0x2, 0x8001) (async, rerun: 64)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
select$auto(0x5, 0x0, &(0x7f0000000380)={[0x2, 0x8, 0xf, 0x1, 0xa, 0x1000, 0x80000000000a, 0x100000001, 0xe, 0x0, 0x4, 0x7fff, 0xffffffffffffffff, 0x5, 0x8, 0x7]}, &(0x7f0000000480)={[0x1000, 0x8d96, 0x1, 0x4199226b, 0x0, 0x4, 0x380000000000000, 0x89ce, 0x5, 0xc2, 0x80000100000000, 0x3, 0xfffffffffffffe01, 0x4, 0x5, 0xffffffff]}, &(0x7f0000000140)={0x3, 0x74e}) (async)
mmap$auto(0x0, 0x6, 0xdf, 0x9b72, 0x2, 0x8000)
clone$auto(0xd2d2, 0x7fffffffffffffff, 0xffffffffffffffff, 0x0, 0x1) (async)
r4 = gettid()
process_vm_readv$auto(r4, &(0x7f0000000040)={0x0, 0x2}, 0x4, &(0x7f00000000c0)={0x0, 0x100000000000002}, 0x6, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x4f, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x20000000}, 0x50020) (async, rerun: 64)
stat$auto(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x0, 0x3, 0x800000004, 0x8000, 0xee00, 0xffffffffffffffff, 0x0, 0x6, 0x4ff, 0x7, 0x800, 0xc, 0xa58, 0x3, 0x2, 0xce, 0x8}) (rerun: 64)

57.675198288s ago: executing program 0 (id=2463):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
bind$auto(0x3, 0x0, 0x6a)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x40080, 0x0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x9, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r0, 0x0, 0xa3d9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002dbd7000f9dbdf250100000005000d00100000000500070010000000080009009c781e2108000a00089eff0014001f000000000000000000c0feffff0000000014002000ff01faffffff000000000000000000000600020001"], 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x400c004)

56.967266624s ago: executing program 0 (id=2459):
r0 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000000), 0x1010c1, 0x0)
mmap$auto(0x8, 0x2020009, 0x10001, 0x18, r0, 0x20000000008000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000840), r1)
sendmsg$auto_OVS_CT_LIMIT_CMD_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB=' .\x00\x00', @ANYRES16=r2, @ANYBLOB="01002ebd5100fbcbdf250100000004000180072e01800a7ef14c9c664f52cfb216f33e99059e4d59085d32ffbb73597fbfcd596d0befac3e86c59fca3131ef90ea6d625b86228179ba"], 0x2e20}, 0x1, 0x0, 0x0, 0x2000c040}, 0x4)
r3 = socket(0x2, 0x1, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}})
getsockopt$auto(r3, 0x6, 0x25, 0x0, 0x0)

56.150378901s ago: executing program 0 (id=2462):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
ioctl$auto_SOUND_PCM_READ_BITS(r0, 0x80045005, &(0x7f0000000040))
r1 = fcntl$auto_F_GET_RW_HINT(0xffffffffffffffff, 0x40b, 0xffffffffffffffff)
write$auto_proc_loginuid_operations_base(r1, &(0x7f0000000300)="9dc4e29815c3dd855a4340428a12ae12c859250e55d63ef492651f515f9a76158c045ff86707a23e18496d5d7129a8e340b7ebcd1806c7b26420ea05cab20eabc25b6240b084785dac9ddeceedcf0c288633b6a40eb3c9a9a00a8140c1a5d3f4418e6820622dc5e8f300f88254e3b7a4052254f9c40b62b89841b2", 0x7b)
r2 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010026bd7000ffdbdf25050000000c00010007000000000000002c00010004000000000000000c00010040000000000000000a00"], 0x50}, 0x1, 0x0, 0x0, 0x4048000}, 0x0)
r3 = socket(0x8, 0x2, 0x6)
sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000040), 0x9, 0xa505}, 0x800}, 0x5, 0x400a)
r4 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00022abd7000fbcadf25020000000800038000"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
process_vm_readv$auto(0x0, &(0x7f0000000040)={0x0, 0x8}, 0xed4, 0x0, 0x6, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000400)=ANY=[@ANYBLOB="1400000056fd263216c09484699dc7e712327ea027a708f0f57cd353f3d82f563e693f6254f767dbe93ce5dec676b395a704e14298b6885335a9a67a97ff9f40e84c0d6aae52baa6ed0ba8b16975af18a53738874fc52a44952e91de747e07ec0d150e40c2f6b15f2d14a8ee72f6f879dc66b43c44948afeaae8430086b58d921ad6a5c4efe9235fa5850aa4bcbcdafd214d0be2ae7810c2bb17a2f883eb46f64f164d2768485a41e8964d50dd1ec3ce82d4c8319bfa142a47d0090ff77be35891bdf8682461708f956598654d2f1e330a417799eb96cb7aa4a6952e25b69632b3bb4af94e74b9dafce6c02bd1b7113ab3a774f1f74a2ad18a9755b59c84bd325510a403d05d6ee5bab5cc3f26fc58742bbe8458b253a4025aa684cf6db3c64ac13ecb1ccbb0c4f5185a5ba1001587f6164d5b8cb3edaa18c5f192848100fa25b9449106cfce839a15e1d641d72a4fe43e6bed27b1", @ANYRES8=r0, @ANYBLOB="01002bbd7000fcdbdf2514000000"], 0x14}, 0x1, 0x0, 0x0, 0x90}, 0x0)
mmap$auto(0x0, 0xfff, 0xdf, 0x15, 0x400, 0x28000)
preadv2$auto(0x3, &(0x7f0000001000)={0x0, 0x9}, 0x5, 0xc7000000000000, 0x50000000007, 0x2e)
r6 = pidfd_open$auto(0x1, 0x0)
open_by_handle_at$auto(r1, 0x0, 0x800)
r7 = bpf$auto(0x0, &(0x7f0000000140)=@bpf_attr_5={@target_fd=r4, r6, 0x1, 0xe, r6, @relative_fd=r1, 0x7}, 0x6f0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="19"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
r8 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000280)='/dev/dri/card2\x00', 0x2a0680, 0x0)
ioctl$auto(r8, 0x64c5, r7)
r9 = pidfd_open$auto(0x1, 0x0)
r10 = open_by_handle_at$auto(r9, 0x0, 0x1000)
r11 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsa\x00', 0x4040, 0x0)
sendfile$auto(r11, r10, &(0x7f0000000040)=0x1, 0x9)

55.694969005s ago: executing program 36 (id=2462):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
ioctl$auto_SOUND_PCM_READ_BITS(r0, 0x80045005, &(0x7f0000000040))
r1 = fcntl$auto_F_GET_RW_HINT(0xffffffffffffffff, 0x40b, 0xffffffffffffffff)
write$auto_proc_loginuid_operations_base(r1, &(0x7f0000000300)="9dc4e29815c3dd855a4340428a12ae12c859250e55d63ef492651f515f9a76158c045ff86707a23e18496d5d7129a8e340b7ebcd1806c7b26420ea05cab20eabc25b6240b084785dac9ddeceedcf0c288633b6a40eb3c9a9a00a8140c1a5d3f4418e6820622dc5e8f300f88254e3b7a4052254f9c40b62b89841b2", 0x7b)
r2 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010026bd7000ffdbdf25050000000c00010007000000000000002c00010004000000000000000c00010040000000000000000a00"], 0x50}, 0x1, 0x0, 0x0, 0x4048000}, 0x0)
r3 = socket(0x8, 0x2, 0x6)
sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000040), 0x9, 0xa505}, 0x800}, 0x5, 0x400a)
r4 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00022abd7000fbcadf25020000000800038000"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
process_vm_readv$auto(0x0, &(0x7f0000000040)={0x0, 0x8}, 0xed4, 0x0, 0x6, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000400)=ANY=[@ANYBLOB="1400000056fd263216c09484699dc7e712327ea027a708f0f57cd353f3d82f563e693f6254f767dbe93ce5dec676b395a704e14298b6885335a9a67a97ff9f40e84c0d6aae52baa6ed0ba8b16975af18a53738874fc52a44952e91de747e07ec0d150e40c2f6b15f2d14a8ee72f6f879dc66b43c44948afeaae8430086b58d921ad6a5c4efe9235fa5850aa4bcbcdafd214d0be2ae7810c2bb17a2f883eb46f64f164d2768485a41e8964d50dd1ec3ce82d4c8319bfa142a47d0090ff77be35891bdf8682461708f956598654d2f1e330a417799eb96cb7aa4a6952e25b69632b3bb4af94e74b9dafce6c02bd1b7113ab3a774f1f74a2ad18a9755b59c84bd325510a403d05d6ee5bab5cc3f26fc58742bbe8458b253a4025aa684cf6db3c64ac13ecb1ccbb0c4f5185a5ba1001587f6164d5b8cb3edaa18c5f192848100fa25b9449106cfce839a15e1d641d72a4fe43e6bed27b1", @ANYRES8=r0, @ANYBLOB="01002bbd7000fcdbdf2514000000"], 0x14}, 0x1, 0x0, 0x0, 0x90}, 0x0)
mmap$auto(0x0, 0xfff, 0xdf, 0x15, 0x400, 0x28000)
preadv2$auto(0x3, &(0x7f0000001000)={0x0, 0x9}, 0x5, 0xc7000000000000, 0x50000000007, 0x2e)
r6 = pidfd_open$auto(0x1, 0x0)
open_by_handle_at$auto(r1, 0x0, 0x800)
r7 = bpf$auto(0x0, &(0x7f0000000140)=@bpf_attr_5={@target_fd=r4, r6, 0x1, 0xe, r6, @relative_fd=r1, 0x7}, 0x6f0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="19"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
r8 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000280)='/dev/dri/card2\x00', 0x2a0680, 0x0)
ioctl$auto(r8, 0x64c5, r7)
r9 = pidfd_open$auto(0x1, 0x0)
r10 = open_by_handle_at$auto(r9, 0x0, 0x1000)
r11 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsa\x00', 0x4040, 0x0)
sendfile$auto(r11, r10, &(0x7f0000000040)=0x1, 0x9)

2.307568253s ago: executing program 6 (id=2506):
setsockopt$auto(0x3, 0x6a, 0x7, 0xffffffffffffffff, 0x3)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/arp\x00', 0x101000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$auto_IOAM6_CMD_DEL_SCHEMA(r1, &(0x7f00000008c0)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x34, r2, 0x2, 0x70bd2d, 0x25dfdbfe, {}, [@IOAM6_ATTR_SC_ID={0x8, 0x4, 0x2}, @IOAM6_ATTR_SC_ID={0x8}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0x2}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0xffffff81}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000040)
pread64$auto(r0, 0x0, 0x8, 0x8000)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
unshare$auto(0x40000080)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
socket(0x11, 0xa, 0x300)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0xa)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x9)
mincore$auto(0x1000, 0x8001, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x806, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "000000000000ffffffffffff9ead"}, 0x55)

1.755645114s ago: executing program 6 (id=2507):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000100), r0)
sendmsg$auto_IOAM6_CMD_DUMP_SCHEMAS(r0, &(0x7f00000000c0)={0x0, 0xa6ff, &(0x7f00000001c0)={&(0x7f0000001ec0)={0x14, r1, 0x721, 0x70bd27, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4000001}, 0x8000)

1.554717364s ago: executing program 6 (id=2508):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd7000f9dbdf250100000005000d00100000000500070010000000080009009c781e2108000a000800000014001f000000000000000200c0feffff0000000014002000ff01faffffff00000000000000000000060002"], 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x400c004)

1.321801078s ago: executing program 6 (id=2509):
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000)
keyctl$auto(0x5, 0xffffffffffffffff, 0x9, 0x5, 0x8)
keyctl$auto(0xf, 0xdfffffffffffffff, 0x69c9, 0x2, 0xbcc)
r0 = io_uring_setup$auto(0x1, 0x0)
futex$auto(0x0, 0x8, 0xa, 0x0, 0x0, 0x80800001)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/hwdep\x00', 0x20000, 0x0)
nanosleep$auto(&(0x7f0000000040)={0x7, 0xfffffffffffffffb}, &(0x7f00000000c0)={0x6e22652000000000, 0x3})
read$auto(0x3, 0x0, 0x80)
getsockopt$auto_SO_PEERCRED(r0, 0xc153, 0x11, &(0x7f0000000100)='\x00', &(0x7f0000000140)=0x40)
sethostname$auto(&(0x7f0000000000)='\x00\x00\x00\x00', 0x5)

991.64784ms ago: executing program 6 (id=2510):
sendmsg$auto_GTP_CMD_ECHOREQ(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="ddffffff", @ANYRES16=0x0, @ANYBLOB="01002abd7000fbdbdf250300000008000100feffffff"], 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x40000d4)
socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x0, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000040)=0x5)
r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0)
r2 = semctl$auto_IPC_SET(0x8, 0xfffff2b4, 0x1, 0x100000000)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000580)={{@raw=0x4, 0xf0f1, 0x20009, 0x9, "790eaa833e2fc65b083cf70500000078ad8eac3cdafc1f64c03643eeb0305300", @raw=0x3}, 0x4, 0x866, 0xf, @inferred=r2, @reserved="93dc447b59575acd2921f655c0eb1922ac28036068d539cd4c64521c8c4ceb79e4457f96f330a9272d035f941b7da6171b7437c48aa8255328a6806868619b6d9b6e32065b5fe1a5a54fb0fd2fe10c1ae4073161bac377d8483ddbb426a908d246e17744d3c59fc452177113857ff1b7166f250a1078b4715b657e44f52b16f7", "6cc1888a63a4f1b4285854c5369fe438f8cc142ef6df1259b073a1183bedbd31b642b4051bc795311121c760cb8211c78e6947a99807bcc100"})
read$auto(0x3, 0x0, 0x80)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x1, 0x3, 0x800000000000eb1, 0xfffffffffffffff6, 0x8000)
socketpair$auto(0x1, 0xc, 0x56, 0x0)
close_range$auto(0x2, 0x8, 0x0)

0s ago: executing program 6 (id=2511):
socket(0x2, 0x3, 0x100)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x9, 0x4, 0x0)
r0 = socket(0x10, 0x2, 0x9)
setsockopt$auto(r0, 0x104000000000010e, 0x1, 0x0, 0x16)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyua\x00', 0x20a04, 0x0)
r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f00000031c0)='/dev/ttyua\x00', 0x109000, 0x0)
read$auto(r1, 0x0, 0x800)
r2 = getpid()
process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0)
prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0)
prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NET_DM_CMD_CONFIG(r0, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000002c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="fe281a056cc5123715f1c7597865cf032a95844a1ab5affdf1a5559287f4124657067b503ee192d71fe386406fcc864d120547614c5de2b1d03d7cb8b039ab45416378412f85949a3e4d74ee16119911ecc4c934a59fb927ba94af73f01ac80a747fbdb4bd37d868dbd71a210d574f6d81640a614ec070bdd00e36cb476dd9898a85e213435127aa3fe7ef411fa4ba4141ce20d80dde040a9ffed0d90bafb5bcc9c45aa12596c91c5c76df0893a5a23195851d63f19688be2c680b0dcd3a3f7b5d954f90aadbfa00"/214], 0x14}, 0x1, 0x0, 0x0, 0x40010}, 0x0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
close_range$auto(r3, 0x8, 0x0)
bpf$auto(0x3, 0x0, 0x5)
r4 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x109002, 0x0)
timer_settime$auto(0x0, 0x8, 0x0, &(0x7f0000000100)={{0xa01, 0x4}, {0x9000, 0x7ff}})
r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/net/ip_vs_app\x00', 0x101000, 0x0)
pread64$auto(r5, 0x0, 0x8, 0xffff)
sendfile$auto(r4, r4, 0x0, 0x10000800000003)

kernel console output (not intermixed with test programs):

 scsi_dev_info_list_add_str: bad dev info string 'failed to read /proc/thread-self/fail-nth' '' ''
[  704.083114][T12245] scsi_dev_info_list_add_str: bad dev info string ' (errno 9)
[  704.083114][T12245] ' '' ''
[  704.434728][T12265] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1600'.
[  709.084416][T12312] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1612'.
[  710.594486][T12331] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1616'.
[  714.218154][T12368] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1626'.
[  715.923588][T12386] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1631'.
[  716.419234][T12400] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1632'.
[  716.878961][T12402] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1633'.
[  717.058756][T12407] random: crng reseeded on system resumption
[  717.743105][T12416] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1636'.
[  719.313953][T12431] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1641'.
[  720.227567][   T30] audit: type=1800 audit(4294968325.731:7): pid=12438 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1643" name="SYSVffffffff" dev="tmpfs" ino=0 res=0 errno=0
[  722.983753][T12467] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1648'.
[  724.385041][T12482] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1651'.
[  725.175776][T12474] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1657'.
[  726.600661][T12515] FAULT_INJECTION: forcing a failure.
