last executing test programs:

9m49.012205356s ago: executing program 1 (id=676):
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x2040, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/007/001\x00', 0x40000, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x181902, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x4000, 0x0)
open(0x0, 0x161342, 0x100)
syz_genetlink_get_family_id$auto_gtp(0x0, 0xffffffffffffffff)
socket(0xa, 0x2, 0x73)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/scsi/scsi\x00', 0x400, 0x0)
setsockopt$auto(0x4, 0x29, 0x38, 0x0, 0x200577)
select$auto(0xb, &(0x7f0000000100)={[0x7f, 0x31, 0xffffffffffffffff, 0x80000000, 0x7, 0x6, 0x81, 0x67e, 0x8, 0x2, 0x5, 0x10001, 0x334, 0x4, 0xfffffffffffffffe, 0x8]}, 0x0, 0x0, 0x0)

9m48.920603414s ago: executing program 1 (id=677):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x40}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x2, 0xb}, 0x800009}, 0x5, 0x20000000)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0x4c114)
r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000080), r0)
sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)={0xf8, r1, 0x400, 0x70bd2d, 0x25dfdbfc, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x3}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x2}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0xff}, @NBD_ATTR_SOCKETS={0xac, 0x7, 0x0, 0x1, [@generic="8711c48b9cb7dd652174e2c8aec02a6c40b548dc024f9c74d62ab8ca74087e3012e83015886ee54456e57a9bdaecf71dc4bd1c3c9264a2b56e9991793a4b6f27faeaf4c2c30bb07d1f474557ac6bd76841cfee96b4882814b70243be0bc82368e07c988fbd129087c3b306dadc5d91b406c85d2cf6dfdbce71d21240a205316380792370733af63d043e594820fe8fd1e64a04acdad5a433999ff9b8344c630f", @typed={0x8, 0x13e, 0x0, 0x0, @ipv4=@loopback}]}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x4}]}, 0xf8}, 0x1, 0x0, 0x0, 0x84}, 0x10)

9m47.941230634s ago: executing program 1 (id=682):
mmap$auto(0x0, 0x2000c, 0xdf, 0xeb1, 0x40000000000a5, 0x8002)
fcntl$auto(0x2, 0x11, 0x0)
ioperm$auto(0x7, 0x6, 0x2)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
semctl$auto(0x1ff, 0x2, 0x13, 0x20001)
set_mempolicy$auto(0x3, &(0x7f0000000000)=0x3, 0x388)
kexec_load$auto(0x2, 0x7, 0x0, 0x4)

9m46.454425991s ago: executing program 1 (id=689):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
pipe2$auto(&(0x7f00000001c0)=r0, 0xa682)
r1 = openat$auto_component_list_fops_(0xffffffffffffff9c, &(0x7f0000000ac0), 0x2000, 0x0)
read$auto_component_list_fops_(r1, &(0x7f0000000b00)=""/110, 0x6e)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x40}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x2, 0xb}, 0x800009}, 0x5, 0x20000000)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0x4c114)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r0)
sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, r2, 0x100, 0x70bd2b, 0x25dfdbff, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x7}, @NL80211_ATTR_MEASUREMENT_DURATION={0x6, 0xeb, 0x8}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x2}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000}, 0x2000)
prctl$auto(0x23, 0x7, 0x7fffffffefff, 0x0, 0x0)
brk$auto(0x7fffffffefff)
write$auto(0x3, 0x0, 0x296)

9m45.36947467s ago: executing program 1 (id=696):
mmap$auto(0x0, 0x2020009, 0xffffffffffffffff, 0xeb1, 0xfffffffffffffffa, 0xc000) (async)
mmap$auto(0x1498, 0x7fffffffffffffff, 0x8, 0x18, 0x6, 0xffffffffffffffe5)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020007, 0x4, 0xeb1, 0xfffffffffffffffa, 0x200008000) (async)
capget$auto(0x0, 0xfffffffffffffffe) (async)
r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/ioports\x00', 0x8c1, 0x0)
read$auto_proc_iter_file_ops_compat_inode(r0, &(0x7f0000000040)=""/142, 0x8e) (async)
mmap$auto(0x0, 0xb, 0x6, 0xeb1, 0x3ff, 0x8000) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x8000) (async)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000000300)=ANY=[@ANYRESHEX, @ANYRESDEC=r0, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r2) (async)
read$auto(r2, &(0x7f0000000100)='\x0011\x00\x00\x00\x00\x00', 0xbe72) (async)
pwritev2$auto(0x5, &(0x7f0000000280)={&(0x7f00000001c0)=[0xd, 0x80000000000, 0xc6], 0x100000000}, 0x788, 0x9cc, 0x6, 0x9) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) (async)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async)
rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}})
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
socket(0x1, 0x5, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x5, 0x8000) (async)
sysfs$auto(0x2, 0x0, 0x0) (async)
fsopen$auto(0x0, 0x1)
close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async)
r3 = socket(0x2, 0x6, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)

9m44.877386815s ago: executing program 1 (id=700):
ioprio_set$auto(0x2, 0x0, 0x72e2f0a)
syz_open_procfs$namespace(0x0, 0x0)
lsm_list_modules$auto(0x0, 0x0, 0x7fffffff)
socketpair$auto(0x3, 0x5, 0x7, 0x0)
bpf$auto(0x0, 0x0, 0xaf1)
mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
wait4$auto(0x2, 0xfffffffffffffffe, 0x5, 0x0)
socket(0xa, 0x801, 0x106)
mknod$auto(&(0x7f0000000b00)='X))\x00', 0x63c1, 0x7ff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000600), r0)
sendmsg$auto_IOAM6_CMD_NS_SET_SCHEMA(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000640)=ANY=[@ANYBLOB="b50e0000", @ANYRES16=r1, @ANYBLOB="01002bbd7000fbdbdf2507000000060001004a000000"], 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x80)
stat$auto(&(0x7f00000002c0)='X))\x00', &(0x7f0000000300)={0x8, 0x8, 0x3, 0xfffffe00, 0xffffffffffffffff, 0xee00, 0x0, 0x7fffffffffffffff, 0x23a, 0x1, 0x7fff, 0x7fffffffffffffff, 0x2, 0xfffffffffffffff7, 0xaff0, 0x8})

9m44.598100433s ago: executing program 32 (id=700):
ioprio_set$auto(0x2, 0x0, 0x72e2f0a)
syz_open_procfs$namespace(0x0, 0x0)
lsm_list_modules$auto(0x0, 0x0, 0x7fffffff)
socketpair$auto(0x3, 0x5, 0x7, 0x0)
bpf$auto(0x0, 0x0, 0xaf1)
mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
wait4$auto(0x2, 0xfffffffffffffffe, 0x5, 0x0)
socket(0xa, 0x801, 0x106)
mknod$auto(&(0x7f0000000b00)='X))\x00', 0x63c1, 0x7ff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000600), r0)
sendmsg$auto_IOAM6_CMD_NS_SET_SCHEMA(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000640)=ANY=[@ANYBLOB="b50e0000", @ANYRES16=r1, @ANYBLOB="01002bbd7000fbdbdf2507000000060001004a000000"], 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x80)
stat$auto(&(0x7f00000002c0)='X))\x00', &(0x7f0000000300)={0x8, 0x8, 0x3, 0xfffffe00, 0xffffffffffffffff, 0xee00, 0x0, 0x7fffffffffffffff, 0x23a, 0x1, 0x7fff, 0x7fffffffffffffff, 0x2, 0xfffffffffffffff7, 0xaff0, 0x8})

9m22.884104842s ago: executing program 2 (id=836):
r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000000), 0x1c1301, 0x0)
select$auto(0x0, 0x0, &(0x7f0000000040)={[0x2, 0x2, 0x7, 0x1, 0x6, 0xfa5, 0x9, 0x9, 0x100000000, 0x800, 0x18, 0x1, 0x8, 0x7, 0x8, 0x3]}, &(0x7f00000000c0)={[0xbcc, 0x81, 0x1c4, 0x80000001, 0x94, 0xffffffff, 0x5, 0x5, 0x40000000, 0x4, 0x7a, 0x40, 0x1, 0x7, 0xfffffffffffffff7, 0xffffffffffffffff]}, &(0x7f0000000140)={0x0, 0x1})
ioctl$auto_PPPIOCSDEBUG(r0, 0x40047440, &(0x7f0000000180)=0x9)
ppoll$auto(&(0x7f00000001c0)={<r1=>r0, 0x5, 0x6}, 0x80000001, &(0x7f0000000200)={0x3}, &(0x7f0000000240)={0x100}, 0x8)
r2 = openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000280)='/dev/log\x00', 0x2402, 0x0)
r3 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000300), r1)
sendmsg$auto_OVS_DP_CMD_DEL(r2, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, r3, 0x100, 0x70bd2d, 0x25dfdbff, {}, [@OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8, 0x7, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8040c11}, 0x800)
r4 = openat$auto_hwsim_fops_ps_(0xffffffffffffff9c, &(0x7f0000000400)='/sys/kernel/debug/ieee80211/phy8/hwsim/ps\x00', 0x81, 0x0)
sendmsg$auto_NL80211_CMD_SET_QOS_MAP(r1, &(0x7f0000000500)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, 0x0, 0x100, 0x70bd29, 0x25dfdbfc, {}, [@NL80211_ATTR_SCHED_SCAN_INTERVAL={0x8, 0x77, 0x7828}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000890)
read$auto_hwsim_fops_ps_(r4, &(0x7f0000000540)=""/184, 0xb8)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r2)
sendmsg$auto_NL80211_CMD_JOIN_IBSS(r4, &(0x7f0000000780)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000740)={&(0x7f0000000680)={0xb4, r5, 0x300, 0x70bd25, 0x25dfdbfe, {}, [@NL80211_ATTR_CONTROL_PORT={0x4}, @NL80211_ATTR_WIPHY_RETRY_LONG={0x5, 0x3e, 0xaf}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x8c, 0xcd, "1e7b7e82d99075afa13c59eb8341a919d3a3ef083991725e40bc9ece64a91becbbf3769faeb40e054ba0ec3c7a1937d1e3ad5682b865d46f7ad12a80eea80a381d7d7527c4b0797a9fc128d021ebd7ee0202410b59a06efca05806f8edbe4bc865d73e8c6aa28e784402964751c6dee3e7f648bed89e56ac52767cf3fd2fa59c87fa1b86cee1b0fc"}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0x8}]}, 0xb4}, 0x1, 0x0, 0x0, 0x10}, 0x20000444)
io_uring_setup$auto(0xf, &(0x7f00000007c0)={0x1, 0x338e9665, 0x312c, 0x5, 0x3, 0x7fff, <r6=>r2, [0x800, 0xfff, 0x7f], {0x1, 0xf9, 0x101, 0x4, 0x3ff, 0x80, 0x101, 0x8}, {0x10000, 0x5, 0xaa3e, 0x0, 0x3, 0xfffff000, 0x7, 0x8, 0xe3e}})
sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r2, &(0x7f0000000900)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000008c0)={&(0x7f0000000880)={0x3c, 0x0, 0x4, 0x70bd2c, 0x25dfdbfc, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @ipv4={'\x00', '\xff\xff', @empty}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2000}, 0x40000)
r7 = syz_genetlink_get_family_id$auto_nlbl_unlbl(&(0x7f0000000980), r1)
sendmsg$auto_NLBL_UNLABEL_C_ACCEPT(r1, &(0x7f0000001b00)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000001ac0)={&(0x7f00000009c0)={0x10f0, r7, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_UNLABEL_A_SECCTX={0x1004, 0x7, "4b476235d336a7d09fed15b47a2bdcc35bfed8dd3b9be9112e65c568f260cef5e199f8e65f1cb36e74ecfacbfc133d7697f94b8c904cc47de6214af7c625e2682e076bb16eb24b7039d1215391e2ed64babb6d31068b0d8bbf5c36d40a7e26a80b7f206dd45a74ce6215e6718644705dfa0ea886df5c25bd0d8d367cb0b9f0e1d6d905671b2b7ec096a4728301c98a6255038ab4ea55026cae96e3b573ac4f28ada74c094f94d04df814c9f34c061ab691709082af6acbdacf9228008f109a15bf928266a879eae81936787188658253ff92aa15e7d96c654a645b26463b905a4b447dd6eba5f832f8a147255ac030962288804cd317ec279c6a7dc8594b6e953f5cc53d8628574de3fcfe719c2c36f0986f95392d0f576e21871ff7477f15768e3cbffed28f8906e214581f2c102a11ab600cf1da4c8d6364f0133dce4192d6f4a416a56038e6bd9f56cc8d70038e3069dbcdc8727c203b6d9cc389af729dee2e9aa581fe168a279c3c40557f80be3174cf0fdee67d200e9fa1eb870a164697b1bc4febf4a3d0f108bd8c5ad75147b6c36d0eefef537c8f5a28723c753abd1238d4a4b1c66b5501a0e8cf9767bec186e2364918ea286a8daededc901563b857f90de4a6a850a60b8523528567526cf5984d1d3836c8d3356f19f698e3171796d57beb8db914cb64799b2fec89b3f5c107a6e003a0edfd1fbe71d3176e2da54aa3ebd116a9321555cfae51842a528d8bf0e254c5adcf7f66f533988c05ee29868f54b700a8f101b5d15a0f0fbf3bf21b67fa86d67fbf869505b7a93a6cdb3c6bd41f94ce31b0727bec2f1ab810dc87d21663488e017b6c198746c514215b03d978cc11a1fe1a4cc02982513eb58b36f9ec0777e11de727b88c62a432b54d759fcb6db56ffa9aeb95fa9a6de89a488dde90fd48df38b921b71253b5527fbaba76be2f1e7da23ac3b5607b7b031f629e77cda605ab3cd3f7155ed7bdd9158e67cc0603a41d725ff7cca3944f63d485c0b366a193c303cd0db498bb9f033f573443cf9eb53864b58969d9e29cf8626d796d995f30d6e2bc8179fa5c51a399d9dca36954b02f98703bf6338865201e89e336ba346e8180740de5e7f7aee095c4684c1e7249fd3f97b8989c6da520f188422918396a9fda15574b1a2d81564b50953e60e4d0727b77f17f364ddd03fa9d715ef3546c68e61ed70fe66af874037f72c72fdca0ceb659c84f1585b76241574c9c490d053eb056886d47487998bdca01c536ac064970a7ed0acde582d042e05f21ffd85e90bb88fd4f850ed83b292c1e8283a7a2a9181f76c10edee025560eea23518cf790f9c275305224052b76bd50cd12732804c1c7fa94519f2c3c5ad3c0db9b15e18a9b936d966e8e1b5a7a1b1d726fb58d8867d3bf167124167755860ef8b0dd8ea48be044e3914b1f11321f80b2423e11f64238be2262c9f3b8615a5fbedab26d9a5802fee9d410187a83d6e1dc449eda17d1267f92093a7d163201ba019a3baa7fc612cc28b193058837091e17a404c723b3a679d0e7491a0b0941119ce441e870607996b0f00a644b31a0e7154ac56a159bfc74a6bd37ee22c7900b62a983a14d9e35bfbe83ae12bd516adddcf1000eae30b10c5ac8565839d4b0e669bfbc828509f63cf3c1761feeab7e4c344194a790402e03ea7fa0c6e818b0ff34e5cc35a3248538fe07d4f301815ae763ef632df6ab46829fb2a462bab7adb63dd4895445ebe98087f6f5d1e28ad0738c485085db2586296831db76b6a207faad6fb895c642888bd269267796310ffccd27cf5b30df4f95a55e0d4f3e73d1974d5848e94eca394d1cf91fa30947c82665c17ed0dff94fcfa17d2473ec00448a477ed762dee5dfdb184ea93ebc6e67458aa04f740e344f7ca60a4e8b68f6b177b777d4daaadf341f732d38ecb4e4e6e57bf1947080e19b70ca38562a83d514d7a149b846eb89a8e25c9e6c1883e730dd29d5f281e1e557ce5b2b29ce04459494f6155b9fe8c387fd268849aca48969ee474d902efdfcfa7672419e7a1a8c1cdd3f88adfc8daf173dea547715ca678a782e10869becfcecd44e84bf373458cef73170f5a1dd4c34b4cae82c3c2085b972ece9dbd3c4ecd9f34d6d79c614c3eaf17264a7e0416422d5af760917a0e3c08a7d551161aee5b94a99b04a4ccea41c334e591e6054f35580e8c96339c5fbc39fa9c0804cab15c5ce9fbc265bfddc07a3c27ba3096b7367e53d30997eed081db6fafd0c60c9b2a4f54d3d642094437d5ff5682ef4ffef79320ef1295fbe877663b9f688cb1ce39d56823c21f14e0e44a5bf2d5e2fc982df8544da50d0ae5ab6f11b4024cf1812093aec971b834b85a23177657f7247f3b28080ef31b1060e63ab38fadd7f538f3d58e470a254b6e59b06d38835018e7793aa677ca6eaabba73312705f3c2978923befa22439add5b72ed21b2b2d43a22bcaa58fc967c889f36aae8327ea4d18f598f7c20406510d06b2232a86b60ddbb29cdb5c38c6771920f1e32070b37216f670d54503df12f51e3f5704a8ab585331eb7516da44bce298c7f23b187150b9b76f4328c2c1ef073b100743314c63895954dc5948d08e6cd4f93ec13017f2ef19ccf1719a75020f503cb25b392d2a2523d765f73b4fa51a43f4a86c4c35fd34f851e911b4168d3901fc4bc01e0d6955631ba50a1e02a381635aa673efe3e2918518102694e3dd1f2e4fd70f2a202b4f7ed228895d5d8f1b2ca2cd1c7d98ea7966f588ace7a99a8b7851b220dd5875e87afb0851d5c56399dcb16f768f9b6e22ae75de3bda729bfc091147bdf4cdf4c3f6c7f5c673ac7820d389cc2143394b991f017d681cb9ac11c332dc044d16768598c7f17c5cde5ef7abfb26fc2d7695dd7319b0f543ea7f48e6f4fa7e00399e638ac5262cc650758bac91106f6e577b272086c3b11a4d9a49c20bdef195364623f4f40dc5fc94ca3a9e69dea4f07d9b31288e2ba3e5ba2cbd0bfc2f893f442e351c74c4520304733e1808120371541b85b9cd627a9c0839e6dd88ea4a525185228cf6de8f5550663962fc8853c4d8beb5a24d07776fddd0640baf7260a4769b190fe8eb19ce83c46efa8dffa7c536cb458ed3a5fecb56a1b6e11c09400bbd97e20c97e4ab42d39211f1b3e11abd9f16afcde31eda70eaa657e428a445598c238c2af2c38338e558376b2ad559faf64f1567a581677ea864c243fb00142877a876c1171070833d2a925c86c289dc325f6a5b171efba1a84cb8b80923ba5c366e1f0829818b53fe96267c097549ba29b230af7a774a5674362cba7ebc4b9cb1f996e1d6169d18d2c78db4709ef6ebd25f4bbcfcb611dc5d91d0fcb184655b0e495dcdf3ea647a6cc34dbeef2c903ca15b24a5e1c9c82115f9916d7f0cbabed9a74d612ee43cbf58eac2aedfb402bba30b3c81c02f91413457a1597a3fb9a03862080a7e965047ee4ab56d3a60a2889765b4e6015a858ec093149bace928d4ff5bef1cf4dae13e7070e5bb99785585f8f29033f5a998b1d01c940e4d740f1816e489bb72ed3cdd147c19a28aac84393c1da8a43b29586705f486874229ff7a1645cdf7802edec4fdb3816511077dbd12e11f7c49c3f82a1dc892e41eb7afd2522aca555378e4c11542296a277fb355ba690c84e6556bfdffeaaf47c3b77a17aeedb8f8a530eaf6ce9509b676afff74d84b18a86f4e2346c4f49ac09084dc1d6257e803be6912e02b454dcc23bdb1dbf0dbcc778ee92e5ee9a5ba42a96d2cd9cb14e5e9dc1e8028a6a1a6228dee7b022a00d7d434e00e7a49a2bcce8dd1493901d700209f962c260b7ef60b382f30274b698a9636228c0a64ab46b19cc3afe6a6cc7229aa635d8a020eab2cadb05a7ce08515bc7f6f76e978675e6e95d3daa70b1b7f870274fee928098f90869148d7d6cc96c6b2ea4d0abd8877b924eb410ad4552d919f44e7ec2b64ef1476f9ff36356bd4a19d7efa3566b4a49d7e61133b54f4fda750e516dbbc3fba56c539653ef901f8bd743de9cf776d26420e6cd93f794683ff48699e41562755ca1d1db26056b4555e7a0cbf935b90e904c69ac8672d5f0c3fb8efc16071575121931a611e6ccca2ff22aa1acb3cd40d46ffde19f84a0fd3e6090a4d1ce50021c3c7e317469bfbc450612664f45ed36c24ded97b2d0bc0e2bdeac1f8d141d7573d5d84bd1b884d83fce6a16279c7dc6bb78f9d8a3e7099277e80aa9ce8ddb25a35de2cf05131db7263f362947383936c2a29687f34243de634a0bc2ecfd43b162e22988f8da247ad4fb693b63340c962f9d040417139eed7156d13323b4572f5b229d773d860893b2eec14d3b87f40009bfd9fcefe822488c97c8ebd6ab65c604e15c3f70c2de528e340f9a6e6e8403e07cac4518c2372bd7baaa10afe4b911fb0ee92a6054d21eacf28a0d09435ecbe97e41c97d8b624bbd58d58d1bd46ed060a0c3447eb583cdb5603a109ef39144b6fd942ecb33937220668077b200d563e24c6a323d4514694ca4b65083d079447e57b31fab63444f469815c1d33996899d2c4de5e5378246951fc0e18cdd5eca7f7b239a21f7360513265f9918dcf05a88f7541797b1a3d00a667bef9768e88050392fb06cb6627c54e72739b3b2529b5fa08946aa934fc021b14af267872910993ff7bc18154b2783cd5d2c9c1a236c49b2900778cdab4851d37f91da6e69c248275d9be1aa4e2b2e582499ed5b72a7cae5c580cbf7397e10838e37825c214caf611f06b02279d6c3b684fe2cef067e0c4a913ac2858ca497065e7abc886b34a449c3fad7a6a7ab37a04008d0c0924f12581e342dd348ac64954779e4861fb8a747b2f6f9cd045e43c4b1a8cb61ee36b00994e81e5b521f4963441d6f28d33a84c919fd2ad2ae545ed33e9a65e645d5e55033da2517a99a37e6630ef78d4826d506d9d357bb284541231cd7e8a25270e3b0223481eec166f73ec70b4ce51cc5c986d8f39b38afe1319b0a4dbee86a04bdcf6aa41a2c73a782674e777ea0e814e94d383b1766a27b9eced1d80784fd9ce5728bc8759dee8bf5eee484c81ae1dee5438a34ee816023315c7c4d1eb6940d1f2bf762afff61746a65816cd226923449606cb8c20ed59dc81b457b34c60d832ed9ea17e1d49d4ed12df2e7323985361b104ea84e6172fefb6839822f13b7c65741c00181e0395a9af9ed7b90c5c09b0eec540d1c501cd4432d811e24494c2399038622b9d7209392535e20165064cfb35d4facab55872ad9f373f401283ace496ef37a52fdf05a46e8e048dec3b12f542619b065876266f20d747ee3655da8c7994b5788db88dda57b33baca79e6096e78dfed671460e1cd78b6790c2249fe1134b91638b0a1fb86e7eb8d1e372ce95c70ee16085e7cb93f972922b11429864136321e7399ad389b5faf5eb6654f7c18090cacc0aca202b15487fc60b8746ad5395b21e591526b8aac4b14b60737e4464fdb6319117bb65c929e351e25c2f1d5d3a7174b12cef74f130eac025ed6a7c32596032d2cfb201c2e598e0256a6cee8ab18c676faaac4d17afa14f199d5ffeeb4dda2abcf0c68b2bf92dbd6026c8b81d36d200456ce2c57d264037b4696fc85b80a364532aee44a17518b101dce70194498113137f91f30386e2f7d6d5dde180c68ca21faa928fa87f1b1087013c487725a4684ad34c7fc3a865805021d04ef799045258d3acca25724ff1bb9b097130360fd49ba34aa45129625a2df5ccdc72b32e4e8e604ffcec4825174640c12398f4b14"}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @empty}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0xc}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @private=0xa010102}, @NLBL_UNLABEL_A_SECCTX={0x9f, 0x7, "81129a417860d4e27d7e3ef1ae2df6599473830694f90afc210bf4b3b1f4f5908cb9fd1daa0a1dd6063aab3f0e0fbf7dee8e6dc521eb1631fffbbc194fee0ba01bb8f10f00b322a9e4358b1272e00648d61ddb204ec818cb85a6f52ae5178da20d4477cd342b65016936b6eced8c302edaf397489d4d99ca89c9c5d570d0eb0be28180113cff84c59553e98167ece673a436f5886aba9e433434b4"}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @empty}]}, 0x10f0}, 0x1, 0x0, 0x0, 0x44b47002c60d58ba}, 0x4004000)
io_uring_setup$auto(0x2f, &(0x7f0000001b40)={0x2, 0x2, 0x98c, 0x6, 0x6, 0x2, <r8=>r1, [0x2, 0x8, 0x63c6], {0x9, 0xfff, 0x0, 0x4ac95faf, 0x9, 0x40, 0x3, 0x101, 0x3}, {0x80000001, 0x2, 0xf4, 0x0, 0xf, 0xc5, 0x5, 0xfff, 0x9}})
r9 = openat$auto_ctl_device_fops_user(0xffffffffffffff9c, &(0x7f0000001bc0), 0x940, 0x0)
getsockopt$auto(r9, 0x5, 0x401, &(0x7f0000001c00)='ovs_datapath\x00', &(0x7f0000001c40)=0x3)
inotify_init1$auto(0x4)
openat$auto_proc_projid_map_operations_base(0xffffffffffffff9c, &(0x7f0000001c80)='/proc/thread-self/projid_map\x00', 0x10402, 0x0)
gettid()
mmap$auto(0xfffffffffffffffc, 0x90, 0x8000, 0x100000011, 0x7, 0x3f49)
r10 = openat$nci(0xffffffffffffff9c, &(0x7f0000001cc0), 0x2, 0x0)
close_range$auto(r10, r4, 0x8)
munmap$auto(0x0, 0xffffffffffffff3e)
mmap$auto(0x2, 0x8, 0x6, 0xfffffffffffffff2, 0x2, 0x65)
r11 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001d40), r8)
sendmsg$auto_NL80211_CMD_AUTHENTICATE(r6, &(0x7f00000022c0)={&(0x7f0000001d00)={0x10, 0x0, 0x0, 0x2800c000}, 0xc, &(0x7f0000002280)={&(0x7f0000001d80)={0x4f0, r11, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NL80211_ATTR_BEACON_HEAD={0x4db, 0xe, "b39730cadd5fe1a66bdf91595c40b9f264ee5a0b1f483c81775ea02bf61e9f3afcdabc581be24c13894050c46e9a1a985382c6d16a9664966c7a4ff25c4adcd9771418d0f7129d628d74e610f776af76a07639fef88a56379b4931dd0e5e08808a1ec6fd2e913c2d19c542bb99417b824e2a5dc1fd157797f14b5dbbfd231c40fdb7c3fd4b3ca7e3f5511dac0872099474e7857941787f00aa2cb8395fdb9ec08e3022d3ce2424d45cd8dede499bf6520b3165e0484b927ef30e79b35c190618713ade426d4d1b54c9de0c43257488f8175c4444e34562f9406b71fafa35fe622970888df6e20ecb4e57bc0faf749838605385c73881f9bec5ee8a557097f2087f616996bd831152041f68bd975fb477a7559394aaf056d313620a0de8cfea7f580be9ea058a395f99b887ab935bc0673750e70151b12919cfbb40dd40500b471aadadedfa360be338e8fbcb062170d8882f5836393da999766892351bbce3433b38127ba680f7b9b6ba4c9cca546551b02a3b8a9e38fda677a4889dc723d6805a91282f04a76bc0e7e8eb8e49e88f903e16bec69afaa772e5d0bc82e89e0b38f75504ef81b1fafeace245ec5bc9d91a7947e8e6dad0d8e8aee0bc346c3fb9f3d6d99732ba92a31352e547c75fcc2bb3f9ed0509ad51bea8dd21fcfde5cd02fdd95aa8345a29524b7d46162dbfadda842aa8fa8ac9c8bc6fe02080a62a820832fcbe24dcdc5ec866e651939be7ecbf10a0a00297b19912a0dfbfe1e7e3e06bbeea072c3a3d9c9974685fb60451a473792da5b6e348c4787cf51607c3f08b0b785ce69ea7e7eded9096832840f7d63d074d38e5c66fdb391864e23baf7455232370b9fa35951be4147807c1ee75d5af4732954431c3e3016e1857e642ba698e612c6d82576cea4c86e7c768f737e1bb2a02216392c5683ed83b37db48d826c106a456e6b6d8375c34e7cbe1b3f99814acae3154fd79d8e89648debf534b644a64394044167716fef2aef09b5675e8c1081d349a9447322a955eb0a044ea7c0d296abcea51455435b4f9fbcd046fef6276e45fd4eaadd929fd77357f76095e6d68b54c7bc8aeee9c1847bffeca4220d51464629f6d286eddbc755f05efb5ed04314a7ee26fe5cdeedb7fec03065b6cd8821a2e4c0f7f9f95dadfd95ab13a4f069deab533adc6568fc7d4b225b63888c36bcce2aed628e1acb27f20d998d7e9dfbc68b6cea249812d3e37cca0d30f29cccb79034da426eceff7778315aabe605408521b8049bcfd429b26a002799d7bd0c6b2136fd40895031b4128a4a8484328d6d7af0e5dc9d04b76c13703e16a48ff4a35fc8d20f382d1d29c7900fc70dcdc4fe5c1adfb7d70919f50947a8aa8b0b6fa8e74cbe34f74bd7696378e62794b681c9a45639e3bb3f2127e4a3eea2c790c4b3f2883854becc71a84b67db6a27b2759cce94e559ba8d7d5dfbc22db3fe279e7af9d32569987d64af804f36b09fc14abedfb945900cc812fa1bc2764bce1a1fe1e508790c1a475cbfc7be9e9d35d69b1ddc363a639d1eb1220f6061a5e15d43045e440fc7582c670e754594f3941bbc029f0bf8a35f147920412bcc08597fa7f5d6b4e803b5b210dfe18b383b37ae7b7d3a53e8b41c06057572e88664e31da82ad09ffc80d347938b12e63f305a8f32dad50ba56c1f5269a9e6a689c7f854a760ebc767d3903e9b059fde778368e6c6f032f32223cd8964ada5e6876d220240ee529f271de7fde"}]}, 0x4f0}}, 0x20040005)
tee$auto(r2, r1, 0x1, 0x25)

