last executing test programs:

3m51.962163817s ago: executing program 0 (id=202):
r0 = prctl$auto_PR_SET_MM_END_CODE(0x5ed, 0x2, 0xffffffffffffffff, 0x4, 0x100000001)
r1 = getsockopt$auto_SO_OOBINLINE(r0, 0x0, 0xa, &(0x7f0000000000)='^*.\x00', &(0x7f0000000040))
r2 = syz_genetlink_get_family_id$auto_nfc(&(0x7f00000000c0), r1) (async)
capget$auto(&(0x7f0000000100)={0x3, <r3=>0x0}, &(0x7f0000000140)={0x6, 0x400, 0x1f4}) (async)
shmctl$auto(0x7, 0x5, &(0x7f00000002c0)={{0x8, <r4=>0x0, <r5=>0xee01, 0x24, 0x8, 0xb4, 0x6}, 0xa, 0x6, 0x700c, 0xffffffff, @inferred=0xffffffffffffffff, @raw=0x1000, 0x1, 0x0, &(0x7f0000000180)="280d7cba61c15838c799ee203545717a571c5a881a0399784269b27de5e3950a892710bad4ce650deda9a3cc5ac82cf189d8ff8a547a0646c3cc8fec0ba6add201373e688bd989d02d760d712226baf89fcd02bbab6a64af1d8da37b3d578fc3ba19ea9313d5d8e0d54cd26423aa38f57ae496d4319df2f5b97f1ba170ac69e53609d0275271d0b4edb616225d7583e153f0e16e72906c5074e405adb9af47cd7ba91288125fec0f1ac4d6b33ab6a285dd7873ce9ad1a57376f6836613a3185a345ff0c1208bfa0331d7e327bf4ff5663616bc6ba0f6ac6c7c56559179dd5a074bf067a77bb115b5eccde38282e2b658f702e688a30c6159", &(0x7f0000000280)="156c"})
sendmsg$auto_NFC_CMD_DEV_DOWN(r1, &(0x7f0000000500)={&(0x7f0000000080), 0xc, &(0x7f00000004c0)={&(0x7f0000000340)={0x15c, r2, 0x800, 0x70bd2d, 0x25dfdbfd, {}, [@NFC_ATTR_LLC_SDP={0x148, 0x13, 0x0, 0x1, [@nested={0x8, 0x41, 0x0, 0x1, [@typed={0x4, 0xad}]}, @nested={0x13c, 0x5c, 0x0, 0x1, [@typed={0xc, 0xc0, 0x0, 0x0, @u64=0x10}, @typed={0xc, 0x123, 0x0, 0x0, @u64=0x2}, @generic="4852f261ef8ffde0422920b210e578fa8bd913937f1e61ba7f5005ff6b40d5b0933a4a1e2087c3dcbebda5119a76b22d5684f7ef85b011df4ecdb2ae6dd13edbec5b52b6154fc694e93f508a8218afb1c6c952062d3930b9f671355bee7c5b3f5236bc07d235cae96a13c7c78d84f5efad5512e6fde370dbcc91f8b64fb56dfbc5e1d80a17deaac1a6e08c83f7e0a6d0912c17bd5129f6583e2fdfaf8518f5c2e5b87a29dbbf366e258f61c6fcf8a6be5972e9af37f9f5c759b37526a324824b30f46228e4cdf491eea3187173859eb53794c9ba18a11581f2cd45d29f3758a8c57c7ab2348247e7a12614101953d1c62ad2330933", @typed={0x8, 0x98, 0x0, 0x0, @pid=r3}, @nested={0x4, 0x41}, @typed={0x8, 0x92, 0x0, 0x0, @ipv4=@local}, @generic='i#L', @nested={0x4, 0x11}, @typed={0x8, 0x10b, 0x0, 0x0, @uid=r4}, @typed={0x8, 0xf9, 0x0, 0x0, @ipv4=@multicast1}]}]}]}, 0x15c}, 0x1, 0x0, 0x0, 0x8001}, 0x4000801) (async, rerun: 64)
futex_waitv$auto(&(0x7f0000000540)={0x4, 0x7}, 0x5, 0x8b81, &(0x7f0000000580)={0x0, 0x200}, 0x200) (rerun: 64)
futex_waitv$auto(&(0x7f00000005c0)={0x9, 0x101, 0xff}, 0x1, 0x6, &(0x7f0000000600)={0x5, 0x5}, 0x2) (async, rerun: 32)
fsetxattr$auto(r1, &(0x7f0000000640)='\x9d(-\x00', &(0x7f0000000680)="223b0fd7e0c2e2baa8a479f7c384d3a8947eac6487ede92dc24572030161a298957d36bfb0d3808bead30846eec2d308948ff6ae40a1a4da91ff02f979a837bb83ccecfe86ac44020df251a6abe4d46133ecc0659ca5813aa28c42f6c741696393a6245695207813800ab89d8b6e4aa128a9044ba9e9bec2ab447cfb2e1b645696ea36aa5e5cc42b4f2f1726e88f1c2fab6cbc093838b1040f355553973bdf44448beaf803281104e8fe4a8422ce8418af58e340f538c220e54514d82f9f73", 0xb23a, 0xc18b) (rerun: 32)
keyctl$auto_KEY_SPEC_USER_KEYRING(0x80, r4, r4, r5, 0xfffffffffffffffc) (async)
futex_requeue$auto(&(0x7f0000000740)={0x9, 0x6}, 0x0, 0x3, 0x3) (async)
newfstatat$auto(r0, &(0x7f0000000780)='./file0\x00', &(0x7f00000007c0)={0x9, 0x427d3406, 0x9, 0x4, r4, <r6=>r5, 0x0, 0x2, 0x6, 0x8, 0xfffffffffffffff8, 0x2, 0x6, 0x1, 0x1, 0x80000000, 0x225}, 0x5)
ioctl$auto_FIBMAP(r1, 0x1, r0)
write$auto_tap_fops_tap(r0, &(0x7f0000000880)="d868b01df1da88e0adec7baf88b9630f1cb6d792d8fd4409fd8fee3eecef91a907f6bdf95ff99571475af73f3997fb84bdad9f9b15e79fe06f3e8c852a5ba6eb02ea320394e074072c26d9edce22030c9a1df8e6ef25d358dcdd0feb99da72717ca56cefd2898bc24f158c913c70ffdb645cc8acff26dad769a2df5d8b4ff0c620b8a868c3d597bb2fdadff2eabad13858c6bd12aed94688a434db1b38bcf83f1f463041c74799c8c9722da91d9ec5cb6ee5920647b36cebcace6289d23023b46e91586780c9c583553a3e4f64cdc9ab325c79f1f833a51be6af5f59689188226425183ee8d940886cd36e27e9056ceca4251a5d3e", 0xf5) (async)
keyctl$auto_KEYCTL_ASSUME_AUTHORITY(0x10, r4, r4, r6, 0x8) (async)
ioctl$auto_XFS_IOC_START_COMMIT(r1, 0x80585882, &(0x7f0000000980)={r1, 0x0, 0x50a, 0x5, 0x5, 0x7ff, [0xb, 0x78bc, 0x6, 0x7f, 0x1, 0x6]}) (async)
r7 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000a40), r0)
sendmsg$auto_TIPC_NL_MEDIA_GET(r1, &(0x7f0000000ec0)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000e80)={&(0x7f0000000a80)={0x3c8, r7, 0x8, 0x70bd2a, 0x25dfdbff, {}, [@TIPC_NLA_BEARER={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x103, 0x0, 0x0, @u32=0x7}]}, @TIPC_NLA_NAME_TABLE={0x3a5, 0x8, 0x0, 0x1, [@generic="0c90fe01d4162fd4a9095b8d9cb10eae3fcfb64abd9e5bb7a3b3040c47f93187b10e2490b9a2cff765ee8e19ce5e7608439e5cd9f7a76e179dd62999ebda2bfbf2e09dfb8ec9ee2e5cb59db2e5da4d8235ee4fa47de7cb697e45bec9bc5195c41dfc7a3742d5c431cf207bd6707911bc4cb1bdc3ded4e83643536251ec0fbed4359327", @typed={0x6f, 0xa3, 0x0, 0x0, @binary="9b868295b911c90ecddc4a9126b3f2f0a8b63f24a3ab3bdc5e1ded5a4e74af7adb00d35b3824d5bedef6bae09cd63ba6d9e4f76c1259f1ada16a0913441cdfba14520fb4d7d437b4f4e57864cb58fdc023162945794728b6d23295794af6d11a64afc8bbd20d303c3871c0"}, @generic="28fa492c3a0c52bdae85bad5c3779cf260ea9fe99aae89a1514f764b5f253cd1fd555c48872e9e361bff7cb10c6ed308f153ee821c099295181e97f6dda4", @nested={0x258, 0x18, 0x0, 0x1, [@nested={0x4, 0x4c}, @generic="b8334bc12d4ea2e5df792d73164ca81cf9c11bad97d863d7c4106fbe818eec5f040a73f8799f6178e3563a3e951287ef0c28ab9e9469a0cc534920b4d9bae4f381a72a59f9f28da9baba3d5bf30859f0bca21736fb720165ee641df73a054616e0af257442de98a514e9703d81e66f8e6d9e634e9fd2d11c0962ffd0b2877ee26e6f26ae1fa3d86796bcc83e320a10053fbb4260e82a2f65e906215ae83b82dad3daf9d23261a7e1a3535659e2ef2352f140f64d8e68f0a59f561e", @nested={0x4, 0x7f}, @generic="9b4bcfcd1cb7f8d2e70de68c0c4824477a7610f40b1e3864ed03d5a38610cae0662c90ad5d373d37c318697868a14daf6ffe149fc9a2778a689e75c6e1685e38e604e1482d449e2890cf62206b37aa2f829088dbb3e603f3da971cd2514add701fbe41f76f90b37c18a6d96a5e682e7a4741cc4382336f60e6b496c23c6b9239b82e751ba6ba58e0814a9659b5ae8f408f9408bf91e257fd6ea46e80b44031ca2240fae215377f7e58b6735744635a6f158dfb2d8932a3336c42879992f33422091821d30645aebe7b", @generic="16b11faacab22763c5b49fca1608c9103c33bb5518dbf6c910285f26850eb657f01fbbf65653ce315ab64b5b76c7ffd44349488d7cdafdf8d37f9c9e2573236ec5ae0da5e57a05e41f2b6bcfa61fc1da7285acf0a07836340a3564b1ab15b9a8d51c8914d73747f55c25f31044f355a2ea28df86d4287b53c8c3eba3c475f03374662233fc5ea0d3a817e488c23e580471baadf58ea8cc59d908434c7b083553ee50c78e7d8d914ae8c27e369921386f837cff24", @typed={0xc, 0x10b, 0x0, 0x0, @u64=0x7}, @nested={0x4, 0x65}, @nested={0x4, 0x11d}]}, @generic="f6db92fe7b7101968488cbafedf6a5db3dc64fcc90401121"]}]}, 0x3c8}, 0x1, 0x0, 0x0, 0x40000}, 0x5) (async)
pwritev2$auto(r1, &(0x7f0000000fc0)={&(0x7f0000000f00)="5b6d2d3ec5833e99aaba36d331cf573f40d5ab82f93689c5d0e0c6914f17ca44b8fada169ea6156652ef7cabaf7f52610b0d4b2143119d15a461aeb938ee3030aa8ae97faa05a1ea96f6c1d21f6f8c0f378ca4e8eb097dfd2d672d9129e57f77e5503a40e30adace7fdcf3170382538e6d1991cf952dd52fbe7ecc2bbc8ba1e9cc96a9cb644c9602286c9f9cd878116c304f51abbb64b8312dba0d3aef8126fa414f029aa1", 0x81}, 0x9, 0x635, 0x5, 0xfe) (async)
sendmsg$auto_SMC_NETLINK_DUMP_SEID(r1, &(0x7f00000011c0)={&(0x7f0000001000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000001180)={&(0x7f0000001040)={0x108, 0x0, 0x400, 0x70bd2c, 0x25dfdbfd, {}, "da1c87956c78b6e24473b5e6cbbb7afcff4dee37e4ea6e6ec79efec31d1300dbaef306b409bbebb418e8694fd597f64902c75c90f8da5edbf41b81bbfeb1fb8174a992db376f6a104fb2f52e10dd4b540037f43148e05688117fec8efb47b354f9bcddc1f60272ed8be248ceb2944543fcd80bc4735381355fecdf30dbeeac500e842c53684b5adaebeb831ff2b3e03dff95443a7a153984b14be8f67190eb58833de9f986a2a1a2d3a60dddc3184608f981d7eecc09650103961575363e35a4a584c9f05700979ebf54c38c96ef8e4dccd375c8c3d64373366f9353e3b844387a5e32a84715bfcc9c72c3485ba8e21e2f4af3"}, 0x108}, 0x1, 0x0, 0x0, 0x4}, 0xc000) (async)
r8 = syz_genetlink_get_family_id$auto_hsr(&(0x7f0000001240), r0) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001280)={'veth0_to_team\x00', <r9=>0x0}) (async, rerun: 64)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000012c0)={'veth1_to_bridge\x00', <r10=>0x0}) (rerun: 64)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f00000013c0)={&(0x7f0000001200)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000001380)={&(0x7f0000001300)={0x6c, r8, 0x2, 0x70bd2a, 0x25dfdbff, {}, [@HSR_A_IF2_AGE={0x8, 0x4, 0xffff0000}, @HSR_A_IFINDEX={0x8, 0x2, r9}, @HSR_A_IFINDEX={0x8, 0x2, r10}, @HSR_A_NODE_ADDR={0xa, 0x1, @remote}, @HSR_A_IF2_AGE={0x8, 0x4, 0x8}, @HSR_A_IF1_AGE={0x8, 0x3, 0x2}, @HSR_A_IFINDEX={0x8}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @broadcast}, @HSR_A_IF1_AGE={0x8, 0x3, 0x5}, @HSR_A_IF1_SEQ={0x6, 0x6, 0x7}]}, 0x6c}, 0x1, 0x0, 0x0, 0x20884}, 0x20040805)
openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000001400), 0x60000, 0x0) (async)
r11 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001480), r0)
sendmsg$auto_HWSIM_CMD_DEL_RADIO(r1, &(0x7f0000001580)={&(0x7f0000001440)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000001540)={&(0x7f00000014c0)={0x70, r11, 0x200, 0x70bd2a, 0x25dfdbfc, {}, [@HWSIM_ATTR_PERM_ADDR={0x42, 0x16, "95565f01d7583bae68affdc199b28b1e8c5c4c51bc7a30e39daad04ea3f8240c48ca1b86ddabc1c469ead873823182dec03a791caf02a341bca5ea4523e5"}, @HWSIM_ATTR_PMSR_SUPPORT={0x8, 0x1a, 0x0, 0x1, [@NL80211_PMSR_ATTR_REPORT_AP_TSF={0x4}]}, @HWSIM_ATTR_IFTYPE_SUPPORT={0x8, 0x17, 0x7fff}, @HWSIM_ATTR_RADIO_ID={0x8}]}, 0x70}, 0x1, 0x0, 0x0, 0x80}, 0x4000000) (async)
mmap$auto(0x4, 0x9, 0x0, 0x14, r0, 0x0) (async, rerun: 64)
r12 = landlock_create_ruleset$auto(&(0x7f00000015c0)={0x6, 0xf3b6, 0x8}, 0x8000000000000001, 0x5) (rerun: 64)
ioctl$auto_SNDCTL_FM_4OP_ENABLE(r12, 0x4004510f, &(0x7f0000001600)="0ad1e54d86c07bd672568801b2")

3m51.098603922s ago: executing program 0 (id=207):
socket(0xa, 0x5, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000002640)='/sys/kernel/debug/tracing/set_event_pid\x00', 0x2002, 0x0) (async)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/adsp1\x00', 0x123002, 0x0)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, 0x0, 0x80) (async)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000440)="0f6aae3671011f08f4ff44ca786b769b89fb9e69bf3a9ba9888993e1270a1665b9c139a234fdac296bfa563b2170fc5f1ca1b35b392a3f1e289c0d85b25dee0fabd4dde38e28faa43606047fc9f9937e218ca0a36f123db942cbc002135e99807b0ddc409f84d2df3808bf825b55f05b5bfa1dcc85746af2f9bc5705ab3ee680a455e588e4a3592c7d6f6ad35e1517a7") (async)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/attr/current\x00', 0x1, 0x0)
openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000400), 0x80001, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x27, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x1, 0x3, 0x11000000, 0x0, 0x7, 0x200000006d3c, 0x5, 0x10, 0xfffffffffffffffd]}, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
setsockopt$auto(0x3, 0x10000000084, 0x71, 0x0, 0x8) (async)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) (async)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) (async)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async)
userfaultfd$auto(0x1) (async)
read$auto(0x3, 0x0, 0x80)
mmap$auto(0x0, 0x5, 0xdf, 0x12, 0x2, 0x800008000) (async)
madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async)
mq_unlink$auto(0x0) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket(0xa, 0x806, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
socket(0x10, 0x2, 0x6) (async)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)

3m50.042681658s ago: executing program 0 (id=212):
r0 = socket(0x2, 0x1, 0x106)
setsockopt$auto(r0, 0x1, 0x40, &(0x7f0000000200)='\x00\x89e\xad\x97\xc5E\xea=\x0f\xf4\xba4\x05>y/21\xfd\'\xc7\x1c\xaeV`\xc7^\x05\"H\xb8\x12\x99\x1fF\xdc\xc4\x02FV\x04D&9?\xa8d\xc97B\x9f)\xc6\xbb\x15_\xfd\xa5\xaf\xf8\xb8\x8a\x186\xa9\x0eY;\x9a\xe32T\xddn\xa6zK\xef\xf7\x04\x81\xb4\xb7;\x12\x1ch$\xbd\xd1x\x15\xa8\x9c\xba\x83\xa7\xbdwf8\xc03z|\xcd\xbc\xa1+8\xcet\x960\a\x80\x88!\x9e\x96\xcd\xb5dB\xc1L\xb2\xb1\xe6\xf9\x92\xd4\xcd\v0|G\xb7\xc3+\xb5\xa9\xb4E>ry\x8d(\xcb\xadaH<-h\xef8\x0678]`\x1f\xe5\\\x9c\xb4\xbd 6\x9fP\x16\xb5\xa1.;d\xf5F7TgT\x908=l\x89\x05\x03\xcb\x04\x9c\x0e\x04\xb5a\xe6\xa6\x13\xf8\xb2\xe1\xab\vI;\x10\xa7\xcc\x84\x1d\xff(\x1c\x99\x90M\xba\xfe\xaa\x8e\x83\x98\xbb8\xc3\x02\x8d(\xb0\x9c@n\xb7\xd3TF\xc7\x7f\x11\x9e\x00\x00\x00\x00\x00', 0x400000bf)
close_range$auto(0x2, 0xa, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000000c0), r2)
read$auto(r1, &(0x7f0000000040)='/dev/tty12\x00', 0x7)
mmap$auto(0x0, 0x9, 0xff7, 0x8000000008011, r0, 0x200000000007ff8)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
getpid()
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyzb\x00', 0x2800, 0x0)
r3 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
ioctl$auto(0xffffffffffffffff, 0x4b6f, r3)
setresgid$auto(0x4000009, 0x8, 0x7fffffffffffffff)
mmap$auto(0xffffffffffffffff, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
sysfs$auto(0x2, 0x100000000000035, 0x0)
fsopen$auto(0x0, 0x1)
close_range$auto(0xffffffffffffffff, r3, 0x0)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_OVS_DP_CMD_DEL(r3, 0x0, 0x10)
mmap$auto(0x0, 0x59d1ea71, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000)
openat$auto_lowpan_control_fops_6lowpan(0xffffffffffffff9c, &(0x7f0000000080), 0x800, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x1, 0xfffffbffffff0002, 0x80000000)
r4 = io_uring_setup$auto(0x6, 0x0)
close_range$auto(r4, r4, 0x8)
fchown$auto(0xffffffffffffffff, 0x0, 0x0)
keyctl$auto_KEYCTL_SESSION_TO_PARENT(0x12, 0x0, 0x0, 0x0, 0x6)
syz_open_procfs$namespace(0xffffffffffffffff, 0x0)

3m49.538425182s ago: executing program 0 (id=214):
mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0)
read$auto(r0, 0x0, 0x20)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer\x00', 0x101401, 0x0)
write$auto_seq_oss_f_ops_seq_oss(r2, &(0x7f0000000180)="868d180916c735e093b9861f0bde02ef6484efd1225c2444fcc82c0d59436954f1c5f1868337cc88c0551ac5e2456b2d59f35d15836a45174dd7a65e2b9c11584402a2d233711c1075c65047b196855f291971f6fa05a6ce417e5956bc9c1b3d364815d3f66cf7e1f2579c955b9490f89af6f234d145f17a3830dd2773e81e48dae316b7eedc93a2d3aa1f6e25ae9345a238bb040fbe002bfa003e9067ebdc1eff0c263241c8f40b", 0xa8)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0xa, 0x801, 0x84)
iopl$auto(0x2)
mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
symlinkat$auto(&(0x7f0000000000)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00')
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
madvise$auto_MADV_PAGEOUT(0x101, 0x9d0b, 0x15)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r3 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/input/event2\x00', 0x2a482, 0x0)
writev$auto(r3, &(0x7f0000000040)={0x0, 0x18}, 0x8000000000000001)

3m49.030915191s ago: executing program 0 (id=219):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
r0 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x0, 0x0)
socket(0x10, 0x2, 0x0) (async)
r1 = socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r2 = socket(0x10, 0x2, 0x0)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) (async)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
recvmmsg$auto(r2, 0x0, 0x7, 0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB=']'], 0x1ac}}, 0x40000)
recvmmsg$auto(r1, &(0x7f0000000140)={{0x0, 0x1, &(0x7f0000000080)={0x0, 0x400}, 0x5, 0x0, 0x200002, 0x8}, 0x803}, 0xfffffff9, 0x10, 0x0)
write$auto_proc_clear_refs_operations_internal(r0, 0x0, 0xffffff4b)
mmap$auto(0x0, 0x2000c, 0x10000000000df, 0xeb2, 0xffffffffffffffff, 0x8000) (async)
mmap$auto(0x0, 0x2000c, 0x10000000000df, 0xeb2, 0xffffffffffffffff, 0x8000)
syz_clone3(&(0x7f0000000380)={0x8004000, 0x0, 0x0, 0x0, {0xe}, 0x0, 0x0, 0x0, 0x0}, 0x58)

3m47.978914372s ago: executing program 0 (id=225):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r0, &(0x7f0000005380)={0x0, 0x0, &(0x7f0000005340)={&(0x7f0000000000)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002bbd7008fcdbdf250600000024000180090002006e6673640000000014000100df9b201bba5d82e832454bc5b9c949fdfc23c095223be6adc79313233062951bd8d15d84bfaad3febce4e2b4d6dab7db1fee4716924e5b8cae5bf080955707c6c081e0fdf2d5"], 0x38}, 0x1, 0x0, 0x0, 0xc000}, 0x20000000)

3m32.777299552s ago: executing program 32 (id=225):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r0, &(0x7f0000005380)={0x0, 0x0, &(0x7f0000005340)={&(0x7f0000000000)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002bbd7008fcdbdf250600000024000180090002006e6673640000000014000100df9b201bba5d82e832454bc5b9c949fdfc23c095223be6adc79313233062951bd8d15d84bfaad3febce4e2b4d6dab7db1fee4716924e5b8cae5bf080955707c6c081e0fdf2d5"], 0x38}, 0x1, 0x0, 0x0, 0xc000}, 0x20000000)

2m45.169732096s ago: executing program 2 (id=434):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
socket(0x10, 0x2, 0xc)
close_range$auto(0x2, 0x8, 0x0)
inotify_init1$auto(0x3000000000000)
ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
fanotify_init$auto(0x65, 0x2)
pipe$auto(0x0)
dup2$auto(0x5, 0x4)
splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9)
write$auto(0x6, 0x0, 0x100000001)
setsockopt$auto(0x3, 0x1, 0x2a, 0x0, 0x9)
recvfrom$auto(0x3, 0x0, 0x80000000002, 0x6, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0xfffffffc, 0xff)
r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ETHTOOL_MSG_RSS_GET(r1, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000001c0)={0x2c, r0, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@ETHTOOL_A_RSS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gre0\x00'}]}]}, 0x2c}, 0x1, 0x300, 0x0, 0x4004}, 0x840)

2m44.843793837s ago: executing program 2 (id=436):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x6, 0x7)
socket(0x2, 0x6, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x300, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22040, 0x75)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0)
mincore$auto(0x1000, 0x8001, 0x0)
r1 = openat$auto_dfs_global_fops_debug(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/ubifs/chk_general\x00', 0x0, 0x0)
ioctl$auto(r0, 0x400c4d06, r1)
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
mremap$auto(0x0, 0xf2, 0x3fd6, 0x0, 0x20000000)
socket(0xa, 0x801, 0x106)
mmap$auto(0x0, 0xd, 0xdf, 0x9b72, 0x2, 0x8000)
setsockopt$auto(0x3, 0x0, 0x18, 0x0, 0x9)
connect$auto(0x3, 0x0, 0x55)

2m41.785438148s ago: executing program 2 (id=448):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
sysfs$auto(0x2, 0x10000000000048, 0x0) (async)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45) (async)
r1 = fanotify_init$auto(0x5, 0x2000000000002)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45)
fanotify_mark$auto(r1, 0x451, 0xa, r2, 0x0) (async)
fanotify_mark$auto(r1, 0x451, 0x800000a, r0, 0x0) (async)
socket(0x2, 0x801, 0x106)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) (async)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) (async)
connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3}, 0x55) (async)
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) (async)
write$auto(0x3, 0x0, 0x100082) (async)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
acct$auto(&(0x7f0000000100)='/proc/thread-self/fail-nth\x00') (async)
read$auto(r3, 0x0, 0x22)
r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3) (async)
write$auto(0x3, 0x0, 0x100082)

2m40.088881481s ago: executing program 2 (id=457):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x6, 0x7)
socket(0x2, 0x6, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x300, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22040, 0x75)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0)
mincore$auto(0x1000, 0x8001, 0x0)
r1 = openat$auto_dfs_global_fops_debug(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/ubifs/chk_general\x00', 0x0, 0x0)
ioctl$auto(r0, 0x400c4d06, r1)
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
mremap$auto(0x0, 0xf2, 0x3fd6, 0x0, 0x20000000)
socket(0xa, 0x801, 0x106)
mmap$auto(0x0, 0xd, 0xdf, 0x9b72, 0x2, 0x8000)
setsockopt$auto(0x3, 0x0, 0x18, 0x0, 0x9)
connect$auto(0x3, 0x0, 0x55)

2m36.854292868s ago: executing program 2 (id=472):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
timer_create$auto(0xb, 0x0, 0x0)
timer_settime$auto(0x0, 0xffff8000, &(0x7f00000000c0)={{0xf, 0x10007}, {0x9}}, 0x0)
timer_gettime$auto(0x0, 0x0)
r0 = socket(0x1, 0x5, 0x0)
sendmsg$auto_NL80211_CMD_STOP_SCHED_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0}, 0x1, 0x0, 0x0, 0x20000800}, 0x1c044)
shutdown$auto(r0, 0x10000)

