last executing test programs:

2m48.206885381s ago: executing program 3 (id=1385):
socket$nl_generic(0x10, 0x3, 0x10)

2m47.995502303s ago: executing program 3 (id=1387):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_CGROUPSTATS_CMD_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="13000000", @ANYRES16=0x0, @ANYBLOB="2586f2bd7000fedbdf2504000000080001"], 0x1c}, 0x1, 0x0, 0x0, 0x400c9d0}, 0x4080)
r0 = socket(0x10, 0x2, 0x14)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="a742ca5429031768ff27d23a750986fdfa1498326fea2f1e0f"], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x200440c0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51)
statmount$auto(0x0, 0x0, 0x1fe, 0xd)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
unshare$auto(0x40000080)
socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xf6f6, 0x8000)
r1 = socket(0xa, 0x801, 0x84)
listen$auto(r1, 0x3)
getsockopt$auto(r1, 0x84, 0x6d, 0x0, &(0x7f0000000280)=0x17d)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
shmdt$auto(0x0)
setresuid$auto(0x2, 0x7, 0x8080)
ioprio_get$auto(0x3, 0x2)
socket(0x5, 0x4, 0x106)
openat$auto_rfkill_fops_core(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, 0x0, 0x80040, 0x0)
ioctl$auto_USB_RAW_IOCTL_CONFIGURE(r2, 0x5509, 0x0)
unshare$auto(0x40000080)
syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$auto_MACSEC_CMD_UPD_RXSA(0xffffffffffffffff, &(0x7f0000006200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x40080b4}, 0x20004000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r3 = socket(0x15, 0x5, 0x0)
setsockopt$auto(r3, 0x114, 0xa, 0x0, 0x4)
openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0)

2m44.434322897s ago: executing program 3 (id=1398):
ioctl$auto_SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, 0x0) (async)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f0000000000))
write$auto(0x3, 0x0, 0x0) (async)
mmap$auto(0x0, 0x2020009, 0xaa, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x4) (async)
madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async)
mmap$auto(0x0, 0x6, 0x3, 0xeb1, 0x7, 0x8000)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
socket(0x2, 0x1, 0x0) (async)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, 0x0, 0x40, 0x0) (async)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x3d, 0x0, 0x1f, 0xf}, 0x800009}, 0x5, 0x20000000) (async)
io_uring_setup$auto(0xffe, 0x0) (async)
mmap$auto(0x0, 0x20009, 0x5, 0xeb2, 0x8, 0x1008000) (async)
r1 = socket(0x15, 0x6, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/pid_for_children\x00') (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) (async)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4000010}, 0x24810) (async)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x7, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async)
recvmmsg$auto(r1, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty12\x00', 0x800, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x4000) (async)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="180027"], 0x1ac}, 0x1, 0x0, 0x0, 0x4000044}, 0x40000) (async)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc8}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x1f00)
rt_sigtimedwait$auto(0x0, 0x0, 0x0, 0x8)
getpid() (async)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)

2m43.830001302s ago: executing program 3 (id=1401):
r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$auto_FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f00000000c0))
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
lsm_list_modules$auto(0x0, 0x0, 0x0)
lsm_list_modules$auto(0x0, 0x0, 0x0)
r1 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x80100, 0x0)
ioctl$auto_dvb_demux_fops_dmxdev(r1, 0x40146f2c, 0x0)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop6\x00', 0x14f602, 0x0)

2m43.549829548s ago: executing program 3 (id=1403):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x8009, 0x400000072, 0x8b72, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)
read$auto(r0, 0x0, 0x1f40)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000004000)
sendmmsg$auto(0x3, 0x0, 0x3, 0x0)

2m43.058973127s ago: executing program 3 (id=1404):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002cbd7000fddbdf2502000000080001000a000000450004002f73"], 0x64}, 0x1, 0x0, 0x0, 0x4004891}, 0x4000)

2m39.145681804s ago: executing program 2 (id=1418):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$auto_SEG6_CMD_SET_TUNSRC(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)={0x28, r1, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@SEG6_ATTR_DST={0x14, 0x1, @rand_addr=' \x01\x00'}]}, 0x28}, 0x1, 0x0, 0x3000000000000, 0x814}, 0x4)

2m38.749255042s ago: executing program 2 (id=1420):
mmap$auto(0x0, 0x3, 0x4000000000df, 0x8010, 0x401, 0x8400)
socket(0xa, 0x1, 0x100)
ioperm$auto(0x7, 0x5ad2, 0x8)
modify_ldt$auto(0x1, 0x0, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x583300, 0x0)
r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
pread64$auto(r0, 0x0, 0x7ff, 0x400)
socket(0x1e, 0x1, 0x0)
quotactl_fd$auto(0x0, 0x80000200, 0x6, 0xfffffffffffffffd)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socket(0x21, 0x3, 0x9)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x2, 0x7, 0xfffffffffffffe00, 0x8fd6, 0x948b, 0x3, 0x15f4da0d, 0x3, 0x5, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0x9]}, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb0;\xf2\t\x00\x00\x00\x00\x00\x00\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03MF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100080a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x3, 0xd, 0x1, 0x948b, 0x1, 0x15f4da0a, 0x3, 0xffffffffd09d8d67, 0x62, 0x80000023, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000)
write$auto(0x3, 0x0, 0xffd8)
unshare$auto(0x40000080)
process_mrelease$auto(0xffffffffffffffff, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x8800)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x4242, 0x10)
flock$auto(r2, 0x2)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84)
mount$auto(0x0, &(0x7f0000001500)='./file0\x00', &(0x7f0000001540)='cifs\x00', 0x7ffe, 0x0)
mincore$auto(0x1000, 0x8001, 0x0)
close_range$auto(0x2, 0x8, 0x0)

2m37.13527435s ago: executing program 2 (id=1429):
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xec2, 0xa)
socket(0x2b, 0x800, 0x0)
unshare$auto(0x100)
iopl$auto(0xff)
munmap$auto(0x20001000, 0x7fb3)
madvise$auto(0x0, 0xffffffffffff0101, 0x15)
mbind$auto(0x1800000000000000, 0x2, 0x2, &(0x7f0000002100)=0x4, 0x7, 0x0)

2m36.46224504s ago: executing program 2 (id=1433):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x6)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f00000000c0)="5fbc9ef5cb12bf8404fe7b", 0xffffffff, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x20000010}, 0xc1)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x100, 0x0)
read$auto(r1, 0x0, 0x20)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/class/zram-control/hot_add\x00', 0x20800, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000ec0)=""/4096, 0x1000)
sendmmsg$auto(0x3, 0x0, 0x3, 0x0)
sendmsg$auto_NCSI_CMD_PKG_INFO(0xffffffffffffffff, 0x0, 0x44088)
socketpair$auto(0x1e, 0x3, 0xfffffffe, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x3}, 0x7}, 0x3, 0xcad7)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0x2, 0x8000)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
shutdown$auto(0x200000003, 0x2)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
bind$auto(0x3, 0x0, 0x6a)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x462202, 0x0)
mmap$auto(0x0, 0xe983, 0xdc, 0x15, 0xffffffffffffffff, 0x5)
mmap$auto(0x0, 0x400005, 0xffffffffffeffffe, 0x9b72, 0xc76, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x20b42, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
madvise$auto(0x0, 0x200007, 0x8)

2m35.178392948s ago: executing program 2 (id=1438):
openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, &(0x7f0000002440), 0x80c02, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/bus/platform/drivers/intel_pmc_usb/uevent\x00', 0x8000, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup.cpu/memory.kmem.tcp.limit_in_bytes\x00', 0xc2481, 0x0)
openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x7a1000, 0x0)
openat$auto_proc_oom_score_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_score_adj\x00', 0x80000, 0x0)
socket(0x2, 0x5, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x3c, r1, 0x1b, 0x70bc26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0xc, 0x3, 0x0, 0x1, [@typed={0x8, 0xb, 0x0, 0x0, @fd}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f17790485908286dd"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/vm/compaction_proactiveness\x00', 0x40001, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/module/batman_adv/parameters/routing_algo\x00', 0x8182, 0x0)
open(0x0, 0x149443, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa941, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r2 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0)
write$auto(r2, 0x0, 0xc3)

2m34.777785602s ago: executing program 2 (id=1441):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002cbd7000fddbdf2502000000080001000a000000450004002f73"], 0x64}, 0x1, 0x0, 0x0, 0x4004891}, 0x4000)

2m30.117617405s ago: executing program 0 (id=1454):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket(0x6, 0x1, 0x6)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xb8500, 0x0)
sendfile$auto(r0, r0, 0x0, 0x7fff)
unshare$auto(0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0xf1, 0x2, 0x8000)
r1 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
poll$auto(&(0x7f0000000180)={<r2=>r1, 0xfff7, 0x9816}, 0x7f, 0x9)
ioctl$auto_VHOST_SET_OWNER(r2, 0xaf01, 0x0)
ioctl$auto(0x3, 0x4008af03, 0x0)
capset$auto(0x0, 0x0)
ioctl$auto_VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, 0x0)
setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b)
ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0)
unshare$auto(0x40000080)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x810004, 0xfff, 0x8000000008012, 0x3, 0x8000)
write$auto(0x3, 0x0, 0xfffffdef)
socket(0xa, 0x2, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
ioctl$auto(0x3, 0x8905, 0xfffffffffffff4e0)
setfsuid$auto(0x0)
mmap$auto(0x0, 0x40009, 0xde, 0x9b72, 0x7, 0x28000)
r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SYNC(r3, 0x5001, 0xfffffffffffffffc)
mmap$auto(0x0, 0x4, 0xffd, 0x12, 0x3, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

2m29.786913238s ago: executing program 0 (id=1456):
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x1, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video20\x00', 0x80000, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
ioctl$auto(0x3, 0xc0405626, 0x38)
mmap$auto(0x0, 0x20009, 0xe3, 0xeb1, 0xdd, 0x408000)
mmap$auto(0x100000000, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_NL80211_CMD_GET_WIPHY(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)
read$auto(r0, 0x0, 0x1f40)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
r2 = socket(0xa, 0x2, 0x88)
setsockopt$auto(r2, 0x29, 0x11, 0x0, 0x1)
setresuid$auto(0xffffffffffffffff, 0xeffffffeffffffff, 0xd2)
kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@kbuf=0x0, 0x2, 0x80000000, 0x3000}, 0x4)

2m29.31205217s ago: executing program 0 (id=1457):
r0 = socket(0x11, 0x3, 0x9)
sendmmsg$auto(r0, &(0x7f0000000180)={{&(0x7f00000001c0)="dd2fe40a0900", 0x5ac, &(0x7f0000000100)={&(0x7f0000000340), 0x21}, 0x5, &(0x7f0000000180), 0x5, 0xe}, 0x5}, 0x2, 0x100)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x200100, 0x0)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_udc.1/udc/dummy_udc.1/uevent\x00', 0x40000, 0x0)
rseq$auto(&(0x7f00000003c0)={0xfffffff9, 0x9, 0x1, 0x10, 0x4, 0x7fff}, 0x3, 0xfffffffd, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000040)=""/195, 0xc3)
sendmsg$auto_NL80211_CMD_SET_NOACK_MAP(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="88010000", @ANYRES16=r1, @ANYBLOB="000426bd7000fbdbdf255700000006004301d2d80000fc003180f700c7001aba2753194fc5a544d985468abc2ecdd7854f7ffc31c78d3afdef7f7733c9507e4732d5e750be1a80655fd25252fccacf186bca80c0130e9e84a5fcc81f8963c6b4d2e4a19d3133acd064828bc9d013f486629212596c29d58a3656f8aadc581702983f5897dde8218a9258ab05f14e507df89bfe6d9e6e0d8fea1a177fa715a1348cce19cbc12293bd64c5830f587ee680cd63c21052f7da84b8cf1654a63823d3d2dc47621e9fbc603b120f7f2ac9e6cbd81800bea6a569e0eefd33bdf324b79468e3f5fb9c0f31776cc0c3dd09ede8358e09efc8c3f63d8101466d375241f03038da1195af269aad2d0e1d3bdcbac0a74000060012000400000068006e8062007e80040033801a6d0ae67b6a96428c005cb9e28187f7d2b8fc14e34a1606e2f2edb26a0710223dc6791c860c347194be08005b00e0000001fba098b8d43442069e53ad8fe4295f360b15ddb2583117d25c1ebf286cb79b7b4561dcff757fb9540000"], 0x188}, 0x1, 0x0, 0x0, 0x4000000}, 0x800)

2m29.168979344s ago: executing program 0 (id=1458):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0)
ioctl$auto_CEC_S_MODE(r1, 0x40046109, &(0x7f0000002c40)=0xd0)
ioctl$auto_CEC_DQEVENT(r1, 0xc0506107, 0x0)
ioctl$auto_CEC_DQEVENT(r1, 0xc0506107, &(0x7f0000000280)={0x4, 0x3, 0xa, @state_change={0xc, 0x6, 0x8}})
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r2, 0xc0045002, &(0x7f00000000c0))
prctl$auto_PR_GET_SPECULATION_CTRL(0x34, 0x10, 0xffffffffffffffff, 0x8000, 0x8acb)
prctl$auto_PR_GET_SPECULATION_CTRL(0x34, 0x2000000, 0x417, 0x3, 0x6a37)
write$auto(0xffffffffffffffff, 0x0, 0x7)
r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x20400, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r3, 0xc4c85512, &(0x7f00000012c0)={{@raw=0x3, 0x1, 0x6d2e99e8, 0x6, "0582a820061b5c51a65a6dd72b0b15addbdf55cb4b0f2381f2673e3a1ebe21e1bf1b26f0db7b62b67bd764f9"}, 0x0, @integer64=@value_ptr=0x0, "528d458095d42b72adda0cac2d45bdaacfc82245992af763188bf00ab57d5d73b094925aa92857fd2f672f85343275f80841c6ca41e93023ab4510269ed959a79a789527276d90375018fc08050559d8936b8d72087a5689d4338da78b8b8bdcea8188ca43202fb78dacb3fea1258074885c899d75cd52751f9be959d90fa5c2"})
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000140), 0x1a3780, 0x0)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r5 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x80000000, 0x5f, 0x80000001, 0x7, 0x6d3f, 0x7, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x201, 0x3, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x1000000003, 0x9, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x200]}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r5, 0x0, 0x814)
madvise$auto(0xfffffffe, 0xffffffffffff0001, 0x15)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7fffe000)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ETHTOOL_MSG_RSS_GET(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="010329bd700002dcdf2524"], 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x40044010)
r7 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB="01002bbd7000fddbdf3a04000000050011002e"], 0x1c}, 0x1, 0x0, 0x0, 0x801}, 0x4044820)

2m27.907784633s ago: executing program 32 (id=1404):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002cbd7000fddbdf2502000000080001000a000000450004002f73"], 0x64}, 0x1, 0x0, 0x0, 0x4004891}, 0x4000)

2m27.884706478s ago: executing program 0 (id=1464):
mmap$auto(0x0, 0x20009, 0x4000000000e2, 0x40000000000eb1, 0x401, 0x8000)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
prctl$auto(0xadb, 0x1, 0x0, 0x9, 0x401)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
rt_sigtimedwait$auto(0x0, 0x0, 0x0, 0x8)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe00)
madvise$auto(0x400000000000000, 0xffffffffffff0001, 0x15)

2m26.87436512s ago: executing program 0 (id=1466):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
socket(0x2, 0x800, 0x206)
sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002cbd7000fddbdf2502000000080001000a000000450004002f7379732f646576696365732f706c6174666f726d2f64756d6d795f6863642e362f757362372f706f7765722f77616b6575705f802be41a5e97a5216f756e"], 0x64}, 0x1, 0x0, 0x0, 0x4004891}, 0x4000)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
syz_clone(0x40100100, 0x0, 0x0, 0x0, 0x0, 0x0)

2m26.701485237s ago: executing program 1 (id=1467):
mmap$auto(0x0, 0x20009, 0x4000000000e2, 0x40000000000eb1, 0x401, 0x8000)
r0 = socket(0x11, 0x3, 0x9)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48})
sendmmsg$auto(r0, &(0x7f0000000640)={{&(0x7f0000000000), 0x5ae, &(0x7f0000000100)={&(0x7f0000000780)="4c030000000000002184000000000000005f6bba44181011", 0x49}, 0x5, 0x0, 0x5, 0x1}, 0x1}, 0x2, 0x100)

2m26.56115682s ago: executing program 1 (id=1468):
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x7, 0xd, 0x7181, 0x1ffde, 0x7, 0x3, 0x9, 0x9, 0x3, 0x0, 0x1, 0xb4, 0x9, 0x8, 0x10003, 0x80, 0x4, 0x0, 0xa, 0x22000, 0x200, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}, 0x1fe, 0xd)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x400000000000000}, 0x40000)

2m24.436441622s ago: executing program 1 (id=1476):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = socket(0x29, 0x2, 0x0)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x2000000}, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0xffffffffffffff7d, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYRES16=r1, @ANYRES32=r1, @ANYRES8=r0, @ANYBLOB="e3d3e35db6aa4b7a56be1c47ba23d154815dfc3342bb68b0be9f2b97a69aa80ae0edf948a7b7f04e2ad6a264fdd3f8bd757cd4c54f21bb6761a26050e9b20fe7a4b7beaba46332b3fbed90b14334d20daaa810adbae8465f72c98249c402908f6f5e61a161bbb381897bc21852ba0468b9f05cc8a5f3095f41d16f51536d18e68153bfefc1d3e3a4f4bf8e22e4bb080e5a12b4aa9ccf8d60d807"], 0x1ac}, 0x1, 0x0, 0x0, 0x10}, 0x40040)
recvmmsg$auto(r1, &(0x7f0000000140)={{0x0, 0xfffffffe, 0x0, 0x5, 0x0, 0x200002, 0x8}, 0x801}, 0xfffffff9, 0x10, 0x0)
ioctl$auto(r0, 0x8923, 0x24)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/smaps_rollup\x00', 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x11, 0x800, 0x2)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000)
get_mempolicy$auto(0x0, 0x0, 0x3, 0x1ff, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r2, 0x0, 0x20)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3)
r4 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r4, &(0x7f0000000100)="4ceac02070916ed1dc1f91", 0xb)
r5 = socket(0x1, 0x1, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff)
sendmsg$auto_NBD_CMD_CONNECT(r6, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000280)=ANY=[@ANYBLOB="2c00fdff", @ANYRES16=r7, @ANYBLOB="010023bd7000fadbdf2501000000040007800c00020005000000dd00000008000100232e0000", @ANYRESHEX=r3, @ANYRESDEC=r5], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x8880)

2m23.530607553s ago: executing program 1 (id=1472):
r0 = socket(0xa, 0x801, 0x84)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
setsockopt$auto(r0, 0x10000000084, 0x0, 0x0, 0x10)
r1 = openat$auto_fops_blob_file(0xffffffffffffff9c, &(0x7f0000000100), 0x107003, 0x0)
mmap$auto(0x1, 0x4, 0x80000000000df, 0x800000000013, r1, 0x3)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
setfsuid$auto(0x0)
r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8001, 0x0)
ioctl$auto_SCSI_IOCTL_SEND_COMMAND2(r2, 0x1, &(0x7f0000000000)="140400000000000037")
fcntl$auto(0x3, 0x4, 0xa553)
write$auto(0x3, 0x0, 0x4)

2m23.141791859s ago: executing program 1 (id=1473):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop6\x00', 0x14f602, 0x0)
openat$auto_tracing_err_log_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/error_log\x00', 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
semctl$auto(0x1ff, 0x2, 0x13, 0x4)
clone3$auto(&(0x7f0000000000)={0x200, 0x5, 0x7, 0x2, 0x1, 0x87, 0x8, 0xb, 0x9, 0x2, 0xcb6}, 0xaa)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
read$auto(0x3, 0x0, 0x1f40)
mmap$auto(0x4, 0x810004, 0x950b, 0x8000000008011, r0, 0x8000)

2m22.811619591s ago: executing program 1 (id=1474):
r0 = openat$auto_proc_tid_children_operations_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x2800000000000000, 0x20004000010000e3, 0x18, r0, 0x7)
r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/006/001\x00', 0xa901, 0x0)
ioctl$auto(r1, 0x7, r1)
close_range$auto(0x0, r1, 0x4000000000002)
write$auto(r1, &(0x7f00000000c0)='Q/\x00', 0xa539)
pipe2$auto(0x0, 0x80)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x167)
mount$auto(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000140)='nfsd\x00', 0xf, 0x0)
prctl$auto(0x35, 0x1, 0x4, 0x0, 0x0)
ioperm$auto(0x7, 0x5ad2, 0x8)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
read$auto(0xffffffffffffffff, &(0x7f0000000240)='/\x00', 0x100000001)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
write$auto(0x3, 0x0, 0xfffffffffffffff7)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x8800)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x48380, 0x0)
openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
writev$auto(0x3, 0x0, 0x8)
msync$auto(0x1ffff000, 0x1800000ffffffe4, 0x400000004)
mincore$auto(0x1000, 0x8001, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x0, 0x0)

2m19.079832471s ago: executing program 33 (id=1441):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002cbd7000fddbdf2502000000080001000a000000450004002f73"], 0x64}, 0x1, 0x0, 0x0, 0x4004891}, 0x4000)

2m11.679971553s ago: executing program 34 (id=1466):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
socket(0x2, 0x800, 0x206)
sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002cbd7000fddbdf2502000000080001000a000000450004002f7379732f646576696365732f706c6174666f726d2f64756d6d795f6863642e362f757362372f706f7765722f77616b6575705f802be41a5e97a5216f756e"], 0x64}, 0x1, 0x0, 0x0, 0x4004891}, 0x4000)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
syz_clone(0x40100100, 0x0, 0x0, 0x0, 0x0, 0x0)

2m7.512984287s ago: executing program 35 (id=1474):
r0 = openat$auto_proc_tid_children_operations_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x2800000000000000, 0x20004000010000e3, 0x18, r0, 0x7)
r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/006/001\x00', 0xa901, 0x0)
ioctl$auto(r1, 0x7, r1)
close_range$auto(0x0, r1, 0x4000000000002)
write$auto(r1, &(0x7f00000000c0)='Q/\x00', 0xa539)
pipe2$auto(0x0, 0x80)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x167)
mount$auto(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000140)='nfsd\x00', 0xf, 0x0)
prctl$auto(0x35, 0x1, 0x4, 0x0, 0x0)
ioperm$auto(0x7, 0x5ad2, 0x8)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
read$auto(0xffffffffffffffff, &(0x7f0000000240)='/\x00', 0x100000001)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
write$auto(0x3, 0x0, 0xfffffffffffffff7)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x8800)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x48380, 0x0)
openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
writev$auto(0x3, 0x0, 0x8)
msync$auto(0x1ffff000, 0x1800000ffffffe4, 0x400000004)
mincore$auto(0x1000, 0x8001, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x0, 0x0)

1m39.212190323s ago: executing program 4 (id=1612):
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40008d0}, 0xc800)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
r0 = socket(0xa, 0x5, 0x84)
sendto$auto(r0, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe800000fffffff5"}, 0x1c)

1m38.707255806s ago: executing program 4 (id=1615):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="20000006", @ANYRES16=r1, @ANYBLOB="01002bbd7000fcdbdf25040000000400100008000cf1edfba1d1"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800)
sendmsg$auto_NL80211_CMD_GET_REG(r0, 0x0, 0x24000810)

1m38.429186767s ago: executing program 4 (id=1616):
mmap$auto(0x6, 0x0, 0x4, 0x18, 0xffffffffffffffff, 0x40)
r0 = socket(0x2b, 0x1, 0x1)
r1 = socket(0x10, 0x5, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1c6cebad9215469303fc8b359465e849c875978f2943d044d489cc803aec0f1547f8dc3c78475129bbe2cf11fce0915cf2071ab48e8e85761b01e605dd1dff58837085410263f15928c9beced46f045eac59b92a0b2d675b9cd95679e159cab4180338ab3b656d3802e25124e670a18bd669655c74c145c847cf2bc24f9d2e02dd2d552a89d102b982f31c0ce55f391f7cb406f392f87783a04dad346d64e1702ce795bc115d1844caa6cae1ad982644d27c8a8b266e187640569e753bce5309fe14d330f83bcf1bb77db3a5dfdc34f55efbcb4f243526c2866528ac88e01eaba9838640937d5b53674ae56cc1a72414b1cbd07375c65698d6b023ecf5ac95ede42632f4b4e89b92291d7d6ac41cea55c1d0da6127f4e3ffa7dcdf92ba8da56186fe5a9bbd6994c66d423d8261fa58b88a306aa027163fc79e16e74b933f14aaf4f621f"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40)
openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/Writeback-1/edid_override\x00', 0x40901, 0x0)
write$auto(r0, &(0x7f0000000040)='/sys/kernel/debug/dri/vkms/Writeback-1/edid_override\x00', 0x5)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r2 = socket(0xa, 0x1, 0x100)
ioperm$auto(0x7, 0x5ad2, 0x8)
modify_ldt$auto(0x1, 0x0, 0x10)
setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyd1\x00', 0x40, 0x0)
mmap$auto(0xc, 0x20005, 0x5, 0xeb1, r2, 0x8000)
openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000c40)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0)
write$auto(0x3, 0x0, 0xffd8)
unshare$auto(0x40000080)
openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f0000000000), 0x80200, 0x0)
rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6)
r3 = socket(0x15, 0x1, 0x0)
mmap$auto(0x5, 0x7, 0xb1, 0xeb1, 0xffffffffffffffff, 0x7)
process_mrelease$auto(0xffffffffffffffff, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x8800)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x4, 0x400008, 0xdf, 0x9372, r3, 0x8000)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0)
mincore$auto(0x1000, 0x8001, 0x0)
fcntl$auto(0x8000000000000001, 0x7, 0x8)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
fcntl$auto(0x8000000000000001, 0x26, 0x8)
close_range$auto(0x2, 0x8, 0x0)

1m37.621399822s ago: executing program 4 (id=1621):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)=ANY=[@ANYBLOB='d\x00\x00/', @ANYRES16=r1, @ANYBLOB="01002cbd7000fddbdf2502000000080001000a000000450004002f73"], 0x64}, 0x1, 0x0, 0x0, 0x4004891}, 0x4000)

1m37.419395486s ago: executing program 4 (id=1623):
socket(0xa, 0x801, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
fcntl$auto(0x3, 0x4, 0xa553)
write$auto(0x3, 0x0, 0x4)