[  726.600661][T12515] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  726.727713][T12515] CPU: 0 UID: 0 PID: 12515 Comm: syz.0.1660 Tainted: G     U             6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[  726.727751][T12515] Tainted: [U]=USER
[  726.727758][T12515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  726.727772][T12515] Call Trace:
[  726.727779][T12515]  <TASK>
[  726.727798][T12515]  dump_stack_lvl+0x16c/0x1f0
[  726.727839][T12515]  should_fail_ex+0x50a/0x650
[  726.727860][T12515]  ? __pfx___might_resched+0x10/0x10
[  726.727901][T12515]  should_fail_alloc_page+0xe7/0x130
[  726.727925][T12515]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  726.727962][T12515]  __alloc_frozen_pages_noprof+0x18e/0x2470
[  726.728003][T12515]  ? save_trace+0x53/0xb60
[  726.728033][T12515]  ? add_lock_to_list+0x17d/0x390
[  726.728064][T12515]  ? hlock_class+0x4e/0x130
[  726.728087][T12515]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  726.728137][T12515]  ? __pfx___lock_acquire+0x10/0x10
[  726.728172][T12515]  ? add_lock_to_list+0x17d/0x390
[  726.728199][T12515]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  726.728238][T12515]  ? policy_nodemask+0xea/0x4e0
[  726.728262][T12515]  alloc_pages_mpol+0x1fc/0x540
[  726.728285][T12515]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  726.728306][T12515]  ? __page_table_check_ptes_set+0x16b/0x3e0
[  726.728344][T12515]  ? do_raw_spin_lock+0x12d/0x2c0
[  726.728365][T12515]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  726.728391][T12515]  alloc_pages_noprof+0x131/0x390
[  726.728413][T12515]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  726.728446][T12515]  get_free_pages_noprof+0xc/0x40
[  726.728471][T12515]  kasan_populate_vmalloc_pte+0x2d/0x160
[  726.728504][T12515]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  726.728539][T12515]  __apply_to_page_range+0x5fd/0xd30
[  726.728573][T12515]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  726.728612][T12515]  ? __pfx___apply_to_page_range+0x10/0x10
[  726.728646][T12515]  ? insert_vmap_area+0x2ef/0x4d0
[  726.728675][T12515]  alloc_vmap_area+0x93e/0x2a60
[  726.728714][T12515]  ? __pfx_alloc_vmap_area+0x10/0x10
[  726.728749][T12515]  __get_vm_area_node+0x19e/0x2f0
[  726.728790][T12515]  vmap+0x15a/0x350
[  726.728819][T12515]  ? relay_open_buf.part.0+0x446/0xb90
[  726.728853][T12515]  ? __pfx_vmap+0x10/0x10
[  726.728889][T12515]  relay_open_buf.part.0+0x446/0xb90
[  726.728931][T12515]  relay_open+0x653/0xad0
[  726.728962][T12515]  ? debugfs_create_file_full+0x41/0x60
[  726.728989][T12515]  do_blk_trace_setup+0x503/0xb50
[  726.729017][T12515]  blk_trace_setup+0xee/0x1b0
[  726.729044][T12515]  ? __pfx_blk_trace_setup+0x10/0x10
[  726.729068][T12515]  ? __pfx_snprintf+0x10/0x10
[  726.729114][T12515]  blk_trace_ioctl+0x147/0x280
[  726.729141][T12515]  ? __pfx_blk_trace_ioctl+0x10/0x10
[  726.729171][T12515]  ? trace_lock_acquire+0x14e/0x1f0
[  726.729196][T12515]  ? __fget_files+0x40/0x3a0
[  726.729235][T12515]  blkdev_ioctl+0x109/0x6d0
[  726.729259][T12515]  ? __pfx_blkdev_ioctl+0x10/0x10
[  726.729281][T12515]  ? __fget_files+0x206/0x3a0
[  726.729319][T12515]  ? __pfx_blkdev_ioctl+0x10/0x10
[  726.729344][T12515]  __x64_sys_ioctl+0x190/0x200
[  726.729374][T12515]  do_syscall_64+0xcd/0x250
[  726.729411][T12515]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  726.729445][T12515] RIP: 0033:0x7f7891d8d169
[  726.729463][T12515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  726.729485][T12515] RSP: 002b:00007f7892c85038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  726.729507][T12515] RAX: ffffffffffffffda RBX: 00007f7891fa5fa0 RCX: 00007f7891d8d169
[  726.729522][T12515] RDX: 0000200000000180 RSI: 00000000c0481273 RDI: 0000000000000006
[  726.729537][T12515] RBP: 00007f7891e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  726.729551][T12515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  726.729565][T12515] R13: 0000000000000000 R14: 00007f7891fa5fa0 R15: 00007ffd18c23478
[  726.729593][T12515]  </TASK>
[  727.535346][T12520] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1659'.
[  729.233910][T12542] ubi0: attaching mtd0
[  729.238181][T12542] ubi0 error: ubi_attach_mtd_dev: bad VID header (65536) or data offsets (65600)
[  729.547785][T12545] synth uevent: /module/qat_c62x: unknown uevent action string
[  735.487798][T12578] Invalid ELF header magic: != ELF
[  736.559686][T12595] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1675'.
[  739.187378][T12615] [U] 
[  739.190141][T12615] [U] 
[  739.192865][T12615] [U] 
[  739.195576][T12615] [U] 
[  739.499773][T12615] [U] 
[  739.502525][T12615] [U] 
[  739.505234][T12615] [U] 
[  739.507940][T12615] [U] 
[  739.763185][T12615] [U] 
[  739.765944][T12615] [U] 
[  739.768654][T12615] [U] 
[  739.771366][T12615] [U] 
[  739.928766][T12615] [U] 
[  739.931527][T12615] [U] 
[  739.934240][T12615] [U] 
[  739.936948][T12615] [U] 
[  740.053281][T12615] [U] 
[  740.056048][T12615] [U] 
[  740.058779][T12615] [U] 
[  740.061484][T12615] [U] 
[  740.260407][T12615] [U] 
[  740.263190][T12615] [U] 
[  740.265904][T12615] [U] 
[  740.268609][T12615] [U] 
[  740.542000][T12615] [U] 
[  740.544763][T12615] [U] 
[  740.547473][T12615] [U] 
[  740.550180][T12615] [U] 
[  740.821378][T12615] [U] 
[  740.824132][T12615] [U] 
[  740.826845][T12615] [U] 
[  740.829558][T12615] [U] 
[  741.174505][T12615] [U] 
[  741.177267][T12615] [U] 
[  741.179975][T12615] [U] 
[  741.182687][T12615] [U] 
[  741.356896][T12615] [U] 
[  741.359643][T12615] [U] 
[  741.362354][T12615] [U] 
[  741.365062][T12615] [U] 
[  741.537863][T12615] [U] 
[  741.540618][T12615] [U] 
[  741.543333][T12615] [U] 
[  741.546047][T12615] [U] 
[  741.683124][T12615] [U] 
[  741.685896][T12615] [U] 
[  741.688603][T12615] [U] 
[  741.691321][T12615] [U] 
[  741.883562][T12615] [U] 
[  741.886339][T12615] [U] 
[  741.889056][T12615] [U] 
[  741.891774][T12615] [U] 
[  741.977020][T12634] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1684'.
[  742.053006][T12615] [U] 
[  744.111549][T12653] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1688'.
[  746.107137][T12672] netlink: 93 bytes leftover after parsing attributes in process `syz.0.1694'.
[  746.224122][T12666] netlink: 93 bytes leftover after parsing attributes in process `syz.0.1694'.
[  747.355915][T12649] netlink: 334 bytes leftover after parsing attributes in process `syz.4.1689'.
[  750.753319][T12696] Invalid ELF header magic: != ELF
[  752.736732][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  752.743222][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  754.774474][T12730] syz.4.1708 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  755.475083][T12737] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1707'.
[  757.371719][T12753] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1713'.
[  758.540056][T12759] openvswitch: netlink: IP tunnel dst address not specified
[  758.974032][T12767] netlink: 'syz.4.1716': attribute type 1 has an invalid length.
[  763.428639][T12791] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1722'.
[  765.205883][T12818] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1729'.
[  765.631588][T12822] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1730'.
[  768.283370][T12846] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1736'.
[  768.393321][T12844] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1735'.
[  769.003078][T12852] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  769.014965][T12852] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  769.023290][T12852] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  769.033811][T12852] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  769.043848][T12852] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  769.051052][T12852] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  770.027057][T12850] chnl_net:caif_netlink_parms(): no params data found
[  770.895165][T12850] bridge0: port 1(bridge_slave_0) entered blocking state
[  770.952968][T12850] bridge0: port 1(bridge_slave_0) entered disabled state
[  771.017791][T12850] bridge_slave_0: entered allmulticast mode
[  771.080851][T12850] bridge_slave_0: entered promiscuous mode
[  771.134805][T12852] Bluetooth: hci4: command tx timeout
[  771.175767][T12850] bridge0: port 2(bridge_slave_1) entered blocking state
[  771.247255][T12850] bridge0: port 2(bridge_slave_1) entered disabled state
[  771.293697][T12850] bridge_slave_1: entered allmulticast mode
[  771.347666][T12850] bridge_slave_1: entered promiscuous mode
[  771.571314][T12850] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  771.651609][T12850] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  771.784220][T12877] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1743'.
[  772.024026][T12850] team0: Port device team_slave_0 added
[  772.032271][T12850] team0: Port device team_slave_1 added
[  772.447230][T12850] batman_adv: batadv0: Adding interface: batadv_slave_0
[  772.527962][T12850] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  772.736128][T12850] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  772.799271][T12850] batman_adv: batadv0: Adding interface: batadv_slave_1
[  772.875561][T12850] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  773.068781][T12850] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  773.214048][T12852] Bluetooth: hci4: command tx timeout
[  773.346051][T12850] hsr_slave_0: entered promiscuous mode
[  773.371702][T12850] hsr_slave_1: entered promiscuous mode
[  773.416634][T12850] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  773.476483][T12850] Cannot create hsr debugfs directory
[  773.522478][T12903] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1749'.
[  774.933817][T12850] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  774.997499][T12850] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  775.083528][T12850] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  775.293263][T12852] Bluetooth: hci4: command tx timeout
[  775.330053][T12850] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  776.079753][T12850] 8021q: adding VLAN 0 to HW filter on device bond0
[  776.201030][T12850] 8021q: adding VLAN 0 to HW filter on device team0
[  776.294782][ T2946] bridge0: port 1(bridge_slave_0) entered blocking state
[  776.301887][ T2946] bridge0: port 1(bridge_slave_0) entered forwarding state
[  776.380792][ T2946] bridge0: port 2(bridge_slave_1) entered blocking state
[  776.387990][ T2946] bridge0: port 2(bridge_slave_1) entered forwarding state
[  776.542028][T12850] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  776.685312][T12850] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  777.373860][T12852] Bluetooth: hci4: command tx timeout
[  777.467511][T12850] 8021q: adding VLAN 0 to HW filter on device batadv0
[  778.581670][T12850] veth0_vlan: entered promiscuous mode
[  778.636403][T12850] veth1_vlan: entered promiscuous mode
[  778.788745][T12850] veth0_macvtap: entered promiscuous mode
[  778.859212][T12850] veth1_macvtap: entered promiscuous mode
[  778.968411][T12850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  779.068008][T12850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  779.120825][T12850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  779.174466][T12965] FAULT_INJECTION: forcing a failure.
[  779.174466][T12965] name failslab, interval 1, probability 0, space 0, times 0
[  779.198048][T12850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  779.236260][T12965] CPU: 0 UID: 0 PID: 12965 Comm: syz.0.1765 Tainted: G     U             6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[  779.236298][T12965] Tainted: [U]=USER
[  779.236305][T12965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  779.236319][T12965] Call Trace:
[  779.236326][T12965]  <TASK>
[  779.236335][T12965]  dump_stack_lvl+0x16c/0x1f0
[  779.236374][T12965]  should_fail_ex+0x50a/0x650
[  779.236396][T12965]  ? fs_reclaim_acquire+0xae/0x150
[  779.236428][T12965]  should_failslab+0xc2/0x120
[  779.236450][T12965]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  779.236488][T12965]  ? __pmd_alloc+0xc3/0x870
[  779.236522][T12965]  __pmd_alloc+0xc3/0x870
[  779.236555][T12965]  __handle_mm_fault+0x94a/0x2a40
[  779.236598][T12965]  ? __pfx___handle_mm_fault+0x10/0x10
[  779.236632][T12965]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  779.236682][T12965]  ? find_vma+0xc0/0x140
[  779.236709][T12965]  ? __pfx_find_vma+0x10/0x10
[  779.236741][T12965]  handle_mm_fault+0x3fa/0xaa0
[  779.236781][T12965]  do_user_addr_fault+0x7a3/0x13f0
[  779.236820][T12965]  exc_page_fault+0x5c/0xc0
[  779.236853][T12965]  asm_exc_page_fault+0x26/0x30
[  779.236884][T12965] RIP: 0010:rep_movs_alternative+0x15/0x70
[  779.236913][T12965] Code: cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 83 f9 40 73 40 83 f9 08 73 21 85 c9 74 0f 8a 06 <88> 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84
[  779.236936][T12965] RSP: 0018:ffffc900042c79c8 EFLAGS: 00050202
[  779.236954][T12965] RAX: 0000000000000033 RBX: 0000000000000002 RCX: 0000000000000002
[  779.236968][T12965] RDX: ffffed100faea401 RSI: ffff88807d752000 RDI: 0000000000000000
[  779.236983][T12965] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffed100faea400
[  779.236997][T12965] R10: ffff88807d752001 R11: 0000000000000002 R12: 0000000000000000
[  779.237011][T12965] R13: ffffc900042c7bd8 R14: ffff88807d752000 R15: 0000000000000000
[  779.237040][T12965]  _copy_to_iter+0x4ed/0x1560
[  779.237073][T12965]  ? __pfx__copy_to_iter+0x10/0x10
[  779.237098][T12965]  ? __virt_addr_valid+0x1a4/0x590
[  779.237126][T12965]  ? __virt_addr_valid+0x5e/0x590
[  779.237149][T12965]  ? __phys_addr_symbol+0x30/0x80
[  779.237172][T12965]  ? __check_object_size+0x488/0x710
[  779.237199][T12965]  seq_read_iter+0xd00/0x12b0
[  779.237251][T12965]  seq_read+0x39f/0x4e0
[  779.237291][T12965]  ? __pfx_seq_read+0x10/0x10
[  779.237335][T12965]  ? __pfx_seq_read+0x10/0x10
[  779.237363][T12965]  proc_reg_read+0x23d/0x330
[  779.237397][T12965]  ? __pfx_proc_reg_read+0x10/0x10
[  779.237432][T12965]  vfs_read+0x1df/0xbf0
[  779.237463][T12965]  ? __fget_files+0x1fc/0x3a0
[  779.237494][T12965]  ? __pfx___mutex_lock+0x10/0x10
[  779.237527][T12965]  ? __pfx_vfs_read+0x10/0x10
[  779.237564][T12965]  ? __fget_files+0x206/0x3a0
[  779.237602][T12965]  ksys_read+0x12b/0x250
[  779.237631][T12965]  ? __pfx_ksys_read+0x10/0x10
[  779.237668][T12965]  do_syscall_64+0xcd/0x250
[  779.237703][T12965]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  779.237733][T12965] RIP: 0033:0x7f7891d8d169
[  779.237750][T12965] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  779.237771][T12965] RSP: 002b:00007f7892c85038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  779.237790][T12965] RAX: ffffffffffffffda RBX: 00007f7891fa5fa0 RCX: 00007f7891d8d169
[  779.237804][T12965] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000003
[  779.237816][T12965] RBP: 00007f7891e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  779.237829][T12965] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  779.237842][T12965] R13: 0000000000000000 R14: 00007f7891fa5fa0 R15: 00007ffd18c23478
[  779.237869][T12965]  </TASK>
[  779.237938][T12850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  780.702245][T12850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  780.760205][T12850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  780.834265][T12850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  780.903053][T12850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  780.972111][T12850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  781.027562][T12850] batman_adv: batadv0: Interface activated: batadv_slave_0
[  781.183982][T12850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  781.219474][T12992] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1769'.
[  781.260347][T12850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  781.316115][T12850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  781.401332][T12850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  781.468705][T12850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  781.543602][T12850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  781.622047][T12850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  781.680780][T12850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  781.738210][T12850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  781.810089][T12850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  781.887823][T12850] batman_adv: batadv0: Interface activated: batadv_slave_1
[  781.960212][T12850] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  782.041993][T12850] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  782.105732][T12850] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  782.177884][T12850] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  783.151992][ T1108] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  783.211183][ T1108] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  783.469837][ T1108] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  783.538362][ T1108] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  789.069183][T13077] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1790'.
[  789.747298][T13086] Invalid ELF header magic: != ELF
[  791.521878][T13107] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1798'.
[  793.132974][T13111] FAULT_INJECTION: forcing a failure.