2m34.572485058s ago: executing program 2 (id=479):
openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cec8\x00', 0x101901, 0x0)
r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x40080, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x2, 0x1)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
getsockopt$auto(0x100000006, 0x0, 0xa, 0xfffffffffffffffe, 0x0)
ioctl$auto_UI_DEV_SETUP(r0, 0x405c5503, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
mmap$auto(0x0, 0x2000b, 0x4000000000df, 0x10000000000eb1, 0x401, 0x8000)
r1 = openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, &(0x7f0000000280)='/dev/etherd/revalidate\x00', 0x541, 0x0)
write$auto_aoe_fops_aoechr(r1, &(0x7f0000000000)="760cc96d0ba177c3b7f83676316991fd", 0x10)
io_uring_setup$auto(0x6, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002580), 0xffffffffffffffff) (async)
r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002580), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000002640)={0x0, 0x0, &(0x7f0000002600)={&(0x7f0000000000)={0x1c, r3, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2c}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x810)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x4, 0x0)
close_range$auto(0x2, 0x8, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) (async)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r6=>0x0})
mount$auto(&(0x7f0000000000)='veth0_macvtap\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='nfs\x00', 0x1, &(0x7f0000000340)) (async)
mount$auto(&(0x7f0000000000)='veth0_macvtap\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='nfs\x00', 0x1, &(0x7f0000000340))
sendmsg$auto_NL80211_CMD_SET_WIPHY(r5, &(0x7f0000000080)={0x0, 0x198, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002dbd7000fddbdf250800030008000300", @ANYRES32=r6, @ANYRESOCT], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097f751b33e}, 0x80)

2m19.385577159s ago: executing program 33 (id=479):
openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cec8\x00', 0x101901, 0x0)
r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x40080, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x2, 0x1)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
getsockopt$auto(0x100000006, 0x0, 0xa, 0xfffffffffffffffe, 0x0)
ioctl$auto_UI_DEV_SETUP(r0, 0x405c5503, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
mmap$auto(0x0, 0x2000b, 0x4000000000df, 0x10000000000eb1, 0x401, 0x8000)
r1 = openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, &(0x7f0000000280)='/dev/etherd/revalidate\x00', 0x541, 0x0)
write$auto_aoe_fops_aoechr(r1, &(0x7f0000000000)="760cc96d0ba177c3b7f83676316991fd", 0x10)
io_uring_setup$auto(0x6, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002580), 0xffffffffffffffff) (async)
r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002580), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000002640)={0x0, 0x0, &(0x7f0000002600)={&(0x7f0000000000)={0x1c, r3, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2c}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x810)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x4, 0x0)
close_range$auto(0x2, 0x8, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) (async)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r6=>0x0})
mount$auto(&(0x7f0000000000)='veth0_macvtap\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='nfs\x00', 0x1, &(0x7f0000000340)) (async)
mount$auto(&(0x7f0000000000)='veth0_macvtap\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='nfs\x00', 0x1, &(0x7f0000000340))
sendmsg$auto_NL80211_CMD_SET_WIPHY(r5, &(0x7f0000000080)={0x0, 0x198, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002dbd7000fddbdf250800030008000300", @ANYRES32=r6, @ANYRESOCT], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097f751b33e}, 0x80)

1m45.126793633s ago: executing program 1 (id=651):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
prctl$auto(0x8003e, 0x1, 0x0, 0xb, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff)
socket(0x2, 0x1, 0x0)
epoll_create$auto(0x4)
epoll_ctl$auto(0x5, 0x1, 0xffffffffffffffff, 0x0)
sched_get_priority_min$auto(0x40)
openat$auto_proc_projid_map_operations_base(0xffffffffffffff9c, 0x0, 0x101002, 0x0)
connect$auto(0x4, 0x0, 0x10)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket(0xa, 0x3, 0x3a)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x3, &(0x7f0000000000)={0x0, 0xc4}, 0xdf, 0x0, 0x0, 0x1}, 0x1}, 0x3, 0x9c64)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
fcntl$auto(0x3, 0x4, 0xa553)
timer_create$auto(0x5, &(0x7f0000000040)={@sival_int=0x4, @inferred, 0xb331}, &(0x7f0000000080)=0x9)
close_range$auto(0x2, 0x8, 0x0)

1m44.097184979s ago: executing program 1 (id=655):
r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0)
mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x401f, 0x1, 0x8e051, r0, 0x0) (async)
mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x401f, 0x1, 0x8e051, r0, 0x0)
bpf$auto(0xd, 0x0, 0x6f5) (async)
bpf$auto(0xd, 0x0, 0x6f5)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
init_module$auto(0x0, 0xffff9, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x8000000000000000, 0x15)
madvise$auto(0x0, 0x2000000080000001, 0x3) (async)
madvise$auto(0x0, 0x2000000080000001, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
capset$auto(0x0, 0x0)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x80, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/rpc/nfs\x00', 0x509040, 0x0) (async)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/rpc/nfs\x00', 0x509040, 0x0)
move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x91e4)
madvise$auto(0x0, 0xffffffffffff0005, 0x17) (async)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r1 = socket(0x10, 0x2, 0x0)
statmount$auto(0x0, 0x0, 0x1fe, 0xd) (async)
statmount$auto(0x0, 0x0, 0x1fe, 0xd)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
sendmmsg$auto(r1, 0x0, 0x7, 0x4008) (async)
sendmmsg$auto(r1, 0x0, 0x7, 0x4008)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x91e4) (async)
move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x91e4)
mmap$auto(0x0, 0x200003, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)

1m40.914888784s ago: executing program 1 (id=669):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:19/sun\x00', 0x20301, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000080)="48e02437d1ffb450482bc3acc86033690d006429d018713ca4219d113c0ae619219a698bb54d19681cb41f4054389550a3db810387b469d70bfa19565e625ff827dfe00363f9374c31398fbb75a8fedff497d38ff9dc537f7fb7250d191840f4ed6700"/110, 0x6e) (async)
r1 = semctl$auto_SEM_STAT(0x8, 0x10, 0x12, 0x5)
prctl$auto_PR_SET_FPEMU(0xa, 0x3, r1, 0xb3, 0x2)

1m40.76592054s ago: executing program 1 (id=670):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001140)={0x0}, 0x1, 0x0, 0x0, 0x2000009c}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1370cfde32e565d4819950d086429f7a634ecf803b1fc0978f61d84177a2acc3c3cc6f508bcb6012d9c269b4351fee2c7f2846ce5e99aa0029b1378510006bcc9325daa679e8b4d0b8d93a95a1156cb1e2ebaf33641f2f00f725e504620ec324f80b43fe2c772e43bcd516ead413d4ede55ae9d0487910891881b9a9f8b9dfc9c3b42bbf", @ANYRES16=0x0, @ANYBLOB="01002cbd7000fbdbdf250a00"], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x4814)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="19"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f0000000000)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x1}, 0x2, 0x0)
r0 = socket(0x2, 0x6, 0x0)
setsockopt$auto(r0, 0x10d, 0x4, 0x0, 0x17)

1m40.565242313s ago: executing program 1 (id=672):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a)
openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
syz_genetlink_get_family_id$auto_nl80211(0x0, r0)
r1 = socket(0x2, 0x3, 0xa)
sendmsg$auto_IPVS_CMD_GET_INFO(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x2ccc}}, 0x1)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
write$auto(0x3, 0x0, 0xfffffdef)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
r2 = mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0)
mq_timedsend$auto(r2, &(0x7f0000000140)='O\x0e\xb0\xd9k\xc8\xb6\xdf\x1d\xb6z\fx\xd8\x19\xee\xb2\x94\x14\xc9<\x17h~\xac\x05\xd7\x97vd\xb2\x1b\xa1\xa4^\xc59\x19\xd3\xa2\xc6\xb9\rp\xfd\x945\n\x87\x1c\x11D\xc5\x80\x97\xacT\r\x83\xac\x9dvK#w\xe8^\x8f`\x94\xe0%\x88\xef8\xc1\xc5\x03\xb2\xf8\xbeI\xd9\x95\xce\x89\xdf\xe0\xf1\xact', 0x6, 0x90, &(0x7f0000000100)={0x100000000003, 0x4})
shutdown$auto(r1, 0xffff)

1m39.745316444s ago: executing program 1 (id=675):
socket$nl_generic(0x10, 0x3, 0x10)
pkey_free$auto(0x5)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff)
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv6/conf/wlan0/stable_secret\x00', 0x242842, 0x0)
sendfile$auto(r0, r0, 0x0, 0x7ffff004)
mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0)
read$auto(r1, 0x0, 0x20)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0x1d, 0x3, 0x1)
write$auto_nsim_psample_enable_fops_psample(0xffffffffffffffff, &(0x7f0000000100), 0x0)
seccomp$auto(0x200, 0x41eb0178, 0x0)
mmap$auto(0x0, 0x40009, 0xa, 0x9b72, 0x2, 0x28000)
r3 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64)
fchdir$auto(r3)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x7, 0x0)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
unshare$auto(0x200)
r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00')
setns(r4, 0x0)
sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)={0x14, 0x0, 0x1, 0x70bd2b, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x8044}, 0x4001090)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xffffffffffffffff}, 0x2, 0x0, 0x7, 0xa507}, 0x840}, 0x20000007, 0x8)
openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/usb/usbmon/19u\x00', 0x20081, 0x0)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000180)='nfsd\x00', 0x8, 0x0)
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001)
mount$auto(0x0, &(0x7f0000000100)='}[,&*}\x00', 0x0, 0x10001, 0x0)
pivot_root$auto(&(0x7f0000000000)='}[,&*}\x00', &(0x7f0000000040)='.\x00')
mmap$auto(0x0, 0x3, 0xbe, 0xeb1, 0x401, 0x8000)

1m24.617622459s ago: executing program 34 (id=675):
socket$nl_generic(0x10, 0x3, 0x10)
pkey_free$auto(0x5)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff)
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv6/conf/wlan0/stable_secret\x00', 0x242842, 0x0)
sendfile$auto(r0, r0, 0x0, 0x7ffff004)
mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0)
read$auto(r1, 0x0, 0x20)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0x1d, 0x3, 0x1)
write$auto_nsim_psample_enable_fops_psample(0xffffffffffffffff, &(0x7f0000000100), 0x0)
seccomp$auto(0x200, 0x41eb0178, 0x0)
mmap$auto(0x0, 0x40009, 0xa, 0x9b72, 0x2, 0x28000)
r3 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64)
fchdir$auto(r3)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x7, 0x0)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
unshare$auto(0x200)
r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00')
setns(r4, 0x0)
sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)={0x14, 0x0, 0x1, 0x70bd2b, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x8044}, 0x4001090)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xffffffffffffffff}, 0x2, 0x0, 0x7, 0xa507}, 0x840}, 0x20000007, 0x8)
openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/usb/usbmon/19u\x00', 0x20081, 0x0)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000180)='nfsd\x00', 0x8, 0x0)
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001)
mount$auto(0x0, &(0x7f0000000100)='}[,&*}\x00', 0x0, 0x10001, 0x0)
pivot_root$auto(&(0x7f0000000000)='}[,&*}\x00', &(0x7f0000000040)='.\x00')
mmap$auto(0x0, 0x3, 0xbe, 0xeb1, 0x401, 0x8000)

1m13.970036141s ago: executing program 6 (id=711):
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) (async)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async)
fstat$auto(0x2, 0x0) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$auto(r1, 0x10e, 0xb, 0x0, 0x0) (async)
mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) (async)
capget$auto(0x0, 0xfffffffffffffffe)
capset$auto(0x0, &(0x7f0000000140)={0x4, 0x7, 0x8}) (async)
msgctl$auto_IPC_STAT(0x1, 0x2, &(0x7f00000000c0)={{0x0, <r2=>0xffffffffffffffff, 0xee01, 0x9, 0x8f6a, 0x7fffffff, 0x6}, &(0x7f0000000040)=0x1, &(0x7f0000000080)=0x7, 0x1, 0x8, 0x0, 0x2, 0x5, 0xfffb, 0x0, 0x6415, @raw=0x9, @inferred=0xffffffffffffffff}) (async)
mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000) (async)
acct$auto(&(0x7f0000000640)='/proc/thread-self/net/rpc/nfs4.idtoname/content\x00') (async)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/rpc/nfs4.idtoname/content\x00', 0x181b80, 0x0)
read$auto(r3, &(0x7f0000000440)='2\x06J Nwe0\xbd\"\x8f\xe5h_b\xde\x19\xa5\x0e\xfa\xe0\xcb\xb7\xaceW\x1a\x1f\xae\xd8\xfe\x01Y\xd6\xba\xde3\xc7\xf8\x91\xda\xf6_%\xf30\xdc\x97<\xf3A\xa7\xb4\x8dj\xbd\x02\xb1}{e\xf64\xecC\x83,\xecp7j\xf8<\xc8x\xd4\xb0\x1d\b\xb08\x01\x9e\x9et\x8aa\xe1\re\xcf\x8e\x02\xeeW\xf0z\vk\x02_\xdb\x15f8>;zM\xa95\x16\xe9l\xf5\xaa\xaa\x03\x18p\x0e\xde$\xc3\xa9\xac\xc7\x98\x05<\xef\xcd@z\fx}F\x93\xe1\xbd\xb3s\x80\xc1e\xe9T1\xbf\xc8_^\a\x03\xad\ni\n~-u)\x88\x97\xed\xa7\x9b\x0f\xef\x99\x13\xdc<\xd1{\br\xd6[\xd3\xa9-(KH\b\xdfJ\xdek\xef\xc9\xd7\n\x83m\x86\xf2\a\x8d\x19\xe0\\\xf0lg?\x98\xc8\x8e\xbd2?C\xa5\x8a\xe3\xc6\xd7\x00\x14n\xb8<\xab\x96\x8d\xa1\xf4\x87\xe5\a:z\xea\xcc\xa1\x8d\xae8\x12\xa6\xb9\xd99\xaa\xc5\x10\xad\xdd\x89\xddC\xf5\xd2Q\x92\xcd\xcc\x9f\x1a\xdbR\xeeL:\x87\xb3\xb0\x84\x1bR\xf2\xe2/\xa3\x0e\x90\x98\x8c\xc0\xa4\xda+U\b\x88\xa7\x88\x1fC\xbb\xa8\xce\x0f\xd5\xdew\x99\x18G.s\x16\xfa\xf2\x96|\x1e]\xe5\xf8\xb1\x8b.}\x841\xd8\x98\xd8f86h\xab\x94\x7f\xc4<\x03\xdd\x86=\xb6\x1e@\xab6\x81\xce\xaa\xcf\xfd\x947\xc3\x86\xfe\xb7O\xd9\xa9\xb6[\xcc\xd8\xe1\xa9\x84[\xe0\xd4\x03\x90@\x03\xbe\xba\xee\xed\xe9\xb1\xd2\xf1\x8cgn\xb7m/\xf1\"\xc2\xeb\x1d\x04\xf3\xf1\x96\xf2\x00C\xf0wg\xd6\x11\x18\xb5o\x9d\xd7`\xce\x81\x9b1b\x8ce\x99*\xa3\xd2\x8dAw\xd9\xa6l\\\x17\xbb\xf6\xe2\xa2<\n\xc0\f:\x97\xff\xc6y\x05<\xa6\x81\xd92\xc9\x9e\f[\xf9\xfc\xf1ih\"J\x92\xd2\xd4\xc2\xe8\x89 \x81\xbf8C\xa9\x1at\xa1\xdc\x94\xc5\xc8K\xbb\x14h\xa9)\xaa\xf2\xda\xaf\xb1\rs\xe6\x97\x1e\xcc6\x94\xff\x1b\x8e\x98\xf7\xa0', 0x67b) (async)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) (async)
shmctl$auto_IPC_INFO(0x2, 0x3, &(0x7f0000000340)={{0x400, <r4=>0xee00, 0x0, 0x80000001, 0x4, 0x2, 0xb}, 0x0, 0x4a5b0e3d, 0x7fffffff, 0x1, @inferred, @raw=0x8000000, 0x2, 0x0, &(0x7f0000000180)="7569fa38cffd5e3f175c0390ec8c4bdc49bf03aba1cbb2d16b40e6bb502a7086f6b5983f90b3f9d25e94d30f854721347db2160aa362b0ce14a417109f7f7841b86a47ec8c298f32d68ca6ad0868d6f738740f0a1da2a821104d0b7a4c5a08e4328137d8d27bd2a1026b5de1f20081205adcd05dfae6dadd5a653697f9367defcdc36997c92ebef03554b3b2bd0c2c7692662892616e8324b5bac4b30dacfad8aa250b8a19cceae7bb644c68e4f4c9d4bf0e6c1031210c8b8f1f83fb83227b6e1a90558af8246c3ca9b4a68e635a23d14b31841b4ede8773b01ac841", &(0x7f0000000280)="ae933863b9d0d50a99006c91d2f334290430a2bca07d0026d3e1b04c2f39cf465ae2425560855605ca4c262cac57056055b3050acc5bd843caef70bfe16a9daaa72302b725c1e5e8d25d161ea38bc21468872b59cd379fa686e1cf3c6ea53ec2790b975c052a12b1974a1e5ce5077c7adbfa7b7b05b65b6c6e9ce2641540af5d66b05d11f2b02af8c643c9a5ca006bdb1d3135cc13f8a5016056c89ac9d843aa69a1e996c2a2cad93542b3350da69d1f52bec6d02f4bf86dfdca"})
ioctl$auto_KVM_GET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee2, &(0x7f00000003c0)={0x6, <r5=>0x0, 0x1, 0x5bb})
keyctl$auto(0x6, r2, r4, r5, 0x4)
munmap$auto(0x0, 0x2000000c) (async)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
r6 = openat$auto_transaction_log_fops_(0xffffffffffffff9c, &(0x7f0000000400)='/sys/kernel/debug/binder/transaction_log\x00', 0x101000, 0x0)
pwritev2$auto(r6, &(0x7f00000004c0)={&(0x7f0000000440)="5d3d29e470c43b87c1b412b53c3d8c5bc94c1af407a99046cc0abfd0e2aa60dff110689e4a7c89da1cbd04d5e6ff0efdce92ea7428a9fa89fa2650d4f342b8b74991f736ec73daba5a0d9b185f2aaced7b638b7586fca2ea7181b7ed135571f501bdb559388092083722efe4", 0x4}, 0x6, 0xff, 0x401, 0xffff) (async)
io_uring_register$auto(0x2, 0x14, &(0x7f0000000040), 0x3)
ioctl$auto(r0, 0x4b67, 0x1)

1m13.63140318s ago: executing program 6 (id=751):
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100)
r0 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x61)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
write$auto(0x3, 0x0, 0x100082)
lseek$auto(r0, 0x7fffffffffffffff, 0x3)
keyctl$auto(0x1, 0x5, 0x0, 0x81, 0x6)
fcntl$auto(0x0, 0x407, 0x1)
truncate$auto(&(0x7f00000000c0)='./file0\x00', 0x0)
socket(0x1a, 0x6, 0x5f8f)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
inotify_init1$auto(0x3000000000000)
io_uring_setup$auto(0x6, 0x0)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
gettid()
openat$auto_force_wakeup_fops_hci_vhci(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setfsuid$auto(0xee01)
keyctl$auto(0x4, 0xfffffffd, 0x2, 0x0, 0x8)
fsopen$auto(0x0, 0x1)

1m12.86738095s ago: executing program 6 (id=756):
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0)
socket(0x27, 0x6, 0xff)
syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000340), 0xffffffffffffffff)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/ip_tables_targets\x00', 0x101000, 0x0)
fcntl$getown(r1, 0x9)
landlock_create_ruleset$auto(&(0x7f0000000000)={0xdaa0, 0x1, 0x8}, 0x5, 0x0)
landlock_restrict_self$auto(r0, 0x0)
umount2$auto(&(0x7f0000000040)='.\x00', 0x4)

1m12.649561016s ago: executing program 6 (id=757):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0xa, 0x801, 0x84) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
setsockopt$auto(0x3, 0x10000000084, 0xc, 0x0, 0x4) (async)
listen$auto(0x3, 0x81)
getrandom$auto(0x0, 0x6000000, 0x3) (async)
ioctl$auto(0xc8, 0x400454d1, 0x5c8d)

57.121831964s ago: executing program 35 (id=757):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0xa, 0x801, 0x84) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
setsockopt$auto(0x3, 0x10000000084, 0xc, 0x0, 0x4) (async)
listen$auto(0x3, 0x81)
getrandom$auto(0x0, 0x6000000, 0x3) (async)
ioctl$auto(0xc8, 0x400454d1, 0x5c8d)

8.442291485s ago: executing program 5 (id=946):
r0 = openat$auto_proc_pid_set_timerslack_ns_operations_base(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0)
write$auto(r0, 0x0, 0x5) (async)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0) (async)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda1\x00', 0xac600, 0x0) (async)
sendmsg$auto_MAC802154_HWSIM_CMD_NEW_EDGE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x81)
readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007) (async)
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYRESOCT], 0x24}, 0x1, 0x0, 0x0, 0xc005}, 0x4) (async)
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000400)=ANY=[@ANYBLOB="120000e0", @ANYRESOCT=0x0, @ANYRES8=0x0], 0x14}, 0x1, 0x0, 0x0, 0x4c894}, 0x4)
unshare$auto(0x127)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/net/erspan0/queues/tx-0/byte_queue_limits/hold_time\x00', 0x2, 0x0)
write$auto(r1, &(0x7f0000000100)='9\x00d1L\xff\x15\xba\xa17=(\xc1\xf8\xff\xff\v\xb5^\xa1/[', 0x8) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYRESDEC, @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000)
r2 = syz_genetlink_get_family_id$auto_vdpa(&(0x7f0000000500), 0xffffffffffffffff)
sendmsg$auto_VDPA_CMD_DEV_CONFIG_GET(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000680)={&(0x7f0000000700)=ANY=[@ANYBLOB="18010000", @ANYRES16=r2, @ANYBLOB="000228bd7000fedbdf2506000000ef000a00420b7a50c3487dca3dbf7a412967aa76aba7b4224140d2f716c787f86edb31cc9df8f4c0ea0a88781548806c23191d0e146f2f14b225abc1080540055c6a51bc3415c9759fd05bfffc3c130bc6e63f94342eddb17e7ff427f084f01e5ec5d3f938c3f569ae617ac386727376f8ffffff5cf8ccf5090703cf001beae63aef98349db45c320e9deb72af4f2dbf7176988e00376347297b2aeaa619c94e6fe9655704ec8db1a1c45fd4553a5b429597e09cc87818bca96d44f6143d10f01110b5d04974624cee3ec69cd3da448c299c84686ae711012064d6a5d863e4f9323882d913fad50a6b731fe365a934dcb36df125abed8d7324ed579b000c001400040000614cf5cd4ab2d00d35aaecd6115b22d2eec7595f43fee93de7f65f1a7ae86ce5585a876c842aad8ec5619332271478c2a8aeb5fef5d6e7373a320df3cc192aea6175f102710ff12ea9e0ca058336332a1c9a55aea9fc7c21bde95fe371a1bbba"], 0x118}, 0x1, 0x0, 0x0, 0x4040804}, 0x8000) (async)
r3 = socket(0x10, 0x2, 0x80000040)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=ANY=[@ANYBLOB="e76e75d789830d58523522d68936806be79e16d3d84ef84915f2e90e17d8d6ed8ab1ed10f319116225116f979ca6bd4013de839894ac491b"], 0x1ac}, 0x1, 0x0, 0x0, 0x2004c814}, 0x20048844) (async)
r4 = openat$auto_btrfs_dir_file_operations_inode(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bluetooth/hci1/power\x00', 0x880, 0x0)
mremap$auto(0x2e16, 0x1, 0x372, 0xb, 0x2) (async)
io_uring_setup$auto(0x2b78, &(0x7f0000000140)={0x9, 0x10, 0x1, 0x5, 0x1ff, 0x2, <r5=>r4, [0xd2, 0xfffffff8, 0x2017a2], {0x4680, 0x5, 0x20, 0xd, 0xe, 0x1, 0x800, 0x88, 0xffffffffffffffff}, {0x3ff, 0x2000e75, 0x3, 0xba, 0xfffff829, 0xfffffffd, 0x1, 0xfffffff7, 0x80000000}})
syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000280), r5) (async)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000002c0)={'nicvf0\x00'}) (async)
socket(0x28, 0x5, 0x0) (async)
setsockopt$auto(0x400000000000003, 0x28, 0x0, 0x0, 0x56b) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r6 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0)
recvmmsg$auto(0xffffffffffffffff, 0x0, 0xfffffff9, 0x10, 0x0) (async)
ioctl$auto_RTC_RD_TIME(r6, 0x80247009, 0x0) (async)
openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fb0\x00', 0x20401, 0x0)

8.392767954s ago: executing program 4 (id=947):
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000200)={{@inferred, 0x1, 0x1, 0x8, "3112d585005a614d19e22af9ffb683dbede3d0bf828bbfba40f035f4be6b7fe5e2f94bd90484b0755015e48d"}, 0x2, 0x5, 0x4, @inferred, @integer={0x7, 0x5, 0x5}, "7a9fc199a16a2311eacf2fc7ae1da978dc3e8090334fdd73340238d212b6debe0eda71bdd70925450e24e87212f0bcab84a16f7ce8cbce0bb32777702b8d7c2d"})
sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x24048084}, 0x4004810)
rt_sigqueueinfo$auto(0x0, 0x4, &(0x7f0000000000)={@siginfo_0_0={0xf9, 0x14, 0x7e73, @_timer={0x0, 0x80000001, @sival_ptr=0x0, 0x5}}})
r0 = socket(0x11, 0x3, 0x9)
sendmmsg$auto(r0, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200)='M', 0x21}, 0x5, &(0x7f0000000180), 0x5, 0xe}, 0x5}, 0x2, 0x100) (fail_nth: 4)

7.858796825s ago: executing program 5 (id=948):
r0 = open(0x0, 0x22240, 0x55)
statx$auto(r0, 0x0, 0x2001003, 0x4005, 0x0)
openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000000), 0x48101, 0x0)
read$auto_ima_measurements_ops_ima_fs(r0, &(0x7f0000000000)=""/232, 0xe8)
r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0)
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000)
ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
write$auto(0xffffffffffffffff, 0x0, 0x100)
ioctl$auto_PPPIOCSNPMODE(r1, 0x4008744b, 0x0)
adjtimex$auto(&(0x7f0000000000)={0x4, 0x0, 0xcbe9, 0xffff, 0xa, 0x80000000, 0xd37f, 0x0, 0xffff, 0xc, 0x3, {0x10, 0x6}, 0xfffffffffffffffc, 0x10001, 0x2, 0x4, 0x0, 0xfffffffdfffffffa, 0x1, 0x0, 0x9, 0x1, 0xffffffff})
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000)
r2 = gettid()
process_vm_readv$auto(r2, &(0x7f0000000040)={0x0, 0x2}, 0x4, &(0x7f00000000c0)={0x0, 0x100000000000002}, 0x3, 0x0)
socket(0x10, 0x80000, 0x2)
open(0x0, 0x22240, 0x55) (async)
statx$auto(r0, 0x0, 0x2001003, 0x4005, 0x0) (async)
openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000000), 0x48101, 0x0) (async)
read$auto_ima_measurements_ops_ima_fs(r0, &(0x7f0000000000)=""/232, 0xe8) (async)
openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) (async)
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) (async)
ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
write$auto(0xffffffffffffffff, 0x0, 0x100) (async)
ioctl$auto_PPPIOCSNPMODE(r1, 0x4008744b, 0x0) (async)
adjtimex$auto(&(0x7f0000000000)={0x4, 0x0, 0xcbe9, 0xffff, 0xa, 0x80000000, 0xd37f, 0x0, 0xffff, 0xc, 0x3, {0x10, 0x6}, 0xfffffffffffffffc, 0x10001, 0x2, 0x4, 0x0, 0xfffffffdfffffffa, 0x1, 0x0, 0x9, 0x1, 0xffffffff}) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) (async)
gettid() (async)
process_vm_readv$auto(r2, &(0x7f0000000040)={0x0, 0x2}, 0x4, &(0x7f00000000c0)={0x0, 0x100000000000002}, 0x3, 0x0) (async)
socket(0x10, 0x80000, 0x2) (async)

