last executing test programs:

4.143544186s ago: executing program 2 (id=2782):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000e00)={0x590, 0x0, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@HWSIM_ATTR_FREQ={0x8, 0x13, 0x8001}, @HWSIM_ATTR_RADIO_ID={0x8, 0xa, 0x1}, @HWSIM_ATTR_PMSR_RESULT={0x56c, 0x1c, 0x0, 0x1, [@NL80211_PMSR_ATTR_PEERS={0x29c, 0x5, 0x0, 0x1, [{0x98, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0x2b, 0x1, "5328e4e303face040befd2101c9902e885387a74c032fe19e533a9e018880e4967b029badea425"}, @NL80211_PMSR_PEER_ATTR_ADDR={0x66, 0x1, "6b074ccd6dcf3891b543b8004df8a752d9e2a1f0729e6681abe3905ce26957e840379d8c6fad9e9377379fd47c7f3467de1d0e6ae268b1947cc424e5e2702f05de674da3bd353a9b75b718ca14a40df6c9f813f017212cd32804fad90d3dc0c69c87"}]}, {0x1fc, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0x50, 0x1, "d89b104fa76ea998f7666e792050d8dab457fcd1e986843ca90974533b691ce972841546f3e2996c4b147c75c0b453eed1d691dcc8f08d4016b91b4bc80e19732ce6e5b933f2efd1afbec4b0"}, @NL80211_PMSR_PEER_ATTR_ADDR={0x76, 0x1, "c60b5af73ea005bd7f7cbae78ecf02aed2c956b392b49213f36a1182756219d4df0d5dc638f0b97e408265bd355fcee7e5a1271775a915ec2039f5a2011dc191f30fc93b9b75c769c91b45ab74f35cb2b32f833f33480dad58a1f5b1476a7f72f8565b9a3869251588fda809fa7cbdcd31e4"}, @NL80211_PMSR_PEER_ATTR_RESP={0xa4, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x4}, @NL80211_PMSR_RESP_ATTR_DATA={0x98, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x64, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_BURST_DURATION={0x5, 0x7, 0x6}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_FTMR_SUCCESSES={0x8}, @NL80211_PMSR_FTM_RESP_ATTR_RX_RATE={0x14, 0xc, 0x0, 0x1, [@HWSIM_RATE_INFO_ATTR_NSS={0x5, 0x4, 0x2}, @HWSIM_RATE_INFO_ATTR_BW={0x5, 0x5, 0x3}]}, @NL80211_PMSR_FTM_RESP_ATTR_RX_RATE={0x34, 0xc, 0x0, 0x1, [@HWSIM_RATE_INFO_ATTR_NSS={0x5, 0x4, 0x3}, @HWSIM_RATE_INFO_ATTR_EHT_GI={0x5, 0xa, 0x7f}, @HWSIM_RATE_INFO_ATTR_EHT_RU_ALLOC={0x5, 0xb, 0x4}, @HWSIM_RATE_INFO_ATTR_EHT_GI={0x5, 0xa, 0xf}, @HWSIM_RATE_INFO_ATTR_LEGACY={0x6, 0x3, 0x1}, @HWSIM_RATE_INFO_ATTR_NSS={0x5, 0x4, 0x7}]}, @NL80211_PMSR_FTM_RESP_ATTR_BURST_INDEX={0x6, 0x2, 0x202c}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_NUM_FTMR_SUCCESSES={0x8, 0x4, 0x6}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_VARIANCE={0xc, 0xe, 0xffffffffffffffff}, @NL80211_PMSR_FTM_RESP_ATTR_FAIL_REASON={0x8, 0x1, 0xf}, @NL80211_PMSR_FTM_RESP_ATTR_BUSY_RETRY_TIME={0x5, 0x5, 0x8}, @NL80211_PMSR_FTM_RESP_ATTR_RSSI_SPREAD={0x8, 0xa, 0x4}]}]}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0x26, 0x1, "3e1327a0e12c8dba5de3a395cd0bd5dc839060e9026756f6d6260d23acd2008f85bc"}, @NL80211_PMSR_PEER_ATTR_ADDR={0x64, 0x1, "2e48e387696312103338f9cde8058fa433ca6b9ec5ff671ec443f4a7da5a904b2d4da55ebe03026b9fb540f6f7d47887cb1e1010f0dfd895a6efa0dbdf84e3d22aa904f22a905906796e90a97e70b4275e19a2f39a73d2159b97f168af91827e"}]}, {0x4}]}, @NL80211_PMSR_ATTR_PEERS={0x2cc, 0x5, 0x0, 0x1, [{0x2c4, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_RESP={0x14, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x1}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x58}]}, @NL80211_PMSR_PEER_ATTR_RESP={0x104, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_STATUS={0x8}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_DATA={0xf0, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_LCI={0x5, 0x13, '^'}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_AVG={0xc, 0x10, 0x1}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_VARIANCE={0xc, 0xe, 0x100000001}, @NL80211_PMSR_FTM_RESP_ATTR_RSSI_SPREAD={0x8, 0xa, 0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_BUSY_RETRY_TIME={0x5}]}, @NL80211_PMSR_TYPE_FTM={0x50, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_NUM_FTMR_ATTEMPTS={0x8, 0x3, 0x8}, @NL80211_PMSR_FTM_RESP_ATTR_RX_RATE={0x24, 0xc, 0x0, 0x1, [@HWSIM_RATE_INFO_ATTR_MCS={0x5, 0x2, 0x3}, @HWSIM_RATE_INFO_ATTR_HE_RU_ALLOC={0x5, 0x8, 0xb}, @HWSIM_RATE_INFO_ATTR_N_BOUNDED_CH={0x5, 0x9, 0x2}, @HWSIM_RATE_INFO_ATTR_HE_DCM={0x5, 0x7, 0x8}]}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_SPREAD={0xc, 0x12, 0x3}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_VARIANCE={0xc, 0x11, 0x3}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_FTMR_SUCCESSES={0x8, 0x4, 0x6}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_NUM_FTMR_SUCCESSES={0x8, 0x4, 0xffffffff}, @NL80211_PMSR_FTM_RESP_ATTR_BUSY_RETRY_TIME={0x5, 0x5, 0x3}, @NL80211_PMSR_FTM_RESP_ATTR_LCI={0x9, 0x13, ')*^#.'}]}, @NL80211_PMSR_TYPE_FTM={0x4}, @NL80211_PMSR_TYPE_FTM={0x40, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_BURST_INDEX={0x6, 0x2, 0x72f1}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_SPREAD={0xc, 0x12, 0x5}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_VARIANCE={0xc, 0x11, 0x2}, @NL80211_PMSR_FTM_RESP_ATTR_BURST_INDEX={0x6, 0x2, 0x9}, @NL80211_PMSR_FTM_RESP_ATTR_RSSI_SPREAD={0x8, 0xa, 0xde}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_VARIANCE={0xc, 0xe, 0x4}]}]}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}]}, @NL80211_PMSR_PEER_ATTR_RESP={0x48, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_DATA={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_FTMS_PER_BURST={0x5, 0x8, 0x2b}, @NL80211_PMSR_FTM_RESP_ATTR_RX_RATE={0xc, 0xc, 0x0, 0x1, [@HWSIM_RATE_INFO_ATTR_EHT_GI={0x5}]}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_SPREAD={0xc, 0x12, 0x101}, @NL80211_PMSR_FTM_RESP_ATTR_BUSY_RETRY_TIME={0x5, 0x5, 0x7}]}, @NL80211_PMSR_TYPE_FTM={0x4}]}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0x3}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0x15d, 0x1, "e1dd4048295dc03b183afb62e622b74c5f147e58570f8393edb697aa593e398ed0e6b6b5365a684c95c837bd1a5e02a235a6e041a5f0aaf17cde10dc3b625bc5c66dfe60a308866a7ca23170224a3e00001aba5943143fea45a3afdc3de927402ff95401d8eeed7759743750802a752aee776b7a8e0949abbf92ea24c846dae71110ce838df8530cbf7d2dd9e8ca41bf8d9f4da4cf7ab9b08110bc9ec4870c4d805d97abb3dc4ecb5276c55a001a1a81b5cebeb1640dbfb1c69ae2ba95c610721d97f2ac6dbf0099f7cb88c3057036516020f496239117a7c52812fc8927686239f093153b39a97b05c395bac43929a29306193463184cfa910f7ed495ded3e6865cec4323dddfd763428ae27e906a2fab8122ff49487aac348b4b297852de3b487b5ec1ebfa9c5ccc53028661e51e4a0196d78217b492bef2591de9d6e9056b81344c38bb573a1fed0e886c5c944dbe4dab97f73e6628b298"}]}, {0x4}]}]}]}, 0x590}, 0x1, 0x0, 0x0, 0x24040000}, 0x8018880)
r1 = prctl$auto_PR_TIMER_CREATE_RESTORE_IDS_GET(0x4, 0x2, 0x0, 0x7, 0x37)
r2 = socket(0x2, 0x1, 0x0)
r3 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000480), r1)
sendmsg$auto_NFC_CMD_LLC_SET_PARAMS(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000400)={&(0x7f00000005c0)=ANY=[@ANYBLOB="4800010019db25a53d66d410b0d1d0359e191088c6eaad0e587a0412de33487f047d5eefeec6539c020cad2d28ba46cfff6166e91620220000009d88cf9e0390a6e373587dcbad13278836629dd69667e051fdf38e2e9d81a4855fa38aa831306ad251348931e49790401bc62e7d1c4dfd900cafb1d37014b474b0ee6dfa6cf98e00"/143, @ANYRES16=r3, @ANYBLOB="000825bd7000fedbdf2510000000080004003304000008001e000500000008000400000000000c0014006970766c616e31000d0002006e6c38303231353400000000"], 0x48}, 0x1, 0x0, 0x0, 0x8001}, 0x20008000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nl80211(0x0, r4)
sendmsg$auto_NL80211_CMD_STOP_P2P_DEVICE(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x20, r5, 0x2, 0x70bd2d, 0x25dfdbfb, {}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_BSS_SHORT_PREAMBLE={0x5, 0x1d, 0x51}]}, 0x20}, 0x1, 0x0, 0x0, 0x8080}, 0x4001)
iopl$auto(0x3)
setgid$auto(0xee00)
sendmsg$auto_NL80211_CMD_SET_SAR_SPECS(r1, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000180)={0xe4, r5, 0x20, 0x70bd2c, 0x25dfdbfe, {}, [@NL80211_ATTR_FRAME_MATCH={0xc7, 0x5b, "5d3647a1028e9fcb07ab455657b68aef7ca7af0c1bc81b31250f7dfe2e70bdcc1b76bb814dddc8303ad816629111727d641abb3e3293f1db5d1dada2c2683cf5b415ecb316d6a34ec387e6af3cab114f861164b614cfb2cb018d05f23bf1b67d1f94dc739ae60ebdd8ec6286f07cd0ad7c75c4ed25e0e262b20d20bbcec6beb109cde4b40ada5b4fdb88cc1a1d9058fbdb6bdb7cbcb6f7eb057d7e99d2397a4ee13e0c49899905fe2b75c498123b0c399aab22b4b38a44bad978882e4067bfe2296f01"}, @NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5, 0x89, 0x6}]}, 0xe4}, 0x1, 0x0, 0x0, 0x14}, 0x20048844)
socket(0x22, 0x3, 0x0)
ioctl$auto(0x3, 0x80044944, 0x10000000000402)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000080), r0)
ioctl$auto_XFS_IOC_FREESP(r1, 0x4030580b, &(0x7f00000004c0)={0x10, 0x7, 0x6, 0x6, 0xb772, <r6=>0x0})
set_tid_address$auto(&(0x7f0000000500)=0x3)
shmctl$auto_SHM_UNLOCK(0x2, 0xc, &(0x7f00000007c0)={{0xd, 0xee00, 0x0, 0x35e, 0x80000000, 0x7fff, 0x8}, 0x81, 0x1, 0x1, 0xa4d, @raw=0x8, @inferred=r6, 0x0, 0x0, &(0x7f0000000540)="eb6a8e834181dbc0b1ec56ce5b72722eae42a9b50e80be66abcea447832eb6794236af85ac51f33c2fcf6286eec9089697dd1173f7c7dff1a21479c1e8bffcc1a90ef6a5c661313032d66d68420621b6f1b0fcdfb6a455f6c69730bc2247f0eea4c68a59db128c", &(0x7f0000001440)="a1b0599aa56607abcc23d3c04fddfa2cd891d886ec51dcc384c4a160abb215a37b74d579eef1fda2745cd169e51f7bf60e6060a8b8512387d5bc77f41999c805e863a3265d469d25724e8309606659d7d0c5dcce081c69ee6bf2b3d080676b0fa18c27e574bac0464e94b686578910d0de8038150858c1f708465a9cdfc43b288e95a726ee8162aadd97b0e9b9785f5482bfd5a4fd725779d1c24f0532c66507fedc767d0d69285216e5e9f296e3eff50b0a767da7377409195b1b5ebfd86163800e479d0a72b826551580e4f07f35464a7e6f16585cbc19ea9191187dc3ac29852590f39e5779b4aa1b7c7dbc70529d9d0aa4ef1332d81a12b3cb12e78ea784a80c7f4a10ea600553f03f2e848fd7556881423c3ab1b21c664c98ed10232c1f0bfa6072b489a523a264cc34a7034da97a04d06833792ddc40b83da1f60d1337fc62cda01114ea22d68125c878b855f3c5d78c5d65ad408cdf80d09c0c291aef44bc11b04d7990c2fa07c159f7dbea94a1cf3d8c6573386c4dbe652f367b8ac40ab7e9a02009d5a39acb7bc16a34038914adc53e55d0652e976899e21e5e420355011333e2e3893583b1b464d7ac3b0a15a50ceeb15cd12653385838235d2fc0b485f9057172b9c7555779968d0b6359eb23fa8b0ff14b5d744fcc0f24dadc291d0ecc3268c3edee82275627e5324ba49a2018129e0543e3432d5dfd597d223ef36b65166142e01ac4c7c24cd14d397528ef8fae008a2c96b5d99d9021c1bfa6b7ee6f0b45d1498f2ed94360cc02c64199cde3206e7633b41a482b2e65d8352417e346d689ea6aded9206ee2f6edd3aa68b8841590ffb8b0ac2f5d375564adf6a41e7132c36c590cafb240207a0755f2811d43fe02293c15869b676c0b0c7e660876492c7e6316adc81f284a4fb17198256a60a2f24391ab5f12c0955b323aececb8d42385f2f5d87c1a72fa48783512c831d01b4f4bd1f528378134cb42bcdd963d8b81a872a31fbb0abeafc2332d0e40ec9a025e326ac10eb0f4585ac934f2ef9249e90d729c28f424398687842e5ee8f2b2c9a4bf3cbeb0d22c88ee4b394980109d267cc75859c92c20f4e049722d496ae90c4dd64cfa76df25812433b1ba84708c9a20b9b082ab36be8e1056070a252604c86801ea3320c0f2c123782b4b662ac08277e72bddcf96c5e79eb875d22ebcd25a0962047c91a53356709e717bb6e80394fff1050ca1eb5de1c72cb91578e65bace47689bf5848a05043a62661ede18ff787a84dde7953d00f6f58b6f96ad9df7ca5ac40576606c01f5862e96efaf30b72b7dc65672d84da384db026ffc4791539d1c57fd4584db77f2362677acfdae21d94df0dccfde990790fb6d65dadd4c9f1f5e1def0dd203af52a4cf837c52a8dba0c33d5058d89715e8d5e5249a0b4d19eb973a033918d0657e4c9878460fc2595ad2ef4c06f6536043529554eef8dfe4f834dedac9221654351100927b242705a7f079da151ef76b28d888c9cde7ffb9c8b6c1724d27845e268ec7f2418f1586d8b56f06d5b77e7d8f36e1dc66b7e3c5f87bacb6e0a2d941f65c0f6693e94d3349cea7dc94354f104a3aa14996b4696041f2c87bbe63e7c7ea386d37104e8f1a07d2d06b8999ca86d5209e8c02fd001fd6eba5c6726a48136e7a57ccedcb1b06966108a1977d4e8b60c2b0d51277f089b72708d12978abc309dfaa7ca1e36acd9a62ad22e87986d32867955e89712d8e546d1f4946865559b858e1cdfd4f60048540c8fa70f056b89a69ce51ea226cd80fe9ede35174d1ecc91c74b3f0174d85691af4b1c4e03884fd01adc50b6301775e17f241df7f1990247f106ec8b7b0fa7c1266ca9b751d027777e1e4a144d45ce8de9c9ac514547d07bc27a7b2f2768090e27940b490bffcd66974b6817cbbbfd2dc815a13f88ffd6232cb89ed609a5b826e014949b2b217468d8ee3fd428a1210be8e4f3a869d516375565980af8e0b7bdd0ae33f2a4cc8dd5aa91f89709b05aa2686127788b5ecbe67e554eeaf05279e599982cfdec8c1fee5c78ab8aae0cbacc6b8d1cbeaa2b59557ea7c33a2a14088d787d2efef46c835c57101fb079e290502fea2b7628e9b1d9adda43ca260a608d93b06ee73874c5f43c8787b9b472a6f49463f5adcf24c4ec8f0ae011ae99845c63060bbaf2856b7db7c70fb817ada91c1084a36a0582abb23794ac2b984dac55ef4c2106876aa9b81e4eb3c0556c0589a01749caf146fb7370b6e475a207520163ee5635c3a4d52fce0b1a3000c6227daf5a26995063e496ee1bab643c60692c22888406768c35ff797ba72bd4592805148ca7b6006e728571ffa08244822128a98a36e31e1b639ec3f1431706946c23d4f581ac3786357955cea9eaf0763bb093d5bd9e606351390345c1cd274fda34b107a359910bf1e0e4c5b73f5ee3a9a44934d070afaecf046918120ad02e33341533636d7a730f0a2fc81407a21a60be56e783c71f953cbbc16d0a14cc24781be9fad712686f5b6a710a63396a1dd9b67faedaca968631eff9e1315f1a4a0bf4e9769d95762222662482e54565f153d4ee3f0c3cd837082508202bbe047d937e4a83b4865b23f037d5fe22a9c19dc1111847264f357bec98588e590b422206f0e09906a35390359d7a0d0d8e085758d1c8cca929219f33fe733ed2dc7cb242e8503f8076a078d426066506233b7c1b4f72be43f88727e6f1a4bc14edc8120f0af155db7c2bef9725183e216a800fa394b8e03e8cab05edcdc5bee574a6eea304c53415459e36877ef2a11bcb72df76bb4846a2ce7a0673cace2499dfe17fee91893ddd3946c5e5246902220bea88ec04e34925073a0749b99b285f1db7fcbdc8207e600f26ea7cba110f58fa66450a11b316f8c39f885db7e31c95124525e944439b6c84f5f0dcaf97bd1b5c7322d7837118749101fa7f797643335f28f64183bf1ab634258910b6ff4beb51c9640b272eb86bedfa21182cbe5db7d61c679256740df5f673fa677ca238a007a4c77f69f7eb53f829bf0dec6489c6243cb27468566c36aeaccd526b921f6a6b2929083134714508e04931f274ba265c8f4005bb66bb88353f839a56a78831b6f51a1473f9478a9f20001f6530336f2231a38c52efde798ef08f9cdbe9712322d50f1ac68d4a3b8bd2d33600f99acdf0259be58b48f0fca23cec8ce5c96fa7de6102a8971bc020fc55a963a916ac1a289f57acc0f964f55d8e6f819e8844135093f3ad509edd1cc17377247fffd3dd7f494179bb19566f8acf9168427d9a5cf3f5eeca3378140c1c33c5f546c8aac7ec8aa657ecb6d585ee051104af418a4bd57a88b5986b43e1d5ca6245d123095fb7754280f52205cbd35c568c8936219622f4f51e11044fd88c7da5e9605dd497ba51afbb69df9481ca1b4b26326f4acf2b15908763a862a90ee6b5f25a8cbdde6ee9bda852b4e9f8a12bd08006f09764e7f950511d038d0bbeb02c1bf3e4019474d9fb0bf40c00ebde30559d99733dc277798975551e98079b2e238d0f1abb4da0d518f76a050dc0db04a6fa3c6600bd096c40ea57498ce983c922de30a2de5d6ff1710d9aecf73c4cebedcf7ce837179b3843eb64a138f1a1627b3d465d6eb9b93e37f87285b322bbf7fbf616211b9e4f5fc0fdc201bc25ea91435b376717793d73e3805371564e53e219e95e48eab5b27477ab3a35dcdcbff64eca9fd7a1a802d23851d516cb5207c0461d56e17b04c6fc8054340b1bc96a5cba0d6fa6cc34dc47de3962ad71d4cd7c5954811e78300bdd28332d81532683c59ac59c76a2aaf7225714477d5e96ce98f76bf2a5770fa7d3f4e5d60b20d6f2c243fc3e63a86e804e8ba6c62bf9847fb818a8be2c8508383b586502e05ff9149d3d4202233962ff2aeef2cbc15546b469808f202e842676cadd492bdc4a15a12435986ff78c5c4c4972fb5113d2c12806647986b9d494538a05e406e276975d4c0a53ffb05759493ec495da421bc7e130ff5626b780918fc858fd85bcc03ff48f2efbf0b0ee0cc3eb444c45b2fd5e61d71e2925a70ef5db401c7a9c149152a4fd46c2000b631254092038a59f2a3a6a2f77ed53e4eaf23cf67f88efb2338dc67fe4c61d2abefa4e08763b6d8b7ba698fbc4fc8b0903c02acb1211b276ba8d079372a01c2be565bbb23515ea0206422c94c9490727c1772580d7ef7f8a5e336031ddc98efc052f85ea53e907dcd6f333484ecd3360facb63756d9daa1503850124a2790692c4405ae8f7c14597612a1460c370b14cf365788fb2519a2d6a632d695cda1cde0df20f34722ffe15d4eb4171a43c89065b73569d9b8fffde1f90725421575d874d486d4f95faf107cd55c7b3eaa4c63d72cfd3d2b31ab4724ab7f605be0e71e1052066a7bfc303937d9b449b896b62f16ef77903d69c96d19b802884b54ecb03047de64d4db6679451de3e91ccc2ab3723fe4b97f485d9dd90cc9de66cbe4ac19ea33073eef20ea3d5ee84c176fbe738c80e590e05383c29b06638db56fc63a28241340d4b668208c50d6f207cd0e807e097da325d704ac6dfc6397a5f6921a9cfc44a5dd1ac054bdd66f3a74e34aa0a00cb2c053e87f523a5414fed56be730094d61341afcf4a1ce9d1025b7923977fc3cf1d831c254299bde5efaf2660e654f7ea87cfa4f9cef8c339fb24d44e8094edb5c50419483a1eebc7ae856ee2a03175dbc2e24362bbf8639e498afddf84e2908684c6b497db5000e2f205f5ecc700a072fac1c47edb09b9fe207695df3df5087ceb44f1eba04da91ebf7933f862ee4eba41ebff27b06892c4878cfd3b089f985807ec315499de2bae2a49e4cc7302916c3c0f2dcfc7f4a571fc9c3d9276ca522e6b897174aecee3ca7db3bd66acd6448cf99e5b4aea3a88113d56047ba471985e815088e87a145b690bb5e37cdc4b1a35a1fb6b020f75014af6b167b24e0c9b0cbacae6c05f39d8a3e6d86d6b5e68044ed3a240ac1271c93d3c14eae2c777c0bea12553624604a9f16474fb954e7de47e815298062749dce979b9f92e88a7cc1c6b5ebf23832d2c246ad9ed624b85c3739f19ee212511121e0ffd52a2439afcd8512f7fee77be7e65c2eb0403724822ea6f7c87fa2e3c7b1443b675a739bb661902ac125fab466ce6677c51b1bd4ae817b05d74ef007439eb8f64b6bcffbd62a458dd7bff06cff90519a8e45bc356e806a79de6225b6733f36114edab0ae5d2643eef29e14112ab9b77bbaaae747bebb9d62b4d74072b692765071e1f581acebe90cf3bf11b86bab096f2a5cf7fa8ef7eabce07f07ccbf399fbd8788eb4ff4a65cd968044e0a0419e30626fb174edb0cc7fa8bcf46435275d655cd455a327775e5dd9da7dd6c2d7011893114e844ab8f4cced8bd66b0b121912e145e49d2e14beb1dfc2e3cc070f1564d8231bd7586b16793c0bc56f61941fccb80e986d4b51ef79dea0e344ca52610c66bbc6a2d8710f1a01ffc90b618f81c03b0f9c833517406d8ba1c993ec226ac469175bfb30a5eee9a6a5e1586f80680b3bcbd145abffad1ccaa6af0eec3be870fe4656ee749924869c3f36f8696d428f1688683e53dc6dcc5b34c1735b4925f85701b5acaa57cc26036e05eafb10cc110c9ae8a47cf8d6fdc717edc2b14929a099ff800ea6d510a990f7eb5aae4b423d942ead6f1701f76add23a0cea87a1de2dfa4eb91456b8675fa65483985123e3a6df5e67cc71b1c56f11c6ac247ffa51022c3812ce8b370fdb924c5b75ed414571d0fb5c01da839"})
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
r7 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000340), 0x108800, 0x0)
prctl$auto_PR_SCHED_CORE_GET(0x7fffffff, 0x0, 0xffffffffffffffff, 0x5a, 0x1)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x801, 0x84)
io_uring_setup$auto(0x4, 0x0)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
io_uring_enter$auto(0x3, 0x0, 0x1, 0x3, 0x0, 0x2)
io_uring_enter$auto(r7, 0x11, 0x2688, 0x5, 0x0, 0x7)
getpid()
getuid()

3.271331044s ago: executing program 1 (id=2785):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/module/psmouse/parameters/proto\x00', 0x20a42, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000001080)=""/4076, 0xfec)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, 0x0)
r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0xd1c41, 0x0)
read$auto(r2, 0x0, 0x39b8)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'hsr0\x00', <r4=>0x0})
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32=r4, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100000000000000000008000200", @ANYRES32=r4, @ANYBLOB="060006ff05000000080003009b"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="13"], 0x1ac}}, 0x4004)
mmap$auto(0x9, 0x440008, 0xe3, 0x9b72, 0xffffffffffffffff, 0x711b)
r5 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
ioctl$auto_PPPIOCSMRU(r5, 0xc004743e, 0x0)
ioctl$auto_PPPIOCSPASS(r5, 0x40107447, &(0x7f0000000100)={0x1, &(0x7f0000000080)={0x5, 0xb, 0x8, @raw=0x1000000}})
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

3.135161791s ago: executing program 3 (id=2786):
r0 = socket(0xa, 0x3, 0x87)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, r0, 0x8000)
sendmsg$auto_CTRL_CMD_GETPOLICY(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x14004080)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "00800000ffefffffff0200000001"}, 0x55)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

3.066128425s ago: executing program 2 (id=2787):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x200000000eb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x24000814}, 0x800)
write$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f0000000000)="351ff6218163cce8505bf40fca856149f185354f86f6766b73aeb066b2a65290e689cb5a9cd45a63766508ae821ea42a555887244ce3a5676c4a8f62c1dadfd6efc8b8dd0eae0c03292f536b2b5042c923", 0x51)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="180027"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x4000000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0)
r1 = ioctl$auto_TUNSETDEBUG(0xffffffffffffffff, 0x400454c9, &(0x7f00000000c0)=0xfffffffe)
getsockopt$auto(r1, 0xbf5, 0x3, &(0x7f00000002c0)='-}\x00', &(0x7f0000000340)=0x7)
r2 = ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, 0x0)
r3 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x80800, 0x0)
sched_get_priority_max$auto_SCHED_FIFO(0x1)
r4 = openat$auto_proc_page_owner_threshold_(0xffffffffffffff9c, &(0x7f0000000000), 0x109280, 0x0)
read$auto(r4, &(0x7f0000000100)='\xcb%)\x00', 0x7)
epoll_create$auto(0x4)
rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6)
rseq$auto(&(0x7f0000000600)={0xa, 0x401, 0x3, 0xff7ffff9, 0xffffefff, 0x2, "18e7f1ab966e71f26e63efc2318108002d5d2bbb3cc32a69898f02de3a79b2a3a57caad60c15bb94dc7418756ff91e3725923940797ffc665c2fcd5bbf9011224dbb38967ac928f732e00530ed50ded7523e327ad4f58c2709e5ceacd62b39f3d00f010147092f6a71e9c251493d580f4c608cdb7f6da1a6de47fb0bcbe6bb1db941f4599b8a3a42ab53ded6a893eb66d11a79643db223e2de90bbaa3fb808eee067e931f3b083178a00"/183}, 0x8000, 0x0, 0xa)
read$auto(r3, 0x0, 0x39b8)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x55)
socket(0x2, 0x3, 0xa)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8)
connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000180)='ns/uts\x00')
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), r2)