[  793.132974][T13111] name failslab, interval 1, probability 0, space 0, times 0
[  793.367046][T13111] CPU: 0 UID: 0 PID: 13111 Comm: syz.0.1799 Tainted: G     U             6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[  793.367084][T13111] Tainted: [U]=USER
[  793.367090][T13111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  793.367103][T13111] Call Trace:
[  793.367109][T13111]  <TASK>
[  793.367118][T13111]  dump_stack_lvl+0x16c/0x1f0
[  793.367156][T13111]  should_fail_ex+0x50a/0x650
[  793.367177][T13111]  ? fs_reclaim_acquire+0xae/0x150
[  793.367207][T13111]  should_failslab+0xc2/0x120
[  793.367227][T13111]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  793.367262][T13111]  ? security_file_alloc+0x34/0x2b0
[  793.367296][T13111]  security_file_alloc+0x34/0x2b0
[  793.367326][T13111]  init_file+0x93/0x4c0
[  793.367347][T13111]  alloc_empty_file+0x91/0x1e0
[  793.367372][T13111]  path_openat+0xe1/0x2d80
[  793.367402][T13111]  ? unwind_get_return_address+0x59/0xa0
[  793.367437][T13111]  ? arch_stack_walk+0xa7/0x100
[  793.367464][T13111]  ? __pfx_path_openat+0x10/0x10
[  793.367496][T13111]  ? stack_trace_save+0x95/0xd0
[  793.367521][T13111]  ? __pfx_stack_trace_save+0x10/0x10
[  793.367548][T13111]  do_filp_open+0x20c/0x470
[  793.367579][T13111]  ? __pfx_do_filp_open+0x10/0x10
[  793.367609][T13111]  ? kasan_save_stack+0x42/0x60
[  793.367639][T13111]  ? kasan_save_stack+0x33/0x60
[  793.367695][T13111]  file_open_name+0x2a4/0x450
[  793.367726][T13111]  ? __pfx_file_open_name+0x10/0x10
[  793.367760][T13111]  acct_on+0x77/0x870
[  793.367792][T13111]  __x64_sys_acct+0xad/0x220
[  793.367823][T13111]  ? lockdep_hardirqs_on+0x7c/0x110
[  793.367855][T13111]  do_syscall_64+0xcd/0x250
[  793.367890][T13111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  793.367923][T13111] RIP: 0033:0x7f7891d8d169
[  793.367940][T13111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  793.367962][T13111] RSP: 002b:00007f7892c43038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3
[  793.367983][T13111] RAX: ffffffffffffffda RBX: 00007f7891fa6160 RCX: 00007f7891d8d169
[  793.367998][T13111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000480
[  793.368012][T13111] RBP: 00007f7891e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  793.368026][T13111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  793.368058][T13111] R13: 0000000000000000 R14: 00007f7891fa6160 R15: 00007ffd18c23478
[  793.368085][T13111]  </TASK>
[  795.053891][T13148] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1807'.
[  795.763175][T13150] netlink: 'syz.3.1804': attribute type 11 has an invalid length.
[  796.175908][T13159] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1809'.
[  801.795654][T13212] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1824'.
[  802.073754][T13214] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1823'.
[  803.233011][T13226] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1826'.
[  805.264895][T13244] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1832'.
[  806.282559][T13259] sctp: [Deprecated]: syz.1.1834 (pid 13259) Use of int in max_burst socket option deprecated.
[  806.282559][T13259] Use struct sctp_assoc_value instead
[  814.175951][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  814.182270][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  815.403443][T13339] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1853'.
[  817.257460][T13364] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1860'.
[  820.612508][T13399] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1865'.
[  821.441817][T13409] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1867'.
[  822.886510][T13434] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1872'.
[  825.151712][T13477] ubi0: attaching mtd0
[  825.194631][T13477] ubi0: scanning is finished
[  825.199301][T13477] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record
[  826.284844][T13501] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1879'.
[  826.454672][T13477] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  827.699795][T13508] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1882'.
[  828.373978][T13520] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1885'.
[  828.610162][T13517] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1884'.
[  836.130854][T13562] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1895'.
[  836.703513][T13570] sock: sock_timestamping_bind_phc: sock not bind to device
[  837.737019][T13568] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1896'.
[  838.757849][T13576] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1899'.
[  840.841473][T13597] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1903'.
[  841.676125][T13617] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1908'.
[  849.914394][T13663] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1918'.
[  853.113147][T13690] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1925'.
[  853.153724][T13698] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1926'.
[  853.697406][T13706] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1930'.
[  853.984435][T13704] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1928'.
[  855.341731][T13728] ptrace attach of "./syz-executor exec"[5836] was attempted by "./syz-executor exec"[13728]
[  856.758217][T12852] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18
[  856.884497][   T30] audit: type=1800 audit(4294968470.403:8): pid=13735 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1936" name="dbroot" dev="configfs" ino=41150 res=0 errno=0
[  858.522509][T13752] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1941'.
[  859.617266][T13764] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1945'.
[  859.800788][T13762] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1946'.
[  861.445562][T13769] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  861.768492][T13790] FAULT_INJECTION: forcing a failure.
[  861.768492][T13790] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  861.872940][T13790] CPU: 0 UID: 0 PID: 13790 Comm: syz.3.1952 Tainted: G     U             6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[  861.872978][T13790] Tainted: [U]=USER
[  861.872986][T13790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  861.873000][T13790] Call Trace:
[  861.873006][T13790]  <TASK>
[  861.873014][T13790]  dump_stack_lvl+0x16c/0x1f0
[  861.873056][T13790]  should_fail_ex+0x50a/0x650
[  861.873082][T13790]  _copy_from_user+0x2e/0xd0
[  861.873109][T13790]  __sys_bpf+0x21c/0x49c0
[  861.873146][T13790]  ? __pfx_lock_release+0x10/0x10
[  861.873181][T13790]  ? __pfx___sys_bpf+0x10/0x10
[  861.873216][T13790]  ? vfs_write+0x306/0x1150
[  861.873253][T13790]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  861.873303][T13790]  ? fput+0x67/0x440
[  861.873325][T13790]  ? ksys_write+0x1ba/0x250
[  861.873357][T13790]  ? __pfx_ksys_write+0x10/0x10
[  861.873393][T13790]  __x64_sys_bpf+0x78/0xc0
[  861.873414][T13790]  ? lockdep_hardirqs_on+0x7c/0x110
[  861.873447][T13790]  do_syscall_64+0xcd/0x250
[  861.873483][T13790]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  861.873516][T13790] RIP: 0033:0x7f1259f8d169
[  861.873534][T13790] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  861.873556][T13790] RSP: 002b:00007f1257df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  861.873583][T13790] RAX: ffffffffffffffda RBX: 00007f125a1a5fa0 RCX: 00007f1259f8d169
[  861.873599][T13790] RDX: 00000000000000a3 RSI: 0000200000000000 RDI: 0000000000000000
[  861.873613][T13790] RBP: 00007f1257df6090 R08: 0000000000000000 R09: 0000000000000000
[  861.873627][T13790] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  861.873642][T13790] R13: 0000000000000000 R14: 00007f125a1a5fa0 R15: 00007ffffe2de248
[  861.873668][T13790]  </TASK>
[  863.118751][T13786] kexec: Could not allocate control_code_buffer
[  863.591896][T13802] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1955'.
[  863.860286][T13805] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1956'.
[  864.419947][T13813] FAULT_INJECTION: forcing a failure.
[  864.419947][T13813] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  864.613055][T13813] CPU: 0 UID: 0 PID: 13813 Comm: syz.5.1959 Tainted: G     U             6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[  864.613093][T13813] Tainted: [U]=USER
[  864.613100][T13813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  864.613115][T13813] Call Trace:
[  864.613121][T13813]  <TASK>
[  864.613129][T13813]  dump_stack_lvl+0x16c/0x1f0
[  864.613168][T13813]  should_fail_ex+0x50a/0x650
[  864.613193][T13813]  _copy_from_user+0x2e/0xd0
[  864.613218][T13813]  vcs_write+0x2f2/0xdb0
[  864.613252][T13813]  ? __pfx_vcs_write+0x10/0x10
[  864.613282][T13813]  ? apparmor_file_permission+0x251/0x400
[  864.613311][T13813]  ? bpf_lsm_file_permission+0x9/0x10
[  864.613348][T13813]  ? security_file_permission+0x71/0x210
[  864.613382][T13813]  ? rw_verify_area+0xcf/0x680
[  864.613411][T13813]  ? __pfx_vcs_write+0x10/0x10
[  864.613435][T13813]  vfs_write+0x24c/0x1150
[  864.613468][T13813]  ? __fget_files+0x1fc/0x3a0
[  864.613502][T13813]  ? __pfx_lock_release+0x10/0x10
[  864.613536][T13813]  ? __pfx_vfs_write+0x10/0x10
[  864.613566][T13813]  ? do_futex+0x123/0x350
[  864.613595][T13813]  ? lock_acquire+0x2f/0xb0
[  864.613625][T13813]  ? __fget_files+0x40/0x3a0
[  864.613661][T13813]  ? __fget_files+0x206/0x3a0
[  864.613702][T13813]  ksys_write+0x12b/0x250
[  864.613733][T13813]  ? __pfx_ksys_write+0x10/0x10
[  864.613772][T13813]  do_syscall_64+0xcd/0x250
[  864.613809][T13813]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  864.613843][T13813] RIP: 0033:0x7f085df8d169
[  864.613859][T13813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  864.613882][T13813] RSP: 002b:00007f085bdf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  864.613903][T13813] RAX: ffffffffffffffda RBX: 00007f085e1a5fa0 RCX: 00007f085df8d169
[  864.613919][T13813] RDX: 0000000000000001 RSI: 00002000000001c0 RDI: 000000000000000a
[  864.613934][T13813] RBP: 00007f085e00e2a0 R08: 0000000000000000 R09: 0000000000000000
[  864.613948][T13813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  864.613961][T13813] R13: 0000000000000000 R14: 00007f085e1a5fa0 R15: 00007ffe23fb1368
[  864.613988][T13813]  </TASK>
[  866.558090][T13829] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1961'.
[  869.144187][T13843] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1966'.
[  869.758536][T13850] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1968'.
[  871.044396][T13865] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1972'.
[  875.407674][T13898] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1979'.
[  875.615942][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  875.622381][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  876.494072][T13911] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1984'.
[  879.859226][T13956] FAULT_INJECTION: forcing a failure.
[  879.859226][T13956] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  880.003154][T13956] CPU: 0 UID: 0 PID: 13956 Comm: syz.0.1997 Tainted: G     U             6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[  880.003192][T13956] Tainted: [U]=USER
[  880.003199][T13956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  880.003214][T13956] Call Trace:
[  880.003220][T13956]  <TASK>
[  880.003228][T13956]  dump_stack_lvl+0x16c/0x1f0
[  880.003268][T13956]  should_fail_ex+0x50a/0x650
[  880.003290][T13956]  ? __pfx___might_resched+0x10/0x10
[  880.003331][T13956]  should_fail_alloc_page+0xe7/0x130
[  880.003356][T13956]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  880.003393][T13956]  __alloc_frozen_pages_noprof+0x18e/0x2470
[  880.003433][T13956]  ? __pfx_register_lock_class+0x10/0x10
[  880.003472][T13956]  ? hlock_class+0x4e/0x130
[  880.003496][T13956]  ? mark_lock+0xb5/0xc60
[  880.003528][T13956]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  880.003568][T13956]  ? __pfx_lock_release+0x10/0x10
[  880.003600][T13956]  ? trace_lock_acquire+0x14e/0x1f0
[  880.003635][T13956]  ? is_bpf_text_address+0x30/0x1a0
[  880.003667][T13956]  ? bpf_ksym_find+0x124/0x1c0
[  880.003690][T13956]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  880.003718][T13956]  ? is_bpf_text_address+0x94/0x1a0
[  880.003751][T13956]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  880.003790][T13956]  ? policy_nodemask+0xea/0x4e0
[  880.003813][T13956]  alloc_pages_mpol+0x1fc/0x540
[  880.003835][T13956]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  880.003858][T13956]  ? __pfx___lock_acquire+0x10/0x10
[  880.003890][T13956]  alloc_pages_noprof+0x131/0x390
[  880.003911][T13956]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  880.003942][T13956]  get_free_pages_noprof+0xc/0x40
[  880.003966][T13956]  kasan_populate_vmalloc_pte+0x2d/0x160
[  880.003997][T13956]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  880.004028][T13956]  __apply_to_page_range+0x5fd/0xd30
[  880.004061][T13956]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  880.004097][T13956]  ? __pfx___apply_to_page_range+0x10/0x10
[  880.004128][T13956]  ? insert_vmap_area+0x2ef/0x4d0
[  880.004156][T13956]  alloc_vmap_area+0x93e/0x2a60
[  880.004195][T13956]  ? __pfx_alloc_vmap_area+0x10/0x10
[  880.004229][T13956]  __get_vm_area_node+0x19e/0x2f0
[  880.004264][T13956]  __vmalloc_node_range_noprof+0x26a/0x1530
[  880.004298][T13956]  ? sock_map_alloc+0x1f9/0x280
[  880.004340][T13956]  ? sock_map_alloc+0x1f9/0x280
[  880.004379][T13956]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  880.004413][T13956]  ? rcu_is_watching+0x12/0xc0
[  880.004438][T13956]  ? trace_kmalloc+0x2d/0xd0
[  880.004463][T13956]  ? __kmalloc_node_noprof+0x23d/0x510
[  880.004503][T13956]  ? sock_map_alloc+0x1f9/0x280
[  880.004536][T13956]  __bpf_map_area_alloc+0xea/0x190
[  880.004558][T13956]  ? sock_map_alloc+0x1f9/0x280
[  880.004593][T13956]  sock_map_alloc+0x1f9/0x280
[  880.004632][T13956]  map_create+0x5c5/0x1d20
[  880.004669][T13956]  ? __pfx_lock_release+0x10/0x10
[  880.004700][T13956]  ? trace_lock_acquire+0x14e/0x1f0
[  880.004727][T13956]  ? __pfx_map_create+0x10/0x10
[  880.004761][T13956]  ? lock_acquire+0x2f/0xb0
[  880.004791][T13956]  ? __might_fault+0xe3/0x190
[  880.004814][T13956]  ? __might_fault+0xe3/0x190
[  880.004843][T13956]  __sys_bpf+0x4391/0x49c0
[  880.004879][T13956]  ? __pfx_lock_release+0x10/0x10
[  880.004913][T13956]  ? __pfx___sys_bpf+0x10/0x10
[  880.004948][T13956]  ? vfs_write+0x306/0x1150
[  880.004984][T13956]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  880.005034][T13956]  ? fput+0x67/0x440
[  880.005056][T13956]  ? ksys_write+0x1ba/0x250
[  880.005088][T13956]  ? __pfx_ksys_write+0x10/0x10
[  880.005125][T13956]  __x64_sys_bpf+0x78/0xc0
[  880.005145][T13956]  ? lockdep_hardirqs_on+0x7c/0x110
[  880.005178][T13956]  do_syscall_64+0xcd/0x250
[  880.005215][T13956]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  880.005249][T13956] RIP: 0033:0x7f7891d8d169
[  880.005266][T13956] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  880.005289][T13956] RSP: 002b:00007f7892c85038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  880.005311][T13956] RAX: ffffffffffffffda RBX: 00007f7891fa5fa0 RCX: 00007f7891d8d169
[  880.005326][T13956] RDX: 00000000000000a3 RSI: 0000200000000000 RDI: 0000000000000000
[  880.005341][T13956] RBP: 00007f7892c85090 R08: 0000000000000000 R09: 0000000000000000
[  880.005355][T13956] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  880.005369][T13956] R13: 0000000000000000 R14: 00007f7891fa5fa0 R15: 00007ffd18c23478
[  880.005395][T13956]  </TASK>
[  880.523367][T13957] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2004'.
[  881.407897][T13955] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  882.834118][T13976] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2000'.
[  883.215241][T13990] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2002'.
[  883.832857][T13993] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2005'.
[  892.889730][T14068] FAULT_INJECTION: forcing a failure.