7.812502919s ago: executing program 4 (id=949):
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x20540, 0x0)
r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000001040)={0x80, 0x6, 0x400, 0x1, 0x101, 0x0, &(0x7f0000000040)})
mknod$auto(0x0, 0x1, 0x4)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
ioctl$auto(r1, 0x4b32, 0x9)
r2 = socket(0x10, 0x80002, 0x0)
r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000480)='/dev/video18\x00', 0x802, 0x0)
write$auto_v4l2_fops_v4l2_dev(r3, &(0x7f00000004c0), 0x41)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8000, 0x0)
clone$auto(0x7, 0x113a6380, &(0x7f0000000000)=0xfffff132, &(0x7f0000000040)=0x1, 0x401)
io_uring_setup$auto(0x6, 0x0)
r4 = timerfd_create$auto(0x0, 0x0)
timerfd_settime$auto(r2, 0x3, 0x0, 0x0)
close_range$auto(0x2, r4, 0x0)

7.377616225s ago: executing program 4 (id=951):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async)
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/hsr_slave_1/ra_defrtr_metric\x00', 0x202, 0x0)
sendfile$auto(r0, r0, 0x0, 0x5) (async)
mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0) (async)
r1 = socket(0x2b, 0x1, 0x1)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/trace_pipe\x00', 0x2000, 0x0) (async)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB="ee7f085b1da310d31d08f3d4ab385b645c9d5ba5", @ANYRESHEX=r0], 0x14}, 0x1, 0x0, 0x0, 0x40014}, 0x80) (async)
r2 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, 0x0, 0x200, 0x0)
ioctl$auto_dvb_demux_fops_dmxdev(r2, 0x6f29, 0x0) (async)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x42, 0x0) (async)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000340)='/dev/snd/midiC2D3\x00', 0x2001, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) (async)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000380)={[0x1ff, 0xd5b, 0xc, 0x9, 0x948a, 0x2, 0x15f6da08, 0xfffffffffffffffe, 0x3, 0x300000000000600, 0x40080000001, 0x7, 0x6d3c, 0x6, 0x9]}, 0x0) (async)
mmap$auto(0x0, 0x20009, 0x3, 0xeb1, 0x401, 0x8000) (async)
io_uring_setup$auto(0x6, 0x0) (async)
setsockopt$auto(0x3, 0x1, 0xf, 0x0, 0x9) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_wireguard(0x0, r4) (async)
r5 = open(0x0, 0x261c2, 0x84)
ftruncate$auto(r5, 0xa0)
lseek$auto(0x3, 0x2, 0x4) (async)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x48040}, 0x4000) (async)
connect$auto(0x3, 0x0, 0x55) (async)
socket(0x5, 0x2, 0x4000) (async)
statmount$auto(0x0, &(0x7f0000000040)={0x1, 0x0, 0x36, 0x828, 0x9, 0x8000000000000000, 0x9f, 0x7, 0x9, 0x8, 0x2, 0x9, 0x3, 0x10000000000008, 0x0, 0x200000000000f, 0x100, 0x40000001, 0x10001, 0x2cf8, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x4]}, 0xe3c, 0x0)

6.432229558s ago: executing program 5 (id=954):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = prctl$auto(0x17, 0x10000000000001, 0x0, 0xfffff7ffffffffff, 0x8)
r2 = prctl$auto_PR_GET_SHADOW_STACK_STATUS(0x4a, 0xfffffffffffffd4c, 0xffffffffffffffff, 0x7b, 0x6)
syz_clone3(&(0x7f0000001180)={0x8a200080, 0x0, 0x0, 0x0, {0x19}, 0x0, 0x0, 0x0, 0x0, 0x0, {r2}}, 0x58)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r3 = timerfd_create$auto(0x9, 0x0)
timerfd_gettime$auto(r3, &(0x7f0000000080)={{0x1, 0xc8}, {0x7, 0x1}})
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r1)
sendmsg$auto_NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f00000008c0)={0x678, r4, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}, @NL80211_ATTR_IE={0x616, 0x2a, "fa09c008946282c5a8ff5ed6789cb2f998291b113a39d580d015c5caa1fdb0a70b8ae6756a72fb288085b235bc5c70f66fc1f3705e7f8c8831aba014eba5a45ae3b3c272073b43d98cf9e032cdc5e18af5f95a4fbaf5b7d23002d65c6c5d21dc1ee43136b4a1bf25f8c0fe62faacce5b977266bff774cbbe529e3620bb8b7a935eaa42d4ed5e0096c2ea9c63efc4cf7a2af36132501fe1fc69088ce08dec4be93e4bc178b2d6e4edeb712695714940bb49c9c88fd81abc3be389c7a2edf3d216e1aaf10ad0d033e22d647f32cea70617b1f328488460e5f1a067e8ea51e2d552266cdba0b72b39af81a8f72e55ddef21654635c7fee61713b9e7f75bc6ba4ef1e367819109fc5976a6e5664b22a70a0366ee7e7e56b777b3c0e450ee7e8a2b3c0031b8011f29bfba7236db18ec89d94b3923a5aa7f08b15475c953623a97a59d1bfe44a305b1018ec965fe7f21358569186849f4fa666d1f903f98c4d15dc5a0e37ffce31e40c576d87ffeebe3d83fbe9db7d588c7bf3720040f86becca81fe8c20ac6613f6521e2fd290dc4b3467c1a6a6b03a671da6877877ae0e40cffe5f0cea066469eb3e00b0579d1b613cfc470863bc08ea37bf5dd1170a0bab7a123d526299b3b51ca0b73145f776b471cf56dd4dc681a045605d895755149ce93bb99fa2cfd39aa7ba42caabe6e6dfafa1677ac2a55405efaebc001bbf4b209d1dadc67b2125650b6e38608071448a01bacfb284e94236ffe9b75bd5d4471555aa3d000b186dfba5d89cfc22a180ebcf235541177c27c56ccf2886527eaed00276df3bb008c27fe095ea6feb2e5f0ce0e0829d79243d268fb277e798185b6b4f9507f73d971dd567c2c161eef15116184575ecaff90371cf4c1968b9e49a0e8947f4a49842c3ffac3e8b7a6b645431b3d9f8fa9b57b25e0cbed538e9e3df96958a05fcd2dde0ae1b5b4f47067adada9ee89dae929ef203c5686110ddcd63e1335abe255b771743063a1ed9e10d29b6785fdba478ce993b01d895d114b8033f6c2af531817b0567805ecc7c232d9400d9d0ee58c5b5e4d588b770e35369efb5a46e455c26da2071743e7d731285165fb498d23a62f42ea700cf2c710cfa9013c72328ea6195864f3a3e1c8da3c9012195b7255c429fa0b3f9f4e2a36ab156af191455cc0ec1879a88f7c73315c553fcbef49d339f0c88b0e151d188df60eabaa1c00eb9158234ccec272cd64dfcca75dbffdb66ef257c894ce30edfb6ede949b8dc1588f8200b060dcae33cc66b63629c2dfb96eee2eac47ac175d81f9197fdac0daba8eee5980d7e25ab6b88d1d5f2eeec1b9c81621d9714fd44434082b7e0b6f8f6d59e60c0e6101cc5f900cc7b91653f448992a4039346783a5fc25cf9f43866ebfc40eee28f8d2ff86861e0f337973dc1abf1bbd2230e17d7442a316e63ff28ddc86f2a2fd0138967d8806edb2cb1fb66b9082fc45830c21f948d2e308071e1eb34d426b93b57c7f0727873bf11d31df066a0f335cbbf87b763e2c855ea6d4f46c82c162a487e4ccf8e8a5180f650808f186152d7773934f7d2f250f5e11a5ccb0854c471841f19c261fa13faec75618283a267c934a69382f2ba85021020190fe68f5d112251e9ef217147d9a87d1e1d2cf51fe577d5265135ab753b75e97b59abafb152cb6a653151066eae78ee2eab14dd1c0c17cfe60d3383e43d1587f6e34933af478559d66f3344a198d0263cd596cea1d2803229757fddaacb04e969d3dcdc66a3bfc1c1e295c4268eadde21618754034cff4e5258e24c417788b1ad3aa479e259fd8e4d6eddbef50bfd4c9cd77057613de53884aa4595e4501e776020c2302f72ca824f9c00a1a6d4a8e05d8664036d51bb03fd99052a7ba32b3cd85f71d1b65ac62a7bf3ea8176d93fcb4b981c8e10eba30fef3012f87a173554a5dcb5f281d44ba5b6b81a6808b0aa89ec973e0c737b72433b9adf5c9a37b20fae4bf41928a6f362c32136cbbba697d74575427620011b17448d59d2c7f6e2ccc2da2bee8cba7e7f9c59670b0f61fa7a76aef8b82862342d3bfe00c1e1294048ece7c0a711e8f84eeccc5b205e6a1915535dc26ea028946868b626112deb41ac3bb5cdb6d9b7d05b15664bdb411d5722e500c2cfb72b2e8137aa02375c242abb79ca406cec00bb14e9cde1b422346674dd39cc169"}, @NL80211_ATTR_MNTR_FLAGS={0x9, 0x17, "f6076d5b2f"}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'ip6erspan0\x00'}, @NL80211_ATTR_WIPHY_FREQ_HINT={0x8, 0xc9, 0x5}, @NL80211_ATTR_SAE_PASSWORD={0x1e, 0x115, "caf5e5d9bab0d1fcc59d742f5ecdedb0c560af61da34a590e844"}]}, 0x678}, 0x1, 0x0, 0x0, 0x44010}, 0x0)
setns(r2, 0x0)
r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000002a80)={0x0, 0x0, &(0x7f0000002a40)={&(0x7f0000000880)={0x34, r5, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}]}, @ETHTOOL_A_LINKMODES_MASTER_SLAVE_CFG={0x5, 0x7, 0x7}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x4004000)
r6 = openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
sendfile$auto(r6, r6, 0x0, 0x1)
readv$auto(r0, &(0x7f0000000100)={&(0x7f0000000000)="be859631875f32dbb6b29fe49e9000bf58890388cf86cfbe054ffc15876be19dc198f057910b9561de17c6bf6aae731a667354fb7f6dad163ed76f8d938af19fd70d58639dec0976f0b8f647a9102120537672e56b63c0290910c92a3342d7249cfd74cd2bc91ef924842f942130da946ae0d273c1f2f0b6d87beda4a52e029bbdfabd29fa8535a4b248ecca9cc51392e27a0a1061f74447b81d07840fa934a25903e864be43bf87523a4cbadb7bfced464ccc2088b8fc6ff54d2c504455f2ad366a2ca1", 0xffff}, 0x0)

6.334943517s ago: executing program 4 (id=955):
mmap$auto(0x0, 0x2020005, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
open(0x0, 0x22240, 0x155)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/virtual/workqueue/nvme_tcp_wq/max_active\x00', 0x182b02, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
read$auto(0x3, 0x0, 0x8080)
write$auto(0x3, 0x0, 0xfdef)
sendmmsg$auto(0x3, 0x0, 0x200, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
migrate_pages$auto(0x0, 0x74, &(0x7f0000000780)=0x8000000000000001, &(0x7f00000007c0)=0x100)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb2, 0x403, 0x8000)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
mlock$auto(0xfbe8, 0x1000000000000004)
mlockall$auto(0x7)
ioctl$auto_FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bind$auto(0x3, 0x0, 0x68)
openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/bluetooth/hci1/hci1:200/power/runtime_suspended_time\x00', 0x4c5890bf88de7970, 0x0)
readv$auto(0x3, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400)
prctl$auto(0x4, 0x0, 0xffffffffffffffff, 0x1, 0x7)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x101, 0x7, 0xeb1, 0x3fd, 0x800007ffc)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
rmdir$auto(0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/system/cpu/cpuidle/available_governors\x00', 0x40000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000540)=""/113, 0x71)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)

6.116132829s ago: executing program 5 (id=956):
r0 = openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x60001, 0x0)
write$auto(r0, 0x0, 0x5) (async)
write$auto(r0, 0x0, 0x5)

5.832717548s ago: executing program 5 (id=958):
mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001)
mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0xf, 0x0)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
syz_clone(0x46948711, 0x0, 0x0, 0x0, 0x0, 0x0)

5.028389602s ago: executing program 5 (id=960):
r0 = socket(0x2, 0x1, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
getsockopt$auto(r0, 0x6, 0xa, 0x0, &(0x7f0000000040)=0x12)

3.829968025s ago: executing program 4 (id=963):
r0 = open(&(0x7f0000000000)='./file0\x00', 0x4a61c2, 0x84)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r0, 0x8000)
r1 = memfd_create$auto(0x0, 0x3f)
write$auto(0x3, 0x0, 0xfffffdef)
finit_module$auto(0x3, 0xfffffffffffffffe, 0x2)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r1, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
clone$auto(0x81000005, 0x6, 0xfffffffffffffffd, 0xffffffffffffffff, 0x80000001)
move_pages$auto(0x0, 0xd0, 0x0, 0x0, 0x0, 0x2)
madvise$auto(0x0, 0x200007, 0x19)
ioctl$auto_UI_DEV_CREATE(0xffffffffffffffff, 0x5501, 0x0)
r2 = openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000000), 0x40001, 0x0)
write$auto_kmsg_fops_printk(r2, 0x0, 0x0)
socket(0x10, 0x2, 0x45)
syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000080), 0xffffffffffffffff)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/netfilter/nf_log/6\x00', 0xa0202, 0x0)
msgrcv$auto(0x0, 0x0, 0x1000, 0x8000000000000000, 0xb5)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r4)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'wlan0\x00'})
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4000000)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4000000)
pipe$auto(0x0)
pipe$auto(0x0)
tee$auto(0x2000000000000, 0x3, 0x3ff, 0x9)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
socket(0x15, 0x5, 0x0)
socket(0x22, 0x2, 0x24)
socket(0x28, 0x5, 0x0)

3.649047776s ago: executing program 3 (id=964):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
adjtimex$auto(&(0x7f00000005c0)={0xf332b6e, 0x0, 0x0, 0x8, 0xd6, 0x7, 0x9, 0x0, 0x10001, 0x1, 0x2, {0x8}, 0x1, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000004, 0x83, 0xffffffffffff628e, 0xa747, 0x5, 0x1800}) (async)
adjtimex$auto(&(0x7f00000005c0)={0xf332b6e, 0x0, 0x0, 0x8, 0xd6, 0x7, 0x9, 0x0, 0x10001, 0x1, 0x2, {0x8}, 0x1, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000004, 0x83, 0xffffffffffff628e, 0xa747, 0x5, 0x1800})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/midi2\x00', 0x80001, 0x0)
openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/mountinfo\x00', 0x2, 0x0) (async)
openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/mountinfo\x00', 0x2, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
r1 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x101001, 0x0)
r2 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
execveat$auto(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
ioctl$auto_UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000040)={{0x0, 0xf2cf, 0x1ff, 0x4}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0x8}) (async)
ioctl$auto_UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000040)={{0x0, 0xf2cf, 0x1ff, 0x4}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0x8})
ioctl$auto_UI_DEV_CREATE(r1, 0x5501, 0x0) (async)
ioctl$auto_UI_DEV_CREATE(r1, 0x5501, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0) (async)
r3 = mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0)
mmap$auto(0x0, 0x2020009, 0xfffffffffffffffb, 0x12, 0xfffffffffffffffa, 0x8000)
msgget$auto(0xa, 0x77d9)
msgsnd$auto(0x7, &(0x7f0000000140)={0x6, 0x9}, 0x8001, 0x7)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
syz_open_procfs$namespace(0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x3, 0x73) (async)
socket(0xa, 0x3, 0x73)
socket(0xa, 0x801, 0x84)
clone$auto(0x20003b46, 0x1, 0x0, 0x0, 0x20000000020002)
getsockopt$auto(0x6, 0x84, 0x7b, 0x0, &(0x7f00000000c0)=0x10000)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)
ioctl$auto_PPPIOCSNPMODE(r3, 0x4008744b, &(0x7f0000000100)={0x9, 0x2})
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptyq9\x00', 0x1, 0x0) (async)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptyq9\x00', 0x1, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) (async)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) (async)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)

2.536148829s ago: executing program 4 (id=966):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000840), r0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
setgroups$auto(0xe32, 0x0)
madvise$auto(0x0, 0x200007, 0x16)
io_uring_setup$auto(0x1, 0x0)
mmap$auto(0x8, 0x400008, 0xdf, 0x111, 0x2, 0x8004)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop6\x00', 0x8081, 0x0)
ioctl$auto_SG_GET_RESERVED_SIZE(r1, 0x4c04, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = io_uring_setup$auto(0x406, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r3 = socket(0x2b, 0x2, 0x0)
bind$auto(r3, 0x0, 0x67)
mmap$auto(0x1, 0x5, 0xfffffffffffffe01, 0x8011, 0xffffffffffffffff, 0x8000)
madvise$auto(0x8, 0x8000000000000000, 0xcb1)
mremap$auto(0x0, 0x40, 0x7, 0x400, 0x1ffffffe)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0)
socket(0xa, 0x3, 0x3)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0)
r4 = openat$auto_fops_u64_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/x86/nmi_longest_ns\x00', 0x10000, 0x0)
tee$auto(r4, r2, 0x7, 0x9)
shutdown$auto(0x200000003, 0x2)

2.386898088s ago: executing program 7 (id=967):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x40, 0x0)
read$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffffff, &(0x7f00000000c0)=""/118, 0x76)
ioctl$sock_SIOCGIFINDEX(r0, 0x4605, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0)
mmap$auto(0x100000000, 0x2, 0xde, 0x9b72, r1, 0x28000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/thread-self/net/softnet_stat\x00', 0x101800, 0x0)
read$auto_proc_iter_file_ops_compat_inode(r2, &(0x7f0000000680)=""/227, 0xe3)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
mlockall$auto(0x7)
r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/swradio9\x00', 0xa0a01, 0x0)
poll$auto(&(0x7f0000000040)={r3, 0xfffa, 0x6}, 0x1, 0x80000001)
write$auto(0x3, 0x0, 0x7fffffff)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
signalfd4$auto(0xffffffff, 0x0, 0x8, 0x800)

1.63131644s ago: executing program 7 (id=968):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/037/001\x00', 0x111c01, 0x0)
ioctl$auto_USBDEVFS_REAPURBNDELAY(r0, 0x4008550d, &(0x7f0000000080)=&(0x7f0000000040)="019468f50290a759efc69ee2e312537b00817fbef1478d4add1e2ae545b86b2c2890540a5f")
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r1 = socket(0x28, 0x1, 0x0)
setsockopt$auto(r1, 0x28, 0x1, 0x0, 0x8)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
geteuid()

1.601519079s ago: executing program 3 (id=969):
r0 = openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000180), 0x2000, 0x0)
close_range$auto(0xffffffffffffffff, r0, 0x88)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000200)={{@inferred, 0x1, 0x1, 0x8, "3112d585005a614d19e22af9ffb683dbede3d0bf828bbfba40f035f4be6b7fe5e2f94bd90484b0755015e48d", @inferred=<r1=>0x0}, 0x2, 0x5, 0x4, @inferred, @integer={0x7, 0x5, 0x5}, "7a9fc199a16a2311eacf2fc7ae1da978dc3e8090334fdd73340238d212b6debe0eda71bdd70925450e24e87212f0bcab84a16f7ce8cbce0bb32777702b8d7c2d"})
sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x24048084}, 0x4004810)
rt_sigqueueinfo$auto(0x0, 0x4, &(0x7f0000000000)={@siginfo_0_0={0xf9, 0x14, 0x7e73, @_timer={0x0, 0x80000001, @sival_ptr=0x0, 0x5}}})
r2 = prctl$auto_PR_GET_SPECULATION_CTRL(0x34, 0x200, r1, 0x1, 0x4)
ioctl$auto_TIOCSETD2(r2, 0x5423, &(0x7f0000000380)="eb1c0fa08b72e663eac5f70f38f7d8cce716baf8ab0f03aa4cd7b1fff571b0ff7660c519f582f12407d38cbb11f503ee6edcd82b5e6b8f8f6d1d139277073c123721e3a20af29c244b02302fe6dc3cdd93034c5a977812cc41a681d699c5e310366901807a280a30a6ec287d065c2476548b11659f8e07dd6b833e32c14cfb4244b6d6d40353c2f013b41757ce37eb23185bc921d7bd754c8a4dbdf46cab832261ddd3d7158c2ce2a4220e51575543c8")
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000040), r3)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000640)={'wlan1\x00', <r6=>0x0})
sendmsg$auto_NETDEV_CMD_QSTATS_GET(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010329bd700001dcdf250c00000008000100", @ANYRES32=r6, @ANYBLOB="845b7546059375ccff279508000100", @ANYRES32=r6, @ANYBLOB], 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x20000000)
r7 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/udp6\x00', 0x40, 0x0)
pread64$auto(r7, &(0x7f0000000000)=' WI\x00\xc9\xdc\x84\x89\x8c', 0x101, 0x203)
epoll_ctl$auto_EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, r7, &(0x7f0000000080)={0x8, 0x1000})
r8 = socket(0x11, 0x3, 0x9)
sendmmsg$auto(r8, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200)='M', 0x21}, 0x5, &(0x7f0000000180), 0x5, 0xe}, 0x5}, 0x2, 0x100)

1.290775039s ago: executing program 3 (id=970):
r0 = openat$auto_proc_page_owner_threshold_(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r1 = getsockopt$auto_SO_RCVLOWAT(0xffffffffffffffff, 0x6, 0x12, &(0x7f0000000040)=',,-{:]+@\x00', &(0x7f0000000080)=0x9)
tee$auto(r0, r1, 0x2, 0x6)
setsockopt$auto_SO_PREFER_BUSY_POLL(r1, 0x3, 0x45, &(0x7f00000000c0)='\'$,^\'.]:\x00', 0x5b982329)
read$auto(r1, &(0x7f0000000100)='()#$\'\x00', 0x6)
ioctl$auto_XFS_IOC_ATTRMULTI_BY_HANDLE(r1, 0x4048587b, &(0x7f0000000500)={{<r2=>r0, &(0x7f0000000140)="a79fe3510467d7837575ab3b39d7bf90b569caad8f54f4de8fb4c830c65f2037", 0x7, &(0x7f0000000180)="2aea49751d267e0c2d74f2ee119d2cb1b9a162a97c772fc4826b21348876c6c42145b77fda8c3af272f43381f4648e6a7412cc2be35f4a5e27ff6f44a1fb321f2128de4ddf9e6812c22173d566c32ae2fd820f14ff791a79b63f53596b1f620ea3dff2d51794900b94257ef2b3a03369fc9338cde4bb3839c4cce9819b7ea84261659f39a7ac083c2d38578af56d83fe5e8c8d8f5c99c9da", 0x4, &(0x7f0000000240)="3618f8c242dcd09e99d6ca90db70a8430f566b461ed7269d14bd585a28f95201e3068a010e14889422842695e1bb5c164a7a53492ac05dc699f55ed8837c3799f5b2ae05631ed8ce4e50c28f8c7614ca78069f4e2366c4de9acef793a1383081274f424d4586d3d9612b9eb9dabfc5c47be74480d12c3fb2d44e85b5a38df7412e2a731af85cff4e1d54d3cb6195a2d4cee51d92d10d614dd246817ecf1c5282d9e740093c7dabdf5811e03394d5deb837762f", &(0x7f0000000300)=0xae6a}, 0x2, &(0x7f00000004c0)={0x2, 0xfffffffe, &(0x7f0000000340)="ab68bd88be2b122082758ab7fa9aaf8b91e59c4fdfa284db3131175a622bf1939afd003c784f677598b3e1e15b0d8591e43772a35110d9b7d57887a728c7b3766eeef0d06baec46aa76713c1fbeea6e8a873da293f9d73e7729e1f1bb7d8240c54d2d34c156b69830043f3f933002106438bff46268645370ef1451584155f86789cf22a4dc8d20fa3b4f971d92261b065bf6db5d80bd95f1e7c9c1e35b8d2b953964ea3fe0c0fae3f47304c346f86fb308ce8ca5e083aabee1472386b0f9f64a40ba319b1c32715a271f0b36ec4f3b61c66fc7a58445bc8cd0ae420dd87b04b2b5f714660699c083903dccb1685c36323665b7a50626178e43537fc07", &(0x7f0000000440)="33d830b842abcb9e08971f557c5dbe6d823234de844ddf70caa05c02c5aa6d8fe30d854a2bb953b55106149062b88a2a60d83bf9335c997846c378514af31d2ff8664bfb9d864f93e8cbd4f2a121de0606", 0xd2, 0x2}})
sendmsg$auto_VDPA_CMD_DEV_DEL(r2, &(0x7f0000000640)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x14, 0x0, 0x200, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40054}, 0x800)
read$auto(r0, &(0x7f0000000680)='()#$\'\x00', 0x8ab)
read$auto(r2, &(0x7f00000006c0)='/sys/kernel/debug/page_owner_stacks/count_threshold\x00', 0x3)
sendfile$auto(r0, r2, &(0x7f0000000700)=0x76, 0x7)
listmount$auto(&(0x7f0000000740)={0x9, @inferred=r2, 0x3, 0x8782, 0xe0b}, &(0x7f0000000780)=0xffff, 0x9, 0x1)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f00000007c0), 0x121000, 0x0)
futex_requeue$auto(&(0x7f0000000800)={0x5, 0xfff, 0x406}, 0x9, 0xc, 0x80000000)
futex_waitv$auto(&(0x7f0000000840)={0x9, 0x0, 0xd}, 0x81, 0x8, &(0x7f0000000880)={0x5, 0x7}, 0xf853)
futex_waitv$auto(&(0x7f00000008c0)={0xa0, 0x2, 0xad3}, 0x2, 0x1, &(0x7f0000000900)={0x25}, 0x1)
read$auto(r0, &(0x7f0000000940)='{\x00', 0x0)
sendmmsg$auto(r2, &(0x7f0000000b40)={{&(0x7f0000000980)="12b2d5a2fe3aa49931bbd607b0337dfe354f81ee8c5bb1fc37421a7f2bc4965660d089009b68cd86f2ad9e120c0e60b6c20f53f26148f4b6d3c9b98ae96056b1605f218d5160bfd206f1619f706c", 0x0, &(0x7f0000000ac0)={&(0x7f0000000a00)="3e9ae60a805a57b1fbcbb11e37c18d6ee7d2ffdea6a552f629bf5910ad7eb16f290bb38ade9d40d147175c531beaf2e10064ea24a993348707554adc37c4e7a536144f61f0c5333f4cbb22875bbc7717be71a5688caf0296f4ab7e0a6f37fde125913244930b04eec58e3e7b337968e17fcabef1d73833d4551c94cbec11040fe74d11b0aceebcd06c2f902063cd5e292b54a2654665681e766e2e6b46ada7e87a04c18a62443cb0e10ee97d6837b35868aba1639a270608bd", 0x7}, 0x0, &(0x7f0000000b00), 0x6, 0x7}, 0xfffffffc}, 0x9, 0x200000)
setsockopt$auto_SO_SNDBUFFORCE(0xffffffffffffffff, 0x1, 0x20, &(0x7f0000000b80)='(\xedO[\x00', 0x2)
r3 = openat$auto_fops_x16_ro_(0xffffffffffffff9c, &(0x7f0000000bc0)='/sys/kernel/debug/x86/boot_params/version\x00', 0x42081, 0x0)
r4 = io_uring_setup$auto(0x2, &(0x7f0000000c00)={0xf8c, 0x6, 0xfffffffa, 0x6, 0x0, 0x5, <r5=>r3, [0x2, 0x2, 0x993e], {0x8, 0x32, 0xe6, 0xffff, 0x1d, 0x2, 0x1, 0x40, 0x5}, {0x0, 0x5, 0x3, 0xffffff7f, 0x7ff, 0x8, 0xffff, 0xb, 0x66f4}})
futex_waitv$auto(&(0x7f0000000c80)={0x7f, 0x400, 0x6}, 0xffff, 0x5, &(0x7f0000000cc0)={0x7, 0xfffffffffffffff3}, 0x10000000)
write$auto_fops_atomic_t_ro_(r2, &(0x7f0000000d00)="31fc5b6d1ab786e6ce7711d8d8683f9bb9b362a91af65f38cd358cb5a9ffdd9295f2e627e794f3ccd251e720325a15e14023496f54fffe8431737a96e9e457e5068d48b289c6082ca3bb74c223cb8015661cccfcdb1fcf96f8832692585d7d8145186f64cda5c4965e56f4df5d94ef60f4b3ef4483aebd72092bb1353f2f835471d3e9e5f5ce737db1e05e39bb51fbe297f3721dff2c7ddb46321a4885c06f00b673fb526f8d9b165bbf4545d7", 0xad)
sendmsg$auto_SEG6_CMD_SETHMAC(r5, &(0x7f0000000e80)={&(0x7f0000000dc0), 0xc, &(0x7f0000000e40)={&(0x7f0000000e00)={0x24, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x1}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x20004810}, 0x4)
fsconfig$auto_SHMEM_HUGE_FORCE(r3, 0xffffffff, &(0x7f0000000ec0)='/dev/vhost-vsock\x00', &(0x7f0000000f00)="79114813b4c2bae652bd04f167ba11c697c3d3f43c9473e7ef1023729cb43b", 0xfffffffffffffffe)
write$auto_evm_xattr_ops_evm_secfs(r4, &(0x7f0000000f40)="c1d735b1261909c8037d9e5ab2d9920d31349b710ba7c9", 0x17)
ioctl$auto_USBDEVFS_RELEASE_PORT(r2, 0x80045519, &(0x7f0000000f80)=0x3)
shmctl$auto_SHM_STAT_ANY(0xf07, 0xf, &(0x7f0000001100)={{0x40, <r6=>0x0, 0xffffffffffffffff, 0x3, 0x7, 0x2, 0x99}, 0x5, 0xa3cd, 0x7, 0x1ff, @raw, @inferred=0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000fc0)="89db69a748f6f4dc1dcbc43575b023b0e3d7678c40b4c36d48bbbada5ef94403f643beaf4e445b1976791bf2ce85d661675fe942498a549cf720e8d524da3bad9be73726a37680858ecf7e3ef94a82e35555e427b4e947b40fa1636f75772e8ebf7fd352ab5209b59d5482c59101b510b218eb0991aafe927b1ddd94bc13519189d2c4a89a2ba8078186c30a8da1b529928d980162eaafa6b80f372be79ca1b6de01271d717b8ad73acbb1c04e5942fd19aa7360b46c3eabd5d295476578abf20a4af7233b7267258339b29d496e19f003a277d65a27c63f78d6ca", &(0x7f00000010c0)="46b6fae96264fb3e0a8d23e32829118d1e4f73d4abe9a88fac3b"})
r7 = semctl$auto_SETALL(0x0, 0x2c57, 0x11, 0x2)
r8 = semctl$auto_IPC_RMID(0x5, 0x8, 0x0, 0x7f)
shmctl$auto(0x2, 0x80, &(0x7f00000012c0)={{0x1, r6, 0xee00, 0x9, 0x9, 0x7ff, 0xfeff}, 0x3, 0x5, 0x3, 0x5, @inferred=r7, @inferred=r8, 0x3da, 0x0, &(0x7f0000001180)="8468e5e08fee89c67cbf225d0f4814", &(0x7f00000011c0)="6b94ac267f0e781a7ed94345c95c8b1add05f18b71e27bc11351d2e4f24f4f1fe3ba7aa2afd088d5a2a3d6acb525a595f876132892a1ae674ea1d41c5906ee72c64aef235d0395db7e1f41a9718c7eeba8ed936c7c179ec4fcd24d75c2952540b7916be739bb7ac1ba8cf389ad97a039bdf05cbdc8dac57e54d04729dc1567c73fb1915c6cf6452d14e27835b3e06c2c965c9b7f0f90a2b66c60b1a0ae9fcf198ec507b7680cb7d16069edf1ed7a7972a9fd4dad9382ac7cbba5d796ce6ceee269d5662cafa4c07e5cf0a76c5ca2dc3bcbd4c591b3cddc1bc39b67b8b044d9b92d958d56a857664fe745df34927db9e02d9838"})