2.938668431s ago: executing program 3 (id=2796):
r0 = openat$auto_tracing_mark_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/trace_marker\x00', 0x201, 0x0)
writev$auto(r0, &(0x7f0000001040)={0x0, 0x7fff}, 0x9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
sendmsg$auto_NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000780)=ANY=[@ANYBLOB="24020000", @ANYRES16=0x0, @ANYBLOB="00042cbd7000fcdbdf250100000004000780080005000900000008000200ba4d2406ad01088014000400200100000000000000000000000000024b355a7d87f7b4f825a4a32d7dfa4ee030a8ba8339836473c6adba8b7388e7f88d51c075f83f22a245691267852d736f73b58f947976a14944c5f83e3de059bd70c89a7d2c62db2b6f455e5749a8814a762bc1f104ffec1a139bb0679c984bef8347332d48ff772a0af2bf248adab10c5040d1af4a74769649db6c36f033c580991b176adb52448ed07ad8a08b7702a852f1000c80ac3e30a94c5b0434db050d91bd33fad83a5fb91445bed981a2c4498e92b08be4b372be3c7a78d712f5a27dbb7f6a9f4eb0380904000280080016000600000008002b00", @ANYRES32, @ANYBLOB="68a8105d08ce306178305fb4613924c9e754c150257c028dcb51de1fcccdce0696066efcdae939f778a147bda713ffe2a9f3f267b71b6fb15c748d05d1cbaa37757798b91f63f6f92d2f6d3322ccb4238f20945854c197e4e02431baeb82189b9b8df92443e8af715b967afb9f2ca7e823aec8aef56f85a48e711ca58408739186a4bfbb9f819de994b628151ae6e9067dc860584ac9fe7c3aa9b2b970026e9581d7e9aa4e690000001000898004007d800800f100", @ANYRES32, @ANYBLOB="000000080002000700000042000b80d6a878d8fe755a7537a430b0b0568a157040b88fa8824641bb79f0a9846f9304ade1006e72eafe1e10f09de86f2422f3f20000d497941a72b36917619ea2942ec36db90d78954c7925b818260346278c60859ce38c0a238c8eb1f9747ccf9d7d31e5402dc9fa907c45af9efcbbd8f5ff9355daa9b909bdf8bfc15a21a53170739f6d6af5dcc2ca11751b9aa5f8e81b8a0653dd09915facbac7dfb89b78cc2af3eceea78ef0ce7f08dcab12e3216c49781e432a57b4aa8debfc9607fa38bcbc01f7d93c62ecf9045a895a8aea3a396d4efddd7fe8b53b376bad9d94de7895e99e15daf103f99c2fbd57b4d82d3beb0f1c905631a3b4a4e982cba08e952be2dd6413f62b64ffb5ba67e705faef419dd73a8ce4f3706ec5e790b7fd87cf76"], 0x224}, 0x1, 0x0, 0x0, 0x801}, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r1)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r3=>0x0})
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="2f212dbd7000fcdbdf2521000000080003", @ANYRES32=r3, @ANYBLOB="08009e"], 0x24}}, 0x4000000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
getcpu$auto(&(0x7f00000002c0)=0x9, &(0x7f0000000300)=0x8, 0x0)
write$auto(0x3, 0x0, 0x7fffffff)

2.856235188s ago: executing program 1 (id=2789):
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card1\x00', 0x40000, 0x0)
mmap$auto_vmwgfx_driver_fops_vmwgfx_drv(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x11, r0, 0x100000000)
keyctl$auto(0xe, 0x1, 0x1, 0x4, 0x6)
keyctl$auto(0x200000e, 0x0, 0x1, 0x0, 0x7)
mmap$auto(0x0, 0x800000202000b, 0x3, 0x12, r0, 0x8000)
r1 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x0, 0x0)
pread64$auto(r1, 0x0, 0x59, 0x7)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0)
close_range$auto(0x2, 0x8, 0x0)
read$auto_bdi_debug_stats_fops_(0xffffffffffffffff, &(0x7f00000001c0)=""/169, 0xa9)
unshare$auto(0x40000080)
r2 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/block/nbd3/hctx0/sched_tags_bitmap\x00', 0x0, 0x0)
pread64$auto(r2, 0x0, 0x6c, 0xfc)
r3 = socket(0x2a, 0x2, 0x1)
connect$auto(r3, &(0x7f0000000140)=@qipcrtr={0x2a, 0x1, 0x3fff}, 0x57)
adjtimex$auto(0x0)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x101002, 0x0)
r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/dev\x00', 0x40100, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/fs/lockd/nlm_end_grace\x00', 0x8282, 0x0)
close_range$auto(0x2, 0x8, 0x0)
pread64$auto(r5, 0x0, 0x10001, 0x830)
write$auto(r4, 0x0, 0x100)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'geneve0\x00'})
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000100), 0x80, 0x0)
read$auto_rng_chrdev_ops_core(r6, &(0x7f0000000280)=""/61, 0x3d)

2.831702541s ago: executing program 0 (id=2790):
close_range$auto(0x0, 0x1c94, 0x2)
socket(0x2, 0x5, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r0)
r2 = geteuid()
sendmsg$auto_NL80211_CMD_FLUSH_PMKSA(r0, &(0x7f0000002bc0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000002b80)={&(0x7f0000000100)={0x2a80, r1, 0x20, 0x70bd26, 0x25dfdbff, {}, [@NL80211_ATTR_PEER_MEASUREMENTS={0x274c, 0x111, 0x0, 0x1, [@NL80211_PMSR_ATTR_PEERS={0x2748, 0x5, 0x0, 0x1, [{0x29c, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0x1f4, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x58, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x81}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BSS_COLOR={0x5, 0xd, 0xe8}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x64, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x40}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_BSS_COLOR={0x5, 0xd, 0x4}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xf4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BSS_COLOR={0x5, 0xd, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BSS_COLOR={0x5, 0xd, 0x3}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x40, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_BSS_COLOR={0x5, 0xd, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0xb8, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x80000000}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x43}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_BSS_COLOR={0x5, 0xd, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xad}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x9}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x40}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x9}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0xfffffffc}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x401}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x80}]}]}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x68, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x60, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x40}, @NL80211_PMSR_FTM_REQ_ATTR_BSS_COLOR={0x5, 0xd, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BSS_COLOR={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7f}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0xde3b}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x3c, 0x2, 0x0, 0x1, [@NL80211_ATTR_PMK={0x2b, 0xfe, "210bc082098fff8f74d3c6d61266e88facbea762ff2de05e143e92d0a90b36037408b74890ccbb"}, @NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5, 0x89, 0x1}, @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}]}]}, {0x2c8, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0x1d8, 0x2, 0x0, 0x1, [@NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0x2}, @NL80211_ATTR_BSS_CTS_PROT={0x5, 0x1c, 0x2}, @NL80211_ATTR_CNTDWN_OFFS_PRESP={0x2c, 0xbb, "08dfc2cfcb2e9f5f5e7d370255f1a696e6472df58888670febc0a74f5188d40dc0bd00a66eba2e14"}, @NL80211_ATTR_SUPPORTED_SELECTORS={0x42, 0x14e, "038571bf70955a45566d847481cc4ffc502ef65ae95d92c72329fdda45d04b89624480fe4cb6ac7bb640cb59c0bd101d56ae03f548c5f1541921b3469071"}, @NL80211_ATTR_FRAME_MATCH={0xeb, 0x5b, "b2aa0ba97f89b3ed264667589d9f01759d414a9cd0aa54687079d3145331702651a1f019c344409e22fff178468c2af432d6a4e8e4833aafd00614b4dbb40a78b6c0fedebe9d306a49051f943cb72fdcc95d2038ea4371ef174bc5ed053aec5c56038b936a5f0ea6e60b247046ed8c45f02413c507708c7ffda8bf1b64ce306995727bbaef1dc118e42f93d44b593f79b9b638c002539caa2f60a5a659d8bc908b9ed53a82d420176bf8c2e50c6deb025d6019739f19caf89a7a4634ee83a69cca538221663a343daa23e7553da4ffc269e6b3d11e0a7166cbfec81e68d9f6dad1192c3539e068"}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0x5d, 0xe8, "7b1e3ea0228b9d5f8c451549aa9c3c2c76033f57f99ec9fdd613c486805932062cd374488820bbe878a0e8d4f61f4ef9e7660eb9e6f306e97c513cc42d2746196e7d2eb5d86a8c31fbae989c39a6a6edaf38df68f588762b55"}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xffff0001}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xea, 0x1, "76a76b3d7393c7ac17ec909cb8d845258ed6ebe6b84e26d31762a1fe0b2fbbeb09b105a9bb1eb33bd330fe64a3f3a03186e7f3c8e7a128ff725c421029829aedbe9364c02d0650cb1c204faf11440d2e8e85056e174f6035aa0c3ef6dcd760fcc57d8cba187beb04003c1379c5644dd1bc46cef4051e3e8794579dee0927ed51c172aa41b0821412cde3daab2a4d163aeef026479cc6a5ffb98c94b6186b2a638994d6a1a814c629899b8820349466d27eaafce977a9ad1228b20d99a876e455825cb878eb430aa2ce76286ced22b523f36f7cf0414f6b4bad1630e756970c0fb78a8a9a6dc9"}]}, {0x398, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xb0, 0x1, "56fd54f0a481a55a4aa298de9b909675ba7d47d984142f697da4c3bb52be6c733f14476db211d51248e797e50429521839e1075b0c09f016eddba6e29d2e2fad64503d2f9dedf45823b7b3391473f9b4e6619cfd409e6126de31fa727b7387ba82fb4a939cf76370040764c19f298fd21b94c0f2ca6e52ebc8146c4c9dc2e3846d0b6b190008a0ffc908ac9ff9c30c0ced2115fe5d9a90b94283755f07ed5680260ccbe9bb6a384cd2d03677"}, @NL80211_PMSR_PEER_ATTR_ADDR={0x4b, 0x1, "c9e3d727647b3a3b60b4ce8364ec499502c2a40574df9d29b45318ce0fad066d2ea38542fc30348eed41d7539accabbf00b73a552abd74ec819ad3b8217d425b4873ca12699881"}, @NL80211_PMSR_PEER_ATTR_REQ={0x8, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x1c, 0x2, 0x0, 0x1, [@NL80211_ATTR_FRAME_MATCH={0x16, 0x5b, "9f19f3e88274572ffc7b43234779aba22211"}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0x54, 0x1, "24661d64a327b58bc239fbae7b6cf7c8183263e921c856795e5350848ac2e15aa21fd6547b3967d5535100760e06e37dce4e0cb35d5f3d1c8580fefe839e728660e69692988759fe62ee38be2764a37a"}, @NL80211_PMSR_PEER_ATTR_ADDR={0xe8, 0x1, "4e1ea8067a7840f1426a4e6a12787b58aded3672b52737b343732fc86d509399f492f4e0eafc9f8699031684949ee2a1db15148acdf9ef0b35546d227f48bb63873d40e6b6e033385c0e8878323c8c2e80296ad5501a3e8f0a751cb0a27ab765a0ccf4d56133c2c4ca9087d27df669c4a55b3e5601b1394e67f7a14e98abe8e9f20f6d69a3e43970122324159d0f04e72c029fd7b2aebd9f37750c88d3e1a67971989ee56ceb01dc0fa3f630e122228778944b6039955e586f6ac74dd20a87584aa8fb3e293cfde7b7a4df491aba802ed80e03e9eebd4e6f25357b6f1c2bc3d1e6bdd2a8"}, @NL80211_PMSR_PEER_ATTR_ADDR={0x31, 0x1, "20662ca844f3d5f799cd5a8312b307f02b24a2e95104fb9912aa5bebcffd76ec62f47aa846ecfc88ffb0628781"}, @NL80211_PMSR_PEER_ATTR_CHAN={0xc4, 0x2, 0x0, 0x1, [@NL80211_ATTR_TXQ_MEMORY_LIMIT={0x8, 0x10b, 0x9}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "0c662be30181c48d4edaf490de2b9b01ad773510f70f1169"}, @NL80211_ATTR_BSSID={0x6d, 0xf5, "f0537c3a5cd1e41e714a36a3d201d8804e86242522f4c5cfff6fb2ed35d6ef5023de8fd47dc8509c3dc3728ded09d3bfce537d0c14fc3184e4bf45cb680a3fbc1b729b3ac8d7c5ee0596a4d357364d7b0c9eeb4d5e84c96b9368d47598a29956b4327fd49ec1dbecb0"}, @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0xfffffffe}, @NL80211_ATTR_WPA_VERSIONS={0x8, 0x4b, 0xb75}, @NL80211_ATTR_HE_6GHZ_CAPABILITY={0x1a, 0x125, "e35748e7a5c3a8d68d0344b2f34e677f398bd7e2d782"}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0x3d, 0x1, "e024e829802fcaddc5cf4047ff71a273f784749912cfcb55e27db943e8a84faf032c56488845100690bdd20d58d657c7c58f1ec5de9c719d65"}]}, {0x14a8, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0xc, 0x2, 0x0, 0x1, [@NL80211_ATTR_MLO_LINK_ID={0x5, 0x139, 0x1}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x70, 0x2, 0x0, 0x1, [@NL80211_ATTR_MLO_LINKS={0x8, 0x138, 0x0, 0x1, [{0x4}]}, @NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8, 0x62, 0x1ff}, @NL80211_ATTR_MLO_RECONF_REM_LINKS={0x6, 0x14f, 0x800}, @NL80211_ATTR_MAC_MASK={0x4a, 0xd7, "ce94cddacf00ee7e02c068deaa4c79197291f07290356d4028ac5de960eafd26046652bf9ceb19e3363256666ed706734568569391a99a1326c0d4595635032fc851c7085c47"}, @NL80211_ATTR_RADAR_BACKGROUND={0x4}, @NL80211_ATTR_TDLS_EXTERNAL_SETUP={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0x1004, 0x1, "e9bcd8e6bea79c85413c925250811a4d68ff4bb6f88e9516afd9db7d1b18917a54fd52c35280b732eff4d08fb5b843f6a729ec64618aa34e29e7e6beaefdd9afd0b7506703aeecacbc0b26a83c7663b4ac32014eb116edb556bb355643e92edef2d84701bf19ca792952109e5bae8cfcfc4956be0f6ba5d9387f5eca49ab6945c90e835b6f98071a6c480c99cfcb5301a4e4e365ba25c942e1e0da53b7f942a1b475a115d0feb33200b4f49492047a68a834ed4345802fcf4aa8346aff48688f0dd4fb497ac13666dde513eb2ebe9b5d023d115311cd7da29e6ddd70840c4af74c02a175f2e08ba488b9ac7d821ee4b8759ff482448c23da416692cb8830a6e6928e6606d88fcf698a61c0c64c02c7153a3adfb775922565d5dd7a56c4dd6f242027ce9f3404a3914734be9bc2e6819cba1119c45e8c498ff8def96633890f7a4322358a4faee92818957b4e9324967b49276b83e7d84cae88a9bbdccfb47d2f3e9f60fe5bf548d1270e31f2aa683d7af666c3d017a3711361cf15b874e8b2d0aeef98bd3d48f77dbc1002590422c973d891dabd3b9481309a9c13ea5e9e0b9a011686565d3e9a6355b1ab303635b285895dc55018fc54fcbb46c5fb244fd788c17f8cb409d59ff5ade619d1d05b24b8c4f91e5ed5251153afa5cf216c8822d948b49609fcec82b539fe4ede1a58673d86aeccaefd013e5747175117e6416b2ed6bb6d89501f5b24c9bf69523467dbf35fab00f7f74b1f05d6cb8a6d233562b213613e4609352f107eb913acac2b4c472a946c36f6c8954d2c5b5a7e6f1c3db6a0ead96b8b67e991b07931863b18431c92c4d69f37c4747be96e2f8fe0d26f7f37220d2a2b835d8eea1afb0b5eea01e52f8a55588df00bf8aa038c4c0b3ce29278482a1551cfd56007315ecb70b8de59f99a53fa48e1972064a2ceb156ddd29a2a29f8de6c28413d3bc1444f61c253b8cd0264386d4bf4f01f8a07ef1a6413a55ed05e846ae3767e4fcbe420a9b04cd3d2173d9b20aeaed8750bb1637c3aa0eec647558ef7dc407d9bbc3e9eedbf89c7be2b19502ec62f6496145106d85cf91bb227c49cadb1333f0c3cace31b60aa1362c3feb30a80eea6ccfe29699a9df7e8c75bf57bb82eb2fcebeab7b92bbe9365ef25b4501387d8cd7e5b2a97b8f622994acb095f16816c1e06d8d9dd9d54d5b256946d1ef7af422af74245bab7e1ffd5aaf8cbaf2e072dffdca9347b92a8e8a9b917d983bc50e8336b6470c0e9cd0e220cfd29895d3182532c699e4f338cd89ca3910d88a19a5fcd3f019892548033227b2f25a3a83209afb5dff161d5ec591cc196acdfb6b9d6c9e7f79e1404def192572d01c02db51c1cff507db15758de0a0c21a07628dbf7d84d658459085b81fac36bd57be4172b6ae87764b58646ad787fa0059022780dda1aaea79d3df85a8bdd4481778fc82a84154145873b8ae282797878dc9901adef85d137d033f3e86b93ef770788a9769b8ce6d0fac4bf55bbe1e6b9caa0c98162a1ba0c23414e98db1a862eb13d963d12cccc3a44ef2033a848167a076055d9b43658f0bf1e0882ab6ec31ebd3d53d30ce96194792292d45f80abf0c2fb4d0c03ca671657b1f55afb0bf85de3b8ec6166ec7e111deb351538b779341f52f37eafaf86e70e6b704378867dfd99f08a2b0f467087d3aa989cc5e652cf5d671dadf31ee56fd234446b913ecfc1d7621447c1e3e302fcfe05c3211cad868fb038adc61f8b9c88ee39ea56533637f146fd3cff0aac30f511e6b57a9517651d5c7b38900db728bb9358e1d8a2777f71b963b6499c5efe086091b1278d417ceec283b8490f1d3160eb4e2f4153d7fde3c01080fcba6af1e1817fc6ba82d18b97b63782eba73e494d3464ad1c033774b1a7e0471d1ee058f9e3cb15560634d65d786cfbd3261dd312a1e93ce6d00cb327b89494e5f0e23b0c20c91ce56e6c77283e2bf9a00a13ca2f17197b9cba7626a8f1ad4af7ee81204216455b4921bf48716a90badfc11616ca130ece5f04c0d94aa1be118588896384624123990df39bf44833b523528b2a3fb5aa6d47beb102fd64951c8a9c5360017a1cee25a817527e284a47b22654a3ebca0d28cf1f4536e4c0338cda30bddad015c6d68ee860bfd98ca6cb7b00a23e8575440931aabbba0e4f662bee6fff19fea7ed74a36f4e57352a902c9d403b7202e6512308558f02aaa4de9fb8998ccf88b8ca583b63f34e25beb8e8ce613ec4fa3d027a8a25574c6faee2a16b630cf3cf94e2dd2cbd08c79629b4bb61ccc57e96f23d56f29a88ab6626a2f010156ca50e9c836cb55e49e94c2966831ab728b36fff0934afd5e674ffd2b4c68686db0e8eee6cd45d827440c7727310ebb1faa56290ae2075d050718507a8a286acfc5b06ea47b716757ec73aa07a7348dd7848828de5ec915d2bb1d8481c3f9f84e6054cd18909eef2ae74fe4b7099e6f1b2ab12f6d518f91d06fb0a6a8ab1333137718f21e046df48536588d73ee23b6017cc4641583f5d0be6f9af64b7b612ec8776e91d110aef837a18222bfc5949d3dfd14d42137eb2733026b94971520f8042387108a9733fb6dc1eb2e352a5be433615bdc2a221ac729ae59523fab7f27a9234d5e1f27d10a18b75a8ebe672af228cc7872876ba7fa43c7a81fae0fd58c0cacede27a365e43417776de9dfecff2d46cc905cccc4bf8d5c2ca95da9623e85a90a34eec6c4b781607d2b3655a06dc4d02942f39b89d894f725e7a7ba902ecc0af3882ea60427a9a6ade9f2027bc9a37f0efcef262e882228a680ce3560632a1984694ba9cb5bfed454ef0342bc4ab24f161c664d26c364185666ab9567876812f5c157521e39b96677659b246a734a4801859eef3f4aa0229e0647e9c46ac4c49c2e8864f24c51a6db42e219db089d17c72b938b59c8a186777cb84787f59d34e14c6a313827cac5ae4f0491247863242e027e31799285ecc0dfe66f2cd57c1e072a8399310a0c3174713bee76b795b918a91aea2328cb5c99c40f16d4e2ae3c8a6e749d1929cefb72a512267d3d9333cdb4304bacba7436c11c4c8997868cfdcf845bb50828b3dc81eb624677c47d49a347366950ea0fcdd02c0dd8c0047ab8a0bd24d1c846e15c8e4f9b631b5df44aa1e5c585989fb0550cd48ce2139136488eab805bdb8dd10b75cfe65250188cdd8884738059a04173d427a4cac84326c0de04893aaaa938a5e0c9d9bb8119810d74866f78c7ef892bec7f0e3eab176fa64eebcc5505b4c9675c3e81ba31a1e30d47291474f64f78027f235e22b860efa36399b59c794b761584c3ed512e78a84846d821822b552dc5d019d9b5c456b0d5b34fe2c410c2e5ea75981ec9aa8ded48654883c3f63cf006e0d829f100623f0ba236ba25daa7a2e47ec5c16860a8c27f8acd81f3508c5af5b5bc176436fe80cba4d55ea38b629792e9a46ef148dbbca1ba91277d617ac29871a4e51939f257b11f853ab379f1758476bb138088e3914140c833df506d835bdd882f99bcdc27c228c9882b69cdb727c2f6b379e241d702d9ea78451b69e9feb5d3784890d5c29612764a3738da00be9e0b7c44388d134f03d2a013133ea05d8c87836aea4e247495a32c749f71953615de8289084e977da23e12fbde28dd6fe82a74e21e5cba677693d3dfcff524cdf282651b6c6baf05bfcae6db60de64cd7b305954d8978a9e099e2a40bbe4bca52b6c3e43280f9eb15a523f220fb1e484f1bd81e2336f518977edad750f47e3cb48c3f104f99e79063736c114ed7b2e1a60360d485efddca3ccf4feb91b1a520944ba4d3bdc9a22afce2307d735104f5772d0149bc7c4f9c3cb3e2b58876eab360aac935cd0ceab6f5a3a6f5edc454d0f4985d2e862361f1cb0b5664d091f68f501efafadd7500ff577591435e6de0479430f7f4aff6e3ea78635a0806dce456be91719f00d0d1f66de48df9a2147a8d0eaace43c49b246b40c28a3695af49b2fac28eb9fc7df98c55a5b28c4144fc6a20aa1c0961a3e972529229aee88af34533fce7dc4faab3a42ebe9132c7f1168f8f4964c2d5e922c8e0a490490849883449655ecda6e59a4ff247916f12f440fa82539aae95b98b5ec9d27a745d7d81940c37277b384177c99b28b62a3c5884a62efa7e5aa64e841dd9fecd33b5f6490b3dd4d873cc10745227bed762a0f49e022221d6f11928c6fd6feb1e718991bfbc5ef9099be28b40d5f0c4f01219578748c0f349d93be10da4ea6155f49067e29ccd50bee339025b6aae932a8b6da63151eb11853e5ab571cb4cbd5fc9f977d71ee1eb200c726bc0ff939aeb202fb3066b60fce3052e264bf3feb18fc598c97cc1e8cfd2c6c1fdaf3867c4007f4d6dd5079b7dcc2a77befa2c18ee3879192cb778898be1ba3d8f2407110a167b55772ade926b7170d9abc414cb936214b0780cf070470db84bb72e13060ab5c18cf25f610cc1abfd72892ce3aa250eeb662c47b2486a8c3b337f216582baf22856db548016b375596103e7ff32c866b3298e9553ce554c3511614ee01a785c73319c4320ce336a260d34ba54fc1a52d320ecbee0c8e60619821303ec9283dd4f7c97e9fed827172cd2d7a3d854cb9c511697944bd4f013897323816118467294dc534988a03e2544c306cc8829ee8ecc3d12d6c59d8ff54307fce07ebd8d2ad32b0e7d4e3be324dc78c1f80db3764073970a7667162a32b01218ed419795b76d89edaa616a45fe68fa23ff6a33ce28e10143fd35268678999f78be51a1aa3186d709645bb9818091a111699c7a6b022d5839cdd960140a8241bb9221f9599d14293af50bab3e8ad24360226ee580314b60d6a54a339b8b987b6c1572996ca150305286785c6473edef2cf173f7ac59dab35a10887cfe8fc4f414a816bdd3fb3ea4301e249d3328222e443a2f94bac164ccc9c09c961cf1111ba784bc9c9d7975c761e7314453949bd30d71ddbf0d082abcfe2be635ffa24f6e4aa13f011af5c8a99b3dc336535ab9d807416b6fd57a389b155e775d88b1f1553768f436f1512fb0cb14f8f774811e6bdefa4059cc0ea464dacacc47357f1767b997f8c2b39859db2e53376a50037ea11fbdc7a2fd8a57c56c7a77c21929276b459e9e0d6e5996873295e856abc4c34f11340b0ef1743b0eae185636d98df2fd6210fd27659b21d05ea53ed6531928b89dbf90e3891f35eda5fceddb8df54ccfe2a88a32e5ff8eb945ee30c7ffb6035775983e60c1d5ca7ce7db10044e2ea16d1334128e0e27af51de38b2f3fe7f6960c83973ba1fe8bba6b1308e6baaeb63d94c67303a4a7c5e671c3acd5e321a73aa389b3ed19b88dfa21f143fabc09ed81af462f488b1356f06018e32a9ab5903535639e40767ce1f573eff0c1872986c2b26e75bd3cc58bbc4de362cbac7aecf261f9c650e99d4721c7fbbddeefd9e13216fbb9cd4371b7b3c5ed992e35e5241ff1b91fcb45f04aef16f6a28377de976922280d60e259266ab1ef52ab5e76dfc3e27cdb88c8c2a86a95e0823684beedcc03f8ff18829c49f397bfc44395bb606c4e56fc47367d9323c46c5bb5909133b4195ef57269af6a91388176723d9e6ff70cf4cec586bc6f0c2a67b04c73099457c15c739e89248bcc3e14384a184dfcfc2d6bfbe8d902b7fe92fa7a8c6fe70c12502fa22cd573411e6abccebbce67d2ed3fbbb4cb07b95ed251c566e58e9da95dfbfbb24ab82ebb932389770a41fbe8df51c786aa0d29be8c92699fb3139605d27fb7cf7b7f296724f755"}, @NL80211_PMSR_PEER_ATTR_CHAN={0x320, 0x2, 0x0, 0x1, [@NL80211_ATTR_SCHED_SCAN_MATCH={0x2cf, 0x84, 0x0, 0x1, [@nested={0x201, 0x132, 0x0, 0x1, [@nested={0x4, 0xdf}, @generic="3b1003183996110933d7a99dc61d87968350f9295adc09c905a9307ba27ae3a3f22908b8237c17dd38de0bb885e2d7bf99642a367e8b333972c04b9ddbbeb51b", @generic="7f95a4aabba7fe9bd86de397a04384379b8632dc06cee32780bc1a4508f8e201b6c77b45aff5d9244b0e2cc159e0fd9805cf152450f6d4a4aa1f25e33589ec1a09c03d856b020c63b5ccd476adc377a5e2f87cd31d3d3e71418b20bde8e5e7e0be027295ed493edbbdc8d11b7e3999869b2334d118c85ee32affa4f23035d1e6e1eed321b67fe2be6814d68a11d589bbec2b12b91292ef668c881edb6f1d98de9a092d115516f3717a0be4d238ff3cf272aa47e03178580c692f39821b062d90e542f7302f1f9adc47b67c1baf8335cc0d06bb4558397c62bdf4b77d9f7aaeebaeba8f126d674520ac5c98eed393b3b1313fe52e8653f61bd044", @generic="216511a42271ed2cffc2aae8e5fd85b1d9c45fd360c8bba67475410d8f21a9843a72b91dbfa52395259a2918cbac313bab7b59e04d319d6dbc56bc7e7178ddb0ab8b5c0ee592f7a12c7f9d665389bbc4b8bf71d9f78c407d6a1a8f00fec06c3571070d614364cb2a1a8575efd4afe429449b7871f1b68cf4e3bca78a2859099df4abd6250b1b40c6e68ee4a09a0ccf5ae08245ef7546947d2a1d6ce3f3e0149e491fa208e92740240d7ac8694486b0d6e9a908c6a61c7d41f843c8", @nested={0x4, 0x33}]}, @generic="018a4881ebbb2d8fa0f32ce169520a034a9fa4278d77c8f5e50c0ddfe38a8b7c8049e73f2dc182b38c0fc93ce3c54914818f440b57a7bb7caaea83ee14606ee29c9b8767e500ce31c9dc9aef8feb2ce2a33dc1c1dcdd996972d1ef7d1e13082a17b72cd5339b14fac96f283f5515cb93af4f2465b3347c5d640fd64cc70f426049387715d5c1da9a18cc6a62771d792508a5a134b23f067da148e87b06f3fde49560afbaa9a294931f6a990d4205310919b7dd0b465140ec366682cd0707b6b6e9b3e99a8cb1a6"]}, @NL80211_ATTR_CRIT_PROT_ID={0x6, 0xb3, 0xfffd}, @NL80211_ATTR_WIPHY_RETRY_LONG={0x5, 0x3e, 0x4}, @NL80211_ATTR_SAE_PWE={0x5, 0x12a, 0xc}, @NL80211_ATTR_REG_INDOOR={0x4}, @NL80211_ATTR_MBSSID_CONFIG={0x30, 0x132, 0x0, 0x1, [@NL80211_MBSSID_CONFIG_ATTR_MAX_EMA_PROFILE_PERIODICITY={0x5, 0x2, 0x3}, @NL80211_MBSSID_CONFIG_ATTR_INDEX={0x5, 0x3, 0x3}, @NL80211_MBSSID_CONFIG_ATTR_EMA={0x4}, @NL80211_MBSSID_CONFIG_ATTR_MAX_INTERFACES={0x5, 0x1, 0x7}, @NL80211_MBSSID_CONFIG_ATTR_MAX_EMA_PROFILE_PERIODICITY={0x5, 0x2, 0x8}, @NL80211_MBSSID_CONFIG_ATTR_MAX_EMA_PROFILE_PERIODICITY={0x5, 0x2, 0x1}]}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0x100, 0x1, "456f12aa57ef677f1dc8caafc5e226bdad5ed02de7b98e80fec951035cdc63dcfb7d90a765b7a1b4f7cb43c561f8fb34cbd7a1a8fd52c1f68ee9e354afcb0a6bdfdc07c0a8b631dac1e255a40c36d76d5f0271648182e2d816e473618bea63cc6798538491045adc267ae44b8745cb2c0c5f0276aaba7e6594859fce3947bd5ebd14831e8d1a9a2173c6623ab6b59033365ad1de3b55635864269e7189a423d88a86792f94995e74f69a963832d097b639f28b8d8143fa18b8d482926d781db11a8dd1f9249f00df235045ff50e65f02d76e8f036e2ab331363b59c1c530ed83275e29eabf759c33ffb26149cfdd96dede69096b3b1412425f5642ef"}, @NL80211_PMSR_PEER_ATTR_REQ={0x4}]}, {0x14c, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0x130, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x118, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x9d}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0x40, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x10}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0xfffffbff}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x80}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xfd}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xc05}]}, @NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x10}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BSS_COLOR={0x5, 0xd, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_BSS_COLOR={0x5, 0xd, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x18, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1}]}]}]}]}, {0x88, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0x84, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x4c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BSS_COLOR={0x5, 0xd, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x6000000}, @NL80211_PMSR_FTM_REQ_ATTR_BSS_COLOR={0x5, 0xd, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x81}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x77}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xe7}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}]}, {0x154, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0x51, 0x1, "1e639e4319b133fc52746cccd2e513ba60b6bd5628953b50b08ddf4f3d896703739a8088dcd50ca42ae272c4d06124efe35b8699891010019075466830f346f3dfa4d33c80fcffac5a35904ab6"}, @NL80211_PMSR_PEER_ATTR_CHAN={0x24, 0x2, 0x0, 0x1, [@NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}, @NL80211_ATTR_INACTIVITY_TIMEOUT={0x6, 0x96, 0x4}, @NL80211_ATTR_CONTROL_PORT={0x4}, @NL80211_ATTR_BSS_HT_OPMODE={0x6, 0x6d, 0xf}, @NL80211_ATTR_WIPHY_FRAG_THRESHOLD={0x8, 0x3f, 0x3}]}, @NL80211_PMSR_PEER_ATTR_REQ={0xa0, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x4}]}, @NL80211_PMSR_TYPE_FTM={0x4}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x60, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x4}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x61}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}]}]}, @NL80211_PMSR_PEER_ATTR_REQ={0xc, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0x2c, 0x1, "5d9a5bf1745391d552f1bcc0e5d947d52c9ffd5d13144d2274c482ff701cc764c81f95585c25498a"}]}, {0x678, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0x610, 0x2, 0x0, 0x1, [@NL80211_ATTR_REG_INDOOR={0x4}, @NL80211_ATTR_PMK={0x39, 0xfe, "1eb486d3cb688eed85535d4e86fc62bee16afd5b1cab210c1cfb28f5f0110e635ecdc7270d7efe1e0bf897b2d6c780b999c54c644f"}, @NL80211_ATTR_IE_RIC={0x5b2, 0xb2, "2899220df5057b2d657321d7725caa86c752836b906bc5c66753759af7e0243962c7757a535b81a43e51b77fa96685ecd5ce7cf9201d889a594232ff8edb90b1b96f8f833d84f6773e8bcb2c50ecd67b7646616aacfb5a4cfab9fd3706d53b5417babde01377fb95150933989eca831b5127e5040656fd51a588802672c5a94d026242d9d0d69533318d685d6cb1819c2077e8f700eef010fd6a3f85d3e717613676e09f1c6c73d1e63ca08ed35a7c7e16bbb762a444594860c8ccef8dec6f002d8c514ed2dba998b0b86e166ac03d5ff93a37369247df684c7de46c1b50602988a704907212de23d2936e2dc48dbeda4b2220aadd6ead2d55f6d81330c42dc82e79ece9cbc1fa54b9b1cc117dacce215420c406ca89620c9290aac4acb5b0af5afac755b4394f49b175ee7cce1f6052562a0a49254f6c25bca95f9171c01c2b85dd32f724fbf189287ae8d2ae0641aef4a7034740b9d5c72964328129c2d1d807f1210d529fc6791534e208b0db532560d007a8c6aac3e82eedd2ddfb69c17f44676b2416f1a3ab829eae1e7d857f16dad09d9514782001f7f5c97dffc1312bf3cfea279636eaafd989de296e87b6a543c928908132e36a620dfd198f58b40d15fc5d6f1bdc38aecb33c625cd0909be87a6a76a8ddd77fbb15d974048c8574d447da1a69ec66f3d03a76e59bfac25b21a4468ea6abae80ac2d0f0824212af329ecd2291c7a5d2764cea4f34387a4e5efaed2d01360941b3985e8b594b18dcae9147d5e3ba515d2e75207e2f180a0337abbcb9a9bfb1956bf5d2810a77f7155164658d6817ec7679a3bbc86b8a0972f2f20596ccbc705f418fc3443a6f7b846a4717b5f94dbbe73b3b4b3ca5ded348992b8a5db17818652dcc8bcfdae8d415b5ecd54a5a04474f023ae66d7b438156964ec1608b429f8cfcedb49d3dfa0d3639866953da190bef5e8dc3211a6ad63da771543a9722f182e468d6c1e4ffa9dbcd6000aa3c087dc7f87395a69ce413740535fb0064c5182dde364b5a39eb76570c21ca7f78412210a98919bb03f1ca6478c52c74a2958fd76da8422d4240d70e5b29fbe48556de8bce47635ec4ddbf90c5ed562fc6d520ed333f18dadc21a87a7ceb4b3cffdddfa2f26b0775f51a8978d5e8c97e682b9ab9aaab598c997f78338cdeb04d2cbb9dd467fe6400459835d2607485106ad6c519cb6f7ccef82fb8d1a16cdfef618db6c519f25bd5c2e73d9dd88b0c1d7f82afc879cce50fe85a8e83a294f3e011ebc86117a2ba079ef949276ce0f61f6fa9706d0bac9a78df3c60addb7381b884873429b477d6864c433bbb2be08ab19494efd218c3c0444adc3caf459992628c36e96b98194bde71c052ce3b9e67a970e6cb66f6e64673a205a592b96ca01f175668c4af7ce56ad7bf6b8d31dcbe5f94f06124089e5297bac522f55847af540bd87f3eb0f7866c9bc9f77d5225518c66b73948eedc457cee1c91cca6c24bc64ba20dceb967063ea7e52b67022292b6c9dd54da53500248bebe71d6bc52896f1c2f9ad8bc5219b34b46a42b4ed1479ab8e7a4a89738efe643584868712e9616d710a93b66b6beb107737e16cc8f99e1256bcf6a5e787db521dbc4ec2e1f60f0d8d1e0de3d994a1527f25ec62e5f4e9c9fc2803356ea24c57e950e9b8cd16d5f365c20e911c6740502e8ae52a0e10a4d74f4e775b878bb10f5c7c7a603429683fe507c2b0d640065221e24d5dbd0f644dba49c163723e825c746d508bb11e8c1adb836cda0dc54c1b7235b3ce07acd2c61b6e265b1631a2364e5f5a4149a3099799fdfc0b1cbbf6c019102ca67ad824676fd5b63a687b86a6b44a4c4dd52d08d94e37f32bc8482e16001919701a1c3af8c64d0eb0505c13f291e3d3889cca20af8eceefe636d0b06398823e99ce9c72c04ac060880ff7f5bf42355005449b5ccf1967372f0fa97b3c402e80e55c85e5debf8fddc7a7e919bd2b0eefa0118cb99be040dc2d666ed72cfaa5399d5f79ec91b728b8a899725e495a026eba4dfad7a583d97e831bbea695eb467"}, @NL80211_ATTR_BSS_SHORT_SLOT_TIME={0x5, 0x1e, 0x8}, @NL80211_ATTR_WIPHY_TX_POWER_SETTING={0x8, 0x61, 0x2068}, @NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x1}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0x1a, 0x1, "05ae19f5f8f374e8c0b1a1c769ceb0072fa306b3b9f2"}, @NL80211_PMSR_PEER_ATTR_ADDR={0x45, 0x1, "e8b131586b1d2542793a5533fd17d136b0613351b395e096dc88ea66669fa021859e4bc52e6972f884710f0a493d404763f90f0e7d6068f47cf2652a2bbd13e062"}]}]}]}, @NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0xfb}, @NL80211_ATTR_SCAN_FREQUENCIES={0x2f0, 0x2c, 0x0, 0x1, [@generic="fe94ac6e15482c36fa5a10f69db604c6cb5b7d7b314b3dd30483eab6ff066b1b25eba0a725a6d61b842bde614f357685d055cf8ed0a08eaafff9c7b74381bc3881fd18f01d94ce957712df6112d8aeab31408110ec5e66baf8b64b48dca24b712a39cc74bcec7a6562fce62e2021a22ec2a61cd99ea627bae8df37dca2173e9de0b2d186df5960f5d7ab951878e4c96f59bc1f94c0920038", @nested={0x1a6, 0x6f, 0x0, 0x1, [@generic="b76a4fcaafd65d9eddb8a91b2dadfa13561167b58b073609ed40571bac6a7117baafa7469b0a98", @typed={0x14, 0xa0, 0x0, 0x0, @ipv6=@empty}, @generic="5d84d731286e131c175a3deab31a77a01765172d7000c5cef24b06a9f9aa2dea526dc3ae48414274c4d1ce2291e85adbe3830ed47ef439c00945e1a6d6da1bc1c15d230658ce26e428b392b4d060e7913eb871d660c9b07df9f5336bff035d9be6d116d78761ecd12f93501b0fcfe5cdbc04c0e657be35a1bdbf9fc781651143", @generic="e733542a1df9b48b6b66ffbecb475cfe3f957f3a20be72b86bfcd56ed628b7d46630aab471a1fc0413b2e6bbb25b33b3104eceadd39eaaf31ffae46d6b7e6557981aac56f58b5e5b1bab727015eeb5279d3c020a1cafd432c38d619708188847165e839cbd0bf52e47632b7760c49f5a7412d5fc2af1e8268bd3009b72ac5d16911394cf77b4c53127f82f9f8d73d16d97e2ca357ceac8626c8ebace309243eb363fde42ae8023a471c71eeca725a8a0c1c61978f2d6f82282b8717f3763ceea75731f16be5f550b0f1048d39f33d1676c44991589de38c2101538546383a4", @nested={0x4, 0x4a}, @nested={0x4, 0x7d}]}, @nested={0xa9, 0x2d, 0x0, 0x1, [@generic="21915caefad3e4aa43b1cf5c69378790ee51b5bed2b277232b352760c6958e3c96da37be0c9f3da5bb0038851230a7030d7a9dff33186c340e66bfcb676d3f6a32da4680442c1188d99bbd4353f21953d1f7ba4db83a2752d70876c7082a3994bf738fb729bab709bc7a5d3a6433b017279b081978023c3b27e45bdb8352defd376919145776cd704e33289009b4fe190e85862ed07c6d49b7", @nested={0x4, 0x72}, @typed={0x8, 0x94, 0x0, 0x0, @uid=r2}]}]}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xf6}, @NL80211_ATTR_HE_CAPABILITY={0x1e, 0x10d, "b9a6c830240b0290da57b52de41c23762a8cd86cc89ad1529d59"}]}, 0x2a80}}, 0x40)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
getcwd$auto(0x0, 0xffffffffffffffff)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
r3 = socket(0xa, 0x5, 0x0)
getsockopt$auto(r3, 0x84, 0x20, 0x0, 0x0)
r4 = getpgrp(0x0)
sched_rr_get_interval$auto(r4, &(0x7f0000000040)={0x0, 0x8})
mmap$auto(0x5e6b, 0x40009, 0xdf, 0xf1, 0x7, 0x28000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0xa, 0x801, 0x84)
socket(0x23, 0x5, 0x2)
setsockopt$auto(0x1, 0x1, 0xa, &(0x7f0000000000)='\xe1', 0xbb)
ioctl$auto(0x1, 0x541b, 0x8)
inotify_init1$auto(0x3000000000000)
inotify_add_watch$auto(0x4, 0x0, 0x80000008)
open(&(0x7f0000000000)='./file1\x00', 0x10677d, 0x37e5c9853cd1b999)
close_range$auto(0x2, 0x8000, 0x0)