9m22.59341929s ago: executing program 2 (id=838):
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001)
mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00\x0e\x15F\xf7\x1a\xd1K+\xedy\xc6\x9bb\x94\xb4^\xc2\x83%\xfbw}\xfb_P\"\x19\xdfi\xe9hA|Q\x8a_F\x04:Q\x90\'\x06', &(0x7f0000000140)='nfsd\x00', 0x10000, 0x0)
mount$auto(0x0, &(0x7f0000000240)='}[,&*}\x001\xe9\x84,\x11h\x9ez<\xc3\xd1\a\xfa\x9aJ\xb1R=XX\x8c\xa2\xf2\t\x06\xb3|S>\xa9\x14gl\xbb\x83\x9e\xa4\x91\x80\x89\xbd\xf6\xd7;\x11\x16odR$\x12c\x8b$[j\xb0\xf7\xd4\x1d\x7f\xcf\x1fj\xad\xd3bvi\xf4\xb7n\xb2\xe2\xa8\x82\xec\xc9\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\xa0~\xf0\xb1z\x9a/ \x8e\xed\xd4\xe7\xc4-\xf5\xd7{\bc%\xfc\x05MH\xea\xbe|9@,\xbf:.\x91\xc9d\x1b\xf0\xd4i\xdfW\xb6\xa4\xe9\n~,n\xdc\xc9\x9c\x9f\x10\x0e\x04\x80Q\xbc\xfa\x13\xd2\xdc|\x93\xa3\xf7^\x1b\xe3\xc7\xcd\x18@T\xf4\xe5%T\xcbn\x96JS\xfe\x03\xebc\xd1(\xc4\x9e\x9a\xae\xd5\x1d\x93oA\x8d\xc6Q\x99\xce}\x1b\xf3\xe3\x9bJ/\x80\x99v\x8c\xe3O\xc0{\xcf\xe5\xf4?\xa6fc\xed\x9a\xfa\xf7\xa7u\xcd\x90mL\x10w R\x85\xfe\rM\x8dM\x17\x92\x1e\xea\x97\x91\xd7\x1a.4\x84\xb7\x8eA\x03\x1c`V\xf7HBS\x11\xeb@I\xe2VIc\x9f\\\xe3\xeb\xc0-\xedO\x9d\x00\x00\x00\x00\x00\x00\x00\x00', 0x0, 0x24000, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = getpgid(0x0)
sched_setparam$auto(r0, &(0x7f0000000080)={0xfffffffd})
syz_open_procfs$namespace(r0, &(0x7f0000000180)='ns/uts\x00')
socket(0x10, 0x2, 0x14)
preadv2$auto(0xc, &(0x7f0000000080)={&(0x7f0000000040)=[0x8, 0x7, 0x8, 0x0, 0x401], 0x1}, 0x5, 0x2, 0xfffffffffffffff9, 0x7)
socket$nl_generic(0x10, 0x3, 0x10)
mq_open$auto(&(0x7f0000000000)='-\x00', 0x955, 0x1, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
mq_timedsend$auto(0x3, 0x0, 0x2000, 0x5, 0x0)

9m22.412505729s ago: executing program 2 (id=841):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r1)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_START_NAN(r4, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4001000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x18, r2, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4040080}, 0x1)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="2f212cbd7010ca705d845526cc0008000380", @ANYRES32=r3], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4000000)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4000000)
pipe$auto(0x0)
pipe$auto(0x0)
sendmmsg$auto(r0, &(0x7f0000000280)={{&(0x7f0000000000)=[0x9, 0x99b, 0x7333, 0xa101, 0x2400000000000, 0x2, 0x400], 0x80, &(0x7f00000000c0)={&(0x7f0000000080)=[0xfffffffffffffffd, 0x3, 0x4, 0x8], 0x5}, 0x200, &(0x7f0000000140)=[0x9, 0x3, 0x7, 0x9, 0x9], 0x4000, 0xaf3c}, 0xa024}, 0x77, 0x70)
bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3)
socket(0x2, 0x1, 0x0)
mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000)
close_range$auto(0xffffffffffffffff, 0xfffffffffffff000, 0x5)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
mmap$auto(0x3, 0x4, 0x4000000000dc, 0x40eb2, 0xa1c, 0x8)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
ioctl$auto(0x3, 0x2, 0x7)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r5, 0x0, 0x20048000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x1a000, 0x0)
tee$auto(0x2000000000000, 0x3, 0x3ff, 0x9)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
futex$auto(&(0x7f0000000040)=0x9, 0x5, 0x4, 0x0, &(0x7f00000002c0)=0x5, 0xc0040000)

9m21.101040037s ago: executing program 2 (id=849):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x200004, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)
mprotect$auto(0x0, 0x4, 0x6)
r0 = open(&(0x7f0000000000)='./cgroup.cpu/cgroup.procs\x00', 0x2000, 0xb5d1af1605322c72)
open_by_handle_at$auto(r0, &(0x7f0000000040)={0x8, 0x100fe, "9700000000000000"}, 0x2)
ptrace$auto(0x4206, 0x1, 0x0, 0x5)
r1 = socket(0x15, 0x5, 0x0)
sync_file_range$auto(r1, 0x1, 0xfffffffffffff800, 0x0)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x140, 0x6, 0x7, 0x8, <r2=>0xffffffffffffffff, [], {0x6, 0x8000006, 0x8c48, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x1c, 0x8, 0x100000000}})
mq_timedsend$auto(0x800, &(0x7f0000000000)='%-)%\x88\x9f*\\&\x05^^\\-{#.y\xf3$&^&{${+\\^)\x94@%[/\x00', 0xffffffffffffffff, 0x4, &(0x7f0000000040)={0x8000000000000000, 0x615})
prctl$auto(0xf19, 0x5, 0x218, 0xffff, 0x6e)
r3 = geteuid()
setreuid$auto(r3, 0x0)
setuid$auto(r3)
newfstatat$auto(r2, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000180)={0xfffffffffffffeff, 0x6, 0xcc, 0x2, 0xffffffffffffffff, <r4=>0xee01, 0x0, 0x2, 0x1, 0x6, 0x8, 0x40, 0x6, 0x2, 0xd, 0x0, 0x5}, 0xce)
newfstatat$auto(r2, &(0x7f0000000100)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000240)={0x1, 0x1, 0x8, 0xfffffffa, r3, r4, 0x0, 0x6, 0x7, 0x5, 0x6, 0x7, 0xee7f, 0xffffffff, 0x5, 0x2, 0x5}, 0x9)

9m20.526928914s ago: executing program 2 (id=851):
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
prctl$auto(0x4a, 0x0, 0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zram0\x00', 0x60742, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
setresuid$auto(0x2, 0x7, 0x8080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
mprotect$auto(0x1ffff000, 0x7ffffffffffffffe, 0x4)
shutdown$auto(0x200000003, 0x2)
mmap$auto(0x0, 0x2, 0xdf, 0x9b72, 0x5, 0xffffffffffffffff)
connect$auto(0x3, &(0x7f0000000140), 0x55)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}})
syz_open_procfs$namespace(0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000ac0), 0xffffffffffffffff)
sendmsg$auto_OVS_FLOW_CMD_SET(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000000)={0x20, r1, 0x1, 0x70bd29, 0x25dfdbff, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_UFID={0x5, 0x9, 0xb0}]}, 0x20}, 0x1, 0x0, 0x0, 0x14}, 0x4000)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyp4\x00', 0xa02, 0x0)
shmctl$auto(0x101, 0x5, &(0x7f0000000100)={{0x7, <r3=>0xffffffffffffffff, 0xee01, 0x3, 0x9, 0xd, 0x5}, 0x33, 0x7f, 0x8, 0x7fff, 0x7, 0x0, 0x9, 0x0, &(0x7f0000000000)=[0x10000, 0xa, 0x3, 0xfffffffffffffffd, 0x7, 0x2, 0x2, 0x7f], &(0x7f0000000080)=[0x9]})
r4 = getuid()
setresuid$auto(0x0, r4, 0xee00)
setresuid$auto(r3, 0xee00, r4)
ioctl$auto_TIOCGDEV2(r2, 0x5429, 0x0)
ioctl$auto(0x3, 0x40081271, 0x38)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)

9m19.854232818s ago: executing program 2 (id=856):
rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000)
r0 = gettid()
process_vm_readv$auto(r0, &(0x7f0000000040)={0x0, 0x8}, 0x4, &(0x7f00000000c0)={0x0, 0x100000000000002}, 0x6, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r1 = socket(0x10, 0x3, 0x6)
mmap$auto(0x1, 0x2, 0x96, 0x15, 0xffffffffffffffff, 0x2)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0xc800)
writev$auto(0xca, &(0x7f0000000080)={&(0x7f00000000c0)=[0x405], 0x2}, 0x7)
rseq$auto(0x0, 0xa, 0x0, 0x7)
r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL802154_CMD_ABORT_SCAN(r3, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000080)={&(0x7f0000000140)={0x48, 0x0, 0x8, 0x70bd2d, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x4}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x3}, @NL802154_ATTR_MAX_ASSOCIATIONS={0x8, 0x27, 0x6}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x8}, @NL802154_ATTR_MAX_CSMA_BACKOFFS={0x5, 0x12, 0x4}, @NL802154_ATTR_SEC_FRAME_COUNTER={0x8, 0x2c, 0xfffffff9}]}, 0x48}, 0x1, 0x0, 0x0, 0x5}, 0x20000000)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="fc000000", @ANYRES32=r2, @ANYRES8=0x0, @ANYRESDEC, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4100f7b4a8132d759892f424887b55fbcf38553ecfbb1b32dd7c33b14cc842bc1e2a5da4203e64ceaa9db5223aa655b6313c011b3e73a75f1aa1f7b2ea43341a1e670a42bc677830013e9c4aa4fa30c3e6630bf0ed13206d5a18f6813c6fb03466112aedf5d67bb5b99fe96a6dcd279916b0bce029925b63c48d41ca8a76e46c6014100045800c00c50003000000000000001800368014006c800800150002020000050018005d0000000000d0cb580b273180"], 0xfc}, 0x1, 0x0, 0x0, 0x400d0}, 0x50)
ioperm$auto(0x0, 0x9, 0x149)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000100), r1)
flock$auto(0x9, 0x8afe)
mprotect$auto(0x1, 0x7cc7, 0x7fffffffffffffff)

9m19.496951494s ago: executing program 33 (id=856):
rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000)
r0 = gettid()
process_vm_readv$auto(r0, &(0x7f0000000040)={0x0, 0x8}, 0x4, &(0x7f00000000c0)={0x0, 0x100000000000002}, 0x6, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r1 = socket(0x10, 0x3, 0x6)
mmap$auto(0x1, 0x2, 0x96, 0x15, 0xffffffffffffffff, 0x2)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0xc800)
writev$auto(0xca, &(0x7f0000000080)={&(0x7f00000000c0)=[0x405], 0x2}, 0x7)
rseq$auto(0x0, 0xa, 0x0, 0x7)
r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL802154_CMD_ABORT_SCAN(r3, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000080)={&(0x7f0000000140)={0x48, 0x0, 0x8, 0x70bd2d, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x4}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x3}, @NL802154_ATTR_MAX_ASSOCIATIONS={0x8, 0x27, 0x6}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x8}, @NL802154_ATTR_MAX_CSMA_BACKOFFS={0x5, 0x12, 0x4}, @NL802154_ATTR_SEC_FRAME_COUNTER={0x8, 0x2c, 0xfffffff9}]}, 0x48}, 0x1, 0x0, 0x0, 0x5}, 0x20000000)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="fc000000", @ANYRES32=r2, @ANYRES8=0x0, @ANYRESDEC, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4100f7b4a8132d759892f424887b55fbcf38553ecfbb1b32dd7c33b14cc842bc1e2a5da4203e64ceaa9db5223aa655b6313c011b3e73a75f1aa1f7b2ea43341a1e670a42bc677830013e9c4aa4fa30c3e6630bf0ed13206d5a18f6813c6fb03466112aedf5d67bb5b99fe96a6dcd279916b0bce029925b63c48d41ca8a76e46c6014100045800c00c50003000000000000001800368014006c800800150002020000050018005d0000000000d0cb580b273180"], 0xfc}, 0x1, 0x0, 0x0, 0x400d0}, 0x50)
ioperm$auto(0x0, 0x9, 0x149)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000100), r1)
flock$auto(0x9, 0x8afe)
mprotect$auto(0x1, 0x7cc7, 0x7fffffffffffffff)

7m50.573612372s ago: executing program 5 (id=1272):
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/arp_tables_names\x00', 0x21040, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000e80)=""/215, 0xd7)
socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0x2a, 0x3, 0x101)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000040), r2)
open(0x0, 0x4241c2, 0x48)
socket(0xa, 0x1, 0x1)
bpf$auto(0x6, 0xffffffffffffffff, 0x0)
mmap$auto(0x0, 0x400005, 0xdf, 0x14, 0x8000000000000002, 0x2000000008001)
socket(0x15, 0x5, 0x0)
madvise$auto(0x1ffff000, 0x7, 0x100000000)
prctl$auto(0x3f, 0x17, 0x0, 0x0, 0x400)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x6, 0xfffffffb)
pselect6$auto(0xffffffff, &(0x7f00000000c0)={[0x2, 0x1002, 0x6, 0xbda3, 0x0, 0x1, 0xfffffffffffffffa, 0xc7, 0x5, 0x3fc, 0x7, 0x3, 0x2, 0xffffffffffffffc3, 0x87d9, 0xa]}, &(0x7f00000002c0)={[0x6, 0x9bbb, 0x0, 0x3, 0x58, 0xb5, 0x8, 0x7f, 0x6, 0x4, 0x7fb, 0xa5, 0x2, 0x7de1, 0xed17, 0x8c5]}, &(0x7f0000000200)={[0x1, 0x0, 0x36d7, 0x7, 0x40, 0x20000007, 0x8, 0x7fffffff, 0x6, 0xe519, 0x402, 0xffff, 0x94, 0x39d9eb, 0x8, 0x9]}, &(0x7f0000000280)={0xa, 0xfffffffffffffffd}, 0x0)
flock$auto(r1, 0x0)
keyctl$auto(0x8, 0xa24a, 0xffff, 0x508f, 0x400000000080001)
mknod$auto(0x0, 0x7, 0xc8)

7m47.652476381s ago: executing program 5 (id=1283):
socket(0x2, 0x2, 0x88) (async)
r0 = socket(0x10, 0x2, 0x0) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000140), r1)
sendmsg$auto_TASKSTATS_CMD_GET(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x24, r2, 0xa01, 0x70bd2b, 0x25dfdbfb, {}, [@TASKSTATS_CMD_ATTR_DEREGISTER_CPUMASK={0xe, 0x4, 'N-SKSTATS\x00'}]}, 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x20000000) (async)
r3 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsa\x00', 0x2a801, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
r4 = openat$auto_vsock_device_ops_af_vsock(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8340, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$dir(0xffffffffffffff9c, 0x0, 0x242080, 0x16f) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NFC_CMD_LLC_SET_PARAMS(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0xde8065d277046c55, 0x70bd29, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0xc000}, 0x0) (async)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000180), r5) (async)
syz_genetlink_get_family_id$auto_nl80211(0x0, r5)
sendmsg$auto_NL80211_CMD_GET_INTERFACE(r5, &(0x7f0000002780)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x50000014}, 0x20000080) (async)
r6 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NBD_CMD_CONNECT(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)={0x20, r6, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x5}]}, 0x20}, 0x1, 0x0, 0x0, 0x40080}, 0x20040004) (async)
sendmmsg$auto(0x3, 0x0, 0x3, 0x0) (async)
ioctl$auto(r4, 0x77fc, 0x5) (async)
write$auto_vcs_fops_vc_screen(r3, &(0x7f0000000040)="3a4595d037478120349ce5916a7d21c7bc4b0d5f6297054253f995800771f422d98b334a7c66416a3b55c8012d85e902", 0x3e84) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x28, 0x0, 0x4, 0x5, 0x2)
openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/numa_maps\x00', 0x51d3d3dae1444a36, 0x0)
exit$auto(0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="2c00df"], 0x1ac}}, 0x40000) (async)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) (async)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x240cc040)

7m45.857457483s ago: executing program 5 (id=1294):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x40}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x2, 0xb}, 0x800009}, 0x5, 0x20000000)
r1 = syz_genetlink_get_family_id$auto_nbd(0x0, r0)
sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x14, r1, 0x400, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x84}, 0x10)
write$auto(0x3, 0x0, 0x296)

7m45.141450336s ago: executing program 5 (id=1297):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x40}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x2, 0xb}, 0x800009}, 0x5, 0x20000000)
r1 = syz_genetlink_get_family_id$auto_nbd(0x0, r0)
sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x14, r1, 0x400, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x84}, 0x10)

7m44.243583412s ago: executing program 5 (id=1299):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x1, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/asound/pcm\x00', 0x20100, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000380)=""/122, 0xc7)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000000008000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400, 0x7}, 0x9, 0x0)
landlock_restrict_self$auto(r2, 0x0)
landlock_restrict_self$auto(r1, 0x0)
socket(0x1, 0x2, 0x1)
mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000) (async)
mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, 0x0, 0x3, 0x0) (async)
sendmmsg$auto(0x3, 0x0, 0x3, 0x0)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6) (async)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6)
mmap$auto(0xffffffffffff8004, 0x7e2e7dae, 0x1000000004, 0x9b72, 0x200000000001, 0x8000)
tkill$auto(0x1, 0x7)

7m43.502786935s ago: executing program 5 (id=1303):
r0 = socket(0x9, 0x6, 0x106)
rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8)
sendmsg$auto_NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={0x0, 0x2e4}, 0x1, 0x0, 0x0, 0x801}, 0x8404)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f00000000c0), 0x55)
read$auto(0x3, 0x0, 0x7)
futex$auto(0x0, 0x8, 0x8243, 0x0, 0x0, 0x4)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_SMC_PNETID_ADD(r0, &(0x7f0000000300)={&(0x7f0000000100), 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x28, 0x0, 0x200, 0x70bd27, 0x25dfdbfe, {}, [@SMC_PNETID_IBNAME={0x6, 0x3, ')\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, '@-}#\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x10)
sendmsg$auto_TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYBLOB='J\x00\x00\x00', @ANYRES16, @ANYBLOB="010025bd7000fcdbdf25020000002c00018028003c80"], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x44)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='Z'], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x9}, 0x3, 0x0)
setsockopt$auto(0x3, 0x0, 0x17, 0x0, 0x28)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000080), r1)
r2 = socket(0xa, 0x801, 0x84)
getsockopt$auto(r2, 0x84, 0x73, 0x0, 0x0)
socket(0x1, 0x1, 0x1)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x4f1, 0x1)
fanotify_mark$auto(0x0, 0x80, 0x8, 0x3, 0x0)
bind$auto(0x3, &(0x7f0000000140), 0xd)
listen$auto(0x3, 0x81)
ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000040), r2)

