last executing test programs:

19m52.197410036s ago: executing program 2 (id=902):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, 0x0) (async)
ioctl$auto(0x3, 0x80000541b, 0x38) (async)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/stat_refresh\x00', 0x101202, 0x0) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket(0x2, 0x3, 0x2)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/pagemap\x00', 0x82840, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
open(&(0x7f0000000100)='./bus\x00', 0x14d27e, 0x72) (async)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/time\x00') (async)
socket(0x2, 0x1, 0x84) (async)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) (async)
openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) (async)
pipe$auto(0x0) (async)
r3 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) (async)
connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x0, @multicast1}, 0x55)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r2, 0x0, 0x0) (async)
sendfile$auto(r3, r1, 0x0, 0x48)

19m50.674377829s ago: executing program 2 (id=904):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), 0xffffffffffffffff)
sendmsg$auto_NET_SHAPER_CMD_GROUP(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2004c804}, 0x14)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
recvfrom$auto(0x4, 0x0, 0x101d0, 0x3ffffd, 0x0, 0x0)
r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000000c0), r2)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)
r3 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000440)='/proc/thread-self/clear_refs\x00', 0x20001, 0x0)
ioctl$auto_FIDEDUPERANGE(r3, 0xc0189436, 0x8000000000000001)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_FLOW_CMD_GET(r4, 0x0, 0x800)
madvise$auto(0x0, 0x2003f0, 0x15)
madvise$auto(0x0, 0x200007, 0x19)
timerfd_create$auto(0x9, 0x2)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r5, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
inotify_add_watch$auto(0xffffffffffffffff, 0x0, 0x0)
r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000200), r0)
sendmsg$auto_NL80211_CMD_GET_SCAN(r1, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000340)={&(0x7f0000000440)={0x184, r6, 0x2, 0x70bd2a, 0x25dfdbff, {}, [@NL80211_ATTR_BEACON_TAIL={0xbd, 0xf, "ff5f44cbe16acee11f4cf120f00ed941783bd4976ff3d6574df5d01641dd961db658444f4a114b7473191d2c80240f520bf3a5aef0098c08742c99d60a7fa16154eff6ba1d83f0859ac29e99fe55585018c40448d0f2507890289e4c5c31f024e201f54a9a7f7a03fb6b59c618e0e541d4a3d96eae00481135c2934676b4456901d1cc54fdb9ca6c9aca74d9cd1b4a748e6739ed515526b20294603b5877f436c11dd44e037f485a73e6f5dd0599928470c2a24dbe5f26da9a"}, @NL80211_ATTR_AP_SETTINGS_FLAGS={0x8, 0x135, 0x5}, @NL80211_ATTR_PROBE_RESP={0xa5, 0x91, "880ce809b94cd391041d5594018d34c4cdc0b407da9ded421f919b92e2c024e4d9cd2674a0952921e6c04f6b2f0d8f4204f05a8ed5a8223fd8eb6bc9c5d140124e35b226057fe1235af34a530090d43e28f61a2beb755102ddff7364ee7250b05c425e53ab9e27a6e99e558e867755b6e6346c24affab9b16ef52d815c74a99fdb4e974365c16bd535a4199405e1e2674bcbd48f4027bfb4b7602b87f569253b65"}]}, 0x184}}, 0x4000000)
r7 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/pcmC1D1p\x00', 0x0, 0x0)
bpf$auto(0x0, &(0x7f0000000100)=@info={r7, 0xb09, 0x1000}, 0x6f4)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x2, 0x9, 0x2, 0x6]}, 0x0)
close_range$auto(0x2, 0xa, 0x0)

19m48.488013185s ago: executing program 2 (id=909):
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xfffffffe, 0xff, 0x7, 0x1f, 0x7181, 0x1ffde, 0xb099, 0x3, 0x9, 0x9, 0x3, 0x884, 0x1, 0xb7, 0x9, 0x8, 0x10003, 0xb2, 0x4, 0x0, 0xb, 0x22004, 0x200, 0x1, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0xc0, 0x0, 0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x0, 0x0, 0xad3, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}, 0x1fe, 0xd)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
bpf$auto(0x3, &(0x7f00000001c0)=@task_fd_query={0x0, 0xffffffffffffffff, 0x8, 0x30017, 0x8020000000a, 0x2, 0x5f, 0x20000000000803, 0xffffffffffffffff}, 0x6f0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0xe000000)

19m47.86553174s ago: executing program 2 (id=912):
close_range$auto(0x2, 0x8, 0x0)
r0 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x60686322b7b88e39}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x1c, r0, 0x8, 0x70bd29, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x4cbb}]}, 0x1c}, 0x1, 0x0, 0x0, 0x50}, 0x400c000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
r1 = io_uring_setup$auto(0x2, 0x0)
close_range$auto(0x2, 0xa, 0x0)
r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7)
r3 = accept4$auto(r2, 0x0, 0x0, 0x3)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)={0x14, r4, 0x1, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x68, 0x0, 0x21000000}, 0x0)
r6 = set_tid_address$auto(&(0x7f0000000100))
sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8010}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0xc0, r4, 0x503, 0x70bd2a, 0x25dfdbfb, {}, [@NL80211_ATTR_REG_RULES={0x92, 0x22, 0x0, 0x1, [@generic="d82dcd0e71593404ce5bd9be510172c20e2b3cb6b56c67b2d1fb6bae5f4579553c388a2a3fd657fa61ab42ec2ed10620289722e69e95a04a4e8016d7838af468da30c0b80e6b713a9341b922994cf410c433e616bba84f66cbf1537c066cf124fc5037fcc3de20550786d997a2a27f58bce3e53d16e52e288a48", @nested={0x14, 0x18, 0x0, 0x1, [@typed={0x8, 0x124, 0x0, 0x0, @pid=r6}, @nested={0x4, 0xc8}, @generic="d58cccf1"]}]}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x4}, @NL80211_ATTR_SSID={0x10, 0x34, "318c66cb045b1c69302d3936"}]}, 0xc0}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$auto_NL80211_CMD_PEER_MEASUREMENT_START(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000080)={&(0x7f0000000200)={0x98, r4, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@NL80211_ATTR_MNTR_FLAGS={0x7b, 0x17, "e2b7e0b23699b174ec4c006ed349f1b4e83741b066b7bb69f513b7540831d8e3c4bae899ab1501ec625297eb60a843fff5eb2ef316b1f9c4e47330a60637d80fec12ec42fef82ce306f8c76b72878774b1591955dea8e266a38c4620d993b5319f9b146a22f44fca0585523ddd9d6e3cf00a6e4ca8cdb8"}, @NL80211_ATTR_P2P_CTWINDOW={0x5, 0xa2, 0xc}]}, 0x98}, 0x1, 0x0, 0x0, 0x24000881}, 0x4000000)
openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f000000e680), 0x2, 0x0)

19m47.18822794s ago: executing program 2 (id=913):
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi18\x00', 0xc0400, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/suspend_stats/failed_prepare\x00', 0x2400, 0x0)
read$auto(r0, &(0x7f00000002c0)='\x91\xf3\xc5\xe7\xf4\xfc\x8e\xf5\x1a14\x8a\xd9\x9a\x11\xb1\x10q\xdf\x8doi\xfc\x9f\x18\x9a\xd4\x1d\xf7\xc7\xf9\xf8\xa2\xa3\x10Cs]\x01\xfec~\x9c\x9e\xb2\xa5Io\x11\x83\xf2\x06\a\xc0\xca\xcd\x1fHl2\xf4a\x88`\xd8(\x0fR\xb4\xcb\xc9\xf4E\xe8\xdd\xec\x85\xfa\xdc\xd7\x0eZ\xb5\x8f\x06\x89Ss6\x04\x00'/100, 0x5ff15ff9)
mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
bind$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
r1 = openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000180)='/proc/softirqs\x00', 0x400, 0x0)
kill$auto(0x0, 0x12)
preadv$auto(r1, &(0x7f0000009180)={&(0x7f0000008180), 0x7}, 0x26, 0x80, 0x5)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x26, 0x1, 0x0, 0x0, 0x0)
clone$auto(0x20003b46, 0x100000000000005, 0x0, 0x0, 0x2)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/input/event0\x00', 0x40000, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/mnt\x00')
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
mmap$auto(0xfffffffffffffffe, 0x200006, 0x6, 0x40eb1, 0x602, 0xcf05)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
madvise$auto(0x0, 0x20499d, 0x9)
mmap$auto(0x0, 0xffffffffffffffff, 0xffb, 0x8000000008011, r2, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0)
ioctl$auto(r2, 0x541d, 0xffffffffffffffff)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
madvise$auto(0x0, 0x2, 0x2)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0)

19m40.440378218s ago: executing program 2 (id=922):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async)
r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
ioctl$auto_MON_IOCX_GET(r0, 0x40189206, &(0x7f0000000280)={&(0x7f0000000180)={0x3, 0x62, 0x9, 0x2, 0x8, 0x80, 0x62, 0xc, 0x80, 0x401, 0x7f, 0x3, 0x6, @iso={0xfa, 0x8}, 0x9, 0x9, 0x4, 0x7}, &(0x7f00000001c0)="5c0a1fd588c904ba61ccae006b37a56e58a774eacdd7600a05633040fe2e0573264770bf1339883bb4dbc323e60ea1d95f85737facf6d5ac092ac2f1991aea8fe71b3cb17935fceaab8f643f2f5b62490f631e5da014e83c0a7a7c0da0a57bacac210b37424d0b8c9a9d737ccdd04ace6197522cc50f841fac97285d7e5a51fad94d7371c6b0541f", 0x1})
socket(0x2, 0x3, 0xc) (async)
socket(0x2, 0x3, 0xc)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0xa, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}})
socket(0x2, 0x2, 0x88)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3ff, 0x8000) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3ff, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000000), 0xc0040, 0x0) (async)
r2 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000000), 0xc0040, 0x0)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000040)={0x4, "87fe7b014077e08701ee88c6923077b8542c55f8c30ccb575540f50c0a515ca3", @inferred=r2})
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f00000000c0)={0x8, "e6c26c22ab89af11056b0001ac097e0a0728d9300000c500"})
r3 = openat$auto_sync_info_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0)
read$auto(r3, &(0x7f0000000080)='\xbb\x00', 0x3) (async)
read$auto(r3, &(0x7f0000000080)='\xbb\x00', 0x3)
ioctl$auto_CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, 0x0)
connect$auto(0xffffffffffffffff, 0x0, 0x55)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x68140, 0x0)
openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000001f00)='/sys/kernel/debug/block/nbd11/hctx0/dispatch\x00', 0x80000, 0x0) (async)
r5 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000001f00)='/sys/kernel/debug/block/nbd11/hctx0/dispatch\x00', 0x80000, 0x0)
read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r5, &(0x7f0000000380)=""/206, 0xce) (async)
read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r5, &(0x7f0000000380)=""/206, 0xce)
ioctl$auto(r4, 0x5457, 0xd8)
ioctl$auto_SNDCTL_DSP_SYNC(r1, 0x5001, 0xfffffffffffffffc)
openat$auto_buffer_percent_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/tracing/buffer_percent\x00', 0x400, 0x0)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x6b000000000000) (async)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x6b000000000000)
write$auto(0x3, 0x0, 0xffd8) (async)
write$auto(0x3, 0x0, 0xffd8)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x1, 0x8000)
move_pages$auto(0x1, 0x400004, 0x0, 0x0, 0x0, 0x8000000000000000) (async)
move_pages$auto(0x1, 0x400004, 0x0, 0x0, 0x0, 0x8000000000000000)
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb2, 0x40000000000a1, 0x8000)

19m35.943310863s ago: executing program 3 (id=926):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000002e40)={0x0, 0x0, &(0x7f0000002e00)={&(0x7f0000002e80)={0x30, r1, 0x1, 0x70bd2a, 0x25dfdbff, {}, [@ETHTOOL_A_DEBUG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}]}, @ETHTOOL_A_DEBUG_MSGMASK={0x4}]}, 0x30}, 0x1, 0x0, 0x700000000000000, 0x8050}, 0x4000080)

19m34.609901622s ago: executing program 3 (id=927):
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0)
r2 = ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(r2, 0xae78, r2)
ioctl$auto_TIOCSTI2(r0, 0x545c, 0x0)
syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000000), r2)

19m28.614688083s ago: executing program 1 (id=930):
mkdir$auto(&(0x7f0000000080)='./file0\x00', 0x1)
open$dir(&(0x7f0000000000)='./file0\x00', 0x511081, 0x4)
rmdir$auto(&(0x7f0000000280)='./file0\x00')
unshare$auto(0x40000080)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
socket(0x1e, 0x1, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socket(0x11, 0x3, 0x9)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_TIPC_NL_SOCK_GET(r1, &(0x7f00000022c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="01ffffca5b331228394a3b5d4bf2"], 0x14}, 0x1, 0x0, 0x0, 0x46010}, 0x8cc)
read$auto(r2, &(0x7f0000000000)='\\\x00', 0x9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/kernel/mm/transparent_hugepage/hugepages-1024kB/stats/nr_anon_partially_mapped\x00', 0x10081, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'hsr0\x00', <r5=>0x0})
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32=r5, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100000000000000000008000200", @ANYRES32=r5, @ANYBLOB="060006ff05000000080003009b"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40)
read$auto_proc_iter_file_ops_compat_inode(0xffffffffffffffff, 0x0, 0x0)
fanotify_init$auto(0x9, 0x6009)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004)

19m28.2885469s ago: executing program 3 (id=931):
r0 = socket(0x1d, 0x3, 0x1)
statmount$auto(0x0, &(0x7f0000000680)={0x2, 0x1, 0x9, 0x3, 0xe, 0x940, 0x1ffde, 0x3, 0x2000000000000006, 0x2, 0x9, 0x5, 0x2, 0x7, 0xb0, 0x7, 0x2, 0x3, 0x40, 0x7, 0x0, 0x6, 0x7, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, [0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x2, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc], "3930d876dca51edaf899a35a78e392eb005a86a374a59a6bba2c73e69d1677e63d3dcdd4f2c4589f042ca4652f82a06f7c4caa29c43d2b4786c6ac50968bbf989b93fbea4972b744a526ba40b607c8ed57c611033da80ce18f2bd800237bd815"}, 0x1fe, 0x81)
r1 = socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
fanotify_init$auto(0x65, 0x2)
socket(0x1d, 0x2, 0x2)
connect$auto(0x3, 0x0, 0x55)
socket(0x10, 0x3, 0x6)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
write$auto(0x3, 0x0, 0x5c8)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
write$auto(0x3, 0x0, 0x5c8)
ioctl$auto(0x3, 0x8906, 0xd)
preadv2$auto(r0, &(0x7f0000001000)={0x0, 0x200}, 0x5, 0xffffffffffffffff, 0xfffffffffffffffd, 0x2b)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40400c4)
sendmmsg$auto(r1, &(0x7f0000000040)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x2, 0xa505}, 0x800}, 0x6, 0x4008)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/loginuid\x00', 0x202800, 0x0)
r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/geneve1/ignore_routes_with_linkdown\x00', 0x202, 0x0)
sendfile$auto(r2, r2, 0x0, 0x7fffe000)
semctl$auto(0x7ff, 0x2, 0x13, 0x3)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
madvise$auto(0x0, 0x8, 0x3)
r3 = ioctl$auto_SIOCGIFHWADDR2(0xffffffffffffffff, 0x8927, 0x0)
r4 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000500)='/dev/bus/usb/023/001\x00', 0x201, 0x0)
ioctl$auto_USBDEVFS_DISCONNECT_CLAIM(r4, 0x8108551b, &(0x7f0000000540)={0x0, 0x6, "7636151d9b02ba4db36efb8adaeb205490055c8160618a793bc0ef02be6b53ab874d163664e76626154e19585266b4280ac77b4953f03208c9d0d81de29f87c95b44caf734b5f2e59f69b0fe4a5494f48d5300607cd488d34e391975e1aa7743568be0d261cfaa4f9b6174c390954234be5d151787f0c9c66dc02b5a5a89a56682d58f67fb6efb456c4569af2df4c3e2fe0f9223c43727d728cc77183d2ceb9a4b6797048cd4d028ae420b7deabcd6b4a367d87ec44bbe2522223a45c3c8c504c1bae057da778451ca39ef604724c73e5f577cda46ab42dd3392401d1c9bf8ba15c8299371980687c12430b63a504592439e0580a6f2a60bed1efbb23b7596b3"})
ioctl$auto(r3, 0x9, r4)
ioctl$auto_SNDCTL_DSP_CHANNELS(r3, 0xc0045006, &(0x7f0000000140)="50988f57a82a8185cf743fba481c28b3407fb32aac940dfdd6043099be53f650e6f9fafc7ca58e1da1773a965ec6a97f2ce96c67531911e4d5df182478f11ef9d3d9e4bbee4e8502d1b8f1a98c8e03185edbd7e6c88450b49a011f5ce5fa86fbf530")

19m25.258170518s ago: executing program 32 (id=922):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async)
r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
ioctl$auto_MON_IOCX_GET(r0, 0x40189206, &(0x7f0000000280)={&(0x7f0000000180)={0x3, 0x62, 0x9, 0x2, 0x8, 0x80, 0x62, 0xc, 0x80, 0x401, 0x7f, 0x3, 0x6, @iso={0xfa, 0x8}, 0x9, 0x9, 0x4, 0x7}, &(0x7f00000001c0)="5c0a1fd588c904ba61ccae006b37a56e58a774eacdd7600a05633040fe2e0573264770bf1339883bb4dbc323e60ea1d95f85737facf6d5ac092ac2f1991aea8fe71b3cb17935fceaab8f643f2f5b62490f631e5da014e83c0a7a7c0da0a57bacac210b37424d0b8c9a9d737ccdd04ace6197522cc50f841fac97285d7e5a51fad94d7371c6b0541f", 0x1})
socket(0x2, 0x3, 0xc) (async)
socket(0x2, 0x3, 0xc)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0xa, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}})
socket(0x2, 0x2, 0x88)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3ff, 0x8000) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3ff, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000000), 0xc0040, 0x0) (async)
r2 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000000), 0xc0040, 0x0)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000040)={0x4, "87fe7b014077e08701ee88c6923077b8542c55f8c30ccb575540f50c0a515ca3", @inferred=r2})
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f00000000c0)={0x8, "e6c26c22ab89af11056b0001ac097e0a0728d9300000c500"})
r3 = openat$auto_sync_info_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0)
read$auto(r3, &(0x7f0000000080)='\xbb\x00', 0x3) (async)
read$auto(r3, &(0x7f0000000080)='\xbb\x00', 0x3)
ioctl$auto_CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, 0x0)
connect$auto(0xffffffffffffffff, 0x0, 0x55)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x68140, 0x0)
openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000001f00)='/sys/kernel/debug/block/nbd11/hctx0/dispatch\x00', 0x80000, 0x0) (async)
r5 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000001f00)='/sys/kernel/debug/block/nbd11/hctx0/dispatch\x00', 0x80000, 0x0)
read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r5, &(0x7f0000000380)=""/206, 0xce) (async)
read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r5, &(0x7f0000000380)=""/206, 0xce)
ioctl$auto(r4, 0x5457, 0xd8)
ioctl$auto_SNDCTL_DSP_SYNC(r1, 0x5001, 0xfffffffffffffffc)
openat$auto_buffer_percent_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/tracing/buffer_percent\x00', 0x400, 0x0)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x6b000000000000) (async)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x6b000000000000)
write$auto(0x3, 0x0, 0xffd8) (async)
write$auto(0x3, 0x0, 0xffd8)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x1, 0x8000)
move_pages$auto(0x1, 0x400004, 0x0, 0x0, 0x0, 0x8000000000000000) (async)
move_pages$auto(0x1, 0x400004, 0x0, 0x0, 0x0, 0x8000000000000000)
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb2, 0x40000000000a1, 0x8000)

19m25.22606257s ago: executing program 3 (id=933):
mmap$auto(0x0, 0x4, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptyv6\x00', 0x119601, 0x0)
r0 = socket(0x2, 0x1, 0x0)
ppoll$auto(&(0x7f0000000000)={<r1=>r0, 0x4, 0x5}, 0x7, 0x0, 0x0, 0x8)
setsockopt$auto(r1, 0x6, 0x13, &(0x7f0000000040)=')[\x00', 0x9)
r2 = epoll_create$auto(0x3e)
epoll_ctl$auto(r2, 0x1, 0x8000000000000000, 0x0)

19m24.232751849s ago: executing program 1 (id=934):
mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, 0xfffffffffffffffa, 0x4008000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x40c282, 0x0)
write$auto(r0, 0x0, 0xfffffdef)
mbind$auto(0x0, 0x800605, 0x8003, &(0x7f0000000100)=0xfffe, 0x3, 0x3)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
mmap$auto(0x3, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_TIPC_NL_PEER_REMOVE(r1, &(0x7f00000110c0)={0x0, 0x0, &(0x7f0000011080)={&(0x7f0000003ac0)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010026bd7000fedbdf25140000005c000780550002"], 0x70}, 0x1, 0x0, 0x0, 0x20008105}, 0x40)
mprotect$auto(0x1000, 0x401000, 0x4)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
r3 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
mmap$auto(0xfffffffffefffffd, 0x7fffffff, 0xa6, 0xeb1, r3, 0x8000)
ioctl$auto_PAGEMAP_SCAN(r3, 0xc0606610, &(0x7f0000000180)={0x60, 0x0, 0x100000, 0x7ffffffff000, 0x6, 0x1, 0x6, 0x50b301e, 0x8, 0x8, 0x9, 0x3})
shmget$auto(0x400, 0x10561, 0x568c12f2)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x9, 0x5, 0xb, 0x0)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyd9\x00', 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/platform/snd_aloop.0/sound/card1/id\x00', 0x48a22, 0x0)
io_uring_setup$auto(0x52, 0x0)
write$auto(r5, 0x0, 0x3)
ioctl$auto_TIOCSETD2(r4, 0x5423, 0x0)
ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0)
semctl$auto(0x201, 0xfffffffffffffffa, 0x3, 0x0)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x20000, 0x0)
openat$auto_tracing_saved_cmdlines_size_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/saved_cmdlines_size\x00', 0x4000, 0x0)

19m24.132266609s ago: executing program 3 (id=935):
close_range$auto(0x2, 0x8, 0x0)
r0 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x60686322b7b88e39}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x1c, r0, 0x8, 0x70bd29, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x4cbb}]}, 0x1c}, 0x1, 0x0, 0x0, 0x50}, 0x400c000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
r1 = io_uring_setup$auto(0x2, 0x0)
close_range$auto(0x2, 0xa, 0x0)
r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7)
r3 = accept4$auto(r2, 0x0, 0x0, 0x3)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)={0x14, r4, 0x1, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x68, 0x0, 0x28000000}, 0x0)
r6 = set_tid_address$auto(&(0x7f0000000100))
sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8010}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0xc0, r4, 0x503, 0x70bd2a, 0x25dfdbfb, {}, [@NL80211_ATTR_REG_RULES={0x92, 0x22, 0x0, 0x1, [@generic="d82dcd0e71593404ce5bd9be510172c20e2b3cb6b56c67b2d1fb6bae5f4579553c388a2a3fd657fa61ab42ec2ed10620289722e69e95a04a4e8016d7838af468da30c0b80e6b713a9341b922994cf410c433e616bba84f66cbf1537c066cf124fc5037fcc3de20550786d997a2a27f58bce3e53d16e52e288a48", @nested={0x14, 0x18, 0x0, 0x1, [@typed={0x8, 0x124, 0x0, 0x0, @pid=r6}, @nested={0x4, 0xc8}, @generic="d58cccf1"]}]}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x4}, @NL80211_ATTR_SSID={0x10, 0x34, "318c66cb045b1c69302d3936"}]}, 0xc0}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$auto_NL80211_CMD_PEER_MEASUREMENT_START(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000080)={&(0x7f0000000200)={0x98, r4, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@NL80211_ATTR_MNTR_FLAGS={0x7b, 0x17, "e2b7e0b23699b174ec4c006ed349f1b4e83741b066b7bb69f513b7540831d8e3c4bae899ab1501ec625297eb60a843fff5eb2ef316b1f9c4e47330a60637d80fec12ec42fef82ce306f8c76b72878774b1591955dea8e266a38c4620d993b5319f9b146a22f44fca0585523ddd9d6e3cf00a6e4ca8cdb8"}, @NL80211_ATTR_P2P_CTWINDOW={0x5, 0xa2, 0xc}]}, 0x98}, 0x1, 0x0, 0x0, 0x24000881}, 0x4000000)
openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f000000e680), 0x2, 0x0)

19m20.744075488s ago: executing program 3 (id=940):
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
ioctl$auto_TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptya5\x00', 0x62c00, 0x0)
r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/pid_for_children\x00')
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/bus/usb/013/001\x00', 0xf6040, 0x0)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
readv$auto(0x3, &(0x7f00000000c0)={&(0x7f0000000000), 0x7}, 0x10)
ioctl$auto(r0, 0x1, 0xffffffffffffffff)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x101001, 0x0)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000500)='/dev/tty34\x00', 0x2200, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/netdevsim/del_device\x00', 0x501, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000200)="34aeede84184", 0x6)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x8, 0xd, 0x4, 0x948b, 0x3, 0xa0, 0x7000000000000, 0x3, 0x200, 0x8000001f, 0x4, 0x6d3e, 0x9, 0x2, 0x8001]}, 0x0)
readv$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x3}, 0x1)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x2, 0x1, 0x106)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
bind$auto(0x3, 0x0, 0x6a)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

19m20.656920754s ago: executing program 1 (id=941):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000002e40)={0x0, 0x0, &(0x7f0000002e00)={&(0x7f0000002e80)={0x30, r1, 0x1, 0x70bd2a, 0x25dfdbff, {}, [@ETHTOOL_A_DEBUG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}]}, @ETHTOOL_A_DEBUG_MSGMASK={0x4}]}, 0x30}, 0x1, 0x0, 0xe00000000000000, 0x8050}, 0x4000080)

19m20.245201914s ago: executing program 1 (id=942):
umask$auto(0x6) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
socket(0xa, 0x801, 0x84) (async)
r0 = socket(0x2, 0x5, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) (async)
listen$auto(0x3, 0x6) (async)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0x2000b}, 0xfff}, 0x5, 0x311)
mmap$auto(0x0, 0x20008, 0x4000000000df, 0x12, 0x401, 0x5) (async)
socket(0x17, 0x80000, 0xc) (async)
mmap$auto(0x0, 0x400008, 0x8704, 0x9b72, 0x2, 0x8000) (async)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async)
bpf$auto(0x3, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) (async)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004)
map_shadow_stack$auto(0x40, 0x7, 0x1ff) (async)
bpf$auto(0x10, &(0x7f0000000080)=@info={r1, 0x5, 0x3}, 0x6) (async)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0)
write$auto_proc_mem_operations_base(r2, &(0x7f0000001680)="a7", 0x80000) (async)
madvise$auto(0x0, 0x20200, 0x15)
mincore$auto(0x1000, 0x8, 0x0) (async)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0) (async)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)

19m13.074759442s ago: executing program 1 (id=943):
r0 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x4c, r0, 0x1b, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_ACTIONS={0x2c, 0x3, 0x0, 0x1, [@nested={0x28, 0x1, 0x0, 0x1, [@nested={0x24, 0x106, 0x0, 0x1, [@nested={0x1d, 0x74, 0x0, 0x1, [@nested={0x4, 0x4d}, @typed={0x8, 0xd0, 0x0, 0x0, @fd}, @typed={0x8, 0x3, 0x0, 0x0, @pid}, @generic="2a9d272f66"]}]}]}]}, @OVS_PACKET_ATTR_MRU={0x6, 0x9, 0x800}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)

19m10.720517743s ago: executing program 1 (id=944):
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f00000001c0)=0x6) (async)
unshare$auto(0x40000080)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) (async)
socket(0x1e, 0x1, 0x0) (async)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) (async)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async, rerun: 32)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async, rerun: 32)
mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) (async, rerun: 32)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (rerun: 32)
r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000080))
getdents$auto(r2, 0x0, 0xfff)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/loop15/queue/discard_granularity\x00', 0x8000, 0x0) (async, rerun: 64)
unshare$auto(0x40000080) (rerun: 64)
madvise$auto(0x0, 0xffffffffffff0009, 0x13) (async)
madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async, rerun: 64)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'tunl0\x00'})
madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async)
r3 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0)
r4 = socket(0x28, 0x5, 0x0)
connect$auto(r4, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @hyper=0x1000000}, 0x56)
ioctl$auto_posix_clock_file_operations_posix_clock(r3, 0x43403d05, 0x0) (async, rerun: 64)
madvise$auto(0x0, 0x53, 0x9) (rerun: 64)

19m1.73549777s ago: executing program 33 (id=940):
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
ioctl$auto_TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptya5\x00', 0x62c00, 0x0)
r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/pid_for_children\x00')
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/bus/usb/013/001\x00', 0xf6040, 0x0)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
readv$auto(0x3, &(0x7f00000000c0)={&(0x7f0000000000), 0x7}, 0x10)
ioctl$auto(r0, 0x1, 0xffffffffffffffff)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x101001, 0x0)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000500)='/dev/tty34\x00', 0x2200, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/netdevsim/del_device\x00', 0x501, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000200)="34aeede84184", 0x6)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x8, 0xd, 0x4, 0x948b, 0x3, 0xa0, 0x7000000000000, 0x3, 0x200, 0x8000001f, 0x4, 0x6d3e, 0x9, 0x2, 0x8001]}, 0x0)
readv$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x3}, 0x1)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x2, 0x1, 0x106)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
bind$auto(0x3, 0x0, 0x6a)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

18m55.210710429s ago: executing program 34 (id=944):
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f00000001c0)=0x6) (async)
unshare$auto(0x40000080)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) (async)
socket(0x1e, 0x1, 0x0) (async)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) (async)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async, rerun: 32)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async, rerun: 32)
mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) (async, rerun: 32)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (rerun: 32)
r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000080))
getdents$auto(r2, 0x0, 0xfff)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/loop15/queue/discard_granularity\x00', 0x8000, 0x0) (async, rerun: 64)
unshare$auto(0x40000080) (rerun: 64)
madvise$auto(0x0, 0xffffffffffff0009, 0x13) (async)
madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async, rerun: 64)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'tunl0\x00'})
madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async)
r3 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0)
r4 = socket(0x28, 0x5, 0x0)
connect$auto(r4, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @hyper=0x1000000}, 0x56)
ioctl$auto_posix_clock_file_operations_posix_clock(r3, 0x43403d05, 0x0) (async, rerun: 64)
madvise$auto(0x0, 0x53, 0x9) (rerun: 64)