2.765112697s ago: executing program 2 (id=2791):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100000000000000000008000200", @ANYRES32, @ANYBLOB="060006ff05000000080003009b"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

2.671200788s ago: executing program 0 (id=2792):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
epoll_create$auto(0x3e)
r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/001/001\x00', 0x29202, 0x0)
mmap$auto(0x2000, 0x9, 0x8, 0x8000000008011, r0, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r1 = socketpair$auto(0x0, 0x1000004, 0x7, 0x0)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0)
ioctl$auto(r2, 0x2284, r1)

2.661561731s ago: executing program 2 (id=2793):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/module/psmouse/parameters/proto\x00', 0x20a42, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000001080)=""/4076, 0xfec)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, 0x0)
r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0xd1c41, 0x0)
read$auto(r2, 0x0, 0x39b8)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'hsr0\x00', <r4=>0x0})
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32=r4, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100000000000000000008000200", @ANYRES32=r4, @ANYBLOB="060006ff05000000080003009b"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB], 0x1ac}}, 0x4004)
mmap$auto(0x9, 0x440008, 0xe3, 0x9b72, 0xffffffffffffffff, 0x711b)
r5 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
ioctl$auto_PPPIOCSMRU(r5, 0xc004743e, 0x0)
ioctl$auto_PPPIOCSPASS(r5, 0x40107447, &(0x7f0000000100)={0x1, &(0x7f0000000080)={0x5, 0xb, 0x8, @raw=0x1000000}})
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

2.38164077s ago: executing program 2 (id=2794):
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, 0x0, 0x2004c0d1)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
mmap$auto(0x1000000, 0x400008, 0xdf, 0x9b74, 0xffffffffffffffff, 0x8000)
r1 = socket(0x2, 0x5, 0x8000000)
connect$auto(0x3, &(0x7f0000000180)=@in={0x2, 0x4e24, @rand_addr=0x64010102}, 0x54)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x4e20, @rand_addr=0x64010102}, 0x55)
getsockopt$auto(r1, 0x84, 0x1d, 0x0, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x10000000000000, 0xffffffffffff0005, 0x19)
ioctl$auto_PROCMAP_QUERY(r0, 0xc0686611, &(0x7f0000000100)={0x1000, 0x4cf, 0x9, 0x101, 0x3, 0x2, 0xd, 0x80000001, 0xc, 0x711, 0x2, 0x5, 0x1, 0xfffffc0000000000, 0x8})
clone3$auto(&(0x7f0000000400)={0x100008000, 0x980, 0x4, 0x6, 0x0, 0x2, 0x1, 0x8, 0x1, 0x0, 0x3}, 0x40)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/mm/transparent_hugepage/hugepages-64kB/stats/nr_anon\x00', 0x2a8083, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0xc06, &(0x7f0000000040)={0x0, 0x34000}, 0x6, 0x0, 0xd}, 0x7f}, 0x2, 0x12)
read$auto_fake_panic_fops_(0xffffffffffffffff, 0x0, 0x0)
ioctl$auto(0xffffffffffffffff, 0x4b36, 0xffffffffffffffff)
close_range$auto(0x2, 0x8, 0x0)

2.152327897s ago: executing program 1 (id=2795):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r0 = socket(0x15, 0x5, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
mbind$auto(0x20000000000005, 0x2, 0x3, 0x0, 0x80000000, 0x7f) (async)
socketpair$auto(0x1ff, 0x5, 0x8000000000000000, 0x0) (async, rerun: 32)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) (async, rerun: 32)
mbind$auto(0x7, 0xacec, 0x4, &(0x7f00000000c0)=0x5, 0x58, 0x8e) (async)
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) (async)
sendmsg$auto(r0, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) (async, rerun: 32)
writev$auto(0x1, 0x0, 0x1) (async, rerun: 32)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
readahead$auto(r1, 0x6, 0x2)
socket(0x23, 0x5, 0x0)
listen$auto(r1, 0x21ff) (async, rerun: 64)
socket(0x2c, 0x6, 0x6) (async, rerun: 64)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) (async)
socket(0x2, 0x3, 0xa)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x608100, 0x0)
bind$auto(0x3, 0x0, 0x6a) (async, rerun: 64)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (async, rerun: 64)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
sendfile$auto(0x1, 0x3, 0x0, 0x7fffefff)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) (async, rerun: 32)
sendmmsg$auto(r0, 0x0, 0x7, 0x7) (async, rerun: 32)
prctl$auto(0x16, 0x2, 0x2, 0x4000000d, 0x100) (async)
ioperm$auto(0x5, 0x5, 0x10011)
semctl$auto(0x0, 0xe3, 0x0, 0x5)

2.13097885s ago: executing program 0 (id=2797):
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x60800, 0x0)
write$auto(0xc8, 0x0, 0x4040f6)
mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000)
r0 = socket(0x18, 0x5, 0x0)
mmap$auto(0x0, 0x4000b, 0xdf, 0x9b72, 0x7, 0x28000)
r1 = socket(0xa, 0x3, 0x3a)
getsockopt$auto(r1, 0xfffffffa, 0x4000040, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x40047459, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400)
r2 = socket(0xa, 0x0, 0x100)
ioperm$auto(0x7, 0x5ad2, 0x8)
modify_ldt$auto(0x1, 0x0, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
socket(0x1e, 0x1, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socket(0x21, 0x3, 0x9)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0xc, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000)
write$auto(0x3, 0x0, 0xffd8)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x8800)
mmap$auto(0x0, 0x400008, 0x400000000df, 0x9b72, r2, 0x8000)
msync$auto(0x1fffeffb, 0x0, 0x8004)
open(&(0x7f0000000180)='./file0\x00', 0x4361c2, 0x84)
mount$auto(0x0, &(0x7f0000001500)='./file0\x00', &(0x7f0000001540)='cifs\x00', 0x8002, 0x0)
mincore$auto(0x1000, 0x8001, 0x0)

1.587699486s ago: executing program 3 (id=2798):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/rxrpc/stats\x00', 0x401, 0x0)
write$auto(r0, &(0x7f0000000000)='j', 0x100)
mmap$auto(0x0, 0x8, 0x80000000000000df, 0x10004000eb1, 0x8, 0x8000008000)
close_range$auto(0x2, 0x8, 0x0)
sysfs$auto(0x2, 0x100000000000027, 0x0)
fsopen$auto(0x0, 0x1)
socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x8, 0x1, 0x8, 0xd, 0xe13, 0x81, 0xa, 0x2000000000000002, 0x0, 0x9, 0x1, 0x2, 0x80000001, 0xb0, 0x9, 0x20000800001, 0x3, 0x5, 0x7, 0x6, 0x7, 0x0, 0xffffffee, 0x2a17, 0xfffffffd, 0x0, 0x0, 0x0, 0xffffffff, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10]}, 0x9, 0x81)
r1 = openat$auto_fops_u32_ro_(0xffffffffffffff9c, &(0x7f0000000640)='/sys/kernel/debug/netdevsim/netdevsim0/ports/3/bpf_offloaded_id\x00', 0x20082, 0x0)
writev$auto(r1, &(0x7f0000001680)={0x0, 0x9}, 0x7)
write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0xc090)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4044810}, 0x800)
r2 = socket(0x1e, 0x2, 0x0)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r2)
sendmsg$auto_NL80211_CMD_REMOVE_LINK(r2, &(0x7f0000000480)={&(0x7f0000000040), 0xc, &(0x7f0000000140)={&(0x7f0000000380)={0xc4, r3, 0x200, 0x70bd28, 0x25dfdbfb, {}, [@NL80211_ATTR_HT_CAPABILITY={0x88, 0x1f, "e20acaa05c0aece45ce7a0ace6c3e74162404c846e94ba89b04d7fd635d381c4fe1a9bc79940bf2755f3d2b146a50867fed63a8c8e77adbf0bc621c33c02e03b759cdf064120cd6fd6b93d3b653068159c4cd9e04c09382b22d61d049b9d521c3af3d368cbad4cc848d6b7d89aca0feff114bf67ba0b8b6ec754164143f4003978db6163"}, @NL80211_ATTR_CIPHER_SUITE_GROUP={0x8, 0x4a, 0x4}, @NL80211_ATTR_AUTH_TYPE={0x8}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x7}, @NL80211_ATTR_P2P_CTWINDOW={0x5, 0xa2, 0x2}, @NL80211_ATTR_USE_MFP={0x8, 0x42, 0x8001}]}, 0xc4}, 0x1, 0x0, 0x0, 0x10}, 0x40000)
getsockopt$auto(r2, 0x10f, 0x81, 0x0, 0x0)
socket(0x21, 0x80a, 0x727eb3eb)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4000010}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

1.115823918s ago: executing program 1 (id=2799):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/module/psmouse/parameters/proto\x00', 0x20a42, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000001080)=""/4076, 0xfec)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, 0x0)
r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0xd1c41, 0x0)
read$auto(r2, 0x0, 0x39b8)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'hsr0\x00', <r4=>0x0})
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32=r4, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100000000000000000008000200", @ANYRES32=r4, @ANYBLOB="060006ff05000000080003009b"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB, @ANYBLOB="13"], 0x1ac}}, 0x4004)
mmap$auto(0x9, 0x440008, 0xe3, 0x9b72, 0xffffffffffffffff, 0x711b)
r5 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
ioctl$auto_PPPIOCSMRU(r5, 0xc004743e, 0x0)
ioctl$auto_PPPIOCSPASS(r5, 0x40107447, &(0x7f0000000100)={0x1, &(0x7f0000000080)={0x5, 0xb, 0x8, @raw=0x1000000}})
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

987.99868ms ago: executing program 3 (id=2800):
r0 = socket(0x25, 0x5, 0x0)
sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TRIP(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={0x0}, 0x1, 0x0, 0x0, 0x8800}, 0x24004045)
socket(0x2, 0x2, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)
name_to_handle_at$auto(0x1010, &(0x7f00000001c0)='/\x00', &(0x7f0000000000)={0xc, 0x75c0237c, "6d962c000400003344980946"}, 0x0, 0x200)
mmap$auto(0x0, 0x7, 0xdb, 0x9b72, 0x5, 0x8000)
r1 = prctl$auto(0x7, 0x11d, 0x4, 0x9, 0x4000000000000)
connect$auto(0x3, &(0x7f0000000080)=@rc={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x8}, 0x54)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
preadv$auto(0xffffffffffffffff, &(0x7f0000000040)={&(0x7f0000000000)="b84a8a39762536e057fe721682003e6f4369fa9a449eb2ff259875ea68", 0x1}, 0xfe9, 0xffffffffffffff2c, 0x8)
sendmmsg$auto(r1, 0x0, 0x8, 0x80000000)

858.182435ms ago: executing program 0 (id=2801):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x13, 0x401, 0x8000)
mmap$auto(0x100000, 0x5, 0x2000000000000e0, 0x17, 0xffffffffffffffff, 0x1)
r0 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000)
clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9)
syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000010c0), 0xffffffffffffffff)
madvise$auto(0x6, 0x1, 0xb)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, 0x0, 0xc040810)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, 0x0, 0x20000041)
r1 = bpf$auto(0xfffff003, &(0x7f0000000000)=@bpf_attr_3={0xa332, 0x2, 0x7, 0x3, 0xfffffbfe, 0x80000000, 0x1, 0x4e, 0x1f, '\x00', 0x0, 0x9, r0, 0x81, 0x8, 0x81, 0xb03, 0x0, 0x3fd, 0x7, @attach_prog_fd, 0x9, 0x62e, 0x57d, 0x9, 0x8, 0xffffffffffffffff, <r2=>r0}, 0xa3)
syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f0000000140), r1)
sendmmsg$auto(r2, 0x0, 0x3ff, 0x7fffffe)
openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r3 = socket(0x10, 0x80002, 0x0)
read$auto(r2, &(0x7f00000001c0)='(\x00', 0x4)
r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000007a80), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_MODULE_FW_FLASH_ACT(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000700)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="99012dbd7000df85e60c91ecffdb"], 0x14}, 0x1, 0x0, 0x0, 0x90}, 0x40)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x0, 0x0)
mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000)
socket(0x21, 0x2, 0xa)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
inotify_init1$auto(0x3000000000000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
open(0x0, 0x22240, 0x55)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)

784.053008ms ago: executing program 1 (id=2802):
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0)
r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
r1 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000001540)={'netdevsim0\x00', <r2=>0x0})
sendmsg$auto_NET_SHAPER_CMD_GROUP(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYRES32=r1, @ANYRES16=r1, @ANYBLOB="010026bd7000fedbdf250400000004000a8008000800", @ANYRES32=r2, @ANYBLOB="080006c107800000", @ANYRES32=r1], 0x28}, 0x1, 0x0, 0x0, 0x2004c884}, 0x14)
r3 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0)
mmap$auto(0x0, 0xffff, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
close_range$auto(r3, r3, 0x8)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
recvfrom$auto(0x4, 0x0, 0x101d0, 0x3ffffd, 0x0, 0x0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0x4, 0xd4, 0x2003, 0x6, 0x0, 0x10000, 0x1, 0x2, {0x401, 0x10000}, 0x3, 0x6, 0xffffffffffffffdd, 0x1008200, 0x0, 0x80000004, 0x83, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x1802})
write$auto_seq_oss_f_ops_seq_oss(0xffffffffffffffff, 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/001/001\x00', 0x29202, 0x0)
mmap$auto(0x0, 0x420007, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x0, 0x3, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
close_range$auto(0x2, 0xffffffffffffffff, 0x2)
ioperm$auto(0x3, 0x8, 0x8)
sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="130026bd7000fcdbdf2502000000"], 0x14}, 0x1, 0x0, 0x0, 0x4004080}, 0x0)
sendmsg$auto_NL80211_CMD_FRAME_WAIT_CANCEL(r4, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="10010002", @ANYRES16=r0, @ANYBLOB="00042abd7000fcdbdf25430000001c00340081533e7ae6a0fd855a4053eb36ce2b6463e2ac2cd0e125db0400cf0004001e010400210106006d0076ec00001a0002002f70726f632f6275732f7063692f30302f30332e300000000600480002000000a000f300ff2fd2f3a48d6a3b3a2fcb22922727789f33efcc02953a8d6ff6b4d7031fc183f06f7e93d3388295a276bb4c982c3b277401c0468bb1fc2752864a7ec516f136e7fcca41ff4c51033c8d7e053c832d557962281eebaceb715e2e56c3a7cbbadc89c739bd4ffa0279c5cd6fa33c1ac9d64d4ed64ce09f18c137c21da6e33649772240e3b433add9b26c188bccf0e008cf76e1ea28574cf67958a5a3c90500740004000000"], 0x110}, 0x1, 0x0, 0x0, 0x48000}, 0x80d0)
finit_module$auto(0x3, 0xfffffffffffffffe, 0x2)
madvise$auto(0x0, 0x2003f0, 0x15)
madvise$auto(0x0, 0x200007, 0x19)
r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000001100)='/proc/bus/pci/00/03.0\x00', 0xa0581, 0x0)
write$auto_proc_reg_file_ops_compat_inode(r5, &(0x7f0000001140)="8cbdca", 0x3)
writev$auto(r5, &(0x7f0000001d40)={0x0, 0x2}, 0x6)
openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/pcmC1D1p\x00', 0x0, 0x0)
ioprio_set$auto(0x2, 0x0, 0x208)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/net/rose5/carrier\x00', 0x40501, 0x0)

771.513857ms ago: executing program 3 (id=2803):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/nullb0/queue/physical_block_size\x00', 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/fcloop/ctl/del_local_port\x00', 0x80001, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video33\x00', 0x0, 0x0)
select$auto(0x6, &(0x7f0000000240)={[0xfffffffffffffffd, 0x50380, 0x80000000007bb, 0x400, 0x7b2600000000, 0x8, 0x40, 0x1d3c, 0x0, 0x2, 0x400, 0x3, 0x0, 0x6, 0x297f, 0x80]}, 0x0, 0x0, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)

615.944692ms ago: executing program 0 (id=2804):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100000000000000000008000200", @ANYRES32, @ANYBLOB="060006ff05000000080003009b"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (fail_nth: 1)

169.853668ms ago: executing program 2 (id=2805):
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card1\x00', 0x40000, 0x0)
mmap$auto_vmwgfx_driver_fops_vmwgfx_drv(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x11, r0, 0x100000000)
keyctl$auto(0xe, 0x1, 0x1, 0x4, 0x6)
keyctl$auto(0x200000e, 0x0, 0x1, 0x0, 0x7)
mmap$auto(0x0, 0x800000202000b, 0x3, 0x12, r0, 0x8000)
r1 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x0, 0x0)
pread64$auto(r1, 0x0, 0x59, 0x7)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0)
close_range$auto(0x2, 0x8, 0x0)
read$auto_bdi_debug_stats_fops_(0xffffffffffffffff, &(0x7f00000001c0)=""/169, 0xa9)
unshare$auto(0x40000080)
r2 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/block/nbd3/hctx0/sched_tags_bitmap\x00', 0x0, 0x0)
pread64$auto(r2, 0x0, 0x6c, 0xfc)
r3 = socket(0x2a, 0x2, 0x1)
connect$auto(r3, &(0x7f0000000140)=@qipcrtr={0x2a, 0x1, 0x3fff}, 0x57)
adjtimex$auto(0x0)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x101002, 0x0)
r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/dev\x00', 0x40100, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/fs/lockd/nlm_end_grace\x00', 0x8282, 0x0)
close_range$auto(0x2, 0x8, 0x0)
pread64$auto(r5, 0x0, 0x10001, 0x830)
write$auto(r4, 0x0, 0x100)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'geneve0\x00'})
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000100), 0x80, 0x0)
read$auto_rng_chrdev_ops_core(r6, &(0x7f0000000280)=""/61, 0x3d)