7m42.910086841s ago: executing program 34 (id=1303):
r0 = socket(0x9, 0x6, 0x106)
rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8)
sendmsg$auto_NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={0x0, 0x2e4}, 0x1, 0x0, 0x0, 0x801}, 0x8404)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f00000000c0), 0x55)
read$auto(0x3, 0x0, 0x7)
futex$auto(0x0, 0x8, 0x8243, 0x0, 0x0, 0x4)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_SMC_PNETID_ADD(r0, &(0x7f0000000300)={&(0x7f0000000100), 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x28, 0x0, 0x200, 0x70bd27, 0x25dfdbfe, {}, [@SMC_PNETID_IBNAME={0x6, 0x3, ')\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, '@-}#\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x10)
sendmsg$auto_TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYBLOB='J\x00\x00\x00', @ANYRES16, @ANYBLOB="010025bd7000fcdbdf25020000002c00018028003c80"], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x44)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='Z'], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x9}, 0x3, 0x0)
setsockopt$auto(0x3, 0x0, 0x17, 0x0, 0x28)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000080), r1)
r2 = socket(0xa, 0x801, 0x84)
getsockopt$auto(r2, 0x84, 0x73, 0x0, 0x0)
socket(0x1, 0x1, 0x1)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x4f1, 0x1)
fanotify_mark$auto(0x0, 0x80, 0x8, 0x3, 0x0)
bind$auto(0x3, &(0x7f0000000140), 0xd)
listen$auto(0x3, 0x81)
ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000040), r2)

4.341463983s ago: executing program 6 (id=3414):
close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socket(0x2, 0x6, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) (async)
lsm_set_self_attr$auto(0x810001, &(0x7f0000000100)={0x6d, 0x100000bae2, 0x80}, 0x81, 0x0) (async)
setsockopt$auto(r0, 0x10d, 0xa, 0x0, 0x17) (async)
syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/time\x00') (async)
socket(0x10, 0x2, 0x14)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
mq_open$auto(&(0x7f0000000140)='nl802154\x00', 0x40, 0x8, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x1000000000000055, 0xd}) (async, rerun: 64)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00')
socket(0x2b, 0x1, 0x1)
getsockopt$auto(0x4, 0x11e, 0x7, 0xfffffffffffffffc, 0x0)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async)
r1 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_DP_CMD_DEL(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002abd7000fedbdf250200000008"], 0x38}, 0x1, 0x0, 0x0, 0x20040011}, 0x20000000)
getrandom$auto(0x0, 0x6, 0x3) (async)
mq_open$auto(&(0x7f0000000000)='-\x00', 0x955, 0x1, 0x0) (async)
mmap$auto(0xffffffffffffffff, 0x20009, 0xe2, 0xeb1, 0x3, 0x7ffc) (async)
mq_timedsend$auto(0x3, 0x0, 0x2000, 0x5, 0x0)

4.069961181s ago: executing program 6 (id=3416):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x0, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
r0 = socket(0x2, 0x1, 0x0)
sendto$auto(r0, 0x0, 0x43, 0xfffffffb, &(0x7f0000000080), 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ram3\x00', 0x8003, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/ipc\x00')
mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/net\x00')
fchdir$auto(0xf4400000000)
setfsuid$auto(0x2)
unlink$auto(&(0x7f0000000040)='#\x00')
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000140), r2)
sendmsg$auto_OVS_VPORT_CMD_SET(r2, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="5bd226bd7000fddbdf25040000000400048008000800", @ANYRES32=0x0, @ANYBLOB="75485a925d8d02723e15657c5e8219d20c546354de71146c7f4c233108707029ad69500bb3cbaf7d68abea954e23e8df10b8a46a548ba1727b3ecaa7e6c45653d58146001584fbf27d87afc4492f"], 0x20}}, 0x4004094)
ioctl$auto_def_blk_fops_fs(r1, 0x125f, 0x0)
r4 = syz_genetlink_get_family_id$auto_nfc(&(0x7f00000000c0), r0)
sendmsg$auto_NFC_CMD_DEACTIVATE_TARGET(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x90, r4, 0x300, 0x70bd26, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, 0x7f}, @NFC_ATTR_IM_PROTOCOLS={0x8, 0xd, 0x8001}, @NFC_ATTR_VENDOR_DATA={0x58, 0x1f, "b77a5438e2557340c0afbaa3bfd7282a8f8d75d006c21c5ccb2f9f765cccd10a8ec799bfc5a129c372a3dffe062756462ec5cb44c79d480e9a43daed42e206ca804f4dee399a560829baf1a2ff22af0c5daca573"}, @NFC_ATTR_DEVICE_NAME={0x4}, @NFC_ATTR_VENDOR_SUBCMD={0x8, 0x1e, 0x7}, @NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0xa}]}, 0x90}, 0x1, 0x0, 0x0, 0x20008000}, 0x10)

3.8454661s ago: executing program 6 (id=3417):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x6, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
socket(0x2, 0x6, 0x0)
pipe$auto(0x0)
poll$auto(&(0x7f0000000040)={<r0=>0xffffffffffffffff, 0x7, 0x8}, 0x80, 0x400440)
setsockopt$auto(r0, 0x113, 0x1, 0x0, 0x81)
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0xc76, 0x8000)
shutdown$auto(0x200000003, 0x2)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x300, 0x0)
connect$auto(0x3, 0x0, 0x55)
r1 = openat$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
clock_getres$auto(0x0, 0x0)
socket(0xa, 0x2, 0x3a)
vmsplice$auto(r1, 0x0, 0x8, 0xffff)
readv$auto(0x3, &(0x7f0000003080)={0x0, 0x4}, 0x9)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
socket(0x2, 0x2, 0x1)
io_uring_setup$auto(0x6, 0x0)
sendto$auto(0x3, 0x0, 0x8, 0xf950, &(0x7f0000000140), 0x1d)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)

3.130323647s ago: executing program 0 (id=3423):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x6, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
socket(0x2, 0x6, 0x0)
pipe$auto(0x0)
poll$auto(&(0x7f0000000040)={<r0=>0xffffffffffffffff, 0x7, 0x8}, 0x80, 0x400440)
setsockopt$auto(r0, 0x113, 0x1, 0x0, 0x81)
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0xc76, 0x8000)
shutdown$auto(0x200000003, 0x2)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x300, 0x0)
connect$auto(0x3, 0x0, 0x55)
r1 = openat$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
clock_getres$auto(0x0, 0x0)
socket(0xa, 0x2, 0x3a)
vmsplice$auto(r1, 0x0, 0x8, 0xffff)
readv$auto(0x3, &(0x7f0000003080)={0x0, 0x4}, 0x9)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
socket(0x2, 0x2, 0x1)
io_uring_setup$auto(0x6, 0x0)
sendto$auto(0x3, 0x0, 0x8, 0xf950, &(0x7f0000000140), 0x1d)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)

3.013567234s ago: executing program 4 (id=3424):
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd)
adjtimex$auto(&(0x7f0000000280)={0xf, 0x0, 0x8, 0x100000001, 0x7f, 0x0, 0xffffffff, 0x0, 0x6, 0x0, 0x10001, {0xf, 0x3f420f0000000000}, 0x7fffffffffffffff, 0x3a9d, 0x5, 0xf, 0x0, 0x6, 0x1, 0x7, 0x800, 0x5, 0x1015c8})

2.910233783s ago: executing program 4 (id=3425):
socket(0x1d, 0x2, 0x2) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
connect$auto(0x3, 0x0, 0x55)
socket(0x10, 0x3, 0x6) (async)
prctl$auto(0x41555856, 0x4, 0x2008, 0x0, 0x0)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) (async)
write$auto(0x3, 0x0, 0x5c8)
r0 = openat$auto_vrr_range_fops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/0000:00:02.0/Virtual-2/vrr_range\x00', 0x4500, 0x0)
write$auto(r0, 0x0, 0x5c8)

2.689424102s ago: executing program 4 (id=3426):
mmap$auto(0xfffffffffffffffe, 0x20000b, 0xdf, 0x20017, 0x2, 0xbffffdfffffffffb) (async)
mmap$auto(0x2e7, 0xa, 0xffff, 0x1cdc, 0x3, 0x4)
r0 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000000), 0xc0040, 0x0)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, 0x0) (async)
dup2$auto(r0, r0) (async)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000080), 0xffffffffffffffff) (async)
r1 = geteuid()
setreuid$auto(r1, 0x0)
setuid$auto(r1) (async, rerun: 32)
r2 = fcntl$getown(r0, 0x9) (async, rerun: 32)
bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x801, 0x8, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) (async, rerun: 32)
socket(0x25, 0x1, 0x3) (async, rerun: 32)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = socket(0x1d, 0x2, 0x7) (async)
bpf$auto(0x8, &(0x7f0000000000)=@iter_create={0xffffffffffffffff, 0xe}, 0x463)
bind$auto(0x7, &(0x7f0000000000), 0x3e)
sendmsg$auto_MAC802154_HWSIM_CMD_GET_RADIO(r3, &(0x7f0000000140)={&(0x7f00000000c0)={0x1d, 0x0, 0x0, 0x1000}, 0x18, &(0x7f0000000100)={0x0, 0xf0}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000001)
syz_clone(0x2000000, &(0x7f00000000c0)="32479040da6e094172b4e7a924bae02e10c820436191748fb90cd6bab02dac037c7ddb61a324a70629ef010fb5c0a42a012ee7ec3bb53cec1aeb9b01ad89016352536df5d7f1044e8a4360ee06144341df1f9e230fa28676c4e060098a2d69d333dd9307abec33fcdc8a29e545477d0230", 0x71, &(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0)="be5606210052631526276f5ef48c7eeb1a712d618367856df2faaf889ef54644a26d88d7")
statx$auto(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0xffffffff, 0xfffffaf3, &(0x7f0000000240)={0x4, 0x9, 0x3, 0x0, <r4=>0xee01, 0x0, 0x101, 0x200, 0x7ff, 0x1, 0x7, 0x6, {0x69e5dd28, 0x5}, {0x400}, {0xd, 0x9}, {0xfe56, 0x2}, 0x7, 0x2, 0x0, 0x30000000, 0x2, 0xc, 0xffffffff, 0x4, 0xfffffff9, 0x0, 0x1, 0x7, [0x3, 0x7, 0x4, 0x9, 0x5, 0x0, 0xf, 0x1, 0x7fffffffffffffff]})
r5 = socket$nl_generic(0x10, 0x3, 0x10) (async)
bpf$auto(0x8, &(0x7f0000000040)=@link_create={@map_fd, @target_fd, 0x6, 0x8, @target_btf_id=0xffff}, 0x8a3) (async)
r6 = socket(0x1d, 0x5, 0xc)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000013c0)=ANY=[@ANYBLOB="18000000", @ANYRES8=r2, @ANYRES8=r5, @ANYRES32], 0x18}}, 0x80) (async)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000002fc0), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_SET_MAC_ACL(r6, &(0x7f0000000480)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000003100)={&(0x7f0000003180)=ANY=[], 0xcc}, 0x1, 0x0, 0x0, 0x24008000}, 0x20040052)
getpgid(0x0) (async)
setns(0xffffffffffffffff, 0x20000000)
r7 = openat2$dir(0xffffffffffffff9c, &(0x7f0000002ec0)='./file0\x00', &(0x7f0000002f00)={0x202202, 0x80, 0x22}, 0x18)
open_tree$auto(r7, &(0x7f0000002f40)='./file0\x00', 0x7) (async)
statx$auto(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', 0x70, 0xca8, &(0x7f0000000380)={0xb9, 0x8, 0x9d, 0xd2b, r4, 0xee00, 0x6, 0x1ff, 0x9, 0x2, 0x2, 0x3, {0x101, 0x6}, {0x7fffffff, 0x1ff}, {0x3, 0xffff}, {0x3, 0x9}, 0x8, 0x4, 0x2, 0x3, 0x9, 0x80007, 0x5, 0x2, 0x8, 0xfffff000, 0x6, 0x48e, [0x511, 0xfffffffffffff92b, 0x9, 0x9, 0x0, 0x1ff, 0x7, 0x80000000, 0x6]})

2.531862407s ago: executing program 4 (id=3427):
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x28}, 0x1, 0x0, 0x0, 0x4c894}, 0x4000)
mprotect$auto(0x1ffff000, 0x8000000000000000, 0x4)
ppoll$auto(0x0, 0x31, &(0x7f0000000080)={0x1, 0xfffffffffffffffa}, 0x0, 0x99)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/v4l-subdev2\x00', 0x80000, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
ioctl$auto(0x3, 0xc040563d, 0x38)
socket(0xa, 0x801, 0x84)
socket(0x2c, 0x4, 0x10000)
mmap$auto(0x101, 0xa, 0x3, 0x17, 0xa2, 0x90dc)
socket(0x840000000002, 0x3, 0xff)
socket(0xa, 0x80000, 0x9)
mmap$auto(0x6, 0x8000000000000001, 0x9, 0x19, 0x1ff, 0x101)
mq_open$auto(&(0x7f0000000000)='.\xf1e4\xdf\x16\x95kxE\xd9x\x15\xb0\xf6V\x93\xb4E\x06\xc5}l', 0x56a, 0xb275, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
mq_getsetattr$auto(0x0, &(0x7f0000000000)={0x0, 0x2, 0x7fff}, 0x0)
socket(0x2, 0x1, 0x106)
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$auto(0x1, 0x1, 0x43, &(0x7f0000000000)='\x00', 0xbb)
mq_timedsend$auto(0x8, &(0x7f0000000040)='.&-[*]k)\x00|\xf3\x8d[y\x194A\xces\xba\x98', 0x4, 0x9, &(0x7f0000000100)={0x5, 0x6})

2.424822961s ago: executing program 6 (id=3429):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x6, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
socket(0x2, 0x6, 0x0)
pipe$auto(0x0)
poll$auto(&(0x7f0000000040)={<r0=>0xffffffffffffffff, 0x7, 0x8}, 0x80, 0x400440)
setsockopt$auto(r0, 0x113, 0x1, 0x0, 0x81)
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0xc76, 0x8000)
shutdown$auto(0x200000003, 0x2)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x300, 0x0)
connect$auto(0x3, 0x0, 0x55)
r1 = openat$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
clock_getres$auto(0x0, 0x0)
socket(0xa, 0x2, 0x3a)
vmsplice$auto(r1, 0x0, 0x8, 0xffff)
readv$auto(0x3, &(0x7f0000003080)={0x0, 0x4}, 0x9)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
socket(0x2, 0x2, 0x1)
io_uring_setup$auto(0x6, 0x0)
sendto$auto(0x3, 0x0, 0x8, 0xf950, &(0x7f0000000140), 0x1d)

2.304835708s ago: executing program 3 (id=3430):
mmap$auto(0x0, 0x2000c, 0xdf, 0xeb1, 0x40000000000a5, 0x8002)
r0 = socket(0xa, 0x806, 0x0)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{&(0x7f0000000000)=[0xa], 0xb8, 0x0, 0x0, 0x0, 0x8, 0x80008000}, 0x5}, 0x1, 0x1fda)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000800}, 0x14011)
connect$auto(0x3, &(0x7f0000000000), 0x18)
connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x7, @local}, 0x55)

2.072514837s ago: executing program 3 (id=3431):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xfffffffffffefffd, 0x17)
r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000002c0), 0x40000, 0x0)
ioctl$auto_DMA_HEAP_IOCTL_ALLOC(r0, 0xc0184800, 0x0)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
madvise$auto(0x0, 0x20499d, 0x9)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000040), r1)
sendmsg$auto_MACSEC_CMD_UPD_RXSC(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="1400000026ce4a05a21091d58b2882d2d117c193e628d78e5ad7694d06631029f9dac698975bccfda3363a2b456ac05f5cc97e43a74a20223148d9e9db1cefe261f5a37c46e1ef5555be3b30fd355ca6ed1deae4ead866282669f447bd6d1f5bba9c6eda91636caf58d511a902f700050a73f22b5376b29f836900eba1d5697b1f91528dac27f4c1ebaff89ce567f95bd25b8507bddd5ad11a109ddc786c698f0fac642e455a", @ANYRES16=r2, @ANYBLOB="010026bd7000fbdbdf2503000000"], 0x14}, 0x1, 0x0, 0x0, 0x5}, 0x2000c080)
r3 = syz_genetlink_get_family_id$auto_nlbl_mgmt(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$auto_NLBL_MGMT_C_LISTDEF(r1, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="020026bd70000500006f4b8d6423a5ff471bef19de7a0005000100000000"], 0x24}, 0x1, 0x0, 0x0, 0x4000840}, 0x24000001)
socket$nl_generic(0x10, 0x3, 0x10)
kexec_load$auto(0xff, 0x9, &(0x7f0000000280)={@buf=0x0, 0x2, 0x80000000000000, 0x3000}, 0x4)
r4 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0)
mbind$auto(0xf72, 0x8, 0x96, &(0x7f0000000240)=0xffffffffffffff81, 0xfffffffffffffffa, 0xff)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x4}, 0x802}, 0x7, 0x8)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd)
write$auto_seq_oss_f_ops_seq_oss(r4, &(0x7f0000000040)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba42933ae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103f23083baa9b2ae653731d5993db4054233dea4af25795e12eb4d6b046bdeea6adce8626e0def15dd32b0ec16a85d93e1dea980794033f4b46973062c64c0209f9d3efc6ea7704c8e8dfea8cdfbe2cb1e367bf634a1952190e0660994f79f0c622d47ee8f93ce1c2852db907ae68a29bcc960b26e0e634173287fd012c4bb3063c41d35c92e896b44080bc5a98e90907cd1d01cc0708019cc1c93c71f29bfe841c873ad2aa0565dfaeb86c8b8e58ea2075de2a562ba1b5dc4ca452df21f25", 0x1f4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000)
r6 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$auto_RTC_SET_TIME(r6, 0x4024700a, 0x0)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001180), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x28}, 0x1, 0x0, 0x0, 0x894}, 0x4)
mprotect$auto(0x1ffff000, 0x8000000000000004, 0xd)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r5, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
madvise$auto(0x108000, 0x800034, 0x9)
setsockopt$auto(0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000080)='.:+.\x00', 0xfff)

1.982270783s ago: executing program 4 (id=3432):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mremap$auto(0x4000, 0x1fffe00, 0x3fd6, 0x3, 0xfffff000)
mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001300)={'veth0_macvtap\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001480), r0)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(r0, &(0x7f0000001cc0)={0x0, 0x0, &(0x7f0000001c80)={&(0x7f0000000100)={0x28, r2, 0x1, 0x70bd2a, 0x25dfdc00, {}, [@ETHTOOL_A_CHANNELS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}]}, @ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0x2}]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x0)

1.855252277s ago: executing program 0 (id=3433):
mmap$auto(0x0, 0x20009, 0x4000040000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/mac802154_hwsim/ieee802154/phy1/net/wpan1/queues/tx-0/byte_queue_limits/hold_time\x00', 0xa000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/4096, 0x1000)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$&6\x00', @ANYRES16=r0, @ANYBLOB="00022dbd7000fbdbcf250200000008000300fcffffff0800010005000000"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0x40000)
r1 = socket(0xa, 0x801, 0x84)
sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000021}, 0x8004)
connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x0, @rand_addr=0x64010101}, 0x55)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x7)
mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000)
socket(0x7, 0x800, 0x200042)
keyctl$auto(0x8, 0x5, 0x6, 0x6, 0x7)
writev$auto(0xca, &(0x7f0000000080)={&(0x7f0000000040)=[0x404], 0xa}, 0x7e)
unshare$auto(0x200)
r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00')
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
inotify_rm_watch$auto(0x0, 0x9)
r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00')
io_uring_setup$auto(0x6, 0x0)
setns(r3, 0x10000000)
umount2$auto(&(0x7f0000000080)='.\x00', 0x2)
setns(r2, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x5, 0x2000000000002)
socket(0x2, 0x801, 0x106)
socket(0x26, 0x80805, 0x0)
keyctl$auto(0x1ff, 0x7ffffffffffffd, 0x2, 0x7, 0xbb8)
open(0x0, 0x12ba7e, 0x145)

1.340002059s ago: executing program 4 (id=3434):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x6, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
socket(0x2, 0x6, 0x0)
pipe$auto(0x0)
poll$auto(&(0x7f0000000040)={<r0=>0xffffffffffffffff, 0x7, 0x8}, 0x80, 0x400400)
madvise$auto(0x400, 0x9, 0xa5a)
setsockopt$auto(r0, 0x113, 0xffffffb7, 0x0, 0x82)
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0xc76, 0x8000)
shutdown$auto(0x200000003, 0x2)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x300, 0x0)
connect$auto(0x3, 0x0, 0x55)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
syz_clone3(&(0x7f00000002c0)={0x10004600, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100)=<r1=>0x0, {0x2}, &(0x7f0000000140)=""/93, 0x5d, &(0x7f00000001c0)=""/190, &(0x7f0000000280)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0], 0x7, {r0}}, 0x58)
syz_open_procfs$namespace(r1, &(0x7f0000000000)='ns/uts\x00')
socket(0xa, 0x3, 0x3a)
setsockopt$auto(0x400000000000003, 0x29, 0xcc, 0x0, 0x567)
mmap$auto(0x5, 0x2, 0x5, 0x13, 0x13, 0x2)
setsockopt$auto(0x400000000000003, 0x29, 0xd3, 0x0, 0x567)
socket(0x3, 0x1, 0x73)
setsockopt$auto(0x400000000000003, 0x29, 0x40, 0x0, 0x40020000)

1.196171684s ago: executing program 6 (id=3435):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x40}, 0x6a)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x3, 0x6)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0xfffff4a4, 0x0, 0xfffffffffffffffd)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x40000)
r1 = socket(0x10, 0x2, 0x0)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x100000000, 0x5, 0x1d, 0x940, 0x1ffde, 0x3, 0x2000000000000006, 0x2, 0x9, 0x5, 0x2, 0x8, 0xae, 0x9, 0x2, 0x7, 0x5, 0x7, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, [0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x400000, 0x0, 0x80000000000, 0x400000000000000, 0x0, 0x8000000000000000, 0x80000000000000, 0x0, 0xfffffffffffffffd, 0x0, 0xfffffffffffffbfe, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x8, 0xfffffffffffffffe, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001]}, 0x1fe, 0x81)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00'], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x2, 0xb}, 0x800009}, 0x5, 0x20000000)
r2 = syz_genetlink_get_family_id$auto_nbd(0x0, r0)
sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x14, r2, 0x400, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x84}, 0x10)
connect$auto(0x3, 0x0, 0x54)

947.920477ms ago: executing program 0 (id=3436):
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd)
adjtimex$auto(&(0x7f0000000280)={0xf, 0x0, 0x8, 0x100000001, 0x7f, 0x0, 0xffffffff, 0x0, 0x6, 0x0, 0x10001, {0xf, 0xa086010000000000}, 0x7fffffffffffffff, 0x3a9d, 0x5, 0xf, 0x0, 0x6, 0x1, 0x7, 0x800, 0x5, 0x1015c8})

813.670955ms ago: executing program 0 (id=3437):
r0 = socket(0xa, 0x806, 0x0)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{&(0x7f0000000000), 0x20000ba, 0x0, 0x0, 0x0, 0x8, 0x5}, 0x4}, 0x1, 0x1fda)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NFC_CMD_GET_SE(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x51060440}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, 0x0, 0x400, 0x70bd27, 0x25dfdbfd, {}, [@NFC_ATTR_LLC_PARAM_RW={0x5, 0x10, 0x6}, @NFC_ATTR_VENDOR_SUBCMD={0x8, 0x1e, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x1011}, 0x880)
r2 = openat$auto_gpiolib_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x80000, 0x0)
pread64$auto(r2, 0x0, 0x2, 0x2e)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd)
connect$auto(0x3, &(0x7f0000000000), 0x18)
read$auto(r0, 0x0, 0x805644)
mmap$auto(0x200000000000, 0x8, 0xe, 0x16, 0x10000, 0x8)

