last executing test programs:

2m12.853361621s ago: executing program 3 (id=1277):
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x110)
fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d)
r0 = io_uring_setup$auto(0x1, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x109302, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = socket(0x2b, 0x1, 0x1)
setsockopt$auto_SO_TIMESTAMP_NEW(0xffffffffffffffff, 0x1, 0x3f, 0x0, 0x81)
setsockopt$auto(r2, 0x0, 0x1, 0x0, 0x1e)
write$auto(r1, &(0x7f0000000400)='/dev/auR\xeb\xa9\x01\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x7, 0xc45d, 0x80, 0x6, 0x3, 0x2, 0x3, 0x3, 0x62, 0x80000022, 0x7, 0x6d3e, 0x2000000004000009, 0x2, 0x6]}, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
ioctl$auto(r2, 0x1005, r0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$auto(0xf880, 0xc, 0xdf, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
futex$auto(0x0, 0x89, 0x808, 0x0, 0x0, 0xfffffffa)
r3 = openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, &(0x7f0000000000)='/dev/etherd/discover\x00', 0x80101, 0x0)
writev$auto(r3, &(0x7f0000000140)={0x0, 0xe4}, 0x4)

2m10.658057413s ago: executing program 3 (id=1280):
socket(0x11, 0x80003, 0x300)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-9/xps_rxqs\x00', 0x1a1842, 0x0)
unshare$auto(0x40000080)
socket$nl_generic(0x10, 0x3, 0x10)
open(&(0x7f0000000040)='./file0\x00', 0x44, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000003c0)=""/192, 0xc0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/pcm0p/sub0/info\x00', 0x1c1282, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mmap$auto(0x0, 0x10000, 0x8000, 0xeb1, 0xfffffffffffffffa, 0x8000)
ppoll$auto(0x0, 0x9, 0x0, 0x0, 0x8)
madvise$auto(0x0, 0x200007, 0x19)
syz_clone3(0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0)
r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
write$auto(r0, 0x0, 0x4)

2m7.397286477s ago: executing program 3 (id=1287):
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon0\x00', 0x640, 0x0)
mmap$auto(0x0, 0xdb3, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp1\x00', 0x220480, 0x0)
socket(0x1e, 0x4, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
socket(0x2, 0x1, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi15\x00', 0x802, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/ip_local_port_range\x00', 0x20202, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x840, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0)
socket(0x10, 0x2, 0x6)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x55)
socket(0x2, 0x3, 0xa)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8)
connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55)
write$auto(0x3, 0x0, 0xfdef)

2m6.692130486s ago: executing program 3 (id=1289):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x2, 0xa, 0xa)
open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x8)
socket(0xa, 0x5, 0x0)
io_uring_setup$auto(0x1, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/vkms/graphics/fb0/state\x00', 0xc2481, 0x0)
io_uring_setup$auto(0x59, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x2000, 0x0)
r0 = open(0x0, 0x149443, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa901, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x5, 0x0)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x440, 0x0)
socket(0xa, 0x802, 0x3a)
socket(0x29, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b82, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0x10, 0x2, 0x14)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14af"], 0x14}, 0x1, 0x0, 0x0, 0x8800}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xffffffffffffff14, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r1], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x200440c0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x800)
sendmmsg$auto(r2, &(0x7f0000000080)={{0x0, 0x8001c01, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x1}, 0x7}, 0x3d55, 0x0)

2m6.364647898s ago: executing program 3 (id=1291):
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x15, 0x5, 0x0)
socket(0xa, 0x2, 0x88)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x46)
write$auto(0x3, 0x0, 0xffd8)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000bc0), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'veth1_to_bond\x00', <r3=>0x0})
sendmsg$auto_BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)={0x1c, r1, 0x305, 0x70bd23, 0x25dfdbfb, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40008}, 0x4000040)
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x4f1, 0x2, 0x8000)
r4 = socket(0x2, 0x6, 0xffffffee)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
setsockopt$auto(r4, 0x6, 0x8, 0x0, 0x10000)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0006, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
write$auto(0x3, 0x0, 0xfdef)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x400053, 0x9)
r5 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/stat\x00', 0x40440, 0x0)
read$auto_proc_single_file_operations_base(r5, &(0x7f0000000040)=""/9, 0x9)