2m18.493283108s ago: executing program 4 (id=4412):
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
sendmsg$auto_VDPA_CMD_DEV_NEW(0xffffffffffffffff, &(0x7f0000000a40)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000a00)={&(0x7f0000000980)=ANY=[@ANYBLOB="6200db68", @ANYRES16=0x0, @ANYBLOB="100026bd7000fcdbdf250300000006000d00080000001400020074756e6c3000000000000000000000000c00140009000000"], 0x48}, 0x1, 0x0, 0x0, 0x40010}, 0x4000004)
socket(0x2b, 0x1, 0x1)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000000c0)=""/17, 0x11)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-touch0\x00', 0xe0800, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000100), r1)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
r2 = socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x8000, 0x9, 0x3, 0xb, 0x5, 0x1ffde, 0x3, 0x6, 0x2, 0x9, 0x5, 0x20000000003, 0x5, 0xb0, 0x7, 0x2, 0x3, 0x5, 0x7, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000476, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8]}, 0x1fe, 0x81)
ioprio_set$auto(0x2, 0x80000000, 0x8)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0xc20f0000, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x8)
syz_genetlink_get_family_id$auto_handshake(&(0x7f0000000800), r2)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_NEW_KEY(r4, &(0x7f00000048c0)={0x0, 0x0, &(0x7f0000004880)={&(0x7f00000003c0)={0x1c, r3, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@NL80211_ATTR_KEY={0x8, 0x50, 0x0, 0x1, [@typed={0x4, 0x6, 0x0, 0x0, @binary}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x890)
sendmsg$auto_NL80211_CMD_SET_WIPHY_NETNS(r2, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000080)={&(0x7f0000000380)={0x1c8, r3, 0x100, 0x70bd29, 0x25dfdbfd, {}, [@NL80211_ATTR_SAR_SPEC={0x2c, 0x12c, 0x0, 0x1, [@NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0x7}, @NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0x5}, @NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0x5}, @NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0x86}, @NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0x5}]}, @NL80211_ATTR_BSS_CTS_PROT={0x5, 0x1c, 0x9}, @NL80211_ATTR_STA_FLAGS2={0x50, 0x43, "bab3dfe1724c26ce3b77431802dd3e046c34e87bfcd7a94c80137560e44a2a48484eb8f784384f0c1c986c8970edd65ed3d062aeb0b309a8eb4ae2029885453a931f790d6b95607fc392f8b2"}, @NL80211_ATTR_BSS_SELECT={0x112, 0xe3, 0x0, 0x1, [@generic="906454d8f03346460dcc09f652ae3c44013bbdde0a2128257fa26cdeb82b696d37666ddbf74b67f562828c73ca59c61a5db3ad5286c61da52ec70d4124b44ca5527d876ebd7f3fdfc340656bc7f5a9e3484554b741263ecae0f7d0f6b1ec1f49c400be9efcff1f80cd6c49deb780017d7c6163e8ec947af78a54da", @generic, @generic, @typed={0x8, 0xf4, 0x0, 0x0, @ipv4=@multicast2}, @generic="b781e7725e1d13299e4ce79860fbf51da88a7e58faac0cc260f28051eccdc8218dc670c75cccbac1671c55133ccbff9095e8aa9c18c16682d7c2c33ac533da30291585bba2ee41022f369efb6ace47ba64a3ac8dfd3b88ba185767bdb34350902648849a771f5cd9f42cfcb8e5d201a2a34a5e74b391c935e91be553f6916c47a6cb004077e7ce5ce4cd70"]}, @NL80211_ATTR_SSID={0x1c, 0x34, "b42f7427e95bd9440ae73a0cc7670e6e895b500a071ddb0c"}]}, 0x1c8}}, 0x28814)
socket(0xa, 0x1, 0x100)
unshare$auto(0x40000080)
r5 = socket(0xa, 0x1, 0x100)
syz_genetlink_get_family_id$auto_wireguard(0x0, r5)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/nbd5/trace/enable\x00', 0x68041, 0x0)

2m16.401364466s ago: executing program 4 (id=4417):
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
sendmsg$auto_VDPA_CMD_DEV_NEW(0xffffffffffffffff, &(0x7f0000000a40)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000a00)={&(0x7f0000000980)=ANY=[@ANYBLOB="6200db68", @ANYRES16=0x0, @ANYBLOB="100026bd7000fcdbdf250300000006000d00080000001400020074756e6c3000000000000000000000000c00140009000000"], 0x48}, 0x1, 0x0, 0x0, 0x40010}, 0x4000004)
socket(0x2b, 0x1, 0x1)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000000c0)=""/17, 0x11)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-touch0\x00', 0xe0800, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000100), r1)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
r2 = socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x8000, 0x9, 0x3, 0xb, 0x5, 0x1ffde, 0x3, 0x6, 0x2, 0x9, 0x5, 0x20000000003, 0x5, 0xb0, 0x7, 0x2, 0x3, 0x5, 0x7, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000476, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8]}, 0x1fe, 0x81)
ioprio_set$auto(0x2, 0x80000000, 0x8)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0xc20f0000, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x8)
syz_genetlink_get_family_id$auto_handshake(&(0x7f0000000800), r2)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_NEW_KEY(r4, &(0x7f00000048c0)={0x0, 0x0, &(0x7f0000004880)={&(0x7f00000003c0)={0x1c, r3, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@NL80211_ATTR_KEY={0x8, 0x50, 0x0, 0x1, [@typed={0x4, 0x6, 0x0, 0x0, @binary}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x890)
sendmsg$auto_NL80211_CMD_SET_WIPHY_NETNS(r2, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000080)={&(0x7f0000000380)={0x1c8, r3, 0x100, 0x70bd29, 0x25dfdbfd, {}, [@NL80211_ATTR_SAR_SPEC={0x2c, 0x12c, 0x0, 0x1, [@NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0x7}, @NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0x5}, @NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0x5}, @NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0x86}, @NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0x5}]}, @NL80211_ATTR_BSS_CTS_PROT={0x5, 0x1c, 0x9}, @NL80211_ATTR_STA_FLAGS2={0x50, 0x43, "bab3dfe1724c26ce3b77431802dd3e046c34e87bfcd7a94c80137560e44a2a48484eb8f784384f0c1c986c8970edd65ed3d062aeb0b309a8eb4ae2029885453a931f790d6b95607fc392f8b2"}, @NL80211_ATTR_BSS_SELECT={0x112, 0xe3, 0x0, 0x1, [@generic="906454d8f03346460dcc09f652ae3c44013bbdde0a2128257fa26cdeb82b696d37666ddbf74b67f562828c73ca59c61a5db3ad5286c61da52ec70d4124b44ca5527d876ebd7f3fdfc340656bc7f5a9e3484554b741263ecae0f7d0f6b1ec1f49c400be9efcff1f80cd6c49deb780017d7c6163e8ec947af78a54da", @generic, @generic, @typed={0x8, 0xf4, 0x0, 0x0, @ipv4=@multicast2}, @generic="b781e7725e1d13299e4ce79860fbf51da88a7e58faac0cc260f28051eccdc8218dc670c75cccbac1671c55133ccbff9095e8aa9c18c16682d7c2c33ac533da30291585bba2ee41022f369efb6ace47ba64a3ac8dfd3b88ba185767bdb34350902648849a771f5cd9f42cfcb8e5d201a2a34a5e74b391c935e91be553f6916c47a6cb004077e7ce5ce4cd70"]}, @NL80211_ATTR_SSID={0x1c, 0x34, "b42f7427e95bd9440ae73a0cc7670e6e895b500a071ddb0c"}]}, 0x1c8}}, 0x28814)
socket(0xa, 0x1, 0x100)
unshare$auto(0x40000080)
r5 = socket(0xa, 0x1, 0x100)
syz_genetlink_get_family_id$auto_wireguard(0x0, r5)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/nbd5/trace/enable\x00', 0x68041, 0x0)

2m14.715850086s ago: executing program 4 (id=4422):
pipe2$auto(&(0x7f00000000c0), 0x0)
mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0)
read$auto(0x3, 0x0, 0x1f40)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x1d, 0x1, 0xd)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x80, 0x0)
read$auto_proc_iter_file_ops_compat_inode(r0, 0x0, 0x0)
openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, 0x0, 0x8042, 0x0)
openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/net/unix\x00', 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/all_slaves_active\x00', 0xb02, 0x0)
write$auto(0x3, 0x0, 0x100082)

2m13.592901578s ago: executing program 4 (id=4424):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000010c0), 0xa02303, 0x0)
r0 = open(&(0x7f0000000800)='./file0\x00', 0xe4201, 0x17c)
fcntl$auto(r0, 0x400, 0x1)
socket(0x1, 0x2, 0x40000008)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0)
setsockopt$auto(0x400000000000003, 0x1, 0x18, 0x0, 0xd902)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd3/queue/iosched/write_expire\x00', 0x20681, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(0x0, r1)
bpf$auto(0x8, &(0x7f00000001c0)=@bpf_attr_0={0x7, 0xb5, 0x10, 0x4, 0x53400000, 0xffffffffffffffff, 0x9, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x2, 0x7, 0x7, 0x6}, 0x10)
r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa821, 0x0)
ioctl$auto_USBDEVFS_SUBMITURB32(r2, 0x802c550a, &(0x7f00000001c0)=ANY=[@ANYBLOB="028006000000000005"])

2m13.146774743s ago: executing program 4 (id=4426):
pipe2$auto(&(0x7f00000000c0), 0x0)
mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000005c40)='/dev/nbd9\x00', 0x2000, 0x0)
fadvise64$auto_POSIX_FADV_SEQUENTIAL(r0, 0x86, 0x8, 0x2)
read$auto(0x3, 0x0, 0x1f40)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x1d, 0x1, 0xd)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x80, 0x0)
read$auto_proc_iter_file_ops_compat_inode(r1, 0x0, 0x0)
tkill$auto(0x1, 0x7)
keyctl$auto_KEYCTL_SESSION_TO_PARENT(0x12, 0x0, 0x0, 0x0, 0x48eafc79)
openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, 0x0, 0x8042, 0x0)
openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/net/unix\x00', 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/all_slaves_active\x00', 0xb02, 0x0)
write$auto(0x3, 0x0, 0x100082)

2m11.686809354s ago: executing program 4 (id=4431):
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
r0 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x100, 0x0)
ioctl$auto_SNDRV_PCM_IOCTL_CHANNEL_INFO2(r0, 0x80184132, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x6, 0x0)
r1 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0xfffffffffffffd06, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
write$auto(r1, &(0x7f0000000040)='S\x00\x00\x00\xfe\xff\xff\xff', 0x8587)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/security/tomoyo/manager\x00', 0x200, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
r3 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snd/pcmC1D0p\x00', 0x0, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ram4\x00', 0xdd01, 0x0)
ioctl$auto_BLKRRPART(r4, 0x125f, 0x700000000000000)
open(0x0, 0x161342, 0x100)
msync$auto(0x1ffff000, 0x1800000ff010000, 0x400000004)
open(0x0, 0xeee00, 0x31)
mmap$auto(0x1, 0x2020006, 0x3, 0xeb1, r3, 0x0)
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001)
mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0xf, 0x0)
chdir$auto(&(0x7f0000000000)='}[,&*}\x00')
socket(0x21, 0x2, 0x2)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x2, 0x2, 0xffffffffffffc318, 0xad, 0x20003, 0x15f4da09, 0x3, 0x40000003, 0x81, 0x8000001f, 0x7, 0x6d3e, 0x8, 0x2, 0x8]}, 0x0)
socket(0x10, 0x1, 0x6)
socket(0xa, 0x2, 0x6)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)

2m11.013500293s ago: executing program 35 (id=4431):
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
r0 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x100, 0x0)
ioctl$auto_SNDRV_PCM_IOCTL_CHANNEL_INFO2(r0, 0x80184132, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x6, 0x0)
r1 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0xfffffffffffffd06, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
write$auto(r1, &(0x7f0000000040)='S\x00\x00\x00\xfe\xff\xff\xff', 0x8587)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/security/tomoyo/manager\x00', 0x200, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
r3 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snd/pcmC1D0p\x00', 0x0, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ram4\x00', 0xdd01, 0x0)
ioctl$auto_BLKRRPART(r4, 0x125f, 0x700000000000000)
open(0x0, 0x161342, 0x100)
msync$auto(0x1ffff000, 0x1800000ff010000, 0x400000004)
open(0x0, 0xeee00, 0x31)
mmap$auto(0x1, 0x2020006, 0x3, 0xeb1, r3, 0x0)
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001)
mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0xf, 0x0)
chdir$auto(&(0x7f0000000000)='}[,&*}\x00')
socket(0x21, 0x2, 0x2)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x2, 0x2, 0xffffffffffffc318, 0xad, 0x20003, 0x15f4da09, 0x3, 0x40000003, 0x81, 0x8000001f, 0x7, 0x6d3e, 0x8, 0x2, 0x8]}, 0x0)
socket(0x10, 0x1, 0x6)
socket(0xa, 0x2, 0x6)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)

8.590257447s ago: executing program 5 (id=4800):
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
sendmsg$auto_VDPA_CMD_DEV_NEW(0xffffffffffffffff, &(0x7f0000000a40)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000a00)={&(0x7f0000000980)=ANY=[@ANYBLOB="6200db68", @ANYRES16=0x0, @ANYBLOB="100026bd7000fcdbdf250300000006000d00080000001400020074756e6c3000000000000000000000000c00140009000000"], 0x48}, 0x1, 0x0, 0x0, 0x40010}, 0x4000004)
socket(0x2b, 0x1, 0x1)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000000c0)=""/17, 0x11)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-touch0\x00', 0xe0800, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000100), r1)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
r2 = socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x8000, 0x9, 0x3, 0xb, 0x5, 0x1ffde, 0x3, 0x6, 0x2, 0x9, 0x5, 0x20000000003, 0x5, 0xb0, 0x7, 0x2, 0x3, 0x5, 0x7, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000476, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8]}, 0x1fe, 0x81)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0xc20f0000, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x8)
syz_genetlink_get_family_id$auto_handshake(&(0x7f0000000800), r2)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_NEW_KEY(r4, &(0x7f00000048c0)={0x0, 0x0, &(0x7f0000004880)={&(0x7f00000003c0)={0x1c, r3, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@NL80211_ATTR_KEY={0x8, 0x50, 0x0, 0x1, [@typed={0x4, 0x6, 0x0, 0x0, @binary}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x890)
sendmsg$auto_NL80211_CMD_SET_WIPHY_NETNS(r2, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000080)={&(0x7f0000000380)={0x1c8, r3, 0x100, 0x70bd29, 0x25dfdbfd, {}, [@NL80211_ATTR_SAR_SPEC={0x2c, 0x12c, 0x0, 0x1, [@NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0x7}, @NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0x5}, @NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0x5}, @NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0x86}, @NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0x5}]}, @NL80211_ATTR_BSS_CTS_PROT={0x5, 0x1c, 0x9}, @NL80211_ATTR_STA_FLAGS2={0x50, 0x43, "bab3dfe1724c26ce3b77431802dd3e046c34e87bfcd7a94c80137560e44a2a48484eb8f784384f0c1c986c8970edd65ed3d062aeb0b309a8eb4ae2029885453a931f790d6b95607fc392f8b2"}, @NL80211_ATTR_BSS_SELECT={0x112, 0xe3, 0x0, 0x1, [@generic="906454d8f03346460dcc09f652ae3c44013bbdde0a2128257fa26cdeb82b696d37666ddbf74b67f562828c73ca59c61a5db3ad5286c61da52ec70d4124b44ca5527d876ebd7f3fdfc340656bc7f5a9e3484554b741263ecae0f7d0f6b1ec1f49c400be9efcff1f80cd6c49deb780017d7c6163e8ec947af78a54da", @generic, @generic, @typed={0x8, 0xf4, 0x0, 0x0, @ipv4=@multicast2}, @generic="b781e7725e1d13299e4ce79860fbf51da88a7e58faac0cc260f28051eccdc8218dc670c75cccbac1671c55133ccbff9095e8aa9c18c16682d7c2c33ac533da30291585bba2ee41022f369efb6ace47ba64a3ac8dfd3b88ba185767bdb34350902648849a771f5cd9f42cfcb8e5d201a2a34a5e74b391c935e91be553f6916c47a6cb004077e7ce5ce4cd70"]}, @NL80211_ATTR_SSID={0x1c, 0x34, "b42f7427e95bd9440ae73a0cc7670e6e895b500a071ddb0c"}]}, 0x1c8}}, 0x28814)
socket(0xa, 0x1, 0x100)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r5 = socket(0xa, 0x1, 0x100)
syz_genetlink_get_family_id$auto_wireguard(0x0, r5)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/nbd5/trace/enable\x00', 0x68041, 0x0)

7.156012822s ago: executing program 0 (id=4805):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/conf/veth1_to_team/rp_filter\x00', 0x141241, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
clone$auto(0x3fff, 0xad3, 0x0, 0x0, 0x2)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
read$auto_fake_panic_fops_(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D0c\x00', 0x9003, 0x0)
ioctl$auto_SNDRV_PCM_IOCTL_HW_REFINE2(r0, 0xc2604110, &(0x7f0000000040)={0x6, [{[0x2, 0xf5e, 0x1ff, 0xd, 0x7f, 0x8, 0x4, 0x663d349e]}, {[0x2, 0xa6, 0x5c915993, 0xfffffffd, 0x6, 0xe, 0x80000001, 0x3]}, {[0x2, 0xe, 0x2, 0x579c8feb, 0x9, 0x6, 0x7, 0xa53]}], [{[0x75d, 0x9, 0x6, 0x17f29ee4, 0x400, 0x7, 0xc, 0x44]}, {[0x1, 0xeade, 0x1, 0x7, 0xf0, 0x5, 0x101, 0x1]}, {[0x7e61, 0x6, 0x7, 0x0, 0x5, 0x5, 0x100, 0x9]}, {[0x4, 0x5, 0x1, 0xfffffff7, 0x5, 0x0, 0xfffffffb, 0x1]}, {[0x3, 0x1000, 0x8, 0x8, 0x2, 0xe8c, 0xf, 0xd403]}], [{0xfffffffa, 0x4, 0x0, 0x0, 0x1, 0x1}, {0x7f, 0x6, 0x1, 0x0, 0x0, 0x1}, {0x3, 0x1, 0x1, 0x0, 0x0, 0x1}, {0x61, 0x1, 0x0, 0x0, 0x0, 0x1}, {0x5, 0x49c5fc8b, 0x0, 0x0, 0x0, 0x1}, {0x7ff, 0x7, 0x0, 0x1, 0x1, 0x1}, {0x6, 0x9, 0x0, 0x1, 0x1}, {0x9, 0x6, 0x0, 0x1}, {0x7fd, 0x7, 0x0, 0x1, 0x0, 0x1}, {0x7, 0xfffffffd, 0x1, 0x1, 0x1}, {0x8, 0x4, 0x0, 0x0, 0x1, 0x1}, {0x3, 0x5, 0x1, 0x1, 0x0, 0x1}], [{0xbe, 0xd5, 0x0, 0x1, 0x0, 0x1}, {0xc2, 0x7fffffff, 0x1, 0x1, 0x1}, {0xbc, 0x6, 0x1, 0x0, 0x0, 0x1}, {0x8, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x100, 0x12e800, 0x1, 0x1, 0x1, 0x1}, {0x2, 0xf, 0x0, 0x1, 0x1}, {0xffff, 0x8, 0x0, 0x0, 0x0, 0x1}, {0x9, 0x3, 0x1, 0x1, 0x0, 0x1}, {0x80000000, 0x6, 0x0, 0x1}], 0x100, 0x2, 0x4, 0x9, 0x5, 0x1, 0x8, "938f570ba48ab1df6ea169301a0f4b75", "16fef137d6f6aa1d93e7fd319170d04be4063eb16bddc7a41e5782dfff02104539c9b5e571a002e14933724526d0c013"})
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dri/card2\x00', 0x200100, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), r1)
sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x2c, r2, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@ETHTOOL_A_TSINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20040840}, 0x40000)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x5, 0x0)
socket(0xa, 0x801, 0x84)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
msgctl$auto_IPC_INFO(0x100, 0x3, &(0x7f00000012c0)={{0x632, 0xffffffffffffffff, 0xee00, 0x1, 0x5, 0x1, 0x80}, 0x0, 0x0, 0x1b, 0x7, 0x5, 0x7, 0x1, 0xdd34, 0x7, 0x8, @raw=0xffff})
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/vkms/drm/card1/card1-Virtual-1/modes\x00', 0x40000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000040)=""/44, 0x2c)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
get_robust_list$auto(0x0, 0x0, 0x0)
lsm_list_modules$auto(0x0, 0x0, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0x0)
recvmmsg$auto(0xffffffffffffffff, 0x0, 0x401, 0x1102, 0x0)
read$auto(0x3, 0x0, 0xfdef)
madvise$auto(0x0, 0xffffffffffff0004, 0x19)

5.115434003s ago: executing program 5 (id=4807):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000003040), 0xffffffffffffffff)
r2 = openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f0000000240), 0x8000, 0x0)
ioctl$auto_RNDCLEARPOOL(r2, 0x5206, 0x0)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
pwrite64$auto(0xc8, &(0x7f0000000080)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00/\x00\x00\x00\xfd\xfdX\xd3\x1d\xf8\xbebZ\xddL\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x88\v\xae\xa9i8W\xe5\x00W\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xe80, 0x3)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000840), r3)
sendmsg$auto_OVS_CT_LIMIT_CMD_SET(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000f80)={0x19c, r4, 0x1, 0x51bd2e, 0x25dfcbfb, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x4}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x184, 0x1, 0x0, 0x1, [@nested={0x4, 0x6}, @generic="398f32525e629163bfcc5d377bd8aed3ff1d26fc3c79ca435794c67d39b21ed0e95d1b3756e1789925d5c8a1a918c121a2b84869b15bb40ae4f671a8dd8ed01bb44efef2f4c768a2484f03635658fe8bfff71b8bf933532a61abcb7516ccfa73d70af3acc26f2c526959f19efd99202bc7ec5a2259a82d8e191691f5b23172f4f19ca9b0080dff732a7df559ae2279f426f2baa018832cd8e9b58fee32b1bcd4c087f83b0f3c0aed0c943a50ba5a327530d1", @typed={0x8, 0xd2, 0x0, 0x0, @ipv4=@rand_addr=0x64010101}, @generic="f3c1881feb99fe432d5fa89114591690f2efcbe9a7f87a8774637face20e7a821c481a653778aaf92185e8bfb092c2900920cca139540fd90efab653551552721f2b2889999ce801e47cfad8f735f702c852bd40e1ef6f259c36d7d8bc31748c903b1ceadd56ead8730d0e727f333855c6b3b286c779abbfff5f47e390b1336271492db0b266e2b8910bf339d4037a7dcf9c8a0669629580c65489f41db5adb59f53f3acd871444d9f34952c00ec9365f3dd", @typed={0x8, 0x38, 0x0, 0x0, @fd}, @nested={0x8, 0x6f, 0x0, 0x1, [@typed={0x4, 0x2d, 0x0, 0x0, @binary}]}]}]}, 0x19c}, 0x1, 0x0, 0x0, 0x40}, 0x4)
socket(0xa, 0x2, 0x0)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
sendmsg$auto_OVS_METER_CMD_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="37a79247838bd2fffff3", @ANYRES16=r1, @ANYBLOB="d3c809000000fedbdf25020000000400020014000300090000000000000000000000000000000400048008000100f8ffffff"], 0x38}}, 0x8080)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
r5 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x8000, 0x0)
read$auto(r5, 0x0, 0x9)
close_range$auto(0x2, 0x8, 0x0)
r6 = socket(0x1e, 0x805, 0x0)
r7 = fcntl$auto_F_UNLCK(r6, 0x5, 0x2)
ioctl$auto(r5, 0x40045532, r7)
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC1D0c\x00', 0x100, 0x0)
writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1)
fcntl$auto(0x0, 0x407, 0x0)

4.868742426s ago: executing program 0 (id=4808):
r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0)
read$auto(r0, &(0x7f0000000080)='((\x00', 0x95)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
r2 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
read$auto_proc_pid_maps_operations_internal(r2, &(0x7f00000010c0)=""/4096, 0x1000)
close_range$auto(0x2, 0x8, 0x0)
madvise$auto(0x4760, 0x10000000000000, 0x8000)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r3)
ioctl$auto_KVM_GET_MSRS(r1, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [{0x175, 0x100, 0x3fc}]})

4.867810624s ago: executing program 7 (id=4809):
close_range$auto(0x2, 0x8, 0x0) (async, rerun: 64)
r0 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r4=>0x0})
socket(0x2, 0x5, 0x0) (async, rerun: 32)
mmap$auto(0x0, 0x2, 0xe2, 0xeb1, 0x405, 0x8000) (async, rerun: 32)
r5 = socket(0x25, 0x1, 0x0) (async)
epoll_create$auto(0x4)
epoll_ctl$auto(0x5, 0x1, r5, 0x0) (async)
sendmsg$auto_NL80211_CMD_SET_CQM(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x20, r2, 0x1, 0x70bd26, 0x25dfdbfd, {}, [@NL80211_ATTR_CQM={0x4}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x40800) (async)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, r2, 0x100, 0x70bd27, 0x25dfdbfd, {}, [@NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0x3}, @NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0x8}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x3e03ee18}]}, 0x2c}, 0x1, 0x0, 0x0, 0x880}, 0x4000800) (async, rerun: 32)
r6 = socket(0x848000000015, 0x805, 0x0) (rerun: 32)
readahead$auto(r6, 0x4, 0x26) (async, rerun: 32)
r7 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0) (rerun: 32)
ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r7, 0x40345410, &(0x7f0000000080)={{0x5b6d37f, 0x5, 0xffffff44, 0xa6}, "25e09111149bb20d30413cbda84920eee190ccc5191b4b6f25f2f3bfc7aef6db"}) (async)
r8 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000001c0), r1)
sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(r3, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000240)={&(0x7f0000000340)={0x4c, r8, 0x300, 0x70bd2c, 0x25dfdbfc, {}, [@ETHTOOL_A_MODULE_EEPROM_BANK={0x5, 0x5, 0x1}, @ETHTOOL_A_MODULE_EEPROM_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_batadv\x00'}]}, @ETHTOOL_A_MODULE_EEPROM_PAGE={0x5, 0x4, 0x1}, @ETHTOOL_A_MODULE_EEPROM_LENGTH={0x8, 0x3, 0x4}]}, 0x4c}, 0x1, 0x0, 0x0, 0x44844}, 0x4000014) (async, rerun: 32)
ioctl$auto(0x3, 0x6, 0x91) (rerun: 32)

4.539282532s ago: executing program 6 (id=4810):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000010c0), 0xa02303, 0x0)
r0 = open(&(0x7f0000000800)='./file0\x00', 0xe4201, 0x17c)
fcntl$auto(r0, 0x400, 0x1)
socket(0x1, 0x2, 0x40000008)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0)
setsockopt$auto(0x400000000000003, 0x1, 0x18, 0x0, 0xd902)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd3/queue/iosched/write_expire\x00', 0x20681, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(0x0, r1)
bpf$auto(0x8, &(0x7f00000001c0)=@bpf_attr_0={0x7, 0xb5, 0x10, 0x4, 0x53400000, 0xffffffffffffffff, 0x9, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x2, 0x7, 0x7, 0x6}, 0x10)
r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/038/001\x00', 0xa821, 0x0)
ioctl$auto_USBDEVFS_SUBMITURB32(r2, 0x802c550a, &(0x7f00000001c0)=ANY=[@ANYBLOB="028006a00600000005"])

4.297860862s ago: executing program 7 (id=4811):
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0xc, 0x9c0f, 0x44eb2, 0x10006, 0x300000000000)
socket(0x2, 0x3, 0x6)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer\x00', 0x101000, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x20001c03, &(0x7f00000002c0)={0x0, 0x400000000000c4}, 0x1, 0x0, 0x0, 0x3}, 0x5}, 0x4003, 0x4000)
fcntl$auto(0x3, 0x4, 0xa553)
select$auto(0x7, 0x0, 0x0, 0x0, 0x0)

4.055711395s ago: executing program 6 (id=4812):
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/manager\x00', 0x40040, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0xc, 0x9c0f, 0x44eb2, 0x10006, 0x300000000000)
r1 = socket(0x2, 0x3, 0x6)
r2 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x51)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
socketpair$auto(0x1e, 0x3, 0xfffffffe, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x3}, 0x7}, 0x3, 0xcad7)
syz_genetlink_get_family_id$auto_smc_pnetid(0x0, 0xffffffffffffffff)
sendmsg$auto_SMC_PNETID_ADD(r0, 0x0, 0x4000001)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_SMC_NETLINK_ENABLE_HS_LIMITATION(r2, 0x0, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, 0x0, 0x20000000)
sendmsg$auto_BATADV_CMD_GET_ORIGINATORS(r1, 0x0, 0x4)
write$auto(0x3, 0x0, 0x100085)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0x14, 0xfffffffffffffffa, 0x6)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0xa2741, 0x0)
mmap$auto(0x3, 0x200000000005, 0xdf, 0xeb5, 0x401, 0x8001)

4.04315158s ago: executing program 5 (id=4813):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x2006, 0x4)
r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0)
mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8e051, r0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010026bd7000fcdbdf250100000008000200", @ANYRES32=0x4, @ANYBLOB, @ANYRES32=0x9, @ANYBLOB="0800070004000000"], 0x34}, 0x1, 0x0, 0x0, 0x20000800}, 0x80)
bpf$auto(0xd, 0x0, 0x6f5)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r0, 0x1)
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x480, 0x0)
mprotect$auto(0x0, 0x806121, 0x6)
r3 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
ioctl$auto_PAGEMAP_SCAN(r3, 0xc0606610, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
init_module$auto(0x0, 0xffff9, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
r4 = socket(0x2, 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
setsockopt$auto(r4, 0x6, 0x6, 0x0, 0x7fffffff)
madvise$auto(0x0, 0x8000000000000000, 0x15)
madvise$auto(0x0, 0x2000000080000001, 0x3)
close_range$auto(r0, r0, 0xc0)
capset$auto(0x0, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
keyctl$auto(0x2000000000000017, 0x3ff, 0x2a, 0x0, 0x4)
keyctl$auto(0x2000000000000017, 0x3ff, 0x0, 0x0, 0x3)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x80, 0x0)
move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x91e4)
mmap$auto(0x0, 0x200003, 0x4000000000df, 0x40eb2, 0x402, 0x2)