169.680026ms ago: executing program 3 (id=2806):
r0 = openat$auto_tracing_mark_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/trace_marker\x00', 0x201, 0x0)
writev$auto(r0, &(0x7f0000001040)={0x0, 0x7fff}, 0x9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
sendmsg$auto_NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000780)=ANY=[@ANYBLOB="24020000", @ANYRES16=0x0, @ANYBLOB="00042cbd7000fcdbdf250100000004000780080005000900000008000200ba4d2406ad01088014000400200100000000000000000000000000024b355a7d87f7b4f825a4a32d7dfa4ee030a8ba8339836473c6adba8b7388e7f88d51c075f83f22a245691267852d736f73b58f947976a14944c5f83e3de059bd70c89a7d2c62db2b6f455e5749a8814a762bc1f104ffec1a139bb0679c984bef8347332d48ff772a0af2bf248adab10c5040d1af4a74769649db6c36f033c580991b176adb52448ed07ad8a08b7702a852f1000c80ac3e30a94c5b0434db050d91bd33fad83a5fb91445bed981a2c4498e92b08be4b372be3c7a78d712f5a27dbb7f6a9f4eb0380904000280080016000600000008002b00", @ANYRES32, @ANYBLOB="68a8105d08ce306178305fb4613924c9e754c150257c028dcb51de1fcccdce0696066efcdae939f778a147bda713ffe2a9f3f267b71b6fb15c748d05d1cbaa37757798b91f63f6f92d2f6d3322ccb4238f20945854c197e4e02431baeb82189b9b8df92443e8af715b967afb9f2ca7e823aec8aef56f85a48e711ca58408739186a4bfbb9f819de994b628151ae6e9067dc860584ac9fe7c3aa9b2b970026e9581d7e9aa4e690000001000898004007d800800f100", @ANYRES32, @ANYBLOB="000000080002000700000042000b80d6a878d8fe755a7537a430b0b0568a157040b88fa8824641bb79f0a9846f9304ade1006e72eafe1e10f09de86f2422f3f20000d497941a72b36917619ea2942ec36db90d78954c7925b818260346278c60859ce38c0a238c8eb1f9747ccf9d7d31e5402dc9fa907c45af9efcbbd8f5ff9355daa9b909bdf8bfc15a21a53170739f6d6af5dcc2ca11751b9aa5f8e81b8a0653dd09915facbac7dfb89b78cc2af3eceea78ef0ce7f08dcab12e3216c49781e432a57b4aa8debfc9607fa38bcbc01f7d93c62ecf9045a895a8aea3a396d4efddd7fe8b53b376bad9d94de7895e99e15daf103f99c2fbd57b4d82d3beb0f1c905631a3b4a4e982cba08e952be2dd6413f62b64ffb5ba67e705faef419dd73a8ce4f3706ec5e790b7fd87cf76"], 0x224}, 0x1, 0x0, 0x0, 0x801}, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r1)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r3=>0x0})
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="2f212dbd7000fcdbdf2521000000080003", @ANYRES32=r3, @ANYBLOB="08009e"], 0x24}}, 0x4000000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
getcpu$auto(&(0x7f00000002c0)=0x9, &(0x7f0000000300)=0x8, 0x0)
write$auto(0x3, 0x0, 0x7fffffff)

168.575139ms ago: executing program 1 (id=2813):
r0 = socket(0xa, 0x3, 0x87)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop11\x00', 0x20000, 0x0)
ioctl$auto_BLKBSZGET(r1, 0x80081270, &(0x7f00000001c0)=0xbbc)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x20004015}, 0x1)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "00800000ffefffffff0200000001"}, 0x55)
r2 = fsopen$auto(0x0, 0x1)
ioctl$auto(0x3, 0x4188aec6, r2)
read$auto_clk_summary_fops_(r2, &(0x7f0000000300)=""/210, 0xd2)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

0s ago: executing program 0 (id=2807):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8004)
read$auto_ep0_operations_inode(0xffffffffffffffff, &(0x7f0000000300)=""/133, 0x85)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32=<r0=>0xffffffffffffffff, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100000000000000000008000200", @ANYRES32, @ANYBLOB="060006ff05000000080003009b"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
r1 = ioctl$auto_TUNSETFILTEREBPF(0xffffffffffffffff, 0x800454e1, &(0x7f0000000040)=0x4)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYRES32=r0, @ANYBLOB="13"], 0x1ac}}, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

kernel console output (not intermixed with test programs):

	
	

	
	

	
	

	
	

	


	
	
	

	
	
	
	
	

	
	

	
	

	
	

	
	

	
	

	
	

	




	
	
	


	
		

	


	
	

		
	
		
	


	



			








	




	





				
				








	


	





	
















	

	



	
	






	




	





		







	

	
	
	
	

	
	

	
	

	
	

	
	

	
	

	
	
	

				


		

				

	
	
	
	
	
	
	
	

	
	

	
	

	
	

	
	

	
	

	
	

	
	

	
	

	
		
	
	
	
		

	



	
	

	

	
	
	
	

	
	

	
	

	
	

	
	

	
	

	
	
	

	

	

	
		
	

	
	

	
	
	
	

	


	
	
	

	
	

	
	

	
	

	

	
		

	


	
	

		
	
		
	


	



			








	




	





				
				








	


	





	
















	

	



	
	






	




	





		







	

	
	
	
	

	
	

	
	

				


		

				

	

	
	

	
	

	
	

	
	

	

	
		

	


		

		
	
		
	


	



			








	

	
	

	




		

		
	

		

	
	
	

	
	
	






	


	




	
	







	
	
	

	
	

	
	

	
	

	
	

	
	

	
	

	
		
	

	
	
	
	
	

	
	

	

	
		

	


	
	

		
	
		
	


	



			








	

	
	






	







	






	
	

		
			
	






	




	





		












	

	
	

	
	
	

	
	

	

