last executing test programs:

11m0.677523655s ago: executing program 0 (id=1393):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL802154_CMD_SET_CCA_MODE(0xffffffffffffffff, 0x0, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x3, 0x6)
r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="f0020000", @ANYRES16=r0, @ANYBLOB="01002dbd7000fedbdf2505000000da0203800800c000e000000204002a000400110008002e00", @ANYRES32, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b32dd7c33b14cc842bc1e2a5da4203e64ceaa9db5223aa655b6313c011b3e73a75f1aa1f7b2ea43344b15bd494886e355cf6d92c8fe670a42bc677830013e9c4aa4fa30c3e6630bf0ed13206d5a18f6813c6fb03466112aedf5d67bb5b99fe96a6dcd279916b0bce029925b63c48d41ca8a76e46c6014100005800c00c50003000000000000000c023680", @ANYRES32, @ANYBLOB="0800fb"], 0x2f0}, 0x1, 0x0, 0x0, 0x40000}, 0x50)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

11m0.447075936s ago: executing program 0 (id=1388):
socket(0x1e, 0x5, 0x0)
open(0x0, 0x201c2, 0x10e)
bpf$auto(0x6, 0xffffffffffffffff, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x1d, 0x2, 0x2)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4)
connect$auto(r0, 0x0, 0x75)
syz_genetlink_get_family_id$auto_batadv(0x0, r0)
socketpair$auto(0xfff, 0x5, 0x10, 0x0)
socket(0x15, 0x5, 0x0)
madvise$auto(0x1ffff000, 0x7, 0x100000000)
prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
pselect6$auto(0xffffffff, &(0x7f00000000c0)={[0x2, 0xfff, 0x6, 0xbda3, 0x0, 0x9, 0x5, 0xc7, 0x5, 0x400, 0x7, 0x3, 0x2, 0x7fffffff, 0x87d9, 0xa]}, &(0x7f0000000180)={[0x182, 0x9bbb, 0x0, 0x3, 0x58, 0xb5, 0x8, 0x400, 0x6, 0x4, 0x7ff, 0xa5, 0x2, 0x7de1, 0xed1b, 0x8c5]}, &(0x7f0000000200)={[0x8001, 0x0, 0x36d7, 0x39, 0x0, 0x7ff, 0x8, 0x7fffffff, 0x6, 0xe51d, 0x401, 0xffff, 0x95, 0x39d9eb, 0x8, 0x9]}, &(0x7f0000000280)={0xa}, 0x0)
keyctl$auto(0x8, 0xfffffffffffffffd, 0xffffffffffffffff, 0x5092, 0x2)
mknod$auto(0x0, 0xc9, 0xc8)
execve$auto(0x0, 0x0, 0x0)
mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2)
shmget$auto(0xa, 0x10563, 0x568d1af2)
madvise$auto(0x400000, 0xffffffffffff0004, 0x19)
io_uring_setup$auto(0x5, 0x0)
shmat$auto(0x0, 0x0, 0xfffffffa)
mremap$auto(0x0, 0x4, 0x3fd6, 0x3, 0x20000000)

10m59.934233999s ago: executing program 0 (id=1392):
r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/bonding/bond0\x00', 0x60200, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/dummy0/addr_gen_mode\x00', 0x1, 0x0)
write$auto(0x3, 0x0, 0xfffffdef)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff)
r3 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000200)='/dev/mtd0\x00', 0x42000, 0x0)
ioctl$auto_mtd_fops_mtdchar(r3, 0x9, &(0x7f0000000240)="7f213f3385662ec89e63b4c28af70399d6490c9b5c54a4e5fbacb0c93857f4f9c441d8ea03b0bd1ea39f456ee2b8482c2ad35923357d682a03b21c4e0ed4c4b8241a6b45a0ec624f0756f4bdd60ca4ae9bc2c2fd0c37471b5cf096857dfacaa1d87484039060fd06bb7522664888668c729826d511ee308f3dfb89010d740ff744baf9eeee7522f6ca67cba1dbe3a1c332a786deaf94cdffe859c2")
r4 = syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000080), r1)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETPOLICY(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000580)={0x1c, r6, 0x301, 0x70b52c, 0x25dfdbfb, {}, [@CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x17}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4019}, 0x0)
r7 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000080), r5)
sendmsg$auto_MACSEC_CMD_UPD_TXSA(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000005c0)={0x1c, r7, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@MACSEC_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4008000}, 0x400c8d4)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x801, 0x84)
socket$nl_generic(0x10, 0x3, 0x10)
pwrite64$auto(0xc8, &(0x7f0000000000)='\vX5n\x91p\xe6\x1eRN8\x99\b\xff\x05\x00J\x99\x00:\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf82\xe0Q8\x0e\x94\x1e\xd37?\x9ef\x15\x02l@\x18*\xc0\xc1\xf2\x14_\x1cC\x8a\v\x00\x00\x00\x00\x00\x00\x00X\xb9_\xdd*\xd1\x14^\xbe\xa2\x00\x00\x00\x00\x00\x00', 0x10, 0x3)
socket(0xa, 0x801, 0x84)
getsockopt$auto(0x6, 0x84, 0x81, 0x0, &(0x7f0000000000)=0x10000)
io_setup$auto(0x2988, &(0x7f00000001c0)=0x4)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0xa, 0x2, 0x73)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
socket(0x2, 0x80002, 0x73)
connect$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x4e21, @multicast2}, 0x55)
sendmsg$auto_IEEE802154_LLSEC_LIST_KEY(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r4, 0x100, 0x70bd26, 0x25dfdbfd, {}, [@IEEE802154_ATTR_COORD_PAN_ID={0x6, 0xa, 0xf31}, @IEEE802154_ATTR_CHANNELS={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x5}, 0x8000)
sendmsg$auto_NBD_CMD_CONNECT(r1, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f00000000c0)={0x30, r2, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [@nested={0xc, 0x1, 0x0, 0x1, [@nested={0x8, 0x1, 0x0, 0x1, [@generic='\x00\x00\x00\x00']}]}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x5}]}, 0x30}, 0x1, 0x0, 0x0, 0x4}, 0x8880)
read$auto_proc_iter_file_ops_compat_inode(r0, &(0x7f00000004c0)=""/4096, 0x1000)

10m59.033954544s ago: executing program 0 (id=1401):
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000)
sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4008810}, 0x2000c041)
r0 = socket(0x2, 0x1, 0x0)
fcntl$auto(0xffffffffffffffff, 0x401, 0x5)
syz_genetlink_get_family_id$auto_ovs_meter(0x0, 0xffffffffffffffff)
bind$auto(0xffffffffffffffff, 0x0, 0x68)
sendmsg$auto_OVS_METER_CMD_SET(0xffffffffffffffff, &(0x7f0000003240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc0}, 0x40)
r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000100), r0)
sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, r1, 0x1, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x8040)
setsockopt$auto(0xffffffffffffffff, 0x4, 0x8001, 0x0, 0x2)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x3, 0xdf, 0x91, 0xfff, 0x8001)
mbind$auto(0x200000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
madvise$auto(0x0, 0xffffffffffff0001, 0x17)
mmap$auto(0x6, 0x100, 0xdf, 0x9b7e, 0x2, 0x7ffd)
setsockopt$auto(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)

10m58.451546173s ago: executing program 0 (id=1404):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000e40)='/sys/devices/pci0000:00/0000:00:01.3/config\x00', 0x2, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x7, 0xe986, 0xdf, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x1, 0x0)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6)
mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000)
tkill$auto(0x1, 0x7)
r1 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x0)
mmap$auto(0x0, 0x8, 0x1000000004, 0x8b72, 0x2, 0x8000)
r2 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0)
ioctl$auto_DMA_HEAP_IOCTL_ALLOC(r2, 0x400454a4, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x6, 0x9b3, 0x6, 0x18, 0xfffffffffffffffb, 0x0)
syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_NETDEV_CMD_NAPI_SET(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYRES8=r0], 0x1c}, 0x1, 0x0, 0x0, 0x20008040}, 0x20000004)

10m57.885397269s ago: executing program 0 (id=1408):
openat$auto_virtual_ncidev_fops_virtual_ncidev(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
read$auto(0x3, 0x0, 0x80)
wait4$auto(0xfffffffffffffffb, 0x0, 0x2, 0xfffffffffffffffc)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_TIPC_NL_NODE_GET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB='%&\x00'/14], 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x50)
r1 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$auto_USB_RAW_IOCTL_EP_CLEAR_HALT(r1, 0x4004550e, 0x0)
syz_genetlink_get_family_id$auto_macsec(&(0x7f0000001fc0), r0)
r2 = syz_genetlink_get_family_id$auto_ila(&(0x7f00000022c0), r0)
sendmsg$auto_ILA_CMD_DEL(r0, &(0x7f0000002380)={0x0, 0x0, &(0x7f0000002340)={&(0x7f0000000100)=ANY=[@ANYBLOB="06dd389b00b5ed64bf2921aeb13e38dde956185fba91b60000000000000006f98faccca02f8b64efa961abcd94d03bc4702278b693f1529a851ba413058fee3eb4fb4309cb99ea8c4839c6cf70adf0fc07b3a81e075827fe317d90bfac8b448875162bd423693c69c589b16112a0519ea06af5ce68c8", @ANYRES16=r2, @ANYBLOB="010027bd7000fedbdf25020000000c0001000900000000000000"], 0x20}, 0x1, 0x0, 0x0, 0xc811}, 0x20000000)
socket(0xa, 0x2, 0x73)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
socket(0x2, 0x80002, 0x73)
socket$nl_generic(0x10, 0x3, 0x10)
iopl$auto(0x3)
recvmmsg$auto(0x4, 0x0, 0x0, 0xe, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
mq_open$auto(&(0x7f00000000c0)='\xff)-\\&[}\x00\x8b\xa5\x1f\x04< rU\xcf<,!\xc1\xa7\xcb\xedB\x1a\xc3P@V\xbbO\x86\xe6\x92}q\x92\x12\xff\x8a\xa1(\xa2\xc4Y\x88\tc<d\xd5N\x1az\xc2o\xf5b\xe4\x17\x16@\xa0dr\x15\x85\xad\x855\x90e\x96\a\xd1:&l\xcd1\xf1N\x11\xe4\xe97V\t\x93\x8f\xd2\x8e\xd9V\xf4\xe4p\xa7\a\xf9\xcf\x1c\xce\xf9\x0ff\xc2\xef\xe4\xb2\xf3\xc9\x0e\xc8\xac\xed\x16^VO\xb2}\x9e\x04\x8b\\\x92\xc18\x978h+s\x8a\xd9\t\xf1\t\xb7\xb8\xd9\rD+W\x98k\x1b\x9d\x1b\xde{H0\x0f\xdf\x9a\x7f\xde\xe9\xdc\xb8\xa3\x9cu^\x14s\x16\xd7\xaf\xda{\x1fO\xb3\xd3\x94\'C\a\xc1\xe8\x80\x1b\x8c\xbb\x7f\xa1\x9b\x93\n\xdeb\xa7\"qs\xd7\x97\x1f\x1b\xd7\x8aS5\n\x1c\xc7\x8a\xc0\xe9\x85\x80\aO\xb7e\xe1\xf3\xff\xca\x80\x17:\xaa3\xe7\xd4iJ\xc6\xd1\x902\xe1\x82W\x82N$D\xb7#Y<C\t\xad\x98\x03\xc9Da:\x8c\x05\xda4\x9b\x8eU$\x05^\x9e \x0fv!\a?\x88\v\xadu\x03\x15>', 0xde8, 0xf, 0x0)
mq_getsetattr$auto(0x0, &(0x7f0000000000)={0x0, 0x2, 0x7fff}, 0x0)

10m57.602727354s ago: executing program 32 (id=1408):
openat$auto_virtual_ncidev_fops_virtual_ncidev(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
read$auto(0x3, 0x0, 0x80)
wait4$auto(0xfffffffffffffffb, 0x0, 0x2, 0xfffffffffffffffc)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_TIPC_NL_NODE_GET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB='%&\x00'/14], 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x50)
r1 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$auto_USB_RAW_IOCTL_EP_CLEAR_HALT(r1, 0x4004550e, 0x0)
syz_genetlink_get_family_id$auto_macsec(&(0x7f0000001fc0), r0)
r2 = syz_genetlink_get_family_id$auto_ila(&(0x7f00000022c0), r0)
sendmsg$auto_ILA_CMD_DEL(r0, &(0x7f0000002380)={0x0, 0x0, &(0x7f0000002340)={&(0x7f0000000100)=ANY=[@ANYBLOB="06dd389b00b5ed64bf2921aeb13e38dde956185fba91b60000000000000006f98faccca02f8b64efa961abcd94d03bc4702278b693f1529a851ba413058fee3eb4fb4309cb99ea8c4839c6cf70adf0fc07b3a81e075827fe317d90bfac8b448875162bd423693c69c589b16112a0519ea06af5ce68c8", @ANYRES16=r2, @ANYBLOB="010027bd7000fedbdf25020000000c0001000900000000000000"], 0x20}, 0x1, 0x0, 0x0, 0xc811}, 0x20000000)
socket(0xa, 0x2, 0x73)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
socket(0x2, 0x80002, 0x73)
socket$nl_generic(0x10, 0x3, 0x10)
iopl$auto(0x3)
recvmmsg$auto(0x4, 0x0, 0x0, 0xe, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
mq_open$auto(&(0x7f00000000c0)='\xff)-\\&[}\x00\x8b\xa5\x1f\x04< rU\xcf<,!\xc1\xa7\xcb\xedB\x1a\xc3P@V\xbbO\x86\xe6\x92}q\x92\x12\xff\x8a\xa1(\xa2\xc4Y\x88\tc<d\xd5N\x1az\xc2o\xf5b\xe4\x17\x16@\xa0dr\x15\x85\xad\x855\x90e\x96\a\xd1:&l\xcd1\xf1N\x11\xe4\xe97V\t\x93\x8f\xd2\x8e\xd9V\xf4\xe4p\xa7\a\xf9\xcf\x1c\xce\xf9\x0ff\xc2\xef\xe4\xb2\xf3\xc9\x0e\xc8\xac\xed\x16^VO\xb2}\x9e\x04\x8b\\\x92\xc18\x978h+s\x8a\xd9\t\xf1\t\xb7\xb8\xd9\rD+W\x98k\x1b\x9d\x1b\xde{H0\x0f\xdf\x9a\x7f\xde\xe9\xdc\xb8\xa3\x9cu^\x14s\x16\xd7\xaf\xda{\x1fO\xb3\xd3\x94\'C\a\xc1\xe8\x80\x1b\x8c\xbb\x7f\xa1\x9b\x93\n\xdeb\xa7\"qs\xd7\x97\x1f\x1b\xd7\x8aS5\n\x1c\xc7\x8a\xc0\xe9\x85\x80\aO\xb7e\xe1\xf3\xff\xca\x80\x17:\xaa3\xe7\xd4iJ\xc6\xd1\x902\xe1\x82W\x82N$D\xb7#Y<C\t\xad\x98\x03\xc9Da:\x8c\x05\xda4\x9b\x8eU$\x05^\x9e \x0fv!\a?\x88\v\xadu\x03\x15>', 0xde8, 0xf, 0x0)
mq_getsetattr$auto(0x0, &(0x7f0000000000)={0x0, 0x2, 0x7fff}, 0x0)

8m15.836429224s ago: executing program 2 (id=2403):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x4)
socket(0x10, 0x3, 0x6)
r0 = socket(0x10, 0x2, 0x4)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="f0020000", @ANYRES16=r1, @ANYBLOB="01002dbd7000fedbdf2505000000da0203800800c000e000000204002a000400110008002e00", @ANYRES32, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b32dd7c33b14cc842bc1e2a5da4203e64ceaa9db5223aa655b6313c011b3e73a75f1aa1f7b2ea43344b15bd494886e355cf6d92c8fe670a42bc677830013e9c4aa4fa30c3e6630bf0ed13206d5a18f6813c6fb03466112aedf5d67bb5b99fe96a6dcd279916b0bce029925b63c48d41ca8a76e46c6014100005800c00c50003000000000000000c02368008027a8087010c800800e800", @ANYRES32=r0, @ANYRES32], 0x2f0}, 0x1, 0x0, 0x0, 0x40000}, 0x50)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

8m15.40390303s ago: executing program 2 (id=2405):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x401, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0xa, 0x2, 0x73)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
socket(0x2, 0x80002, 0x73)
connect$auto(0x3, 0x0, 0x55)
r1 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)={0x44, r1, 0x1b, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x14, 0x3, 0x0, 0x1, [@nested={0x10, 0x14, 0x0, 0x1, [@typed={0xc, 0x8, 0x0, 0x0, @u64=0xd6}]}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f1779048590828847"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)

8m15.196348883s ago: executing program 2 (id=2407):
mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x4, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffff004, 0x2)
r0 = socket(0xa, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0xa, 0x2, 0x88)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bond0\x00', <r3=>0x0})
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r3, r2, 0x8, 0xff, r1, @relative_fd, 0xe600}, 0xf)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x1f00, 0x3}, 0xc)
readv$auto(0x0, &(0x7f0000000080)={0x0, 0x9}, 0x3)

8m14.039117134s ago: executing program 2 (id=2412):
bpf$auto(0x14, 0xffffffffffffffff, 0x0)
r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r3=>0x0})
sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x24, r0, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r3}, @NL80211_ATTR_WIPHY_ANTENNA_TX={0x8, 0x69, 0x10000}]}, 0x24}, 0x1, 0x0, 0x0, 0x20040010}, 0x20000084)

8m13.892272998s ago: executing program 2 (id=2413):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x4)
socket(0x10, 0x3, 0x6)
r0 = socket(0x10, 0x2, 0x4)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="f0020000", @ANYRES16=r1, @ANYBLOB="01002dbd7000fedbdf2505000000da0203800800c000e000000204002a000400110008002e00", @ANYRES32, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b32dd7c33b14cc842bc1e2a5da4203e64ceaa9db5223aa655b6313c011b3e73a75f1aa1f7b2ea43344b15bd494886e355cf6d92c8fe670a42bc677830013e9c4aa4fa30c3e6630bf0ed13206d5a18f6813c6fb03466112aedf5d67bb5b99fe96a6dcd279916b0bce029925b63c48d41ca8a76e46c6014100005800c00c50003000000000000000c02368008027a8087010c800800e800", @ANYRES32=r0, @ANYRES32], 0x2f0}, 0x1, 0x0, 0x0, 0x40000}, 0x50)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

8m13.400205084s ago: executing program 2 (id=2416):
r0 = socket(0xa, 0x3, 0x73) (async)
set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
clone$auto(0x81000005, 0x6, 0xfffffffffffffffd, 0xffffffffffffffff, 0x80000001) (async)
move_pages$auto(0x0, 0x10000000000d0, 0x0, &(0x7f0000001140), 0x0, 0x2) (async)
setsockopt$auto(0x400000000000003, 0x29, 0x7, 0x0, 0x401)
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) (async)
socket(0x1d, 0x2, 0x2) (async)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/arp_missed_max\x00', 0x701, 0x0) (async, rerun: 32)
mprotect$auto(0x1ffff000, 0x8000000000000004, 0xd) (async, rerun: 32)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x121040, 0x0) (async)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/rose6/statistics/tx_window_errors\x00', 0x0, 0x0)
read$auto(r1, 0x0, 0x8000) (async)
r2 = openat$auto_tracing_mark_raw_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/trace_marker_raw\x00', 0xc05, 0x0)
write$auto_tracing_mark_raw_fops_trace(r2, 0x0, 0x10)
connect$auto(r0, 0x0, 0x54) (async)
connect$auto(0x3, 0x0, 0x55) (async)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
setrlimit$auto(0x1000000007, 0x0)
madvise$auto(0x0, 0x23, 0x18) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_SET_COALESCE(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000000c0)=ANY=[@ANYBLOB="00f953e917c6356a3b10bb76031289973d524ce1237f1eda0210c3f1708e1c06db29704453e6b65e300017f1c3617a7ba96e9f72d5e4a829c58f15dc0b638070ae2a2d4ff9a513a95d5ca187a77cc535d550994a67c5ceade08162e62516df59451467fea66ed35051fc464199a2e64c502b43d763d20f6c910842", @ANYRES16=r4, @ANYBLOB="090c27bd7000fcdbdf25650000000c0099000100000000000000"], 0x20}, 0x1, 0x0, 0x0, 0x8001}, 0x10) (async)
ioperm$auto(0x3, 0x6, 0x5)
fsconfig$auto(0x6, 0x2, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x7fffffffffffffff) (async, rerun: 32)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/ati_remote2/parameters/channel_mask\x00', 0x1e1842, 0x0) (async, rerun: 32)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91)

7m58.242552627s ago: executing program 33 (id=2416):
r0 = socket(0xa, 0x3, 0x73) (async)
set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
clone$auto(0x81000005, 0x6, 0xfffffffffffffffd, 0xffffffffffffffff, 0x80000001) (async)
move_pages$auto(0x0, 0x10000000000d0, 0x0, &(0x7f0000001140), 0x0, 0x2) (async)
setsockopt$auto(0x400000000000003, 0x29, 0x7, 0x0, 0x401)
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) (async)
socket(0x1d, 0x2, 0x2) (async)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/arp_missed_max\x00', 0x701, 0x0) (async, rerun: 32)
mprotect$auto(0x1ffff000, 0x8000000000000004, 0xd) (async, rerun: 32)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x121040, 0x0) (async)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/rose6/statistics/tx_window_errors\x00', 0x0, 0x0)
read$auto(r1, 0x0, 0x8000) (async)
r2 = openat$auto_tracing_mark_raw_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/trace_marker_raw\x00', 0xc05, 0x0)
write$auto_tracing_mark_raw_fops_trace(r2, 0x0, 0x10)
connect$auto(r0, 0x0, 0x54) (async)
connect$auto(0x3, 0x0, 0x55) (async)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
setrlimit$auto(0x1000000007, 0x0)
madvise$auto(0x0, 0x23, 0x18) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_SET_COALESCE(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000000c0)=ANY=[@ANYBLOB="00f953e917c6356a3b10bb76031289973d524ce1237f1eda0210c3f1708e1c06db29704453e6b65e300017f1c3617a7ba96e9f72d5e4a829c58f15dc0b638070ae2a2d4ff9a513a95d5ca187a77cc535d550994a67c5ceade08162e62516df59451467fea66ed35051fc464199a2e64c502b43d763d20f6c910842", @ANYRES16=r4, @ANYBLOB="090c27bd7000fcdbdf25650000000c0099000100000000000000"], 0x20}, 0x1, 0x0, 0x0, 0x8001}, 0x10) (async)
ioperm$auto(0x3, 0x6, 0x5)
fsconfig$auto(0x6, 0x2, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x7fffffffffffffff) (async, rerun: 32)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/ati_remote2/parameters/channel_mask\x00', 0x1e1842, 0x0) (async, rerun: 32)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91)

6m47.714531161s ago: executing program 5 (id=2820):
socket(0xa, 0x2, 0x3a)
setsockopt$auto(0x400000000000003, 0x29, 0x37, 0xffffffffffffffff, 0x0)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x11, 0x3, 0x10)
madvise$auto(0x0, 0x20499d, 0x9)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
mmap$auto(0x3, 0x9, 0xce, 0x209b72, 0x5, 0x8000)
mmap$auto(0xf000, 0x8, 0x1000000003, 0x9b72, 0x2, 0x8000)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
move_pages$auto(r0, 0x1002, 0x0, 0x0, 0x0, 0x2)
mremap$auto(0xd5, 0x7, 0x3fd6, 0x0, 0x20000000)
ptrace$auto(0x58, 0x1ff, 0xfffffffffffffffa, 0x6)
mmap$auto(0x3, 0x40009, 0xdc, 0xa7d, 0x7, 0xffffffffffff4036)
ioctl$auto(0x4000000000000c8, 0x800454d3, 0x3)
mmap$auto(0x0, 0x20007, 0xffff, 0xeb1, 0x405, 0x8000)
mincore$auto(0xf0fb5fd, 0x9, &(0x7f0000000000)=')/[/#\x00')
socketpair$auto(0x1d, 0x2, 0x2, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x118)
socket(0x2, 0x1, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x4e3)
futex_wake$auto(&(0x7f0000000080), 0x8000000000000001, 0xd, 0xffffffff)
connect$auto(0x3, &(0x7f00000001c0), 0x55)
setsockopt$auto(0x3, 0x6, 0x17, 0x0, 0xfb3)
setsockopt$auto(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x4)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x800000, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)

6m41.579056945s ago: executing program 5 (id=2843):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
write$auto(0x3, 0x0, 0xfffffdec)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x0)
newfstatat$auto(0xffffffffffffffff, 0x0, &(0x7f0000000300)={0x100000000, 0x81e, 0x9, 0x8, 0xffffffffffffffff, 0x0, 0x0, 0x96, 0x8, 0xc556, 0x5, 0x8, 0x1000, 0x7f, 0x100, 0x4, 0xfffffffffffffff9}, 0x1)
syz_clone(0x800, &(0x7f0000000000)="0e26995ddb4b09362930a8a95c7969a14edb4e266fec87b3d79b323c717a739404550164022016b3304aff0f9e01135df5ed2bd8cace1abad33aa05e11abd37a1baf17812ec4b520a89c76c38505435baf297922c53c903fccd096fef361e35c2f7fbdd36ad3cafcbfdb9e1af7f194e0bff26dd46a0ddab5f862acd49006315c4d2b", 0x82, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)="b73dff79066def4ef297812f8049e6b89979f6d89cb5a0f52fd52432c9e047e5d14bc7ce17b437f1e644396f1b29cf80025e572748cb241d35e760780df7e72d4b74485efca818f0dd31eeb81570454dba0c9f1e2851bf956e500fb1ba6c30c2a6e2683e966813ef0df01c8add229f23755d6ccc8ea384eb6943443d6acfd04271d4c1804c3edb0add4f566508c40cf9d8a4a2f8878de7c817cc4b723070b6448d7938cabb379cade1f3363b")
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x22000, 0x0)
openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy0/netdev:wlan0/active_links\x00', 0x2080, 0x0)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_proc_pid_set_timerslack_ns_operations_base(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
lseek$auto(0x3, 0x7ffffffffffffffd, 0x0)

6m27.18725081s ago: executing program 5 (id=2886):
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
syz_genetlink_get_family_id$auto_nbd(0x0, 0xffffffffffffffff)
openat$auto_split_huge_pages_fops_huge_memory(0xffffffffffffff9c, 0x0, 0x642, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x3f000000, 0xffffffffffff0005, 0x19)

6m14.600561844s ago: executing program 5 (id=2947):
mmap$auto(0x2, 0x40009, 0xdf, 0x9b76, 0x7, 0x28000)
creat$auto(&(0x7f0000000000)='./file0\x00', 0xf800)
sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, 0x0, 0x0)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="120027", @ANYBLOB='\x00'/10, @ANYRESOCT=r0, @ANYRESHEX=r0], 0x1ac}, 0x1, 0x0, 0x0, 0x894}, 0x40040)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r0)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000140)={&(0x7f0000000040), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, r2, 0x20, 0x70bd2c, 0x25dfdbfd, {}, [@NL80211_ATTR_MESH_ID={0x15, 0x18, "ef00b0fa6a347b01c18f59dab11cae60b7"}, @NL80211_ATTR_BG_SCAN_PERIOD={0x6, 0x98, 0xd}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000001}, 0x800)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x20009, 0x7fff, 0xeb1, 0x3fd, 0x8000)
arch_prctl$auto(0x1004, 0xe735)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)

6m6.099938615s ago: executing program 5 (id=2976):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x4)
socket(0x10, 0x3, 0x6)
r0 = socket(0x10, 0x2, 0x4)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="f0020000", @ANYRES16=r1, @ANYBLOB="01002dbd7000fedbdf2505000000da0203800800c000e000000204002a000400110008002e", @ANYRES32, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b32dd7c33b14cc842bc1e2a5da4203e64ceaa9db5223aa655b6313c011b3e73a75f1aa1f7b2ea43344b15bd494886e355cf6d92c8fe670a42bc677830013e9c4aa4fa30c3e6630bf0ed13206d5a18f6813c6fb03466112aedf5d67bb5b99fe9", @ANYRES32=r0, @ANYRES32], 0x2f0}, 0x1, 0x0, 0x0, 0x40000}, 0x50)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

5m53.869496647s ago: executing program 5 (id=3006):
r0 = openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, &(0x7f0000000000), 0x101200, 0x0)
mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = socket(0x2, 0x2, 0x1)
bind$auto(r1, &(0x7f0000000200)=@in={0x2, 0x0, @rand_addr=0x64010100}, 0x6f)
socket(0xb, 0x801, 0x80)
bind$auto(0x3, 0x0, 0x68)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080))
sendto$auto(0x3, 0x0, 0x4, 0x101, &(0x7f0000000000), 0x1f)
futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x4, 0x4}, 0x77, 0x0, 0x0, 0x62bd)
bpf$auto(0x0, &(0x7f0000000000)=@link_update={<r2=>0x2, @new_prog_fd=0x4, 0x7, @old_prog_fd=<r3=>0x8000}, 0xa3)
r4 = openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x408843, 0x0)
write$auto_console_fops_tty_io(r4, &(0x7f0000001240)='4', 0x1)
open(&(0x7f0000000140)='./file0\x00', 0x498000, 0x149)
r5 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r5, 0x0, 0x40000)
r6 = socket(0x10, 0x2, 0x0)
r7 = socket(0x1d, 0x2, 0x7fffffff)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=ANY=[@ANYRES16=r6, @ANYRES16=r2, @ANYBLOB='\nG['], 0x18}, 0x1, 0x0, 0x0, 0x64048001}, 0x94)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r7, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x4000000)
openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000003640)='/proc/self/numa_maps\x00', 0x40080, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r8 = socket(0x11, 0xa, 0x1000)
sync_file_range$auto(r3, 0x40ff, 0x8, 0x4)
openat$auto_stat_fops_(0xffffffffffffff9c, &(0x7f0000000080)='/proc/stat\x00', 0x10e80, 0x0)
ioctl$auto(r8, 0x2, 0x2)
read$auto_evm_xattr_ops_evm_secfs(r0, &(0x7f0000000040)=""/4096, 0x1000)
rseq$auto(&(0x7f0000000040)={0x10, 0x1, 0x800000000, 0x6, 0x80, 0x2}, 0x8000, 0x1, 0xf)
read$auto_evm_xattr_ops_evm_secfs(r0, 0x0, 0x0)