3.554518767s ago: executing program 6 (id=4814):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mdstat\x00', 0x1c1080, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f00000010c0)=""/4096, 0x1000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000100), r1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
lseek$auto(0x3, 0x7ffffffffffffffd, 0x2)
mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000)
mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r4, 0x0, 0x20)
r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r5, &(0x7f0000000200)={0x0, 0x7}, 0x3)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe4643, 0x0)
mmap$auto(0x0, 0x9, 0xe3, 0xeb1, 0xffffffffffffffff, 0x8000)
write$auto(0xffffffffffffffff, 0x0, 0x1ff)
r6 = waitid$auto(0x42, 0xffffffffffffffff, 0x0, 0x2, &(0x7f00000002c0)={{0x0, 0xffffffffffffffff}, {0x4e, 0x7}, 0x7f, 0x9, 0x6, 0x3fffffff80000000, 0x800, 0x7, 0x7, 0x7, 0x9, 0x3, 0x10001, 0x9577, 0x9, 0x9})
bpf$auto(0x12, &(0x7f0000000040)=@link_detach={<r7=>0xffffffffffffffff}, 0x26)
r8 = geteuid()
shmctl$auto_SHM_INFO(0x7, 0xe, &(0x7f0000001180)={{0x7, 0xffffffffffffffff, 0x0, 0x6, 0x2, 0x7, 0x9f71}, 0x80000000, 0x800, 0xfffffffffffffff8, 0x1, @raw=0x6, @inferred=0xffffffffffffffff, 0x5, 0x0, &(0x7f0000000140), 0x0})
fstat$auto(r7, 0x0)
pidfd_send_signal$auto_PIDFD_SELF_THREAD_GROUP(0xffffffffffffb1e0, 0x2, &(0x7f0000000380)={@siginfo_0_0={0x4, 0xfffffffa, 0x0, @_kill={r6, r8}}}, 0x0)
r9 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
mknod$auto(0x0, 0x20e9, 0x103)
r10 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x640, 0x0)
read$auto_mon_fops_binary_mon_bin(r10, 0x0, 0x0)
ioctl$auto_LOOP_CTL_ADD(r9, 0x4c80, 0xfffffffffffffffd)
prctl$auto(0x4, 0x1, 0x3ff, 0x8000000000000001, 0x9)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000f40)={'batadv0\x00', <r11=>0x0})
sendmsg$auto_BATADV_CMD_SET_MESH(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x24, r2, 0x0, 0x4070bd27, 0x25dfdbfd, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r11}, @BATADV_ATTR_MULTICAST_FANOUT={0xffffffffffffff7a, 0x3c, 0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x24044040)

3.445433924s ago: executing program 0 (id=4815):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x3, 0x0, 0x20)
r0 = socket(0xf, 0x80000, 0x0)
close_range$auto(0x0, 0xffffffffffffffff, 0x2)
memfd_create$auto(&(0x7f00000000c0)='IPVS\x00\x84\x94\xbf\x7f\xe0(\xc7^M\xbe\x92\x98?I\xa5\x95V\xf2{\xd6\xc1\xc4.\xc3ja\xe8\xa1o\xb5-Z\x9dc\x152\xaew`0M\x1b3\r\x8afQ\xc2\x82W?r$\xf0\xce\x7f\x15\xa1\x13\xb2\x84\x04\xad<\x91\x85\xb22G\xf6\x8b\xba<\xe9&\x17%\x1a\xa5c\xe8\x06\xd4ok\x8a\xb2\xbaz\xf1\v\xf4\xaa\xda\x91\xfb\xea\x17~C\xb3\xc4S\xce\x83\x13\xd9\xbd{d\xfdB]\xb0R\x05b\x1b\xa5\xb8\x85\xa9\xbc5-9\x94\xa4QG\x06Z3#\x1cK\xbe\x16\xebaE~\x00\x00\x00\x00\x00', 0xa)
fchmod$auto(0x0, 0x1)
io_uring_setup$auto(0xff, &(0x7f0000000080)={0xffffffad, 0x4, 0x8, 0xffffff01, 0x9, 0x8, r0, [0x6, 0x4, 0xffff8000], {0xcb, 0x8, 0x0, 0x400, 0x9, 0x6, 0x0, 0x8, 0xffff}, {0x33, 0x7, 0xe3d, 0x3, 0x400, 0x7, 0x1, 0xfffffffb, 0x100000000}})
r1 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D1p\x00', 0x800, 0x0)
socket(0x2, 0x1, 0x106)
listen$auto(0x3, 0x81)
poll$auto(&(0x7f0000000d40)={0x3, 0x1, 0xa}, 0x5, 0x400)
shutdown$auto(0x200000003, 0x2)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), r3)
sendmsg$auto_OVS_DP_CMD_GET(r3, &(0x7f0000000200)={0x0, 0xf000, &(0x7f00000000c0)={&(0x7f0000000000)={0x1c, r4, 0x374fe8f90a251713, 0x70bd29, 0x25dfdbfc, {0x3, 0x0, 0xf000}, [@OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8, 0x7, 0xfffffff7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20044010}, 0x20000008)
unshare$auto(0x40000080)
mmap$auto(0xfffffffffffffffc, 0x20009, 0x4010000000df, 0xeb1, 0xffffffffffffffff, 0x80000001)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x1, 0x0)
futex$auto(0x0, 0x8, 0x8, 0x0, 0x0, 0x80000001)
r5 = wait4$auto(0xffffffffffffffff, &(0x7f00000001c0)=0xf15, 0x9, &(0x7f0000000200)={{0xe4a3, 0x1}, {0x3, 0x2}, 0x1, 0x9, 0x4, 0xfffffffffffffff8, 0x4, 0x7a7f, 0x7fff, 0x8, 0x1, 0x0, 0x8000000000000000, 0x6, 0x7, 0x3})
r6 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r7=>0x0})
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r7}, 0x6a)
sendmsg$auto_OVS_DP_CMD_GET(r2, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000340)={&(0x7f0000000500)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="000109000000ffdbdf250300000008000200", @ANYRES32=r5, @ANYBLOB="08400200aff0b825fc3e7f9b77f25e4448fedb8183bbaf57371b06fd9c6fcd1233b3203c66a5eaeca31a0fd4fd596070db423f9c75b40b28971a7227d70f529c370183a9cd695124cbdefd22150e884b09e87403eb8028d4c521317a026cdf2c0dbe598a07892a8f97eca82a0f89ef161bc433debf53346696238b53f7ad4ad69b3f78822a0ddfb53666a60c4ae0c647f575c97f942f3c8dbeced5d1acacdc04253c4a550b49895ac9984801327c94941dade1b4e28a2f502497d041075c3a711572bc597d83f91190d74cc0cc76f50482ad3d629ced", @ANYRESOCT=r4, @ANYBLOB="0800050005000000080007000800000008000900", @ANYRES32=r7, @ANYBLOB="080001002d5d2500"], 0x44}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
ioctl$auto_SNDRV_PCM_IOCTL_STATUS_EXT64(r1, 0xc0984124, 0x0)
bind$auto(r0, &(0x7f0000000040)=@tipc=@name={0x1e, 0x2, 0x2, {{0x1}, 0xffffdfff}}, 0x66)

3.304788658s ago: executing program 5 (id=4816):
madvise$auto(0x0, 0x8000000000000000, 0x15)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
open(&(0x7f0000000800)='./file0\x00', 0x2240, 0x154)
mmap$auto(0x0, 0x8020009, 0xe2, 0xcb1, 0x401, 0x8040001008000)
socket(0x11, 0x80003, 0x300)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x40840, 0x0)
read$auto(r0, 0x0, 0x20)
pipe$auto(0x0)
r1 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000008040), 0x2, 0x0)
r2 = socket(0x22, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x80044943, 0x0)
ioctl$auto_I2C_SMBUS(r1, 0x720, 0x0)
socket(0xb, 0x2, 0x800)
write$auto(0xffffffffffffffff, &(0x7f0000000000)='wg0\x00', 0x2)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8000, 0x0)
r4 = socket(0xa, 0x2, 0x88)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000280)={'wg0\x00', <r7=>0x0})
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r7, r6, 0x4, 0x10401, <r8=>r4, @relative_fd=r5, 0xe600}, 0xf)
socket(0x15, 0x5, 0x0)
unshare$auto(0x40000080)
futex$auto(0x0, 0x85, 0x104, 0x0, 0x0, 0x7fffffff)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0xc0502, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r8, 0xc0045002, &(0x7f0000000200)="74f02ce394a9bae33e542d78f10a7160c29418dc8e4209482df963dd2261fd2a5cb5412bca656b2bff1253be904a83841888199d711a1b25b744d23d0da90455b118168eb260f78852d9cdc05b44b829f6f850f92851bcf4e0afeaf1587d1b5f17031134c4009cab6fe78fc27d860472")

3.282646168s ago: executing program 7 (id=4817):
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket(0x1e, 0x4, 0x0) (async)
r1 = socket(0x1e, 0x4, 0x0) (async)
get_robust_list$auto(0x0, 0x0, 0x0)
setsockopt$auto(r1, 0x10f, 0x87, 0x0, 0x14) (async)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) (async)
bind$auto(0x4, 0xfffffffffffffffe, 0x0) (async)
write$auto(0x3, 0x0, 0xfdef) (async)
close_range$auto(0x2, 0xa, 0x0)
ioctl$auto(r0, 0x4b47, 0xffffffffffffffff)

2.851203996s ago: executing program 0 (id=4818):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x2006, 0x4)
r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0)
mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8e051, r0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001300)={0x34, r2, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, '.SR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}, @OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8, 0x7, 0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000800}, 0x80)
bpf$auto(0xd, 0x0, 0x6f5)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r0, 0x1)
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x480, 0x0)
mprotect$auto(0x0, 0x806121, 0x6)
r3 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
ioctl$auto_PAGEMAP_SCAN(r3, 0xc0606610, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
init_module$auto(0x0, 0xffff9, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x8000000000000000, 0x15)
madvise$auto(0x0, 0x2000000080000001, 0x3)
close_range$auto(r0, r0, 0xc0)
capset$auto(0x0, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
keyctl$auto(0x2000000000000017, 0x3ff, 0x2a, 0x0, 0x4)
keyctl$auto(0x2000000000000017, 0x3ff, 0x0, 0x0, 0x3)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x80, 0x0)
move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x91e4)
mmap$auto(0x0, 0x200003, 0x4000000000df, 0x40eb2, 0x402, 0x2)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)

2.760880563s ago: executing program 6 (id=4819):
openat$auto_cgwb_debug_stats_fops_(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/bdi/1:1/wb_stats\x00', 0x0, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/softnet_stat\x00', 0x40102, 0x0)
close_range$auto(0x2, r0, 0x0)
openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/modules\x00', 0x200000, 0x0)
sendmsg$auto_NL80211_CMD_STOP_AP(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0}, 0x1, 0x0, 0x0, 0xc}, 0x0)
r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x200580, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x10101, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/all/disable_ipv6\x00', 0x1401, 0x0)
pread64$auto(r0, 0x0, 0x100000001, 0x3)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
readahead$auto(r4, 0xcc7f, 0x6)
syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000180), 0xffffffffffffffff)
r5 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dri/card0\x00', 0x1a9800, 0x0)
sendmsg$auto_NL802154_CMD_SET_CCA_MODE(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000200)={&(0x7f0000000500)=ANY=[@ANYBLOB="e8130000", @ANYRES16, @ANYBLOB="200025bd7000fcdbdf250d00000008000e000900000005002500f70000000800160003000000050029000100000008001d00", @ANYRES32, @ANYBLOB="08001c00", @ANYRES32, @ANYBLOB="050010000000000005000f0010000000911319805dd0d8351c0cad9d396968f05ef7d4c690f479a071053522b88acf32340a0bf34df2f86ac1c9992d9c4a9ceb70afd3ec2613be843f708c0c69d7937d5be46154f09aeb7c980a595f82fe4b58c6410adc98a34d6ce6207c4ff7c1f76be5cd80f03af98c92b976b0181f5650885671ca64985a3e0b00fccb3daa4ea0cf5979222974f2ca9d498b83c61157754e8f137965103cde6c5ad438ebf49a29359507c332d53faa1bac10a2f4d359a2abd12280c2aa512ec6d7f11fc9073c8d7eb1fa493eda8830c5825a1160c8d9e017a0000c8085d5b5b8ac398c9c8f1c5087c4c38874bc38f5e4aef8a3af7d510542c5bfb64edf6f34b7f1e313ad01e7c3bf0fb8162b517b3e35a251ec938888c67351f98b3345094a891a4ff693873c2be1e8a3d9deab2119b1e58b2a24a3be46e826d1c82f0c3d1c389f9727968fb3d32b8c2d95ce6609a903bec4d810ca34f995a7c9fde0f7e2c58d1276022cb1b2fce63da56abbf32e47a3c2eca09f07abf50878fb5ff4f10a43cc4de6f44d1c859027f7903c99c5688f721c80f0bf0398c465bbf2a02d7c45045e19dffeea8b559b2e71179a0437d911895a962dfafe65ca7539ddd1eb61bd81a959b37dcdb8c10abf83bd034579d6f7ef915feb6d313457256110de82405145192e41f7901fed5da97ccc506443220f1b2c9b4ec3404579102b2a80bebe3c2d5065aab3e113f0eb172c82522c41c7f41fb18c1223666797afdd6d11009db53af200ea5932bb4a32c9d3b07cbab7a4faa4460d8ad4ba554199cb6bab2a0f48188d768892c0057ad13556fd6be979ce33081e200897960b6174d506d496f9f41c77d133ff0fba5cd8cca855828c177431e6d4b4700cd89ec5fe219496ba566169a0d992535113c0eaa9419f0e1d78307bcfd8b7bd87cb776af27ce72a27165e73e9d19f7e3c18c9dacf425396ee9a626680ad11a1f65570221b1eab102697f050c1a27aec7e8355d794d9d23710f661b94de603021e9d113b2de8f7b0cde3c2617bb5a3b661bcc147d18a714dbdee9a267e0522dc20c5b4f520db510bfa80ef33b21000f4f16e1267fad2d67cae85952e4d196ce6415fc5ea3555070a83f2c322057f7966f33b4eadc29e8c11ee90841cd068086f2ee774f66b5670a3974f46c04b2c0bd11348768d377d79634fda8d991ecf3b47480fe4ea06ec48e17f977ab5f7c72dd91fc3e7879faa7858c02a817ce2eb222c8b43ff652355c2a5781f9eb05dc8bc584aeb84c0dfb00720c0dff91faf8900631b8120fd07e1e03636b307e34efb65e55355318113f63bab0237e0926d7e78687c1c0fab9f5c55c9991a4b156267ebb60bb1499e69bfe097b0c69e9c45ca57a23cb959aa509039c6291b3a2d0733db511ea42e3932bd2591753672357efca662baf9812602c42b9fc903f3f93f5e040c677561e36637755642d492788e483efbf3573988a0d8a3c1dd6c073e8700973a9f0269846df3584d8459eab2b3656be7982793730fd27d0e513fd69e4a125f988e1c451d7238a6d4e6ba5f62ede67ace1158c287b961fe38228c08ddfec8831c5b38fbfc16883e7422468b996783da513f865b96640dbb79f57665737dcd4454e8d675c939d3d17d5c1c1a43f66b5290129f2c1d8b4a5c312f08f88696371bc06895525654044dcab004e70f016f04fd7b5fb6a6561acad2a5f6545863a07e8822d8f5db54f4dee1e10d4c32e917d8f78eaa7648c0fe559bee122f3f76d71da9b6fda403ebef9f563e59960a06bef1621c960e20b61ae74ca7d4aa5b061d7ae27a83d35069555a19392c6a73a750fffa62d8977d0111489cee3324541a0835bc7f482ece617210b4b83f2654248b02b5d8b03e976c65a3253047bb6668571ccca3596e64fe811f3bfdec6654a36dee7f5e431165f9c444a155d5ed1172eedb6c3d24c0bc598fddadbdb7ba55f76bafc47c202230511e93c167e5689119e1eacd8d8e341d35f01ea909799236dc853c733c5ccce11fa97669cca3dd656f023c66d9892d639b04aeab0cbca21656d17f63d04d7f58429ce5cc622abaded72f4823c062e65650cf728afd2673374386cd0acb213e1830169a570180bda9faa66f22e2126a55f8c71f157be732dfc9763b382ad7faabe5cb26d60a463ce4056ca344b84d172116f1c6ea84886617da7f85f7ff892f72adbe1ff4348541ccdb92070babab77013ce1a9f9638dcf691e72aa7176d9f27f5e9a3939cff26d2d8800dc215906ea705491f6195ba37c39620fb9d6c6247f70292921e93ef0e5a5b3a87956f5c026779d6e1b8775e74e7b5ab0eacec376ac6094fd50ba1ac4f542568ea64ec7e6a48f23a96b171b51981cf685c882f4200243f0b2ff6fe9df17dd483c1ecb9081793f19c67e5c232b06cb4cead14ebe9b10e6c59a3cd0381499a1dfdaeeda9bcb4996e181110812edc42161b18088a91cf84b630b486800629af00488dbb6e041ea77ec0293f7741bc3b4154d3782c20f30f5a054f94e1e736ec816e437a4ce7d2d4fb03296d6daf2563e530a6a1ea36ff36e3ce0c36be1d8e0cab85908a8cff46583678ba0000180b72be3b48a96b522f33700927d970b92cc45413c1c606e1adcdd6efef1789265fd74eb7963f8b76726a08b3cde9eed05ff8357ddf2335a9975e8c684435a16a8648df6b2a3db2e8c3d2889e50b09ba9a3b69838f6d6a17f2450ed3a4b108fa40191acd58437eff057d11f5c7cf9b5fd6b7007312526cdb628500c50feefc5c4f34bb4a36bb7d0fa2e672045d67d432113d78ba28560e727e576a75a248fa88f26a910c8e9f6afbbefc9bb4744378ed7b7ede034b7f0e16de392d3b81b552e29398767641fc1712ad220a21626b609a528033b651b3100cef72cbfa4e00060bc089c499964807f14ed670eb96fef80195d02d6d9c2d2b818ac5443eaf6bc192551024518663d4ca0e0d969a02e3a181be2ab1d153d66da82078ebfe1fa7f87e3d7295bb7c75473769c6c1a995d4fcbecf4a03e08fbd1b46cf893d9152276326541dd903ddd4f1bd8a0c22a7e57878df5875401ffdbe4f87a58d7a0932de6e968a045adc2e01e3430971a3a90ddd81fb676da11ba97a9d85ea76d2a3ebe02b3edb0f19102de918915ad3ae29e6f92ced41f5e764c48cb13d361983e120e4ddbc818c9729a5f71a851fdfec67c65d62be7e35c01fb3dd66509f4e1f44208b5ec986987563cccd732e182129e03bf19e31fa71e0b2950c8c998cec3bd0a0bf8f8ca01ecd1e87a071ac1cd63766371f381aa561699f8870e4d23be5b7f1fd9e11e6c5b732dfee24d74779d5295086186c232d4614ac2c3c4415b485f9982ef957bc44733fff08d6997cd9161840f86dc66bec05897af22043c465b876f4406bafee140d9e0d4bae618b3a3dc61e55be083c061ed6330b85a4e6220d74ae47e679f8978359f4a99373717adc8d0c87caea0163cf4596f88f70fe20e6e0a29a8570e7f8db591a7ea13105ac8a020e828acd313e5f66f6026143b2064399326d4110d551cfeb9a08a0ba3d7a5ea369ed2a9e77f7eb1027960f0e0cca2db39119cf57a2d79902196332dd6cceb143e614bbea3580870c88b638a9d6b418e739ce384dee66b6bc176e121c2f80fff1993874f2a0c919d8f5749613f004874cdaae31a72b84366ef73ef26ba2ced69a2b35758c8d65a4ba7d5efc3bb580a710aa05d8fb00bca4bc55a9444ef137bfa75c048e94a93d782990b219e289efa4106741fe7986f5b19f1fc2fa12929ad5a40cf3386c44bf427a3a3a762feb517e7b758917505d4c2b6f5c97df4fb2f4b8a87691e86738224955accb163c94ea66dbadb47f482774f98bc20c3fc6d9c4e290757797433f31fcbce8d899e7008fe91c5436e5b0224e186243cbf41ecdbe28ea7faae521684a92eee958572760cbf567d6485cc1287c52c73f287a53177d6ed6c06e9acabf0f79b4ab9301b7c7e3a0552fc73ffac6449a973a71ceca04a96242cd33fb258fe34d1b81a41f50524903e1117d1530732d60437eec8e1b32d0f0ef123710ef2560455521d5a5430bf0ee1bbab7943f1226da08864bd22b53d7aa884c9ca40af5719d56526236dddbde738f471c941a34c70a96b13024c5ff5f270a478779181ee75e50278fa6cd4e7852c7a2aa051f32fbf122695f11bda9c07ace028ef63a7ea360d79c98dbf40438ed51d66fe9a5acab62485e82649315aa03a7d31b7aeb352dfd747ee350042c923ad6d0e12686584cd00907963a25213e550772133e21b740244b6dc96fdb40db33d7326524deb8eba486987cccc9a23c5901efa0325d24f8c2e9c0ce987873fe5d117146df81c39a6894324dc5066351e5aed7b995713925ab90999bb481d0474295b00f43d1775ecee823215f5dcbb0ec6dce3b1c8d285f3e88da8dfb9be65f838108e18fb2c7be625eb953b21111bd33d53076a1c9c0993363bebff5a8df6cbee45784e99270ac2eb4c5647e655ddacf0cc7bc0e34e44ea0000a474314c986ab01b9792ea49d5555568f1afb499c24127dfc17379284d6b66f81659ac63e51d125d3db89f6f72260b681e0e7cc2cc3df4956650393e224d5f2fa7765ed82babb6be8d19400e0e7cc1c3678f6e29f013747ca094d6b459bc70b447dc62576a0bacb9189639c6ee2b081e24d1822cff983a9681acd5c0101415051afb960b3091806b56ee959d11e8484f50094723d568fd388088a1eb3bf57506ccc35c6964d6d3ae4bd6ab7bf5188ef5b8eb98240f932c1409530ab1b094db8417b49bf29c018c2b52afc45097a267db054e11318543644f0a3ab4ec140730ef2ba0a79f5b112639c7071680e5a316dd48d89f95142af8c1752a97976bec7af58e5b5d0ae61bbe18added826244921eed996276e4ba75bd39c9695404e3aa772b345e07398a40cd3490574ab95fde3dbb5391ee9de9d91dc178e57f689479b219b7bdc2aba0532665ea80385bedba86231e3d644da9c503f261eab3e83f38f4acdd46445af1c8d9f2cf28806636bd316a553b6fe5f06ebd5987c3e140cfba4c1abd421d5abc4b5a1952c0790863499fd3b642cf0bb7b0ec2130591f87cf9203684504c105782d5fb4ae8ee26b84c85ee7a6f15704ec54df4d23df22f7e49cf6b8cb69fa5e73d065276574e897c08fe5350d44ecfc82c10763e888213ecc63e74b49cd55127665a78ad0256ee92ad4a55cb7c06ecbdb60ea1c31e1aa8ebaebca08890e5a4194d85f9b5a2320d744a7ebd1b74380809ace8a1da76b15e1a0cc6cace83449d5683b7e9fc97b3013674263cadd466fc46d607044d65a17e4ecc29dfcb0fb705b5ccd30a1ab0a562b96493e17971c1b9d7bad1be3741f6487fbedc5cd673307eaf8ab7e7c210688083d95c70ea826e2696d6fc4f12961ad571da53f97051c79c0b7164298e37dba03a0853b2d018a6ee13906a1bf1ce5a29edd56441738a3c589c62298beb6303a0653ecc87c5e27a4c23cbff7680219d47e338f0cdcadcc67f7bfb7e569b1bf4d04a8667f43d1ed38f3e11c3980f5c275e9d810e195ee6ef8f5148977754c425a3fc25059e7e0bc0baba14aedaf15eed92e417b4171927d57bb391545a787e9a1fb16a94758c10b4e54745619f5cb063f2a24fce8661a776c40995d84b419ec7590081d7dc18efb4d9d0cad2c214a183d718676341dd5573b21d6d1fce0b53f69721559972a86a94db30ae8e4834b248115f345a224cc68ca7c585c37f8d0f781a9191ada5f30de18c160b6e547e5750b6cb2b4c1fc6daf606caa3ba45549741b0d365a609228f4ba629ad4d8ba7e62e54f7c539ef3eac4350f34606c8b4055409058647a62559cf16f4fc914f9a869197a3f4798a6c2a282958a16b1c69183800a3c64fa62171db258667c116d2c93001cbff5803c85ef48f43e3c358b406ecad93378e497d8bd7aafa500aaa7cf6bc929d2c5b99eeca1c183d800fe9c3ef85a5df69f62e863ea82431019636986a9e185980c6213c1bc69c125d97d7e6ab49dffba0a31f6aa0673ee02a0c06c3d3b2a41f4ef68c78fe30dc403b338fc47b90167462cd3ebde43221681c0ed2ec260cd235edf612039e1eae18b6a843fa66cfcc5bcde1659674de9654be279de63e6d9227685c7c39479b481fdde55aec3168973ae167f9e42dc73cecc1a7f7bb0605807d0d356108d994f1730ca7683c5d58d7c98bb6a360f0661b1bc4f43e0aba4dc3c7d1d32e2965c87e91ace4535003171560f065640cda40cf0054f08db283fda9db07bfc007f91de696ea915f4eae797a0a2fb2281c7f4d081fbe0fc524201cc80d80a721c159b4117c69063fe42cf6901b612768ded037c10b5cae241faf6821429d3ad89eb17503400fab04bde5f597240df9d76109b9f2064a3fc87777a160dae977bed924dd748839a8eaf0ef1634deb20e842e2889d656836ff5b2cc7677408000500ac141431a44531d1d38e82c3cf9793cbd876e13ff34755bee117c02e2900a0c6008810e9e23454f67efe4a9fc9fb34ba19d36d6067feddbada4c59ff144ec1a846ea80c23ae0379eda82b90df44814d82d4df556587d62c0ae1de7a000152bab0b9e240bd103c3f02d11b62ba9a5514f434c10f7100d24f439f4783e46649456d03714f441ee0d45fd0404e2676b3ca8b173650ca9dae5ba2c0c9709e53767caf184b164ae4104ba4826ee15f496fb84371db3f2e765942e672348be0c63afa729f06d7e6c540400cb8008003000", @ANYRES32, @ANYBLOB="0400fc800400c78000001400be00000000000000000000000000000000010800cf000400000008006a00", @ANYRES32, @ANYBLOB="0400f0e27b3cc0db877cf1cc8280563131b4ddf0df76b142e03497f8b92ad836f6196f0875caf3994e4267693e119df29ba8821ea04a63dc08c42a308bc8ab56cf2e88446fdc8306f477d4c884a84cd8deed72bfa6d0e61cd72499731bf9609bb216c355197b4554957ce75c9487e810e70db9f27e230000000000000056bba493bd2b5a4d5a9daced037233b4a75653665333297e5517f61ca76f4cc1e7e77b071cbe0c113ee6f4f1a374d569c4fe6b2d67358af15cbdf7e13d1452"], 0x13e8}, 0x1, 0x0, 0x0, 0x805}, 0x20004001)
sendmsg$auto_NL802154_CMD_SET_LBT_MODE(r4, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB="14314c0010c0cae16d98c63b42", @ANYRES16=0x0, @ANYBLOB="080026bd7000fcdbdf2512000000"], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x8001)
ioctl$auto(r5, 0x92106402, 0xffffffffffffffff)
close_range$auto(r1, r1, 0x7c80)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_SNDCTL_DSP_GETODELAY(0xffffffffffffffff, 0x80045017, &(0x7f0000000080))
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000000100), r4)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001900)=ANY=[@ANYRES8=r2, @ANYRES64=r3, @ANYBLOB="1b0026bd7000fddbdf2503000000040008001800038014000c000000000000000000000112000100898771f1000000000000429ddda6f816d741732e93f1a1ff45e7eb42cce70e10aa34bb3c80883049b37ba106caa4b1a51638449c02a380c51d02f795f71ff8abbc265f16f86b813fded7a747faaae0637df5ee972cee20c12b8870bf7a8dd56f8289afcded87312f4a1a317425cc6a3abf12b5c2e3bfae5a1d1e1b057eeb931dc58ebd2b81515e22d56990d255c091e15526218e6f5b5926b6da28f45210c59e47156935d04ca5ed05d98a7c65322ddbb482696e6bd36700762768d666d7591b9883b8cbb9cea7669a590abba85e96a077a0d708f3d63c"], 0x48}, 0x1, 0x0, 0x0, 0x44000884}, 0x8814)
io_uring_setup$auto(0xfc, 0x0)
ioctl$auto_USBDEVFS_CONTROL32(0xffffffffffffffff, 0xc0105500, &(0x7f00000000c0)={0x3, 0x0, 0x3d34, 0xe37, 0x4, 0x3, 0x4})
sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800)
kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@buf=&(0x7f0000001a40)="fd69fc920b28dd9bb0637083a7fb8add860358ccbb1d82e18479327b73dd3f8efa83bca51207b0bec462e870050fbb178168e105217b18f5a10cef4b38d59c35ae32821a7119a690a835c7592668782c2d67ba29f571d46f02d9a45bff493789a25770609c44e0d9a60d9eb7fd244200ae90f853c0c873eac99cd53512be8b0d25ffbc4c28a6b73e489914e3a25142609e", 0x23, 0x4800c000, 0x800c000}, 0x2000000000000004)