[  892.889730][T14068] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  893.055416][ T5852] Bluetooth: hci4: command 0x0406 tx timeout
[  893.382910][T14068] CPU: 0 UID: 0 PID: 14068 Comm: syz.5.2019 Tainted: G     U             6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[  893.382948][T14068] Tainted: [U]=USER
[  893.382955][T14068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  893.382969][T14068] Call Trace:
[  893.382976][T14068]  <TASK>
[  893.382985][T14068]  dump_stack_lvl+0x16c/0x1f0
[  893.383026][T14068]  should_fail_ex+0x50a/0x650
[  893.383046][T14068]  ? __pfx___might_resched+0x10/0x10
[  893.383085][T14068]  should_fail_alloc_page+0xe7/0x130
[  893.383107][T14068]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  893.383142][T14068]  __alloc_frozen_pages_noprof+0x18e/0x2470
[  893.383181][T14068]  ? stack_depot_save_flags+0x38f/0x9c0
[  893.383203][T14068]  ? __pfx_lock_release+0x10/0x10
[  893.383236][T14068]  ? hlock_class+0x4e/0x130
[  893.383264][T14068]  ? mark_lock+0xb5/0xc60
[  893.383293][T14068]  ? mark_held_locks+0x9f/0xe0
[  893.383325][T14068]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  893.383366][T14068]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  893.383398][T14068]  ? stack_depot_save_flags+0x38f/0x9c0
[  893.383425][T14068]  ? kasan_save_stack+0x42/0x60
[  893.383458][T14068]  ? kasan_save_stack+0x33/0x60
[  893.383491][T14068]  ? kasan_save_track+0x14/0x30
[  893.383523][T14068]  ? kasan_save_free_info+0x3b/0x60
[  893.383551][T14068]  ? __kasan_slab_free+0x51/0x70
[  893.383585][T14068]  ? kmem_cache_free+0x2e2/0x4d0
[  893.383618][T14068]  ? alloc_vmap_area+0x1f86/0x2a60
[  893.383645][T14068]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  893.383684][T14068]  ? policy_nodemask+0xea/0x4e0
[  893.383706][T14068]  alloc_pages_mpol+0x1fc/0x540
[  893.383728][T14068]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  893.383751][T14068]  ? __pfx___lock_acquire+0x10/0x10
[  893.383784][T14068]  alloc_pages_noprof+0x131/0x390
[  893.383805][T14068]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  893.383835][T14068]  get_free_pages_noprof+0xc/0x40
[  893.383859][T14068]  kasan_populate_vmalloc_pte+0x2d/0x160
[  893.383889][T14068]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  893.383921][T14068]  __apply_to_page_range+0x5fd/0xd30
[  893.383959][T14068]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  893.383997][T14068]  ? __pfx___apply_to_page_range+0x10/0x10
[  893.384031][T14068]  ? insert_vmap_area+0x2ef/0x4d0
[  893.384060][T14068]  alloc_vmap_area+0x93e/0x2a60
[  893.384112][T14068]  ? __pfx_alloc_vmap_area+0x10/0x10
[  893.384146][T14068]  __get_vm_area_node+0x19e/0x2f0
[  893.384181][T14068]  __vmalloc_node_range_noprof+0x26a/0x1530
[  893.384215][T14068]  ? sock_map_alloc+0x1f9/0x280
[  893.384261][T14068]  ? sock_map_alloc+0x1f9/0x280
[  893.384300][T14068]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  893.384335][T14068]  ? rcu_is_watching+0x12/0xc0
[  893.384359][T14068]  ? trace_kmalloc+0x2d/0xd0
[  893.384383][T14068]  ? __kmalloc_node_noprof+0x23d/0x510
[  893.384424][T14068]  ? sock_map_alloc+0x1f9/0x280
[  893.384456][T14068]  __bpf_map_area_alloc+0xea/0x190
[  893.384492][T14068]  ? sock_map_alloc+0x1f9/0x280
[  893.384526][T14068]  sock_map_alloc+0x1f9/0x280
[  893.384559][T14068]  map_create+0x5c5/0x1d20
[  893.384595][T14068]  ? __pfx_lock_release+0x10/0x10
[  893.384626][T14068]  ? trace_lock_acquire+0x14e/0x1f0
[  893.384652][T14068]  ? __pfx_map_create+0x10/0x10
[  893.384684][T14068]  ? lock_acquire+0x2f/0xb0
[  893.384713][T14068]  ? __might_fault+0xe3/0x190
[  893.384736][T14068]  ? __might_fault+0xe3/0x190
[  893.384764][T14068]  __sys_bpf+0x4391/0x49c0
[  893.384798][T14068]  ? __pfx_lock_release+0x10/0x10
[  893.384831][T14068]  ? __pfx___sys_bpf+0x10/0x10
[  893.384865][T14068]  ? vfs_write+0x306/0x1150
[  893.384900][T14068]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  893.384948][T14068]  ? fput+0x67/0x440
[  893.384969][T14068]  ? ksys_write+0x1ba/0x250
[  893.384999][T14068]  ? __pfx_ksys_write+0x10/0x10
[  893.385035][T14068]  __x64_sys_bpf+0x78/0xc0
[  893.385054][T14068]  ? lockdep_hardirqs_on+0x7c/0x110
[  893.385086][T14068]  do_syscall_64+0xcd/0x250
[  893.385121][T14068]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  893.385154][T14068] RIP: 0033:0x7f085df8d169
[  893.385171][T14068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  893.385193][T14068] RSP: 002b:00007f085bdf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  893.385214][T14068] RAX: ffffffffffffffda RBX: 00007f085e1a5fa0 RCX: 00007f085df8d169
[  893.385229][T14068] RDX: 00000000000000a3 RSI: 0000200000000000 RDI: 0000000000000000
[  893.385243][T14068] RBP: 00007f085bdf6090 R08: 0000000000000000 R09: 0000000000000000
[  893.385261][T14068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  893.385274][T14068] R13: 0000000000000000 R14: 00007f085e1a5fa0 R15: 00007ffe23fb1368
[  893.385300][T14068]  </TASK>
[  893.854831][T14072] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2020'.
[  896.412211][T14086] FAULT_INJECTION: forcing a failure.
[  896.412211][T14086] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  896.723582][T14086] CPU: 0 UID: 0 PID: 14086 Comm: syz.3.2024 Tainted: G     U             6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[  896.723621][T14086] Tainted: [U]=USER
[  896.723629][T14086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  896.723643][T14086] Call Trace:
[  896.723652][T14086]  <TASK>
[  896.723661][T14086]  dump_stack_lvl+0x16c/0x1f0
[  896.723703][T14086]  should_fail_ex+0x50a/0x650
[  896.723739][T14086]  ? __pfx___might_resched+0x10/0x10
[  896.723781][T14086]  should_fail_alloc_page+0xe7/0x130
[  896.723807][T14086]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  896.723840][T14086]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  896.723872][T14086]  __alloc_frozen_pages_noprof+0x18e/0x2470
[  896.723919][T14086]  ? unwind_get_return_address+0x59/0xa0
[  896.723958][T14086]  ? arch_stack_walk+0xa7/0x100
[  896.723987][T14086]  ? hlock_class+0x4e/0x130
[  896.724012][T14086]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  896.724063][T14086]  ? __pfx___lock_acquire+0x10/0x10
[  896.724095][T14086]  ? kasan_save_stack+0x42/0x60
[  896.724130][T14086]  ? kasan_save_stack+0x33/0x60
[  896.724163][T14086]  ? kasan_save_track+0x14/0x30
[  896.724198][T14086]  ? __kasan_slab_alloc+0x89/0x90
[  896.724234][T14086]  ? kmem_cache_alloc_node_noprof+0x223/0x3c0
[  896.724271][T14086]  ? alloc_vmap_area+0x636/0x2a60
[  896.724297][T14086]  ? __get_vm_area_node+0x19e/0x2f0
[  896.724326][T14086]  ? vmap+0x15a/0x350
[  896.724354][T14086]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  896.724394][T14086]  ? policy_nodemask+0xea/0x4e0
[  896.724419][T14086]  alloc_pages_mpol+0x1fc/0x540
[  896.724443][T14086]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  896.724464][T14086]  ? __page_table_check_ptes_set+0x16b/0x3e0
[  896.724507][T14086]  ? do_raw_spin_lock+0x12d/0x2c0
[  896.724530][T14086]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  896.724557][T14086]  alloc_pages_noprof+0x131/0x390
[  896.724579][T14086]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  896.724614][T14086]  get_free_pages_noprof+0xc/0x40
[  896.724639][T14086]  kasan_populate_vmalloc_pte+0x2d/0x160
[  896.724674][T14086]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  896.724710][T14086]  __apply_to_page_range+0x5fd/0xd30
[  896.724746][T14086]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  896.724786][T14086]  ? __pfx___apply_to_page_range+0x10/0x10
[  896.724821][T14086]  ? insert_vmap_area+0x2ef/0x4d0
[  896.724851][T14086]  alloc_vmap_area+0x93e/0x2a60
[  896.724898][T14086]  ? __pfx_alloc_vmap_area+0x10/0x10
[  896.724948][T14086]  __get_vm_area_node+0x19e/0x2f0
[  896.724984][T14086]  vmap+0x15a/0x350
[  896.725012][T14086]  ? relay_open_buf.part.0+0x446/0xb90
[  896.725046][T14086]  ? __pfx_vmap+0x10/0x10
[  896.725082][T14086]  relay_open_buf.part.0+0x446/0xb90
[  896.725125][T14086]  relay_open+0x653/0xad0
[  896.725156][T14086]  ? debugfs_create_file_full+0x41/0x60
[  896.725182][T14086]  do_blk_trace_setup+0x503/0xb50
[  896.725211][T14086]  blk_trace_setup+0xee/0x1b0
[  896.725237][T14086]  ? __pfx_blk_trace_setup+0x10/0x10
[  896.725262][T14086]  ? __pfx_snprintf+0x10/0x10
[  896.725307][T14086]  blk_trace_ioctl+0x147/0x280
[  896.725334][T14086]  ? __pfx_blk_trace_ioctl+0x10/0x10
[  896.725364][T14086]  ? trace_lock_acquire+0x14e/0x1f0
[  896.725389][T14086]  ? __fget_files+0x40/0x3a0
[  896.725428][T14086]  blkdev_ioctl+0x109/0x6d0
[  896.725452][T14086]  ? __pfx_blkdev_ioctl+0x10/0x10
[  896.725474][T14086]  ? __fget_files+0x206/0x3a0
[  896.725512][T14086]  ? __pfx_blkdev_ioctl+0x10/0x10
[  896.725537][T14086]  __x64_sys_ioctl+0x190/0x200
[  896.725567][T14086]  do_syscall_64+0xcd/0x250
[  896.725605][T14086]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  896.725638][T14086] RIP: 0033:0x7f1259f8d169
[  896.725656][T14086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  896.725679][T14086] RSP: 002b:00007f1257df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  896.725701][T14086] RAX: ffffffffffffffda RBX: 00007f125a1a5fa0 RCX: 00007f1259f8d169
[  896.725716][T14086] RDX: 0000200000000180 RSI: 00000000c0481273 RDI: 0000000000000006
[  896.725730][T14086] RBP: 00007f125a00e2a0 R08: 0000000000000000 R09: 0000000000000000
[  896.725744][T14086] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  896.725758][T14086] R13: 0000000000000000 R14: 00007f125a1a5fa0 R15: 00007ffffe2de248
[  896.725786][T14086]  </TASK>
[  906.580329][T14135] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2035'.
[  913.208380][T14185] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2046'.
[  913.603286][T14227] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2049'.
[  915.023394][T14241] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2053'.
[  917.730642][T14270] netlink: 84 bytes leftover after parsing attributes in process `syz.1.2061'.
[  918.055410][T14272] Invalid ELF header magic: != ELF
[  919.119368][T14274] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2062'.
[  919.896670][T14295] FAULT_INJECTION: forcing a failure.
[  919.896670][T14295] name failslab, interval 1, probability 0, space 0, times 0
[  919.947900][T14294] netlink: 'syz.3.2068': attribute type 11 has an invalid length.
[  920.114740][T14295] CPU: 0 UID: 0 PID: 14295 Comm: syz.0.2067 Tainted: G     U             6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[  920.114777][T14295] Tainted: [U]=USER
[  920.114784][T14295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  920.114798][T14295] Call Trace:
[  920.114805][T14295]  <TASK>
[  920.114814][T14295]  dump_stack_lvl+0x16c/0x1f0
[  920.114853][T14295]  should_fail_ex+0x50a/0x650
[  920.114875][T14295]  ? fs_reclaim_acquire+0xae/0x150
[  920.114905][T14295]  ? alloc_pipe_info+0x1ec/0x590
[  920.114939][T14295]  should_failslab+0xc2/0x120
[  920.114961][T14295]  __kmalloc_noprof+0xcb/0x510
[  920.115000][T14295]  alloc_pipe_info+0x1ec/0x590
[  920.115038][T14295]  create_pipe_files+0x8c/0x930
[  920.115076][T14295]  do_pipe2+0xb0/0x1d0
[  920.115111][T14295]  ? __pfx_do_pipe2+0x10/0x10
[  920.115146][T14295]  ? rcu_is_watching+0x12/0xc0
[  920.115176][T14295]  __x64_sys_pipe+0x33/0x50
[  920.115195][T14295]  do_syscall_64+0xcd/0x250
[  920.115231][T14295]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  920.115263][T14295] RIP: 0033:0x7f7891d8d169
[  920.115280][T14295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  920.115302][T14295] RSP: 002b:00007f7892c64038 EFLAGS: 00000246 ORIG_RAX: 0000000000000016
[  920.115324][T14295] RAX: ffffffffffffffda RBX: 00007f7891fa6080 RCX: 00007f7891d8d169
[  920.115339][T14295] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  920.115353][T14295] RBP: 00007f7891e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  920.115367][T14295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  920.115381][T14295] R13: 0000000000000000 R14: 00007f7891fa6080 R15: 00007ffd18c23478
[  920.115407][T14295]  </TASK>
[  920.841133][T14306] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2072'.
[  921.699135][T14310] netlink: 84 bytes leftover after parsing attributes in process `syz.3.2074'.
[  922.903140][T14317] netlink: 146 bytes leftover after parsing attributes in process `syz.5.2076'.
[  923.334965][T14325] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2077'.
[  923.403214][T14320] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [1480].
[  926.424251][T14359] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2086'.
[  927.036526][T14372] .^: entered promiscuous mode
[  927.761112][T14379] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2092'.
[  928.149883][T14384] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2093'.
[  928.807469][T14385] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2094'.
[  932.324299][T14432] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2103'.
[  932.431189][T14435] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2104'.
[  934.320553][T14460] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2108'.
[  934.943610][T14470] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2113'.
[  936.481497][T14487] vivid-003: =================  START STATUS  =================
[  936.553196][T14487] vivid-003: Radio HW Seek Mode: Bounded
[  936.600029][T14487] vivid-003: Radio Programmable HW Seek: false
[  936.653097][T14487] vivid-003: RDS Rx I/O Mode: Block I/O
[  936.693707][T14487] vivid-003: Generate RBDS Instead of RDS: false
[  936.763642][T14487] vivid-003: RDS Reception: true
[  936.809510][T14487] vivid-003: RDS Program Type: 0 inactive
[  936.891847][T14487] vivid-003: RDS PS Name:  inactive
[  936.953406][T14487] vivid-003: RDS Radio Text:  inactive
[  936.958946][T14487] vivid-003: RDS Traffic Announcement: false inactive
[  937.048363][T14487] vivid-003: RDS Traffic Program: false inactive
[  937.060512][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  937.072833][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  937.128033][T14487] vivid-003: RDS Music: false inactive
[  937.167004][T14487] vivid-003: ==================  END STATUS  ==================
[  940.853928][T14550] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2130'.
[  942.069710][T14556] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2133'.
[  943.465409][T14568] netlink: 84 bytes leftover after parsing attributes in process `syz.1.2136'.
[  943.974015][T14574] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2138'.
[  944.197504][T14577] FAULT_INJECTION: forcing a failure.
[  944.197504][T14577] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  944.286225][T14577] CPU: 0 UID: 0 PID: 14577 Comm: syz.3.2139 Tainted: G     U             6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[  944.286262][T14577] Tainted: [U]=USER
[  944.286270][T14577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  944.286282][T14577] Call Trace:
[  944.286289][T14577]  <TASK>
[  944.286297][T14577]  dump_stack_lvl+0x16c/0x1f0
[  944.286338][T14577]  should_fail_ex+0x50a/0x650
[  944.286364][T14577]  _copy_to_user+0x32/0xd0
[  944.286392][T14577]  simple_read_from_buffer+0xd0/0x160
[  944.286425][T14577]  proc_fail_nth_read+0x198/0x270
[  944.286455][T14577]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  944.286485][T14577]  ? rw_verify_area+0xcf/0x680
[  944.286514][T14577]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  944.286542][T14577]  vfs_read+0x1df/0xbf0
[  944.286574][T14577]  ? __fget_files+0x1fc/0x3a0
[  944.286609][T14577]  ? __pfx___mutex_lock+0x10/0x10
[  944.286644][T14577]  ? __pfx_vfs_read+0x10/0x10
[  944.286683][T14577]  ? __fget_files+0x206/0x3a0
[  944.286724][T14577]  ksys_read+0x12b/0x250
[  944.286756][T14577]  ? __pfx_ksys_read+0x10/0x10
[  944.286795][T14577]  do_syscall_64+0xcd/0x250
[  944.286832][T14577]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  944.286872][T14577] RIP: 0033:0x7f1259f8bb7c
[  944.286889][T14577] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  944.286912][T14577] RSP: 002b:00007f1257df6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  944.286934][T14577] RAX: ffffffffffffffda RBX: 00007f125a1a5fa0 RCX: 00007f1259f8bb7c
[  944.286949][T14577] RDX: 000000000000000f RSI: 00007f1257df60a0 RDI: 0000000000000003
[  944.286964][T14577] RBP: 00007f1257df6090 R08: 0000000000000000 R09: 0000000000000000
[  944.286978][T14577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  944.286991][T14577] R13: 0000000000000001 R14: 00007f125a1a5fa0 R15: 00007ffffe2de248
[  944.287019][T14577]  </TASK>
[  945.800708][T14585] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2142'.
[  951.446642][T14633] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2153'.
[  956.595995][T14706] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2166'.
[  957.219382][T14713] netlink: 'syz.0.2169': attribute type 11 has an invalid length.
[  957.584498][T14717] FAULT_INJECTION: forcing a failure.