5m38.432917867s ago: executing program 34 (id=3006):
r0 = openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, &(0x7f0000000000), 0x101200, 0x0)
mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = socket(0x2, 0x2, 0x1)
bind$auto(r1, &(0x7f0000000200)=@in={0x2, 0x0, @rand_addr=0x64010100}, 0x6f)
socket(0xb, 0x801, 0x80)
bind$auto(0x3, 0x0, 0x68)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080))
sendto$auto(0x3, 0x0, 0x4, 0x101, &(0x7f0000000000), 0x1f)
futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x4, 0x4}, 0x77, 0x0, 0x0, 0x62bd)
bpf$auto(0x0, &(0x7f0000000000)=@link_update={<r2=>0x2, @new_prog_fd=0x4, 0x7, @old_prog_fd=<r3=>0x8000}, 0xa3)
r4 = openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x408843, 0x0)
write$auto_console_fops_tty_io(r4, &(0x7f0000001240)='4', 0x1)
open(&(0x7f0000000140)='./file0\x00', 0x498000, 0x149)
r5 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r5, 0x0, 0x40000)
r6 = socket(0x10, 0x2, 0x0)
r7 = socket(0x1d, 0x2, 0x7fffffff)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=ANY=[@ANYRES16=r6, @ANYRES16=r2, @ANYBLOB='\nG['], 0x18}, 0x1, 0x0, 0x0, 0x64048001}, 0x94)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r7, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x4000000)
openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000003640)='/proc/self/numa_maps\x00', 0x40080, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r8 = socket(0x11, 0xa, 0x1000)
sync_file_range$auto(r3, 0x40ff, 0x8, 0x4)
openat$auto_stat_fops_(0xffffffffffffff9c, &(0x7f0000000080)='/proc/stat\x00', 0x10e80, 0x0)
ioctl$auto(r8, 0x2, 0x2)
read$auto_evm_xattr_ops_evm_secfs(r0, &(0x7f0000000040)=""/4096, 0x1000)
rseq$auto(&(0x7f0000000040)={0x10, 0x1, 0x800000000, 0x6, 0x80, 0x2}, 0x8000, 0x1, 0xf)
read$auto_evm_xattr_ops_evm_secfs(r0, 0x0, 0x0)

3m15.092478602s ago: executing program 6 (id=3625):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_FRAME(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x8000)

3m12.582960652s ago: executing program 6 (id=3631):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2b, 0x1, 0x1)
socket(0xa, 0x801, 0x84)
socket(0xa, 0x2, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
r0 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x2001, 0x0)
write$auto(r0, 0x0, 0xfec)

3m10.229885462s ago: executing program 6 (id=3635):
mmap$auto(0x0, 0x20009, 0xdf, 0x80000010, 0x40000000000a5, 0xffffffff)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004)
madvise$auto(0x0, 0x2000040080000004, 0xe)
sendmsg$auto_NL802154_CMD_GET_SEC_LEVEL(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40084}, 0x40480c0)
syz_open_procfs$namespace(0xffffffffffffffff, 0x0)
mprotect$auto(0x110c230000, 0x3, 0x2)
munmap$auto(0x1000000, 0x2000000c)
madvise$auto(0x0, 0xffffffffffff0001, 0x9)
mlockall$auto(0x3)
setresuid$auto(0x0, 0x8, 0x8000)
munmap$auto(0xfffffffffffffff9, 0x6)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000200), r0)
sendmsg$auto_NBD_CMD_RECONFIGURE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000000200d307", @ANYRES16=r1, @ANYBLOB="01002abd7000fbdbdf2503000000"], 0x14}, 0x1, 0x0, 0x0, 0xe3e941e3b295e7b3}, 0x40014)
socket(0x2, 0x6, 0x0)
bind$auto(0x3, &(0x7f0000000080), 0x6b)
connect$auto(0x3, &(0x7f00000000c0), 0x55)
connect$auto(0x3, &(0x7f00000000c0), 0x55)
clone$auto(0x1002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9)
clone$auto(0x100000000, 0x1, 0x0, &(0x7f0000000040)=0xfffffffc, 0x37)
madvise$auto(0x1ffff000, 0x5510, 0x8)
mmap$auto(0x2, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x2020008, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
statmount$auto(0x0, 0x0, 0x1fe, 0x81)
bpf$auto(0x12, 0x0, 0xcf)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
io_uring_register$auto(0x2, 0x0, 0x0, 0x3)

3m3.865404479s ago: executing program 6 (id=3648):
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000040))
mmap$auto(0x3c3, 0x800000009, 0xffffffff, 0x800000000801d, 0x200003, 0x40)
ioctl$auto_SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, 0x0)
r1 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card1\x00', 0x0, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000002480)='/dev/midi2\x00', 0x2841, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x2, 0x0)
writev$auto(0x4, &(0x7f0000000080)={&(0x7f0000000040), 0x8}, 0x1)
r2 = socket(0x10, 0x2, 0x0)
sendfile$auto(0x1, r2, 0x0, 0x11a4)
sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=ANY=[@ANYBLOB="1b000000", @ANYBLOB="1a00279e"], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000380)='/sys/kernel/debug/usb/usbmon/32u\x00', 0x82000, 0x0)
ioctl$auto(r1, 0x64c6, 0x1de)
mmap$auto(0x0, 0x20009, 0x809, 0xeb1, 0x401, 0x80000000008000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0x1ac}}, 0x801)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r5=>0x0})
sendmsg$auto_NL80211_CMD_STOP_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010001f0777597032c8f2e96097c08000300", @ANYRES32=r5], 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x20040084)
r6 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmmsg$auto(r6, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x1e}, 0x7}, 0x3, 0x0)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x1, &(0x7f0000000080)={0xa3e, 0x40006, 0x9, 0xa, 0x0, 0x7, r1, [0x40000000, 0xa, 0x1000], {0x4, 0x6, 0x2, 0x7, 0x8, 0x8, 0x5fe, 0x7, 0xfffffffffffffff9}, {0x3b, 0x8, 0x7fffffff, 0x4, 0x3, 0x7f, 0x2, 0x9ed, 0x80000000000000d}})

3m0.746548889s ago: executing program 6 (id=3661):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003040), r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', <r3=>0x0})
sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(r0, &(0x7f0000003140)={0x0, 0x6000, &(0x7f0000003100)={&(0x7f0000003080)={0x30, r1, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@ETHTOOL_A_CHANNELS_COMBINED_COUNT={0x8, 0x9, 0x1}, @ETHTOOL_A_CHANNELS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}, @ETHTOOL_A_CHANNELS_OTHER_COUNT={0x8, 0x8, 0x6}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000004}, 0x20008800)

2m59.836590404s ago: executing program 3 (id=3664):
mmap$auto(0x0, 0x402000b, 0xdf, 0x10000000000eb1, 0x401, 0x8000)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/controlC1\x00', 0x81, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f0, 0x15)
madvise$auto(0x0, 0x200007, 0x19)
connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @hyper}, 0x55)
read$auto(0x3, 0x0, 0x7)
ioctl$auto(0x3, 0xc1485544, 0xb551)
socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x80, 0x0)
ioctl$auto_evdev_fops_evdev(r0, 0x80044501, 0x0)
setreuid$auto(0x0, 0xee00)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x3, 0x6)
bind$auto(0x3, &(0x7f0000000000)=@nl=@proc={0x10, 0x0, 0x25dfdbfb, 0x4000}, 0x68)
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030000020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a0005000000000000000000000000000a000100000000001d000000080004001000000008000300050000000a0001000000000000000000"], 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x40090)
msgctl$auto(0x5, 0x0, &(0x7f0000000300)={{0x4006, 0x0, 0xee01, 0x55, 0x10001, 0x101, 0x8}, &(0x7f0000000040)=0xe, &(0x7f0000000100)=0xd, 0x1, 0xffff, 0x5, 0x3, 0xc2cb, 0x200, 0x9, 0x8001, 0x2, 0x9})
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3)
mmap$auto(0x0, 0x4024008, 0xd9, 0x77, 0x401, 0x8000)

2m59.413268368s ago: executing program 6 (id=3666):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000048c0)='/dev/dsp1\x00', 0x20000, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000000)=0x1ff)
ioctl$auto_SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000004900)=0x40000)
openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000002f80), 0x2, 0x0)
socket(0x10, 0x2, 0xc)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff)
mremap$auto(0x4000, 0xb9, 0x13fd4, 0x3, 0xfffff000)
r1 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
ioctl$auto_PAGEMAP_SCAN(r1, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x6, 0x50b301a, 0xe4, 0x2c, 0x0, 0x2})

2m58.531877308s ago: executing program 3 (id=3670):
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
socketpair$auto(0x8, 0x5, 0x8000000000000000, 0x0)
r0 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, 0x0, 0x1541, 0x0)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x7, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
mmap$auto(0xfffffffffffffffe, 0xc, 0x9c0f, 0x44eb1, 0x10006, 0x45)
ioctl$auto__ctl_fops_dm_ioctl(r0, 0x4048aec9, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000)
clock_nanosleep$auto(0x2, 0x1000, 0x0, 0x0)

2m57.995775132s ago: executing program 3 (id=3671):
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x6, 0x8000)
r0 = socket(0x21, 0x2, 0x9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
fstat$auto(0x8, 0xfffffffffffffffd)
r1 = socket(0x2, 0x2, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22040, 0x75)
socket(0x5, 0x1, 0x7)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x9, 0x2, 0x8000000008011, 0x4, 0x0)
connect$auto(r1, &(0x7f0000000180)=@in={0x2, 0x0, @private=0xa010100}, 0x15)
write$auto(0x3, 0x0, 0x5b6)
read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffffff, &(0x7f00000002c0)=""/182, 0xb6)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0)
ioctl$auto(0x3, 0x400c4d06, 0x5)
close_range$auto(0x2, 0x8, 0x0)
socket(0xf, 0x800, 0x0)
io_uring_setup$auto(0x4, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/midi2\x00', 0x2841, 0x0)
ioctl$auto_SNDRV_RAWMIDI_IOCTL_PARAMS(r2, 0xc0305710, &(0x7f0000000040)={0x0, 0x73d, 0x4, 0x0, 0xff, "50b82e6c92b172b4cfaaca8e"})
r3 = socket(0x2, 0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
fanotify_init$auto(0x65, 0x2)
write$auto(r3, &(0x7f0000000040)='@-.@!\x00', 0xff)
setsockopt$auto(r0, 0x10000000084, 0x76, 0x0, 0x0)

2m56.990106194s ago: executing program 3 (id=3676):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket(0x11, 0x3, 0x2)
mremap$auto(0x8000000003, 0xda1, 0x3fd6, 0xb, 0x8000000000000000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
timerfd_create$auto(0x9, 0x0)
socket(0xa, 0x1, 0x0)
setsockopt$auto(0x1, 0x1, 0x12, &(0x7f0000000040)='\x00\x89e\xad\x97\xc5\xe8\x91g\xc1\xceE\xea=\x0f\xf4\xba4\x05>y/21\xfd\'\xc7\x1c\xaeV`\xc7^\x05\"H\xb8\x12\x99\x1fF\xdc\xc4\x02FV\x04D&9?\xa8d\xc97B\x9f)\xc6\xbb\x15_\xfd\xa5\xaf\xf8\xb8\x8a\x186\xa9\x0eY;\x9a\xe32T\xddn\xa6zK\xef\xf7\x04\x81\xb4\xb7;\x12\x1ch$\xbd\xd1x\x15\xa8\x9c\xba\x83\xa7\xbdwf8\xc03z|\xcd\xbc\xa1+8\xcet\x960\a\x80\x88!\x9e\x96\xcd\xb5oB\xc1L\xb2\xb1\xe6\xf9\x92\xd4\xcd\v0|G\xb7\xc3+\xb5\xa9\xb4\x05>ry\xa1\xf1)#\xc0\x8d(', 0xbb)
close_range$auto(0x2, 0x8, 0x0)
prctl$auto(0x4b, 0x8, 0x0, 0x0, 0x0)
prctl$auto(0x35, 0x0, 0x2, 0x0, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)
r1 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/net/rt_acct\x00', 0x181100, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
fanotify_init$auto(0x5, 0x2000000000002)
socket(0x2, 0x2, 0x1)
socket(0x2, 0x801, 0x106)
io_uring_register$auto(0xffffffffffffffff, 0x1f, 0x0, 0xfffffffc)
socket(0x26, 0x80805, 0x0)
read$auto_proc_single_file_operations_base(r1, &(0x7f0000000040)=""/137, 0x89)
ioctl$sock_SIOCGIFINDEX(r0, 0x80045430, 0x0)
write$auto(r0, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x9)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
shmctl$auto(0x9, 0xe, 0x0)

2m56.299706169s ago: executing program 3 (id=3678):
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
fstat$auto(r0, &(0x7f00000000c0)={0xfffffffffffffffb, 0x6, 0x9, 0xb16, <r2=>0xee00, 0xee00, 0x0, 0x7a7b, 0x8000, 0x5, 0x0, 0x4, 0x0, 0x8, 0x29, 0xbb0, 0x9})
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x2, 0x2, 0x0)
setsockopt$auto(0x3, 0x1, 0x2d, 0x0, 0x8)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x118c, r1, 0x1b, 0x70bd26, 0x25dfdbfb, {}, [@OVS_PACKET_ATTR_KEY={0x1160, 0x2, 0x0, 0x1, [@generic, @typed={0x8, 0x5b, 0x0, 0x0, @uid=r2}, @typed={0x4, 0xa9}, @generic="fdf96f59ef8129d1", @nested={0x1145, 0x80, 0x0, 0x1, [@generic="0e1c648667c86932570c440ea291e727ddce57bc6a688ad7a3b6506d985a5fe2fc6dcc674f3a0d6858ae2a242f195db40ecbce8eb3a54fdb1f607383aa3d5fc16bdbc28d04e649ded94bb9583ea084c7483b9644c60854d10da59031cb00a70f406cb271d88a420289af99fa609a274826430232d5474d890f60c6b0cd6e23fc69e549b19e266a3be01ae3ab6e65fd282efc8baf962dfe6f0da8a53018f8964260fe6bafc6ba27", @generic="5281a32fa6cc43c5904fd20a8e6eb7e35a71c369e6886aaf38695ef56f3c2a2d66e884062c525ba609b29b2d36180c54537cf33c281ecc06c02bad82274b2e7fa7d3fcb042ac3f12ef0b980a2639b627b4042ddeb0377e3c71b0c058436be8c09f277ca2e3c0f4b840e5bcf62f3e63dba7d58a0c70dbdad46ba3b51765dc89541918054237a764489352708f238eea9bcb571e4cbdfa", @generic="18c2727f78a7f2a3b6c15aff3aa179a8e8e38be1b4227bb47503b69ae68754a7fd7ef99555ccca5574d81116d429a4bd5593ef920c12aebf524e0f260dd2d2c79f47d323dd787a4224d1db0e2699a2bbafe167b0a9f331550b205ab29469522e19b3859d62b53990a65e0732e4152e60d70eae34b6ac6907d9372e2a08e5b88d865f195fbf84572d6c7832427378d154edc0ba15b49a6d013f59656cb0ab67ebf98fe878a68bd53b28190c8b5aab6735018daabfa348dfb5daeab27d4f50039763efa96e1692745346e22a9c99443d2fa45b5f9fcc4ed9d82030616baf43f270671446845622c0cf4f948029874af23c257225b3ee90d59d02cc4b21d007b7c2863f501dc02ac8d2d35518bc16e9e0743927956111569738d99758010d5705ff0fb04cbe39c0678a5606ebde77b5de10126509d1380c1d38edcf37f41242f60b0c8fa057eaba3cd3ee6bacc334d9a1607a4497af433debfeec62319d79015c2fc0952b4689f4ad8993aba422facf0096f5210757aa08466b5ba705167251c89f386151b0bd66456368735e76504ce7ea62ceada26e1f4b08fbda9b2fac59c183f2132af5f6ce7e196fa5568d9bac361781268d58854f31065420af4feb591616fcbbb4b82e3a9b61590a907ec014e152696d7d1825f9ede616afc8b206487da78e99ca9bc9f9b4c15c265db3c6564ca40b954a5e91ab763cc38cbd9ef58e0a1ee9a89a71e26e37a89ab30ff860e2f6c35a90668ad3e7decd00b2064f3b525a9035926b014ad1f5bfb47c7a19f6c598ebbb06e08b2215683c146377c6b94c2082c629cbe55a8c25363d3006df585bd6487b9cb32f42868594f13b29a6227f42b922edc40f5636e1a2c047616b3ff2a944134c77df6804a8238d4a468ba94f76fd15efb75c23745dba436dbdda40170e1d3327f35dc36c2598b277996c492314873235f18a1be9616fdad7e8c1c84e1571645ac3d3e927238939ca57eaf7eddb50ca06c4f00ebedfd8645b5394641ab9ee25aaef6a65984274988734996379a168b283cc3d9c7d275a5e49f23c2ad89d6a6748ae7e3637fbf41ac2930d5f2e414634f40df1ea66e79e56d01717495dc40cab94683ebac12412934c305e48647a5ab304ff7c1d483a24b02b4e9f947982ffeb9431374f23aa16f015e72a5de836ff00028b36ade2e4b7d1948cfe11ab8946f4ecdcba762f2a28028951d6e60f1d5c87ccba73590b5959ea0af83f9002f47be0b84ed665ed6eba3918486ec245f1b8f55f0bb1a0d08eff297828be41886088631ec0ef6941ac4a8a7b61d01c36231badd47fde17003f14045e3bcd46eb838fccc9e435c806e74ed20b7461c2257ed60790a04dc896b1b734deed52b9f784d072d15d6ef8542a3b7f6972c6e62cbaf150765badd0abfcaae8f6fe85e54b63033660263b5ce8852234fa789e95ec5b907e923ea54db5506b9971502eba9545c26dc24c93401c6c3bbf061f03706074c1c75f4d977855227e1d24caf1722ab7e4c8301c24750b2e51d478dd55e811201198b630fb3103e4073c4dc9ae80aa8d41944b611de2231fa7438e32828d1bc973ee8e5dbe29aed8c4db1181b2b9ddd378edee578e5a37d9590bf05a3492eb932a0e4cb998a85bad2237b3323f345a31adbfd5ea2dc6080ca263a03fe20a620a26b22f041a7c8e77ea7a905ab92bf27e9fb86003c2649d9531502d045e4d88a4a67c91d83a6ba9a9a7963377b4546c6991227f6f095271b93f017a6a96a130f599bf292e81e3550f6da83c44b3def44aed1944d31e1af643ae22816348a8fad2953928eb4125be585ff91cbc41edaa5ec0ea426627cc703e8a35f15b471c95e610c931b35a521ff4d197129b841d2a4f996bb7cab32fbacabb0652be2e6a14926967946eb9a29d658c9ac6b5082d857c885a473467322cf8ffcad05a28ddc2f0c235a23c4c83c9c276785ba67ce05227740757cd17804dc16c110b6fca163337867cec6a75d6945c89845990eead15ea7fbe3f8309bb53719d381ede8f276a5a31af4b0c9810abc0de37ef9f508d94a8ff138fe97a4aa7b77974cb6741c9494f066c72d45ccdbdf67f3b486d95614204855fca673e28d964e2c0dea139f945255ff12e300fd9e170e3b72a38ab1f02b958b8801997c290a099e9090c61e90110f7c29822eb1f590b470c5d4faa332c899e5f1e5db3480c0d2a6b6e7e7f666c8065518b902ebe7e2773682244143fa06658e1279fabaf7c5b733b0ad881b1d81c9f10c7659b5e2b65b2b105d8a379ce18c8ca8dd0caa128c09a8713654af58915fb1b98ec821c839791701afe15be23855d8482357c68f004817c975e17dd5413efd455ee456da3ccde91dbfde2f4cd17ffb79910e08105e6310262af7800ce268335ef3bb40da05aaeea02cd5e39b5abef7c1168eebc2f52036c6a722d6c5707978e704d1228236c928bf57e201f9cc13cf4c3012e94a616026f957dff80f46c12d21963109ad5fc9b96f21dd6942af3e435dc5bf718e684d384f70c430d29296b87bc9b96263a7a1a2944c2385468a1c958c55a8688b48b5b7511bb9d32d8d205303859c85df1b3a35de222d3ebd0fda3e4c095e2a077bd29eed2b9e644343a268110a98201bee903b07fbdb776fcc535e3e4e67f92a2d98734154d819e4c6452f1b5cef589f988b9b6435553f5534a003d81c0b9f25b0dcd83cb621baba4334e8e37dc879c5dc29c94171c7c412cee7fa79f081d00375ed2314f0a68f787367e942552b37de69280f8b76bddfe7d5680ca6a566de105a0257e452bab202977e191b85debb77ea6ca5f12e7527f93cc0fef5b88ce60e9907d9efbbf945356233e285f39d7c3f1309b5cff842a146b732b5255221e630c7335ba74814540ef5ba32f41746ba2d8c4bbc324479ad8b6293cfa7137e53dddb4eee690858b82a36f0d3c2c2228447f33c7a4e2a61cdf365e32d0987681a2c2d37382ff1c1b181030efd215d06ec3115b7554267ed8e8fe8df3a69aa86b12a257d20dbde0a7b886f388ce05d005d99deae6e583bf80ad27ebc3704e6916019723f32835c2bcbf76b99b8bceb07e381ace76f0c7e0a1bc11fc15762ee38b03f7d0fda66d98ce545dcbff460d3a674865e910d709f38436104f000c65f0f4db3d8119945e02606714787118b7ec73f17997113f7d5ae9cea587fb63c635c6dcbc002262be29c4a69383a165dda0f5722cc821599bdeb4616b56dad7393fbaddaa2232fd0b7885f93beea91a8d0a2fbfbeba5d3888d3bbfaecded8b49730319bf5dc31253651b3f2e04eb7ac48835f09a9703fe464b1a42844df64d13d5bb7cf5b81a35c21e226114c49304b33a811579f5e6a66a0d6b0460cf565cb2d0ce85547e4df6c616a8b02116915b04130cea58dbd8116cff63410594f4b4d298c59b965f860f7a021f259802c1bfbc917c607b53b81d54b08ad8dbd1a9e5c20b050f6f544bc49a9ae25d6f7377e251fb1e54aedfb817c64240eca1a92afe32c8ccc0a22ed1e26258b91d09b6241b6da5a7aed63f7375ce9b1f7b4b114b6f3d970decefe461adda298058e01f415333f4ed1239e58953a7f3a6bf195122b406efaa12cd0fff9706303d63b98eaeb002aecbca16f2a1bea69e876024fbbb91371fbec345fe338a36333f3e572ce6f911183e7af41bf3b430d89d147bfef3d123417e3499a260e3ba4f905fb4b8208c30a151fa8fff6dda2e14cf79185779b866d510c1dcad418dee7e6169fa2af25a64099aec11903a804b4fc43412c4d6486e7276eac597ca3129c5b78d880668b787051d0d8ed2c9d429dbd0028b7b2fdb3724bba89db29bd81f16621bebdacecb32c8f7361516a98e3c782962363eade19cd8bc487a2c0083f5d0cdd95bea261b4b331666af408d2a2e5a538b8bb5ed3901ff15c111156206d1ea5706d6d4da084a357a9f99d7537e2bd4354178b176a4316cb51c9f49bff02d24e8fc8bc9459387ad5430716e1d70364e73ae68b99f650f11ec8fa2288bf79ecc94f8a7ac1d470ffe4ec65cb7023b5fe4d02996c6e3136c6d760a4b06422fa6dd12f65cb60551ab32a891011bc80aa19595a7052265a4102c5f2c9cb31f4e91a664532802e9129909c11cad7280ca1b1a3e1037e7a63bdd67135a49d4a28df5667ee2390e3faad094731171c996108c34184bcb7e538c9d327212c5a9089be25c4cf4c72e8fd305c84a259e7458f5e57a2ad2db322771ac015e4bb4631d6fa4e5385a88d789b1f4a9c30514423d6d835921d36e509f08a410debcb6354ff73c3d7ffb8e5d75a9ca8e6f9124d932c6b76cc332e880ca9c134f44d9e3d59bee090e31a4c4f093c8af4fb163fc575186427e118aa5b6b7885c547e065f43507fc8ef5b8d549cc4fd1ab6b0c2bf25ae5a82ae47e019e30b4ade1deb3ebace64dc54e04db048d81a1718598fafffd459ea234d9c2c578f6a0c31554565a0f0b2de3aeef94f35a3d27842ebf6661f4e61c5dd2906895ee394202257dd170ae10cb6fd4a58853d1ee0b7541be217664d98e366827afad12cdf52fc4ed91cb3e2bd40501c83dcf3fc0a942def2d0202238336a0a1c5654c40e6e6b8268a16d2e002477446e424fdcd9c9b7b36fd7febeef358af69194b1f6f1fe8247b8498acee8367334ae6a9d9d718260dc12e5d9f700979c31c400b76be28bcde8626fd43c0a141ed2978af0da74bfd651a8569f09d63d856327067d362d230a15b883b8ffcdb475700477d64cbd202cb72bb1d46dc7d7eca2c7ad74341c5c6fc3087d1d8212c8044e9b51ec4e3fb458058ad85060e3c80b09a31b661bf8c5b83cd761ef9bfc4871f0c4a17f59d12f1b98595c6d3be70f91cbe8d5208c518e18a2f6ba89eab35f0827211be256c3a941e711e29ce1d2c6c9bcd63ef4c10225d14da162d1da86d3fc07988d7b0e68e7a9594dfea388bed5ed5e5c398ff69901ac08d0bc9b5217214ed1504fd6835537ff08933279953aa1d51a2571c1c94096a028e8137548e7ce8bf2e4b42495f19e08ca78d066242ff0f9b4b86a2283d63a5588fd3e406a80bfbc610011729f6912e7518abc561acb696bc17fc53e13518e80ec35649cd0e0d08bd8e9cf93f6d14d6da6460ac7dcd6a6ea078e3b5de03d476139a3f614296c3b9ac4a180924b8fb90555bc1acbb1af7d3ed081c9daf8f700e94d522916aa1ec459ee24ef6a705782bab453162664b3616f52086efdebd156f46278be51a243e39e8683be1eecdc233a84af22ace4d05c8aeca522b9130b718b209afc8f832e9814cd98dacc766374aa6a48a06017792908d5ca5d0572ae2bfdfeb0a80eaeb5a283ddf34f94cd1d1e306b6e32b0826e75f3df3ae53d0fc5585c7cd904e18961aa767aa37843afd5b5d75f495f774fd71d36b3a292c7f28b2063f55b440f91f835f2c2f188aae22c181948581e61789debcad9b755d5810dd4944ff3f7ea563e43add903cea217dc0842efc334228c066bc71c6d9bc685f4549425f0d0d9af1249da98712bd9ce629e24731f7cee15c1096c5fc458eb75d65ca167c49156d6c5cd4fd65b72a34eb7cd5191a3f132ede8a42880f4a1269793629773370b15f41929d274cadfbbba0cfd0d1f144d2c187930856533f7f23b494be74202cca5beacd4aa263e9171f9c7647616f8eb5d724b3aa2b7e9fff6c53c1bb181cb373c5c5fea19cd774ab7d6a1cac4565a1ee4f5be466d6cb213dce55b35c12725f81d63e2779c15fa1d3c01b9073f6e5e76e5b34f2b674cb9973a46d4a70279c21b3afe22d325ce411da02fd934", @typed={0x4, 0x111}]}]}, @OVS_PACKET_ATTR_ACTIONS={0x10, 0x3, 0x0, 0x1, [@nested={0xc, 0x7, 0x0, 0x1, [@typed={0x8, 0x11, 0x0, 0x0, @fd}]}]}, @OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x118c}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0)
fanotify_init$auto(0x200, 0x1)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0)
socket(0xa, 0x2, 0x88)
poll$auto(0x0, 0xc, 0x4)
setsockopt$auto(0x400000000000003, 0x29, 0x6, 0x0, 0x3)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
write$auto(0x3, 0x0, 0xfdf3)

2m55.150423277s ago: executing program 3 (id=3681):
mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8000)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004)
mmap$auto(0x0, 0x400008, 0xf, 0x9b72, 0x2, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_hsr\x00', <r1=>0x0})
bpf$auto(0x5, &(0x7f0000000300)=@bpf_attr_3={0x3, 0x4, 0xf, 0x63, 0x400, 0x0, 0x1, 0x80f0c8, 0x0, "38c1d5cbcb9f6b5e511f0cd8ed068f65", r1, 0x113e33f2, 0xffffffffffffffff, 0xe4, 0x6, 0x5, 0x3ad, 0x3, 0x0, 0x3, @attach_btf_obj_fd, 0x6, 0xffff, 0x8, 0x81, 0xfffffffe}, 0x4a)
unshare$auto(0x40000080)
writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1)
vmsplice$auto(0x3, 0x0, 0x9, 0x7)
socket(0x18, 0xa, 0x8e5)
lsm_list_modules$auto(0x0, &(0x7f0000000100)=0xbefc, 0x0)

2m42.929378324s ago: executing program 35 (id=3666):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000048c0)='/dev/dsp1\x00', 0x20000, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000000)=0x1ff)
ioctl$auto_SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000004900)=0x40000)
openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000002f80), 0x2, 0x0)
socket(0x10, 0x2, 0xc)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff)
mremap$auto(0x4000, 0xb9, 0x13fd4, 0x3, 0xfffff000)
r1 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
ioctl$auto_PAGEMAP_SCAN(r1, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x6, 0x50b301a, 0xe4, 0x2c, 0x0, 0x2})