1m37.126478274s ago: executing program 4 (id=1626):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000d40), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000002080)={&(0x7f0000000440)=ANY=[@ANYBLOB="e4080000", @ANYRES16=r2, @ANYBLOB="010028bd7000fedbdf2506000000d8000180100002002fe46f1aa0eede0561762f61060002002d000000b2000100c4900549a63ee21eef83dd5892db2b3dda4007d78700b55d29370e7350625c8b1edec0e2f1def174588b1aa4028c4c8926824f5c3597c1705fb3cbb869d93b1cf001b5ec345f0118302358f9d17a69f02e93b9d40d5b33a9d6ca4f0f01573ace697d338798c2f43db13b2e1d4f76885ce42fd7c77073f4b973cd8460e4bfbab54f3767f10187d494d9a8eda1991a384d0c16b3cf718b1a4afca09c0041895dac99c430445ca189f7befa9aa115e000000800020024292d00140001800e0002002f6465762f6d7464300000001c03018050010100baf6b4defa6d6d91ef672e4ab922ec1e59611d2208b24bf435e74536d1ed20679ecac85fb8661d775133084fdad87bb5c075fadf78dbd67884cf8d8b052026de1eb6d229842d392464281d2df2ceb20d7ec613660642fad2376197c501f129484e1f7449d456fd0b2ce8bb9a72eb8d6ee0f4d47489b4b739c6aa9d2c9b6a84763be378f2ceb0f8de8e044cf0c4eca4793af55685778fe3f381e9448857960ba09fe46e79045d80c3a7a6fa3ae6934843a553d6d933c166b31fb6c1fa32c5aec88bed4fe1d8a623503b7319ca0eff398057f5ea8953fa1ab188b4487bd6ea655710a6ed6da75a8e0de47bccb6592bbdf851d319a6c50923d8330d34709cc2bb26dda95f4b427fd631af6de17e6f3f03ca92abe20a44a71be7257612fb34849b64d17089d857e5b7fd01ea5252ff4e2c60b67708dd0fe87c49e2168eb3f5d9449c64ec7aa7dd45a4bd78475dafc601010069019278eab73eace579826104e7fde599421902db3d842b5fe3bcdfd0cf6e733230609d89ee0466d6bc44b1f1226ae95ece16395efed9002f9778f5a81a5e5627bfc1495a09e34b329c9b08d995a98ca10514471b36f9b4d4809dae75e72c7559fa968266dd90e0847cf6752ce2e19605e06e6dcc921c2f1263aef729a71c2f66ecf50000000000aceacea71b6b6c30b1baa8ced510195d92c024a4b517e55cfc11afbbdd03ad93f6c9c7c055cfdad3f0c7cdd76cc36e5dbe20cc0e317820d3d6c07aae00c41dcafd43065256b1f6d5567a09360ee7d0292965a568ee32282b497484018db08af6d42593254abbdbdec7a287c8d32a578ebc507c8925c8677c4c97f16f9e4b4f816800b3ce76d6ad62339b220e8d9940085511dc383ce7197918aa1e61d0651b2121a266ca1935eeb628aa3ca323572640153bf9fa56bdeb0d3243fb9c7b8299f77bbdbcc340f405b2522609c9561a3f487260e8071f6daffda86169ffc7e36143924dfde0883ac048b9184c5c620e873d28fc334253de4748aab32d9d446d68321c67867615bc85217c8e5b0e52d1af56e6dc825e6ead46992abc430749c752732aad0adf13c5221ae6496aab367121274170370000000000000000000400018014000180100002002f6465762f617564696f3100200201800c0002002a5e3a792d255b00090002006e6673640000000009000200212b5d5d00000000f8010100a04eab223019a510fa3735e2897e4d0d8142576a5b9a2a69de8ef23a26b4b0724b0b79b459cebff704171c03ea790e881e92b503cdbdcf524fdfbd48a0659641917fed0e7faea3c52d88e7f543741dad96144ff4a89bb459019dff005a8503a4fdbe85e6d05f70c66a45924afa60454c72f43bbd10e66f2103c3be335176a6a42a8ad7a420e079fddd82976f9cc662df28f6a57a534429e1fbec1ad0a4c4c5b7719ad491283e66f1ebb03e2426823ed0eb3e74caee7e35ccac987651ae2445c14000327a8a097c95a2492a04ce92f348ea41859095e059296929762f00e4842b706574fa6f256d8814560e06aeef5d584b4e9d6d337f516bdd7931d773fa13c2e01c3c01475ff705faaa3ab645c1dd9e7787fa0c438275c03e53ce8cf36c2c2a7c777069c12a5624059bf3d6c39d02127b13432de347e92238b3a3c1e9f5918a9bbf97411890132c4b423b5190940d0254e51a9b987ebb5a7d2021ddb32b129f8bf5b46dd7fb02541cbd5073b28b860d1f70c00101b44989515351de75cd54fa6f4d81db71bb3272ee291a3e66f9f965aa94e8ad5169a1f1f42dbd937011a117795013bed8e1bf0ae4cee7ca170e22e4fa1f1f14bc6bf4e64d0cf6ab683690a762fc16aa7f41309a0401391a19e6d4267d3566e843382911fe2e2521af9867000000000000000799157b5066ec2c2434ebd11d8854020180060002002a00000009000200212b5d5d0000000028000100dd87d0504650fd0fd02836b0d0d9a6c0cbf7b0b3970a07e04520a3c82599779ce3e450e08c000100e64d8e4de9c432bbd5fec55665a8582fe4e59be5a64b094219f28dc2aa689728491a6dc6fb2d5746fc6aefc5fb08ca92ee1c3475a96ba3e1f44d56524337a140048fdf66d7e986b13f431a80255dce2878dd92c0329cb4dc17060f3bf74d2c9ed55b7a1a252a6c442fad8def294abcb9617ed7cb66a27508f6410ac18b400c4e093474d569135943f8000100bd53e7fe31ee4f4b80c4161e0cb51a3c786eade3c7e426d8fe32b8547d5b682d7009de4fa82fbbcb44ae68c8e14d5cfcf5d8d1665a6ef0e33e766fc0b6a80bb433d042aab4f03789ec2b1163edb30092b8dea226001670128a6ed55fc0611528e28a6f887e2d7800d31194863d313328badfcd11dc020192c1d203e8cf3c7787b4298fd6cf5fd43a185612d06cf55454ee7b02430e52e33a48e500b43864cc28021b5db73cb756106418105779f17c175fa2f39bef561e9864fe7529ebac00e2d96578bb6c03faae500a713727ff31ad4779deca3b9a2421dfcd37184ac4b369d54cd9d6a9dee67ed8f55b4e86447e481e0fe0d80e0002002f6465762f6d746430000000090002002623b0280000000073000100babb721b2b80d33086ef808fc1fd8ae36cc41c72aa5453b498b6b20ac9e752dd3c77b82f976925b10bb68a8d07b90dd73e0a670d2f0b00cc67b7c0f925a55816fa6bfbd57d3ef4796837b06882c946f6739841ee8b030a5bd59d904dc2419c003c0001802b0002002f7379732f6b65726e656c2f73656375726974792f696e746567726974792f65766d2f65766d000009000200402d5b6800000000"], 0x8e4}, 0x1, 0x0, 0x0, 0x200000c1}, 0x4000)
sendmsg$auto_NFSD_CMD_THREADS_GET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r2, 0x1, 0x70bd2d, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x400c801}, 0x4)
r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0)
r4 = fspick$auto(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0xffffff00)
mmap$auto(0xfffffffffffffff8, 0x9, 0x7, 0x16, r4, 0x4000000000000004)
write$auto(0x3, 0x0, 0x100082)
mmap$auto(0x0, 0x7, 0xdf, 0x9b72, r3, 0x4000807c)
r5 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r6 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r6, 0x80000107, 0x1, 0x0, 0x408004)
mmap$auto(0x0, 0x2, 0xffffffffffffffff, 0x40eb1, 0x602, 0x300000000000)
move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2)
r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x82, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
clone$auto(0x7fff, 0x3ff, 0x0, 0x0, 0xf)
r8 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
poll$auto(&(0x7f0000000000)={r8, 0x6, 0x98ed}, 0x9, 0xcea)
r9 = openat$auto_evm_key_ops_evm_secfs(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/scsi/sg/def_reserved_size\x00', 0x402, 0x0)
setreuid$auto(0x8, 0x9d7)
write$auto_proc_reg_file_ops_compat_inode(r4, 0x0, 0x0)
ioctl$auto_XFS_IOC_ERROR_INJECTION(r5, 0x40085874, &(0x7f0000000100)={<r10=>r6})
splice$auto(r9, &(0x7f0000000080)=0xb, r10, &(0x7f0000000140)=0x9, 0x9, 0xcd)
sendfile$auto(r5, r7, 0x0, 0x5)
openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0)

1m21.783686651s ago: executing program 36 (id=1626):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000d40), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000002080)={&(0x7f0000000440)=ANY=[@ANYBLOB="e4080000", @ANYRES16=r2, @ANYBLOB="010028bd7000fedbdf2506000000d8000180100002002fe46f1aa0eede0561762f61060002002d000000b2000100c4900549a63ee21eef83dd5892db2b3dda4007d78700b55d29370e7350625c8b1edec0e2f1def174588b1aa4028c4c8926824f5c3597c1705fb3cbb869d93b1cf001b5ec345f0118302358f9d17a69f02e93b9d40d5b33a9d6ca4f0f01573ace697d338798c2f43db13b2e1d4f76885ce42fd7c77073f4b973cd8460e4bfbab54f3767f10187d494d9a8eda1991a384d0c16b3cf718b1a4afca09c0041895dac99c430445ca189f7befa9aa115e000000800020024292d00140001800e0002002f6465762f6d7464300000001c03018050010100baf6b4defa6d6d91ef672e4ab922ec1e59611d2208b24bf435e74536d1ed20679ecac85fb8661d775133084fdad87bb5c075fadf78dbd67884cf8d8b052026de1eb6d229842d392464281d2df2ceb20d7ec613660642fad2376197c501f129484e1f7449d456fd0b2ce8bb9a72eb8d6ee0f4d47489b4b739c6aa9d2c9b6a84763be378f2ceb0f8de8e044cf0c4eca4793af55685778fe3f381e9448857960ba09fe46e79045d80c3a7a6fa3ae6934843a553d6d933c166b31fb6c1fa32c5aec88bed4fe1d8a623503b7319ca0eff398057f5ea8953fa1ab188b4487bd6ea655710a6ed6da75a8e0de47bccb6592bbdf851d319a6c50923d8330d34709cc2bb26dda95f4b427fd631af6de17e6f3f03ca92abe20a44a71be7257612fb34849b64d17089d857e5b7fd01ea5252ff4e2c60b67708dd0fe87c49e2168eb3f5d9449c64ec7aa7dd45a4bd78475dafc601010069019278eab73eace579826104e7fde599421902db3d842b5fe3bcdfd0cf6e733230609d89ee0466d6bc44b1f1226ae95ece16395efed9002f9778f5a81a5e5627bfc1495a09e34b329c9b08d995a98ca10514471b36f9b4d4809dae75e72c7559fa968266dd90e0847cf6752ce2e19605e06e6dcc921c2f1263aef729a71c2f66ecf50000000000aceacea71b6b6c30b1baa8ced510195d92c024a4b517e55cfc11afbbdd03ad93f6c9c7c055cfdad3f0c7cdd76cc36e5dbe20cc0e317820d3d6c07aae00c41dcafd43065256b1f6d5567a09360ee7d0292965a568ee32282b497484018db08af6d42593254abbdbdec7a287c8d32a578ebc507c8925c8677c4c97f16f9e4b4f816800b3ce76d6ad62339b220e8d9940085511dc383ce7197918aa1e61d0651b2121a266ca1935eeb628aa3ca323572640153bf9fa56bdeb0d3243fb9c7b8299f77bbdbcc340f405b2522609c9561a3f487260e8071f6daffda86169ffc7e36143924dfde0883ac048b9184c5c620e873d28fc334253de4748aab32d9d446d68321c67867615bc85217c8e5b0e52d1af56e6dc825e6ead46992abc430749c752732aad0adf13c5221ae6496aab367121274170370000000000000000000400018014000180100002002f6465762f617564696f3100200201800c0002002a5e3a792d255b00090002006e6673640000000009000200212b5d5d00000000f8010100a04eab223019a510fa3735e2897e4d0d8142576a5b9a2a69de8ef23a26b4b0724b0b79b459cebff704171c03ea790e881e92b503cdbdcf524fdfbd48a0659641917fed0e7faea3c52d88e7f543741dad96144ff4a89bb459019dff005a8503a4fdbe85e6d05f70c66a45924afa60454c72f43bbd10e66f2103c3be335176a6a42a8ad7a420e079fddd82976f9cc662df28f6a57a534429e1fbec1ad0a4c4c5b7719ad491283e66f1ebb03e2426823ed0eb3e74caee7e35ccac987651ae2445c14000327a8a097c95a2492a04ce92f348ea41859095e059296929762f00e4842b706574fa6f256d8814560e06aeef5d584b4e9d6d337f516bdd7931d773fa13c2e01c3c01475ff705faaa3ab645c1dd9e7787fa0c438275c03e53ce8cf36c2c2a7c777069c12a5624059bf3d6c39d02127b13432de347e92238b3a3c1e9f5918a9bbf97411890132c4b423b5190940d0254e51a9b987ebb5a7d2021ddb32b129f8bf5b46dd7fb02541cbd5073b28b860d1f70c00101b44989515351de75cd54fa6f4d81db71bb3272ee291a3e66f9f965aa94e8ad5169a1f1f42dbd937011a117795013bed8e1bf0ae4cee7ca170e22e4fa1f1f14bc6bf4e64d0cf6ab683690a762fc16aa7f41309a0401391a19e6d4267d3566e843382911fe2e2521af9867000000000000000799157b5066ec2c2434ebd11d8854020180060002002a00000009000200212b5d5d0000000028000100dd87d0504650fd0fd02836b0d0d9a6c0cbf7b0b3970a07e04520a3c82599779ce3e450e08c000100e64d8e4de9c432bbd5fec55665a8582fe4e59be5a64b094219f28dc2aa689728491a6dc6fb2d5746fc6aefc5fb08ca92ee1c3475a96ba3e1f44d56524337a140048fdf66d7e986b13f431a80255dce2878dd92c0329cb4dc17060f3bf74d2c9ed55b7a1a252a6c442fad8def294abcb9617ed7cb66a27508f6410ac18b400c4e093474d569135943f8000100bd53e7fe31ee4f4b80c4161e0cb51a3c786eade3c7e426d8fe32b8547d5b682d7009de4fa82fbbcb44ae68c8e14d5cfcf5d8d1665a6ef0e33e766fc0b6a80bb433d042aab4f03789ec2b1163edb30092b8dea226001670128a6ed55fc0611528e28a6f887e2d7800d31194863d313328badfcd11dc020192c1d203e8cf3c7787b4298fd6cf5fd43a185612d06cf55454ee7b02430e52e33a48e500b43864cc28021b5db73cb756106418105779f17c175fa2f39bef561e9864fe7529ebac00e2d96578bb6c03faae500a713727ff31ad4779deca3b9a2421dfcd37184ac4b369d54cd9d6a9dee67ed8f55b4e86447e481e0fe0d80e0002002f6465762f6d746430000000090002002623b0280000000073000100babb721b2b80d33086ef808fc1fd8ae36cc41c72aa5453b498b6b20ac9e752dd3c77b82f976925b10bb68a8d07b90dd73e0a670d2f0b00cc67b7c0f925a55816fa6bfbd57d3ef4796837b06882c946f6739841ee8b030a5bd59d904dc2419c003c0001802b0002002f7379732f6b65726e656c2f73656375726974792f696e746567726974792f65766d2f65766d000009000200402d5b6800000000"], 0x8e4}, 0x1, 0x0, 0x0, 0x200000c1}, 0x4000)
sendmsg$auto_NFSD_CMD_THREADS_GET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r2, 0x1, 0x70bd2d, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x400c801}, 0x4)
r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0)
r4 = fspick$auto(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0xffffff00)
mmap$auto(0xfffffffffffffff8, 0x9, 0x7, 0x16, r4, 0x4000000000000004)
write$auto(0x3, 0x0, 0x100082)
mmap$auto(0x0, 0x7, 0xdf, 0x9b72, r3, 0x4000807c)
r5 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r6 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r6, 0x80000107, 0x1, 0x0, 0x408004)
mmap$auto(0x0, 0x2, 0xffffffffffffffff, 0x40eb1, 0x602, 0x300000000000)
move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2)
r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x82, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
clone$auto(0x7fff, 0x3ff, 0x0, 0x0, 0xf)
r8 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
poll$auto(&(0x7f0000000000)={r8, 0x6, 0x98ed}, 0x9, 0xcea)
r9 = openat$auto_evm_key_ops_evm_secfs(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/scsi/sg/def_reserved_size\x00', 0x402, 0x0)
setreuid$auto(0x8, 0x9d7)
write$auto_proc_reg_file_ops_compat_inode(r4, 0x0, 0x0)
ioctl$auto_XFS_IOC_ERROR_INJECTION(r5, 0x40085874, &(0x7f0000000100)={<r10=>r6})
splice$auto(r9, &(0x7f0000000080)=0xb, r10, &(0x7f0000000140)=0x9, 0x9, 0xcd)
sendfile$auto(r5, r7, 0x0, 0x5)
openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0)

27.229075477s ago: executing program 8 (id=1854):
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
mbind$auto(0x0, 0x800605, 0x8003, 0x0, 0x3, 0x3)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket(0x23, 0x80805, 0x0)
pread64$auto(r0, &(0x7f00000000c0)='0-}\x00', 0x400, 0xfffffffffffffffd)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
socket(0x1e, 0x1, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
select$auto(0x11, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd5, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
prctl$auto_PR_GET_CHILD_SUBREAPER(0x25, 0x4d69, 0xffffffffffffffff, 0x8, 0x2)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x20000, 0x0)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x2, 0x0)
pwrite64$auto(r1, &(0x7f0000000040)='.\'*&\x04!\x00', 0x1, 0x8)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)

25.169788974s ago: executing program 8 (id=1856):
mmap$auto(0x4, 0x7ff, 0x8, 0xeb1, 0x401, 0x200)
sysfs$auto(0x2, 0xd, 0x0)
r0 = fsopen$auto(0x0, 0x1)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) (async, rerun: 64)
ioctl$auto_TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)=0x8) (async, rerun: 64)
fsconfig$auto(r0, 0x3, &(0x7f0000000000)='Q**\x00', &(0x7f0000000040)="2b24c0bfbf", 0x0) (async, rerun: 32)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x40000) (async, rerun: 32)
r1 = io_uring_setup$auto(0x1, 0x0) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async, rerun: 64)
close_range$auto(0x2, 0x8, 0x0) (async, rerun: 64)
memfd_create$auto(0x0, 0xe)
r2 = socket(0x2, 0x6, 0x0) (async)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080) (async)
close_range$auto(0x2, 0x8, 0x0) (async, rerun: 32)
r3 = io_uring_setup$auto(0x6, 0x0) (rerun: 32)
migrate_pages$auto(0x0, 0x8, 0x0, &(0x7f00000001c0)=0x7b) (async)
r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0)
ioctl$auto_SNDCTL_DSP_CHANNELS(r4, 0xc0045006, 0x0)
readv$auto(r1, &(0x7f0000000380)={0x0, 0x6b1}, 0x100003) (async)
move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2)
semctl$auto_SETALL(0x5, 0x100009, 0x11, 0x100)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9) (async)
r5 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x6d2fc1, 0x0)
sendmsg$auto_NETDEV_CMD_NAPI_GET2(r2, &(0x7f0000003f40)={0x0, 0x0, &(0x7f0000003f00)={&(0x7f0000000300)=ANY=[@ANYBLOB="0000e5ff243433bb91d1c7560f2a345b17115d33c3ff10a21e69dd5cd5eb8ec0268a04466b797682946cf3a4cbb060ff810600d1e1de628a59a9da72394bcbba00"/86, @ANYRES16=0x0, @ANYBLOB="09032bbd7000fedbdf250b000000"], 0x14}, 0x1, 0x0, 0x0, 0x4000811}, 0x0) (async, rerun: 64)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000140)={'wlan1\x00', <r6=>0x0}) (async, rerun: 64)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'veth0_to_team\x00', <r7=>0x0}) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'dvmrp1\x00', <r8=>0x0})
sendmsg$auto_NETDEV_CMD_BIND_RX(r1, &(0x7f00000003c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000280)={&(0x7f0000000440)=ANY=[@ANYBLOB="9c000000", @ANYBLOB="09c57325b43bf4b063d11a2446646d115f", @ANYBLOB="00012cbd7000fddbdf250d00000008000300", @ANYRES16, @ANYBLOB="08000100", @ANYRES32=r6, @ANYBLOB="2c0002800800030036b10000080001000a0000000800010001000080080003000100000008000100c30020002400028008000300ff0f000008000300010100000800010000000000080003005d49000008000100", @ANYRES32=r7, @ANYBLOB="08000300", @ANYRES32=r0, @ANYBLOB="08000300", @ANYRESHEX=r2, @ANYRES64=r3, @ANYRES32=r5, @ANYBLOB="3542f9ce74dc0a8427381b471c46d2bf3e1531d14cbf46981d79efa5e058fcaf9e2c2a86f554183a2529bc6a", @ANYRES32=r8, @ANYBLOB], 0x9c}, 0x1, 0x0, 0x0, 0x48880}, 0x90)
memfd_create$auto(0x0, 0xe)

23.961773295s ago: executing program 5 (id=1858):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x2) (async)
socketpair$auto(0x9, 0x3, 0x8eb7, 0x0) (async)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) (async)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/devices/pci0000:00/0000:00:01.0/power/control\x00', 0x1a1842, 0x0)
sendfile$auto(r0, r0, 0x0, 0xe00000000)
setsockopt$auto(0x3, 0x1, 0x23, 0x0, 0x9) (async)
setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) (async)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)

23.549658198s ago: executing program 5 (id=1859):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
get_robust_list$auto(0x0, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x5, 0x2000000000002)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x26, 0x80805, 0x0)
r2 = socket(0xa, 0x3, 0x6)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r1, 0x7f, 0x99, 0x8, 0x1, @relative_fd=r2, 0xd}, 0x92)
r3 = openat$auto_proc_tid_children_operations_internal(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
read$auto(r3, 0x0, 0x58b22256)
r4 = openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x80, r4, 0x0, 0x3}, 0x6)
r5 = open(0x0, 0x261c2, 0x84)
socket(0x15, 0x5, 0x0)
openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000002640)='/sys/kernel/debug/tracing/set_event_pid\x00', 0x2002, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/net/bond0/bonding/lp_interval\x00', 0x8102, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/system/clocksource/clocksource0/current_clocksource\x00', 0x8502, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x48041, 0x0)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r5, 0x0, 0x3}, 0xc)
r6 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84)
bpf$auto(0x3, &(0x7f00000001c0)=@raw_tracepoint={0x5, r6, 0x0, 0x3}, 0xc)

23.196379998s ago: executing program 5 (id=1860):
socket(0xa, 0x801, 0x84)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
fcntl$auto(0x3, 0x4, 0xa553)
write$auto(0x3, 0x0, 0x4) (fail_nth: 2)

21.714091068s ago: executing program 5 (id=1862):
socket(0xa, 0x6, 0x84)
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/vm/drop_caches\x00', 0x141241, 0x0)
pwrite64$auto(r0, &(0x7f0000000000)='./cgroup/memory.pressure\x00', 0x6bc, 0x5)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
fcntl$auto(0x3, 0x4, 0xa553)
write$auto(0x3, 0x0, 0x4)

21.649501918s ago: executing program 8 (id=1863):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0)
ioctl$auto_CEC_S_MODE(r1, 0x40046109, &(0x7f0000002c40)=0xd0)
ioctl$auto_CEC_DQEVENT(r1, 0xc0506107, 0x0)
ioctl$auto_CEC_DQEVENT(r1, 0xc0506107, &(0x7f0000000280)={0x4, 0x3, 0xa, @state_change={0xc, 0x6, 0x8}})
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r2, 0xc0045002, &(0x7f00000000c0))
prctl$auto_PR_GET_SPECULATION_CTRL(0x34, 0x10, 0xffffffffffffffff, 0x8000, 0x8acb)
prctl$auto_PR_GET_SPECULATION_CTRL(0x34, 0x2000000, 0x417, 0x3, 0x6a37)
write$auto(0xffffffffffffffff, 0x0, 0x7)
r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x20400, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r3, 0xc4c85512, &(0x7f00000012c0)={{@raw=0x3, 0x1, 0x6d2e99e8, 0x6, "0582a820061b5c51a65a6dd72b0b15addbdf55cb4b0f2381f2673e3a1ebe21e1bf1b26f0db7b62b67bd764f9"}, 0x0, @integer64=@value_ptr=0x0, "528d458095d42b72adda0cac2d45bdaacfc82245992af763188bf00ab57d5d73b094925aa92857fd2f672f85343275f80841c6ca41e93023ab4510269ed959a79a789527276d90375018fc08050559d8936b8d72087a5689d4338da78b8b8bdcea8188ca43202fb78dacb3fea1258074885c899d75cd52751f9be959d90fa5c2"})
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000140), 0x1a3780, 0x0)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r5 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x80000000, 0x5f, 0x80000001, 0x7, 0x6d3f, 0x7, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x201, 0x3, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x1000000003, 0x9, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x200]}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r5, 0x0, 0x814)
madvise$auto(0x1f00000000000000, 0xffffffffffff0001, 0x15)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7fffe000)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ETHTOOL_MSG_RSS_GET(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="010329bd700002dcdf2524"], 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x40044010)
r7 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB="01002bbd7000fddbdf3a04000000050011002e"], 0x1c}, 0x1, 0x0, 0x0, 0x801}, 0x4044820)

20.922086096s ago: executing program 5 (id=1865):
r0 = socket(0x11, 0x3, 0x9)
mmap$auto(0x1, 0x2202000a, 0x2, 0xffffffff, r0, 0x401)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vbi29\x00', 0x1c9240, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001)
mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0xf, 0x0)
chdir$auto(&(0x7f00000002c0)='}[,&*}\x00')
r1 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
getdents$auto(r1, 0x0, 0x400018)
ioctl$auto(0x3, 0x4020565a, 0x38)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
ioctl$auto(r2, 0x4b62, 0x9)
sendmmsg$auto(r0, &(0x7f0000000180)={{&(0x7f00000001c0)="dd2fe40a0900", 0x5ac, &(0x7f0000000100)={&(0x7f0000000340), 0x21}, 0x5, &(0x7f0000000180), 0x5, 0xe}, 0x5}, 0x2, 0x100)

20.484079951s ago: executing program 8 (id=1866):
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c001b"], 0x1ac}}, 0x40000)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="1a00"], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x2000000000000, 0x9}, 0x7}, 0x3, 0x0)

20.174126141s ago: executing program 8 (id=1867):
close_range$auto(0x2, 0x8000, 0x0) (async, rerun: 64)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (rerun: 64)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/bus/usb/drivers/kbtab/uevent\x00', 0x0, 0x0)
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) (async)
mmap$auto(0x2000000000000, 0x2, 0x3, 0xeb1, r0, 0x8000) (async)
r1 = openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy12/force_tx_status\x00', 0xb2841, 0x0)
read$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(r1, 0x0, 0x0) (async)
ioctl$auto_SNDRV_PCM_IOCTL_HW_FREE(0xffffffffffffffff, 0x4112, 0x0) (async)
r2 = creat$auto(&(0x7f0000000100)='./file0/file0/file0/file0/../file0\x00', 0x5)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/irq/12/hwirq\x00', 0x2000, 0x0) (async)
mmap$auto(0x0, 0x2020009, 0xfffffffffffffff3, 0xebf, r2, 0x7fff)
r3 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x100e42, 0x0)
ioctl$auto_SG_GET_REQUEST_TABLE(r3, 0x2286, &(0x7f0000000040)) (async, rerun: 32)
socketpair$auto(0x0, 0x5, 0x10000, 0x0) (async, rerun: 32)
ioperm$auto(0xc5, 0x4, 0x2)
futex_waitv$auto(&(0x7f0000000000)={0xc0e, 0x5d94, 0x3, 0x4}, 0x9, 0x0, 0x0, 0x62bd) (async, rerun: 64)
open(0x0, 0xa240, 0x15e) (rerun: 64)
socket(0x1e, 0x3, 0x3a) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
socket(0x2, 0x2, 0x6) (rerun: 64)
socket(0x2, 0x5, 0x106) (async, rerun: 64)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
eventfd$auto(0x0)
socket(0xa, 0x2, 0x88)

19.061893862s ago: executing program 5 (id=1869):
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
ioctl$auto_TIOCSTI2(r0, 0x5412, &(0x7f0000000040)="91")

19.061498715s ago: executing program 8 (id=1870):
mmap$auto(0x0, 0xe984, 0xdf, 0xeb1, 0x401, 0x8000)
socket(0x15, 0x5, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x3e38a2, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @private=0xa010102}, 0x6a)
sysfs$auto(0x2, 0x2, 0x0)
mbind$auto(0x200, 0x10000100000003, 0x2000000000005, &(0x7f0000000000)=0xc4f5, 0x7fffffffffffffff, 0xe)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x2000000000000004, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
setresuid$auto(0x2, 0x7, 0x0)
r1 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000980), r0)
sendmsg$auto_TIPC_NL_MEDIA_SET(r0, &(0x7f000000a4c0)={0x0, 0x0, &(0x7f000000a480)={&(0x7f0000000080)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010029bd700065a5558261ffdb000c00058039f0ca0002fcffffffffffffff1000000018083cfd3ca6b0088242da2d723636301fdb6104ff07bbd2ba72853dfb82a2c918fffd164474740d2040c796403e14931e06ba8c6e269494fbed9840810be4fce1e32da07e06439bac7ddb9f2fdb73b1574f4ed459c1ba4eab06ae7ca808550add19a062b5c118439f53f9b77193d63ceff7e600b1cb439c9c80a7f9519f6662e79c2fd84fa8bd48c93ce03de7464d6a0ee46d562dfeea9f42ffeb16d7da4c08ae2a0cd25bb74860e3665a8128bb899fc1ec0fcaf7880b40c4be31cb067e72d94c7940ceb40e5352f059b50df7f54e03deb1e2c782fa48a0abfb7b847dd7fe9f7f213a376fc5d30a0000001666738b3ae308c68b31fc43eb0780790653c3e7f32e82b9d3b38a319daf2f5bc59a0be44e9312b3175829faf6c7c02e86bf32e1cd82be32dc0a40cef7e699a541183efab034eacc54e8d9deca284f291e585e304dea1eebf96b46467261205371603865c621e8bdc291b0dbb05117aef4011314f6239ada151ac9be003856e3e9a0e24bf6dbf5df3a00ac04c7ac134ebf91a7e3f03d14a5f5d2ad7953a09f512cc04ba7a83a0a636b35ce916f1dcab9da5929983020080cd42561a062d8468bdc61549ddcdedf9a9f3305b0e9dd"], 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x20000048)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000004c0)='/sys/class/firmware/timeout\x00', 0x1a1942, 0x0)
write$auto(r2, &(0x7f0000000000)='9\x00d1L\xff\x15\xba\xa17=(\xc1\xf8\xff\xff\v\xb5^\xa1/[', 0x4)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
connect$auto(0x4, 0x0, 0x10)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
ioctl$auto_TIOCSTI2(r3, 0x5412, &(0x7f0000000040)="91")