2m4.192416492s ago: executing program 3 (id=1297):
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = clone3$auto(&(0x7f00000002c0)={0x4, 0x9, 0x1, 0x2, 0x8000, 0xffffffffffffffff, 0x7, 0x3, 0xffffffffffffffea, 0x8, 0x200}, 0x7)
ptrace$auto_PTRACE_GETSIGMASK(0x420a, r1, 0x6e3, 0x1)
ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptyzf\x00', 0x2200, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
io_setup$auto(0x7ffe, 0x0)
io_setup$auto(0x7ffe, &(0x7f0000000000))
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0)
syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, r3)
write$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000200)='5', 0x1)
capset$auto(&(0x7f0000000340)={0x19980330}, 0x0)
select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x8, 0x4, 0x2, 0xb, 0x1, 0x4, 0x0, 0x7fff, 0xa, 0x193, 0xfffffffffffffff9, 0x3, 0x5e4, 0x1000, 0x1, 0x1]}, &(0x7f0000000380)={[0x8000000000000001, 0x5, 0x1, 0x10001, 0xe, 0xf, 0x5, 0x3, 0x59fc8000, 0x200006, 0x8000000000000000, 0x3, 0x800, 0x7, 0x1ff, 0x5]}, &(0x7f0000000280)={0x6, 0xc8})
io_uring_register$auto_IORING_UNREGISTER_PERSONALITY(r0, 0xa, &(0x7f0000000180)="221aa2a2e1a47c16e9b935b36eb66fa98ca6d90b78e1fc1799ad1e15807c54f58fa1ee6c6927048cbda12b4e1ad0336a4b88db6e5c7e4fedd6852f33d0b576", 0x2f)
socket(0xa, 0x5, 0x94)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dri/card0\x00', 0x6c800, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)

1m49.052056638s ago: executing program 32 (id=1297):
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = clone3$auto(&(0x7f00000002c0)={0x4, 0x9, 0x1, 0x2, 0x8000, 0xffffffffffffffff, 0x7, 0x3, 0xffffffffffffffea, 0x8, 0x200}, 0x7)
ptrace$auto_PTRACE_GETSIGMASK(0x420a, r1, 0x6e3, 0x1)
ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptyzf\x00', 0x2200, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
io_setup$auto(0x7ffe, 0x0)
io_setup$auto(0x7ffe, &(0x7f0000000000))
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0)
syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, r3)
write$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000200)='5', 0x1)
capset$auto(&(0x7f0000000340)={0x19980330}, 0x0)
select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x8, 0x4, 0x2, 0xb, 0x1, 0x4, 0x0, 0x7fff, 0xa, 0x193, 0xfffffffffffffff9, 0x3, 0x5e4, 0x1000, 0x1, 0x1]}, &(0x7f0000000380)={[0x8000000000000001, 0x5, 0x1, 0x10001, 0xe, 0xf, 0x5, 0x3, 0x59fc8000, 0x200006, 0x8000000000000000, 0x3, 0x800, 0x7, 0x1ff, 0x5]}, &(0x7f0000000280)={0x6, 0xc8})
io_uring_register$auto_IORING_UNREGISTER_PERSONALITY(r0, 0xa, &(0x7f0000000180)="221aa2a2e1a47c16e9b935b36eb66fa98ca6d90b78e1fc1799ad1e15807c54f58fa1ee6c6927048cbda12b4e1ad0336a4b88db6e5c7e4fedd6852f33d0b576", 0x2f)
socket(0xa, 0x5, 0x94)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dri/card0\x00', 0x6c800, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)

1m42.590510821s ago: executing program 1 (id=1357):
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0xc0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0xc, 0x9c0f, 0x44eb2, 0x10006, 0x300000000000)
socket(0x2, 0x3, 0x6)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
write$auto_console_fops_tty_io(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0xc0)
openat$auto_cgwb_debug_stats_fops_(0xffffffffffffff9c, &(0x7f00000010c0)='/sys/kernel/debug/bdi/1:15/wb_stats\x00', 0x40, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
socket(0x2, 0x1, 0x0)
socketpair$auto(0x1e, 0x3, 0xfffffffe, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x3}, 0x7}, 0x3, 0xcad7)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0x2, 0x8000)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x8080, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/vkms/graphics/fb0/bits_per_pixel\x00', 0x82942, 0x0)
sendfile$auto(r1, r1, 0x0, 0x200)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x129800, 0x0)
write$auto(0x3, 0x0, 0x100085)