2.62317163s ago: executing program 7 (id=4820):
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
sendmsg$auto_VDPA_CMD_DEV_NEW(0xffffffffffffffff, &(0x7f0000000a40)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000a00)={&(0x7f0000000980)=ANY=[@ANYBLOB="6200db68", @ANYRES16=0x0, @ANYBLOB="100026bd7000fcdbdf250300000006000d00080000001400020074756e6c3000000000000000000000000c00140009000000"], 0x48}, 0x1, 0x0, 0x0, 0x40010}, 0x4000004)
socket(0x2b, 0x1, 0x1)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000000c0)=""/17, 0x11)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-touch0\x00', 0xe0800, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000100), r1)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
r2 = socket(0x10, 0x2, 0x0)
ioprio_set$auto(0x2, 0x80000000, 0x8)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0xc20f0000, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x8)
syz_genetlink_get_family_id$auto_handshake(&(0x7f0000000800), r2)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_NEW_KEY(r4, &(0x7f00000048c0)={0x0, 0x0, &(0x7f0000004880)={&(0x7f00000003c0)={0x1c, r3, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@NL80211_ATTR_KEY={0x8, 0x50, 0x0, 0x1, [@typed={0x4, 0x6, 0x0, 0x0, @binary}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x890)
sendmsg$auto_NL80211_CMD_SET_WIPHY_NETNS(r2, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000080)={&(0x7f0000000380)={0x1c8, r3, 0x100, 0x70bd29, 0x25dfdbfd, {}, [@NL80211_ATTR_SAR_SPEC={0x2c, 0x12c, 0x0, 0x1, [@NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0x7}, @NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0x5}, @NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0x5}, @NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0x86}, @NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0x5}]}, @NL80211_ATTR_BSS_CTS_PROT={0x5, 0x1c, 0x9}, @NL80211_ATTR_STA_FLAGS2={0x50, 0x43, "bab3dfe1724c26ce3b77431802dd3e046c34e87bfcd7a94c80137560e44a2a48484eb8f784384f0c1c986c8970edd65ed3d062aeb0b309a8eb4ae2029885453a931f790d6b95607fc392f8b2"}, @NL80211_ATTR_BSS_SELECT={0x112, 0xe3, 0x0, 0x1, [@generic="906454d8f03346460dcc09f652ae3c44013bbdde0a2128257fa26cdeb82b696d37666ddbf74b67f562828c73ca59c61a5db3ad5286c61da52ec70d4124b44ca5527d876ebd7f3fdfc340656bc7f5a9e3484554b741263ecae0f7d0f6b1ec1f49c400be9efcff1f80cd6c49deb780017d7c6163e8ec947af78a54da", @generic, @generic, @typed={0x8, 0xf4, 0x0, 0x0, @ipv4=@multicast2}, @generic="b781e7725e1d13299e4ce79860fbf51da88a7e58faac0cc260f28051eccdc8218dc670c75cccbac1671c55133ccbff9095e8aa9c18c16682d7c2c33ac533da30291585bba2ee41022f369efb6ace47ba64a3ac8dfd3b88ba185767bdb34350902648849a771f5cd9f42cfcb8e5d201a2a34a5e74b391c935e91be553f6916c47a6cb004077e7ce5ce4cd70"]}, @NL80211_ATTR_SSID={0x1c, 0x34, "b42f7427e95bd9440ae73a0cc7670e6e895b500a071ddb0c"}]}, 0x1c8}}, 0x28814)
socket(0xa, 0x1, 0x100)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r5 = socket(0xa, 0x1, 0x100)
syz_genetlink_get_family_id$auto_wireguard(0x0, r5)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/nbd5/trace/enable\x00', 0x68041, 0x0)

1.518231431s ago: executing program 5 (id=4821):
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
sendmsg$auto_VDPA_CMD_DEV_NEW(0xffffffffffffffff, &(0x7f0000000a40)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000a00)={&(0x7f0000000980)=ANY=[@ANYBLOB="6200db68", @ANYRES16=0x0, @ANYBLOB="100026bd7000fcdbdf250300000006000d00080000001400020074756e6c3000000000000000000000000c00140009000000"], 0x48}, 0x1, 0x0, 0x0, 0x40010}, 0x4000004)
socket(0x2b, 0x1, 0x1)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000000c0)=""/17, 0x11)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-touch0\x00', 0xe0800, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000100), r1)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
r2 = socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x8000, 0x9, 0x3, 0xb, 0x5, 0x1ffde, 0x3, 0x6, 0x2, 0x9, 0x5, 0x20000000003, 0x5, 0xb0, 0x7, 0x2, 0x3, 0x5, 0x7, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000476, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8]}, 0x1fe, 0x81)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0xc20f0000, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x8)
syz_genetlink_get_family_id$auto_handshake(&(0x7f0000000800), r2)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_NEW_KEY(r4, &(0x7f00000048c0)={0x0, 0x0, &(0x7f0000004880)={&(0x7f00000003c0)={0x1c, r3, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@NL80211_ATTR_KEY={0x8, 0x50, 0x0, 0x1, [@typed={0x4, 0x6, 0x0, 0x0, @binary}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x890)
sendmsg$auto_NL80211_CMD_SET_WIPHY_NETNS(r2, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000080)={&(0x7f0000000380)={0x1c8, r3, 0x100, 0x70bd29, 0x25dfdbfd, {}, [@NL80211_ATTR_SAR_SPEC={0x2c, 0x12c, 0x0, 0x1, [@NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0x7}, @NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0x5}, @NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0x5}, @NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0x86}, @NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0x5}]}, @NL80211_ATTR_BSS_CTS_PROT={0x5, 0x1c, 0x9}, @NL80211_ATTR_STA_FLAGS2={0x50, 0x43, "bab3dfe1724c26ce3b77431802dd3e046c34e87bfcd7a94c80137560e44a2a48484eb8f784384f0c1c986c8970edd65ed3d062aeb0b309a8eb4ae2029885453a931f790d6b95607fc392f8b2"}, @NL80211_ATTR_BSS_SELECT={0x112, 0xe3, 0x0, 0x1, [@generic="906454d8f03346460dcc09f652ae3c44013bbdde0a2128257fa26cdeb82b696d37666ddbf74b67f562828c73ca59c61a5db3ad5286c61da52ec70d4124b44ca5527d876ebd7f3fdfc340656bc7f5a9e3484554b741263ecae0f7d0f6b1ec1f49c400be9efcff1f80cd6c49deb780017d7c6163e8ec947af78a54da", @generic, @generic, @typed={0x8, 0xf4, 0x0, 0x0, @ipv4=@multicast2}, @generic="b781e7725e1d13299e4ce79860fbf51da88a7e58faac0cc260f28051eccdc8218dc670c75cccbac1671c55133ccbff9095e8aa9c18c16682d7c2c33ac533da30291585bba2ee41022f369efb6ace47ba64a3ac8dfd3b88ba185767bdb34350902648849a771f5cd9f42cfcb8e5d201a2a34a5e74b391c935e91be553f6916c47a6cb004077e7ce5ce4cd70"]}, @NL80211_ATTR_SSID={0x1c, 0x34, "b42f7427e95bd9440ae73a0cc7670e6e895b500a071ddb0c"}]}, 0x1c8}}, 0x28814)
socket(0xa, 0x1, 0x100)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r5 = socket(0xa, 0x1, 0x100)
syz_genetlink_get_family_id$auto_wireguard(0x0, r5)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/nbd5/trace/enable\x00', 0x68041, 0x0)

1.013091402s ago: executing program 7 (id=4822):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x3, 0x0, 0x20)
r0 = socket(0xf, 0x80000, 0x0)
close_range$auto(0x0, 0xffffffffffffffff, 0x2)
memfd_create$auto(&(0x7f00000000c0)='IPVS\x00\x84\x94\xbf\x7f\xe0(\xc7^M\xbe\x92\x98?I\xa5\x95V\xf2{\xd6\xc1\xc4.\xc3ja\xe8\xa1o\xb5-Z\x9dc\x152\xaew`0M\x1b3\r\x8afQ\xc2\x82W?r$\xf0\xce\x7f\x15\xa1\x13\xb2\x84\x04\xad<\x91\x85\xb22G\xf6\x8b\xba<\xe9&\x17%\x1a\xa5c\xe8\x06\xd4ok\x8a\xb2\xbaz\xf1\v\xf4\xaa\xda\x91\xfb\xea\x17~C\xb3\xc4S\xce\x83\x13\xd9\xbd{d\xfdB]\xb0R\x05b\x1b\xa5\xb8\x85\xa9\xbc5-9\x94\xa4QG\x06Z3#\x1cK\xbe\x16\xebaE~\x00\x00\x00\x00\x00', 0xa)
fchmod$auto(0x0, 0x1)
io_uring_setup$auto(0xff, &(0x7f0000000080)={0xffffffad, 0x4, 0x8, 0xffffff01, 0x9, 0x8, r0, [0x6, 0x4, 0xffff8000], {0xcb, 0x8, 0x0, 0x400, 0x9, 0x6, 0x0, 0x8, 0xffff}, {0x33, 0x7, 0xe3d, 0x3, 0x400, 0x7, 0x1, 0xfffffffb, 0x100000000}})
r1 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D1p\x00', 0x800, 0x0)
socket(0x2, 0x1, 0x106)
listen$auto(0x3, 0x81)
poll$auto(&(0x7f0000000d40)={0x3, 0x1, 0xa}, 0x5, 0x400)
shutdown$auto(0x200000003, 0x2)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), r3)
sendmsg$auto_OVS_DP_CMD_GET(r3, &(0x7f0000000200)={0x0, 0xf000, &(0x7f00000000c0)={&(0x7f0000000000)={0x1c, r4, 0x374fe8f90a251713, 0x70bd29, 0x25dfdbfc, {0x3, 0x0, 0xf000}, [@OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8, 0x7, 0xfffffff7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20044010}, 0x20000008)
unshare$auto(0x40000080)
mmap$auto(0xfffffffffffffffc, 0x20009, 0x4010000000df, 0xeb1, 0xffffffffffffffff, 0x80000001)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x1, 0x0)
futex$auto(0x0, 0x8, 0x8, 0x0, 0x0, 0x80000001)
r5 = wait4$auto(0xffffffffffffffff, &(0x7f00000001c0)=0xf15, 0x9, &(0x7f0000000200)={{0xe4a3, 0x1}, {0x3, 0x2}, 0x1, 0x9, 0x4, 0xfffffffffffffff8, 0x4, 0x7a7f, 0x7fff, 0x8, 0x1, 0x0, 0x8000000000000000, 0x6, 0x7, 0x3})
r6 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r7=>0x0})
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r7}, 0x6a)
sendmsg$auto_OVS_DP_CMD_GET(r2, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000340)={&(0x7f0000000500)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="000109000000ffdbdf250300000008000200", @ANYRES32=r5, @ANYBLOB="08400200aff0b825fc3e7f9b77f25e4448fedb8183bbaf57371b06fd9c6fcd1233b3203c66a5eaeca31a0fd4fd596070db423f9c75b40b28971a7227d70f529c370183a9cd695124cbdefd22150e884b09e87403eb8028d4c521317a026cdf2c0dbe598a07892a8f97eca82a0f89ef161bc433debf53346696238b53f7ad4ad69b3f78822a0ddfb53666a60c4ae0c647f575c97f942f3c8dbeced5d1acacdc04253c4a550b49895ac9984801327c94941dade1b4e28a2f502497d041075c3a711572bc597d83f91190d74cc0cc76f50482ad3d629ced", @ANYRESOCT=r4, @ANYBLOB="0800050005000000080007000800000008000900", @ANYRES32=r7, @ANYBLOB="080001002d5d2500"], 0x44}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
ioctl$auto_SNDRV_PCM_IOCTL_STATUS_EXT64(r1, 0xc0984124, 0x0)
bind$auto(r0, &(0x7f0000000040)=@tipc=@name={0x1e, 0x2, 0x2, {{0x1}, 0xffffdfff}}, 0x66)

812.591304ms ago: executing program 6 (id=4823):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000010c0), 0xa02303, 0x0)
r0 = open(&(0x7f0000000800)='./file0\x00', 0xe4201, 0x17c)
fcntl$auto(r0, 0x400, 0x1)
socket(0x1, 0x2, 0x40000008)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0)
setsockopt$auto(0x400000000000003, 0x1, 0x18, 0x0, 0xd902)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd3/queue/iosched/write_expire\x00', 0x20681, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(0x0, r1)
bpf$auto(0x8, &(0x7f00000001c0)=@bpf_attr_0={0x7, 0xb5, 0x10, 0x4, 0x53400000, 0xffffffffffffffff, 0x9, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x2, 0x7, 0x7, 0x6}, 0x10)
r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/038/001\x00', 0xa821, 0x0)
ioctl$auto_USBDEVFS_SUBMITURB32(r2, 0x802c550a, &(0x7f00000001c0)=ANY=[@ANYBLOB="028006800a00000005"])

695.032932ms ago: executing program 0 (id=4824):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000010c0), 0xa02303, 0x0)
r0 = open(&(0x7f0000000800)='./file0\x00', 0xe4201, 0x17c)
r1 = fcntl$auto(r0, 0x400, 0x1)
socket(0x1, 0x2, 0x40000008)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0)
setsockopt$auto(0x400000000000003, 0x1, 0x18, 0x0, 0xd902)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd3/queue/iosched/write_expire\x00', 0x20681, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(0x0, r2)
bpf$auto(0x8, &(0x7f00000001c0)=@bpf_attr_0={0x7, 0xb5, 0x10, 0x4, 0x53400000, 0xffffffffffffffff, 0x9, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x2, 0x7, 0x7, 0x6}, 0x10)
ioctl$auto_SCSI_IOCTL_SEND_COMMAND2(r1, 0x1, &(0x7f0000000080)="cd73875859265c75f209fcd69ff0c83ad2caf924a851800c3481e302d53dc84a78847e760e784c1d629c3201c881ea95df41b2f7175c09404d1d327a5fa00316a97edba5e58b3a3be677a706e5af9083f275fa4ce4c1a0ee94bafc816c2999ad95d9f45d92529f4caf6f9dd57e2dfa")
r3 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/038/001\x00', 0xa821, 0x0)
ioctl$auto_USBDEVFS_SUBMITURB32(r3, 0x802c550a, &(0x7f00000001c0)=ANY=[@ANYBLOB="028006000000000005"])

368.230273ms ago: executing program 6 (id=4825):
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0xc, 0x9c0f, 0x44eb2, 0x10006, 0x300000000000)
socket(0x2, 0x3, 0x6)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer\x00', 0x101000, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x20001c03, &(0x7f00000002c0)={0x0, 0x400000000000c4}, 0x1, 0x0, 0x0, 0x3}, 0x5}, 0x4003, 0x4000)
fcntl$auto(0x3, 0x4, 0xa553)
select$auto(0x7, 0x0, 0x0, 0x0, 0x0)

139.320432ms ago: executing program 5 (id=4826):
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [{0x8ff, 0x400, 0x2}]})
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
socket(0xa, 0x1, 0x0)
setsockopt$auto(0x3, 0x1, 0xf, 0x0, 0x8)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0xffffffffffffff7f, 0x368e, 0x2, {0xffffffff, 0x20000000010000}, 0x5, 0x6, 0xfffffffffffffffd, 0x7, 0x0, 0x9, 0x81, 0xffffffffffff628e, 0xa747, 0xdead, 0x804})
r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB='x\x00\x00', @ANYRES16=r2, @ANYBLOB="01002dbd7000f9dbdf250100000005000d00100000000500070010000000080009009c781e2108000a000800000014001f0000211e789c0000000a00ffff0000000014002000ff01faffffff00000000000000000000060002000100"], 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x400c004)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000180), 0xffffffffffffffff)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card0/oss_mixer\x00', 0x121002, 0x0)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/thread-self/net/rxrpc/calls\x00', 0x40380, 0x0)
pread64$auto(r4, 0x0, 0x10001, 0x830)
mmap$auto(0x0, 0x2020009, 0xaa, 0xeb1, 0xffffffffffffffff, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$auto(0x0, 0x0, 0x6f4)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xf)

99.984348ms ago: executing program 7 (id=4827):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x2006, 0x4)
r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0)
mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8e051, r0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff)
mmap$auto(0x0, 0x400008, 0xdd, 0x9b72, 0x2, 0x8000)
r3 = socket(0x2, 0x5, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x801, 0x0)
openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0)
epoll_create$auto(0x4)
epoll_ctl$auto(0x5, 0x1, r3, 0x0)
setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9)
sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010026bd7000fcdbdf250100000008000200", @ANYRESHEX=r4, @ANYBLOB="080001002e53520008000200", @ANYRES16, @ANYRES32=r4], 0x34}, 0x1, 0x0, 0x0, 0x20000800}, 0x80)
bpf$auto(0xd, 0x0, 0x6f5)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r0, 0x1)
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x480, 0x0)
mprotect$auto(0x0, 0x806121, 0x6)
r5 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
ioctl$auto_PAGEMAP_SCAN(r5, 0xc0606610, 0x0)
mmap$auto(0x800000000000, 0x7fffffffffffffff, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
init_module$auto(0x0, 0xffff9, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x8000000000000000, 0x15)
madvise$auto(0x0, 0x2000000080000001, 0x3)
close_range$auto(r0, r0, 0xc0)
capset$auto(0x0, 0x0)

0s ago: executing program 0 (id=4828):
ioctl$auto_VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f0000000000)=<r0=>0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000012c0)='/sys/devices/virtual/ptp/ptp0/n_vclocks\x00', 0x8502, 0x0)
write$auto(r3, &(0x7f0000000100)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x14\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0x4)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmsg$auto_NL802154_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0}, 0x80)
sendmmsg$auto(0xffffffffffffffff, &(0x7f00000000c0)={{0x0, 0x6, 0x0, 0xa7, &(0x7f0000000040), 0x8000, 0x1}, 0x8}, 0x1, 0x9)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0xff, 0x0, 0x1, 0x3}, 0xed7138c}, 0xb, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000f40)={'batadv0\x00', <r5=>0x0})
sendmsg$auto_BATADV_CMD_SET_MESH(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x24, r2, 0x1, 0x70bd27, 0x25dfdbf9, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
ioctl$auto_SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f0000000380)="f05ebab32c6ff3e8f8935acdebab836cf03ad846b931f048eafbbaa81b28cc36f2b6e06f805083a6227927ed6d67971e168ecc95f72a678b6fea69af0b92a15d66d1d386dc1fd306183df03b065a4da09aa4b982c69988778871b242b85e67df97f3f0fe8b43d915fb93982ae7d97f2a8a53b2f9cb1ff172e079a7a6bde860d3667ef593c572d74322e009820eabcb1f6a5756af1ca15f32498f1bca951b4fb31ea21f902a7dc2c1da21013f7d96729a3b160491558d68e3e46ef0be04e128ead024ad0dccae43931fb6b04ebb32f73a5b846e7fbe522aa81c39b6299bab433735b59abcabec64ab192cdb4adf0a513fd3812f2b04f7739f254f37480205ec")
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r6 = socket(0x2, 0x80802, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$auto(r6, 0x9, 0xffffffffffffffff)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xfffffffe, 0xff, 0x8, 0x1f, 0x7181, 0x1, 0xb099, 0x3, 0x9, 0x9, 0x3, 0x84, 0x1, 0xb4, 0x9, 0x8, 0x10003, 0x81, 0x4, 0x0, 0xc, 0x22004, 0x200, 0x1, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc0, 0x0, 0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x0, 0x0, 0xad3, 0x0, 0x0, 0x400000000000000, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x23, 0x0, 0x0, 0x0, 0x3, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}, 0x1fe, 0xd)
openat$auto_bm_register_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000000), 0x181441, 0x0)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="1000"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0xf7374674b920089e)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)

kernel console output (not intermixed with test programs):