2m40.120721655s ago: executing program 36 (id=3681):
mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8000)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004)
mmap$auto(0x0, 0x400008, 0xf, 0x9b72, 0x2, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_hsr\x00', <r1=>0x0})
bpf$auto(0x5, &(0x7f0000000300)=@bpf_attr_3={0x3, 0x4, 0xf, 0x63, 0x400, 0x0, 0x1, 0x80f0c8, 0x0, "38c1d5cbcb9f6b5e511f0cd8ed068f65", r1, 0x113e33f2, 0xffffffffffffffff, 0xe4, 0x6, 0x5, 0x3ad, 0x3, 0x0, 0x3, @attach_btf_obj_fd, 0x6, 0xffff, 0x8, 0x81, 0xfffffffe}, 0x4a)
unshare$auto(0x40000080)
writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1)
vmsplice$auto(0x3, 0x0, 0x9, 0x7)
socket(0x18, 0xa, 0x8e5)
lsm_list_modules$auto(0x0, &(0x7f0000000100)=0xbefc, 0x0)

10.144543071s ago: executing program 8 (id=4131):
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xfffffffffffefffd, 0x17)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x1)
madvise$auto(0x0, 0x20499d, 0x9)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
futex_waitv$auto(&(0x7f0000000000)={0x8, 0x5d94, 0x4, 0x4}, 0x77, 0x0, 0x0, 0x62bd)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4)
io_uring_setup$auto(0x40005, &(0x7f0000000000)={0x6, 0x1, 0x400, 0x7, 0x1005, 0x6, 0x7, [0x4, 0x2e9, 0x8], {0x0, 0x1, 0x8, 0x7, 0x5, 0x100005, 0x1, 0xfffffffc, 0x7}, {0x4, 0xfff, 0xffff7fff, 0x2, 0x8, 0x200, 0x3, 0x0, 0x3}})
madvise$auto(0x108000, 0x800034, 0x9)
bpf$auto(0xb, 0x0, 0x3)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
r1 = socket(0x11, 0x3, 0x9)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48})
sendmmsg$auto(r1, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000080), 0x49}, 0x5, &(0x7f0000000180), 0x5, 0x1000}, 0x5}, 0x2, 0x100)

6.533908861s ago: executing program 4 (id=4144):
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
io_uring_setup$auto(0x6, 0x0)
clock_nanosleep$auto(0x7, 0x9, 0x0, 0x0)
mmap$auto(0x0, 0x20007, 0x80000000000000df, 0x10004000eb1, 0x5, 0x8000)
close_range$auto(0x2, 0x8000, 0x0)
r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/time\x00')
r1 = openat$auto_proc_gid_map_operations_base(0xffffffffffffff9c, &(0x7f0000001480)='/proc/thread-self/gid_map\x00', 0x0, 0x0)
mount_setattr$auto(0x5, 0x0, 0x0, &(0x7f0000000640)={0x10000c, 0x7f, 0x0, 0x5}, 0x283)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
sendmsg$auto_NL802154_CMD_LIST_ASSOCIATIONS(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x84)
select$auto(0x3, 0x0, &(0x7f0000000100)={[0x9, 0x200, 0x0, 0x9, 0x9, 0x3, 0x6, 0x2, 0x9, 0x5e58296f, 0x1, 0x9, 0x3, 0x200, 0x6, 0xf]}, 0x0, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000040)={{0x0, 0x2, 0x0, 0x10a, 0x0, 0x9, 0x3fb}, 0x4}, 0x200, 0x0)
read$auto_proc_gid_map_operations_base(r1, &(0x7f00000014c0)=""/234, 0xea)
ioctl$NS_GET_PARENT(r0, 0xff02, 0x0)

5.731330163s ago: executing program 8 (id=4146):
openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
timerfd_create$auto(0x0, 0x0)
socket(0x2, 0x6, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x3, 0x100)
socket(0xa, 0x2, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x25, 0x1, 0x3)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
eventfd$auto(0x3)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x3, 0x73)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000100), 0x7c3142, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)
ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0)
ioctl$auto(r0, 0x80047437, 0x553)

5.607095742s ago: executing program 7 (id=4147):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffd, 0x8000)
r1 = socket(0x2, 0x1, 0x0)
getsockopt$auto(r1, 0x0, 0x43, 0x0, 0x0)
ioctl$auto_def_blk_fops_fs(r0, 0x1267, 0x0)

5.353912888s ago: executing program 4 (id=4148):
pipe$auto(&(0x7f0000000000))
ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0)
r0 = socket(0x2, 0x3, 0x6)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ppoll$auto(&(0x7f00000003c0)={<r3=>r2, 0x9, 0x2}, 0x100, &(0x7f0000000400)={0x0, 0x6}, &(0x7f0000000440)={0x4}, 0x8)
r4 = syz_genetlink_get_family_id$auto_nbd(&(0x7f00000000c0), r3)
sendmsg$auto_NBD_CMD_CONNECT(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000780)=ANY=[@ANYBLOB="ff0c0000", @ANYRES16=r4, @ANYBLOB="010025bd7000fedbdf2501000000040007800c000400ffffff7f000000000c0002000900000000000000"], 0x30}, 0x1, 0x0, 0x0, 0x4008}, 0x4)
sendmmsg$auto(r0, &(0x7f0000000280)={{&(0x7f00000001c0)="1ce7510ba3b8b84aadc760dd18910cfeed4fbd917bbcaf0d86fec0ec602a4bd8a6eb0b28c15b4dc2529e88e8ab5a8c5a1ad9be350340608a495b40a974292cfec6d0ad5b59e05e41691ebc9f4c86bc6e63e3cc8b6eeae86923a8f9d41f375e025679c17f803909d024d77e76a35c284022e5b073d8d9a3e658d31bca96c5c2f2672012a3431e", 0x10001, &(0x7f0000000100)={&(0x7f00000000c0), 0x9}, 0x5, &(0x7f0000000300)="c65f57386b7b017548bd38d4c5862c1a1154515a32cb32541b34d3cf506a459042cfd975ac7e9ae9d65734bb5049bf6caf2e0322e629d191edd91d1ee4d7e4ea69a1412a3635a11571015e990f10cb68874cf70c394eb2dd9ae2e7d2425c9b0749f023a19c6ae6139ecf7132f4c56f80586a180b61e008657327d5dce83561f6761c8664458a934e86b591ed5e9a1314c7176a76a0bf4cbc00a4334ba8d1fca998bc871627", 0x2, 0xbd4}, 0x5}, 0x2, 0x10)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004)
fsetxattr$auto(0xffffffffffffffff, &(0x7f0000003040)='-,\'*\x00', 0x0, 0x1, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
waitid$auto(0x7e, 0x9, &(0x7f0000000000)={@siginfo_0_0={0x3, 0x8, 0xfff, @_timer={0x7, 0x0, @sival_ptr=&(0x7f0000000680)="a4661dbd1c887c05f75c4de1437accaa97882ec1ea79390fcbd58c5b94c6930af9128dab6ba954ad96824970d41acac4b66592531efcacb4553f1e7770895dae887253b4749caa2983f4f7ec74d2089f7d16d552ff49ce83e93114cb89cf412ec59a6dd9a098489a589eb8cf931ec53ad037d919a36ad2e6dd5ec485bed540a9baf41fcd95728595280425ad167bf618d25dc83b2f3e51e20afcdb5e6a5fd80d292e45841da66bd4b8f888639aac8146ae5334a538", 0xf}}}, 0x2, 0x0)
setsockopt$auto(0x3, 0x0, 0x29, 0x0, 0x1)
mmap$auto(0x0, 0x20009, 0x2, 0xeb1, 0x40000000000a5, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x81, 0x8000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb0, 0x5e20e930, 0x8000)
write$auto(0x4, 0x0, 0x100082)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
shmctl$auto(0x3, 0xb3, &(0x7f0000000580)={{0x113, <r6=>0xee00, 0xffffffffffffffff, 0xbd9, 0x3ff, 0x29b, 0xe5}, 0xd, 0xb1, 0x8000, 0x8000000000000001, 0xe, 0x1000, 0x6, 0x0, &(0x7f00000004c0)="50a63db4c94b004aa9f5157f34f66471eee3a91528d5bc5e1f7714d6efec0e35a01a7a43780fa1cdce32e6fc4d27a25f5b85946b19b48c8e1ad8d9cdb63440ad2379fc4369b512c6c6ff2f1cc287715a2221aac07ff05942ebd92355311db5e643ecb9aa905b23a663ac42cd86b0d18b5b486a4fa0a4e89bacca", &(0x7f0000000540)="f8ea7f3eb0cb59c083260f778b4b697c2b6cfee8a93ac81b"})
sendmsg$auto_NL80211_CMD_SET_WIPHY(r3, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000600)={&(0x7f0000000dc0)={0x344, r5, 0x1, 0x70bd2c, 0x25dfdbfc, {}, [@NL80211_ATTR_TXQ_QUANTUM={0x8, 0x10c, 0x3a}, @NL80211_ATTR_IE_PROBE_RESP={0x1c, 0x7f, "aa08f185e337757d97269ff060ebfd78ca1a05983314b9b5"}, @NL80211_ATTR_WOWLAN_TRIGGERS={0x303, 0x75, 0x0, 0x1, [@typed={0xc6, 0x12d, 0x0, 0x0, @binary="92c7e016e6e053cb4a4efece0c0681140b0ef8ac2be1962f7280e74a06a2fe9f50ad0c50ea850e413e382851e9a1a3a8b1c0e232913e43fc351ad42b7076290a664348c4106ba40400e6815d1992e23767bde08758f8ced377f471d2f19d2fbf9115733fe61c53d88522bb02f80b4efb93c720bcbb11bbca71f21970831b771d9d15e9b949838711a27581fd0da2ccece220ccaaa7d2e708fc01ff0660bba66a4229b5732906cbaab03e195a6a6b67a266005dc396feca52c787714b3fe5ec88be1c"}, @typed={0x8, 0x127, 0x0, 0x0, @ipv4=@remote}, @typed={0x8, 0xe9, 0x0, 0x0, @uid=r6}, @generic="a3f4f1ef1807471ea6a1bdeabbe21504a14248ee9cb77612c5c6b0be208b2c02506a44966c39cfd8ff23a6039f711100bbfda86f8125e15e44e960b3b3cfd02293610074ae593ecaaa63adc7805febabae04c6173e7cc5c912986f69e580b960726b5e257e3903b8c4c9e8", @nested={0x1bc, 0x7e, 0x0, 0x1, [@generic="5ca4c3d3022add615b1756c39a97265bb311432c4bc6a7abded13a545213733353eeb7e624ea92f8d33169741f6fede49afb34e1b22d9d98c519445e377d69c45f8c4026bbcb0a94b26e48ec59a0cb0aff4444e2c48469dd79a7b3f01032a52f5889edc000ad347b74ca165e781193f429631345263091333c457908598a6acbb87a148cb9808ef54bcbdb5e4d1a72ba223f1ee4", @typed={0x8, 0xcb, 0x0, 0x0, @fd}, @nested={0x11a, 0x110, 0x0, 0x1, [@generic="a1fa10f43e868f08c5c9ace0461ba7dd4d08383b9f07600435089f2a3abd8236575bff21177a3c8a4545a865e51c2571de17a41b5a293e99eacf7c3feb7351c92a287058904af88d937096b74a8372eb9431ec7f4cda851fd6f6d235e3dc895f3bf0823cf4012f3d712763a760dacecd38109da96e181471f85a53766bac5e1ce9d94e4eb8709be2802bc97f517e6b48b72d24fa2fb7c0e14bbf6f0610cd928861a2a0bd5f705109801ce53c7a5cec586f9e54708a4c", @generic="35e7f77038d909f1cff8dc25d1bd7e9589e45e8338d8aed307eb5a2047cb138bddf951d8e51e1b1a2df6c333c7487302a59afee3a9fe47687a9c08d382b5f873678fa6d9de8f2635f01b1e49f44064ef4b92dc9f8a2b59a8dedd7e120937bb5c"]}]}]}, @NL80211_ATTR_WIPHY_ANTENNA_TX={0x8, 0x69, 0x802}]}, 0x344}, 0x1, 0x0, 0x0, 0x40000}, 0x8080)
eventfd2$auto(0x5, 0xffff8001)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000)
setrlimit$auto(0x8, 0x0)
setresuid$auto(0x60, 0x1000, 0x8000)

5.105122207s ago: executing program 7 (id=4149):
socket(0x2, 0x3, 0x6)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
waitid$auto(0x7f, 0x9, &(0x7f0000000000)={@siginfo_0_0={0x3, 0x8, 0xfff, @_timer={0x7, 0x0, @sival_int=0x6, 0xf}}}, 0x2, 0x0)
setsockopt$auto(0x3, 0x0, 0x29, 0x0, 0x1)
mmap$auto(0x0, 0x20009, 0x2, 0xeb1, 0x40000000000a5, 0x8000)
r0 = openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/tracing/events/vmalloc/purge_vmap_area_lazy/filter\x00', 0x2, 0x0)
write$auto(r0, 0x0, 0xfd)

4.612226198s ago: executing program 8 (id=4150):
r0 = socket(0x2, 0x801, 0x100)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NBD_CMD_CONNECT(r1, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40080}, 0x20040000)
r2 = socket(0xa, 0x801, 0x84)
mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000)
setsockopt$auto(r2, 0x10000000084, 0x3, 0x0, 0x3)
sendmsg$auto_WG_CMD_GET_DEVICE(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x88d0}, 0x0)
mlockall$auto(0x7)
mmap$auto(0x2, 0x200006, 0x2, 0x7fffffff, 0x602, 0x100000000000)
mlockall$auto(0x9)
acct$auto(&(0x7f0000000200)='/proc/sys/kernel/sched_deadline_period_max_us\x00')
acct$auto(0x0)
ioctl$auto(0xc8, 0x6, 0x5d6e859b)
madvise$auto(0x0, 0xffffffffffff0001, 0x9)
open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84)
fallocate$auto(0x8000000000000003, 0x0, 0xd, 0x2cbd5d)
socket(0x10, 0x2, 0x0)
sendmsg$auto_GTP_CMD_NEWPDP(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x4000804)
lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x10, 0x9, 0x63, 0x0, 0x0, 0x0, 0x0, 0x40000000000f, 0x7, 0x40000402, 0x7ffffffb, 0x9, 0xffffffff80000000, 0x9, 0x7, 0x200000100103})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x89fc, &(0x7f0000000040)={'bridge0\x00'})

4.377311858s ago: executing program 4 (id=4151):
bpf$auto(0x10, &(0x7f0000001700)=@task_fd_query={0x0, 0xffffffffffffffff, 0x3, 0x5, 0x7, 0x2, 0xffffffffffffffff, 0xfff, 0x80000001}, 0x63a)
mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000)
openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/mem\x00', 0x100, 0x0)
process_vm_readv$auto(0x0, &(0x7f0000000080)={0x0, 0x6}, 0x23, 0x0, 0x40, 0xffffffffffffffff)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000bc0)='/sys/devices/system/cpu/vulnerabilities/spec_rstack_overflow\x00', 0x4, 0x0)
mmap$auto(0x20000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x4, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_NL80211_CMD_TDLS_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40000041}, 0x4000)
vmsplice$auto(0x1, &(0x7f0000000000)={0x0, 0x5}, 0x6, 0x8)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000c00)=""/233, 0xe9)
readv$auto(0x3, &(0x7f0000000040)={&(0x7f0000000000), 0x36a}, 0x6)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x40008000)
io_uring_setup$auto(0x6, 0x0)
setsockopt$auto(0x3, 0x1, 0x2e, 0x0, 0x9)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x13, 0x940, 0x1ffe0, 0x3, 0x6, 0x2, 0x9, 0x5, 0x2, 0x7, 0xb0, 0x9, 0x5, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x80}, 0x1fe, 0x81)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40001)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x80000, 0x4)
openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, &(0x7f0000000000), 0x101200, 0x0)
readv$auto(0x3, &(0x7f00000001c0)={0x0, 0xf7}, 0x7)
keyctl$auto(0x3, 0xfffffffffffffffe, 0x1000100, 0x803, 0x387)

4.069624506s ago: executing program 7 (id=4152):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffd, 0x8000)
r1 = socket(0x2, 0x1, 0x0)
getsockopt$auto(r1, 0x0, 0x43, 0x0, 0x0)
ioctl$auto_def_blk_fops_fs(r0, 0x1267, 0x0) (fail_nth: 2)

3.321198159s ago: executing program 4 (id=4155):
r0 = open(&(0x7f0000000100)='./file0\x00', 0x201c2, 0x10e)
socket(0xa, 0x1, 0x1)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socketpair$auto(0x400, 0x6, 0x9, 0x0)
socket(0x15, 0x5, 0x0)
madvise$auto(0x1ffff000, 0x7, 0x100000000)
read$auto_hwsim_fops_group_(r0, &(0x7f0000000000)=""/13, 0xd)
prctl$auto(0x43, 0x10001a, 0x0, 0x1, 0x0)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
mmap$auto(0x1, 0x2000b, 0x7, 0x12, 0x401, 0x8000)
msgget$auto(0x6, 0x200)
fallocate$auto(0x4, 0x9, 0x100000000, 0x24)
msgctl$auto(0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x6, 0xfffffffb)
pselect6$auto(0xffffffff, &(0x7f00000000c0)={[0x2, 0xfff, 0x6, 0xbda3, 0x0, 0x9, 0x5, 0xc7, 0x5, 0x400, 0x7, 0x3, 0x2, 0x7fffffff, 0x87d9, 0x80000a]}, &(0x7f0000000180)={[0x182, 0x9bbb, 0x0, 0x3, 0x58, 0xb5, 0x8, 0x400, 0x9, 0x4, 0x7ff, 0xa5, 0x2, 0x7de1, 0xed1b, 0x8c5]}, &(0x7f0000000200)={[0x8001, 0x0, 0x36d7, 0x39, 0x0, 0x7ff, 0x8, 0x7fffffff, 0x6, 0xe51d, 0x401, 0xffff, 0x95, 0x39d9eb, 0x8, 0x409]}, &(0x7f0000000280)={0xa}, 0x0)
flock$auto(0x6, 0x1)
munmap$auto(0x401, 0x800)
keyctl$auto(0x8, 0xfffffffffffffffd, 0xffffffffffffffff, 0x5092, 0x2)
mknod$auto(0x0, 0xc9, 0xc8)
execve$auto(0x0, 0x0, 0x0)
r1 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000080), r0)
sendmsg$auto_MACSEC_CMD_DEL_TXSA(r0, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0xabdfb13bbf015ba5}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="000328bd7000ffdbdf250500000008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="6338e20bdacce1b510caa8f89feeaee723f4438e3e9eadf9a425f1896ff9d85ecb744abedfc399885eabe5044618666ab6cd7a90985cf97b21234997a8e210715448375963763af5a57c8ca465959dbb9d667873d8c57434f0cc987b399aa65e05c61c0ebfdd47be09dea6d9a8d2a3e20ead44919ffe25d5a986d522d82100aa0205f326bbabc6b20e583291be524a31f99481266fc2c578c02f5b"], 0x24}}, 0x800)
mmap$auto(0x1ff, 0x5, 0x5, 0x16, 0x7, 0x2)
mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2)
madvise$auto(0x0, 0xffffffffffff0004, 0x19)
io_uring_setup$auto(0x5, 0x0)
shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa)
mmap$auto(0x1, 0x5, 0x100000000000000, 0x16, 0x7, 0xf)
mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x20000000)

3.197658081s ago: executing program 7 (id=4156):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x6, 0x0) (async)
io_uring_setup$auto(0x6, 0x0)
mknod$auto(0x0, 0x1081, 0x3) (async)
mknod$auto(0x0, 0x1081, 0x3)
open(0x0, 0x6a341, 0x0)
close_range$auto(0x2, 0xa, 0x0)
open(&(0x7f0000000100)='.\x00', 0x0, 0x408)

2.442492437s ago: executing program 1 (id=4157):
mmap$auto(0x0, 0x401, 0xdf, 0x9b72, 0x2, 0x8000)
read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffffff, 0x0, 0x0)
socket(0x2, 0x1, 0x106)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
fstat$auto(0xffffffffffffffff, &(0x7f0000000000)={0x5, 0x9, 0x0, 0x103, 0xee01, 0x0, 0x0, 0xffffffffffffff91, 0xfd3, 0x2, 0xec, 0x4, 0x2, 0x1, 0x4, 0xfffffffffffffff8})
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='!\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x44}, 0x40090)
r0 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x20, 0x0, 0x0, 0x1}, 0x5}, 0x3, 0x0)

2.291553352s ago: executing program 8 (id=4158):
openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
timerfd_create$auto(0x0, 0x0)
socket(0x2, 0x6, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x3, 0x100)
socket(0xa, 0x2, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x25, 0x1, 0x3)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
eventfd$auto(0x3)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x3, 0x73)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000100), 0x7c3142, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)
ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0)
ioctl$auto(r0, 0x80047437, 0x553)

2.12595211s ago: executing program 4 (id=4159):
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x0, 0x0)
prlimit64$auto(0x0, 0x7, &(0x7f0000000cc0)={0xfff, 0xf1c6}, 0x0)
poll$auto(&(0x7f0000000f80)={0xffffffffffffffff, 0xa06}, 0x3fa, 0x20)
getsockopt$auto(0xffffffffffffffff, 0x193b0928, 0x8, 0x0, 0x0)
r1 = openat$auto_comedi_fops_comedi_fops(0xffffffffffffff9c, &(0x7f0000000000), 0x101002, 0x0)
ioctl$auto_COMEDI_BUFINFO(r1, 0xc02c640e, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)

2.033863685s ago: executing program 7 (id=4160):
socket(0x10, 0x2, 0x0) (async)
r0 = socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x3, 0xdf, 0xeb1, 0x611, 0x8000008000)
r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x80, 0x0)
ioctl$auto_evdev_fops_evdev(r1, 0x80044501, 0x0)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
pipe2$auto(&(0x7f00000006c0)=r0, 0xfffffffb) (async)
pipe2$auto(&(0x7f00000006c0)=<r2=>r0, 0xfffffffb)
write$auto_cpu_latency_qos_fops_qos(r2, &(0x7f0000000700)="479d3a53576ae5037a4325fe85e2830a288e67c6f494220f88d6a0178c35495381c62c55bc0ede9fbca2d942b707a61888fbc4a130e75261ac811e595f1b93f782c8de1ff58560ba5f8d2e9499922b1e9bb6d0e59e61b447d0", 0x59)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)="b3518f2ca591c69d5f2ac160b554394ab8a47f463531ad9c4eeae6c48f3c77f61f954dac886afee3c589c64d567cdd53926fb814ddf40aeba826fab3bdd3c8cbf7e910b0248feed8f7b1348d63bd3bf6ebeeef2911fcaccad4a8562b0bcaf26168d7745a8dd264ffee", 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
recvmmsg$auto(r0, &(0x7f0000000500)={{&(0x7f0000000080)="38dced671233cd3ebaf9f5d49da7f880403c9e3c05f135a9b163017e9268ff8dbaf118ff88a3989758587c385352dc220a8d6ce2f5977fb572a1060c00347d0a6d981b39cdf186bcd6d58eaa15fbb75a201de347994ab41fd7d20e", 0x7, &(0x7f0000000140)={&(0x7f0000000440)="3878ed358d5628374c81426b4caf8f2d0012de8214d94c566ebdb514902bf2859246145420f203ee98b5da7ad4ee8c1b7b0fabaa03cadc361781955b9f59aa2ff549e0eeabd8658523f1712318f9e6fe9d21f88aa9d8d0dc3cfe795db206b0131581efdc49ff8314b1", 0x6}, 0x20ee, &(0x7f00000004c0)="83c6882cb93f10d0fd65b3bf4be62c8d3fd67a5cf5be0d", 0x3ed, 0x2}, 0x10000}, 0xa5, 0x10001, &(0x7f0000000540)={0x8, 0xff})
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0x26, 0x2, 0x0)
sendmsg$auto_CTRL_CMD_GETPOLICY(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x14, 0x0, 0x10, 0x70bd2c, 0x25dfdbfd, {0xa, 0x0, 0xa00}}, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0}, 0x7}, 0x803, 0x0)
bpf$auto(0xe3a, &(0x7f0000000380)=@token_create={0x9, r0}, 0x8000)
syz_genetlink_get_family_id$auto_ipvs(&(0x7f00000005c0), r0)
socket(0xa, 0x5, 0x0) (async)
socket(0xa, 0x5, 0x0)
listen$auto(0x3, 0x81)
shutdown$auto(0x200000003, 0x2) (async)
shutdown$auto(0x200000003, 0x2)
listen$auto(0x3, 0x81) (async)
listen$auto(0x3, 0x81)
openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x10b501, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000080), r3)
close_range$auto(0x2, 0x8, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x3, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x14, r4, 0x1, 0x70bd2d, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x40000021}, 0x8004) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x14, r4, 0x1, 0x70bd2d, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x40000021}, 0x8004)

2.033205901s ago: executing program 1 (id=4161):
r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0)
mmap$auto(0x0, 0x400, 0xc3, 0xeb1, 0x1275, 0x408000)
close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x664)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
mprotect$auto(0x1ffff000, 0x8000000000002001, 0x4)
r1 = socket(0x2b, 0x1, 0x1)
socketpair$auto(0xffffffff, 0x1, 0x9fa, 0x0)
ioctl$auto(r1, 0x8941, 0x4)
sendfile$auto(0x1, r0, 0x0, 0xef75)
syz_clone(0x20008000, 0x0, 0x0, 0x0, 0x0, 0x0)

1.687902984s ago: executing program 1 (id=4162):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x7)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = getpid()
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x4000804)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x89fc, &(0x7f0000000040)={'bridge0\x00'})
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x3f)
mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x1, 0x400008003)
r2 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0)
ioctl$auto_PROCMAP_QUERY(r2, 0xc0686611, &(0x7f0000000340)={0x18, 0x0, 0x4, 0x1, 0x8, 0x1, 0x0, 0x6, 0x5, 0x200, 0xffff7ffe, 0x80000000, 0x7ff, 0x7, 0x9})
process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0)
openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000200), 0x20000, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000db, 0xebd, 0x3, 0xfffffffffffffffc)
io_uring_setup$auto(0x6, 0x0)
lsm_set_self_attr$auto(0x1, 0x0, 0x80, 0x0)
socket(0xa, 0x2, 0x3a)
close_range$auto(0x2, 0x8, 0x0)
r3 = socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x7, 0x47, 0x32b, 0x1ffde, 0x7, 0x6, 0x2, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x2, 0x10000, 0x80, 0x7, 0x0, 0x7, 0x0, 0x200, 0x0, 0x84, [0x0, 0x0, 0x0, 0x50100000000000, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x5, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x1, 0x0, 0xffffffffffffffff, 0x4, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x400000000005b8, 0x0, 0x0, 0x0, 0x4000000000, 0x6, 0xffffffffffffffff, 0x0, 0x8000000000008, 0xfffffffffffffffc, 0x3, 0xa38, 0x0, 0x0, 0xfffffffffffffffc, 0x2, 0x0, 0x0, 0x0, 0x3]}, 0x1fe, 0xd)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r4 = socket(0x2, 0x6, 0x0)
getsockopt$auto(r4, 0x10d, 0xc, 0x0, 0x0)
sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0xf000, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
socket(0xa, 0x3, 0x3a)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)

1.373649624s ago: executing program 7 (id=4163):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0004, 0x19)
madvise$auto(0xfffffffffffffffc, 0x200007, 0x8)
mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000)
madvise$auto(0x0, 0x200007, 0x19)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000007c0)='/sys/kernel/mm/ksm/pages_skipped\x00', 0x40c00, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000800)=""/184, 0xb8)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x801, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
socket(0x10, 0x3, 0x6)
socket(0x22, 0x2, 0x2)
socket(0x2b, 0x1, 0x1)
unshare$auto(0x40000080)
io_uring_setup$auto(0x1, 0x0)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000007c0), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r1, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)={&(0x7f0000000f00)={0x14, r2, 0x705, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x880)

1.262425734s ago: executing program 8 (id=4164):
bpf$auto(0x10, &(0x7f0000001700)=@task_fd_query={0x0, 0xffffffffffffffff, 0x3, 0x5, 0x7, 0x2, 0xffffffffffffffff, 0xfff, 0x80000001}, 0x63a)
mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000)
openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/mem\x00', 0x100, 0x0)
process_vm_readv$auto(0x0, &(0x7f0000000080)={0x0, 0x6}, 0x23, 0x0, 0x40, 0xffffffffffffffff)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000bc0)='/sys/devices/system/cpu/vulnerabilities/spec_rstack_overflow\x00', 0x4, 0x0)
mmap$auto(0x20000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x4, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_NL80211_CMD_TDLS_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40000041}, 0x4000)
vmsplice$auto(0x1, &(0x7f0000000000)={0x0, 0x5}, 0x6, 0x8)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000c00)=""/233, 0xe9)
readv$auto(0x3, &(0x7f0000000040)={&(0x7f0000000000), 0x36a}, 0x6)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x40008000)
io_uring_setup$auto(0x6, 0x0)
setsockopt$auto(0x3, 0x1, 0x2e, 0x0, 0x9)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x13, 0x940, 0x1ffe0, 0x3, 0x6, 0x2, 0x9, 0x5, 0x2, 0x7, 0xb0, 0x9, 0x5, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x80}, 0x1fe, 0x81)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40001)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x80000, 0x4)
openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, &(0x7f0000000000), 0x101200, 0x0)
keyctl$auto(0x2000000000000016, 0x0, 0xfffffffe, 0x400040, 0xa8)
keyctl$auto(0x3, 0xfffffffffffffffe, 0x1000100, 0x803, 0x387)

1.168538561s ago: executing program 4 (id=4165):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0004, 0x19)
madvise$auto(0xfffffffffffffffc, 0x200007, 0x8)
mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000)
madvise$auto(0x0, 0x200007, 0x19)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000007c0)='/sys/kernel/mm/ksm/pages_skipped\x00', 0x40c00, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000800)=""/184, 0xb8)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x801, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x3, 0x6)
socket(0x22, 0x2, 0x2)
socket(0x2b, 0x1, 0x1)
unshare$auto(0x40000080)
io_uring_setup$auto(0x1, 0x0)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000007c0), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r1, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)={&(0x7f0000000f00)={0x14, r2, 0x705, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x880)