1.25995501s ago: executing program 7 (id=971):
mmap$auto(0x400000000000, 0x2000b, 0x0, 0xeb2, 0x401, 0x8000)
listxattrat$auto(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', 0x1000, 0x0, 0x9)
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x4000000000000, 0x2, 0xe2, 0xeb1, 0x405, 0x0)
setrlimit$auto(0x1000000007, 0x0)
recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x1, 0x0, 0x5, 0x0, 0x200002, 0x8}, 0x803}, 0x2f1, 0xf, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ram3\x00', 0x8001, 0x0)
writev$auto(0x3, &(0x7f0000000100)={&(0x7f0000000040), 0x7111}, 0x8)
dup$auto(0x1)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x1, 0x7, 0x4000000000df, 0xeb1, 0x401, 0xfffffffffffff5ee)
lgetxattr$auto(0xfffffffffffffffd, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x8)
r1 = socket(0xa, 0x5, 0x0)
mount$auto(&(0x7f0000000040), &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfs\x00\x00X\xca\xd8\xce\xc1\xfc\x9f\x9f?o;\xf7\xdf\x9f\x11\xc5\xea\xd9', 0x8, 0x0)
getsockopt$auto(r1, 0x84, 0xc, 0x0, &(0x7f0000000080)=0x9c8)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0xfffff4a4, 0x0, 0xfffffffffffffffd)
r3 = openat$auto_nsim_nexthop_bucket_activity_fops_fib(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/fib/nexthop_bucket_activity\x00', 0x1, 0x0)
write$auto(r3, 0x0, 0x0)
syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000040), 0xffffffffffffffff)
r4 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/psaux\x00', 0x800, 0x0)
readv$auto(r4, &(0x7f00000000c0)={0x0, 0x5}, 0x5)
sendmsg$auto_BATADV_CMD_GET_ROUTING_ALGOS(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x8050}, 0x4000004)
r5 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
ioctl$auto(r0, 0x5600, r5)

1.111076105s ago: executing program 7 (id=972):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/apparmor/parameters/logsyscall\x00', 0x20a42, 0x0)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006)
wait4$auto(r0, 0x0, 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0x7, 0xeb1, 0xffffffffffffffff, 0x8000)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r1 = socket(0x29, 0x2, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r2 = io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x55)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r3 = prctl$auto_PR_GET_TID_ADDRESS(0x28, 0x7fff, 0x0, 0x5, 0x7)
ioctl$auto(r2, 0x80026f47, r3)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
r4 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000)
recvmmsg$auto(r4, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0)
ioctl$auto(r1, 0x89f2, 0x24)
r5 = socket(0x2a, 0x2, 0x1)
connect$auto(r5, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0xfffffffe}, 0x55)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000)
sendmsg$auto_MACSEC_CMD_ADD_RXSA(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x2cb8}, 0x1, 0x0, 0x0, 0x40}, 0x2404c084)
r6 = socket(0x1e, 0x1, 0x0)
getsockname$auto(r6, &(0x7f0000000000), &(0x7f0000000040)=0x5)
close_range$auto(0x2, 0xa, 0x0)

980.104997ms ago: executing program 3 (id=973):
mmap$auto(0x0, 0x4020009, 0x6, 0xeb5, 0x401, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
mmap$auto(0x0, 0xffe, 0xffb, 0x8000000008011, 0x3, 0x0)
madvise$auto(0x0, 0xff, 0x15)
ioctl$auto_UDMABUF_CREATE(0xffffffffffffffff, 0x40187542, &(0x7f0000000380)={<r2=>r1, 0x8001, 0x8, 0xd7f})
ioctl$auto_XFS_IOC_OPEN_BY_HANDLE(r2, 0xc038586b, &(0x7f0000000180)={r0, &(0x7f00000000c0)="e79cdaaa37b12ed2f2590264fce42c9b7b164137", 0x401, &(0x7f0000000280)="5a2490cfb744cd5d66440600835d06defad0fa4a066f9f41fb98c5ecf354e4e6a7f70d758e917156f1b7c18b4c8b2750032890879e47203ab07d78202ed5c44def71e1858c4568cd7d2b0945b1b59e62be84a993d79ad7e33552b9d2a1489b394ef314346dba186be7a921f995858f5a6cf758d8c90f618aac9d02193f9dccbc7a9ab8380923b48e97b29a149af7043a332749be3a205aac7841db8611530f90af357600"/173, 0x2b0, &(0x7f0000000240)="a3d53eed0510556a05ba72a9802faaf9e44a8b61a2c4a4ec931dff2a0a28e21a3c9b", &(0x7f00000001c0)=0x4})
mmap$auto(0x336f, 0x1004000e983, 0x759b0556, 0x8db, 0x401, 0xfffffffffffffffd)
r3 = socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x400008, 0xe0, 0x9b70, 0x2, 0x0)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x48041, 0x0)
write$auto(r4, 0x0, 0x6)
recvmmsg$auto(r3, 0x0, 0xfffffff9, 0x10, 0x0)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
msync$auto(0xffffffff80000000, 0x1000000000100001, 0x0)
read$auto(r5, 0x0, 0xe8)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b7e, 0x2, 0x8000)
r6 = socket(0xa, 0x3, 0x3b)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x11, 0x80003, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000300)={'geneve1\x00', <r7=>0x0})
sendto$auto(0x3, 0x0, 0x13, 0xfffffff9, &(0x7f0000000440)=@xdp={0x2c, 0xdd86, r7, 0x10, 0x1000000}, 0x22)
open$auto(&(0x7f0000000140)='./file0\x00', 0x1, 0x81)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NBD_CMD_CONNECT(r8, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000003c0)=ANY=[@ANYRESDEC=r3, @ANYRES32=r5, @ANYRESOCT=r7], 0x30}, 0x1, 0x0, 0x0, 0x40080}, 0x4040010)
r9 = socket(0xa, 0x1, 0x0)
bind$auto(r9, &(0x7f0000000040)=@generic={0x27, "62ed47dc6a4e0d734de31a993580"}, 0x6a)

704.822272ms ago: executing program 3 (id=974):
ioctl$auto_XFS_IOC_FREESP(0xffffffffffffffff, 0x4030580b, &(0x7f0000000000)={0x5, 0x1, 0x1, 0x9, 0x41, 0xffffffffffffffff}) (async)
ioctl$auto_XFS_IOC_FREESP(0xffffffffffffffff, 0x4030580b, &(0x7f0000000000)={0x5, 0x1, 0x1, 0x9, 0x41, <r0=>0xffffffffffffffff})
prlimit64$auto(r0, 0x5, &(0x7f00000000c0)={0x40, 0x6}, &(0x7f00000001c0)={0xffffffffffffff00, 0xa1a5}) (async)
prlimit64$auto(r0, 0x5, &(0x7f00000000c0)={0x40, 0x6}, &(0x7f00000001c0)={0xffffffffffffff00, 0xa1a5})
alarm$auto(0x2)
alarm$auto(0x80000000)
bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_4={0xb, 0xff00, 0x6, 0x9}, 0x6f4)
open_by_handle_at$auto(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x6}, 0x3)
r1 = socket(0x25, 0x5, 0xaee)
sendmmsg$auto(r1, &(0x7f0000000400)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000440)="661b0cbd4aeb2ca218", 0x49}, 0x1, &(0x7f0000000200), 0x5, 0x3}, 0x5}, 0x2, 0x100)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/fs/ocfs2/max_locking_protocol\x00', 0x80000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000340)=""/171, 0xab) (async)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000340)=""/171, 0xab)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$auto_hwsim_fops_group_(0xffffffffffffff9c, &(0x7f0000003000)='/sys/kernel/debug/ieee80211/phy0/hwsim/group\x00', 0xa00, 0x0)
read$auto(r3, &(0x7f0000003040)='veth1_to_team\x00', 0x9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/pci0000:00/QEMU0002:00/power/runtime_active_time\x00', 0x0, 0x0)

430.804761ms ago: executing program 3 (id=975):
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) (async)
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100)
rseq$auto(&(0x7f0000000080)={0x9, 0x8, 0x0, 0x7, 0xffffffff, 0x2}, 0x7ffd, 0xfffffff4, 0x8)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
open(0x0, 0xeb0b01, 0x1cc) (async)
open(0x0, 0xeb0b01, 0x1cc)
gettid()
ioprio_set$auto(0x2, 0x800000000, 0x8)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100)
lsm_list_modules$auto(&(0x7f0000000040)=0x7, &(0x7f00000001c0)=0xa42, 0xfffffff7)
write$auto(r0, &(0x7f0000000140)='\x00', 0x5)
rt_sigtimedwait$auto(0x0, 0x0, 0x0, 0x8)
write$auto(0x3, 0x0, 0x100082)
open(0x0, 0x161342, 0x100)
mmap$auto(0x0, 0xc, 0xbc5, 0x13, 0x3, 0x8000) (async)
mmap$auto(0x0, 0xc, 0xbc5, 0x13, 0x3, 0x8000)
writev$auto(0x1, 0x0, 0x1) (async)
writev$auto(0x1, 0x0, 0x1)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/module/usb_storage/parameters/delay_use\x00', 0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000000c0)=""/40, 0x28)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
clone$auto(0x7, 0x7fffffffffffffff, 0xffffffffffffffff, 0x0, 0xfffffffffffffffd) (async)
clone$auto(0x7, 0x7fffffffffffffff, 0xffffffffffffffff, 0x0, 0xfffffffffffffffd)
io_uring_register$auto(r1, 0x0, &(0x7f0000000040), 0x5) (async)
io_uring_register$auto(r1, 0x0, &(0x7f0000000040), 0x5)
io_uring_register$auto(0x2, 0x9, 0x0, 0x0)
getsockname$auto(0xffffffffffffffff, 0x0, &(0x7f0000000280)=0xaea)
mq_open$auto(&(0x7f0000000080)='!\x00', 0x76d0, 0x101, &(0x7f0000000100)={0x7, 0x8, 0x7fffffffffffffff, 0x5b}) (async)
mq_open$auto(&(0x7f0000000080)='!\x00', 0x76d0, 0x101, &(0x7f0000000100)={0x7, 0x8, 0x7fffffffffffffff, 0x5b})
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)

239.05679ms ago: executing program 7 (id=976):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = prctl$auto(0x17, 0x10000000000001, 0x0, 0xfffff7ffffffffff, 0x8)
r2 = prctl$auto_PR_GET_SHADOW_STACK_STATUS(0x4a, 0xfffffffffffffd4c, 0xffffffffffffffff, 0x7b, 0x6)
syz_clone3(&(0x7f0000001180)={0x8a200080, 0x0, 0x0, 0x0, {0x19}, 0x0, 0x0, 0x0, 0x0, 0x0, {r2}}, 0x58)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r3 = timerfd_create$auto(0x9, 0x0)
timerfd_gettime$auto(r3, &(0x7f0000000080)={{0x1, 0xc8}, {0x7, 0x1}})
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r1)
sendmsg$auto_NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f00000008c0)={0x678, r4, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}, @NL80211_ATTR_IE={0x616, 0x2a, "fa09c008946282c5a8ff5ed6789cb2f998291b113a39d580d015c5caa1fdb0a70b8ae6756a72fb288085b235bc5c70f66fc1f3705e7f8c8831aba014eba5a45ae3b3c272073b43d98cf9e032cdc5e18af5f95a4fbaf5b7d23002d65c6c5d21dc1ee43136b4a1bf25f8c0fe62faacce5b977266bff774cbbe529e3620bb8b7a935eaa42d4ed5e0096c2ea9c63efc4cf7a2af36132501fe1fc69088ce08dec4be93e4bc178b2d6e4edeb712695714940bb49c9c88fd81abc3be389c7a2edf3d216e1aaf10ad0d033e22d647f32cea70617b1f328488460e5f1a067e8ea51e2d552266cdba0b72b39af81a8f72e55ddef21654635c7fee61713b9e7f75bc6ba4ef1e367819109fc5976a6e5664b22a70a0366ee7e7e56b777b3c0e450ee7e8a2b3c0031b8011f29bfba7236db18ec89d94b3923a5aa7f08b15475c953623a97a59d1bfe44a305b1018ec965fe7f21358569186849f4fa666d1f903f98c4d15dc5a0e37ffce31e40c576d87ffeebe3d83fbe9db7d588c7bf3720040f86becca81fe8c20ac6613f6521e2fd290dc4b3467c1a6a6b03a671da6877877ae0e40cffe5f0cea066469eb3e00b0579d1b613cfc470863bc08ea37bf5dd1170a0bab7a123d526299b3b51ca0b73145f776b471cf56dd4dc681a045605d895755149ce93bb99fa2cfd39aa7ba42caabe6e6dfafa1677ac2a55405efaebc001bbf4b209d1dadc67b2125650b6e38608071448a01bacfb284e94236ffe9b75bd5d4471555aa3d000b186dfba5d89cfc22a180ebcf235541177c27c56ccf2886527eaed00276df3bb008c27fe095ea6feb2e5f0ce0e0829d79243d268fb277e798185b6b4f9507f73d971dd567c2c161eef15116184575ecaff90371cf4c1968b9e49a0e8947f4a49842c3ffac3e8b7a6b645431b3d9f8fa9b57b25e0cbed538e9e3df96958a05fcd2dde0ae1b5b4f47067adada9ee89dae929ef203c5686110ddcd63e1335abe255b771743063a1ed9e10d29b6785fdba478ce993b01d895d114b8033f6c2af531817b0567805ecc7c232d9400d9d0ee58c5b5e4d588b770e35369efb5a46e455c26da2071743e7d731285165fb498d23a62f42ea700cf2c710cfa9013c72328ea6195864f3a3e1c8da3c9012195b7255c429fa0b3f9f4e2a36ab156af191455cc0ec1879a88f7c73315c553fcbef49d339f0c88b0e151d188df60eabaa1c00eb9158234ccec272cd64dfcca75dbffdb66ef257c894ce30edfb6ede949b8dc1588f8200b060dcae33cc66b63629c2dfb96eee2eac47ac175d81f9197fdac0daba8eee5980d7e25ab6b88d1d5f2eeec1b9c81621d9714fd44434082b7e0b6f8f6d59e60c0e6101cc5f900cc7b91653f448992a4039346783a5fc25cf9f43866ebfc40eee28f8d2ff86861e0f337973dc1abf1bbd2230e17d7442a316e63ff28ddc86f2a2fd0138967d8806edb2cb1fb66b9082fc45830c21f948d2e308071e1eb34d426b93b57c7f0727873bf11d31df066a0f335cbbf87b763e2c855ea6d4f46c82c162a487e4ccf8e8a5180f650808f186152d7773934f7d2f250f5e11a5ccb0854c471841f19c261fa13faec75618283a267c934a69382f2ba85021020190fe68f5d112251e9ef217147d9a87d1e1d2cf51fe577d5265135ab753b75e97b59abafb152cb6a653151066eae78ee2eab14dd1c0c17cfe60d3383e43d1587f6e34933af478559d66f3344a198d0263cd596cea1d2803229757fddaacb04e969d3dcdc66a3bfc1c1e295c4268eadde21618754034cff4e5258e24c417788b1ad3aa479e259fd8e4d6eddbef50bfd4c9cd77057613de53884aa4595e4501e776020c2302f72ca824f9c00a1a6d4a8e05d8664036d51bb03fd99052a7ba32b3cd85f71d1b65ac62a7bf3ea8176d93fcb4b981c8e10eba30fef3012f87a173554a5dcb5f281d44ba5b6b81a6808b0aa89ec973e0c737b72433b9adf5c9a37b20fae4bf41928a6f362c32136cbbba697d74575427620011b17448d59d2c7f6e2ccc2da2bee8cba7e7f9c59670b0f61fa7a76aef8b82862342d3bfe00c1e1294048ece7c0a711e8f84eeccc5b205e6a1915535dc26ea028946868b626112deb41ac3bb5cdb6d9b7d05b15664bdb411d5722e500c2cfb72b2e8137aa02375c242abb79ca406cec00bb14e9cde1b422346674dd39cc169"}, @NL80211_ATTR_MNTR_FLAGS={0x9, 0x17, "f6076d5b2f"}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'ip6erspan0\x00'}, @NL80211_ATTR_WIPHY_FREQ_HINT={0x8, 0xc9, 0x5}, @NL80211_ATTR_SAE_PASSWORD={0x1e, 0x115, "caf5e5d9bab0d1fcc59d742f5ecdedb0c560af61da34a590e844"}]}, 0x678}, 0x1, 0x0, 0x0, 0x44010}, 0x0)
setns(r2, 0x0)
r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000002a80)={0x0, 0x0, &(0x7f0000002a40)={&(0x7f0000000880)={0x34, r5, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}]}, @ETHTOOL_A_LINKMODES_MASTER_SLAVE_CFG={0x5, 0x7, 0x7}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x4004000)
r6 = openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
sendfile$auto(r6, r6, 0x0, 0x1)
readv$auto(r0, &(0x7f0000000100)={&(0x7f0000000000)="be859631875f32dbb6b29fe49e9000bf58890388cf86cfbe054ffc15876be19dc198f057910b9561de17c6bf6aae731a667354fb7f6dad163ed76f8d938af19fd70d58639dec0976f0b8f647a9102120537672e56b63c0290910c92a3342d7249cfd74cd2bc91ef924842f942130da946ae0d273c1f2f0b6d87beda4a52e029bbdfabd29fa8535a4b248ecca9cc51392e27a0a1061f74447b81d07840fa934a25903e864be43bf87523a4cbadb7bfced464ccc2088b8fc6ff54d2c504455f2ad366a2ca1", 0xffff}, 0x0)

0s ago: executing program 7 (id=977):
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
fsopen$auto(0x0, 0x7) (async)
r1 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000000), 0xc0040, 0x0)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000040)={0x4, "87fe7b014077e08701ee88c6923077b8542c55f8c30ccb575540f50c0a515ca3", @inferred=r1}) (async)
r2 = openat$auto_sync_info_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0)
read$auto(r2, &(0x7f00000005c0)='mH\xc2\xcf\x18\xd1\x9cx\x1b\x8a\x8f;*\xe0\x87XW\x8d}c$\'\xcb\x99;\x91F\x8a]\xa3\xa8\x98\xb5\xca\xc9\x854\xcb,\x83LS\xbe\xe0\r\x115r\vM\xba\f\x02rg\x16[\x1d\x1b:>\xbd\x85C\xdfr\x066T\xe29z\xc9\xc1)\xaa\xdaI\xa2$$Y\xa3\xe8-\x8f\xd3\xed\xbfdO\x9f!\\\xb2\xbe\xce\xac\xc3\xdc\xc0|\xf3\'*\x7f \a]x\xb93\x1e{<\xc07\xa3\xce\xe1dg\x14\xe6\xd15\xb7\xd1bQA\xfc\xe4X\xd6:\xc3\xd4\xc9t\xf7A\xdcY\xf9+h\x8f4\x97UV\xeb<\xdf\xa3Q\x83\x80~\x1f\xc4\xac@\xa9\xcde=}\"\xdf\xc5H\xf4l\x03h7\xb4\xc9r\xfe\xda\xcb\xfc\xe9\xb7O\xc2-\xd8[|\xcb\x04E:\xddR\"\xbfs\x0ePq?\x89\x84\xdd\x1fC\xe0i\x82\xb3\xa3]\xb3\xbe\xb3\x92\xf0\x96\a\\OW\xe2\xc2\xdbJ\x93na\xf8X?\x9bM\x8e5^\x8d[\xf8\xd9#sfI?\xc7\x10\x9c\x87\xd3\xfe\x8b\x03 \xfeH\x97\xe8<\xea\xc0\xdb\xfc-\x8fT\xe7:\x17\r\xf3yJ\xd3zG\xee\xa5X3\xdcr\x0e\xa3#\xc3<\x91\x99\xfdm8z\xf3\x88\xf6\x13\x89RC\r\x84\xd5\x82\x97r|\xe0fX\xbc\xcd\xe0p$\x0fe\x11\xc3s_\x00~\x88\x9c\xcbn\xcd\xd1N\xec\xc4D\x18\xf2\\\x89|Y\x12\x8d\xc1\xde\\\x83\xcb\x9a\xa6\tX\x96\xb1\xb7\xd3=\x11e\x1a\xa4\xa9\x8b\xfcR6m\x18 \x99D\xe9\x91\x87\xc9^\xc9\xe9\xb6\\{\xa2\x81y\xd4ST\xfcB\b\xe8\x8aQD\xf4\x98\xf8\xfbKE\xb3\xce&L\xf6v\x8a%Ou\x15\xe7\xc05U\x00\x00\x00\x00', 0x3) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r4 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff) (rerun: 32)
sendmsg$auto_CTRL_CMD_GETPOLICY(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000580)={0x1c, r4, 0x301, 0x70b52c, 0x25dfdbfb, {}, [@CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x17}]}, 0x1c}, 0x1, 0x0, 0x0, 0x400c01d}, 0x0)
r5 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000080), r3)
sendmsg$auto_MACSEC_CMD_UPD_TXSA(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="01002dbd7000fbdbdf250600000008000100", @ANYRES32=0x0, @ANYBLOB="fb1c46b2a068f8c2ca6c585991a3a6286432f2cf70f51312fedd43c3b253b18d5529a56b36952b22969992761bfeccc98480a4fa58d7887076cb39252a384d0ae1e2d48ad05c16c268f4e9a8e67e56cadf6ba6efbcdd"], 0x1c}, 0x1, 0x0, 0x0, 0x4008000}, 0x400c8d4) (async)
unshare$auto(0x40000080)
r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_DEBUG_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2c000000ef1cbeab682c6c99ba30c618a5010cdb70d6c41de56fc5f8140805bcf262b99d1516d90f045a1dba67ba54644e224e2a94970140", @ANYRES16=r6, @ANYBLOB="010029bd7000fddbdf25070000001800018014000200776c616e3100"/38], 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/afs/sysname\x00', 0xaa102, 0x0)
r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/system/cpu/cpu1/hotplug/target\x00', 0x800, 0x0)
read$auto(r7, 0x0, 0x6) (async, rerun: 64)
r8 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) (rerun: 64)
writev$auto(r8, &(0x7f0000000200)={0x0, 0x7}, 0x3) (async)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x7)
r9 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$auto(r9, 0x8d, r9) (async)
mmap$auto(0x3ff, 0x2020008, 0x1008, 0x11, 0xffffffffffffffff, 0x59f)
bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0xa, 0xb5, 0x10, 0x4, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", <r10=>0x0, 0xffffffffffffffff, 0x5, 0x7, 0x7, 0x6}, 0x10)
bpf$auto(0x19, &(0x7f0000000380)=@link_create={@prog_fd, @target_ifindex=r10, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x92)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x6, 0x401) (async)
mbind$auto(0x0, 0xfa9d, 0x8001, &(0x7f0000000300)=0xc9e, 0x400, 0x1) (async, rerun: 32)
unshare$auto(0x40000080) (rerun: 32)

kernel console output (not intermixed with test programs):