syzkaller
syzkaller login: [  647.586317][ T5833] Bluetooth: hci0: command 0x0c1a tx timeout
[  648.325130][ T5833] Bluetooth: hci3: command 0x0c1a tx timeout
[  648.386881][ T5141] Bluetooth: hci1: command 0x041b tx timeout
[  648.394204][ T5833] Bluetooth: hci2: command 0x0c1a tx timeout
[  649.092869][T16211] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  649.144343][T16211] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  649.183626][T16211] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  649.225475][T16211] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  649.430507][T16235] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2231'.
[  650.311198][T16259] can: request_module (can-proto-3) failed.
[  650.387000][ T5833] Bluetooth: hci0: command 0x0c1a tx timeout
[  650.690058][T16274] FAULT_INJECTION: forcing a failure.
[  650.690058][T16274] name failslab, interval 1, probability 0, space 0, times 0
[  650.853312][T16274] CPU: 1 UID: 0 PID: 16274 Comm: syz.1.2239 Not tainted 6.15.0-rc4-syzkaller-00011-gf15d97df5afa #0 PREEMPT(full) 
[  650.853357][T16274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  650.853376][T16274] Call Trace:
[  650.853386][T16274]  <TASK>
[  650.853398][T16274]  dump_stack_lvl+0x16c/0x1f0
[  650.853441][T16274]  should_fail_ex+0x512/0x640
[  650.853484][T16274]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  650.853525][T16274]  should_failslab+0xc2/0x120
[  650.853565][T16274]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  650.853600][T16274]  ? getname_flags.part.0+0x4c/0x550
[  650.853647][T16274]  getname_flags.part.0+0x4c/0x550
[  650.853694][T16274]  getname_flags+0x93/0xf0
[  650.853742][T16274]  do_sys_openat2+0xb8/0x1d0
[  650.853791][T16274]  ? __pfx_do_sys_openat2+0x10/0x10
[  650.853848][T16274]  __x64_sys_openat+0x174/0x210
[  650.853892][T16274]  ? __pfx___x64_sys_openat+0x10/0x10
[  650.853936][T16274]  ? rcu_is_watching+0x12/0xc0
[  650.853977][T16274]  do_syscall_64+0xcd/0x230
[  650.854017][T16274]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  650.854049][T16274] RIP: 0033:0x7efc1398e969
[  650.854072][T16274] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  650.854103][T16274] RSP: 002b:00007efc1470f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  650.854134][T16274] RAX: ffffffffffffffda RBX: 00007efc13bb6080 RCX: 00007efc1398e969
[  650.854155][T16274] RDX: 0000000000001200 RSI: 0000200000000400 RDI: ffffffffffffff9c
[  650.854176][T16274] RBP: 00007efc13a10ab1 R08: 0000000000000000 R09: 0000000000000000
[  650.854196][T16274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  650.854215][T16274] R13: 0000000000000000 R14: 00007efc13bb6080 R15: 00007ffe5f3ad408
[  650.854257][T16274]  </TASK>
[  651.195351][ T5833] Bluetooth: hci2: command 0x0c1a tx timeout
[  651.202716][ T5833] Bluetooth: hci3: command 0x0c1a tx timeout
[  651.265915][ T5833] Bluetooth: hci1: command 0x041b tx timeout
[  652.005532][T16282] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  652.157235][T16282] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  652.301934][T16282] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  652.335788][T16291] FAULT_INJECTION: forcing a failure.
[  652.335788][T16291] name failslab, interval 1, probability 0, space 0, times 0
[  652.361793][T16282] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  652.405119][T16291] CPU: 0 UID: 0 PID: 16291 Comm: syz.2.2244 Not tainted 6.15.0-rc4-syzkaller-00011-gf15d97df5afa #0 PREEMPT(full) 
[  652.405168][T16291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  652.405188][T16291] Call Trace:
[  652.405198][T16291]  <TASK>
[  652.405211][T16291]  dump_stack_lvl+0x16c/0x1f0
[  652.405255][T16291]  should_fail_ex+0x512/0x640
[  652.405303][T16291]  ? __kmalloc_noprof+0xbf/0x510
[  652.405341][T16291]  ? vb2_core_allocated_buffers_storage+0xc4/0x220
[  652.405391][T16291]  should_failslab+0xc2/0x120
[  652.405431][T16291]  __kmalloc_noprof+0xd2/0x510
[  652.405476][T16291]  vb2_core_allocated_buffers_storage+0xc4/0x220
[  652.405533][T16291]  vb2_core_reqbufs+0x398/0xfe0
[  652.405594][T16291]  ? __pfx_vb2_core_reqbufs+0x10/0x10
[  652.405666][T16291]  __vb2_init_fileio+0x3f1/0x1100
[  652.405740][T16291]  vb2_core_poll+0x486/0x700
[  652.405796][T16291]  vb2_poll+0x33/0x150
[  652.405843][T16291]  vb2_fop_poll+0x10f/0x2c0
[  652.405893][T16291]  ? __pfx_vb2_fop_poll+0x10/0x10
[  652.405938][T16291]  v4l2_poll+0x160/0x320
[  652.405976][T16291]  ? __pfx_v4l2_poll+0x10/0x10
[  652.406010][T16291]  do_sys_poll+0x523/0xe00
[  652.406075][T16291]  ? __pfx_do_sys_poll+0x10/0x10
[  652.406165][T16291]  ? preempt_schedule_thunk+0x16/0x30
[  652.406230][T16291]  ? __pfx_pollwake+0x10/0x10
[  652.406307][T16291]  ? __pfx_pollwake+0x10/0x10
[  652.406357][T16291]  ? __pfx_pollwake+0x10/0x10
[  652.406407][T16291]  ? __pfx_pollwake+0x10/0x10
[  652.406460][T16291]  ? __pfx_pollwake+0x10/0x10
[  652.406511][T16291]  ? __pfx_pollwake+0x10/0x10
[  652.406561][T16291]  ? __pfx_pollwake+0x10/0x10
[  652.406627][T16291]  ? do_futex+0x122/0x350
[  652.406662][T16291]  ? __pfx_do_futex+0x10/0x10
[  652.406695][T16291]  ? set_user_sigmask+0x21b/0x2b0
[  652.406726][T16291]  ? __pfx_set_user_sigmask+0x10/0x10
[  652.406776][T16291]  __x64_sys_ppoll+0x254/0x2d0
[  652.406828][T16291]  ? __pfx___x64_sys_ppoll+0x10/0x10
[  652.406882][T16291]  ? rcu_is_watching+0x12/0xc0
[  652.406923][T16291]  do_syscall_64+0xcd/0x230
[  652.406968][T16291]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  652.407000][T16291] RIP: 0033:0x7f5ac218e969
[  652.407026][T16291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  652.407058][T16291] RSP: 002b:00007f5ac3036038 EFLAGS: 00000246 ORIG_RAX: 000000000000010f
[  652.407091][T16291] RAX: ffffffffffffffda RBX: 00007f5ac23b5fa0 RCX: 00007f5ac218e969
[  652.407113][T16291] RDX: 0000000000000000 RSI: 00000000000000f3 RDI: 0000200000000140
[  652.407134][T16291] RBP: 00007f5ac2210ab1 R08: 0000000000000008 R09: 0000000000000000
[  652.407154][T16291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  652.407174][T16291] R13: 0000000000000000 R14: 00007f5ac23b5fa0 R15: 00007ffe69dec788
[  652.407218][T16291]  </TASK>
[  653.745219][ T5141] Bluetooth: hci0: command 0x0c1a tx timeout
[  654.043461][    C1] vcan0: j1939_tp_rxtimer: 0xffff888024d40400: rx timeout, send abort
[  654.055511][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888024d40400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  654.157472][T16321] CIFS mount error: No usable UNC path provided in device string!
[  654.157472][T16321] 
[  654.198734][T16321] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  654.225598][ T5141] Bluetooth: hci3: command 0x0c1a tx timeout
[  654.305266][ T5141] Bluetooth: hci2: command 0x0c1a tx timeout
[  654.385378][ T5141] Bluetooth: hci1: command 0x041b tx timeout
[  655.508971][T16344] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  655.634686][T16344] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  655.642292][T16344] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  655.737126][T16350] CIFS mount error: No usable UNC path provided in device string!
[  655.737126][T16350] 
[  655.775528][T16344] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  655.782771][T16350] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  656.090496][T16364] FAULT_INJECTION: forcing a failure.
[  656.090496][T16364] name failslab, interval 1, probability 0, space 0, times 0
[  656.167166][T16364] CPU: 0 UID: 0 PID: 16364 Comm: syz.1.2260 Not tainted 6.15.0-rc4-syzkaller-00011-gf15d97df5afa #0 PREEMPT(full) 
[  656.167210][T16364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  656.167229][T16364] Call Trace:
[  656.167238][T16364]  <TASK>
[  656.167250][T16364]  dump_stack_lvl+0x16c/0x1f0
[  656.167292][T16364]  should_fail_ex+0x512/0x640
[  656.167335][T16364]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  656.167372][T16364]  ? __pfx_regulator_summary_open+0x10/0x10
[  656.167415][T16364]  should_failslab+0xc2/0x120
[  656.167453][T16364]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  656.167488][T16364]  ? seq_open+0x55/0x170
[  656.167528][T16364]  ? __pfx_regulator_summary_open+0x10/0x10
[  656.167566][T16364]  ? __pfx_regulator_summary_show+0x10/0x10
[  656.167612][T16364]  seq_open+0x55/0x170
[  656.167646][T16364]  ? __pfx_regulator_summary_show+0x10/0x10
[  656.167692][T16364]  single_open+0xfc/0x1f0
[  656.167731][T16364]  full_proxy_open_regular+0x1b6/0x360
[  656.167773][T16364]  do_dentry_open+0x741/0x1c10
[  656.167804][T16364]  ? __pfx_full_proxy_open_regular+0x10/0x10
[  656.167851][T16364]  vfs_open+0x82/0x3f0
[  656.167897][T16364]  path_openat+0x1e5e/0x2d40
[  656.167942][T16364]  ? __pfx_path_openat+0x10/0x10
[  656.167983][T16364]  do_filp_open+0x20b/0x470
[  656.168012][T16364]  ? __pfx_do_filp_open+0x10/0x10
[  656.168085][T16364]  ? alloc_fd+0x471/0x7d0
[  656.168146][T16364]  do_sys_openat2+0x11b/0x1d0
[  656.168188][T16364]  ? __pfx_do_sys_openat2+0x10/0x10
[  656.168246][T16364]  __x64_sys_openat+0x174/0x210
[  656.168289][T16364]  ? __pfx___x64_sys_openat+0x10/0x10
[  656.168332][T16364]  ? rcu_is_watching+0x12/0xc0
[  656.168374][T16364]  do_syscall_64+0xcd/0x230
[  656.168417][T16364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  656.168449][T16364] RIP: 0033:0x7efc1398e969
[  656.168474][T16364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  656.168504][T16364] RSP: 002b:00007efc14730038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  656.168534][T16364] RAX: ffffffffffffffda RBX: 00007efc13bb5fa0 RCX: 00007efc1398e969
[  656.168555][T16364] RDX: 0000000000000a80 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  656.168574][T16364] RBP: 00007efc13a10ab1 R08: 0000000000000000 R09: 0000000000000000
[  656.168593][T16364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  656.168612][T16364] R13: 0000000000000000 R14: 00007efc13bb5fa0 R15: 00007ffe5f3ad408
[  656.168654][T16364]  </TASK>
[  656.962415][T16384] cifs: Unknown parameter '�'
[  657.025510][ T5141] Bluetooth: hci0: command 0x0c1a tx timeout
[  657.667872][ T5141] Bluetooth: hci2: command 0x0c1a tx timeout
[  657.667930][ T5833] Bluetooth: hci3: command 0x0c1a tx timeout
[  657.825188][ T5833] Bluetooth: hci1: command 0x041b tx timeout
[  658.554342][T16406] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  658.592040][T16406] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  658.638682][T16406] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  658.680369][T16406] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  658.914485][T16427] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2274'.
[  659.038067][T16433] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2275'.
[  659.535109][T16452] sd 0:0:1:0: device reset
[  659.710221][T16458] FAULT_INJECTION: forcing a failure.
[  659.710221][T16458] name failslab, interval 1, probability 0, space 0, times 0
[  659.768299][T16458] CPU: 0 UID: 0 PID: 16458 Comm: syz.1.2282 Not tainted 6.15.0-rc4-syzkaller-00011-gf15d97df5afa #0 PREEMPT(full) 
[  659.768345][T16458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  659.768363][T16458] Call Trace:
[  659.768373][T16458]  <TASK>
[  659.768385][T16458]  dump_stack_lvl+0x16c/0x1f0
[  659.768427][T16458]  should_fail_ex+0x512/0x640
[  659.768468][T16458]  ? fs_reclaim_acquire+0xae/0x150
[  659.768516][T16458]  ? tomoyo_encode2+0x100/0x3e0
[  659.768555][T16458]  should_failslab+0xc2/0x120
[  659.768591][T16458]  __kmalloc_noprof+0xd2/0x510
[  659.768624][T16458]  ? d_absolute_path+0x136/0x1a0
[  659.768668][T16458]  tomoyo_encode2+0x100/0x3e0
[  659.768714][T16458]  tomoyo_encode+0x29/0x50
[  659.768752][T16458]  tomoyo_realpath_from_path+0x18f/0x6e0
[  659.768806][T16458]  tomoyo_path_number_perm+0x245/0x580
[  659.768840][T16458]  ? tomoyo_path_number_perm+0x237/0x580
[  659.768879][T16458]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  659.768916][T16458]  ? find_held_lock+0x2b/0x80
[  659.768980][T16458]  ? fd_install+0x244/0x750
[  659.769034][T16458]  ? hook_file_ioctl_common+0x145/0x410
[  659.769088][T16458]  security_file_ioctl+0x9b/0x240
[  659.769127][T16458]  __x64_sys_ioctl+0xb7/0x200
[  659.769181][T16458]  do_syscall_64+0xcd/0x230
[  659.769219][T16458]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  659.769248][T16458] RIP: 0033:0x7efc1398e969
[  659.769269][T16458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  659.769297][T16458] RSP: 002b:00007efc14730038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  659.769327][T16458] RAX: ffffffffffffffda RBX: 00007efc13bb5fa0 RCX: 00007efc1398e969
[  659.769345][T16458] RDX: 0000000000000000 RSI: 0000000000002284 RDI: 0000000000000003
[  659.769362][T16458] RBP: 00007efc14730090 R08: 0000000000000000 R09: 0000000000000000
[  659.769379][T16458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  659.769396][T16458] R13: 0000000000000000 R14: 00007efc13bb5fa0 R15: 00007ffe5f3ad408
[  659.769434][T16458]  </TASK>
[  659.769501][T16458] ERROR: Out of memory at tomoyo_realpath_from_path.
[  659.827253][ T5141] Bluetooth: hci0: command 0x0c1a tx timeout
[  660.072018][T16458] sd 0:0:1:0: device reset
[  660.635989][ T5141] Bluetooth: hci3: command 0x0c1a tx timeout
[  660.715233][ T5141] Bluetooth: hci1: command 0x041b tx timeout
[  660.715277][ T5833] Bluetooth: hci2: command 0x0c1a tx timeout
[  660.737990][T16461] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  660.758092][T16461] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  660.774381][T16461] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  660.784975][T16461] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  661.142846][T16483] sd 0:0:1:0: device reset
[  662.135500][T16514] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2294'.
[  662.146424][ T5833] Bluetooth: hci0: command 0x0c1a tx timeout
[  662.590594][T16519] can: request_module (can-proto-3) failed.
[  662.785312][ T5833] Bluetooth: hci1: command 0x041b tx timeout
[  662.785327][ T5141] Bluetooth: hci2: command 0x0c1a tx timeout
[  662.785372][ T5141] Bluetooth: hci3: command 0x0c1a tx timeout
[  663.708149][T16527] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  663.721244][T16527] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  663.729719][T16527] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  663.747322][T16527] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  663.989445][T16550] FAULT_INJECTION: forcing a failure.
[  663.989445][T16550] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  664.019145][T16550] CPU: 0 UID: 0 PID: 16550 Comm: syz.3.2303 Not tainted 6.15.0-rc4-syzkaller-00011-gf15d97df5afa #0 PREEMPT(full) 
[  664.019190][T16550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  664.019215][T16550] Call Trace:
[  664.019225][T16550]  <TASK>
[  664.019237][T16550]  dump_stack_lvl+0x16c/0x1f0
[  664.019279][T16550]  should_fail_ex+0x512/0x640
[  664.019326][T16550]  _copy_from_user+0x2e/0xd0
[  664.019368][T16550]  copy_msghdr_from_user+0x98/0x160
[  664.019394][T16550]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  664.019452][T16550]  ? __pfx__kstrtoull+0x10/0x10
[  664.019487][T16550]  ___sys_sendmsg+0xfe/0x1d0
[  664.019513][T16550]  ? __pfx____sys_sendmsg+0x10/0x10
[  664.019553][T16550]  ? find_held_lock+0x2b/0x80
[  664.019598][T16550]  __sys_sendmmsg+0x200/0x420
[  664.019627][T16550]  ? __pfx___sys_sendmmsg+0x10/0x10
[  664.019662][T16550]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  664.019713][T16550]  ? fput+0x70/0xf0
[  664.019747][T16550]  ? ksys_write+0x1b9/0x240
[  664.019772][T16550]  ? __pfx_ksys_write+0x10/0x10
[  664.019796][T16550]  ? rcu_is_watching+0x12/0xc0
[  664.019830][T16550]  __x64_sys_sendmmsg+0x9c/0x100
[  664.019858][T16550]  ? lockdep_hardirqs_on+0x7c/0x110
[  664.019891][T16550]  do_syscall_64+0xcd/0x230
[  664.019932][T16550]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  664.019963][T16550] RIP: 0033:0x7f7f1478e969
[  664.019999][T16550] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  664.020026][T16550] RSP: 002b:00007f7f156c2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  664.020051][T16550] RAX: ffffffffffffffda RBX: 00007f7f149b5fa0 RCX: 00007f7f1478e969
[  664.020069][T16550] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003
[  664.020086][T16550] RBP: 00007f7f156c2090 R08: 0000000000000000 R09: 0000000000000000
[  664.020103][T16550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  664.020119][T16550] R13: 0000000000000000 R14: 00007f7f149b5fa0 R15: 00007ffe850503b8
[  664.020154][T16550]  </TASK>
[  665.194050][ T5141] Bluetooth: hci0: command 0x0c1a tx timeout
[  665.752167][ T5141] Bluetooth: hci2: command 0x0c1a tx timeout
[  665.759586][T11657] Bluetooth: hci3: command 0x0c1a tx timeout
[  665.825557][ T5141] Bluetooth: hci1: command 0x041b tx timeout
[  666.362769][T16579] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  666.380061][T16579] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  666.389572][T16579] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  666.397222][T16579] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  667.750618][ T5141] Bluetooth: hci0: command 0x0c1a tx timeout
[  668.026996][T16630] CIFS mount error: No usable UNC path provided in device string!
[  668.026996][T16630] 
[  668.056805][T16630] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  668.392822][ T5141] Bluetooth: hci3: command 0x0c1a tx timeout
[  668.471584][ T5141] Bluetooth: hci2: command 0x0c1a tx timeout
[  668.478911][ T5833] Bluetooth: hci1: command 0x041b tx timeout
[  669.785858][T16657] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  669.793946][T16657] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  669.853060][T16657] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  669.882998][T16657] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  669.913873][T16675] CIFS mount error: No usable UNC path provided in device string!
[  669.913873][T16675] 
[  669.927164][T16675] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  670.825484][ T5141] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260
[  670.825516][ T5141] Bluetooth: hci2: unexpected subevent 0x05 length: 725 > 12
[  671.050224][T16706] netlink: 98 bytes leftover after parsing attributes in process `syz.0.2334'.
[  671.082838][T16706] netlink: 50 bytes leftover after parsing attributes in process `syz.0.2334'.
[  671.105249][ T5141] Bluetooth: hci0: command 0x0c1a tx timeout
[  671.825456][ T5141] Bluetooth: hci3: command 0x0c1a tx timeout
[  671.905238][ T5833] Bluetooth: hci2: command 0x0c1a tx timeout
[  671.912975][ T5141] Bluetooth: hci1: command 0x041b tx timeout
[  672.120940][T16726] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2339'.
[  672.296961][T16714] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  672.328172][T16714] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  672.336622][T16714] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  672.355001][T16714] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  672.550179][T16737] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2342'.
[  672.939652][T16743] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2343'.
[  673.373123][T16753] sd 0:0:1:0: device reset
[  673.448186][T16755] FAULT_INJECTION: forcing a failure.
[  673.448186][T16755] name failslab, interval 1, probability 0, space 0, times 0
[  673.506377][T16755] CPU: 1 UID: 0 PID: 16755 Comm: syz.2.2347 Not tainted 6.15.0-rc4-syzkaller-00011-gf15d97df5afa #0 PREEMPT(full) 
[  673.506420][T16755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  673.506438][T16755] Call Trace:
[  673.506458][T16755]  <TASK>
[  673.506469][T16755]  dump_stack_lvl+0x16c/0x1f0
[  673.506527][T16755]  should_fail_ex+0x512/0x640
[  673.506567][T16755]  ? __kmalloc_noprof+0xbf/0x510
[  673.506603][T16755]  ? scsi_ioctl_reset+0x136/0x850
[  673.506631][T16755]  should_failslab+0xc2/0x120
[  673.506667][T16755]  __kmalloc_noprof+0xd2/0x510
[  673.506698][T16755]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  673.506739][T16755]  scsi_ioctl_reset+0x136/0x850
[  673.506773][T16755]  scsi_ioctl+0xfab/0x1840
[  673.506816][T16755]  ? __pfx___might_resched+0x10/0x10
[  673.506846][T16755]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  673.506889][T16755]  ? __pfx_scsi_ioctl+0x10/0x10
[  673.506956][T16755]  ? __pfx_scsi_block_when_processing_errors+0x10/0x10
[  673.507026][T16755]  sd_ioctl+0x1b1/0x2c0
[  673.507062][T16755]  ? __pfx_sd_ioctl+0x10/0x10
[  673.507100][T16755]  blkdev_ioctl+0x274/0x6d0
[  673.507132][T16755]  ? __pfx_blkdev_ioctl+0x10/0x10
[  673.507170][T16755]  ? __pfx_blkdev_ioctl+0x10/0x10
[  673.507202][T16755]  __x64_sys_ioctl+0x190/0x200
[  673.507262][T16755]  do_syscall_64+0xcd/0x230
[  673.507301][T16755]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  673.507331][T16755] RIP: 0033:0x7f5ac218e969
[  673.507354][T16755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  673.507383][T16755] RSP: 002b:00007f5ac3036038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  673.507412][T16755] RAX: ffffffffffffffda RBX: 00007f5ac23b5fa0 RCX: 00007f5ac218e969
[  673.507432][T16755] RDX: 0000000000000000 RSI: 0000000000002284 RDI: 0000000000000003
[  673.507449][T16755] RBP: 00007f5ac3036090 R08: 0000000000000000 R09: 0000000000000000
[  673.507466][T16755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  673.507484][T16755] R13: 0000000000000000 R14: 00007f5ac23b5fa0 R15: 00007ffe69dec788
[  673.507522][T16755]  </TASK>
[  673.918024][ T5141] Bluetooth: hci0: command 0x0c1a tx timeout
[  674.385382][ T5141] Bluetooth: hci2: command 0x0c1a tx timeout
[  674.392685][ T5141] Bluetooth: hci3: command 0x0c1a tx timeout
[  674.399973][ T5833] Bluetooth: hci1: command 0x041b tx timeout
[  675.095601][T16772] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  675.117840][T16772] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  675.146901][T16772] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  675.164524][T16772] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  675.218864][T16792] sd 0:0:1:0: device reset
[  675.878797][T16814] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2359'.
[  676.401249][ T5833] Bluetooth: hci0: command 0x0c1a tx timeout
[  677.185477][ T5833] Bluetooth: hci1: command 0x041b tx timeout
[  677.185569][ T5141] Bluetooth: hci2: command 0x0c1a tx timeout
[  677.192891][ T5833] Bluetooth: hci3: command 0x0c1a tx timeout
[  677.890161][ T5141] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  677.906254][ T5141] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  677.917044][ T5141] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  677.936257][ T5141] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  677.971863][ T5141] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  678.653578][T16878] FAULT_INJECTION: forcing a failure.
[  678.653578][T16878] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  678.700751][T16878] CPU: 0 UID: 0 PID: 16878 Comm: syz.0.2371 Not tainted 6.15.0-rc4-syzkaller-00011-gf15d97df5afa #0 PREEMPT(full) 
[  678.700788][T16878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  678.700804][T16878] Call Trace:
[  678.700813][T16878]  <TASK>
[  678.700823][T16878]  dump_stack_lvl+0x16c/0x1f0
[  678.700860][T16878]  should_fail_ex+0x512/0x640
[  678.700901][T16878]  _copy_from_iter+0x2a4/0x15b0
[  678.700949][T16878]  ? __pfx__copy_from_iter+0x10/0x10
[  678.700993][T16878]  ? find_held_lock+0x2b/0x80
[  678.701037][T16878]  ? rawv6_sendmsg+0xc33/0x4890
[  678.701087][T16878]  rawv6_sendmsg+0x1984/0x4890
[  678.701129][T16878]  ? up_write+0x1b2/0x520
[  678.701183][T16878]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  678.701226][T16878]  ? __lock_acquire+0x5ca/0x1ba0
[  678.701269][T16878]  ? __lock_acquire+0x5ca/0x1ba0
[  678.701321][T16878]  ? __pfx___might_resched+0x10/0x10
[  678.701367][T16878]  ? __pfx_aa_sk_perm+0x10/0x10
[  678.701399][T16878]  ? __import_iovec+0x1c8/0x660
[  678.701440][T16878]  ? __might_fault+0xe3/0x190
[  678.701471][T16878]  ? __might_fault+0x13b/0x190
[  678.701510][T16878]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  678.701558][T16878]  ? inet_sendmsg+0x119/0x140
[  678.701592][T16878]  inet_sendmsg+0x119/0x140
[  678.701629][T16878]  ____sys_sendmsg+0x973/0xc70
[  678.701668][T16878]  ? copy_msghdr_from_user+0x10a/0x160
[  678.701695][T16878]  ? __pfx_____sys_sendmsg+0x10/0x10
[  678.701738][T16878]  ? __pfx__kstrtoull+0x10/0x10
[  678.701778][T16878]  ___sys_sendmsg+0x134/0x1d0
[  678.701807][T16878]  ? __pfx____sys_sendmsg+0x10/0x10
[  678.701852][T16878]  ? find_held_lock+0x2b/0x80
[  678.701902][T16878]  __sys_sendmmsg+0x200/0x420
[  678.701935][T16878]  ? __pfx___sys_sendmmsg+0x10/0x10
[  678.701987][T16878]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  678.702078][T16878]  ? fput+0x70/0xf0
[  678.702115][T16878]  ? ksys_write+0x1b9/0x240
[  678.702144][T16878]  ? __pfx_ksys_write+0x10/0x10
[  678.702172][T16878]  ? rcu_is_watching+0x12/0xc0
[  678.702208][T16878]  __x64_sys_sendmmsg+0x9c/0x100
[  678.702239][T16878]  ? lockdep_hardirqs_on+0x7c/0x110
[  678.702274][T16878]  do_syscall_64+0xcd/0x230
[  678.702330][T16878]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  678.702362][T16878] RIP: 0033:0x7fc91218e969
[  678.702387][T16878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  678.702419][T16878] RSP: 002b:00007fc913003038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  678.702450][T16878] RAX: ffffffffffffffda RBX: 00007fc9123b5fa0 RCX: 00007fc91218e969
[  678.702471][T16878] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003
[  678.702492][T16878] RBP: 00007fc913003090 R08: 0000000000000000 R09: 0000000000000000
[  678.702518][T16878] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  678.702538][T16878] R13: 0000000000000000 R14: 00007fc9123b5fa0 R15: 00007ffe8d312208
[  678.702580][T16878]  </TASK>
[  679.625732][T16860] chnl_net:caif_netlink_parms(): no params data found
[  679.918883][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  680.065202][ T5833] Bluetooth: hci4: command tx timeout
[  680.189917][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  680.284501][T16860] bridge0: port 1(bridge_slave_0) entered blocking state
[  680.293215][T16860] bridge0: port 1(bridge_slave_0) entered disabled state
[  680.312286][T16860] bridge_slave_0: entered allmulticast mode
[  680.332278][T16860] bridge_slave_0: entered promiscuous mode
[  680.384353][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  680.422453][T16860] bridge0: port 2(bridge_slave_1) entered blocking state
[  680.432231][T16860] bridge0: port 2(bridge_slave_1) entered disabled state
[  680.443506][T16860] bridge_slave_1: entered allmulticast mode
[  680.454667][T16860] bridge_slave_1: entered promiscuous mode
[  680.500106][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  680.649793][T16860] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  680.687847][T16860] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  680.813481][T16860] team0: Port device team_slave_0 added
[  680.828376][T16860] team0: Port device team_slave_1 added
[  680.989133][T16860] batman_adv: batadv0: Adding interface: batadv_slave_0
[  681.008732][T16860] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  681.088449][T16860] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  681.247753][T16860] batman_adv: batadv0: Adding interface: batadv_slave_1
[  681.280489][T16860] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  681.369481][T16860] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  681.414262][   T12] bridge_slave_0: left allmulticast mode
[  681.423016][   T12] bridge_slave_0: left promiscuous mode
[  681.465921][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  682.145383][ T5833] Bluetooth: hci4: command tx timeout
[  683.079738][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  683.093538][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  683.117193][   T12] bond0 (unregistering): Released all slaves
[  683.723635][T16860] hsr_slave_0: entered promiscuous mode
[  683.746373][T16860] hsr_slave_1: entered promiscuous mode
[  684.225345][ T5833] Bluetooth: hci4: command tx timeout
[  684.565757][   T12] hsr_slave_0: left promiscuous mode
[  684.588554][   T12] hsr_slave_1: left promiscuous mode
[  684.602121][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  684.628675][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  684.656132][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  684.675229][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  684.723826][   T12] veth0_macvtap: left promiscuous mode
[  684.755811][   T12] veth1_vlan: left promiscuous mode
[  684.768151][   T12] veth0_vlan: left promiscuous mode
[  685.579224][   T12] team_slave_1 (unregistering): left allmulticast mode
[  685.592562][   T12] team0 (unregistering): Port device team_slave_1 removed
[  685.654966][   T12] team_slave_0 (unregistering): left allmulticast mode
[  685.672178][   T12] team0 (unregistering): Port device team_slave_0 removed
[  686.306584][ T5833] Bluetooth: hci4: command tx timeout
[  686.830684][T16994] CIFS mount error: No usable UNC path provided in device string!
[  686.830684][T16994] 
[  686.843089][T16994] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  687.963090][T16860] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  688.005662][T16860] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  688.049654][T16860] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  688.079914][T16860] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  688.420240][T16860] 8021q: adding VLAN 0 to HW filter on device bond0
[  688.493708][T16860] 8021q: adding VLAN 0 to HW filter on device team0
[  688.550324][ T1138] bridge0: port 1(bridge_slave_0) entered blocking state
[  688.559000][ T1138] bridge0: port 1(bridge_slave_0) entered forwarding state
[  688.643571][ T1138] bridge0: port 2(bridge_slave_1) entered blocking state
[  688.652218][ T1138] bridge0: port 2(bridge_slave_1) entered forwarding state
[  688.829695][T16860] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  689.460738][T16860] 8021q: adding VLAN 0 to HW filter on device batadv0
[  689.814786][   T30] audit: type=1800 audit(6041016338.763:10): pid=17078 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2400" name="dbroot" dev="configfs" ino=46591 res=0 errno=0
[  689.827999][T17078] db_root: cannot open: �
[  690.316620][T17084] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2401'.
[  690.325015][T16860] veth0_vlan: entered promiscuous mode
[  690.489442][T16860] veth1_vlan: entered promiscuous mode
[  690.666400][T16860] veth0_macvtap: entered promiscuous mode
[  690.709751][T16860] veth1_macvtap: entered promiscuous mode
[  690.774392][T16860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  690.792332][T16860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  690.828421][T16860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  690.873407][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  690.884262][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  690.895216][T16860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  690.915088][T16860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  690.945309][T16860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  690.986825][T16860] batman_adv: batadv0: Interface activated: batadv_slave_0
[  691.018929][T16860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  691.048318][T16860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  691.096894][T17111] FAULT_INJECTION: forcing a failure.
[  691.096894][T17111] name failslab, interval 1, probability 0, space 0, times 0
[  691.112215][T16860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  691.125925][T16860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  691.138464][T17111] CPU: 1 UID: 0 PID: 17111 Comm: syz.3.2406 Not tainted 6.15.0-rc4-syzkaller-00011-gf15d97df5afa #0 PREEMPT(full) 
[  691.138516][T17111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  691.138535][T17111] Call Trace:
[  691.138545][T17111]  <TASK>
[  691.138557][T17111]  dump_stack_lvl+0x16c/0x1f0
[  691.138600][T17111]  should_fail_ex+0x512/0x640
[  691.138654][T17111]  should_failslab+0xc2/0x120
[  691.138692][T17111]  __kmalloc_cache_noprof+0x6a/0x3e0
[  691.138749][T17111]  ? sdev_prefix_printk+0xe8/0x230
[  691.138805][T17111]  sdev_prefix_printk+0xe8/0x230
[  691.138853][T17111]  ? __debug_object_init+0x2de/0x3d0
[  691.138885][T17111]  ? __pfx_sdev_prefix_printk+0x10/0x10
[  691.138961][T17111]  ? do_raw_spin_lock+0x12c/0x2b0
[  691.139011][T17111]  ? find_held_lock+0x2b/0x80
[  691.139048][T17111]  virtscsi_device_reset+0x71/0x320
[  691.139095][T17111]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  691.139140][T17111]  scsi_ioctl_reset+0x51a/0x850
[  691.139170][T17111]  ? __pfx_virtscsi_device_reset+0x10/0x10
[  691.139223][T17111]  scsi_ioctl+0xfab/0x1840
[  691.139279][T17111]  ? __pfx___might_resched+0x10/0x10
[  691.139312][T17111]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  691.139356][T17111]  ? __pfx_scsi_ioctl+0x10/0x10
[  691.139409][T17111]  ? __pfx_scsi_block_when_processing_errors+0x10/0x10
[  691.139483][T17111]  sd_ioctl+0x1b1/0x2c0
[  691.139526][T17111]  ? __pfx_sd_ioctl+0x10/0x10
[  691.139568][T17111]  blkdev_ioctl+0x274/0x6d0