face not active
[ 1360.730513][T26250] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1360.742257][T26250] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1360.768840][T26250] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1360.955320][T13867] bridge_slave_1: left allmulticast mode
[ 1360.961714][T13867] bridge_slave_1: left promiscuous mode
[ 1360.971553][T13867] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1360.993299][T13867] bridge_slave_0: left allmulticast mode
[ 1360.999020][T13867] bridge_slave_0: left promiscuous mode
[ 1361.015836][T25177] Bluetooth: hci4: command tx timeout
[ 1361.019895][T13867] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1361.064225][T26277] usb usb38: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1361.073493][T26277] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[ 1361.889438][T13867] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1361.910222][T13867] bond0 (unregistering): Released all slaves
[ 1362.083091][T26250] hsr_slave_0: entered promiscuous mode
[ 1362.102525][T26250] hsr_slave_1: entered promiscuous mode
[ 1362.109282][T26250] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1362.123904][T26250] Cannot create hsr debugfs directory
[ 1362.129963][T13867] .SR: left promiscuous mode
[ 1362.282482][T13867] tipc: Left network mode
[ 1362.902262][T26295] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4341'.
[ 1363.108866][T25177] Bluetooth: hci4: command tx timeout
[ 1363.639375][T13867] hsr_slave_1: left promiscuous mode
[ 1363.653560][T13867] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1363.683698][T13867] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1363.700086][T13867] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1363.739523][T13867] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1363.819458][T13867] veth1_macvtap: left promiscuous mode
[ 1363.840978][T13867] veth0_macvtap: left promiscuous mode
[ 1363.851408][T13867] veth1_vlan: left promiscuous mode
[ 1363.861229][T13867] veth0_vlan: left promiscuous mode
[ 1364.489937][T25177] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[ 1364.919087][T13867] team0 (unregistering): Port device team_slave_1 removed
[ 1364.987056][T13867] team0 (unregistering): Port device team_slave_0 removed
[ 1365.170910][T25177] Bluetooth: hci4: command tx timeout
[ 1365.503409][T26331] sg_write: data in/out 100663260/181 bytes for SCSI command 0xed-- guessing data in;
[ 1365.503409][T26331]    program syz.4.4345 not setting count and/or reply_len properly
[ 1365.570233][T26327] usb usb38: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1365.581668][T26327] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[ 1365.599386][T26333] Invalid ELF header magic: != ELF
[ 1366.389625][T26250] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1366.516547][T26250] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1366.551501][T26250] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1366.592259][T26250] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1366.938045][T26355] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1367.066169][T26363] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4348'.
[ 1367.251372][T25177] Bluetooth: hci4: command tx timeout
[ 1368.583102][T25177] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[ 1368.937730][T26250] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1369.016717][T26250] 8021q: adding VLAN 0 to HW filter on device team0
[ 1369.045945][T19443] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1369.053164][T19443] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1369.099070][T24513] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1369.106400][T24513] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1369.536708][T26395] openvswitch: .SR: Dropping previously announced user features
[ 1369.624475][T26398] usb usb38: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1369.646460][T26395] Invalid ELF header magic: != ELF
[ 1369.652782][T26398] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[ 1369.716937][T26401] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4356'.
[ 1369.789866][T26401] FAULT_INJECTION: forcing a failure.
[ 1369.789866][T26401] name failslab, interval 1, probability 0, space 0, times 0
[ 1369.832695][T26401] CPU: 0 UID: 0 PID: 26401 Comm: syz.5.4356 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1369.832758][T26401] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1369.832773][T26401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1369.832795][T26401] Call Trace:
[ 1369.832807][T26401]  <TASK>
[ 1369.832820][T26401]  dump_stack_lvl+0x16c/0x1f0
[ 1369.832879][T26401]  should_fail_ex+0x512/0x640
[ 1369.832931][T26401]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[ 1369.832994][T26401]  should_failslab+0xc2/0x120
[ 1369.833041][T26401]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[ 1369.833090][T26401]  ? cache_create_net+0x2b/0x220
[ 1369.833128][T26401]  ? __pfx_nfsd_net_init+0x10/0x10
[ 1369.833162][T26401]  kmemdup_noprof+0x29/0x60
[ 1369.833209][T26401]  cache_create_net+0x2b/0x220
[ 1369.833244][T26401]  ? __pfx_nfsd_net_init+0x10/0x10
[ 1369.833278][T26401]  nfsd_idmap_init+0x62/0x250
[ 1369.833320][T26401]  ? __pfx_nfsd_net_init+0x10/0x10
[ 1369.833352][T26401]  nfsd_net_init+0x69/0x3d0
[ 1369.833387][T26401]  ? __pfx_nfsd_net_init+0x10/0x10
[ 1369.833420][T26401]  ops_init+0x1e2/0x5f0
[ 1369.833471][T26401]  setup_net+0x21e/0x850
[ 1369.833521][T26401]  ? __pfx_setup_net+0x10/0x10
[ 1369.833564][T26401]  ? lockdep_init_map_type+0x5c/0x280
[ 1369.833613][T26401]  ? __pfx_down_read_killable+0x10/0x10
[ 1369.833655][T26401]  ? debug_mutex_init+0x37/0x70
[ 1369.833693][T26401]  copy_net_ns+0x2a6/0x5f0
[ 1369.833748][T26401]  create_new_namespaces+0x3ea/0xad0
[ 1369.833800][T26401]  unshare_nsproxy_namespaces+0xc0/0x1f0
[ 1369.833844][T26401]  ksys_unshare+0x45b/0xa40
[ 1369.833892][T26401]  ? __pfx_ksys_unshare+0x10/0x10
[ 1369.833936][T26401]  ? xfd_validate_state+0x5d/0x180
[ 1369.833980][T26401]  ? rcu_is_watching+0x12/0xc0
[ 1369.834025][T26401]  __x64_sys_unshare+0x31/0x40
[ 1369.834072][T26401]  do_syscall_64+0xcd/0x230
[ 1369.834128][T26401]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1369.834162][T26401] RIP: 0033:0x7f6e32f8e969
[ 1369.834190][T26401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1369.834223][T26401] RSP: 002b:00007f6e30df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1369.834256][T26401] RAX: ffffffffffffffda RBX: 00007f6e331b5fa0 RCX: 00007f6e32f8e969
[ 1369.834278][T26401] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1369.834299][T26401] RBP: 00007f6e33010ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1369.834320][T26401] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1369.834341][T26401] R13: 0000000000000000 R14: 00007f6e331b5fa0 R15: 00007ffd509ed778
[ 1369.834386][T26401]  </TASK>
[ 1370.100821][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1370.527606][T26250] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1370.703196][T26250] veth0_vlan: entered promiscuous mode
[ 1370.766084][T26250] veth1_vlan: entered promiscuous mode
[ 1370.787886][T26410] could not allocate digest TFM handle 
[ 1370.933811][T26418] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4358'.
[ 1370.994213][T26395] could not allocate digest TFM handle 
[ 1371.274677][T26250] veth0_macvtap: entered promiscuous mode
[ 1371.364061][T26250] veth1_macvtap: entered promiscuous mode
[ 1371.485950][T26250] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1372.314662][T26250] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1372.353679][T26250] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1372.400862][T26250] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1372.416987][T26250] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1372.448345][T26250] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1372.748870][T26432] Invalid ELF header magic: != ELF
[ 1372.930528][T26430] openvswitch: .SR: Dropping previously announced user features
[ 1373.039328][T24507] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1373.116928][T24507] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1373.302925][T24507] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1373.339682][T24507] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1373.655102][T26430] could not allocate digest TFM handle 
[ 1373.661120][T26432] could not allocate digest TFM handle 
[ 1375.000976][T26467] usb usb38: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1375.008740][T26467] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[ 1375.302530][T26470] device-mapper: ioctl: Invalid data size in the ioctl structure: 0
[ 1375.779728][T25177] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[ 1376.702384][T26486] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4369'.
[ 1376.741101][T26488] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4371'.
[ 1377.492663][T26502] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4372'.
[ 1378.534566][T26504] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4370'.
[ 1380.378933][T26533] FAULT_INJECTION: forcing a failure.
[ 1380.378933][T26533] name failslab, interval 1, probability 0, space 0, times 0
[ 1380.427867][T26533] CPU: 0 UID: 0 PID: 26533 Comm: syz.0.4377 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1380.427925][T26533] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1380.427939][T26533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1380.427960][T26533] Call Trace:
[ 1380.427983][T26533]  <TASK>
[ 1380.427999][T26533]  dump_stack_lvl+0x16c/0x1f0
[ 1380.428061][T26533]  should_fail_ex+0x512/0x640
[ 1380.428114][T26533]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 1380.428157][T26533]  should_failslab+0xc2/0x120
[ 1380.428203][T26533]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1380.428241][T26533]  ? lockdep_init_map_type+0x5c/0x280
[ 1380.428289][T26533]  ? rfkill_fop_open+0x1b6/0x750
[ 1380.428340][T26533]  ? __pfx_rfkill_fop_open+0x10/0x10
[ 1380.428380][T26533]  rfkill_fop_open+0x1b6/0x750
[ 1380.428430][T26533]  ? __pfx_rfkill_fop_open+0x10/0x10
[ 1380.428476][T26533]  misc_open+0x35d/0x420
[ 1380.428511][T26533]  ? __pfx_misc_open+0x10/0x10
[ 1380.428545][T26533]  chrdev_open+0x234/0x6a0
[ 1380.428585][T26533]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1380.428634][T26533]  ? __pfx_chrdev_open+0x10/0x10
[ 1380.428678][T26533]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 1380.428742][T26533]  do_dentry_open+0x744/0x1c10
[ 1380.428782][T26533]  ? __pfx_chrdev_open+0x10/0x10
[ 1380.428831][T26533]  vfs_open+0x82/0x3f0
[ 1380.428884][T26533]  path_openat+0x1e5e/0x2d40
[ 1380.428938][T26533]  ? __pfx_path_openat+0x10/0x10
[ 1380.428998][T26533]  do_filp_open+0x20b/0x470
[ 1380.429036][T26533]  ? __pfx_do_filp_open+0x10/0x10
[ 1380.429108][T26533]  ? alloc_fd+0x471/0x7d0
[ 1380.429178][T26533]  do_sys_openat2+0x11b/0x1d0
[ 1380.429229][T26533]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1380.429298][T26533]  __x64_sys_openat+0x174/0x210
[ 1380.429349][T26533]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1380.429403][T26533]  ? rcu_is_watching+0x12/0xc0
[ 1380.429453][T26533]  do_syscall_64+0xcd/0x230
[ 1380.429513][T26533]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1380.429551][T26533] RIP: 0033:0x7f542858e969
[ 1380.429578][T26533] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1380.429614][T26533] RSP: 002b:00007f54294c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1380.429648][T26533] RAX: ffffffffffffffda RBX: 00007f54287b5fa0 RCX: 00007f542858e969
[ 1380.429673][T26533] RDX: 0000000000000400 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 1380.429696][T26533] RBP: 00007f5428610ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1380.429719][T26533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1380.429740][T26533] R13: 0000000000000000 R14: 00007f54287b5fa0 R15: 00007ffeeb7ebeb8
[ 1380.429787][T26533]  </TASK>
[ 1381.378601][T26552] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input83
[ 1382.094279][T26574] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4384'.
[ 1382.105861][T26573] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4383'.
[ 1383.664409][T26580] openvswitch: .SR: Dropping previously announced user features
[ 1383.705766][T26588] Invalid ELF header magic: != ELF
[ 1384.208419][T26580] could not allocate digest TFM handle 
[ 1384.215499][T26586] could not allocate digest TFM handle 
[ 1384.706005][T26602] bond0: option all_slaves_active: invalid value ()
[ 1385.166162][T26622] FAULT_INJECTION: forcing a failure.
[ 1385.166162][T26622] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1385.183473][T26622] CPU: 1 UID: 0 PID: 26622 Comm: syz.0.4394 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1385.183529][T26622] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1385.183549][T26622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1385.183569][T26622] Call Trace:
[ 1385.183580][T26622]  <TASK>
[ 1385.183592][T26622]  dump_stack_lvl+0x16c/0x1f0
[ 1385.183648][T26622]  should_fail_ex+0x512/0x640
[ 1385.183704][T26622]  _copy_from_user+0x2e/0xd0
[ 1385.183759][T26622]  copy_msghdr_from_user+0x98/0x160
[ 1385.183801][T26622]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1385.183851][T26622]  ? __pfx__kstrtoull+0x10/0x10
[ 1385.183901][T26622]  ___sys_sendmsg+0xfe/0x1d0
[ 1385.183946][T26622]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1385.184007][T26622]  ? find_held_lock+0x2b/0x80
[ 1385.184069][T26622]  __sys_sendmmsg+0x200/0x420
[ 1385.184116][T26622]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1385.184172][T26622]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1385.184243][T26622]  ? fput+0x70/0xf0
[ 1385.184284][T26622]  ? ksys_write+0x1b9/0x240
[ 1385.184317][T26622]  ? __pfx_ksys_write+0x10/0x10
[ 1385.184348][T26622]  ? rcu_is_watching+0x12/0xc0
[ 1385.184388][T26622]  __x64_sys_sendmmsg+0x9c/0x100
[ 1385.184428][T26622]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1385.184479][T26622]  do_syscall_64+0xcd/0x230
[ 1385.184532][T26622]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1385.184573][T26622] RIP: 0033:0x7f542858e969
[ 1385.184599][T26622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1385.184631][T26622] RSP: 002b:00007f54294c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1385.184662][T26622] RAX: ffffffffffffffda RBX: 00007f54287b5fa0 RCX: 00007f542858e969
[ 1385.184684][T26622] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000006
[ 1385.184705][T26622] RBP: 00007f54294c0090 R08: 0000000000000000 R09: 0000000000000000
[ 1385.184725][T26622] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001
[ 1385.184745][T26622] R13: 0000000000000000 R14: 00007f54287b5fa0 R15: 00007ffeeb7ebeb8
[ 1385.184787][T26622]  </TASK>
[ 1386.275172][T26645] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4397'.
[ 1386.858581][T26642] Invalid ELF header magic: != ELF
[ 1387.471274][T26656] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4399'.
[ 1388.152080][T26642] could not allocate digest TFM handle 
[ 1388.181356][T26639] could not allocate digest TFM handle 
[ 1389.070252][T26671] Invalid ELF header magic: != ELF
[ 1390.183203][T26691] bridge0: port 3(ipvlan1) entered blocking state
[ 1390.211303][T26691] bridge0: port 3(ipvlan1) entered disabled state
[ 1390.224398][T26691] ipvlan1: entered allmulticast mode
[ 1390.239856][T26691] veth0_vlan: entered allmulticast mode
[ 1390.266230][T26691] ipvlan1: left allmulticast mode
[ 1390.290898][T26691] veth0_vlan: left allmulticast mode
[ 1390.464205][T26697] FAULT_INJECTION: forcing a failure.
[ 1390.464205][T26697] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1390.510828][T26697] CPU: 1 UID: 0 PID: 26697 Comm: syz.6.4406 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1390.510883][T26697] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1390.510897][T26697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1390.510916][T26697] Call Trace:
[ 1390.510928][T26697]  <TASK>
[ 1390.510940][T26697]  dump_stack_lvl+0x16c/0x1f0
[ 1390.511003][T26697]  should_fail_ex+0x512/0x640
[ 1390.511058][T26697]  _copy_from_user+0x2e/0xd0
[ 1390.511113][T26697]  ____sys_sendmsg+0x607/0xc70
[ 1390.511169][T26697]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1390.511227][T26697]  ? __pfx__kstrtoull+0x10/0x10
[ 1390.511278][T26697]  ___sys_sendmsg+0x134/0x1d0
[ 1390.511322][T26697]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1390.511382][T26697]  ? find_held_lock+0x2b/0x80
[ 1390.511443][T26697]  __sys_sendmmsg+0x200/0x420
[ 1390.511489][T26697]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1390.511545][T26697]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1390.511613][T26697]  ? fput+0x70/0xf0
[ 1390.511654][T26697]  ? ksys_write+0x1b9/0x240
[ 1390.511685][T26697]  ? __pfx_ksys_write+0x10/0x10
[ 1390.511716][T26697]  ? rcu_is_watching+0x12/0xc0
[ 1390.511761][T26697]  __x64_sys_sendmmsg+0x9c/0x100
[ 1390.511803][T26697]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1390.511850][T26697]  do_syscall_64+0xcd/0x230
[ 1390.511905][T26697]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1390.511939][T26697] RIP: 0033:0x7f22be18e969
[ 1390.511965][T26697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1390.512004][T26697] RSP: 002b:00007f22bbff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1390.512034][T26697] RAX: ffffffffffffffda RBX: 00007f22be3b5fa0 RCX: 00007f22be18e969
[ 1390.512057][T26697] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000006
[ 1390.512077][T26697] RBP: 00007f22bbff6090 R08: 0000000000000000 R09: 0000000000000000
[ 1390.512097][T26697] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001
[ 1390.512116][T26697] R13: 0000000000000000 R14: 00007f22be3b5fa0 R15: 00007ffec9468b68
[ 1390.512158][T26697]  </TASK>
[ 1390.962382][T26705] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4408'.
[ 1391.194535][T26706] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input85
[ 1391.466473][T26712] input: f¬
 as /devices/virtual/input/input86
[ 1391.568746][T26715] input: f¬
 as /devices/virtual/input/input87
[ 1392.277571][T26725] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4411'.
[ 1392.587683][T26733] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4412'.
[ 1393.222814][T26737] Invalid ELF header magic: != ELF
[ 1394.031267][T26738] could not allocate digest TFM handle 
[ 1394.298556][T26734] could not allocate digest TFM handle 
[ 1394.686160][T26765] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4417'.
[ 1395.001476][T26758] vivid-003: =================  START STATUS  =================
[ 1395.019132][T26769] FAULT_INJECTION: forcing a failure.
[ 1395.019132][T26769] name failslab, interval 1, probability 0, space 0, times 0
[ 1395.031985][T26758] vivid-003: Radio HW Seek Mode: Bounded
[ 1395.037720][T26758] vivid-003: Radio Programmable HW Seek: false
[ 1395.064537][T26758] vivid-003: RDS Rx I/O Mode: Block I/O
[ 1395.070518][T26769] CPU: 0 UID: 0 PID: 26769 Comm: syz.5.4419 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1395.070557][T26769] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1395.070566][T26769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1395.070580][T26769] Call Trace:
[ 1395.070588][T26769]  <TASK>
[ 1395.070597][T26769]  dump_stack_lvl+0x16c/0x1f0
[ 1395.070646][T26769]  should_fail_ex+0x512/0x640
[ 1395.070693][T26769]  ? fs_reclaim_acquire+0xae/0x150
[ 1395.070741][T26769]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1395.070789][T26769]  should_failslab+0xc2/0x120
[ 1395.070820][T26769]  __kmalloc_noprof+0xd2/0x510
[ 1395.070854][T26769]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1395.070894][T26769]  ? tomoyo_profile+0x47/0x60
[ 1395.070920][T26769]  tomoyo_path_number_perm+0x245/0x580
[ 1395.070950][T26769]  ? tomoyo_path_number_perm+0x237/0x580
[ 1395.070983][T26769]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1395.071017][T26769]  ? find_held_lock+0x2b/0x80
[ 1395.071069][T26769]  ? find_held_lock+0x2b/0x80
[ 1395.071092][T26769]  ? hook_file_ioctl_common+0x145/0x410
[ 1395.071129][T26769]  ? __fget_files+0x20e/0x3c0
[ 1395.071157][T26769]  security_file_ioctl+0x9b/0x240
[ 1395.071193][T26769]  __x64_sys_ioctl+0xb7/0x200
[ 1395.071231][T26769]  do_syscall_64+0xcd/0x230
[ 1395.071271][T26769]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1395.071297][T26769] RIP: 0033:0x7f6e32f8e969
[ 1395.071316][T26769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1395.071341][T26769] RSP: 002b:00007f6e30df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1395.071364][T26769] RAX: ffffffffffffffda RBX: 00007f6e331b5fa0 RCX: 00007f6e32f8e969
[ 1395.071381][T26769] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000004
[ 1395.071396][T26769] RBP: 00007f6e30df6090 R08: 0000000000000000 R09: 0000000000000000
[ 1395.071411][T26769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1395.071426][T26769] R13: 0000000000000000 R14: 00007f6e331b5fa0 R15: 00007ffd509ed778
[ 1395.071457][T26769]  </TASK>
[ 1395.307831][T26758] vivid-003: Generate RBDS Instead of RDS: false
[ 1395.314531][T26758] vivid-003: RDS Reception: true
[ 1395.341229][T26758] vivid-003: RDS Program Type: 0 inactive
[ 1395.347234][T26758] vivid-003: RDS PS Name:  inactive
[ 1395.356888][T26758] vivid-003: RDS Radio Text:  inactive
[ 1395.413200][T26769] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1395.438363][T26769] input: f¬
 as /devices/virtual/input/input88
[ 1395.469345][T26758] vivid-003: RDS Traffic Announcement: false inactive
[ 1395.581199][T26758] vivid-003: RDS Traffic Program: false inactive
[ 1395.619054][T26758] vivid-003: RDS Music: false inactive
[ 1395.638650][T26758] vivid-003: ==================  END STATUS  ==================
[ 1396.216058][T26780] FAULT_INJECTION: forcing a failure.
[ 1396.216058][T26780] name failslab, interval 1, probability 0, space 0, times 0
[ 1396.239910][T26780] CPU: 1 UID: 5 PID: 26780 Comm: syz.5.4421 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1396.239971][T26780] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1396.239987][T26780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1396.240008][T26780] Call Trace:
[ 1396.240019][T26780]  <TASK>
[ 1396.240032][T26780]  dump_stack_lvl+0x16c/0x1f0
[ 1396.240089][T26780]  should_fail_ex+0x512/0x640
[ 1396.240138][T26780]  ? fs_reclaim_acquire+0xae/0x150
[ 1396.240192][T26780]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1396.240242][T26780]  should_failslab+0xc2/0x120
[ 1396.240295][T26780]  __kmalloc_noprof+0xd2/0x510
[ 1396.240345][T26780]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1396.240407][T26780]  tomoyo_check_open_permission+0x2ab/0x3c0
[ 1396.240450][T26780]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1396.240500][T26780]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 1396.240592][T26780]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1396.240656][T26780]  tomoyo_file_open+0x6b/0x90
[ 1396.240696][T26780]  security_file_open+0x84/0x1e0
[ 1396.240746][T26780]  do_dentry_open+0x596/0x1c10
[ 1396.240797][T26780]  vfs_open+0x82/0x3f0
[ 1396.240848][T26780]  path_openat+0x1e5e/0x2d40
[ 1396.240901][T26780]  ? __pfx_path_openat+0x10/0x10
[ 1396.240949][T26780]  do_filp_open+0x20b/0x470
[ 1396.240986][T26780]  ? __pfx_do_filp_open+0x10/0x10
[ 1396.241053][T26780]  ? alloc_fd+0x471/0x7d0
[ 1396.241122][T26780]  do_sys_openat2+0x11b/0x1d0
[ 1396.241171][T26780]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1396.241223][T26780]  ? __pfx___might_resched+0x10/0x10
[ 1396.241282][T26780]  __x64_sys_openat+0x174/0x210
[ 1396.241332][T26780]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1396.241385][T26780]  ? rcu_is_watching+0x12/0xc0
[ 1396.241432][T26780]  do_syscall_64+0xcd/0x230
[ 1396.241489][T26780]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1396.241524][T26780] RIP: 0033:0x7f6e32f8e969
[ 1396.241553][T26780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1396.241588][T26780] RSP: 002b:00007f6e30df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1396.241621][T26780] RAX: ffffffffffffffda RBX: 00007f6e331b5fa0 RCX: 00007f6e32f8e969
[ 1396.241644][T26780] RDX: 0000000000000000 RSI: 0000200000000240 RDI: ffffffffffffff9c
[ 1396.241667][T26780] RBP: 00007f6e33010ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1396.241689][T26780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1396.241710][T26780] R13: 0000000000000000 R14: 00007f6e331b5fa0 R15: 00007ffd509ed778
[ 1396.241754][T26780]  </TASK>
[ 1396.262195][T26781] input: f¬
 as /devices/virtual/input/input90
[ 1396.417911][T26780] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1396.514499][   T30] audit: type=1804 audit(6302182331.426:202): pid=26784 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.4421" name="/newroot/238/file0" dev="tmpfs" ino=1250 res=1 errno=0
[ 1396.560841][   T30] audit: type=1800 audit(6302182331.426:203): pid=26784 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.4421" name="file0" dev="tmpfs" ino=1250 res=0 errno=0
[ 1396.741189][T26793] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4423'.
[ 1397.893825][T26805] bond0: option all_slaves_active: invalid value ()
[ 1398.041911][T26810] FAULT_INJECTION: forcing a failure.
[ 1398.041911][T26810] name failslab, interval 1, probability 0, space 0, times 0
[ 1398.058173][T26811] input: f¬
 as /devices/virtual/input/input91
[ 1398.089378][T26810] CPU: 0 UID: 0 PID: 26810 Comm: syz.0.4429 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1398.089431][T26810] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1398.089442][T26810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1398.089457][T26810] Call Trace:
[ 1398.089465][T26810]  <TASK>
[ 1398.089475][T26810]  dump_stack_lvl+0x16c/0x1f0
[ 1398.089520][T26810]  should_fail_ex+0x512/0x640
[ 1398.089558][T26810]  ? __kmalloc_noprof+0xbf/0x510
[ 1398.089589][T26810]  ? lsm_blob_alloc+0x68/0x90
[ 1398.089611][T26810]  should_failslab+0xc2/0x120
[ 1398.089644][T26810]  __kmalloc_noprof+0xd2/0x510
[ 1398.089679][T26810]  lsm_blob_alloc+0x68/0x90
[ 1398.089703][T26810]  security_sk_alloc+0x30/0x270
[ 1398.089733][T26810]  sk_prot_alloc+0xfb/0x2a0
[ 1398.089774][T26810]  sk_alloc+0x36/0xc20
[ 1398.089803][T26810]  tipc_sk_create+0xcf/0x21a0
[ 1398.089839][T26810]  ? find_held_lock+0x2b/0x80
[ 1398.089865][T26810]  ? __sock_create+0x2f2/0x8d0
[ 1398.089908][T26810]  __sock_create+0x335/0x8d0
[ 1398.089953][T26810]  __sys_socketpair+0x25c/0x5a0
[ 1398.089979][T26810]  ? __pfx___sys_socketpair+0x10/0x10
[ 1398.090004][T26810]  ? xfd_validate_state+0x5d/0x180
[ 1398.090030][T26810]  ? rcu_is_watching+0x12/0xc0
[ 1398.090059][T26810]  __x64_sys_socketpair+0x96/0x100
[ 1398.090085][T26810]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1398.090122][T26810]  do_syscall_64+0xcd/0x230
[ 1398.090163][T26810]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1398.090188][T26810] RIP: 0033:0x7f542858e969
[ 1398.090208][T26810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1398.090233][T26810] RSP: 002b:00007f54294c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[ 1398.090257][T26810] RAX: ffffffffffffffda RBX: 00007f54287b5fa0 RCX: 00007f542858e969
[ 1398.090274][T26810] RDX: 8000000000000000 RSI: 0000000000000004 RDI: 000000000000001e
[ 1398.090290][T26810] RBP: 00007f5428610ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1398.090306][T26810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1398.090328][T26810] R13: 0000000000000000 R14: 00007f54287b5fa0 R15: 00007ffeeb7ebeb8
[ 1398.090359][T26810]  </TASK>
[ 1398.809501][T26818] random: crng reseeded on system resumption
[ 1399.209296][T24509] bridge_slave_1: left allmulticast mode
[ 1399.220954][T24509] bridge_slave_1: left promiscuous mode
[ 1399.226841][T24509] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1399.292611][T24509] bridge_slave_0: left allmulticast mode
[ 1399.298785][T24509] bridge_slave_0: left promiscuous mode
[ 1399.341676][T24509] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1399.421936][T26828] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4432'.
[ 1400.167954][T20106] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1400.201811][T20106] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1400.215301][T20106] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1400.235364][T20106] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1400.251332][T20106] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1400.367752][T24509] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1400.413748][T24509] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1400.424935][T24509] bond0 (unregistering): Released all slaves
[ 1400.520288][T24509] .SR: left promiscuous mode
[ 1400.598610][T26843] netlink: zone id is out of range
[ 1400.621624][T26843] netlink: zone id is out of range
[ 1400.657425][T26843] netlink: zone id is out of range
[ 1400.681666][T26843] netlink: zone id is out of range
[ 1400.687339][T26843] netlink: zone id is out of range
[ 1400.695064][T26843] netlink: zone id is out of range
[ 1400.700426][T26843] netlink: zone id is out of range
[ 1400.706841][T26843] netlink: zone id is out of range
[ 1400.712620][T26843] netlink: zone id is out of range
[ 1400.719615][T26843] netlink: zone id is out of range
[ 1400.951555][T26851] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4438'.
[ 1401.009390][T26850] input: f¬
 as /devices/virtual/input/input92
[ 1401.672031][T24509] hsr_slave_0: left promiscuous mode
[ 1401.690205][T24509] hsr_slave_1: left promiscuous mode
[ 1401.713839][T24509] veth0_macvtap: left promiscuous mode
[ 1402.376468][T20106] Bluetooth: hci0: command tx timeout
[ 1403.220161][T26874] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4444'.
[ 1403.315135][T24509] team0 (unregistering): Port device team_slave_1 removed
[ 1403.413891][T26877] FAULT_INJECTION: forcing a failure.
[ 1403.413891][T26877] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1403.440425][T26877] CPU: 1 UID: 0 PID: 26877 Comm: syz.5.4445 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1403.440483][T26877] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1403.440494][T26877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1403.440510][T26877] Call Trace:
[ 1403.440519][T26877]  <TASK>
[ 1403.440529][T26877]  dump_stack_lvl+0x16c/0x1f0
[ 1403.440574][T26877]  should_fail_ex+0x512/0x640
[ 1403.440620][T26877]  should_fail_alloc_page+0xe7/0x130
[ 1403.440668][T26877]  prepare_alloc_pages+0x3c2/0x610
[ 1403.440723][T26877]  ? rcu_is_watching+0x12/0xc0
[ 1403.440760][T26877]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[ 1403.440803][T26877]  ? lock_acquire+0x179/0x350
[ 1403.440854][T26877]  ? find_held_lock+0x2b/0x80
[ 1403.440891][T26877]  ? free_unref_folios+0x108d/0x1630
[ 1403.440938][T26877]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1403.440987][T26877]  ? __lock_acquire+0x5ca/0x1ba0
[ 1403.441024][T26877]  ? __lock_acquire+0x5ca/0x1ba0
[ 1403.441059][T26877]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1403.441098][T26877]  ? policy_nodemask+0xea/0x4e0
[ 1403.441133][T26877]  alloc_pages_mpol+0x1fb/0x550
[ 1403.441168][T26877]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1403.441203][T26877]  ? __lock_acquire+0x5ca/0x1ba0
[ 1403.441242][T26877]  folio_alloc_mpol_noprof+0x36/0x2f0
[ 1403.441283][T26877]  vma_alloc_folio_noprof+0xed/0x1e0
[ 1403.441321][T26877]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 1403.441370][T26877]  do_pte_missing+0x223d/0x3fb0
[ 1403.441409][T26877]  __handle_mm_fault+0x103d/0x2a40
[ 1403.441446][T26877]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1403.441472][T26877]  ? __pte_offset_map_lock+0x155/0x2f0