766.983128ms ago: executing program 6 (id=3438):
mmap$auto(0x0, 0x2000c, 0xdf, 0xeb1, 0x40000000000a5, 0x8002)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{&(0x7f0000000000)=[0xa], 0xb8, 0x0, 0x0, 0x0, 0x8, 0x80008000}, 0x5}, 0x1, 0x1fda)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000800}, 0x14011)
connect$auto(0x3, &(0x7f0000000000), 0x18)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/snmp6\x00', 0x181b80, 0x0)
read$auto(0xffffffffffffffff, &(0x7f0000000300)='2\x06J Nwe0\xbd\"\x8f\xe5h_b\xde\x19\xa5\x0e\xfa\xe0\xcb\xb7\xaceWg\xe8n\xf2\xfe\x01Y\xd6\xba\xde3\xc7\xf8\x91\xda\xf6_%\xf30\xdc\x97<\xf3A\xa7\xb4\x8dj\xbd\x02\xb1}{e\xf64\xec4\x83,\xecp7j\xf8<\xc8x\xd4\xb0\x1d\b\xb0\x18\x01\x9e\x9et\x8aa\xe1\re\xcf\x8e\x02\xeeW\xf0z\vk#_\xdb\x15f8>;zM\xa95\x16\xe9l\xf5\xaa\xaa\x03\x18p\x0e\xde$\xc3\xa9\xac\xc7\x98\x05<\xef\xcd@z\fx}F\x93\xe1\xbd\xb3s\x80\xc1w\x1eP\xd0\xea\xab\x8f\xc7\a\xe6\xad\ni\n~-u)\x88\x97\xed\xa7\x9b\x0f\xef\x99\x13\xdc<\xd1{\br\xd6[\xd3\xa9-(KH\b\xdfJ\xdek\xef\xc9\xd7\n\x83m\x86\xf2\a\x8d\x19\xe0\\\xf0lg?\x98\xc8\x8e\xbd2?C\xa5\x8a\xe3\xc6\xd7\x00\x14n\xb8<\xab\x96\x8d\xa1\xf4\x87\xe5\a:z\xea\xcc\xa1\x8d\xae8\x12\xa6\xb9\xd99\xaa\xc5\x10\xad\xdd\x89\xdd\xbb\xf5\xd2Q\x92\xcd\xcc\x9f\x1a\xdbR\xeeL:\x87\xb3\xb0\x84\x1bR\xf2\xe2/\xa3\x0e\x90\x98\x8c\xc0\xa4\xda', 0x805644)
fcntl$auto(0x2, 0x11, 0x0)
ioperm$auto(0x7, 0x6, 0x2)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
semctl$auto(0x1ff, 0x2, 0x13, 0x20001)
set_mempolicy$auto(0x3, &(0x7f0000000000)=0x3, 0x388)
kexec_load$auto(0x2, 0x7, 0x0, 0x4)

728.355102ms ago: executing program 3 (id=3439):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x200, 0x70bd2a, 0x25dfdbfb, {}, [@NFSD_A_SERVER_LEASETIME={0x8}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x800}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x10, 0x70bd2c, 0x25dfdbfd, {0xa, 0x0, 0xa00}}, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}}, 0x84)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

617.368358ms ago: executing program 0 (id=3440):
open(&(0x7f0000000000)='./file0\x00', 0xa61c2, 0x84)
socket(0xa, 0x801, 0x84)
bind$auto(0x3, &(0x7f0000000000), 0x68)
connect$auto(0x3, &(0x7f0000000000), 0x55)
select$auto(0x87, &(0x7f0000000040)={[0xc71, 0x4f4, 0x7, 0x7, 0x100000001, 0x0, 0xfff, 0x0, 0xfffffffffffffff9, 0x8001, 0x9, 0x7fff, 0x4000000000002, 0x4, 0xffffffffffffffff, 0xc]}, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
get_robust_list$auto(0x0, 0x0, 0x0)
lsm_list_modules$auto(0x0, 0x0, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0x0)
socket(0xa, 0x2, 0x0)
r0 = getpgid(0x0)
pidfd_open$auto(r0, 0x0)
getsockopt$auto(0xffffffffffffffff, 0x9, 0x3, &(0x7f0000000100)='ns/time_for_children\x00', &(0x7f0000000140)=0x7)
syz_open_procfs$namespace(r0, &(0x7f00000000c0)='ns/time_for_children\x00')
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x15, 0x5, 0x0)
fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d)
sendfile$auto(0x6, 0x3, 0x0, 0xfdef)
ioperm$auto(0x8, 0x0, 0x3)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f0000002040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x1c, 0x0, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@TIPC_NLA_BEARER={0x8, 0x1, 0x0, 0x1, [@nested={0x4, 0x1}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x44}, 0x0)
lstat$auto(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)={0x3, 0x1000, 0x4, 0x4, <r2=>0x0, 0x0, 0x0, 0x5, 0x8, 0x2, 0xfffffffffffffffb, 0xc732, 0x81, 0x3, 0x8, 0x7fffffffffffffff, 0x4})
sendmsg$auto_TIPC_NL_NODE_GET(r1, &(0x7f00000009c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000980)={&(0x7f0000000a00)={0x698, 0x0, 0x200, 0x70bd26, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x296, 0x1, 0x0, 0x1, [@typed={0x8, 0x1a, 0x0, 0x0, @ipv4=@loopback}, @generic="ba3d248a629ac456131cc5d443646eb2b11e174925267a242c9bf10fcf1433ebf00e62d2e09b35ad0def0401d192b17fdef2208bcc58b24184e1b946a8605d7cf1b7e9e624ade5a5cbd4adbb8dd4a28a5f271a84bf993845aedd201f4d731970b0592fb4e543f1e9a098cb1eef71f4a3f2cf9b9809d6a1176c22d091f7c89d69f5ba93af54a046a337655f2d4cecc365b2e5902da102", @generic="af221a48ca9931e55b8920bcc26ca58e01e67f15961c5e2ba5e68a6ede8c046fa487038f3ddf6c8a16777798131a3d35e86cd6aa4e9e01b2af5e5adecf334670eeb0b951", @typed={0x4, 0x109}, @nested={0x177, 0x113, 0x0, 0x1, [@typed={0x2f, 0x8a, 0x0, 0x0, @binary="020d73928ab71bec0e307b48dfc9e04e85a0e998312066f5aa796f1c17a69f4935cd4f254f0293b7999116"}, @typed={0x8, 0x66, 0x0, 0x0, @uid=r2}, @generic="daa5c6d4a0046fa2c3a84d50eeb60490efe85a4b8260f28ae512391e9ab1ae471c7e1bdfb60730", @generic="73d82710f2ed34f25b9e55c3ff9bcaec6ef1eecdfc0ab4c7c421598afe29089233bcf8a1767071c771e04a69cf7d0ec7f422c5cdd32cd21d6e717f9b3571f6f09a405c0f04bafb9c057352a01acf01855aa9851917f8271f79e894a8d5caf5ae67cfadaf1d0fde40f5588a3883b2cab9166ad44237ef8438c77170501262d62d3d79c1d0cb3e8dc4a7c96c299e0b405082648a1b6c42325d50612061bc5b9893fdf30264cc9ecf542bc0b4a456f870656f0709bf6da17d014f32667793fc1b8b9d3ccfcebf5a7322564dc1a2446e667df59f04393687f5852e6d0820a3c31440214587155ef9e674de0b837d258ef036c1bd0147e6b97633da43eb1a", @nested={0x4, 0x26}, @typed={0x14, 0xf, 0x0, 0x0, @ipv6=@local}]}, @nested={0x8, 0x10d, 0x0, 0x1, [@nested={0x4, 0x97}]}, @generic="65a2532b972d3433176e4c4f4e93a5e4524e6ab45d9ab0a973e12423390134d006cb73867b530fb643a93b0d"]}, @TIPC_NLA_NODE={0x10c, 0x6, 0x0, 0x1, [@nested={0xdf, 0xea, 0x0, 0x1, [@typed={0x8, 0x17, 0x0, 0x0, @u32=0x1c}, @nested={0x4, 0x49}, @nested={0x4, 0xa8}, @typed={0x14, 0x72, 0x0, 0x0, @ipv6=@dev={0xfe, 0x80, '\x00', 0x40}}, @generic="57cbda2c77af399d3d37311cc31f56be774d356c62f4b115499e7806cb809b698220bc85fcef938fba6b426c4d229ba98f6607f58e344cd2e7bd0af813009272638f75d252569067f9ddbf8caa82fce6706c1e75ca0c5072c9cfe54cd3fb8b62d2e66424fc3848e37ce01216ea5c2fe0be7396f459265a1c2a6eb27cea091185f4de418faca3df9d1818fb37cf718b0a98d4ab6fc1be231a1ba6e31a80877fb67861d73561cdc37f03fcb1d0dcb6905f7a1132a236740d"]}, @typed={0x14, 0xac, 0x0, 0x0, @ipv6=@private0}, @typed={0x14, 0xcc, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}, @TIPC_NLA_NAME_TABLE={0x2de, 0x8, 0x0, 0x1, [@generic="d68e173353602f805e079e877d488c4e2ab9ca702d5488a97fd9589c8bce63d04b5b9faec8a07cca08e376544d0a602c96d0dadf7ee74c5a47105cb977e1f7fa000026795f8558818dfd3f92f10bb9948392b33968545f86a9d031f4eb08d32eb3f9364c65b6cc8500"/114, @nested={0x90, 0xe8, 0x0, 0x1, [@typed={0x14, 0xe2, 0x0, 0x0, @ipv6=@private1}, @generic="634e222df2d966e27fb0997518b23c3a863841aaf08303e2fd714ec55f5660f6a70119761aa598a156cfcee967b37711e2abae7d0e88bd639ba6827c24620260594d5aca6ad0a371528c69aad3e9504402c2fbe9dc3753d336e9d051dbdabc60a390a8ac84c62ad5be8f8dbce5e58682", @nested={0x4, 0x1d}, @nested={0x4, 0x91}]}, @nested={0x8, 0xfe, 0x0, 0x1, [@typed={0x4, 0x4f}]}, @nested={0x1cd, 0x1c, 0x0, 0x1, [@nested={0x4, 0x52}, @typed={0x19, 0x116, 0x0, 0x0, @str='ns/time_for_children\x00'}, @generic="b77fbb3f562b394a2132df01b20d183dc57be7adb8a1832d49c56760734ce6aaaadba2d31cba7eaf4b62bc9fed86cafce23fae3794b9fec133c7838b505df8aa3d3ce3e98cb01396ebdf6e43292f84f4a988a8d4ea3a578af87032be21ad1c60580aa8948bd9a91a6bf3ac6035e3447203bc64a895ed7ba6322ea7f6f546f3474e3355d9bd9d5134c86e8ad54c27b3fb672f5ff2dca84fce472d5d44ec7b4a8d384b", @generic="68d14ff587a8c734abf112859a9ad646ac15c57f5cc868745c4e22d723df13c945671680ca9480969d21dce0499fadeed6327c1521767cf3765ffe401adc03215fc02b9ddc1798b5d47b7b4ea4c489d42759a787ed0bdf", @nested={0x4, 0x83}, @generic="52727c1b71ce88e9732f01f016ef8d202fefe57ce6147f25413b8739e1110d3ef926188cb4ffc25941e311a8df86a77dcfd5f5454497299f18d69789b62ec5da7c93dcbd69c8d13f81cb940f011c9eae6e0b4760f99427d144f6f200a9c001e492a75920b4df360d68bb51277c64aa9c5682cc970334b37908ffedff63ee81a07009e35fac31ccb97c23a342db41353a6423bcd239035e8a504ad5de4c10c369", @typed={0x8, 0x5a, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x10}}, @nested={0x4, 0x66}]}]}]}, 0x698}, 0x1, 0x0, 0x0, 0x20000004}, 0x40000)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan0\x00'})
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0004, 0x19)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
io_uring_setup$auto(0x7, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)

557.804501ms ago: executing program 3 (id=3441):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2b, 0x1, 0x1)
setsockopt$auto(r0, 0x29, 0x20, 0x0, 0x24) (fail_nth: 1)

185.501498ms ago: executing program 3 (id=3442):
mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1, 0x8e051, 0xffffffffffffffff, 0x0)
mmap$auto(0x0, 0x9, 0x40, 0x8000000008012, 0x3, 0x8000)

80.55471ms ago: executing program 3 (id=3443):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2b, 0x1, 0x1)
setsockopt$auto(r0, 0x29, 0x1, 0x0, 0x25)
mmap$auto(0x8cc, 0x3, 0x80, 0x12, 0x1, 0x7)

0s ago: executing program 0 (id=3444):
r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000480)='/dev/video18\x00', 0x802, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
landlock_create_ruleset$auto(&(0x7f0000000000)={0x100, 0x400000000000401, 0x9}, 0x9, 0x0)
landlock_restrict_self$auto(r1, 0x0)
r2 = socket(0xa, 0x801, 0x84)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000001c0), r3)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x3, 0x6)
sendmsg$auto_NL80211_CMD_GET_INTERFACE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000700)={0x1c, r4, 0xb01, 0x709d27, 0x25dfdbfc, {}, [@NL80211_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000001}, 0x4000084)
mprotect$auto(0x1ffff000, 0x8800000000000001, 0xd)
connect$auto(r2, &(0x7f00000000c0), 0x5)
write$auto_v4l2_fops_v4l2_dev(r0, &(0x7f00000004c0)="c9432739b5580773d9", 0x9)

kernel console output (not intermixed with test programs):