14.741726285s ago: executing program 6 (id=1875):
mq_timedsend$auto(0xffffffffffffffff, &(0x7f0000000000)='%.\x00', 0x8, 0x1, &(0x7f0000000040)={0x8000, 0xba})
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_REGISTER_BEACONS(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, r1, 0x10, 0x70bd2a, 0x25dfdbff, {}, [@NL80211_ATTR_MLO_SUPPORT={0x4}, @NL80211_ATTR_WPA_VERSIONS={0x8, 0x4b, 0x1ff}, @NL80211_ATTR_HE_CAPABILITY={0x6, 0x10d, '(\b'}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_TDLS_SUPPORT={0x4}, @NL80211_ATTR_WIPHY_FRAG_THRESHOLD={0x8, 0x3f, 0x9}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_COLOR_CHANGE_COLOR={0x5, 0x130, 0x80}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xfffffc89}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4)
r2 = openat$auto(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0x9, 0x1389) (async)
r3 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000280), r0)
sendmsg$auto_BATADV_CMD_SET_MESH(r2, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0xb9abbeef4c5cd986}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x34, r3, 0x400, 0x70bd2a, 0x25dfdbff, {}, [@BATADV_ATTR_HARD_ADDRESS={0xa, 0x8, @local}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x6}, @BATADV_ATTR_HARD_ADDRESS={0xa, 0x8, @multicast}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x880) (async)
openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x48200, 0x15)
stat$auto(&(0x7f00000003c0)='./file1\x00', &(0x7f0000000400)={0x9, 0x6, 0x93, 0x5, <r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff, 0x0, 0x10, 0x5, 0x5, 0x10001, 0x80000000, 0x6, 0x7, 0xc21e, 0xb4e3, 0xf}) (async)
ioctl$auto_KVM_GET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee2, &(0x7f00000004c0)={0x7f, <r6=>0x0, 0x3, 0x7})
setresgid$auto(r5, r6, 0xee01) (async)
write$auto_console_fops_tty_io(r2, &(0x7f0000000500)="f9aed06a040d5318e3b473d81bbee2e1b07517ea6de36fc73ef5745c174cde0c423c3b0379fb4493f556bae872e6baeb36837df23950252719f300791208f6daa65bea0f7462401e5b3ce1b480c470c372e2765102598351cc8c4716b2503661e7dee9c03d1789311690424bf1419439391f91753838c5fdddda0bb13c47d184d311ce41", 0x84) (async)
r7 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000005c0), 0x2000, 0x0)
ioctl$auto_KVM_GET_SUPPORTED_CPUID(r7, 0xc008ae05, &(0x7f0000000600)={0x4, 0x0, [{0xd, 0x0, 0x5, 0x1, 0x2, 0x3, 0x9}, {0x107ed492, 0x3, 0x12af, 0x1c892f6b, 0x7fff, 0x4, 0x10}, {0x6e1f, 0x7d35fbf3, 0x7, 0x6, 0xfffffe00, 0x9, 0x6}, {0x1, 0x5, 0x6, 0x6, 0x5, 0x10, 0x4}, {0x10001, 0x0, 0x0, 0x2, 0x1, 0x10000, 0x1}, {0x6, 0x6, 0x8001, 0x4, 0x9, 0x3, 0x9}, {0x1, 0xf2, 0x800, 0x101, 0x0, 0x7fff, 0x9}, {0x3, 0xd6f6, 0x8, 0xffff, 0x9, 0x0, 0x2}]})
write$auto(r0, &(0x7f0000000780)='!#\x00', 0xffff) (async)
getpgid(0xffffffffffffffff) (async)
r8 = io_uring_setup$auto(0x3, &(0x7f00000007c0)={0xfffffff5, 0x80000000, 0x800, 0x91, 0x9, 0x280000, r2, [0x2, 0x8], {0x3ff, 0x5, 0x5, 0x40, 0x200, 0x8, 0x0, 0x0, 0xfffffffffffffffd}, {0x10, 0x3, 0x59, 0x32, 0x2, 0x5e, 0x6, 0x36e275, 0x2a417567}})
write$auto(r8, &(0x7f0000000840)='^]\x00', 0x6)
socket$nl_generic(0x10, 0x3, 0x10)
remap_file_pages$auto(0x6, 0x13, 0xe, 0x0, 0x388e59bc)
msgctl$auto_IPC_INFO(0x2, 0x3, &(0x7f0000000940)={{0x3448, <r9=>r4, r5, 0x1, 0x8, 0x2, 0x1ec0}, &(0x7f00000008c0)=0x9, &(0x7f0000000900)=0x7, 0x8, 0x8001, 0x100000000, 0x4, 0x3, 0x6, 0xb7b, 0x4, @raw=0xf, @raw=0x4d})
newfstatat$auto(r8, &(0x7f0000000880)='./file1\x00', &(0x7f00000009c0)={0x3, 0x5, 0x6, 0x6, r9, 0xee00, 0x0, 0xffffffffffffffff, 0xfffffffffffffff9, 0xe4, 0x8, 0xd6e, 0x2, 0x6, 0xfffffffffffffff8, 0x1, 0x9}, 0x5) (async)
ioctl$auto_PPPIOCSMRRU(r8, 0x4004743b, &(0x7f0000000a80)=0x1000)
openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f0000000ac0), 0x92000, 0x0)
ioctl$auto_XFS_IOC_OPEN_BY_HANDLE(r8, 0xc038586b, &(0x7f0000001cc0)={<r10=>r7, &(0x7f0000000b00)="0be70d4ba9e5100bbda9a72e70fff65e8c11da1fee4318e6dc0ee4c454ed52e79c38e4fc4a264e38be68d045dc6c44840f9eb56df5e9bf7b2982fe2c8d7a0696fcb90927f5e774ef14f1982f44e002a5f799c79a0d27f559ce420cf309da3bf1537a5c34a86f159655cebee98e7eb2734e8aba27bec9bb0263941bc8b8228ed60ee1eca84cfe3849288cfbb2fa2d13ceeb5747c32052495776bf1b89a2a181c0c1bab266902619eacdbdf913c6b4ebd3ecb9339b1e1498856fde21036b35c4b9c5fd9d86e74f027977c722106ddbcdfa7fc26a8e75f370f358118130ffd55739e67ea6c9ec81ab116acb31a1af40e3c5da1cfdf92f187a2dbb436e0ea573cb949ae091aa5c91d2e1b9fd03485c88ff288078fa6dcaeeed5d3ac3a3864dae98eceee7d2486509dc557669b7a57419cd1214f358e4854430986a9e1fd6d9e492b7f6a628ae5d9cdcf52b74643b13143d025ebd1e5ffcd995fd5e7f0e0da47551716e0d4d27f626e71df0c5476b881ea2a4a1531290eb00832747e58dc5f8b781fa475c1bfda2ca3c94fdc82d490bc023e1673bfed7d01478903ff36dab140adf921ecfb57f8a217421bb40f925904664cfe9a7a73ece987ce65add61549959eac4141b01586781a16e16d5a6bc2260c807eb681d9fa5898fd0f463b3bf3084e2f32f45d7c085c3ebcc3165afbabd5071720de6da934ddb876937da25201ce57f44dd6a8bbf53eb17985c9f93683269d695f717f690ded5eda41df336cde254fe5c6e66b07979493ad8036deea3ec77b9faaea9b03ae883ed9c9c374da181f8f7140e073c3bf355f9e7ee694318bcb037f3708a7458a08c59f61c8c865be0fef048ea6c08c7450de453a705ae7f0d9bd4de83492c3b6a0f0dc42cd58a9c59db063edd85505db63a39418f182b6a313c3b9099fdc911e762466617fbf4bbc41256209b7163f4be45038c81d722b28b17b0d62be669c2a7807a4264c73302ffcc37b74a46db50aee32ed1b519c7efd24ccd384fce43bf2222840403329e5fdfb137d7e9d811699dddd2b75def16aeed4352ce4a7709f713cf1b628b4def525b3f10322cc04c6ab966c6552630eeebd407b96cfd1005a9d4ec7187767da2ff9ef6229c93959ddee0e04f656b4003a3a8af4e7e1fd9f4266de93d92ea849ded7843b1a07955729dbc94955868ced9fde165bdd2300b006b546e83b42b5d78e98b8844d1d40134d0e9726d13f41fd5e2e4df2670c1e5d9d3b6336a1f164b8cfc2da588c2c6569192454664832ee37afeb527ee1a323569d6a1e7d3a3e0afee044ec3f33237c1ab26aec35871da7c3608d00215b5ddb9d15fcd5442620c90e5c727dd891ee4780d60e98f9d6b07ac33bc21a271d90b5dd6c750320b76b742debfa7534614956bcce58a5eb782cd307baa1f02929f12e7afe27d156e12aaca9b2ab8ccd5719d00f6931887f0d6a285727f99c00ff9d9d3fe1a02364d213288848845bfcccd88fe696c2a755a875d1d3ac55f66fe0d04b03443676fb143c91fff33288ba37ec4f69a7ae958b66ff7993f5b3eeab5be8653e8c07944fdcc328deef5e361a99b3cbbcb53566b06df53bec6aa52621d3ce9ca9213a6d7178b062aedb837e33b94d6725e531df00b6d8c04ee7873e7a0366b77917a1633e301bb7b85fcf7ac3cfc226e715d2b9acfc20d24c7abb585b763bdab194cb207ba74fe61d71606c04bff22e681166cb2a7ea68bb0ff262fbbc0c6710b4776ff653ca4091488d9828e14e5f5bba8c028a749a8ee2ac0ffbe3e4df125e7cb448d0c4ce7dc2ec40bc76222e1175db6d2781a2f0eacd7c274169a3005707c29e1393ca549ed688724bd0775940b523adfe3108033afa7857d412f81c9ccbbe8b8faf7a5eb9fb7c1976963de8e51619d1203a270f32e0cded777b5aeef5cdedae4904ba42bce6ec9a9a4e1ce27ed3bea2263f9924fd2179c3fd9ccda6ac41649f40c7f37d5df6be64a175feb0d186a872f4f53d83cb09ce966786625b6ecb98cb3d5a82f5f22af267bb2588198bde144d0eab8c4ccf94796661b57e6c0822d9c5ccae4ffa1f850d5333fa578b65f17c03be201aae94d444bcf62c300ce5fbb93749d7d2be35f4b73d98ebbe8263f9a3fabed47a81aebb90fdb487431384c8315c74d52e544a7de7fbd3ef151ba0bd842a78a0429f4bb4cabc42d12b00e8e2d5a9c16ae4af80cf94a404cb8887796468ac2db1ffd100d193aa14bda983b6167d74e009a7bf4519b91faa1a278d8769b049ea4631478f35a59c1b093550cf94f897e78f4cd2d9ce0b85b94decf7eeec6006353adb5dc72f66855aaa48f6b67dedc0d87461ccac82a9be82c96a55a515ad8f149b4f509b97bb1dcb9f82036105c910e2a63906a2cb3df6210b04265108468224f3ca7a8f3185305171e30f6d749e8d920c78bfdabe8a5dc70b50ba28d3763031d28ea3b9e62f60b551364056f70522dbd6ab20d8818c7b9f32c1077f434fd62855455ec2236c2b24382229f9f574b92ea1d536fd33b788aaf0836581f5265df643973b7911289d808a53d2c6ba0937323214400023cbd07c8dd14de66af9425c69544c6a90c2f7a0c1d7f0982edcd7a2807b4063495e2bd2f50b08de71a37fff54a436a2f228b5028ef939eb031df819ae15af097b7562123e3746c6ab021f198a7f369f56f54def5d4e44ffb18b749a008e79334fa1b256d20388acda2becf2e0779cc624d97dd17be5072163a13d3f8ef9094b17b032b4098768197ad7ea4a09b56ce66fb8b4717bf9faf33fb68f87df3587617bcc207f6d5462e22b16c5cd2b3076e0538187f995b2fdfc8d73b6f82450eb99774ad1d5b30108c7fe6af9181859762aa617f401018d2fd3170f8c31ab4b3788b48b2850ad51ad070d438265baeea5ca7699193d285d8c875bbbf20c463eb6c087655c97d816b9c442bdc8574ce1a91544dfc1fcad9ab649a0a2431a2e278a4122cd5ae25e433be93b289aac1d0229fbf44613b216088fd110cd17542ea9eeb38aedfca518a999f7702d95995c4e6063d338b7333d3f1f299c55c389fd39ff0633fbf91877e4c7a9675db92599d28f4ac6f9b56f0055ba9f294e0bf69a9fbdb580448397f9086c70d1ac8b8371d5893ef1b3cc3ce95a57fd1212bf7997db8f3af1f572015e73e7e75345ecc9623cfcb6c80126cac8640ae0d0ecee392ef8ddf88a12045064ea5713aa1d87524774eb835595167058b6630e900f4c9f511efb41679d39ff0628de3719993480fc26da690ee5dc9a33bcbf22a69bd58fdd79c86455d460248ee38660fe8cecc59ae9f79df0e71aadce186cb0ca65989e026dba2aa1c07ff4bdb519fa9876ca995f8de9adad4df29204883d305df4573c8253ff5cb37cf004367c8a85f86ec45beb692200dc276e87f8eb705301a75fc8ad9d4f832fa3b545058b258923dfb22dde4aa48fc82a9bbbef677df6853f003aa0d935d9a9f2ccab7a09342b42a94e609ad042b0de3547129133f4708dcac63a9920df05b353c50b73302003ff312b49f8ce7ae52f3ee4cf4fa2739973c8e0ec58db704c587a57f9ce5110e40bbddecfb1cbbe01d207e480356b0bbbb4e75c164c51c0033388491ff8c0d0dde67b595655bd056bfa1c0eb5f9011b1deea92113b5838756352e644aee969fea386b6801c0535a1ce5dccdf6d68bdf13d3b584111685836fe7c1bcceafd7df6b1bc37eb0f87898614296c28181ec89310925a875e496169e38d69d9fe4b2904b73e05a112a271e76f5ccba1961c304e640eb7a0a99a22aa96638bf469db1b0b311cafeaca956b29463f0a062dfbbd4c62b67f9e154688bc65c230dfaff2b51b81e1feb1d3ccad52a1fbda5e3b40adb45f859fd7c098984cc9edada5fbc2b2a659d22632288fa84b23d6b87034a935abd58c3bb2983f8d5aee029565cb4174bdaf62ced79bee82637460eea584f88f03a3317b3786f6e813e46569fde88a2dbdd68406bceecd58fb2b700c4337950bee2f0a5f5f131e4f8f7606c1d6c29e1e96f63da728350b2394f585cf92caef87670d627a497f99d4ce42eea2c32e02e9e89315b07cc850108d904fd32148512e5707a6763d0cff4bafffe7c95c8a96024a3cb3ea5a49bbeff25841570d15ca3d436e64970378bf28b734a56f148fde72302722db014f4913f1a9180e58e5e09627a19a969011a63815454e2e55d18f8b56d3df600586e3e1639134fb511823c5caead765c6d713c2688a710c1dc5f3f8fd3b4bdb5e9e52c8a60f30c62d34b2d7f2c0cfdeb11c0d77db456f2b08c8e701d7d9c0af0997327879dd87ce446c3310dd019f6668e52f4c1d02912b9646184b432e381774d49b11e5f748d6831117d1269a82f7a04efcbda43067c0c38639a54be141ceeeec0acc92735453c6d0f9c7a5c3743c7cb5fc1ff91cab055c77dbfdc812db5f65662b79f1eec136a629dece953718e71531d46053c614d1d2bd555f0cbecd4beb88ed45fb41b0d328fcac47d124cec525b2723153553e85f5e67fc8e0da14e4a308be50e7150184dc8d4dcfbf7b7f73ec69a770027dc4d4f94653e757d3e985a6179b3c4c4ea1663664aa229bf92e56ce4ef85dd4f0fb1ee9ac31287d08f0787869590b21c55612a239f6325cfbe2ec74f8c10d6f099b352ff85fbe090f60baa9468726ce1a5f6558f48633649e496eb4502ffede4c1e676e37215ea2cf00514a258271ee18dcff56d6f3cc9ad8ce1fd80d7cd7dbd3a4fed255c3ce2b08c0c5203fe737d18ae8e8056ccbd57ad82d04571e6955aaa508ca1f1855a76708824bd86b386f8459fb408a5506df91099e12d65c4e4f6e5748bf1f30579ca5293dc5c5d29adf8bc3d2680967c9338e071e1c5f09c86ccc02039795b70b333e1edbf6fa30e61736d914d150d56dd6c653446e643ced7c93d5c7c4a2ef672662c52bfc4c3c8a35105250e62d4a74bafefe5a268295634b3c34180df0cc66e45f5fd388a08a3eeaa61647f824b3e98496d19ff3f13792104fd7346a9270bc36598fc6f43bbe0cb2b67707f41b109e876fa3a5f0cc5f8eac6c0c38a536e88fed07440e4ee5a831838013477f7f91fcec397a24d7386de7fb0c6f24eab54acfe107d6a41cae3ac612e71c99d233852db68efae771e12db7c28d40a5f1a0fc7ea3bf4b7736ab8996e33332734d36522922b9067eeb3107a755622585919692904a0dd91102e7716e3446b73ddbc027117e373810ee04b2803f0fe39495fe430d0524dfc60cf869c66ad01065da789f7ea0f6a25b58acf640df33d1de71492cd335f9a1a2b9c49fb6df5b551c7dfe81ae0c6d7bac412e209cde0b3524239382a97169bc3a45bf7feb6e8cfd0730faad0448191e15093b22bb923fe49c3dde947cda5eabc642fcaf888935415c00f7d0406bb1d903a36dd33e1f307b5c014a6f07e66b59294c18678bcafb1d727f09e10b2bd635aacc9dde0606748b22211bb0ca79f539f2ad30816919c05271c714bb7d2ceceac319156f48251c8241c9ca834336c5ffb580b8784475ecdca60ef6372fe341f8aa3b86cb88753f4199e18457a0dbf1c957c910b389956e4f14dc688a6f3b12cbe8f90064594a17fba6002193f54c86f80d312dfbfa61b9f8cb9a02ba2887dd41d42d2b51bf711fd8ea84e2ce36e5b988fe23b3e555c5293f1268c6400c743f87b4891612df1536a4142bbe562e5325ab317223b8f02891ddad3d9b5cc6277887c8994f87dca7609084ace7f5d04266f5151f3a2139e26b54c5fd134c7b332da31a3a7fea2c2c6f0d160ee05f06a33", 0x6, &(0x7f0000001b00)="85e619151894bbf19f6d4c57fbbe17ba2b80f031b733b70d55a7bb9ce4b46ccc8bc1ccc8356d50535515b852de3d4d2a1a8e104cd1437d0f1d6bcb3eefed71221feac24765cea590ab2ea6bf081e04714b0821571ece77614272740479fe3b85f188876b119737143ea4616908036f8be85f48339ca27387b6711b6e89723d6774", 0x81, &(0x7f0000001bc0)="4376e79ee5ed5ce77a26fea7c86816dd7c354787fb6b244f2b3832620d71bf0ffec38642f2b6b3ac7eabec0b8fb569a1a4d509aabfa845715dc747fe452dfc4559b36894624a3f8001c36739b80a851eaf74e84c0f305e2bcc7d66b0d3c66a6d6f4b24db2057af07dc449c60f29e68274e4c05ceeca36b977817b8b04909e5b742eed2ee3608cc6138395c4f50be52083b31f0b2f2bdcea3fb5063416104fc8ee7880b2f96e026f0", &(0x7f0000001c80)=0x8})
ppoll$auto(&(0x7f0000001d00)={r10, 0xfffe, 0x9}, 0xfffffff9, &(0x7f0000001d40)={0x7, 0x300000000}, &(0x7f0000001d80), 0x8) (async)
statfs$auto(&(0x7f0000001dc0)='./file2\x00', &(0x7f0000001e00)={0xffffffffffffffc0, 0x813, 0x7, 0x7, 0x4, 0x9, 0x1, {[0x6af, 0x8]}, 0x3, 0x100000000000, 0xd5, [0x8000000000000001, 0x7f, 0x2, 0x6]}) (async)
rt_sigsuspend$auto(&(0x7f0000001e80)={0x6}, 0x8) (async)
timer_create$auto_CLOCK_BOOTTIME(0x7, &(0x7f0000001fc0)={@sival_ptr=&(0x7f0000001ec0)="636499b0053ce6f0172849178581c5b5d9867a7421f15b1f8d7c08655a9203f2cdb6ba012a2870295b25b5ddb735c605fe2e601976b4029acd6a28c5f265ac20c995962f1a95bf02ba5a7396abef1811f605f52ac60a567f120d35051c21ca91b7ba84ab708744ac039b32c1bf0922fe38daffd1aa7e4ca5d66a61dae6684fd37175c4804bf99bae4004bf6140b2b7d9164f04734ea7392f3cb71716fd5e9242b7bcfa9949c341102e967cffc934d1da42b1d53b236a5eb8017018cd21f9f46ce423c98a3c348f373a58a922f6", @raw=0x1, 0xe}, &(0x7f0000002000)=0x5)
ioctl$auto_SNDRV_TIMER_IOCTL_START(r2, 0x54a0, 0x0)

13.546011934s ago: executing program 6 (id=1876):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x3, 0x0, 0xfffffffffffffffc, 0x696b}, 0xed7138c}, 0x2, 0x9)
r0 = socket(0xa, 0x5, 0x84)
sendto$auto(r0, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c)

13.158238841s ago: executing program 6 (id=1878):
r0 = socket(0xa, 0x2, 0x0)
sendto$auto(r0, 0x0, 0x402, 0xacf8, &(0x7f0000000040)=@generic={0xa, "e2e18340cba8fe80000000f5ffff"}, 0x1b)

12.768684591s ago: executing program 6 (id=1880):
r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
r1 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
socket(0x1e, 0x1, 0x0)
setsockopt$auto(0x3, 0x5, 0x100000000, 0xfffffffffffffffc, 0xa)
r3 = getpid()
mlockall$auto(0x5)
rt_sigprocmask$auto(0x26, &(0x7f0000000040)={0x80000000}, &(0x7f0000000080)={0x9}, 0x8)
mmap$auto(0x6, 0x48000a, 0x100002bb, 0x14, r1, 0x1)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
unshare$auto(0x40000080)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
socket(0x11, 0xa, 0x300)
r4 = socket(0x22, 0x2, 0x24)
sendmsg$auto_NL80211_CMD_SET_MAC_ACL(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x40880}, 0x4085)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd8/queue/iosched/async_depth\x00', 0x40800, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000001280)=""/4096, 0x1000)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0xa)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00)
mincore$auto(0x1000, 0x8001, 0x0)
close_range$auto(0x2, 0x8, 0x0)
process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001245}, 0xa, 0x40000000000000)
ioctl$auto(0xffffffffffffffff, 0x400454c9, r0)

10.686670316s ago: executing program 6 (id=1882):
mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
madvise$auto(0x0, 0x5, 0xb)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/sub3/info\x00', 0x500, 0x0)
io_uring_register$auto_IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000040)='=\\', 0x1)
openat$auto_percpu_stats_fops_(0xffffffffffffff9c, 0x0, 0x200, 0x0)
capset$auto(0x0, &(0x7f0000000080)={0x5, 0xffff3155, 0x3})
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0x100000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x280303, 0x0)
recvmmsg$auto(r1, 0x0, 0x10, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
sendmsg$auto_ETHTOOL_MSG_RSS_GET(0xffffffffffffffff, 0x0, 0x8010)
writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x1}, 0x8)
connect$auto(r1, 0x0, 0x11)
sendmmsg$auto(r1, 0x0, 0x9a6, 0x6)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x0, 0x0)
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001)
mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0xf, 0x0)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socketpair$auto(0x3, 0x4, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
open(0x0, 0x22240, 0x55)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/transparent_hugepage/khugepaged/max_ptes_shared\x00', 0x20b42, 0x0)
write$auto(0x3, 0x0, 0x100082)
mount$auto(&(0x7f0000000000), &(0x7f0000000080)='}[,&*}\x00', 0x0, 0x339, 0x0)
socket(0x2, 0x1, 0x106)
pipe$auto(&(0x7f0000000500))
flock$auto(0xffffffffffffffff, 0x9)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/locks\x00', 0x0, 0x0)

10.360545311s ago: executing program 6 (id=1883):
mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket(0x10, 0x2, 0x4)
r1 = clone$auto(0xae97, 0x8, &(0x7f00000000c0)=0x2c6, 0x0, 0x0)
get_robust_list$auto(r1, &(0x7f0000000500)=&(0x7f00000004c0)={{&(0x7f0000000380)}, 0x100, &(0x7f0000000480)={&(0x7f0000000440)}}, 0x0)
r2 = socket(0x1d, 0x2, 0x7)
r3 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r4=>0x0})
bind$auto(r2, &(0x7f0000000000)=@can={0x1d, r4}, 0x6a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'vcan0\x00', <r5=>0x0})
connect$auto(0x3, &(0x7f00000018c0)=@can={0x1d, r5}, 0x18)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r6 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x1a9701, 0x0)
write$auto(r6, 0x0, 0x9)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xffcc}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0xe, 0x940, 0x1ffde, 0x3, 0x2000000000000006, 0x3, 0x8, 0x5, 0x2, 0x7, 0x1, 0x9, 0x2, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x3bc}, 0x1fe, 0x5)
r7 = ioctl$auto_NS_GET_USERNS(0xffffffffffffffff, 0xb701, 0x0)
close_range$auto(r7, r0, 0x8)
socket(0x2, 0x3, 0x100)
socket(0x1d, 0x2, 0x7)
r8 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r9=>0x0})
epoll_ctl$auto(r0, 0x0, r3, &(0x7f00000003c0)={0xffb, 0x100000001})
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r9}, 0x6a)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r10 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0xc000000}, 0x40000)
mmap$auto(0x0, 0x8, 0xffffffffffffff72, 0x10, r2, 0x7ffe)
close_range$auto(0x2, 0x8, 0x0)

3.892989847s ago: executing program 7 (id=1891):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, r1, 0x1, 0x70bd2b, 0x25dfdbfc}, 0x14}, 0x1, 0x700000000000000, 0x0, 0x24040000}, 0x18800)

3.82012047s ago: executing program 37 (id=1869):
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
ioctl$auto_TIOCSTI2(r0, 0x5412, &(0x7f0000000040)="91")

3.702242884s ago: executing program 38 (id=1870):
mmap$auto(0x0, 0xe984, 0xdf, 0xeb1, 0x401, 0x8000)
socket(0x15, 0x5, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x3e38a2, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @private=0xa010102}, 0x6a)
sysfs$auto(0x2, 0x2, 0x0)
mbind$auto(0x200, 0x10000100000003, 0x2000000000005, &(0x7f0000000000)=0xc4f5, 0x7fffffffffffffff, 0xe)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x2000000000000004, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
setresuid$auto(0x2, 0x7, 0x0)
r1 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000980), r0)
sendmsg$auto_TIPC_NL_MEDIA_SET(r0, &(0x7f000000a4c0)={0x0, 0x0, &(0x7f000000a480)={&(0x7f0000000080)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010029bd700065a5558261ffdb000c00058039f0ca0002fcffffffffffffff1000000018083cfd3ca6b0088242da2d723636301fdb6104ff07bbd2ba72853dfb82a2c918fffd164474740d2040c796403e14931e06ba8c6e269494fbed9840810be4fce1e32da07e06439bac7ddb9f2fdb73b1574f4ed459c1ba4eab06ae7ca808550add19a062b5c118439f53f9b77193d63ceff7e600b1cb439c9c80a7f9519f6662e79c2fd84fa8bd48c93ce03de7464d6a0ee46d562dfeea9f42ffeb16d7da4c08ae2a0cd25bb74860e3665a8128bb899fc1ec0fcaf7880b40c4be31cb067e72d94c7940ceb40e5352f059b50df7f54e03deb1e2c782fa48a0abfb7b847dd7fe9f7f213a376fc5d30a0000001666738b3ae308c68b31fc43eb0780790653c3e7f32e82b9d3b38a319daf2f5bc59a0be44e9312b3175829faf6c7c02e86bf32e1cd82be32dc0a40cef7e699a541183efab034eacc54e8d9deca284f291e585e304dea1eebf96b46467261205371603865c621e8bdc291b0dbb05117aef4011314f6239ada151ac9be003856e3e9a0e24bf6dbf5df3a00ac04c7ac134ebf91a7e3f03d14a5f5d2ad7953a09f512cc04ba7a83a0a636b35ce916f1dcab9da5929983020080cd42561a062d8468bdc61549ddcdedf9a9f3305b0e9dd"], 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x20000048)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000004c0)='/sys/class/firmware/timeout\x00', 0x1a1942, 0x0)
write$auto(r2, &(0x7f0000000000)='9\x00d1L\xff\x15\xba\xa17=(\xc1\xf8\xff\xff\v\xb5^\xa1/[', 0x4)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
connect$auto(0x4, 0x0, 0x10)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
ioctl$auto_TIOCSTI2(r3, 0x5412, &(0x7f0000000040)="91")