1m41.01905368s ago: executing program 1 (id=1362):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x8, 0x1, 0x2, 0x4, 0x15f4da0e, 0x3, 0xd08, 0xc, 0x8, 0x4, 0x6d3f, 0x9, 0x2, 0x4000000000000d]}, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
socket(0x2c, 0x1, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x20000a, 0x4)
prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007)
bind$auto(0x3, 0x0, 0x6a)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1, 0x400000001, 0x0, 0x1, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x7f, 0x0)
close_range$auto(0x2, 0xa, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket(0x2, 0x2, 0x1)

1m39.661702809s ago: executing program 1 (id=1366):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8001)
connect$auto(0xffffffffffffffff, 0x0, 0x55)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x20540, 0x0)
move_pages$auto(0x0, 0x4f4f, 0x0, 0x0, 0x0, 0xfffffffe)
r1 = socket(0x2, 0x1, 0x0)
ioctl$auto(r0, 0x5420, r1)
ioctl$auto(0x3, 0x5403, 0x38)
close_range$auto(0x2, 0xa, 0x0)
r2 = socket(0xa, 0x2, 0x88)
connect$auto(0x3, 0x0, 0x55)
sendmmsg$auto(0x3, 0x0, 0x3, 0x6)
setsockopt$auto_SO_TIMESTAMPING_NEW(r2, 0x7ff, 0x41, 0x0, 0x9)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0)
read$auto(r3, 0x0, 0x20)
r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0)
ioctl$auto_TIOCSWINSZ2(r5, 0x5414, 0x0)
writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyS3\x00', 0x40, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0)
keyctl$auto(0x8, 0xfffffffffffffffd, 0xffffffffffffffff, 0x5092, 0x2)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000000140), r2)
unshare$auto(0x40000080)

1m39.461773756s ago: executing program 2 (id=1367):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xfffffffffffeffff, 0x15)
mprotect$auto(0xfffffffffffffffe, 0x7d, 0x8)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
mremap$auto(0x0, 0xffffffffffffffff, 0x3fd6, 0x3, 0x7fffffffb000)
prctl$auto(0x23, 0x7, 0x7fffffffefff, 0x0, 0x0)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/icmp\x00', 0xc0880, 0x0)
read$auto(r0, &(0x7f0000000040)='/proc/self/net/icmp\x00', 0x80000001)
readlink$auto(&(0x7f0000000040)='./file2/file0\x00', 0x0, 0x6)
socketpair$auto(0x1, 0x3, 0x5, 0x0)
adjtimex$auto(&(0x7f0000000300)={0x7, 0x0, 0xfffffffffffffff3, 0xffffffffffff7fff, 0x3, 0xa769, 0x6, 0x0, 0x400, 0xfffffffffffffff9, 0x8000, {0x7, 0x3b}, 0x3, 0x80, 0x5795, 0x323, 0x0, 0x2, 0xffffffffffff0000, 0x3, 0x8, 0x3c, 0x5})
ioctl$auto(0x3, 0xc048aec8, 0xffffffffffffffff)
readlink$auto(0x0, 0x0, 0x800)
r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/lockdep_chains\x00', 0x10b402, 0x0)
pread64$auto(r1, 0x0, 0x100000001, 0x100)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$auto_RTC_PARAM_GET(0xffffffffffffffff, 0x40187013, 0x0)
sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002dbd7000fddbdf25080003000800", @ANYRES32], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097f751b33e}, 0x80)
mmap$auto(0x0, 0x6, 0x5, 0x14, 0xfffffffffffffffa, 0x8000)
getrandom$auto(0x0, 0x6000000, 0x3)
mbind$auto(0x0, 0x8000000000000000, 0x4, 0x0, 0x6, 0x2)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
mmap$auto(0x401, 0x1, 0xdf, 0x16, 0xffffffffffffffff, 0x0)

1m38.506805098s ago: executing program 1 (id=1368):
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/dynamic_events\x00', 0x542, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = socket(0x2, 0x801, 0x106)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x8000003, 0x7)
statx$auto(0x2, 0x0, 0x1000, 0xbdfa, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
rseq$auto(0x0, 0x8000, 0x0, 0x6)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
setsockopt$auto(r1, 0x6, 0x1e, 0x0, 0xa1)
write$auto_dynamic_events_ops_trace_dynevent(r0, &(0x7f0000000140)="653a6575b42146076c4f11b1be3e769f2059", 0x12)
r2 = pipe$auto(0x0)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x4040, 0x0)
fadvise64$auto(r3, 0x8, 0x400000000000006, 0x4)
mmap$auto(0x0, 0x5810, 0xffb, 0x12, r2, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/ipv6_route\x00', 0x101000, 0x0)
pread64$auto(r4, 0x0, 0xf6f, 0xffff)
mincore$auto(0x1, 0xc28, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r5, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x4040000)
sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r2, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x74, r6, 0x10, 0x70bd2c, 0x25dfdbfb, {}, [@ETHTOOL_A_TUNNEL_INFO_HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x157}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x80000001}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_TUNNEL_INFO_HEADER={0x4}]}, 0x74}, 0x1, 0x0, 0x0, 0x4000094}, 0x800)