ed disabled state
[  172.315859][ T7790] netlink: 12 bytes leftover after parsing attributes in process `syz.3.507'.
[  173.601952][ T7788] kexec: Could not allocate control_code_buffer
[  173.721289][ T7810] FAULT_INJECTION: forcing a failure.
[  173.721289][ T7810] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  173.767719][ T7810] CPU: 1 UID: 0 PID: 7810 Comm: syz.3.512 Not tainted 6.13.0-rc2-syzkaller-00130-g150b567e0d57 #0
[  173.778358][ T7810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  173.788442][ T7810] Call Trace:
[  173.791743][ T7810]  <TASK>
[  173.794704][ T7810]  dump_stack_lvl+0x16c/0x1f0
[  173.799435][ T7810]  should_fail_ex+0x497/0x5b0
[  173.804165][ T7810]  _copy_from_user+0x2e/0xd0
[  173.808818][ T7810]  copy_msghdr_from_user+0x99/0x160
[  173.814068][ T7810]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  173.819922][ T7810]  ? __lock_acquire+0xcc5/0x3c40
[  173.824931][ T7810]  ___sys_sendmsg+0xff/0x1e0
[  173.829564][ T7810]  ? __pfx____sys_sendmsg+0x10/0x10
[  173.834843][ T7810]  ? trace_lock_acquire+0x14e/0x1f0
[  173.840116][ T7810]  __sys_sendmmsg+0x201/0x420
[  173.844848][ T7810]  ? __pfx___sys_sendmmsg+0x10/0x10
[  173.850117][ T7810]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  173.856149][ T7810]  ? fput+0x67/0x440
[  173.860094][ T7810]  ? ksys_write+0x1ba/0x250
[  173.864643][ T7810]  ? __pfx_ksys_write+0x10/0x10
[  173.869560][ T7810]  __x64_sys_sendmmsg+0x9c/0x100
[  173.874554][ T7810]  ? lockdep_hardirqs_on+0x7c/0x110
[  173.879787][ T7810]  do_syscall_64+0xcd/0x250
[  173.884337][ T7810]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.890271][ T7810] RIP: 0033:0x7faea8785d19
[  173.894723][ T7810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  173.914383][ T7810] RSP: 002b:00007faea9667038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  173.922842][ T7810] RAX: ffffffffffffffda RBX: 00007faea8975fa0 RCX: 00007faea8785d19
[  173.930846][ T7810] RDX: 0000000000000003 RSI: 0000000020000080 RDI: 0000000000000003
[  173.938857][ T7810] RBP: 00007faea9667090 R08: 0000000000000000 R09: 0000000000000000
[  173.946864][ T7810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  173.954956][ T7810] R13: 0000000000000000 R14: 00007faea8975fa0 R15: 00007ffecfb92bf8
[  173.962980][ T7810]  </TASK>
[  173.966135][    C1] vkms_vblank_simulate: vblank timer overrun
[  174.429675][ T7834] netlink: 334 bytes leftover after parsing attributes in process `syz.0.518'.
[  174.683171][ T7826] netlink: 334 bytes leftover after parsing attributes in process `syz.0.518'.
[  175.171064][ T7819] kexec: Could not allocate control_code_buffer
[  176.061644][   T29] audit: type=1800 audit(1734076316.155:10): pid=7870 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.527" name="discovery_nqn" dev="configfs" ino=16114 res=0 errno=0
[  177.019123][   T29] audit: type=1326 audit(1734076317.125:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7885 comm="syz.2.534" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd3df985d19 code=0x0
[  177.289888][ T7880] kexec: Could not allocate control_code_buffer
[  178.067540][ T7899] netlink: 4 bytes leftover after parsing attributes in process `syz.2.537'.
[  179.751453][ T7909] kexec: Could not allocate control_code_buffer
[  180.375408][ T7934] netlink: 28 bytes leftover after parsing attributes in process `syz.3.551'.
[  181.773221][ T7957] netlink: 2 bytes leftover after parsing attributes in process `syz.1.558'.
[  181.818596][ T7957] nbd: must specify a device to reconfigure
[  182.075112][ T7941] kexec: Could not allocate control_code_buffer
[  182.216295][ T7961] netlink: 4 bytes leftover after parsing attributes in process `syz.3.560'.
[  184.810676][ T7996] kexec: Could not allocate control_code_buffer
[  187.689099][ T8047] kexec: Could not allocate control_code_buffer
[  190.557544][ T8102] nbd: must specify a size in bytes for the device
[  192.137832][ T8104] kexec: Could not allocate control_code_buffer
[  194.574270][ T8138] program syz.2.614 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  194.977220][ T8150] kexec: Could not allocate control_code_buffer
[  195.373107][ T8182] netlink: 28 bytes leftover after parsing attributes in process `syz.0.626'.
[  195.484584][ T8182] veth0_macvtap: left promiscuous mode
[  197.128519][ T8188] kexec: Could not allocate control_code_buffer
[  198.624201][ T8208] kexec: Could not allocate control_code_buffer
[  198.690139][ T8226] Process accounting resumed
[  199.432057][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  199.438508][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  199.824459][ T8245] netlink: 338 bytes leftover after parsing attributes in process `syz.1.643'.
[  199.913606][ T8247] netlink: 338 bytes leftover after parsing attributes in process `syz.1.643'.
[  200.120325][ T8251] netlink: 130 bytes leftover after parsing attributes in process `syz.1.643'.
[  200.830516][ T8241] kexec: Could not allocate control_code_buffer
[  201.892421][ T8268] netlink: 326 bytes leftover after parsing attributes in process `syz.3.656'.
[  203.511077][ T8265] kexec: Could not allocate control_code_buffer
[  205.049051][ T8329] ptrace attach of "./syz-executor exec"[5824] was attempted by ""[8329]
[  205.088863][ T8329] netlink: 28 bytes leftover after parsing attributes in process `syz.1.664'.
[  205.116107][ T8331] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  205.147166][ T8331] CIFS mount error: No usable UNC path provided in device string!
[  205.147166][ T8331] 
[  205.157953][ T8331] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  206.248757][ T8326] kexec: Could not allocate control_code_buffer
[  206.373539][ T8352] GUP no longer grows the stack in syz.3.672 (8352): 14000-401000 (4000)
[  206.385020][ T8352] CPU: 1 UID: 0 PID: 8352 Comm: syz.3.672 Not tainted 6.13.0-rc2-syzkaller-00130-g150b567e0d57 #0
[  206.395656][ T8352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  206.405755][ T8352] Call Trace:
[  206.409063][ T8352]  <TASK>
[  206.412025][ T8352]  dump_stack_lvl+0x16c/0x1f0
[  206.416829][ T8352]  gup_vma_lookup+0x1d2/0x220
[  206.421570][ T8352]  __get_user_pages+0x236/0x3b50
[  206.426583][ T8352]  ? hlock_class+0x4e/0x130
[  206.431149][ T8352]  ? __lock_acquire+0x15a9/0x3c40
[  206.433707][ T8363] netlink: 28 bytes leftover after parsing attributes in process `syz.1.675'.
[  206.436216][ T8352]  ? __pfx___get_user_pages+0x10/0x10
[  206.450543][ T8352]  __gup_longterm_locked+0x211/0x1870
[  206.455978][ T8352]  ? __pfx___lock_acquire+0x10/0x10
[  206.461264][ T8352]  ? __pfx___gup_longterm_locked+0x10/0x10
[  206.467138][ T8352]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  206.472832][ T8352]  ? rwsem_read_trylock+0x12d/0x250
[  206.478083][ T8352]  ? __pfx_rwsem_read_trylock+0x10/0x10
[  206.483684][ T8352]  ? process_vm_rw_core.constprop.0+0x3ff/0x9c0
[  206.490003][ T8352]  pin_user_pages_remote+0xee/0x150
[  206.495271][ T8352]  ? __pfx_pin_user_pages_remote+0x10/0x10
[  206.501147][ T8352]  ? down_read+0xc9/0x330
[  206.505559][ T8352]  process_vm_rw_core.constprop.0+0x42b/0x9c0
[  206.511720][ T8352]  ? futex_wait_queue+0x101/0x1f0
[  206.516791][ T8352]  ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10
[  206.523450][ T8352]  process_vm_rw+0x301/0x360
[  206.528099][ T8352]  ? __pfx_process_vm_rw+0x10/0x10
[  206.533262][ T8352]  ? up_write+0x1b2/0x520
[  206.537629][ T8352]  ? __pfx___do_sys_mremap+0x10/0x10
[  206.542957][ T8352]  ? xfd_validate_state+0x5d/0x180
[  206.548106][ T8352]  ? arch_syscall_is_vdso_sigreturn+0xb6/0x230
[  206.554321][ T8352]  __x64_sys_process_vm_readv+0xe2/0x1c0
[  206.560090][ T8352]  ? syscall_trace_enter+0x5e/0x260
[  206.565328][ T8352]  do_syscall_64+0xcd/0x250
[  206.569865][ T8352]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.575792][ T8352] RIP: 0033:0x7faea8785d19
[  206.580231][ T8352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  206.599873][ T8352] RSP: 002b:00007faea9667038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136
[  206.608315][ T8352] RAX: ffffffffffffffda RBX: 00007faea8975fa0 RCX: 00007faea8785d19
[  206.616310][ T8352] RDX: 0000000000000004 RSI: 0000000020000040 RDI: 00000000000002a9
[  206.624300][ T8352] RBP: 00007faea8801a20 R08: 0000000000000006 R09: 0000000000000000
[  206.632310][ T8352] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000
[  206.640302][ T8352] R13: 0000000000000000 R14: 00007faea8975fa0 R15: 00007ffecfb92bf8
[  206.648306][ T8352]  </TASK>
[  207.933683][ T8390] ptrace attach of "./syz-executor exec"[5825] was attempted by "./syz-executor exec"[8390]
[  207.986501][ T8390] ptrace attach of "./syz-executor exec"[5825] was attempted by "./syz-executor exec"[8390]
[  208.030762][ T5841] Bluetooth: hci3: unexpected event 0x03 length: 72 > 11
[  209.119178][ T8388] kexec: Could not allocate control_code_buffer
[  209.364111][ T8407] netlink: 8 bytes leftover after parsing attributes in process `syz.0.688'.
[  210.717883][ T8444] dlm: non-version read from control device 0
[  211.571705][ T5142] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  211.585780][ T5142] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  211.594275][ T5142] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  211.605310][ T5142] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  211.613307][ T5142] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  211.620662][ T5142] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  212.095670][ T8460] chnl_net:caif_netlink_parms(): no params data found
[  212.108403][ T8442] kexec: Could not allocate control_code_buffer
[  212.202893][ T8460] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.210471][ T8460] bridge0: port 1(bridge_slave_0) entered disabled state
[  212.225303][ T8460] bridge_slave_0: entered allmulticast mode
[  212.237138][ T8460] bridge_slave_0: entered promiscuous mode
[  212.245596][ T8460] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.261760][ T8460] bridge0: port 2(bridge_slave_1) entered disabled state
[  212.282809][ T8460] bridge_slave_1: entered allmulticast mode
[  212.293495][ T8460] bridge_slave_1: entered promiscuous mode
[  212.348921][ T8460] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  212.372730][ T8460] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  212.416633][ T8460] team0: Port device team_slave_0 added
[  212.426292][ T8460] team0: Port device team_slave_1 added
[  212.429612][ T5142] Bluetooth: hci1: unexpected event 0x31 length: 59 > 6
[  212.433399][ T8480] netlink: 326 bytes leftover after parsing attributes in process `syz.2.710'.
[  212.481104][ T8460] batman_adv: batadv0: Adding interface: batadv_slave_0
[  212.489571][ T8460] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  212.545485][ T8460] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  212.572594][ T8460] batman_adv: batadv0: Adding interface: batadv_slave_1
[  212.588699][ T8460] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  212.615779][ T8460] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  212.733133][ T8460] hsr_slave_0: entered promiscuous mode
[  212.739739][ T8460] hsr_slave_1: entered promiscuous mode
[  212.747141][ T8460] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  212.755510][ T8460] Cannot create hsr debugfs directory
[  213.064328][ T8460] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  213.094081][ T8460] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  213.125095][ T8460] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  213.318250][ T8460] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  213.550332][ T8460] 8021q: adding VLAN 0 to HW filter on device bond0
[  213.610791][ T8460] 8021q: adding VLAN 0 to HW filter on device team0
[  213.655258][ T6388] bridge0: port 1(bridge_slave_0) entered blocking state
[  213.662458][ T6388] bridge0: port 1(bridge_slave_0) entered forwarding state
[  213.701003][ T6388] bridge0: port 2(bridge_slave_1) entered blocking state
[  213.708192][ T6388] bridge0: port 2(bridge_slave_1) entered forwarding state
[  213.722664][ T5142] Bluetooth: hci0: command tx timeout
[  214.370582][ T8460] 8021q: adding VLAN 0 to HW filter on device batadv0
[  214.700593][ T8501] kexec: Could not allocate control_code_buffer
[  215.018333][ T8460] veth0_vlan: entered promiscuous mode
[  215.039356][ T8460] veth1_vlan: entered promiscuous mode
[  215.112338][ T8460] veth0_macvtap: entered promiscuous mode
[  215.139861][ T8460] veth1_macvtap: entered promiscuous mode
[  215.178524][ T8525] svc: failed to register nfsdv3 RPC service (errno 111).
[  215.188423][ T8460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.208231][ T8525] svc: failed to register nfsaclv3 RPC service (errno 111).
[  215.216047][ T8460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.246958][ T8460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.258938][ T8460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.275558][ T8460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.286435][ T8460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.302760][ T8460] batman_adv: batadv0: Interface activated: batadv_slave_0
[  215.329535][ T8460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  215.354657][ T8460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.375215][ T8460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  215.397490][ T8460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.418265][ T8460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  215.448029][ T8460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.470308][ T8460] batman_adv: batadv0: Interface activated: batadv_slave_1
[  215.495034][ T8460] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  215.515274][ T8460] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  215.533104][ T8460] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  215.552173][ T8460] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  215.692544][ T6388] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  215.712312][ T6388] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  215.722732][ T8525] syz.0.718 (8525) used greatest stack depth: 20368 bytes left
[  215.783845][ T6386] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  215.791708][ T5142] Bluetooth: hci0: command tx timeout
[  215.821520][ T6386] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  215.906093][ T8529] netlink: 8 bytes leftover after parsing attributes in process `syz.0.721'.
[  216.094670][ T8535] netlink: 4 bytes leftover after parsing attributes in process `syz.4.701'.
[  216.513214][ T8545] nbd: must specify an index to disconnect
[  217.197381][ T8575] HSR: entered promiscuous mode
[  217.601726][ T8587] netlink: 20 bytes leftover after parsing attributes in process `syz.3.736'.
[  217.766285][ T8599] netlink: 4 bytes leftover after parsing attributes in process `syz.0.737'.
[  217.871984][ T5142] Bluetooth: hci0: command tx timeout
[  217.901134][ T8557] kexec: Could not allocate control_code_buffer
[  219.033792][ T8651] ACPI: Can not change Invalid GPE/Fixed Event status
[  219.961599][ T5142] Bluetooth: hci0: command tx timeout
[  220.831009][ T8656] kexec: Could not allocate control_code_buffer
[  221.335187][ T8696] delete_channel: no stack
[  222.298513][ T8725] block mtdblock0: the capability attribute has been deprecated.
[  224.054488][ T8729] kexec: Could not allocate control_code_buffer
[  225.442120][ T8781] workqueue: name exceeds WQ_NAME_LEN. Truncating to:  ‡BþPÆ®ŽCŸß*x$åÁ›ý”‹YµË]R&ñv
[  225.819035][ T8790] nfsd: Unknown parameter 'nfsd'
[  225.985001][ T8799] netlink: 4 bytes leftover after parsing attributes in process `syz.3.794'.
[  225.996922][ T8799] netlink: 4 bytes leftover after parsing attributes in process `syz.3.794'.
[  226.596321][ T8775] kexec: Could not allocate control_code_buffer
[  228.333945][ T8813] kexec: Could not allocate control_code_buffer
[  230.616960][ T8866] nbd: must specify at least one socket
[  230.857705][ T8886] 
[  231.138138][ T8898] netlink: 'syz.0.821': attribute type 46 has an invalid length.
[  233.083675][ T8953] tipc: Started in network mode
[  233.123313][ T8953] tipc: Node identity ee00, cluster identity 4711
[  233.129792][ T8953] tipc: Node number set to 60928
[  233.204742][ T5142] Bluetooth: hci2: unexpected event 0x34 length: 64 > 6
[  234.245658][ T8971] futex_wake_op: syz.2.841 tries to shift op by 64; fix this program
[  234.595505][ T8995] netlink: 28 bytes leftover after parsing attributes in process `syz.3.847'.
[  235.009825][ T8997] ptrace attach of "./syz-executor exec"[5828] was attempted by "./syz-executor exec"[8997]
[  235.839272][ T9021] netlink: 4 bytes leftover after parsing attributes in process `syz.4.852'.
[  236.603879][ T5841] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  236.615651][ T5841] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  236.623474][ T5841] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  236.631412][ T5841] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  236.642798][ T5841] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  236.651716][ T5841] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  237.044240][ T9012] kexec: Could not allocate control_code_buffer
[  237.130829][ T9034] chnl_net:caif_netlink_parms(): no params data found
[  237.399323][ T9034] bridge0: port 1(bridge_slave_0) entered blocking state
[  237.412142][ T9034] bridge0: port 1(bridge_slave_0) entered disabled state
[  237.429230][ T9034] bridge_slave_0: entered allmulticast mode
[  237.441415][ T9034] bridge_slave_0: entered promiscuous mode
[  237.459151][ T9034] bridge0: port 2(bridge_slave_1) entered blocking state
[  237.476741][ T9034] bridge0: port 2(bridge_slave_1) entered disabled state
[  237.511067][ T9034] bridge_slave_1: entered allmulticast mode
[  237.532634][ T9034] bridge_slave_1: entered promiscuous mode
[  237.616971][ T9063] netlink: 8 bytes leftover after parsing attributes in process `syz.4.865'.
[  237.659844][ T9034] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  237.689410][ T9034] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  237.879665][ T9034] team0: Port device team_slave_0 added
[  237.896182][ T9034] team0: Port device team_slave_1 added
[  237.997961][ T9034] batman_adv: batadv0: Adding interface: batadv_slave_0
[  238.012269][ T9034] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  238.042292][ T9034] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  238.100014][ T9034] batman_adv: batadv0: Adding interface: batadv_slave_1
[  238.107193][ T9034] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  238.153247][ T9034] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  238.394775][ T9034] hsr_slave_0: entered promiscuous mode
[  238.414585][ T9034] hsr_slave_1: entered promiscuous mode
[  238.430843][ T9034] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  238.448298][ T9034] Cannot create hsr debugfs directory
[  238.671657][ T5142] Bluetooth: hci3: command tx timeout
[  239.198257][ T9034] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  239.224874][ T9034] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  239.272030][ T9034] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  239.335380][ T9034] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  239.652097][ T9091] kernel read not supported for file /#)-\&[} (pid: 9091 comm: syz.3.872)
[  239.741574][   T29] audit: type=1800 audit(1734076379.775:12): pid=9091 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.872" name="#)-\&[}" dev="mqueue" ino=13630 res=0 errno=0
[  239.777709][ T9034] 8021q: adding VLAN 0 to HW filter on device bond0
[  239.857590][ T9034] 8021q: adding VLAN 0 to HW filter on device team0
[  240.174503][ T6386] bridge0: port 1(bridge_slave_0) entered blocking state
[  240.181666][ T6386] bridge0: port 1(bridge_slave_0) entered forwarding state
[  240.190710][ T9085] kexec: Could not allocate control_code_buffer
[  240.198838][ T6386] bridge0: port 2(bridge_slave_1) entered blocking state
[  240.205969][ T6386] bridge0: port 2(bridge_slave_1) entered forwarding state
[  240.334812][ T9034] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  240.768395][ T5142] Bluetooth: hci3: command tx timeout
[  241.148334][ T9034] 8021q: adding VLAN 0 to HW filter on device batadv0
[  241.425092][ T9116] netlink: 12 bytes leftover after parsing attributes in process `syz.3.878'.
[  241.832317][ T9034] veth0_vlan: entered promiscuous mode
[  241.990386][ T9034] veth1_vlan: entered promiscuous mode
[  242.085454][ T9034] veth0_macvtap: entered promiscuous mode
[  242.115352][ T9034] veth1_macvtap: entered promiscuous mode
[  242.158844][ T9034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  242.181544][ T9034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.205315][ T9034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  242.220432][ T9034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.238193][ T9034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  242.261182][ T9034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.273493][ T9034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  242.292197][ T9034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.313745][ T9034] batman_adv: batadv0: Interface activated: batadv_slave_0
[  242.338937][ T9034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  242.356362][ T9034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.401505][ T9034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  242.441491][ T9034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.454699][ T9034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  242.511540][ T9034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.521402][ T9034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  242.560760][ T9034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.588258][ T9034] batman_adv: batadv0: Interface activated: batadv_slave_1
[  242.610212][ T9034] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  242.631976][ T9034] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  242.661091][ T9034] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  242.669980][ T9034] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  242.831719][ T5142] Bluetooth: hci3: command tx timeout
[  242.866060][ T6386] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  242.874102][ T6386] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  242.903514][ T6387] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  242.912685][ T6387] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  244.921624][ T5142] Bluetooth: hci3: command tx timeout
[  246.168103][ T9229] netlink: 342 bytes leftover after parsing attributes in process `syz.3.902'.
[  246.301966][ T9233] netlink: 4 bytes leftover after parsing attributes in process `syz.0.904'.
[  248.133924][ T9277] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  248.238776][ T9281] netlink: 28 bytes leftover after parsing attributes in process `syz.3.918'.
[  248.477563][ T9281] bond0: (slave bond_slave_1): Releasing backup interface
[  249.589945][ T9310] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  249.830660][ T9312] can: request_module (can-proto-0) failed.
[  253.301765][ T9350] kexec: Could not allocate control_code_buffer
[  255.582192][ T9412] random: crng reseeded on system resumption
[  259.118982][ T9448] netlink: 4 bytes leftover after parsing attributes in process `syz.0.963'.
[  260.834105][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  260.840560][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  265.167083][   T29] audit: type=1804 audit(1734076405.275:13): pid=9527 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.981" name="#)-\&[}" dev="mqueue" ino=22385 res=1 errno=0
[  265.187936][ T9527] kernel read not supported for file /#)-\&[} (pid: 9527 comm: syz.4.981)
[  265.278661][   T29] audit: type=1804 audit(1734076405.385:15): pid=9528 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.981" name="#)-\&[}" dev="mqueue" ino=22385 res=1 errno=0
[  265.361559][   T29] audit: type=1804 audit(1734076405.415:16): pid=9528 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.981" name="#)-\&[}" dev="mqueue" ino=22385 res=1 errno=0
[  265.424279][   T29] audit: type=1800 audit(1734076405.385:14): pid=9527 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.981" name="#)-\&[}" dev="mqueue" ino=22385 res=0 errno=0
[  268.129040][ T9575] sock: sock_timestamping_bind_phc: sock not bind to device
[  272.980038][ T9605] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1001'.
[  273.029805][ T9605] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1001'.
[  273.214542][ T9609] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1003'.
[  282.165261][ T9714] kexec: Could not allocate control_code_buffer
[  282.363071][ T9726] netlink: 322 bytes leftover after parsing attributes in process `syz.4.1035'.
[  287.146983][ T9756] kexec: Could not allocate control_code_buffer
[  287.628729][ T9765] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  287.679027][ T9765] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  287.988525][ T9777] Invalid ELF header magic: != ELF
[  288.190161][ T9772] Process accounting resumed
[  290.223483][ T9843] netlink: 330 bytes leftover after parsing attributes in process `syz.5.1058'.
[  291.757529][ T9843] kexec: Could not allocate control_code_buffer
[  292.814986][ T9873] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1082'.
[  294.796520][ T9902] netlink: 'syz.5.1092': attribute type 2 has an invalid length.
[  294.938262][ T9899] kexec: Could not allocate control_code_buffer
[  295.023577][ T9909] netlink: 'syz.0.1095': attribute type 1 has an invalid length.
[  295.395194][ T9921] netlink: 130 bytes leftover after parsing attributes in process `syz.0.1098'.
[  295.728397][ T9931] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1101'.
[  295.752767][ T9931] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1101'.
[  297.096937][ T9938] kexec: Could not allocate control_code_buffer
[  298.819641][T10010] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1122'.
[  300.942779][T10031] kexec: Could not allocate control_code_buffer
[  301.032307][T10058] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1137'.
[  301.059081][T10058] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1137'.
[  302.926783][T10103] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1152'.
[  303.708826][T10117] netlink: 4763 bytes leftover after parsing attributes in process `syz.0.1155'.
[  306.560252][T10172] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1167'.
[  306.638159][T10176] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1167'.
[  306.720819][T10174] can: request_module (can-proto-0) failed.
[  307.393518][T10193] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  308.062440][T10209] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1181'.
[  308.084679][T10209] netlink: 'syz.5.1181': attribute type 9 has an invalid length.
[  308.131492][T10209] netlink: 330 bytes leftover after parsing attributes in process `syz.5.1181'.