[  691.139604][T17111]  ? __pfx_blkdev_ioctl+0x10/0x10
[  691.139646][T17111]  ? __pfx_blkdev_ioctl+0x10/0x10
[  691.139684][T17111]  __x64_sys_ioctl+0x190/0x200
[  691.139729][T17111]  do_syscall_64+0xcd/0x230
[  691.139772][T17111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  691.139804][T17111] RIP: 0033:0x7f7f1478e969
[  691.139829][T17111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  691.139860][T17111] RSP: 002b:00007f7f156c2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  691.139891][T17111] RAX: ffffffffffffffda RBX: 00007f7f149b5fa0 RCX: 00007f7f1478e969
[  691.139913][T17111] RDX: 0000000000000000 RSI: 0000000000002284 RDI: 0000000000000003
[  691.139933][T17111] RBP: 00007f7f156c2090 R08: 0000000000000000 R09: 0000000000000000
[  691.139953][T17111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  691.139973][T17111] R13: 0000000000000000 R14: 00007f7f149b5fa0 R15: 00007ffe850503b8
[  691.140015][T17111]  </TASK>
[  691.140105][T16860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  691.483556][T16860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  691.610691][T16860] batman_adv: batadv0: Interface activated: batadv_slave_1
[  691.739700][T16860] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  691.775156][T16860] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  691.836899][T16860] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  691.857518][T16860] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  692.249224][   T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  692.279142][   T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  692.337649][T10345] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  692.348615][T10345] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  693.681257][T17150] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  693.711150][T17150] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  693.733146][T17150] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  693.755508][T17150] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  693.814421][T17150] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  693.934111][T17150] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  694.393293][ T5826] smc: removing net device syz_tun with user defined pnetid ETHTOOL
[  694.478787][T17181] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2414'.
[  694.549842][ T5141] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  694.560777][ T5141] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  694.571876][ T5141] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  694.590055][ T5141] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  694.600272][ T5141] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  694.736350][   T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  694.853910][   T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  694.980725][   T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  695.104520][T17197] can: request_module (can-proto-3) failed.
[  695.182590][   T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  695.462463][T17182] chnl_net:caif_netlink_parms(): no params data found
[  695.745370][ T5141] Bluetooth: hci1: command 0x041b tx timeout
[  695.752645][ T5141] Bluetooth: hci2: command 0x0c1a tx timeout
[  695.835591][ T5141] Bluetooth: hci4: command 0x0c1a tx timeout
[  695.863173][   T12] bridge_slave_1: left allmulticast mode
[  695.877028][   T12] bridge_slave_1: left promiscuous mode
[  695.903663][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  695.948871][   T12] bridge_slave_0: left allmulticast mode
[  695.961621][   T12] bridge_slave_0: left promiscuous mode
[  695.982658][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  696.047069][T17206] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2418'.
[  696.429374][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  696.442128][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  696.454298][   T12] bond0 (unregistering): Released all slaves
[  696.623698][   T12] tipc: Left network mode
[  696.705652][ T5141] Bluetooth: hci0: command tx timeout
[  696.853971][T17182] bridge0: port 1(bridge_slave_0) entered blocking state
[  696.876177][T17216] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  696.887656][T17216] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  696.890408][T17182] bridge0: port 1(bridge_slave_0) entered disabled state
[  696.896872][T17216] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  696.929218][T17182] bridge_slave_0: entered allmulticast mode
[  696.930401][T17216] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  696.939955][T17182] bridge_slave_0: entered promiscuous mode
[  696.985776][T17216] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  697.010177][T17216] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  697.022118][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  697.045280][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  697.077168][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  697.105252][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  697.189254][   T12] veth0_macvtap: left promiscuous mode
[  697.203897][   T12] veth1_vlan: left promiscuous mode
[  697.211912][   T12] veth0_vlan: left promiscuous mode
[  697.279694][T17233] FAULT_INJECTION: forcing a failure.
[  697.279694][T17233] name failslab, interval 1, probability 0, space 0, times 0
[  697.325449][T17233] CPU: 1 UID: 0 PID: 17233 Comm: syz.2.2424 Not tainted 6.15.0-rc4-syzkaller-00011-gf15d97df5afa #0 PREEMPT(full) 
[  697.325495][T17233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  697.325514][T17233] Call Trace:
[  697.325524][T17233]  <TASK>
[  697.325537][T17233]  dump_stack_lvl+0x16c/0x1f0
[  697.325581][T17233]  should_fail_ex+0x512/0x640
[  697.325625][T17233]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  697.325666][T17233]  should_failslab+0xc2/0x120
[  697.325705][T17233]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  697.325739][T17233]  ? __lock_acquire+0x5ca/0x1ba0
[  697.325778][T17233]  ? __alloc_skb+0x2b2/0x380
[  697.325844][T17233]  __alloc_skb+0x2b2/0x380
[  697.325894][T17233]  ? __pfx___alloc_skb+0x10/0x10
[  697.325950][T17233]  ? find_held_lock+0x2b/0x80
[  697.325986][T17233]  __ip6_append_data+0x2bb6/0x4710
[  697.326031][T17233]  ? __pfx_raw6_getfrag+0x10/0x10
[  697.326101][T17233]  ? __pfx___ip6_append_data+0x10/0x10
[  697.326139][T17233]  ? ip6_setup_cork+0xd01/0x15d0
[  697.326178][T17233]  ip6_append_data+0x1bd/0x4c0
[  697.326225][T17233]  ? __pfx_raw6_getfrag+0x10/0x10
[  697.326277][T17233]  rawv6_sendmsg+0x175a/0x4890
[  697.326327][T17233]  ? up_write+0x1b2/0x520
[  697.326386][T17233]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  697.326432][T17233]  ? __lock_acquire+0x5ca/0x1ba0
[  697.326484][T17233]  ? __lock_acquire+0x5ca/0x1ba0
[  697.326560][T17233]  ? __pfx___might_resched+0x10/0x10
[  697.326615][T17233]  ? __pfx_aa_sk_perm+0x10/0x10
[  697.326651][T17233]  ? __import_iovec+0x1c8/0x660
[  697.326698][T17233]  ? __might_fault+0xe3/0x190
[  697.326733][T17233]  ? __might_fault+0x13b/0x190
[  697.326768][T17233]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  697.326829][T17233]  ? inet_sendmsg+0x119/0x140
[  697.326866][T17233]  inet_sendmsg+0x119/0x140
[  697.326907][T17233]  ____sys_sendmsg+0x973/0xc70
[  697.326949][T17233]  ? copy_msghdr_from_user+0x10a/0x160
[  697.326980][T17233]  ? __pfx_____sys_sendmsg+0x10/0x10
[  697.327024][T17233]  ? __pfx__kstrtoull+0x10/0x10
[  697.327069][T17233]  ___sys_sendmsg+0x134/0x1d0
[  697.327100][T17233]  ? __pfx____sys_sendmsg+0x10/0x10
[  697.327149][T17233]  ? find_held_lock+0x2b/0x80
[  697.327204][T17233]  __sys_sendmmsg+0x200/0x420
[  697.327240][T17233]  ? __pfx___sys_sendmmsg+0x10/0x10
[  697.327286][T17233]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  697.327345][T17233]  ? fput+0x70/0xf0
[  697.327381][T17233]  ? ksys_write+0x1b9/0x240
[  697.327410][T17233]  ? __pfx_ksys_write+0x10/0x10
[  697.327437][T17233]  ? rcu_is_watching+0x12/0xc0
[  697.327472][T17233]  __x64_sys_sendmmsg+0x9c/0x100
[  697.327502][T17233]  ? lockdep_hardirqs_on+0x7c/0x110
[  697.327538][T17233]  do_syscall_64+0xcd/0x230
[  697.327579][T17233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  697.327613][T17233] RIP: 0033:0x7f67a1d8e969
[  697.327638][T17233] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  697.327669][T17233] RSP: 002b:00007f67a2b8b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  697.327699][T17233] RAX: ffffffffffffffda RBX: 00007f67a1fb5fa0 RCX: 00007f67a1d8e969
[  697.327719][T17233] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003
[  697.327739][T17233] RBP: 00007f67a2b8b090 R08: 0000000000000000 R09: 0000000000000000
[  697.327759][T17233] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  697.327778][T17233] R13: 0000000000000000 R14: 00007f67a1fb5fa0 R15: 00007fff4f2d41b8
[  697.327829][T17233]  </TASK>
[  698.422133][   T12] team0 (unregistering): Port device team_slave_1 removed
[  698.462147][   T12] team0 (unregistering): Port device team_slave_0 removed
[  698.625902][ T5141] Bluetooth: hci2: command 0x0c1a tx timeout
[  698.801488][T17182] bridge0: port 2(bridge_slave_1) entered blocking state
[  698.810143][T17182] bridge0: port 2(bridge_slave_1) entered disabled state
[  698.824600][T17182] bridge_slave_1: entered allmulticast mode
[  698.833835][T17182] bridge_slave_1: entered promiscuous mode
[  698.945247][ T5833] Bluetooth: hci4: command 0x0c1a tx timeout
[  698.952484][T11657] Bluetooth: hci1: command 0x041b tx timeout
[  698.962697][ T5141] Bluetooth: hci0: command 0x040f tx timeout
[  698.978338][T17182] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  699.003063][T17182] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  699.137073][T17182] team0: Port device team_slave_0 added
[  699.173383][T17182] team0: Port device team_slave_1 added
[  699.353030][T17259] ima: policy update failed
[  699.367787][T17182] batman_adv: batadv0: Adding interface: batadv_slave_0
[  699.383825][T17182] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  699.385673][   T30] audit: type=1802 audit(6041016348.333:11): pid=17259 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.2428" res=0 errno=0
[  699.455323][T17182] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  699.511019][T17182] batman_adv: batadv0: Adding interface: batadv_slave_1
[  699.528435][T17182] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  699.595575][T17182] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  700.056973][T17182] hsr_slave_0: entered promiscuous mode
[  700.064961][T17182] hsr_slave_1: entered promiscuous mode
[  700.081172][T17182] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  700.094544][T17182] Cannot create hsr debugfs directory
[  700.280329][T17283] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2430'.
[  701.027819][ T5141] Bluetooth: hci0: command 0x040f tx timeout
[  701.035388][T11657] Bluetooth: hci4: command 0x0c1a tx timeout
[  701.050663][T17300] hub 8-0:1.0: USB hub found
[  701.074687][T17300] hub 8-0:1.0: 1 port detected
[  701.156480][T17288] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  701.164972][T17288] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  701.177169][T17288] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  701.211369][T17288] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  701.479988][T17182] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  701.572117][T17182] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  701.652833][T17182] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  701.683051][T17182] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  702.057516][T17335] CIFS mount error: No usable UNC path provided in device string!
[  702.057516][T17335] 
[  702.070036][T17335] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  702.545681][T11657] Bluetooth: hci2: command 0x0c1a tx timeout
[  702.873069][T17182] 8021q: adding VLAN 0 to HW filter on device bond0
[  702.898579][T17182] 8021q: adding VLAN 0 to HW filter on device team0
[  702.919882][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  702.928519][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  702.956439][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  702.965098][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  703.195572][T11657] Bluetooth: hci4: command 0x0c1a tx timeout
[  703.196043][ T5141] Bluetooth: hci1: command 0x041b tx timeout
[  703.265431][ T5141] Bluetooth: hci0: command 0x040f tx timeout
[  703.431616][T17348] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2442'.
[  703.718851][T17375] CIFS mount error: No usable UNC path provided in device string!
[  703.718851][T17375] 
[  703.786280][T17375] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  703.847934][T17182] 8021q: adding VLAN 0 to HW filter on device batadv0
[  703.989547][T17357] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  704.000127][T17357] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  704.031002][T17357] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  704.074117][T17357] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  704.117879][T17182] veth0_vlan: entered promiscuous mode
[  704.208779][T17182] veth1_vlan: entered promiscuous mode
[  704.286829][T17182] veth0_macvtap: entered promiscuous mode
[  704.301297][T17182] veth1_macvtap: entered promiscuous mode
[  704.320420][T17182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  704.345345][T17182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  704.370405][T17182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  704.399586][T17182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  704.415115][T17182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  704.437999][T17182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  704.494313][T17182] batman_adv: batadv0: Interface activated: batadv_slave_0
[  704.543120][T17182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  704.559282][T17182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  704.585900][T17182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  704.608344][T17182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  704.641390][T17182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  704.677573][T17182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  704.705502][T17182] batman_adv: batadv0: Interface activated: batadv_slave_1
[  704.738414][T17182] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  704.778378][T17182] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  704.806746][T17182] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  704.838669][T17182] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  705.187431][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  705.227298][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  705.265598][ T5141] Bluetooth: hci2: command 0x0c1a tx timeout
[  705.342519][T13818] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  705.395979][T13818] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  706.065170][ T5141] Bluetooth: hci4: command 0x0c1a tx timeout
[  706.072513][ T5141] Bluetooth: hci1: command 0x041b tx timeout
[  706.145251][ T5141] Bluetooth: hci0: command 0x040f tx timeout
[  706.851143][T17439] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  706.859284][T17439] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  706.878125][T17439] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  706.925405][T17439] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  707.462518][T17435] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2453'.
[  707.496471][T17465] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2458'.
[  707.516817][T17467] FAULT_INJECTION: forcing a failure.
[  707.516817][T17467] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  707.547585][T17467] CPU: 1 UID: 0 PID: 17467 Comm: syz.3.2459 Not tainted 6.15.0-rc4-syzkaller-00011-gf15d97df5afa #0 PREEMPT(full) 
[  707.547632][T17467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  707.547651][T17467] Call Trace:
[  707.547661][T17467]  <TASK>
[  707.547674][T17467]  dump_stack_lvl+0x16c/0x1f0
[  707.547715][T17467]  should_fail_ex+0x512/0x640
[  707.547765][T17467]  _copy_from_user+0x2e/0xd0
[  707.547825][T17467]  copy_msghdr_from_user+0x98/0x160
[  707.547855][T17467]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  707.547940][T17467]  ? __pfx__kstrtoull+0x10/0x10
[  707.547983][T17467]  ___sys_sendmsg+0xfe/0x1d0
[  707.548015][T17467]  ? __pfx____sys_sendmsg+0x10/0x10
[  707.548066][T17467]  ? find_held_lock+0x2b/0x80
[  707.548123][T17467]  __sys_sendmmsg+0x200/0x420
[  707.548158][T17467]  ? __pfx___sys_sendmmsg+0x10/0x10
[  707.548204][T17467]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  707.548262][T17467]  ? fput+0x70/0xf0
[  707.548298][T17467]  ? ksys_write+0x1b9/0x240
[  707.548328][T17467]  ? __pfx_ksys_write+0x10/0x10
[  707.548355][T17467]  ? rcu_is_watching+0x12/0xc0
[  707.548390][T17467]  __x64_sys_sendmmsg+0x9c/0x100
[  707.548421][T17467]  ? lockdep_hardirqs_on+0x7c/0x110
[  707.548467][T17467]  do_syscall_64+0xcd/0x230
[  707.548517][T17467]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  707.548547][T17467] RIP: 0033:0x7fe5b438e969
[  707.548571][T17467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  707.548602][T17467] RSP: 002b:00007fe5b527b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  707.548632][T17467] RAX: ffffffffffffffda RBX: 00007fe5b45b5fa0 RCX: 00007fe5b438e969
[  707.548653][T17467] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003
[  707.548672][T17467] RBP: 00007fe5b527b090 R08: 0000000000000000 R09: 0000000000000000
[  707.548691][T17467] R10: 000000000000e000 R11: 0000000000000246 R12: 0000000000000001
[  707.548711][T17467] R13: 0000000000000000 R14: 00007fe5b45b5fa0 R15: 00007fff4c57a298
[  707.548751][T17467]  </TASK>
[  708.305644][ T5141] Bluetooth: hci2: command 0x0c1a tx timeout
[  708.601268][T17506] sd 0:0:1:0: device reset
[  708.945171][ T5141] Bluetooth: hci0: command 0x040f tx timeout
[  708.952510][ T5141] Bluetooth: hci4: command 0x0c1a tx timeout
[  708.955110][T11657] Bluetooth: hci1: command 0x041b tx timeout
[  709.168701][T17521] sd 0:0:1:0: device reset
[  709.199646][T17498] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  709.215723][T17498] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  709.223960][T17498] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  709.267184][T17498] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  709.718196][T17538] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2474'.
[  709.874385][T17539] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2471'.
[  709.956471][T17538] FAULT_INJECTION: forcing a failure.
[  709.956471][T17538] name failslab, interval 1, probability 0, space 0, times 0
[  710.038823][T17538] CPU: 1 UID: 0 PID: 17538 Comm: syz.2.2474 Not tainted 6.15.0-rc4-syzkaller-00011-gf15d97df5afa #0 PREEMPT(full) 
[  710.038868][T17538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  710.038886][T17538] Call Trace:
[  710.038896][T17538]  <TASK>
[  710.038908][T17538]  dump_stack_lvl+0x16c/0x1f0
[  710.038948][T17538]  should_fail_ex+0x512/0x640
[  710.038990][T17538]  ? __kvmalloc_node_noprof+0x122/0x600
[  710.039021][T17538]  should_failslab+0xc2/0x120
[  710.039051][T17538]  __kvmalloc_node_noprof+0x135/0x600
[  710.039079][T17538]  ? __do_sys_setgroups+0x111/0x4e0
[  710.039117][T17538]  ? __do_sys_setgroups+0x111/0x4e0
[  710.039149][T17538]  __do_sys_setgroups+0x111/0x4e0
[  710.039182][T17538]  ? 0xffffffffff600000
[  710.039200][T17538]  ? rcu_is_watching+0x12/0xc0
[  710.039225][T17538]  do_syscall_64+0xcd/0x230
[  710.039257][T17538]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  710.039282][T17538] RIP: 0033:0x7f67a1d8e969
[  710.039300][T17538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  710.039324][T17538] RSP: 002b:00007f67a2b8b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000074
[  710.039347][T17538] RAX: ffffffffffffffda RBX: 00007f67a1fb5fa0 RCX: 00007f67a1d8e969
[  710.039364][T17538] RDX: 0000000000000000 RSI: ffffffffff600000 RDI: 0000000c00000000
[  710.039380][T17538] RBP: 00007f67a1e10ab1 R08: 0000000000000000 R09: 0000000000000000
[  710.039396][T17538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  710.039410][T17538] R13: 0000000000000000 R14: 00007f67a1fb5fa0 R15: 00007fff4f2d41b8
[  710.039435][T17538]  ? 0xffffffffff600000
[  710.039456][T17538]  </TASK>
[  710.545165][T11657] Bluetooth: hci2: command 0x0c1a tx timeout
[  711.265206][ T5833] Bluetooth: hci1: command 0x041b tx timeout
[  711.272728][T11657] Bluetooth: hci4: command 0x0c1a tx timeout
[  711.346087][T11657] Bluetooth: hci0: command 0x040f tx timeout
[  711.729313][T17570] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  711.739006][T17570] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  711.753118][T17570] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  711.763148][T17570] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  712.601949][T17602] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2486'.
[  713.035481][T11657] Bluetooth: hci2: command 0x0c1a tx timeout
[  713.745465][T11657] Bluetooth: hci1: command 0x041b tx timeout
[  713.826347][ T5833] Bluetooth: hci4: command 0x0c1a tx timeout
[  713.834174][T11657] Bluetooth: hci0: command 0x040f tx timeout
[  713.862982][T17615] CIFS mount error: No usable UNC path provided in device string!
[  713.862982][T17615] 
[  713.921408][T17615] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  714.623575][T17636] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  714.651636][T17636] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  714.665457][T17636] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  714.682754][T17636] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  716.066185][T11657] Bluetooth: hci2: command 0x0c1a tx timeout
[  716.229357][T17667] netlink: 98 bytes leftover after parsing attributes in process `syz.2.2501'.
[  716.705711][T11657] Bluetooth: hci0: command 0x040f tx timeout
[  716.713040][ T5833] Bluetooth: hci4: command 0x0c1a tx timeout
[  716.713447][ T5141] Bluetooth: hci1: command 0x041b tx timeout
[  717.240271][T17677] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  717.249064][T17677] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  717.260055][T17677] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  717.281526][T17677] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  718.535456][T17707] CIFS mount error: No usable UNC path provided in device string!
[  718.535456][T17707] 
[  718.558427][T17707] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  718.625829][ T5141] Bluetooth: hci2: command 0x0c1a tx timeout
[  719.265184][T17687] Bluetooth: hci1: command 0x041b tx timeout
[  719.272853][ T5141] Bluetooth: hci4: command 0x0c1a tx timeout
[  719.358973][ T5141] Bluetooth: hci0: command 0x040f tx timeout
[  719.505267][T17726] cifs: Unknown parameter '�'
[  719.745307][T17739] sd 0:0:1:0: device reset
[  720.592964][T17759] FAULT_INJECTION: forcing a failure.
[  720.592964][T17759] name failslab, interval 1, probability 0, space 0, times 0
[  720.704597][T17759] CPU: 0 UID: 0 PID: 17759 Comm: syz.3.2519 Not tainted 6.15.0-rc4-syzkaller-00011-gf15d97df5afa #0 PREEMPT(full) 
[  720.704644][T17759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  720.704665][T17759] Call Trace:
[  720.704677][T17759]  <TASK>
[  720.704691][T17759]  dump_stack_lvl+0x16c/0x1f0
[  720.704736][T17759]  should_fail_ex+0x512/0x640
[  720.704780][T17759]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  720.704819][T17759]  should_failslab+0xc2/0x120
[  720.704857][T17759]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  720.704892][T17759]  ? getname_flags.part.0+0x4c/0x550
[  720.704939][T17759]  getname_flags.part.0+0x4c/0x550
[  720.704985][T17759]  getname_flags+0x93/0xf0
[  720.705038][T17759]  do_sys_openat2+0xb8/0x1d0
[  720.705077][T17759]  ? __pfx_do_sys_openat2+0x10/0x10
[  720.705133][T17759]  __x64_sys_openat+0x174/0x210
[  720.705178][T17759]  ? __pfx___x64_sys_openat+0x10/0x10
[  720.705234][T17759]  ? rcu_is_watching+0x12/0xc0
[  720.705275][T17759]  do_syscall_64+0xcd/0x230
[  720.705320][T17759]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  720.705354][T17759] RIP: 0033:0x7fe5b438e969
[  720.705380][T17759] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  720.705414][T17759] RSP: 002b:00007fe5b525a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  720.705448][T17759] RAX: ffffffffffffffda RBX: 00007fe5b45b6080 RCX: 00007fe5b438e969
[  720.705470][T17759] RDX: 0000000000001200 RSI: 0000200000000400 RDI: ffffffffffffff9c
[  720.705491][T17759] RBP: 00007fe5b4410ab1 R08: 0000000000000000 R09: 0000000000000000
[  720.705510][T17759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  720.705529][T17759] R13: 0000000000000000 R14: 00007fe5b45b6080 R15: 00007fff4c57a298
[  720.705586][T17759]  </TASK>
[  720.723335][T17742] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  720.975383][T17742] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  720.983270][T17742] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  721.025419][T17742] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  721.989905][ T5141] Bluetooth: hci2: command 0x0c1a tx timeout
[  723.027496][T17687] Bluetooth: hci1: command 0x041b tx timeout
[  723.034861][ T5141] Bluetooth: hci4: command 0x0c1a tx timeout
[  723.045778][T17795] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  723.061744][T17795] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  723.089630][T17795] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  723.107246][ T5141] Bluetooth: hci0: command 0x040f tx timeout
[  723.122007][T17795] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  724.315207][ T5141] Bluetooth: hci2: command 0x0c1a tx timeout
[  725.097968][T17853] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2543'.
[  725.115272][ T5141] Bluetooth: hci4: command 0x0c1a tx timeout
[  725.118175][T17687] Bluetooth: hci1: command 0x041b tx timeout
[  725.185178][T17687] Bluetooth: hci0: command 0x040f tx timeout
[  727.922627][ T5141] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  727.933391][ T5141] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  727.955971][ T5141] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  727.988886][ T5141] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  728.000567][ T5141] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  728.051247][T17893] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2564'.
[  728.176107][ T6933] smc: removing net device syz_tun with user defined pnetid ETHTOOL
[  728.630994][T17898] chnl_net:caif_netlink_parms(): no params data found
[  728.821342][   T36] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  729.009572][   T36] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  729.112539][   T36] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  729.136722][T17898] bridge0: port 1(bridge_slave_0) entered blocking state
[  729.151850][T17898] bridge0: port 1(bridge_slave_0) entered disabled state
[  729.169786][T17898] bridge_slave_0: entered allmulticast mode
[  729.187816][T17898] bridge_slave_0: entered promiscuous mode
[  729.217166][   T36] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  729.243018][T17898] bridge0: port 2(bridge_slave_1) entered blocking state
[  729.256512][T17898] bridge0: port 2(bridge_slave_1) entered disabled state
[  729.268802][T17898] bridge_slave_1: entered allmulticast mode
[  729.279580][T17898] bridge_slave_1: entered promiscuous mode
[  729.374232][T17898] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  729.389157][T17898] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  729.534594][T17898] team0: Port device team_slave_0 added
[  729.557350][T17898] team0: Port device team_slave_1 added
[  729.736247][T17898] batman_adv: batadv0: Adding interface: batadv_slave_0
[  729.744670][T17898] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  729.832164][T17898] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  729.860525][T17898] batman_adv: batadv0: Adding interface: batadv_slave_1
[  729.879529][T17898] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  729.945111][T17898] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  730.069293][ T5141] Bluetooth: hci3: command tx timeout
[  730.172413][T17898] hsr_slave_0: entered promiscuous mode
[  730.186111][T17898] hsr_slave_1: entered promiscuous mode
[  730.194318][T17898] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  730.205661][T17898] Cannot create hsr debugfs directory
[  730.901179][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  730.923489][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  730.936532][   T36] bond0 (unregistering): Released all slaves
[  732.103935][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  732.142552][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  732.145835][ T5141] Bluetooth: hci3: command tx timeout
[  732.214967][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  732.247336][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  732.332640][   T36] veth1_vlan: left promiscuous mode
[  732.415592][   T36] veth0_vlan: left promiscuous mode
[  733.280160][   T36] team0 (unregistering): Port device team_slave_1 removed
[  734.225155][ T5141] Bluetooth: hci3: command tx timeout
[  734.762026][T17967] CIFS mount error: No usable UNC path provided in device string!
[  734.762026][T17967] 
[  734.777095][T17967] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  734.778775][T17898] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  735.061010][T17898] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  735.092533][T17898] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  735.341010][T17898] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  735.801851][T17898] 8021q: adding VLAN 0 to HW filter on device bond0
[  735.854951][T17898] 8021q: adding VLAN 0 to HW filter on device team0
[  735.887177][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  735.895832][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  735.918070][   T62] bridge0: port 2(bridge_slave_1) entered blocking state
[  735.926717][   T62] bridge0: port 2(bridge_slave_1) entered forwarding state
[  736.306498][ T5141] Bluetooth: hci3: command tx timeout
[  736.524899][T17898] 8021q: adding VLAN 0 to HW filter on device batadv0
[  736.630167][T17898] veth0_vlan: entered promiscuous mode
[  736.670322][T17898] veth1_vlan: entered promiscuous mode
[  736.747593][T17898] veth0_macvtap: entered promiscuous mode
[  736.774309][T17898] veth1_macvtap: entered promiscuous mode
[  736.819438][T17898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  736.858979][T17898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  736.881494][T17898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  736.907689][T17898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  736.935165][T17898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  736.967757][T17898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  736.991641][T17898] batman_adv: batadv0: Interface activated: batadv_slave_0
[  737.023716][T17898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  737.037193][T17898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  737.052728][T17898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  737.065670][T17898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  737.081495][T17898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  737.098613][T17898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  737.113647][T17898] batman_adv: batadv0: Interface activated: batadv_slave_1
[  737.138629][T17898] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  737.159588][T17898] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  737.190281][T17898] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  737.211350][T17898] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  737.429174][   T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  737.465518][   T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  737.521374][   T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  737.534734][   T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  738.376439][T18035] netlink: 98 bytes leftover after parsing attributes in process `syz.3.2575'.
[  738.428816][T18035] netlink: 50 bytes leftover after parsing attributes in process `syz.3.2575'.
[  738.816003][T18042] sd 0:0:1:0: device reset
[  739.705277][T18056] CIFS mount error: No usable UNC path provided in device string!
[  739.705277][T18056] 
[  739.733606][T18056] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  743.497913][T18112] CIFS mount error: No usable UNC path provided in device string!
[  743.497913][T18112] 
[  743.510458][T18112] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  746.658452][T18164] FAULT_INJECTION: forcing a failure.
[  746.658452][T18164] name failslab, interval 1, probability 0, space 0, times 0
[  746.705248][T18164] CPU: 1 UID: 0 PID: 18164 Comm: syz.0.2607 Not tainted 6.15.0-rc4-syzkaller-00011-gf15d97df5afa #0 PREEMPT(full) 