[ 1403.441510][T26877]  ? find_held_lock+0x2b/0x80
[ 1403.441534][T26877]  ? find_held_lock+0x2b/0x80
[ 1403.441579][T26877]  handle_mm_fault+0x3fe/0xad0
[ 1403.441612][T26877]  __get_user_pages+0x771/0x36f0
[ 1403.441670][T26877]  ? __pfx_mt_find+0x10/0x10
[ 1403.441696][T26877]  ? __pfx___get_user_pages+0x10/0x10
[ 1403.441751][T26877]  populate_vma_page_range+0x278/0x3a0
[ 1403.441779][T26877]  ? __pfx_populate_vma_page_range+0x10/0x10
[ 1403.441805][T26877]  ? __pfx_find_vma_intersection+0x10/0x10
[ 1403.441848][T26877]  ? do_mmap+0x69c/0x11b0
[ 1403.441891][T26877]  __mm_populate+0x1d8/0x380
[ 1403.441918][T26877]  ? __pfx___mm_populate+0x10/0x10
[ 1403.441946][T26877]  ? up_write+0x1b2/0x520
[ 1403.441988][T26877]  vm_mmap_pgoff+0x362/0x450
[ 1403.442032][T26877]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1403.442079][T26877]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1403.442107][T26877]  ? __x64_sys_futex+0x1e9/0x4c0
[ 1403.442140][T26877]  ksys_mmap_pgoff+0x7d/0x5c0
[ 1403.442180][T26877]  ? rcu_is_watching+0x12/0xc0
[ 1403.442208][T26877]  __x64_sys_mmap+0x125/0x190
[ 1403.442237][T26877]  do_syscall_64+0xcd/0x230
[ 1403.442281][T26877]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1403.442309][T26877] RIP: 0033:0x7f6e32f8e969
[ 1403.442330][T26877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1403.442357][T26877] RSP: 002b:00007f6e30df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1403.442382][T26877] RAX: ffffffffffffffda RBX: 00007f6e331b5fa0 RCX: 00007f6e32f8e969
[ 1403.442400][T26877] RDX: 00000000000000df RSI: 0000000000040009 RDI: 0000000000000000
[ 1403.442417][T26877] RBP: 00007f6e33010ab1 R08: 0000000000000007 R09: 0000000000028000
[ 1403.442433][T26877] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[ 1403.442450][T26877] R13: 0000000000000000 R14: 00007f6e331b5fa0 R15: 00007ffd509ed778
[ 1403.442482][T26877]  </TASK>
[ 1403.812520][T24509] team0 (unregistering): Port device team_slave_0 removed
[ 1404.450949][T20106] Bluetooth: hci0: command tx timeout
[ 1404.591354][T26838] chnl_net:caif_netlink_parms(): no params data found
[ 1404.860940][T26838] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1404.869253][T26838] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1404.888955][T26838] bridge_slave_0: entered allmulticast mode
[ 1404.897705][T26838] bridge_slave_0: entered promiscuous mode
[ 1404.927055][T26838] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1404.940925][T26838] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1404.948407][T26838] bridge_slave_1: entered allmulticast mode
[ 1404.959245][T26838] bridge_slave_1: entered promiscuous mode
[ 1405.058025][T26885] Invalid ELF header magic: != ELF
[ 1405.125105][T26838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1405.176955][T26838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1405.359937][T26838] team0: Port device team_slave_0 added
[ 1405.403351][T26838] team0: Port device team_slave_1 added
[ 1405.405508][T26892] input: f¬
 as /devices/virtual/input/input93
[ 1405.455189][T26890] Invalid ELF header magic: != ELF
[ 1405.611948][T26838] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1405.639492][T26838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1405.674128][T26893] could not allocate digest TFM handle 
[ 1405.710856][T26838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1405.755267][T26838] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1405.768192][T26885] could not allocate digest TFM handle 
[ 1405.778565][T26838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1405.839672][T26838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1406.029099][T26838] hsr_slave_0: entered promiscuous mode
[ 1406.045921][T26902] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4450'.
[ 1406.046511][T26838] hsr_slave_1: entered promiscuous mode
[ 1406.077815][T26902] FAULT_INJECTION: forcing a failure.
[ 1406.077815][T26902] name failslab, interval 1, probability 0, space 0, times 0
[ 1406.115225][T26902] CPU: 1 UID: 0 PID: 26902 Comm: syz.0.4450 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1406.115285][T26902] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1406.115301][T26902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1406.115321][T26902] Call Trace:
[ 1406.115332][T26902]  <TASK>
[ 1406.115346][T26902]  dump_stack_lvl+0x16c/0x1f0
[ 1406.115406][T26902]  should_fail_ex+0x512/0x640
[ 1406.115458][T26902]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1406.115504][T26902]  should_failslab+0xc2/0x120
[ 1406.115549][T26902]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1406.115588][T26902]  ? __proc_create+0xc3/0x8c0
[ 1406.115635][T26902]  ? __proc_create+0x2ce/0x8c0
[ 1406.115682][T26902]  __proc_create+0x2ce/0x8c0
[ 1406.115723][T26902]  ? __pfx___proc_create+0x10/0x10
[ 1406.115769][T26902]  ? _raw_write_unlock+0x28/0x50
[ 1406.115817][T26902]  ? proc_register+0x314/0x5f0
[ 1406.115862][T26902]  proc_create_reg+0x7d/0x180
[ 1406.115907][T26902]  proc_create_data+0x86/0x110
[ 1406.115950][T26902]  ? __pfx_proc_create_data+0x10/0x10
[ 1406.115996][T26902]  ? cache_register_net+0x137/0x5e0
[ 1406.116043][T26902]  cache_register_net+0x2d6/0x5e0
[ 1406.116088][T26902]  nfsd_idmap_init+0xb6/0x250
[ 1406.116131][T26902]  ? __pfx_nfsd_net_init+0x10/0x10
[ 1406.116163][T26902]  nfsd_net_init+0x69/0x3d0
[ 1406.116198][T26902]  ? __pfx_nfsd_net_init+0x10/0x10
[ 1406.116231][T26902]  ops_init+0x1e2/0x5f0
[ 1406.116283][T26902]  setup_net+0x21e/0x850
[ 1406.116332][T26902]  ? __pfx_setup_net+0x10/0x10
[ 1406.116376][T26902]  ? lockdep_init_map_type+0x5c/0x280
[ 1406.116427][T26902]  ? __pfx_down_read_killable+0x10/0x10
[ 1406.116469][T26902]  ? debug_mutex_init+0x37/0x70
[ 1406.116509][T26902]  copy_net_ns+0x2a6/0x5f0
[ 1406.116566][T26902]  create_new_namespaces+0x3ea/0xad0
[ 1406.116625][T26902]  unshare_nsproxy_namespaces+0xc0/0x1f0
[ 1406.116673][T26902]  ksys_unshare+0x45b/0xa40
[ 1406.116724][T26902]  ? __pfx_ksys_unshare+0x10/0x10
[ 1406.116770][T26902]  ? xfd_validate_state+0x5d/0x180
[ 1406.116806][T26902]  ? rcu_is_watching+0x12/0xc0
[ 1406.116852][T26902]  __x64_sys_unshare+0x31/0x40
[ 1406.116900][T26902]  do_syscall_64+0xcd/0x230
[ 1406.116956][T26902]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1406.116991][T26902] RIP: 0033:0x7f542858e969
[ 1406.117019][T26902] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1406.117055][T26902] RSP: 002b:00007f54294c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1406.117087][T26902] RAX: ffffffffffffffda RBX: 00007f54287b5fa0 RCX: 00007f542858e969
[ 1406.117109][T26902] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1406.117130][T26902] RBP: 00007f5428610ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1406.117151][T26902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1406.117207][T26902] R13: 0000000000000000 R14: 00007f54287b5fa0 R15: 00007ffeeb7ebeb8
[ 1406.117253][T26902]  </TASK>
[ 1406.464379][T26888] could not allocate digest TFM handle 
[ 1406.536943][T20106] Bluetooth: hci0: command tx timeout
[ 1406.558269][T26890] could not allocate digest TFM handle 
[ 1406.593559][T26911] netlink: 342 bytes leftover after parsing attributes in process `syz.5.4452'.
[ 1406.817469][T26911] netlink: 342 bytes leftover after parsing attributes in process `syz.5.4452'.
[ 1406.835865][T26910] ima: policy update failed
[ 1406.861121][   T30] audit: type=1802 audit(6302182341.776:204): pid=26910 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.5.4452" res=0 errno=0
[ 1407.339040][T26838] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1407.372570][T26927] FAULT_INJECTION: forcing a failure.
[ 1407.372570][T26927] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1407.381753][T26838] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1407.398100][T26927] CPU: 0 UID: 0 PID: 26927 Comm: syz.5.4456 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1407.398158][T26927] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1407.398172][T26927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1407.398193][T26927] Call Trace:
[ 1407.398205][T26927]  <TASK>
[ 1407.398218][T26927]  dump_stack_lvl+0x16c/0x1f0
[ 1407.398277][T26927]  should_fail_ex+0x512/0x640
[ 1407.398336][T26927]  _copy_from_iter+0x477/0x15b0
[ 1407.398403][T26927]  ? __pfx__copy_from_iter+0x10/0x10
[ 1407.398455][T26927]  ? kmem_cache_alloc_noprof+0x21e/0x3b0
[ 1407.398503][T26927]  ? __asan_memset+0x23/0x50
[ 1407.398537][T26927]  ? __build_skb_around+0x278/0x3b0
[ 1407.398574][T26927]  ? __build_skb+0x6e/0x90
[ 1407.398613][T26927]  ? is_vmalloc_addr+0x30/0x40
[ 1407.398660][T26927]  netlink_sendmsg+0x829/0xdd0
[ 1407.398717][T26927]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1407.398781][T26927]  ____sys_sendmsg+0xa95/0xc70
[ 1407.398839][T26927]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1407.398900][T26927]  ? __pfx__kstrtoull+0x10/0x10
[ 1407.398953][T26927]  ___sys_sendmsg+0x134/0x1d0
[ 1407.398999][T26927]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1407.399063][T26927]  ? find_held_lock+0x2b/0x80
[ 1407.399127][T26927]  __sys_sendmmsg+0x200/0x420
[ 1407.399175][T26927]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1407.399232][T26927]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1407.399306][T26927]  ? fput+0x70/0xf0
[ 1407.399347][T26927]  ? ksys_write+0x1b9/0x240
[ 1407.399381][T26927]  ? __pfx_ksys_write+0x10/0x10
[ 1407.399413][T26927]  ? rcu_is_watching+0x12/0xc0
[ 1407.399454][T26927]  __x64_sys_sendmmsg+0x9c/0x100
[ 1407.399504][T26927]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1407.399553][T26927]  do_syscall_64+0xcd/0x230
[ 1407.399612][T26927]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1407.399648][T26927] RIP: 0033:0x7f6e32f8e969
[ 1407.399675][T26927] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1407.399709][T26927] RSP: 002b:00007f6e30df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1407.399742][T26927] RAX: ffffffffffffffda RBX: 00007f6e331b5fa0 RCX: 00007f6e32f8e969
[ 1407.399765][T26927] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000006
[ 1407.399786][T26927] RBP: 00007f6e30df6090 R08: 0000000000000000 R09: 0000000000000000
[ 1407.399807][T26927] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001
[ 1407.399828][T26927] R13: 0000000000000000 R14: 00007f6e331b5fa0 R15: 00007ffd509ed778
[ 1407.399873][T26927]  </TASK>
[ 1407.654796][T26838] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1407.779801][T26838] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1407.937597][T26932] input: f¬
 as /devices/virtual/input/input94
[ 1408.510552][T26944] FAULT_INJECTION: forcing a failure.
[ 1408.510552][T26944] name failslab, interval 1, probability 0, space 0, times 0
[ 1408.549477][T26838] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1408.591816][T26944] CPU: 1 UID: 0 PID: 26944 Comm: syz.6.4462 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1408.591880][T26944] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1408.591895][T26944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1408.591916][T26944] Call Trace:
[ 1408.591929][T26944]  <TASK>
[ 1408.591942][T26944]  dump_stack_lvl+0x16c/0x1f0
[ 1408.592001][T26944]  should_fail_ex+0x512/0x640
[ 1408.592052][T26944]  ? __kvmalloc_node_noprof+0x122/0x600
[ 1408.592095][T26944]  should_failslab+0xc2/0x120
[ 1408.592148][T26944]  __kvmalloc_node_noprof+0x135/0x600
[ 1408.592188][T26944]  ? nf_hook_entries_grow+0x22b/0x860
[ 1408.592224][T26944]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1408.592282][T26944]  ? nf_hook_entries_grow+0x22b/0x860
[ 1408.592318][T26944]  nf_hook_entries_grow+0x22b/0x860
[ 1408.592354][T26944]  ? __pfx___debug_object_init+0x10/0x10
[ 1408.592406][T26944]  __nf_register_net_hook+0x1cd/0x730
[ 1408.592452][T26944]  nf_register_net_hook+0x109/0x160
[ 1408.592493][T26944]  nf_register_net_hooks+0x5d/0xd0
[ 1408.592532][T26944]  ? __pfx_apparmor_nf_register+0x10/0x10
[ 1408.592587][T26944]  ops_init+0x1e2/0x5f0
[ 1408.592636][T26944]  setup_net+0x21e/0x850
[ 1408.592686][T26944]  ? __pfx_setup_net+0x10/0x10
[ 1408.592727][T26944]  ? lockdep_init_map_type+0x5c/0x280
[ 1408.592775][T26944]  ? __pfx_down_read_killable+0x10/0x10
[ 1408.592821][T26944]  ? debug_mutex_init+0x37/0x70
[ 1408.592859][T26944]  copy_net_ns+0x2a6/0x5f0
[ 1408.592913][T26944]  create_new_namespaces+0x3ea/0xad0
[ 1408.592966][T26944]  unshare_nsproxy_namespaces+0xc0/0x1f0
[ 1408.593009][T26944]  ksys_unshare+0x45b/0xa40
[ 1408.593057][T26944]  ? __pfx_ksys_unshare+0x10/0x10
[ 1408.593101][T26944]  ? xfd_validate_state+0x5d/0x180
[ 1408.593143][T26944]  ? rcu_is_watching+0x12/0xc0
[ 1408.593189][T26944]  __x64_sys_unshare+0x31/0x40
[ 1408.593236][T26944]  do_syscall_64+0xcd/0x230
[ 1408.593293][T26944]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1408.593328][T26944] RIP: 0033:0x7f22be18e969
[ 1408.593356][T26944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1408.593390][T26944] RSP: 002b:00007f22bbff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1408.593423][T26944] RAX: ffffffffffffffda RBX: 00007f22be3b5fa0 RCX: 00007f22be18e969
[ 1408.593445][T26944] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1408.593466][T26944] RBP: 00007f22be210ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1408.593487][T26944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1408.593508][T26944] R13: 0000000000000000 R14: 00007f22be3b5fa0 R15: 00007ffec9468b68
[ 1408.593555][T26944]  </TASK>
[ 1408.862979][T20106] Bluetooth: hci0: command tx timeout
[ 1408.882474][T26838] 8021q: adding VLAN 0 to HW filter on device team0
[ 1408.916180][T26838] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1408.926761][T26838] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1408.972712][T24509] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1408.980063][T24509] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1408.990284][T24509] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1408.997477][T24509] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1409.554682][T26838] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1410.014049][T26967] Invalid ELF header magic: != ELF
[ 1410.831505][T26838] veth0_vlan: entered promiscuous mode
[ 1410.911949][T26838] veth1_vlan: entered promiscuous mode
[ 1411.022634][T26838] veth0_macvtap: entered promiscuous mode
[ 1411.078889][T26838] veth1_macvtap: entered promiscuous mode
[ 1411.179064][T26838] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1411.234388][T26838] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1411.268568][T26838] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1411.297061][T26838] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1411.308936][T26838] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1411.325925][T26838] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1411.498789][T26989] FAULT_INJECTION: forcing a failure.
[ 1411.498789][T26989] name failslab, interval 1, probability 0, space 0, times 0
[ 1411.525405][T24514] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1411.534472][T26989] CPU: 0 UID: 0 PID: 26989 Comm: syz.6.4470 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1411.534525][T26989] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1411.534539][T26989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1411.534558][T26989] Call Trace:
[ 1411.534569][T26989]  <TASK>
[ 1411.534581][T26989]  dump_stack_lvl+0x16c/0x1f0
[ 1411.534639][T26989]  should_fail_ex+0x512/0x640
[ 1411.534696][T26989]  should_failslab+0xc2/0x120
[ 1411.534741][T26989]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1411.534785][T26989]  ? skb_clone+0x190/0x3f0
[ 1411.534834][T26989]  skb_clone+0x190/0x3f0
[ 1411.534894][T26989]  netlink_deliver_tap+0xabd/0xd30
[ 1411.534953][T26989]  netlink_unicast+0x5df/0x7f0
[ 1411.535002][T26989]  ? __pfx_netlink_unicast+0x10/0x10
[ 1411.535045][T26989]  ? __build_skb_around+0x278/0x3b0
[ 1411.535079][T26989]  ? __build_skb+0x6e/0x90
[ 1411.535127][T26989]  ? is_vmalloc_addr+0x30/0x40
[ 1411.535171][T26989]  netlink_sendmsg+0x8d1/0xdd0
[ 1411.535224][T26989]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1411.535289][T26989]  ____sys_sendmsg+0xa95/0xc70
[ 1411.535346][T26989]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1411.535407][T26989]  ? __pfx__kstrtoull+0x10/0x10
[ 1411.535460][T26989]  ___sys_sendmsg+0x134/0x1d0
[ 1411.535505][T26989]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1411.535570][T26989]  ? find_held_lock+0x2b/0x80
[ 1411.535633][T26989]  __sys_sendmmsg+0x200/0x420
[ 1411.535683][T26989]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1411.535743][T26989]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1411.535816][T26989]  ? fput+0x70/0xf0
[ 1411.535858][T26989]  ? ksys_write+0x1b9/0x240
[ 1411.535893][T26989]  ? __pfx_ksys_write+0x10/0x10
[ 1411.535925][T26989]  ? rcu_is_watching+0x12/0xc0
[ 1411.535966][T26989]  __x64_sys_sendmmsg+0x9c/0x100
[ 1411.536009][T26989]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1411.536060][T26989]  do_syscall_64+0xcd/0x230
[ 1411.536124][T26989]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1411.536160][T26989] RIP: 0033:0x7f22be18e969
[ 1411.536188][T26989] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1411.536230][T26989] RSP: 002b:00007f22bbff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1411.536262][T26989] RAX: ffffffffffffffda RBX: 00007f22be3b5fa0 RCX: 00007f22be18e969
[ 1411.536284][T26989] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000006
[ 1411.536306][T26989] RBP: 00007f22bbff6090 R08: 0000000000000000 R09: 0000000000000000
[ 1411.536327][T26989] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001
[ 1411.536345][T26989] R13: 0000000000000000 R14: 00007f22be3b5fa0 R15: 00007ffec9468b68
[ 1411.536391][T26989]  </TASK>
[ 1411.606209][T26989] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4470'.
[ 1411.609950][T24514] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1411.732235][T24511] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1411.893528][T24511] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1412.458977][T27006] random: crng reseeded on system resumption
[ 1412.770120][T27015] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4472'.
[ 1412.897749][T20106] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[ 1412.924742][T27015] FAULT_INJECTION: forcing a failure.
[ 1412.924742][T27015] name failslab, interval 1, probability 0, space 0, times 0
[ 1413.081040][T27015] CPU: 1 UID: 0 PID: 27015 Comm: syz.5.4472 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1413.081099][T27015] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1413.081113][T27015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1413.081133][T27015] Call Trace:
[ 1413.081145][T27015]  <TASK>
[ 1413.081157][T27015]  dump_stack_lvl+0x16c/0x1f0
[ 1413.081214][T27015]  should_fail_ex+0x512/0x640
[ 1413.081290][T27015]  ? __kmalloc_noprof+0xbf/0x510
[ 1413.081332][T27015]  ? cache_create_net+0x9d/0x220
[ 1413.081357][T27015]  should_failslab+0xc2/0x120
[ 1413.081388][T27015]  __kmalloc_noprof+0xd2/0x510
[ 1413.081423][T27015]  cache_create_net+0x9d/0x220
[ 1413.081449][T27015]  nfsd_idmap_init+0x11f/0x250
[ 1413.081479][T27015]  ? __pfx_nfsd_net_init+0x10/0x10
[ 1413.081501][T27015]  nfsd_net_init+0x69/0x3d0
[ 1413.081524][T27015]  ? __pfx_nfsd_net_init+0x10/0x10
[ 1413.081546][T27015]  ops_init+0x1e2/0x5f0
[ 1413.081581][T27015]  setup_net+0x21e/0x850
[ 1413.081616][T27015]  ? __pfx_setup_net+0x10/0x10
[ 1413.081645][T27015]  ? lockdep_init_map_type+0x5c/0x280
[ 1413.081680][T27015]  ? __pfx_down_read_killable+0x10/0x10
[ 1413.081708][T27015]  ? debug_mutex_init+0x37/0x70
[ 1413.081734][T27015]  copy_net_ns+0x2a6/0x5f0
[ 1413.081772][T27015]  create_new_namespaces+0x3ea/0xad0
[ 1413.081807][T27015]  unshare_nsproxy_namespaces+0xc0/0x1f0
[ 1413.081838][T27015]  ksys_unshare+0x45b/0xa40
[ 1413.081872][T27015]  ? __pfx_ksys_unshare+0x10/0x10
[ 1413.081904][T27015]  ? xfd_validate_state+0x5d/0x180
[ 1413.081929][T27015]  ? rcu_is_watching+0x12/0xc0
[ 1413.081960][T27015]  __x64_sys_unshare+0x31/0x40
[ 1413.081993][T27015]  do_syscall_64+0xcd/0x230
[ 1413.082043][T27015]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1413.082069][T27015] RIP: 0033:0x7f6e32f8e969
[ 1413.082089][T27015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1413.082115][T27015] RSP: 002b:00007f6e30df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1413.082139][T27015] RAX: ffffffffffffffda RBX: 00007f6e331b5fa0 RCX: 00007f6e32f8e969
[ 1413.082156][T27015] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1413.082171][T27015] RBP: 00007f6e33010ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1413.082186][T27015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1413.082202][T27015] R13: 0000000000000000 R14: 00007f6e331b5fa0 R15: 00007ffd509ed778
[ 1413.082233][T27015]  </TASK>
[ 1413.636292][T20106] Bluetooth: hci1: unexpected event 0x1d length: 6 > 5
[ 1414.431352][T27036] bond0: option all_slaves_active: invalid value ()
[ 1414.762885][T27042] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4481'.
[ 1414.787799][T27042] FAULT_INJECTION: forcing a failure.
[ 1414.787799][T27042] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1414.822816][T27042] CPU: 1 UID: 0 PID: 27042 Comm: syz.7.4481 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1414.822878][T27042] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1414.822892][T27042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1414.822912][T27042] Call Trace:
[ 1414.822924][T27042]  <TASK>
[ 1414.822938][T27042]  dump_stack_lvl+0x16c/0x1f0
[ 1414.822997][T27042]  should_fail_ex+0x512/0x640
[ 1414.823055][T27042]  should_fail_alloc_page+0xe7/0x130
[ 1414.823102][T27042]  prepare_alloc_pages+0x3c2/0x610
[ 1414.823159][T27042]  ? rcu_is_watching+0x12/0xc0
[ 1414.823199][T27042]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[ 1414.823246][T27042]  ? kasan_save_stack+0x33/0x60
[ 1414.823288][T27042]  ? cgroup_rstat_updated+0x2a/0xb20
[ 1414.823356][T27042]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1414.823408][T27042]  ? lru_gen_add_folio+0x1a4/0xef0
[ 1414.823460][T27042]  ? __lock_acquire+0x5ca/0x1ba0
[ 1414.823509][T27042]  ? __lock_acquire+0x5ca/0x1ba0
[ 1414.823563][T27042]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1414.823616][T27042]  ? policy_nodemask+0xea/0x4e0
[ 1414.823664][T27042]  alloc_pages_mpol+0x1fb/0x550
[ 1414.823709][T27042]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1414.823753][T27042]  ? __lock_acquire+0x5ca/0x1ba0
[ 1414.823806][T27042]  folio_alloc_mpol_noprof+0x36/0x2f0
[ 1414.823859][T27042]  vma_alloc_folio_noprof+0xed/0x1e0
[ 1414.823909][T27042]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 1414.823975][T27042]  do_pte_missing+0x223d/0x3fb0
[ 1414.824029][T27042]  __handle_mm_fault+0x103d/0x2a40
[ 1414.824079][T27042]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1414.824114][T27042]  ? __pte_offset_map_lock+0x155/0x2f0
[ 1414.824166][T27042]  ? find_held_lock+0x2b/0x80
[ 1414.824197][T27042]  ? find_held_lock+0x2b/0x80
[ 1414.824258][T27042]  handle_mm_fault+0x3fe/0xad0
[ 1414.824300][T27042]  __get_user_pages+0x771/0x36f0
[ 1414.824366][T27042]  ? __pfx_mt_find+0x10/0x10
[ 1414.824401][T27042]  ? __pfx___get_user_pages+0x10/0x10
[ 1414.824473][T27042]  populate_vma_page_range+0x278/0x3a0
[ 1414.824511][T27042]  ? __pfx_populate_vma_page_range+0x10/0x10
[ 1414.824545][T27042]  ? __pfx_find_vma_intersection+0x10/0x10
[ 1414.824612][T27042]  ? do_mmap+0x69c/0x11b0
[ 1414.824670][T27042]  __mm_populate+0x1d8/0x380
[ 1414.824709][T27042]  ? __pfx___mm_populate+0x10/0x10
[ 1414.824747][T27042]  ? up_write+0x1b2/0x520
[ 1414.824800][T27042]  vm_mmap_pgoff+0x362/0x450
[ 1414.824859][T27042]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1414.824920][T27042]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1414.824963][T27042]  ? __x64_sys_futex+0x1e9/0x4c0
[ 1414.825008][T27042]  ksys_mmap_pgoff+0x7d/0x5c0
[ 1414.825058][T27042]  ? rcu_is_watching+0x12/0xc0
[ 1414.825094][T27042]  __x64_sys_mmap+0x125/0x190
[ 1414.825134][T27042]  do_syscall_64+0xcd/0x230
[ 1414.825190][T27042]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1414.825225][T27042] RIP: 0033:0x7f237b38e969
[ 1414.825253][T27042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1414.825285][T27042] RSP: 002b:00007f237c21b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1414.825317][T27042] RAX: ffffffffffffffda RBX: 00007f237b5b5fa0 RCX: 00007f237b38e969
[ 1414.825340][T27042] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000
[ 1414.825360][T27042] RBP: 00007f237b410ab1 R08: fffffffffffffffe R09: 0000000000008000
[ 1414.825383][T27042] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[ 1414.825402][T27042] R13: 0000000000000000 R14: 00007f237b5b5fa0 R15: 00007ffd27d060b8
[ 1414.825443][T27042]  </TASK>
[ 1415.607232][T27044] ovs_ÿþ: entered promiscuous mode
[ 1415.699064][T27045] random: crng reseeded on system resumption
[ 1416.323499][T20106] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[ 1417.011754][T27086] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4488'.
[ 1418.769020][T20106] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[ 1419.315108][T27126] input: f¬
 as /devices/virtual/input/input95
[ 1419.574352][T27128] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4498'.
[ 1419.639710][T27133] FAULT_INJECTION: forcing a failure.
[ 1419.639710][T27133] name failslab, interval 1, probability 0, space 0, times 0
[ 1419.663688][T27128] hsr_slave_0: left promiscuous mode
[ 1419.674491][T27128] hsr_slave_1: left promiscuous mode
[ 1419.705946][T27133] CPU: 0 UID: 0 PID: 27133 Comm: syz.6.4499 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1419.706001][T27133] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1419.706014][T27133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1419.706033][T27133] Call Trace:
[ 1419.706045][T27133]  <TASK>
[ 1419.706058][T27133]  dump_stack_lvl+0x16c/0x1f0
[ 1419.706121][T27133]  should_fail_ex+0x512/0x640
[ 1419.706173][T27133]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[ 1419.706219][T27133]  should_failslab+0xc2/0x120
[ 1419.706262][T27133]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[ 1419.706302][T27133]  ? __alloc_skb+0x2b2/0x380
[ 1419.706349][T27133]  __alloc_skb+0x2b2/0x380
[ 1419.706388][T27133]  ? __pfx___alloc_skb+0x10/0x10
[ 1419.706433][T27133]  ? __lock_acquire+0xaa4/0x1ba0
[ 1419.706485][T27133]  netlink_alloc_large_skb+0x69/0x130
[ 1419.706540][T27133]  netlink_sendmsg+0x6a1/0xdd0
[ 1419.706595][T27133]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1419.706657][T27133]  ____sys_sendmsg+0xa95/0xc70
[ 1419.706710][T27133]  ? copy_msghdr_from_user+0x10a/0x160
[ 1419.706752][T27133]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1419.706811][T27133]  ? kfree+0x252/0x4d0
[ 1419.706838][T27133]  ? __pfx__kstrtoull+0x10/0x10
[ 1419.706889][T27133]  ___sys_sendmsg+0x134/0x1d0
[ 1419.706934][T27133]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1419.707019][T27133]  ? __pfx___might_resched+0x10/0x10
[ 1419.707067][T27133]  __sys_sendmmsg+0x200/0x420
[ 1419.707123][T27133]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1419.707180][T27133]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1419.707256][T27133]  ? xfd_validate_state+0x5d/0x180
[ 1419.707292][T27133]  ? rcu_is_watching+0x12/0xc0
[ 1419.707333][T27133]  __x64_sys_sendmmsg+0x9c/0x100
[ 1419.707376][T27133]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1419.707426][T27133]  do_syscall_64+0xcd/0x230
[ 1419.707483][T27133]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1419.707517][T27133] RIP: 0033:0x7f22be18e969
[ 1419.707543][T27133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1419.707576][T27133] RSP: 002b:00007f22bbff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1419.707606][T27133] RAX: ffffffffffffffda RBX: 00007f22be3b5fa0 RCX: 00007f22be18e969
[ 1419.707629][T27133] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000006
[ 1419.707649][T27133] RBP: 00007f22bbff6090 R08: 0000000000000000 R09: 0000000000000000
[ 1419.707669][T27133] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001
[ 1419.707690][T27133] R13: 0000000000000000 R14: 00007f22be3b5fa0 R15: 00007ffec9468b68
[ 1419.707733][T27133]  </TASK>
[ 1420.321833][T27140] Invalid ELF header magic: != ELF
[ 1420.928204][T20106] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[ 1420.981082][T27140] could not allocate digest TFM handle 
[ 1421.041083][T27142] could not allocate digest TFM handle 
[ 1422.400532][T27202] input: f¬
 as /devices/virtual/input/input96
[ 1422.468032][T27196] Invalid ELF header magic: != ELF
[ 1422.608846][T27200] bridge0: port 4(gretap0) entered blocking state
[ 1422.637069][T27200] bridge0: port 4(gretap0) entered disabled state
[ 1422.801341][T27200] gretap0: entered allmulticast mode
[ 1422.808819][T27200] gretap0: entered promiscuous mode
[ 1422.815355][T27200] bridge0: port 4(gretap0) entered blocking state
[ 1422.822085][T27200] bridge0: port 4(gretap0) entered listening state
[ 1423.412079][T27196] could not allocate digest TFM handle 
[ 1423.496581][T27198] could not allocate digest TFM handle 
[ 1423.961395][T27213] FAULT_INJECTION: forcing a failure.
[ 1423.961395][T27213] name failslab, interval 1, probability 0, space 0, times 0
[ 1424.498101][T27213] CPU: 0 UID: 0 PID: 27213 Comm: syz.7.4518 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1424.498157][T27213] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1424.498172][T27213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1424.498190][T27213] Call Trace:
[ 1424.498202][T27213]  <TASK>
[ 1424.498214][T27213]  dump_stack_lvl+0x16c/0x1f0
[ 1424.498270][T27213]  should_fail_ex+0x512/0x640
[ 1424.498321][T27213]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[ 1424.498371][T27213]  should_failslab+0xc2/0x120
[ 1424.498415][T27213]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[ 1424.498458][T27213]  ? sock_alloc_inode+0x25/0x1c0
[ 1424.498513][T27213]  ? __pfx_sock_alloc_inode+0x10/0x10
[ 1424.498561][T27213]  sock_alloc_inode+0x25/0x1c0
[ 1424.498608][T27213]  alloc_inode+0x61/0x240
[ 1424.498661][T27213]  sock_alloc+0x40/0x280
[ 1424.498707][T27213]  __sock_create+0xc1/0x8d0
[ 1424.498769][T27213]  __sys_socket+0x14d/0x260
[ 1424.498802][T27213]  ? __pfx___sys_socket+0x10/0x10
[ 1424.498836][T27213]  ? rcu_is_watching+0x12/0xc0
[ 1424.498879][T27213]  __x64_sys_socket+0x72/0xb0
[ 1424.498910][T27213]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1424.498958][T27213]  do_syscall_64+0xcd/0x230
[ 1424.499013][T27213]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1424.499048][T27213] RIP: 0033:0x7f237b38e969
[ 1424.499074][T27213] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1424.499107][T27213] RSP: 002b:00007f237c21b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 1424.499139][T27213] RAX: ffffffffffffffda RBX: 00007f237b5b5fa0 RCX: 00007f237b38e969
[ 1424.499161][T27213] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[ 1424.499181][T27213] RBP: 00007f237b410ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1424.499201][T27213] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1424.499222][T27213] R13: 0000000000000000 R14: 00007f237b5b5fa0 R15: 00007ffd27d060b8
[ 1424.499265][T27213]  </TASK>
[ 1424.698972][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1424.766444][T27213] net_ratelimit: 20 callbacks suppressed
[ 1424.766468][T27213] socket: no more sockets
[ 1424.993604][T27237] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4521'.
[ 1425.039261][T27237] FAULT_INJECTION: forcing a failure.