3.204737403s ago: executing program 7 (id=1894):
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xec2, 0xa)
socket(0x2b, 0x800, 0x0)
unshare$auto(0x100)
iopl$auto(0xff)
munmap$auto(0x20001000, 0x7fb3)
madvise$auto(0x0, 0xffffffffffff0101, 0x15)
mbind$auto(0x0, 0x2, 0x2, &(0x7f0000002100)=0x4, 0x7, 0x300)

2.122670423s ago: executing program 7 (id=1895):
openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, &(0x7f0000002440), 0x80c02, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
capset$auto(&(0x7f0000000180)={0x19980330}, 0x0)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/scsi/sg/allow_dio\x00', 0x101181, 0x0)
write$auto(r1, 0x0, 0xb)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000140), r0)
sendmsg$auto_L2TP_CMD_TUNNEL_DELETE(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="15a88104", @ANYRES16=r2, @ANYBLOB="000329bd7000fddbdf25020000000600010000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4880)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/block/loop10/ext_range\x00', 0x8000, 0x0)
r3 = open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x1)
io_uring_setup$auto(0x6, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_LOOP_CTL_REMOVE(r3, 0x4c81, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup.cpu/memory.kmem.tcp.limit_in_bytes\x00', 0xc2481, 0x0)
io_pgetevents$auto(0x8, 0xc313, 0x7, 0x0, 0x0, 0xffffffffffffffff)
openat$auto_proc_oom_score_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_score_adj\x00', 0x80000, 0x0)
socket(0x2, 0x80000, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/vm/compaction_proactiveness\x00', 0x40000, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x2, 0x3, 0x100)
sysfs$auto(0x2, 0x4c, 0x0)
fsopen$auto(0x0, 0x1)
socket(0x2, 0x5, 0x0)
r4 = socket(0x10, 0x2, 0x0)
setsockopt$auto(r4, 0x104000000000010e, 0x1, 0x0, 0x16)

1.714705913s ago: executing program 7 (id=1896):
r0 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000100), 0x101000, 0x0)
ioctl$auto_TUNGETFEATURES(r0, 0x800454cf, &(0x7f0000000140)=0x2) (async)
r1 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x28341, 0x0)
r2 = socket(0x2, 0x3, 0xa) (async)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x608100, 0x0) (async)
bind$auto(0x3, 0x0, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (async)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
adjtimex$auto(&(0x7f00000005c0)={0xfffd, 0x0, 0x6, 0x9, 0x7, 0x0, 0xfff, 0x0, 0xc15, 0x101, 0x592efafd, {0x3, 0xffefffffffffff57}, 0xe7, 0xffffffffffffffff, 0x8581, 0x5, 0x0, 0x5, 0x9, 0x20240000000000, 0x5, 0x7, 0x7ff}) (async)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) (async)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r2)
sendmsg$auto_NL80211_CMD_RADAR_DETECT(r1, &(0x7f00000006c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000580)={&(0x7f0000000700)=ANY=[@ANYBLOB="405a4cb04c0100001000000000c9be0204004e5db065b4fd43deb6", @ANYRES16=r3, @ANYBLOB="00042dbd7000fbdbdf255e0000000500130103000000ee027f0039d32a58341fb50d3271610b60b37b4550ceace2e73f73badccbba0a44bead777269935b525879651fc32fd8b99411970aab545cbb5d9ecaa9ba957fdbd905327495aefbf30bd603c39eb8be806d8158fe6440c22d0c5aa5cae50319cd92da0b394af0bb72e9148fbfbb74e15b2d06453b457a6e1d9a8ac212d60eec6009b19b07db7ea2699f5ac3cbf125adf026d30670047b651d9f6a4d3fb2161fd2c48944766f8398cc5ececa2721f43fce6cbba8bfba97ea489864b32636b958708209a3da9635f6cca68ba06d288d17154673ee76c49036023e2aace858fbe6f1a89ca64dcb68280d8804ebbd2af3a4614f6190d2ea7ef3e84a1f475a2f5c1b207699f21c41ca7809f9f3b8d9ea93bf1e83676536ea220551c15627156643e8666fae9b25fcc49b5f7144b2524a58da1d0e00581e9e527e75ec5f11939f4514b8b56023f104cf4be65767bc4ac252ed5cb0fcc6494299d6c731144c40d0d27bc1bfbbd5ad1c3d6f3fc5911013a2dfe5c2f91556876f8730ee80efd895e4306bd31d7afad6465f9e1f36d541fe1e33d0adb403b50f91804f8fc2c42078dec3ac4615e774109b16806889efae29be3973565b2836f81743157e1ab324c09f1ef5fb8c79448c0c7b69f4bd4571a8bdcc1c72489bb0d60c16a4507fa31e8d70a36b59045044089478c34428f0c4c23789871c00f0cb20b2d6f1e02a881db62a591743a9ea83c946c62b24dcfba969ae1d69640e6a1e538b8059f11b23082a1748270e98b5eaef491c0121d13a20a6650d3ae8864dbe730f1405c4ebcb0db1e12b44402fef571c2fe1a2cdcac544cbb31fcc48b6e614924b04e8d3edb7af4cedeeb31e17e93599739acdf57c3e47bea1dc322f3d050ca459fe24afb2806edbceac24a36f7187c01bcada8868e60e9bc5bcea00e4b584a52ba31afcbe017efb949e0ea9b2e6784abe8d735a65c587bf309d4419c76ee6d8515e438dc22fba932cd8070531676181e8d2b5fe93a973df3481792202d2b58a067b99047f805747b7aa2c2623e4a38b54ae7f44aa436e10b20000c50029014983f99663ae753076d9575b4ca545673aa34ba34faef5af3fab6a2783ff52aa3d61310fc4898f21df23068deb6db144b588814dff7dbc9031b82e5d6d82872cae807f1f404b7e2278a24bfee3842c9a89db37218ec9d68937a4868d93a1c0c2419b23c9ecec111f7327ce4043e1a802555dc40de2c6a6909adfac0c36857c1f20bb78eb8f4ca454ad018a42a2ded82a0868f55e95f365d3b834a8ca32a4c89025139940c7e7797aaee0d974a06007a68974768a71637b4c404d81fabfa57830ba000000"], 0x3d4}, 0x1, 0x0, 0x0, 0x40014}, 0x4004) (async)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) (async)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) (async)
prctl$auto(0x16, 0x2, 0x2, 0x4000000d, 0x100)
ioctl$auto_MON_IOCQ_URB_LEN(r1, 0x9201, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
prctl$auto(0xd50, 0x9, 0x0, 0x9, 0xa) (async)
sendmmsg$auto(0x3, 0x0, 0x9a5, 0x47ffff7a) (async)
r4 = openat$auto_rts_threshold_ops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy12/rts_threshold\x00', 0x80402, 0x0)
pipe$auto(&(0x7f0000000040)=r4)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r1)
sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_ID(0xffffffffffffffff, 0x0, 0x4000080)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x20042, 0x0) (async)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/v4l-touch8\x00', 0x220200, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000b80)='/proc/sys/kernel/kptr_restrict\x00', 0x202, 0x0)

1.136946435s ago: executing program 7 (id=1897):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
pwrite64$auto(0xffffffffffffffff, 0x0, 0x6, 0x8)
mmap$auto(0x0, 0x1ff, 0xe5, 0x200000810, 0xffffffffffffffff, 0x8000)
madvise$auto(0x0, 0x200007, 0x19)
mbind$auto(0x0, 0x0, 0x0, 0x0, 0x9, 0x8)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x4605, 0x0)
r1 = socket(0x2, 0x80002, 0x73)
r2 = io_uring_setup$auto(0x406, 0x0)
getrandom$auto(0x0, 0x6000000, 0x3)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
io_uring_enter$auto(0xffffffffffffffff, 0xa84, 0x80000001, 0xa, 0x0, 0x46)
openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000000), 0x880, 0x0)
socket(0x2, 0x801, 0x6)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x40, r5, 0x1b, 0x74bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x10, 0x3, 0x0, 0x1, [@nested={0xc, 0x16, 0x0, 0x1, [@nested={0x8, 0x1, 0x0, 0x1, [@nested={0x4788, 0x33}]}]}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f1779048590828848"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'veth1\x00', <r6=>0x0})
r7 = geteuid()
sendmsg$auto_NL80211_CMD_REQ_SET_REG(r3, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000580)={0x30, 0x0, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r6}, @NL80211_ATTR_WIPHY_TXQ_PARAMS={0xc, 0x25, 0x0, 0x1, [@typed={0x8, 0xda, 0x0, 0x0, @uid=r7}]}, @NL80211_ATTR_KEY={0x8, 0x50, 0x0, 0x1, [@nested={0x4, 0x4}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x814}, 0x80)
ioprio_get$auto(0x360, r7)
r8 = setfsgid$auto(0x0)
fchown$auto(r1, r7, r8)
io_uring_enter$auto(r2, 0x7, 0x7ffffffb, 0x3, 0x0, 0x3)
move_pages$auto(0x0, 0xa, 0x0, 0x0, 0x0, 0x2)
io_uring_enter$auto(0x3, 0x5, 0x5f3, 0x3, 0x0, 0x2)

0s ago: executing program 7 (id=1898):
socket(0x2a, 0x2, 0x1)
openat$auto_nsim_nexthop_bucket_activity_fops_fib(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim1/fib/nexthop_bucket_activity\x00', 0x400600, 0x0)
listmount$auto(0x0, 0x0, 0x0, 0x1)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb2, 0x403, 0x8000)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
bpf$auto(0x5, 0x0, 0x1000)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
r0 = epoll_create$auto(0x4)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/core/rps_default_mask\x00', 0x82, 0x0)
r1 = socket(0x11, 0x80003, 0x300)
socket(0x25, 0x1, 0x1)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/input/devices\x00', 0x4a040, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000840), r2)
ioctl$auto_TIOCSTI2(r0, 0x5412, &(0x7f0000000340)="626d9dbfcc88ccf390951f20c377d2ac2ab1243175897f604657220eca9ba0ae1a1690a62c11f240180959270ae64fbab1a0d41314d1b30f1ecdc4900d1c30141b3be8f477e3c5681b61ca66c4523e6bcea9666d583e81363dd0f5c3dd34323043b33697b5a6ca84ef233e61acd3dcff2d9aa0f1dbf340d031f728ea92016299d12f15d069bf21239c321adae3")
sendmsg$auto_OVS_CT_LIMIT_CMD_SET(r2, &(0x7f0000002e40)={0x0, 0x0, &(0x7f0000002e00)={&(0x7f0000002d40)={0x18, r3, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x40}, 0x4000080)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS3\x00', 0x0, 0x0)
select$auto(0xc, 0x0, 0x0, &(0x7f00000002c0)={[0x1fd, 0x8, 0x4, 0x1, 0x948b, 0x7, 0x15f4da0b, 0x6, 0x80010000080, 0x1fffe000000000, 0x80000001, 0x5, 0x6d3c, 0x401, 0x2]}, 0x0)
close_range$auto(0x2, 0xa, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x7fff, 0x3, 0xeb0, 0xfffffffffffffffa, 0x208000)
writev$auto(0xca, 0x0, 0x7e)
r4 = socket(0x11, 0x3, 0x9)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x7, 0x4a})
sendmmsg$auto(r4, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, 0x0, 0x5, &(0x7f0000000180), 0x5, 0x1000}, 0x5}, 0x2, 0x100)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x5, 0xe0, 0x8b70, r1, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)

kernel console output (not intermixed with test programs):