96kB (M) = 15360kB
[  151.557962][ T7226] Node 0 DMA32: 4069*4kB (ME) 452*8kB (UME) 422*16kB (ME) 463*32kB (UME) 389*64kB (UME) 227*128kB (ME) 144*256kB (ME) 47*512kB (ME) 8*1024kB (UME) 2*2048kB (UM) 216*4096kB (UME) = 1053364kB
[  151.607964][ T7226] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  151.638342][ T7226] Node 1 Normal: 231*4kB (UME) 53*8kB (UME) 14*16kB (UME) 196*32kB (UME) 100*64kB (UME) 35*128kB (UME) 16*256kB (UME) 9*512kB (UM) 5*1024kB (UM) 5*2048kB (UME) 942*4096kB (M) = 3901220kB
[  151.673558][ T7226] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  151.693655][ T7226] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  151.713614][ T7226] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  151.738996][ T7186] team0: Port device team_slave_0 added
[  151.744558][ T7226] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  151.764894][ T7226] 126624 total pagecache pages
[  151.767229][ T7186] team0: Port device team_slave_1 added
[  151.780505][ T7226] 1 pages in swap cache
[  151.784714][ T7226] Free swap  = 124868kB
[  151.804559][ T7226] Total swap = 124996kB
[  151.814696][ T7226] 2097051 pages RAM
[  151.828615][ T7226] 0 pages HighMem/MovableOnly
[  151.833355][ T7226] 428512 pages reserved
[  151.837576][ T7226] 0 pages cma reserved
[  151.944887][ T7186] batman_adv: batadv0: Adding interface: batadv_slave_0
[  151.971315][ T7186] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  152.037489][ T7186] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  152.069332][ T7186] batman_adv: batadv0: Adding interface: batadv_slave_1
[  152.076330][ T7186] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  152.147056][ T7186] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active

	

	
		






	
	
	
	
	

	

	
				
	
		


	
			

			

			

			

	
	
	
	

	
		

	
		

	
		

		
		

		
	
	

	
		
		

		
	
	


	
		


	

	
		

	

	


	


	
















	

	






		

	
	

















	

	






		

	
	

















	

	






		

	
	

	
	





	

	




















	

	






		

	
	

















	

	






		

	
	

















	

	






		

	
	

















	

	






		

	
	






	

	




			
	
			
	
			
	
			
	
	

	
		
	

	
	
	
	
	
	

	
	
	
	
	
	

	
	
	
	
	
	

	
	
	
	
	
	

	
	
	
	
	


				


			


				


			
	

		

	

	

		

			
	

	
	

	
	

	
	

	
	

	
	

	
	

	
	

	
	

	
	

	

	

	

	

	
	

	
	

	
	

	
	

	

	
	
		

	
				
	
	



	

	
	

	
		

	
				
	
	
	
	
		
	
	

	

	
				
	
		


	
	

	
		
	

	
		
			

			
			
		


	


	


	
	

	
	

	
	

	
	

	
	

	

	
				
	
	



	

		

	
	

	
	

	
	

	
	

	
	

	
	

	
		
	

	
	

	
	

	
	

	
	

	
	

	
	

	
	

	
	

	
	

	
	

	
		
	

	
		
	

	
	

	
	

	
	

	
	

	


		



		



	




	


	

	
		


	
	
	

	
	

	
	

	
	

	
	

	
	

	
		
	
	
	
	
	
	
	



	
	

	

	





	

		


	
	

	
		
	

	
		
	


	
	
	

	

	

	
		
	

	
		
	

	
		
	
		
	

	

	

	
		
	

	

	
		


		
		

			
		

	
		

	


	
	

		
	
		
	




			








	


	
	


	




	











	








	




	






		










		

	

	
		

	
		

	


	
	

		
	
		
	




			








	


	
	


	








				

				
			
			
		



	


	


			

		


















	



	










	




	






		












	

	
		



	

	
	
	
	
	
	

		
	




		
		

	

	
		
		
		


	

	

	
	
		
		

		
		


	

	

	
	


	
	


		
	
	


	
	


		
	
	

	




	









		









	



	
	






			
	

		

	





		



	
		

	






		









	



	
	






			
	

		

	





		



	
		

	

	

	
		






	
	
	
			

			

			

			

			
	
	

	
		

	
		

		
		

		
	
	

		
		

		
	
	


	
		



	
	

	

	


	


	
















	

	






		

	
	

















	

	






		

	
	

















	

	






		

	
	

















	

	






		

	
	






	

	




















	

	






		

	
	

















	

	






		

	
	

















	

	






		

	
	

















	

	






		

	
	

















	

	






		

	
	






	

	




			
	
			
	
			
	
			
	


				


			


				


			
	
	

	
		

	


	
	

		
	
		
	




			








	


	
	




	





	













	


	






	




	





		









	
			




	
	

	
		

	


	
	

		
	
		
	




			








	


	
	

	



	




		

	



		

		
		



	


	


			

		


















	










	





	







		












	
	

	

	
				
	
		


	
	

	
		
		


			
	
	

	
	
	
	

	
	

	
		

	


		

		
	
		
	




			








	


	





	




	



	




	

	












	






	









		















	

	
		
	

	
		
			

			



	

	
			

		
	

	
			








































































	
	

	

	
				
	
		


	

	
		

	


	
	

		
	
		
	




			








	


	
	

		

	



		



		



		


	


	




	




		

	



	










	





	








		













	
			




	
			





	
			



	

	
		

	


	

	

		
	
		
	




			








	

	

	









		




	




	



	

		
	
	











	

	

	

	


	

	
	
	
	
		

	



	


	
		

	




	


	
		
	
		
	
		
	
		


	
	
		
	

		
	

	

	
	






	






	








		












		



	
		
	
	






	
	

	

	
				
	
		


	

	
		
	

	




	
				
	
	
	
	
	
	

	
				
	
	



	
			

	
				
	
	





	


		
	

	
		




	
	

	

	
		

		
	
	
	

	

	
	
	
	
	
	
	

	
		
		




	

	
		

		
	


	
				
	
	



	
			

	
		

	


	
	

		
	
		
	




			








	


	
	


	




		




	





	


		
	
	


	


















	




	







		










	

	
		

syzkaller
syzkaller login: [  266.875432][ T9080] zram: Added device: zram1
[  267.386823][ T5845] Bluetooth: hci4: unexpected event 0x02 length: 726 > 260
[  268.276123][ T9098] Format for deleting device is "id" (uint).
[  269.017194][ T9103] netlink: 342 bytes leftover after parsing attributes in process `syz.3.694'.
[  270.561964][ T9106] FAULT_INJECTION: forcing a failure.
[  270.561964][ T9106] name failslab, interval 1, probability 0, space 0, times 0
[  270.577418][ T9106] CPU: 1 UID: 0 PID: 9106 Comm: syz.3.696 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[  270.577445][ T9106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  270.577460][ T9106] Call Trace:
[  270.577467][ T9106]  <TASK>
[  270.577477][ T9106]  dump_stack_lvl+0x16c/0x1f0
[  270.577514][ T9106]  should_fail_ex+0x50a/0x650
[  270.577551][ T9106]  ? fs_reclaim_acquire+0xae/0x150
[  270.577583][ T9106]  ? lsm_blob_alloc+0x68/0x90
[  270.577616][ T9106]  should_failslab+0xc2/0x120
[  270.577639][ T9106]  __kmalloc_noprof+0xcb/0x510
[  270.577681][ T9106]  lsm_blob_alloc+0x68/0x90
[  270.577718][ T9106]  security_sk_alloc+0x30/0x270
[  270.577746][ T9106]  sk_prot_alloc+0x1c7/0x2a0
[  270.577775][ T9106]  sk_alloc+0x36/0xc20
[  270.577809][ T9106]  __netlink_create+0x5e/0x2c0
[  270.577840][ T9106]  __netlink_kernel_create+0xee/0x750
[  270.577879][ T9106]  ? __pfx___netlink_kernel_create+0x10/0x10
[  270.577918][ T9106]  uevent_net_init+0xf9/0x360
[  270.577951][ T9106]  ? __pfx_uevent_net_init+0x10/0x10
[  270.577984][ T9106]  ? __pfx_uevent_net_rcv+0x10/0x10
[  270.578029][ T9106]  ? __pfx_uevent_net_init+0x10/0x10
[  270.578062][ T9106]  ops_init+0x1df/0x5f0
[  270.578101][ T9106]  setup_net+0x21f/0x860
[  270.578139][ T9106]  ? __pfx_setup_net+0x10/0x10
[  270.578172][ T9106]  ? down_read_killable+0xcc/0x380
[  270.578203][ T9106]  ? __pfx_down_read_killable+0x10/0x10
[  270.578231][ T9106]  ? __raw_spin_lock_init+0x3a/0x110
[  270.578256][ T9106]  ? debug_mutex_init+0x37/0x70
[  270.578286][ T9106]  copy_net_ns+0x2a6/0x5f0
[  270.578313][ T9106]  create_new_namespaces+0x3ea/0xad0
[  270.578368][ T9106]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  270.578412][ T9106]  ksys_unshare+0x45d/0xa40
[  270.578439][ T9106]  ? __pfx_ksys_unshare+0x10/0x10
[  270.578463][ T9106]  ? xfd_validate_state+0x5d/0x180
[  270.578508][ T9106]  __x64_sys_unshare+0x31/0x40
[  270.578533][ T9106]  do_syscall_64+0xcd/0x250
[  270.578567][ T9106]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  270.578599][ T9106] RIP: 0033:0x7f48fa98d169
[  270.578618][ T9106] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  270.578639][ T9106] RSP: 002b:00007f48fb72e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  270.578662][ T9106] RAX: ffffffffffffffda RBX: 00007f48faba5fa0 RCX: 00007f48fa98d169
[  270.578678][ T9106] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  270.578693][ T9106] RBP: 00007f48faa0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  270.578707][ T9106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  270.578720][ T9106] R13: 0000000000000000 R14: 00007f48faba5fa0 R15: 00007ffcaab10578
[  270.578753][ T9106]  </TASK>
[  270.907417][ T9106] kobject_uevent: unable to create netlink socket!
[  275.544102][ T5835] Process accounting paused
[  276.315387][ T5841] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  276.327654][ T5841] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  276.339626][ T5841] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  276.370527][ T5841] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  276.395437][ T5841] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  276.409677][ T5841] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  277.126392][ T9180] chnl_net:caif_netlink_parms(): no params data found
[  277.198152][ T9202] netlink: 8 bytes leftover after parsing attributes in process `syz.4.720'.
[  277.552827][ T9180] bridge0: port 1(bridge_slave_0) entered blocking state
[  277.569095][ T9180] bridge0: port 1(bridge_slave_0) entered disabled state
[  277.586574][ T9180] bridge_slave_0: entered allmulticast mode
[  277.599103][ T9180] bridge_slave_0: entered promiscuous mode
[  277.629282][ T9180] bridge0: port 2(bridge_slave_1) entered blocking state
[  277.648364][ T9180] bridge0: port 2(bridge_slave_1) entered disabled state
[  277.657069][ T9180] bridge_slave_1: entered allmulticast mode
[  277.679162][ T9180] bridge_slave_1: entered promiscuous mode
[  277.779079][ T9180] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  277.839296][ T9180] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  277.964412][ T9180] team0: Port device team_slave_0 added
[  278.023549][ T9180] team0: Port device team_slave_1 added
[  278.197578][ T9180] batman_adv: batadv0: Adding interface: batadv_slave_0
[  278.217713][ T9180] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  278.301933][ T9180] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  278.342068][ T9180] batman_adv: batadv0: Adding interface: batadv_slave_1
[  278.383630][ T9180] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  278.438482][ T5845] Bluetooth: hci6: command tx timeout
[  278.454221][ T9180] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  278.603774][ T9180] hsr_slave_0: entered promiscuous mode
[  278.619061][ T9180] hsr_slave_1: entered promiscuous mode
[  278.638552][ T9180] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  278.659071][ T9180] Cannot create hsr debugfs directory
[  278.964296][ T9248] RDS: rds_bind could not find a transport for 7bc:c94c:4e37:70c4::, load rds_tcp or rds_rdma?
[  279.056844][ T9248] netlink: 346 bytes leftover after parsing attributes in process `syz.4.728'.
[  279.597422][ T9180] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  279.749599][ T9180] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  279.778520][ T9255] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  279.809570][ T9180] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  279.833661][ T9180] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  280.138813][ T9180] 8021q: adding VLAN 0 to HW filter on device bond0
[  280.163689][ T9180] 8021q: adding VLAN 0 to HW filter on device team0
[  280.519846][ T5845] Bluetooth: hci6: command tx timeout
[  281.502255][ T8112] bridge0: port 1(bridge_slave_0) entered blocking state
[  281.510888][ T8112] bridge0: port 1(bridge_slave_0) entered forwarding state
[  281.561397][ T8112] bridge0: port 2(bridge_slave_1) entered blocking state
[  281.569992][ T8112] bridge0: port 2(bridge_slave_1) entered forwarding state
[  282.009850][ T9291] FAULT_INJECTION: forcing a failure.
[  282.009850][ T9291] name fail_futex, interval 1, probability 0, space 0, times 0
[  282.129800][ T9291] CPU: 0 UID: 0 PID: 9291 Comm: syz.3.739 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[  282.129836][ T9291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  282.129850][ T9291] Call Trace:
[  282.129857][ T9291]  <TASK>
[  282.129867][ T9291]  dump_stack_lvl+0x16c/0x1f0
[  282.129907][ T9291]  should_fail_ex+0x50a/0x650
[  282.129944][ T9291]  ? __pfx_validate_mm+0x10/0x10
[  282.129985][ T9291]  get_futex_key+0x4a3/0x1000
[  282.130017][ T9291]  ? __pfx_get_futex_key+0x10/0x10
[  282.130058][ T9291]  futex_wake+0xe8/0x4e0
[  282.130088][ T9291]  ? vm_mmap_pgoff+0x29b/0x3a0
[  282.130124][ T9291]  ? __pfx_futex_wake+0x10/0x10
[  282.130171][ T9291]  do_futex+0x1e5/0x350
[  282.130201][ T9291]  ? __pfx_do_futex+0x10/0x10
[  282.130232][ T9291]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  282.130270][ T9291]  __x64_sys_futex+0x1e1/0x4c0
[  282.130305][ T9291]  ? __pfx___x64_sys_futex+0x10/0x10
[  282.130344][ T9291]  ? ksys_mmap_pgoff+0x85/0x5c0
[  282.130376][ T9291]  ? rcu_is_watching+0x12/0xc0
[  282.130412][ T9291]  do_syscall_64+0xcd/0x250
[  282.130448][ T9291]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  282.130481][ T9291] RIP: 0033:0x7f48fa98d169
[  282.130501][ T9291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  282.130524][ T9291] RSP: 002b:00007f48fb72e0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  282.130548][ T9291] RAX: ffffffffffffffda RBX: 00007f48faba5fa8 RCX: 00007f48fa98d169
[  282.130564][ T9291] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f48faba5fac
[  282.130579][ T9291] RBP: 00007f48faba5fa0 R08: 00007f48fb72f000 R09: 0000000000000000
[  282.130595][ T9291] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f48faba5fac
[  282.130610][ T9291] R13: 0000000000000000 R14: 00007ffcaab10490 R15: 00007ffcaab10578
[  282.130643][ T9291]  </TASK>
[  282.358276][    C0] vkms_vblank_simulate: vblank timer overrun
[  282.600406][ T5845] Bluetooth: hci6: command tx timeout
[  283.229074][ T9180] 8021q: adding VLAN 0 to HW filter on device batadv0
[  283.872450][ T9180] veth0_vlan: entered promiscuous mode
[  283.890811][ T9180] veth1_vlan: entered promiscuous mode
[  283.932416][ T9180] veth0_macvtap: entered promiscuous mode
[  283.942934][ T9180] veth1_macvtap: entered promiscuous mode
[  284.024328][ T9180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  284.072169][ T9180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.128678][ T9180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  284.150862][ T9180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.175636][ T9180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  284.208743][ T9180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.222978][ T9180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  284.249614][ T9180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.277064][ T9180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  284.297340][ T9180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.316173][ T9180] batman_adv: batadv0: Interface activated: batadv_slave_0
[  284.339688][ T9180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  284.371983][ T9180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.408293][ T9180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  284.447538][ T9180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.479738][ T9180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  284.502525][ T9180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.527284][ T9180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  284.583533][ T9180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.638068][ T9180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  284.658625][ T9180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.686049][ T9180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  284.688683][ T5845] Bluetooth: hci6: command tx timeout
[  284.718266][ T9325] netlink: 28 bytes leftover after parsing attributes in process `syz.3.746'.
[  284.748197][ T9180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.792407][ T9180] batman_adv: batadv0: Interface activated: batadv_slave_1
[  284.945541][ T9180] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  284.965245][ T9180] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  285.000342][ T9180] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  285.090732][ T9180] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  285.169514][ T9328] netlink: 28 bytes leftover after parsing attributes in process `syz.5.745'.
[  285.330938][ T1329] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  285.364120][ T1329] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  285.596861][ T9328] mac80211_hwsim hwsim15 wlan1: entered allmulticast mode
[  285.742192][ T7986] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  285.804936][ T9338] netlink: 20 bytes leftover after parsing attributes in process `syz.4.749'.
[  285.830090][ T7986] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  286.834163][ T9355] netlink: 'syz.4.752': attribute type 15 has an invalid length.
[  286.908459][ T9355] netlink: 'syz.4.752': attribute type 16 has an invalid length.
[  286.918331][ T9355] netlink: 'syz.4.752': attribute type 17 has an invalid length.
[  286.927624][ T9355] netlink: 'syz.4.752': attribute type 19 has an invalid length.
[  286.948593][ T9355] netlink: 'syz.4.752': attribute type 27 has an invalid length.
[  286.963696][ T9355] netlink: 'syz.4.752': attribute type 28 has an invalid length.
[  286.974100][ T9355] netlink: 'syz.4.752': attribute type 29 has an invalid length.
[  286.988101][ T9355] netlink: 'syz.4.752': attribute type 30 has an invalid length.
[  287.012629][ T9355] netlink: 18 bytes leftover after parsing attributes in process `syz.4.752'.
[  288.083867][ T9374] netlink: 'syz.4.755': attribute type 1 has an invalid length.
[  290.316617][ T9406] Invalid ELF header magic: != ELF
[  290.329350][ T9408] sctp: [Deprecated]: syz.4.768 (pid 9408) Use of int in maxseg socket option.
[  290.329350][ T9408] Use struct sctp_assoc_value instead
[  293.355205][ T9446] netlink: 28 bytes leftover after parsing attributes in process `syz.4.779'.
[  293.423272][ T9446] mac80211_hwsim hwsim12 wlan1: left promiscuous mode
[  293.490272][ T9446] mac80211_hwsim hwsim12 wlan1: entered allmulticast mode
[  295.820377][ T9462] can: request_module (can-proto-0) failed.