[  957.584498][T14717] name failslab, interval 1, probability 0, space 0, times 0
[  957.760427][T14717] CPU: 0 UID: 0 PID: 14717 Comm: syz.3.2170 Tainted: G     U             6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[  957.760472][T14717] Tainted: [U]=USER
[  957.760480][T14717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  957.760494][T14717] Call Trace:
[  957.760502][T14717]  <TASK>
[  957.760511][T14717]  dump_stack_lvl+0x16c/0x1f0
[  957.760553][T14717]  should_fail_ex+0x50a/0x650
[  957.760576][T14717]  ? fs_reclaim_acquire+0xae/0x150
[  957.760609][T14717]  ? nfc_llcp_build_tlv+0xfd/0x230
[  957.760641][T14717]  should_failslab+0xc2/0x120
[  957.760664][T14717]  __kmalloc_noprof+0xcb/0x510
[  957.760707][T14717]  nfc_llcp_build_tlv+0xfd/0x230
[  957.760742][T14717]  nfc_llcp_build_gb.isra.0+0x121/0x400
[  957.760773][T14717]  ? __pfx_nfc_llcp_build_gb.isra.0+0x10/0x10
[  957.760806][T14717]  ? lockdep_init_map_type+0x16d/0x7d0
[  957.760845][T14717]  ? lockdep_init_map_type+0x16d/0x7d0
[  957.760887][T14717]  nfc_llcp_register_device+0x600/0xa60
[  957.760922][T14717]  nfc_register_device+0x6d/0x3c0
[  957.760958][T14717]  nci_register_device+0x7f4/0xb80
[  957.760986][T14717]  ? __pfx_nci_register_device+0x10/0x10
[  957.761024][T14717]  virtual_ncidev_open+0x141/0x220
[  957.761063][T14717]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  957.761101][T14717]  misc_open+0x35a/0x420
[  957.761127][T14717]  ? __pfx_misc_open+0x10/0x10
[  957.761151][T14717]  chrdev_open+0x237/0x6a0
[  957.761188][T14717]  ? __pfx_apparmor_file_open+0x10/0x10
[  957.761220][T14717]  ? __pfx_chrdev_open+0x10/0x10
[  957.761260][T14717]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  957.761299][T14717]  do_dentry_open+0x735/0x1c40
[  957.761333][T14717]  ? __pfx_chrdev_open+0x10/0x10
[  957.761372][T14717]  ? inode_permission+0xdd/0x5f0
[  957.761401][T14717]  vfs_open+0x82/0x3f0
[  957.761424][T14717]  ? may_open+0x1f2/0x400
[  957.761453][T14717]  path_openat+0x1e88/0x2d80
[  957.761504][T14717]  ? __pfx_path_openat+0x10/0x10
[  957.761539][T14717]  ? __pfx___lock_acquire+0x10/0x10
[  957.761572][T14717]  ? lock_acquire.part.0+0x11b/0x380
[  957.761606][T14717]  ? find_held_lock+0x2d/0x110
[  957.761636][T14717]  do_filp_open+0x20c/0x470
[  957.761672][T14717]  ? __pfx_do_filp_open+0x10/0x10
[  957.761705][T14717]  ? find_held_lock+0x2d/0x110
[  957.761749][T14717]  ? alloc_fd+0x41f/0x760
[  957.761791][T14717]  do_sys_openat2+0x17a/0x1e0
[  957.761815][T14717]  ? __pfx_do_sys_openat2+0x10/0x10
[  957.761851][T14717]  __x64_sys_openat+0x175/0x210
[  957.761877][T14717]  ? __pfx___x64_sys_openat+0x10/0x10
[  957.761914][T14717]  do_syscall_64+0xcd/0x250
[  957.761953][T14717]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  957.761988][T14717] RIP: 0033:0x7f1259f8d169
[  957.762008][T14717] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  957.762032][T14717] RSP: 002b:00007f1257df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  957.762055][T14717] RAX: ffffffffffffffda RBX: 00007f125a1a5fa0 RCX: 00007f1259f8d169
[  957.762070][T14717] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c
[  957.762086][T14717] RBP: 00007f125a00e2a0 R08: 0000000000000000 R09: 0000000000000000
[  957.762100][T14717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  957.762114][T14717] R13: 0000000000000000 R14: 00007f125a1a5fa0 R15: 00007ffffe2de248
[  957.762143][T14717]  </TASK>
[  961.689485][T14748] svc: failed to register nfsdv3 RPC service (errno 111).
[  961.734906][T14748] svc: failed to register nfsaclv3 RPC service (errno 111).
[  962.467563][T14752] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  962.502113][T14752] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  962.546180][T14752] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  962.593097][T14752] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  962.629012][T14752] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  962.671599][T14756] netlink: 84 bytes leftover after parsing attributes in process `syz.5.2179'.
[  962.696503][T14752] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  963.133702][T14759] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2180'.
[  963.933992][ T5852] Bluetooth: hci0: command 0x0406 tx timeout
[  964.496003][T14772] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2184'.
[  964.573022][ T5852] Bluetooth: hci2: command 0x0406 tx timeout
[  964.579106][ T5852] Bluetooth: hci1: command 0x0406 tx timeout
[  964.662823][ T5852] Bluetooth: hci4: command 0x0406 tx timeout
[  964.668911][ T5852] Bluetooth: hci3: command 0x0406 tx timeout
[  965.333765][T14785] FAULT_INJECTION: forcing a failure.
[  965.333765][T14785] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  965.432552][T14785] CPU: 0 UID: 0 PID: 14785 Comm: syz.5.2188 Tainted: G     U             6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[  965.432590][T14785] Tainted: [U]=USER
[  965.432596][T14785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  965.432610][T14785] Call Trace:
[  965.432617][T14785]  <TASK>
[  965.432627][T14785]  dump_stack_lvl+0x16c/0x1f0
[  965.432667][T14785]  should_fail_ex+0x50a/0x650
[  965.432704][T14785]  _copy_to_user+0x32/0xd0
[  965.432733][T14785]  simple_read_from_buffer+0xd0/0x160
[  965.432765][T14785]  proc_fail_nth_read+0x198/0x270
[  965.432795][T14785]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  965.432825][T14785]  ? rw_verify_area+0xcf/0x680
[  965.432857][T14785]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  965.432885][T14785]  vfs_read+0x1df/0xbf0
[  965.432916][T14785]  ? __fget_files+0x1fc/0x3a0
[  965.432951][T14785]  ? __pfx___mutex_lock+0x10/0x10
[  965.432986][T14785]  ? __pfx_vfs_read+0x10/0x10
[  965.433024][T14785]  ? __fget_files+0x206/0x3a0
[  965.433065][T14785]  ksys_read+0x12b/0x250
[  965.433095][T14785]  ? __pfx_ksys_read+0x10/0x10
[  965.433134][T14785]  do_syscall_64+0xcd/0x250
[  965.433172][T14785]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  965.433206][T14785] RIP: 0033:0x7f085df8bb7c
[  965.433224][T14785] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  965.433247][T14785] RSP: 002b:00007f085bdf6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  965.433268][T14785] RAX: ffffffffffffffda RBX: 00007f085e1a5fa0 RCX: 00007f085df8bb7c
[  965.433283][T14785] RDX: 000000000000000f RSI: 00007f085bdf60a0 RDI: 0000000000000006
[  965.433297][T14785] RBP: 00007f085bdf6090 R08: 0000000000000000 R09: 0000000000000000
[  965.433310][T14785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  965.433324][T14785] R13: 0000000000000000 R14: 00007f085e1a5fa0 R15: 00007ffe23fb1368
[  965.433351][T14785]  </TASK>
[  966.736305][ T5852] Bluetooth: hci4: command 0x0406 tx timeout
[  970.226276][T14839] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2200'.
[  971.828937][T14860] svc: failed to register nfsdv3 RPC service (errno 111).
[  971.879786][T14860] svc: failed to register nfsaclv3 RPC service (errno 111).
[  972.220439][T14863] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2208'.
[  973.695681][T14870] tipc: Started in network mode
[  973.695708][T14870] tipc: Node identity 8e4e6f15, cluster identity 4711
[  973.695723][T14870] tipc: Node number set to 2387504917
[  973.968143][T14882] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2216'.
[  974.876496][T14896] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2219'.
[  975.990069][T14915] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2224'.
[  976.045911][T14907] can: request_module (can-proto-3) failed.
[  980.369501][T14956] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2233'.
[  980.645062][T14965] can: request_module (can-proto-3) failed.
[  982.224390][T14989] ptrace attach of "./syz-executor exec"[12850] was attempted by "./syz-executor exec"[14989]
[  984.471744][T15011] netlink: 'syz.1.2246': attribute type 1 has an invalid length.
[  984.700595][T15014] netlink: 342 bytes leftover after parsing attributes in process `syz.5.2247'.
[  985.913650][T15030] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2249'.
[  988.923998][T15054] netlink: 5 bytes leftover after parsing attributes in process `syz.3.2256'.
[  993.346424][T15109] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2267'.
[  994.633198][T15123] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2268'.
[  998.503052][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  998.509378][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  998.933296][T15168] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2275'.
[  999.661934][T15172] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2276'.
[ 1000.259399][T15176] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2277'.
[ 1003.516766][T15202] netlink: 3 bytes leftover after parsing attributes in process `syz.1.2283'.
[ 1003.591084][T15202] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2283'.
[ 1003.861870][T15196] netlink: 76 bytes leftover after parsing attributes in process `syz.5.2282'.
[ 1005.033585][T15209] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2285'.
[ 1007.546996][T15245] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed
[ 1007.782886][T15245] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff)
[ 1007.891017][T15246] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed
[ 1008.016359][T15246] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff)
[ 1009.414338][T15262] netlink: 76 bytes leftover after parsing attributes in process `syz.5.2293'.
[ 1010.106789][T12852] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1010.118256][T12852] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1010.128201][T12852] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1010.167937][T12852] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1010.180419][T12852] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[ 1010.187842][T12852] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1011.596786][T15266] chnl_net:caif_netlink_parms(): no params data found
[ 1011.898498][ T5852] Bluetooth: hci4: unexpected subevent 0x01 length: 4 < 18
[ 1012.254487][ T5852] Bluetooth: hci5: command tx timeout
[ 1012.539865][   T30] audit: type=1800 audit(4294968467.232:9): pid=15286 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.2299" name="dbroot" dev="configfs" ino=47263 res=0 errno=0
[ 1012.833126][T15286] input: jJǸ-�¶š9ã%vø“û¨l�ÐQ 	J86Ö‘ as /devices/virtual/input/input10
[ 1012.913462][   T30] audit: type=1804 audit(4294968467.322:10): pid=15286 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.2299" name="/newroot/sys/kernel/config/target/dbroot" dev="configfs" ino=47263 res=1 errno=0
[ 1014.332962][ T5852] Bluetooth: hci5: command tx timeout
[ 1014.985069][T15266] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1015.053092][T15266] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1015.112988][T15266] bridge_slave_0: entered allmulticast mode
[ 1015.119902][T15266] bridge_slave_0: entered promiscuous mode
[ 1015.210191][T15266] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1015.262977][T15266] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1015.270328][T15266] bridge_slave_1: entered allmulticast mode
[ 1015.360210][T15266] bridge_slave_1: entered promiscuous mode
[ 1015.815174][T15266] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1015.895115][T15266] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1016.413077][ T5852] Bluetooth: hci5: command tx timeout
[ 1016.624184][T15266] team0: Port device team_slave_0 added
[ 1016.685922][T15266] team0: Port device team_slave_1 added
[ 1017.053949][T15266] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1017.060940][T15266] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1017.342828][T15266] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1017.521921][T15266] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1017.577096][T15266] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1017.848495][T15304] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2302'.
[ 1018.116500][T15266] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1018.496687][ T5852] Bluetooth: hci5: command tx timeout
[ 1018.764277][T15266] hsr_slave_0: entered promiscuous mode
[ 1018.770628][T15266] hsr_slave_1: entered promiscuous mode
[ 1018.868924][T15266] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1018.931114][T15266] Cannot create hsr debugfs directory
[ 1019.839860][T15319] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2306'.
[ 1020.402998][T15314] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2305'.
[ 1022.907796][T15266] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1023.023838][T15266] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1023.553038][T15266] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1023.625155][T15266] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1024.570484][T15266] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1024.753417][T15346] sg_write: data in/out 32732/16086 bytes for SCSI command 0x0-- guessing data in;
[ 1024.753417][T15346]    program syz.5.2310 not setting count and/or reply_len properly
[ 1024.886969][T15266] 8021q: adding VLAN 0 to HW filter on device team0
[ 1025.086282][T14222] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1025.094499][T14222] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1025.205431][T14222] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1025.212556][T14222] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1026.955583][T15266] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1029.388073][T15266] veth0_vlan: entered promiscuous mode
[ 1029.447446][T15266] veth1_vlan: entered promiscuous mode
[ 1029.655375][T15266] veth0_macvtap: entered promiscuous mode
[ 1029.676092][T15387] netlink: 'syz.5.2318': attribute type 11 has an invalid length.
[ 1029.753120][T15266] veth1_macvtap: entered promiscuous mode
[ 1029.864626][T15266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1029.986599][T15266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1030.072409][T15266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1030.162835][T15266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1030.212989][T15266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1030.302804][T15266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1030.393344][T15266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1030.469136][T15266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1030.550450][T15266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1030.628273][T15266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1030.689341][T15266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1030.771036][T15266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1030.863625][T15266] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1031.032970][T15266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1031.113864][T15266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1031.220622][T15266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1031.297486][T15266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1031.384919][T15266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1031.485132][T15266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1031.577982][T15266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1031.632872][T15266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1031.724106][T15266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1031.823133][T15266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1031.911933][T15266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1031.990044][T15266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1032.071558][T15266] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1032.146959][T15266] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1032.235715][T15266] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1032.290245][T15266] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1032.370850][T15266] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1033.213285][T14201] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1033.221155][T14201] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1033.419297][T14190] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1033.491400][T14190] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1034.314958][T15404] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2324'.
[ 1034.463725][T15405] ecryptfs_parse_packet_length: Error parsing packet length
[ 1034.664774][T15406] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2322'.
[ 1034.752841][T15405] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22]
[ 1034.994057][T15405] netlink: 354 bytes leftover after parsing attributes in process `syz.0.2322'.
[ 1036.944430][T12852] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1036.957988][T12852] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1036.967872][T12852] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1036.993344][T12852] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1037.001508][T12852] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1037.009276][T12852] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1037.893587][T14190] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1038.644005][T14190] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1039.053852][T12852] Bluetooth: hci0: command tx timeout
[ 1039.115927][T14190] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1039.748971][T14190] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1040.320046][T15424] chnl_net:caif_netlink_parms(): no params data found
[ 1040.493176][T14190] bridge_slave_1: left allmulticast mode
[ 1040.546509][T14190] bridge_slave_1: left promiscuous mode
[ 1040.554912][T14190] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1041.023677][T14190] bridge_slave_0: left allmulticast mode
[ 1041.029405][T14190] bridge_slave_0: left promiscuous mode
[ 1041.137622][T12852] Bluetooth: hci0: command tx timeout
[ 1041.283006][T14190] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1042.114137][T15449] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2331'.
[ 1043.150165][T15460] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2335'.
[ 1043.226515][T12852] Bluetooth: hci0: command tx timeout
[ 1045.293174][T12852] Bluetooth: hci0: command tx timeout
[ 1046.389738][T14190] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1046.463274][T14190] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1046.504449][T14190] bond0 (unregistering): Released all slaves
[ 1046.614577][T15481] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2340'.
[ 1048.156046][T15424] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1048.222618][T15424] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1048.293707][T15424] bridge_slave_0: entered allmulticast mode
[ 1048.338285][T15424] bridge_slave_0: entered promiscuous mode
[ 1048.851295][T15424] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1048.917559][T15424] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1048.987118][T15424] bridge_slave_1: entered allmulticast mode
[ 1049.044819][T15424] bridge_slave_1: entered promiscuous mode
[ 1049.617789][T15424] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1049.834566][T15424] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1050.432995][T14190] hsr_slave_0: left promiscuous mode
[ 1050.493098][T14190] hsr_slave_1: left promiscuous mode
[ 1050.499953][T14190] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1050.581388][T14190] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1050.659228][T14190] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1050.695372][T14190] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1050.810858][T14190] veth1_vlan: left promiscuous mode
[ 1050.847532][T14190] veth0_vlan: left promiscuous mode
[ 1050.914605][T15529] Invalid ELF header magic: != ELF
[ 1053.636945][T14190] team0 (unregistering): Port device team_slave_1 removed
[ 1054.016646][T14190] team0 (unregistering): Port device team_slave_0 removed
[ 1056.763351][T15424] team0: Port device team_slave_0 added
[ 1056.934801][T15424] team0: Port device team_slave_1 added
[ 1057.419097][T15424] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1057.478944][T15424] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1057.672778][T15424] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1058.173648][T15424] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1058.180648][T15424] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1058.409292][T15424] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1058.959236][T15424] hsr_slave_0: entered promiscuous mode
[ 1059.034650][T15424] hsr_slave_1: entered promiscuous mode
[ 1059.040814][T15424] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1059.112745][T15424] Cannot create hsr debugfs directory
[ 1059.734966][T15572] FAULT_INJECTION: forcing a failure.
[ 1059.734966][T15572] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1059.872597][T15572] CPU: 0 UID: 0 PID: 15572 Comm: syz.6.2355 Tainted: G     U             6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[ 1059.872637][T15572] Tainted: [U]=USER
[ 1059.872648][T15572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1059.872662][T15572] Call Trace:
[ 1059.872668][T15572]  <TASK>
[ 1059.872676][T15572]  dump_stack_lvl+0x16c/0x1f0
[ 1059.872714][T15572]  should_fail_ex+0x50a/0x650
[ 1059.872739][T15572]  _copy_to_user+0x32/0xd0
[ 1059.872765][T15572]  simple_read_from_buffer+0xd0/0x160
[ 1059.872795][T15572]  proc_fail_nth_read+0x198/0x270
[ 1059.872822][T15572]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1059.872882][T15572]  ? rw_verify_area+0xcf/0x680
[ 1059.872909][T15572]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1059.872938][T15572]  vfs_read+0x1df/0xbf0
[ 1059.872970][T15572]  ? __fget_files+0x1fc/0x3a0
[ 1059.873004][T15572]  ? __pfx___mutex_lock+0x10/0x10
[ 1059.873041][T15572]  ? __pfx_vfs_read+0x10/0x10
[ 1059.873080][T15572]  ? __fget_files+0x206/0x3a0
[ 1059.873121][T15572]  ksys_read+0x12b/0x250
[ 1059.873152][T15572]  ? __pfx_ksys_read+0x10/0x10
[ 1059.873192][T15572]  do_syscall_64+0xcd/0x250
[ 1059.873229][T15572]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1059.873262][T15572] RIP: 0033:0x7f3acc98bb7c
[ 1059.873280][T15572] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1059.873302][T15572] RSP: 002b:00007f3acd80d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1059.873324][T15572] RAX: ffffffffffffffda RBX: 00007f3accba5fa0 RCX: 00007f3acc98bb7c
[ 1059.873339][T15572] RDX: 000000000000000f RSI: 00007f3acd80d0a0 RDI: 0000000000000004
[ 1059.873354][T15572] RBP: 00007f3acd80d090 R08: 0000000000000000 R09: 0000000000000000
[ 1059.873368][T15572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1059.873381][T15572] R13: 0000000000000000 R14: 00007f3accba5fa0 R15: 00007ffd97528928
[ 1059.873409][T15572]  </TASK>
[ 1060.344709][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1060.351042][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1060.378888][T15578] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2356'.