[ 1425.039261][T27237] name failslab, interval 1, probability 0, space 0, times 0
[ 1425.060781][T27237] CPU: 0 UID: 0 PID: 27237 Comm: syz.0.4521 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1425.060840][T27237] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1425.060854][T27237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1425.060874][T27237] Call Trace:
[ 1425.060893][T27237]  <TASK>
[ 1425.060907][T27237]  dump_stack_lvl+0x16c/0x1f0
[ 1425.060963][T27237]  should_fail_ex+0x512/0x640
[ 1425.061014][T27237]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[ 1425.061066][T27237]  should_failslab+0xc2/0x120
[ 1425.061111][T27237]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[ 1425.061158][T27237]  ? cache_create_net+0x2b/0x220
[ 1425.061196][T27237]  ? __pfx_nfsd_net_init+0x10/0x10
[ 1425.061231][T27237]  kmemdup_noprof+0x29/0x60
[ 1425.061279][T27237]  cache_create_net+0x2b/0x220
[ 1425.061314][T27237]  ? __pfx_nfsd_net_init+0x10/0x10
[ 1425.061346][T27237]  nfsd_idmap_init+0x62/0x250
[ 1425.061388][T27237]  ? __pfx_nfsd_net_init+0x10/0x10
[ 1425.061420][T27237]  nfsd_net_init+0x69/0x3d0
[ 1425.061454][T27237]  ? __pfx_nfsd_net_init+0x10/0x10
[ 1425.061486][T27237]  ops_init+0x1e2/0x5f0
[ 1425.061537][T27237]  setup_net+0x21e/0x850
[ 1425.061588][T27237]  ? __pfx_setup_net+0x10/0x10
[ 1425.061630][T27237]  ? lockdep_init_map_type+0x5c/0x280
[ 1425.061678][T27237]  ? __pfx_down_read_killable+0x10/0x10
[ 1425.061719][T27237]  ? debug_mutex_init+0x37/0x70
[ 1425.061759][T27237]  copy_net_ns+0x2a6/0x5f0
[ 1425.061811][T27237]  create_new_namespaces+0x3ea/0xad0
[ 1425.061856][T27237]  unshare_nsproxy_namespaces+0xc0/0x1f0
[ 1425.061909][T27237]  ksys_unshare+0x45b/0xa40
[ 1425.061958][T27237]  ? __pfx_ksys_unshare+0x10/0x10
[ 1425.062004][T27237]  ? xfd_validate_state+0x5d/0x180
[ 1425.062040][T27237]  ? rcu_is_watching+0x12/0xc0
[ 1425.062087][T27237]  __x64_sys_unshare+0x31/0x40
[ 1425.062135][T27237]  do_syscall_64+0xcd/0x230
[ 1425.062192][T27237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1425.062227][T27237] RIP: 0033:0x7f542858e969
[ 1425.062255][T27237] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1425.062290][T27237] RSP: 002b:00007f54294c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1425.062321][T27237] RAX: ffffffffffffffda RBX: 00007f54287b5fa0 RCX: 00007f542858e969
[ 1425.062345][T27237] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1425.062367][T27237] RBP: 00007f5428610ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1425.062388][T27237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1425.062409][T27237] R13: 0000000000000000 R14: 00007f54287b5fa0 R15: 00007ffeeb7ebeb8
[ 1425.062453][T27237]  </TASK>
[ 1425.330052][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1425.907513][T27251] FAULT_INJECTION: forcing a failure.
[ 1425.907513][T27251] name failslab, interval 1, probability 0, space 0, times 0
[ 1425.959931][T27251] CPU: 0 UID: 0 PID: 27251 Comm: syz.0.4524 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1425.960002][T27251] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1425.960017][T27251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1425.960038][T27251] Call Trace:
[ 1425.960050][T27251]  <TASK>
[ 1425.960063][T27251]  dump_stack_lvl+0x16c/0x1f0
[ 1425.960123][T27251]  should_fail_ex+0x512/0x640
[ 1425.960174][T27251]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 1425.960215][T27251]  should_failslab+0xc2/0x120
[ 1425.960259][T27251]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1425.960295][T27251]  ? single_open+0x4d/0x1f0
[ 1425.960344][T27251]  ? __pfx_snd_info_seq_show+0x10/0x10
[ 1425.960392][T27251]  single_open+0x4d/0x1f0
[ 1425.960446][T27251]  snd_info_text_entry_open+0x175/0x2a0
[ 1425.960502][T27251]  ? __pfx_snd_info_text_entry_open+0x10/0x10
[ 1425.960555][T27251]  ? trace_kmem_cache_alloc+0x28/0xc0
[ 1425.960603][T27251]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1425.960672][T27251]  ? proc_reg_open+0x21d/0x610
[ 1425.960730][T27251]  ? __pfx_snd_info_text_entry_open+0x10/0x10
[ 1425.960794][T27251]  proc_reg_open+0x289/0x610
[ 1425.960833][T27251]  do_dentry_open+0x744/0x1c10
[ 1425.960871][T27251]  ? __pfx_proc_reg_open+0x10/0x10
[ 1425.960914][T27251]  vfs_open+0x82/0x3f0
[ 1425.960965][T27251]  path_openat+0x1e5e/0x2d40
[ 1425.961018][T27251]  ? __pfx_path_openat+0x10/0x10
[ 1425.961065][T27251]  do_filp_open+0x20b/0x470
[ 1425.961100][T27251]  ? __pfx_do_filp_open+0x10/0x10
[ 1425.961166][T27251]  ? alloc_fd+0x471/0x7d0
[ 1425.961231][T27251]  do_sys_openat2+0x11b/0x1d0
[ 1425.961276][T27251]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1425.961344][T27251]  __x64_sys_openat+0x174/0x210
[ 1425.961392][T27251]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1425.961443][T27251]  ? rcu_is_watching+0x12/0xc0
[ 1425.961489][T27251]  do_syscall_64+0xcd/0x230
[ 1425.961546][T27251]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1425.961582][T27251] RIP: 0033:0x7f542858e969
[ 1425.961609][T27251] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1425.961643][T27251] RSP: 002b:00007f542949f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1425.961676][T27251] RAX: ffffffffffffffda RBX: 00007f54287b6080 RCX: 00007f542858e969
[ 1425.961699][T27251] RDX: 0000000000000000 RSI: 0000200000000100 RDI: ffffffffffffff9c
[ 1425.961721][T27251] RBP: 00007f5428610ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1425.961743][T27251] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1425.961763][T27251] R13: 0000000000000000 R14: 00007f54287b6080 R15: 00007ffeeb7ebeb8
[ 1425.961814][T27251]  </TASK>
[ 1426.221493][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1427.015729][T27261] input: f¬
 as /devices/virtual/input/input97
[ 1427.852462][T27276] FAULT_INJECTION: forcing a failure.
[ 1427.852462][T27276] name failslab, interval 1, probability 0, space 0, times 0
[ 1427.933373][T27276] CPU: 1 UID: 0 PID: 27276 Comm: syz.5.4528 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1427.933427][T27276] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1427.933440][T27276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1427.933458][T27276] Call Trace:
[ 1427.933469][T27276]  <TASK>
[ 1427.933480][T27276]  dump_stack_lvl+0x16c/0x1f0
[ 1427.933532][T27276]  should_fail_ex+0x512/0x640
[ 1427.933584][T27276]  should_failslab+0xc2/0x120
[ 1427.933631][T27276]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1427.933669][T27276]  ? skb_clone+0x190/0x3f0
[ 1427.933712][T27276]  skb_clone+0x190/0x3f0
[ 1427.933750][T27276]  netlink_deliver_tap+0xabd/0xd30
[ 1427.933797][T27276]  netlink_unicast+0x5df/0x7f0
[ 1427.933844][T27276]  ? __pfx_netlink_unicast+0x10/0x10
[ 1427.933882][T27276]  ? __lock_acquire+0xaa4/0x1ba0
[ 1427.933933][T27276]  netlink_sendmsg+0x8d1/0xdd0
[ 1427.933979][T27276]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1427.934034][T27276]  ____sys_sendmsg+0xa95/0xc70
[ 1427.934084][T27276]  ? copy_msghdr_from_user+0x10a/0x160
[ 1427.934122][T27276]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1427.934175][T27276]  ? kfree+0x252/0x4d0
[ 1427.934200][T27276]  ? __pfx__kstrtoull+0x10/0x10
[ 1427.934246][T27276]  ___sys_sendmsg+0x134/0x1d0
[ 1427.934284][T27276]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1427.934362][T27276]  ? __pfx___might_resched+0x10/0x10
[ 1427.934406][T27276]  __sys_sendmmsg+0x200/0x420
[ 1427.934450][T27276]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1427.934502][T27276]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1427.934566][T27276]  ? fput+0x70/0xf0
[ 1427.934601][T27276]  ? ksys_write+0x1b9/0x240
[ 1427.934637][T27276]  ? __pfx_ksys_write+0x10/0x10
[ 1427.934664][T27276]  ? rcu_is_watching+0x12/0xc0
[ 1427.934699][T27276]  __x64_sys_sendmmsg+0x9c/0x100
[ 1427.934735][T27276]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1427.934779][T27276]  do_syscall_64+0xcd/0x230
[ 1427.934829][T27276]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1427.934860][T27276] RIP: 0033:0x7f6e32f8e969
[ 1427.934885][T27276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1427.934914][T27276] RSP: 002b:00007f6e30df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1427.934942][T27276] RAX: ffffffffffffffda RBX: 00007f6e331b5fa0 RCX: 00007f6e32f8e969
[ 1427.934960][T27276] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000006
[ 1427.934979][T27276] RBP: 00007f6e30df6090 R08: 0000000000000000 R09: 0000000000000000
[ 1427.934997][T27276] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000002
[ 1427.935015][T27276] R13: 0000000000000000 R14: 00007f6e331b5fa0 R15: 00007ffd509ed778
[ 1427.935053][T27276]  </TASK>
[ 1427.935080][T27276] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4528'.
[ 1428.627802][T27287] input: f¬
 as /devices/virtual/input/input98
[ 1430.002486][T27284] Invalid ELF header magic: != ELF
[ 1430.528046][T27302] Device name cannot be null; rc = [-22]
[ 1431.241394][T20106] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18
[ 1431.490825][   T30] audit: type=1800 audit(6302182374.384:205): pid=27312 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.4534" name="dbroot" dev="configfs" ino=103975 res=0 errno=0
[ 1431.552229][T27321] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4535'.
[ 1432.107282][T27284] could not allocate digest TFM handle 
[ 1432.640951][T27286] could not allocate digest TFM handle 
[ 1433.814418][T20106] Bluetooth: hci3: unexpected event 0x1d length: 6 > 5
[ 1434.405580][T27355] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4542'.
[ 1434.427601][T27356] input: f¬
 as /devices/virtual/input/input99
[ 1434.806327][T27355] bond0: (slave bond_slave_1): Releasing backup interface
[ 1435.249429][T27363] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4543'.
[ 1435.354687][T27366] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4544'.
[ 1435.373858][T27366] FAULT_INJECTION: forcing a failure.
[ 1435.373858][T27366] name failslab, interval 1, probability 0, space 0, times 0
[ 1435.388841][T27366] CPU: 0 UID: 0 PID: 27366 Comm: syz.6.4544 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1435.388882][T27366] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1435.388893][T27366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1435.388907][T27366] Call Trace:
[ 1435.388915][T27366]  <TASK>
[ 1435.388924][T27366]  dump_stack_lvl+0x16c/0x1f0
[ 1435.388966][T27366]  should_fail_ex+0x512/0x640
[ 1435.389003][T27366]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[ 1435.389034][T27366]  should_failslab+0xc2/0x120
[ 1435.389064][T27366]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[ 1435.389093][T27366]  ? __alloc_skb+0x2b2/0x380
[ 1435.389125][T27366]  __alloc_skb+0x2b2/0x380
[ 1435.389152][T27366]  ? __pfx___alloc_skb+0x10/0x10
[ 1435.389177][T27366]  ? __pfx_rtnl_dellink+0x10/0x10
[ 1435.389218][T27366]  netlink_ack+0x15d/0xb80
[ 1435.389259][T27366]  netlink_rcv_skb+0x347/0x440
[ 1435.389291][T27366]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1435.389325][T27366]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1435.389374][T27366]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1435.389410][T27366]  netlink_unicast+0x53a/0x7f0
[ 1435.389445][T27366]  ? __pfx_netlink_unicast+0x10/0x10
[ 1435.389475][T27366]  ? __lock_acquire+0xaa4/0x1ba0
[ 1435.389516][T27366]  netlink_sendmsg+0x8d1/0xdd0
[ 1435.389553][T27366]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1435.389597][T27366]  ____sys_sendmsg+0xa95/0xc70
[ 1435.389635][T27366]  ? copy_msghdr_from_user+0x10a/0x160
[ 1435.389675][T27366]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1435.389716][T27366]  ? kfree+0x252/0x4d0
[ 1435.389735][T27366]  ? __pfx__kstrtoull+0x10/0x10
[ 1435.389771][T27366]  ___sys_sendmsg+0x134/0x1d0
[ 1435.389802][T27366]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1435.389859][T27366]  ? __pfx___might_resched+0x10/0x10
[ 1435.389893][T27366]  __sys_sendmmsg+0x200/0x420
[ 1435.389927][T27366]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1435.389966][T27366]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1435.390017][T27366]  ? fput+0x70/0xf0
[ 1435.390046][T27366]  ? ksys_write+0x1b9/0x240
[ 1435.390070][T27366]  ? __pfx_ksys_write+0x10/0x10
[ 1435.390092][T27366]  ? rcu_is_watching+0x12/0xc0
[ 1435.390121][T27366]  __x64_sys_sendmmsg+0x9c/0x100
[ 1435.390151][T27366]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1435.390186][T27366]  do_syscall_64+0xcd/0x230
[ 1435.390225][T27366]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1435.390250][T27366] RIP: 0033:0x7f22be18e969
[ 1435.390270][T27366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1435.390294][T27366] RSP: 002b:00007f22bbff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1435.390316][T27366] RAX: ffffffffffffffda RBX: 00007f22be3b5fa0 RCX: 00007f22be18e969
[ 1435.390332][T27366] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000006
[ 1435.390347][T27366] RBP: 00007f22bbff6090 R08: 0000000000000000 R09: 0000000000000000
[ 1435.390362][T27366] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000002
[ 1435.390376][T27366] R13: 0000000000000000 R14: 00007f22be3b5fa0 R15: 00007ffec9468b68
[ 1435.390406][T27366]  </TASK>
[ 1436.282134][T27374] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4545'.
[ 1437.971096][    C0] bridge0: port 4(gretap0) entered learning state
[ 1438.248242][T20106] Bluetooth: hci1: unexpected event 0x1d length: 6 > 5
[ 1438.923639][T20106] Bluetooth: hci1: ACL packet for unknown connection handle 0
[ 1439.809000][T27411] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4554'.
[ 1441.209848][T27419] input: f¬
 as /devices/virtual/input/input100
[ 1442.471583][T27431] netlink: 338 bytes leftover after parsing attributes in process `syz.6.4557'.
[ 1444.365839][T27450] input: f¬
 as /devices/virtual/input/input101
[ 1444.928619][T27460] Invalid ELF header magic: != ELF
[ 1445.674697][T20106] Bluetooth: hci1: unexpected event 0x1d length: 6 > 5
[ 1445.804717][T27456] Invalid ELF header magic: != ELF
[ 1445.908955][T27471] input: f¬
 as /devices/virtual/input/input102
[ 1446.013250][T27477] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4567'.
[ 1446.083830][T27464] could not allocate digest TFM handle 
[ 1446.095930][T27460] could not allocate digest TFM handle 
[ 1446.198353][T27483] Setting dangerous option i915.mitigations - tainting kernel
[ 1447.011167][T27473] could not allocate digest TFM handle 
[ 1447.286772][T27456] could not allocate digest TFM handle 
[ 1447.752134][T27505] CIFS: VFS: Invalid SecurityFlags: 
[ 1448.223641][T20106] Bluetooth: hci3: unexpected event 0x1d length: 6 > 5
[ 1448.836518][T27517] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4576'.
[ 1449.100990][T27511] input: f¬
 as /devices/virtual/input/input103
[ 1450.095195][T27527] input: f¬
 as /devices/virtual/input/input104
[ 1450.985327][T27539] FAULT_INJECTION: forcing a failure.
[ 1450.985327][T27539] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1451.030976][   T30] audit: type=1800 audit(6302182393.934:206): pid=27541 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.4581" name="dbroot" dev="configfs" ino=105028 res=0 errno=0
[ 1451.052096][T27539] CPU: 1 UID: 0 PID: 27539 Comm: syz.6.4581 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1451.052148][T27539] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1451.052161][T27539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1451.052180][T27539] Call Trace:
[ 1451.052192][T27539]  <TASK>
[ 1451.052205][T27539]  dump_stack_lvl+0x16c/0x1f0
[ 1451.052260][T27539]  should_fail_ex+0x512/0x640
[ 1451.052317][T27539]  get_futex_key+0x49e/0x1000
[ 1451.052358][T27539]  ? __pfx_get_futex_key+0x10/0x10
[ 1451.052408][T27539]  futex_wake+0xe7/0x4e0
[ 1451.052456][T27539]  ? __pfx_futex_wake+0x10/0x10
[ 1451.052510][T27539]  ? rcu_is_watching+0x12/0xc0
[ 1451.052560][T27539]  do_futex+0x1e3/0x350
[ 1451.052598][T27539]  ? __pfx_do_futex+0x10/0x10
[ 1451.052638][T27539]  ? __pfx___might_resched+0x10/0x10
[ 1451.052683][T27539]  __x64_sys_futex+0x1e0/0x4c0
[ 1451.052723][T27539]  ? __pfx_blkcg_maybe_throttle_current+0x10/0x10
[ 1451.052770][T27539]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1451.052806][T27539]  ? ksys_mmap_pgoff+0x85/0x5c0
[ 1451.052855][T27539]  ? rcu_is_watching+0x12/0xc0
[ 1451.052900][T27539]  do_syscall_64+0xcd/0x230
[ 1451.052954][T27539]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1451.052988][T27539] RIP: 0033:0x7f22be18e969
[ 1451.053014][T27539] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1451.053071][T27539] RSP: 002b:00007f22bbfb40e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1451.053101][T27539] RAX: ffffffffffffffda RBX: 00007f22be3b6168 RCX: 00007f22be18e969
[ 1451.053122][T27539] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f22be3b616c
[ 1451.053143][T27539] RBP: 00007f22be3b6160 R08: 00007f22beef7000 R09: 0000000000000000
[ 1451.053163][T27539] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f22be3b616c
[ 1451.053183][T27539] R13: 0000000000000000 R14: 00007ffec9468a80 R15: 00007ffec9468b68
[ 1451.053226][T27539]  </TASK>
[ 1451.254203][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1452.127639][T20106] Bluetooth: hci1: unexpected event 0x1d length: 6 > 5
[ 1452.426964][T20106] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18
[ 1452.611071][T27566] input: f¬
 as /devices/virtual/input/input105
[ 1453.331345][    C0] bridge0: port 4(gretap0) entered forwarding state
[ 1453.338049][    C0] bridge0: topology change detected, propagating
[ 1455.685221][T20106] Bluetooth: hci4: unexpected event 0x1d length: 6 > 5
[ 1456.120383][T27603] Invalid ELF header magic: != ELF
[ 1456.820882][T27608] could not allocate digest TFM handle 
[ 1456.822195][T27603] could not allocate digest TFM handle 
[ 1457.971734][T27638] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4600'.
[ 1458.020133][T27638] FAULT_INJECTION: forcing a failure.
[ 1458.020133][T27638] name failslab, interval 1, probability 0, space 0, times 0
[ 1458.073663][T27638] CPU: 0 UID: 0 PID: 27638 Comm: syz.0.4600 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1458.073708][T27638] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1458.073720][T27638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1458.073736][T27638] Call Trace:
[ 1458.073745][T27638]  <TASK>
[ 1458.073755][T27638]  dump_stack_lvl+0x16c/0x1f0
[ 1458.073798][T27638]  should_fail_ex+0x512/0x640
[ 1458.073837][T27638]  ? __kmalloc_noprof+0xbf/0x510
[ 1458.073869][T27638]  ? cache_create_net+0x9d/0x220
[ 1458.073892][T27638]  should_failslab+0xc2/0x120
[ 1458.073926][T27638]  __kmalloc_noprof+0xd2/0x510
[ 1458.073962][T27638]  cache_create_net+0x9d/0x220
[ 1458.073987][T27638]  ? __pfx_nfsd_net_init+0x10/0x10
[ 1458.074012][T27638]  nfsd_idmap_init+0x62/0x250
[ 1458.074042][T27638]  ? __pfx_nfsd_net_init+0x10/0x10
[ 1458.074065][T27638]  nfsd_net_init+0x69/0x3d0
[ 1458.074089][T27638]  ? __pfx_nfsd_net_init+0x10/0x10
[ 1458.074113][T27638]  ops_init+0x1e2/0x5f0
[ 1458.074149][T27638]  setup_net+0x21e/0x850
[ 1458.074186][T27638]  ? __pfx_setup_net+0x10/0x10
[ 1458.074217][T27638]  ? lockdep_init_map_type+0x5c/0x280
[ 1458.074252][T27638]  ? __pfx_down_read_killable+0x10/0x10
[ 1458.074282][T27638]  ? debug_mutex_init+0x37/0x70
[ 1458.074310][T27638]  copy_net_ns+0x2a6/0x5f0
[ 1458.074349][T27638]  create_new_namespaces+0x3ea/0xad0
[ 1458.074385][T27638]  unshare_nsproxy_namespaces+0xc0/0x1f0
[ 1458.074418][T27638]  ksys_unshare+0x45b/0xa40
[ 1458.074454][T27638]  ? __pfx_ksys_unshare+0x10/0x10
[ 1458.074488][T27638]  ? xfd_validate_state+0x5d/0x180
[ 1458.074514][T27638]  ? rcu_is_watching+0x12/0xc0
[ 1458.074555][T27638]  __x64_sys_unshare+0x31/0x40
[ 1458.074590][T27638]  do_syscall_64+0xcd/0x230
[ 1458.074632][T27638]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1458.074657][T27638] RIP: 0033:0x7f542858e969
[ 1458.074678][T27638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1458.074702][T27638] RSP: 002b:00007f54294c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1458.074726][T27638] RAX: ffffffffffffffda RBX: 00007f54287b5fa0 RCX: 00007f542858e969
[ 1458.074742][T27638] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1458.074758][T27638] RBP: 00007f5428610ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1458.074774][T27638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1458.074789][T27638] R13: 0000000000000000 R14: 00007f54287b5fa0 R15: 00007ffeeb7ebeb8
[ 1458.074821][T27638]  </TASK>
[ 1459.930883][T20106] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[ 1460.389102][T27669] input: f¬
 as /devices/virtual/input/input106
[ 1462.282151][T27705] input: f¬
 as /devices/virtual/input/input107
[ 1463.170489][T27720] Invalid ELF header magic: != ELF
[ 1463.901214][T27730] usb usb38: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1463.936982][T27730] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[ 1464.143891][T27734] FAULT_INJECTION: forcing a failure.
[ 1464.143891][T27734] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1464.168458][T27720] could not allocate digest TFM handle 
[ 1464.200598][T27729] could not allocate digest TFM handle 
[ 1464.233045][T27734] CPU: 1 UID: 0 PID: 27734 Comm: syz.6.4619 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1464.233113][T27734] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1464.233123][T27734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1464.233138][T27734] Call Trace:
[ 1464.233146][T27734]  <TASK>
[ 1464.233156][T27734]  dump_stack_lvl+0x16c/0x1f0
[ 1464.233199][T27734]  should_fail_ex+0x512/0x640
[ 1464.233241][T27734]  _copy_to_user+0x32/0xd0
[ 1464.233266][T27734]  simple_read_from_buffer+0xcb/0x170
[ 1464.233306][T27734]  proc_fail_nth_read+0x197/0x270
[ 1464.233341][T27734]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1464.233377][T27734]  ? rw_verify_area+0xcf/0x680
[ 1464.233412][T27734]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1464.233446][T27734]  vfs_read+0x1e1/0xc70
[ 1464.233473][T27734]  ? __pfx___mutex_lock+0x10/0x10
[ 1464.233509][T27734]  ? __pfx_vfs_read+0x10/0x10
[ 1464.233540][T27734]  ? __fget_files+0x20e/0x3c0
[ 1464.233570][T27734]  ksys_read+0x12a/0x240
[ 1464.233592][T27734]  ? __pfx_ksys_read+0x10/0x10
[ 1464.233624][T27734]  do_syscall_64+0xcd/0x230
[ 1464.233662][T27734]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1464.233686][T27734] RIP: 0033:0x7f22be18d37c
[ 1464.233704][T27734] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1464.233727][T27734] RSP: 002b:00007f22bbff6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1464.233749][T27734] RAX: ffffffffffffffda RBX: 00007f22be3b5fa0 RCX: 00007f22be18d37c
[ 1464.233765][T27734] RDX: 000000000000000f RSI: 00007f22bbff60a0 RDI: 0000000000000007
[ 1464.233779][T27734] RBP: 00007f22bbff6090 R08: 0000000000000000 R09: 0000000000000000
[ 1464.233794][T27734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1464.233807][T27734] R13: 0000000000000000 R14: 00007f22be3b5fa0 R15: 00007ffec9468b68
[ 1464.233837][T27734]  </TASK>
[ 1464.428601][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1464.703601][T27739] input: f¬
 as /devices/virtual/input/input108
[ 1464.957919][T27746] FAULT_INJECTION: forcing a failure.
[ 1464.957919][T27746] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1464.973086][T27746] CPU: 0 UID: 0 PID: 27746 Comm: syz.7.4622 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1464.973143][T27746] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1464.973157][T27746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1464.973177][T27746] Call Trace:
[ 1464.973189][T27746]  <TASK>
[ 1464.973202][T27746]  dump_stack_lvl+0x16c/0x1f0
[ 1464.973271][T27746]  should_fail_ex+0x512/0x640
[ 1464.973328][T27746]  _copy_from_user+0x2e/0xd0
[ 1464.973386][T27746]  do_sys_poll+0x1d5/0xe00
[ 1464.973439][T27746]  ? trace_sched_exit_tp+0xde/0x130
[ 1464.973483][T27746]  ? __schedule+0x1186/0x5de0
[ 1464.973538][T27746]  ? __pfx_do_sys_poll+0x10/0x10
[ 1464.973629][T27746]  ? preempt_schedule_common+0x44/0xc0
[ 1464.973758][T27746]  ? __pfx_timespec64_add_safe+0x10/0x10
[ 1464.973810][T27746]  ? ktime_get_ts64+0x2d2/0x400
[ 1464.973864][T27746]  ? read_tsc+0x9/0x20
[ 1464.973907][T27746]  ? ktime_get_ts64+0x256/0x400
[ 1464.973959][T27746]  __x64_sys_poll+0x1a6/0x450
[ 1464.973992][T27746]  ? __pfx___x64_sys_poll+0x10/0x10
[ 1464.974023][T27746]  ? rcu_is_watching+0x12/0xc0
[ 1464.974069][T27746]  do_syscall_64+0xcd/0x230
[ 1464.974126][T27746]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1464.974162][T27746] RIP: 0033:0x7f237b38e969
[ 1464.974189][T27746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1464.974229][T27746] RSP: 002b:00007f237c21b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007
[ 1464.974262][T27746] RAX: ffffffffffffffda RBX: 00007f237b5b5fa0 RCX: 00007f237b38e969
[ 1464.974284][T27746] RDX: 0000000000000009 RSI: 000000000000007f RDI: 0000200000000180
[ 1464.974306][T27746] RBP: 00007f237b410ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1464.974327][T27746] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1464.974348][T27746] R13: 0000000000000000 R14: 00007f237b5b5fa0 R15: 00007ffd27d060b8
[ 1464.974392][T27746]  </TASK>
[ 1465.861768][T27756] input: f¬
 as /devices/virtual/input/input109
[ 1466.348184][T27766] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4628'.
[ 1466.368654][T27766] FAULT_INJECTION: forcing a failure.
[ 1466.368654][T27766] name failslab, interval 1, probability 0, space 0, times 0
[ 1466.400106][T27766] CPU: 1 UID: 0 PID: 27766 Comm: syz.5.4628 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1466.400170][T27766] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1466.400185][T27766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1466.400206][T27766] Call Trace:
[ 1466.400220][T27766]  <TASK>
[ 1466.400233][T27766]  dump_stack_lvl+0x16c/0x1f0
[ 1466.400295][T27766]  should_fail_ex+0x512/0x640
[ 1466.400347][T27766]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1466.400394][T27766]  should_failslab+0xc2/0x120
[ 1466.400440][T27766]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1466.400481][T27766]  ? __proc_create+0xc3/0x8c0
[ 1466.400520][T27766]  ? __proc_create+0x2ce/0x8c0
[ 1466.400567][T27766]  __proc_create+0x2ce/0x8c0
[ 1466.400610][T27766]  ? __pfx___proc_create+0x10/0x10
[ 1466.400659][T27766]  ? _raw_write_unlock+0x28/0x50
[ 1466.400707][T27766]  ? proc_register+0x314/0x5f0
[ 1466.400753][T27766]  proc_create_reg+0x7d/0x180
[ 1466.400799][T27766]  proc_create_data+0x86/0x110
[ 1466.400854][T27766]  ? __pfx_proc_create_data+0x10/0x10
[ 1466.400903][T27766]  ? cache_register_net+0x137/0x5e0
[ 1466.400954][T27766]  cache_register_net+0x2d6/0x5e0
[ 1466.401001][T27766]  nfsd_export_init+0x16e/0x250
[ 1466.401038][T27766]  ? __pfx_nfsd_net_init+0x10/0x10
[ 1466.401071][T27766]  nfsd_net_init+0x33/0x3d0
[ 1466.401107][T27766]  ? __pfx_nfsd_net_init+0x10/0x10
[ 1466.401140][T27766]  ops_init+0x1e2/0x5f0
[ 1466.401192][T27766]  setup_net+0x21e/0x850
[ 1466.401241][T27766]  ? __pfx_setup_net+0x10/0x10
[ 1466.401286][T27766]  ? lockdep_init_map_type+0x5c/0x280
[ 1466.401337][T27766]  ? __pfx_down_read_killable+0x10/0x10
[ 1466.401380][T27766]  ? debug_mutex_init+0x37/0x70
[ 1466.401419][T27766]  copy_net_ns+0x2a6/0x5f0
[ 1466.401474][T27766]  create_new_namespaces+0x3ea/0xad0
[ 1466.401526][T27766]  unshare_nsproxy_namespaces+0xc0/0x1f0
[ 1466.401573][T27766]  ksys_unshare+0x45b/0xa40
[ 1466.401623][T27766]  ? __pfx_ksys_unshare+0x10/0x10
[ 1466.401669][T27766]  ? xfd_validate_state+0x5d/0x180
[ 1466.401706][T27766]  ? rcu_is_watching+0x12/0xc0
[ 1466.401752][T27766]  __x64_sys_unshare+0x31/0x40
[ 1466.401801][T27766]  do_syscall_64+0xcd/0x230
[ 1466.401878][T27766]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1466.401913][T27766] RIP: 0033:0x7f6e32f8e969
[ 1466.401941][T27766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1466.401973][T27766] RSP: 002b:00007f6e30df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1466.402006][T27766] RAX: ffffffffffffffda RBX: 00007f6e331b5fa0 RCX: 00007f6e32f8e969
[ 1466.402029][T27766] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1466.402049][T27766] RBP: 00007f6e33010ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1466.402069][T27766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1466.402184][T27766] R13: 0000000000000000 R14: 00007f6e331b5fa0 R15: 00007ffd509ed778
[ 1466.402234][T27766]  </TASK>
[ 1466.689274][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1467.053312][T27774] usb usb38: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1467.083590][T27774] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[ 1467.200582][T27780] openvswitch: .SR: Dropping previously announced user features
[ 1467.502672][T27785] netlink: 334 bytes leftover after parsing attributes in process `syz.7.4633'.
[ 1467.562535][T27784] netlink: 330 bytes leftover after parsing attributes in process `syz.7.4633'.
[ 1467.584458][T27780] Invalid ELF header magic: != ELF
[ 1467.913277][T27800] input: f¬
 as /devices/virtual/input/input110
[ 1468.019889][T27780] could not allocate digest TFM handle 
[ 1468.020113][T27782] could not allocate digest TFM handle 
[ 1468.876710][T20106] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18
[ 1469.940058][T27831] input: f¬
 as /devices/virtual/input/input112
[ 1470.554921][T27840] usb usb38: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1470.574232][T27840] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[ 1471.037378][T27847] netlink: 504 bytes leftover after parsing attributes in process `syz.7.4643'.
[ 1471.284599][T27834] ptrace attach of "./syz-executor exec"[21695] was attempted by ""[27834]
[ 1471.800829][T27862] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4646'.
[ 1472.024406][T27869] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4647'.
[ 1473.033289][T27857] ptrace attach of "./syz-executor exec"[26250] was attempted by ""[27857]
[ 1474.627283][T27886] input: f¬
 as /devices/virtual/input/input113
[ 1475.145620][T27891] usb usb38: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1475.172964][T27891] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[ 1479.253190][T27949] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4664'.
[ 1479.349415][T27950] FAULT_INJECTION: forcing a failure.
[ 1479.349415][T27950] name failslab, interval 1, probability 0, space 0, times 0
[ 1479.362335][T27950] CPU: 1 UID: 0 PID: 27950 Comm: syz.6.4663 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1479.362389][T27950] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1479.362404][T27950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1479.362424][T27950] Call Trace:
[ 1479.362436][T27950]  <TASK>
[ 1479.362450][T27950]  dump_stack_lvl+0x16c/0x1f0
[ 1479.362509][T27950]  should_fail_ex+0x512/0x640
[ 1479.362568][T27950]  should_failslab+0xc2/0x120
[ 1479.362610][T27950]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1479.362654][T27950]  ? cfmuxl_create+0x40/0x210
[ 1479.362707][T27950]  ? __pfx_caif_init_net+0x10/0x10
[ 1479.362753][T27950]  cfmuxl_create+0x40/0x210
[ 1479.362802][T27950]  cfcnfg_create+0x78/0x500
[ 1479.362846][T27950]  ? debug_mutex_init+0x37/0x70
[ 1479.362878][T27950]  ? __pfx_caif_init_net+0x10/0x10
[ 1479.362922][T27950]  caif_init_net+0x7d/0xe0
[ 1479.362967][T27950]  ops_init+0x1e2/0x5f0
[ 1479.363014][T27950]  setup_net+0x21e/0x850
[ 1479.363059][T27950]  ? __pfx_setup_net+0x10/0x10
[ 1479.363098][T27950]  ? lockdep_init_map_type+0x5c/0x280
[ 1479.363142][T27950]  ? __pfx_down_read_killable+0x10/0x10
[ 1479.363181][T27950]  ? debug_mutex_init+0x37/0x70
[ 1479.363220][T27950]  copy_net_ns+0x2a6/0x5f0
[ 1479.363274][T27950]  create_new_namespaces+0x3ea/0xad0