[  296.153186][ T9466] syz.5.784 invoked oom-killer: gfp_mask=0x440dc0(GFP_KERNEL_ACCOUNT|__GFP_COMP|__GFP_ZERO), order=0, oom_score_adj=1000
[  296.268025][ T9466] CPU: 1 UID: 0 PID: 9466 Comm: syz.5.784 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[  296.268059][ T9466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  296.268074][ T9466] Call Trace:
[  296.268081][ T9466]  <TASK>
[  296.268092][ T9466]  dump_stack_lvl+0x16c/0x1f0
[  296.268131][ T9466]  dump_header+0x101/0x930
[  296.268175][ T9466]  oom_kill_process+0x270/0xa60
[  296.268212][ T9466]  out_of_memory+0x351/0x1700
[  296.268253][ T9466]  ? __pfx_out_of_memory+0x10/0x10
[  296.268282][ T9466]  ? rcu_read_unlock+0x17/0x60
[  296.268308][ T9466]  ? find_held_lock+0x2d/0x110
[  296.268343][ T9466]  mem_cgroup_out_of_memory+0x207/0x270
[  296.268373][ T9466]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  296.268412][ T9466]  ? do_raw_spin_unlock+0x172/0x230
[  296.268442][ T9466]  try_charge_memcg+0x54c/0xaf0
[  296.268485][ T9466]  ? __pfx_try_charge_memcg+0x10/0x10
[  296.268519][ T9466]  ? trace_lock_acquire+0x14e/0x1f0
[  296.268548][ T9466]  ? get_mem_cgroup_from_objcg+0xe1/0x210
[  296.268581][ T9466]  ? lock_acquire+0x2f/0xb0
[  296.268624][ T9466]  __memcg_kmem_charge_page+0xdb/0x2b0
[  296.268666][ T9466]  __alloc_frozen_pages_noprof+0x24f/0x2470
[  296.268706][ T9466]  ? hlock_class+0x4e/0x130
[  296.268731][ T9466]  ? mark_lock+0xb5/0xc60
[  296.268766][ T9466]  ? __pfx_mark_lock+0x10/0x10
[  296.268801][ T9466]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  296.268858][ T9466]  ? mark_held_locks+0x9f/0xe0
[  296.268892][ T9466]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  296.268931][ T9466]  ? policy_nodemask+0xea/0x4e0
[  296.268958][ T9466]  alloc_pages_mpol+0x1fc/0x540
[  296.268984][ T9466]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  296.269020][ T9466]  alloc_pages_noprof+0x131/0x390
[  296.269045][ T9466]  pte_alloc_one+0x20/0x390
[  296.269081][ T9466]  __pte_alloc+0x6e/0x3d0
[  296.269110][ T9466]  ? __pfx___pte_alloc+0x10/0x10
[  296.269142][ T9466]  ? find_held_lock+0x2d/0x110
[  296.269176][ T9466]  do_pte_missing+0x2828/0x3e10
[  296.269223][ T9466]  __handle_mm_fault+0x1166/0x2c60
[  296.269269][ T9466]  ? __pfx___handle_mm_fault+0x10/0x10
[  296.269337][ T9466]  handle_mm_fault+0x3fa/0xaa0
[  296.269380][ T9466]  __get_user_pages+0x773/0x36f0
[  296.269423][ T9466]  ? __pfx_mt_find+0x10/0x10
[  296.269456][ T9466]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  296.269491][ T9466]  ? __pfx___get_user_pages+0x10/0x10
[  296.269528][ T9466]  ? __mm_populate+0x21d/0x380
[  296.269571][ T9466]  populate_vma_page_range+0x27f/0x3a0
[  296.269611][ T9466]  ? __pfx_populate_vma_page_range+0x10/0x10
[  296.269646][ T9466]  ? __pfx_find_vma_intersection+0x10/0x10
[  296.269680][ T9466]  ? vm_mmap_pgoff+0x29b/0x3a0
[  296.269721][ T9466]  __mm_populate+0x1d6/0x380
[  296.269759][ T9466]  ? __pfx___mm_populate+0x10/0x10
[  296.269798][ T9466]  ? up_write+0x1b2/0x520
[  296.269855][ T9466]  vm_mmap_pgoff+0x2d3/0x3a0
[  296.269893][ T9466]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  296.269933][ T9466]  ? __x64_sys_futex+0x1e1/0x4c0
[  296.269962][ T9466]  ? __x64_sys_futex+0x1ea/0x4c0
[  296.269997][ T9466]  ksys_mmap_pgoff+0x7d/0x5c0
[  296.270027][ T9466]  ? rcu_is_watching+0x12/0xc0
[  296.270058][ T9466]  __x64_sys_mmap+0x125/0x190
[  296.270093][ T9466]  do_syscall_64+0xcd/0x250
[  296.270128][ T9466]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  296.270166][ T9466] RIP: 0033:0x7fe8acf8d169
[  296.270186][ T9466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  296.270209][ T9466] RSP: 002b:00007fe8ade8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  296.270232][ T9466] RAX: ffffffffffffffda RBX: 00007fe8ad1a5fa0 RCX: 00007fe8acf8d169
[  296.270249][ T9466] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000
[  296.270264][ T9466] RBP: 00007fe8ad00e2a0 R08: 0000000000000002 R09: 0000000000008000
[  296.270279][ T9466] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[  296.270294][ T9466] R13: 0000000000000000 R14: 00007fe8ad1a5fa0 R15: 00007fff20b553c8
[  296.270329][ T9466]  </TASK>
[  296.270339][ T9466] memory: usage 307200kB, limit 307200kB, failcnt 14625
[  296.784533][ T9466] memory+swap: usage 414972kB, limit 9007199254740988kB, failcnt 0
[  296.807983][ T9466] kmem: usage 3648kB, limit 9007199254740988kB, failcnt 0
[  296.816568][ T9466] Memory cgroup stats for /syz5:
[  296.816878][ T9466] cache 310280192
[  296.918313][ T9466] rss 200704
[  296.948091][ T9466] rss_huge 0
[  296.951977][ T9466] shmem 310280192
[  296.956341][ T9466] mapped_file 8192
[  296.997949][ T9466] dirty 0
[  297.001526][ T9466] writeback 0
[  297.005472][ T9466] workingset_refault_anon 82
[  297.038068][ T9466] workingset_refault_file 0
[  297.046404][ T9466] swap 110366720
[  297.062328][ T9466] swapcached 331776
[  297.066939][ T9466] pgpgin 124746
[  297.113167][ T9466] pgpgout 48864
[  297.117361][ T9466] pgfault 16787
[  297.127938][ T9466] pgmajfault 0
[  297.132029][ T9466] inactive_anon 109563904
[  297.137393][ T9466] active_anon 201248768
[  297.218041][ T9466] inactive_file 0
[  297.222470][ T9466] active_file 0
[  297.226632][ T9466] unevictable 0
[  297.238394][ T9466] hierarchical_memory_limit 314572800
[  297.244872][ T9466] hierarchical_memsw_limit 9223372036854771712
[  297.287943][ T9466] total_cache 310280192
[  297.292978][ T9466] total_rss 200704
[  297.297447][ T9466] total_rss_huge 0
[  297.327956][ T9466] total_shmem 310280192
[  297.332995][ T9466] total_mapped_file 8192
[  297.349251][ T9466] total_dirty 0
[  297.353438][ T9466] total_writeback 0
[  297.367979][ T9466] total_workingset_refault_anon 82
[  297.374157][ T9466] total_workingset_refault_file 0
[  297.404482][ T9466] total_swap 110366720
[  297.421915][ T9466] total_swapcached 331776
[  297.427163][ T9466] total_pgpgin 124746
[  297.452394][ T9466] total_pgpgout 48864
[  297.457224][ T9466] total_pgfault 16787
[  297.498772][ T9466] total_pgmajfault 0
[  297.519634][ T9466] total_inactive_anon 109563904
[  297.525516][ T9466] total_active_anon 201248768
[  297.552393][ T9466] total_inactive_file 0
[  297.557427][ T9466] total_active_file 0
[  297.572969][ T9466] total_unevictable 0
[  297.577806][ T9466] anon_cost 0
[  297.643246][ T9466] file_cost 0
[  297.647732][ T9466] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.593,pid=8619,uid=0
[  297.678444][ T9466] Memory cgroup out of memory: Killed process 8619 (syz.5.593) total-vm:131292kB, anon-rss:1036kB, file-rss:59808kB, shmem-rss:0kB, UID:0 pgtables:196kB oom_score_adj:1000
[  298.862345][ T8615] syz.5.593 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  299.187998][ T8615] CPU: 0 UID: 0 PID: 8615 Comm: syz.5.593 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[  299.188032][ T8615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  299.188045][ T8615] Call Trace:
[  299.188052][ T8615]  <TASK>
[  299.188061][ T8615]  dump_stack_lvl+0x16c/0x1f0
[  299.188095][ T8615]  dump_header+0x101/0x930
[  299.188130][ T8615]  oom_kill_process+0x270/0xa60
[  299.188163][ T8615]  out_of_memory+0x351/0x1700
[  299.188202][ T8615]  ? __pfx_out_of_memory+0x10/0x10
[  299.188227][ T8615]  ? rcu_read_unlock+0x17/0x60
[  299.188251][ T8615]  ? find_held_lock+0x2d/0x110
[  299.188284][ T8615]  mem_cgroup_out_of_memory+0x207/0x270
[  299.188312][ T8615]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  299.188349][ T8615]  ? do_raw_spin_unlock+0x172/0x230
[  299.188377][ T8615]  try_charge_memcg+0x54c/0xaf0
[  299.188416][ T8615]  ? __pfx_try_charge_memcg+0x10/0x10
[  299.188450][ T8615]  ? trace_lock_acquire+0x14e/0x1f0
[  299.188476][ T8615]  ? get_mem_cgroup_from_mm+0x7f/0x5f0
[  299.188505][ T8615]  ? lock_acquire+0x2f/0xb0
[  299.188533][ T8615]  ? get_mem_cgroup_from_mm+0x7f/0x5f0
[  299.188569][ T8615]  charge_memcg+0x8a/0x310
[  299.188604][ T8615]  __mem_cgroup_charge+0x2b/0x1e0
[  299.188630][ T8615]  shmem_alloc_and_add_folio+0x50a/0xc10
[  299.188671][ T8615]  ? shmem_huge_global_enabled+0x72/0x6b0
[  299.188696][ T8615]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  299.188728][ T8615]  ? shmem_allowable_huge_orders+0xd0/0x410
[  299.188763][ T8615]  shmem_get_folio_gfp+0x689/0x1530
[  299.188799][ T8615]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  299.188826][ T8615]  ? mark_held_locks+0x9f/0xe0
[  299.188853][ T8615]  ? timestamp_truncate+0x21f/0x2e0
[  299.188897][ T8615]  shmem_write_begin+0x161/0x300
[  299.188927][ T8615]  ? __pfx_shmem_write_begin+0x10/0x10
[  299.188952][ T8615]  ? inode_set_ctime_current+0x2a7/0x900
[  299.188979][ T8615]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1270
[  299.189014][ T8615]  ? __pfx_inode_set_ctime_current+0x10/0x10
[  299.189045][ T8615]  generic_perform_write+0x2ba/0x920
[  299.189083][ T8615]  ? __pfx_generic_perform_write+0x10/0x10
[  299.189106][ T8615]  ? __mark_inode_dirty+0x2a5/0xe50
[  299.189137][ T8615]  ? generic_update_time+0xcf/0xf0
[  299.189160][ T8615]  ? mnt_put_write_access_file+0x45/0xf0
[  299.189196][ T8615]  shmem_file_write_iter+0x10e/0x140
[  299.189230][ T8615]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  299.189259][ T8615]  __kernel_write_iter+0x318/0xa90
[  299.189294][ T8615]  ? __pfx___kernel_write_iter+0x10/0x10
[  299.189329][ T8615]  ? get_dump_page+0x15b/0x230
[  299.189368][ T8615]  ? __pfx___might_resched+0x10/0x10
[  299.189401][ T8615]  ? dump_user_range+0x477/0x8c0
[  299.189439][ T8615]  dump_user_range+0x389/0x8c0
[  299.189480][ T8615]  ? __pfx_dump_user_range+0x10/0x10
[  299.189510][ T8615]  ? elf_coredump_extra_notes_write+0xbe/0x430
[  299.189573][ T8615]  ? __pfx_writenote+0x10/0x10
[  299.189616][ T8615]  elf_core_dump+0x287c/0x3a50
[  299.189673][ T8615]  ? __pfx_elf_core_dump+0x10/0x10
[  299.189705][ T8615]  ? kasan_save_stack+0x33/0x60
[  299.189735][ T8615]  ? kasan_save_track+0x14/0x30
[  299.189765][ T8615]  ? __kasan_kmalloc+0xaa/0xb0
[  299.189798][ T8615]  ? __kmalloc_node_noprof+0x21f/0x510
[  299.189831][ T8615]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  299.189866][ T8615]  ? get_signal+0x230b/0x26c0
[  299.189897][ T8615]  ? arch_do_signal_or_restart+0x90/0x7e0
[  299.189927][ T8615]  ? irqentry_exit_to_user_mode+0x13f/0x280
[  299.190019][ T8615]  ? rcu_is_watching+0x12/0xc0
[  299.190048][ T8615]  ? trace_lock_acquire+0x14e/0x1f0
[  299.190073][ T8615]  ? __pfx_sort+0x10/0x10
[  299.190101][ T8615]  ? get_signal+0x230b/0x26c0
[  299.190142][ T8615]  ? do_coredump+0x313e/0x4400
[  299.190166][ T8615]  do_coredump+0x313e/0x4400
[  299.190206][ T8615]  ? __pfx_do_coredump+0x10/0x10
[  299.190235][ T8615]  ? stack_trace_save+0x95/0xd0
[  299.190261][ T8615]  ? __pfx_stack_trace_save+0x10/0x10
[  299.190289][ T8615]  ? hlock_class+0x4e/0x130
[  299.190312][ T8615]  ? stack_depot_save_flags+0x28/0x9c0
[  299.190361][ T8615]  ? kmem_cache_free+0x2e2/0x4d0
[  299.190391][ T8615]  ? __sigqueue_free+0xba/0x2a0
[  299.190414][ T8615]  ? get_signal+0xcbc/0x26c0
[  299.190444][ T8615]  ? arch_do_signal_or_restart+0x90/0x7e0
[  299.190467][ T8615]  ? irqentry_exit_to_user_mode+0x13f/0x280
[  299.190541][ T8615]  ? find_held_lock+0x2d/0x110
[  299.190570][ T8615]  ? proc_coredump_connector+0x2d2/0x4f0
[  299.190606][ T8615]  ? __pfx_proc_coredump_connector+0x10/0x10
[  299.190657][ T8615]  get_signal+0x230b/0x26c0
[  299.190712][ T8615]  ? __pfx_get_signal+0x10/0x10
[  299.190746][ T8615]  ? rcu_is_watching+0x12/0xc0
[  299.190770][ T8615]  ? trace_irq_disable.constprop.0+0xea/0x140
[  299.190809][ T8615]  arch_do_signal_or_restart+0x90/0x7e0
[  299.190841][ T8615]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  299.190878][ T8615]  ? do_user_addr_fault+0xa4b/0x13f0
[  299.190918][ T8615]  irqentry_exit_to_user_mode+0x13f/0x280
[  299.190950][ T8615]  asm_exc_page_fault+0x26/0x30
[  299.190979][ T8615] RIP: 0033:0x0
[  299.190995][ T8615] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[  299.191006][ T8615] RSP: 002b:000000000000000b EFLAGS: 00010217
[  299.191025][ T8615] RAX: 0000000000000000 RBX: 00007fe8ad1a6320 RCX: 00007fe8acf8d169
[  299.191040][ T8615] RDX: ffffffffffffffff RSI: 0000000000000003 RDI: 0000000000000005
[  299.191054][ T8615] RBP: 00007fe8ad00e2a0 R08: 0000000000000ab4 R09: 0000000000000000
[  299.191068][ T8615] R10: ffffffffff600000 R11: 0000000000000246 R12: 0000000000000000
[  299.191083][ T8615] R13: 0000000000000001 R14: 00007fe8ad1a6320 R15: 00007fff20b553c8
[  299.191104][ T8615]  ? 0xffffffffff600000
[  299.191132][ T8615]  </TASK>
[  299.191141][ T8615] memory: usage 306764kB, limit 307200kB, failcnt 15440
[  299.911855][ T8615] memory+swap: usage 409644kB, limit 9007199254740988kB, failcnt 0
[  299.972993][ T8615] kmem: usage 3212kB, limit 9007199254740988kB, failcnt 0
[  300.212495][ T8615] Memory cgroup stats for /syz5:
[  300.212907][ T8615] cache 307978240
[  300.284235][ T8615] rss 53248
[  300.290146][ T9498] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  300.298631][ T9498] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  300.305894][ T9498] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  300.320794][ T9498] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  300.415459][ T8615] rss_huge 0
[  300.421153][ T9498] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  300.432859][ T8615] shmem 307978240
[  300.485745][ T9498] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  300.487951][ T8615] mapped_file 0
[  300.527537][ T9498] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  300.688689][ T8615] dirty 0
[  300.692307][ T8615] writeback 0
[  300.737145][ T8615] workingset_refault_anon 82
[  300.782002][ T9498] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  300.828370][ T8615] workingset_refault_file 0
[  300.833827][ T8615] swap 107036672
[  300.867869][ T8615] swapcached 303104
[  300.872757][ T8615] pgpgin 125054
[  300.876918][ T8615] pgpgout 49778
[  300.898300][ T8615] pgfault 16824
[  300.908428][ T8615] pgmajfault 0
[  300.912509][ T8615] inactive_anon 192602112
[  300.970292][ T8615] active_anon 115343360
[  300.975334][ T8615] inactive_file 0
[  301.006483][ T9498] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  301.028796][ T9498] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  301.065136][ T8615] active_file 0
[  301.146439][ T8615] unevictable 0
[  301.170345][ T9498] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  301.188099][ T8615] hierarchical_memory_limit 314572800
[  301.194749][ T8615] hierarchical_memsw_limit 9223372036854771712
[  301.272492][ T8615] total_cache 307978240
[  301.296402][ T8615] total_rss 53248
[  301.308925][ T8615] total_rss_huge 0
[  301.384887][ T8615] total_shmem 307978240
[  301.428058][ T8615] total_mapped_file 0
[  301.432929][ T8615] total_dirty 0
[  301.528089][ T8615] total_writeback 0
[  301.532711][ T8615] total_workingset_refault_anon 82
[  301.578020][ T8615] total_workingset_refault_file 0
[  301.584407][ T8615] total_swap 107036672
[  301.634189][ T8615] total_swapcached 303104
[  301.817617][ T8615] total_pgpgin 125054
[  301.845794][ T8615] total_pgpgout 49778
[  301.850805][ T8615] total_pgfault 16824
[  301.855221][ T9517] [U] erofs
[  301.855573][ T8615] total_pgmajfault 0
[  301.855588][ T8615] total_inactive_anon 192602112
[  301.855599][ T8615] total_active_anon 115343360
[  301.855608][ T8615] total_inactive_file 0
[  301.859497][ T9517] [U] 
[  301.859534][ T9517] [U] 
[  301.859570][ T9517] [U] 
[  301.860016][ T9517] [U] 
[  301.893706][ T9517] [U] 
[  301.896933][ T9517] [U] 
[  301.900163][ T9517] [U] 
[  301.946627][ T9517] [U] 
[  301.950335][ T9517] [U] Cl��q�b�m9h��(Zi������/ڌ��X(��^�c,�`Q���R�"a��%��J�U�M��+i*I7u��4�|3��#e,���#(F��O�h��;��
�p�����o�Hb)ȅ2�<f��a1u�&��'�l��VA�)\8�#K�͠���v�|�N!��M��G�����*V���@E<%�yL�΅��]�4����N�~�	2�����$��U�$>��e�P#y�	�G�s֜�w;>z�.H�Ş�����\�l��r�x$�$�;��ɡ��(�^
9�ފ�/����zK��6��c@�iu����
[  301.968021][ T8615] total_active_file 0
[  302.025963][ T9517] [U] P:��C*"�&wX�K.��0�ɢ��c��'ЄW"�q���ۃ����ޡ�����:Z0��� �pQ�r�K�
[  302.037669][ T9517] [U] �G�M�{'�䂿����U0��	I�{��¬��}�j�;�nd�[���Z�+LL�ف,�A�w���:L��V��&�
�D�<��Opnä�IG�����3Z��
W�nD���4D�#�ۈv@*�|��ض���)K���llMsJ�{G�v��@�^!�UgK��Dm A����Z7]�/��y
[  302.066563][ T8615] total_unevictable 0
[  302.067957][ T5845] Bluetooth: hci0: command 0x0c1a tx timeout
[  302.071469][ T8615] anon_cost 0
[  302.161164][ T9517] [U] �X̕P��5��Aq��CL%G޴�`��
[  302.225608][ T9517] [U] HG�x�ef�R�g���ߕ�*v �ȼ�dgU��!]N1�ϒ�u�ۍ�)����*��P��w�n�*�i�NiJ?�=D��6�X��V����\2\.�O>��>E�37M_|S�qQ=^�}cT�su�:���sc��PC_�I`fr�ػ�d6:_ �h2��	�r��~Ui������[̂�8z�*Hզl1\��٠�!��ܦ�!W�
*<���/n���bbG���a
[  302.258119][ T8615] file_cost 0
[  302.262100][ T8615] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.593,pid=8625,uid=0
[  302.325429][ T9517] [U] �8��q,p�?
[  302.346349][ T9517] [U] RxsD�
[  302.356194][ T9517] [U] Z�p���ƺ�G�!s^Tm�k^�f�s��QQÁ�6����J�\H�R���u&�n+�rMZu�GҞx�HD������D5��ظ�hO�n�
[  302.380474][ T5845] Bluetooth: hci1: command 0x0c1a tx timeout
[  302.387734][ T5845] Bluetooth: hci3: command 0x0c1a tx timeout
[  302.395035][ T5841] Bluetooth: hci2: command 0x0c1a tx timeout
[  302.427307][ T8615] Memory cgroup out of memory: Killed process 8625 (syz.5.593) total-vm:131556kB, anon-rss:928kB, file-rss:60192kB, shmem-rss:2048kB, UID:0 pgtables:204kB oom_score_adj:1000
[  302.458103][ T5841] Bluetooth: hci4: command 0x0c1a tx timeout
[  302.492327][ T9517] [U] ��H�����7+��@vv#uS��w4�R^�	��OH�Շ�J
��(�p,R�U��}g9�X�P�t�[��ٿ����rP����c<�?SL	��R"�{B#3�(Ԯ�YS9x�����F�S�I��dpϐba-���~�e��-l���>�������ڶNr������0���W���q��[�����S�s���A�}xg�uD�7Bi�BY�������[Wߧ�u<���8ċK	������V���7�,�$��*��d�H����0z�����	1].
[  302.529558][ T5841] Bluetooth: hci5: command 0x0c1a tx timeout
[  302.700039][ T9517] [U] 8ތ�]/����n(�NW=��;�F?��	��:tK`��+[/��yg��r=j�r�g��]�"��ȝ�5W��v�qv>�-K�	��[��d��M�rF��"Q6oX�	6-_6��6�jn�]�c��.[~��-�:�o������ҕ�m��X�ra��8�۟y�OKYgU��<�q���C�P��Q~�)0�T���h=�
[  303.105584][ T5841] Bluetooth: hci6: command 0x0c1a tx timeout
[  303.759290][ T5845] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  303.781304][ T5845] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  303.793078][ T5845] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  303.829360][ T5845] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  303.844346][ T5845] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  303.854898][ T5845] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2