1m38.504191575s ago: executing program 2 (id=1369):
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = clone3$auto(&(0x7f00000002c0)={0x4, 0x9, 0x1, 0x2, 0x8000, 0xffffffffffffffff, 0x7, 0x3, 0xffffffffffffffea, 0x8, 0x200}, 0x7)
ptrace$auto_PTRACE_GETSIGMASK(0x420a, r1, 0x6e3, 0x1)
ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptyzf\x00', 0x2200, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
io_setup$auto(0x7ffe, 0x0)
io_setup$auto(0x7ffe, &(0x7f0000000000))
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0)
syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, r3)
write$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000200)='5', 0x1)
capset$auto(&(0x7f0000000340)={0x19980330}, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x40841, 0x8)
io_uring_register$auto_IORING_UNREGISTER_PERSONALITY(r0, 0xa, &(0x7f0000000180)="221aa2a2e1a47c16e9b935b36eb66fa98ca6d90b78e1fc1799ad1e15807c54f58fa1ee6c6927048cbda12b4e1ad0336a4b88db6e5c7e4fedd6852f33d0b576", 0x2f)
socket(0xa, 0x5, 0x94)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dri/card0\x00', 0x6c800, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)

1m37.883019891s ago: executing program 2 (id=1371):
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/tty53\x00', 0x200, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x109302, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0)
select$auto(0x7, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x0, 0x1, 0x2, 0x3, 0x95f4da0a, 0xefffffffffffffff, 0x3, 0x62, 0x80000001, 0x10000000000004, 0x6d40, 0x1, 0x2, 0xfffffffffffffffe]}, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x2b, 0x1, 0x1)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
mmap$auto(0xf87f, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000)
ioctl$auto_USBDEVFS_DISCSIGNAL(0xffffffffffffffff, 0x8010550e, &(0x7f0000000040)={0x6, 0x0})
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, 0x0, 0x4)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
r1 = socket(0x2, 0x1, 0x84)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
setsockopt$auto(r1, 0x10000000084, 0x19, 0x0, 0x8)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)

1m36.789779175s ago: executing program 2 (id=1374):
r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/dev/audio1\x00', 0x100000a3d9)
openat$auto_virtual_ncidev_fops_virtual_ncidev(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0xa, 0xecc6, 0x0, 0x7352, 0x2d, 0x200000000045f, 0x6, 0x7, 0x3, 0x2, 0x9, 0x36e, 0x6, 0x2, 0x3000, 0x9, 0x8, 0x10003, 0x8, 0x1, 0x0, 0x5, 0x1ffb, 0x203, 0x400, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xffffffffffffff00, 0x0, 0x0, 0x0, 0x3ba0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffff3, 0x0, 0x0, 0xffffffffffffffff]}, 0x9, 0x11)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r3 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
memfd_create$auto(0x0, 0x7)
mmap$auto(0x0, 0x40009, 0x0, 0xfffffffffffffffa, r0, 0xa8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}}, 0x40000)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
rt_sigqueueinfo$auto(0x0, 0xc74, &(0x7f0000000000)={@siginfo_0_0={0xf9, 0x14, 0x7e73, @_timer={0x0, 0x80000001, @sival_ptr=0x0, 0x5}}})
r4 = socket(0x11, 0x3, 0x9)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001080), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r8=>0x0})
sendmsg$auto_NL80211_CMD_GET_WIPHY(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)={0x1c, r6, 0xb81, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000084}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f00000003c0)={&(0x7f0000000080), 0xc, &(0x7f0000000380)={&(0x7f0000000140)={0x24, r6, 0x200, 0x70bd29, 0x25dfdbfd, {}, [@NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0xa}, @NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0xb}]}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x20044400)
sendmmsg$auto(r4, &(0x7f00000001c0)={{0x0, 0xa013, &(0x7f0000000100)={&(0x7f0000000140), 0x49}, 0x4, 0x0, 0x5, 0x1}, 0x1}, 0x5, 0x100)