syzkaller
syzkaller login: [  311.922484][T10295] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1203'.
[  312.024987][T10295] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1203'.
[  313.122574][T10312] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1207'.
[  316.900399][T10360] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1221'.
[  317.587330][T10382] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1226'.
[  318.458667][T10382] bond0: (slave bond_slave_1): Releasing backup interface
[  319.431866][T10421] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  319.451523][T10421] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  321.170122][   T29] audit: type=1800 audit(1734273069.272:17): pid=10479 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1249" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0
[  322.282353][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  322.288776][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  323.067742][T10507] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1259'.
[  328.047785][T10591] zero sized request
[  328.234501][T10595] Process accounting resumed
[  328.568831][T10601] nbd: must specify at least one socket
[  329.632165][T10632] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  329.726368][T10632] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  330.777345][T10655] FAULT_INJECTION: forcing a failure.
[  330.777345][T10655] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  330.819075][T10655] CPU: 1 UID: 0 PID: 10655 Comm: syz.3.1298 Not tainted 6.13.0-rc2-syzkaller-00130-g150b567e0d57 #0
[  330.829896][T10655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  330.839981][T10655] Call Trace:
[  330.843291][T10655]  <TASK>
[  330.846248][T10655]  dump_stack_lvl+0x16c/0x1f0
[  330.850976][T10655]  should_fail_ex+0x497/0x5b0
[  330.855698][T10655]  _copy_from_iter+0x4a5/0x1400
[  330.860586][T10655]  ? __pfx__copy_from_iter+0x10/0x10
[  330.865902][T10655]  ? aa_file_perm+0x4c6/0xfe0
[  330.870598][T10655]  ? __pfx_lock_release+0x10/0x10
[  330.875658][T10655]  ? trace_lock_acquire+0x14e/0x1f0
[  330.880885][T10655]  vhost_chr_write_iter+0xc5/0x1080
[  330.886102][T10655]  ? aa_file_perm+0x4d5/0xfe0
[  330.890796][T10655]  ? __pfx_vhost_chr_write_iter+0x10/0x10
[  330.896538][T10655]  ? copy_iovec_from_user+0x138/0x170
[  330.901940][T10655]  do_iter_readv_writev+0x532/0x7f0
[  330.907169][T10655]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  330.912915][T10655]  ? bpf_lsm_file_permission+0x9/0x10
[  330.918315][T10655]  ? security_file_permission+0x71/0x210
[  330.923972][T10655]  vfs_writev+0x363/0xdd0
[  330.928319][T10655]  ? find_held_lock+0x2d/0x110
[  330.933118][T10655]  ? __pfx_vfs_writev+0x10/0x10
[  330.937985][T10655]  ? find_held_lock+0x2d/0x110
[  330.942792][T10655]  ? __pfx_lock_release+0x10/0x10
[  330.947855][T10655]  ? trace_lock_acquire+0x14e/0x1f0
[  330.953121][T10655]  ? __fget_files+0x206/0x3a0
[  330.957830][T10655]  ? do_writev+0x133/0x340
[  330.962275][T10655]  do_writev+0x133/0x340
[  330.966537][T10655]  ? __pfx_do_writev+0x10/0x10
[  330.971336][T10655]  do_syscall_64+0xcd/0x250
[  330.975875][T10655]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  330.981820][T10655] RIP: 0033:0x7faea8785d19
[  330.986255][T10655] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  331.005873][T10655] RSP: 002b:00007faea9667038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  331.014301][T10655] RAX: ffffffffffffffda RBX: 00007faea8975fa0 RCX: 00007faea8785d19
[  331.022282][T10655] RDX: 0000000000000007 RSI: 0000000020002bc0 RDI: 0000000000000004
[  331.030259][T10655] RBP: 00007faea9667090 R08: 0000000000000000 R09: 0000000000000000
[  331.038244][T10655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  331.046230][T10655] R13: 0000000000000000 R14: 00007faea8975fa0 R15: 00007ffecfb92bf8
[  331.054230][T10655]  </TASK>
[  333.089097][ T5837] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  333.102485][ T5837] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  333.111763][ T5837] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  333.154203][ T5837] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  333.174129][ T5837] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  333.189478][ T5837] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  333.554902][T10683] FAULT_INJECTION: forcing a failure.
[  333.554902][T10683] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  333.568486][T10683] CPU: 1 UID: 0 PID: 10683 Comm: syz.3.1309 Not tainted 6.13.0-rc2-syzkaller-00130-g150b567e0d57 #0
[  333.579304][T10683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  333.589389][T10683] Call Trace:
[  333.592695][T10683]  <TASK>
[  333.595644][T10683]  dump_stack_lvl+0x16c/0x1f0
[  333.600361][T10683]  should_fail_ex+0x497/0x5b0
[  333.605095][T10683]  _copy_to_user+0x32/0xd0
[  333.609555][T10683]  simple_read_from_buffer+0xd0/0x160
[  333.614970][T10683]  proc_fail_nth_read+0x198/0x270
[  333.620021][T10683]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  333.625608][T10683]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  333.631183][T10683]  vfs_read+0x1df/0xbe0
[  333.635364][T10683]  ? __fget_files+0x1fc/0x3a0
[  333.640068][T10683]  ? __pfx___mutex_lock+0x10/0x10
[  333.645116][T10683]  ? __pfx_vfs_read+0x10/0x10
[  333.649821][T10683]  ? __fget_files+0x206/0x3a0
[  333.654530][T10683]  ksys_read+0x12b/0x250
[  333.658793][T10683]  ? __pfx_ksys_read+0x10/0x10
[  333.663585][T10683]  do_syscall_64+0xcd/0x250
[  333.668141][T10683]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.674061][T10683] RIP: 0033:0x7faea878472c
[  333.678509][T10683] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  333.698131][T10683] RSP: 002b:00007faea9667030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  333.706564][T10683] RAX: ffffffffffffffda RBX: 00007faea8975fa0 RCX: 00007faea878472c
[  333.714571][T10683] RDX: 000000000000000f RSI: 00007faea96670a0 RDI: 0000000000000005
[  333.722567][T10683] RBP: 00007faea9667090 R08: 0000000000000000 R09: 0000000000000000
[  333.730558][T10683] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  333.738548][T10683] R13: 0000000000000000 R14: 00007faea8975fa0 R15: 00007ffecfb92bf8
[  333.746554][T10683]  </TASK>
[  333.788265][T10676] chnl_net:caif_netlink_parms(): no params data found
[  334.341148][T10676] bridge0: port 1(bridge_slave_0) entered blocking state
[  334.372109][T10676] bridge0: port 1(bridge_slave_0) entered disabled state
[  334.382910][T10676] bridge_slave_0: entered allmulticast mode
[  334.389959][T10676] bridge_slave_0: entered promiscuous mode
[  334.417620][T10676] bridge0: port 2(bridge_slave_1) entered blocking state
[  334.424893][T10676] bridge0: port 2(bridge_slave_1) entered disabled state
[  334.432270][T10676] bridge_slave_1: entered allmulticast mode
[  334.439282][T10676] bridge_slave_1: entered promiscuous mode
[  334.513400][T10676] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  334.536279][T10676] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  334.601538][ T5837] Bluetooth: hci0: command 0x0406 tx timeout
[  334.656342][T10676] team0: Port device team_slave_0 added
[  334.704074][T10676] team0: Port device team_slave_1 added
[  334.812100][T10676] batman_adv: batadv0: Adding interface: batadv_slave_0
[  334.819088][T10676] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  334.908553][T10676] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  334.972715][T10676] batman_adv: batadv0: Adding interface: batadv_slave_1
[  334.979702][T10676] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  335.030623][T10676] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  335.101383][T10718] netlink: 580 bytes leftover after parsing attributes in process `syz.4.1316'.
[  335.235163][T10676] hsr_slave_0: entered promiscuous mode
[  335.264927][T10676] hsr_slave_1: entered promiscuous mode
[  335.282617][T10676] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  335.296378][T10676] Cannot create hsr debugfs directory
[  335.311721][ T5142] Bluetooth: hci3: command tx timeout
[  335.428812][T10733] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1321'.
[  335.486797][T10737] nbd: must specify at least one socket
[  335.737974][T10676] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  335.755713][T10676] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  335.772976][T10676] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  335.812030][T10676] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  335.876190][T10736] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1320'.
[  336.131278][T10676] 8021q: adding VLAN 0 to HW filter on device bond0
[  336.177996][T10676] 8021q: adding VLAN 0 to HW filter on device team0
[  336.222275][ T6380] bridge0: port 1(bridge_slave_0) entered blocking state
[  336.230298][ T6380] bridge0: port 1(bridge_slave_0) entered forwarding state
[  336.292694][ T6386] bridge0: port 2(bridge_slave_1) entered blocking state
[  336.299848][ T6386] bridge0: port 2(bridge_slave_1) entered forwarding state
[  337.274123][T10774] can: request_module (can-proto-0) failed.
[  337.412020][ T5142] Bluetooth: hci3: command tx timeout
[  337.439748][T10676] 8021q: adding VLAN 0 to HW filter on device batadv0
[  338.284075][T10800] delete_channel: no stack
[  338.403098][T10801] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1334'.
[  338.519504][T10676] veth0_vlan: entered promiscuous mode
[  338.548258][T10676] veth1_vlan: entered promiscuous mode
[  338.619974][T10676] veth0_macvtap: entered promiscuous mode
[  338.630081][T10676] veth1_macvtap: entered promiscuous mode
[  338.670390][T10676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  338.700209][T10676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.742251][T10676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  338.778328][T10676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.788417][T10676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  338.811315][T10676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.849974][T10676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  338.888463][T10676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.909883][T10676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  338.940717][T10676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.963497][T10676] batman_adv: batadv0: Interface activated: batadv_slave_0
[  339.007816][T10676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  339.020748][T10676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.037892][T10676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  339.059766][T10676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.092350][T10676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  339.109748][T10676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.120199][T10676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  339.138796][T10676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.167123][T10676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  339.193011][T10676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.218847][T10676] batman_adv: batadv0: Interface activated: batadv_slave_1
[  339.249213][T10676] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  339.271293][T10676] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  339.290517][T10676] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  339.300628][T10676] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  339.482022][ T5142] Bluetooth: hci3: command tx timeout
[  339.556347][ T6381] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  339.564302][ T6381] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  339.713740][ T6380] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  339.732523][ T6380] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  341.552489][ T5142] Bluetooth: hci3: command tx timeout
[  347.652576][   T29] audit: type=1107 audit(3622.940:18): pid=10944 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='@'
[  351.083682][T10993] netlink: 'syz.4.1380': attribute type 9 has an invalid length.
[  351.141678][T10993] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1380'.
[  352.210552][T11000] FAULT_INJECTION: forcing a failure.
[  352.210552][T11000] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  352.977152][T11000] CPU: 0 UID: 0 PID: 11000 Comm: syz.4.1383 Not tainted 6.13.0-rc2-syzkaller-00130-g150b567e0d57 #0
[  352.987978][T11000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  352.998071][T11000] Call Trace:
[  353.001372][T11000]  <TASK>
[  353.004332][T11000]  dump_stack_lvl+0x16c/0x1f0
[  353.009059][T11000]  should_fail_ex+0x497/0x5b0
[  353.013793][T11000]  _copy_from_user+0x2e/0xd0
[  353.018434][T11000]  do_sock_getsockopt+0x319/0x870
[  353.023505][T11000]  ? trace_lock_acquire+0x140/0x1f0
[  353.028752][T11000]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  353.034361][T11000]  ? lock_acquire+0x2f/0xb0
[  353.038913][T11000]  ? __fget_files+0x40/0x3a0
[  353.043554][T11000]  ? __fget_files+0x206/0x3a0
[  353.048285][T11000]  __sys_getsockopt+0x12f/0x260
[  353.053203][T11000]  __x64_sys_getsockopt+0xbd/0x160
[  353.058379][T11000]  ? do_syscall_64+0x91/0x250
[  353.063108][T11000]  ? lockdep_hardirqs_on+0x7c/0x110
[  353.068368][T11000]  do_syscall_64+0xcd/0x250
[  353.072963][T11000]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.078929][T11000] RIP: 0033:0x7f8b4cd85d19
[  353.083377][T11000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  353.103027][T11000] RSP: 002b:00007f8b4dc5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  353.111502][T11000] RAX: ffffffffffffffda RBX: 00007f8b4cf76080 RCX: 00007f8b4cd85d19
[  353.119513][T11000] RDX: 0000000000000023 RSI: 0000000000000006 RDI: 0000000000000005
[  353.127526][T11000] RBP: 00007f8b4dc5f090 R08: 0000000020000100 R09: 0000000000000000
[  353.135538][T11000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  353.143549][T11000] R13: 0000000000000000 R14: 00007f8b4cf76080 R15: 00007ffe12444dc8
[  353.151582][T11000]  </TASK>
[  355.406538][T11035] netlink: 326 bytes leftover after parsing attributes in process `syz.3.1393'.
[  355.544408][T11036] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1393'.
[  355.986140][T11042] kmem.tcp.limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  356.642462][T11053] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1400'.
[  358.593259][T11087] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1413'.
[  358.762682][   T29] audit: type=1326 audit(3634.060:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11086 comm="syz.6.1413" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3c7a785d19 code=0x0
[  359.344632][T11096] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1414'.
[  363.456721][T11161] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1432'.
[  365.974788][T11206] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  365.991846][T11206] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  366.340493][T11215] Invalid ELF header magic: != ELF
[  366.802281][T11213] capability: warning: `syz.4.1445' uses 32-bit capabilities (legacy support in use)
[  367.843562][T11238] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1452'.
[  367.872751][T11238] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1452'.
[  367.903267][T11238] netlink: 134 bytes leftover after parsing attributes in process `syz.4.1452'.
[  372.494233][T11325] openvswitch: netlink: Flow key attr not present in new flow.
[  373.855814][T11354] cgroup: fork rejected by pids controller in /syz3
[  377.192453][T11533] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1496'.
[  377.248852][T11538] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1496'.
[  383.719244][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  383.732510][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  384.949518][T11627] lo: entered allmulticast mode
[  384.960622][T11627] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1512'.
[  385.282714][T11627] lo: left allmulticast mode
[  385.743387][T11637] netlink: 146 bytes leftover after parsing attributes in process `syz.6.1516'.
[  392.687494][T11705] netlink: 326 bytes leftover after parsing attributes in process `syz.6.1538'.
[  394.203103][T11723] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1544'.
[  395.972247][T11738] ptrace attach of "./syz-executor exec"[8460] was attempted by "./syz-executor exec"[11738]
[  401.808866][T11798] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1566'.
[  412.006855][T11885] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1586'.
[  423.230727][T11944] ubi0: attaching mtd0
[  423.253880][T11944] ubi0: scanning is finished
[  423.273650][T11944] ubi0: empty MTD device detected
[  423.702285][T11944] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[  423.720652][T11944] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  423.749398][T11944] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[  423.774798][T11944] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[  423.801687][T11944] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  423.824557][T11944] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[  423.855485][T11944] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1606355553
[  423.895609][T11944] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  423.928296][T11951] ubi0: background thread "ubi_bgt0d" started, PID 11951
[  428.272994][T11970] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1606'.
[  439.072528][T12048] netlink: 342 bytes leftover after parsing attributes in process `syz.6.1624'.
[  441.199520][T11377] syz.3.1484 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  441.483310][T11377] CPU: 1 UID: 0 PID: 11377 Comm: syz.3.1484 Not tainted 6.13.0-rc2-syzkaller-00130-g150b567e0d57 #0
[  441.494157][T11377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  441.504252][T11377] Call Trace:
[  441.507556][T11377]  <TASK>
[  441.510518][T11377]  dump_stack_lvl+0x16c/0x1f0
[  441.515257][T11377]  dump_header+0x101/0x900
[  441.519731][T11377]  oom_kill_process+0x270/0xa60
[  441.524629][T11377]  ? mem_cgroup_out_of_memory+0x8d/0x270
[  441.530302][T11377]  out_of_memory+0x351/0x1700
[  441.535041][T11377]  ? __pfx_out_of_memory+0x10/0x10
[  441.540196][T11377]  ? rcu_read_unlock+0x17/0x60
[  441.545012][T11377]  ? find_held_lock+0x2d/0x110
[  441.549831][T11377]  mem_cgroup_out_of_memory+0x207/0x270
[  441.555413][T11377]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  441.561620][T11377]  ? do_raw_spin_unlock+0x172/0x230
[  441.566957][T11377]  try_charge_memcg+0x54c/0xaf0
[  441.571869][T11377]  ? __pfx_try_charge_memcg+0x10/0x10
[  441.577285][T11377]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[  441.582794][T11377]  ? get_mem_cgroup_from_mm+0x87/0x5f0
[  441.588281][T11377]  ? get_mem_cgroup_from_mm+0x131/0x5f0
[  441.593848][T11377]  __mem_cgroup_charge+0x9b/0x280
[  441.598899][T11377]  shmem_alloc_and_add_folio+0x507/0xc00
[  441.604555][T11377]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  441.610474][T11377]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  441.616643][T11377]  ? shmem_huge_global_enabled+0x176/0x250
[  441.622479][T11377]  ? shmem_allowable_huge_orders+0xcd/0x3e0
[  441.628408][T11377]  shmem_get_folio_gfp+0x689/0x1530
[  441.633640][T11377]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  441.639291][T11377]  ? find_held_lock+0x2d/0x110
[  441.644099][T11377]  shmem_write_begin+0x161/0x300
[  441.649076][T11377]  ? __pfx_shmem_write_begin+0x10/0x10
[  441.654554][T11377]  ? timestamp_truncate+0x21f/0x2e0
[  441.659787][T11377]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1270
[  441.666682][T11377]  generic_perform_write+0x2ba/0x920
[  441.672001][T11377]  ? __pfx_generic_perform_write+0x10/0x10
[  441.677835][T11377]  ? inode_needs_update_time.part.0+0x191/0x270
[  441.684136][T11377]  shmem_file_write_iter+0x10e/0x140
[  441.689458][T11377]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  441.695306][T11377]  __kernel_write_iter+0x318/0xa80
[  441.700465][T11377]  ? __pfx___kernel_write_iter+0x10/0x10
[  441.706125][T11377]  ? get_dump_page+0x15b/0x230
[  441.710926][T11377]  ? __pfx___might_resched+0x10/0x10
[  441.716246][T11377]  dump_user_range+0x389/0x8c0
[  441.721059][T11377]  ? __pfx_dump_user_range+0x10/0x10
[  441.726374][T11377]  ? elf_coredump_extra_notes_write+0xbe/0x430
[  441.732558][T11377]  ? __pfx_writenote+0x10/0x10
[  441.737351][T11377]  elf_core_dump+0x2787/0x3880
[  441.742147][T11377]  ? __pfx_elf_core_dump+0x10/0x10
[  441.747275][T11377]  ? irqentry_exit+0x3b/0x90
[  441.751914][T11377]  ? rwsem_wake.isra.0+0xbe/0x120
[  441.756981][T11377]  ? rcu_is_watching+0x12/0xc0
[  441.761770][T11377]  ? trace_lock_acquire+0x14e/0x1f0
[  441.766996][T11377]  ? __pfx_sort+0x10/0x10
[  441.771365][T11377]  ? get_signal+0x23f3/0x2610
[  441.776090][T11377]  ? do_coredump+0x2dd5/0x43e0
[  441.780882][T11377]  do_coredump+0x2dd5/0x43e0
[  441.785525][T11377]  ? __pfx_do_coredump+0x10/0x10
[  441.790493][T11377]  ? irqentry_exit_to_user_mode+0x13f/0x280
[  441.796471][T11377]  get_signal+0x23f3/0x2610
[  441.801007][T11377]  ? __pfx_get_signal+0x10/0x10
[  441.805880][T11377]  ? __pfx_force_sig_fault+0x10/0x10
[  441.811199][T11377]  arch_do_signal_or_restart+0x90/0x7e0
[  441.816771][T11377]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  441.822959][T11377]  ? trace_irq_disable.constprop.0+0xea/0x140
[  441.829054][T11377]  irqentry_exit_to_user_mode+0x13f/0x280
[  441.834795][T11377]  asm_exc_invalid_op+0x1a/0x20
[  441.839665][T11377] RIP: 0033:0x0
[  441.843136][T11377] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[  441.850508][T11377] RSP: 002b:000000000000000a EFLAGS: 00010217
[  441.856609][T11377] RAX: 0000000000000000 RBX: 00007faea8976160 RCX: 00007faea8785d19
[  441.864597][T11377] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46
[  441.872617][T11377] RBP: 00007faea8801a20 R08: 0000000000000002 R09: 0000000000000000
[  441.880611][T11377] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  441.888596][T11377] R13: 0000000000000001 R14: 00007faea8976160 R15: 00007ffecfb92bf8
[  441.896596][T11377]  </TASK>
[  442.292678][T11377] memory: usage 307200kB, limit 307200kB, failcnt 17006
[  442.299786][T11377] memory+swap: usage 432080kB, limit 9007199254740988kB, failcnt 0
[  442.307799][T11377] kmem: usage 5596kB, limit 9007199254740988kB, failcnt 0
[  442.314999][T11377] Memory cgroup stats for /syz3:
[  442.315363][T11377] cache 308408320
[  442.324044][T11377] rss 327680
[  442.327278][T11377] rss_huge 0
[  442.330771][T11377] shmem 308404224
[  442.334489][T11377] mapped_file 0
[  442.337978][T11377] dirty 0
[  442.340935][T11377] writeback 0
[  442.344323][T11377] workingset_refault_anon 5410
[  442.349109][T11377] workingset_refault_file 4182
[  442.353964][T11377] swap 127877120
[  442.357536][T11377] swapcached 106496
[  442.361720][T11377] pgpgin 1012169
[  442.365301][T11377] pgpgout 944433
[  442.368863][T11377] pgfault 426347
[  442.372748][T11377] pgmajfault 931
[  442.376311][T11377] inactive_anon 15917056
[  442.380569][T11377] active_anon 292921344
[  442.385292][T11377] inactive_file 4096
[  442.389210][T11377] active_file 0
[  442.393187][T11377] unevictable 0
[  442.396671][T11377] hierarchical_memory_limit 314572800
[  442.402502][T11377] hierarchical_memsw_limit 9223372036854771712
[  442.408682][T11377] total_cache 308408320
[  442.413139][T11377] total_rss 327680
[  442.416883][T11377] total_rss_huge 0
[  442.420631][T11377] total_shmem 308404224
[  442.424978][T11377] total_mapped_file 0
[  442.429015][T11377] total_dirty 0
[  442.432686][T11377] total_writeback 0
[  442.436516][T11377] total_workingset_refault_anon 5410
[  442.442026][T11377] total_workingset_refault_file 4182
[  442.447337][T11377] total_swap 127877120
[  442.451461][T11377] total_swapcached 106496
[  442.455814][T11377] total_pgpgin 1012169
[  442.459908][T11377] total_pgpgout 944433
[  442.464067][T11377] total_pgfault 426347
[  442.468153][T11377] total_pgmajfault 931
[  442.472299][T11377] total_inactive_anon 15917056
[  442.477082][T11377] total_active_anon 292921344
[  442.481847][T11377] total_inactive_file 4096
[  442.486685][T11377] total_active_file 0
[  442.490696][T11377] total_unevictable 0
[  442.494927][T11377] anon_cost 0
[  442.498231][T11377] file_cost 0
[  442.501626][T11377] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.1484,pid=11382,uid=0
[  442.519056][T11377] Memory cgroup out of memory: Killed process 11382 (syz.3.1484) total-vm:102632kB, anon-rss:968kB, file-rss:23252kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  443.253198][   T29] audit: type=1107 audit(200326.519:20): pid=12059 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='@'
[  444.957643][   T31] oom_reaper: reaped process 11382 (syz.3.1484), now anon-rss:0kB, file-rss:20672kB, shmem-rss:0kB
[  445.191932][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  445.198526][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  445.886251][T11375] syz.3.1484 (11375) used greatest stack depth: 19264 bytes left
[  446.471679][T11382] syz.3.1484 (11382) used greatest stack depth: 18816 bytes left
[  446.500331][T11359] syz.3.1484 (11359) used greatest stack depth: 18768 bytes left
[  450.760908][   T29] audit: type=1107 audit(200334.049:21): pid=12109 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='@'
[  452.548609][T12141] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  457.712844][ T5142] Bluetooth: hci3: command 0x0406 tx timeout
[  458.492824][T12226] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1669'.
[  459.251832][T12243] lo: entered allmulticast mode
[  459.289176][T12243] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1679'.
[  459.627840][T12243] lo: left allmulticast mode
[  461.920987][T12304] Ignoring unsupported numa_zonelist_order value:  
[  461.920987][T12304] 
[  466.774335][T12370] Invalid ELF header magic: != ELF
[  466.872647][T12378] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1715'.
[  468.499401][T12407] netlink: 146 bytes leftover after parsing attributes in process `syz.0.1723'.
[  469.383870][T12402] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1723'.
[  471.908083][T12472] netlink: 'syz.3.1739': attribute type 4 has an invalid length.
[  486.351303][T12668] kexec: Could not allocate control_code_buffer
[  492.396642][ T5837] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  492.408865][ T5837] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  492.419289][ T5837] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  492.439969][ T5837] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  492.448275][ T5837] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  492.456655][ T5837] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  493.120997][T12794] chnl_net:caif_netlink_parms(): no params data found
[  493.652801][T12794] bridge0: port 1(bridge_slave_0) entered blocking state
[  493.659935][T12794] bridge0: port 1(bridge_slave_0) entered disabled state
[  493.667195][T12794] bridge_slave_0: entered allmulticast mode
[  493.674270][T12794] bridge_slave_0: entered promiscuous mode
[  493.682768][T12794] bridge0: port 2(bridge_slave_1) entered blocking state
[  493.690244][T12794] bridge0: port 2(bridge_slave_1) entered disabled state
[  493.697963][T12794] bridge_slave_1: entered allmulticast mode
[  493.705029][T12794] bridge_slave_1: entered promiscuous mode
[  493.813586][T12794] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  493.838290][T12794] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  494.014883][T12816] netlink: 342 bytes leftover after parsing attributes in process `syz.6.1840'.
[  494.053901][T12794] team0: Port device team_slave_0 added
[  494.095589][T12794] team0: Port device team_slave_1 added
[  494.185292][T12794] batman_adv: batadv0: Adding interface: batadv_slave_0
[  494.201902][T12794] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  494.271561][T12794] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  494.294218][T12794] batman_adv: batadv0: Adding interface: batadv_slave_1
[  494.319941][T12794] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  494.363007][T12794] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  494.511616][ T5837] Bluetooth: hci2: command tx timeout
[  494.555257][T12794] hsr_slave_0: entered promiscuous mode
[  494.587382][T12794] hsr_slave_1: entered promiscuous mode
[  494.621714][T12794] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  494.629316][T12794] Cannot create hsr debugfs directory
[  495.000094][T12832] program syz.6.1846 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  495.040106][T12832] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  495.269856][T12794] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  495.660536][T12794] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  496.053220][T12794] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  496.291792][T12794] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  496.576328][T12794] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  496.591488][ T5837] Bluetooth: hci2: command tx timeout
[  496.630008][T12794] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  496.674085][T12794] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  496.704992][T12794] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  496.929905][T12794] 8021q: adding VLAN 0 to HW filter on device bond0
[  496.980175][T12794] 8021q: adding VLAN 0 to HW filter on device team0
[  497.014115][ T6386] bridge0: port 1(bridge_slave_0) entered blocking state
[  497.021258][ T6386] bridge0: port 1(bridge_slave_0) entered forwarding state
[  497.047841][ T6386] bridge0: port 2(bridge_slave_1) entered blocking state
[  497.055041][ T6386] bridge0: port 2(bridge_slave_1) entered forwarding state
[  497.533833][T12794] 8021q: adding VLAN 0 to HW filter on device batadv0
[  497.644898][T12794] veth0_vlan: entered promiscuous mode
[  497.674660][T12794] veth1_vlan: entered promiscuous mode
[  497.750108][T12794] veth0_macvtap: entered promiscuous mode
[  497.777317][T12794] veth1_macvtap: entered promiscuous mode
[  497.819211][T12794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  497.865191][T12794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  497.885651][T12794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  497.906379][T12794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  497.931437][T12794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  497.951800][T12794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  497.971413][T12794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  497.991513][T12794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  498.009865][T12794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  498.035097][T12794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  498.055429][T12794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  498.071421][T12794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  498.094247][T12794] batman_adv: batadv0: Interface activated: batadv_slave_0