syzkaller
syzkaller login: [  304.095796][ T9530] nfsd: Unknown parameter '�
'
[  304.615186][ T5841] Bluetooth: hci5: command 0x0c1a tx timeout
[  304.635428][ T9549] netlink: set zone limit has 4 unknown bytes
[  304.844258][ T9532] chnl_net:caif_netlink_parms(): no params data found
[  305.158458][ T5841] Bluetooth: hci6: command 0x0c1a tx timeout
[  305.892017][ T9532] bridge0: port 1(bridge_slave_0) entered blocking state
[  305.924727][ T9532] bridge0: port 1(bridge_slave_0) entered disabled state
[  305.958194][ T5841] Bluetooth: hci7: command tx timeout
[  305.958971][ T9532] bridge_slave_0: entered allmulticast mode
[  306.031508][ T9532] bridge_slave_0: entered promiscuous mode
[  306.111094][ T9532] bridge0: port 2(bridge_slave_1) entered blocking state
[  306.134727][ T9532] bridge0: port 2(bridge_slave_1) entered disabled state
[  306.154012][ T9532] bridge_slave_1: entered allmulticast mode
[  306.165943][ T9532] bridge_slave_1: entered promiscuous mode
[  306.267622][ T9532] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  306.330631][ T9532] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  306.688360][ T5841] Bluetooth: hci5: command 0x0c1a tx timeout
[  306.839747][ T9532] team0: Port device team_slave_0 added
[  306.855303][ T9532] team0: Port device team_slave_1 added
[  307.140070][ T9532] batman_adv: batadv0: Adding interface: batadv_slave_0
[  307.167184][ T9532] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  307.201782][ T9582] netlink: 8 bytes leftover after parsing attributes in process `syz.5.810'.
[  307.238122][ T5841] Bluetooth: hci6: command 0x0c1a tx timeout
[  307.303634][ T9532] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  307.658083][ T9590] netlink: 'syz.3.813': attribute type 10 has an invalid length.
[  307.738009][ T9590] netlink: 230 bytes leftover after parsing attributes in process `syz.3.813'.
[  307.886472][ T9532] batman_adv: batadv0: Adding interface: batadv_slave_1
[  307.918888][ T9532] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  307.970664][ T9532] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  308.048263][ T5841] Bluetooth: hci7: command tx timeout
[  308.082786][ T9590] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  308.372418][ T9532] hsr_slave_0: entered promiscuous mode
[  308.380605][ T9532] hsr_slave_1: entered promiscuous mode
[  308.428075][ T9532] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  308.447464][ T9532] Cannot create hsr debugfs directory
[  308.624486][ T9597] nfs4: Unknown parameter 'nfsd'
[  308.990172][ T9532] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  309.023648][ T9532] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  309.140366][ T9532] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  309.202948][ T9532] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  309.299572][ T9600] syz.5.817 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  309.443303][ T9532] 8021q: adding VLAN 0 to HW filter on device bond0
[  309.496323][ T9532] 8021q: adding VLAN 0 to HW filter on device team0
[  309.519343][ T6214] bridge0: port 1(bridge_slave_0) entered blocking state
[  309.527957][ T6214] bridge0: port 1(bridge_slave_0) entered forwarding state
[  309.584675][ T6214] bridge0: port 2(bridge_slave_1) entered blocking state
[  309.593304][ T6214] bridge0: port 2(bridge_slave_1) entered forwarding state
[  310.123431][ T5841] Bluetooth: hci7: command tx timeout
[  310.187659][ T9532] 8021q: adding VLAN 0 to HW filter on device batadv0
[  310.519636][ T9625] FAULT_INJECTION: forcing a failure.
[  310.519636][ T9625] name failslab, interval 1, probability 0, space 0, times 0
[  310.588061][ T9625] CPU: 1 UID: 0 PID: 9625 Comm: syz.4.820 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[  310.588097][ T9625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  310.588111][ T9625] Call Trace:
[  310.588119][ T9625]  <TASK>
[  310.588129][ T9625]  dump_stack_lvl+0x16c/0x1f0
[  310.588168][ T9625]  should_fail_ex+0x50a/0x650
[  310.588205][ T9625]  ? fs_reclaim_acquire+0xae/0x150
[  310.588240][ T9625]  should_failslab+0xc2/0x120
[  310.588264][ T9625]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  310.588301][ T9625]  ? __kernfs_new_node+0xd3/0x890
[  310.588340][ T9625]  __kernfs_new_node+0xd3/0x890
[  310.588377][ T9625]  ? __pfx___kernfs_new_node+0x10/0x10
[  310.588408][ T9625]  ? __pfx_lock_release+0x10/0x10
[  310.588469][ T9625]  ? kernfs_add_one+0x39d/0x520
[  310.588518][ T9625]  ? up_write+0x1b2/0x520
[  310.588561][ T9625]  kernfs_new_node+0x186/0x240
[  310.588605][ T9625]  __kernfs_create_file+0x53/0x350
[  310.588637][ T9625]  sysfs_add_file_mode_ns+0x1ff/0x3b0
[  310.588677][ T9625]  internal_create_group+0x56c/0xf10
[  310.588719][ T9625]  ? __pfx_internal_create_group+0x10/0x10
[  310.588758][ T9625]  ? kernfs_create_link+0x1bd/0x240
[  310.588791][ T9625]  internal_create_groups+0x9d/0x150
[  310.588827][ T9625]  device_add+0x6d3/0x1a70
[  310.588864][ T9625]  ? __pfx_device_add+0x10/0x10
[  310.588901][ T9625]  ? __init_waitqueue_head+0xca/0x150
[  310.588942][ T9625]  netdev_register_kobject+0x183/0x3a0
[  310.588985][ T9625]  register_netdevice+0x147b/0x1eb0
[  310.589032][ T9625]  ? __pfx_register_netdevice+0x10/0x10
[  310.589073][ T9625]  ? __local_bh_enable_ip+0xa4/0x120
[  310.589110][ T9625]  slip_open+0xb7e/0x1140
[  310.589145][ T9625]  ? __pfx_slip_open+0x10/0x10
[  310.589174][ T9625]  ? down_write+0x14e/0x200
[  310.589211][ T9625]  ? __pfx_slip_open+0x10/0x10
[  310.589243][ T9625]  tty_ldisc_open+0x9c/0x120
[  310.589274][ T9625]  tty_set_ldisc+0x318/0x720
[  310.589307][ T9625]  tty_ioctl+0xbd0/0x15d0
[  310.589338][ T9625]  ? __pfx_tty_ioctl+0x10/0x10
[  310.589380][ T9625]  ? do_raw_spin_unlock+0x172/0x230
[  310.589416][ T9625]  ? xfd_validate_state+0x5d/0x180
[  310.589460][ T9625]  ? __pfx_tty_ioctl+0x10/0x10
[  310.589493][ T9625]  __x64_sys_ioctl+0x190/0x200
[  310.589528][ T9625]  do_syscall_64+0xcd/0x250
[  310.589563][ T9625]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  310.589597][ T9625] RIP: 0033:0x7f4a8318d169
[  310.589618][ T9625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  310.589641][ T9625] RSP: 002b:00007f4a83fc1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  310.589665][ T9625] RAX: ffffffffffffffda RBX: 00007f4a833a5fa0 RCX: 00007f4a8318d169
[  310.589682][ T9625] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000001
[  310.589696][ T9625] RBP: 00007f4a8320e2a0 R08: 0000000000000000 R09: 0000000000000000
[  310.589711][ T9625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  310.589725][ T9625] R13: 0000000000000000 R14: 00007f4a833a5fa0 R15: 00007ffd09b46848
[  310.589766][ T9625]  </TASK>
[  311.394987][ T9532] veth0_vlan: entered promiscuous mode
[  311.433282][ T9532] veth1_vlan: entered promiscuous mode
[  311.534838][ T9532] veth0_macvtap: entered promiscuous mode
[  311.580453][ T9532] veth1_macvtap: entered promiscuous mode
[  311.646459][ T9532] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  311.669827][ T9532] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.692845][ T9532] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  311.713306][ T9532] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.758110][ T9532] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  311.780614][ T9532] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.816989][ T9532] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  311.841827][ T9532] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.865876][ T9532] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  311.917304][ T9532] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.937982][ T9532] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  311.966117][ T9532] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  312.017484][ T9532] batman_adv: batadv0: Interface activated: batadv_slave_0
[  312.031320][ T9532] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  312.078281][ T9532] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  312.098485][ T9532] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  312.158040][ T9532] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  312.198630][ T5841] Bluetooth: hci7: command tx timeout
[  312.207386][ T9532] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  312.238088][ T9532] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  312.250094][ T9532] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  312.262816][ T9532] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  312.274739][ T9532] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  312.289213][ T9532] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  312.301615][ T9532] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  312.318007][ T9532] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  312.338718][ T9532] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  312.358764][ T9532] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  312.402667][ T9532] batman_adv: batadv0: Interface activated: batadv_slave_1
[  312.456646][ T9532] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  312.494712][ T9532] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  312.517873][ T9532] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  312.546732][ T9532] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  312.578049][ T9630] tipc: Started in network mode
[  312.583928][ T9630] tipc: Node identity ee00, cluster identity 4711
[  312.683242][ T9630] tipc: Node number set to 60928
[  313.093847][ T7986] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  313.118270][ T7986] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  313.265454][ T7986] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  313.292073][ T7986] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  314.982742][ T8615] syz.5.593 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  315.147109][ T8615] CPU: 0 UID: 0 PID: 8615 Comm: syz.5.593 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[  315.147144][ T8615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  315.147158][ T8615] Call Trace:
[  315.147165][ T8615]  <TASK>
[  315.147175][ T8615]  dump_stack_lvl+0x16c/0x1f0
[  315.147210][ T8615]  dump_header+0x101/0x930
[  315.147244][ T8615]  oom_kill_process+0x270/0xa60
[  315.147285][ T8615]  out_of_memory+0x351/0x1700
[  315.147322][ T8615]  ? __pfx_out_of_memory+0x10/0x10
[  315.147349][ T8615]  ? rcu_read_unlock+0x17/0x60
[  315.147371][ T8615]  ? find_held_lock+0x2d/0x110
[  315.147403][ T8615]  mem_cgroup_out_of_memory+0x207/0x270
[  315.147429][ T8615]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  315.147464][ T8615]  ? do_raw_spin_unlock+0x172/0x230
[  315.147493][ T8615]  try_charge_memcg+0x54c/0xaf0
[  315.147533][ T8615]  ? __pfx_try_charge_memcg+0x10/0x10
[  315.147566][ T8615]  ? trace_lock_acquire+0x14e/0x1f0
[  315.147593][ T8615]  ? get_mem_cgroup_from_mm+0x7f/0x5f0
[  315.147623][ T8615]  ? lock_acquire+0x2f/0xb0
[  315.147650][ T8615]  ? get_mem_cgroup_from_mm+0x7f/0x5f0
[  315.147686][ T8615]  charge_memcg+0x8a/0x310
[  315.147719][ T8615]  __mem_cgroup_charge+0x2b/0x1e0
[  315.147745][ T8615]  shmem_alloc_and_add_folio+0x50a/0xc10
[  315.147776][ T8615]  ? shmem_huge_global_enabled+0x72/0x6b0
[  315.147801][ T8615]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  315.147832][ T8615]  ? shmem_allowable_huge_orders+0xd0/0x410
[  315.147867][ T8615]  shmem_get_folio_gfp+0x689/0x1530
[  315.147901][ T8615]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  315.147924][ T8615]  ? find_held_lock+0x2d/0x110
[  315.147951][ T8615]  shmem_write_begin+0x161/0x300
[  315.147998][ T8615]  ? __pfx_shmem_write_begin+0x10/0x10
[  315.148022][ T8615]  ? timestamp_truncate+0x21f/0x2e0
[  315.148057][ T8615]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1270
[  315.148099][ T8615]  generic_perform_write+0x2ba/0x920
[  315.148133][ T8615]  ? __pfx_generic_perform_write+0x10/0x10
[  315.148162][ T8615]  ? inode_needs_update_time.part.0+0x191/0x270
[  315.148207][ T8615]  shmem_file_write_iter+0x10e/0x140
[  315.148238][ T8615]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  315.148270][ T8615]  __kernel_write_iter+0x318/0xa90
[  315.148300][ T8615]  ? __pfx___kernel_write_iter+0x10/0x10
[  315.148326][ T8615]  ? get_dump_page+0x15b/0x230
[  315.148359][ T8615]  ? __pfx___might_resched+0x10/0x10
[  315.148388][ T8615]  ? __kernel_write_iter+0x397/0xa90
[  315.148412][ T8615]  ? __kernel_write_iter+0x5a6/0xa90
[  315.148446][ T8615]  dump_user_range+0x389/0x8c0
[  315.148482][ T8615]  ? __pfx_dump_user_range+0x10/0x10
[  315.148512][ T8615]  ? elf_coredump_extra_notes_write+0xbe/0x430
[  315.148554][ T8615]  ? __pfx_writenote+0x10/0x10
[  315.148593][ T8615]  elf_core_dump+0x287c/0x3a50
[  315.148642][ T8615]  ? __pfx_elf_core_dump+0x10/0x10
[  315.148668][ T8615]  ? kasan_save_stack+0x33/0x60
[  315.148698][ T8615]  ? kasan_save_track+0x14/0x30
[  315.148728][ T8615]  ? __kasan_kmalloc+0xaa/0xb0
[  315.148757][ T8615]  ? __kmalloc_node_noprof+0x21f/0x510
[  315.148789][ T8615]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  315.148820][ T8615]  ? get_signal+0x230b/0x26c0
[  315.148851][ T8615]  ? arch_do_signal_or_restart+0x90/0x7e0
[  315.148876][ T8615]  ? irqentry_exit_to_user_mode+0x13f/0x280
[  315.148961][ T8615]  ? rcu_is_watching+0x12/0xc0
[  315.148987][ T8615]  ? trace_lock_acquire+0x14e/0x1f0
[  315.149011][ T8615]  ? __pfx_sort+0x10/0x10
[  315.149035][ T8615]  ? get_signal+0x230b/0x26c0
[  315.149077][ T8615]  ? do_coredump+0x313e/0x4400
[  315.149102][ T8615]  do_coredump+0x313e/0x4400
[  315.149141][ T8615]  ? __pfx_do_coredump+0x10/0x10
[  315.149171][ T8615]  ? stack_trace_save+0x95/0xd0
[  315.149197][ T8615]  ? __pfx_stack_trace_save+0x10/0x10
[  315.149222][ T8615]  ? hlock_class+0x4e/0x130
[  315.149251][ T8615]  ? stack_depot_save_flags+0x28/0x9c0
[  315.149300][ T8615]  ? kmem_cache_free+0x2e2/0x4d0
[  315.149331][ T8615]  ? __sigqueue_free+0xba/0x2a0
[  315.149354][ T8615]  ? get_signal+0xcbc/0x26c0
[  315.149385][ T8615]  ? arch_do_signal_or_restart+0x90/0x7e0
[  315.149409][ T8615]  ? irqentry_exit_to_user_mode+0x13f/0x280
[  315.149481][ T8615]  ? find_held_lock+0x2d/0x110
[  315.149511][ T8615]  ? proc_coredump_connector+0x2d2/0x4f0
[  315.149548][ T8615]  ? __pfx_proc_coredump_connector+0x10/0x10
[  315.149601][ T8615]  get_signal+0x230b/0x26c0
[  315.149649][ T8615]  ? __pfx_get_signal+0x10/0x10
[  315.149682][ T8615]  ? rcu_is_watching+0x12/0xc0
[  315.149706][ T8615]  ? trace_irq_disable.constprop.0+0xea/0x140
[  315.149747][ T8615]  arch_do_signal_or_restart+0x90/0x7e0
[  315.149775][ T8615]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  315.149812][ T8615]  ? do_user_addr_fault+0xa4b/0x13f0
[  315.149852][ T8615]  irqentry_exit_to_user_mode+0x13f/0x280
[  315.149883][ T8615]  asm_exc_page_fault+0x26/0x30
[  315.149913][ T8615] RIP: 0033:0x0
[  315.149930][ T8615] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[  315.149941][ T8615] RSP: 002b:000000000000000b EFLAGS: 00010217
[  315.149959][ T8615] RAX: 0000000000000000 RBX: 00007fe8ad1a6320 RCX: 00007fe8acf8d169
[  315.149974][ T8615] RDX: ffffffffffffffff RSI: 0000000000000003 RDI: 0000000000000005
[  315.149988][ T8615] RBP: 00007fe8ad00e2a0 R08: 0000000000000ab4 R09: 0000000000000000
[  315.150002][ T8615] R10: ffffffffff600000 R11: 0000000000000246 R12: 0000000000000000
[  315.150016][ T8615] R13: 0000000000000001 R14: 00007fe8ad1a6320 R15: 00007fff20b553c8
[  315.150042][ T8615]  ? 0xffffffffff600000
[  315.150070][ T8615]  </TASK>
[  316.218151][ T8615] memory: usage 307200kB, limit 307200kB, failcnt 15689
[  316.408440][ T8615] memory+swap: usage 415064kB, limit 9007199254740988kB, failcnt 0
[  316.498198][ T8615] kmem: usage 3008kB, limit 9007199254740988kB, failcnt 0
[  316.544127][ T8615] Memory cgroup stats for /syz5:
[  316.544298][ T8615] cache 311193600
[  316.568038][ T8615] rss 53248
[  316.571816][ T8615] rss_huge 0
[  316.588002][ T8615] shmem 311193600
[  316.603220][ T8615] mapped_file 56352768
[  316.628313][ T8615] dirty 0
[  316.641381][ T8615] writeback 0
[  316.645359][ T8615] workingset_refault_anon 89
[  316.713911][ T8615] workingset_refault_file 0
[  316.734689][ T8615] swap 110452736
[  316.743503][ T8615] swapcached 245760
[  316.753876][ T8615] pgpgin 163724
[  316.789590][ T8615] pgpgout 87676
[  316.794366][ T8615] pgfault 34428
[  316.858080][ T8615] pgmajfault 3
[  316.862177][ T8615] inactive_anon 310407168
[  316.867366][ T8615] active_anon 1085440
[  316.898006][ T8615] inactive_file 0
[  316.902412][ T8615] active_file 0
[  316.906559][ T8615] unevictable 0
[  316.948155][ T8615] hierarchical_memory_limit 314572800
[  316.954651][ T8615] hierarchical_memsw_limit 9223372036854771712
[  316.982503][ T8615] total_cache 311193600
[  316.987534][ T8615] total_rss 53248
[  317.008058][ T8615] total_rss_huge 0
[  317.029117][ T8615] total_shmem 311193600
[  317.034149][ T8615] total_mapped_file 56352768
[  317.049929][ T8615] total_dirty 0
[  317.054114][ T8615] total_writeback 0
[  317.078037][ T8615] total_workingset_refault_anon 89
[  317.084376][ T8615] total_workingset_refault_file 0
[  317.098161][ T8615] total_swap 110452736
[  317.114790][ T8615] total_swapcached 245760
[  317.124926][ T8615] total_pgpgin 163724
[  317.149645][ T8615] total_pgpgout 87676
[  317.154461][ T8615] total_pgfault 34428
[  317.187102][ T8615] total_pgmajfault 3
[  317.208148][ T8615] total_inactive_anon 310407168
[  317.214002][ T8615] total_active_anon 1085440
[  317.248031][ T8615] total_inactive_file 0
[  317.258128][ T8615] total_active_file 0
[  317.269848][ T9673] FAULT_INJECTION: forcing a failure.
[  317.269848][ T9673] name fail_futex, interval 1, probability 0, space 0, times 0
[  317.272896][ T8615] total_unevictable 0
[  317.307677][ T9673] CPU: 1 UID: 0 PID: 9673 Comm: syz.7.830 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[  317.307711][ T9673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  317.307724][ T9673] Call Trace:
[  317.307731][ T9673]  <TASK>
[  317.307740][ T9673]  dump_stack_lvl+0x16c/0x1f0
[  317.307794][ T9673]  should_fail_ex+0x50a/0x650
[  317.307828][ T9673]  ? __lock_acquire+0x15a9/0x3c40
[  317.307862][ T9673]  get_futex_key+0x4a3/0x1000
[  317.307894][ T9673]  ? __pfx_get_futex_key+0x10/0x10
[  317.307926][ T9673]  futex_wake+0xe8/0x4e0
[  317.307956][ T9673]  ? __pfx_futex_wake+0x10/0x10
[  317.307987][ T9673]  ? find_held_lock+0x2d/0x110
[  317.308016][ T9673]  do_futex+0x1e5/0x350
[  317.308043][ T9673]  ? __pfx_do_futex+0x10/0x10
[  317.308075][ T9673]  ? __might_fault+0xe3/0x190
[  317.308098][ T9673]  ? __might_fault+0xe3/0x190
[  317.308125][ T9673]  mm_release+0x24e/0x300
[  317.308157][ T9673]  do_exit+0x886/0x2d70
[  317.308184][ T9673]  ? get_signal+0x8f7/0x26c0
[  317.308209][ T9673]  ? __pfx_do_exit+0x10/0x10
[  317.308229][ T9673]  ? do_raw_spin_lock+0x12d/0x2c0
[  317.308251][ T9673]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  317.308275][ T9673]  do_group_exit+0xd3/0x2a0
[  317.308300][ T9673]  get_signal+0x24ed/0x26c0
[  317.308336][ T9673]  ? __pfx___blk_flush_plug+0x10/0x10
[  317.308362][ T9673]  ? __pfx___up_read+0x10/0x10
[  317.308397][ T9673]  ? __pfx_get_signal+0x10/0x10
[  317.308432][ T9673]  ? __pfx_do_futex+0x10/0x10
[  317.308462][ T9673]  arch_do_signal_or_restart+0x90/0x7e0
[  317.308490][ T9673]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  317.308526][ T9673]  ? rcu_is_watching+0x12/0xc0
[  317.308557][ T9673]  syscall_exit_to_user_mode+0x150/0x2a0
[  317.308589][ T9673]  do_syscall_64+0xda/0x250
[  317.308621][ T9673]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.308652][ T9673] RIP: 0033:0x7f1ac8b8d169
[  317.308672][ T9673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  317.308694][ T9673] RSP: 002b:00007f1ac99cc0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  317.308717][ T9673] RAX: fffffffffffffe00 RBX: 00007f1ac8da5fa8 RCX: 00007f1ac8b8d169
[  317.308733][ T9673] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f1ac8da5fa8
[  317.308746][ T9673] RBP: 00007f1ac8da5fa0 R08: 0000000000000000 R09: 0000000000000000
[  317.308760][ T9673] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1ac8da5fac
[  317.308775][ T9673] R13: 0000000000000000 R14: 00007fff8e73f710 R15: 00007fff8e73f7f8
[  317.308805][ T9673]  </TASK>
[  317.318582][ T8615] anon_cost 0
[  317.679254][ T8615] file_cost 0
[  317.683735][ T8615] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.593,pid=8615,uid=0
[  317.728246][ T8615] Memory cgroup out of memory: Killed process 8615 (syz.5.593) total-vm:131292kB, anon-rss:1064kB, file-rss:60192kB, shmem-rss:31744kB, UID:0 pgtables:260kB oom_score_adj:1000
[  317.883270][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  317.891181][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  317.960258][ T9677] netlink: 4 bytes leftover after parsing attributes in process `syz.7.833'.
[  319.296482][ T8270] syz-executor invoked oom-killer: gfp_mask=0x440dc0(GFP_KERNEL_ACCOUNT|__GFP_COMP|__GFP_ZERO), order=0, oom_score_adj=0
[  319.538710][ T8270] CPU: 0 UID: 0 PID: 8270 Comm: syz-executor Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[  319.538743][ T8270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  319.538756][ T8270] Call Trace:
[  319.538762][ T8270]  <TASK>
[  319.538771][ T8270]  dump_stack_lvl+0x16c/0x1f0
[  319.538805][ T8270]  dump_header+0x101/0x930
[  319.538843][ T8270]  oom_kill_process+0x270/0xa60
[  319.538869][ T8270]  ? mem_cgroup_out_of_memory+0x8d/0x270
[  319.538901][ T8270]  out_of_memory+0x351/0x1700
[  319.538937][ T8270]  ? __pfx_out_of_memory+0x10/0x10
[  319.538963][ T8270]  ? rcu_read_unlock+0x17/0x60
[  319.538984][ T8270]  ? find_held_lock+0x2d/0x110
[  319.539018][ T8270]  mem_cgroup_out_of_memory+0x207/0x270
[  319.539046][ T8270]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  319.539084][ T8270]  ? do_raw_spin_unlock+0x172/0x230
[  319.539113][ T8270]  try_charge_memcg+0x54c/0xaf0
[  319.539151][ T8270]  ? __pfx_try_charge_memcg+0x10/0x10
[  319.539182][ T8270]  ? trace_lock_acquire+0x14e/0x1f0
[  319.539208][ T8270]  ? get_mem_cgroup_from_objcg+0xe1/0x210
[  319.539239][ T8270]  ? lock_acquire+0x2f/0xb0
[  319.539280][ T8270]  __memcg_kmem_charge_page+0xdb/0x2b0
[  319.539321][ T8270]  __alloc_frozen_pages_noprof+0x24f/0x2470
[  319.539376][ T8270]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  319.539427][ T8270]  ? find_held_lock+0x2d/0x110
[  319.539457][ T8270]  ? page_ext_put+0x3e/0xd0
[  319.539487][ T8270]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  319.539523][ T8270]  ? policy_nodemask+0xea/0x4e0
[  319.539551][ T8270]  alloc_pages_mpol+0x1fc/0x540
[  319.539576][ T8270]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  319.539599][ T8270]  ? page_table_check_set.part.0+0x3b8/0x550
[  319.539634][ T8270]  ? find_held_lock+0x2d/0x110
[  319.539661][ T8270]  alloc_pages_noprof+0x131/0x390
[  319.539686][ T8270]  pte_alloc_one+0x20/0x390
[  319.539720][ T8270]  __pte_alloc+0x6e/0x3d0
[  319.539747][ T8270]  ? __pfx___pte_alloc+0x10/0x10
[  319.539772][ T8270]  ? __pfx___might_resched+0x10/0x10
[  319.539815][ T8270]  copy_page_range+0x3737/0x5690
[  319.539892][ T8270]  ? __pfx_copy_page_range+0x10/0x10
[  319.539924][ T8270]  ? find_held_lock+0x2d/0x110
[  319.539954][ T8270]  ? __pfx_lock_release+0x10/0x10
[  319.539980][ T8270]  ? lock_acquire+0x2f/0xb0
[  319.540003][ T8270]  ? copy_process+0x7c12/0x8c50
[  319.540027][ T8270]  ? down_write+0x14e/0x200
[  319.540060][ T8270]  ? up_write+0x1b2/0x520
[  319.540094][ T8270]  copy_process+0x7ccb/0x8c50
[  319.540138][ T8270]  ? __pfx_copy_process+0x10/0x10
[  319.540161][ T8270]  ? __pfx_mark_lock+0x10/0x10
[  319.540218][ T8270]  kernel_clone+0xfd/0x960
[  319.540241][ T8270]  ? __pfx___lock_acquire+0x10/0x10
[  319.540270][ T8270]  ? __pfx_kernel_clone+0x10/0x10
[  319.540299][ T8270]  ? reacquire_held_locks+0x20b/0x4c0
[  319.540330][ T8270]  ? do_user_addr_fault+0xdc7/0x13f0
[  319.540371][ T8270]  __do_sys_clone+0xcf/0x120
[  319.540393][ T8270]  ? __pfx___do_sys_clone+0x10/0x10
[  319.540431][ T8270]  ? do_user_addr_fault+0x83d/0x13f0
[  319.540467][ T8270]  do_syscall_64+0xcd/0x250
[  319.540498][ T8270]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.540528][ T8270] RIP: 0033:0x7fe8acf839d3
[  319.540545][ T8270] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00
[  319.540566][ T8270] RSP: 002b:00007fff20b55648 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  319.540585][ T8270] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe8acf839d3
[  319.540600][ T8270] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[  319.540613][ T8270] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001
[  319.540626][ T8270] R10: 000055557320c7d0 R11: 0000000000000246 R12: 0000000000000000
[  319.540640][ T8270] R13: 00000000000927c0 R14: 000000000004cd03 R15: 00007fff20b557e0
[  319.540674][ T8270]  </TASK>
[  319.540684][ T8270] memory: usage 306208kB, limit 307200kB, failcnt 16397
[  320.290649][ T8270] memory+swap: usage 414168kB, limit 9007199254740988kB, failcnt 0
[  320.392342][ T9734] netlink: 4 bytes leftover after parsing attributes in process `syz.3.840'.
[  320.458288][ T8270] kmem: usage 2740kB, limit 9007199254740988kB, failcnt 0
[  320.466867][ T8270] Memory cgroup stats for /syz5:
[  320.467192][ T8270] cache 309956608
[  320.593182][ T8270] rss 53248
[  320.607008][ T8270] rss_huge 0
[  320.778214][ T8270] shmem 309956608
[  320.782630][ T8270] mapped_file 26234880
[  320.930432][ T8270] dirty 0
[  321.017311][ T8270] writeback 0
[  321.058370][ T8270] workingset_refault_anon 97
[  321.154382][ T8270] workingset_refault_file 0
[  321.200738][ T8270] swap 110342144
[  321.346241][ T8270] swapcached 278528
[  321.397956][ T8270] pgpgin 166097
[  321.449504][ T8270] pgpgout 90311
[  321.482062][ T8270] pgfault 35095
[  321.486278][ T8270] pgmajfault 3
[  321.569906][ T8270] inactive_anon 299499520
[  321.702919][ T8270] active_anon 10764288
[  321.707848][ T8270] inactive_file 0
[  321.817933][ T8270] active_file 0
[  321.878172][ T8270] unevictable 0
[  321.920806][ T8270] hierarchical_memory_limit 314572800
[  321.927310][ T8270] hierarchical_memsw_limit 9223372036854771712
[  322.059224][ T8270] total_cache 309956608
[  322.064269][ T8270] total_rss 53248
[  322.178105][ T8270] total_rss_huge 0
[  322.182629][ T8270] total_shmem 309956608
[  322.187626][ T8270] total_mapped_file 26234880
[  322.397984][ T8270] total_dirty 0
[  322.471422][ T8270] total_writeback 0
[  322.476042][ T8270] total_workingset_refault_anon 97
[  322.578255][ T8270] total_workingset_refault_file 0
[  322.584341][ T8270] total_swap 110342144
[  322.673808][ T8270] total_swapcached 278528
[  322.728228][ T8270] total_pgpgin 166097
[  322.746547][ T8270] total_pgpgout 90311
[  322.876702][ T8270] total_pgfault 35095
[  322.897958][ T8270] total_pgmajfault 3
[  322.902680][ T8270] total_inactive_anon 299499520
[  323.050703][ T8270] total_active_anon 10764288
[  323.087345][ T8270] total_inactive_file 0
[  323.178128][ T8270] total_active_file 0
[  323.182952][ T8270] total_unevictable 0
[  323.286501][ T8270] anon_cost 0
[  323.291237][ T8270] file_cost 0
[  323.295535][ T8270] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.593,pid=8628,uid=0
[  323.315774][ T8270] Memory cgroup out of memory: Killed process 8628 (syz.5.593) total-vm:131688kB, anon-rss:1008kB, file-rss:60256kB, shmem-rss:26368kB, UID:0 pgtables:252kB oom_score_adj:1000
[  326.337047][ T9778] kexec: Could not allocate control_code_buffer
[  329.749531][ T9833] kexec: Could not allocate control_code_buffer
[  334.193139][ T9924] page: refcount:2 mapcount:1 mapping:0000000000000000 index:0x7f24b41a3 pfn:0x78000
[  334.257452][ T9924] flags: 0xfff18000000214(referenced|dirty|workingset|node=0|zone=1|lastcpupid=0x7ff)
[  334.308828][ T9924] raw: 00fff18000000214 0000000000000000 dead000000000122 0000000000000000
[  334.361793][ T9924] raw: 00000007f24b41a3 0000000000000000 0000000200000000 0000000000000000
[  334.434783][ T9925] could not allocate digest TFM handle 
[  334.461827][ T9924] page dumped because: unmovable page
[  334.511039][ T9924] page_owner tracks the page as allocated
[  334.519845][ T9924] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), pid 5828, tgid 5828 (syz-executor), ts 76372840015, free_ts 76234248051
[  334.611288][ T9924]  post_alloc_hook+0x181/0x1b0
[  334.617632][ T9924]  get_page_from_freelist+0xfce/0x2f80
[  334.691107][ T9924]  __alloc_frozen_pages_noprof+0x221/0x2470
[  334.760092][ T9924]  alloc_pages_mpol+0x1fc/0x540
[  334.767467][ T9925] could not allocate digest TFM handle 
[  334.791159][ T9924]  alloc_pages_noprof+0x131/0x390
[  334.797248][ T9924]  __vmalloc_node_range_noprof+0x721/0x1530
[  334.843234][ T9924]  vmalloc_user_noprof+0x6b/0x90
[  334.849247][ T9924]  kcov_ioctl+0x4c/0x730
[  334.911165][ T9924]  __x64_sys_ioctl+0x190/0x200
[  334.916958][ T9924]  do_syscall_64+0xcd/0x250