1m36.504198023s ago: executing program 1 (id=1375):
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0)
socket(0x2, 0x1, 0x106)
mq_getsetattr$auto(0xffffffffffffffff, &(0x7f0000000000)={0x81, 0x25, 0x5, 0x80}, 0x0)
r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0)
ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0xc0)
socket(0x1d, 0x2, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000580)='/dev/audio\x00', 0x0, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f0000000000), 0x8a001, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'wlan0\x00'})
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, 0x0, 0x20000040)
sendmsg$auto_NL80211_CMD_SET_BEACON(r3, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="64010000", @ANYBLOB, @ANYRES32=r1, @ANYBLOB="0400bc800400748008000600b1000080000000000000000000"], 0x164}, 0x1, 0x0, 0x0, 0x8015}, 0x4000000)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
ioctl$auto_UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000040)={{0x0, 0xf2cf, 0x1ff, 0x4}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0x8})
ioctl$auto_UI_DEV_CREATE(r0, 0x5501, 0x0)
write$auto(r0, 0x0, 0x5)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/module/pvrusb2/parameters/vbi_nr\x00', 0x200, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/vkms/graphics/fb0/rotate\x00', 0xb02, 0x0)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000240)='/dev/usbmon32\x00', 0x640, 0x0)

1m36.227692113s ago: executing program 2 (id=1377):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x406, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0\x00'})
close_range$auto(0x0, 0xffffffffffffffff, 0x2)
socket(0x2, 0x2, 0x0)
r1 = socket(0x28, 0xa, 0x4000001)
connect$auto(r1, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
socket(0x15, 0x5, 0x0)
r2 = openat$auto_dma_buf_debug_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x181000, 0x0)
pread64$auto(0xffffffffffffffff, 0x0, 0x5, 0x5)
pread64$auto(r2, 0x0, 0x7ff, 0x800)
ustat$auto(0x80000803, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000600)={{@raw=0x7, 0x40003, 0xcf, 0x8, "16a0d89bf208384515b5375a677609aa3bc73727bb450000a2fca999d5797ab7a10a4d2bc341c4bd369ae535", @raw=0x1000}, 0x1, @enumerated=@item=[0x0, 0x7, 0x800, 0x10001, 0x0, 0x5, 0xc0000000, 0x80000001, 0x8001, 0x3, 0x0, 0xa9, 0x1, 0x8, 0x3, 0x4, 0x3, 0x0, 0x4, 0x0, 0xe, 0x200001, 0x81, 0xa705, 0x1, 0x149, 0x8000, 0x3, 0x2, 0x3, 0x401, 0x3, 0x5, 0x40, 0x3cbc5dce, 0x7, 0x5, 0x5, 0x8b, 0xa, 0x80003, 0xfffff016, 0x8001, 0xb89e, 0x2, 0x1, 0x0, 0x6, 0x80000000, 0x2, 0x10e1, 0x0, 0xf, 0x8, 0x7e6d, 0x6, 0x10000, 0x3ff, 0x80000000, 0x3, 0x1, 0x1, 0x441, 0x6, 0xf35b, 0x1c5, 0x9dd, 0x5, 0x4, 0xc7, 0xd5, 0x401, 0xffffffff, 0x0, 0xc7c, 0x7fff, 0x1, 0x0, 0x3, 0x4000000, 0x6, 0x1, 0x7fff, 0xcb4, 0x6, 0x18, 0x2, 0x1, 0x6, 0x7, 0x6, 0x9, 0x698, 0x0, 0x1, 0x1, 0x0, 0x975, 0x2, 0xffffffff, 0x4, 0x5, 0x3, 0x4, 0xffffffff, 0x3, 0x9, 0x7ff, 0x6, 0x0, 0x2, 0x6, 0x8, 0x3ff, 0xfff, 0x8e, 0x6, 0x100, 0x7f5e, 0x8, 0xfffffffe, 0x100, 0xffffffff, 0x7f, 0x8000, 0x400, 0x1], "f3fadb90a56b67d92a5b28b4b23f332550b1e5454e2027fb1a37efe81bbc27deaf7c3100aab088cdb3b40dad335c9174f18934845ac3152fef1e0f42b42471efc0225a4ebe7e05ce3d4ab429805d5921633ffbce8f1a82ff9dec6c288f431cb7005b85ca8633c55d49bbdf4bd9cac1046064001bca7ba37e4b5eacf1940c9a78"})
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/dummy0/mtu\x00', 0xe3182, 0x0)
sendfile$auto(r3, r3, 0x0, 0x2)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r4 = socket(0x1d, 0x3, 0x1)
getsockopt$auto(r4, 0x65, 0x5, 0x0, 0x0)
setsockopt$auto_SO_ATTACH_REUSEPORT_CBPF(r3, 0x8000, 0x33, &(0x7f0000000040)='/sys/kernel/security/integrity/evm/evm_xattrs\x00', 0x9)
write$auto(0xca, 0x0, 0x1ff)