[ 1479.363324][T27950]  unshare_nsproxy_namespaces+0xc0/0x1f0
[ 1479.363368][T27950]  ksys_unshare+0x45b/0xa40
[ 1479.363416][T27950]  ? __pfx_ksys_unshare+0x10/0x10
[ 1479.363460][T27950]  ? xfd_validate_state+0x5d/0x180
[ 1479.363496][T27950]  ? rcu_is_watching+0x12/0xc0
[ 1479.363540][T27950]  __x64_sys_unshare+0x31/0x40
[ 1479.363586][T27950]  do_syscall_64+0xcd/0x230
[ 1479.363647][T27950]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1479.363678][T27950] RIP: 0033:0x7f22be18e969
[ 1479.363702][T27950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1479.363731][T27950] RSP: 002b:00007f22bbfb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1479.363758][T27950] RAX: ffffffffffffffda RBX: 00007f22be3b6160 RCX: 00007f22be18e969
[ 1479.363778][T27950] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1479.363796][T27950] RBP: 00007f22be210ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1479.363814][T27950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1479.363832][T27950] R13: 0000000000000000 R14: 00007f22be3b6160 R15: 00007ffec9468b68
[ 1479.363868][T27950]  </TASK>
[ 1479.612054][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1480.687304][T27952] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[ 1480.714012][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1480.720274][T27952] CIFS mount error: No usable UNC path provided in device string!
[ 1480.720274][T27952] 
[ 1480.731537][T27952] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1480.824304][T27952] ptrace attach of "./syz-executor exec"[21915] was attempted by "./syz-executor exec"[27952]
[ 1481.510933][T27971] input: f¬
 as /devices/virtual/input/input114
[ 1481.970905][T20106] Bluetooth: hci4: command 0x0406 tx timeout
[ 1482.833786][T27995] usb usb38: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1482.851014][T27995] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[ 1482.874187][T27999] netlink: 16 bytes leftover after parsing attributes in process `syz.7.4671'.
[ 1484.468248][T28026] FAULT_INJECTION: forcing a failure.
[ 1484.468248][T28026] name failslab, interval 1, probability 0, space 0, times 0
[ 1484.482200][T28026] CPU: 0 UID: 0 PID: 28026 Comm: syz.6.4675 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1484.482260][T28026] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1484.482274][T28026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1484.482294][T28026] Call Trace:
[ 1484.482307][T28026]  <TASK>
[ 1484.482320][T28026]  dump_stack_lvl+0x16c/0x1f0
[ 1484.482379][T28026]  should_fail_ex+0x512/0x640
[ 1484.482444][T28026]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[ 1484.482499][T28026]  should_failslab+0xc2/0x120
[ 1484.482542][T28026]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[ 1484.482588][T28026]  ? mptcp_net_init+0x29c/0x620
[ 1484.482636][T28026]  kmemdup_noprof+0x29/0x60
[ 1484.482683][T28026]  mptcp_net_init+0x29c/0x620
[ 1484.482733][T28026]  ? __pfx_mptcp_net_init+0x10/0x10
[ 1484.482789][T28026]  ops_init+0x1e2/0x5f0
[ 1484.482843][T28026]  setup_net+0x21e/0x850
[ 1484.482897][T28026]  ? __pfx_setup_net+0x10/0x10
[ 1484.482941][T28026]  ? lockdep_init_map_type+0x5c/0x280
[ 1484.482989][T28026]  ? __pfx_down_read_killable+0x10/0x10
[ 1484.483030][T28026]  ? debug_mutex_init+0x37/0x70
[ 1484.483068][T28026]  copy_net_ns+0x2a6/0x5f0
[ 1484.483121][T28026]  create_new_namespaces+0x3ea/0xad0
[ 1484.483170][T28026]  unshare_nsproxy_namespaces+0xc0/0x1f0
[ 1484.483216][T28026]  ksys_unshare+0x45b/0xa40
[ 1484.483265][T28026]  ? __pfx_ksys_unshare+0x10/0x10
[ 1484.483311][T28026]  ? xfd_validate_state+0x5d/0x180
[ 1484.483348][T28026]  ? rcu_is_watching+0x12/0xc0
[ 1484.483392][T28026]  __x64_sys_unshare+0x31/0x40
[ 1484.483446][T28026]  do_syscall_64+0xcd/0x230
[ 1484.483496][T28026]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1484.483528][T28026] RIP: 0033:0x7f22be18e969
[ 1484.483557][T28026] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1484.483596][T28026] RSP: 002b:00007f22bbff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1484.483631][T28026] RAX: ffffffffffffffda RBX: 00007f22be3b5fa0 RCX: 00007f22be18e969
[ 1484.483655][T28026] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1484.483673][T28026] RBP: 00007f22be210ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1484.483691][T28026] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1484.483708][T28026] R13: 0000000000000000 R14: 00007f22be3b5fa0 R15: 00007ffec9468b68
[ 1484.483744][T28026]  </TASK>
[ 1484.950298][T28030] input: f¬
 as /devices/virtual/input/input115
[ 1485.901310][T28048] input: f¬
 as /devices/virtual/input/input116
[ 1486.478525][T28056] program syz.5.4683 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1487.924930][T28077] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4687'.
[ 1488.484185][T28086] FAULT_INJECTION: forcing a failure.
[ 1488.484185][T28086] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1488.527477][T28086] CPU: 0 UID: 0 PID: 28086 Comm: syz.7.4688 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1488.527538][T28086] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1488.527553][T28086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1488.527575][T28086] Call Trace:
[ 1488.527587][T28086]  <TASK>
[ 1488.527600][T28086]  dump_stack_lvl+0x16c/0x1f0
[ 1488.527659][T28086]  should_fail_ex+0x512/0x640
[ 1488.527716][T28086]  get_futex_key+0x49e/0x1000
[ 1488.527758][T28086]  ? __pfx_get_futex_key+0x10/0x10
[ 1488.527811][T28086]  futex_wake+0xe7/0x4e0
[ 1488.527860][T28086]  ? __pfx_futex_wake+0x10/0x10
[ 1488.527910][T28086]  ? kmem_cache_free+0x2d4/0x4d0
[ 1488.527947][T28086]  ? fd_install+0x225/0x750
[ 1488.527975][T28086]  ? putname+0x154/0x1a0
[ 1488.528022][T28086]  do_futex+0x1e3/0x350
[ 1488.528068][T28086]  ? __pfx_do_futex+0x10/0x10
[ 1488.528119][T28086]  __x64_sys_futex+0x1e0/0x4c0
[ 1488.528160][T28086]  ? __x64_sys_openat+0x174/0x210
[ 1488.528211][T28086]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1488.528252][T28086]  ? rcu_is_watching+0x12/0xc0
[ 1488.528298][T28086]  do_syscall_64+0xcd/0x230
[ 1488.528356][T28086]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1488.528392][T28086] RIP: 0033:0x7f237b38e969
[ 1488.528420][T28086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1488.528455][T28086] RSP: 002b:00007f237c21b0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1488.528489][T28086] RAX: ffffffffffffffda RBX: 00007f237b5b5fa8 RCX: 00007f237b38e969
[ 1488.528520][T28086] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f237b5b5fac
[ 1488.528542][T28086] RBP: 00007f237b5b5fa0 R08: 00007f237c21c000 R09: 0000000000000000
[ 1488.528564][T28086] R10: 0000000000000005 R11: 0000000000000246 R12: 00007f237b5b5fac
[ 1488.528587][T28086] R13: 0000000000000000 R14: 00007ffd27d05fd0 R15: 00007ffd27d060b8
[ 1488.528631][T28086]  </TASK>
[ 1488.790441][T28088] input: f¬
 as /devices/virtual/input/input117
[ 1488.820851][T25177] Bluetooth: hci0: unexpected subevent 0x01 length: 5 < 18
[ 1489.369141][T28095] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888078006530 pfn:0x78004
[ 1489.394945][T28095] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1489.430024][T28095] memcg:ffff888063ee7381
[ 1489.437773][T28095] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[ 1489.483595][T28095] page_type: f5(slab)
[ 1489.531497][T28095] raw: 00fff00000000240 ffff888140ecb640 ffffea000169bd10 ffffea000169ce10
[ 1489.640869][T28095] raw: ffff888078006530 00000000000c000a 00000000f5000000 ffff888063ee7381
[ 1489.650277][T28095] head: 00fff00000000240 ffff888140ecb640 ffffea000169bd10 ffffea000169ce10
[ 1489.673300][T28105] usb usb38: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1489.710910][T28105] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[ 1489.755431][T28097] could not allocate digest TFM handle binfmt_misc
[ 1489.834038][T28095] head: ffff888078006530 00000000000c000a 00000000f5000000 ffff888063ee7381
[ 1489.860816][T28095] head: 00fff00000000002 ffffea0001e00101 00000000ffffffff 00000000ffffffff
[ 1489.869614][T28095] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[ 1489.930924][T28095] page dumped because: unmovable page
[ 1489.936401][T28095] page_owner tracks the page as allocated
[ 1489.980796][T28095] page last allocated via order 2, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5817, tgid 5817 (syz-executor), ts 94458662471, free_ts 35569103981
[ 1490.096620][T28095]  post_alloc_hook+0x181/0x1b0
[ 1490.120991][T28095]  get_page_from_freelist+0x135c/0x3920
[ 1490.150391][T28095]  __alloc_frozen_pages_noprof+0x263/0x23a0
[ 1490.227407][T28095]  alloc_pages_mpol+0x1fb/0x550
[ 1490.245538][T28095]  new_slab+0x244/0x340
[ 1490.251280][T28095]  ___slab_alloc+0xd9c/0x1940
[ 1490.256543][T28095]  __slab_alloc.constprop.0+0x56/0xb0
[ 1490.262272][T28095]  kmem_cache_alloc_lru_noprof+0xf4/0x3b0
[ 1490.277236][T28095]  proc_alloc_inode+0x25/0x200
[ 1490.327865][T28095]  alloc_inode+0x61/0x240
[ 1490.376751][T28095]  new_inode+0x22/0x1c0
[ 1490.512536][T28095]  proc_get_inode+0x1d/0x780
[ 1490.626787][T28095]  proc_lookup_de+0x253/0x320
[ 1490.653278][T28095]  proc_lookup+0xcf/0x110
[ 1490.683711][T28095]  proc_root_lookup+0x3b/0x70
[ 1490.691187][T28118] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4692'.
[ 1490.724994][T28095]  lookup_open.isra.0+0x4da/0x1580
[ 1490.735128][T28095] page last free pid 1 tgid 1 stack trace:
[ 1490.749981][T28118] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1490.760298][T28095]  __free_frozen_pages+0x69d/0xff0
[ 1490.769976][T28095]  free_contig_range+0x135/0x3f0
[ 1490.799873][T28095]  destroy_args+0x66f/0x830
[ 1490.838612][T28095]  debug_vm_pgtable+0x130e/0x2d50
[ 1490.914797][T28095]  do_one_initcall+0x120/0x6e0
[ 1490.958229][T28095]  kernel_init_freeable+0x5c2/0x900
[ 1490.988732][T28095]  kernel_init+0x1c/0x2b0
[ 1491.000778][T28095]  ret_from_fork+0x48/0x80
[ 1491.042656][T28095]  ret_from_fork_asm+0x1a/0x30
[ 1491.221207][T28118] bridge_slave_1 (unregistering): left allmulticast mode
[ 1491.243914][T28118] bridge_slave_1 (unregistering): left promiscuous mode
[ 1491.312182][T28118] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1492.727838][T28140] Invalid ELF header magic: != ELF
[ 1493.728515][T28144] could not allocate digest TFM handle 
[ 1493.796461][T28140] could not allocate digest TFM handle 
[ 1494.234749][T28163] input: f¬
 as /devices/virtual/input/input118
[ 1495.021496][T28174] Invalid ELF header magic: != ELF
[ 1495.125475][T28158] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4701'.
[ 1495.833201][T28192] Invalid ELF header magic: != ELF
[ 1495.866286][T28200] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4709'.
[ 1496.082391][T28194] could not allocate digest TFM handle 
[ 1496.283348][T28174] could not allocate digest TFM handle 
[ 1496.939979][T28201] could not allocate digest TFM handle 
[ 1496.967032][T28197] could not allocate digest TFM handle " 
[ 1497.359250][T28224] input: f¬
 as /devices/virtual/input/input120
[ 1497.390916][T28226] input: f¬
 as /devices/virtual/input/input121
[ 1497.810839][T28230] netlink: 338 bytes leftover after parsing attributes in process `syz.5.4715'.
[ 1498.291661][T28245] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1498.309831][T28245] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1498.321528][T28245] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1498.328971][T28245] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1498.443467][T28245] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1498.470583][T28245] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1498.487037][T28245] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1498.541265][T28245] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1499.063021][T28257] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4720'.
[ 1499.506580][T28264] Invalid ELF header magic: != ELF
[ 1500.043305][T28279] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4727'.
[ 1500.148438][T28277] input: f¬
 as /devices/virtual/input/input122
[ 1500.370889][T25177] Bluetooth: hci4: command 0x0406 tx timeout
[ 1500.377090][T20106] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1500.377105][ T5834] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1500.458717][T28267] could not allocate digest TFM handle 
[ 1500.465212][T28264] could not allocate digest TFM handle 
[ 1500.532703][ T5834] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1501.047569][T28295] bridge0: port 2(vlan1) entered blocking state
[ 1501.056996][T28295] bridge0: port 2(vlan1) entered disabled state
[ 1501.071076][T28295] vlan1: entered allmulticast mode
[ 1501.076274][T28295] veth0_vlan: entered allmulticast mode
[ 1501.094633][T28296] input: f¬
 as /devices/virtual/input/input123
[ 1501.121403][T28295] vlan1: entered promiscuous mode
[ 1501.169221][T28295] bridge0: port 2(vlan1) entered blocking state
[ 1501.175778][T28295] bridge0: port 2(vlan1) entered forwarding state
[ 1501.829231][T28315] binder: 28314:28315 ioctl c0046209 0 returned -22
[ 1502.079267][T28325] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4738'.
[ 1502.211811][T28325] Invalid ELF header magic: != ELF
[ 1502.451181][ T5834] Bluetooth: hci4: command 0x0406 tx timeout
[ 1502.611784][ T5834] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1502.803021][T28344] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4740'.
[ 1503.037657][T28325] could not allocate digest TFM handle 
[ 1503.095564][T28342] could not allocate digest TFM handle 
[ 1503.698627][T28355] netlink: 346 bytes leftover after parsing attributes in process `syz.7.4743'.
[ 1504.537432][T25177] Bluetooth: hci4: command 0x0406 tx timeout
[ 1504.697821][T25177] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1506.685824][T28400] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4752'.
[ 1506.724472][T28400] Invalid ELF header magic: != ELF
[ 1506.731720][T28367] ptrace attach of "./syz-executor exec"[21695] was attempted by "./syz-executor exec"[28367]
[ 1507.476983][T25177] Bluetooth: hci4: Unable to find connection for big 0xd2
[ 1508.108702][T28402] could not allocate digest TFM handle 
[ 1508.202825][T28400] could not allocate digest TFM handle 
[ 1508.473528][T28429] random: crng reseeded on system resumption
[ 1509.243517][T28431] can: request_module (can-proto-0) failed.
[ 1509.506115][T28441] input: f¬
 as /devices/virtual/input/input124
[ 1510.255029][T28452] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4762'.
[ 1511.188327][T28470] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4767'.
[ 1511.340131][T28470] Invalid ELF header magic: != ELF
[ 1511.981785][T28470] could not allocate digest TFM handle 
[ 1511.988105][T28474] could not allocate digest TFM handle 
[ 1514.435303][T28527] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4776'.
[ 1516.773380][T28562] FAULT_INJECTION: forcing a failure.
[ 1516.773380][T28562] name failslab, interval 1, probability 0, space 0, times 0
[ 1516.827867][T28562] CPU: 1 UID: 0 PID: 28562 Comm: syz.0.4783 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1516.827918][T28562] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1516.827930][T28562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1516.827948][T28562] Call Trace:
[ 1516.827958][T28562]  <TASK>
[ 1516.827969][T28562]  dump_stack_lvl+0x16c/0x1f0
[ 1516.828019][T28562]  should_fail_ex+0x512/0x640
[ 1516.828061][T28562]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1516.828099][T28562]  should_failslab+0xc2/0x120
[ 1516.828136][T28562]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1516.828170][T28562]  ? __kernfs_new_node+0xd2/0x8a0
[ 1516.828214][T28562]  __kernfs_new_node+0xd2/0x8a0
[ 1516.828246][T28562]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1516.828284][T28562]  ? find_held_lock+0x2b/0x80
[ 1516.828314][T28562]  ? kernfs_root+0xee/0x2a0
[ 1516.828349][T28562]  kernfs_new_node+0x13c/0x1e0
[ 1516.828388][T28562]  __kernfs_create_file+0x53/0x350
[ 1516.828431][T28562]  sysfs_add_file_mode_ns+0x207/0x3c0
[ 1516.828492][T28562]  internal_create_group+0x578/0xf30
[ 1516.828531][T28562]  ? __pfx_internal_create_group+0x10/0x10
[ 1516.828566][T28562]  ? kernfs_create_link+0x1bd/0x240
[ 1516.828612][T28562]  internal_create_groups+0x9d/0x150
[ 1516.828645][T28562]  device_add+0x6d1/0x1a70
[ 1516.828690][T28562]  ? __pfx_device_add+0x10/0x10
[ 1516.828731][T28562]  ? lockdep_init_map_type+0x5c/0x280
[ 1516.828770][T28562]  ? __init_waitqueue_head+0xca/0x150
[ 1516.828806][T28562]  netdev_register_kobject+0x182/0x3a0
[ 1516.828854][T28562]  register_netdevice+0x13dc/0x2270
[ 1516.828900][T28562]  ? __pfx_register_netdevice+0x10/0x10
[ 1516.828951][T28562]  __ip_tunnel_create+0x4a8/0x680
[ 1516.828992][T28562]  ? __pfx___ip_tunnel_create+0x10/0x10
[ 1516.829040][T28562]  ip_tunnel_init_net+0x22f/0x7d0
[ 1516.829083][T28562]  ? __pfx_ip_tunnel_init_net+0x10/0x10
[ 1516.829129][T28562]  ? trace_kmalloc+0x2b/0xd0
[ 1516.829167][T28562]  ? lockdep_init_map_type+0x5c/0x280
[ 1516.829223][T28562]  ? __pfx_ipgre_tap_init_net+0x10/0x10
[ 1516.829255][T28562]  ops_init+0x1e2/0x5f0
[ 1516.829296][T28562]  setup_net+0x21e/0x850
[ 1516.829338][T28562]  ? __pfx_setup_net+0x10/0x10
[ 1516.829373][T28562]  ? lockdep_init_map_type+0x5c/0x280
[ 1516.829412][T28562]  ? __pfx_down_read_killable+0x10/0x10
[ 1516.829448][T28562]  ? debug_mutex_init+0x37/0x70
[ 1516.829480][T28562]  copy_net_ns+0x2a6/0x5f0
[ 1516.829525][T28562]  create_new_namespaces+0x3ea/0xad0
[ 1516.829568][T28562]  unshare_nsproxy_namespaces+0xc0/0x1f0
[ 1516.829605][T28562]  ksys_unshare+0x45b/0xa40
[ 1516.829647][T28562]  ? __pfx_ksys_unshare+0x10/0x10
[ 1516.829685][T28562]  ? xfd_validate_state+0x5d/0x180
[ 1516.829714][T28562]  ? rcu_is_watching+0x12/0xc0
[ 1516.829751][T28562]  __x64_sys_unshare+0x31/0x40
[ 1516.829790][T28562]  do_syscall_64+0xcd/0x230
[ 1516.829837][T28562]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1516.829866][T28562] RIP: 0033:0x7f542858e969
[ 1516.829889][T28562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1516.829918][T28562] RSP: 002b:00007f54294c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1516.829944][T28562] RAX: ffffffffffffffda RBX: 00007f54287b5fa0 RCX: 00007f542858e969
[ 1516.829963][T28562] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1516.829980][T28562] RBP: 00007f5428610ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1516.829998][T28562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1516.830014][T28562] R13: 0000000000000000 R14: 00007f54287b5fa0 R15: 00007ffeeb7ebeb8
[ 1516.830052][T28562]  </TASK>
[ 1517.330222][T28546] netlink: 266 bytes leftover after parsing attributes in process `syz.7.4780'.
[ 1517.354077][T28546] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1517.465566][T28573] usb usb38: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1517.513260][T28573] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[ 1518.383238][T28588] openvswitch: .SR: Dropping previously announced user features
[ 1518.605865][T28588] Invalid ELF header magic: != ELF
[ 1518.858418][T28599] input: f¬
 as /devices/virtual/input/input125
[ 1519.758784][T28593] could not allocate digest TFM handle 
[ 1519.793740][T28588] could not allocate digest TFM handle 
[ 1520.153274][T25177] Bluetooth: hci4: unexpected event 0x3e length: 728 > 260
[ 1520.153308][T25177] Bluetooth: hci4: unexpected subevent 0x03 length: 727 > 9
[ 1520.296767][T28628] usb usb38: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1520.363986][T28628] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[ 1521.901578][T28637] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1521.919653][T28637] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1521.948132][T28637] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1521.972357][T28637] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1522.682923][T28658] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4800'.
[ 1523.018810][T28662] input: f¬
 as /devices/virtual/input/input126
[ 1523.330755][T25177] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1523.973070][ T5834] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1523.979263][T25177] Bluetooth: hci4: command 0x0406 tx timeout
[ 1524.075316][T25177] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1524.220232][T28676] FAULT_INJECTION: forcing a failure.
[ 1524.220232][T28676] name failslab, interval 1, probability 0, space 0, times 0
[ 1524.394929][T28676] CPU: 1 UID: 0 PID: 28676 Comm: syz.7.4804 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1524.394990][T28676] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1524.395004][T28676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1524.395025][T28676] Call Trace:
[ 1524.395038][T28676]  <TASK>
[ 1524.395052][T28676]  dump_stack_lvl+0x16c/0x1f0
[ 1524.395112][T28676]  should_fail_ex+0x512/0x640
[ 1524.395164][T28676]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[ 1524.395213][T28676]  should_failslab+0xc2/0x120
[ 1524.395257][T28676]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[ 1524.395297][T28676]  ? find_held_lock+0x2b/0x80
[ 1524.395331][T28676]  ? alloc_inode+0xc3/0x240
[ 1524.395380][T28676]  alloc_inode+0xc3/0x240
[ 1524.395425][T28676]  alloc_anon_inode+0x28/0x3e0
[ 1524.395456][T28676]  ? alloc_fd+0x471/0x7d0
[ 1524.395511][T28676]  __anon_inode_getfile+0x1ea/0x370
[ 1524.395578][T28676]  new_userfaultfd+0x25e/0x3d0
[ 1524.395623][T28676]  __x64_sys_userfaultfd+0x4b/0xb0
[ 1524.395670][T28676]  do_syscall_64+0xcd/0x230
[ 1524.395726][T28676]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1524.395770][T28676] RIP: 0033:0x7f237b38e969
[ 1524.395798][T28676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1524.395833][T28676] RSP: 002b:00007f237c1fa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000143
[ 1524.395866][T28676] RAX: ffffffffffffffda RBX: 00007f237b5b6080 RCX: 00007f237b38e969
[ 1524.395889][T28676] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[ 1524.395910][T28676] RBP: 00007f237b410ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1524.395931][T28676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1524.395952][T28676] R13: 0000000000000000 R14: 00007f237b5b6080 R15: 00007ffd27d060b8
[ 1524.395996][T28676]  </TASK>
[ 1525.605655][T28683] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4806'.
[ 1525.672663][T28686] netlink: zone id is out of range
[ 1525.677996][T28686] netlink: zone id is out of range
[ 1525.683358][T28686] netlink: zone id is out of range
[ 1525.688692][T28686] netlink: zone id is out of range
[ 1525.714362][T28686] netlink: zone id is out of range
[ 1525.719580][T28686] netlink: zone id is out of range
[ 1525.726938][T28686] netlink: zone id is out of range
[ 1525.736973][T28686] netlink: zone id is out of range
[ 1525.818069][T28686] netlink: zone id is out of range
[ 1525.838650][T28686] netlink: zone id is out of range
[ 1526.444596][T28701] usb usb38: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1526.458436][T28701] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[ 1526.709502][T28709] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4813'.
[ 1526.845529][T28709] Invalid ELF header magic: != ELF
[ 1527.254607][T28709] could not allocate digest TFM handle 
[ 1527.300042][T28712] could not allocate digest TFM handle 
[ 1527.325086][T28720] FAULT_INJECTION: forcing a failure.
[ 1527.325086][T28720] name failslab, interval 1, probability 0, space 0, times 0
[ 1527.383118][T28720] CPU: 0 UID: 0 PID: 28720 Comm: syz.6.4814 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1527.383179][T28720] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1527.383194][T28720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1527.383228][T28720] Call Trace:
[ 1527.383240][T28720]  <TASK>
[ 1527.383253][T28720]  dump_stack_lvl+0x16c/0x1f0
[ 1527.383314][T28720]  should_fail_ex+0x512/0x640
[ 1527.383368][T28720]  ? __kmalloc_cache_node_noprof+0x5a/0x420
[ 1527.383411][T28720]  should_failslab+0xc2/0x120
[ 1527.383456][T28720]  __kmalloc_cache_node_noprof+0x6d/0x420
[ 1527.383494][T28720]  ? rcu_is_watching+0x12/0xc0
[ 1527.383528][T28720]  ? kasan_quarantine_put+0x10a/0x240
[ 1527.383563][T28720]  ? blk_mq_init_tags+0x87/0x2b0
[ 1527.383606][T28720]  blk_mq_init_tags+0x87/0x2b0
[ 1527.383645][T28720]  blk_mq_alloc_map_and_rqs+0x237/0xf10
[ 1527.383700][T28720]  ? blk_mq_map_queues+0x211/0x410
[ 1527.383752][T28720]  __blk_mq_alloc_map_and_rqs+0x128/0x1f0
[ 1527.383812][T28720]  blk_mq_alloc_tag_set+0x75e/0x1250
[ 1527.383880][T28720]  loop_add+0x3b7/0xb70
[ 1527.383930][T28720]  ? do_vfs_ioctl+0x512/0x1990
[ 1527.383981][T28720]  ? __pfx_loop_add+0x10/0x10
[ 1527.384029][T28720]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1527.384108][T28720]  ? find_held_lock+0x2b/0x80
[ 1527.384149][T28720]  loop_control_ioctl+0x13c/0x630
[ 1527.384202][T28720]  ? __pfx_loop_control_ioctl+0x10/0x10
[ 1527.384272][T28720]  ? __pfx_loop_control_ioctl+0x10/0x10
[ 1527.384329][T28720]  __x64_sys_ioctl+0x190/0x200
[ 1527.384381][T28720]  do_syscall_64+0xcd/0x230
[ 1527.384440][T28720]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1527.384477][T28720] RIP: 0033:0x7f22be18e969
[ 1527.384505][T28720] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1527.384541][T28720] RSP: 002b:00007f22bbff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1527.384576][T28720] RAX: ffffffffffffffda RBX: 00007f22be3b5fa0 RCX: 00007f22be18e969
[ 1527.384600][T28720] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000009
[ 1527.384623][T28720] RBP: 00007f22be210ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1527.384645][T28720] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1527.384666][T28720] R13: 0000000000000000 R14: 00007f22be3b5fa0 R15: 00007ffec9468b68
[ 1527.384710][T28720]  </TASK>
[ 1527.385675][T28720] blk-mq: reduced tag depth (128 -> 64)
[ 1528.045490][T28737] .SR: entered promiscuous mode
[ 1528.250455][T28740] Invalid ELF header magic: != ELF
[ 1528.904637][T28746] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4820'.
[ 1529.477841][T28737] could not allocate digest TFM handle 
[ 1529.539824][T28740] could not allocate digest TFM handle 
[ 1529.711293][T28758] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4821'.
[ 1530.472920][T28771] usb usb38: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1530.480526][T28771] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[ 1530.776999][T28781] ptp ptp0: delete virtual clock ptp1
[ 1530.860221][T28779] Invalid ELF header magic: != ELF
[ 1530.931647][T28781] 
[ 1530.934071][T28781] ============================================
[ 1530.940269][T28781] WARNING: possible recursive locking detected
[ 1530.946465][T28781] 6.15.0-rc7-syzkaller #0 Tainted: G     U    I        
[ 1530.953434][T28781] --------------------------------------------
[ 1530.959620][T28781] syz.0.4828/28781 is trying to acquire lock:
[ 1530.965731][T28781] ffff8880244aa868 (&ptp->n_vclocks_mux){+.+.}-{4:4}, at: ptp_clock_unregister+0x21/0x250
[ 1530.975742][T28781] 
[ 1530.975742][T28781] but task is already holding lock:
[ 1530.983203][T28781] ffff88814d3bc868 (&ptp->n_vclocks_mux){+.+.}-{4:4}, at: n_vclocks_store+0xf1/0x6d0
[ 1530.992752][T28781] 
[ 1530.992752][T28781] other info that might help us debug this:
[ 1531.000852][T28781]  Possible unsafe locking scenario:
[ 1531.000852][T28781] 
[ 1531.008357][T28781]        CPU0
[ 1531.011683][T28781]        ----
[ 1531.015029][T28781]   lock(&ptp->n_vclocks_mux);
[ 1531.019873][T28781]   lock(&ptp->n_vclocks_mux);
[ 1531.024712][T28781] 
[ 1531.024712][T28781]  *** DEADLOCK ***
[ 1531.024712][T28781] 
[ 1531.032902][T28781]  May be due to missing lock nesting notation
[ 1531.032902][T28781] 
[ 1531.041256][T28781] 5 locks held by syz.0.4828/28781:
[ 1531.046496][T28781]  #0: ffff888039f65b38 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370
[ 1531.055666][T28781]  #1: ffff88803524e420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x240
[ 1531.064740][T28781]  #2: ffff88805c8cd488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1531.074608][T28781]  #3: ffff88814ce74e18 (kn->active#218){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1531.084831][T28781]  #4: ffff88814d3bc868 (&ptp->n_vclocks_mux){+.+.}-{4:4}, at: n_vclocks_store+0xf1/0x6d0
[ 1531.094958][T28781] 
[ 1531.094958][T28781] stack backtrace:
[ 1531.100911][T28781] CPU: 0 UID: 0 PID: 28781 Comm: syz.0.4828 Tainted: G     U    I         6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[ 1531.100966][T28781] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1531.100981][T28781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1531.101002][T28781] Call Trace:
[ 1531.101015][T28781]  <TASK>
[ 1531.101029][T28781]  dump_stack_lvl+0x116/0x1f0
[ 1531.101086][T28781]  print_deadlock_bug+0x1e9/0x240
[ 1531.101130][T28781]  __lock_acquire+0xff7/0x1ba0
[ 1531.101182][T28781]  lock_acquire+0x179/0x350
[ 1531.101224][T28781]  ? ptp_clock_unregister+0x21/0x250
[ 1531.101263][T28781]  ? __pfx___might_resched+0x10/0x10
[ 1531.101300][T28781]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1531.101357][T28781]  __mutex_lock+0x199/0xb90
[ 1531.101406][T28781]  ? ptp_clock_unregister+0x21/0x250
[ 1531.101443][T28781]  ? __pfx___might_resched+0x10/0x10
[ 1531.101479][T28781]  ? _raw_spin_unlock_irqrestore+0x61/0x80
[ 1531.101525][T28781]  ? ptp_clock_unregister+0x21/0x250
[ 1531.101564][T28781]  ? __pfx___mutex_lock+0x10/0x10
[ 1531.101612][T28781]  ? synchronize_rcu_expedited+0x3b9/0x460
[ 1531.101667][T28781]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[ 1531.101718][T28781]  ? ptp_clock_unregister+0x21/0x250
[ 1531.101754][T28781]  ptp_clock_unregister+0x21/0x250
[ 1531.101793][T28781]  ptp_vclock_unregister+0x11a/0x160
[ 1531.101840][T28781]  unregister_vclock+0x108/0x1a0
[ 1531.101888][T28781]  ? __pfx_unregister_vclock+0x10/0x10
[ 1531.101930][T28781]  device_for_each_child_reverse+0x136/0x1a0
[ 1531.101967][T28781]  ? __pfx_device_for_each_child_reverse+0x10/0x10
[ 1531.102001][T28781]  ? __pfx_kstrtouint+0x10/0x10
[ 1531.102047][T28781]  n_vclocks_store+0x4b6/0x6d0
[ 1531.102092][T28781]  ? __pfx_n_vclocks_store+0x10/0x10
[ 1531.102135][T28781]  ? find_held_lock+0x2b/0x80
[ 1531.102171][T28781]  ? __pfx_n_vclocks_store+0x10/0x10
[ 1531.102210][T28781]  dev_attr_store+0x58/0x80
[ 1531.102253][T28781]  ? __pfx_dev_attr_store+0x10/0x10
[ 1531.102297][T28781]  sysfs_kf_write+0xf2/0x150
[ 1531.102349][T28781]  kernfs_fop_write_iter+0x351/0x510
[ 1531.102392][T28781]  ? __pfx_sysfs_kf_write+0x10/0x10
[ 1531.102441][T28781]  vfs_write+0x5ba/0x1180
[ 1531.102475][T28781]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[ 1531.102521][T28781]  ? __pfx___mutex_lock+0x10/0x10
[ 1531.102571][T28781]  ? __pfx_vfs_write+0x10/0x10
[ 1531.102617][T28781]  ksys_write+0x12a/0x240
[ 1531.102651][T28781]  ? __pfx_ksys_write+0x10/0x10
[ 1531.102683][T28781]  ? rcu_is_watching+0x12/0xc0
[ 1531.102720][T28781]  do_syscall_64+0xcd/0x230
[ 1531.102773][T28781]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1531.102809][T28781] RIP: 0033:0x7f542858e969
[ 1531.102835][T28781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1531.102870][T28781] RSP: 002b:00007f54294c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1531.102910][T28781] RAX: ffffffffffffffda RBX: 00007f54287b5fa0 RCX: 00007f542858e969
[ 1531.102933][T28781] RDX: 0000000000000004 RSI: 0000200000000100 RDI: 0000000000000004
[ 1531.102955][T28781] RBP: 00007f5428610ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1531.102976][T28781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1531.102997][T28781] R13: 0000000000000000 R14: 00007f54287b5fa0 R15: 00007ffeeb7ebeb8
[ 1531.103032][T28781]  </TASK>
[ 1531.479880][T28781] ptp ptp0: only physical clock in use now