[  498.104455][T12794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  498.129425][T12794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  498.159499][T12794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  498.186133][T12794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  498.211491][T12794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  498.230809][T12794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  498.251311][T12794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  498.265003][T12794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  498.275516][T12794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  498.286508][T12794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  498.297743][T12794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  498.319505][T12794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  498.330610][T12794] batman_adv: batadv0: Interface activated: batadv_slave_1
[  498.454706][T12794] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  498.463504][T12794] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  498.472369][T12794] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  498.481091][T12794] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  498.671727][ T5837] Bluetooth: hci2: command tx timeout
[  498.684113][T12864] kexec: Could not allocate control_code_buffer
[  498.819618][ T6388] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  498.847576][ T6388] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  498.968546][ T6388] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  498.999778][ T6388] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  500.737201][T12932] netlink: 'syz.3.1869': attribute type 1 has an invalid length.
[  500.752219][ T5837] Bluetooth: hci2: command tx timeout
[  500.830532][T12932] netlink: 'syz.3.1869': attribute type 1 has an invalid length.
[  500.881304][T12932] netlink: 'syz.3.1869': attribute type 1 has an invalid length.
[  500.930298][T12932] netlink: 'syz.3.1869': attribute type 1 has an invalid length.
[  500.950532][T12932] netlink: 'syz.3.1869': attribute type 1 has an invalid length.
[  500.990079][T12932] netlink: 'syz.3.1869': attribute type 1 has an invalid length.
[  501.019109][T12932] netlink: 'syz.3.1869': attribute type 1 has an invalid length.
[  501.068868][T12932] netlink: 'syz.3.1869': attribute type 1 has an invalid length.
[  501.098003][T12932] netlink: 'syz.3.1869': attribute type 1 has an invalid length.
[  501.131761][T12932] netlink: 'syz.3.1869': attribute type 1 has an invalid length.
[  502.879020][T12942] kexec: Could not allocate control_code_buffer
[  503.126571][T12982] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1885'.
[  503.144354][T12982] ü: renamed from team0 (while UP)
[  505.127276][T12990] kexec: Could not allocate control_code_buffer
[  506.601846][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  506.608183][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  507.295898][T13015] kexec: Could not allocate control_code_buffer
[  511.519212][T13135] validate_nla: 55 callbacks suppressed
[  511.519234][T13135] netlink: 'syz.6.1931': attribute type 2 has an invalid length.
[  512.975074][T13194] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1942'.
[  513.200698][   T29] audit: type=1107 audit(200396.489:22): pid=13202 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  513.542542][T13206] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1946'.
[  514.177891][T13226] FAULT_INJECTION: forcing a failure.
[  514.177891][T13226] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  514.191705][T13226] CPU: 1 UID: 0 PID: 13226 Comm: syz.3.1953 Not tainted 6.13.0-rc2-syzkaller-00130-g150b567e0d57 #0
[  514.202527][T13226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  514.212619][T13226] Call Trace:
[  514.215920][T13226]  <TASK>
[  514.218876][T13226]  dump_stack_lvl+0x16c/0x1f0
[  514.223608][T13226]  should_fail_ex+0x497/0x5b0
[  514.228337][T13226]  _copy_from_user+0x2e/0xd0
[  514.232976][T13226]  copy_msghdr_from_user+0x99/0x160
[  514.238226][T13226]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  514.244102][T13226]  ___sys_sendmsg+0xff/0x1e0
[  514.248741][T13226]  ? __pfx____sys_sendmsg+0x10/0x10
[  514.253996][T13226]  ? __pfx_lock_release+0x10/0x10
[  514.259063][T13226]  ? trace_lock_acquire+0x14e/0x1f0
[  514.264304][T13226]  ? __fget_files+0x206/0x3a0
[  514.269014][T13226]  __sys_sendmsg+0x16e/0x220
[  514.273636][T13226]  ? __pfx___sys_sendmsg+0x10/0x10
[  514.278792][T13226]  do_syscall_64+0xcd/0x250
[  514.283323][T13226]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  514.289237][T13226] RIP: 0033:0x7ff4dab85d19
[  514.293664][T13226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  514.313308][T13226] RSP: 002b:00007ff4dba50038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  514.321744][T13226] RAX: ffffffffffffffda RBX: 00007ff4dad75fa0 RCX: 00007ff4dab85d19
[  514.329731][T13226] RDX: 0000000000000010 RSI: 0000000020000100 RDI: 0000000000000003
[  514.337714][T13226] RBP: 00007ff4dba50090 R08: 0000000000000000 R09: 0000000000000000
[  514.345698][T13226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  514.353687][T13226] R13: 0000000000000000 R14: 00007ff4dad75fa0 R15: 00007ffc5f3baa38
[  514.361689][T13226]  </TASK>
[  516.342903][T13240] kexec: Could not allocate control_code_buffer
[  516.413013][T13278] FAULT_INJECTION: forcing a failure.
[  516.413013][T13278] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  516.428817][T13278] CPU: 1 UID: 0 PID: 13278 Comm: syz.6.1970 Not tainted 6.13.0-rc2-syzkaller-00130-g150b567e0d57 #0
[  516.439629][T13278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  516.449714][T13278] Call Trace:
[  516.453016][T13278]  <TASK>
[  516.455973][T13278]  dump_stack_lvl+0x16c/0x1f0
[  516.460722][T13278]  should_fail_ex+0x497/0x5b0
[  516.465453][T13278]  _copy_to_user+0x32/0xd0
[  516.469910][T13278]  simple_read_from_buffer+0xd0/0x160
[  516.475330][T13278]  proc_fail_nth_read+0x198/0x270
[  516.480405][T13278]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  516.485989][T13278]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  516.491576][T13278]  vfs_read+0x1df/0xbe0
[  516.495759][T13278]  ? __fget_files+0x1fc/0x3a0
[  516.500465][T13278]  ? __pfx___mutex_lock+0x10/0x10
[  516.505520][T13278]  ? __pfx_vfs_read+0x10/0x10
[  516.510234][T13278]  ? __fget_files+0x206/0x3a0
[  516.514950][T13278]  ksys_read+0x12b/0x250
[  516.519221][T13278]  ? __pfx_ksys_read+0x10/0x10
[  516.524026][T13278]  do_syscall_64+0xcd/0x250
[  516.528564][T13278]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  516.534491][T13278] RIP: 0033:0x7f3c7a78472c
[  516.538929][T13278] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  516.558556][T13278] RSP: 002b:00007f3c7b538030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  516.566990][T13278] RAX: ffffffffffffffda RBX: 00007f3c7a975fa0 RCX: 00007f3c7a78472c
[  516.574974][T13278] RDX: 000000000000000f RSI: 00007f3c7b5380a0 RDI: 0000000000000004
[  516.582957][T13278] RBP: 00007f3c7b538090 R08: 0000000000000000 R09: 0000000000000000
[  516.590935][T13278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  516.598912][T13278] R13: 0000000000000000 R14: 00007f3c7a975fa0 R15: 00007ffea4eacf98
[  516.606905][T13278]  </TASK>
[  519.336974][T13357] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1995'.
[  520.771853][T13393] netlink: 326 bytes leftover after parsing attributes in process `syz.4.2010'.
[  521.977888][T13426] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2024'.
[  526.106566][T13503] kexec: Could not allocate control_code_buffer
[  526.481894][T13533] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2063'.
[  526.552139][T13533] netdevsim netdevsim3 netdevsim2: entered allmulticast mode
[  527.213231][   T29] audit: type=1107 audit(200410.509:23): pid=13544 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  528.517199][T13578] netlink: 93 bytes leftover after parsing attributes in process `syz.6.2078'.
[  528.686147][T13564] kexec: Could not allocate control_code_buffer
[  534.103367][T13667] kexec: Could not allocate control_code_buffer
[  536.911771][   T29] audit: type=1107 audit(200420.199:24): pid=13747 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  538.259796][T13768] netlink: 'syz.6.2132': attribute type 1 has an invalid length.
[  538.418439][T13754] kexec: Could not allocate control_code_buffer
[  540.357342][   T29] audit: type=1107 audit(200423.639:25): pid=13792 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  541.059539][T13817] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2146'.
[  541.441965][T13817] bond0: (slave bond_slave_1): Releasing backup interface
[  545.674541][   T29] audit: type=1107 audit(200428.969:26): pid=13893 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  548.327234][T13907] kexec: Could not allocate control_code_buffer
[  552.019126][T13957] kexec: Could not allocate control_code_buffer
[  553.820774][T14001] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2206'.
[  554.241956][T14004] FAULT_INJECTION: forcing a failure.
[  554.241956][T14004] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  554.273356][T14004] CPU: 0 UID: 0 PID: 14004 Comm: syz.3.2207 Not tainted 6.13.0-rc2-syzkaller-00130-g150b567e0d57 #0
[  554.284193][T14004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  554.294291][T14004] Call Trace:
[  554.297602][T14004]  <TASK>
[  554.300563][T14004]  dump_stack_lvl+0x16c/0x1f0
[  554.305303][T14004]  should_fail_ex+0x497/0x5b0
[  554.310055][T14004]  _copy_from_user+0x2e/0xd0
[  554.314721][T14004]  move_addr_to_kernel+0x68/0x160
[  554.319790][T14004]  __sys_connect+0xb0/0x170
[  554.324345][T14004]  ? __pfx___sys_connect+0x10/0x10
[  554.329513][T14004]  ? __pfx_ksys_write+0x10/0x10
[  554.334419][T14004]  __x64_sys_connect+0x72/0xb0
[  554.339229][T14004]  ? lockdep_hardirqs_on+0x7c/0x110
[  554.344483][T14004]  do_syscall_64+0xcd/0x250
[  554.349041][T14004]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  554.354991][T14004] RIP: 0033:0x7ff4dab85d19
[  554.359441][T14004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  554.379092][T14004] RSP: 002b:00007ff4dba50038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  554.387551][T14004] RAX: ffffffffffffffda RBX: 00007ff4dad75fa0 RCX: 00007ff4dab85d19
[  554.395560][T14004] RDX: 0000000000000054 RSI: 0000000000000000 RDI: 0000000000000003
[  554.403564][T14004] RBP: 00007ff4dba50090 R08: 0000000000000000 R09: 0000000000000000
[  554.411571][T14004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  554.419580][T14004] R13: 0000000000000000 R14: 00007ff4dad75fa0 R15: 00007ffc5f3baa38
[  554.427610][T14004]  </TASK>
[  557.216406][T14058] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2223'.
[  557.937820][T14051] kexec: Could not allocate control_code_buffer
[  558.309671][T14068] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2226'.
[  558.449027][   T29] audit: type=1800 audit(200441.739:27): pid=14076 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2228" name="lu_gp_id" dev="configfs" ino=41420 res=0 errno=0
[  558.806417][T14084] FAULT_INJECTION: forcing a failure.
[  558.806417][T14084] name failslab, interval 1, probability 0, space 0, times 0
[  558.980991][T14084] CPU: 0 UID: 0 PID: 14084 Comm: syz.4.2229 Not tainted 6.13.0-rc2-syzkaller-00130-g150b567e0d57 #0
[  558.991832][T14084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  559.002006][T14084] Call Trace:
[  559.005310][T14084]  <TASK>
[  559.008279][T14084]  dump_stack_lvl+0x16c/0x1f0
[  559.012997][T14084]  should_fail_ex+0x497/0x5b0
[  559.017718][T14084]  ? fs_reclaim_acquire+0xae/0x150
[  559.022872][T14084]  should_failslab+0xc2/0x120
[  559.027595][T14084]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  559.033462][T14084]  ? __alloc_skb+0x2b3/0x380
[  559.038096][T14084]  __alloc_skb+0x2b3/0x380
[  559.042533][T14084]  ? __pfx___alloc_skb+0x10/0x10
[  559.047490][T14084]  ? tcp_set_state+0x14c/0x870
[  559.052291][T14084]  tcp_send_active_reset+0x8b/0x840
[  559.057507][T14084]  ? mark_lock+0xb5/0xc60
[  559.061865][T14084]  tcp_disconnect+0x155f/0x1ee0
[  559.066739][T14084]  __inet_stream_connect+0x245/0x1020
[  559.072143][T14084]  ? find_held_lock+0x2d/0x110
[  559.076929][T14084]  ? __pfx___inet_stream_connect+0x10/0x10
[  559.082764][T14084]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  559.088154][T14084]  ? __pfx_inet_stream_connect+0x10/0x10
[  559.093811][T14084]  ? mark_held_locks+0x9f/0xe0
[  559.098606][T14084]  ? __local_bh_enable_ip+0xa4/0x120
[  559.103914][T14084]  ? __pfx_inet_stream_connect+0x10/0x10
[  559.109573][T14084]  inet_stream_connect+0x57/0xa0
[  559.114539][T14084]  __sys_connect_file+0x13e/0x1a0
[  559.119588][T14084]  __sys_connect+0x14f/0x170
[  559.124199][T14084]  ? __pfx___sys_connect+0x10/0x10
[  559.129340][T14084]  ? __pfx_ksys_write+0x10/0x10
[  559.134215][T14084]  __x64_sys_connect+0x72/0xb0
[  559.138992][T14084]  ? lockdep_hardirqs_on+0x7c/0x110
[  559.144210][T14084]  do_syscall_64+0xcd/0x250
[  559.148741][T14084]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  559.154660][T14084] RIP: 0033:0x7f8b4cd85d19
[  559.159091][T14084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  559.178718][T14084] RSP: 002b:00007f8b4dc80038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  559.187150][T14084] RAX: ffffffffffffffda RBX: 00007f8b4cf75fa0 RCX: 00007f8b4cd85d19
[  559.195138][T14084] RDX: 0000000000000054 RSI: 0000000000000000 RDI: 0000000000000003
[  559.203124][T14084] RBP: 00007f8b4dc80090 R08: 0000000000000000 R09: 0000000000000000
[  559.211108][T14084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  559.219096][T14084] R13: 0000000000000000 R14: 00007f8b4cf75fa0 R15: 00007ffe12444dc8
[  559.227098][T14084]  </TASK>
[  559.550343][T14098] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2241'.
[  559.620180][   T29] audit: type=1107 audit(200442.889:28): pid=14096 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  560.338705][T14110] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2236'.
[  560.968796][T14100] kexec: Could not allocate control_code_buffer
[  562.925153][T14134] kexec: Could not allocate control_code_buffer
[  563.042566][T14162] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2253'.
[  563.276338][T14168] FAULT_INJECTION: forcing a failure.
[  563.276338][T14168] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  563.331910][T14168] CPU: 0 UID: 0 PID: 14168 Comm: syz.3.2254 Not tainted 6.13.0-rc2-syzkaller-00130-g150b567e0d57 #0
[  563.342762][T14168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  563.352849][T14168] Call Trace:
[  563.356151][T14168]  <TASK>
[  563.359124][T14168]  dump_stack_lvl+0x16c/0x1f0
[  563.363859][T14168]  should_fail_ex+0x497/0x5b0
[  563.368587][T14168]  _copy_to_user+0x32/0xd0
[  563.373066][T14168]  simple_read_from_buffer+0xd0/0x160
[  563.378502][T14168]  proc_fail_nth_read+0x198/0x270
[  563.383578][T14168]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  563.389203][T14168]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  563.394809][T14168]  vfs_read+0x1df/0xbe0
[  563.399014][T14168]  ? __fget_files+0x1fc/0x3a0
[  563.403745][T14168]  ? __pfx___mutex_lock+0x10/0x10
[  563.408814][T14168]  ? __pfx_vfs_read+0x10/0x10
[  563.413542][T14168]  ? __fget_files+0x206/0x3a0
[  563.418274][T14168]  ksys_read+0x12b/0x250
[  563.422566][T14168]  ? __pfx_ksys_read+0x10/0x10
[  563.427415][T14168]  do_syscall_64+0xcd/0x250
[  563.431966][T14168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  563.437912][T14168] RIP: 0033:0x7ff4dab8472c
[  563.442355][T14168] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  563.462002][T14168] RSP: 002b:00007ff4dba2f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  563.470452][T14168] RAX: ffffffffffffffda RBX: 00007ff4dad76080 RCX: 00007ff4dab8472c
[  563.478457][T14168] RDX: 000000000000000f RSI: 00007ff4dba2f0a0 RDI: 0000000000000003
[  563.486462][T14168] RBP: 00007ff4dba2f090 R08: 0000000000000000 R09: 0000000000000000
[  563.494465][T14168] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  563.502473][T14168] R13: 0000000000000000 R14: 00007ff4dad76080 R15: 00007ffc5f3baa38
[  563.510499][T14168]  </TASK>
[  565.638065][T14193] kexec: Could not allocate control_code_buffer
[  566.516997][T14220] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2275'.
[  567.269778][T14238] Process accounting resumed
[  567.549082][T14215] kexec: Could not allocate control_code_buffer
[  568.131808][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  568.138292][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  568.489151][T14256] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2286'.
[  570.873079][T14295] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2299'.
[  571.139447][T14295] bond0: (slave bond_slave_1): Releasing backup interface
[  571.606119][T14275] kexec: Could not allocate control_code_buffer
[  572.297808][T14322] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  572.320380][T14322] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  572.671601][T14330] sg_read: process 321 (syz.3.2307) changed security contexts after opening file descriptor, this is not allowed.
[  573.866071][T14352] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2313'.
[  573.899896][T14352] bridge0: port 1(bridge_slave_0) entered disabled state
[  573.940944][T14352] bridge_slave_0 (unregistering): left allmulticast mode
[  573.963695][T14352] bridge_slave_0 (unregistering): left promiscuous mode
[  574.003089][T14359] raw_sendmsg: syz.4.2316 forgot to set AF_INET. Fix it!
[  574.063385][T14352] bridge0: port 1(bridge_slave_0) entered disabled state
[  574.206166][T14345] kexec: Could not allocate control_code_buffer
[  576.111224][T14371] kexec: Could not allocate control_code_buffer
[  577.208331][T14431] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2341'.
[  579.087902][T14439] kexec: Could not allocate control_code_buffer
[  579.227013][T14463] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  579.241537][T14463] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  580.789270][T14494] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2358'.
[  580.936646][T14479] kexec: Could not allocate control_code_buffer
[  581.991821][T14523] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2368'.
[  582.445522][   T29] audit: type=1107 audit(200465.739:29): pid=14539 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  583.088292][T14558] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2380'.
[  585.000531][T14638] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2392'.
[  585.425201][T14590] kexec: Could not allocate control_code_buffer
[  586.732908][T14652] kexec: Could not allocate control_code_buffer
[  587.508935][T14700] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2409'.
[  587.584363][T14697] mmap: syz.3.2408 (14697): VmData 37601280 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  589.284227][T14711] kexec: Could not allocate control_code_buffer
[  590.456428][   T29] audit: type=1800 audit(200473.741:30): pid=14749 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2422" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0
[  590.592173][T14756] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2427'.
[  590.629895][T14738] kexec: Could not allocate control_code_buffer
[  591.997237][T14789] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2438'.
[  592.033461][T14789] bridge0: port 1(bridge_slave_0) entered disabled state
[  592.177917][T14789] bridge_slave_0 (unregistering): left allmulticast mode
[  592.195829][T14789] bridge_slave_0 (unregistering): left promiscuous mode
[  592.221450][T14789] bridge0: port 1(bridge_slave_0) entered disabled state
[  592.470101][T14806] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2442'.
[  593.423382][T14820] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2444'.
[  594.231922][T14834] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2447'.
[  595.388453][ T5837] Bluetooth: hci0: ISO packet for unknown connection handle 772
[  596.072154][T14874] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2461'.
[  596.123244][T14874] bridge0: port 1(bridge_slave_0) entered disabled state
[  596.345080][T14874] bridge_slave_0 (unregistering): left allmulticast mode
[  596.364624][T14874] bridge_slave_0 (unregistering): left promiscuous mode
[  596.372799][T14874] bridge0: port 1(bridge_slave_0) entered disabled state
[  596.442874][T14888] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2466'.
[  597.290626][T14879] kexec: Could not allocate control_code_buffer
[  598.320627][T14931] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2478'.
[  599.474402][T14954] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2486'.
[  600.417174][T14959] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2483'.
[  600.426974][T14976] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2491'.
[  600.991651][T14984] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2496'.
[  601.920830][ T5837] Bluetooth: hci2: unexpected event 0x03 length: 72 > 11
[  603.290259][T15002] kexec: Could not allocate control_code_buffer
[  605.149418][T15082] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2524'.
[  605.894703][T15094] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2529'.
[  606.015873][T15071] kexec: Could not allocate control_code_buffer
[  609.390162][T15141] kexec: Could not allocate control_code_buffer
[  611.739790][ T5142] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  611.751446][ T5142] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  611.760365][ T5142] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  611.768845][ T5142] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  611.780699][ T5142] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  611.788319][ T5142] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  611.924587][ T5825] smc: removing net device syz_tun with user defined pnetid ETHTOOL
[  612.409574][T15203] chnl_net:caif_netlink_parms(): no params data found
[  612.950416][T15203] bridge0: port 1(bridge_slave_0) entered blocking state
[  612.962310][T15203] bridge0: port 1(bridge_slave_0) entered disabled state
[  613.004714][T15203] bridge_slave_0: entered allmulticast mode
[  613.011947][T15203] bridge_slave_0: entered promiscuous mode
[  613.060129][T15203] bridge0: port 2(bridge_slave_1) entered blocking state
[  613.084698][T15203] bridge0: port 2(bridge_slave_1) entered disabled state
[  613.091933][T15203] bridge_slave_1: entered allmulticast mode
[  613.105657][T15203] bridge_slave_1: entered promiscuous mode
[  613.339301][T15203] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  613.387587][T15203] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  613.520077][T15203] team0: Port device team_slave_0 added
[  613.553111][T15203] team0: Port device team_slave_1 added
[  613.807119][T15203] batman_adv: batadv0: Adding interface: batadv_slave_0
[  613.814114][T15203] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  613.864632][ T5142] Bluetooth: hci1: command tx timeout
[  613.924151][T15203] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  613.984915][T15203] batman_adv: batadv0: Adding interface: batadv_slave_1
[  613.991897][T15203] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  614.089485][T15203] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  614.431084][T15241] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2569'.
[  614.459554][T15247] netlink: 'syz.3.2571': attribute type 1 has an invalid length.
[  614.474085][T15247] netlink: 322 bytes leftover after parsing attributes in process `syz.3.2571'.
[  614.527883][T15203] hsr_slave_0: entered promiscuous mode
[  614.584480][T15203] hsr_slave_1: entered promiscuous mode
[  614.612531][T15203] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  614.623507][T15203] Cannot create hsr debugfs directory
[  614.777032][T14937] syz.6.2477 (14937) used greatest stack depth: 18368 bytes left
[  615.134881][T15203] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  615.440166][T15203] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  615.669383][T15203] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  615.953401][ T5841] Bluetooth: hci1: command tx timeout
[  616.157664][T15203] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  616.193223][ T5841] Bluetooth: hci2: command 0x0406 tx timeout
[  616.553243][T15203] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  616.579596][T15203] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  616.606190][T15203] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  616.656264][T15203] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  616.845941][T15203] 8021q: adding VLAN 0 to HW filter on device bond0
[  616.895848][T15203] 8021q: adding VLAN 0 to HW filter on device team0
[  616.946509][T14636] bridge0: port 1(bridge_slave_0) entered blocking state
[  616.953693][T14636] bridge0: port 1(bridge_slave_0) entered forwarding state
[  616.990296][T14636] bridge0: port 2(bridge_slave_1) entered blocking state
[  616.997466][T14636] bridge0: port 2(bridge_slave_1) entered forwarding state
[  617.494631][T15289] netlink: 'syz.4.2582': attribute type 1 has an invalid length.
[  617.501114][T15203] 8021q: adding VLAN 0 to HW filter on device batadv0
[  617.503012][T15289] netlink: 322 bytes leftover after parsing attributes in process `syz.4.2582'.
[  617.666085][T15203] veth0_vlan: entered promiscuous mode
[  617.688143][T15203] veth1_vlan: entered promiscuous mode
[  617.751586][T15203] veth0_macvtap: entered promiscuous mode
[  617.787082][T15203] veth1_macvtap: entered promiscuous mode
[  617.826991][T15203] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  617.846469][T15203] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  617.863627][T15203] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  617.902312][T15203] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  617.922303][T15203] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  617.960630][T15203] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  617.970963][T15203] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  617.990225][T15203] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  618.022318][T15203] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  618.032850][ T5142] Bluetooth: hci1: command tx timeout
[  618.040132][T15203] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  618.065286][T15203] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  618.076178][T15203] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  618.086472][T15203] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  618.098754][T15203] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  618.110608][T15203] batman_adv: batadv0: Interface activated: batadv_slave_0
[  618.129191][T15203] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  618.140351][T15203] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  618.151395][T15203] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  618.181596][T15203] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  618.218693][T15203] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  618.239509][T15203] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  618.276147][T15203] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  618.297703][T15203] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  618.314021][T15203] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  618.324620][T15203] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  618.334749][T15203] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  618.391948][T15203] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  618.414534][T15203] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  618.426501][T15203] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  618.448969][T15203] batman_adv: batadv0: Interface activated: batadv_slave_1
[  618.477990][T15203] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  618.497948][T15203] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  618.518454][T15203] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  618.533020][T15203] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  618.744639][T15309] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2587'.
[  618.748786][T14618] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  618.801878][T14618] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  618.881327][T14619] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  618.896239][T14619] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  618.905241][T15306] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2587'.
[  619.762867][T15303] kexec: Could not allocate control_code_buffer
[  620.101122][ T5142] Bluetooth: hci1: command tx timeout
[  620.347458][T15331] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2594'.
[  620.891777][T15341] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2596'.
[  621.250095][T15333] kexec: Could not allocate control_code_buffer
[  622.977446][T15385] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2607'.
[  623.054913][T15356] kexec: Could not allocate control_code_buffer
[  624.680936][T15397] kexec: Could not allocate control_code_buffer
[  626.439628][T15449] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2626'.
[  626.485428][T15449] veth0_vlan: entered allmulticast mode
[  627.500271][T15450] kexec: Could not allocate control_code_buffer
[  629.466890][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  629.476348][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  629.622324][T15480] kexec: Could not allocate control_code_buffer
[  629.834590][T15519] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2644'.
[  629.971597][T15515] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2644'.
[  632.619603][T15543] kexec: Could not allocate control_code_buffer
[  632.791549][T15569] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2660'.
[  635.023341][T15583] kexec: Could not allocate control_code_buffer
[  635.591001][T15611] Process accounting resumed
[  635.662710][T15611] kstrtoul() returned -22 for lu_gp_id
[  635.672232][T15618] netlink: 'syz.6.2675': attribute type 2 has an invalid length.
[  635.703277][T15618] netlink: 322 bytes leftover after parsing attributes in process `syz.6.2675'.
[  638.778549][T15654] kexec: Could not allocate control_code_buffer
[  641.011406][T15688] kexec: Could not allocate control_code_buffer
[  641.397043][ T5142] Bluetooth: hci0: unexpected event 0x04 length: 78 > 10
[  643.449697][ T5142] Bluetooth: hci0: command 0x0406 tx timeout
[  644.520697][T15747] kexec: Could not allocate control_code_buffer
[  644.658117][T15751] netlink: 338 bytes leftover after parsing attributes in process `syz.6.2710'.
[  644.685371][T15751] netlink: 338 bytes leftover after parsing attributes in process `syz.6.2710'.
[  645.220024][T15771] bridge0: port 1(batadv0) entered blocking state
[  645.238648][T15771] bridge0: port 1(batadv0) entered disabled state
[  645.245269][T15771] batadv0: entered allmulticast mode
[  645.259496][T15771] batadv0: entered promiscuous mode
[  645.271500][T15771] bridge0: port 1(batadv0) entered blocking state
[  645.278054][T15771] bridge0: port 1(batadv0) entered forwarding state
[  645.507701][T14618] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  645.517321][T14618] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  646.360798][T15791] netlink: 137 bytes leftover after parsing attributes in process `syz.4.2719'.