1m35.712443075s ago: executing program 2 (id=1379):
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = clone3$auto(&(0x7f00000002c0)={0x4, 0x9, 0x1, 0x2, 0x8000, 0xffffffffffffffff, 0x7, 0x3, 0xffffffffffffffea, 0x8, 0x200}, 0x7)
ptrace$auto_PTRACE_GETSIGMASK(0x420a, r1, 0x6e3, 0x1)
ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptyzf\x00', 0x2200, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
io_setup$auto(0x7ffe, 0x0)
io_setup$auto(0x7ffe, &(0x7f0000000000))
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0)
syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, r3)
write$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000200)='5', 0x1)
select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x8, 0x4, 0x2, 0xb, 0x1, 0x4, 0x0, 0x7fff, 0xa, 0x193, 0xfffffffffffffff9, 0x3, 0x5e4, 0x1000, 0x1, 0x1]}, &(0x7f0000000380)={[0x8000000000000001, 0x5, 0x1, 0x10001, 0xe, 0xf, 0x5, 0x3, 0x59fc8000, 0x200006, 0x8000000000000000, 0x3, 0x800, 0x7, 0x1ff, 0x5]}, &(0x7f0000000280)={0x6, 0xc8})
open(&(0x7f0000000040)='./file0\x00', 0x40841, 0x8)
io_uring_register$auto_IORING_UNREGISTER_PERSONALITY(r0, 0xa, &(0x7f0000000180)="221aa2a2e1a47c16e9b935b36eb66fa98ca6d90b78e1fc1799ad1e15807c54f58fa1ee6c6927048cbda12b4e1ad0336a4b88db6e5c7e4fedd6852f33d0b576", 0x2f)
socket(0xa, 0x5, 0x94)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dri/card0\x00', 0x6c800, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)

1m34.517382162s ago: executing program 1 (id=1382):
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = clone3$auto(&(0x7f00000002c0)={0x4, 0x9, 0x1, 0x2, 0x8000, 0xffffffffffffffff, 0x7, 0x3, 0xffffffffffffffea, 0x8, 0x200}, 0x7)
ptrace$auto_PTRACE_GETSIGMASK(0x420a, r1, 0x6e3, 0x1)
ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptyzf\x00', 0x2200, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
io_setup$auto(0x7ffe, 0x0)
io_setup$auto(0x7ffe, &(0x7f0000000000))
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000200)='5', 0x1)
capset$auto(&(0x7f0000000340)={0x19980330}, 0x0)
select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x8, 0x4, 0x2, 0xb, 0x1, 0x4, 0x0, 0x7fff, 0xa, 0x193, 0xfffffffffffffff9, 0x3, 0x5e4, 0x1000, 0x1, 0x1]}, &(0x7f0000000380)={[0x8000000000000001, 0x5, 0x1, 0x10001, 0xe, 0xf, 0x5, 0x3, 0x59fc8000, 0x200006, 0x8000000000000000, 0x3, 0x800, 0x7, 0x1ff, 0x5]}, &(0x7f0000000280)={0x6, 0xc8})
open(&(0x7f0000000040)='./file0\x00', 0x40841, 0x8)
io_uring_register$auto_IORING_UNREGISTER_PERSONALITY(r0, 0xa, &(0x7f0000000180)="221aa2a2e1a47c16e9b935b36eb66fa98ca6d90b78e1fc1799ad1e15807c54f58fa1ee6c6927048cbda12b4e1ad0336a4b88db6e5c7e4fedd6852f33d0b576", 0x2f)
socket(0xa, 0x5, 0x94)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dri/card0\x00', 0x6c800, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)