a #0 PREEMPT(full) 
[  390.496743][T11262] Tainted: [U]=USER
[  390.496754][T11262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  390.496772][T11262] Call Trace:
[  390.496782][T11262]  <TASK>
[  390.496796][T11262]  dump_stack_lvl+0x16c/0x1f0
[  390.496844][T11262]  should_fail_ex+0x512/0x640
[  390.496894][T11262]  should_fail_alloc_page+0xe7/0x130
[  390.496935][T11262]  prepare_alloc_pages+0x3c2/0x610
[  390.497010][T11262]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  390.497054][T11262]  ? rcu_is_watching+0x12/0xc0
[  390.497084][T11262]  ? trace_mm_page_alloc+0x11f/0x1a0
[  390.497132][T11262]  ? __alloc_frozen_pages_noprof+0x298/0x23a0
[  390.497174][T11262]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  390.497216][T11262]  ? __pfx___might_resched+0x10/0x10
[  390.497271][T11262]  ? rcu_is_watching+0x12/0xc0
[  390.497300][T11262]  ? trace_mm_page_alloc+0x11f/0x1a0
[  390.497349][T11262]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  390.497397][T11262]  ? policy_nodemask+0xea/0x4e0
[  390.497439][T11262]  alloc_pages_mpol+0x1fb/0x550
[  390.497479][T11262]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  390.497529][T11262]  alloc_pages_noprof+0x131/0x390
[  390.497568][T11262]  kimage_alloc_pages+0x75/0x300
[  390.497613][T11262]  ? __pfx_alloc_pgt_page+0x10/0x10
[  390.497661][T11262]  kimage_alloc_control_pages+0x15d/0x910
[  390.497718][T11262]  ? __pfx_kimage_alloc_control_pages+0x10/0x10
[  390.497774][T11262]  ? __pfx_alloc_pgt_page+0x10/0x10
[  390.497823][T11262]  alloc_pgt_page+0x17/0x60
[  390.497868][T11262]  kernel_ident_mapping_init+0x1c9/0x380
[  390.497928][T11262]  machine_kexec_prepare+0x32e/0xf90
[  390.497983][T11262]  ? __pfx_machine_kexec_prepare+0x10/0x10
[  390.498035][T11262]  ? __pfx_alloc_pgt_page+0x10/0x10
[  390.498100][T11262]  do_kexec_load+0x664/0x8d0
[  390.498151][T11262]  ? __pfx_do_kexec_load+0x10/0x10
[  390.498204][T11262]  ? _copy_from_user+0x59/0xd0
[  390.498265][T11262]  __x64_sys_kexec_load+0x1bf/0x230
[  390.498319][T11262]  do_syscall_64+0xcd/0x230
[  390.498368][T11262]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  390.498402][T11262] RIP: 0033:0x7fb96698e969
[  390.498428][T11262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  390.498461][T11262] RSP: 002b:00007fb96782a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6
[  390.498492][T11262] RAX: ffffffffffffffda RBX: 00007fb966bb5fa0 RCX: 00007fb96698e969
[  390.498513][T11262] RDX: 0000200000000080 RSI: 0000000000000002 RDI: 00000000000000ff
[  390.498532][T11262] RBP: 00007fb966a10ab1 R08: 0000000000000000 R09: 0000000000000000
[  390.498551][T11262] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000
[  390.498569][T11262] R13: 0000000000000000 R14: 00007fb966bb5fa0 R15: 00007ffe359e6078
[  390.498610][T11262]  </TASK>
[  392.247893][T11299] random: crng reseeded on system resumption
[  393.338026][T11312] svc: failed to register nfsdv3 RPC service (errno 111).
[  393.841753][T11312] svc: failed to register nfsaclv3 RPC service (errno 111).
[  394.691533][T11334] FAULT_INJECTION: forcing a failure.
[  394.691533][T11334] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  394.725313][T11334] CPU: 0 UID: 0 PID: 11334 Comm: syz.1.1394 Tainted: G     U              6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) 
[  394.725363][T11334] Tainted: [U]=USER
[  394.725373][T11334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  394.725390][T11334] Call Trace:
[  394.725399][T11334]  <TASK>
[  394.725412][T11334]  dump_stack_lvl+0x16c/0x1f0
[  394.725455][T11334]  should_fail_ex+0x512/0x640
[  394.725507][T11334]  should_fail_alloc_page+0xe7/0x130
[  394.725548][T11334]  prepare_alloc_pages+0x3c2/0x610
[  394.725602][T11334]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  394.725645][T11334]  ? rcu_is_watching+0x12/0xc0
[  394.725673][T11334]  ? trace_mm_page_alloc+0x11f/0x1a0
[  394.725718][T11334]  ? __alloc_frozen_pages_noprof+0x298/0x23a0
[  394.725757][T11334]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  394.725797][T11334]  ? __pfx___might_resched+0x10/0x10
[  394.725842][T11334]  ? rcu_is_watching+0x12/0xc0
[  394.725869][T11334]  ? trace_mm_page_alloc+0x11f/0x1a0
[  394.725914][T11334]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  394.725960][T11334]  ? policy_nodemask+0xea/0x4e0
[  394.726002][T11334]  alloc_pages_mpol+0x1fb/0x550
[  394.726035][T11334]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  394.726075][T11334]  alloc_pages_noprof+0x131/0x390
[  394.726107][T11334]  kimage_alloc_pages+0x75/0x300
[  394.726141][T11334]  ? __pfx_alloc_pgt_page+0x10/0x10
[  394.726180][T11334]  kimage_alloc_control_pages+0x15d/0x910
[  394.726225][T11334]  ? __pfx_kimage_alloc_control_pages+0x10/0x10
[  394.726268][T11334]  ? __pfx_alloc_pgt_page+0x10/0x10
[  394.726305][T11334]  alloc_pgt_page+0x17/0x60
[  394.726340][T11334]  kernel_ident_mapping_init+0x1c9/0x380
[  394.726385][T11334]  machine_kexec_prepare+0x32e/0xf90
[  394.726428][T11334]  ? __pfx_machine_kexec_prepare+0x10/0x10
[  394.726468][T11334]  ? __pfx_alloc_pgt_page+0x10/0x10
[  394.726518][T11334]  do_kexec_load+0x664/0x8d0
[  394.726558][T11334]  ? __pfx_do_kexec_load+0x10/0x10
[  394.726599][T11334]  ? _copy_from_user+0x59/0xd0
[  394.726640][T11334]  __x64_sys_kexec_load+0x1bf/0x230
[  394.726681][T11334]  do_syscall_64+0xcd/0x230
[  394.726721][T11334]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  394.726753][T11334] RIP: 0033:0x7f7d2358e969
[  394.726776][T11334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  394.726809][T11334] RSP: 002b:00007f7d244cb038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6
[  394.726838][T11334] RAX: ffffffffffffffda RBX: 00007f7d237b5fa0 RCX: 00007f7d2358e969
[  394.726858][T11334] RDX: 0000200000000080 RSI: 0000000000000002 RDI: 00000000000000ff
[  394.726878][T11334] RBP: 00007f7d23610ab1 R08: 0000000000000000 R09: 0000000000000000
[  394.726896][T11334] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000
[  394.726913][T11334] R13: 0000000000000000 R14: 00007f7d237b5fa0 R15: 00007ffd6d576cf8
[  394.726953][T11334]  </TASK>
[  395.629968][T11359] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1396'.
[  396.337891][T11378] FAULT_INJECTION: forcing a failure.
[  396.337891][T11378] name failslab, interval 1, probability 0, space 0, times 0
[  396.367801][T11378] CPU: 1 UID: 0 PID: 11378 Comm: syz.3.1403 Tainted: G     U              6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) 
[  396.367858][T11378] Tainted: [U]=USER
[  396.367868][T11378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  396.367887][T11378] Call Trace:
[  396.367897][T11378]  <TASK>
[  396.367908][T11378]  dump_stack_lvl+0x16c/0x1f0
[  396.367956][T11378]  should_fail_ex+0x512/0x640
[  396.368008][T11378]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  396.368052][T11378]  should_failslab+0xc2/0x120
[  396.368092][T11378]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  396.368126][T11378]  ? vma_merge_new_range+0x3f8/0xc10
[  396.368160][T11378]  ? vm_area_alloc+0x1f/0x160
[  396.368205][T11378]  vm_area_alloc+0x1f/0x160
[  396.368242][T11378]  __mmap_region+0xfd0/0x27c0
[  396.368277][T11378]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  396.368313][T11378]  ? __pfx___mmap_region+0x10/0x10
[  396.368347][T11378]  ? kernel_text_address+0x8d/0x100
[  396.368427][T11378]  ? stack_depot_save_flags+0x28/0xa50
[  396.368519][T11378]  ? trace_cap_capable+0x18d/0x200
[  396.368555][T11378]  ? cap_capable+0xb3/0x250
[  396.368592][T11378]  mmap_region+0x1ab/0x3f0
[  396.368636][T11378]  do_mmap+0xd8e/0x11b0
[  396.368691][T11378]  ? __pfx_do_mmap+0x10/0x10
[  396.368739][T11378]  ? __pfx_down_write_killable+0x10/0x10
[  396.368795][T11378]  vm_mmap_pgoff+0x281/0x450
[  396.368850][T11378]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  396.368890][T11378]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  396.368935][T11378]  ? hugetlbfs_get_inode+0x31f/0x730
[  396.369003][T11378]  ksys_mmap_pgoff+0x1c8/0x5c0
[  396.369050][T11378]  ? rcu_is_watching+0x12/0xc0
[  396.369083][T11378]  __x64_sys_mmap+0x125/0x190
[  396.369119][T11378]  do_syscall_64+0xcd/0x230
[  396.369165][T11378]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  396.369198][T11378] RIP: 0033:0x7fb9bf18e969
[  396.369224][T11378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  396.369256][T11378] RSP: 002b:00007fb9bcff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  396.369286][T11378] RAX: ffffffffffffffda RBX: 00007fb9bf3b5fa0 RCX: 00007fb9bf18e969
[  396.369307][T11378] RDX: 00004000000000e3 RSI: 0000000000200004 RDI: 0000000000000000
[  396.369327][T11378] RBP: 00007fb9bf210ab1 R08: 000000000000000d R09: 0000300000004000
[  396.369346][T11378] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000
[  396.369363][T11378] R13: 0000000000000000 R14: 00007fb9bf3b5fa0 R15: 00007ffd87768c18
[  396.369404][T11378]  </TASK>
[  397.324944][T11390] random: crng reseeded on system resumption
[  398.289543][T11401] program syz.0.1407 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  400.786562][T11446] program syz.0.1416 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  401.421805][T11468] HfR: entered promiscuous mode
[  401.439740][T11468] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1422'.
[  401.532645][T11468] HfR: left promiscuous mode
[  402.016389][T11465] syz.0.1419 (11465) used greatest stack depth: 21080 bytes left
[  403.023466][T11487] program syz.0.1428 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  403.479207][T11502] zram: Added device: zram2
[  403.642922][T11505] FAULT_INJECTION: forcing a failure.
[  403.642922][T11505] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  403.683079][T11505] CPU: 1 UID: 0 PID: 11505 Comm: syz.0.1434 Tainted: G     U              6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) 
[  403.683132][T11505] Tainted: [U]=USER
[  403.683143][T11505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  403.683162][T11505] Call Trace:
[  403.683172][T11505]  <TASK>
[  403.683184][T11505]  dump_stack_lvl+0x16c/0x1f0
[  403.683233][T11505]  should_fail_ex+0x512/0x640
[  403.683301][T11505]  should_fail_alloc_page+0xe7/0x130
[  403.683345][T11505]  prepare_alloc_pages+0x3c2/0x610
[  403.683393][T11505]  ? rcu_is_watching+0x12/0xc0
[  403.683428][T11505]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  403.683469][T11505]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  403.683521][T11505]  ? __lock_acquire+0xaa4/0x1ba0
[  403.683571][T11505]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  403.683615][T11505]  ? lock_acquire+0x179/0x350
[  403.683663][T11505]  ? find_next_iomem_res+0x1c6/0x4f0
[  403.683709][T11505]  ? do_raw_read_unlock+0x44/0xe0
[  403.683759][T11505]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  403.683807][T11505]  ? policy_nodemask+0xea/0x4e0
[  403.683848][T11505]  alloc_pages_mpol+0x1fb/0x550
[  403.683889][T11505]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  403.683929][T11505]  ? __pti_set_user_pgtbl+0xf1/0x190
[  403.683979][T11505]  ? __pfx___pti_set_user_pgtbl+0x10/0x10
[  403.684035][T11505]  alloc_pages_noprof+0x131/0x390
[  403.684075][T11505]  get_zeroed_page_noprof+0x14/0x50
[  403.684120][T11505]  machine_kexec_prepare+0xa12/0xf90
[  403.684175][T11505]  ? __pfx_machine_kexec_prepare+0x10/0x10
[  403.684227][T11505]  ? __pfx_alloc_pgt_page+0x10/0x10
[  403.684292][T11505]  do_kexec_load+0x664/0x8d0
[  403.684344][T11505]  ? __pfx_do_kexec_load+0x10/0x10
[  403.684397][T11505]  ? _copy_from_user+0x59/0xd0
[  403.684448][T11505]  __x64_sys_kexec_load+0x1bf/0x230
[  403.684510][T11505]  do_syscall_64+0xcd/0x230
[  403.684558][T11505]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  403.684590][T11505] RIP: 0033:0x7f6a7318e969
[  403.684615][T11505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  403.684648][T11505] RSP: 002b:00007f6a73fa2038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6
[  403.684678][T11505] RAX: ffffffffffffffda RBX: 00007f6a733b5fa0 RCX: 00007f6a7318e969
[  403.684698][T11505] RDX: 0000200000000080 RSI: 0000000000000002 RDI: 00000000000000ff
[  403.684716][T11505] RBP: 00007f6a73210ab1 R08: 0000000000000000 R09: 0000000000000000
[  403.684733][T11505] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000
[  403.684752][T11505] R13: 0000000000000000 R14: 00007f6a733b5fa0 R15: 00007ffd5ab30d38
[  403.684792][T11505]  </TASK>
[  407.046603][T11531] ptrace attach of "./syz-executor exec"[5826] was attempted by "./syz-executor exec"[11531]
[  408.562529][T11554] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1449'.
[  409.881235][T11563] program syz.1.1452 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  410.061922][T11576] FAULT_INJECTION: forcing a failure.
[  410.061922][T11576] name fail_futex, interval 1, probability 0, space 0, times 0
[  410.082701][T11576] CPU: 1 UID: 0 PID: 11576 Comm: syz.0.1456 Tainted: G     U              6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) 
[  410.082759][T11576] Tainted: [U]=USER
[  410.082769][T11576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  410.082787][T11576] Call Trace:
[  410.082797][T11576]  <TASK>
[  410.082808][T11576]  dump_stack_lvl+0x16c/0x1f0
[  410.082855][T11576]  should_fail_ex+0x512/0x640
[  410.082905][T11576]  get_futex_key+0x49e/0x1000
[  410.082945][T11576]  ? __pfx_get_futex_key+0x10/0x10
[  410.082975][T11576]  ? do_ipv6_setsockopt+0x7b9/0x4320
[  410.083023][T11576]  futex_wait_setup+0x78/0x290
[  410.083072][T11576]  __futex_wait+0x266/0x3c0
[  410.083116][T11576]  ? __pfx___futex_wait+0x10/0x10
[  410.083164][T11576]  ? __pfx_futex_wake_mark+0x10/0x10
[  410.083213][T11576]  ? __pfx___might_resched+0x10/0x10
[  410.083258][T11576]  futex_wait+0xe8/0x380
[  410.083315][T11576]  ? __pfx_futex_wait+0x10/0x10
[  410.083367][T11576]  ? kfree+0x252/0x4d0
[  410.083417][T11576]  ? udpv6_setsockopt+0x84/0xd0
[  410.083466][T11576]  do_futex+0x229/0x350
[  410.083501][T11576]  ? __pfx_do_futex+0x10/0x10
[  410.083547][T11576]  __x64_sys_futex+0x1e0/0x4c0
[  410.083588][T11576]  ? __pfx___x64_sys_futex+0x10/0x10
[  410.083625][T11576]  ? __sys_setsockopt+0x14d/0x1a0
[  410.083668][T11576]  do_syscall_64+0xcd/0x230
[  410.083716][T11576]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  410.083757][T11576] RIP: 0033:0x7f6a7318e969
[  410.083784][T11576] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  410.083817][T11576] RSP: 002b:00007f6a73fa20e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  410.083847][T11576] RAX: ffffffffffffffda RBX: 00007f6a733b5fa8 RCX: 00007f6a7318e969
[  410.083868][T11576] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f6a733b5fa8
[  410.083887][T11576] RBP: 00007f6a733b5fa0 R08: 0000000000000000 R09: 0000000000000000
[  410.083906][T11576] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6a733b5fac
[  410.083924][T11576] R13: 0000000000000000 R14: 00007ffd5ab30c50 R15: 00007ffd5ab30d38
[  410.083965][T11576]  </TASK>
[  410.295300][    C1] vkms_vblank_simulate: vblank timer overrun
[  410.560802][T11574] ptrace attach of "./syz-executor exec"[5827] was attempted by "./syz-executor exec"[11574]
[  410.703861][T11584] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  410.710015][T11584] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  410.722271][T11584] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  410.737772][T11584] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  411.172750][T11592] HfR: entered promiscuous mode
[  411.217496][T11592] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1460'.
[  411.237457][T11592] HfR: left promiscuous mode
[  411.983645][T11600] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 0, inode_bitmap = 137
[  412.002344][T11600] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 1, inode_bitmap = 138
[  412.014074][T11602] FAULT_INJECTION: forcing a failure.
[  412.014074][T11602] name failslab, interval 1, probability 0, space 0, times 0
[  412.028247][T11600] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 0: bad block bitmap checksum
[  412.029561][T11602] CPU: 0 UID: 0 PID: 11602 Comm: syz.1.1465 Tainted: G     U              6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) 
[  412.029638][T11602] Tainted: [U]=USER
[  412.029649][T11602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  412.029670][T11602] Call Trace:
[  412.029680][T11602]  <TASK>
[  412.029692][T11602]  dump_stack_lvl+0x16c/0x1f0
[  412.029747][T11602]  should_fail_ex+0x512/0x640
[  412.029794][T11602]  ? fs_reclaim_acquire+0xae/0x150
[  412.029849][T11602]  should_failslab+0xc2/0x120
[  412.029889][T11602]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  412.029923][T11602]  ? security_inode_alloc+0x3b/0x2b0
[  412.029975][T11602]  security_inode_alloc+0x3b/0x2b0
[  412.030013][T11602]  inode_init_always_gfp+0xce4/0x1030
[  412.030094][T11602]  alloc_inode+0x86/0x240
[  412.030149][T11602]  new_inode+0x22/0x1c0
[  412.030184][T11602]  ? trace_cap_capable+0x18d/0x200
[  412.030219][T11602]  shmem_get_inode+0x19a/0xfb0
[  412.030275][T11602]  ? __vm_enough_memory+0x184/0x3f0
[  412.030327][T11602]  __shmem_file_setup+0x16f/0x300
[  412.030365][T11602]  shmem_zero_setup+0x93/0x1a0
[  412.030428][T11602]  __mmap_region+0x2036/0x27c0
[  412.030472][T11602]  ? __pfx___mmap_region+0x10/0x10
[  412.030510][T11602]  ? finish_task_switch.isra.0+0x221/0xc10
[  412.030555][T11602]  ? __schedule+0x1186/0x5de0
[  412.030594][T11602]  ? kvm_sched_clock_read+0x11/0x20
[  412.030634][T11602]  ? sched_clock+0x38/0x60
[  412.030750][T11602]  ? trace_cap_capable+0x18d/0x200
[  412.030786][T11602]  ? cap_capable+0xb3/0x250
[  412.030835][T11602]  mmap_region+0x1ab/0x3f0
[  412.030882][T11602]  do_mmap+0xd8e/0x11b0
[  412.030945][T11602]  ? __pfx_do_mmap+0x10/0x10
[  412.030994][T11602]  ? __pfx_down_write_killable+0x10/0x10
[  412.031057][T11602]  vm_mmap_pgoff+0x281/0x450
[  412.031116][T11602]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  412.031165][T11602]  ? do_set_mempolicy+0x220/0x480
[  412.031231][T11602]  ? __x64_sys_futex+0x1e0/0x4c0
[  412.031267][T11602]  ? __x64_sys_futex+0x1e9/0x4c0
[  412.031310][T11602]  ksys_mmap_pgoff+0x7d/0x5c0
[  412.031359][T11602]  ? rcu_is_watching+0x12/0xc0
[  412.031396][T11602]  __x64_sys_mmap+0x125/0x190
[  412.031434][T11602]  do_syscall_64+0xcd/0x230
[  412.031485][T11602]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  412.031519][T11602] RIP: 0033:0x7f7d2358e969
[  412.031548][T11602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  412.031582][T11602] RSP: 002b:00007f7d244cb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  412.031614][T11602] RAX: ffffffffffffffda RBX: 00007f7d237b5fa0 RCX: 00007f7d2358e969
[  412.031639][T11602] RDX: 0000000000000003 RSI: 0000000000000003 RDI: 0000000000000000
[  412.031660][T11602] RBP: 00007f7d23610ab1 R08: fffffffffffffffa R09: 0000000000008000
[  412.031683][T11602] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[  412.031704][T11602] R13: 0000000000000000 R14: 00007f7d237b5fa0 R15: 00007ffd6d576cf8
[  412.031760][T11602]  </TASK>
[  412.285600][    C1] vkms_vblank_simulate: vblank timer overrun
[  412.713328][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout
[  412.723183][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout
[  412.788723][ T5140] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  412.797353][ T5830] Bluetooth: hci3: command 0x0c1a tx timeout
[  412.797412][ T5830] Bluetooth: hci2: command 0x0c1a tx timeout
[  412.818247][ T5140] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  412.827127][ T5140] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  412.836314][ T5140] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  412.845212][ T5140] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  413.278766][T11610] chnl_net:caif_netlink_parms(): no params data found
[  413.439377][T11610] bridge0: port 1(bridge_slave_0) entered blocking state
[  413.446815][T11610] bridge0: port 1(bridge_slave_0) entered disabled state
[  413.454189][T11610] bridge_slave_0: entered allmulticast mode
[  413.461779][T11610] bridge_slave_0: entered promiscuous mode
[  413.470852][T11610] bridge0: port 2(bridge_slave_1) entered blocking state
[  413.478187][T11610] bridge0: port 2(bridge_slave_1) entered disabled state
[  413.485918][T11610] bridge_slave_1: entered allmulticast mode
[  413.493674][T11610] bridge_slave_1: entered promiscuous mode
[  413.534100][T11610] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  413.547987][T11610] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  413.651570][T11610] team0: Port device team_slave_0 added
[  413.675725][T11610] team0: Port device team_slave_1 added
[  413.725001][T11610] batman_adv: batadv0: Adding interface: batadv_slave_0
[  413.732016][T11610] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  413.757936][    C1] vkms_vblank_simulate: vblank timer overrun
[  413.765857][T11610] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  413.780586][T11610] batman_adv: batadv0: Adding interface: batadv_slave_1
[  413.788050][T11610] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  413.815588][T11610] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  413.880543][T11610] hsr_slave_0: entered promiscuous mode
[  413.887530][T11610] hsr_slave_1: entered promiscuous mode
[  413.894305][T11610] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  413.901989][T11610] Cannot create hsr debugfs directory
[  414.076805][T11610] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  414.089682][T11610] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  414.100857][T11610] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  414.112868][T11610] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  414.144455][T11610] bridge0: port 2(bridge_slave_1) entered blocking state
[  414.151847][T11610] bridge0: port 2(bridge_slave_1) entered forwarding state
[  414.159428][T11610] bridge0: port 1(bridge_slave_0) entered blocking state
[  414.166723][T11610] bridge0: port 1(bridge_slave_0) entered forwarding state
[  414.178689][T11205] bridge0: port 1(bridge_slave_0) entered disabled state
[  414.189838][T11205] bridge0: port 2(bridge_slave_1) entered disabled state
[  414.265744][T11610] 8021q: adding VLAN 0 to HW filter on device bond0
[  414.291988][T11610] 8021q: adding VLAN 0 to HW filter on device team0
[  414.307268][ T1158] bridge0: port 1(bridge_slave_0) entered blocking state
[  414.314552][ T1158] bridge0: port 1(bridge_slave_0) entered forwarding state
[  414.333910][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[  414.341145][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[  414.568251][T11610] 8021q: adding VLAN 0 to HW filter on device batadv0
[  414.804455][T11610] veth0_vlan: entered promiscuous mode
[  414.818368][T11610] veth1_vlan: entered promiscuous mode
[  414.855383][T11610] veth0_macvtap: entered promiscuous mode
[  414.867642][T11610] veth1_macvtap: entered promiscuous mode
[  414.873796][ T5837] Bluetooth: hci4: command tx timeout
[  414.891406][T11610] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  414.901981][T11610] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  414.912441][T11610] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  414.922987][T11610] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  414.933800][T11610] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  414.944308][T11610] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  414.954661][T11610] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  414.966065][T11610] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  414.977599][T11610] batman_adv: batadv0: Interface activated: batadv_slave_0
[  414.989682][T11610] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  415.002300][T11610] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  415.012699][T11610] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  415.023575][T11610] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  415.034239][T11610] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  415.047048][T11610] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  415.057102][T11610] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  415.067931][T11610] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  415.079971][T11610] batman_adv: batadv0: Interface activated: batadv_slave_1
[  415.101381][T11610] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  415.110737][T11610] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  415.120921][T11610] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  415.130111][T11610] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  415.237798][ T1158] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  415.246462][ T1158] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  415.298908][   T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  415.307495][   T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  415.638609][T11642] program syz.4.1463 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  415.773371][T11649] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  415.779713][T11649] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  415.786795][T11649] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  415.793761][T11649] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  415.800135][T11649] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  415.809367][T11649] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  415.818805][T11649] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  416.065102][T11652] HfR: entered promiscuous mode
[  416.081211][T11652] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1470'.
[  416.091319][T11652] HfR: left promiscuous mode
[  416.586693][T11656] program syz.1.1472 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  417.848428][ T5839] Bluetooth: hci2: command 0x0c1a tx timeout
[  417.854787][ T5839] Bluetooth: hci1: command 0x0c1a tx timeout
[  417.859120][ T5830] Bluetooth: hci0: command 0x0c1a tx timeout
[  417.860778][ T5140] Bluetooth: hci3: command 0x0c1a tx timeout
[  417.874601][ T5837] Bluetooth: hci4: command 0x040f tx timeout
[  418.818137][T11682] Invalid ELF header magic: != ELF
[  419.754678][T11691] vcan0: tx drop: invalid da for name 0xfffffffd00000000
[  419.923234][ T5837] Bluetooth: hci4: command 0x040f tx timeout
[  420.731821][ T5828] Process accounting resumed
[  421.219776][ T5140] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  421.231007][ T5140] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  421.241754][ T5140] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  421.263739][ T5140] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  421.272733][ T5140] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  421.636642][T11701] chnl_net:caif_netlink_parms(): no params data found
[  421.916884][T11701] bridge0: port 1(bridge_slave_0) entered blocking state
[  421.924741][T11701] bridge0: port 1(bridge_slave_0) entered disabled state
[  421.932008][T11701] bridge_slave_0: entered allmulticast mode
[  421.940147][T11701] bridge_slave_0: entered promiscuous mode
[  421.954147][T11701] bridge0: port 2(bridge_slave_1) entered blocking state
[  421.961390][T11701] bridge0: port 2(bridge_slave_1) entered disabled state
[  421.968776][T11701] bridge_slave_1: entered allmulticast mode
[  421.976592][T11701] bridge_slave_1: entered promiscuous mode
[  422.003061][ T5837] Bluetooth: hci4: command 0x040f tx timeout
[  422.041166][T11701] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  422.055018][T11701] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  422.106552][T11701] team0: Port device team_slave_0 added
[  422.117017][T11701] team0: Port device team_slave_1 added
[  422.159661][T11701] batman_adv: batadv0: Adding interface: batadv_slave_0
[  422.180157][T11701] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  422.221113][T11701] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  422.294690][T11719] HfR: entered promiscuous mode
[  422.300680][T11701] batman_adv: batadv0: Adding interface: batadv_slave_1
[  422.307589][T11719] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1488'.
[  422.317064][T11701] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  422.342992][    C1] vkms_vblank_simulate: vblank timer overrun
[  422.352606][T11701] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  422.364475][T11719] HfR: left promiscuous mode
[  422.469721][T11701] hsr_slave_0: entered promiscuous mode
[  422.480397][T11701] hsr_slave_1: entered promiscuous mode
[  422.500256][T11701] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  422.512095][T11701] Cannot create hsr debugfs directory
[  422.725519][T11701] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  422.737430][T11701] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  422.749466][T11701] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  422.760457][T11701] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  422.862177][T11701] 8021q: adding VLAN 0 to HW filter on device bond0
[  422.886103][T11701] 8021q: adding VLAN 0 to HW filter on device team0
[  422.901390][   T53] bridge0: port 1(bridge_slave_0) entered blocking state
[  422.908605][   T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[  422.929214][   T63] bridge0: port 2(bridge_slave_1) entered blocking state
[  422.936434][   T63] bridge0: port 2(bridge_slave_1) entered forwarding state
[  423.158124][T11701] 8021q: adding VLAN 0 to HW filter on device batadv0
[  423.363078][ T5837] Bluetooth: hci5: command tx timeout
[  423.409495][T11701] veth0_vlan: entered promiscuous mode
[  423.422530][T11701] veth1_vlan: entered promiscuous mode
[  423.464881][T11701] veth0_macvtap: entered promiscuous mode
[  423.477071][T11701] veth1_macvtap: entered promiscuous mode
[  423.498728][T11701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  423.509650][T11701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  423.519786][T11701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  423.530329][T11701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  423.540993][T11701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  423.551864][T11701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  423.562552][T11701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  423.573212][T11701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  423.583192][T11701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  423.595153][T11701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  423.606628][T11701] batman_adv: batadv0: Interface activated: batadv_slave_0
[  423.621170][T11701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  423.631718][T11701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  423.641960][T11701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  423.652439][T11701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  423.662468][T11701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  423.675757][T11701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  423.685733][T11701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  423.697938][T11701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  423.707911][T11701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  423.718590][T11701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  423.730855][T11701] batman_adv: batadv0: Interface activated: batadv_slave_1
[  423.744700][T11701] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  423.753899][T11701] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  423.762669][T11701] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  423.772317][T11701] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  423.887737][   T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  423.910349][   T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  423.949079][T11205] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  423.959662][T11205] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  424.073331][ T5837] Bluetooth: hci4: command 0x040f tx timeout
[  424.431656][T11740] Invalid ELF header magic: != ELF
[  425.433897][ T5837] Bluetooth: hci5: command tx timeout
[  425.660565][T11753] program syz.4.1493 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  426.158184][ T5837] Bluetooth: hci4: command 0x040f tx timeout
[  426.433843][T11769] FAULT_INJECTION: forcing a failure.
[  426.433843][T11769] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  426.453795][T11769] CPU: 1 UID: 0 PID: 11769 Comm: syz.5.1500 Tainted: G     U              6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) 
[  426.453850][T11769] Tainted: [U]=USER
[  426.453860][T11769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  426.453879][T11769] Call Trace:
[  426.453889][T11769]  <TASK>
[  426.453901][T11769]  dump_stack_lvl+0x16c/0x1f0
[  426.453960][T11769]  should_fail_ex+0x512/0x640
[  426.454014][T11769]  strncpy_from_user+0x3b/0x2e0
[  426.454061][T11769]  getname_flags.part.0+0x8f/0x550
[  426.454111][T11769]  getname_flags+0x93/0xf0
[  426.454160][T11769]  do_sys_openat2+0xb8/0x1d0
[  426.454203][T11769]  ? __pfx_do_sys_openat2+0x10/0x10
[  426.454249][T11769]  ? __pfx___might_resched+0x10/0x10