[ 1067.359058][T15651] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2364'.
[ 1069.047781][T15666] Invalid ELF header magic: != ELF
[ 1070.430906][T15682] FAULT_INJECTION: forcing a failure.
[ 1070.430906][T15682] name failslab, interval 1, probability 0, space 0, times 0
[ 1070.521452][T15682] CPU: 0 UID: 0 PID: 15682 Comm: syz.6.2367 Tainted: G     U             6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[ 1070.521492][T15682] Tainted: [U]=USER
[ 1070.521500][T15682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1070.521515][T15682] Call Trace:
[ 1070.521521][T15682]  <TASK>
[ 1070.521530][T15682]  dump_stack_lvl+0x16c/0x1f0
[ 1070.521573][T15682]  should_fail_ex+0x50a/0x650
[ 1070.521596][T15682]  ? fs_reclaim_acquire+0xae/0x150
[ 1070.521631][T15682]  should_failslab+0xc2/0x120
[ 1070.521654][T15682]  kmem_cache_alloc_lru_noprof+0x73/0x3d0
[ 1070.521694][T15682]  ? __d_alloc+0x31/0xaa0
[ 1070.521725][T15682]  __d_alloc+0x31/0xaa0
[ 1070.521745][T15682]  ? hlock_class+0x4e/0x130
[ 1070.521775][T15682]  d_alloc+0x4a/0x1e0
[ 1070.521798][T15682]  d_alloc_parallel+0xe7/0x12b0
[ 1070.521840][T15682]  ? __pfx_d_alloc_parallel+0x10/0x10
[ 1070.521870][T15682]  ? hlock_class+0x4e/0x130
[ 1070.521895][T15682]  ? lockdep_init_map_type+0x16d/0x7d0
[ 1070.521932][T15682]  ? lockdep_init_map_type+0x16d/0x7d0
[ 1070.521976][T15682]  __lookup_slow+0x194/0x470
[ 1070.522005][T15682]  ? __pfx___lookup_slow+0x10/0x10
[ 1070.522031][T15682]  ? trace_lock_acquire+0x14e/0x1f0
[ 1070.522074][T15682]  ? d_lookup+0xe7/0x190
[ 1070.522109][T15682]  lookup_one_len+0x181/0x1b0
[ 1070.522137][T15682]  ? __pfx_lookup_one_len+0x10/0x10
[ 1070.522167][T15682]  ? mntput+0x10/0x90
[ 1070.522201][T15682]  start_creating.part.0+0x12f/0x3a0
[ 1070.522244][T15682]  debugfs_create_dir+0x6c/0x5f0
[ 1070.522270][T15682]  ptp_open+0x307/0x520
[ 1070.522298][T15682]  ? __pfx_ptp_open+0x10/0x10
[ 1070.522329][T15682]  ? __pfx_ptp_open+0x10/0x10
[ 1070.522352][T15682]  posix_clock_open+0x157/0x260
[ 1070.522381][T15682]  ? __pfx_posix_clock_open+0x10/0x10
[ 1070.522409][T15682]  chrdev_open+0x237/0x6a0
[ 1070.522446][T15682]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1070.522479][T15682]  ? __pfx_chrdev_open+0x10/0x10
[ 1070.522518][T15682]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 1070.522556][T15682]  do_dentry_open+0x735/0x1c40
[ 1070.522592][T15682]  ? __pfx_chrdev_open+0x10/0x10
[ 1070.522631][T15682]  ? inode_permission+0xdd/0x5f0
[ 1070.522664][T15682]  vfs_open+0x82/0x3f0
[ 1070.522686][T15682]  ? may_open+0x1f2/0x400
[ 1070.522715][T15682]  path_openat+0x1e88/0x2d80
[ 1070.522766][T15682]  ? __pfx_path_openat+0x10/0x10
[ 1070.522802][T15682]  ? __pfx___lock_acquire+0x10/0x10
[ 1070.522835][T15682]  ? lock_acquire.part.0+0x11b/0x380
[ 1070.522869][T15682]  ? find_held_lock+0x2d/0x110
[ 1070.522900][T15682]  do_filp_open+0x20c/0x470
[ 1070.522936][T15682]  ? __pfx_do_filp_open+0x10/0x10
[ 1070.522971][T15682]  ? find_held_lock+0x2d/0x110
[ 1070.523016][T15682]  ? alloc_fd+0x41f/0x760
[ 1070.523058][T15682]  do_sys_openat2+0x17a/0x1e0
[ 1070.523082][T15682]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1070.523119][T15682]  __x64_sys_openat+0x175/0x210
[ 1070.523145][T15682]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1070.523183][T15682]  do_syscall_64+0xcd/0x250
[ 1070.523222][T15682]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1070.523257][T15682] RIP: 0033:0x7f3acc98d169
[ 1070.523276][T15682] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1070.523300][T15682] RSP: 002b:00007f3acd80d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1070.523322][T15682] RAX: ffffffffffffffda RBX: 00007f3accba5fa0 RCX: 00007f3acc98d169
[ 1070.523338][T15682] RDX: 0000000000000440 RSI: 0000200000000140 RDI: ffffffffffffff9c
[ 1070.523354][T15682] RBP: 00007f3acca0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 1070.523368][T15682] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1070.523382][T15682] R13: 0000000000000000 R14: 00007f3accba5fa0 R15: 00007ffd97528928
[ 1070.523411][T15682]  </TASK>
[ 1071.454709][T15686] nbd1: detected capacity change from 0 to 68719476736
[ 1071.649607][T15566] block nbd1: Send control failed (result -22)
[ 1071.692842][T15566] block nbd1: Request send failed, requeueing
[ 1071.818975][T12852] block nbd1: Receive control failed (result -32)
[ 1071.826319][ T5911] block nbd1: Dead connection, failed to find a fallback
[ 1071.835112][ T5911] block nbd1: shutting down sockets
[ 1071.840465][ T5911] blk_print_req_error: 24 callbacks suppressed
[ 1071.840495][ T5911] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1071.857549][ T5911] buffer_io_error: 23 callbacks suppressed
[ 1071.857564][ T5911] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1071.874867][T15566] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1071.906864][T15566] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1071.952850][T15566] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1071.962060][T15566] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1072.021992][T15566] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1072.054672][T15566] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1072.094647][T15566] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1072.145075][T15566] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1072.180577][T15566] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1072.233353][T15566] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1072.241289][T15566] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1072.329329][T15566] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1072.368886][T15566] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1072.405101][T15566] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1072.442867][T15566] ldm_validate_partition_table(): Disk read failed.
[ 1072.449607][T15566] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1072.543129][T15566] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1072.582922][T15566] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1072.642847][T15566] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1072.684574][T15566] Dev nbd1: unable to read RDB block 0
[ 1072.691336][T15566]  nbd1: unable to read partition table
[ 1072.825138][T15566] ldm_validate_partition_table(): Disk read failed.
[ 1072.906307][T15566] Dev nbd1: unable to read RDB block 0
[ 1072.912213][T15566]  nbd1: unable to read partition table
[ 1073.639211][T15720] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2371'.
[ 1073.708797][T15723] netlink: 354 bytes leftover after parsing attributes in process `syz.6.2371'.
[ 1073.805881][T15713] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1073.814089][T15713] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1073.886600][T15713] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1073.937253][T15713] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1073.963049][T15713] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1074.052852][T15713] Bluetooth: hci5: Opcode 0x0406 failed: -4
[ 1074.192851][T15713] Bluetooth: hci5: Opcode 0x0406 failed: -4
[ 1074.273385][T15713] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1074.279361][T15713] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1074.432800][T15713] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1075.618354][T12852] Bluetooth: hci1: command 0x0406 tx timeout
[ 1075.863956][T12852] Bluetooth: hci2: command 0x0406 tx timeout
[ 1075.932997][T12852] Bluetooth: hci3: command 0x0406 tx timeout
[ 1076.021480][T12852] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1076.032831][T15689] Bluetooth: hci4: command 0x0406 tx timeout
[ 1076.332809][T12852] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1078.093230][T12852] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1078.423991][T12852] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1079.306522][T15689] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1079.323482][T15689] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1079.333602][T15689] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1079.341301][T15689] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1079.350001][T15689] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[ 1079.359664][T15689] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1080.128081][T15771] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2382'.
[ 1080.177700][T12852] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1080.345850][T15765] chnl_net:caif_netlink_parms(): no params data found
[ 1080.496729][T12852] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1081.433920][T15765] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1081.441054][T15765] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1081.452978][T12852] Bluetooth: hci6: command tx timeout
[ 1081.506693][T15765] bridge_slave_0: entered allmulticast mode
[ 1081.556300][T15765] bridge_slave_0: entered promiscuous mode
[ 1081.604364][T15765] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1081.611465][T15765] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1081.703402][T15765] bridge_slave_1: entered allmulticast mode
[ 1081.711772][T15765] bridge_slave_1: entered promiscuous mode
[ 1081.943344][T15765] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1082.092406][T15765] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1082.641770][T15765] team0: Port device team_slave_0 added
[ 1082.702342][T15765] team0: Port device team_slave_1 added
[ 1083.091109][T15765] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1083.116927][T15765] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1083.269174][T15765] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1083.332537][T15765] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1083.390857][T15765] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1083.533049][T12852] Bluetooth: hci6: command tx timeout
[ 1083.552758][T15765] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1083.941466][T15765] hsr_slave_0: entered promiscuous mode
[ 1083.981309][T15765] hsr_slave_1: entered promiscuous mode
[ 1084.023599][T15765] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1084.031409][T15765] Cannot create hsr debugfs directory
[ 1085.040008][T15796] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2387'.
[ 1085.619558][T12852] Bluetooth: hci6: command tx timeout
[ 1087.692861][T12852] Bluetooth: hci6: command tx timeout
[ 1091.723873][T15845] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2400'.
[ 1092.608597][T14222] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1092.761066][T15849] Invalid ELF header magic: != ELF
[ 1092.893563][T15851] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2401'.
[ 1093.446877][T14222] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1093.578877][T15854] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2403'.
[ 1093.707186][T15856] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2404'.
[ 1093.738773][T14222] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1093.941983][T14222] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1094.499012][T15863] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2411'.
[ 1094.870225][T14222] bridge_slave_1: left allmulticast mode
[ 1094.884977][T14222] bridge_slave_1: left promiscuous mode
[ 1094.890714][T14222] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1095.112081][T14222] bridge_slave_0: left allmulticast mode
[ 1095.153105][T14222] bridge_slave_0: left promiscuous mode
[ 1095.159356][T14222] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1096.523385][T15689] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1096.542774][T15689] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1096.551506][T15689] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1096.560777][T15689] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1096.568551][T15689] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1096.581635][T15689] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1098.417044][T14222] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1098.645131][T14222] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1098.668552][T12852] Bluetooth: hci2: command tx timeout
[ 1098.861129][T14222] bond0 (unregistering): Released all slaves
[ 1099.241439][T14222] HfR: left promiscuous mode
[ 1100.738771][T12852] Bluetooth: hci2: command tx timeout
[ 1101.261433][T15885] chnl_net:caif_netlink_parms(): no params data found
[ 1102.300950][T14222] hsr_slave_0: left promiscuous mode
[ 1102.313443][T14222] hsr_slave_1: left promiscuous mode
[ 1102.319158][T14222] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1102.352902][T15917] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2410'.
[ 1102.379503][T14222] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1102.463476][T14222] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1102.487857][T14222] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1102.812904][T12852] Bluetooth: hci2: command tx timeout
[ 1102.825829][T14222] veth1_macvtap: left promiscuous mode
[ 1102.831405][T14222] veth0_macvtap: left promiscuous mode
[ 1102.914088][T14222] veth1_vlan: left promiscuous mode
[ 1102.919411][T14222] veth0_vlan: left promiscuous mode
[ 1103.216270][T15938] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2414'.
[ 1104.893295][T12852] Bluetooth: hci2: command tx timeout
[ 1106.865276][T14222] team0 (unregistering): Port device team_slave_1 removed
[ 1107.128910][T14222] team0 (unregistering): Port device team_slave_0 removed
[ 1110.633994][T15885] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1110.641114][T15885] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1110.693074][T15885] bridge_slave_0: entered allmulticast mode
[ 1110.722819][T15885] bridge_slave_0: entered promiscuous mode
[ 1110.743952][T15885] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1110.751234][T15885] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1110.813093][T15885] bridge_slave_1: entered allmulticast mode
[ 1110.819922][T15885] bridge_slave_1: entered promiscuous mode
[ 1111.737277][T15885] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1111.816158][T15885] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1112.374449][T15885] team0: Port device team_slave_0 added
[ 1112.435353][T15885] team0: Port device team_slave_1 added
[ 1112.619414][T15885] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1112.674451][T15885] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1112.839374][T15885] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1112.924385][T15885] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1112.931366][T15885] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1113.147719][T15885] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1113.527164][T15885] hsr_slave_0: entered promiscuous mode
[ 1113.584940][T15885] hsr_slave_1: entered promiscuous mode
[ 1115.113033][T16002] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2419'.
[ 1120.835049][T16053] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT
[ 1121.381251][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1121.389401][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1123.815233][T16100] nbd: must specify an index to disconnect
[ 1125.406558][T16115] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2430'.
[ 1127.664826][T16127] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2431'.
[ 1128.713393][T16131] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2432'.
[ 1135.548674][T16176] FAULT_INJECTION: forcing a failure.
[ 1135.548674][T16176] name failslab, interval 1, probability 0, space 0, times 0
[ 1135.822720][T16176] CPU: 0 UID: 0 PID: 16176 Comm: syz.0.2436 Tainted: G     U             6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[ 1135.822759][T16176] Tainted: [U]=USER
[ 1135.822766][T16176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1135.822782][T16176] Call Trace:
[ 1135.822789][T16176]  <TASK>
[ 1135.822804][T16176]  dump_stack_lvl+0x16c/0x1f0
[ 1135.822847][T16176]  should_fail_ex+0x50a/0x650
[ 1135.822871][T16176]  ? fs_reclaim_acquire+0xae/0x150
[ 1135.822903][T16176]  ? __alloc_workqueue+0xd4c/0x1810
[ 1135.822934][T16176]  should_failslab+0xc2/0x120
[ 1135.822957][T16176]  __kmalloc_noprof+0xcb/0x510
[ 1135.822993][T16176]  ? vsnprintf+0x320/0x1180
[ 1135.823024][T16176]  ? __pfx_lock_release+0x10/0x10
[ 1135.823063][T16176]  __alloc_workqueue+0xd4c/0x1810
[ 1135.823089][T16176]  ? __pfx_vsnprintf+0x10/0x10
[ 1135.823123][T16176]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1135.823157][T16176]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1135.823192][T16176]  alloc_workqueue+0xd3/0x200
[ 1135.823218][T16176]  ? __pfx_alloc_workqueue+0x10/0x10
[ 1135.823251][T16176]  ? __pfx___debug_object_init+0x10/0x10
[ 1135.823289][T16176]  nci_register_device+0x514/0xb80
[ 1135.823318][T16176]  ? __pfx_nci_register_device+0x10/0x10
[ 1135.823356][T16176]  virtual_ncidev_open+0x141/0x220
[ 1135.823395][T16176]  ? __pfx_virtual_ncidev_open+0x10/0x10
[ 1135.823433][T16176]  misc_open+0x35a/0x420
[ 1135.823458][T16176]  ? __pfx_misc_open+0x10/0x10
[ 1135.823482][T16176]  chrdev_open+0x237/0x6a0
[ 1135.823519][T16176]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1135.823551][T16176]  ? __pfx_chrdev_open+0x10/0x10
[ 1135.823591][T16176]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 1135.823629][T16176]  do_dentry_open+0x735/0x1c40
[ 1135.823664][T16176]  ? __pfx_chrdev_open+0x10/0x10
[ 1135.823702][T16176]  ? inode_permission+0xdd/0x5f0
[ 1135.823731][T16176]  vfs_open+0x82/0x3f0
[ 1135.823754][T16176]  ? may_open+0x1f2/0x400
[ 1135.823783][T16176]  path_openat+0x1e88/0x2d80
[ 1135.823835][T16176]  ? __pfx_path_openat+0x10/0x10
[ 1135.823870][T16176]  ? __pfx___lock_acquire+0x10/0x10
[ 1135.823903][T16176]  ? lock_acquire.part.0+0x11b/0x380
[ 1135.823938][T16176]  ? find_held_lock+0x2d/0x110
[ 1135.823967][T16176]  do_filp_open+0x20c/0x470
[ 1135.824003][T16176]  ? __pfx_do_filp_open+0x10/0x10
[ 1135.824037][T16176]  ? find_held_lock+0x2d/0x110
[ 1135.824081][T16176]  ? alloc_fd+0x41f/0x760
[ 1135.824124][T16176]  do_sys_openat2+0x17a/0x1e0
[ 1135.824149][T16176]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1135.824185][T16176]  __x64_sys_openat+0x175/0x210
[ 1135.824211][T16176]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1135.824248][T16176]  do_syscall_64+0xcd/0x250
[ 1135.824287][T16176]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1135.824322][T16176] RIP: 0033:0x7f7891d8d169
[ 1135.824340][T16176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1135.824364][T16176] RSP: 002b:00007f7892c43038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1135.824386][T16176] RAX: ffffffffffffffda RBX: 00007f7891fa6160 RCX: 00007f7891d8d169
[ 1135.824402][T16176] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c
[ 1135.824417][T16176] RBP: 00007f7891e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 1135.824432][T16176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1135.824446][T16176] R13: 0000000000000000 R14: 00007f7891fa6160 R15: 00007ffd18c23478
[ 1135.824474][T16176]  </TASK>
[ 1137.674138][T16195] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2440'.