[  746.705293][T18164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  746.705312][T18164] Call Trace:
[  746.705323][T18164]  <TASK>
[  746.705354][T18164]  dump_stack_lvl+0x16c/0x1f0
[  746.705394][T18164]  should_fail_ex+0x512/0x640
[  746.705435][T18164]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  746.705475][T18164]  should_failslab+0xc2/0x120
[  746.705511][T18164]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  746.705544][T18164]  ? find_held_lock+0x2b/0x80
[  746.705570][T18164]  ? __alloc_skb+0x2b2/0x380
[  746.705622][T18164]  __alloc_skb+0x2b2/0x380
[  746.705667][T18164]  ? __pfx___alloc_skb+0x10/0x10
[  746.705720][T18164]  ? __lock_acquire+0x5ca/0x1ba0
[  746.705765][T18164]  __ip_append_data+0x3102/0x41e0
[  746.705806][T18164]  ? __pfx_raw_getfrag+0x10/0x10
[  746.705879][T18164]  ? ip_dst_mtu_maybe_forward.constprop.0+0x311/0x6e0
[  746.705923][T18164]  ? __pfx___ip_append_data+0x10/0x10
[  746.705968][T18164]  ip_append_data+0x10f/0x1a0
[  746.706023][T18164]  ? __pfx_raw_getfrag+0x10/0x10
[  746.706083][T18164]  raw_sendmsg+0xeed/0x38b0
[  746.706137][T18164]  ? aa_profile_af_perm+0x4e0/0x510
[  746.706176][T18164]  ? __pfx_raw_sendmsg+0x10/0x10
[  746.706259][T18164]  ? __pfx___might_resched+0x10/0x10
[  746.706292][T18164]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  746.706340][T18164]  ? aa_sk_perm+0x2f4/0xb10
[  746.706381][T18164]  ? __import_iovec+0x1c8/0x660
[  746.706427][T18164]  ? __might_fault+0xe3/0x190
[  746.706458][T18164]  ? __might_fault+0x13b/0x190
[  746.706493][T18164]  ? __pfx_raw_sendmsg+0x10/0x10
[  746.706535][T18164]  inet_sendmsg+0x119/0x140
[  746.706575][T18164]  ____sys_sendmsg+0x973/0xc70
[  746.706615][T18164]  ? copy_msghdr_from_user+0x10a/0x160
[  746.706645][T18164]  ? __pfx_____sys_sendmsg+0x10/0x10
[  746.706692][T18164]  ? __pfx__kstrtoull+0x10/0x10
[  746.706734][T18164]  ___sys_sendmsg+0x134/0x1d0
[  746.706766][T18164]  ? __pfx____sys_sendmsg+0x10/0x10
[  746.706816][T18164]  ? find_held_lock+0x2b/0x80
[  746.706867][T18164]  __sys_sendmmsg+0x200/0x420
[  746.706900][T18164]  ? __pfx___sys_sendmmsg+0x10/0x10
[  746.706943][T18164]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  746.706996][T18164]  ? fput+0x70/0xf0
[  746.707037][T18164]  ? ksys_write+0x1b9/0x240
[  746.707064][T18164]  ? __pfx_ksys_write+0x10/0x10
[  746.707087][T18164]  ? rcu_is_watching+0x12/0xc0
[  746.707121][T18164]  __x64_sys_sendmmsg+0x9c/0x100
[  746.707148][T18164]  ? lockdep_hardirqs_on+0x7c/0x110
[  746.707180][T18164]  do_syscall_64+0xcd/0x230
[  746.707217][T18164]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  746.707254][T18164] RIP: 0033:0x7fc91218e969
[  746.707279][T18164] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  746.707308][T18164] RSP: 002b:00007fc913003038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  746.707337][T18164] RAX: ffffffffffffffda RBX: 00007fc9123b5fa0 RCX: 00007fc91218e969
[  746.707357][T18164] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003
[  746.707375][T18164] RBP: 00007fc913003090 R08: 0000000000000000 R09: 0000000000000000
[  746.707394][T18164] R10: 000000000000e000 R11: 0000000000000246 R12: 0000000000000001
[  746.707413][T18164] R13: 0000000000000000 R14: 00007fc9123b5fa0 R15: 00007ffe8d312208
[  746.707454][T18164]  </TASK>
[  746.739230][T18166] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2603'.
[  747.346848][T18175] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2609'.
[  747.926379][T18180] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input83
[  748.863846][T18195] FAULT_INJECTION: forcing a failure.
[  748.863846][T18195] name failslab, interval 1, probability 0, space 0, times 0
[  748.917893][T18195] CPU: 0 UID: 0 PID: 18195 Comm: syz.2.2616 Not tainted 6.15.0-rc4-syzkaller-00011-gf15d97df5afa #0 PREEMPT(full) 
[  748.917942][T18195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  748.917962][T18195] Call Trace:
[  748.917973][T18195]  <TASK>
[  748.917987][T18195]  dump_stack_lvl+0x16c/0x1f0
[  748.918031][T18195]  should_fail_ex+0x512/0x640
[  748.918074][T18195]  ? __kmalloc_cache_node_noprof+0x5a/0x420
[  748.918115][T18195]  should_failslab+0xc2/0x120
[  748.918155][T18195]  __kmalloc_cache_node_noprof+0x6d/0x420
[  748.918191][T18195]  ? __alloc_workqueue+0x506/0x1810
[  748.918240][T18195]  __alloc_workqueue+0x506/0x1810
[  748.918287][T18195]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  748.918328][T18195]  alloc_workqueue+0xd2/0x200
[  748.918365][T18195]  ? __pfx_alloc_workqueue+0x10/0x10
[  748.918417][T18195]  ? __pfx___debug_object_init+0x10/0x10
[  748.918481][T18195]  nci_register_device+0x21e/0xb80
[  748.918537][T18195]  ? __pfx_nci_register_device+0x10/0x10
[  748.918579][T18195]  ? lockdep_init_map_type+0x5c/0x280
[  748.918632][T18195]  virtual_ncidev_open+0x141/0x220
[  748.918679][T18195]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  748.918725][T18195]  misc_open+0x35a/0x420
[  748.918775][T18195]  ? __pfx_misc_open+0x10/0x10
[  748.918831][T18195]  chrdev_open+0x231/0x6a0
[  748.918865][T18195]  ? __pfx_apparmor_file_open+0x10/0x10
[  748.918915][T18195]  ? __pfx_chrdev_open+0x10/0x10
[  748.918954][T18195]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  748.919012][T18195]  do_dentry_open+0x741/0x1c10
[  748.919047][T18195]  ? __pfx_chrdev_open+0x10/0x10
[  748.919090][T18195]  vfs_open+0x82/0x3f0
[  748.919138][T18195]  path_openat+0x1e5e/0x2d40
[  748.919185][T18195]  ? __pfx_path_openat+0x10/0x10
[  748.919229][T18195]  do_filp_open+0x20b/0x470
[  748.919261][T18195]  ? __pfx_do_filp_open+0x10/0x10
[  748.919325][T18195]  ? alloc_fd+0x471/0x7d0
[  748.919388][T18195]  do_sys_openat2+0x11b/0x1d0
[  748.919431][T18195]  ? __pfx_do_sys_openat2+0x10/0x10
[  748.919492][T18195]  __x64_sys_openat+0x174/0x210
[  748.919537][T18195]  ? __pfx___x64_sys_openat+0x10/0x10
[  748.919585][T18195]  ? rcu_is_watching+0x12/0xc0
[  748.919627][T18195]  do_syscall_64+0xcd/0x230
[  748.919672][T18195]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  748.919706][T18195] RIP: 0033:0x7f67a1d8e969
[  748.919734][T18195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  748.919779][T18195] RSP: 002b:00007f67a2b8b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  748.919817][T18195] RAX: ffffffffffffffda RBX: 00007f67a1fb5fa0 RCX: 00007f67a1d8e969
[  748.919839][T18195] RDX: 000000000002a100 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  748.919860][T18195] RBP: 00007f67a1e10ab1 R08: 0000000000000000 R09: 0000000000000000
[  748.919881][T18195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  748.919901][T18195] R13: 0000000000000000 R14: 00007f67a1fb5fa0 R15: 00007fff4f2d41b8
[  748.919945][T18195]  </TASK>
[  749.459831][T18204] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2617'.
[  750.778854][T18214] FAULT_INJECTION: forcing a failure.
[  750.778854][T18214] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  750.861930][T18214] CPU: 0 UID: 0 PID: 18214 Comm: syz.3.2620 Not tainted 6.15.0-rc4-syzkaller-00011-gf15d97df5afa #0 PREEMPT(full) 
[  750.861962][T18214] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  750.861976][T18214] Call Trace:
[  750.861982][T18214]  <TASK>
[  750.861991][T18214]  dump_stack_lvl+0x16c/0x1f0
[  750.862022][T18214]  should_fail_ex+0x512/0x640
[  750.862076][T18214]  _copy_from_user+0x2e/0xd0
[  750.862111][T18214]  csum_and_copy_from_iter_full+0x214/0x1e20
[  750.862155][T18214]  ? __pfx_csum_and_copy_from_iter_full+0x10/0x10
[  750.862191][T18214]  ? rcu_is_watching+0x12/0xc0
[  750.862212][T18214]  ? trace_kmem_cache_alloc+0x28/0xc0
[  750.862243][T18214]  ? kmem_cache_alloc_node_noprof+0x225/0x3b0
[  750.862269][T18214]  ? kmalloc_reserve+0x18b/0x2c0
[  750.862302][T18214]  ip_generic_getfrag+0x170/0x270
[  750.862325][T18214]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  750.862348][T18214]  ? do_csum+0x26f/0x2d0
[  750.862374][T18214]  raw6_getfrag+0x22d/0x2a0
[  750.862424][T18214]  __ip6_append_data+0x3e4d/0x4710
[  750.862456][T18214]  ? __pfx_raw6_getfrag+0x10/0x10
[  750.862508][T18214]  ? __pfx___ip6_append_data+0x10/0x10
[  750.862534][T18214]  ? ip6_setup_cork+0xd01/0x15d0
[  750.862561][T18214]  ip6_append_data+0x1bd/0x4c0
[  750.862586][T18214]  ? __pfx_raw6_getfrag+0x10/0x10
[  750.862630][T18214]  rawv6_sendmsg+0x175a/0x4890
[  750.862668][T18214]  ? up_write+0x1b2/0x520
[  750.862712][T18214]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  750.862746][T18214]  ? __lock_acquire+0x5ca/0x1ba0
[  750.862781][T18214]  ? __lock_acquire+0x5ca/0x1ba0
[  750.862825][T18214]  ? __pfx___might_resched+0x10/0x10
[  750.862864][T18214]  ? __pfx_aa_sk_perm+0x10/0x10
[  750.862889][T18214]  ? __import_iovec+0x1c8/0x660
[  750.862923][T18214]  ? __might_fault+0xe3/0x190
[  750.862947][T18214]  ? __might_fault+0x13b/0x190
[  750.862971][T18214]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  750.863010][T18214]  ? inet_sendmsg+0x119/0x140
[  750.863036][T18214]  inet_sendmsg+0x119/0x140
[  750.863065][T18214]  ____sys_sendmsg+0x973/0xc70
[  750.863095][T18214]  ? copy_msghdr_from_user+0x10a/0x160
[  750.863116][T18214]  ? __pfx_____sys_sendmsg+0x10/0x10
[  750.863151][T18214]  ? __pfx__kstrtoull+0x10/0x10
[  750.863183][T18214]  ___sys_sendmsg+0x134/0x1d0
[  750.863207][T18214]  ? __pfx____sys_sendmsg+0x10/0x10
[  750.863257][T18214]  ? find_held_lock+0x2b/0x80
[  750.863309][T18214]  __sys_sendmmsg+0x200/0x420
[  750.863333][T18214]  ? __pfx___sys_sendmmsg+0x10/0x10
[  750.863363][T18214]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  750.863425][T18214]  ? fput+0x70/0xf0
[  750.863451][T18214]  ? ksys_write+0x1b9/0x240
[  750.863472][T18214]  ? __pfx_ksys_write+0x10/0x10
[  750.863491][T18214]  ? rcu_is_watching+0x12/0xc0
[  750.863515][T18214]  __x64_sys_sendmmsg+0x9c/0x100
[  750.863536][T18214]  ? lockdep_hardirqs_on+0x7c/0x110
[  750.863561][T18214]  do_syscall_64+0xcd/0x230
[  750.863591][T18214]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  750.863626][T18214] RIP: 0033:0x7fe5b438e969
[  750.863643][T18214] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  750.863684][T18214] RSP: 002b:00007fe5b527b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  750.863705][T18214] RAX: ffffffffffffffda RBX: 00007fe5b45b5fa0 RCX: 00007fe5b438e969
[  750.863721][T18214] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003
[  750.863740][T18214] RBP: 00007fe5b527b090 R08: 0000000000000000 R09: 0000000000000000
[  750.863754][T18214] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  750.863768][T18214] R13: 0000000000000000 R14: 00007fe5b45b5fa0 R15: 00007fff4c57a298
[  750.863796][T18214]  </TASK>
[  751.350032][T18216] can: request_module (can-proto-3) failed.
[  752.311414][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  752.319124][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  752.405734][T18241] HfR: entered promiscuous mode
[  753.146107][T18263] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2630'.
[  753.335571][T18270] snd_aloop snd_aloop.0: control 16781581:65539:6:�'x?F���/��zF˷fC���:7 is already present
[  753.536825][T18276] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2634'.
[  753.854264][T18271] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000)
[  754.009668][T18286] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2636'.
[  754.028719][T18290] FAULT_INJECTION: forcing a failure.
[  754.028719][T18290] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  754.085212][T18290] CPU: 1 UID: 0 PID: 18290 Comm: syz.1.2638 Not tainted 6.15.0-rc4-syzkaller-00011-gf15d97df5afa #0 PREEMPT(full) 
[  754.085265][T18290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  754.085285][T18290] Call Trace:
[  754.085296][T18290]  <TASK>
[  754.085308][T18290]  dump_stack_lvl+0x16c/0x1f0
[  754.085353][T18290]  should_fail_ex+0x512/0x640
[  754.085404][T18290]  _copy_from_user+0x2e/0xd0
[  754.085454][T18290]  copy_msghdr_from_user+0x98/0x160
[  754.085487][T18290]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  754.085546][T18290]  ? kfree+0x252/0x4d0
[  754.085592][T18290]  ? __pfx__kstrtoull+0x10/0x10
[  754.085635][T18290]  ___sys_sendmsg+0xfe/0x1d0
[  754.085680][T18290]  ? __pfx____sys_sendmsg+0x10/0x10
[  754.085766][T18290]  ? __pfx___might_resched+0x10/0x10
[  754.085811][T18290]  __sys_sendmmsg+0x200/0x420
[  754.085847][T18290]  ? __pfx___sys_sendmmsg+0x10/0x10
[  754.085893][T18290]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  754.085951][T18290]  ? fput+0x70/0xf0
[  754.085988][T18290]  ? ksys_write+0x1b9/0x240
[  754.086018][T18290]  ? __pfx_ksys_write+0x10/0x10
[  754.086046][T18290]  ? rcu_is_watching+0x12/0xc0
[  754.086082][T18290]  __x64_sys_sendmmsg+0x9c/0x100
[  754.086113][T18290]  ? lockdep_hardirqs_on+0x7c/0x110
[  754.086151][T18290]  do_syscall_64+0xcd/0x230
[  754.086206][T18290]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  754.086257][T18290] RIP: 0033:0x7f0184b8e969
[  754.086283][T18290] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  754.086315][T18290] RSP: 002b:00007f018596a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  754.086345][T18290] RAX: ffffffffffffffda RBX: 00007f0184db5fa0 RCX: 00007f0184b8e969
[  754.086364][T18290] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003
[  754.086383][T18290] RBP: 00007f018596a090 R08: 0000000000000000 R09: 0000000000000000
[  754.086403][T18290] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  754.086422][T18290] R13: 0000000000000000 R14: 00007f0184db5fa0 R15: 00007ffd5bec5a28
[  754.086462][T18290]  </TASK>
[  756.655294][T18331] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2646'.
[  756.981785][T18338] snd_aloop snd_aloop.0: control 16781581:65539:6:�'x?F���/��zF˷fC���:7 is already present
[  759.662224][T18376] FAULT_INJECTION: forcing a failure.
[  759.662224][T18376] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  759.686404][T18376] CPU: 0 UID: 0 PID: 18376 Comm: syz.2.2659 Not tainted 6.15.0-rc4-syzkaller-00011-gf15d97df5afa #0 PREEMPT(full) 
[  759.686449][T18376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  759.686467][T18376] Call Trace:
[  759.686478][T18376]  <TASK>
[  759.686490][T18376]  dump_stack_lvl+0x16c/0x1f0
[  759.686534][T18376]  should_fail_ex+0x512/0x640
[  759.686584][T18376]  _copy_from_user+0x2e/0xd0
[  759.686632][T18376]  copy_msghdr_from_user+0x98/0x160
[  759.686663][T18376]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  759.686720][T18376]  ? kfree+0x252/0x4d0
[  759.686773][T18376]  ? __pfx__kstrtoull+0x10/0x10
[  759.686815][T18376]  ___sys_sendmsg+0xfe/0x1d0
[  759.686848][T18376]  ? __pfx____sys_sendmsg+0x10/0x10
[  759.686919][T18376]  ? __pfx___might_resched+0x10/0x10
[  759.686969][T18376]  __sys_sendmmsg+0x200/0x420
[  759.687004][T18376]  ? __pfx___sys_sendmmsg+0x10/0x10
[  759.687048][T18376]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  759.687105][T18376]  ? fput+0x70/0xf0
[  759.687140][T18376]  ? ksys_write+0x1b9/0x240
[  759.687170][T18376]  ? __pfx_ksys_write+0x10/0x10
[  759.687198][T18376]  ? rcu_is_watching+0x12/0xc0
[  759.687234][T18376]  __x64_sys_sendmmsg+0x9c/0x100
[  759.687264][T18376]  ? lockdep_hardirqs_on+0x7c/0x110
[  759.687300][T18376]  do_syscall_64+0xcd/0x230
[  759.687343][T18376]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  759.687375][T18376] RIP: 0033:0x7f67a1d8e969
[  759.687400][T18376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  759.687432][T18376] RSP: 002b:00007f67a2b8b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  759.687462][T18376] RAX: ffffffffffffffda RBX: 00007f67a1fb5fa0 RCX: 00007f67a1d8e969
[  759.687484][T18376] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003
[  759.687502][T18376] RBP: 00007f67a2b8b090 R08: 0000000000000000 R09: 0000000000000000
[  759.687526][T18376] R10: 000000000000e000 R11: 0000000000000246 R12: 0000000000000001
[  759.687546][T18376] R13: 0000000000000000 R14: 00007f67a1fb5fa0 R15: 00007fff4f2d41b8
[  759.687586][T18376]  </TASK>
[  759.988847][T18380] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2660'.
[  760.393412][T18389] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  763.649835][T18437] CIFS mount error: No usable UNC path provided in device string!
[  763.649835][T18437] 
[  763.662186][T18437] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  764.310853][T18469] FAULT_INJECTION: forcing a failure.
[  764.310853][T18469] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  764.354683][T18469] CPU: 1 UID: 0 PID: 18469 Comm: syz.2.2681 Not tainted 6.15.0-rc4-syzkaller-00011-gf15d97df5afa #0 PREEMPT(full) 
[  764.354729][T18469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  764.354747][T18469] Call Trace:
[  764.354766][T18469]  <TASK>
[  764.354786][T18469]  dump_stack_lvl+0x16c/0x1f0
[  764.354850][T18469]  should_fail_ex+0x512/0x640
[  764.354897][T18469]  _copy_from_user+0x2e/0xd0
[  764.354944][T18469]  copy_msghdr_from_user+0x98/0x160
[  764.354991][T18469]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  764.355067][T18469]  ? kfree+0x252/0x4d0
[  764.355112][T18469]  ? __pfx__kstrtoull+0x10/0x10
[  764.355156][T18469]  ___sys_sendmsg+0xfe/0x1d0
[  764.355189][T18469]  ? __pfx____sys_sendmsg+0x10/0x10
[  764.355258][T18469]  ? __pfx___might_resched+0x10/0x10
[  764.355302][T18469]  __sys_sendmmsg+0x200/0x420
[  764.355339][T18469]  ? __pfx___sys_sendmmsg+0x10/0x10
[  764.355379][T18469]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  764.355436][T18469]  ? fput+0x70/0xf0
[  764.355486][T18469]  ? ksys_write+0x1b9/0x240
[  764.355514][T18469]  ? __pfx_ksys_write+0x10/0x10
[  764.355542][T18469]  ? rcu_is_watching+0x12/0xc0
[  764.355577][T18469]  __x64_sys_sendmmsg+0x9c/0x100
[  764.355613][T18469]  ? lockdep_hardirqs_on+0x7c/0x110
[  764.355648][T18469]  do_syscall_64+0xcd/0x230
[  764.355691][T18469]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  764.355721][T18469] RIP: 0033:0x7f67a1d8e969
[  764.355746][T18469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  764.355776][T18469] RSP: 002b:00007f67a2b8b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  764.355806][T18469] RAX: ffffffffffffffda RBX: 00007f67a1fb5fa0 RCX: 00007f67a1d8e969
[  764.355828][T18469] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003
[  764.355847][T18469] RBP: 00007f67a2b8b090 R08: 0000000000000000 R09: 0000000000000000
[  764.355867][T18469] R10: 000000000000e000 R11: 0000000000000246 R12: 0000000000000001
[  764.355886][T18469] R13: 0000000000000000 R14: 00007f67a1fb5fa0 R15: 00007fff4f2d41b8
[  764.355927][T18469]  </TASK>
[  767.377850][T18500] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2688'.
[  768.570395][T18518] CIFS mount error: No usable UNC path provided in device string!
[  768.570395][T18518] 
[  768.583651][T18518] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  769.892491][T18541] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2699'.
[  770.179916][T18544] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2700'.
[  770.521312][   T30] audit: type=1326 audit(6041030769.479:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18552 comm="syz.3.2703" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe5b438e969 code=0x0
[  770.612566][T18556] UHID_CREATE from different security context by process 229 (syz.3.2703), this is not allowed.
[  770.926047][T18555] sd 0:0:1:0: device reset
[  771.079502][T18571] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2708'.
[  771.203435][T18571] bond0: (slave bond_slave_1): Releasing backup interface
[  771.702599][T18564] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  771.722497][T18564] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  771.733117][T18564] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  771.766718][T18564] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  771.798526][T18564] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  771.838567][T18564] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  771.927408][T18579] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2709'.
[  772.945128][ T5141] Bluetooth: hci1: command 0x041b tx timeout
[  773.414115][T18612] can: request_module (can-proto-3) failed.
[  773.748131][ T5141] Bluetooth: hci0: command 0x040f tx timeout
[  773.750865][T17687] Bluetooth: hci4: command 0x0c1a tx timeout
[  773.829061][T17687] Bluetooth: hci3: command 0x0c1a tx timeout
[  774.996902][T18624] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  775.007071][T18624] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  775.014917][T18624] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  775.034181][T18624] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  775.419530][T18645] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2724'.
[  776.465159][T17687] Bluetooth: hci1: command 0x041b tx timeout
[  777.025336][T17687] Bluetooth: hci0: command 0x040f tx timeout
[  777.025343][ T5141] Bluetooth: hci4: command 0x0c1a tx timeout
[  777.105373][T17687] Bluetooth: hci3: command 0x0c1a tx timeout
[  777.756074][T18684] CIFS mount error: No usable UNC path provided in device string!
[  777.756074][T18684] 
[  777.768255][T18684] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  778.661777][T18699] netlink: 186 bytes leftover after parsing attributes in process `syz.1.2736'.
[  779.141557][T18705] can: request_module (can-proto-3) failed.
[  779.153623][T18691] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  779.185347][T18691] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  779.192522][T17687] Bluetooth: hci3: command 0x0c1a tx timeout
[  779.252212][T18691] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  779.293105][T18691] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  780.294905][T18717] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2737'.
[  780.481053][T17687] Bluetooth: hci1: command 0x041b tx timeout
[  781.286113][T17687] Bluetooth: hci0: command 0x040f tx timeout
[  781.293381][T17687] Bluetooth: hci4: command 0x0c1a tx timeout
[  781.345302][T17687] Bluetooth: hci3: command 0x0c1a tx timeout
[  781.917635][T18748] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2747'.
[  782.184167][T18747] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2743'.
[  782.849190][T18750] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  782.875834][T18750] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  782.883444][T18750] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  783.005521][T18750] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  783.413405][T18767] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2751'.
[  783.769696][T18772] can: request_module (can-proto-3) failed.
[  784.230928][T17687] Bluetooth: hci1: command 0x041b tx timeout
[  784.437852][T18791] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2752'.
[  784.628921][T18797] FAULT_INJECTION: forcing a failure.
[  784.628921][T18797] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  784.675185][T18797] CPU: 1 UID: 0 PID: 18797 Comm: syz.0.2757 Not tainted 6.15.0-rc4-syzkaller-00011-gf15d97df5afa #0 PREEMPT(full) 
[  784.675240][T18797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  784.675258][T18797] Call Trace:
[  784.675268][T18797]  <TASK>
[  784.675279][T18797]  dump_stack_lvl+0x16c/0x1f0
[  784.675320][T18797]  should_fail_ex+0x512/0x640
[  784.675364][T18797]  should_fail_alloc_page+0xe7/0x130
[  784.675401][T18797]  prepare_alloc_pages+0x3c2/0x610
[  784.675449][T18797]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  784.675484][T18797]  ? is_bpf_text_address+0x94/0x1a0
[  784.675520][T18797]  ? kernel_text_address+0x8d/0x100
[  784.675602][T18797]  ? __kernel_text_address+0xd/0x40
[  784.675651][T18797]  ? unwind_get_return_address+0x59/0xa0
[  784.675686][T18797]  ? arch_stack_walk+0xa6/0x100
[  784.675727][T18797]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  784.675775][T18797]  ? stack_trace_save+0x8e/0xc0
[  784.675810][T18797]  ? look_up_lock_class+0x6b/0x150
[  784.675843][T18797]  ? register_lock_class+0x41/0x4c0
[  784.675878][T18797]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  784.675915][T18797]  ? policy_nodemask+0xea/0x4e0
[  784.675949][T18797]  alloc_pages_mpol+0x1fb/0x550
[  784.675986][T18797]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  784.676033][T18797]  alloc_pages_noprof+0x131/0x390
[  784.676072][T18797]  __pmd_alloc+0x3f/0x870
[  784.676114][T18797]  ? find_held_lock+0x2b/0x80
[  784.676145][T18797]  __handle_mm_fault+0x948/0x2a40
[  784.676188][T18797]  ? __pfx___handle_mm_fault+0x10/0x10
[  784.676242][T18797]  ? find_vma+0xbf/0x140
[  784.676283][T18797]  ? __pfx_find_vma+0x10/0x10
[  784.676329][T18797]  handle_mm_fault+0x3fe/0xad0
[  784.676367][T18797]  do_user_addr_fault+0x7a6/0x1370
[  784.676403][T18797]  ? rcu_is_watching+0x12/0xc0
[  784.676434][T18797]  exc_page_fault+0x5c/0xc0
[  784.676470][T18797]  asm_exc_page_fault+0x26/0x30
[  784.676500][T18797] RIP: 0010:rep_movs_alternative+0x30/0x90
[  784.676551][T18797] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08
[  784.676581][T18797] RSP: 0018:ffffc900037ff9f8 EFLAGS: 00050206
[  784.676607][T18797] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000038
[  784.676625][T18797] RDX: fffff520006fff50 RSI: 0000000000000000 RDI: ffffc900037ffa48
[  784.676646][T18797] RBP: 0000000000000038 R08: 0000000000000001 R09: fffff520006fff4f
[  784.676665][T18797] R10: ffffc900037ffa7f R11: 0000000000000000 R12: 0000000000000000
[  784.676685][T18797] R13: ffffc900037ffa48 R14: ffffc900037ffb40 R15: ffffc900037ffa48
[  784.676728][T18797]  _copy_from_user+0x98/0xd0
[  784.676784][T18797]  copy_msghdr_from_user+0x98/0x160
[  784.676811][T18797]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  784.676863][T18797]  ? __pfx__kstrtoull+0x10/0x10
[  784.676906][T18797]  ___sys_sendmsg+0xfe/0x1d0
[  784.676939][T18797]  ? __pfx____sys_sendmsg+0x10/0x10
[  784.676988][T18797]  ? find_held_lock+0x2b/0x80
[  784.677044][T18797]  __sys_sendmmsg+0x200/0x420
[  784.677079][T18797]  ? __pfx___sys_sendmmsg+0x10/0x10
[  784.677122][T18797]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  784.677177][T18797]  ? fput+0x70/0xf0
[  784.677212][T18797]  ? ksys_write+0x1b9/0x240
[  784.677239][T18797]  ? __pfx_ksys_write+0x10/0x10
[  784.677266][T18797]  ? rcu_is_watching+0x12/0xc0
[  784.677300][T18797]  __x64_sys_sendmmsg+0x9c/0x100
[  784.677328][T18797]  ? lockdep_hardirqs_on+0x7c/0x110
[  784.677362][T18797]  do_syscall_64+0xcd/0x230
[  784.677402][T18797]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  784.677432][T18797] RIP: 0033:0x7fc91218e969
[  784.677456][T18797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  784.677486][T18797] RSP: 002b:00007fc913003038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  784.677515][T18797] RAX: ffffffffffffffda RBX: 00007fc9123b5fa0 RCX: 00007fc91218e969
[  784.677535][T18797] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003
[  784.677553][T18797] RBP: 00007fc913003090 R08: 0000000000000000 R09: 0000000000000000
[  784.677573][T18797] R10: 00000000070001f4 R11: 0000000000000246 R12: 0000000000000001
[  784.677593][T18797] R13: 0000000000000000 R14: 00007fc9123b5fa0 R15: 00007ffe8d312208
[  784.677633][T18797]  </TASK>
[  785.270857][T17687] Bluetooth: hci0: command 0x040f tx timeout
[  785.278456][ T5141] Bluetooth: hci4: command 0x0c1a tx timeout
[  785.278552][ T5833] Bluetooth: hci3: command 0x0c1a tx timeout
[  785.798758][T18819] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2763'.
[  786.149633][T18804] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  786.157326][T18804] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  786.164685][T18804] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  786.182651][T18804] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  786.486754][T18831] can: request_module (can-proto-3) failed.
[  786.611105][T18837] sd 0:0:1:0: device reset
[  787.340800][T18852] FAULT_INJECTION: forcing a failure.
[  787.340800][T18852] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  787.386052][T18852] CPU: 1 UID: 0 PID: 18852 Comm: syz.3.2774 Not tainted 6.15.0-rc4-syzkaller-00011-gf15d97df5afa #0 PREEMPT(full) 
[  787.386107][T18852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  787.386124][T18852] Call Trace:
[  787.386133][T18852]  <TASK>
[  787.386145][T18852]  dump_stack_lvl+0x16c/0x1f0
[  787.386183][T18852]  should_fail_ex+0x512/0x640
[  787.386228][T18852]  _copy_from_user+0x2e/0xd0
[  787.386283][T18852]  copy_msghdr_from_user+0x98/0x160
[  787.386322][T18852]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  787.386372][T18852]  ? kfree+0x252/0x4d0
[  787.386411][T18852]  ? __pfx__kstrtoull+0x10/0x10
[  787.386446][T18852]  ___sys_sendmsg+0xfe/0x1d0
[  787.386472][T18852]  ? __pfx____sys_sendmsg+0x10/0x10
[  787.386531][T18852]  ? __pfx___might_resched+0x10/0x10
[  787.386568][T18852]  __sys_sendmmsg+0x200/0x420
[  787.386598][T18852]  ? __pfx___sys_sendmmsg+0x10/0x10
[  787.386636][T18852]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  787.386684][T18852]  ? fput+0x70/0xf0
[  787.386720][T18852]  ? ksys_write+0x1b9/0x240
[  787.386745][T18852]  ? __pfx_ksys_write+0x10/0x10
[  787.386767][T18852]  ? rcu_is_watching+0x12/0xc0
[  787.386797][T18852]  __x64_sys_sendmmsg+0x9c/0x100
[  787.386821][T18852]  ? lockdep_hardirqs_on+0x7c/0x110
[  787.386852][T18852]  do_syscall_64+0xcd/0x230
[  787.386889][T18852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  787.386917][T18852] RIP: 0033:0x7fe5b438e969
[  787.386938][T18852] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  787.386964][T18852] RSP: 002b:00007fe5b527b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  787.386990][T18852] RAX: ffffffffffffffda RBX: 00007fe5b45b5fa0 RCX: 00007fe5b438e969
[  787.387009][T18852] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003
[  787.387026][T18852] RBP: 00007fe5b527b090 R08: 0000000000000000 R09: 0000000000000000
[  787.387042][T18852] R10: 000000000000e000 R11: 0000000000000246 R12: 0000000000000002
[  787.387059][T18852] R13: 0000000000000000 R14: 00007fe5b45b5fa0 R15: 00007fff4c57a298
[  787.387094][T18852]  </TASK>
[  787.659348][ T5833] Bluetooth: hci1: command 0x041b tx timeout
[  787.844030][T18860] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2777'.
[  788.235579][ T5833] Bluetooth: hci3: command 0x0c1a tx timeout
[  788.242985][ T5833] Bluetooth: hci0: command 0x040f tx timeout
[  788.243017][ T5141] Bluetooth: hci4: command 0x0c1a tx timeout
[  788.526512][T18872] can: request_module (can-proto-3) failed.
[  789.188065][T18884] FAULT_INJECTION: forcing a failure.
[  789.188065][T18884] name failslab, interval 1, probability 0, space 0, times 0
[  789.232424][T18884] CPU: 0 UID: 0 PID: 18884 Comm: syz.0.2781 Not tainted 6.15.0-rc4-syzkaller-00011-gf15d97df5afa #0 PREEMPT(full) 
[  789.232470][T18884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  789.232488][T18884] Call Trace:
[  789.232499][T18884]  <TASK>
[  789.232511][T18884]  dump_stack_lvl+0x16c/0x1f0
[  789.232553][T18884]  should_fail_ex+0x512/0x640
[  789.232604][T18884]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  789.232644][T18884]  should_failslab+0xc2/0x120
[  789.232682][T18884]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  789.232718][T18884]  ? __pmd_alloc+0xc3/0x870
[  789.232768][T18884]  __pmd_alloc+0xc3/0x870
[  789.232808][T18884]  ? find_held_lock+0x2b/0x80
[  789.232842][T18884]  __handle_mm_fault+0x948/0x2a40
[  789.232886][T18884]  ? __pfx___handle_mm_fault+0x10/0x10
[  789.232943][T18884]  ? find_vma+0xbf/0x140
[  789.232985][T18884]  ? __pfx_find_vma+0x10/0x10
[  789.233033][T18884]  handle_mm_fault+0x3fe/0xad0
[  789.233071][T18884]  do_user_addr_fault+0x7a6/0x1370
[  789.233108][T18884]  ? rcu_is_watching+0x12/0xc0
[  789.233141][T18884]  exc_page_fault+0x5c/0xc0
[  789.233179][T18884]  asm_exc_page_fault+0x26/0x30
[  789.233210][T18884] RIP: 0010:rep_movs_alternative+0x30/0x90
[  789.233260][T18884] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08
[  789.233291][T18884] RSP: 0018:ffffc9000ae179f8 EFLAGS: 00050206
[  789.233317][T18884] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000038
[  789.233337][T18884] RDX: fffff520015c2f50 RSI: 0000000000000000 RDI: ffffc9000ae17a48
[  789.233357][T18884] RBP: 0000000000000038 R08: 0000000000000001 R09: fffff520015c2f4f
[  789.233377][T18884] R10: ffffc9000ae17a7f R11: 0000000000000000 R12: 0000000000000000
[  789.233396][T18884] R13: ffffc9000ae17a48 R14: ffffc9000ae17b40 R15: ffffc9000ae17a48
[  789.233440][T18884]  _copy_from_user+0x98/0xd0
[  789.233491][T18884]  copy_msghdr_from_user+0x98/0x160
[  789.233522][T18884]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  789.233588][T18884]  ? __pfx__kstrtoull+0x10/0x10
[  789.233629][T18884]  ___sys_sendmsg+0xfe/0x1d0
[  789.233664][T18884]  ? __pfx____sys_sendmsg+0x10/0x10
[  789.233716][T18884]  ? find_held_lock+0x2b/0x80
[  789.233774][T18884]  __sys_sendmmsg+0x200/0x420
[  789.233810][T18884]  ? __pfx___sys_sendmmsg+0x10/0x10
[  789.233856][T18884]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  789.233915][T18884]  ? fput+0x70/0xf0
[  789.233950][T18884]  ? ksys_write+0x1b9/0x240
[  789.233979][T18884]  ? __pfx_ksys_write+0x10/0x10
[  789.234006][T18884]  ? rcu_is_watching+0x12/0xc0
[  789.234042][T18884]  __x64_sys_sendmmsg+0x9c/0x100
[  789.234072][T18884]  ? lockdep_hardirqs_on+0x7c/0x110
[  789.234110][T18884]  do_syscall_64+0xcd/0x230