[  426.454296][T11769]  __x64_sys_openat+0x174/0x210
[  426.454338][T11769]  ? __pfx___x64_sys_openat+0x10/0x10
[  426.454382][T11769]  ? rcu_is_watching+0x12/0xc0
[  426.454422][T11769]  do_syscall_64+0xcd/0x230
[  426.454465][T11769]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  426.454496][T11769] RIP: 0033:0x7fd0e518e969
[  426.454522][T11769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  426.454553][T11769] RSP: 002b:00007fd0e2ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  426.454580][T11769] RAX: ffffffffffffffda RBX: 00007fd0e53b5fa0 RCX: 00007fd0e518e969
[  426.454599][T11769] RDX: 0000000000048402 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  426.454618][T11769] RBP: 00007fd0e5210ab1 R08: 0000000000000000 R09: 0000000000000000
[  426.454636][T11769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  426.454653][T11769] R13: 0000000000000000 R14: 00007fd0e53b5fa0 R15: 00007ffd582e96f8
[  426.454690][T11769]  </TASK>
[  426.636617][    C1] vkms_vblank_simulate: vblank timer overrun
[  427.513104][ T5837] Bluetooth: hci5: command tx timeout
[  427.781346][T11791] program syz.5.1505 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  428.642272][ T5140] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  428.652379][ T5140] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  428.661602][ T5140] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  428.670046][ T5140] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  428.679625][ T5140] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  428.978563][T11806] chnl_net:caif_netlink_parms(): no params data found
[  429.234493][T11806] bridge0: port 1(bridge_slave_0) entered blocking state
[  429.241900][T11806] bridge0: port 1(bridge_slave_0) entered disabled state
[  429.256048][T11806] bridge_slave_0: entered allmulticast mode
[  429.264884][T11806] bridge_slave_0: entered promiscuous mode
[  429.276172][T11806] bridge0: port 2(bridge_slave_1) entered blocking state
[  429.294441][T11806] bridge0: port 2(bridge_slave_1) entered disabled state
[  429.317528][T11806] bridge_slave_1: entered allmulticast mode
[  429.334881][T11806] bridge_slave_1: entered promiscuous mode
[  429.556255][T11806] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  429.594323][ T5140] Bluetooth: hci5: command tx timeout
[  429.609091][T11806] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  429.819951][T11806] team0: Port device team_slave_0 added
[  429.877918][T11806] team0: Port device team_slave_1 added
[  430.157987][T11806] batman_adv: batadv0: Adding interface: batadv_slave_0
[  430.165077][T11806] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  430.295014][T11806] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  430.324940][T11806] batman_adv: batadv0: Adding interface: batadv_slave_1
[  430.336615][T11806] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  430.364504][T11806] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  430.613925][T11806] hsr_slave_0: entered promiscuous mode
[  430.620819][T11806] hsr_slave_1: entered promiscuous mode
[  430.631851][T11806] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  430.639680][T11806] Cannot create hsr debugfs directory
[  430.713111][ T5140] Bluetooth: hci6: command tx timeout
[  430.717596][T11837] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1516'.
[  431.127285][T11806] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  431.158933][T11806] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  431.191830][T11806] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  431.286305][T11806] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  431.654630][T11849] sd 0:0:1:0: PR command failed: 1026
[  431.692667][T11806] 8021q: adding VLAN 0 to HW filter on device bond0
[  431.699945][T11849] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  431.751673][T11806] 8021q: adding VLAN 0 to HW filter on device team0
[  431.764822][T11852] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1519'.
[  431.797709][T11852] netlink: 13 bytes leftover after parsing attributes in process `syz.4.1519'.
[  431.852695][T11849] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  431.881780][T11216] bridge0: port 1(bridge_slave_0) entered blocking state
[  431.885499][T11848] zswap: compressor  not available
[  431.889113][T11216] bridge0: port 1(bridge_slave_0) entered forwarding state
[  431.976644][T11216] bridge0: port 2(bridge_slave_1) entered blocking state
[  431.983992][T11216] bridge0: port 2(bridge_slave_1) entered forwarding state
[  432.728907][T11806] 8021q: adding VLAN 0 to HW filter on device batadv0
[  432.799653][ T5140] Bluetooth: hci6: command tx timeout
[  433.227252][ T5837] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  433.245075][ T5837] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  433.254103][ T5837] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  433.266710][ T5837] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  433.283624][ T5837] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  433.832627][T11806] veth0_vlan: entered promiscuous mode
[  433.874961][T11806] veth1_vlan: entered promiscuous mode
[  434.301614][T11806] veth0_macvtap: entered promiscuous mode
[  434.420634][T11806] veth1_macvtap: entered promiscuous mode
[  434.521455][T11806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  434.543075][T11806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  434.567870][T11806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  434.584773][T11806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  434.603068][T11806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  434.673207][T11806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  434.688307][T11806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  434.720320][T11806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  434.743205][T11806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  434.757952][T11806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  434.783057][T11806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  434.798291][T11806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  434.824971][T11806] batman_adv: batadv0: Interface activated: batadv_slave_0
[  434.851085][T11873] chnl_net:caif_netlink_parms(): no params data found
[  434.873260][ T5837] Bluetooth: hci6: command tx timeout
[  435.007367][T11806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  435.047399][T11806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  435.078732][T11806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  435.090633][T11806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  435.107544][T11806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  435.120686][T11806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  435.141145][T11806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  435.203084][T11806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  435.267603][T11806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  435.334484][T11806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  435.345898][T11806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  435.353369][ T5837] Bluetooth: hci7: command tx timeout
[  435.390250][T11806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  435.407414][T11806] batman_adv: batadv0: Interface activated: batadv_slave_1
[  435.582306][T11806] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  435.617186][T11906] sd 0:0:1:0: PR command failed: 1026
[  435.628514][T11906] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  435.636965][T11906] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  435.658887][T11806] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  435.688700][T11806] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  435.743161][T11806] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  436.103993][T11873] bridge0: port 1(bridge_slave_0) entered blocking state
[  436.111153][T11873] bridge0: port 1(bridge_slave_0) entered disabled state
[  436.151119][T11873] bridge_slave_0: entered allmulticast mode
[  436.160426][T11873] bridge_slave_0: entered promiscuous mode
[  436.215267][T11915] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1529'.
[  436.265881][T11873] bridge0: port 2(bridge_slave_1) entered blocking state
[  436.273352][T11873] bridge0: port 2(bridge_slave_1) entered disabled state
[  436.280714][T11873] bridge_slave_1: entered allmulticast mode
[  436.289443][T11873] bridge_slave_1: entered promiscuous mode
[  436.314638][T11917] netlink: 13 bytes leftover after parsing attributes in process `syz.5.1529'.
[  436.409373][T11908] zswap: compressor  not available
[  436.954782][ T5837] Bluetooth: hci6: command tx timeout
[  437.175777][T11873] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  437.224649][T11207] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  437.232521][T11207] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  437.318699][T11873] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  437.433841][ T5837] Bluetooth: hci7: command tx timeout
[  437.714359][T11873] team0: Port device team_slave_0 added
[  437.726253][T11873] team0: Port device team_slave_1 added
[  437.882490][T11873] batman_adv: batadv0: Adding interface: batadv_slave_0
[  437.897296][T11207] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  437.913652][T11873] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  437.915135][T11207] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  437.969826][T11873] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  437.991586][T11873] batman_adv: batadv0: Adding interface: batadv_slave_1
[  437.998982][T11873] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  438.002275][T11925] netlink: 'syz.4.1531': attribute type 3 has an invalid length.
[  438.041547][T11873] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  438.044134][T11925] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1531'.
[  438.147033][T11873] hsr_slave_0: entered promiscuous mode
[  438.158404][T11873] hsr_slave_1: entered promiscuous mode
[  438.175188][T11873] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  438.184243][T11873] Cannot create hsr debugfs directory
[  438.458535][T11930] netlink: 266 bytes leftover after parsing attributes in process `syz.6.1509'.
[  438.484255][T11930] IPv6: NLM_F_CREATE should be specified when creating new route
[  438.622751][T11933] FAULT_INJECTION: forcing a failure.
[  438.622751][T11933] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  438.669046][T11933] CPU: 0 UID: 0 PID: 11933 Comm: syz.5.1533 Tainted: G     U              6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) 
[  438.669100][T11933] Tainted: [U]=USER
[  438.669110][T11933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  438.669130][T11933] Call Trace:
[  438.669140][T11933]  <TASK>
[  438.669153][T11933]  dump_stack_lvl+0x16c/0x1f0
[  438.669202][T11933]  should_fail_ex+0x512/0x640
[  438.669255][T11933]  should_fail_alloc_page+0xe7/0x130
[  438.669298][T11933]  prepare_alloc_pages+0x3c2/0x610
[  438.669347][T11933]  ? __lock_acquire+0xaa4/0x1ba0
[  438.669392][T11933]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  438.669453][T11933]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  438.669491][T11933]  ? do_raw_spin_lock+0x12c/0x2b0
[  438.669538][T11933]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  438.669587][T11933]  ? find_held_lock+0x2b/0x80
[  438.669630][T11933]  ? __lock_acquire+0xaa4/0x1ba0
[  438.669671][T11933]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  438.669717][T11933]  ? policy_nodemask+0xea/0x4e0
[  438.669761][T11933]  alloc_pages_mpol+0x1fb/0x550
[  438.669813][T11933]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  438.669865][T11933]  folio_alloc_mpol_noprof+0x36/0x2f0
[  438.669915][T11933]  shmem_alloc_folio+0x135/0x160
[  438.669990][T11933]  shmem_alloc_and_add_folio+0x499/0xc20
[  438.670039][T11933]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  438.670084][T11933]  ? shmem_allowable_huge_orders+0xcb/0x2f0
[  438.670132][T11933]  shmem_get_folio_gfp+0x687/0x1530
[  438.670181][T11933]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  438.670223][T11933]  ? __pfx_timestamp_truncate+0x10/0x10
[  438.670263][T11933]  shmem_fault+0x1fe/0xa30
[  438.670303][T11933]  ? __pfx_shmem_fault+0x10/0x10
[  438.670349][T11933]  ? __pfx___up_read+0x10/0x10
[  438.670407][T11933]  ? __pfx_filemap_map_pages+0x10/0x10
[  438.670446][T11933]  __do_fault+0x10a/0x490
[  438.670488][T11933]  ? __pfx_filemap_map_pages+0x10/0x10
[  438.670527][T11933]  do_pte_missing+0x1a6/0x3fb0
[  438.670563][T11933]  ? __handle_mm_fault+0x1010/0x2a40
[  438.670601][T11933]  __handle_mm_fault+0x103d/0x2a40
[  438.670647][T11933]  ? __pfx___handle_mm_fault+0x10/0x10
[  438.670678][T11933]  ? __pte_offset_map_lock+0x155/0x2f0
[  438.670724][T11933]  ? find_held_lock+0x2b/0x80
[  438.670752][T11933]  ? find_held_lock+0x2b/0x80
[  438.670810][T11933]  handle_mm_fault+0x3fe/0xad0
[  438.670848][T11933]  __get_user_pages+0x771/0x36f0
[  438.670912][T11933]  ? __pfx___get_user_pages+0x10/0x10
[  438.670970][T11933]  ? __pfx_down_read_killable+0x10/0x10
[  438.671018][T11933]  ? __lock_acquire+0xaa4/0x1ba0
[  438.671068][T11933]  faultin_page_range+0x249/0x980
[  438.671108][T11933]  madvise_do_behavior+0x233/0x3b0
[  438.671156][T11933]  ? __pfx_madvise_do_behavior+0x10/0x10
[  438.671227][T11933]  do_madvise+0x10b/0x170
[  438.671273][T11933]  __x64_sys_madvise+0xa9/0x110
[  438.671315][T11933]  ? lockdep_hardirqs_on+0x7c/0x110
[  438.671356][T11933]  do_syscall_64+0xcd/0x230
[  438.671404][T11933]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  438.671436][T11933] RIP: 0033:0x7fd0e518e969
[  438.671462][T11933] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  438.671493][T11933] RSP: 002b:00007fd0e2ff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  438.671521][T11933] RAX: ffffffffffffffda RBX: 00007fd0e53b5fa0 RCX: 00007fd0e518e969
[  438.671541][T11933] RDX: 0000000000000017 RSI: 00000000002003f0 RDI: 0000000000000000
[  438.671559][T11933] RBP: 00007fd0e5210ab1 R08: 0000000000000000 R09: 0000000000000000
[  438.671577][T11933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  438.671594][T11933] R13: 0000000000000000 R14: 00007fd0e53b5fa0 R15: 00007ffd582e96f8
[  438.671632][T11933]  </TASK>
[  439.162693][T11873] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  439.249219][T11873] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  439.278360][T11873] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  439.297372][T11873] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  439.417738][T11873] 8021q: adding VLAN 0 to HW filter on device bond0
[  439.446640][T11873] 8021q: adding VLAN 0 to HW filter on device team0
[  439.470538][ T3514] bridge0: port 1(bridge_slave_0) entered blocking state
[  439.477765][ T3514] bridge0: port 1(bridge_slave_0) entered forwarding state
[  439.513152][ T5837] Bluetooth: hci7: command tx timeout
[  439.530531][ T3514] bridge0: port 2(bridge_slave_1) entered blocking state
[  439.537825][ T3514] bridge0: port 2(bridge_slave_1) entered forwarding state
[  440.164107][T11873] 8021q: adding VLAN 0 to HW filter on device batadv0
[  440.924772][T11873] veth0_vlan: entered promiscuous mode
[  440.933971][T11873] veth1_vlan: entered promiscuous mode
[  441.091611][T11873] veth0_macvtap: entered promiscuous mode
[  441.124580][T11873] veth1_macvtap: entered promiscuous mode
[  441.165129][T11873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  441.190983][T11873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.211831][T11873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  441.229171][T11873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.239124][T11873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  441.252250][T11873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.262612][T11873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  441.273293][T11873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.288369][T11873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  441.299904][T11873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.310233][T11873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  441.321723][T11873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.332099][T11873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  441.343160][T11873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.369849][T11873] batman_adv: batadv0: Interface activated: batadv_slave_0
[  441.400033][T11873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  441.417647][T11873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.433274][T11873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  441.451075][T11873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.462065][T11873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  441.481477][T11873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.494984][T11873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  441.516654][T11873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.531794][T11873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  441.548004][T11873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.566247][T11873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  441.581589][T11873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.593336][ T5837] Bluetooth: hci7: command tx timeout
[  441.609768][T11873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  441.632999][T11873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.652672][T11873] batman_adv: batadv0: Interface activated: batadv_slave_1
[  441.670771][T11873] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  441.681878][T11873] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  441.695107][T11873] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  441.711056][T11873] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  441.888639][T11216] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  441.913968][T11216] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  441.981728][   T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  441.999631][   T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  443.483040][T11987] sd 0:0:1:0: PR command failed: 1026
[  443.490612][T11987] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  443.497731][T11987] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  443.595683][T11992] netlink: 'syz.4.1542': attribute type 1 has an invalid length.
[  444.846937][T12003] FAULT_INJECTION: forcing a failure.
[  444.846937][T12003] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  444.953804][T12003] CPU: 0 UID: 0 PID: 12003 Comm: syz.4.1544 Tainted: G     U              6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) 
[  444.953857][T12003] Tainted: [U]=USER
[  444.953867][T12003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  444.953885][T12003] Call Trace:
[  444.953895][T12003]  <TASK>
[  444.953907][T12003]  dump_stack_lvl+0x16c/0x1f0
[  444.953956][T12003]  should_fail_ex+0x512/0x640
[  444.954008][T12003]  should_fail_alloc_page+0xe7/0x130
[  444.954050][T12003]  prepare_alloc_pages+0x3c2/0x610
[  444.954099][T12003]  ? rcu_is_watching+0x12/0xc0
[  444.954133][T12003]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  444.954193][T12003]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  444.954232][T12003]  ? do_raw_spin_lock+0x12c/0x2b0
[  444.954284][T12003]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  444.954333][T12003]  ? find_held_lock+0x2b/0x80
[  444.954376][T12003]  ? __lock_acquire+0xaa4/0x1ba0
[  444.954416][T12003]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  444.954463][T12003]  ? policy_nodemask+0xea/0x4e0
[  444.954505][T12003]  alloc_pages_mpol+0x1fb/0x550
[  444.954547][T12003]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  444.954599][T12003]  folio_alloc_mpol_noprof+0x36/0x2f0
[  444.954654][T12003]  shmem_alloc_folio+0x135/0x160
[  444.954711][T12003]  shmem_alloc_and_add_folio+0x499/0xc20
[  444.954761][T12003]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  444.954812][T12003]  ? shmem_allowable_huge_orders+0xcb/0x2f0
[  444.954855][T12003]  shmem_get_folio_gfp+0x687/0x1530
[  444.954902][T12003]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  444.954942][T12003]  ? __pfx_timestamp_truncate+0x10/0x10
[  444.954983][T12003]  shmem_fault+0x1fe/0xa30
[  444.955021][T12003]  ? __pfx_shmem_fault+0x10/0x10
[  444.955065][T12003]  ? __pfx___up_read+0x10/0x10
[  444.955122][T12003]  ? __pfx_filemap_map_pages+0x10/0x10
[  444.955159][T12003]  __do_fault+0x10a/0x490
[  444.955200][T12003]  ? __pfx_filemap_map_pages+0x10/0x10
[  444.955238][T12003]  do_pte_missing+0x1a6/0x3fb0
[  444.955274][T12003]  ? __handle_mm_fault+0x1010/0x2a40
[  444.955311][T12003]  __handle_mm_fault+0x103d/0x2a40
[  444.955355][T12003]  ? __pfx___handle_mm_fault+0x10/0x10
[  444.955384][T12003]  ? __pte_offset_map_lock+0x155/0x2f0
[  444.955428][T12003]  ? find_held_lock+0x2b/0x80
[  444.955455][T12003]  ? find_held_lock+0x2b/0x80
[  444.955510][T12003]  handle_mm_fault+0x3fe/0xad0
[  444.955549][T12003]  __get_user_pages+0x771/0x36f0
[  444.955616][T12003]  ? __pfx___get_user_pages+0x10/0x10
[  444.955666][T12003]  ? __pfx_down_read_killable+0x10/0x10
[  444.955714][T12003]  ? __lock_acquire+0xaa4/0x1ba0
[  444.955767][T12003]  faultin_page_range+0x249/0x980
[  444.955827][T12003]  madvise_do_behavior+0x233/0x3b0
[  444.955874][T12003]  ? __pfx_madvise_do_behavior+0x10/0x10
[  444.955944][T12003]  do_madvise+0x10b/0x170
[  444.955990][T12003]  __x64_sys_madvise+0xa9/0x110
[  444.956032][T12003]  ? lockdep_hardirqs_on+0x7c/0x110
[  444.956092][T12003]  do_syscall_64+0xcd/0x230
[  444.956139][T12003]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  444.956172][T12003] RIP: 0033:0x7f0d0af8e969
[  444.956197][T12003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  444.956231][T12003] RSP: 002b:00007f0d0bedd038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  444.956261][T12003] RAX: ffffffffffffffda RBX: 00007f0d0b1b5fa0 RCX: 00007f0d0af8e969
[  444.956283][T12003] RDX: 0000000000000017 RSI: 00000000002003f0 RDI: 0000000000000000
[  444.956304][T12003] RBP: 00007f0d0b010ab1 R08: 0000000000000000 R09: 0000000000000000
[  444.956323][T12003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  444.956355][T12003] R13: 0000000000000000 R14: 00007f0d0b1b5fa0 R15: 00007ffde674da68
[  444.956395][T12003]  </TASK>
[  445.384185][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  445.390578][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  445.711544][T12009] vcan0: tx drop: invalid da for name 0xffffffff00000000
[  447.732397][T12039] HfR: entered promiscuous mode
[  447.897112][T12039] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1556'.
[  447.982609][T12039] HfR: left promiscuous mode
[  449.758607][T12056] Invalid ELF header magic: != ELF
[  452.943221][T12102] netlink: 338 bytes leftover after parsing attributes in process `syz.6.1575'.
[  452.943640][T12104] netlink: 342 bytes leftover after parsing attributes in process `syz.6.1575'.
[  454.136632][T12115] ima: policy update failed
[  454.141462][   T30] audit: type=1802 audit(4294968603.085:20): pid=12115 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.6.1577" res=0 errno=0
[  455.131011][T12134] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1582'.
[  455.749254][T12140] FAULT_INJECTION: forcing a failure.
[  455.749254][T12140] name fail_futex, interval 1, probability 0, space 0, times 0
[  455.803148][T12140] CPU: 1 UID: 0 PID: 12140 Comm: syz.5.1586 Tainted: G     U              6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) 
[  455.803198][T12140] Tainted: [U]=USER
[  455.803208][T12140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  455.803225][T12140] Call Trace:
[  455.803234][T12140]  <TASK>
[  455.803245][T12140]  dump_stack_lvl+0x16c/0x1f0
[  455.803289][T12140]  should_fail_ex+0x512/0x640
[  455.803352][T12140]  get_futex_key+0x1c2/0x1000
[  455.803387][T12140]  ? __pfx_get_futex_key+0x10/0x10
[  455.803432][T12140]  futex_wake+0xe7/0x4e0
[  455.803468][T12140]  ? rcu_is_watching+0x12/0xc0
[  455.803499][T12140]  ? __pfx_futex_wake+0x10/0x10
[  455.803553][T12140]  do_futex+0x1e3/0x350
[  455.803587][T12140]  ? __pfx_do_futex+0x10/0x10
[  455.803617][T12140]  ? __might_fault+0xe3/0x190
[  455.803661][T12140]  mm_release+0x24e/0x300
[  455.803696][T12140]  do_exit+0x898/0x2c30
[  455.803736][T12140]  ? __pfx_futex_wake_mark+0x10/0x10
[  455.803782][T12140]  ? __pfx_do_exit+0x10/0x10
[  455.803823][T12140]  ? do_raw_spin_lock+0x12c/0x2b0
[  455.803867][T12140]  ? find_held_lock+0x2b/0x80
[  455.803902][T12140]  do_group_exit+0xd3/0x2a0
[  455.803947][T12140]  get_signal+0x2673/0x26d0
[  455.803997][T12140]  ? __pfx_get_signal+0x10/0x10
[  455.804032][T12140]  ? do_futex+0x122/0x350
[  455.804066][T12140]  ? __pfx_do_futex+0x10/0x10
[  455.804101][T12140]  arch_do_signal_or_restart+0x8f/0x7a0
[  455.804154][T12140]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  455.804207][T12140]  ? kfree+0x2b6/0x4d0
[  455.804252][T12140]  ? __x64_sys_kexec_load+0x1ca/0x230
[  455.804309][T12140]  syscall_exit_to_user_mode+0x150/0x2a0
[  455.804354][T12140]  do_syscall_64+0xda/0x230
[  455.804400][T12140]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  455.804432][T12140] RIP: 0033:0x7fd0e518e969
[  455.804456][T12140] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  455.804485][T12140] RSP: 002b:00007fd0e2ff60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  455.804525][T12140] RAX: fffffffffffffe00 RBX: 00007fd0e53b5fa8 RCX: 00007fd0e518e969
[  455.804544][T12140] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fd0e53b5fa8
[  455.804562][T12140] RBP: 00007fd0e53b5fa0 R08: 0000000000000000 R09: 0000000000000000
[  455.804579][T12140] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd0e53b5fac
[  455.804596][T12140] R13: 0000000000000000 R14: 00007ffd582e9610 R15: 00007ffd582e96f8
[  455.804634][T12140]  </TASK>
[  456.619737][T12156] FAULT_INJECTION: forcing a failure.
[  456.619737][T12156] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  456.672329][T12156] CPU: 1 UID: 0 PID: 12156 Comm: syz.4.1592 Tainted: G     U              6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) 
[  456.672380][T12156] Tainted: [U]=USER
[  456.672391][T12156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  456.672409][T12156] Call Trace:
[  456.672419][T12156]  <TASK>
[  456.672431][T12156]  dump_stack_lvl+0x16c/0x1f0
[  456.672478][T12156]  should_fail_ex+0x512/0x640
[  456.672528][T12156]  _copy_to_iter+0x477/0x15a0
[  456.672583][T12156]  ? __pfx__copy_to_iter+0x10/0x10
[  456.672627][T12156]  ? vlan_seq_from_index+0x189/0x230
[  456.672668][T12156]  ? find_held_lock+0x2b/0x80
[  456.672698][T12156]  ? vlan_seq_stop+0x31/0xb0
[  456.672742][T12156]  seq_read_iter+0xcf8/0x12c0
[  456.672805][T12156]  seq_read+0x39e/0x4e0
[  456.672851][T12156]  ? __pfx_seq_read+0x10/0x10
[  456.672911][T12156]  ? get_pid_task+0xfc/0x250
[  456.672984][T12156]  ? __pfx_seq_read+0x10/0x10
[  456.673024][T12156]  proc_reg_read+0x23d/0x330
[  456.673053][T12156]  ? __pfx_proc_reg_read+0x10/0x10
[  456.673085][T12156]  vfs_read+0x1de/0xc70
[  456.673119][T12156]  ? __pfx___mutex_lock+0x10/0x10
[  456.673160][T12156]  ? __pfx_vfs_read+0x10/0x10
[  456.673199][T12156]  ? __fget_files+0x20e/0x3c0
[  456.673258][T12156]  ksys_read+0x12a/0x240
[  456.673286][T12156]  ? __pfx_ksys_read+0x10/0x10
[  456.673330][T12156]  ? rcu_is_watching+0x12/0xc0
[  456.673371][T12156]  do_syscall_64+0xcd/0x230
[  456.673418][T12156]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  456.673450][T12156] RIP: 0033:0x7f0d0af8e969
[  456.673473][T12156] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  456.673504][T12156] RSP: 002b:00007f0d0bedd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  456.673533][T12156] RAX: ffffffffffffffda RBX: 00007f0d0b1b5fa0 RCX: 00007f0d0af8e969
[  456.673552][T12156] RDX: 0000000000000fec RSI: 0000200000001180 RDI: 0000000000000003
[  456.673569][T12156] RBP: 00007f0d0bedd090 R08: 0000000000000000 R09: 0000000000000000
[  456.673585][T12156] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  456.673602][T12156] R13: 0000000000000000 R14: 00007f0d0b1b5fa0 R15: 00007ffde674da68
[  456.673641][T12156]  </TASK>
[  457.045328][T12157] FAULT_INJECTION: forcing a failure.
[  457.045328][T12157] name failslab, interval 1, probability 0, space 0, times 0
[  457.058107][T12157] CPU: 0 UID: 0 PID: 12157 Comm: syz.5.1593 Tainted: G     U              6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) 
[  457.058159][T12157] Tainted: [U]=USER
[  457.058169][T12157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  457.058186][T12157] Call Trace:
[  457.058196][T12157]  <TASK>
[  457.058207][T12157]  dump_stack_lvl+0x116/0x1f0
[  457.058255][T12157]  should_fail_ex+0x512/0x640
[  457.058306][T12157]  should_failslab+0xc2/0x120
[  457.058344][T12157]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  457.058380][T12157]  ? __send_signal_locked+0x159/0x12c0
[  457.058436][T12157]  __send_signal_locked+0x159/0x12c0
[  457.058486][T12157]  ? __lock_task_sighand+0x146/0x340
[  457.058538][T12157]  do_send_specific+0x1e8/0x370
[  457.058577][T12157]  ? __pfx_do_send_specific+0x10/0x10
[  457.058615][T12157]  ? __task_pid_nr_ns+0x17c/0x500
[  457.058669][T12157]  do_rt_tgsigqueueinfo+0xa9/0x100
[  457.058712][T12157]  __x64_sys_rt_tgsigqueueinfo+0x17a/0x210
[  457.058761][T12157]  ? __pfx___x64_sys_rt_tgsigqueueinfo+0x10/0x10
[  457.058802][T12157]  ? xfd_validate_state+0x5d/0x180
[  457.058870][T12157]  do_syscall_64+0xcd/0x230
[  457.058917][T12157]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  457.058948][T12157] RIP: 0033:0x7fd0e518e969
[  457.058972][T12157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  457.059002][T12157] RSP: 002b:00007fd0e2ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000129
[  457.059039][T12157] RAX: ffffffffffffffda RBX: 00007fd0e53b5fa0 RCX: 00007fd0e518e969
[  457.059060][T12157] RDX: 0000000000000021 RSI: 0000000000000083 RDI: 0000000000000082
[  457.059077][T12157] RBP: 00007fd0e5210ab1 R08: 0000000000000000 R09: 0000000000000000
[  457.059096][T12157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  457.059113][T12157] R13: 0000000000000000 R14: 00007fd0e53b5fa0 R15: 00007ffd582e96f8
[  457.059154][T12157]  </TASK>
[  457.251658][    C0] vkms_vblank_simulate: vblank timer overrun
[  457.963882][T12174] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1598'.
[  458.971531][T12193] FAULT_INJECTION: forcing a failure.
[  458.971531][T12193] name failslab, interval 1, probability 0, space 0, times 0
[  459.071580][T12193] CPU: 0 UID: 0 PID: 12193 Comm: syz.6.1604 Tainted: G     U              6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) 
[  459.071637][T12193] Tainted: [U]=USER
[  459.071648][T12193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  459.071668][T12193] Call Trace:
[  459.071678][T12193]  <TASK>
[  459.071690][T12193]  dump_stack_lvl+0x16c/0x1f0
[  459.071762][T12193]  should_fail_ex+0x512/0x640
[  459.071807][T12193]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  459.071849][T12193]  should_failslab+0xc2/0x120
[  459.071888][T12193]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  459.071927][T12193]  ? alloc_inode+0xc3/0x240
[  459.071978][T12193]  alloc_inode+0xc3/0x240
[  459.072016][T12193]  alloc_anon_inode+0x28/0x3e0
[  459.072071][T12193]  secretmem_file_create.constprop.0+0x4d/0x2c0
[  459.072117][T12193]  __x64_sys_memfd_secret+0xc5/0x1a0
[  459.072157][T12193]  do_syscall_64+0xcd/0x230
[  459.072203][T12193]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  459.072235][T12193] RIP: 0033:0x7fc9c498e969
[  459.072259][T12193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  459.072291][T12193] RSP: 002b:00007fc9c578f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bf
[  459.072321][T12193] RAX: ffffffffffffffda RBX: 00007fc9c4bb5fa0 RCX: 00007fc9c498e969
[  459.072342][T12193] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  459.072359][T12193] RBP: 00007fc9c4a10ab1 R08: 0000000000000000 R09: 0000000000000000
[  459.072377][T12193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  459.072404][T12193] R13: 0000000000000000 R14: 00007fc9c4bb5fa0 R15: 00007ffd2309a8d8
[  459.072452][T12193]  </TASK>
[  459.243481][    C0] vkms_vblank_simulate: vblank timer overrun
[  459.453133][T12185] Falling back ldisc for ttyS2.
[  460.013289][T12205] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1606'.
[  463.152235][T12277] FAULT_INJECTION: forcing a failure.
[  463.152235][T12277] name failslab, interval 1, probability 0, space 0, times 0
[  463.183231][T12277] CPU: 1 UID: 0 PID: 12277 Comm: syz.7.1627 Tainted: G     U              6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) 
[  463.183286][T12277] Tainted: [U]=USER
[  463.183298][T12277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  463.183316][T12277] Call Trace:
[  463.183326][T12277]  <TASK>
[  463.183355][T12277]  dump_stack_lvl+0x16c/0x1f0
[  463.183404][T12277]  should_fail_ex+0x512/0x640