[  334.941143][ T9924]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.948493][ T9924] page last free pid 5822 tgid 5822 stack trace:
[  334.961098][ T9924]  free_unref_folios+0xa7b/0x1500
[  334.967533][ T9924]  folios_put_refs+0x587/0x7b0
[  334.981446][ T9924]  free_pages_and_swap_cache+0x351/0x500
[  334.991701][ T9924]  __tlb_batch_free_encoded_pages+0xf9/0x290
[  335.011144][ T9924]  tlb_finish_mmu+0x168/0x7b0
[  335.021403][ T9924]  vms_clear_ptes+0x560/0x770
[  335.031410][ T9924]  vms_complete_munmap_vmas+0x1ca/0x970
[  335.048317][ T9924]  do_vmi_align_munmap+0x619/0x890
[  335.055182][ T9924]  do_vmi_munmap+0x208/0x3e0
[  335.060746][ T9924]  __vm_munmap+0x19b/0x390
[  335.076392][ T9924]  __x64_sys_munmap+0x59/0x80
[  335.091450][ T9924]  do_syscall_64+0xcd/0x250
[  335.096962][ T9924]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  339.735255][T10015] netlink: 342 bytes leftover after parsing attributes in process `syz.3.903'.
[  339.795459][   T29] audit: type=1806 audit(4295001338.403:16): xattr="" res=-22
[  340.129963][T10022] netlink: 4 bytes leftover after parsing attributes in process `syz.3.904'.
[  342.433358][T10063] tipc: Started in network mode
[  342.483077][T10063] tipc: Node identity ee00, cluster identity 4711
[  342.540964][T10063] tipc: Node number set to 60928
[  342.560645][T10065] netlink: 4 bytes leftover after parsing attributes in process `syz.7.916'.
[  346.190401][T10111] FAULT_INJECTION: forcing a failure.
[  346.190401][T10111] name failslab, interval 1, probability 0, space 0, times 0
[  346.303186][T10111] CPU: 0 UID: 0 PID: 10111 Comm: syz.3.926 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[  346.303232][T10111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  346.303246][T10111] Call Trace:
[  346.303254][T10111]  <TASK>
[  346.303264][T10111]  dump_stack_lvl+0x16c/0x1f0
[  346.303303][T10111]  should_fail_ex+0x50a/0x650
[  346.303341][T10111]  ? fs_reclaim_acquire+0xae/0x150
[  346.303376][T10111]  ? apply_subsystem_event_filter+0x3cc/0x1410
[  346.303406][T10111]  should_failslab+0xc2/0x120
[  346.303430][T10111]  __kmalloc_cache_noprof+0x68/0x410
[  346.303473][T10111]  apply_subsystem_event_filter+0x3cc/0x1410
[  346.303514][T10111]  ? __pfx_apply_subsystem_event_filter+0x10/0x10
[  346.303543][T10111]  ? __might_fault+0xe3/0x190
[  346.303569][T10111]  ? __might_fault+0xe3/0x190
[  346.303599][T10111]  ? _copy_from_user+0x59/0xd0
[  346.303627][T10111]  subsystem_filter_write+0x95/0x120
[  346.303657][T10111]  ? __pfx_subsystem_filter_write+0x10/0x10
[  346.303683][T10111]  vfs_write+0x24c/0x1150
[  346.303715][T10111]  ? __fget_files+0x1fc/0x3a0
[  346.303746][T10111]  ? __pfx___mutex_lock+0x10/0x10
[  346.303774][T10111]  ? __pfx_vfs_write+0x10/0x10
[  346.303813][T10111]  ? __fget_files+0x206/0x3a0
[  346.303854][T10111]  ksys_write+0x12b/0x250
[  346.303882][T10111]  ? __pfx_ksys_write+0x10/0x10
[  346.303919][T10111]  do_syscall_64+0xcd/0x250
[  346.303953][T10111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.303984][T10111] RIP: 0033:0x7f48fa98d169
[  346.304002][T10111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  346.304025][T10111] RSP: 002b:00007f48fb70d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  346.304047][T10111] RAX: ffffffffffffffda RBX: 00007f48faba6080 RCX: 00007f48fa98d169
[  346.304063][T10111] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000006
[  346.304077][T10111] RBP: 00007f48faa0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  346.304090][T10111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  346.304105][T10111] R13: 0000000000000000 R14: 00007f48faba6080 R15: 00007ffcaab10578
[  346.304137][T10111]  </TASK>
[  349.488654][T10155] netlink: 74 bytes leftover after parsing attributes in process `syz.7.935'.
[  349.957714][T10161] Invalid ELF header magic: != ELF
[  351.816348][T10205] FAULT_INJECTION: forcing a failure.
[  351.816348][T10205] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  351.904091][T10205] CPU: 0 UID: 0 PID: 10205 Comm: syz.4.947 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[  351.904125][T10205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  351.904138][T10205] Call Trace:
[  351.904145][T10205]  <TASK>
[  351.904161][T10205]  dump_stack_lvl+0x16c/0x1f0
[  351.904197][T10205]  should_fail_ex+0x50a/0x650
[  351.904236][T10205]  _copy_to_user+0x32/0xd0
[  351.904266][T10205]  simple_read_from_buffer+0xd0/0x160
[  351.904299][T10205]  proc_fail_nth_read+0x198/0x270
[  351.904329][T10205]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  351.904360][T10205]  ? rw_verify_area+0xcf/0x680
[  351.904405][T10205]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  351.904434][T10205]  vfs_read+0x1df/0xbf0
[  351.904462][T10205]  ? __fget_files+0x1fc/0x3a0
[  351.904495][T10205]  ? __pfx___mutex_lock+0x10/0x10
[  351.904524][T10205]  ? __pfx_vfs_read+0x10/0x10
[  351.904563][T10205]  ? __fget_files+0x206/0x3a0
[  351.904605][T10205]  ksys_read+0x12b/0x250
[  351.904635][T10205]  ? __pfx_ksys_read+0x10/0x10
[  351.904680][T10205]  do_syscall_64+0xcd/0x250
[  351.904722][T10205]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.904754][T10205] RIP: 0033:0x7f4a8318bb7c
[  351.904773][T10205] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  351.904794][T10205] RSP: 002b:00007f4a83fc1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  351.904817][T10205] RAX: ffffffffffffffda RBX: 00007f4a833a5fa0 RCX: 00007f4a8318bb7c
[  351.904833][T10205] RDX: 000000000000000f RSI: 00007f4a83fc10a0 RDI: 0000000000000004
[  351.904847][T10205] RBP: 00007f4a83fc1090 R08: 0000000000000000 R09: 0000000000000000
[  351.904871][T10205] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001
[  351.904886][T10205] R13: 0000000000000000 R14: 00007f4a833a5fa0 R15: 00007ffd09b46848
[  351.904918][T10205]  </TASK>
[  352.135097][    C0] vkms_vblank_simulate: vblank timer overrun
[  352.860365][T10209] GUP no longer grows the stack in syz.5.948 (10209): 14000-401000 (4000)
[  352.901232][T10209] CPU: 1 UID: 0 PID: 10209 Comm: syz.5.948 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[  352.901265][T10209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  352.901277][T10209] Call Trace:
[  352.901284][T10209]  <TASK>
[  352.901294][T10209]  dump_stack_lvl+0x16c/0x1f0
[  352.901329][T10209]  gup_vma_lookup+0x1d2/0x220
[  352.901371][T10209]  __get_user_pages+0x236/0x36f0
[  352.901412][T10209]  ? hlock_class+0x4e/0x130
[  352.901435][T10209]  ? __lock_acquire+0x15a9/0x3c40
[  352.901466][T10209]  ? __pfx___get_user_pages+0x10/0x10
[  352.901508][T10209]  __gup_longterm_locked+0x212/0x1870
[  352.901539][T10209]  ? __pfx___lock_acquire+0x10/0x10
[  352.901575][T10209]  ? __pfx___gup_longterm_locked+0x10/0x10
[  352.901606][T10209]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  352.901636][T10209]  ? rwsem_read_trylock+0x12d/0x250
[  352.901668][T10209]  ? __pfx_rwsem_read_trylock+0x10/0x10
[  352.901699][T10209]  ? process_vm_rw_core.constprop.0+0x3ff/0x9c0
[  352.901727][T10209]  pin_user_pages_remote+0xee/0x150
[  352.901759][T10209]  ? __pfx_pin_user_pages_remote+0x10/0x10
[  352.901787][T10209]  ? down_read+0xc9/0x330
[  352.901827][T10209]  process_vm_rw_core.constprop.0+0x42b/0x9c0
[  352.901855][T10209]  ? futex_wait_queue+0x103/0x1f0
[  352.901890][T10209]  ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10
[  352.901936][T10209]  process_vm_rw+0x301/0x360
[  352.901963][T10209]  ? __pfx_process_vm_rw+0x10/0x10
[  352.902027][T10209]  ? xfd_validate_state+0x5d/0x180
[  352.902058][T10209]  ? rcu_is_watching+0x12/0xc0
[  352.902087][T10209]  __x64_sys_process_vm_readv+0xe2/0x1c0
[  352.902113][T10209]  ? do_syscall_64+0x91/0x250
[  352.902142][T10209]  ? lockdep_hardirqs_on+0x7c/0x110
[  352.902169][T10209]  do_syscall_64+0xcd/0x250
[  352.902201][T10209]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  352.902231][T10209] RIP: 0033:0x7fe8acf8d169
[  352.902251][T10209] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  352.902272][T10209] RSP: 002b:00007fe8ade8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136
[  352.902293][T10209] RAX: ffffffffffffffda RBX: 00007fe8ad1a5fa0 RCX: 00007fe8acf8d169
[  352.902308][T10209] RDX: 0000000000000004 RSI: 0000400000000040 RDI: 00000000000000e4
[  352.902322][T10209] RBP: 00007fe8ad00e2a0 R08: 0000000000000003 R09: 0000000000000000
[  352.902346][T10209] R10: 00004000000000c0 R11: 0000000000000246 R12: 0000000000000000
[  352.902360][T10209] R13: 0000000000000000 R14: 00007fe8ad1a5fa0 R15: 00007fff20b553c8
[  352.902391][T10209]  </TASK>
[  353.585781][T10208] ima: policy update failed
[  353.596694][   T29] audit: type=1802 audit(4295001352.192:17): pid=10208 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.5.948" res=0 errno=0
[  353.950573][T10251] sctp: [Deprecated]: syz.3.953 (pid 10251) Use of int in maxseg socket option.
[  353.950573][T10251] Use struct sctp_assoc_value instead
[  354.083160][T10259] ecryptfs_miscdev_write: memdup_user returned error [-14]
[  354.105928][T10261] ecryptfs_miscdev_write: memdup_user returned error [-14]
[  354.419998][T10265] FAULT_INJECTION: forcing a failure.
[  354.419998][T10265] name failslab, interval 1, probability 0, space 0, times 0
[  354.443971][T10265] CPU: 1 UID: 0 PID: 10265 Comm: syz.7.957 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[  354.444007][T10265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  354.444022][T10265] Call Trace:
[  354.444029][T10265]  <TASK>
[  354.444039][T10265]  dump_stack_lvl+0x16c/0x1f0
[  354.444077][T10265]  should_fail_ex+0x50a/0x650
[  354.444110][T10265]  ? fs_reclaim_acquire+0xae/0x150
[  354.444165][T10265]  ? __register_sysctl_table+0xb4/0x1910
[  354.444204][T10265]  should_failslab+0xc2/0x120
[  354.444225][T10265]  __kmalloc_noprof+0xcb/0x510
[  354.444260][T10265]  __register_sysctl_table+0xb4/0x1910
[  354.444294][T10265]  ? rcu_is_watching+0x12/0xc0
[  354.444318][T10265]  ? __pfx___register_sysctl_table+0x10/0x10
[  354.444356][T10265]  ? is_module_address+0x2a/0x50
[  354.444392][T10265]  ? register_net_sysctl_sz+0x228/0x3e0
[  354.444426][T10265]  ? __asan_memcpy+0x3c/0x60
[  354.444466][T10265]  ? __pfx_nf_lwtunnel_net_init+0x10/0x10
[  354.444501][T10265]  nf_lwtunnel_net_init+0x60/0xf0
[  354.444536][T10265]  ops_init+0x1df/0x5f0
[  354.444576][T10265]  setup_net+0x21f/0x860
[  354.444614][T10265]  ? __pfx_setup_net+0x10/0x10
[  354.444648][T10265]  ? down_read_killable+0xcc/0x380
[  354.444682][T10265]  ? __pfx_down_read_killable+0x10/0x10
[  354.444715][T10265]  ? __raw_spin_lock_init+0x3a/0x110
[  354.444741][T10265]  ? debug_mutex_init+0x37/0x70
[  354.444771][T10265]  copy_net_ns+0x2a6/0x5f0
[  354.444801][T10265]  create_new_namespaces+0x3ea/0xad0
[  354.444846][T10265]  copy_namespaces+0x468/0x560
[  354.444886][T10265]  copy_process+0x29fc/0x8c50
[  354.444934][T10265]  ? __pfx_copy_process+0x10/0x10
[  354.444956][T10265]  ? __pfx___futex_wait+0x10/0x10
[  354.445020][T10265]  kernel_clone+0xfd/0x960
[  354.445046][T10265]  ? __pfx_kernel_clone+0x10/0x10
[  354.445090][T10265]  __do_sys_clone+0xcf/0x120
[  354.445114][T10265]  ? __pfx___do_sys_clone+0x10/0x10
[  354.445155][T10265]  ? rcu_is_watching+0x12/0xc0
[  354.445191][T10265]  do_syscall_64+0xcd/0x250
[  354.445225][T10265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  354.445257][T10265] RIP: 0033:0x7f1ac8b8d169
[  354.445278][T10265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  354.445304][T10265] RSP: 002b:00007f1ac99cbfe8 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[  354.445327][T10265] RAX: ffffffffffffffda RBX: 00007f1ac8da5fa0 RCX: 00007f1ac8b8d169
[  354.445345][T10265] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000001432a0091
[  354.445360][T10265] RBP: 00007f1ac8c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  354.445375][T10265] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[  354.445389][T10265] R13: 0000000000000000 R14: 00007f1ac8da5fa0 R15: 00007fff8e73f7f8
[  354.445422][T10265]  </TASK>
[  355.937458][T10283] FAULT_INJECTION: forcing a failure.
[  355.937458][T10283] name failslab, interval 1, probability 0, space 0, times 0
[  355.987592][T10283] CPU: 1 UID: 0 PID: 10283 Comm: syz.7.961 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[  355.987633][T10283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  355.987648][T10283] Call Trace:
[  355.987656][T10283]  <TASK>
[  355.987666][T10283]  dump_stack_lvl+0x16c/0x1f0
[  355.987704][T10283]  should_fail_ex+0x50a/0x650
[  355.987742][T10283]  ? fs_reclaim_acquire+0xae/0x150
[  355.987776][T10283]  should_failslab+0xc2/0x120
[  355.987802][T10283]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  355.987838][T10283]  ? get_random_u64+0x57e/0x7d0
[  355.987860][T10283]  ? prepare_creds+0x2e/0x750
[  355.987896][T10283]  prepare_creds+0x2e/0x750
[  355.987926][T10283]  ? __pfx_get_random_u64+0x10/0x10
[  355.987952][T10283]  copy_creds+0xa7/0xa50
[  355.987986][T10283]  copy_process+0x10b2/0x8c50
[  355.988012][T10283]  ? find_held_lock+0x2d/0x110
[  355.988042][T10283]  ? try_to_wake_up+0x949/0x1490
[  355.988096][T10283]  ? __pfx_copy_process+0x10/0x10
[  355.988124][T10283]  ? try_to_wake_up+0x953/0x1490
[  355.988162][T10283]  ? __pfx_try_to_wake_up+0x10/0x10
[  355.988195][T10283]  ? __pfx_lock_release+0x10/0x10
[  355.988229][T10283]  ? plist_check_head+0xa3/0x150
[  355.988262][T10283]  ? wake_up_q+0xb0/0x160
[  355.988291][T10283]  ? do_raw_spin_unlock+0x172/0x230
[  355.988327][T10283]  kernel_clone+0xfd/0x960
[  355.988352][T10283]  ? __pfx_futex_wake+0x10/0x10
[  355.988388][T10283]  ? __pfx_kernel_clone+0x10/0x10
[  355.988430][T10283]  __do_sys_clone+0xcf/0x120
[  355.988454][T10283]  ? __pfx___do_sys_clone+0x10/0x10
[  355.988494][T10283]  ? rcu_is_watching+0x12/0xc0
[  355.988529][T10283]  do_syscall_64+0xcd/0x250
[  355.988563][T10283]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.988596][T10283] RIP: 0033:0x7f1ac8b8d169
[  355.988616][T10283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  355.988639][T10283] RSP: 002b:00007f1ac99aafe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  355.988663][T10283] RAX: ffffffffffffffda RBX: 00007f1ac8da6080 RCX: 00007f1ac8b8d169
[  355.988680][T10283] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  355.988694][T10283] RBP: 00007f1ac8c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  355.988709][T10283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  355.988723][T10283] R13: 0000000000000000 R14: 00007f1ac8da6080 R15: 00007fff8e73f7f8
[  355.988754][T10283]  </TASK>
[  356.750452][T10296] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input11
[  356.830164][T10301] netlink: 206 bytes leftover after parsing attributes in process `syz.7.965'.
[  357.025640][T10291] 
[  357.441029][T10291] delete_channel: no stack
[  358.709025][T10324] netlink: 8 bytes leftover after parsing attributes in process `syz.3.969'.
[  360.124209][   T30] INFO: task syz.2.479:8058 blocked for more than 143 seconds.
[  360.133308][   T30]       Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[  360.184093][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  360.203997][   T30] task:syz.2.479       state:D stack:26800 pid:8058  tgid:8056  ppid:5831   task_flags:0x400140 flags:0x00020004
[  360.253983][   T30] Call Trace:
[  360.257970][   T30]  <TASK>
[  360.279856][   T30]  __schedule+0xf43/0x5890
[  360.285373][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  360.291647][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  360.320869][   T30]  ? __pfx___schedule+0x10/0x10
[  360.334309][   T30]  ? schedule+0x298/0x350
[  360.348409][   T30]  ? __pfx_lock_release+0x10/0x10
[  360.362563][   T30]  ? __mutex_trylock_common+0x78/0x250
[  360.383986][   T30]  ? lock_acquire+0x2f/0xb0
[  360.389451][   T30]  ? schedule+0x1fd/0x350
[  360.423515][   T30]  schedule+0xe7/0x350
[  360.428720][   T30]  schedule_preempt_disabled+0x13/0x30
[  360.453996][   T30]  __mutex_lock+0x6bd/0xb10
[  360.459473][   T30]  ? nfsd_nl_threads_set_doit+0x694/0xbe0
[  360.481457][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  360.488335][   T30]  ? __pfx_lock_release+0x10/0x10
[  360.514108][   T30]  ? nfsd_nl_threads_set_doit+0x694/0xbe0
[  360.521042][   T30]  nfsd_nl_threads_set_doit+0x694/0xbe0
[  360.552502][   T30]  genl_family_rcv_msg_doit+0x202/0x2f0
[  360.561109][   T30]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  360.581256][   T30]  ? trace_cap_capable+0x1a2/0x210
[  360.604197][   T30]  ? bpf_lsm_capable+0x9/0x10
[  360.609876][   T30]  ? security_capable+0x7e/0x260
[  360.627480][   T30]  genl_rcv_msg+0x565/0x800
[  360.632968][   T30]  ? __pfx_genl_rcv_msg+0x10/0x10
[  360.653967][   T30]  ? __pfx_nfsd_nl_threads_set_doit+0x10/0x10
[  360.684973][   T30]  netlink_rcv_skb+0x16b/0x440
[  360.690869][   T30]  ? __pfx_genl_rcv_msg+0x10/0x10
[  360.719700][   T30]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  360.740757][   T30]  ? down_read+0xc9/0x330
[  360.764550][   T30]  ? __pfx_down_read+0x10/0x10
[  360.779559][   T30]  ? netlink_deliver_tap+0x1ae/0xd30
[  360.801310][   T30]  genl_rcv+0x28/0x40
[  360.808160][   T30]  netlink_unicast+0x53c/0x7f0
[  360.837680][   T30]  ? __pfx_netlink_unicast+0x10/0x10
[  360.873464][   T30]  ? __phys_addr_symbol+0x30/0x80
[  360.903634][   T30]  ? __check_object_size+0x488/0x710
[  360.934285][   T30]  netlink_sendmsg+0x8b8/0xd70
[  360.941702][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  360.957622][   T30]  ____sys_sendmsg+0xaaf/0xc90
[  360.971288][   T30]  ? copy_msghdr_from_user+0x10b/0x160
[  360.988659][   T30]  ? __pfx_____sys_sendmsg+0x10/0x10
[  361.006936][   T30]  ___sys_sendmsg+0x135/0x1e0
[  361.012706][   T30]  ? __pfx____sys_sendmsg+0x10/0x10
[  361.025159][   T30]  ? __pfx_lock_release+0x10/0x10
[  361.031396][   T30]  ? trace_lock_acquire+0x14e/0x1f0
[  361.039222][   T30]  ? __fget_files+0x206/0x3a0
[  361.045191][   T30]  __sys_sendmsg+0x16e/0x220
[  361.050811][   T30]  ? __pfx___sys_sendmsg+0x10/0x10
[  361.057178][   T30]  ? __x64_sys_futex+0x1e1/0x4c0
[  361.063235][   T30]  do_syscall_64+0xcd/0x250
[  361.068847][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  361.076112][   T30] RIP: 0033:0x7fda85f8d169
[  361.082253][   T30] RSP: 002b:00007fda86d9f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  361.092609][   T30] RAX: ffffffffffffffda RBX: 00007fda861a5fa0 RCX: 00007fda85f8d169
[  361.102416][   T30] RDX: 0000000000000810 RSI: 0000400000002640 RDI: 000000000000000c
[  361.112143][   T30] RBP: 00007fda8600e2a0 R08: 0000000000000000 R09: 0000000000000000
[  361.121910][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  361.133232][   T30] R13: 0000000000000000 R14: 00007fda861a5fa0 R15: 00007fff795d6ff8
[  361.143168][   T30]  </TASK>
[  361.147901][   T30] 
[  361.147901][   T30] Showing all locks held in the system:
[  361.167399][   T30] 2 locks held by kworker/u8:1/12:
[  361.173795][   T30]  #0: ffff88801e30e948 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0
[  361.195375][   T30]  #1: ffffc90000117d18 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0
[  361.209659][   T30] 1 lock held by khungtaskd/30:
[  361.215809][   T30]  #0: ffffffff8e1bd0c0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x7f/0x390
[  361.236494][   T30] 2 locks held by kworker/u8:8/2913:
[  361.254147][   T30] 2 locks held by kworker/u9:1/5149:
[  361.265252][   T30]  #0: ffff888025bed948 ((wq_completion)nbd0-recv){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0
[  361.292993][   T30]  #1: ffffc9000e397d18 ((work_completion)(&args->work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0
[  361.320833][   T30] 2 locks held by syz.0.225/6906:
[  361.333982][   T30]  #0: ffffffff8ff9a7b0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  361.361777][   T30]  #1: ffffffff8e5c03a8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40
[  361.394016][   T30] 2 locks held by kworker/u8:33/7996:
[  361.400635][   T30]  #0: ffff88801e30e948 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0
[  361.442033][   T30]  #1: ffffc9000442fd18 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0
[  361.466495][   T30] 2 locks held by syz.2.479/8058:
[  361.482789][   T30]  #0: ffffffff8ff9a7b0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  361.503671][   T30]  #1: ffffffff8e5c03a8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x694/0xbe0
[  361.533969][   T30] 5 locks held by kworker/u8:35/8111:
[  361.549111][   T30]  #0: ffff88801bef5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0
[  361.582144][   T30]  #1: ffffc90003eafd18 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0
[  361.603939][   T30]  #2: ffffffff8fee3d10 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xb30
[  361.625647][   T30]  #3: ffffffff8fef9a28 (rtnl_mutex){+.+.}-{4:4}, at: cleanup_net+0x512/0xb30
[  361.653996][   T30]  #4: ffffffff8e1c8538 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x282/0x3b0
[  361.674013][   T30] 2 locks held by syz-executor/8270:
[  361.690632][   T30]  #0: ffff888090ae40e0 (&type->s_umount_key#49){++++}-{4:4}, at: deactivate_super+0xd6/0x100
[  361.717084][   T30]  #1: ffffffff8e5c03a8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0
[  361.743948][   T30] 2 locks held by syz.1.675/9036:
[  361.754875][   T30]  #0: ffff88807b5c20e0 (&type->s_umount_key#48/1){+.+.}-{4:4}, at: alloc_super+0x23d/0xbd0
[  361.783963][   T30]  #1: ffffffff8e5c03a8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0
[  361.816334][   T30] 2 locks held by syz-executor/9180:
[  361.822722][   T30]  #0: ffff8880618980e0 (&type->s_umount_key#49){++++}-{4:4}, at: deactivate_super+0xd6/0x100
[  361.854034][   T30]  #1: ffffffff8e5c03a8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0
[  361.883925][   T30] 2 locks held by getty/9536:
[  361.889749][   T30]  #0: ffff8880353c00a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  361.922540][   T30]  #1: ffffc900035512f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0xfba/0x1480
[  361.943943][   T30] 4 locks held by syz.4.963/10307:
[  361.950196][   T30] 2 locks held by syz.3.975/10355:
[  361.960316][   T30]  #0: ffffffff8fee3d10 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0
[  361.992150][   T30]  #1: ffffffff8fef9a28 (rtnl_mutex){+.+.}-{4:4}, at: setup_net+0x40b/0x860
[  362.013513][   T30] 2 locks held by syz.7.977/10358:
[  362.019938][   T30]  #0: ffffffff8fee3d10 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0
[  362.050274][   T30]  #1: ffffffff8fef9a28 (rtnl_mutex){+.+.}-{4:4}, at: ip_tunnel_init_net+0x218/0x790
[  362.066201][   T30] 
[  362.080692][   T30] =============================================
[  362.080692][   T30] 
[  362.146784][   T30] NMI backtrace for cpu 0
[  362.146801][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[  362.146828][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  362.146841][   T30] Call Trace:
[  362.146847][   T30]  <TASK>
[  362.146856][   T30]  dump_stack_lvl+0x116/0x1f0
[  362.146891][   T30]  nmi_cpu_backtrace+0x27b/0x390
[  362.146917][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  362.146949][   T30]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[  362.146976][   T30]  watchdog+0xf62/0x12b0
[  362.147014][   T30]  ? __pfx_watchdog+0x10/0x10
[  362.147044][   T30]  ? lockdep_hardirqs_on+0x7c/0x110
[  362.147075][   T30]  ? __kthread_parkme+0x148/0x220
[  362.147100][   T30]  ? __pfx_watchdog+0x10/0x10
[  362.147133][   T30]  kthread+0x3af/0x750
[  362.147161][   T30]  ? __pfx_kthread+0x10/0x10
[  362.147194][   T30]  ? __pfx_kthread+0x10/0x10
[  362.147221][   T30]  ret_from_fork+0x45/0x80
[  362.147250][   T30]  ? __pfx_kthread+0x10/0x10
[  362.147278][   T30]  ret_from_fork_asm+0x1a/0x30
[  362.147317][   T30]  </TASK>
[  362.147325][   T30] Sending NMI from CPU 0 to CPUs 1:
[  362.286213][    C1] NMI backtrace for cpu 1
[  362.286242][    C1] CPU: 1 UID: 0 PID: 6213 Comm: kworker/u8:16 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[  362.286266][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  362.286279][    C1] Workqueue: bat_events batadv_nc_worker
[  362.286310][    C1] RIP: 0010:rcu_is_watching+0xd/0xc0
[  362.286334][    C1] Code: 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 53 65 ff 05 3b 44 64 7e <e8> 8e c6 b5 09 48 c7 c3 28 7c 03 00 83 f8 07 89 c5 0f 87 82 00 00
[  362.286353][    C1] RSP: 0000:ffffc9000bc979c0 EFLAGS: 00000283
[  362.286368][    C1] RAX: 0000000000000001 RBX: 1ffff92001792f3d RCX: ffffffff8196b2b9
[  362.286381][    C1] RDX: fffffbfff20c5043 RSI: 0000000000000008 RDI: ffffffff90628210
[  362.286395][    C1] RBP: 0000000000000001 R08: 0000000000000000 R09: fffffbfff20c5042
[  362.286406][    C1] R10: ffffffff90628217 R11: 0000000000000002 R12: ffff88806501ded8
[  362.286420][    C1] R13: ffff88806501dec0 R14: 0000000000000000 R15: ffff888034056d00
[  362.286432][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  362.286451][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  362.286465][    C1] CR2: 0000000003bff000 CR3: 0000000090dfa000 CR4: 00000000003526f0
[  362.286477][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  362.286489][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  362.286501][    C1] Call Trace:
[  362.286508][    C1]  <NMI>
[  362.286515][    C1]  ? nmi_cpu_backtrace+0x1d8/0x390
[  362.286537][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  362.286562][    C1]  ? nmi_handle+0x1ac/0x5d0
[  362.286589][    C1]  ? rcu_is_watching+0xd/0xc0
[  362.286608][    C1]  ? default_do_nmi+0x6a/0x160
[  362.286633][    C1]  ? exc_nmi+0x170/0x1e0
[  362.286651][    C1]  ? end_repeat_nmi+0xf/0x53
[  362.286681][    C1]  ? lock_release+0xa9/0x6f0
[  362.286707][    C1]  ? rcu_is_watching+0xd/0xc0
[  362.286727][    C1]  ? rcu_is_watching+0xd/0xc0
[  362.286747][    C1]  ? rcu_is_watching+0xd/0xc0
[  362.286767][    C1]  </NMI>
[  362.286772][    C1]  <TASK>
[  362.286779][    C1]  lock_release+0x4e2/0x6f0
[  362.286803][    C1]  ? batadv_nc_purge_paths+0x1c6/0x390
[  362.286829][    C1]  ? __pfx_lock_release+0x10/0x10
[  362.286854][    C1]  ? do_raw_spin_lock+0x12d/0x2c0
[  362.286872][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  362.286891][    C1]  ? lock_acquire+0x2f/0xb0
[  362.286914][    C1]  ? batadv_nc_purge_paths+0xca/0x390
[  362.286941][    C1]  ? __pfx_batadv_nc_to_purge_nc_path_coding+0x10/0x10
[  362.286970][    C1]  _raw_spin_unlock_bh+0x16/0x30
[  362.286991][    C1]  batadv_nc_purge_paths+0x1c6/0x390
[  362.287021][    C1]  batadv_nc_worker+0x913/0x1060
[  362.287051][    C1]  ? __pfx_batadv_nc_worker+0x10/0x10
[  362.287077][    C1]  ? rcu_is_watching+0x12/0xc0
[  362.287097][    C1]  ? trace_lock_acquire+0x14e/0x1f0
[  362.287118][    C1]  ? process_one_work+0x921/0x1ba0
[  362.287143][    C1]  ? lock_acquire+0x2f/0xb0
[  362.287167][    C1]  ? process_one_work+0x921/0x1ba0
[  362.287193][    C1]  process_one_work+0x9c5/0x1ba0
[  362.287221][    C1]  ? __pfx_cfg80211_wiphy_work+0x10/0x10
[  362.287248][    C1]  ? __pfx_process_one_work+0x10/0x10
[  362.287277][    C1]  ? assign_work+0x1a0/0x250
[  362.287300][    C1]  worker_thread+0x6c8/0xf00
[  362.287329][    C1]  ? __pfx_worker_thread+0x10/0x10
[  362.287354][    C1]  kthread+0x3af/0x750
[  362.287376][    C1]  ? __pfx_kthread+0x10/0x10
[  362.287397][    C1]  ? lock_acquire+0x2f/0xb0
[  362.287424][    C1]  ? __pfx_kthread+0x10/0x10
[  362.287446][    C1]  ret_from_fork+0x45/0x80
[  362.287470][    C1]  ? __pfx_kthread+0x10/0x10
[  362.287491][    C1]  ret_from_fork_asm+0x1a/0x30
[  362.287518][    C1]  </TASK>
[  362.313406][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  362.313425][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[  362.313452][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  362.313467][   T30] Call Trace:
[  362.313474][   T30]  <TASK>
[  362.313484][   T30]  dump_stack_lvl+0x3d/0x1f0
[  362.313520][   T30]  panic+0x71d/0x800
[  362.313546][   T30]  ? __pfx_panic+0x10/0x10
[  362.313569][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  362.313601][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  362.313630][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  362.313661][   T30]  ? watchdog+0xdcc/0x12b0
[  362.313692][   T30]  ? watchdog+0xdbf/0x12b0
[  362.313768][   T30]  watchdog+0xddd/0x12b0
[  362.313805][   T30]  ? __pfx_watchdog+0x10/0x10
[  362.313835][   T30]  ? lockdep_hardirqs_on+0x7c/0x110
[  362.313865][   T30]  ? __kthread_parkme+0x148/0x220
[  362.313893][   T30]  ? __pfx_watchdog+0x10/0x10
[  362.313926][   T30]  kthread+0x3af/0x750
[  362.313953][   T30]  ? __pfx_kthread+0x10/0x10
[  362.313985][   T30]  ? __pfx_kthread+0x10/0x10
[  362.314011][   T30]  ret_from_fork+0x45/0x80
[  362.314039][   T30]  ? __pfx_kthread+0x10/0x10
[  362.314066][   T30]  ret_from_fork_asm+0x1a/0x30
[  362.314102][   T30]  </TASK>
[  362.870927][   T30] Kernel Offset: disabled
[  362.876087][   T30] Rebooting in 86400 seconds..