[  789.234152][T18884]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  789.234184][T18884] RIP: 0033:0x7fc91218e969
[  789.234210][T18884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  789.234240][T18884] RSP: 002b:00007fc913003038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  789.234269][T18884] RAX: ffffffffffffffda RBX: 00007fc9123b5fa0 RCX: 00007fc91218e969
[  789.234290][T18884] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003
[  789.234310][T18884] RBP: 00007fc913003090 R08: 0000000000000000 R09: 0000000000000000
[  789.234329][T18884] R10: 00000000070001f4 R11: 0000000000000246 R12: 0000000000000001
[  789.234349][T18884] R13: 0000000000000000 R14: 00007fc9123b5fa0 R15: 00007ffe8d312208
[  789.234392][T18884]  </TASK>
[  789.649302][    C0] vkms_vblank_simulate: vblank timer overrun
[  790.264639][T18897] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2787'.
[  791.052098][T18904] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2796'.
[  791.805817][T18939] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2798'.
[  791.848858][T18939] bridge_slave_1: left allmulticast mode
[  791.875084][T18939] bridge_slave_1: left promiscuous mode
[  791.899975][T18939] bridge0: port 2(bridge_slave_1) entered disabled state
[  791.940084][T18939] bridge_slave_0: left allmulticast mode
[  791.947257][T18939] bridge_slave_0: left promiscuous mode
[  791.961745][T18939] bridge0: port 1(bridge_slave_0) entered disabled state
[  792.711869][T18957] FAULT_INJECTION: forcing a failure.
[  792.711869][T18957] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  792.737530][T18957] CPU: 1 UID: 0 PID: 18957 Comm: syz.0.2804 Not tainted 6.15.0-rc4-syzkaller-00011-gf15d97df5afa #0 PREEMPT(full) 
[  792.737574][T18957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  792.737594][T18957] Call Trace:
[  792.737605][T18957]  <TASK>
[  792.737617][T18957]  dump_stack_lvl+0x16c/0x1f0
[  792.737659][T18957]  should_fail_ex+0x512/0x640
[  792.737708][T18957]  _copy_from_user+0x2e/0xd0
[  792.737754][T18957]  copy_msghdr_from_user+0x98/0x160
[  792.737785][T18957]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  792.737845][T18957]  ? __pfx__kstrtoull+0x10/0x10
[  792.737889][T18957]  ___sys_sendmsg+0xfe/0x1d0
[  792.737922][T18957]  ? __pfx____sys_sendmsg+0x10/0x10
[  792.737971][T18957]  ? find_held_lock+0x2b/0x80
[  792.738037][T18957]  __sys_sendmmsg+0x200/0x420
[  792.738080][T18957]  ? __pfx___sys_sendmmsg+0x10/0x10
[  792.738124][T18957]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  792.738179][T18957]  ? fput+0x70/0xf0
[  792.738215][T18957]  ? ksys_write+0x1b9/0x240
[  792.738243][T18957]  ? __pfx_ksys_write+0x10/0x10
[  792.738269][T18957]  ? rcu_is_watching+0x12/0xc0
[  792.738305][T18957]  __x64_sys_sendmmsg+0x9c/0x100
[  792.738336][T18957]  ? lockdep_hardirqs_on+0x7c/0x110
[  792.738371][T18957]  do_syscall_64+0xcd/0x230
[  792.738413][T18957]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  792.738444][T18957] RIP: 0033:0x7fc91218e969
[  792.738468][T18957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  792.738499][T18957] RSP: 002b:00007fc913003038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  792.738529][T18957] RAX: ffffffffffffffda RBX: 00007fc9123b5fa0 RCX: 00007fc91218e969
[  792.738550][T18957] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003
[  792.738569][T18957] RBP: 00007fc913003090 R08: 0000000000000000 R09: 0000000000000000
[  792.738588][T18957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  792.738608][T18957] R13: 0000000000000000 R14: 00007fc9123b5fa0 R15: 00007ffe8d312208
[  792.738648][T18957]  </TASK>
[  813.749440][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  813.757144][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  875.188434][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  875.196707][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  936.628799][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  936.636703][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  950.065281][   T31] INFO: task jbd2/sda1-8:5163 blocked for more than 143 seconds.
[  950.074622][   T31]       Not tainted 6.15.0-rc4-syzkaller-00011-gf15d97df5afa #0
[  950.084113][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  950.095027][   T31] task:jbd2/sda1-8     state:D stack:26264 pid:5163  tgid:5163  ppid:2      task_flags:0x240040 flags:0x00004000
[  950.109533][   T31] Call Trace:
[  950.113515][   T31]  <TASK>
[  950.117121][   T31]  __schedule+0x116f/0x5de0
[  950.122968][   T31]  ? __lock_acquire+0x5ca/0x1ba0
[  950.129448][   T31]  ? __lock_acquire+0x5ca/0x1ba0
[  950.135540][   T31]  ? __pfx___schedule+0x10/0x10
[  950.141829][   T31]  ? find_held_lock+0x2b/0x80
[  950.147636][   T31]  ? schedule+0x2d7/0x3a0
[  950.152907][   T31]  schedule+0xe7/0x3a0
[  950.157888][   T31]  io_schedule+0xbf/0x130
[  950.163131][   T31]  bit_wait_io+0x15/0xe0
[  950.168814][   T31]  __wait_on_bit+0x62/0x180
[  950.174284][   T31]  ? __pfx_bit_wait_io+0x10/0x10
[  950.180377][   T31]  out_of_line_wait_on_bit+0xd9/0x110
[  950.188855][   T31]  ? __pfx_out_of_line_wait_on_bit+0x10/0x10
[  950.196755][   T31]  ? __pfx_wake_bit_function+0x10/0x10
[  950.203415][   T31]  ? __pfx___might_resched+0x10/0x10
[  950.213544][   T31]  __wait_on_buffer+0x64/0x70
[  950.221006][   T31]  jbd2_journal_commit_transaction+0x382e/0x6830
[  950.240968][   T31]  ? __pfx_jbd2_journal_commit_transaction+0x10/0x10
[  950.249186][   T31]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  950.257535][   T31]  ? debug_object_deactivate+0x1ec/0x3a0
[  950.264356][   T31]  ? __pfx_debug_object_deactivate+0x10/0x10
[  950.272128][   T31]  ? find_held_lock+0x2b/0x80
[  950.277866][   T31]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  950.285023][   T31]  ? rcu_is_watching+0x12/0xc0
[  950.290826][   T31]  kjournald2+0x1f4/0x760
[  950.297370][   T31]  ? __pfx_kjournald2+0x10/0x10
[  950.303273][   T31]  ? find_held_lock+0x2b/0x80
[  950.309128][   T31]  ? __pfx_autoremove_wake_function+0x10/0x10
[  950.320008][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  950.327974][   T31]  ? __kthread_parkme+0x19e/0x250
[  950.335126][   T31]  ? __pfx_kjournald2+0x10/0x10
[  950.341024][   T31]  kthread+0x3c2/0x780
[  950.346492][   T31]  ? __pfx_kthread+0x10/0x10
[  950.352073][   T31]  ? __pfx_kthread+0x10/0x10
[  950.357687][   T31]  ? __pfx_kthread+0x10/0x10
[  950.363259][   T31]  ? __pfx_kthread+0x10/0x10
[  950.372056][   T31]  ? rcu_is_watching+0x12/0xc0
[  950.378969][   T31]  ? __pfx_kthread+0x10/0x10
[  950.384799][   T31]  ret_from_fork+0x45/0x80
[  950.390743][   T31]  ? __pfx_kthread+0x10/0x10
[  950.396718][   T31]  ret_from_fork_asm+0x1a/0x30
[  950.402556][   T31]  </TASK>
[  950.406720][   T31] INFO: task syz-executor:5816 blocked for more than 143 seconds.
[  950.419945][   T31]       Not tainted 6.15.0-rc4-syzkaller-00011-gf15d97df5afa #0
[  950.429674][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  950.446396][   T31] task:syz-executor    state:D stack:23112 pid:5816  tgid:5816  ppid:5814   task_flags:0x440100 flags:0x00000002
[  950.462777][   T31] Call Trace:
[  950.468571][   T31]  <TASK>
[  950.472135][   T31]  __schedule+0x116f/0x5de0
[  950.480135][   T31]  ? __lock_acquire+0x5ca/0x1ba0
[  950.488188][   T31]  ? __pfx___schedule+0x10/0x10
[  950.494071][   T31]  ? find_held_lock+0x2b/0x80
[  950.500246][   T31]  ? schedule+0x2d7/0x3a0
[  950.505591][   T31]  schedule+0xe7/0x3a0
[  950.510529][   T31]  io_schedule+0xbf/0x130
[  950.515903][   T31]  bit_wait_io+0x15/0xe0
[  950.521036][   T31]  __wait_on_bit+0x62/0x180
[  950.526575][   T31]  ? __pfx_bit_wait_io+0x10/0x10
[  950.532934][   T31]  out_of_line_wait_on_bit+0xd9/0x110
[  950.539876][   T31]  ? __pfx_out_of_line_wait_on_bit+0x10/0x10
[  950.547624][   T31]  ? __pfx_wake_bit_function+0x10/0x10
[  950.554219][   T31]  do_get_write_access+0x93d/0x12a0
[  950.560580][   T31]  jbd2_journal_get_write_access+0x1d6/0x280
[  950.567877][   T31]  __ext4_journal_get_write_access+0x6a/0x340
[  950.575781][   T31]  ext4_reserve_inode_write+0x1be/0x320
[  950.582496][   T31]  __ext4_mark_inode_dirty+0x197/0x870
[  950.589146][   T31]  ? trace_kmem_cache_alloc+0x28/0xc0
[  950.595765][   T31]  ? __pfx___ext4_mark_inode_dirty+0x10/0x10
[  950.603267][   T31]  ? rcu_is_watching+0x12/0xc0
[  950.609103][   T31]  ? trace_jbd2_handle_start+0x1a8/0x230
[  950.615949][   T31]  ? jbd2__journal_start+0xf6/0x6a0
[  950.622214][   T31]  ? __ext4_journal_start_sb+0x195/0x690
[  950.629075][   T31]  ? __ext4_journal_start_sb+0x19e/0x690
[  950.636619][   T31]  ? ext4_dirty_inode+0xa1/0x130
[  950.642575][   T31]  ? __pfx_ext4_dirty_inode+0x10/0x10
[  950.649127][   T31]  ext4_dirty_inode+0xd9/0x130
[  950.655245][   T31]  ? rcu_is_watching+0x12/0xc0
[  950.661000][   T31]  __mark_inode_dirty+0x1eb/0xe50
[  950.667123][   T31]  generic_update_time+0xcf/0xf0
[  950.673074][   T31]  file_update_time+0x17d/0x1c0
[  950.679309][   T31]  ext4_page_mkwrite+0x35e/0x1750
[  950.685481][   T31]  ? __pfx_ext4_page_mkwrite+0x10/0x10
[  950.692066][   T31]  do_page_mkwrite+0x171/0x380
[  950.697874][   T31]  do_pte_missing+0x29c/0x3fb0
[  950.703969][   T31]  ? __handle_mm_fault+0x1010/0x2a40
[  950.710534][   T31]  __handle_mm_fault+0x103d/0x2a40
[  950.717030][   T31]  ? __pfx___handle_mm_fault+0x10/0x10
[  950.723795][   T31]  ? lock_vma_under_rcu+0x47d/0x970
[  950.730130][   T31]  ? lock_vma_under_rcu+0x47d/0x970
[  950.736753][   T31]  handle_mm_fault+0x3fe/0xad0
[  950.742752][   T31]  do_user_addr_fault+0x60c/0x1370
[  950.748993][   T31]  exc_page_fault+0x5c/0xc0
[  950.754715][   T31]  asm_exc_page_fault+0x26/0x30
[  950.760614][   T31] RIP: 0033:0x7fe692e77dcf
[  950.765995][   T31] RSP: 002b:00007ffdaaf5c420 EFLAGS: 00010202
[  950.773301][   T31] RAX: 00007fe691ebc000 RBX: 0000555571fa3350 RCX: 0000000000000005
[  950.783281][   T31] RDX: 1ffffffff1290ded RSI: 0000555571fa0aa8 RDI: 0000000000000020
[  950.793045][   T31] RBP: 00007ffdaaf5c710 R08: 0000555571fa0ab0 R09: 00000000000021bd
[  950.802695][   T31] R10: 0000000000000001 R11: 00007ffdaaf5c920 R12: 00007ffdaaf5c770
[  950.812635][   T31] R13: 0000000000000004 R14: 00007ffdaaf5c490 R15: 00007ffdaaf5c560
[  950.822340][   T31]  </TASK>
[  950.826081][   T31] INFO: task syz.2.2805:18958 blocked for more than 144 seconds.
[  950.835967][   T31]       Not tainted 6.15.0-rc4-syzkaller-00011-gf15d97df5afa #0
[  950.845697][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  950.858128][   T31] task:syz.2.2805      state:D stack:28632 pid:18958 tgid:18958 ppid:16860  task_flags:0x440040 flags:0x00000004
[  950.872967][   T31] Call Trace:
[  950.877041][   T31]  <TASK>
[  950.880591][   T31]  __schedule+0x116f/0x5de0
[  950.886529][   T31]  ? __lock_acquire+0x5ca/0x1ba0
[  950.892516][   T31]  ? __pfx___schedule+0x10/0x10
[  950.898425][   T31]  ? find_held_lock+0x2b/0x80
[  950.904076][   T31]  ? schedule+0x2d7/0x3a0
[  950.909735][   T31]  schedule+0xe7/0x3a0
[  950.914665][   T31]  io_schedule+0xbf/0x130
[  950.919928][   T31]  bit_wait_io+0x15/0xe0
[  950.925099][   T31]  __wait_on_bit+0x62/0x180
[  950.930525][   T31]  ? __pfx_bit_wait_io+0x10/0x10
[  950.936989][   T31]  out_of_line_wait_on_bit+0xd9/0x110
[  950.943766][   T31]  ? __pfx_out_of_line_wait_on_bit+0x10/0x10
[  950.951067][   T31]  ? __pfx_wake_bit_function+0x10/0x10
[  950.958093][   T31]  do_get_write_access+0x93d/0x12a0
[  950.964391][   T31]  jbd2_journal_get_write_access+0x1d6/0x280
[  950.971700][   T31]  __ext4_journal_get_write_access+0x6a/0x340
[  950.979073][   T31]  ext4_reserve_inode_write+0x1be/0x320
[  950.986370][   T31]  __ext4_mark_inode_dirty+0x197/0x870
[  950.993029][   T31]  ? trace_kmem_cache_alloc+0x28/0xc0
[  950.999642][   T31]  ? __pfx___ext4_mark_inode_dirty+0x10/0x10
[  951.006939][   T31]  ? rcu_is_watching+0x12/0xc0
[  951.012982][   T31]  ? trace_jbd2_handle_start+0x1a8/0x230
[  951.019853][   T31]  ? jbd2__journal_start+0xf6/0x6a0
[  951.026221][   T31]  ? __ext4_journal_start_sb+0x195/0x690
[  951.033016][   T31]  ? __ext4_journal_start_sb+0x19e/0x690
[  951.040215][   T31]  ? ext4_dirty_inode+0xa1/0x130
[  951.046490][   T31]  ? __pfx_ext4_dirty_inode+0x10/0x10
[  951.052976][   T31]  ext4_dirty_inode+0xd9/0x130
[  951.058756][   T31]  ? rcu_is_watching+0x12/0xc0
[  951.064775][   T31]  __mark_inode_dirty+0x1eb/0xe50
[  951.070920][   T31]  generic_update_time+0xcf/0xf0
[  951.076922][   T31]  file_update_time+0x17d/0x1c0
[  951.082774][   T31]  ext4_page_mkwrite+0x35e/0x1750
[  951.089261][   T31]  ? __pfx_ext4_page_mkwrite+0x10/0x10
[  951.095890][   T31]  ? __pfx_filemap_map_pages+0x10/0x10
[  951.102494][   T31]  ? pte_alloc_one+0x2b1/0x380
[  951.108333][   T31]  do_page_mkwrite+0x171/0x380
[  951.114339][   T31]  do_pte_missing+0x29c/0x3fb0
[  951.120196][   T31]  ? do_raw_spin_unlock+0x172/0x230
[  951.126553][   T31]  ? __pmd_alloc+0x3c2/0x870
[  951.132129][   T31]  __handle_mm_fault+0x103d/0x2a40
[  951.138371][   T31]  ? __pfx___handle_mm_fault+0x10/0x10
[  951.145448][   T31]  ? lock_vma_under_rcu+0x47d/0x970
[  951.152030][   T31]  ? lock_vma_under_rcu+0x47d/0x970
[  951.158399][   T31]  handle_mm_fault+0x3fe/0xad0
[  951.164468][   T31]  do_user_addr_fault+0x60c/0x1370
[  951.170737][   T31]  exc_page_fault+0x5c/0xc0
[  951.176245][   T31]  asm_exc_page_fault+0x26/0x30
[  951.182110][   T31] RIP: 0033:0x7f67a1c6547b
[  951.187517][   T31] RSP: 002b:00007fff4f2d4320 EFLAGS: 00010246
[  951.195229][   T31] RAX: 00000000005ffde8 RBX: 0000000000000000 RCX: 0000000000000000
[  951.204843][   T31] RDX: 0000001b30820000 RSI: 0000000000600000 RDI: 00007f67a1e98d50
[  951.214865][   T31] RBP: 0000000000000000 R08: 0000000000000004 R09: 0000000000040000
[  951.224568][   T31] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  951.234277][   T31] R13: 00000000000927c0 R14: 00000000000c187d R15: 00007fff4f2d45d0
[  951.244252][   T31]  </TASK>
[  951.247996][   T31] INFO: task syz.1.2813:18959 blocked for more than 144 seconds.
[  951.257719][   T31]       Not tainted 6.15.0-rc4-syzkaller-00011-gf15d97df5afa #0
[  951.267690][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  951.278143][   T31] task:syz.1.2813      state:D stack:28632 pid:18959 tgid:18959 ppid:17898  task_flags:0x440040 flags:0x00000004
[  951.292920][   T31] Call Trace:
[  951.296944][   T31]  <TASK>
[  951.300478][   T31]  __schedule+0x116f/0x5de0
[  951.305989][   T31]  ? __lock_acquire+0x5ca/0x1ba0
[  951.311960][   T31]  ? __pfx___schedule+0x10/0x10
[  951.318167][   T31]  ? find_held_lock+0x2b/0x80
[  951.323823][   T31]  ? schedule+0x2d7/0x3a0
[  951.329115][   T31]  schedule+0xe7/0x3a0
[  951.334025][   T31]  io_schedule+0xbf/0x130
[  951.339286][   T31]  bit_wait_io+0x15/0xe0
[  951.344410][   T31]  __wait_on_bit+0x62/0x180
[  951.350371][   T31]  ? __pfx_bit_wait_io+0x10/0x10
[  951.357010][   T31]  out_of_line_wait_on_bit+0xd9/0x110
[  951.363503][   T31]  ? __pfx_out_of_line_wait_on_bit+0x10/0x10
[  951.371116][   T31]  ? __pfx_wake_bit_function+0x10/0x10
[  951.377781][   T31]  do_get_write_access+0x93d/0x12a0
[  951.384062][   T31]  jbd2_journal_get_write_access+0x1d6/0x280
[  951.391335][   T31]  __ext4_journal_get_write_access+0x6a/0x340
[  951.399083][   T31]  ext4_reserve_inode_write+0x1be/0x320
[  951.405886][   T31]  __ext4_mark_inode_dirty+0x197/0x870
[  951.412491][   T31]  ? trace_kmem_cache_alloc+0x28/0xc0
[  951.419401][   T31]  ? __pfx___ext4_mark_inode_dirty+0x10/0x10
[  951.426690][   T31]  ? rcu_is_watching+0x12/0xc0
[  951.432427][   T31]  ? trace_jbd2_handle_start+0x1a8/0x230
[  951.439306][   T31]  ? jbd2__journal_start+0xf6/0x6a0
[  951.445683][   T31]  ? __ext4_journal_start_sb+0x195/0x690
[  951.452785][   T31]  ? __ext4_journal_start_sb+0x19e/0x690
[  951.459991][   T31]  ? ext4_dirty_inode+0xa1/0x130
[  951.466001][   T31]  ? __pfx_ext4_dirty_inode+0x10/0x10
[  951.472747][   T31]  ext4_dirty_inode+0xd9/0x130
[  951.478562][   T31]  ? rcu_is_watching+0x12/0xc0
[  951.484303][   T31]  __mark_inode_dirty+0x1eb/0xe50
[  951.490425][   T31]  generic_update_time+0xcf/0xf0
[  951.496811][   T31]  file_update_time+0x17d/0x1c0
[  951.502669][   T31]  ext4_page_mkwrite+0x35e/0x1750
[  951.508951][   T31]  ? __pfx_ext4_page_mkwrite+0x10/0x10
[  951.515592][   T31]  ? __pfx_filemap_map_pages+0x10/0x10
[  951.522811][   T31]  ? pte_alloc_one+0x2b1/0x380
[  951.528664][   T31]  do_page_mkwrite+0x171/0x380
[  951.534416][   T31]  do_pte_missing+0x29c/0x3fb0
[  951.540188][   T31]  ? do_raw_spin_unlock+0x172/0x230
[  951.546538][   T31]  ? __pmd_alloc+0x3c2/0x870
[  951.552365][   T31]  __handle_mm_fault+0x103d/0x2a40
[  951.559015][   T31]  ? __pfx___handle_mm_fault+0x10/0x10
[  951.565678][   T31]  ? lock_vma_under_rcu+0x47d/0x970
[  951.572235][   T31]  ? lock_vma_under_rcu+0x47d/0x970
[  951.578606][   T31]  handle_mm_fault+0x3fe/0xad0
[  951.584345][   T31]  do_user_addr_fault+0x60c/0x1370
[  951.590593][   T31]  exc_page_fault+0x5c/0xc0
[  951.596071][   T31]  asm_exc_page_fault+0x26/0x30
[  951.602210][   T31] RIP: 0033:0x7f0184a6547b
[  951.607595][   T31] RSP: 002b:00007ffd5bec5b90 EFLAGS: 00010246
[  951.614907][   T31] RAX: 00000000003ffde8 RBX: 0000000000000000 RCX: 0000000000000000
[  951.624782][   T31] RDX: 0000001b31920000 RSI: 0000000000400000 RDI: 00007f0184c98d50
[  951.634450][   T31] RBP: 0000000000000000 R08: 0000000000000004 R09: 0000000000040000
[  951.644093][   T31] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  951.654128][   T31] R13: 00000000000927c0 R14: 00000000000c198a R15: 00007ffd5bec5e40
[  951.664141][   T31]  </TASK>
[  951.667866][   T31] INFO: task syz.3.2806:18960 blocked for more than 144 seconds.
[  951.677433][   T31]       Not tainted 6.15.0-rc4-syzkaller-00011-gf15d97df5afa #0
[  951.686709][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  951.697170][   T31] task:syz.3.2806      state:D stack:28632 pid:18960 tgid:18960 ppid:17182  task_flags:0x440040 flags:0x00000004
[  951.711929][   T31] Call Trace:
[  951.715940][   T31]  <TASK>
[  951.719482][   T31]  __schedule+0x116f/0x5de0
[  951.724899][   T31]  ? __lock_acquire+0x5ca/0x1ba0
[  951.731273][   T31]  ? __pfx___schedule+0x10/0x10
[  951.737160][   T31]  ? find_held_lock+0x2b/0x80
[  951.742797][   T31]  ? schedule+0x2d7/0x3a0
[  951.748108][   T31]  schedule+0xe7/0x3a0
[  951.753042][   T31]  io_schedule+0xbf/0x130
[  951.758660][   T31]  bit_wait_io+0x15/0xe0
[  951.764033][   T31]  __wait_on_bit+0x62/0x180
[  951.769566][   T31]  ? __pfx_bit_wait_io+0x10/0x10
[  951.775576][   T31]  out_of_line_wait_on_bit+0xd9/0x110
[  951.782445][   T31]  ? __pfx_out_of_line_wait_on_bit+0x10/0x10
[  951.789722][   T31]  ? __pfx_wake_bit_function+0x10/0x10
[  951.796372][   T31]  do_get_write_access+0x93d/0x12a0
[  951.802668][   T31]  jbd2_journal_get_write_access+0x1d6/0x280
[  951.810348][   T31]  __ext4_journal_get_write_access+0x6a/0x340
[  951.817722][   T31]  ext4_reserve_inode_write+0x1be/0x320
[  951.824417][   T31]  __ext4_mark_inode_dirty+0x197/0x870
[  951.831491][   T31]  ? trace_kmem_cache_alloc+0x28/0xc0
[  951.838021][   T31]  ? __pfx___ext4_mark_inode_dirty+0x10/0x10
[  951.845347][   T31]  ? rcu_is_watching+0x12/0xc0
[  951.851092][   T31]  ? trace_jbd2_handle_start+0x1a8/0x230
[  951.857945][   T31]  ? jbd2__journal_start+0xf6/0x6a0
[  951.865010][   T31]  ? __ext4_journal_start_sb+0x195/0x690
[  951.871837][   T31]  ? __ext4_journal_start_sb+0x19e/0x690
[  951.879042][   T31]  ? ext4_dirty_inode+0xa1/0x130
[  951.885104][   T31]  ? __pfx_ext4_dirty_inode+0x10/0x10
[  951.891566][   T31]  ext4_dirty_inode+0xd9/0x130
[  951.897366][   T31]  ? rcu_is_watching+0x12/0xc0
[  951.903127][   T31]  __mark_inode_dirty+0x1eb/0xe50
[  951.909683][   T31]  generic_update_time+0xcf/0xf0
[  951.915708][   T31]  file_update_time+0x17d/0x1c0
[  951.921567][   T31]  ext4_page_mkwrite+0x35e/0x1750
[  951.927712][   T31]  ? __pfx_ext4_page_mkwrite+0x10/0x10
[  951.934545][   T31]  ? __pfx_filemap_map_pages+0x10/0x10
[  951.941197][   T31]  ? pte_alloc_one+0x2b1/0x380
[  951.947024][   T31]  do_page_mkwrite+0x171/0x380
[  951.952773][   T31]  do_pte_missing+0x29c/0x3fb0
[  951.958553][   T31]  ? do_raw_spin_unlock+0x172/0x230
[  951.965262][   T31]  ? __pmd_alloc+0x3c2/0x870
[  951.971095][   T31]  __handle_mm_fault+0x103d/0x2a40
[  951.977317][   T31]  ? __pfx___handle_mm_fault+0x10/0x10
[  951.984173][   T31]  ? lock_vma_under_rcu+0x47d/0x970
[  951.992869][   T31]  ? lock_vma_under_rcu+0x47d/0x970
[  952.005143][   T31]  handle_mm_fault+0x3fe/0xad0
[  952.011980][   T31]  do_user_addr_fault+0x60c/0x1370
[  952.024711][   T31]  exc_page_fault+0x5c/0xc0
[  952.033870][   T31]  asm_exc_page_fault+0x26/0x30
[  952.042636][   T31] RIP: 0033:0x7fe5b426547b
[  952.049143][   T31] RSP: 002b:00007fff4c57a400 EFLAGS: 00010246
[  952.059538][   T31] RAX: 00000000003ffde8 RBX: 0000000000000000 RCX: 0000000000000000
[  952.070855][   T31] RDX: 0000001b2c320000 RSI: 0000000000400000 RDI: 00007fe5b4498d50
[  952.084562][   T31] RBP: 0000000000000000 R08: 0000000000000004 R09: 0000000000040000
[  952.096844][   T31] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  952.109230][   T31] R13: 00000000000927c0 R14: 00000000000c17e5 R15: 00007fff4c57a6b0
[  952.119255][   T31]  </TASK>
[  952.122974][   T31] INFO: task syz.0.2807:18961 blocked for more than 145 seconds.
[  952.137047][   T31]       Not tainted 6.15.0-rc4-syzkaller-00011-gf15d97df5afa #0
[  952.146777][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  952.157524][   T31] task:syz.0.2807      state:D stack:28792 pid:18961 tgid:18961 ppid:10331  task_flags:0x440040 flags:0x00000004
[  952.172244][   T31] Call Trace:
[  952.176528][   T31]  <TASK>
[  952.180077][   T31]  __schedule+0x116f/0x5de0
[  952.186062][   T31]  ? __lock_acquire+0x5ca/0x1ba0
[  952.192088][   T31]  ? __pfx___schedule+0x10/0x10
[  952.199322][   T31]  ? find_held_lock+0x2b/0x80
[  952.205475][   T31]  ? schedule+0x2d7/0x3a0
[  952.210718][   T31]  schedule+0xe7/0x3a0
[  952.216090][   T31]  io_schedule+0xbf/0x130
[  952.221338][   T31]  bit_wait_io+0x15/0xe0
[  952.233475][   T31]  __wait_on_bit+0x62/0x180
[  952.239631][   T31]  ? __pfx_bit_wait_io+0x10/0x10
[  952.249769][   T31]  out_of_line_wait_on_bit+0xd9/0x110
[  952.256617][   T31]  ? __pfx_out_of_line_wait_on_bit+0x10/0x10
[  952.263846][   T31]  ? __pfx_wake_bit_function+0x10/0x10
[  952.274811][   T31]  do_get_write_access+0x93d/0x12a0
[  952.281494][   T31]  jbd2_journal_get_write_access+0x1d6/0x280
[  952.292494][   T31]  __ext4_journal_get_write_access+0x6a/0x340
[  952.302301][   T31]  ext4_reserve_inode_write+0x1be/0x320
[  952.315218][   T31]  __ext4_mark_inode_dirty+0x197/0x870
[  952.321862][   T31]  ? trace_kmem_cache_alloc+0x28/0xc0
[  952.333828][   T31]  ? __pfx___ext4_mark_inode_dirty+0x10/0x10
[  952.341947][   T31]  ? rcu_is_watching+0x12/0xc0
[  952.348201][   T31]  ? trace_jbd2_handle_start+0x1a8/0x230
[  952.356631][   T31]  ? jbd2__journal_start+0xf6/0x6a0
[  952.362928][   T31]  ? __ext4_journal_start_sb+0x195/0x690
[  952.370211][   T31]  ? __ext4_journal_start_sb+0x19e/0x690
[  952.377343][   T31]  ? ext4_dirty_inode+0xa1/0x130
[  952.383310][   T31]  ? __pfx_ext4_dirty_inode+0x10/0x10
[  952.390487][   T31]  ext4_dirty_inode+0xd9/0x130
[  952.396563][   T31]  ? rcu_is_watching+0x12/0xc0
[  952.402322][   T31]  __mark_inode_dirty+0x1eb/0xe50
[  952.408927][   T31]  generic_update_time+0xcf/0xf0
[  952.414892][   T31]  file_update_time+0x17d/0x1c0
[  952.420791][   T31]  ext4_page_mkwrite+0x35e/0x1750
[  952.426978][   T31]  ? __pfx_ext4_page_mkwrite+0x10/0x10
[  952.433832][   T31]  ? __pfx_filemap_map_pages+0x10/0x10
[  952.440808][   T31]  ? pte_alloc_one+0x2b1/0x380
[  952.447273][   T31]  do_page_mkwrite+0x171/0x380
[  952.453052][   T31]  do_pte_missing+0x29c/0x3fb0
[  952.458926][   T31]  ? do_raw_spin_unlock+0x172/0x230
[  952.465551][   T31]  ? __pmd_alloc+0x3c2/0x870
[  952.471151][   T31]  __handle_mm_fault+0x103d/0x2a40
[  952.477401][   T31]  ? __pfx___handle_mm_fault+0x10/0x10
[  952.484019][   T31]  ? lock_vma_under_rcu+0x47d/0x970
[  952.490417][   T31]  ? lock_vma_under_rcu+0x47d/0x970
[  952.496889][   T31]  handle_mm_fault+0x3fe/0xad0
[  952.502659][   T31]  do_user_addr_fault+0x60c/0x1370
[  952.508909][   T31]  exc_page_fault+0x5c/0xc0
[  952.514341][   T31]  asm_exc_page_fault+0x26/0x30
[  952.520365][   T31] RIP: 0033:0x7fc91206547b
[  952.525763][   T31] RSP: 002b:00007ffe8d312370 EFLAGS: 00010246
[  952.533064][   T31] RAX: 00000000003ffde8 RBX: 0000000000000000 RCX: 0000000000000000
[  952.543136][   T31] RDX: 0000001b30520000 RSI: 0000000000400000 RDI: 00007fc912298d50
[  952.553226][   T31] RBP: 0000000000000000 R08: 0000000000000004 R09: 0000000000040000
[  952.562953][   T31] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  952.572614][   T31] R13: 00000000000927c0 R14: 00000000000c19da R15: 00007ffe8d312620
[  952.583201][   T31]  </TASK>
[  952.586946][   T31] 
[  952.586946][   T31] Showing all locks held in the system:
[  952.596630][   T31] 1 lock held by khungtaskd/31:
[  952.602466][   T31]  #0: ffffffff8e3bf440 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0
[  952.614434][   T31] 6 locks held by kworker/u8:5/1138:
[  952.620844][   T31]  #0: ffff8880216fd948 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  952.636015][   T31]  #1: ffffc90003dd7d18 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  952.650797][   T31]  #2: ffff88814e7120e0 (&type->s_umount_key#31){++++}-{4:4}, at: super_trylock_shared+0x1e/0xf0
[  952.663864][   T31]  #3: ffff88814e714b98 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: do_writepages+0x1b2/0x820
[  952.676328][   T31]  #4: ffff88814e716950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x5e4/0x1410
[  952.688675][   T31]  #5: ffff88807b2cefc0 (&ei->i_data_sem){++++}-{4:4}, at: ext4_map_blocks+0x355/0x1390
[  952.700906][   T31] 1 lock held by klogd/5190:
[  952.706485][   T31]  #0: ffff8880b8439f18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130
[  952.718548][   T31] 3 locks held by syz-executor/5816:
[  952.724975][   T31]  #0: ffff88807b999088 (vm_lock){++++}-{0:0}, at: do_user_addr_fault+0x452/0x1370
[  952.736771][   T31]  #1: ffff88814e712518 (sb_pagefaults){.+.+}-{0:0}, at: do_page_mkwrite+0x171/0x380
[  952.748395][   T31]  #2: ffff88814e716950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x5e4/0x1410
[  952.760459][   T31] 2 locks held by getty/16186:
[  952.766251][   T31]  #0: ffff88814d7190a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  952.778157][   T31]  #1: ffffc9000d13b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0
[  952.791269][   T31] 3 locks held by syz.2.2805/18958:
[  952.797639][   T31]  #0: ffff8880483a0308 (vm_lock){++++}-{0:0}, at: do_user_addr_fault+0x452/0x1370
[  952.809285][   T31]  #1: ffff88814e712518 (sb_pagefaults){.+.+}-{0:0}, at: do_page_mkwrite+0x171/0x380
[  952.820825][   T31]  #2: ffff88814e716950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x5e4/0x1410
[  952.832743][   T31] 3 locks held by syz.1.2813/18959:
[  952.839089][   T31]  #0: ffff88802b4bce48 (vm_lock){++++}-{0:0}, at: do_user_addr_fault+0x452/0x1370
[  952.850397][   T31]  #1: ffff88814e712518 (sb_pagefaults){.+.+}-{0:0}, at: do_page_mkwrite+0x171/0x380
[  952.862310][   T31]  #2: ffff88814e716950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x5e4/0x1410
[  952.874149][   T31] 3 locks held by syz.3.2806/18960:
[  952.880515][   T31]  #0: ffff888024bf0d08 (vm_lock){++++}-{0:0}, at: do_user_addr_fault+0x452/0x1370
[  952.892507][   T31]  #1: ffff88814e712518 (sb_pagefaults){.+.+}-{0:0}, at: do_page_mkwrite+0x171/0x380
[  952.904293][   T31]  #2: ffff88814e716950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x5e4/0x1410
[  952.915939][   T31] 3 locks held by syz.0.2807/18961:
[  952.922205][   T31]  #0: ffff88806e766448 (vm_lock){++++}-{0:0}, at: do_user_addr_fault+0x452/0x1370
[  952.935231][   T31]  #1: ffff88814e712518 (sb_pagefaults){.+.+}-{0:0}, at: do_page_mkwrite+0x171/0x380
[  952.946760][   T31]  #2: ffff88814e716950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x5e4/0x1410
[  952.958607][   T31] 
[  952.961424][   T31] =============================================
[  952.961424][   T31] 
[  952.971583][   T31] NMI backtrace for cpu 1
[  952.971606][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-rc4-syzkaller-00011-gf15d97df5afa #0 PREEMPT(full) 
[  952.971644][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  952.971663][   T31] Call Trace:
[  952.971673][   T31]  <TASK>
[  952.971686][   T31]  dump_stack_lvl+0x116/0x1f0
[  952.971729][   T31]  nmi_cpu_backtrace+0x27b/0x390
[  952.971780][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  952.971831][   T31]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[  952.971886][   T31]  watchdog+0xf70/0x12c0
[  952.971936][   T31]  ? __pfx_watchdog+0x10/0x10
[  952.971974][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  952.972013][   T31]  ? __kthread_parkme+0x19e/0x250
[  952.972053][   T31]  ? __pfx_watchdog+0x10/0x10
[  952.972097][   T31]  kthread+0x3c2/0x780
[  952.972142][   T31]  ? __pfx_kthread+0x10/0x10
[  952.972183][   T31]  ? __pfx_kthread+0x10/0x10
[  952.972224][   T31]  ? __pfx_kthread+0x10/0x10
[  952.972273][   T31]  ? __pfx_kthread+0x10/0x10
[  952.972321][   T31]  ? rcu_is_watching+0x12/0xc0
[  952.972351][   T31]  ? __pfx_kthread+0x10/0x10
[  952.972395][   T31]  ret_from_fork+0x45/0x80
[  952.972443][   T31]  ? __pfx_kthread+0x10/0x10
[  952.972488][   T31]  ret_from_fork_asm+0x1a/0x30
[  952.972553][   T31]  </TASK>
[  952.972564][   T31] Sending NMI from CPU 1 to CPUs 0:
[  953.133147][    C0] NMI backtrace for cpu 0
[  953.133167][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.15.0-rc4-syzkaller-00011-gf15d97df5afa #0 PREEMPT(full) 
[  953.133199][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  953.133214][    C0] RIP: 0010:pv_native_safe_halt+0xf/0x20
[  953.133248][    C0] Code: 86 65 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 43 29 21 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[  953.133274][    C0] RSP: 0018:ffffffff8e007e10 EFLAGS: 000002c2
[  953.133294][    C0] RAX: 0000000000434617 RBX: 0000000000000000 RCX: ffffffff8b68c3e9
[  953.133311][    C0] RDX: 0000000000000000 RSI: ffffffff8dbd9cfb RDI: ffffffff8bf467a0
[  953.133328][    C0] RBP: fffffbfff1c12ee8 R08: 0000000000000001 R09: ffffed10170865bd
[  953.133347][    C0] R10: ffff8880b8432deb R11: 0000000000000000 R12: 0000000000000000
[  953.133363][    C0] R13: ffffffff8e097740 R14: ffffffff90850e10 R15: 0000000000000000
[  953.133380][    C0] FS:  0000000000000000(0000) GS:ffff8881249ef000(0000) knlGS:0000000000000000
[  953.133404][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  953.133422][    C0] CR2: 00005609d2de9680 CR3: 000000000e180000 CR4: 00000000003526f0
[  953.133438][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  953.133454][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  953.133470][    C0] Call Trace:
[  953.133479][    C0]  <TASK>
[  953.133487][    C0]  default_idle+0x13/0x20
[  953.133521][    C0]  default_idle_call+0x6d/0xb0
[  953.133554][    C0]  do_idle+0x391/0x510
[  953.133580][    C0]  ? __pfx_do_idle+0x10/0x10
[  953.133603][    C0]  ? trace_sched_exit_tp+0x31/0x130
[  953.133634][    C0]  ? do_idle+0x2ea/0x510
[  953.133660][    C0]  cpu_startup_entry+0x4f/0x60
[  953.133684][    C0]  rest_init+0x16b/0x2b0
[  953.133720][    C0]  ? acpi_subsystem_init+0x133/0x180
[  953.133756][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[  953.133785][    C0]  start_kernel+0x3e9/0x4d0
[  953.133811][    C0]  x86_64_start_reservations+0x18/0x30
[  953.133837][    C0]  x86_64_start_kernel+0xb0/0xc0
[  953.133861][    C0]  common_startup_64+0x13e/0x148
[  953.133899][    C0]  </TASK>
[  953.134152][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  953.397105][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-rc4-syzkaller-00011-gf15d97df5afa #0 PREEMPT(full) 
[  953.411277][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  953.423347][   T31] Call Trace:
[  953.427282][   T31]  <TASK>
[  953.430805][   T31]  dump_stack_lvl+0x3d/0x1f0
[  953.436326][   T31]  panic+0x71c/0x800
[  953.441011][   T31]  ? __pfx_panic+0x10/0x10
[  953.446329][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  953.452798][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  953.459997][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  953.466481][   T31]  ? watchdog+0xdda/0x12c0
[  953.471798][   T31]  ? watchdog+0xdcd/0x12c0
[  953.477136][   T31]  watchdog+0xdeb/0x12c0
[  953.482266][   T31]  ? __pfx_watchdog+0x10/0x10
[  953.487900][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  953.494159][   T31]  ? __kthread_parkme+0x19e/0x250
[  953.500208][   T31]  ? __pfx_watchdog+0x10/0x10
[  953.505835][   T31]  kthread+0x3c2/0x780
[  953.510736][   T31]  ? __pfx_kthread+0x10/0x10
[  953.516261][   T31]  ? __pfx_kthread+0x10/0x10
[  953.521785][   T31]  ? __pfx_kthread+0x10/0x10
[  953.527310][   T31]  ? __pfx_kthread+0x10/0x10
[  953.532832][   T31]  ? rcu_is_watching+0x12/0xc0
[  953.538662][   T31]  ? __pfx_kthread+0x10/0x10
[  953.544191][   T31]  ret_from_fork+0x45/0x80
[  953.549512][   T31]  ? __pfx_kthread+0x10/0x10
[  953.555045][   T31]  ret_from_fork_asm+0x1a/0x30
[  953.560790][   T31]  </TASK>
[  953.564752][   T31] Kernel Offset: disabled
[  953.569935][   T31] Rebooting in 86400 seconds..