[  463.183446][T12277]  ? __kmalloc_noprof+0xbf/0x510
[  463.183484][T12277]  ? memcg_list_lru_alloc+0x4e9/0x740
[  463.183522][T12277]  should_failslab+0xc2/0x120
[  463.183562][T12277]  __kmalloc_noprof+0xd2/0x510
[  463.183594][T12277]  ? __lock_acquire+0x5ca/0x1ba0
[  463.183654][T12277]  memcg_list_lru_alloc+0x4e9/0x740
[  463.183706][T12277]  ? __pfx_memcg_list_lru_alloc+0x10/0x10
[  463.183758][T12277]  ? get_mem_cgroup_from_objcg+0xd3/0x330
[  463.183816][T12277]  __memcg_slab_post_alloc_hook+0x131/0x940
[  463.183865][T12277]  ? kasan_save_track+0x14/0x30
[  463.183903][T12277]  kmem_cache_alloc_lru_noprof+0x30f/0x3b0
[  463.183942][T12277]  ? alloc_inode+0xc3/0x240
[  463.183988][T12277]  alloc_inode+0xc3/0x240
[  463.184027][T12277]  alloc_anon_inode+0x28/0x3e0
[  463.184081][T12277]  secretmem_file_create.constprop.0+0x4d/0x2c0
[  463.184129][T12277]  __x64_sys_memfd_secret+0xc5/0x1a0
[  463.184168][T12277]  do_syscall_64+0xcd/0x230
[  463.184216][T12277]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  463.184248][T12277] RIP: 0033:0x7f9f2078e969
[  463.184274][T12277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  463.184305][T12277] RSP: 002b:00007f9f21565038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bf
[  463.184335][T12277] RAX: ffffffffffffffda RBX: 00007f9f209b5fa0 RCX: 00007f9f2078e969
[  463.184356][T12277] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  463.184375][T12277] RBP: 00007f9f20810ab1 R08: 0000000000000000 R09: 0000000000000000
[  463.184394][T12277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  463.184413][T12277] R13: 0000000000000000 R14: 00007f9f209b5fa0 R15: 00007ffe31bb6978
[  463.184454][T12277]  </TASK>
[  465.543344][T12304] CIFS mount error: No usable UNC path provided in device string!
[  465.543344][T12304] 
[  465.563597][T12304] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  467.550321][T12329] Falling back ldisc for ttyS2.
[  467.765718][T12348] FAULT_INJECTION: forcing a failure.
[  467.765718][T12348] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  467.783163][T12348] CPU: 0 UID: 0 PID: 12348 Comm: syz.5.1645 Tainted: G     U              6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) 
[  467.783210][T12348] Tainted: [U]=USER
[  467.783219][T12348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  467.783235][T12348] Call Trace:
[  467.783245][T12348]  <TASK>
[  467.783255][T12348]  dump_stack_lvl+0x16c/0x1f0
[  467.783301][T12348]  should_fail_ex+0x512/0x640
[  467.783370][T12348]  should_fail_alloc_page+0xe7/0x130
[  467.783413][T12348]  prepare_alloc_pages+0x3c2/0x610
[  467.783469][T12348]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  467.783511][T12348]  ? rcu_is_watching+0x12/0xc0
[  467.783539][T12348]  ? trace_mm_page_alloc+0x11f/0x1a0
[  467.783583][T12348]  ? __alloc_frozen_pages_noprof+0x298/0x23a0
[  467.783622][T12348]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  467.783660][T12348]  ? __pfx___might_resched+0x10/0x10
[  467.783704][T12348]  ? rcu_is_watching+0x12/0xc0
[  467.783732][T12348]  ? trace_mm_page_alloc+0x11f/0x1a0
[  467.783776][T12348]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  467.783822][T12348]  ? policy_nodemask+0xea/0x4e0
[  467.783864][T12348]  alloc_pages_mpol+0x1fb/0x550
[  467.783905][T12348]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  467.783956][T12348]  alloc_pages_noprof+0x131/0x390
[  467.783995][T12348]  kimage_alloc_pages+0x75/0x300
[  467.784040][T12348]  ? __pfx_alloc_pgt_page+0x10/0x10
[  467.784093][T12348]  kimage_alloc_control_pages+0x15d/0x910
[  467.784143][T12348]  ? __pfx_kimage_alloc_control_pages+0x10/0x10
[  467.784190][T12348]  ? __pfx_alloc_pgt_page+0x10/0x10
[  467.784229][T12348]  alloc_pgt_page+0x17/0x60
[  467.784265][T12348]  kernel_ident_mapping_init+0x1c9/0x380
[  467.784313][T12348]  machine_kexec_prepare+0x32e/0xf90
[  467.784363][T12348]  ? __pfx_machine_kexec_prepare+0x10/0x10
[  467.784411][T12348]  ? __pfx_alloc_pgt_page+0x10/0x10
[  467.784471][T12348]  do_kexec_load+0x664/0x8d0
[  467.784519][T12348]  ? __pfx_do_kexec_load+0x10/0x10
[  467.784567][T12348]  ? _copy_from_user+0x59/0xd0
[  467.784629][T12348]  __x64_sys_kexec_load+0x1bf/0x230
[  467.784680][T12348]  do_syscall_64+0xcd/0x230
[  467.784725][T12348]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  467.784756][T12348] RIP: 0033:0x7fd0e518e969
[  467.784780][T12348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  467.784809][T12348] RSP: 002b:00007fd0e2ff6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6
[  467.784838][T12348] RAX: ffffffffffffffda RBX: 00007fd0e53b5fa0 RCX: 00007fd0e518e969
[  467.784858][T12348] RDX: 0000200000000080 RSI: 0000000000000002 RDI: 00000000000000ff
[  467.784877][T12348] RBP: 00007fd0e5210ab1 R08: 0000000000000000 R09: 0000000000000000
[  467.784894][T12348] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000
[  467.784913][T12348] R13: 0000000000000000 R14: 00007fd0e53b5fa0 R15: 00007ffd582e96f8
[  467.784950][T12348]  </TASK>
[  468.075171][    C0] vkms_vblank_simulate: vblank timer overrun
[  469.059620][T12367] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1651'.
[  469.079753][T12364] ima: policy update failed
[  469.098172][   T30] audit: type=1802 audit(4294968628.041:21): pid=12364 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.5.1651" res=0 errno=0
[  470.417506][T12393] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1661'.
[  471.445047][T12390] Falling back ldisc for ttyS2.
[  472.943841][T12424] FAULT_INJECTION: forcing a failure.
[  472.943841][T12424] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  472.965475][T12424] CPU: 0 UID: 0 PID: 12424 Comm: syz.7.1670 Tainted: G     U              6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) 
[  472.965538][T12424] Tainted: [U]=USER
[  472.965549][T12424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  472.965566][T12424] Call Trace:
[  472.965575][T12424]  <TASK>
[  472.965586][T12424]  dump_stack_lvl+0x16c/0x1f0
[  472.965631][T12424]  should_fail_ex+0x512/0x640
[  472.965680][T12424]  should_fail_alloc_page+0xe7/0x130
[  472.965719][T12424]  prepare_alloc_pages+0x3c2/0x610
[  472.965795][T12424]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  472.965853][T12424]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  472.965893][T12424]  ? is_bpf_text_address+0x8a/0x1a0
[  472.965930][T12424]  ? bpf_ksym_find+0x124/0x1c0
[  472.965982][T12424]  ? is_bpf_text_address+0x94/0x1a0
[  472.966019][T12424]  ? kernel_text_address+0x8d/0x100
[  472.966074][T12424]  ? __kernel_text_address+0xd/0x40
[  472.966121][T12424]  ? unwind_get_return_address+0x59/0xa0
[  472.966156][T12424]  ? arch_stack_walk+0xa6/0x100
[  472.966190][T12424]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  472.966234][T12424]  ? policy_nodemask+0xea/0x4e0
[  472.966274][T12424]  alloc_pages_mpol+0x1fb/0x550
[  472.966314][T12424]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  472.966352][T12424]  ? __lock_acquire+0x5ca/0x1ba0
[  472.966399][T12424]  folio_alloc_mpol_noprof+0x36/0x2f0
[  472.966443][T12424]  vma_alloc_folio_noprof+0xed/0x1e0
[  472.966485][T12424]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  472.966541][T12424]  do_pte_missing+0x223d/0x3fb0
[  472.966586][T12424]  __handle_mm_fault+0x103d/0x2a40
[  472.966630][T12424]  ? __pfx___handle_mm_fault+0x10/0x10
[  472.966685][T12424]  ? find_vma+0xbf/0x140
[  472.966726][T12424]  ? __pfx_find_vma+0x10/0x10
[  472.966772][T12424]  handle_mm_fault+0x3fe/0xad0
[  472.966804][T12424]  do_user_addr_fault+0x7a6/0x1370
[  472.966838][T12424]  ? rcu_is_watching+0x12/0xc0
[  472.966870][T12424]  exc_page_fault+0x5c/0xc0
[  472.966909][T12424]  asm_exc_page_fault+0x26/0x30
[  472.966938][T12424] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  472.966968][T12424] Code: cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  472.966997][T12424] RSP: 0018:ffffc9000b6ff9c0 EFLAGS: 00050202
[  472.967020][T12424] RAX: 0000000000000001 RBX: 0000000000000089 RCX: 0000000000000089
[  472.967043][T12424] RDX: ffffed1007f83812 RSI: ffff88803fc1c000 RDI: 0000200000001180
[  472.967063][T12424] RBP: 0000000000000089 R08: 0000000000000000 R09: ffffed1007f83811
[  472.967081][T12424] R10: ffff88803fc1c088 R11: 0000000000000000 R12: ffffc9000b6ffbd0
[  472.967099][T12424] R13: 0000000000000000 R14: ffffc9000b6ffbd8 R15: ffff88803fc1c000
[  472.967139][T12424]  _copy_to_iter+0x50c/0x15a0
[  472.967197][T12424]  ? __pfx__copy_to_iter+0x10/0x10
[  472.967240][T12424]  ? vlan_seq_from_index+0x189/0x230
[  472.967278][T12424]  ? find_held_lock+0x2b/0x80
[  472.967308][T12424]  ? vlan_seq_stop+0x31/0xb0
[  472.967351][T12424]  seq_read_iter+0xcf8/0x12c0
[  472.967416][T12424]  seq_read+0x39e/0x4e0
[  472.967460][T12424]  ? __pfx_seq_read+0x10/0x10
[  472.967511][T12424]  ? get_pid_task+0xfc/0x250
[  472.967569][T12424]  ? __pfx_seq_read+0x10/0x10
[  472.967611][T12424]  proc_reg_read+0x23d/0x330
[  472.967640][T12424]  ? __pfx_proc_reg_read+0x10/0x10
[  472.967672][T12424]  vfs_read+0x1de/0xc70
[  472.967706][T12424]  ? __pfx___mutex_lock+0x10/0x10
[  472.967747][T12424]  ? __pfx_vfs_read+0x10/0x10
[  472.967787][T12424]  ? __fget_files+0x20e/0x3c0
[  472.967846][T12424]  ksys_read+0x12a/0x240
[  472.967874][T12424]  ? __pfx_ksys_read+0x10/0x10
[  472.967899][T12424]  ? rcu_is_watching+0x12/0xc0
[  472.967938][T12424]  do_syscall_64+0xcd/0x230
[  472.967982][T12424]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  472.968010][T12424] RIP: 0033:0x7f9f2078e969
[  472.968040][T12424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  472.968069][T12424] RSP: 002b:00007f9f21565038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  472.968095][T12424] RAX: ffffffffffffffda RBX: 00007f9f209b5fa0 RCX: 00007f9f2078e969
[  472.968115][T12424] RDX: 0000000000000fec RSI: 0000200000001180 RDI: 0000000000000003
[  472.968132][T12424] RBP: 00007f9f21565090 R08: 0000000000000000 R09: 0000000000000000
[  472.968149][T12424] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  472.968165][T12424] R13: 0000000000000000 R14: 00007f9f209b5fa0 R15: 00007ffe31bb6978
[  472.968203][T12424]  </TASK>
[  473.411956][    C0] vkms_vblank_simulate: vblank timer overrun
[  473.660560][T12429] FAULT_INJECTION: forcing a failure.
[  473.660560][T12429] name fail_futex, interval 1, probability 0, space 0, times 0
[  473.754339][T12429] CPU: 1 UID: 0 PID: 12429 Comm: syz.6.1671 Tainted: G     U              6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) 
[  473.754395][T12429] Tainted: [U]=USER
[  473.754406][T12429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  473.754426][T12429] Call Trace:
[  473.754436][T12429]  <TASK>
[  473.754449][T12429]  dump_stack_lvl+0x16c/0x1f0
[  473.754509][T12429]  should_fail_ex+0x512/0x640
[  473.754561][T12429]  get_futex_key+0x49e/0x1000
[  473.754600][T12429]  ? __pfx_get_futex_key+0x10/0x10
[  473.754631][T12429]  ? dl_scaled_delta_exec+0xdb/0x2e0
[  473.754710][T12429]  futex_wait_setup+0x78/0x290
[  473.754774][T12429]  __futex_wait+0x266/0x3c0
[  473.754830][T12429]  ? __pfx___futex_wait+0x10/0x10
[  473.754869][T12429]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  473.754913][T12429]  ? __pfx_futex_wake_mark+0x10/0x10
[  473.754972][T12429]  futex_wait+0xe8/0x380
[  473.755013][T12429]  ? __pfx_futex_wait+0x10/0x10
[  473.755062][T12429]  ? __lock_acquire+0x5ca/0x1ba0
[  473.755113][T12429]  do_futex+0x229/0x350
[  473.755148][T12429]  ? __pfx_do_futex+0x10/0x10
[  473.755193][T12429]  __x64_sys_futex+0x1e0/0x4c0
[  473.755233][T12429]  ? __pfx___x64_sys_futex+0x10/0x10
[  473.755268][T12429]  ? __task_pid_nr_ns+0x17c/0x500
[  473.755322][T12429]  do_syscall_64+0xcd/0x230
[  473.755368][T12429]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  473.755400][T12429] RIP: 0033:0x7fc9c498e969
[  473.755425][T12429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  473.755458][T12429] RSP: 002b:00007fc9c578f0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  473.755486][T12429] RAX: ffffffffffffffda RBX: 00007fc9c4bb5fa8 RCX: 00007fc9c498e969
[  473.755506][T12429] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fc9c4bb5fa8
[  473.755524][T12429] RBP: 00007fc9c4bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[  473.755541][T12429] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc9c4bb5fac
[  473.755560][T12429] R13: 0000000000000000 R14: 00007ffd2309a7f0 R15: 00007ffd2309a8d8
[  473.755599][T12429]  </TASK>
[  474.944258][T12453] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1678'.
[  476.344626][T12464] CIFS mount error: No usable UNC path provided in device string!
[  476.344626][T12464] 
[  476.398950][T12464] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  477.929733][T12483] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1686'.
[  478.589825][T12494] HfR: entered promiscuous mode
[  478.921755][ T5140] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  478.931217][ T5140] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  478.940339][ T5140] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  478.948830][ T5140] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  478.956749][ T5140] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  479.563735][T12499] chnl_net:caif_netlink_parms(): no params data found
[  480.091969][T12499] bridge0: port 1(bridge_slave_0) entered blocking state
[  480.106603][T12499] bridge0: port 1(bridge_slave_0) entered disabled state
[  480.123379][T12499] bridge_slave_0: entered allmulticast mode
[  480.132193][T12499] bridge_slave_0: entered promiscuous mode
[  480.150791][T12499] bridge0: port 2(bridge_slave_1) entered blocking state
[  480.167273][T12499] bridge0: port 2(bridge_slave_1) entered disabled state
[  480.183904][T12499] bridge_slave_1: entered allmulticast mode
[  480.243124][T12499] bridge_slave_1: entered promiscuous mode
[  480.520687][T12499] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  480.576319][T12499] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  481.054763][ T5837] Bluetooth: hci8: command tx timeout
[  481.237308][T12499] team0: Port device team_slave_0 added
[  481.294870][T12499] team0: Port device team_slave_1 added
[  481.616611][T12539] FAULT_INJECTION: forcing a failure.
[  481.616611][T12539] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  481.647695][T12499] batman_adv: batadv0: Adding interface: batadv_slave_0
[  481.653028][T12539] CPU: 0 UID: 0 PID: 12539 Comm: syz.5.1702 Tainted: G     U              6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) 
[  481.653084][T12539] Tainted: [U]=USER
[  481.653096][T12539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  481.653115][T12539] Call Trace:
[  481.653127][T12539]  <TASK>
[  481.653138][T12539]  dump_stack_lvl+0x16c/0x1f0
[  481.653189][T12539]  should_fail_ex+0x512/0x640
[  481.653242][T12539]  should_fail_alloc_page+0xe7/0x130
[  481.653287][T12539]  prepare_alloc_pages+0x3c2/0x610
[  481.653356][T12539]  ? rcu_is_watching+0x12/0xc0
[  481.653393][T12539]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  481.653446][T12539]  ? stack_trace_save+0x8e/0xc0
[  481.653490][T12539]  ? __pfx_stack_trace_save+0x10/0x10
[  481.653523][T12539]  ? stack_depot_save_flags+0x28/0xa50
[  481.653574][T12539]  ? __lock_acquire+0xaa4/0x1ba0
[  481.653620][T12539]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  481.653664][T12539]  ? kasan_save_stack+0x42/0x60
[  481.653698][T12539]  ? kasan_save_stack+0x33/0x60
[  481.653730][T12539]  ? kasan_save_track+0x14/0x30
[  481.653763][T12539]  ? __kasan_kmalloc+0xaa/0xb0
[  481.653794][T12539]  ? mon_bin_open+0x1a8/0x4a0
[  481.653822][T12539]  ? chrdev_open+0x231/0x6a0
[  481.653860][T12539]  ? __x64_sys_openat+0x174/0x210
[  481.653905][T12539]  ? do_syscall_64+0xcd/0x230
[  481.653950][T12539]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  481.653994][T12539]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  481.654044][T12539]  ? policy_nodemask+0xea/0x4e0
[  481.654088][T12539]  alloc_pages_mpol+0x1fb/0x550
[  481.654133][T12539]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  481.654188][T12539]  alloc_pages_noprof+0x131/0x390
[  481.654231][T12539]  get_zeroed_page_noprof+0x14/0x50
[  481.654281][T12539]  mon_alloc_buff+0xbc/0x180
[  481.654334][T12539]  ? kasan_save_track+0x14/0x30
[  481.654373][T12539]  mon_bin_open+0x207/0x4a0
[  481.654406][T12539]  ? __pfx_mon_bin_open+0x10/0x10
[  481.654468][T12539]  chrdev_open+0x231/0x6a0
[  481.654504][T12539]  ? __pfx_apparmor_file_open+0x10/0x10
[  481.654561][T12539]  ? __pfx_chrdev_open+0x10/0x10
[  481.654601][T12539]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  481.654661][T12539]  do_dentry_open+0x741/0x1c10
[  481.654693][T12539]  ? __pfx_chrdev_open+0x10/0x10
[  481.654734][T12539]  vfs_open+0x82/0x3f0
[  481.654782][T12539]  path_openat+0x1e5e/0x2d40
[  481.654827][T12539]  ? __pfx_path_openat+0x10/0x10
[  481.654869][T12539]  do_filp_open+0x20b/0x470
[  481.654901][T12539]  ? __pfx_do_filp_open+0x10/0x10
[  481.654962][T12539]  ? alloc_fd+0x471/0x7d0
[  481.655021][T12539]  do_sys_openat2+0x11b/0x1d0
[  481.655061][T12539]  ? __pfx_do_sys_openat2+0x10/0x10
[  481.655121][T12539]  __x64_sys_openat+0x174/0x210
[  481.655169][T12539]  ? __pfx___x64_sys_openat+0x10/0x10
[  481.655220][T12539]  ? rcu_is_watching+0x12/0xc0
[  481.655265][T12539]  do_syscall_64+0xcd/0x230
[  481.655316][T12539]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  481.655351][T12539] RIP: 0033:0x7fd0e518e969
[  481.655379][T12539] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  481.655412][T12539] RSP: 002b:00007fd0e2ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  481.655444][T12539] RAX: ffffffffffffffda RBX: 00007fd0e53b5fa0 RCX: 00007fd0e518e969
[  481.655474][T12539] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  481.655497][T12539] RBP: 00007fd0e5210ab1 R08: 0000000000000000 R09: 0000000000000000
[  481.655519][T12539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  481.655540][T12539] R13: 0000000000000000 R14: 00007fd0e53b5fa0 R15: 00007ffd582e96f8
[  481.655583][T12539]  </TASK>
[  482.120793][T12499] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  482.151074][T12499] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  482.247159][T12499] batman_adv: batadv0: Adding interface: batadv_slave_1
[  482.266289][T12499] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  482.306831][T12499] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  482.646117][T12499] hsr_slave_0: entered promiscuous mode
[  482.684659][T12499] hsr_slave_1: entered promiscuous mode
[  482.691080][T12499] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  482.949453][T12499] Cannot create hsr debugfs directory
[  483.113158][ T5837] Bluetooth: hci8: command tx timeout
[  485.155539][T12499] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  485.193245][ T5837] Bluetooth: hci8: command tx timeout
[  485.222803][T12499] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  485.291337][T12499] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  485.371140][T12499] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  485.409572][T12571] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1713'.
[  485.447820][T12570] ima: policy update failed
[  485.470106][   T30] audit: type=1802 audit(4294968644.401:22): pid=12570 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.7.1713" res=0 errno=0
[  485.638728][T12499] 8021q: adding VLAN 0 to HW filter on device bond0
[  485.753013][T12499] 8021q: adding VLAN 0 to HW filter on device team0
[  485.796936][   T53] bridge0: port 1(bridge_slave_0) entered blocking state
[  485.804204][   T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[  485.845736][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[  485.853043][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[  486.109648][T12499] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  486.733247][T12499] 8021q: adding VLAN 0 to HW filter on device batadv0
[  486.916889][T12596] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1721'.
[  487.273196][ T5837] Bluetooth: hci8: command tx timeout
[  487.837742][T12499] veth0_vlan: entered promiscuous mode
[  487.895312][T12499] veth1_vlan: entered promiscuous mode
[  488.243364][T12499] veth0_macvtap: entered promiscuous mode
[  488.281095][T12499] veth1_macvtap: entered promiscuous mode
[  488.369660][T12499] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  488.438334][T12499] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  488.463055][T12499] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  488.503107][T12499] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  488.539763][T12499] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  488.560710][T12499] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  488.581048][T12499] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  488.623356][T12499] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  488.644477][T12499] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  488.673056][T12499] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  488.696736][T12499] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  488.723030][T12499] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  488.764079][T12499] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  488.783335][T12499] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  488.813048][T12499] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  488.843985][T12499] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  488.894459][T12499] batman_adv: batadv0: Interface activated: batadv_slave_0
[  489.060495][T12499] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  489.083299][T12499] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.117667][T12499] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  489.139345][T12499] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.161345][T12499] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  489.204532][T12499] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.233023][T12499] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  489.253017][T12499] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.279467][T12499] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  489.319871][T12499] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.349693][T12499] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  489.383170][T12499] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.407552][T12499] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  489.432993][T12499] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.453034][T12499] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  489.481931][T12499] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.518880][T12499] batman_adv: batadv0: Interface activated: batadv_slave_1
[  489.583948][T12499] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  489.613439][T12499] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  489.642494][T12499] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  489.683270][T12499] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  490.026808][T12634] FAULT_INJECTION: forcing a failure.
[  490.026808][T12634] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  490.109312][T12634] CPU: 0 UID: 0 PID: 12634 Comm: syz.7.1730 Tainted: G     U              6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) 
[  490.109366][T12634] Tainted: [U]=USER
[  490.109378][T12634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  490.109400][T12634] Call Trace:
[  490.109411][T12634]  <TASK>
[  490.109424][T12634]  dump_stack_lvl+0x16c/0x1f0
[  490.109474][T12634]  should_fail_ex+0x512/0x640
[  490.109523][T12634]  _copy_to_user+0x32/0xd0
[  490.109574][T12634]  simple_read_from_buffer+0xcb/0x170
[  490.109623][T12634]  proc_fail_nth_read+0x197/0x270
[  490.109669][T12634]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  490.109716][T12634]  ? rw_verify_area+0xcf/0x680
[  490.109769][T12634]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  490.109814][T12634]  vfs_read+0x1de/0xc70
[  490.109849][T12634]  ? __pfx___mutex_lock+0x10/0x10
[  490.109891][T12634]  ? __pfx_vfs_read+0x10/0x10
[  490.109944][T12634]  ? __fget_files+0x20e/0x3c0
[  490.110005][T12634]  ksys_read+0x12a/0x240
[  490.110032][T12634]  ? __pfx_ksys_read+0x10/0x10
[  490.110058][T12634]  ? rcu_is_watching+0x12/0xc0
[  490.110098][T12634]  do_syscall_64+0xcd/0x230
[  490.110142][T12634]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  490.110172][T12634] RIP: 0033:0x7f9f2078d37c
[  490.110196][T12634] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  490.110228][T12634] RSP: 002b:00007f9f21565030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  490.110256][T12634] RAX: ffffffffffffffda RBX: 00007f9f209b5fa0 RCX: 00007f9f2078d37c
[  490.110277][T12634] RDX: 000000000000000f RSI: 00007f9f215650a0 RDI: 0000000000000004
[  490.110294][T12634] RBP: 00007f9f21565090 R08: 0000000000000000 R09: 0000000000000000
[  490.110331][T12634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  490.110349][T12634] R13: 0000000000000000 R14: 00007f9f209b5fa0 R15: 00007ffe31bb6978
[  490.110391][T12634]  </TASK>
[  490.413339][   T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  490.421224][   T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  490.970171][T11216] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  490.984710][T11216] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  491.543877][T12654] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1735'.
[  493.947089][T12679] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  494.850461][T12692] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1744'.
[  494.986015][T12692] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  495.103972][T12702] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1747'.
[  495.475908][T12692] batman_adv: batadv0: Removing interface: batadv_slave_1
[  495.747528][T12701] HfR: entered promiscuous mode
[  495.765740][T12702] HfR: left promiscuous mode
[  496.566215][T12708] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  496.611699][T12708] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  496.683437][T12708] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  496.689645][T12708] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  496.751010][T12708] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  496.818161][T12708] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  496.869735][T12708] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  497.145927][ T5140] Bluetooth: hci5: unexpected event 0x3e length: 726 > 260
[  497.145972][ T5140] Bluetooth: hci5: unexpected subevent 0x0d length: 725 > 260
[  497.162434][ T5140] Bluetooth: hci5: Unknown advertising packet type: 0x7f
[  497.162533][ T5140] Bluetooth: hci5: Malformed LE Event: 0x0d
[  497.183325][T12708] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  497.414500][T12708] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  497.469826][T12708] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  497.597264][T12708] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  497.784625][T12708] Bluetooth: hci7: Opcode 0x0c1a failed: -4
[  497.842339][T12708] Bluetooth: hci7: Opcode 0x0406 failed: -4
[  497.855446][T12744] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11
[  497.883807][T12708] Bluetooth: hci7: Opcode 0x0406 failed: -4
[  497.964577][T12708] Bluetooth: hci8: Opcode 0x0c1a failed: -4
[  497.978100][T12708] Bluetooth: hci8: Opcode 0x0406 failed: -4
[  498.043123][T12708] Bluetooth: hci8: Opcode 0x0406 failed: -4
[  498.315233][ T5140] Bluetooth: hci0: command 0x0c1a tx timeout
[  498.633928][ T5140] Bluetooth: hci1: command 0x0c1a tx timeout
[  498.715957][ T5140] Bluetooth: hci3: command 0x0c1a tx timeout
[  498.730620][ T5837] Bluetooth: hci2: command 0x0c1a tx timeout
[  498.793025][ T5140] Bluetooth: hci4: command 0x040f tx timeout
[  498.873214][ T5140] Bluetooth: hci5: command 0x0c1a tx timeout
[  499.085529][T12756] sd 0:0:1:0: PR command failed: 1026
[  499.091144][T12756] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  499.098115][T12756] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  499.434811][ T5140] Bluetooth: hci6: command 0x0c1a tx timeout
[  499.845074][ T5140] Bluetooth: hci7: command 0x0c1a tx timeout
[  500.002245][ T5140] Bluetooth: hci8: command 0x0c1a tx timeout
[  500.953228][ T5140] Bluetooth: hci5: command 0x0c1a tx timeout
[  501.514487][ T5140] Bluetooth: hci6: command 0x0c1a tx timeout
[  501.914500][ T5140] Bluetooth: hci7: command 0x0c1a tx timeout
[  502.073352][ T5140] Bluetooth: hci8: command 0x0c1a tx timeout
[  502.260954][T12814] FAULT_INJECTION: forcing a failure.
[  502.260954][T12814] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  502.293056][T12814] CPU: 0 UID: 0 PID: 12814 Comm: syz.7.1770 Tainted: G     U              6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) 
[  502.293111][T12814] Tainted: [U]=USER
[  502.293121][T12814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  502.293141][T12814] Call Trace:
[  502.293152][T12814]  <TASK>
[  502.293164][T12814]  dump_stack_lvl+0x16c/0x1f0
[  502.293211][T12814]  should_fail_ex+0x512/0x640
[  502.293262][T12814]  should_fail_alloc_page+0xe7/0x130
[  502.293306][T12814]  prepare_alloc_pages+0x3c2/0x610
[  502.293372][T12814]  ? rcu_is_watching+0x12/0xc0
[  502.293407][T12814]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  502.293450][T12814]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  502.293495][T12814]  ? __lock_acquire+0xaa4/0x1ba0
[  502.293541][T12814]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  502.293588][T12814]  ? lock_acquire+0x179/0x350
[  502.293637][T12814]  ? find_next_iomem_res+0x1c6/0x4f0
[  502.293683][T12814]  ? do_raw_read_unlock+0x44/0xe0
[  502.293734][T12814]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  502.293782][T12814]  ? policy_nodemask+0xea/0x4e0
[  502.293825][T12814]  alloc_pages_mpol+0x1fb/0x550
[  502.293867][T12814]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  502.293917][T12814]  ? __pti_set_user_pgtbl+0xf1/0x190
[  502.293969][T12814]  ? __pfx___pti_set_user_pgtbl+0x10/0x10
[  502.294028][T12814]  alloc_pages_noprof+0x131/0x390
[  502.294071][T12814]  get_zeroed_page_noprof+0x14/0x50
[  502.294118][T12814]  machine_kexec_prepare+0xa12/0xf90
[  502.294172][T12814]  ? __pfx_machine_kexec_prepare+0x10/0x10
[  502.294224][T12814]  ? __pfx_alloc_pgt_page+0x10/0x10
[  502.294290][T12814]  do_kexec_load+0x664/0x8d0
[  502.294343][T12814]  ? __pfx_do_kexec_load+0x10/0x10
[  502.294397][T12814]  ? _copy_from_user+0x59/0xd0
[  502.294450][T12814]  __x64_sys_kexec_load+0x1bf/0x230
[  502.294502][T12814]  do_syscall_64+0xcd/0x230
[  502.294564][T12814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  502.294597][T12814] RIP: 0033:0x7f9f2078e969
[  502.294621][T12814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  502.294653][T12814] RSP: 002b:00007f9f21565038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6
[  502.294684][T12814] RAX: ffffffffffffffda RBX: 00007f9f209b5fa0 RCX: 00007f9f2078e969
[  502.294706][T12814] RDX: 0000200000000080 RSI: 0000000000000002 RDI: 00000000000000ff
[  502.294725][T12814] RBP: 00007f9f20810ab1 R08: 0000000000000000 R09: 0000000000000000
[  502.294744][T12814] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000
[  502.294761][T12814] R13: 0000000000000000 R14: 00007f9f209b5fa0 R15: 00007ffe31bb6978
[  502.294800][T12814]  </TASK>
[  503.037346][ T5140] Bluetooth: hci5: command 0x0c1a tx timeout
[  503.463304][T12821] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1773'.
[  503.593690][ T5140] Bluetooth: hci6: command 0x0c1a tx timeout
[  504.003305][ T5140] Bluetooth: hci7: command 0x0c1a tx timeout
[  504.153121][ T5140] Bluetooth: hci8: command 0x0c1a tx timeout
[  504.538690][T12836] FAULT_INJECTION: forcing a failure.
[  504.538690][T12836] name failslab, interval 1, probability 0, space 0, times 0
[  504.743062][T12836] CPU: 1 UID: 0 PID: 12836 Comm: syz.6.1776 Tainted: G     U              6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) 
[  504.743114][T12836] Tainted: [U]=USER
[  504.743126][T12836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  504.743145][T12836] Call Trace:
[  504.743156][T12836]  <TASK>
[  504.743169][T12836]  dump_stack_lvl+0x16c/0x1f0
[  504.743219][T12836]  should_fail_ex+0x512/0x640
[  504.743263][T12836]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  504.743320][T12836]  should_failslab+0xc2/0x120
[  504.743361][T12836]  __kmalloc_cache_noprof+0x6a/0x3e0
[  504.743412][T12836]  ? sctp_stream_init_ext+0x4e/0x1b0
[  504.743464][T12836]  sctp_stream_init_ext+0x4e/0x1b0
[  504.743510][T12836]  sctp_sendmsg_to_asoc+0x16c1/0x1bf0
[  504.743578][T12836]  ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10
[  504.743629][T12836]  ? __pfx_autoremove_wake_function+0x10/0x10
[  504.743685][T12836]  ? sctp_sendmsg_check_sflags+0x176/0x320
[  504.743760][T12836]  sctp_sendmsg+0xef5/0x1ee0
[  504.743806][T12836]  ? __pfx_sctp_sendmsg+0x10/0x10
[  504.743842][T12836]  ? __pfx___might_resched+0x10/0x10
[  504.743888][T12836]  ? aa_file_perm+0x4d6/0xfb0