1m20.216229332s ago: executing program 33 (id=1379):
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = clone3$auto(&(0x7f00000002c0)={0x4, 0x9, 0x1, 0x2, 0x8000, 0xffffffffffffffff, 0x7, 0x3, 0xffffffffffffffea, 0x8, 0x200}, 0x7)
ptrace$auto_PTRACE_GETSIGMASK(0x420a, r1, 0x6e3, 0x1)
ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptyzf\x00', 0x2200, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
io_setup$auto(0x7ffe, 0x0)
io_setup$auto(0x7ffe, &(0x7f0000000000))
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0)
syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, r3)
write$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000200)='5', 0x1)
select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x8, 0x4, 0x2, 0xb, 0x1, 0x4, 0x0, 0x7fff, 0xa, 0x193, 0xfffffffffffffff9, 0x3, 0x5e4, 0x1000, 0x1, 0x1]}, &(0x7f0000000380)={[0x8000000000000001, 0x5, 0x1, 0x10001, 0xe, 0xf, 0x5, 0x3, 0x59fc8000, 0x200006, 0x8000000000000000, 0x3, 0x800, 0x7, 0x1ff, 0x5]}, &(0x7f0000000280)={0x6, 0xc8})
open(&(0x7f0000000040)='./file0\x00', 0x40841, 0x8)
io_uring_register$auto_IORING_UNREGISTER_PERSONALITY(r0, 0xa, &(0x7f0000000180)="221aa2a2e1a47c16e9b935b36eb66fa98ca6d90b78e1fc1799ad1e15807c54f58fa1ee6c6927048cbda12b4e1ad0336a4b88db6e5c7e4fedd6852f33d0b576", 0x2f)
socket(0xa, 0x5, 0x94)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dri/card0\x00', 0x6c800, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)

1m19.384677977s ago: executing program 34 (id=1382):
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = clone3$auto(&(0x7f00000002c0)={0x4, 0x9, 0x1, 0x2, 0x8000, 0xffffffffffffffff, 0x7, 0x3, 0xffffffffffffffea, 0x8, 0x200}, 0x7)
ptrace$auto_PTRACE_GETSIGMASK(0x420a, r1, 0x6e3, 0x1)
ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptyzf\x00', 0x2200, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
io_setup$auto(0x7ffe, 0x0)
io_setup$auto(0x7ffe, &(0x7f0000000000))
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000200)='5', 0x1)
capset$auto(&(0x7f0000000340)={0x19980330}, 0x0)
select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x8, 0x4, 0x2, 0xb, 0x1, 0x4, 0x0, 0x7fff, 0xa, 0x193, 0xfffffffffffffff9, 0x3, 0x5e4, 0x1000, 0x1, 0x1]}, &(0x7f0000000380)={[0x8000000000000001, 0x5, 0x1, 0x10001, 0xe, 0xf, 0x5, 0x3, 0x59fc8000, 0x200006, 0x8000000000000000, 0x3, 0x800, 0x7, 0x1ff, 0x5]}, &(0x7f0000000280)={0x6, 0xc8})
open(&(0x7f0000000040)='./file0\x00', 0x40841, 0x8)
io_uring_register$auto_IORING_UNREGISTER_PERSONALITY(r0, 0xa, &(0x7f0000000180)="221aa2a2e1a47c16e9b935b36eb66fa98ca6d90b78e1fc1799ad1e15807c54f58fa1ee6c6927048cbda12b4e1ad0336a4b88db6e5c7e4fedd6852f33d0b576", 0x2f)
socket(0xa, 0x5, 0x94)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dri/card0\x00', 0x6c800, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)

33.767276971s ago: executing program 4 (id=1490):
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
ioctl$auto_TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptya5\x00', 0x62c00, 0x0)
openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x101001, 0x0)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000500)='/dev/tty34\x00', 0x2200, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x4, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
mincore$auto(0x1000, 0x8001, 0x0)
unshare$auto(0x20000080)
connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710}, 0x10)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
munmap$auto(0x20001000, 0x7fb3)
ptrace$auto(0x10, 0x10000000000001, 0xffffffffffffff56, 0x868f)
capset$auto(0x0, 0x0)
select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x5, 0x100000003, 0x9, 0x6, 0x1ff, 0x100000000, 0x3, 0x4, 0x401, 0x0, 0x8, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x8, 0x8000000000000000, 0x2, 0xb, 0x1, 0x9, 0x0, 0x7fff, 0xa, 0x18f, 0xfffffffffffffff9, 0x3, 0x5a4, 0x1000, 0x80000001, 0x1]}, 0x0, &(0x7f0000000280)={0x10006, 0xcc})