841.683712ms ago: executing program 1 (id=4166):
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0xb32, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002)
fanotify_init$auto(0x5, 0x800)
pipe2$auto(0x0, 0x80)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_IPVS_CMD_GET_DEST(r0, &(0x7f0000003a40)={0x0, 0x0, &(0x7f0000003a00)={&(0x7f0000000e80)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="ffa725bd7000fedbdf250800e7ff070004"], 0x1c}, 0x1, 0x0, 0x0, 0x4040011}, 0x40010)
r1 = geteuid()
setreuid$auto(r1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x3fffffffffffffc, 0x40, 0x9b72, 0x1004, 0x800007ffe)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x801, 0x84)
getsockopt$auto(0x6, 0x84, 0x72, 0x0, &(0x7f00000000c0)=0x10000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r2 = openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, &(0x7f0000000b00)='/proc/self/smaps\x00', 0x2603, 0x0)
read$auto_proc_pid_smaps_operations_internal(r2, &(0x7f0000000000)=""/182, 0xb6)
fanotify_mark$auto(0xffffffffffffffff, 0x6, 0xc, 0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00')
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r5=>0x0})
sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010029bd7000f9db5f250200000008000300", @ANYRES32=r5, @ANYBLOB="08003f00dcff"], 0x24}, 0x1, 0x0, 0x0, 0x88c1}, 0x80)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

463.548314ms ago: executing program 1 (id=4167):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
symlink$auto(&(0x7f0000000000)='.\x00', &(0x7f0000000040)='./file0\x00')
mprotect$auto(0x1ffff000, 0x8000000080000001, 0xd)
mount$auto(&(0x7f0000000000)='pimreg\x00', &(0x7f0000000040)='\x00', 0x0, 0x10dfd057, 0x0)
getcwd$auto(0x0, 0xffffffffffffffff)
move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x277)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
syz_genetlink_get_family_id$auto_gtp(0x0, 0xffffffffffffffff)
socket(0xa, 0x2, 0x73)
setsockopt$auto(0x4, 0x29, 0x35, 0x0, 0x10000)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800005}, 0x5, 0x20000000)
write$auto(0x3, 0x0, 0xfdf3)
kcmp$auto(0x1, 0x1, 0x0, 0x7ff, 0xe)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill$auto(r1, 0x2)
close_range$auto(0x2, 0x8, 0x0)

86.572991ms ago: executing program 1 (id=4168):
mmap$auto(0x0, 0x20009, 0x12, 0xeb1, 0x401, 0x8000)
socket(0x2, 0x1, 0x0)
socket(0x2, 0x6, 0x0)
epoll_create$auto(0x4)
epoll_wait$auto(0x5, 0x0, 0x2, 0xfffffffd)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
epoll_ctl$auto(0x5, 0x1, r0, 0x0)
capset$auto(0x0, 0xfffffffffffffffe)
epoll_ctl$auto(0x5, 0x3, r0, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
statx$auto(0x2, 0x0, 0x1000, 0xbdfa, 0x0)
r1 = socket(0x2b, 0x1, 0x1)
r2 = openat$auto_btrfs_ctl_fops_super(0xffffffffffffff9c, &(0x7f0000001640), 0x101440, 0x0)
ioctl$auto_BTRFS_IOC_DEVICES_READY(r2, 0x90009427, &(0x7f0000001680)={0x8, "76fecbc57ca0978a171e985278736e21a481fa8b13ae8e7f38b69d5b21e6d9343978433b767c7f3792a36891edfda234f1e1e367a6f738eb115c1f0686a78c0fb96e93defcbf4c87e82cac4007d3ccf986c3f247c797b3b61cd52116eea211bfb30b322405b8fd104fdf6c56c2c6e0d4de71bfa11300c6c5fc716310a7027297e5cadb4b18b8fceb62134b01151fa94cd5a30e88345072aa29b4a6661fc55866c96823a684281301b159f24bd1bb32e6f13d29ba032ca4465630df3a09879a0383be90aaf3911476b8b5b75c0a705ffed01bb21b6c18929117dea32b272d3ec69170306368d67dcc11de0f797984ff6ed1c317f3a2e5bc22431091a6edf6dcc44b33fc44a277094d9a37cbaff5422a665bc723bfcf0cf70ac0089260ca0a58fb6d8ae8c0aa93914bea92b688a22e54c77fccc743554fa6617d8fc5809105dd802b085df6b9ff145749378b295688d01468f47a98973fd13eb8438cd344ecdd30439ce3e349b3b7d995edd9795eca8878d1ad75f8f8049f9f20a4012528e3fdf9d533e29d0bbbf711d4ac0cf115366461ad18b7e2d536d018c7797c13892dd111a9a8c93a15a393e8efbbe4fa632f2b1b191be1602d7239107851ab55afb557c7e527116ca6fe528d48c83d48c0e30ec0159625dcff2ffe8e0a0d89c87df0da3f26a3491607ed0a15ae3e412f5c067c5c0dcb0c53a64b03dca0e86e578b01cf51839d1673e11e4b4ea2de29e8b2e7ee8232954e9c6c823e1d5bd71a9ad78b063077e401f1814d2a021e28d0d323a3583fa547ed3fb5a2c2a101f6005fffd2d98df73196b624c87d406e0014f70c1d7f7e4844436b28518c84b003ee3d83685f471234baf6382fcae85d51960447b30d82b23e28f691d832f0903348fb5f38ffc1f114e9eb75773c32428835ef23cb17efdbb89a899443a7096ef3b39398a1461ed041f6b4a122beb84573ba84e6562757d59bef90d1c959afbd10d2d39c74efde264c40e6192a8289efe5a76d1b8f8a3639a4c9246c6dc34effabd9e54a327bf38af0e13e95fb1b60a1560e9fe7263dafe3342b7d66799733c955a560f4b46d46c53172917cb94db43592333f12bde7c08fad5819a08564a17f821833704cea7140c23f422e81f9f7d21233240a3789d74b29ff6d0914de41e0c253f800626ae9afd5aa5515336ed380106f79e3ff40aa500f24399ce1eac15000a701eee9e1cbb24588e5e3329f26bb7cb2e380adcebb0f35f3890330398af1f0b2600e9fae7b0c9afed28922241d8246bbea2ab4007e8db8573e3a1cd9bac10809c6f4014b43f738af5488a99af041fa1d091b68b5ae124ad98ef4736177fcd147fe71c4866bf4b87f394389a3ef9d9689319e25edc08b9b4438ebb9caa22df10bd05119895f6a1c41d4e0637e97fb0c9dee1caf94280c42d2b6746613e2da1d6998cdb938e657ac6f4121f96186efae5009901fd08661a6919f03b5c9c505e1e8e3f56a85cce8a119ff18f213ad6abdcad8167e0d0007669e3f712c0f04045cdbb115e577af7a9440065b132a8d8022f1afff7dbe77b5bc2851a1180f0fbcee67fb7ab251c44866830657e82f8d9f7ae859e9dc6c136000e1f468214ffafdd6168a6f87dd45a0102775d62d3258b2c2c3d60467de53c2fadab4744cc4251383a5bbbd0341f8af246f7c06b85c47bad6ff16e4747f94873ba4d7a5142d4bf32f37a0717bb0c8e2cd4111bdbe5cbec893d58eb17e4639a91cae111275793322e692e96a9de7dfd47487bab027eb0c2b62e02e9b6809641804a5d617876ded8bae9f358f62cd646902f674d9331e585694a250eef4110d82473d400b7ba91f97c182ed7d7ffef7d2a28dabca853fb9aaad4f04737fa1bf71b1c5856cdc41135944a3150a917198f0e9a4343a8d8db05a13fbc3d852955ae4a612a680f246f4e32582e5646cc384a8274da40aeecd45a1ef2e7ab96273e172a180238cbc89ae0fb7ae58a6d34eacd69f4210756118220d31fb21c1f95e296fa07e3089b56f131a06bac4396e508e286d50f0e7e31f443683fd89bafeae9207d45d0c5df179ad4762d7edffc53f31d910218709443be9c7a613b74e4036bffed6564441f6484eae7bf3e42d60fa53d3a7ee38333693fc79ded0bc9d6a1c75972cb3c2d689e1ad153429d52fe7ab009dc7582d7fb278aee7a9b8ba9e4511e0ae4390eae83aaa1b2a9e931315756005c6018180caae6a46b620f321126b3f8a9317da786494286cabb57da01efcdf0bdbb385a6e9ea743c1ff632bfc49fba7ddac3a0199a4e6f68cec4abc87c1039ec0653e7349fe27936a2332f130535f2252a3ac6515ad4b3d3268ad323e53e2f5b828ca099159f69f46bda8fc4d6b3d4561375deb43d85651d7ee8e2100738a8d8beafa6d944b443ef350bb6ba41f8e6064b51bef109f6f2db339d7e773c0cc2f6f98adab5f48d7f182730bcc1ca6cd99f32bb0589a9593f39bfdd31823e2c86d6cf254b2d72734ffb117151f74c0cb3bc4dae5c6384f85ca6801f998ec0df63cb9907a8ba7a32d19c83144b0d49af7c333c419ffe42adfe6cdd1f492a354e0ef4adf0544ea845f873ae002c45925cae0922741393f644e18c2c480a5dbef94a14ff1ad18aa04fa153cf8be419092761f80f80899d2d56d7ffebbe2cc22292042380d138794cb9a7c6fc70149abd8d1ebb344394f3af490110f72521ac92042cc5c7b8e590d6998e5e80768e46a386fea00d47120c7557b2c2380fef9a56484bc540b7a91941ca35c0307aabbb639c928d7ed15627cc8ba82615b8f11b26057c8f2d98f6c9dfd63c94cb621837d9afed349879ae66727e3c8ed0d58862951918af3f74cb7bebc27b4c6abafff27b9c55f6764e56d5e3e2876901cc368a669c9bdc299d9e4346a43d92297da9548c6e716aa0f71306acf3df18fe5b024ad389e155445dc8a8437d97c513f1d6986a6c0d0cca04359644f194a6eea2e55aa58caf82b110ad47ca89415b6afd04a8c8da6ee240b2dca81482fdb688f9611301b528ffc068ae0950a605bfa8a478cb083473b36610bc21b3f7d5d16490842a101d93e4bdb6c45ea1198fb731eb463318d28ebfdca2304a24ff063914fe17ac438391d95392eefbf7e993d2b96bceb43a10c62688e0d14467b1320384db4328cc9d8999e06605f60946c14a5a44cbf750182aa6caf4ea519d93a9631e9f86fd76090b6fc13813c406dc72a869609a5e15696f2c251e29090051dffa354dcb062a247514a61d279a8927d2bc75b78678824da2e62de78ea73a39807030a8f5e5604e656bf57aad07942b0c0748ba1ccdb6ad28131149e6720282b656a3447415c4f143dd321532a80a93eca618409a31675849fd300d74313f2630c17b048cc4872ba608e9e96d57dae51e80cad306abc27de964405f66f0b74e12e3def2cead19162821a3bb5e6567ac6a83d191d51786bf27b559d149baa283a6bcff3b48052d62e68edaae2cd19ac652d6c4f81820d4a57ba15add301c52cfe97f90e52ef1473e3446f7c15a1efe0f772f74997600b5ea59bddd7459b43f0a57b9707bf15efb7ddef25faf85c1eb2bf12ad9ace52a8474a918b7d344881bb99fabb759fbf1a6612eafe4ce376ad435110f74e0082fa2bdb1f4e5fc45f425314de87466d2ac7dffdcd07f24b06e7d76cd4bd348dfce944e83fde4a4e12086d0badddcd11db1e6cf5d6788ddc4d2347dce2111a236f0b21ae7b92b88eb168a91fded724fca00cd0235729bce51bad57cb95a3e24581833f99646fffdf0194bbafe1ddbcd1eda34a4d32dc20908aa6d4e1425d4b58a391a2723f325d852a356fb535826b6ec7aa43641d8c606181444e3df11ba04e410df9c442640b7574153977cdacf260c19d6fca43b0908e680c2578e912308b03625baf19b57b4e30d15d3e0dcbff8c3861e49cf1773a1d2fbcecec289a4b6af09308a3dbb9490faaac0f1640528f05928ad164dfdaba5ce3c71af8b5817860d35016c87b790b5139f1b073995ebb808d4cc2b56925aebf24e3be67ca82c405d23c5a8a6a6c469754e0127d9ebea594656d8a0be4435f768e7fcf978233d7730321a56fc8285b1e6c4231378046edca96114282e8dd75322743d5c4e72a5f9c74d4d70e9625a2a758cf455ede9023309b96798648cc1ad05844457c147d8f79ad5875cb7e476a97b0a2c24a4b76948cb4e2a5d05550958805c3742a16b98c0e753d3ed3472e63b38573b74a55a1546c96b3c86a42e0fae0e3226721747add5d1ce97bf61e59a70f89dcfd53a6d83f1b6ca4d4edb9457b6194aba7f57b26d950f4a4545ff29e8bd5c757f758bc2c5ecbbdd6c1618176ac061947012c729fd40112dcd28b7a8dadbc1210b5a2e1b3e4577557336b37f79ead311ae9336ad2e62b8bebf26e93306b4a0315992a0ec231e9e59a0a39a0556492a607af251b398d083cbcb81b876177a8083a19ca5307c3868d6944906e050bd1bbafa3423ede4760c4c1ec61c148a1d4847a58b44c2d978a6444d2a4068870b98f303c1a1c031e2029e07ea964930a3cd8b55ff359e18f5a980a5e4c43fc13b7bb088fb45b65aa0397e68121731def46e0aee353014ba63c0b5560860cf4137f60ed4f4cee37f6e5efd64d2cda42b00c759ec2490f314cbb005726aec23eea21a66ece3fa0f230e2bd0f27141016ca95a70460dd77d685a0fb381871dc62f00d2a0595e8645c7a9fd9b79b13d59cec101b52beced9650095ae72a7263c1b0c15c84799aec5124ee7c9d1064d10a335cf8e8e48f6ff6a6f2e8d7088e3d5dd5d9af6f001c1b44a2d328cee4dd5e2e9550f3ea52def87aa3f2f930e1197e631be6b7f2332df5bcb68a6e6a431b009695645d37c133c90fa5ed4bd977755877007c6c832e21337103369b6becf3d005d1fd59991bddad8c1a7838da3ec62fcc41998bc984ce2273164828c4d7a1664af1a8009ec400ffb39304014da697a0ee840068ac673ca7d60d81b10e25406bbaf9b6c3ea63c1ddd1178828c595c95f8f5131840cb1ae6c69eaafa037622a4f63cc6aad478a909b6458ef5c562df7c64a5aed0691b3e878703d50aee3a1b5f9030168580d15feb99c8b90143a221edf4d08ddf3282843339a6c21d8f1a68c57fe32a95e2b59b4087043dbb9c9ebebf929c14da7b2673b41dd8bb63d2e1c07b7251a314f2ee48bdee0315eb094e5fdf5c8eff6e564fd1a08f5bab420c65998c1593fdd08c24d614933022de0e1a0f79b7a8169750ccaf8e1f8715eac0aff61a85f2ba0aec615ce0d5790a1903c0f86f8274ffc5ed38c6c90455c9e43035cf73c4746c11d2c6629fe9fac7e1fbc0ddd81b7070d62fad2e8eee42a9f502014c2ac2a0ccc480e37acff804eb4c6fe3866a8f3c691aac6ab05820fb31a2730b02b1290321fbcda0be64d845e942f451c266a119e471b3543d047f604916dc5684428a43fc9f8f5c6e3fc33d3fe0504ec01853a3bf7762c02e4e2380aea8e790defc20b4dcf36e04db93647661c274b5c93af45a14c104b0f53c42b7e6facab3a2ded66d21bbdedc03fb9aa379b6abeb63acee726edd2a88d6bd1a5892efa2a452256c48af1ac1050eab158ff149b4a39bd5a711a9b61815d39b36d227ecaf0467201ced67a525a9b3aee87ea5a35b4993cbe7e39db0fafe23113b02bb96f751a6eb58d7742e7b0b284e6333855cf251cdb5b582efdb350595be6b42a1ae863d80e73171c6544242e9bf793d17678c7956c3aaca77850772f6b1e02b7ea20b2f1096c7af01f2bc5a358929d"})
setsockopt$auto(r1, 0x29, 0x1b, 0x0, 0x201)
mkdir$auto(&(0x7f00000001c0)='}[,&*}\x00', 0xc001)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
timer_create$auto(0x9, 0x0, 0x0)
timer_settime$auto(0x0, 0x9, &(0x7f00000000c0)={{0x4, 0x10007}, {0x9}}, 0x0)
timer_gettime$auto(0x0, 0x0)
r3 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sysvipc/shm\x00', 0x141200, 0x0)
pread64$auto(r3, &(0x7f00000000c0)='/proc/thread-self/net/rpc/nfsd\x00', 0x8, 0x8)
sendmsg$auto_NL802154_CMD_GET_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="08010f80", @ANYRES16=0x0, @ANYBLOB="04002cbd7000fddbdf251c00000008002a0008000000890022002521bdfb0c1cba9d7198a7b69883084080992545984c260e70f4372c923ba9b813a10af676b833d5bf91e953da75d55d3666cb853e5234d7da1d7c92afa2015420e8faaab8572636287cf221df2a2094ccb71e2571c0b1e694388a97ffab323eb106a7681c63de28f3e1cc4ea68a3c07668c30460024856c26b373305c9df228d6efffbf7f0000000800270010000000050012000000000008000500020000003d"], 0x108}}, 0x8080)
mount$auto(0x0, &(0x7f0000000100)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0x10001, &(0x7f0000000040)="dbdf163fb2d13dad45f514237fe4202a32b3c897896dbc431fe5206d045cd450a0d2209ce45426c48829753f0e3bce39c4411469c0bba68c32382d65bbd6ac68729a55dc297dc41fbc36814ea0b6068b8fb37bfa1dde4923529836b8f02607089f8f632620af07ab54637793a34bc909")

0s ago: executing program 8 (id=4169):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'veth0_to_hsr\x00', <r1=>0x0})
r2 = openat$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$auto_safesetid_gid_file_fops_securityfs(r2, 0x0, 0xea)
r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001480), r0)
syz_genetlink_get_family_id$auto_tipcv2(0x0, r0)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001c80)={&(0x7f0000000100)={0x28, r3, 0x1, 0x70bd2a, 0x25dfdc00, {}, [@ETHTOOL_A_CHANNELS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}]}, @ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0x2}]}, 0x28}, 0x1, 0x0, 0x0, 0x8800}, 0x4) (fail_nth: 11)

kernel console output (not intermixed with test programs):