[  504.743934][T12836]  ? __pfx_aa_sk_perm+0x10/0x10
[  504.743973][T12836]  ? __pfx_sctp_sendmsg+0x10/0x10
[  504.744008][T12836]  inet_sendmsg+0x119/0x140
[  504.744055][T12836]  sock_write_iter+0x4aa/0x5b0
[  504.744102][T12836]  ? __pfx_sock_write_iter+0x10/0x10
[  504.744168][T12836]  ? bpf_lsm_file_permission+0x9/0x10
[  504.744215][T12836]  ? security_file_permission+0x71/0x210
[  504.744258][T12836]  ? rw_verify_area+0xcf/0x680
[  504.744309][T12836]  vfs_write+0x5ba/0x1180
[  504.744339][T12836]  ? __pfx_sock_write_iter+0x10/0x10
[  504.744389][T12836]  ? __pfx_vfs_write+0x10/0x10
[  504.744414][T12836]  ? find_held_lock+0x2b/0x80
[  504.744473][T12836]  ksys_write+0x205/0x240
[  504.744503][T12836]  ? __pfx_ksys_write+0x10/0x10
[  504.744546][T12836]  do_syscall_64+0xcd/0x230
[  504.744595][T12836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  504.744627][T12836] RIP: 0033:0x7fc9c498e969
[  504.744651][T12836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  504.744683][T12836] RSP: 002b:00007fc9c574d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  504.744712][T12836] RAX: ffffffffffffffda RBX: 00007fc9c4bb6160 RCX: 00007fc9c498e969
[  504.744740][T12836] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003
[  504.744758][T12836] RBP: 00007fc9c574d090 R08: 0000000000000000 R09: 0000000000000000
[  504.744776][T12836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  504.744793][T12836] R13: 0000000000000001 R14: 00007fc9c4bb6160 R15: 00007ffd2309a8d8
[  504.744834][T12836]  </TASK>
[  505.013664][T12839] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  505.016024][    C1] vkms_vblank_simulate: vblank timer overrun
[  505.033170][    C1] vkms_vblank_simulate: vblank timer overrun
[  506.643589][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  506.650005][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  507.549154][T12875] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1785'.
[  510.780257][T12916] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1796'.
[  511.915775][T12931] netlink: 28 bytes leftover after parsing attributes in process `syz.8.1799'.
[  512.553520][T12939] delete_channel: no stack
[  512.616043][T12931] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  513.147811][T12931] batman_adv: batadv0: Removing interface: batadv_slave_1
[  514.377820][T12935] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  514.397943][T12935] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  514.457357][T12935] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  514.502796][T12935] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  514.513246][T12935] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  514.546281][T12935] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  514.562883][T12935] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  514.624116][T12935] Bluetooth: hci7: Opcode 0x0c1a failed: -4
[  514.665182][T12935] Bluetooth: hci8: Opcode 0x0c1a failed: -4
[  514.713142][ T5140] Bluetooth: hci0: command 0x0c1a tx timeout
[  515.639703][T12961] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1804'.
[  515.649449][    C1] vcan0: j1939_session_tx_dat: 0xffff888025380800: queue data error: -100
[  515.658653][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  515.666591][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  515.674628][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  515.682984][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  515.691004][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  515.698927][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  515.706944][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  515.714850][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  515.722815][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  515.730721][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  515.738725][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  515.746632][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  515.754623][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  515.762480][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  515.770504][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  515.778422][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  515.786445][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  515.794351][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  515.802359][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  515.810296][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  515.818362][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  515.826384][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  515.834404][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  515.842299][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  515.850298][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  515.858228][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  515.866237][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  515.874146][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  515.882136][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  515.890113][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  515.898115][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  515.906035][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  515.914014][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  515.921915][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  515.929920][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  515.937920][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  515.945923][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  515.953838][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  515.961799][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  515.969732][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  516.477894][ T5140] Bluetooth: hci2: command 0x0c1a tx timeout
[  516.484137][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout
[  516.553240][ T5140] Bluetooth: hci5: command 0x0c1a tx timeout
[  516.559380][ T5837] Bluetooth: hci4: command 0x040f tx timeout
[  516.566248][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout
[  516.638722][ T5140] Bluetooth: hci7: command 0x0c1a tx timeout
[  516.648973][T11678] Bluetooth: hci6: command 0x0c1a tx timeout
[  516.723045][ T5140] Bluetooth: hci8: command 0x0c1a tx timeout
[  518.455209][T13004] HfR: entered promiscuous mode
[  518.503543][T13009] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1817'.
[  518.592352][T13009] HfR: left promiscuous mode
[  519.163516][T12991] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  519.170793][T12991] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  519.177583][T12991] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  519.185420][T12991] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  519.273425][T12991] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  519.279897][T12991] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  519.286334][T12991] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  519.293035][T12991] Bluetooth: hci7: Opcode 0x0c1a failed: -4
[  519.301600][T12991] Bluetooth: hci8: Opcode 0x0c1a failed: -4
[  520.185386][T13028] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1821'.
[  520.561507][T11678] Bluetooth: hci0: command 0x0c1a tx timeout
[  521.193187][T11678] Bluetooth: hci4: command 0x040f tx timeout
[  521.199312][ T5140] Bluetooth: hci3: command 0x0c1a tx timeout
[  521.205691][ T5140] Bluetooth: hci2: command 0x0c1a tx timeout
[  521.205930][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout
[  521.354295][T11677] Bluetooth: hci8: command 0x0c1a tx timeout
[  521.360385][T11677] Bluetooth: hci7: command 0x0c1a tx timeout
[  521.367885][ T5837] Bluetooth: hci6: command 0x0c1a tx timeout
[  521.367908][T11678] Bluetooth: hci5: command 0x0c1a tx timeout
[  523.402737][T13072] CIFS mount error: No usable UNC path provided in device string!
[  523.402737][T13072] 
[  523.418117][T13072] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  524.513521][T11678] Bluetooth: hci6: unexpected subevent 0x01 length: 4 < 18
[  524.630824][   T30] audit: type=1800 audit(4294968691.560:23): pid=13081 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.1833" name="dbroot" dev="configfs" ino=40849 res=0 errno=0
[  527.836566][T13108] ima: policy update failed
[  527.852996][   T30] audit: type=1802 audit(4294968694.780:24): pid=13108 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.6.1842" res=0 errno=0
[  531.218537][T13142] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input12
[  533.421074][T13147] delete_channel: no stack
[  537.295795][T13204] FAULT_INJECTION: forcing a failure.
[  537.295795][T13204] name failslab, interval 1, probability 0, space 0, times 0
[  537.375604][T13204] CPU: 0 UID: 0 PID: 13204 Comm: syz.5.1860 Tainted: G     U              6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) 
[  537.375657][T13204] Tainted: [U]=USER
[  537.375668][T13204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  537.375686][T13204] Call Trace:
[  537.375696][T13204]  <TASK>
[  537.375709][T13204]  dump_stack_lvl+0x16c/0x1f0
[  537.375756][T13204]  should_fail_ex+0x512/0x640
[  537.375798][T13204]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  537.375854][T13204]  should_failslab+0xc2/0x120
[  537.375892][T13204]  __kmalloc_cache_noprof+0x6a/0x3e0
[  537.375960][T13204]  ? sctp_datamsg_from_user+0x8d/0x1320
[  537.376003][T13204]  sctp_datamsg_from_user+0x8d/0x1320
[  537.376038][T13204]  ? __sk_mem_raise_allocated+0x895/0x1700
[  537.376086][T13204]  ? __sk_mem_schedule+0xd0/0x100
[  537.376142][T13204]  sctp_sendmsg_to_asoc+0xaf5/0x1bf0
[  537.376208][T13204]  ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10
[  537.376257][T13204]  ? __pfx_autoremove_wake_function+0x10/0x10
[  537.376305][T13204]  ? sctp_sendmsg_check_sflags+0x176/0x320
[  537.376355][T13204]  sctp_sendmsg+0xef5/0x1ee0
[  537.376399][T13204]  ? __pfx_sctp_sendmsg+0x10/0x10
[  537.376435][T13204]  ? __pfx___might_resched+0x10/0x10
[  537.376481][T13204]  ? aa_file_perm+0x4d6/0xfb0
[  537.376525][T13204]  ? __pfx_aa_sk_perm+0x10/0x10
[  537.376566][T13204]  ? __pfx_sctp_sendmsg+0x10/0x10
[  537.376600][T13204]  inet_sendmsg+0x119/0x140
[  537.376646][T13204]  sock_write_iter+0x4aa/0x5b0
[  537.376692][T13204]  ? __pfx_sock_write_iter+0x10/0x10
[  537.376753][T13204]  ? bpf_lsm_file_permission+0x9/0x10
[  537.376802][T13204]  ? security_file_permission+0x71/0x210
[  537.376846][T13204]  ? rw_verify_area+0xcf/0x680
[  537.376898][T13204]  vfs_write+0x5ba/0x1180
[  537.376928][T13204]  ? __pfx_sock_write_iter+0x10/0x10
[  537.376984][T13204]  ? __pfx_vfs_write+0x10/0x10
[  537.377011][T13204]  ? find_held_lock+0x2b/0x80
[  537.377068][T13204]  ksys_write+0x205/0x240
[  537.377098][T13204]  ? __pfx_ksys_write+0x10/0x10
[  537.377142][T13204]  do_syscall_64+0xcd/0x230
[  537.377189][T13204]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  537.377223][T13204] RIP: 0033:0x7fd0e518e969
[  537.377249][T13204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  537.377281][T13204] RSP: 002b:00007fd0e2fb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  537.377309][T13204] RAX: ffffffffffffffda RBX: 00007fd0e53b6160 RCX: 00007fd0e518e969
[  537.377330][T13204] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003
[  537.377347][T13204] RBP: 00007fd0e2fb4090 R08: 0000000000000000 R09: 0000000000000000
[  537.377365][T13204] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  537.377382][T13204] R13: 0000000000000001 R14: 00007fd0e53b6160 R15: 00007ffd582e96f8
[  537.377421][T13204]  </TASK>
[  538.450450][T13213] syz.5.1862 (13213): drop_caches: 0
[  540.875397][T13253] RDS: rds_bind could not find a transport for ::ffff:10.1.1.2, load rds_tcp or rds_rdma?
[  548.674206][T13292] delete_channel: no stack
[  551.821896][T13032] syz.5.1820 (13032) used greatest stack depth: 20152 bytes left
[  556.861394][ T5140] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  556.872083][ T5140] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  556.883639][ T5140] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  556.895495][ T5140] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  556.905165][ T5140] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  557.012449][ T5140] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  557.022246][ T5140] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  557.030902][ T5140] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  557.040246][ T5140] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  557.048192][ T5140] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  558.033280][T13329] chnl_net:caif_netlink_parms(): no params data found
[  558.149226][T13332] chnl_net:caif_netlink_parms(): no params data found
[  558.503816][T13329] bridge0: port 1(bridge_slave_0) entered blocking state
[  558.512018][T13329] bridge0: port 1(bridge_slave_0) entered disabled state
[  558.593397][T13329] bridge_slave_0: entered allmulticast mode
[  558.601789][T13329] bridge_slave_0: entered promiscuous mode
[  558.780462][T13329] bridge0: port 2(bridge_slave_1) entered blocking state
[  558.788076][T13329] bridge0: port 2(bridge_slave_1) entered disabled state
[  558.813562][T13329] bridge_slave_1: entered allmulticast mode
[  558.830588][T13329] bridge_slave_1: entered promiscuous mode
[  558.842312][T13332] bridge0: port 1(bridge_slave_0) entered blocking state
[  558.851393][T13332] bridge0: port 1(bridge_slave_0) entered disabled state
[  558.858804][T13332] bridge_slave_0: entered allmulticast mode
[  558.867129][T13332] bridge_slave_0: entered promiscuous mode
[  558.933900][T13332] bridge0: port 2(bridge_slave_1) entered blocking state
[  558.953232][T11678] Bluetooth: hci9: command tx timeout
[  558.969598][T13332] bridge0: port 2(bridge_slave_1) entered disabled state
[  558.996779][T13332] bridge_slave_1: entered allmulticast mode
[  559.005316][T13332] bridge_slave_1: entered promiscuous mode
[  559.017570][T13329] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  559.092820][T13329] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  559.125440][T11678] Bluetooth: hci10: command tx timeout
[  559.332396][T13332] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  559.385234][T13329] team0: Port device team_slave_0 added
[  559.402089][T13332] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  559.567617][T13329] team0: Port device team_slave_1 added
[  559.722411][T13332] team0: Port device team_slave_0 added
[  559.822684][T13332] team0: Port device team_slave_1 added
[  559.855197][T13329] batman_adv: batadv0: Adding interface: batadv_slave_0
[  559.864744][T13329] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  559.931902][T13329] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  560.041381][T13329] batman_adv: batadv0: Adding interface: batadv_slave_1
[  560.052944][T13329] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  560.112957][T13329] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  560.227695][T13332] batman_adv: batadv0: Adding interface: batadv_slave_0
[  560.256563][T13332] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  560.343740][T13332] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  560.393290][   T31] INFO: task syz.2.1441:11522 blocked for more than 143 seconds.
[  560.401109][   T31]       Tainted: G     U              6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  560.455917][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  560.492998][   T31] task:syz.2.1441      state:D stack:27704 pid:11522 tgid:11521 ppid:5828   task_flags:0x400140 flags:0x00000004
[  560.536371][   T31] Call Trace:
[  560.539745][   T31]  <TASK>
[  560.542734][   T31]  __schedule+0x116f/0x5de0
[  560.593254][   T31]  ? save_trace+0x4e/0x380
[  560.597796][   T31]  ? __lock_acquire+0x5ca/0x1ba0
[  560.634019][   T31]  ? __pfx___schedule+0x10/0x10
[  560.638989][   T31]  ? find_held_lock+0x2b/0x80
[  560.675612][   T31]  ? schedule+0x2d7/0x3a0
[  560.680061][   T31]  schedule+0xe7/0x3a0
[  560.711560][   T31]  schedule_preempt_disabled+0x13/0x30
[  560.751024][   T31]  __mutex_lock+0x6c7/0xb90
[  560.763533][   T31]  ? nfsd_nl_threads_set_doit+0x698/0xbf0
[  560.792680][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  560.813776][   T31]  ? net_generic+0xea/0x2a0
[  560.818404][   T31]  ? nfsd_nl_threads_set_doit+0x698/0xbf0
[  560.853549][   T31]  nfsd_nl_threads_set_doit+0x698/0xbf0
[  560.859304][   T31]  genl_family_rcv_msg_doit+0x206/0x2f0
[  560.905685][   T31]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  560.911964][   T31]  ? rcu_is_watching+0x12/0xc0
[  560.942970][   T31]  ? bpf_lsm_capable+0x9/0x10
[  560.947827][   T31]  ? security_capable+0x7e/0x260
[  560.952837][   T31]  genl_rcv_msg+0x55c/0x800
[  560.979129][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[  560.992972][   T31]  ? __pfx___dev_queue_xmit+0x10/0x10
[  560.998458][   T31]  ? __pfx_nfsd_nl_threads_set_doit+0x10/0x10
[  561.013283][   T31]  ? __lock_acquire+0xaa4/0x1ba0
[  561.019057][   T31]  netlink_rcv_skb+0x16a/0x440
[  561.033355][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[  561.043413][T11678] Bluetooth: hci9: command tx timeout
[  561.048954][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  561.063258][   T31]  ? __pfx_down_read+0x10/0x10
[  561.068134][   T31]  ? netlink_deliver_tap+0x1ae/0xd30
[  561.103185][   T31]  genl_rcv+0x28/0x40
[  561.107301][   T31]  netlink_unicast+0x53a/0x7f0
[  561.112124][   T31]  ? __pfx_netlink_unicast+0x10/0x10
[  561.154492][   T31]  ? __lock_acquire+0xaa4/0x1ba0
[  561.159574][   T31]  netlink_sendmsg+0x8d1/0xdd0
[  561.193053][T11678] Bluetooth: hci10: command tx timeout
[  561.203159][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  561.208572][   T31]  ____sys_sendmsg+0xa95/0xc70
[  561.263434][   T31]  ? copy_msghdr_from_user+0x10a/0x160
[  561.269022][   T31]  ? __pfx_____sys_sendmsg+0x10/0x10
[  561.331439][   T31]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  561.337487][   T31]  ___sys_sendmsg+0x134/0x1d0
[  561.342248][   T31]  ? __pfx____sys_sendmsg+0x10/0x10
[  561.363214][   T31]  __sys_sendmsg+0x16d/0x220
[  561.368012][   T31]  ? __pfx___sys_sendmsg+0x10/0x10
[  561.391839][   T31]  ? __x64_sys_futex+0x1e0/0x4c0
[  561.414591][   T31]  ? rcu_is_watching+0x12/0xc0
[  561.419467][   T31]  do_syscall_64+0xcd/0x230
[  561.432965][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  561.438948][   T31] RIP: 0033:0x7fb96698e969
[  561.452983][   T31] RSP: 002b:00007fb96782a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  561.461521][   T31] RAX: ffffffffffffffda RBX: 00007fb966bb5fa0 RCX: 00007fb96698e969
[  561.492969][   T31] RDX: 0000000000004000 RSI: 0000200000000480 RDI: 0000000000000003
[  561.513585][   T31] RBP: 00007fb966a10ab1 R08: 0000000000000000 R09: 0000000000000000
[  561.521644][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  561.543000][   T31] R13: 0000000000000000 R14: 00007fb966bb5fa0 R15: 00007ffe359e6078
[  561.551089][   T31]  </TASK>
[  561.563524][   T31] INFO: task syz.0.1466:11613 blocked for more than 144 seconds.
[  561.571318][   T31]       Tainted: G     U              6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0
[  561.603008][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  561.611780][   T31] task:syz.0.1466      state:D stack:27176 pid:11613 tgid:11612 ppid:5826   task_flags:0x400140 flags:0x00000004
[  561.643310][   T31] Call Trace:
[  561.646677][   T31]  <TASK>
[  561.649658][   T31]  __schedule+0x116f/0x5de0
[  561.673078][   T31]  ? __pfx_stack_trace_save+0x10/0x10
[  561.678557][   T31]  ? stack_depot_save_flags+0x28/0xa50
[  561.692959][   T31]  ? __lock_acquire+0x5ca/0x1ba0
[  561.698023][   T31]  ? __pfx___schedule+0x10/0x10
[  561.713366][   T31]  ? find_held_lock+0x2b/0x80
[  561.718135][   T31]  ? schedule+0x2d7/0x3a0
[  561.722532][   T31]  schedule+0xe7/0x3a0
[  561.742994][   T31]  schedule_preempt_disabled+0x13/0x30
[  561.748556][   T31]  __mutex_lock+0x6c7/0xb90
[  561.763009][   T31]  ? nfsd_nl_threads_set_doit+0x698/0xbf0
[  561.768826][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  561.793004][   T31]  ? net_generic+0xea/0x2a0
[  561.797633][   T31]  ? nfsd_nl_threads_set_doit+0x698/0xbf0
[  561.813394][   T31]  nfsd_nl_threads_set_doit+0x698/0xbf0
[  561.819057][   T31]  genl_family_rcv_msg_doit+0x206/0x2f0
[  561.843007][   T31]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  561.849179][   T31]  ? rcu_is_watching+0x12/0xc0
[  561.863499][   T31]  ? bpf_lsm_capable+0x9/0x10
[  561.868264][   T31]  ? security_capable+0x7e/0x260
[  561.883000][   T31]  genl_rcv_msg+0x55c/0x800
[  561.893322][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[  561.898453][   T31]  ? __pfx___dev_queue_xmit+0x10/0x10
[  561.919871][   T31]  ? __pfx_nfsd_nl_threads_set_doit+0x10/0x10
[  561.932959][   T31]  ? __lock_acquire+0xaa4/0x1ba0
[  561.938038][   T31]  netlink_rcv_skb+0x16a/0x440
[  561.953376][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[  561.958515][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  561.977931][   T31]  ? __pfx_down_read+0x10/0x10
[  561.982846][   T31]  ? netlink_deliver_tap+0x1ae/0xd30
[  561.988312][   T31]  genl_rcv+0x28/0x40
[  561.992356][   T31]  netlink_unicast+0x53a/0x7f0
[  562.023112][   T31]  ? __pfx_netlink_unicast+0x10/0x10
[  562.028512][   T31]  ? __lock_acquire+0xaa4/0x1ba0
[  562.062647][   T31]  netlink_sendmsg+0x8d1/0xdd0
[  562.090623][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  562.096478][   T31]  ____sys_sendmsg+0xa95/0xc70
[  562.101324][   T31]  ? copy_msghdr_from_user+0x10a/0x160
[  562.122982][   T31]  ? __pfx_____sys_sendmsg+0x10/0x10
[  562.128398][   T31]  ___sys_sendmsg+0x134/0x1d0
[  562.143393][   T31]  ? __pfx____sys_sendmsg+0x10/0x10
[  562.149430][   T31]  __sys_sendmsg+0x16d/0x220
[  562.163761][   T31]  ? __pfx___sys_sendmsg+0x10/0x10
[  562.168962][   T31]  ? __x64_sys_futex+0x1e0/0x4c0
[  562.183408][   T31]  ? rcu_is_watching+0x12/0xc0
[  562.214755][   T31]  do_syscall_64+0xcd/0x230
[  562.219464][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  562.233127][   T31] RIP: 0033:0x7f6a7318e969
[  562.237659][   T31] RSP: 002b:00007f6a73fa2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  562.260679][   T31] RAX: ffffffffffffffda RBX: 00007f6a733b5fa0 RCX: 00007f6a7318e969
[  562.274212][   T31] RDX: 0000000000004000 RSI: 0000200000000480 RDI: 0000000000000004
[  562.282277][   T31] RBP: 00007f6a73210ab1 R08: 0000000000000000 R09: 0000000000000000
[  562.315555][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  562.333019][   T31] R13: 0000000000000000 R14: 00007f6a733b5fa0 R15: 00007ffd5ab30d38
[  562.341147][   T31]  </TASK>
[  562.355860][   T31] 
[  562.355860][   T31] Showing all locks held in the system:
[  562.372973][   T31] 1 lock held by khungtaskd/31:
[  562.377521][T13332] batman_adv: batadv0: Adding interface: batadv_slave_1
[  562.387818][T13332] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  562.393005][   T31]  #0: 
[  562.456375][T13332] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  562.493050][   T31] ffffffff8e3bf440 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0
[  562.502630][   T31] 3 locks held by kworker/u8:15/11210:
[  562.533014][   T31]  #0: ffff8880b8439f18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[  562.553008][   T31]  #1: ffff8880b8523c48 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x2c1/0x8e0
[  562.564634][   T31]  #2: ffff8880b85256d8 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x127/0x1d0
[  562.594484][   T31] 2 locks held by syz.3.1404/11386:
[  562.599839][   T31]  #0: ffffffff901c8150 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  562.613044][   T31]  #1: ffffffff8e7cc128 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x698/0xbf0
[  562.642946][   T31] 2 locks held by syz.2.1441/11522:
[  562.648306][   T31]  #0: ffffffff901c8150 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  562.673008][   T31]  #1: ffffffff8e7cc128 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x698/0xbf0
[  562.702970][   T31] 2 locks held by syz.0.1466/11613:
[  562.708278][   T31]  #0: ffffffff901c8150 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  562.732978][   T31]  #1: ffffffff8e7cc128 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x698/0xbf0
[  562.762965][   T31] 2 locks held by getty/11618:
[  562.767815][   T31]  #0: ffff888035b620a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  562.800231][   T31]  #1: ffffc900030222f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0
[  562.822847][   T31] 2 locks held by syz.1.1474/11665:
[  562.830257][   T31]  #0: ffff88805f7840e0 (&type->s_umount_key#51){+.+.}-{4:4}, at: deactivate_super+0xd6/0x100
[  562.851134][   T31]  #1: ffffffff8e7cc128 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0
[  562.862747][   T31] 2 locks held by syz-executor/11701:
[  562.885511][   T31]  #0: ffff88803d5140e0 (&type->s_umount_key#51){+.+.}-{4:4}, at: deactivate_super+0xd6/0x100
[  562.907482][   T31]  #1: ffffffff8e7cc128 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0
[  562.922856][   T31] 2 locks held by syz-executor/11806:
[  562.929084][   T31]  #0: ffff88803055a0e0 (&type->s_umount_key#51){+.+.}-{4:4}, at: deactivate_super+0xd6/0x100
[  562.943009][   T31]  #1: ffffffff8e7cc128 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0
[  562.952730][   T31] 2 locks held by syz.4.1626/12268:
[  562.965845][   T31]  #0: ffffffff901c8150 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  562.974603][   T31]  #1: ffffffff8e7cc128 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_get_doit+0x1c6/0x7c0
[  562.991630][   T31] 1 lock held by syz.8.1870/13256:
[  562.998678][   T31] 1 lock held by syz.7.1885/13307:
[  563.005100][   T31] 1 lock held by syz-executor/13329:
[  563.010538][   T31]  #0: ffffffff8e3ca978 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x280/0x3c0
[  563.020777][   T31] 1 lock held by syz-executor/13332:
[  563.027363][   T31]  #0: ffffffff8e3ca978 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x1a3/0x3c0
[  563.063034][   T31] 
[  563.065446][   T31] =============================================
[  563.065446][   T31] 
[  563.092946][   T31] NMI backtrace for cpu 1
[  563.092973][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Tainted: G     U              6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) 
[  563.093015][   T31] Tainted: [U]=USER
[  563.093025][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  563.093042][   T31] Call Trace:
[  563.093069][   T31]  <TASK>
[  563.093081][   T31]  dump_stack_lvl+0x116/0x1f0
[  563.093129][   T31]  nmi_cpu_backtrace+0x27b/0x390
[  563.093166][   T31]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  563.093206][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  563.093256][   T31]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[  563.093303][   T31]  watchdog+0xf70/0x12c0
[  563.093354][   T31]  ? __pfx_watchdog+0x10/0x10
[  563.093391][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  563.093432][   T31]  ? __kthread_parkme+0x19e/0x250
[  563.093481][   T31]  ? __pfx_watchdog+0x10/0x10
[  563.093533][   T31]  kthread+0x3c2/0x780
[  563.093590][   T31]  ? __pfx_kthread+0x10/0x10
[  563.093627][   T31]  ? __pfx_kthread+0x10/0x10
[  563.093670][   T31]  ? __pfx_kthread+0x10/0x10
[  563.093712][   T31]  ? __pfx_kthread+0x10/0x10
[  563.093755][   T31]  ? rcu_is_watching+0x12/0xc0
[  563.093781][   T31]  ? __pfx_kthread+0x10/0x10
[  563.093821][   T31]  ret_from_fork+0x45/0x80
[  563.093867][   T31]  ? __pfx_kthread+0x10/0x10
[  563.093907][   T31]  ret_from_fork_asm+0x1a/0x30
[  563.093964][   T31]  </TASK>
[  563.093976][   T31] Sending NMI from CPU 1 to CPUs 0:
[  563.153048][T11678] Bluetooth: hci9: command tx timeout
[  563.155333][    C0] NMI backtrace for cpu 0
[  563.155355][    C0] CPU: 0 UID: 0 PID: 11678 Comm: kworker/u9:3 Tainted: G     U              6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) 
[  563.155402][    C0] Tainted: [U]=USER
[  563.155411][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  563.155428][    C0] Workqueue: hci9 hci_cmd_timeout
[  563.155469][    C0] RIP: 0010:io_serial_out+0x8f/0xb0
[  563.155497][    C0] Code: 48 8d 7d 40 44 89 e1 48 b8 00 00 00 00 00 fc ff df 48 89 fa d3 e3 48 c1 ea 03 80 3c 02 00 75 1c 66 03 5d 40 44 89 e8 89 da ee <5b> 5d 41 5c 41 5d c3 cc cc cc cc e8 41 2b d3 fc eb a0 e8 ca 2b d3
[  563.155522][    C0] RSP: 0018:ffffc900034d76b8 EFLAGS: 00000002
[  563.155541][    C0] RAX: 0000000000000036 RBX: 00000000000003f8 RCX: 0000000000000000
[  563.155557][    C0] RDX: 00000000000003f8 RSI: ffffffff854c0375 RDI: ffffffff9addfbc0
[  563.155574][    C0] RBP: ffffffff9addfb80 R08: 0000000000000001 R09: 000000000000001f
[  563.155590][    C0] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  563.155605][    C0] R13: 0000000000000036 R14: ffffffff9addfb80 R15: ffffffff854c0310
[  563.155622][    C0] FS:  0000000000000000(0000) GS:ffff8881249ec000(0000) knlGS:0000000000000000
[  563.155646][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  563.155663][    C0] CR2: 0000001b312f4ff8 CR3: 000000000e180000 CR4: 00000000003526f0
[  563.155680][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  563.155695][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  563.155712][    C0] Call Trace:
[  563.155720][    C0]  <TASK>
[  563.155731][    C0]  serial8250_console_write+0xfbc/0x1890
[  563.155774][    C0]  ? __pfx_serial8250_console_write+0x10/0x10
[  563.155813][    C0]  ? lock_acquire+0x179/0x350
[  563.155852][    C0]  console_flush_all+0x7fe/0xc60
[  563.155897][    C0]  ? __pfx_console_flush_all+0x10/0x10
[  563.155942][    C0]  ? is_printk_cpu_sync_owner+0x32/0x40
[  563.155971][    C0]  console_unlock+0xd8/0x210
[  563.156010][    C0]  ? __pfx_console_unlock+0x10/0x10
[  563.156062][    C0]  vprintk_emit+0x418/0x6d0
[  563.156085][    C0]  ? __pfx_vprintk_emit+0x10/0x10
[  563.156110][    C0]  ? __lock_acquire+0xaa4/0x1ba0
[  563.156144][    C0]  _printk+0xc7/0x100
[  563.156174][    C0]  ? __pfx__printk+0x10/0x10
[  563.156207][    C0]  ? do_raw_spin_lock+0x12c/0x2b0
[  563.156250][    C0]  bt_err+0xe4/0x120
[  563.156282][    C0]  ? __pfx_bt_err+0x10/0x10
[  563.156314][    C0]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  563.156346][    C0]  ? debug_object_deactivate+0x1ec/0x3a0
[  563.156377][    C0]  ? process_one_work+0x1315/0x1b70
[  563.156417][    C0]  hci_cmd_timeout+0x1ff/0x260
[  563.156455][    C0]  process_one_work+0x9cc/0x1b70
[  563.156499][    C0]  ? __pfx_process_one_work+0x10/0x10
[  563.156543][    C0]  ? assign_work+0x1a0/0x250
[  563.156580][    C0]  worker_thread+0x6c8/0xf10
[  563.156623][    C0]  ? __kthread_parkme+0x19e/0x250
[  563.156655][    C0]  ? __pfx_worker_thread+0x10/0x10
[  563.156693][    C0]  kthread+0x3c2/0x780
[  563.156729][    C0]  ? __pfx_kthread+0x10/0x10
[  563.156762][    C0]  ? __pfx_kthread+0x10/0x10
[  563.156796][    C0]  ? __pfx_kthread+0x10/0x10
[  563.156830][    C0]  ? __pfx_kthread+0x10/0x10
[  563.156865][    C0]  ? rcu_is_watching+0x12/0xc0
[  563.156887][    C0]  ? __pfx_kthread+0x10/0x10
[  563.156923][    C0]  ret_from_fork+0x45/0x80
[  563.156962][    C0]  ? __pfx_kthread+0x10/0x10
[  563.156997][    C0]  ret_from_fork_asm+0x1a/0x30
[  563.157048][    C0]  </TASK>
[  563.292957][ T5140] Bluetooth: hci10: command tx timeout
[  563.609273][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  563.616185][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Tainted: G     U              6.15.0-rc4-syzkaller-00208-g00b827f0cffa #0 PREEMPT(full) 
[  563.629593][   T31] Tainted: [U]=USER
[  563.633412][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  563.643486][   T31] Call Trace:
[  563.646782][   T31]  <TASK>
[  563.649740][   T31]  dump_stack_lvl+0x3d/0x1f0
[  563.654371][   T31]  panic+0x71c/0x800
[  563.658310][   T31]  ? __pfx_panic+0x10/0x10
[  563.662759][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  563.668174][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  563.674196][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  563.679615][   T31]  ? watchdog+0xdda/0x12c0
[  563.684148][   T31]  ? watchdog+0xdcd/0x12c0
[  563.688599][   T31]  watchdog+0xdeb/0x12c0
[  563.692877][   T31]  ? __pfx_watchdog+0x10/0x10
[  563.697597][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  563.702827][   T31]  ? __kthread_parkme+0x19e/0x250
[  563.707886][   T31]  ? __pfx_watchdog+0x10/0x10
[  563.712594][   T31]  kthread+0x3c2/0x780
[  563.716697][   T31]  ? __pfx_kthread+0x10/0x10
[  563.721318][   T31]  ? __pfx_kthread+0x10/0x10
[  563.725939][   T31]  ? __pfx_kthread+0x10/0x10
[  563.730564][   T31]  ? __pfx_kthread+0x10/0x10
[  563.735187][   T31]  ? rcu_is_watching+0x12/0xc0
[  563.739989][   T31]  ? __pfx_kthread+0x10/0x10
[  563.744617][   T31]  ret_from_fork+0x45/0x80
[  563.749074][   T31]  ? __pfx_kthread+0x10/0x10
[  563.753711][   T31]  ret_from_fork_asm+0x1a/0x30
[  563.758536][   T31]  </TASK>
[  563.761866][   T31] Kernel Offset: disabled
[  563.766207][   T31] Rebooting in 86400 seconds..