[ 1139.149943][T15689] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 1139.161836][T15689] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 1139.170462][T15689] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 1139.182863][T15689] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 1139.191212][T15689] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[ 1139.198917][T15689] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 1140.106172][T16217] chnl_net:caif_netlink_parms(): no params data found
[ 1140.747502][T16217] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1140.773975][T16217] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1140.781229][T16217] bridge_slave_0: entered allmulticast mode
[ 1140.883823][T16217] bridge_slave_0: entered promiscuous mode
[ 1140.953373][T16217] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1140.960577][T16217] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1141.043887][T16217] bridge_slave_1: entered allmulticast mode
[ 1141.095371][T16217] bridge_slave_1: entered promiscuous mode
[ 1141.293018][T12852] Bluetooth: hci7: command tx timeout
[ 1141.664625][T16217] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1141.742463][T16217] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1142.047679][T16217] team0: Port device team_slave_0 added
[ 1142.086755][T16217] team0: Port device team_slave_1 added
[ 1142.251956][T16217] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1142.322420][T16217] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1142.491885][T16217] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1142.577544][T16217] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1142.632926][T16217] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1142.769691][T16217] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1143.120644][T16217] hsr_slave_0: entered promiscuous mode
[ 1143.177767][T16217] hsr_slave_1: entered promiscuous mode
[ 1143.216864][T16217] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1143.275222][T16217] Cannot create hsr debugfs directory
[ 1143.375728][T12852] Bluetooth: hci7: command tx timeout
[ 1145.462944][T12852] Bluetooth: hci7: command tx timeout
[ 1146.379233][T12852] Bluetooth: hci5: unexpected event 0x1d length: 6 > 5
[ 1147.533267][T12852] Bluetooth: hci7: command tx timeout
[ 1147.991033][T16351] FAULT_INJECTION: forcing a failure.
[ 1147.991033][T16351] name failslab, interval 1, probability 0, space 0, times 0
[ 1148.072896][T16351] CPU: 0 UID: 0 PID: 16351 Comm: syz.6.2455 Tainted: G     U             6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[ 1148.072940][T16351] Tainted: [U]=USER
[ 1148.072948][T16351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1148.072981][T16351] Call Trace:
[ 1148.072988][T16351]  <TASK>
[ 1148.072998][T16351]  dump_stack_lvl+0x16c/0x1f0
[ 1148.073040][T16351]  should_fail_ex+0x50a/0x650
[ 1148.073063][T16351]  ? fs_reclaim_acquire+0xae/0x150
[ 1148.073097][T16351]  should_failslab+0xc2/0x120
[ 1148.073120][T16351]  kmem_cache_alloc_noprof+0x6e/0x3d0
[ 1148.073157][T16351]  ? vma_merge_new_range+0x40a/0xbb0
[ 1148.073195][T16351]  ? vm_area_alloc+0x134/0x230
[ 1148.073236][T16351]  vm_area_alloc+0x134/0x230
[ 1148.073271][T16351]  ? __pfx_hugetlb_vm_op_close+0x10/0x10
[ 1148.073299][T16351]  __mmap_region+0x108d/0x27b0
[ 1148.073324][T16351]  ? __pfx___mmap_region+0x10/0x10
[ 1148.073362][T16351]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1148.073402][T16351]  ? hlock_class+0x4e/0x130
[ 1148.073427][T16351]  ? mark_lock+0xb5/0xc60
[ 1148.073508][T16351]  ? cap_capable+0xb3/0x250
[ 1148.073539][T16351]  mmap_region+0x1ab/0x3f0
[ 1148.073566][T16351]  do_mmap+0xd8d/0x11b0
[ 1148.073604][T16351]  ? __pfx_do_mmap+0x10/0x10
[ 1148.073636][T16351]  ? __pfx_down_write_killable+0x10/0x10
[ 1148.073665][T16351]  vm_mmap_pgoff+0x279/0x440
[ 1148.073704][T16351]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1148.073745][T16351]  ? __x64_sys_futex+0x1e1/0x4c0
[ 1148.073773][T16351]  ? __x64_sys_futex+0x1ea/0x4c0
[ 1148.073807][T16351]  ksys_mmap_pgoff+0x7d/0x5c0
[ 1148.073837][T16351]  ? rcu_is_watching+0x12/0xc0
[ 1148.073865][T16351]  __x64_sys_mmap+0x125/0x190
[ 1148.073904][T16351]  do_syscall_64+0xcd/0x250
[ 1148.073943][T16351]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1148.073977][T16351] RIP: 0033:0x7f3acc98d169
[ 1148.073995][T16351] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1148.074019][T16351] RSP: 002b:00007f3acd80d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1148.074041][T16351] RAX: ffffffffffffffda RBX: 00007f3accba5fa0 RCX: 00007f3acc98d169
[ 1148.074057][T16351] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000
[ 1148.074071][T16351] RBP: 00007f3acca0e2a0 R08: fffffffffffffffa R09: 0000000000008000
[ 1148.074087][T16351] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[ 1148.074101][T16351] R13: 0000000000000000 R14: 00007f3accba5fa0 R15: 00007ffd97528928
[ 1148.074129][T16351]  </TASK>
[ 1150.394458][T16388] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2463'.
[ 1150.859365][T16395] netlink: zone id is out of range
[ 1150.890437][T16395] netlink: zone id is out of range
[ 1150.922453][T16395] netlink: zone id is out of range
[ 1151.011516][T16395] netlink: zone id is out of range
[ 1151.056072][T16395] netlink: zone id is out of range
[ 1151.108917][T16395] netlink: zone id is out of range
[ 1151.191177][T16399] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2460'.
[ 1151.231924][T16395] netlink: set zone limit has 8 unknown bytes
[ 1151.520363][T16402] debugfs: Directory '!PjEùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' with parent 'ieee80211' already present!
[ 1153.404843][T16416] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1153.473625][T16416] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1153.513556][T16416] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1153.590407][T16416] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1153.652969][T16416] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[ 1153.720295][T16416] Bluetooth: hci6: Opcode 0x0406 failed: -4
[ 1153.764445][T16416] Bluetooth: hci6: Opcode 0x0406 failed: -4
[ 1153.873863][T16416] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1153.922998][T16416] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1153.977324][T16416] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1154.073544][T16416] Bluetooth: hci7: Opcode 0x0c1a failed: -4
[ 1154.156864][T16416] Bluetooth: hci7: Opcode 0x0406 failed: -4
[ 1154.172592][T16416] Bluetooth: hci7: Opcode 0x0406 failed: -4
[ 1154.344450][T15689] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1154.358454][T15689] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1154.366842][T15689] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1154.376955][T15689] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1154.384752][T15689] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1154.404427][T15689] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1154.820299][T15689] Bluetooth: hci3: command 0x0406 tx timeout
[ 1154.892061][T16417] chnl_net:caif_netlink_parms(): no params data found
[ 1155.274317][T16417] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1155.281531][T16417] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1155.324004][T16417] bridge_slave_0: entered allmulticast mode
[ 1155.365069][T16417] bridge_slave_0: entered promiscuous mode
[ 1155.412543][T16417] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1155.432969][T16417] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1155.440233][T16417] bridge_slave_1: entered allmulticast mode
[ 1155.452942][T15689] Bluetooth: hci4: command 0x0406 tx timeout
[ 1155.504018][T16417] bridge_slave_1: entered promiscuous mode
[ 1155.533154][T15689] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1155.539227][T15689] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1155.701169][T15689] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1155.936490][T16417] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1155.947614][T15689] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1156.029398][T16417] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1156.093059][T15689] Bluetooth: hci7: command 0x0c1a tx timeout
[ 1156.501833][T15689] Bluetooth: hci1: command tx timeout
[ 1156.621750][T16417] team0: Port device team_slave_0 added
[ 1156.674915][T16417] team0: Port device team_slave_1 added
[ 1156.853132][T12852] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[ 1156.866458][T12852] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[ 1156.874645][T12852] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[ 1156.885138][T12852] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[ 1156.894838][T12852] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[ 1156.903093][T12852] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[ 1157.372248][T16417] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1157.413685][T16417] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1157.532927][T16417] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1157.752251][T16417] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1157.772933][T12852] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1157.802501][T16417] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1157.922694][T16417] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1158.013099][T12852] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1158.161697][T16417] hsr_slave_0: entered promiscuous mode
[ 1158.172974][T12852] Bluetooth: hci7: command 0x0c1a tx timeout
[ 1158.211009][T16417] hsr_slave_1: entered promiscuous mode
[ 1158.233915][T16417] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1158.241515][T16417] Cannot create hsr debugfs directory
[ 1158.572995][T12852] Bluetooth: hci1: command tx timeout
[ 1158.982798][T12852] Bluetooth: hci8: command tx timeout
[ 1159.466179][T16442] chnl_net:caif_netlink_parms(): no params data found
[ 1159.848813][T16442] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1159.856404][T12852] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1159.892781][T16442] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1159.900050][T16442] bridge_slave_0: entered allmulticast mode
[ 1159.943879][T16442] bridge_slave_0: entered promiscuous mode
[ 1159.983720][T16442] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1159.990825][T16442] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1160.043189][T16442] bridge_slave_1: entered allmulticast mode
[ 1160.075688][T16442] bridge_slave_1: entered promiscuous mode
[ 1160.093133][T12852] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1160.186070][T16442] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1160.234999][T16442] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1160.254847][T12852] Bluetooth: hci7: command 0x0c1a tx timeout
[ 1160.463615][T16442] team0: Port device team_slave_0 added
[ 1160.495105][T16442] team0: Port device team_slave_1 added
[ 1160.583970][T16442] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1160.622842][T16442] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1160.662137][T12852] Bluetooth: hci1: command tx timeout
[ 1160.731900][T16442] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1160.792426][T16442] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1160.826353][T16442] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1160.932863][T16442] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1161.053341][T12852] Bluetooth: hci8: command tx timeout
[ 1161.188200][T16442] hsr_slave_0: entered promiscuous mode
[ 1161.229644][T16442] hsr_slave_1: entered promiscuous mode
[ 1161.254460][T16442] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1161.262096][T16442] Cannot create hsr debugfs directory
[ 1162.052946][T16460] netlink: 68 bytes leftover after parsing attributes in process `syz.6.2472'.
[ 1162.733054][T12852] Bluetooth: hci1: command tx timeout
[ 1162.808838][T16463] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2473'.
[ 1163.132892][T12852] Bluetooth: hci8: command tx timeout
[ 1163.423395][T16466] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2474'.
[ 1164.646404][T12852] Bluetooth: hci5: unexpected event 0x1d length: 6 > 5
[ 1165.223069][T12852] Bluetooth: hci8: command tx timeout
[ 1168.477892][T16474] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 1168.960219][T13012] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 1168.969924][T13012] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 1169.011306][T13012] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 1169.047756][T13012] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 1169.086757][T13012] rtc rtc0: __rtc_set_alarm: err=-22
[ 1171.508408][T16485] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2479'.
[ 1176.887401][T16498] FAULT_INJECTION: forcing a failure.
[ 1176.887401][T16498] name failslab, interval 1, probability 0, space 0, times 0
[ 1176.971260][T16498] CPU: 0 UID: 0 PID: 16498 Comm: syz.6.2482 Tainted: G     U             6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[ 1176.971300][T16498] Tainted: [U]=USER
[ 1176.971308][T16498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1176.971323][T16498] Call Trace:
[ 1176.971330][T16498]  <TASK>
[ 1176.971339][T16498]  dump_stack_lvl+0x16c/0x1f0
[ 1176.971379][T16498]  should_fail_ex+0x50a/0x650
[ 1176.971402][T16498]  ? fs_reclaim_acquire+0xae/0x150
[ 1176.971434][T16498]  ? device_add+0xccf/0x1a70
[ 1176.971468][T16498]  should_failslab+0xc2/0x120
[ 1176.971491][T16498]  __kmalloc_cache_noprof+0x68/0x410
[ 1176.971531][T16498]  device_add+0xccf/0x1a70
[ 1176.971574][T16498]  ? dev_set_name+0xc8/0x100
[ 1176.971595][T16498]  ? __pfx_dev_set_name+0x10/0x10
[ 1176.971615][T16498]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1176.971648][T16498]  ? __pfx_device_add+0x10/0x10
[ 1176.971685][T16498]  ? sprintf+0xcd/0x110
[ 1176.971717][T16498]  ? __pfx_sprintf+0x10/0x10
[ 1176.971753][T16498]  add_disk_fwnode+0x468/0x1320
[ 1176.971790][T16498]  loop_add+0x901/0xb60
[ 1176.971824][T16498]  ? do_vfs_ioctl+0x513/0x1990
[ 1176.971853][T16498]  ? __pfx_loop_add+0x10/0x10
[ 1176.971886][T16498]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1176.971928][T16498]  ? __pfx_lock_release+0x10/0x10
[ 1176.971962][T16498]  ? trace_lock_acquire+0x14e/0x1f0
[ 1176.971989][T16498]  ? __pfx___might_resched+0x10/0x10
[ 1176.972029][T16498]  ? 0xffffffff81000000
[ 1176.972045][T16498]  ? 0xffffffff81000000
[ 1176.972060][T16498]  loop_control_ioctl+0x13e/0x640
[ 1176.972098][T16498]  ? __pfx_loop_control_ioctl+0x10/0x10
[ 1176.972133][T16498]  ? __fget_files+0x206/0x3a0
[ 1176.972170][T16498]  ? 0xffffffff81000000
[ 1176.972185][T16498]  ? __pfx_loop_control_ioctl+0x10/0x10
[ 1176.972223][T16498]  ? 0xffffffff81000000
[ 1176.972238][T16498]  __x64_sys_ioctl+0x190/0x200
[ 1176.972268][T16498]  do_syscall_64+0xcd/0x250
[ 1176.972311][T16498]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1176.972346][T16498] RIP: 0033:0x7f3acc98d169
[ 1176.972363][T16498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1176.972387][T16498] RSP: 002b:00007f3acd80d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1176.972409][T16498] RAX: ffffffffffffffda RBX: 00007f3accba5fa0 RCX: 00007f3acc98d169
[ 1176.972425][T16498] RDX: ffffffff81000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1176.972440][T16498] RBP: 00007f3acca0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 1176.972454][T16498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1176.972469][T16498] R13: 0000000000000000 R14: 00007f3accba5fa0 R15: 00007ffd97528928
[ 1176.972491][T16498]  ? 0xffffffff81000000
[ 1176.972510][T16498]  </TASK>
[ 1181.724268][T16514] device-mapper: ioctl: device name cannot contain '/'
[ 1182.821970][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1182.828446][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1184.944799][T16522] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2488'.
[ 1189.186526][T16529] misc userio: No port type given on /dev/userio
[ 1189.372481][T16530] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14
[ 1193.325036][T16557] Invalid ELF header magic: != ELF
[ 1197.207715][T16578] can: request_module (can-proto-0) failed.
[ 1197.307695][T16578] FAULT_INJECTION: forcing a failure.
[ 1197.307695][T16578] name failslab, interval 1, probability 0, space 0, times 0
[ 1197.349119][T16578] CPU: 0 UID: 0 PID: 16578 Comm: syz.6.2499 Tainted: G     U             6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[ 1197.349157][T16578] Tainted: [U]=USER
[ 1197.349165][T16578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1197.349179][T16578] Call Trace:
[ 1197.349186][T16578]  <TASK>
[ 1197.349194][T16578]  dump_stack_lvl+0x16c/0x1f0
[ 1197.349236][T16578]  should_fail_ex+0x50a/0x650
[ 1197.349258][T16578]  ? fs_reclaim_acquire+0xae/0x150
[ 1197.349291][T16578]  should_failslab+0xc2/0x120
[ 1197.349323][T16578]  kmem_cache_alloc_lru_noprof+0x73/0x3d0
[ 1197.349360][T16578]  ? __pfx_lookup_one_len+0x10/0x10
[ 1197.349387][T16578]  ? alloc_inode+0x5d/0x230
[ 1197.349411][T16578]  ? __pfx_debugfs_alloc_inode+0x10/0x10
[ 1197.349449][T16578]  alloc_inode+0x5d/0x230
[ 1197.349470][T16578]  new_inode+0x22/0x210
[ 1197.349490][T16578]  ? start_creating.part.0+0x25d/0x3a0
[ 1197.349531][T16578]  __debugfs_create_file+0x11a/0x6b0
[ 1197.349556][T16578]  debugfs_create_file_full+0x41/0x60
[ 1197.349582][T16578]  kvm_dev_ioctl+0x14c6/0x1a90
[ 1197.349630][T16578]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1197.349671][T16578]  ? __fget_files+0x206/0x3a0
[ 1197.349708][T16578]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1197.349747][T16578]  __x64_sys_ioctl+0x190/0x200
[ 1197.349799][T16578]  do_syscall_64+0xcd/0x250
[ 1197.349838][T16578]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1197.349885][T16578] RIP: 0033:0x7f3acc98d169
[ 1197.349902][T16578] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1197.349924][T16578] RSP: 002b:00007f3acd80d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1197.349964][T16578] RAX: ffffffffffffffda RBX: 00007f3accba5fa0 RCX: 00007f3acc98d169
[ 1197.349979][T16578] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000006
[ 1197.349994][T16578] RBP: 00007f3acca0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 1197.350008][T16578] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1197.350023][T16578] R13: 0000000000000000 R14: 00007f3accba5fa0 R15: 00007ffd97528928
[ 1197.350051][T16578]  </TASK>
[ 1197.350060][T16578] debugfs: out of free dentries, can not create file 'max_mmu_rmap_size'
[ 1197.509736][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1198.994471][T15689] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[ 1199.012874][T15689] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[ 1199.021264][T15689] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[ 1199.032890][T15689] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[ 1199.040478][T15689] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[ 1199.048181][T15689] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[ 1199.745839][T16586] chnl_net:caif_netlink_parms(): no params data found
[ 1200.165259][T16586] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1200.172371][T16586] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1200.203085][T16586] bridge_slave_0: entered allmulticast mode
[ 1200.264178][T16586] bridge_slave_0: entered promiscuous mode
[ 1200.373122][T16586] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1200.380257][T16586] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1200.453596][T16586] bridge_slave_1: entered allmulticast mode
[ 1200.502114][T16586] bridge_slave_1: entered promiscuous mode
[ 1200.656458][T16586] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1200.715373][T16586] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1200.926595][T16586] team0: Port device team_slave_0 added
[ 1200.974226][T16586] team0: Port device team_slave_1 added
[ 1201.088603][T16586] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1201.123168][T16586] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1201.162815][T15689] Bluetooth: hci9: command tx timeout
[ 1201.260614][T16586] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1201.343020][T16586] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1201.350003][T16586] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1201.482664][T16586] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1201.611641][T16586] hsr_slave_0: entered promiscuous mode
[ 1201.652086][T16586] hsr_slave_1: entered promiscuous mode
[ 1201.683599][T16586] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1201.691191][T16586] Cannot create hsr debugfs directory
[ 1203.213166][T15689] Bluetooth: hci9: command tx timeout
[ 1205.292998][T15689] Bluetooth: hci9: command tx timeout
[ 1206.244507][T16624] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2508'.