 in process `syz.1.2964'.
[  563.311616][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  563.318127][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  568.794619][T16188] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2979'.
[  574.841089][T16228] netlink: 350 bytes leftover after parsing attributes in process `syz.3.2991'.
[  578.396457][T16304] FAULT_INJECTION: forcing a failure.
[  578.396457][T16304] name failslab, interval 1, probability 0, space 0, times 0
[  578.465298][T16304] CPU: 0 UID: 0 PID: 16304 Comm: syz.1.3010 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  578.476139][T16304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  578.486229][T16304] Call Trace:
[  578.489544][T16304]  <TASK>
[  578.492505][T16304]  dump_stack_lvl+0x16c/0x1f0
[  578.497223][T16304]  should_fail_ex+0x497/0x5b0
[  578.501941][T16304]  ? fs_reclaim_acquire+0xae/0x150
[  578.507096][T16304]  should_failslab+0xc2/0x120
[  578.511822][T16304]  __kmalloc_node_noprof+0xd1/0x520
[  578.517062][T16304]  ? trace_contention_end+0xee/0x140
[  578.522374][T16304]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  578.527869][T16304]  ? find_held_lock+0x2d/0x110
[  578.532674][T16304]  __kvmalloc_node_noprof+0xad/0x1a0
[  578.537999][T16304]  traverse.part.0.constprop.0+0x392/0x640
[  578.543838][T16304]  ? trace_lock_acquire+0x14e/0x1f0
[  578.549090][T16304]  seq_lseek+0x2b4/0x440
[  578.553375][T16304]  proc_reg_llseek+0x205/0x2f0
[  578.558177][T16304]  ksys_lseek+0xf0/0x1b0
[  578.562454][T16304]  do_syscall_64+0xcd/0x250
[  578.566993][T16304]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  578.572925][T16304] RIP: 0033:0x7f9c6ad85d19
[  578.577364][T16304] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  578.597004][T16304] RSP: 002b:00007f9c6bb24038 EFLAGS: 00000246 ORIG_RAX: 0000000000000008
[  578.605451][T16304] RAX: ffffffffffffffda RBX: 00007f9c6af75fa0 RCX: 00007f9c6ad85d19
[  578.613452][T16304] RDX: 0000000000000001 RSI: 0000000000000100 RDI: 0000000000000003
[  578.621452][T16304] RBP: 00007f9c6bb24090 R08: 0000000000000000 R09: 0000000000000000
[  578.629450][T16304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  578.637448][T16304] R13: 0000000000000000 R14: 00007f9c6af75fa0 R15: 00007ffcf9196cc8
[  578.645460][T16304]  </TASK>
[  579.535866][T16315] netlink: 'syz.4.3015': attribute type 1 has an invalid length.
[  584.325746][T16402] netlink: 'syz.3.3042': attribute type 6 has an invalid length.
[  584.333539][T16402] netlink: 'syz.3.3042': attribute type 7 has an invalid length.
[  584.365169][T16402] netlink: 'syz.3.3042': attribute type 8 has an invalid length.
[  584.374719][T16402] netlink: 'syz.3.3042': attribute type 9 has an invalid length.
[  584.404372][T16402] netlink: 226 bytes leftover after parsing attributes in process `syz.3.3042'.
[  585.704427][T16419] netlink: 330 bytes leftover after parsing attributes in process `syz.3.3046'.
[  585.744549][T16419] : renamed from wg0 (while UP)
[  586.984103][T16428] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  586.990802][T16428] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  587.008574][T16428] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  587.014778][T16428] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  588.251249][T16457] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3056'.
[  588.265469][ T5144] Bluetooth: hci0: command 0x0406 tx timeout
[  588.301057][T16439] kexec: Could not allocate control_code_buffer
[  588.968280][T16466] ptrace attach of "./syz-executor exec"[13454] was attempted by "./syz-executor exec ASAN_OPTIONS=handle_segv=0 allow_user_segv_handler=1 detect_leaks=0 GLIBC_TUNABLES=glibc.pthread.rseq=0 ./syz-executor"[16466]
[  588.988937][    C1] vkms_vblank_simulate: vblank timer overrun
[  589.074182][ T5144] Bluetooth: hci2: command 0x0c1a tx timeout
[  589.080407][ T5144] Bluetooth: hci1: command 0x0c1a tx timeout
[  589.086527][ T5842] Bluetooth: hci4: command 0x0c1a tx timeout
[  589.271360][T16478] netlink: 306 bytes leftover after parsing attributes in process `syz.1.3061'.
[  589.882745][T16490] FAULT_INJECTION: forcing a failure.
[  589.882745][T16490] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  589.908323][T16490] CPU: 0 UID: 0 PID: 16490 Comm: syz.1.3065 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  589.919150][T16490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  589.929234][T16490] Call Trace:
[  589.932527][T16490]  <TASK>
[  589.935472][T16490]  dump_stack_lvl+0x16c/0x1f0
[  589.940190][T16490]  should_fail_ex+0x497/0x5b0
[  589.944906][T16490]  _copy_to_user+0x32/0xd0
[  589.949360][T16490]  simple_read_from_buffer+0xd0/0x160
[  589.954766][T16490]  proc_fail_nth_read+0x198/0x270
[  589.959831][T16490]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  589.965424][T16490]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  589.971004][T16490]  vfs_readv+0x6bf/0x890
[  589.975272][T16490]  ? fdget_pos+0x267/0x390
[  589.979728][T16490]  ? __pfx_vfs_readv+0x10/0x10
[  589.984517][T16490]  ? __mutex_lock+0x1cc/0xa60
[  589.989216][T16490]  ? find_held_lock+0x2d/0x110
[  589.994020][T16490]  ? __pfx___mutex_lock+0x10/0x10
[  589.999071][T16490]  ? trace_lock_acquire+0x14e/0x1f0
[  590.004309][T16490]  ? __fget_files+0x206/0x3a0
[  590.009020][T16490]  ? do_readv+0x133/0x340
[  590.013367][T16490]  do_readv+0x133/0x340
[  590.017548][T16490]  ? __pfx_do_readv+0x10/0x10
[  590.022264][T16490]  do_syscall_64+0xcd/0x250
[  590.026808][T16490]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  590.032737][T16490] RIP: 0033:0x7f9c6ad85d19
[  590.037174][T16490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  590.056812][T16490] RSP: 002b:00007f9c6bb03038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  590.065256][T16490] RAX: ffffffffffffffda RBX: 00007f9c6af76080 RCX: 00007f9c6ad85d19
[  590.073282][T16490] RDX: 0000000000000005 RSI: 0000000020000a80 RDI: 0000000000000003
[  590.081287][T16490] RBP: 00007f9c6bb03090 R08: 0000000000000000 R09: 0000000000000000
[  590.089292][T16490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  590.097295][T16490] R13: 0000000000000000 R14: 00007f9c6af76080 R15: 00007ffcf9196cc8
[  590.105313][T16490]  </TASK>
[  591.260863][T16512] FAULT_INJECTION: forcing a failure.
[  591.260863][T16512] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  591.305956][T16512] CPU: 1 UID: 0 PID: 16512 Comm: syz.3.3070 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  591.316801][T16512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  591.326986][T16512] Call Trace:
[  591.330284][T16512]  <TASK>
[  591.333233][T16512]  dump_stack_lvl+0x16c/0x1f0
[  591.337948][T16512]  should_fail_ex+0x497/0x5b0
[  591.342665][T16512]  _copy_from_user+0x2e/0xd0
[  591.347298][T16512]  copy_msghdr_from_user+0x99/0x160
[  591.352533][T16512]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  591.358373][T16512]  ? __lock_acquire+0xcc5/0x3c40
[  591.363349][T16512]  ? hlock_class+0x4e/0x130
[  591.367886][T16512]  ? __lock_acquire+0x15a9/0x3c40
[  591.372952][T16512]  ___sys_sendmsg+0xff/0x1e0
[  591.377579][T16512]  ? __pfx____sys_sendmsg+0x10/0x10
[  591.382809][T16512]  ? __pfx___lock_acquire+0x10/0x10
[  591.388078][T16512]  ? __pfx___might_resched+0x10/0x10
[  591.393387][T16512]  ? __might_fault+0xe3/0x190
[  591.398102][T16512]  __sys_sendmmsg+0x201/0x420
[  591.402816][T16512]  ? __pfx___sys_sendmmsg+0x10/0x10
[  591.408061][T16512]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  591.414090][T16512]  ? fput+0x67/0x440
[  591.418021][T16512]  ? ksys_write+0x1ba/0x250
[  591.422551][T16512]  ? __pfx_ksys_write+0x10/0x10
[  591.427439][T16512]  __x64_sys_sendmmsg+0x9c/0x100
[  591.432416][T16512]  ? lockdep_hardirqs_on+0x7c/0x110
[  591.437643][T16512]  do_syscall_64+0xcd/0x250
[  591.442180][T16512]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  591.448197][T16512] RIP: 0033:0x7f1654f85d19
[  591.452648][T16512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  591.472298][T16512] RSP: 002b:00007f1655e73038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  591.480750][T16512] RAX: ffffffffffffffda RBX: 00007f1655175fa0 RCX: 00007f1654f85d19
[  591.488752][T16512] RDX: 0000000000000003 RSI: 0000000020000080 RDI: 0000000000000003
[  591.496763][T16512] RBP: 00007f1655e73090 R08: 0000000000000000 R09: 0000000000000000
[  591.504761][T16512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  591.512763][T16512] R13: 0000000000000000 R14: 00007f1655175fa0 R15: 00007ffd20aabc18
[  591.520785][T16512]  </TASK>
[  591.523963][    C1] vkms_vblank_simulate: vblank timer overrun
[  592.406880][T16538] FAULT_INJECTION: forcing a failure.
[  592.406880][T16538] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  592.430453][T16538] CPU: 1 UID: 0 PID: 16538 Comm: syz.4.3080 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  592.441290][T16538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  592.451384][T16538] Call Trace:
[  592.454692][T16538]  <TASK>
[  592.457649][T16538]  dump_stack_lvl+0x16c/0x1f0
[  592.462371][T16538]  should_fail_ex+0x497/0x5b0
[  592.467094][T16538]  _copy_from_user+0x2e/0xd0
[  592.471732][T16538]  copy_msghdr_from_user+0x99/0x160
[  592.476978][T16538]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  592.482826][T16538]  ? __pfx___lock_acquire+0x10/0x10
[  592.488080][T16538]  ___sys_recvmsg+0xdc/0x1a0
[  592.492723][T16538]  ? __pfx____sys_recvmsg+0x10/0x10
[  592.497969][T16538]  ? __pfx_lock_release+0x10/0x10
[  592.503038][T16538]  ? trace_lock_acquire+0x14e/0x1f0
[  592.508300][T16538]  do_recvmmsg+0x2f8/0x740
[  592.512765][T16538]  ? __pfx_do_recvmmsg+0x10/0x10
[  592.517741][T16538]  ? vfs_write+0x306/0x1150
[  592.522283][T16538]  ? __mutex_unlock_slowpath+0x164/0x690
[  592.527971][T16538]  ? __fget_files+0x206/0x3a0
[  592.532695][T16538]  __x64_sys_recvmmsg+0x239/0x290
[  592.537767][T16538]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  592.543360][T16538]  do_syscall_64+0xcd/0x250
[  592.547905][T16538]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  592.553845][T16538] RIP: 0033:0x7f522f785d19
[  592.558303][T16538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  592.577949][T16538] RSP: 002b:00007f52305fc038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  592.586410][T16538] RAX: ffffffffffffffda RBX: 00007f522f975fa0 RCX: 00007f522f785d19
[  592.594416][T16538] RDX: 000000000000010a RSI: 0000000020000140 RDI: 0000000000000003
[  592.602422][T16538] RBP: 00007f52305fc090 R08: 0000000000000000 R09: 0000000000000000
[  592.610432][T16538] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001
[  592.618437][T16538] R13: 0000000000000000 R14: 00007f522f975fa0 R15: 00007ffe45bb3998
[  592.626462][T16538]  </TASK>
[  592.629612][    C1] vkms_vblank_simulate: vblank timer overrun
[  593.114945][T16547] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3083'.
[  593.539485][T16549] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  593.573962][T16549] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  593.692471][ T5144] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  593.711604][ T5144] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  593.726291][ T5144] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  593.746558][ T5144] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  593.763046][ T5144] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  593.771829][ T5144] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  594.134203][T16555] chnl_net:caif_netlink_parms(): no params data found
[  594.548906][T16555] bridge0: port 1(bridge_slave_0) entered blocking state
[  594.566794][T16555] bridge0: port 1(bridge_slave_0) entered disabled state
[  594.576464][T16555] bridge_slave_0: entered allmulticast mode
[  594.601694][T16555] bridge_slave_0: entered promiscuous mode
[  594.617677][T16555] bridge0: port 2(bridge_slave_1) entered blocking state
[  594.632925][T16555] bridge0: port 2(bridge_slave_1) entered disabled state
[  594.658365][T16555] bridge_slave_1: entered allmulticast mode
[  594.672668][T16555] bridge_slave_1: entered promiscuous mode
[  594.838794][T16555] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  594.876970][T16555] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  594.929882][T16560] kexec: Could not allocate control_code_buffer
[  595.008854][T16555] team0: Port device team_slave_0 added
[  595.038398][T16555] team0: Port device team_slave_1 added
[  595.318146][T16577] netlink: 'syz.4.3090': attribute type 2 has an invalid length.
[  595.320047][T16555] batman_adv: batadv0: Adding interface: batadv_slave_0
[  595.345188][T16555] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  595.411649][T16555] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  595.438594][T16555] batman_adv: batadv0: Adding interface: batadv_slave_1
[  595.455116][T16555] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  595.481047][    C1] vkms_vblank_simulate: vblank timer overrun
[  595.575292][T16555] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  595.806800][T16555] hsr_slave_0: entered promiscuous mode
[  595.835755][T16555] hsr_slave_1: entered promiscuous mode
[  595.865338][ T5144] Bluetooth: hci3: command tx timeout
[  596.835845][T16555] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  596.860513][T16555] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  596.957958][T16555] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  596.977812][T16555] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  597.253096][T16555] 8021q: adding VLAN 0 to HW filter on device bond0
[  597.328238][T16555] 8021q: adding VLAN 0 to HW filter on device team0
[  597.370067][T14810] bridge0: port 1(bridge_slave_0) entered blocking state
[  597.377247][T14810] bridge0: port 1(bridge_slave_0) entered forwarding state
[  597.447665][T14810] bridge0: port 2(bridge_slave_1) entered blocking state
[  597.454922][T14810] bridge0: port 2(bridge_slave_1) entered forwarding state
[  597.945446][ T5144] Bluetooth: hci3: command tx timeout
[  598.037942][T16555] 8021q: adding VLAN 0 to HW filter on device batadv0
[  598.607411][T16555] veth0_vlan: entered promiscuous mode
[  598.642040][T16555] veth1_vlan: entered promiscuous mode
[  598.733729][T16555] veth0_macvtap: entered promiscuous mode
[  598.755477][T16555] veth1_macvtap: entered promiscuous mode
[  598.800163][T16555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  598.835292][T16555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  598.875149][T16555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  598.918555][T16555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  598.949313][T16555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  598.975261][T16555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  599.006066][T16555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  599.036261][T16555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  599.055635][T16555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  599.091947][T16555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  599.147890][T16555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  599.181401][T16555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  599.246387][T16555] batman_adv: batadv0: Interface activated: batadv_slave_0
[  599.287365][T16555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  599.315143][T16555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  599.332085][T16555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  599.355682][T16555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  599.375131][T16555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  599.395154][T16555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  599.405764][T16555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  599.416856][T16555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  599.426789][T16555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  599.437413][T16555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  599.447418][T16555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  599.457935][T16555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  599.469025][T16555] batman_adv: batadv0: Interface activated: batadv_slave_1
[  599.481712][T16555] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  599.490618][T16555] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  599.499681][T16555] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  599.509020][T16555] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  600.025550][ T5144] Bluetooth: hci3: command tx timeout
[  600.046832][T14810] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  600.054749][T14810] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  600.162979][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  600.215553][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  601.807066][T16647] FAULT_INJECTION: forcing a failure.
[  601.807066][T16647] name failslab, interval 1, probability 0, space 0, times 0
[  601.895129][T16647] CPU: 1 UID: 0 PID: 16647 Comm: syz.4.3104 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  601.905981][T16647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  601.916068][T16647] Call Trace:
[  601.919366][T16647]  <TASK>
[  601.922311][T16647]  dump_stack_lvl+0x16c/0x1f0
[  601.927023][T16647]  should_fail_ex+0x497/0x5b0
[  601.931731][T16647]  ? fs_reclaim_acquire+0xae/0x150
[  601.936872][T16647]  should_failslab+0xc2/0x120
[  601.941582][T16647]  __kmalloc_noprof+0xce/0x4f0
[  601.946377][T16647]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  601.952033][T16647]  ? tomoyo_realpath_from_path+0xbf/0x710
[  601.957901][T16647]  tomoyo_realpath_from_path+0xbf/0x710
[  601.963513][T16647]  ? tomoyo_path_number_perm+0x235/0x5b0
[  601.969196][T16647]  tomoyo_path_number_perm+0x248/0x5b0
[  601.974709][T16647]  ? tomoyo_path_number_perm+0x235/0x5b0
[  601.980473][T16647]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  601.986527][T16647]  ? __pfx_lock_release+0x10/0x10
[  601.991607][T16647]  ? trace_lock_acquire+0x14e/0x1f0
[  601.996860][T16647]  ? lock_acquire+0x2f/0xb0
[  602.001393][T16647]  ? __fget_files+0x40/0x3a0
[  602.006019][T16647]  ? __fget_files+0x206/0x3a0
[  602.010730][T16647]  security_file_ioctl+0x9b/0x240
[  602.015793][T16647]  __x64_sys_ioctl+0xb7/0x200
[  602.020531][T16647]  do_syscall_64+0xcd/0x250
[  602.025160][T16647]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  602.031089][T16647] RIP: 0033:0x7f522f785d19
[  602.035529][T16647] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  602.055170][T16647] RSP: 002b:00007f52305db038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  602.063616][T16647] RAX: ffffffffffffffda RBX: 00007f522f976080 RCX: 00007f522f785d19
[  602.071618][T16647] RDX: 0000000000000007 RSI: 0000000040104d05 RDI: 0000000000000005
[  602.079706][T16647] RBP: 00007f52305db090 R08: 0000000000000000 R09: 0000000000000000
[  602.087708][T16647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  602.095745][T16647] R13: 0000000000000000 R14: 00007f522f976080 R15: 00007ffe45bb3998
[  602.103758][T16647]  </TASK>
[  602.106866][    C1] vkms_vblank_simulate: vblank timer overrun
[  602.113691][ T5144] Bluetooth: hci3: command tx timeout
[  602.296575][T16647] ERROR: Out of memory at tomoyo_realpath_from_path.
[  603.530909][T16668] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3109'.
[  607.418309][T15454] syz.5.2797 (15454) used greatest stack depth: 18816 bytes left
[  613.247823][T16789] netlink: 'syz.3.3140': attribute type 4 has an invalid length.
[  613.787793][   T35] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  614.367043][   T35] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  614.586676][   T35] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  614.788209][   T35] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  615.194305][   T35] bridge_slave_1: left allmulticast mode
[  615.245371][   T35] bridge_slave_1: left promiscuous mode
[  615.253381][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  615.416045][   T35] bridge_slave_0: left allmulticast mode
[  615.421768][   T35] bridge_slave_0: left promiscuous mode
[  615.455485][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  616.526016][T16848] netlink: 'syz.1.3151': attribute type 1 has an invalid length.
[  616.533821][T16848] nbd: error processing sock list
[  618.535740][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  618.596462][   T35] bond0 (unregistering): Released all slaves
[  619.269377][T16897] netlink: 'syz.3.3163': attribute type 46 has an invalid length.
[  620.783531][   T35] hsr_slave_0: left promiscuous mode
[  620.803533][   T35] hsr_slave_1: left promiscuous mode
[  620.995314][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  621.003723][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  621.104410][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  621.135882][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  621.229160][   T35] veth1_macvtap: left promiscuous mode
[  621.245570][   T35] veth0_macvtap: left promiscuous mode
[  621.252586][   T35] veth1_vlan: left promiscuous mode
[  621.298932][   T35] veth0_vlan: left promiscuous mode
[  623.797515][   T35] team0 (unregistering): Port device team_slave_1 removed
[  623.945759][   T35] team0 (unregistering): Port device team_slave_0 removed
[  624.310497][T16990] netlink: 'syz.6.3180': attribute type 1 has an invalid length.
[  624.318463][T16990] nbd: error processing sock list
[  624.749721][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  624.770013][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  629.876031][T17124] netlink: 'syz.3.3207': attribute type 2 has an invalid length.
[  630.625626][T17147] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3211'.
[  632.663985][T17208] FAULT_INJECTION: forcing a failure.
[  632.663985][T17208] name failslab, interval 1, probability 0, space 0, times 0
[  632.665443][T17203] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3220'.
[  632.725647][T17203] bridge_slave_1: left allmulticast mode
[  632.731392][T17203] bridge_slave_1: left promiscuous mode
[  632.739329][T17208] CPU: 1 UID: 0 PID: 17208 Comm: syz.4.3221 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  632.750150][T17208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  632.760242][T17208] Call Trace:
[  632.763545][T17208]  <TASK>
[  632.766503][T17208]  dump_stack_lvl+0x16c/0x1f0
[  632.771217][T17208]  should_fail_ex+0x497/0x5b0
[  632.775338][T17203] bridge0: port 2(bridge_slave_1) entered disabled state
[  632.775913][T17208]  should_failslab+0xc2/0x120
[  632.775953][T17208]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  632.793045][T17208]  ? skb_clone+0x190/0x3f0
[  632.797514][T17208]  skb_clone+0x190/0x3f0
[  632.801894][T17208]  netlink_deliver_tap+0xafd/0xca0
[  632.807059][T17208]  netlink_unicast+0x5e1/0x7f0
[  632.811869][T17208]  ? __pfx_netlink_unicast+0x10/0x10
[  632.817190][T17208]  ? __phys_addr_symbol+0x30/0x80
[  632.822254][T17208]  ? __check_object_size+0x488/0x710
[  632.827587][T17208]  netlink_sendmsg+0x8b8/0xd70
[  632.832395][T17208]  ? __pfx_netlink_sendmsg+0x10/0x10
[  632.837726][T17208]  ____sys_sendmsg+0x9ae/0xb40
[  632.842524][T17208]  ? copy_msghdr_from_user+0x10b/0x160
[  632.848024][T17208]  ? __pfx_____sys_sendmsg+0x10/0x10
[  632.853363][T17208]  ___sys_sendmsg+0x135/0x1e0
[  632.858084][T17208]  ? __pfx____sys_sendmsg+0x10/0x10
[  632.863344][T17208]  ? __pfx_lock_release+0x10/0x10
[  632.868413][T17208]  ? trace_lock_acquire+0x14e/0x1f0
[  632.873672][T17208]  ? __fget_files+0x206/0x3a0
[  632.878407][T17208]  __sys_sendmsg+0x16e/0x220
[  632.883046][T17208]  ? __pfx___sys_sendmsg+0x10/0x10
[  632.888224][T17208]  do_syscall_64+0xcd/0x250
[  632.892772][T17208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  632.898706][T17208] RIP: 0033:0x7f522f785d19
[  632.903151][T17208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  632.922897][T17208] RSP: 002b:00007f52305fc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  632.931352][T17208] RAX: ffffffffffffffda RBX: 00007f522f975fa0 RCX: 00007f522f785d19
[  632.939359][T17208] RDX: 000000000400c000 RSI: 0000000020000140 RDI: 0000000000000004
[  632.947366][T17208] RBP: 00007f52305fc090 R08: 0000000000000000 R09: 0000000000000000
[  632.955458][T17208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  632.963469][T17208] R13: 0000000000000000 R14: 00007f522f975fa0 R15: 00007ffe45bb3998
[  632.971507][T17208]  </TASK>
[  633.078090][T17203] bridge_slave_0: left allmulticast mode
[  633.084794][T17203] bridge_slave_0: left promiscuous mode
[  633.091450][T17203] bridge0: port 1(bridge_slave_0) entered disabled state
[  633.785683][T17216] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3231'.
[  637.442127][T17291] FAULT_INJECTION: forcing a failure.
[  637.442127][T17291] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  637.455609][T17291] CPU: 1 UID: 0 PID: 17291 Comm: syz.3.3243 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  637.466418][T17291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  637.476531][T17291] Call Trace:
[  637.479840][T17291]  <TASK>
[  637.482887][T17291]  dump_stack_lvl+0x16c/0x1f0
[  637.487604][T17291]  should_fail_ex+0x497/0x5b0
[  637.492327][T17291]  strncpy_from_user+0x3b/0x2d0
[  637.497248][T17291]  getname_flags.part.0+0x8f/0x550
[  637.502411][T17291]  __x64_sys_mkdir+0xd8/0x140
[  637.507140][T17291]  do_syscall_64+0xcd/0x250
[  637.511691][T17291]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  637.517629][T17291] RIP: 0033:0x7f1654f85d19
[  637.522086][T17291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  637.541743][T17291] RSP: 002b:00007f1655e73038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  637.550199][T17291] RAX: ffffffffffffffda RBX: 00007f1655175fa0 RCX: 00007f1654f85d19
[  637.558298][T17291] RDX: 0000000000000000 RSI: 0000000000009001 RDI: 0000000020000100
[  637.566319][T17291] RBP: 00007f1655e73090 R08: 0000000000000000 R09: 0000000000000000
[  637.574338][T17291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  637.582357][T17291] R13: 0000000000000000 R14: 00007f1655175fa0 R15: 00007ffd20aabc18
[  637.590393][T17291]  </TASK>
[  639.295715][T17310] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3250'.
[  640.118348][T17342] netlink: 'syz.3.3257': attribute type 4 has an invalid length.
[  640.241236][T17357] kernel read not supported for file /#)-\&[} (pid: 17357 comm: syz.4.3256)
[  640.343522][T17362] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3258'.
[  640.466351][   T29] audit: type=1800 audit(2061.360:20): pid=17357 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3256" name="#)-\&[}" dev="mqueue" ino=52515 res=0 errno=0
[  641.342120][T17390] FAULT_INJECTION: forcing a failure.
[  641.342120][T17390] name failslab, interval 1, probability 0, space 0, times 0
[  641.365309][T17390] CPU: 1 UID: 0 PID: 17390 Comm: syz.3.3264 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  641.376150][T17390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  641.386241][T17390] Call Trace:
[  641.389558][T17390]  <TASK>
[  641.392514][T17390]  dump_stack_lvl+0x16c/0x1f0
[  641.397238][T17390]  should_fail_ex+0x497/0x5b0
[  641.401955][T17390]  ? fs_reclaim_acquire+0xae/0x150
[  641.407106][T17390]  should_failslab+0xc2/0x120
[  641.411827][T17390]  __kmalloc_noprof+0xce/0x4f0
[  641.416637][T17390]  ? kernfs_fop_read_iter+0x3ef/0x580
[  641.422063][T17390]  kernfs_fop_read_iter+0x3ef/0x580
[  641.427333][T17390]  ? rw_verify_area+0xd0/0x700
[  641.432136][T17390]  vfs_read+0x87f/0xbe0
[  641.436338][T17390]  ? __pfx_vfs_read+0x10/0x10
[  641.441078][T17390]  ksys_read+0x12b/0x250
[  641.445371][T17390]  ? __pfx_ksys_read+0x10/0x10
[  641.450181][T17390]  do_syscall_64+0xcd/0x250
[  641.454748][T17390]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  641.460682][T17390] RIP: 0033:0x7f1654f85d19
[  641.465123][T17390] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  641.484773][T17390] RSP: 002b:00007f1655e73038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  641.493221][T17390] RAX: ffffffffffffffda RBX: 00007f1655175fa0 RCX: 00007f1654f85d19
[  641.501237][T17390] RDX: 0000000000000009 RSI: 0000000020002440 RDI: 0000000000000003
[  641.509239][T17390] RBP: 00007f1655e73090 R08: 0000000000000000 R09: 0000000000000000
[  641.517246][T17390] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  641.525252][T17390] R13: 0000000000000000 R14: 00007f1655175fa0 R15: 00007ffd20aabc18
[  641.533443][T17390]  </TASK>
[  641.763292][T17400] program syz.3.3270 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  643.677054][T17444] FAULT_INJECTION: forcing a failure.
[  643.677054][T17444] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  643.720327][T17444] CPU: 0 UID: 0 PID: 17444 Comm: syz.1.3277 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  643.731164][T17444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  643.741258][T17444] Call Trace:
[  643.744560][T17444]  <TASK>
[  643.747528][T17444]  dump_stack_lvl+0x16c/0x1f0
[  643.752246][T17444]  should_fail_ex+0x497/0x5b0
[  643.756964][T17444]  _copy_to_user+0x32/0xd0
[  643.761422][T17444]  simple_read_from_buffer+0xd0/0x160
[  643.766842][T17444]  proc_fail_nth_read+0x198/0x270
[  643.771912][T17444]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  643.777550][T17444]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  643.783162][T17444]  vfs_read+0x1df/0xbe0
[  643.787357][T17444]  ? __fget_files+0x1fc/0x3a0
[  643.792069][T17444]  ? __pfx___mutex_lock+0x10/0x10
[  643.797133][T17444]  ? __pfx_vfs_read+0x10/0x10
[  643.801860][T17444]  ? __fget_files+0x206/0x3a0
[  643.806584][T17444]  ksys_read+0x12b/0x250
[  643.810864][T17444]  ? __pfx_ksys_read+0x10/0x10
[  643.815666][T17444]  do_syscall_64+0xcd/0x250
[  643.820204][T17444]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  643.826136][T17444] RIP: 0033:0x7f9c6ad8472c
[  643.830571][T17444] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  643.850213][T17444] RSP: 002b:00007f9c6bb24030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  643.858673][T17444] RAX: ffffffffffffffda RBX: 00007f9c6af75fa0 RCX: 00007f9c6ad8472c
[  643.866677][T17444] RDX: 000000000000000f RSI: 00007f9c6bb240a0 RDI: 0000000000000012
[  643.874675][T17444] RBP: 00007f9c6bb24090 R08: 0000000000000000 R09: 0000000000000000
[  643.882688][T17444] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  643.890718][T17444] R13: 0000000000000000 R14: 00007f9c6af75fa0 R15: 00007ffcf9196cc8
[  643.898756][T17444]  </TASK>
[  643.901923][    C0] vkms_vblank_simulate: vblank timer overrun
[  644.616920][T17466] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3285'.
[  646.366265][T17497] sd 0:0:1:0: PR command failed: 1026
[  646.371825][T17497] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  646.390386][T17518] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3295'.
[  646.445265][T17497] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  646.675843][T17526] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  646.723662][T17526] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3297'.
[  647.985896][T17549] netlink: 'syz.4.3300': attribute type 2 has an invalid length.
[  653.212079][T17720] netlink: zone id is out of range
[  653.497327][T17724] openvswitch: netlink: Flow actions attr not present in new flow.
[  654.925359][T17746] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3341'.
[  657.744207][T17766] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3343'.
[  658.006564][T17786] FAULT_INJECTION: forcing a failure.
[  658.006564][T17786] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  658.095526][T17786] CPU: 1 UID: 0 PID: 17786 Comm: syz.6.3350 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  658.106368][T17786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  658.116461][T17786] Call Trace:
[  658.119774][T17786]  <TASK>
[  658.122721][T17786]  dump_stack_lvl+0x16c/0x1f0
[  658.127432][T17786]  should_fail_ex+0x497/0x5b0
[  658.132145][T17786]  _copy_from_user+0x2e/0xd0
[  658.136767][T17786]  packet_setsockopt+0xa94/0x4070
[  658.141827][T17786]  ? __pfx_packet_setsockopt+0x10/0x10
[  658.147312][T17786]  ? __pfx___might_resched+0x10/0x10
[  658.152625][T17786]  ? aa_sk_perm+0x2f5/0xb20
[  658.157167][T17786]  ? ksys_write+0x191/0x250
[  658.161712][T17786]  ? find_held_lock+0x2d/0x110
[  658.166514][T17786]  ? __pfx_packet_setsockopt+0x10/0x10
[  658.172004][T17786]  do_sock_setsockopt+0x222/0x480
[  658.177063][T17786]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  658.182648][T17786]  ? lock_acquire+0x2f/0xb0
[  658.187191][T17786]  __sys_setsockopt+0x1a0/0x230
[  658.192075][T17786]  __x64_sys_setsockopt+0xbd/0x160
[  658.197214][T17786]  ? do_syscall_64+0x91/0x250
[  658.201917][T17786]  ? lockdep_hardirqs_on+0x7c/0x110
[  658.207141][T17786]  do_syscall_64+0xcd/0x250
[  658.211681][T17786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  658.217608][T17786] RIP: 0033:0x7eff35185d19
[  658.222047][T17786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  658.241691][T17786] RSP: 002b:00007eff35f26038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  658.250143][T17786] RAX: ffffffffffffffda RBX: 00007eff35375fa0 RCX: 00007eff35185d19
[  658.258146][T17786] RDX: 0000000000000002 RSI: 0000000000000107 RDI: 0000000000000004
[  658.266154][T17786] RBP: 00007eff35f26090 R08: 0000000000000028 R09: 0000000000000000
[  658.274155][T17786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  658.282158][T17786] R13: 0000000000000000 R14: 00007eff35375fa0 R15: 00007fffca9471d8
[  658.290182][T17786]  </TASK>
[  658.455583][T17789] Process accounting resumed
[  661.470390][T17851] RDS: rds_bind could not find a transport for ::ffff:2.0.0.0, load rds_tcp or rds_rdma?
[  662.220382][T17863] netlink: 'syz.6.3372': attribute type 4 has an invalid length.
[  663.837441][T17899] openvswitch: netlink: Flow actions attr not present in new flow.
[  664.812577][T17911] sd 0:0:1:0: PR command failed: 1026
[  664.818380][T17911] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  664.839829][T17911] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  667.419586][T17961] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR
[  668.622821][T17984] Process accounting resumed
[  668.797554][T17996] delete_channel: no stack
[  668.982020][T18021] ptrace attach of "./syz-executor exec"[16555] was attempted by "./syz-executor exec"[18021]
[  670.327993][T18047] sctp: [Deprecated]: syz.6.3418 (pid 18047) Use of struct sctp_assoc_value in delayed_ack socket option.
[  670.327993][T18047] Use struct sctp_sack_info instead
[  670.511956][T18042] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3418'.
[  670.588467][T18042] netdevsim netdevsim6 netdevsim2: entered allmulticast mode
[  673.351048][T18100] delete_channel: no stack
[  674.425978][T18118] FAULT_INJECTION: forcing a failure.
[  674.425978][T18118] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  674.495375][T18118] CPU: 1 UID: 0 PID: 18118 Comm: syz.3.3437 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  674.506215][T18118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  674.516302][T18118] Call Trace:
[  674.519601][T18118]  <TASK>
[  674.522557][T18118]  dump_stack_lvl+0x16c/0x1f0
[  674.527272][T18118]  should_fail_ex+0x497/0x5b0
[  674.531992][T18118]  _copy_to_user+0x32/0xd0
[  674.536445][T18118]  simple_read_from_buffer+0xd0/0x160
[  674.541864][T18118]  proc_fail_nth_read+0x198/0x270
[  674.546928][T18118]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  674.552522][T18118]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  674.558113][T18118]  vfs_read+0x1df/0xbe0
[  674.562303][T18118]  ? __fget_files+0x1fc/0x3a0
[  674.567014][T18118]  ? __pfx___mutex_lock+0x10/0x10
[  674.572073][T18118]  ? __pfx_vfs_read+0x10/0x10
[  674.576794][T18118]  ? __fget_files+0x206/0x3a0
[  674.581528][T18118]  ksys_read+0x12b/0x250
[  674.585806][T18118]  ? __pfx_ksys_read+0x10/0x10
[  674.590617][T18118]  do_syscall_64+0xcd/0x250
[  674.595165][T18118]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  674.601106][T18118] RIP: 0033:0x7f1654f8472c
[  674.605547][T18118] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  674.625193][T18118] RSP: 002b:00007f1655e73030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  674.633647][T18118] RAX: ffffffffffffffda RBX: 00007f1655175fa0 RCX: 00007f1654f8472c
[  674.641651][T18118] RDX: 000000000000000f RSI: 00007f1655e730a0 RDI: 0000000000000004
[  674.649662][T18118] RBP: 00007f1655e73090 R08: 0000000000000000 R09: 0000000000000000
[  674.657674][T18118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  674.665769][T18118] R13: 0000000000000000 R14: 00007f1655175fa0 R15: 00007ffd20aabc18
[  674.673791][T18118]  </TASK>
[  680.280901][T18183] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3451'.
[  680.400295][T18192] sctp: [Deprecated]: syz.3.3453 (pid 18192) Use of struct sctp_assoc_value in delayed_ack socket option.
[  680.400295][T18192] Use struct sctp_sack_info instead
[  680.742842][T18192] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3453'.
[  680.817109][T18183] netdevsim netdevsim4 netdevsim2: entered allmulticast mode
[  681.075692][T18192] netdevsim netdevsim3 netdevsim2: entered allmulticast mode
[  684.627787][T18234] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3465'.
[  686.191077][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  686.197512][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  686.241150][T18245] sctp: [Deprecated]: syz.4.3467 (pid 18245) Use of struct sctp_assoc_value in delayed_ack socket option.
[  686.241150][T18245] Use struct sctp_sack_info instead
[  687.156646][T18245] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3467'.
[  687.903144][   T29] audit: type=1804 audit(2108.790:21): pid=18265 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.3472" name="/newroot/sys/kernel/tracing/per_cpu/cpu1/trace" dev="tracefs" ino=1293 res=1 errno=0
[  689.319342][T18271] netlink: 'syz.3.3475': attribute type 4 has an invalid length.
[  692.057624][T18295] FAULT_INJECTION: forcing a failure.
[  692.057624][T18295] name failslab, interval 1, probability 0, space 0, times 0
[  692.103832][T18295] CPU: 1 UID: 0 PID: 18295 Comm: syz.1.3482 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  692.114667][T18295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  692.124749][T18295] Call Trace:
[  692.128047][T18295]  <TASK>
[  692.130997][T18295]  dump_stack_lvl+0x16c/0x1f0
[  692.135709][T18295]  should_fail_ex+0x497/0x5b0
[  692.140417][T18295]  ? fs_reclaim_acquire+0xae/0x150
[  692.145565][T18295]  should_failslab+0xc2/0x120
[  692.150281][T18295]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  692.155691][T18295]  ? ptlock_alloc+0x1f/0x70
[  692.160242][T18295]  ptlock_alloc+0x1f/0x70
[  692.164616][T18295]  pte_alloc_one+0x74/0x390
[  692.169153][T18295]  __pte_alloc+0x6e/0x3b0
[  692.173512][T18295]  ? __pfx___pte_alloc+0x10/0x10
[  692.178488][T18295]  do_pte_missing+0x2810/0x3e00
[  692.183373][T18295]  ? mt_find+0x82d/0xa20
[  692.187652][T18295]  ? __pfx_lock_release+0x10/0x10
[  692.192722][T18295]  __handle_mm_fault+0x103c/0x2a40
[  692.197878][T18295]  ? __pfx___handle_mm_fault+0x10/0x10
[  692.203370][T18295]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  692.209055][T18295]  ? find_vma+0xc0/0x140
[  692.213323][T18295]  ? __pfx_find_vma+0x10/0x10
[  692.218031][T18295]  handle_mm_fault+0x3fa/0xaa0
[  692.222837][T18295]  do_user_addr_fault+0x7a3/0x13f0
[  692.227983][T18295]  exc_page_fault+0x5c/0xc0
[  692.232519][T18295]  asm_exc_page_fault+0x26/0x30
[  692.237401][T18295] RIP: 0010:rep_movs_alternative+0x4a/0x70
[  692.243247][T18295] Code: 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 <f3> a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1
[  692.262894][T18295] RSP: 0018:ffffc9000c837d10 EFLAGS: 00050206
[  692.268999][T18295] RAX: 0000000000000001 RBX: 0000000020000180 RCX: 00000000000001e0
[  692.277000][T18295] RDX: ffffed100eb6753c RSI: 0000000020000180 RDI: ffff888075b3a800
[  692.285005][T18295] RBP: 00000000000001e0 R08: 0000000000000001 R09: ffffed100eb6753b
[  692.293001][T18295] R10: ffff888075b3a9df R11: 0000000000000000 R12: 0000000000000000
[  692.300997][T18295] R13: ffff888075b3a800 R14: ffff888075b3a800 R15: 000000000000003a
[  692.309019][T18295]  _copy_from_user+0x9a/0xd0
[  692.313648][T18295]  __io_uring_register+0x140a/0x2290
[  692.318981][T18295]  ? __pfx___io_uring_register+0x10/0x10
[  692.324744][T18295]  ? __mutex_lock+0x1cc/0xa60
[  692.329460][T18295]  ? __fget_files+0x1fc/0x3a0
[  692.334166][T18295]  ? __x64_sys_io_uring_register+0x168/0x2b0
[  692.340186][T18295]  ? __pfx_lock_release+0x10/0x10
[  692.345263][T18295]  ? __pfx___mutex_lock+0x10/0x10
[  692.350319][T18295]  ? __fget_files+0x40/0x3a0
[  692.354941][T18295]  ? __fget_files+0x206/0x3a0
[  692.359662][T18295]  __x64_sys_io_uring_register+0x17a/0x2b0
[  692.365521][T18295]  do_syscall_64+0xcd/0x250
[  692.370067][T18295]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  692.376004][T18295] RIP: 0033:0x7f9c6ad85d19
[  692.380462][T18295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  692.400118][T18295] RSP: 002b:00007f9c6bb24038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[  692.408585][T18295] RAX: ffffffffffffffda RBX: 00007f9c6af75fa0 RCX: 00007f9c6ad85d19
[  692.416591][T18295] RDX: 0000000020000180 RSI: 0000000000000008 RDI: 0000000000000002
[  692.424597][T18295] RBP: 00007f9c6bb24090 R08: 0000000000000000 R09: 0000000000000000
[  692.432613][T18295] R10: 000000000000007f R11: 0000000000000246 R12: 0000000000000001
[  692.440619][T18295] R13: 0000000000000000 R14: 00007f9c6af75fa0 R15: 00007ffcf9196cc8
[  692.448651][T18295]  </TASK>
[  692.451793][    C1] vkms_vblank_simulate: vblank timer overrun
[  697.840411][T18349] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3498'.
[  698.198846][T18373] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3506'.
[  698.266029][T18375] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3506'.
[  703.636206][T18446] netlink: 'syz.4.3526': attribute type 4 has an invalid length.
[  713.307160][T18541] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  713.313275][T18541] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  713.325507][T18541] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  713.400174][T18541] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  713.482589][T18541] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  713.664531][T18541] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  715.389243][ T5144] Bluetooth: hci4: command 0x0c1a tx timeout
[  715.389253][ T5843] Bluetooth: hci0: command 0x0406 tx timeout
[  715.401514][ T5842] Bluetooth: hci1: command 0x0c1a tx timeout
[  715.465321][ T5842] Bluetooth: hci3: command 0x0c1a tx timeout
[  716.038249][T18576] FAULT_INJECTION: forcing a failure.
[  716.038249][T18576] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  716.051670][T18576] CPU: 0 UID: 0 PID: 18576 Comm: syz.1.3562 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  716.062478][T18576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  716.072573][T18576] Call Trace:
[  716.075877][T18576]  <TASK>
[  716.078853][T18576]  dump_stack_lvl+0x16c/0x1f0
[  716.083563][T18576]  should_fail_ex+0x497/0x5b0
[  716.088280][T18576]  _copy_from_user+0x2e/0xd0
[  716.092906][T18576]  core_sys_select+0x2b6/0xa10
[  716.097716][T18576]  ? __pfx_core_sys_select+0x10/0x10
[  716.103033][T18576]  ? __pfx_lock_release+0x10/0x10
[  716.108104][T18576]  ? proc_fail_nth_write+0xa0/0x250
[  716.113364][T18576]  ? do_sys_openat2+0xb1/0x1e0
[  716.118165][T18576]  ? __pfx_do_sys_openat2+0x10/0x10
[  716.123413][T18576]  ? put_files_struct+0x3b/0x370
[  716.128398][T18576]  kern_select+0x15e/0x1e0
[  716.133117][T18576]  ? __pfx_kern_select+0x10/0x10
[  716.138096][T18576]  ? __pfx_ksys_write+0x10/0x10
[  716.142988][T18576]  __x64_sys_select+0xbd/0x160
[  716.147781][T18576]  ? do_syscall_64+0x91/0x250
[  716.152493][T18576]  ? lockdep_hardirqs_on+0x7c/0x110
[  716.157730][T18576]  do_syscall_64+0xcd/0x250
[  716.162272][T18576]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  716.168204][T18576] RIP: 0033:0x7f9c6ad85d19
[  716.172678][T18576] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  716.192323][T18576] RSP: 002b:00007f9c6bb24038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017
[  716.200783][T18576] RAX: ffffffffffffffda RBX: 00007f9c6af75fa0 RCX: 00007f9c6ad85d19
[  716.208882][T18576] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 000000000000002c
[  716.216925][T18576] RBP: 00007f9c6bb24090 R08: 0000000000000000 R09: 0000000000000000
[  716.224940][T18576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  716.227707][T18568] Process accounting resumed
[  716.233006][T18576] R13: 0000000000000000 R14: 00007f9c6af75fa0 R15: 00007ffcf9196cc8
[  716.233040][T18576]  </TASK>
[  717.545344][ T5842] Bluetooth: hci3: command 0x0c1a tx timeout
[  719.625335][ T5842] Bluetooth: hci3: command 0x0c1a tx timeout
[  727.375974][T18703] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  729.030870][T18730] FAULT_INJECTION: forcing a failure.
[  729.030870][T18730] name failslab, interval 1, probability 0, space 0, times 0
[  729.044024][T18730] CPU: 0 UID: 0 PID: 18730 Comm: syz.1.3607 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  729.054828][T18730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  729.064916][T18730] Call Trace:
[  729.068220][T18730]  <TASK>
[  729.071178][T18730]  dump_stack_lvl+0x16c/0x1f0
[  729.075895][T18730]  should_fail_ex+0x497/0x5b0
[  729.080614][T18730]  should_failslab+0xc2/0x120
[  729.085338][T18730]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  729.090754][T18730]  ? trace_lock_acquire+0x14e/0x1f0
[  729.096000][T18730]  ? skb_clone+0x190/0x3f0
[  729.100468][T18730]  skb_clone+0x190/0x3f0
[  729.104767][T18730]  dev_queue_xmit_nit+0x38f/0xbc0
[  729.109853][T18730]  dev_hard_start_xmit+0x283/0x7b0
[  729.115013][T18730]  __dev_queue_xmit+0x7f0/0x43e0
[  729.120000][T18730]  ? __pfx___dev_queue_xmit+0x10/0x10
[  729.125437][T18730]  ? rcu_is_watching+0x12/0xc0
[  729.130243][T18730]  ? trace_kmem_cache_alloc+0x2d/0xd0
[  729.135648][T18730]  ? kmem_cache_alloc_noprof+0x21b/0x3b0
[  729.141330][T18730]  ? __copy_skb_header+0x2e8/0x5b0
[  729.146549][T18730]  ? __skb_clone+0x570/0x760
[  729.151187][T18730]  netlink_deliver_tap+0xa61/0xca0
[  729.156351][T18730]  netlink_dump+0x639/0xd00
[  729.160907][T18730]  ? __pfx_netlink_dump+0x10/0x10
[  729.166097][T18730]  ? lock_acquire+0x2f/0xb0
[  729.170631][T18730]  ? netlink_lookup+0x3d/0x270
[  729.175454][T18730]  __netlink_dump_start+0x6d9/0x980
[  729.180713][T18730]  packet_diag_handler_dump+0x1f1/0x290
[  729.186309][T18730]  ? __pfx_packet_diag_handler_dump+0x10/0x10
[  729.192425][T18730]  ? __pfx_packet_diag_dump+0x10/0x10
[  729.197851][T18730]  sock_diag_rcv_msg+0x437/0x790
[  729.202829][T18730]  netlink_rcv_skb+0x165/0x410
[  729.207628][T18730]  ? __pfx_sock_diag_rcv_msg+0x10/0x10
[  729.213141][T18730]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  729.218568][T18730]  ? netlink_deliver_tap+0x1ae/0xca0
[  729.223909][T18730]  netlink_unicast+0x53c/0x7f0
[  729.228722][T18730]  ? __pfx_netlink_unicast+0x10/0x10
[  729.234046][T18730]  ? __phys_addr_symbol+0x30/0x80
[  729.239120][T18730]  ? __check_object_size+0x488/0x710
[  729.244468][T18730]  netlink_sendmsg+0x8b8/0xd70
[  729.249284][T18730]  ? __pfx_netlink_sendmsg+0x10/0x10
[  729.254624][T18730]  sock_write_iter+0x4fe/0x5b0
[  729.259462][T18730]  ? __pfx_sock_write_iter+0x10/0x10
[  729.264805][T18730]  ? bpf_lsm_file_permission+0x9/0x10
[  729.270228][T18730]  ? security_file_permission+0x71/0x210
[  729.275909][T18730]  vfs_write+0x5ae/0x1150
[  729.280277][T18730]  ? __pfx_sock_write_iter+0x10/0x10
[  729.285609][T18730]  ? __pfx_vfs_write+0x10/0x10
[  729.290421][T18730]  ? __fget_files+0x40/0x3a0
[  729.295067][T18730]  ksys_write+0x207/0x250
[  729.299522][T18730]  ? __pfx_ksys_write+0x10/0x10
[  729.304415][T18730]  do_syscall_64+0xcd/0x250
[  729.308957][T18730]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  729.314891][T18730] RIP: 0033:0x7f9c6ad85d19
[  729.319422][T18730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  729.339076][T18730] RSP: 002b:00007f9c6bb24038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  729.347533][T18730] RAX: ffffffffffffffda RBX: 00007f9c6af75fa0 RCX: 00007f9c6ad85d19
[  729.355540][T18730] RDX: 00000000000002fb RSI: 0000000020000000 RDI: 0000000000000006
[  729.363538][T18730] RBP: 00007f9c6bb24090 R08: 0000000000000000 R09: 0000000000000000
[  729.371541][T18730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  729.379547][T18730] R13: 0000000000000000 R14: 00007f9c6af75fa0 R15: 00007ffcf9196cc8
[  729.387570][T18730]  </TASK>
[  729.395222][T18731] lo: entered allmulticast mode
[  729.441266][T18731] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3608'.
[  729.958944][T18728] lo: left allmulticast mode
[  730.263121][T18744] lo: entered allmulticast mode
[  730.283427][T18744] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3612'.
[  730.299220][T18742] lo: left allmulticast mode
[  732.545422][T18773] sctp: [Deprecated]: syz.1.3620 (pid 18773) Use of struct sctp_assoc_value in delayed_ack socket option.
[  732.545422][T18773] Use struct sctp_sack_info instead
[  733.127509][T18773] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3620'.
[  733.185776][T18745] device-mapper: ioctl: ioctl interface mismatch: kernel(4.48.0), user(0.0.0), cmd(17)
[  733.331325][T18773] netdevsim netdevsim1 netdevsim2: entered allmulticast mode
[  733.576110][T18745] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3613'.
[  733.666088][T18745] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  733.766153][T18745] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  734.342229][T18784] FAULT_INJECTION: forcing a failure.
[  734.342229][T18784] name failslab, interval 1, probability 0, space 0, times 0
[  734.396996][T18784] CPU: 0 UID: 0 PID: 18784 Comm: syz.1.3622 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  734.407829][T18784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  734.418004][T18784] Call Trace:
[  734.421475][T18784]  <TASK>
[  734.424430][T18784]  dump_stack_lvl+0x16c/0x1f0
[  734.429148][T18784]  should_fail_ex+0x497/0x5b0
[  734.433873][T18784]  ? fs_reclaim_acquire+0xae/0x150
[  734.439031][T18784]  should_failslab+0xc2/0x120
[  734.443756][T18784]  __kmalloc_noprof+0xce/0x4f0
[  734.448560][T18784]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  734.454223][T18784]  ? tomoyo_realpath_from_path+0xbf/0x710
[  734.459982][T18784]  tomoyo_realpath_from_path+0xbf/0x710
[  734.465569][T18784]  ? tomoyo_path_number_perm+0x235/0x5b0
[  734.471258][T18784]  tomoyo_path_number_perm+0x248/0x5b0
[  734.476763][T18784]  ? tomoyo_path_number_perm+0x235/0x5b0
[  734.482454][T18784]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  734.488517][T18784]  ? __pfx_lock_release+0x10/0x10
[  734.493584][T18784]  ? trace_lock_acquire+0x14e/0x1f0
[  734.498831][T18784]  ? lock_acquire+0x2f/0xb0
[  734.503520][T18784]  ? __fget_files+0x40/0x3a0
[  734.508158][T18784]  ? __fget_files+0x206/0x3a0
[  734.512884][T18784]  security_file_ioctl+0x9b/0x240
[  734.517953][T18784]  __x64_sys_ioctl+0xb7/0x200
[  734.522678][T18784]  do_syscall_64+0xcd/0x250
[  734.527226][T18784]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  734.533169][T18784] RIP: 0033:0x7f9c6ad85d19
[  734.537618][T18784] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  734.557785][T18784] RSP: 002b:00007f9c6bb24038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  734.566244][T18784] RAX: ffffffffffffffda RBX: 00007f9c6af75fa0 RCX: 00007f9c6ad85d19
[  734.574269][T18784] RDX: 0000000000000034 RSI: 000000004404561b RDI: 0000000000000003
[  734.582275][T18784] RBP: 00007f9c6bb24090 R08: 0000000000000000 R09: 0000000000000000
[  734.590282][T18784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  734.598291][T18784] R13: 0000000000000000 R14: 00007f9c6af75fa0 R15: 00007ffcf9196cc8
[  734.606407][T18784]  </TASK>
[  734.764826][T18784] ERROR: Out of memory at tomoyo_realpath_from_path.
[  739.628264][T18825] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3630'.
[  739.699935][T18825] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3630'.
[  741.963914][T18174] syz.6.3446 (18174) used greatest stack depth: 18640 bytes left
[  742.062832][T18847] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3638'.
[  742.196006][T18852] Invalid ELF header magic: != ELF
[  742.452756][T18152] syz.6.3444 (18152) used greatest stack depth: 18576 bytes left
[  745.128086][T18879] netlink: 'syz.3.3643': attribute type 4 has an invalid length.
[  746.345440][T18885] netlink: 'syz.3.3645': attribute type 4 has an invalid length.
[  747.630376][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  747.640314][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  748.418965][T18910] Process accounting resumed
[  749.356720][T18916] netlink: 'syz.4.3653': attribute type 4 has an invalid length.
[  751.184602][T18948] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3660'.
[  752.922239][T18966] netlink: 'syz.4.3668': attribute type 4 has an invalid length.
[  753.662083][T18975] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3669'.
[  753.826549][T18975] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  755.405445][T18998] netlink: 4456 bytes leftover after parsing attributes in process `syz.3.3678'.
[  757.006544][T19015] FAULT_INJECTION: forcing a failure.
[  757.006544][T19015] name failslab, interval 1, probability 0, space 0, times 0
[  757.085338][T19015] CPU: 1 UID: 0 PID: 19015 Comm: syz.4.3682 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  757.096183][T19015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  757.106275][T19015] Call Trace:
[  757.109567][T19015]  <TASK>
[  757.112517][T19015]  dump_stack_lvl+0x16c/0x1f0
[  757.117241][T19015]  should_fail_ex+0x497/0x5b0
[  757.121959][T19015]  ? fs_reclaim_acquire+0xae/0x150
[  757.127117][T19015]  should_failslab+0xc2/0x120
[  757.131836][T19015]  __kmalloc_noprof+0xce/0x4f0
[  757.136640][T19015]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  757.142308][T19015]  ? tomoyo_realpath_from_path+0xbf/0x710
[  757.148082][T19015]  tomoyo_realpath_from_path+0xbf/0x710
[  757.153670][T19015]  ? tomoyo_path_number_perm+0x235/0x5b0
[  757.159352][T19015]  tomoyo_path_number_perm+0x248/0x5b0
[  757.164856][T19015]  ? tomoyo_path_number_perm+0x235/0x5b0
[  757.170532][T19015]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  757.176584][T19015]  ? __pfx_lock_release+0x10/0x10
[  757.181648][T19015]  ? trace_lock_acquire+0x14e/0x1f0
[  757.186884][T19015]  ? lock_acquire+0x2f/0xb0
[  757.191412][T19015]  ? __fget_files+0x40/0x3a0
[  757.196042][T19015]  ? __fget_files+0x206/0x3a0
[  757.200772][T19015]  security_file_ioctl+0x9b/0x240
[  757.205841][T19015]  __x64_sys_ioctl+0xb7/0x200
[  757.210565][T19015]  do_syscall_64+0xcd/0x250
[  757.215101][T19015]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  757.221030][T19015] RIP: 0033:0x7f522f785d19
[  757.225484][T19015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  757.245136][T19015] RSP: 002b:00007f52305fc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  757.253588][T19015] RAX: ffffffffffffffda RBX: 00007f522f975fa0 RCX: 00007f522f785d19
[  757.261596][T19015] RDX: 0000000000000000 RSI: 000000000000127d RDI: 0000000000000003
[  757.269595][T19015] RBP: 00007f52305fc090 R08: 0000000000000000 R09: 0000000000000000
[  757.277859][T19015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  757.285864][T19015] R13: 0000000000000000 R14: 00007f522f975fa0 R15: 00007ffe45bb3998
[  757.293888][T19015]  </TASK>
[  757.345609][T19015] ERROR: Out of memory at tomoyo_realpath_from_path.
[  769.400132][ T5144] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  769.414942][ T5144] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  769.423499][ T5144] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  769.434060][ T5144] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  769.441897][ T5144] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  769.449376][ T5144] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  771.235565][T19040] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3688'.
[  771.409096][T19029] chnl_net:caif_netlink_parms(): no params data found
[  771.475155][ T5842] Bluetooth: hci2: command tx timeout
[  772.322172][ T5144] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  772.345231][ T5144] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  772.356505][ T5144] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  772.377366][ T5144] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  772.387008][ T5144] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  772.395333][ T5144] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  772.787790][T19029] bridge0: port 1(bridge_slave_0) entered blocking state
[  772.797369][T19029] bridge0: port 1(bridge_slave_0) entered disabled state
[  772.804635][T19029] bridge_slave_0: entered allmulticast mode
[  772.846466][T19029] bridge_slave_0: entered promiscuous mode
[  772.875214][T19029] bridge0: port 2(bridge_slave_1) entered blocking state
[  772.882365][T19029] bridge0: port 2(bridge_slave_1) entered disabled state
[  772.911933][T19029] bridge_slave_1: entered allmulticast mode
[  772.926360][T19029] bridge_slave_1: entered promiscuous mode