[  647.360050][T15803] FAULT_INJECTION: forcing a failure.
[  647.360050][T15803] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  647.384554][T15803] CPU: 1 UID: 0 PID: 15803 Comm: syz.0.2724 Not tainted 6.13.0-rc2-syzkaller-00130-g150b567e0d57 #0
[  647.395392][T15803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  647.405486][T15803] Call Trace:
[  647.408786][T15803]  <TASK>
[  647.411737][T15803]  dump_stack_lvl+0x16c/0x1f0
[  647.416452][T15803]  should_fail_ex+0x497/0x5b0
[  647.421171][T15803]  _copy_from_user+0x2e/0xd0
[  647.425805][T15803]  move_addr_to_kernel+0x68/0x160
[  647.430866][T15803]  __sys_connect+0xb0/0x170
[  647.435398][T15803]  ? __pfx___sys_connect+0x10/0x10
[  647.440542][T15803]  ? __pfx_ksys_write+0x10/0x10
[  647.445414][T15803]  __x64_sys_connect+0x72/0xb0
[  647.450280][T15803]  ? lockdep_hardirqs_on+0x7c/0x110
[  647.455496][T15803]  do_syscall_64+0xcd/0x250
[  647.460028][T15803]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  647.465944][T15803] RIP: 0033:0x7f4d24785d19
[  647.470370][T15803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  647.489991][T15803] RSP: 002b:00007f4d25617038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  647.498418][T15803] RAX: ffffffffffffffda RBX: 00007f4d24975fa0 RCX: 00007f4d24785d19
[  647.506418][T15803] RDX: 0000000000000018 RSI: 0000000020000000 RDI: 0000000000000003
[  647.514400][T15803] RBP: 00007f4d25617090 R08: 0000000000000000 R09: 0000000000000000
[  647.522382][T15803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  647.530366][T15803] R13: 0000000000000000 R14: 00007f4d24975fa0 R15: 00007ffc375ff448
[  647.538365][T15803]  </TASK>
[  647.916212][T15790] delete_channel: no stack
[  648.335044][T15801] kexec: Could not allocate control_code_buffer
[  648.752436][T15815] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2727'.
[  649.745164][T15832] Process accounting resumed
[  651.065201][T15858] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2738'.
[  651.144184][T15858] bridge0: port 1(bridge_slave_0) entered disabled state
[  651.565067][T15858] bridge_slave_0 (unregistering): left allmulticast mode
[  651.578353][T15841] kexec: Could not allocate control_code_buffer
[  651.605285][T15858] bridge_slave_0 (unregistering): left promiscuous mode
[  651.612685][T15858] bridge0: port 1(bridge_slave_0) entered disabled state
[  652.121108][T15873] netlink: 38 bytes leftover after parsing attributes in process `syz.6.2743'.
[  652.146195][T15870] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2740'.
[  653.777116][T15900] netlink: 'syz.6.2749': attribute type 1 has an invalid length.
[  653.796550][T15900] : Can't lookup blockdev
[  654.539301][T15906] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2753'.
[  654.563591][T15897] kexec: Could not allocate control_code_buffer
[  657.360556][T15940] openvswitch: netlink: Flow key attr not present in new flow.
[  659.046377][T15951] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2764'.
[  661.543858][T15969] kexec: Could not allocate control_code_buffer
[  662.302345][T15998] netlink: 38 bytes leftover after parsing attributes in process `syz.3.2776'.
[  664.006694][T15995] kexec: Could not allocate control_code_buffer
[  664.107836][T16010] netlink: 'syz.6.2778': attribute type 11 has an invalid length.
[  664.889215][T16030] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2786'.
[  665.666256][T16048] netlink: 137 bytes leftover after parsing attributes in process `syz.0.2790'.
[  666.343064][T16064] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2795'.
[  666.355602][T16062] could not allocate digest TFM handle 
[  666.762338][T16079] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2798'.
[  667.019420][T16089] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2801'.
[  667.044283][T16047] delete_channel: no stack
[  668.566519][T16112] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2807'.
[  669.778693][T16106] kexec: Could not allocate control_code_buffer
[  670.527971][T16162] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2824'.
[  670.547246][T16162] gre0: entered promiscuous mode
[  671.393514][T16147] kexec: Could not allocate control_code_buffer
[  672.226715][T16185] netlink: 'syz.3.2832': attribute type 11 has an invalid length.
[  672.882496][T16180] kexec: Could not allocate control_code_buffer
[  675.813591][T16228] kexec: Could not allocate control_code_buffer
[  676.033760][T16256] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2853'.
[  677.330934][ T5142] Bluetooth: hci0: unexpected event 0x04 length: 49 > 10
[  677.898786][T16266] kexec: Could not allocate control_code_buffer
[  678.032899][T16289] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2864'.
[  678.139359][T16293] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2865'.
[  678.168858][T16292] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2865'.
[  678.514147][T16296] program syz.0.2863 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  678.553158][T16300] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2867'.
[  679.364083][ T5142] Bluetooth: hci0: command 0x0406 tx timeout
[  680.261116][T16334] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2875'.
[  680.801470][T16319] kexec: Could not allocate control_code_buffer
[  681.289208][T16351] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2879'.
[  684.636904][T16400] netlink: 330 bytes leftover after parsing attributes in process `syz.4.2892'.
[  685.011556][T16386] kexec: Could not allocate control_code_buffer
[  686.340863][T16413] kexec: Could not allocate control_code_buffer
[  686.396686][T16419] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2897'.
[  688.011760][T16452] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2907'.
[  688.037112][T16452] bridge_slave_1: left allmulticast mode
[  688.042803][T16452] bridge_slave_1: left promiscuous mode
[  688.063408][T16452] bridge0: port 2(bridge_slave_1) entered disabled state
[  688.283955][T16444] kexec: Could not allocate control_code_buffer
[  690.383903][T16470] kexec: Could not allocate control_code_buffer
[  690.869108][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  690.875654][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  692.483496][T16515] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2923'.
[  692.579086][T16513] netlink: 'syz.3.2923': attribute type 1 has an invalid length.
[  693.729779][T16508] kexec: Could not allocate control_code_buffer
[  693.862580][T16521] netlink: 'syz.4.2927': attribute type 4 has an invalid length.
[  694.222349][T16534] netlink: 326 bytes leftover after parsing attributes in process `syz.3.2929'.
[  695.814590][T16540] kexec: Could not allocate control_code_buffer
[  696.040390][T16558] openvswitch: netlink: Key type 29 is not supported
[  698.536069][T16600] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2952'.
[  698.616108][T16576] kexec: Could not allocate control_code_buffer
[  699.020411][T16609] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2954'.
[  699.031124][T16613] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2964'.
[  699.041622][T16609] bridge_slave_1: left allmulticast mode
[  699.047301][T16609] bridge_slave_1: left promiscuous mode
[  699.081780][T16609] bridge0: port 2(bridge_slave_1) entered disabled state
[  699.424247][T16622] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2957'.
[  699.707511][T16635] netlink: 174 bytes leftover after parsing attributes in process `syz.3.2960'.
[  701.433896][T16645] kexec: Could not allocate control_code_buffer
[  702.090966][T16662] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2968'.
[  702.633519][T16683] netlink: 74 bytes leftover after parsing attributes in process `syz.6.2973'.
[  704.542602][T16717] netlink: 334 bytes leftover after parsing attributes in process `syz.4.2984'.
[  705.397445][T16732] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2983'.
[  705.474542][T16704] kexec: Could not allocate control_code_buffer
[  707.976029][T16751] kexec: Could not allocate control_code_buffer
[  709.401026][T16767] kexec: Could not allocate control_code_buffer
[  710.335625][T16803] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3008'.
[  710.940624][T16812] netlink: 'syz.4.3013': attribute type 10 has an invalid length.
[  710.948659][T16812] netlink: 326 bytes leftover after parsing attributes in process `syz.4.3013'.
[  711.181409][T16817] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3014'.
[  714.463077][T16837] kexec: Could not allocate control_code_buffer
[  716.052843][T16839] kexec: Could not allocate control_code_buffer
[  717.080201][T16879] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3030'.
[  719.798016][T16931] kexec: Could not allocate control_code_buffer
[  722.351520][T16950] kexec: Could not allocate control_code_buffer
[  723.786822][T16983] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3066'.
[  723.840725][T16983] bridge_slave_1: left allmulticast mode
[  723.846509][T16983] bridge_slave_1: left promiscuous mode
[  723.898803][T16983] bridge0: port 2(bridge_slave_1) entered disabled state
[  725.889584][T17006] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3073'.
[  726.079584][T16996] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3069'.
[  726.638552][T17024] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3077'.
[  727.792525][T17048] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3083'.
[  728.555401][T17054] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3085'.
[  729.801093][T17074] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3090'.
[  730.022415][T17055] kexec: Could not allocate control_code_buffer
[  733.060901][T17118] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3102'.
[  733.309388][T17103] kexec: Could not allocate control_code_buffer
[  733.904202][ T5841] Bluetooth: hci1: command 0x0406 tx timeout
[  735.493574][   T29] audit: type=1326 audit(4294967356.131:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17156 comm="syz.0.3114" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4d24785d19 code=0x0
[  736.150889][ T5841] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  736.161172][ T5841] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  736.169245][ T5841] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  736.178331][ T5841] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  736.186420][ T5841] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  736.194274][ T5841] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  737.077544][T17162] chnl_net:caif_netlink_parms(): no params data found
[  737.373921][T17162] bridge0: port 1(bridge_slave_0) entered blocking state
[  737.381684][T17162] bridge0: port 1(bridge_slave_0) entered disabled state
[  737.416126][T17162] bridge_slave_0: entered allmulticast mode
[  737.431120][T17162] bridge_slave_0: entered promiscuous mode
[  737.473889][T17162] bridge0: port 2(bridge_slave_1) entered blocking state
[  737.481326][T17162] bridge0: port 2(bridge_slave_1) entered disabled state
[  737.512471][T17162] bridge_slave_1: entered allmulticast mode
[  737.519531][T17162] bridge_slave_1: entered promiscuous mode
[  737.762741][T17162] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  737.794650][T17162] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  737.963006][T17162] team0: Port device team_slave_0 added
[  738.006094][T17162] team0: Port device team_slave_1 added
[  738.250697][T17162] batman_adv: batadv0: Adding interface: batadv_slave_0
[  738.258512][T17162] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  738.287611][ T5841] Bluetooth: hci4: command tx timeout
[  738.331854][T17162] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  738.344995][T17162] batman_adv: batadv0: Adding interface: batadv_slave_1
[  738.352974][T17162] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  738.401991][T17162] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  738.484873][T17162] hsr_slave_0: entered promiscuous mode
[  738.512412][T17162] hsr_slave_1: entered promiscuous mode
[  738.524923][T17162] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  738.532619][T17162] Cannot create hsr debugfs directory
[  739.144434][T17162] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  739.493218][T17162] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  739.812695][T17162] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  739.971178][T17162] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  740.371163][ T5841] Bluetooth: hci4: command tx timeout
[  740.377570][T17162] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  740.411606][T17162] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  740.553208][T17162] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  740.583118][T17162] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  740.620371][T17203] kexec: Could not allocate control_code_buffer
[  740.848016][T17162] 8021q: adding VLAN 0 to HW filter on device bond0
[  740.864550][T17162] 8021q: adding VLAN 0 to HW filter on device team0
[  740.893618][T14609] bridge0: port 1(bridge_slave_0) entered blocking state
[  740.900849][T14609] bridge0: port 1(bridge_slave_0) entered forwarding state
[  740.948432][T14609] bridge0: port 2(bridge_slave_1) entered blocking state
[  740.955707][T14609] bridge0: port 2(bridge_slave_1) entered forwarding state
[  741.271650][T17223] netlink: 330 bytes leftover after parsing attributes in process `syz.0.3127'.
[  741.301193][T17162] 8021q: adding VLAN 0 to HW filter on device batadv0
[  741.320545][T17223] : renamed from bond_slave_1 (while UP)
[  741.755042][T17162] veth0_vlan: entered promiscuous mode
[  741.766078][T17162] veth1_vlan: entered promiscuous mode
[  741.815096][T17162] veth0_macvtap: entered promiscuous mode
[  741.864755][T17162] veth1_macvtap: entered promiscuous mode
[  741.899570][T17162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  741.922762][T17162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  741.940453][T17162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  741.969531][T17162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  742.036982][T17162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  742.080393][T17162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  742.120668][T17162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  742.153092][T17162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  742.178705][T17162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  742.189489][T17162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  742.199796][T17162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  742.210394][T17162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  742.220356][T17162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  742.230852][T17162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  742.241199][T17162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  742.252081][T17162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  742.263174][T17162] batman_adv: batadv0: Interface activated: batadv_slave_0
[  742.273663][T17162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  742.284569][T17162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  742.294878][T17162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  742.305851][T17162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  742.315794][T17162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  742.326308][T17162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  742.336240][T17162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  742.347206][T17162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  742.357543][T17162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  742.368118][T17162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  742.378016][T17162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  742.388506][T17162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  742.398579][T17162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  742.409222][T17162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  742.419106][T17162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  742.429635][T17162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  742.441024][T17162] batman_adv: batadv0: Interface activated: batadv_slave_1
[  742.451746][T17162] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  742.460776][T17162] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  742.469518][T17162] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  742.478318][T17162] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  742.501985][ T5841] Bluetooth: hci4: command tx timeout
[  742.939114][T14615] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  742.968535][T14618] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  742.975874][T14615] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  742.976469][T14618] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  744.309564][T17253] kexec: Could not allocate control_code_buffer
[  744.502161][T17261] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3134'.
[  744.529317][ T5841] Bluetooth: hci4: command tx timeout
[  747.701958][T17299] kexec: Could not allocate control_code_buffer
[  748.676086][T17341] netlink: 330 bytes leftover after parsing attributes in process `syz.6.3156'.
[  748.707045][T17341] : renamed from bond_slave_1 (while UP)
[  749.907578][T17363] netlink: 322 bytes leftover after parsing attributes in process `syz.6.3166'.
[  750.339080][T17375] nbd: must specify at least one socket
[  750.956948][T17358] kexec: Could not allocate control_code_buffer
[  751.606775][T17407] netlink: 504 bytes leftover after parsing attributes in process `syz.0.3177'.
[  752.280893][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  752.287626][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  752.392114][T17422] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3182'.
[  752.495582][T17437] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3186'.
[  752.541260][T17436] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3186'.
[  752.636239][T17433] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3185'.
[  752.676176][T17433] bridge0: port 1(bridge_slave_0) entered disabled state
[  752.798795][T17433] bridge_slave_0 (unregistering): left allmulticast mode
[  752.815246][T17433] bridge_slave_0 (unregistering): left promiscuous mode
[  752.832409][T17433] bridge0: port 1(bridge_slave_0) entered disabled state
[  753.235358][T17427] kexec: Could not allocate control_code_buffer
[  753.873186][T17461] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3193'.
[  754.201323][T17466] netlink: 330 bytes leftover after parsing attributes in process `syz.0.3194'.
[  754.777304][T17452] kexec: Could not allocate control_code_buffer
[  755.164952][T17485] netlink: 330 bytes leftover after parsing attributes in process `syz.4.3202'.
[  755.183482][T17485] : renamed from bond_slave_1 (while UP)
[  756.373888][T17511] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3211'.
[  756.515690][T17480] kexec: Could not allocate control_code_buffer
[  758.115118][T17522] kexec: Could not allocate control_code_buffer
[  758.154934][T17553] netlink: 'syz.3.3220': attribute type 4 has an invalid length.
[  758.181862][T17553] netlink: 314 bytes leftover after parsing attributes in process `syz.3.3220'.
[  758.711988][T17563] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3224'.
[  759.382718][T17569] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3225'.
[  759.501725][T17556] kexec: Could not allocate control_code_buffer
[  761.402153][T17605] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3235'.
[  761.974595][T17593] kexec: Could not allocate control_code_buffer
[  762.291947][   T29] audit: type=1326 audit(4531.470:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17630 comm="syz.4.3244" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4339185d19 code=0x0
[  763.150816][T17637] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3246'.
[  764.170406][T17634] kexec: Could not allocate control_code_buffer
[  766.817269][T17698] netlink: 334 bytes leftover after parsing attributes in process `syz.4.3266'.
[  767.308718][T17710] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3269'.
[  767.349412][T17709] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3271'.
[  767.704653][T17720] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3273'.
[  767.713909][T17720] bridge_slave_1: left allmulticast mode
[  767.719920][T17720] bridge_slave_1: left promiscuous mode
[  767.726045][T17720] bridge0: port 2(bridge_slave_1) entered disabled state
[  767.729189][T17695] kexec: Could not allocate control_code_buffer
[  768.136124][T17729] netlink: 330 bytes leftover after parsing attributes in process `syz.3.3277'.
[  768.182876][T17727] Invalid ELF header magic: != ELF
[  768.198176][T17727] ubi: mtd0 is already attached to ubi0
[  768.666991][T17742] svc: failed to register nfsdv3 RPC service (errno 111).
[  768.718852][T17742] svc: failed to register nfsaclv3 RPC service (errno 111).
[  769.100154][T17722] kexec: Could not allocate control_code_buffer
[  770.831084][T17780] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3290'.
[  770.856321][T17773] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3286'.
[  771.026015][T17783] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3291'.
[  771.581473][T17751] kexec: Could not allocate control_code_buffer
[  771.595564][T17802] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3299'.
[  772.155268][T17809] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3303'.
[  774.735895][T17846] kexec: Could not allocate control_code_buffer
[  774.991898][T17887] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3317'.
[  775.004844][T17886] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3317'.
[  775.378395][T17892] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3319'.
[  775.403233][T17892] netlink: 2 bytes leftover after parsing attributes in process `syz.0.3319'.
[  775.991341][T17920] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3326'.
[  777.506876][T17923] kexec: Could not allocate control_code_buffer
[  778.264879][T17965] svc: failed to register nfsdv3 RPC service (errno 111).
[  778.297075][T17965] svc: failed to register nfsaclv3 RPC service (errno 111).
[  780.283823][T17970] kexec: Could not allocate control_code_buffer
[  780.724777][T18006] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3352'.
[  782.954668][T18023] kexec: Could not allocate control_code_buffer
[  782.961654][T18044] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3362'.
[  784.493802][T18084] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3374'.
[  786.053852][T18124] netlink: 'syz.4.3385': attribute type 46 has an invalid length.
[  786.506323][T18101] kexec: Could not allocate control_code_buffer
[  787.158908][T18136] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3388'.
[  789.620795][T18165] kexec: Could not allocate control_code_buffer
[  791.380309][T18226] netlink: 32 bytes leftover after parsing attributes in process `syz.6.3414'.
[  795.736194][T18325] 
[  795.738580][T18325] ======================================================
[  795.745626][T18325] WARNING: possible circular locking dependency detected
[  795.752661][T18325] 6.13.0-rc2-syzkaller-00130-g150b567e0d57 #0 Not tainted
[  795.759787][T18325] ------------------------------------------------------
[  795.766823][T18325] syz.3.3443/18325 is trying to acquire lock:
[  795.772903][T18325] ffffffff8fabdc08 (rtnl_mutex){+.+.}-{4:4}, at: do_ipv6_setsockopt+0x1f4d/0x4660
[  795.782186][T18325] 
[  795.782186][T18325] but task is already holding lock:
[  795.789561][T18325] ffff888049e2cfa8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x101/0xc00
[  795.799720][T18325] 
[  795.799720][T18325] which lock already depends on the new lock.
[  795.799720][T18325] 
[  795.810142][T18325] 
[  795.810142][T18325] the existing dependency chain (in reverse order) is:
[  795.819171][T18325] 
[  795.819171][T18325] -> #2 (&smc->clcsock_release_lock){+.+.}-{4:4}:
[  795.827819][T18325]        __mutex_lock+0x19b/0xa60
[  795.832897][T18325]        smc_switch_to_fallback+0x2d/0xa00
[  795.838749][T18325]        smc_sendmsg+0x13d/0x520
[  795.843731][T18325]        ____sys_sendmsg+0x9ae/0xb40
[  795.849041][T18325]        ___sys_sendmsg+0x135/0x1e0
[  795.854295][T18325]        __sys_sendmsg+0x16e/0x220
[  795.859476][T18325]        do_syscall_64+0xcd/0x250
[  795.864552][T18325]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  795.871025][T18325] 
[  795.871025][T18325] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}:
[  795.878723][T18325]        lock_sock_nested+0x3a/0xf0
[  795.883965][T18325]        sockopt_lock_sock+0x54/0x70
[  795.889289][T18325]        do_ip_getsockopt+0x115c/0x2bf0
[  795.894867][T18325]        ip_getsockopt+0x9c/0x1e0
[  795.899921][T18325]        raw_getsockopt+0x4d/0x1e0
[  795.905098][T18325]        do_sock_getsockopt+0x3fe/0x870
[  795.910710][T18325]        __sys_getsockopt+0x12f/0x260
[  795.916139][T18325]        __x64_sys_getsockopt+0xbd/0x160
[  795.921818][T18325]        do_syscall_64+0xcd/0x250
[  795.926879][T18325]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  795.933331][T18325] 
[  795.933331][T18325] -> #0 (rtnl_mutex){+.+.}-{4:4}:
[  795.940600][T18325]        __lock_acquire+0x249e/0x3c40
[  795.946068][T18325]        lock_acquire.part.0+0x11b/0x380
[  795.951744][T18325]        __mutex_lock+0x19b/0xa60
[  795.956807][T18325]        do_ipv6_setsockopt+0x1f4d/0x4660
[  795.962571][T18325]        ipv6_setsockopt+0xcb/0x170
[  795.967814][T18325]        tcp_setsockopt+0xa4/0x100
[  795.972960][T18325]        smc_setsockopt+0x1b4/0xc00
[  795.978201][T18325]        do_sock_setsockopt+0x222/0x480
[  795.983798][T18325]        __sys_setsockopt+0x1a0/0x230
[  795.989215][T18325]        __x64_sys_setsockopt+0xbd/0x160
[  795.994883][T18325]        do_syscall_64+0xcd/0x250
[  795.999940][T18325]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  796.006395][T18325] 
[  796.006395][T18325] other info that might help us debug this:
[  796.006395][T18325] 
[  796.016639][T18325] Chain exists of:
[  796.016639][T18325]   rtnl_mutex --> sk_lock-AF_INET --> &smc->clcsock_release_lock
[  796.016639][T18325] 
[  796.030241][T18325]  Possible unsafe locking scenario:
[  796.030241][T18325] 
[  796.037705][T18325]        CPU0                    CPU1
[  796.043082][T18325]        ----                    ----
[  796.048457][T18325]   lock(&smc->clcsock_release_lock);
[  796.053852][T18325]                                lock(sk_lock-AF_INET);
[  796.060808][T18325]                                lock(&smc->clcsock_release_lock);
[  796.068719][T18325]   lock(rtnl_mutex);
[  796.072724][T18325] 
[  796.072724][T18325]  *** DEADLOCK ***
[  796.072724][T18325] 
[  796.080875][T18325] 1 lock held by syz.3.3443/18325:
[  796.085999][T18325]  #0: ffff888049e2cfa8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x101/0xc00
[  796.096615][T18325] 
[  796.096615][T18325] stack backtrace:
[  796.102513][T18325] CPU: 1 UID: 0 PID: 18325 Comm: syz.3.3443 Not tainted 6.13.0-rc2-syzkaller-00130-g150b567e0d57 #0
[  796.113299][T18325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  796.123373][T18325] Call Trace:
[  796.126664][T18325]  <TASK>
[  796.129617][T18325]  dump_stack_lvl+0x116/0x1f0
[  796.134331][T18325]  print_circular_bug+0x41c/0x610
[  796.139411][T18325]  check_noncircular+0x31a/0x400
[  796.144396][T18325]  ? __pfx_check_noncircular+0x10/0x10
[  796.149899][T18325]  ? __pfx_mark_lock+0x10/0x10
[  796.154708][T18325]  ? lockdep_lock+0xc6/0x200
[  796.159336][T18325]  ? __pfx_lockdep_lock+0x10/0x10
[  796.164430][T18325]  ? __pfx_mark_lock+0x10/0x10
[  796.169237][T18325]  __lock_acquire+0x249e/0x3c40
[  796.174141][T18325]  ? __pfx___lock_acquire+0x10/0x10
[  796.179393][T18325]  ? __lock_acquire+0x15a9/0x3c40
[  796.184470][T18325]  lock_acquire.part.0+0x11b/0x380
[  796.189699][T18325]  ? do_ipv6_setsockopt+0x1f4d/0x4660
[  796.195106][T18325]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  796.200763][T18325]  ? rcu_is_watching+0x12/0xc0
[  796.205569][T18325]  ? trace_lock_acquire+0x14e/0x1f0
[  796.210812][T18325]  ? do_ipv6_setsockopt+0x1f4d/0x4660
[  796.216220][T18325]  ? lock_acquire+0x2f/0xb0
[  796.220747][T18325]  ? do_ipv6_setsockopt+0x1f4d/0x4660
[  796.226153][T18325]  __mutex_lock+0x19b/0xa60
[  796.226707][T18312] kexec: Could not allocate control_code_buffer
[  796.230672][T18325]  ? do_ipv6_setsockopt+0x1f4d/0x4660
[  796.230708][T18325]  ? __pfx_mark_lock+0x10/0x10
[  796.230753][T18325]  ? do_ipv6_setsockopt+0x1f4d/0x4660
[  796.230788][T18325]  ? __pfx___mutex_lock+0x10/0x10
[  796.230824][T18325]  ? __pfx_register_lock_class+0x10/0x10
[  796.230853][T18325]  ? finish_task_switch.isra.0+0x217/0xcc0
[  796.269085][T18325]  ? __switch_to+0x749/0x1190
[  796.273811][T18325]  ? hlock_class+0x4e/0x130
[  796.278353][T18325]  ? do_ipv6_setsockopt+0x1f4d/0x4660
[  796.283761][T18325]  ? rtnl_lock+0x9/0x20
[  796.287963][T18325]  do_ipv6_setsockopt+0x1f4d/0x4660
[  796.293203][T18325]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  796.298787][T18325]  ? lock_acquire.part.0+0x11b/0x380
[  796.304114][T18325]  ? __mutex_trylock_common+0xea/0x250
[  796.309619][T18325]  ? __pfx___mutex_trylock_common+0x10/0x10
[  796.315554][T18325]  ? smc_setsockopt+0x101/0xc00
[  796.320459][T18325]  ? rcu_is_watching+0x12/0xc0
[  796.325267][T18325]  ? trace_contention_end+0xee/0x140
[  796.330581][T18325]  ? __mutex_lock+0x1cc/0xa60
[  796.335287][T18325]  ? __pfx___futex_wait+0x10/0x10
[  796.340335][T18325]  ? smc_setsockopt+0x101/0xc00
[  796.345229][T18325]  ? __pfx___mutex_lock+0x10/0x10
[  796.350272][T18325]  ? ipv6_setsockopt+0xcb/0x170
[  796.355142][T18325]  ipv6_setsockopt+0xcb/0x170
[  796.359832][T18325]  tcp_setsockopt+0xa4/0x100
[  796.364441][T18325]  smc_setsockopt+0x1b4/0xc00
[  796.369143][T18325]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  796.375065][T18325]  ? __pfx_smc_setsockopt+0x10/0x10
[  796.380291][T18325]  ? __pfx_smc_setsockopt+0x10/0x10
[  796.385520][T18325]  do_sock_setsockopt+0x222/0x480
[  796.390583][T18325]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  796.396170][T18325]  ? lock_acquire+0x2f/0xb0
[  796.400700][T18325]  __sys_setsockopt+0x1a0/0x230
[  796.405584][T18325]  __x64_sys_setsockopt+0xbd/0x160
[  796.410722][T18325]  ? do_syscall_64+0x91/0x250
[  796.415417][T18325]  ? lockdep_hardirqs_on+0x7c/0x110
[  796.420627][T18325]  do_syscall_64+0xcd/0x250
[  796.425143][T18325]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  796.431048][T18325] RIP: 0033:0x7ff4dab85d19
[  796.435469][T18325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  796.455089][T18325] RSP: 002b:00007ff4dba50038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  796.463513][T18325] RAX: ffffffffffffffda RBX: 00007ff4dad75fa0 RCX: 00007ff4dab85d19
[  796.471498][T18325] RDX: 0000000000000001 RSI: 0000000000000029 RDI: 0000000000000003
[  796.479480][T18325] RBP: 00007ff4dac01a20 R08: 0000000000000025 R09: 0000000000000000
[  796.487459][T18325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  796.495441][T18325] R13: 0000000000000000 R14: 00007ff4dad75fa0 R15: 00007ffc5f3baa38
[  796.503432][T18325]  </TASK>