[ 1207.372969][T15689] Bluetooth: hci9: command tx timeout
[ 1208.413057][   T31] INFO: task syz-executor:15424 blocked for more than 143 seconds.
[ 1208.421024][   T31]       Tainted: G     U             6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[ 1208.645057][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1208.682560][   T31] task:syz-executor    state:D stack:23280 pid:15424 tgid:15424 ppid:1      task_flags:0x480140 flags:0x00004006
[ 1208.737107][   T31] Call Trace:
[ 1208.747237][   T31]  <TASK>
[ 1208.766985][   T31]  __schedule+0xf43/0x5890
[ 1208.790796][   T31]  ? __pfx___lock_acquire+0x10/0x10
[ 1208.812910][   T31]  ? add_lock_to_list+0x17d/0x390
[ 1208.827692][   T31]  ? __pfx___schedule+0x10/0x10
[ 1208.852734][   T31]  ? schedule+0x298/0x350
[ 1208.861592][   T31]  ? __pfx_lock_release+0x10/0x10
[ 1208.878044][   T31]  ? lock_acquire+0x2f/0xb0
[ 1208.894046][   T31]  ? schedule+0x1fd/0x350
[ 1208.909607][   T31]  schedule+0xe7/0x350
[ 1208.922517][   T31]  schedule_timeout+0x244/0x280
[ 1208.938784][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[ 1208.957177][   T31]  ? mark_held_locks+0x9f/0xe0
[ 1208.971982][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1208.991025][   T31]  __wait_for_common+0x3e1/0x600
[ 1209.007803][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[ 1209.026804][   T31]  ? __pfx___wait_for_common+0x10/0x10
[ 1209.045008][   T31]  remove_one+0x30f/0x420
[ 1209.061153][   T31]  ? __pfx_remove_one+0x10/0x10
[ 1209.077338][   T31]  simple_recursive_removal+0x4e2/0x8e0
[ 1209.097925][   T31]  ? __pfx_remove_one+0x10/0x10
[ 1209.113605][   T31]  debugfs_remove+0x5d/0x80
[ 1209.128378][   T31]  nsim_dev_health_exit+0x3b/0xe0
[ 1209.152801][   T31]  nsim_dev_reload_destroy+0x143/0x4d0
[ 1209.165517][   T31]  nsim_drv_remove+0x52/0x1d0
[ 1209.179194][   T31]  ? __pfx_nsim_bus_remove+0x10/0x10
[ 1209.196915][   T31]  device_remove+0xc8/0x170
[ 1209.212477][   T31]  device_release_driver_internal+0x44a/0x610
[ 1209.245052][   T31]  bus_remove_device+0x22f/0x420
[ 1209.258355][   T31]  device_del+0x396/0x9f0
[ 1209.270977][   T31]  ? __pfx_device_del+0x10/0x10
[ 1209.287762][   T31]  device_unregister+0x1d/0xc0
[ 1209.314987][   T31]  del_device_store+0x346/0x4b0
[ 1209.325533][   T31]  ? __pfx_del_device_store+0x10/0x10
[ 1209.343306][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1209.359510][   T31]  ? __pfx_del_device_store+0x10/0x10
[ 1209.377783][   T31]  bus_attr_store+0x71/0xb0
[ 1209.396281][   T31]  ? __pfx_bus_attr_store+0x10/0x10
[ 1209.418196][   T31]  sysfs_kf_write+0x117/0x170
[ 1209.434494][   T31]  kernfs_fop_write_iter+0x33d/0x500
[ 1209.452775][   T31]  ? __pfx_sysfs_kf_write+0x10/0x10
[ 1209.469194][   T31]  vfs_write+0x5ae/0x1150
[ 1209.484948][   T31]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[ 1209.504288][   T31]  ? __pfx_vfs_write+0x10/0x10
[ 1209.519094][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1209.542986][   T31]  ksys_write+0x12b/0x250
[ 1209.561178][   T31]  ? __pfx_ksys_write+0x10/0x10
[ 1209.581367][   T31]  do_syscall_64+0xcd/0x250
[ 1209.595066][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1209.619031][   T31] RIP: 0033:0x7f3c58f8bc1f
[ 1209.638245][   T31] RSP: 002b:00007ffce48a7e10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1209.668762][   T31] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f3c58f8bc1f
[ 1209.693491][   T31] RDX: 0000000000000001 RSI: 00007ffce48a7e60 RDI: 0000000000000005
[ 1209.723787][   T31] RBP: 00007f3c5900f4fd R08: 0000000000000000 R09: 00007ffce48a7c67
[ 1209.746356][   T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[ 1209.776558][   T31] R13: 00007ffce48a7e60 R14: 00007f3c59cd4620 R15: 0000000000000003
[ 1209.802805][   T31]  </TASK>
[ 1209.813000][   T31] INFO: task syz.5.2359:15604 blocked for more than 144 seconds.
[ 1209.842899][   T31]       Tainted: G     U             6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[ 1209.868913][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1209.897565][   T31] task:syz.5.2359      state:D stack:27904 pid:15604 tgid:15603 ppid:12850  task_flags:0x400140 flags:0x00000004
[ 1209.936356][   T31] Call Trace:
[ 1209.948696][   T31]  <TASK>
[ 1209.959450][   T31]  __schedule+0xf43/0x5890
[ 1209.973221][   T31]  ? __pfx___lock_acquire+0x10/0x10
[ 1209.992440][   T31]  ? __pfx___lock_acquire+0x10/0x10
[ 1210.010754][   T31]  ? __pfx___schedule+0x10/0x10
[ 1210.026020][   T31]  ? schedule+0x298/0x350
[ 1210.040538][   T31]  ? __pfx_lock_release+0x10/0x10
[ 1210.059053][   T31]  ? __mutex_trylock_common+0x78/0x250
[ 1210.075924][   T31]  ? lock_acquire+0x2f/0xb0
[ 1210.090530][   T31]  ? schedule+0x1fd/0x350
[ 1210.109892][   T31]  schedule+0xe7/0x350
[ 1210.122691][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1210.140543][   T31]  __mutex_lock+0x6bd/0xb10
[ 1210.154619][   T31]  ? devlink_health_report+0x3c5/0x9d0
[ 1210.182837][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1210.195861][   T31]  ? irqentry_exit+0x3b/0x90
[ 1210.209632][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1210.231062][   T31]  ? devlink_health_report+0x3c5/0x9d0
[ 1210.249020][   T31]  devlink_health_report+0x3c5/0x9d0
[ 1210.274494][   T31]  ? __pfx_devlink_health_report+0x10/0x10
[ 1210.295064][   T31]  ? _copy_from_user+0x59/0xd0
[ 1210.311070][   T31]  nsim_dev_health_break_write+0x167/0x210
[ 1210.335385][   T31]  ? __pfx_nsim_dev_health_break_write+0x10/0x10
[ 1210.363752][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1210.370878][   T31]  ? trace_lock_acquire+0x14e/0x1f0
[ 1210.387390][   T31]  full_proxy_write+0x13c/0x200
[ 1210.405603][   T31]  ? __pfx_full_proxy_write+0x10/0x10
[ 1210.422354][   T31]  vfs_write+0x24c/0x1150
[ 1210.439916][   T31]  ? __fget_files+0x1fc/0x3a0
[ 1210.456346][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1210.472807][   T31]  ? __pfx_vfs_write+0x10/0x10
[ 1210.487632][   T31]  ? __fget_files+0x206/0x3a0
[ 1210.502410][   T31]  ksys_write+0x12b/0x250
[ 1210.519507][   T31]  ? __pfx_ksys_write+0x10/0x10
[ 1210.537006][   T31]  do_syscall_64+0xcd/0x250
[ 1210.552748][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1210.572829][   T31] RIP: 0033:0x7f085df8d169
[ 1210.587444][   T31] RSP: 002b:00007f085bdf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1210.615013][   T31] RAX: ffffffffffffffda RBX: 00007f085e1a5fa0 RCX: 00007f085df8d169
[ 1210.640147][   T31] RDX: 00000000000000ef RSI: 0000000000000000 RDI: 0000000000000004
[ 1210.671020][   T31] RBP: 00007f085e00e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 1210.698992][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1210.721627][   T31] R13: 0000000000000000 R14: 00007f085e1a5fa0 R15: 00007ffe23fb1368
[ 1210.754268][   T31]  </TASK>
[ 1210.759699][   T31] 
[ 1210.759699][   T31] Showing all locks held in the system:
[ 1210.792886][   T31] 1 lock held by khungtaskd/31:
[ 1210.802365][   T31]  #0: ffffffff8e1bd140 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x7f/0x390
[ 1210.835757][   T31] 2 locks held by getty/5597:
[ 1210.849905][   T31]  #0: ffff8880318fd0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[ 1210.885571][   T31]  #1: ffffc900033032f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0xfba/0x1480
[ 1210.918351][   T31] 1 lock held by syz.2.438/7614:
[ 1210.935673][   T31] 3 locks held by kworker/u8:16/14197:
[ 1210.952299][   T31] 7 locks held by syz-executor/15424:
[ 1210.971344][   T31]  #0: ffff88803104c420 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12b/0x250
[ 1211.007180][   T31]  #1: ffff888025b6cc88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x27b/0x500
[ 1211.036780][   T31]  #2: ffff888027a0ee18 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x29e/0x500
[ 1211.070687][   T31]  #3: ffffffff8f4a4bc8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd2/0x4b0
[ 1211.103804][   T31]  #4: ffff888062cf40e8 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xa4/0x610
[ 1211.137309][   T31]  #5: ffff888062cf5250 (&devlink->lock_key#2){+.+.}-{4:4}, at: nsim_drv_remove+0x4a/0x1d0
[ 1211.169759][   T31]  #6: ffff88807af16f20 (&sb->s_type->i_mutex_key#3){++++}-{4:4}, at: simple_recursive_removal+0x2f5/0x8e0
[ 1211.210946][   T31] 3 locks held by syz.5.2359/15604:
[ 1211.228842][   T31]  #0: ffff88804700a638 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x267/0x390
[ 1211.262475][   T31]  #1: ffff888141ae2420 (sb_writers#9){.+.+}-{0:0}, at: ksys_write+0x12b/0x250
[ 1211.310909][   T31]  #2: ffff888062cf5250 (&devlink->lock_key#2){+.+.}-{4:4}, at: devlink_health_report+0x3c5/0x9d0
[ 1211.346242][   T31] 4 locks held by syz-executor/15765:
[ 1211.366081][   T31]  #0: ffff88803104c420 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12b/0x250
[ 1211.394538][   T31]  #1: ffff888036af5888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x27b/0x500
[ 1211.426112][   T31]  #2: ffff888027a0ee18 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x29e/0x500
[ 1211.462896][   T31]  #3: ffffffff8f4a4bc8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd2/0x4b0
[ 1211.497147][   T31] 4 locks held by syz-executor/15885:
[ 1211.514427][   T31]  #0: ffff88803104c420 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12b/0x250
[ 1211.548110][   T31]  #1: ffff888046477488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x27b/0x500
[ 1211.579333][   T31]  #2: ffff888027a0ee18 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x29e/0x500
[ 1211.611620][   T31]  #3: ffffffff8f4a4bc8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd2/0x4b0
[ 1211.644997][   T31] 4 locks held by syz-executor/16217:
[ 1211.667344][   T31]  #0: ffff88803104c420 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12b/0x250
[ 1211.694713][   T31]  #1: ffff888022ed2088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x27b/0x500
[ 1211.727261][   T31]  #2: ffff888027a0ee18 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x29e/0x500
[ 1211.759474][   T31]  #3: ffffffff8f4a4bc8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd2/0x4b0
[ 1211.798491][   T31] 4 locks held by syz-executor/16417:
[ 1211.827340][   T31]  #0: ffff88803104c420 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12b/0x250
[ 1211.859861][   T31]  #1: ffff88802f04dc88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x27b/0x500
[ 1211.896716][   T31]  #2: ffff888027a0ee18 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x29e/0x500
[ 1211.927216][   T31]  #3: ffffffff8f4a4bc8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd2/0x4b0
[ 1211.963230][   T31] 4 locks held by syz-executor/16442:
[ 1211.978699][   T31]  #0: ffff88803104c420 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12b/0x250
[ 1212.012518][   T31]  #1: ffff888032ac6488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x27b/0x500
[ 1212.042736][   T31]  #2: ffff888027a0ee18 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x29e/0x500
[ 1212.077661][   T31]  #3: ffffffff8f4a4bc8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd2/0x4b0
[ 1212.111670][   T31] 4 locks held by syz-executor/16586:
[ 1212.132670][   T31]  #0: ffff88803104c420 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12b/0x250
[ 1212.160937][   T31]  #1: ffff888026602888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x27b/0x500
[ 1212.193962][   T31]  #2: ffff888027a0ee18 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x29e/0x500
[ 1212.229447][   T31]  #3: ffffffff8f4a4bc8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd2/0x4b0
[ 1212.264870][   T31] 
[ 1212.274939][   T31] =============================================
[ 1212.274939][   T31] 
[ 1212.308361][   T31] NMI backtrace for cpu 0
[ 1212.308381][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G     U             6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[ 1212.308413][   T31] Tainted: [U]=USER
[ 1212.308419][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1212.308432][   T31] Call Trace:
[ 1212.308438][   T31]  <TASK>
[ 1212.308446][   T31]  dump_stack_lvl+0x116/0x1f0
[ 1212.308485][   T31]  nmi_cpu_backtrace+0x27b/0x390
[ 1212.308510][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1212.308542][   T31]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[ 1212.308569][   T31]  watchdog+0xf62/0x12b0
[ 1212.308605][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1212.308636][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1212.308668][   T31]  ? __kthread_parkme+0x148/0x220
[ 1212.308690][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1212.308723][   T31]  kthread+0x3af/0x750
[ 1212.308750][   T31]  ? __pfx_kthread+0x10/0x10
[ 1212.308787][   T31]  ? __pfx_kthread+0x10/0x10
[ 1212.308815][   T31]  ret_from_fork+0x45/0x80
[ 1212.308845][   T31]  ? __pfx_kthread+0x10/0x10
[ 1212.308872][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1212.308908][   T31]  </TASK>
[ 1212.308918][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 1212.427441][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G     U             6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[ 1212.439435][   T31] Tainted: [U]=USER
[ 1212.443254][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1212.453328][   T31] Call Trace:
[ 1212.456628][   T31]  <TASK>
[ 1212.459565][   T31]  dump_stack_lvl+0x3d/0x1f0
[ 1212.464182][   T31]  panic+0x71d/0x800
[ 1212.468091][   T31]  ? __pfx_panic+0x10/0x10
[ 1212.472531][   T31]  ? ret_from_fork_asm+0x1a/0x30
[ 1212.477485][   T31]  ? irq_work_claim+0x76/0xa0
[ 1212.482181][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1212.488174][   T31]  ? irq_work_queue+0x2a/0x80
[ 1212.492964][   T31]  ? watchdog+0xdcc/0x12b0
[ 1212.497408][   T31]  ? watchdog+0xdbf/0x12b0
[ 1212.501847][   T31]  watchdog+0xddd/0x12b0
[ 1212.506113][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1212.510809][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1212.516030][   T31]  ? __kthread_parkme+0x148/0x220
[ 1212.521068][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1212.525770][   T31]  kthread+0x3af/0x750
[ 1212.529853][   T31]  ? __pfx_kthread+0x10/0x10
[ 1212.534489][   T31]  ? __pfx_kthread+0x10/0x10
[ 1212.539093][   T31]  ret_from_fork+0x45/0x80
[ 1212.543526][   T31]  ? __pfx_kthread+0x10/0x10
[ 1212.548130][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1212.552930][   T31]  </TASK>
[ 1212.556027][   T31] Kernel Offset: disabled
[ 1212.560368][   T31] Rebooting in 86400 seconds..