syzkaller
syzkaller login: [  773.417879][T19029] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  773.448418][T19029] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  773.493232][T19059] netlink: 338 bytes leftover after parsing attributes in process `syz.4.3692'.
[  773.555179][ T5842] Bluetooth: hci2: command tx timeout
[  773.996687][T19029] team0: Port device team_slave_0 added
[  774.091295][T19029] team0: Port device team_slave_1 added
[  774.486846][T19029] batman_adv: batadv0: Adding interface: batadv_slave_0
[  774.505454][ T5842] Bluetooth: hci1: command tx timeout
[  774.515740][T19029] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  774.605715][T19029] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  774.699124][T19048] chnl_net:caif_netlink_parms(): no params data found
[  774.791208][T19029] batman_adv: batadv0: Adding interface: batadv_slave_1
[  774.806367][T19029] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  774.864651][T19029] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  775.179070][T19029] hsr_slave_0: entered promiscuous mode
[  775.186595][T19029] hsr_slave_1: entered promiscuous mode
[  775.226645][T19029] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  775.234373][T19029] Cannot create hsr debugfs directory
[  775.625780][ T5842] Bluetooth: hci2: command tx timeout
[  775.822982][T14811] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  775.992748][T19048] bridge0: port 1(bridge_slave_0) entered blocking state
[  776.000487][T19048] bridge0: port 1(bridge_slave_0) entered disabled state
[  776.015462][T19048] bridge_slave_0: entered allmulticast mode
[  776.022714][T19048] bridge_slave_0: entered promiscuous mode
[  776.253321][T14811] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  776.296840][T19048] bridge0: port 2(bridge_slave_1) entered blocking state
[  776.303991][T19048] bridge0: port 2(bridge_slave_1) entered disabled state
[  776.325381][T19048] bridge_slave_1: entered allmulticast mode
[  776.343555][T19048] bridge_slave_1: entered promiscuous mode
[  776.549146][T14811] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  776.585395][ T5842] Bluetooth: hci1: command tx timeout
[  776.641743][T19048] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  776.946988][T14811] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  776.988822][T19048] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  777.104078][T19048] team0: Port device team_slave_0 added
[  777.258965][T19029] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  777.308256][T19048] team0: Port device team_slave_1 added
[  777.359388][T19029] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  777.379191][T19029] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  777.407222][T19048] batman_adv: batadv0: Adding interface: batadv_slave_0
[  777.425651][T19048] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  777.479838][T19048] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  777.507089][T19048] batman_adv: batadv0: Adding interface: batadv_slave_1
[  777.542433][T19048] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  777.577026][T19048] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  777.627353][T19029] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  777.705219][ T5842] Bluetooth: hci2: command tx timeout
[  777.808698][T19048] hsr_slave_0: entered promiscuous mode
[  777.844982][T19048] hsr_slave_1: entered promiscuous mode
[  777.855300][T19048] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  777.862913][T19048] Cannot create hsr debugfs directory
[  778.067869][T14811] bridge_slave_1: left allmulticast mode
[  778.073880][T14811] bridge_slave_1: left promiscuous mode
[  778.110386][T14811] bridge0: port 2(bridge_slave_1) entered disabled state
[  778.153630][T14811] bridge_slave_0: left allmulticast mode
[  778.166230][T14811] bridge_slave_0: left promiscuous mode
[  778.172023][T14811] bridge0: port 1(bridge_slave_0) entered disabled state
[  778.665245][ T5842] Bluetooth: hci1: command tx timeout
[  779.785966][T14811] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  779.895792][T14811] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  779.937849][T14811] bond0 (unregistering): Released all slaves
[  780.765101][ T5842] Bluetooth: hci1: command tx timeout
[  780.886591][T19029] 8021q: adding VLAN 0 to HW filter on device bond0
[  780.944982][T19029] 8021q: adding VLAN 0 to HW filter on device team0
[  781.060645][T19048] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  781.256233][T14811] hsr_slave_0: left promiscuous mode
[  781.287513][T14811] hsr_slave_1: left promiscuous mode
[  781.307552][T14811] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  781.325187][T14811] batman_adv: batadv0: Removing interface: batadv_slave_0
[  781.365657][T14811] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  781.375172][T14811] batman_adv: batadv0: Removing interface: batadv_slave_1
[  781.532844][T14811] veth1_macvtap: left promiscuous mode
[  781.572549][T14811] veth0_macvtap: left promiscuous mode
[  781.604291][T14811] veth1_vlan: left promiscuous mode
[  781.615372][T14811] veth0_vlan: left promiscuous mode
[  783.637433][T14811] team0 (unregistering): Port device team_slave_1 removed
[  783.741754][T14811] team0 (unregistering): Port device team_slave_0 removed
[  785.066303][T19048] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  785.088302][T14809] bridge0: port 1(bridge_slave_0) entered blocking state
[  785.095540][T14809] bridge0: port 1(bridge_slave_0) entered forwarding state
[  785.146107][T19048] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  785.212611][T19048] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  785.226435][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  785.233568][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  786.140098][T19048] 8021q: adding VLAN 0 to HW filter on device bond0
[  786.351197][T19029] 8021q: adding VLAN 0 to HW filter on device batadv0
[  786.434559][T19048] 8021q: adding VLAN 0 to HW filter on device team0
[  786.550334][T14814] bridge0: port 1(bridge_slave_0) entered blocking state
[  786.557552][T14814] bridge0: port 1(bridge_slave_0) entered forwarding state
[  786.609140][T14814] bridge0: port 2(bridge_slave_1) entered blocking state
[  786.616354][T14814] bridge0: port 2(bridge_slave_1) entered forwarding state
[  786.704484][T19048] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  787.011062][T19029] veth0_vlan: entered promiscuous mode
[  787.033539][T19029] veth1_vlan: entered promiscuous mode
[  787.099928][T19029] veth0_macvtap: entered promiscuous mode
[  787.121759][T19029] veth1_macvtap: entered promiscuous mode
[  787.140945][T19029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  787.151787][T19029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  787.161714][T19029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  787.172997][T19029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  787.183061][T19029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  787.193612][T19029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  787.205709][T19029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  787.216361][T19029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  787.226476][T19029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  787.237056][T19029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  787.249173][T19029] batman_adv: batadv0: Interface activated: batadv_slave_0
[  787.260875][T19029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  787.271496][T19029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  787.281505][T19029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  787.292088][T19029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  787.303386][T19029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  787.314169][T19029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  787.335156][T19029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  787.346094][T19029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  787.356404][T19029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  787.375462][T19029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  787.402644][T19029] batman_adv: batadv0: Interface activated: batadv_slave_1
[  787.430474][T19029] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  787.451391][T19029] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  787.474435][T19029] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  787.494518][T19029] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  787.639280][T19048] 8021q: adding VLAN 0 to HW filter on device batadv0
[  787.947140][T19180] openvswitch: netlink: IP tunnel dst address not specified
[  787.959810][T14814] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  787.983106][T14814] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  788.031767][T14814] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  788.065161][T14814] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  788.294061][T19048] veth0_vlan: entered promiscuous mode
[  788.332897][T19048] veth1_vlan: entered promiscuous mode
[  788.437929][T19048] veth0_macvtap: entered promiscuous mode
[  788.467834][T19048] veth1_macvtap: entered promiscuous mode
[  788.527811][T19048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  788.572588][T19048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  788.596765][T19048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  788.621398][T19048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  788.635132][T19048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  788.654690][T19048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  788.675611][T19048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  788.705177][T19048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  788.732970][T19048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  788.755179][T19048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  788.785572][T19048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  788.804665][T19048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  788.827293][T19048] batman_adv: batadv0: Interface activated: batadv_slave_0
[  788.877629][T19048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  788.932707][T19048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  788.963912][T19048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  788.984775][T19048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  789.005149][T19048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  789.035228][T19048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  789.056203][T19048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  789.075146][T19048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  789.085291][T19048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  789.119936][T19048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  789.144973][T19048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  789.175254][T19048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  789.197936][T19048] batman_adv: batadv0: Interface activated: batadv_slave_1
[  789.218555][T19048] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  789.235223][T19048] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  789.254458][T19048] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  789.263539][T19048] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  789.530690][ T1885] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  789.543276][ T1885] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  789.622793][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  789.651741][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  790.902782][T18900] syz.1.3647 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  791.081761][T19252] netlink: 326 bytes leftover after parsing attributes in process `syz.8.3713'.
[  791.095137][T18900] CPU: 0 UID: 0 PID: 18900 Comm: syz.1.3647 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  791.105977][T18900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  791.116071][T18900] Call Trace:
[  791.119381][T18900]  <TASK>
[  791.122346][T18900]  dump_stack_lvl+0x16c/0x1f0
[  791.127084][T18900]  dump_header+0x101/0x900
[  791.131563][T18900]  oom_kill_process+0x270/0xa60
[  791.136455][T18900]  ? mem_cgroup_out_of_memory+0x8d/0x270
[  791.142152][T18900]  out_of_memory+0x351/0x1700
[  791.146892][T18900]  ? __pfx_out_of_memory+0x10/0x10
[  791.152055][T18900]  ? rcu_read_unlock+0x17/0x60
[  791.156874][T18900]  ? find_held_lock+0x2d/0x110
[  791.161687][T18900]  mem_cgroup_out_of_memory+0x207/0x270
[  791.167265][T18900]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  791.173386][T18900]  ? do_raw_spin_unlock+0x172/0x230
[  791.178635][T18900]  try_charge_memcg+0x54c/0xaf0
[  791.183631][T18900]  ? __pfx_try_charge_memcg+0x10/0x10
[  791.189055][T18900]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[  791.194563][T18900]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[  791.200075][T18900]  ? get_mem_cgroup_from_mm+0x131/0x5f0
[  791.205681][T18900]  __mem_cgroup_charge+0x9b/0x280
[  791.210764][T18900]  shmem_alloc_and_add_folio+0x507/0xc00
[  791.216441][T18900]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  791.222638][T18900]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  791.229007][T18900]  ? shmem_huge_global_enabled+0x176/0x250
[  791.234871][T18900]  ? shmem_allowable_huge_orders+0xcd/0x3e0
[  791.240820][T18900]  shmem_get_folio_gfp+0x689/0x1530
[  791.246076][T18900]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  791.251761][T18900]  ? find_held_lock+0x2d/0x110
[  791.256587][T18900]  shmem_write_begin+0x161/0x300
[  791.261566][T18900]  ? __pfx_shmem_write_begin+0x10/0x10
[  791.267037][T18900]  ? timestamp_truncate+0x21f/0x2e0
[  791.272345][T18900]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1270
[  791.279253][T18900]  generic_perform_write+0x2ba/0x920
[  791.284564][T18900]  ? __pfx_generic_perform_write+0x10/0x10
[  791.290394][T18900]  ? inode_needs_update_time.part.0+0x191/0x270
[  791.296659][T18900]  shmem_file_write_iter+0x10e/0x140
[  791.302054][T18900]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  791.307887][T18900]  __kernel_write_iter+0x318/0xa80
[  791.313103][T18900]  ? __pfx___kernel_write_iter+0x10/0x10
[  791.318751][T18900]  ? get_dump_page+0x15b/0x230
[  791.323540][T18900]  ? __pfx___might_resched+0x10/0x10
[  791.328849][T18900]  ? copy_mc_enhanced_fast_string+0xa/0x13
[  791.334675][T18900]  dump_user_range+0x389/0x8c0
[  791.339460][T18900]  ? __pfx_dump_user_range+0x10/0x10
[  791.344767][T18900]  ? elf_coredump_extra_notes_write+0xbe/0x430
[  791.350945][T18900]  ? __pfx_writenote+0x10/0x10
[  791.355725][T18900]  elf_core_dump+0x2787/0x3880
[  791.360510][T18900]  ? __pfx_elf_core_dump+0x10/0x10
[  791.365626][T18900]  ? kasan_save_stack+0x42/0x60
[  791.370506][T18900]  ? kasan_save_stack+0x33/0x60
[  791.375389][T18900]  ? kasan_save_track+0x14/0x30
[  791.380263][T18900]  ? __kasan_kmalloc+0xaa/0xb0
[  791.385040][T18900]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  791.390513][T18900]  ? do_coredump+0x1665/0x43e0
[  791.395297][T18900]  ? get_signal+0x23f3/0x2610
[  791.400053][T18900]  ? rcu_is_watching+0x12/0xc0
[  791.404832][T18900]  ? trace_lock_acquire+0x14e/0x1f0
[  791.410130][T18900]  ? __pfx_sort+0x10/0x10
[  791.414469][T18900]  ? get_signal+0x23f3/0x2610
[  791.419160][T18900]  ? do_coredump+0x2dd5/0x43e0
[  791.423936][T18900]  do_coredump+0x2dd5/0x43e0
[  791.428552][T18900]  ? __pfx_do_coredump+0x10/0x10
[  791.433513][T18900]  ? irqentry_exit_to_user_mode+0x13f/0x280
[  791.439472][T18900]  get_signal+0x23f3/0x2610
[  791.443994][T18900]  ? __pfx_get_signal+0x10/0x10
[  791.448856][T18900]  ? rcu_is_watching+0x12/0xc0
[  791.453632][T18900]  ? trace_irq_disable.constprop.0+0xea/0x140
[  791.459711][T18900]  arch_do_signal_or_restart+0x90/0x7e0
[  791.465277][T18900]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  791.471450][T18900]  ? do_user_addr_fault+0xa4b/0x13f0
[  791.476749][T18900]  irqentry_exit_to_user_mode+0x13f/0x280
[  791.482486][T18900]  asm_exc_page_fault+0x26/0x30
[  791.487350][T18900] RIP: 0033:0x0
[  791.490906][T18900] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[  791.498273][T18900] RSP: 002b:000000000000000a EFLAGS: 00010217
[  791.504430][T18900] RAX: 0000000000000000 RBX: 00007f9c6af76160 RCX: 00007f9c6ad85d19
[  791.512417][T18900] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46
[  791.520397][T18900] RBP: 00007f9c6ae01a20 R08: 0000000000000002 R09: 0000000000000000
[  791.528405][T18900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  791.536383][T18900] R13: 0000000000000001 R14: 00007f9c6af76160 R15: 00007ffcf9196cc8
[  791.544374][T18900]  </TASK>
[  791.555483][T18900] memory: usage 305812kB, limit 307200kB, failcnt 24671
[  791.562480][T18900] memory+swap: usage 430668kB, limit 9007199254740988kB, failcnt 0
[  791.616793][T18900] kmem: usage 3604kB, limit 9007199254740988kB, failcnt 0
[  791.675270][T18900] Memory cgroup stats for /syz1:
[  791.675658][T18900] cache 307482624
[  791.684287][T18900] rss 499712
[  791.730180][T18900] rss_huge 0
[  791.733437][T18900] shmem 307482624
[  791.761283][T18900] mapped_file 45760512
[  791.807132][T18900] dirty 0
[  791.810840][T18900] writeback 0
[  791.814156][T18900] workingset_refault_anon 19511
[  791.877389][T18900] workingset_refault_file 2834
[  791.895156][T18900] swap 127852544
[  791.898753][T18900] swapcached 28672
[  791.902495][T18900] pgpgin 1648948
[  791.977084][T18900] pgpgout 1589080
[  791.980892][T18900] pgfault 957414
[  792.013681][T18900] pgmajfault 1897
[  792.023824][T18900] inactive_anon 252784640
[  792.101219][T18900] active_anon 55226368
[  792.107989][T18900] inactive_file 0
[  792.112132][T18900] active_file 0
[  792.202985][T18900] unevictable 0
[  792.216356][T18900] hierarchical_memory_limit 314572800
[  792.250688][T18900] hierarchical_memsw_limit 9223372036854771712
[  792.271184][T18900] total_cache 307482624
[  792.296083][T18900] total_rss 499712
[  792.299875][T18900] total_rss_huge 0
[  792.303629][T18900] total_shmem 307482624
[  792.375139][T18900] total_mapped_file 45760512
[  792.379889][T18900] total_dirty 0
[  792.383373][T18900] total_writeback 0
[  792.441411][T18900] total_workingset_refault_anon 19511
[  792.465867][T19267] netlink: 'syz.1.3716': attribute type 4 has an invalid length.
[  792.481457][T18900] total_workingset_refault_file 2834
[  792.550785][T18900] total_swap 127852544
[  792.554920][T18900] total_swapcached 28672
[  792.624447][T18900] total_pgpgin 1648948
[  792.656370][T18900] total_pgpgout 1589080
[  792.660596][T18900] total_pgfault 957414
[  792.705510][T18900] total_pgmajfault 1897
[  792.709734][T18900] total_inactive_anon 252784640
[  792.805338][T18900] total_active_anon 55226368
[  792.810001][T18900] total_inactive_file 0
[  792.847651][T18900] total_active_file 0
[  792.907868][T18900] total_unevictable 0
[  792.912011][T18900] anon_cost 0
[  792.976181][T18900] file_cost 0
[  793.024217][T18900] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.3632,pid=18839,uid=0
[  793.056309][T18900] Memory cgroup out of memory: Killed process 18839 (syz.1.3632) total-vm:134748kB, anon-rss:1004kB, file-rss:29404kB, shmem-rss:14464kB, UID:0 pgtables:256kB oom_score_adj:1000
[  794.302548][T19344] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3735'.
[  795.585362][T19354] netlink: 'syz.1.3737': attribute type 4 has an invalid length.
[  795.735252][T19369] netlink: 'syz.8.3739': attribute type 2 has an invalid length.
[  797.146259][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  798.098703][T19398] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3745'.
[  798.955560][T19412] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3750'.
[  800.060215][T19431] FAULT_INJECTION: forcing a failure.
[  800.060215][T19431] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  800.108402][T19431] CPU: 1 UID: 0 PID: 19431 Comm: syz.4.3757 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  800.119424][T19431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  800.129513][T19431] Call Trace:
[  800.132813][T19431]  <TASK>
[  800.135764][T19431]  dump_stack_lvl+0x16c/0x1f0
[  800.140479][T19431]  should_fail_ex+0x497/0x5b0
[  800.145207][T19431]  _copy_to_user+0x32/0xd0
[  800.149676][T19431]  simple_read_from_buffer+0xd0/0x160
[  800.155102][T19431]  proc_fail_nth_read+0x198/0x270
[  800.160284][T19431]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  800.165897][T19431]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  800.171493][T19431]  vfs_read+0x1df/0xbe0
[  800.175663][T19431]  ? __fget_files+0x1fc/0x3a0
[  800.180348][T19431]  ? __pfx___mutex_lock+0x10/0x10
[  800.185382][T19431]  ? __pfx_vfs_read+0x10/0x10
[  800.190071][T19431]  ? __fget_files+0x206/0x3a0
[  800.194856][T19431]  ksys_read+0x12b/0x250
[  800.199106][T19431]  ? __pfx_ksys_read+0x10/0x10
[  800.203896][T19431]  do_syscall_64+0xcd/0x250
[  800.208419][T19431]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  800.214326][T19431] RIP: 0033:0x7f522f78472c
[  800.218748][T19431] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  800.238357][T19431] RSP: 002b:00007f52305fc030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  800.246776][T19431] RAX: ffffffffffffffda RBX: 00007f522f975fa0 RCX: 00007f522f78472c
[  800.254749][T19431] RDX: 000000000000000f RSI: 00007f52305fc0a0 RDI: 0000000000000005
[  800.262722][T19431] RBP: 00007f52305fc090 R08: 0000000000000000 R09: 0000000000000000
[  800.270790][T19431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  800.278782][T19431] R13: 0000000000000000 R14: 00007f522f975fa0 R15: 00007ffe45bb3998
[  800.286788][T19431]  </TASK>
[  800.290096][T19439] netlink: zone id is out of range
[  800.322376][T19439] netlink: zone id is out of range
[  800.416352][T19439] netlink: zone id is out of range
[  800.446626][T19439] netlink: zone id is out of range
[  800.472861][T19439] netlink: zone id is out of range
[  800.478319][T19439] netlink: zone id is out of range
[  800.483692][T19439] netlink: zone id is out of range
[  800.489122][T19439] netlink: zone id is out of range
[  800.494479][T19439] netlink: zone id is out of range
[  800.499915][T19439] netlink: zone id is out of range
[  801.147971][T19466] bridge0: port 3(syz_tun) entered blocking state
[  801.154514][T19466] bridge0: port 3(syz_tun) entered disabled state
[  801.193130][T19466] syz_tun: entered allmulticast mode
[  801.204329][T19466] syz_tun: entered promiscuous mode
[  801.225746][T19466] bridge0: port 3(syz_tun) entered blocking state
[  801.232484][T19466] bridge0: port 3(syz_tun) entered forwarding state
[  802.825442][T18822] syz.1.3629 (18822) used greatest stack depth: 17936 bytes left
[  803.189660][T19503] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3770'.
[  803.204101][T19503] ipvlan1: entered allmulticast mode
[  803.757686][T19513] netlink: 334 bytes leftover after parsing attributes in process `syz.1.3771'.
[  804.318221][T19524] nbd: must specify at least one socket
[  805.099760][T19534] IPVS: length: 11322 != 54662616
[  806.997277][ T5144] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  807.011697][ T5144] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  807.021060][ T5144] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  807.035355][ T5144] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  807.044760][ T5144] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  807.052471][ T5144] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  808.242335][T19596] chnl_net:caif_netlink_parms(): no params data found
[  808.667268][T19623] aoe: copy from user failed
[  808.672008][T19623] aoe: could not set interface list: too many interfaces
[  808.946457][T19596] bridge0: port 1(bridge_slave_0) entered blocking state
[  808.985514][T19596] bridge0: port 1(bridge_slave_0) entered disabled state
[  808.992817][T19596] bridge_slave_0: entered allmulticast mode
[  809.026731][T19596] bridge_slave_0: entered promiscuous mode
[  809.054651][T19596] bridge0: port 2(bridge_slave_1) entered blocking state
[  809.062313][T19596] bridge0: port 2(bridge_slave_1) entered disabled state
[  809.070342][T19596] bridge_slave_1: entered allmulticast mode
[  809.077547][T19596] bridge_slave_1: entered promiscuous mode
[  809.079007][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  809.090231][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  809.147281][ T5144] Bluetooth: hci0: command tx timeout
[  809.371461][T19596] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  809.418265][T19596] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  809.778189][T19596] team0: Port device team_slave_0 added
[  809.787035][T19596] team0: Port device team_slave_1 added
[  810.130439][T19596] batman_adv: batadv0: Adding interface: batadv_slave_0
[  810.165239][T19596] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  810.225161][T19596] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  810.247118][T19596] batman_adv: batadv0: Adding interface: batadv_slave_1
[  810.254113][T19596] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  810.280672][T19596] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  810.756280][T19596] hsr_slave_0: entered promiscuous mode
[  810.802081][T19596] hsr_slave_1: entered promiscuous mode
[  811.225273][ T5144] Bluetooth: hci0: command tx timeout
[  811.514862][T19596] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  811.930420][T19596] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  812.230056][T19596] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  812.767600][T19596] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  813.133198][T19596] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  813.171261][T19596] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  813.266313][T19596] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  813.316855][ T5144] Bluetooth: hci0: command tx timeout
[  813.348492][T19596] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  813.673023][T19596] 8021q: adding VLAN 0 to HW filter on device bond0
[  813.755839][T19596] 8021q: adding VLAN 0 to HW filter on device team0
[  813.797164][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  813.804414][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  813.846766][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  813.853948][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  814.330842][T19596] 8021q: adding VLAN 0 to HW filter on device batadv0
[  814.836432][T19596] veth0_vlan: entered promiscuous mode
[  814.860481][T19596] veth1_vlan: entered promiscuous mode
[  814.937146][T19596] veth0_macvtap: entered promiscuous mode
[  814.953676][T19596] veth1_macvtap: entered promiscuous mode
[  815.023198][T19596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  815.074808][T19596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  815.105158][T19596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  815.125127][T19596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  815.135002][T19596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  815.173997][T19596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  815.192048][T19596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  815.208968][T19596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  815.218974][T19596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  815.229698][T19596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  815.239700][T19596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  815.250224][T19596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  815.260970][T19596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  815.272270][T19596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  815.283385][T19596] batman_adv: batadv0: Interface activated: batadv_slave_0
[  815.295638][T19596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  815.306295][T19596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  815.316308][T19596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  815.326854][T19596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  815.336769][T19596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  815.347275][T19596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  815.357753][T19596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  815.369104][T19596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  815.379373][T19596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  815.389994][T19596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  815.397923][ T5144] Bluetooth: hci0: command tx timeout
[  815.399845][T19596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  815.415849][T19596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  815.425744][T19596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  815.436345][T19596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  815.448321][T19596] batman_adv: batadv0: Interface activated: batadv_slave_1
[  815.513732][T19596] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  815.545383][T19596] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  815.554146][T19596] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  815.587202][T19596] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  815.966855][T13366] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  815.998581][T13366] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  816.079906][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  816.135646][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  816.623011][T19835] netlink: 'syz.4.3790': attribute type 4 has an invalid length.
[  818.533582][T19873] netlink: 504 bytes leftover after parsing attributes in process `syz.1.3844'.
[  818.917523][T19881] FAULT_INJECTION: forcing a failure.
[  818.917523][T19881] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  818.992339][T19881] CPU: 1 UID: 0 PID: 19881 Comm: syz.1.3847 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  819.003357][T19881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  819.013449][T19881] Call Trace:
[  819.016762][T19881]  <TASK>
[  819.019722][T19881]  dump_stack_lvl+0x16c/0x1f0
[  819.024439][T19881]  should_fail_ex+0x497/0x5b0
[  819.029164][T19881]  _copy_from_user+0x2e/0xd0
[  819.033798][T19881]  copy_msghdr_from_user+0x99/0x160
[  819.039041][T19881]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  819.044902][T19881]  ___sys_sendmsg+0xff/0x1e0
[  819.049537][T19881]  ? __pfx____sys_sendmsg+0x10/0x10
[  819.054792][T19881]  ? __pfx_lock_release+0x10/0x10
[  819.059865][T19881]  ? trace_lock_acquire+0x14e/0x1f0
[  819.065110][T19881]  ? __fget_files+0x206/0x3a0
[  819.069846][T19881]  __sys_sendmsg+0x16e/0x220
[  819.074656][T19881]  ? __pfx___sys_sendmsg+0x10/0x10
[  819.079837][T19881]  do_syscall_64+0xcd/0x250
[  819.084389][T19881]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  819.090340][T19881] RIP: 0033:0x7f9c6ad85d19
[  819.094786][T19881] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  819.114438][T19881] RSP: 002b:00007f9c6bb24038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  819.122900][T19881] RAX: ffffffffffffffda RBX: 00007f9c6af75fa0 RCX: 00007f9c6ad85d19
[  819.130968][T19881] RDX: 0000000000000050 RSI: 0000000020000240 RDI: 0000000000000003
[  819.138972][T19881] RBP: 00007f9c6bb24090 R08: 0000000000000000 R09: 0000000000000000
[  819.146978][T19881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  819.154983][T19881] R13: 0000000000000000 R14: 00007f9c6af75fa0 R15: 00007ffcf9196cc8
[  819.163095][T19881]  </TASK>
[  819.244765][T19878] netlink: 'syz.4.3845': attribute type 4 has an invalid length.
[  823.765456][T19924] FAULT_INJECTION: forcing a failure.
[  823.765456][T19924] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  823.905300][T19924] CPU: 1 UID: 0 PID: 19924 Comm: syz.8.3856 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  823.916144][T19924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  823.926231][T19924] Call Trace:
[  823.929527][T19924]  <TASK>
[  823.932482][T19924]  dump_stack_lvl+0x16c/0x1f0
[  823.937197][T19924]  should_fail_ex+0x497/0x5b0
[  823.941912][T19924]  _copy_to_user+0x32/0xd0
[  823.946380][T19924]  simple_read_from_buffer+0xd0/0x160
[  823.951800][T19924]  proc_fail_nth_read+0x198/0x270
[  823.956869][T19924]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  823.962476][T19924]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  823.968067][T19924]  vfs_read+0x1df/0xbe0
[  823.972265][T19924]  ? __fget_files+0x1fc/0x3a0
[  823.976972][T19924]  ? __pfx___mutex_lock+0x10/0x10
[  823.982025][T19924]  ? __pfx_vfs_read+0x10/0x10
[  823.986741][T19924]  ? __fget_files+0x206/0x3a0
[  823.991459][T19924]  ksys_read+0x12b/0x250
[  823.995728][T19924]  ? __pfx_ksys_read+0x10/0x10
[  824.000536][T19924]  do_syscall_64+0xcd/0x250
[  824.005066][T19924]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  824.010987][T19924] RIP: 0033:0x7f15e098472c
[  824.015426][T19924] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  824.035068][T19924] RSP: 002b:00007f15e176b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  824.043511][T19924] RAX: ffffffffffffffda RBX: 00007f15e0b75fa0 RCX: 00007f15e098472c
[  824.051517][T19924] RDX: 000000000000000f RSI: 00007f15e176b0a0 RDI: 0000000000000002
[  824.059521][T19924] RBP: 00007f15e176b090 R08: 0000000000000000 R09: 0000000000000000
[  824.067523][T19924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  824.075523][T19924] R13: 0000000000000000 R14: 00007f15e0b75fa0 R15: 00007ffc633d05b8
[  824.083541][T19924]  </TASK>
[  825.687851][T19936] netlink: 'syz.4.3857': attribute type 4 has an invalid length.
[  826.188216][T19933] netlink: 'syz.8.3860': attribute type 27 has an invalid length.
[  826.275748][T19933] netlink: 'syz.8.3860': attribute type 28 has an invalid length.
[  826.407261][T19933] netlink: 'syz.8.3860': attribute type 29 has an invalid length.
[  826.488877][T19933] netlink: 'syz.8.3860': attribute type 30 has an invalid length.
[  826.532303][T19933] netlink: 'syz.8.3860': attribute type 31 has an invalid length.
[  826.600318][T19933] netlink: 'syz.8.3860': attribute type 32 has an invalid length.
[  826.725339][T19933] netlink: 'syz.8.3860': attribute type 33 has an invalid length.
[  826.789025][T19933] netlink: 'syz.8.3860': attribute type 35 has an invalid length.
[  826.878258][T19933] netlink: 'syz.8.3860': attribute type 37 has an invalid length.
[  826.965203][T19933] netlink: 18 bytes leftover after parsing attributes in process `syz.8.3860'.

syzkaller
syzkaller login: [  829.136824][T19992] ovs_: entered promiscuous mode
[  829.596365][T19992] tc_dump_action: action bad kind
[  830.629728][T20010] net_ratelimit: 342 callbacks suppressed
[  830.629750][T20010] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  831.306593][T20021] FAULT_INJECTION: forcing a failure.
[  831.306593][T20021] name failslab, interval 1, probability 0, space 0, times 0
[  831.319807][T20021] CPU: 1 UID: 0 PID: 20021 Comm: syz.8.3878 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  831.330695][T20021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  831.340779][T20021] Call Trace:
[  831.344082][T20021]  <TASK>
[  831.347040][T20021]  dump_stack_lvl+0x116/0x1f0
[  831.351771][T20021]  should_fail_ex+0x497/0x5b0
[  831.356492][T20021]  should_failslab+0xc2/0x120
[  831.361208][T20021]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  831.366628][T20021]  ? __send_signal_locked+0x159/0x11a0
[  831.372141][T20021]  ? sig_get_ucounts+0x1c0/0x5b0
[  831.377129][T20021]  __send_signal_locked+0x159/0x11a0
[  831.382466][T20021]  tty_signal_session_leader+0x197/0x5a0
[  831.388142][T20021]  __tty_hangup.part.0+0x343/0x890
[  831.393300][T20021]  tty_ioctl+0xe59/0x1640
[  831.397661][T20021]  ? __pfx_tty_ioctl+0x10/0x10
[  831.402462][T20021]  ? __pfx_lock_release+0x10/0x10
[  831.407545][T20021]  ? trace_lock_acquire+0x14e/0x1f0
[  831.412795][T20021]  ? __fget_files+0x206/0x3a0
[  831.417514][T20021]  ? __pfx_tty_ioctl+0x10/0x10
[  831.422601][T20021]  __x64_sys_ioctl+0x190/0x200
[  831.427409][T20021]  do_syscall_64+0xcd/0x250
[  831.431944][T20021]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  831.437875][T20021] RIP: 0033:0x7f15e0985d19
[  831.442321][T20021] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  831.461967][T20021] RSP: 002b:00007f15e176b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  831.470452][T20021] RAX: ffffffffffffffda RBX: 00007f15e0b75fa0 RCX: 00007f15e0985d19
[  831.478454][T20021] RDX: 0000000000000000 RSI: 0000000000005437 RDI: 0000000000000003
[  831.486453][T20021] RBP: 00007f15e176b090 R08: 0000000000000000 R09: 0000000000000000
[  831.494453][T20021] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  831.502453][T20021] R13: 0000000000000000 R14: 00007f15e0b75fa0 R15: 00007ffc633d05b8
[  831.510472][T20021]  </TASK>

syzkaller
syzkaller login: [  837.746041][T20053] validate_nla: 1 callbacks suppressed
[  837.746062][T20053] netlink: 'syz.1.3885': attribute type 4 has an invalid length.
[  838.766139][T20070] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3888'.
[  840.785490][T20088] netlink: 'syz.8.3897': attribute type 4 has an invalid length.
[  844.604918][T20132] netlink: 'syz.8.3908': attribute type 4 has an invalid length.
[  845.878528][T20165] FAULT_INJECTION: forcing a failure.
[  845.878528][T20165] name failslab, interval 1, probability 0, space 0, times 0
[  845.915818][T20165] CPU: 0 UID: 0 PID: 20165 Comm: syz.4.3917 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  845.926657][T20165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  845.936747][T20165] Call Trace:
[  845.940051][T20165]  <TASK>
[  845.943007][T20165]  dump_stack_lvl+0x16c/0x1f0
[  845.947729][T20165]  should_fail_ex+0x497/0x5b0
[  845.952447][T20165]  ? fs_reclaim_acquire+0xae/0x150
[  845.957595][T20165]  should_failslab+0xc2/0x120
[  845.962324][T20165]  __kmalloc_node_noprof+0xd1/0x520
[  845.967560][T20165]  ? __pfx___mutex_lock+0x10/0x10
[  845.972631][T20165]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  845.978130][T20165]  __kvmalloc_node_noprof+0xad/0x1a0
[  845.983455][T20165]  traverse.part.0.constprop.0+0x392/0x640
[  845.989298][T20165]  ? __pfx_lock_release+0x10/0x10
[  845.994377][T20165]  seq_read_iter+0x934/0x12b0
[  845.999188][T20165]  seq_read+0x39f/0x4e0
[  846.003381][T20165]  ? __pfx_seq_read+0x10/0x10
[  846.008119][T20165]  full_proxy_read+0xfb/0x1b0
[  846.012836][T20165]  ? __pfx_full_proxy_read+0x10/0x10
[  846.018249][T20165]  vfs_read+0x1df/0xbe0
[  846.022536][T20165]  ? __fget_files+0x1fc/0x3a0
[  846.027252][T20165]  ? __pfx_lock_release+0x10/0x10
[  846.032320][T20165]  ? __pfx_vfs_read+0x10/0x10
[  846.037038][T20165]  ? lock_acquire+0x2f/0xb0
[  846.041571][T20165]  ? __fget_files+0x40/0x3a0
[  846.046206][T20165]  ? __fget_files+0x206/0x3a0
[  846.050927][T20165]  __x64_sys_pread64+0x1f6/0x250
[  846.055903][T20165]  ? __pfx___x64_sys_pread64+0x10/0x10
[  846.061410][T20165]  do_syscall_64+0xcd/0x250
[  846.065958][T20165]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  846.071892][T20165] RIP: 0033:0x7fddf8985d19
[  846.076337][T20165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  846.095982][T20165] RSP: 002b:00007fddf9852038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  846.104433][T20165] RAX: ffffffffffffffda RBX: 00007fddf8b75fa0 RCX: 00007fddf8985d19
[  846.112437][T20165] RDX: 0000000000000009 RSI: 0000000000000000 RDI: 0000000000000003
[  846.120614][T20165] RBP: 00007fddf9852090 R08: 0000000000000000 R09: 0000000000000000
[  846.128618][T20165] R10: 000000000000002e R11: 0000000000000246 R12: 0000000000000001
[  846.136626][T20165] R13: 0000000000000000 R14: 00007fddf8b75fa0 R15: 00007ffdc744b568
[  846.144651][T20165]  </TASK>
[  846.977484][T20180] netlink: 'syz.8.3922': attribute type 4 has an invalid length.
[  848.054676][T20204] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3928'.
[  848.266169][T20207] FAULT_INJECTION: forcing a failure.
[  848.266169][T20207] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  848.338036][T20207] CPU: 0 UID: 0 PID: 20207 Comm: syz.4.3931 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  848.348870][T20207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  848.358944][T20207] Call Trace:
[  848.362240][T20207]  <TASK>
[  848.365192][T20207]  dump_stack_lvl+0x16c/0x1f0
[  848.369910][T20207]  should_fail_ex+0x497/0x5b0
[  848.374639][T20207]  _copy_to_user+0x32/0xd0
[  848.379100][T20207]  simple_read_from_buffer+0xd0/0x160
[  848.384523][T20207]  proc_fail_nth_read+0x198/0x270
[  848.389599][T20207]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  848.395201][T20207]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  848.400790][T20207]  vfs_read+0x1df/0xbe0
[  848.404982][T20207]  ? __fget_files+0x1fc/0x3a0
[  848.409694][T20207]  ? __pfx___mutex_lock+0x10/0x10
[  848.414758][T20207]  ? __pfx_vfs_read+0x10/0x10
[  848.419479][T20207]  ? __fget_files+0x206/0x3a0
[  848.424199][T20207]  ksys_read+0x12b/0x250
[  848.428475][T20207]  ? __pfx_ksys_read+0x10/0x10
[  848.433286][T20207]  do_syscall_64+0xcd/0x250
[  848.437833][T20207]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  848.443772][T20207] RIP: 0033:0x7fddf898472c
[  848.448218][T20207] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  848.467863][T20207] RSP: 002b:00007fddf9852030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  848.476331][T20207] RAX: ffffffffffffffda RBX: 00007fddf8b75fa0 RCX: 00007fddf898472c
[  848.484336][T20207] RDX: 000000000000000f RSI: 00007fddf98520a0 RDI: 0000000000000003
[  848.492344][T20207] RBP: 00007fddf9852090 R08: 0000000000000000 R09: 0000000000000000
[  848.500352][T20207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  848.508371][T20207] R13: 0000000000000001 R14: 00007fddf8b75fa0 R15: 00007ffdc744b568
[  848.516415][T20207]  </TASK>
[  849.005934][T20213] netlink: 'syz.4.3933': attribute type 4 has an invalid length.
[  852.845597][T20291] netlink: 'syz.8.3950': attribute type 4 has an invalid length.
[  854.337468][T20324] FAULT_INJECTION: forcing a failure.
[  854.337468][T20324] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  854.485209][T20324] CPU: 1 UID: 0 PID: 20324 Comm: syz.8.3958 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  854.496058][T20324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  854.506157][T20324] Call Trace:
[  854.509466][T20324]  <TASK>
[  854.512429][T20324]  dump_stack_lvl+0x16c/0x1f0
[  854.517151][T20324]  should_fail_ex+0x497/0x5b0
[  854.521876][T20324]  ? fs_reclaim_acquire+0xae/0x150
[  854.527033][T20324]  should_fail_alloc_page+0xe7/0x130
[  854.532367][T20324]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  854.538559][T20324]  ? __lock_acquire+0xcc5/0x3c40
[  854.543547][T20324]  __alloc_pages_noprof+0x190/0x25b0
[  854.548899][T20324]  ? hlock_class+0x4e/0x130
[  854.553447][T20324]  ? mark_lock+0xb5/0xc60
[  854.557831][T20324]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  854.563607][T20324]  ? __pfx_mark_lock+0x10/0x10
[  854.568433][T20324]  ? find_held_lock+0x2d/0x110
[  854.573248][T20324]  ? hlock_class+0x4e/0x130
[  854.577884][T20324]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  854.583823][T20324]  ? policy_nodemask+0xea/0x4e0
[  854.588732][T20324]  alloc_pages_mpol_noprof+0x2c9/0x610
[  854.594264][T20324]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  854.600308][T20324]  ? lock_acquire+0x2f/0xb0
[  854.604852][T20324]  ? __pfx___lock_acquire+0x10/0x10
[  854.610110][T20324]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  854.616318][T20324]  ? __pfx_filemap_map_pages+0x10/0x10
[  854.621814][T20324]  pte_alloc_one+0x20/0x390
[  854.626367][T20324]  __do_fault+0x320/0x490
[  854.630828][T20324]  ? __pfx_filemap_map_pages+0x10/0x10
[  854.636340][T20324]  do_pte_missing+0x1a8/0x3e00
[  854.641164][T20324]  __handle_mm_fault+0x103c/0x2a40
[  854.646336][T20324]  ? __pfx___handle_mm_fault+0x10/0x10
[  854.652018][T20324]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  854.657761][T20324]  ? find_vma+0xc0/0x140
[  854.662055][T20324]  ? __pfx_find_vma+0x10/0x10
[  854.667301][T20324]  handle_mm_fault+0x3fa/0xaa0
[  854.672122][T20324]  do_user_addr_fault+0x7a3/0x13f0
[  854.677288][T20324]  exc_page_fault+0x5c/0xc0
[  854.681838][T20324]  asm_exc_page_fault+0x26/0x30
[  854.686743][T20324] RIP: 0010:__put_user_2+0x11/0x20
[  854.691979][T20324] Code: 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <66> 89 01 31 c9 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[  854.711620][T20324] RSP: 0018:ffffc90003a57c88 EFLAGS: 00050246
[  854.717904][T20324] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000000
[  854.725998][T20324] RDX: ffff88802fffda00 RSI: ffffffff847cf875 RDI: ffffffff8bb15800
[  854.734008][T20324] RBP: ffffc90003a57e48 R08: 0000000000000000 R09: fffffbfff20398ea
[  854.742018][T20324] R10: ffffffff901cc757 R11: 0000000000000000 R12: 1ffff9200074af98
[  854.750024][T20324] R13: 0000000000000000 R14: 000000000000127e R15: dffffc0000000000
[  854.758133][T20324]  ? blkdev_common_ioctl+0xe05/0x2220
[  854.763560][T20324]  blkdev_common_ioctl+0xe14/0x2220
[  854.768803][T20324]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  854.774869][T20324]  ? __pfx_blkdev_common_ioctl+0x10/0x10
[  854.780555][T20324]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  854.785656][T20324]  ? __pfx_lock_release+0x10/0x10
[  854.790737][T20324]  ? trace_lock_acquire+0x14e/0x1f0
[  854.795992][T20324]  blkdev_ioctl+0x1ca/0x670
[  854.800554][T20324]  ? __pfx_blkdev_ioctl+0x10/0x10
[  854.805622][T20324]  ? __fget_files+0x206/0x3a0
[  854.810359][T20324]  ? __pfx_blkdev_ioctl+0x10/0x10
[  854.815441][T20324]  __x64_sys_ioctl+0x190/0x200
[  854.820258][T20324]  do_syscall_64+0xcd/0x250
[  854.824797][T20324]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  854.830736][T20324] RIP: 0033:0x7f15e0985d19
[  854.835184][T20324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  854.854828][T20324] RSP: 002b:00007f15e176b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  854.863385][T20324] RAX: ffffffffffffffda RBX: 00007f15e0b75fa0 RCX: 00007f15e0985d19
[  854.871493][T20324] RDX: 0000000000000000 RSI: 000000000000127e RDI: 0000000000000003
[  854.879507][T20324] RBP: 00007f15e176b090 R08: 0000000000000000 R09: 0000000000000000
[  854.887521][T20324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  854.895531][T20324] R13: 0000000000000000 R14: 00007f15e0b75fa0 R15: 00007ffc633d05b8
[  854.903569][T20324]  </TASK>
[  859.083679][T20353] netlink: 'syz.8.3965': attribute type 4 has an invalid length.
[  861.570479][T20391] ACPI: Can not change Invalid GPE/Fixed Event status
[  862.390931][T20402] netlink: 'syz.4.3978': attribute type 4 has an invalid length.
[  864.488968][T20432] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3984'.
[  865.277168][T20439] scsi_strcpy_devinfo: vendor string ';íÙ/&cŒÀ' is too long
[  866.018040][T20447] FAULT_INJECTION: forcing a failure.
[  866.018040][T20447] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  866.045181][T20447] CPU: 0 UID: 0 PID: 20447 Comm: syz.1.3989 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  866.056011][T20447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  866.066097][T20447] Call Trace:
[  866.069391][T20447]  <TASK>
[  866.072338][T20447]  dump_stack_lvl+0x16c/0x1f0
[  866.077048][T20447]  should_fail_ex+0x497/0x5b0
[  866.081764][T20447]  _copy_from_user+0x2e/0xd0
[  866.086395][T20447]  move_addr_to_kernel+0x68/0x160
[  866.091448][T20447]  __copy_msghdr+0x386/0x470
[  866.096068][T20447]  copy_msghdr_from_user+0xc2/0x160
[  866.101298][T20447]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  866.107155][T20447]  ___sys_sendmsg+0xff/0x1e0
[  866.111785][T20447]  ? __pfx____sys_sendmsg+0x10/0x10
[  866.117034][T20447]  ? __pfx_lock_release+0x10/0x10
[  866.122095][T20447]  ? trace_lock_acquire+0x14e/0x1f0
[  866.127340][T20447]  ? __fget_files+0x206/0x3a0
[  866.132050][T20447]  __sys_sendmsg+0x16e/0x220
[  866.136690][T20447]  ? __pfx___sys_sendmsg+0x10/0x10
[  866.141866][T20447]  do_syscall_64+0xcd/0x250
[  866.146403][T20447]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  866.152341][T20447] RIP: 0033:0x7f9c6ad85d19
[  866.156781][T20447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  866.176430][T20447] RSP: 002b:00007f9c6bb24038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  866.184882][T20447] RAX: ffffffffffffffda RBX: 00007f9c6af75fa0 RCX: 00007f9c6ad85d19
[  866.192886][T20447] RDX: 0000000020004010 RSI: 00000000200003c0 RDI: 0000000000000012
[  866.200890][T20447] RBP: 00007f9c6bb24090 R08: 0000000000000000 R09: 0000000000000000
[  866.209091][T20447] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  866.217094][T20447] R13: 0000000000000000 R14: 00007f9c6af75fa0 R15: 00007ffcf9196cc8
[  866.225109][T20447]  </TASK>
[  866.309120][T20446] netlink: 'syz.8.3990': attribute type 4 has an invalid length.
[  868.032034][T20470] netlink: 'syz.1.4003': attribute type 4 has an invalid length.
[  870.555567][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  870.562122][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  871.523044][T20506] can: request_module (can-proto-0) failed.
[  872.949822][T20526] netlink: 'syz.1.4007': attribute type 4 has an invalid length.
[  879.137739][T20592] netlink: 'syz.1.4023': attribute type 4 has an invalid length.
[  883.734120][T20642] netlink: 'syz.1.4035': attribute type 4 has an invalid length.
[  883.841539][T20641] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4034'.
[  884.170842][T20647] Invalid ELF header magic: != ELF
[  885.425333][T20667] sctp: [Deprecated]: syz.7.4043 (pid 20667) Use of struct sctp_assoc_value in delayed_ack socket option.
[  885.425333][T20667] Use struct sctp_sack_info instead
[  885.945401][T20679] device-mapper: ioctl: ioctl interface mismatch: kernel(4.48.0), user(0.0.0), cmd(17)
[  886.230454][T20688] netlink: 16 bytes leftover after parsing attributes in process `syz.8.4045'.
[  886.266092][T20688] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  886.296601][T20688] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  886.605375][T20667] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4043'.
[  886.775515][T20667] netdevsim netdevsim7 netdevsim2: entered allmulticast mode
[  887.331838][T20696] netlink: 'syz.4.4049': attribute type 4 has an invalid length.
[  887.361850][T20701] lo: entered allmulticast mode
[  887.426365][T20701] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4051'.
[  887.789003][T20700] lo: left allmulticast mode
[  893.065361][ T5842] Bluetooth: hci2: command 0x0406 tx timeout
[  894.796674][T20771] random: crng reseeded on system resumption
[  898.185385][ T5842] Bluetooth: hci1: command 0x0406 tx timeout
[  902.720670][T20827] ovs_: entered promiscuous mode
[  903.987385][T20827] tc_dump_action: action bad kind
[  907.653926][T20883] FAULT_INJECTION: forcing a failure.
[  907.653926][T20883] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  907.705879][T20883] CPU: 0 UID: 0 PID: 20883 Comm: syz.7.4094 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  907.716798][T20883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  907.726321][T20880] netlink: ct family unspecified
[  907.726950][T20883] Call Trace:
[  907.726962][T20883]  <TASK>
[  907.738135][T20883]  dump_stack_lvl+0x16c/0x1f0
[  907.742854][T20883]  should_fail_ex+0x497/0x5b0
[  907.747583][T20883]  _copy_to_user+0x32/0xd0
[  907.752054][T20883]  simple_read_from_buffer+0xd0/0x160
[  907.757931][T20883]  proc_fail_nth_read+0x198/0x270
[  907.763007][T20883]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  907.768618][T20883]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  907.776395][T20883]  vfs_read+0x1df/0xbe0
[  907.780591][T20883]  ? __fget_files+0x1fc/0x3a0
[  907.785308][T20883]  ? __pfx___mutex_lock+0x10/0x10
[  907.790364][T20883]  ? __pfx_vfs_read+0x10/0x10
[  907.795077][T20883]  ? __fget_files+0x206/0x3a0
[  907.799797][T20883]  ksys_read+0x12b/0x250
[  907.804070][T20883]  ? __pfx_ksys_read+0x10/0x10
[  907.808872][T20883]  do_syscall_64+0xcd/0x250
[  907.813416][T20883]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  907.819351][T20883] RIP: 0033:0x7f4b4f78472c
[  907.823793][T20883] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  907.843435][T20883] RSP: 002b:00007f4b50543030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  907.851992][T20883] RAX: ffffffffffffffda RBX: 00007f4b4f976080 RCX: 00007f4b4f78472c
[  907.860017][T20883] RDX: 000000000000000f RSI: 00007f4b505430a0 RDI: 0000000000000004
[  907.868113][T20883] RBP: 00007f4b50543090 R08: 0000000000000000 R09: 0000000000000000
[  907.876111][T20883] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  907.884110][T20883] R13: 0000000000000000 R14: 00007f4b4f976080 R15: 00007ffc27d23b88
[  907.892130][T20883]  </TASK>
[  908.665571][   T29] audit: type=1800 audit(4294967312.100:22): pid=20892 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.4099" name="dbroot" dev="configfs" ino=73462 res=0 errno=0
[  909.255627][T20900] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  909.466248][T20900] CIFS mount error: No usable UNC path provided in device string!
[  909.466248][T20900] 
[  909.549570][T20900] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  913.236141][T20936] netlink: 342 bytes leftover after parsing attributes in process `syz.1.4112'.
[  913.346907][T20938] netlink: 146 bytes leftover after parsing attributes in process `syz.1.4112'.
[  913.441614][T20895] netlink: 'syz.7.4100': attribute type 4 has an invalid length.
[  922.199132][T21012] netlink: 'syz.1.4133': attribute type 29 has an invalid length.
[  922.255249][T21012] netlink: 334 bytes leftover after parsing attributes in process `syz.1.4133'.
[  923.627576][T21031] netlink: 'syz.4.4139': attribute type 29 has an invalid length.
[  923.654670][T21033] svc: failed to register nfsdv3 RPC service (errno 22).
[  923.673457][T21033] svc: failed to register nfsaclv3 RPC service (errno 22).
[  923.681063][T21031] netlink: 334 bytes leftover after parsing attributes in process `syz.4.4139'.
[  925.197222][T21039] netlink: 146 bytes leftover after parsing attributes in process `syz.7.4141'.
[  925.456868][T21047] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4145'.
[  926.137879][T21054] raw_sendmsg: syz.4.4148 forgot to set AF_INET. Fix it!
[  926.545333][T21047] hsr_slave_0 (unregistering): left promiscuous mode
[  927.288408][T21065] FAULT_INJECTION: forcing a failure.
[  927.288408][T21065] name failslab, interval 1, probability 0, space 0, times 0
[  927.435023][T21065] CPU: 1 UID: 0 PID: 21065 Comm: syz.7.4152 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  927.445864][T21065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  927.456060][T21065] Call Trace:
[  927.459358][T21065]  <TASK>
[  927.462315][T21065]  dump_stack_lvl+0x16c/0x1f0
[  927.467063][T21065]  should_fail_ex+0x497/0x5b0
[  927.471773][T21065]  ? fs_reclaim_acquire+0xae/0x150
[  927.476919][T21065]  should_failslab+0xc2/0x120
[  927.481650][T21065]  __kmalloc_noprof+0xce/0x4f0
[  927.486448][T21065]  ? d_absolute_path+0x137/0x1b0
[  927.491424][T21065]  ? tomoyo_encode2+0x100/0x3e0
[  927.496317][T21065]  tomoyo_encode2+0x100/0x3e0
[  927.501031][T21065]  tomoyo_realpath_from_path+0x1a7/0x710
[  927.506793][T21065]  tomoyo_path_number_perm+0x248/0x5b0
[  927.512296][T21065]  ? tomoyo_path_number_perm+0x235/0x5b0
[  927.517982][T21065]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  927.524050][T21065]  ? __pfx_lock_release+0x10/0x10
[  927.529131][T21065]  ? trace_lock_acquire+0x14e/0x1f0
[  927.534391][T21065]  ? lock_acquire+0x2f/0xb0
[  927.538935][T21065]  ? __fget_files+0x40/0x3a0
[  927.543573][T21065]  ? __fget_files+0x206/0x3a0
[  927.548294][T21065]  security_file_ioctl+0x9b/0x240
[  927.553361][T21065]  __x64_sys_ioctl+0xb7/0x200
[  927.558087][T21065]  do_syscall_64+0xcd/0x250
[  927.562636][T21065]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  927.568564][T21065] RIP: 0033:0x7f4b4f785d19
[  927.573014][T21065] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  927.592748][T21065] RSP: 002b:00007f4b50564038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  927.601199][T21065] RAX: ffffffffffffffda RBX: 00007f4b4f975fa0 RCX: 00007f4b4f785d19
[  927.609208][T21065] RDX: 0000000000000000 RSI: 0000000000001267 RDI: 0000000000000003
[  927.617221][T21065] RBP: 00007f4b50564090 R08: 0000000000000000 R09: 0000000000000000
[  927.625233][T21065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  927.633234][T21065] R13: 0000000000000000 R14: 00007f4b4f975fa0 R15: 00007ffc27d23b88
[  927.641259][T21065]  </TASK>
[  927.688223][T21062] Process accounting resumed
[  927.765325][T21065] ERROR: Out of memory at tomoyo_realpath_from_path.
[  927.846772][T21068] bridge0: port 4(team0) entered blocking state
[  927.908366][T21068] bridge0: port 4(team0) entered disabled state
[  928.304419][T21068] team0: entered allmulticast mode
[  928.332368][T21068] team_slave_0: entered allmulticast mode
[  928.393870][T21068] team_slave_1: entered allmulticast mode
[  928.471002][T21068] team0: entered promiscuous mode
[  928.514916][T21068] team_slave_0: entered promiscuous mode
[  928.564103][T21068] team_slave_1: entered promiscuous mode
[  928.598097][T21068] bridge0: port 4(team0) entered blocking state
[  928.604475][T21068] bridge0: port 4(team0) entered forwarding state
[  929.096475][T21085] netlink: 342 bytes leftover after parsing attributes in process `syz.1.4157'.
[  929.845421][T21100] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  929.856577][T21100] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  929.904242][T21100] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  930.033761][T21100] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  930.040902][T21100] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  930.186232][T21100] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  930.192391][T21100] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  930.246587][T21100] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  931.480565][T21124] 
[  931.482950][T21124] ======================================================
[  931.490071][T21124] WARNING: possible circular locking dependency detected
[  931.497198][T21124] 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 Not tainted
[  931.504415][T21124] ------------------------------------------------------
[  931.511535][T21124] syz.1.4168/21124 is trying to acquire lock:
[  931.517616][T21124] ffffffff8fabe088 (rtnl_mutex){+.+.}-{4:4}, at: do_ipv6_setsockopt+0x1f4d/0x4660
[  931.526902][T21124] 
[  931.526902][T21124] but task is already holding lock:
[  931.534290][T21124] ffff88807d074428 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x101/0xc00
[  931.544540][T21124] 
[  931.544540][T21124] which lock already depends on the new lock.
[  931.544540][T21124] 
[  931.554965][T21124] 
[  931.554965][T21124] the existing dependency chain (in reverse order) is:
[  931.564002][T21124] 
[  931.564002][T21124] -> #2 (&smc->clcsock_release_lock){+.+.}-{4:4}:
[  931.572649][T21124]        __mutex_lock+0x19b/0xa60
[  931.577713][T21124]        smc_switch_to_fallback+0x2d/0xa00
[  931.583572][T21124]        smc_sendmsg+0x13d/0x520
[  931.588564][T21124]        ____sys_sendmsg+0x9ae/0xb40
[  931.593887][T21124]        ___sys_sendmsg+0x135/0x1e0
[  931.599133][T21124]        __sys_sendmsg+0x16e/0x220
[  931.604292][T21124]        do_syscall_64+0xcd/0x250
[  931.609363][T21124]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  931.615826][T21124] 
[  931.615826][T21124] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}:
[  931.623520][T21124]        lock_sock_nested+0x3a/0xf0
[  931.628776][T21124]        sockopt_lock_sock+0x54/0x70
[  931.634107][T21124]        do_ip_setsockopt+0x101/0x38c0
[  931.639603][T21124]        ip_setsockopt+0x59/0xf0
[  931.644594][T21124]        raw_setsockopt+0xb8/0x290
[  931.649753][T21124]        do_sock_setsockopt+0x222/0x480
[  931.655357][T21124]        __sys_setsockopt+0x1a0/0x230
[  931.660779][T21124]        __x64_sys_setsockopt+0xbd/0x160
[  931.666464][T21124]        do_syscall_64+0xcd/0x250
[  931.671531][T21124]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  931.677992][T21124] 
[  931.677992][T21124] -> #0 (rtnl_mutex){+.+.}-{4:4}:
[  931.685250][T21124]        __lock_acquire+0x249e/0x3c40
[  931.690669][T21124]        lock_acquire.part.0+0x11b/0x380
[  931.696348][T21124]        __mutex_lock+0x19b/0xa60
[  931.701415][T21124]        do_ipv6_setsockopt+0x1f4d/0x4660
[  931.707175][T21124]        ipv6_setsockopt+0xcb/0x170
[  931.712410][T21124]        tcp_setsockopt+0xa4/0x100
[  931.717557][T21124]        smc_setsockopt+0x1b4/0xc00
[  931.722804][T21124]        do_sock_setsockopt+0x222/0x480
[  931.728397][T21124]        __sys_setsockopt+0x1a0/0x230
[  931.733813][T21124]        __x64_sys_setsockopt+0xbd/0x160
[  931.739484][T21124]        do_syscall_64+0xcd/0x250
[  931.744551][T21124]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  931.751000][T21124] 
[  931.751000][T21124] other info that might help us debug this:
[  931.751000][T21124] 
[  931.761247][T21124] Chain exists of:
[  931.761247][T21124]   rtnl_mutex --> sk_lock-AF_INET --> &smc->clcsock_release_lock
[  931.761247][T21124] 
[  931.774853][T21124]  Possible unsafe locking scenario:
[  931.774853][T21124] 
[  931.782323][T21124]        CPU0                    CPU1
[  931.787708][T21124]        ----                    ----
[  931.788673][T21127] FAULT_INJECTION: forcing a failure.
[  931.788673][T21127] name failslab, interval 1, probability 0, space 0, times 0
[  931.793069][T21124]   lock(&smc->clcsock_release_lock);
[  931.793089][T21124]                                lock(sk_lock-AF_INET);
[  931.793105][T21124]                                lock(&smc->clcsock_release_lock);
[  931.793121][T21124]   lock(rtnl_mutex);
[  931.793136][T21124] 
[  931.793136][T21124]  *** DEADLOCK ***
[  931.793136][T21124] 
[  931.793142][T21124] 1 lock held by syz.1.4168/21124:
[  931.793155][T21124]  #0: ffff88807d074428 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x101/0xc00
[  931.793228][T21124] 
[  931.793228][T21124] stack backtrace:
[  931.793236][T21124] CPU: 0 UID: 0 PID: 21124 Comm: syz.1.4168 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  931.793267][T21124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  931.793282][T21124] Call Trace:
[  931.793290][T21124]  <TASK>
[  931.793300][T21124]  dump_stack_lvl+0x116/0x1f0
[  931.793330][T21124]  print_circular_bug+0x41c/0x610
[  931.793369][T21124]  check_noncircular+0x31a/0x400
[  931.793406][T21124]  ? __pfx_check_noncircular+0x10/0x10
[  931.906919][T21124]  ? mark_lock+0xb5/0xc60
[  931.911295][T21124]  ? lockdep_lock+0xc6/0x200
[  931.915917][T21124]  ? __pfx_lockdep_lock+0x10/0x10
[  931.920975][T21124]  __lock_acquire+0x249e/0x3c40
[  931.925888][T21124]  ? __pfx___lock_acquire+0x10/0x10
[  931.931133][T21124]  lock_acquire.part.0+0x11b/0x380
[  931.936360][T21124]  ? do_ipv6_setsockopt+0x1f4d/0x4660
[  931.941763][T21124]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  931.947416][T21124]  ? rcu_is_watching+0x12/0xc0
[  931.952218][T21124]  ? trace_lock_acquire+0x14e/0x1f0
[  931.952278][ T5144] Bluetooth: hci4: command 0x0c1a tx timeout
[  931.957424][T21124]  ? do_ipv6_setsockopt+0x1f4d/0x4660
[  931.957453][T21124]  ? lock_acquire+0x2f/0xb0
[  931.957475][T21124]  ? do_ipv6_setsockopt+0x1f4d/0x4660
[  931.963829][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  931.968786][T21124]  __mutex_lock+0x19b/0xa60
[  931.968817][T21124]  ? do_ipv6_setsockopt+0x1f4d/0x4660
[  931.973338][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  931.978741][T21124]  ? __pfx_mark_lock+0x10/0x10
[  931.978777][T21124]  ? do_ipv6_setsockopt+0x1f4d/0x4660
[  932.011397][T21124]  ? __pfx___mutex_lock+0x10/0x10
[  932.016465][T21124]  ? __pfx_register_lock_class+0x10/0x10
[  932.022141][T21124]  ? finish_task_switch.isra.0+0x217/0xcc0
[  932.027981][T21124]  ? hlock_class+0x4e/0x130
[  932.032535][T21124]  ? do_ipv6_setsockopt+0x1f4d/0x4660
[  932.037942][T21124]  ? rtnl_lock+0x9/0x20
[  932.042126][T21124]  do_ipv6_setsockopt+0x1f4d/0x4660
[  932.047356][T21124]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  932.052944][T21124]  ? lock_acquire.part.0+0x11b/0x380
[  932.058268][T21124]  ? __mutex_trylock_common+0xea/0x250
[  932.063757][T21124]  ? __pfx___mutex_trylock_common+0x10/0x10
[  932.069683][T21124]  ? smc_setsockopt+0x101/0xc00
[  932.074582][T21124]  ? rcu_is_watching+0x12/0xc0
[  932.079378][T21124]  ? trace_contention_end+0xee/0x140
[  932.084707][T21124]  ? __mutex_lock+0x1cc/0xa60
[  932.089435][T21124]  ? smc_setsockopt+0x101/0xc00
[  932.094329][T21124]  ? __pfx___mutex_lock+0x10/0x10
[  932.099388][T21124]  ? ipv6_setsockopt+0xcb/0x170
[  932.104280][T21124]  ipv6_setsockopt+0xcb/0x170
[  932.109000][T21124]  tcp_setsockopt+0xa4/0x100
[  932.113647][T21124]  smc_setsockopt+0x1b4/0xc00
[  932.118364][T21124]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  932.124303][T21124]  ? __pfx_smc_setsockopt+0x10/0x10
[  932.129548][T21124]  ? __pfx_smc_setsockopt+0x10/0x10
[  932.134794][T21124]  do_sock_setsockopt+0x222/0x480
[  932.139861][T21124]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  932.145446][T21124]  ? lock_acquire+0x2f/0xb0
[  932.149983][T21124]  __sys_setsockopt+0x1a0/0x230
[  932.154872][T21124]  __x64_sys_setsockopt+0xbd/0x160
[  932.160021][T21124]  ? do_syscall_64+0x91/0x250
[  932.164728][T21124]  ? lockdep_hardirqs_on+0x7c/0x110
[  932.169950][T21124]  do_syscall_64+0xcd/0x250
[  932.174490][T21124]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  932.180430][T21124] RIP: 0033:0x7f9c6ad85d19
[  932.184872][T21124] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  932.204513][T21124] RSP: 002b:00007f9c6bb24038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  932.212966][T21124] RAX: ffffffffffffffda RBX: 00007f9c6af75fa0 RCX: 00007f9c6ad85d19
[  932.220968][T21124] RDX: 000000000000001b RSI: 0000000000000029 RDI: 0000000000000007
[  932.228967][T21124] RBP: 00007f9c6ae01a20 R08: 0000000000000201 R09: 0000000000000000
[  932.236962][T21124] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  932.244960][T21124] R13: 0000000000000000 R14: 00007f9c6af75fa0 R15: 00007ffcf9196cc8
[  932.252967][T21124]  </TASK>
[  932.256009][T21127] CPU: 1 UID: 0 PID: 21127 Comm: syz.8.4169 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[  932.266815][T21127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  932.276896][T21127] Call Trace:
[  932.280190][T21127]  <TASK>
[  932.283146][T21127]  dump_stack_lvl+0x16c/0x1f0
[  932.287870][T21127]  should_fail_ex+0x497/0x5b0
[  932.292588][T21127]  ? fs_reclaim_acquire+0xae/0x150
[  932.297740][T21127]  should_failslab+0xc2/0x120
[  932.302465][T21127]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  932.306927][T21125] nfsd: Unknown parameter 'Ûß?²Ñ'
[  932.307854][T21127]  ? __kernfs_new_node+0xd3/0x890
[  932.318025][T21127]  __kernfs_new_node+0xd3/0x890
[  932.322907][T21127]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  932.324347][ T5144] Bluetooth: hci2: command 0x0406 tx timeout
[  932.328810][T21127]  ? __pfx___kernfs_new_node+0x10/0x10
[  932.328834][T21127]  ? __pfx_number+0x10/0x10
[  932.334881][ T5144] Bluetooth: hci1: command 0x0406 tx timeout
[  932.340254][T21127]  ? map_id_range_down+0x2bb/0x3a0
[  932.340281][T21127]  ? __pfx_map_id_range_down+0x10/0x10
[  932.344839][ T5144] Bluetooth: hci0: command 0x0c1a tx timeout
[  932.350730][T21127]  kernfs_new_node+0x186/0x240
[  932.350768][T21127]  kernfs_create_dir_ns+0x4c/0x150
[  932.350793][T21127]  sysfs_create_dir_ns+0x13b/0x2b0
[  932.350824][T21127]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  932.350856][T21127]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  932.350880][T21127]  ? kobject_add_internal+0x12d/0x990
[  932.350909][T21127]  ? do_raw_spin_unlock+0x172/0x230
[  932.350933][T21127]  kobject_add_internal+0x2c8/0x990
[  932.350963][T21127]  kobject_init_and_add+0x11c/0x190
[  932.350993][T21127]  ? __pfx_kobject_init_and_add+0x10/0x10
[  932.351022][T21127]  ? genl_family_rcv_msg_doit+0x202/0x2f0
[  932.351052][T21127]  ? netlink_unicast+0x53c/0x7f0
[  932.351073][T21127]  ? netlink_sendmsg+0x8b8/0xd70
[  932.435906][T21127]  ? ____sys_sendmsg+0x9ae/0xb40
[  932.440877][T21127]  ? ___sys_sendmsg+0x135/0x1e0
[  932.445769][T21127]  ? __sys_sendmsg+0x16e/0x220
[  932.450570][T21127]  ? do_syscall_64+0xcd/0x250
[  932.455288][T21127]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  932.461395][T21127]  ? rcu_is_watching+0x12/0xc0
[  932.466193][T21127]  ? lock_release+0x4e2/0x6f0
[  932.470914][T21127]  netdev_queue_update_kobjects+0x29c/0x5b0
[  932.476867][T21127]  netif_set_real_num_tx_queues+0x168/0x880
[  932.482812][T21127]  veth_set_channels+0x481/0xbf0
[  932.487800][T21127]  ethnl_set_channels+0x704/0xab0
[  932.492866][T21127]  ? __pfx_ethnl_set_channels+0x10/0x10
[  932.498451][T21127]  ? __pfx___nla_validate_parse+0x10/0x10
[  932.504215][T21127]  ethnl_default_set_doit+0x335/0x6f0
[  932.509628][T21127]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[  932.515569][T21127]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  932.522975][T21127]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  932.530386][T21127]  genl_family_rcv_msg_doit+0x202/0x2f0
[  932.535973][T21127]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  932.542071][T21127]  ? genl_get_cmd+0x195/0x580
[  932.546782][T21127]  ? bpf_lsm_capable+0x9/0x10
[  932.551497][T21127]  ? security_capable+0x7e/0x260
[  932.556482][T21127]  ? ns_capable+0xd7/0x110
[  932.560933][T21127]  genl_rcv_msg+0x565/0x800
[  932.565475][T21127]  ? __pfx_genl_rcv_msg+0x10/0x10
[  932.570530][T21127]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[  932.576471][T21127]  netlink_rcv_skb+0x165/0x410
[  932.581264][T21127]  ? __pfx_genl_rcv_msg+0x10/0x10
[  932.586319][T21127]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  932.591645][T21127]  ? down_read+0xc9/0x330
[  932.596035][T21127]  ? __pfx_down_read+0x10/0x10
[  932.600835][T21127]  ? netlink_deliver_tap+0x1ae/0xca0
[  932.606177][T21127]  genl_rcv+0x28/0x40
[  932.610192][T21127]  netlink_unicast+0x53c/0x7f0
[  932.614994][T21127]  ? __pfx_netlink_unicast+0x10/0x10
[  932.620312][T21127]  ? __phys_addr_symbol+0x30/0x80
[  932.625367][T21127]  ? __check_object_size+0x488/0x710
[  932.630703][T21127]  netlink_sendmsg+0x8b8/0xd70
[  932.635499][T21127]  ? __pfx_netlink_sendmsg+0x10/0x10
[  932.640823][T21127]  ____sys_sendmsg+0x9ae/0xb40
[  932.645625][T21127]  ? copy_msghdr_from_user+0x10b/0x160
[  932.651131][T21127]  ? __pfx_____sys_sendmsg+0x10/0x10
[  932.656461][T21127]  ? rcu_is_watching+0x12/0xc0
[  932.661263][T21127]  ? lock_release+0x4e2/0x6f0
[  932.665983][T21127]  ? get_pid_task+0xfc/0x250
[  932.670610][T21127]  ___sys_sendmsg+0x135/0x1e0
[  932.675322][T21127]  ? get_pid_task+0x35/0x250
[  932.679966][T21127]  ? __pfx____sys_sendmsg+0x10/0x10
[  932.685200][T21127]  ? lock_release+0x4e2/0x6f0
[  932.689914][T21127]  ? __pfx_lock_release+0x10/0x10
[  932.694976][T21127]  ? trace_lock_acquire+0x14e/0x1f0
[  932.700211][T21127]  ? __fget_files+0x206/0x3a0
[  932.704926][T21127]  __sys_sendmsg+0x16e/0x220
[  932.709549][T21127]  ? __pfx___sys_sendmsg+0x10/0x10
[  932.714708][T21127]  ? rcu_is_watching+0x12/0xc0
[  932.719507][T21127]  ? rcu_is_watching+0x12/0xc0
[  932.724304][T21127]  do_syscall_64+0xcd/0x250
[  932.728840][T21127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  932.734765][T21127] RIP: 0033:0x7f15e0985d19
[  932.739288][T21127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  932.758925][T21127] RSP: 002b:00007f15e176b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  932.767371][T21127] RAX: ffffffffffffffda RBX: 00007f15e0b75fa0 RCX: 00007f15e0985d19
[  932.775390][T21127] RDX: 0000000000000004 RSI: 0000000020000000 RDI: 0000000000000003
[  932.783386][T21127] RBP: 00007f15e176b090 R08: 0000000000000000 R09: 0000000000000000
[  932.791386][T21127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  932.799386][T21127] R13: 0000000000000000 R14: 00007f15e0b75fa0 R15: 00007ffc633d05b8
[  932.807393][T21127]  </TASK>
[  932.817852][T21127] kobject: kobject_add_internal failed for tx-1 (error: -12 parent: queues)
[  934.425241][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout
[  934.430215][ T5843] Bluetooth: hci2: command 0x0406 tx timeout
[  934.431709][ T5144] Bluetooth: hci1: command 0x0406 tx timeout
[  936.505249][ T5144] Bluetooth: hci0: command 0x0c1a tx timeout