30.661338934s ago: executing program 4 (id=1496):
r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x2, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7fffffffefff}, 0x7)
write$auto_sg_fops_sg(r0, 0x0, 0x0)
syz_clone(0x40100100, 0x0, 0x0, 0x0, 0x0, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x129302, 0x0)
init_module$auto(0x0, 0x275e, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$auto_OVS_CT_LIMIT_CMD_GET(r1, &(0x7f0000002040)={0x0, 0x0, &(0x7f0000002000)={&(0x7f0000004540)={0x70, r2, 0x1, 0x70bd27, 0x25dfdbff, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x4}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x58, 0x1, 0x0, 0x1, [@nested={0x54, 0x11c, 0x0, 0x1, [@nested={0x50, 0x90, 0x0, 0x1, [@nested={0x34, 0x9, 0x0, 0x1, [@nested={0x2f, 0xa4, 0x0, 0x1, [@nested={0x8, 0x64, 0x0, 0x1, [@nested={0x4, 0x146}]}, @typed={0x8, 0x136, 0x0, 0x0, @uid=0xffffffffffffffff}, @typed={0x14, 0x87, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @broadcast}}, @nested={0x4, 0xca}, @generic="c375af"]}]}, @typed={0x11, 0x7, 0x0, 0x0, @str='ovs_ct_limit\x00'}, @nested={0x4, 0x14d}]}]}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
madvise$auto(0x0, 0x8000000000000000, 0x15)
madvise$auto(0x0, 0x2000000080000001, 0x3)
capget$auto(0x0, 0xfffffffffffffffe)
write$auto_ocfs2_control_fops_stack_user(0xffffffffffffffff, &(0x7f0000000280)="16c8ae39519bbe7a253b302a6c81a04860426be36aeb99776aa7d3b33c38351cc5e8272e595bab60ffdb32d15924bc60d45976da67d6b4f371ca226225857acb4e5b4f09456946b869fc1b01bb0602285368c084334b0678e13ed49d8d52533df3fe6b48d1c99f83c613ff7be83f42fdccf2bdd1628aebde9d3429813ef8aada", 0x80)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff)
openat$auto_transactions_fops_(0xffffffffffffff9c, 0x0, 0x40, 0x0)
sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, 0x0, 0x4)
sendmsg$auto_HWSIM_CMD_REPORT_PMSR(0xffffffffffffffff, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f000000e940)={0x1410, 0x0, 0x1, 0x70bd2e, 0x25dfdbfd, {}, [@HWSIM_ATTR_PMSR_RESULT={0x13fc, 0x1c, 0x0, 0x1, [@NL80211_PMSR_ATTR_PEERS={0x4}, @NL80211_PMSR_ATTR_PEERS={0x4}, @NL80211_PMSR_ATTR_PEERS={0x1e4, 0x5, 0x0, 0x1, [{0x4}, {0x1b8, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0x4}, @NL80211_PMSR_PEER_ATTR_ADDR={0xc2, 0x1, "f9c0c09a26a82088d391388ac08f88ff5c7eda1de9a413c6b299c8e8db869bde5259c57ec0901b0b12c585b45fe3d3ffd84837cf2a5656735de72833c7cb2395056572c593a80ea13aefc00656b52c6123637e24c07e8e1a573643b4b09d79408bb565786e80ed406e0f12e900cd0c5c9344ae233af6bd539732b044f8bb9d2a787bfb86f03d5320ec8f73ec6a348e941f5c869b206da5d1d0e5ad70025731fb96f15bd3c806e774e98443c437fca25205a4aa05c21511a00cd6efafb629"}, @NL80211_PMSR_PEER_ATTR_ADDR={0xec, 0x1, "eb56b20a432169773a97c5bef2bcfdc65f8d9bdcae114a5486cec80dd07a6206ec94a9df711db2df72c535425db9f906f03ad41f350b4e561cb9c7410f3bd72463f84a930586c7c711a61b29f202eab5f9d803ed187196e9823ce82ba3a3a07cca9a6292eed34e2488a09052eab7a445c9c14c85966c980018ed3807aca8b10bf660f9285d0bad825f2ee31460abca1da5dde6e236ea5892f5b3e4d47593f8ef445015705fbe6f8ddd0cf829257f3b6abdb8648b5c891ca5d572f64557d36860f70f6f5e9a01f63a20940abea3933fdaa670c20a9087698c292e1b33f3ff9388ab1d73d2730fc997"}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0x4}, @NL80211_PMSR_PEER_ATTR_ADDR={0x4}, @NL80211_PMSR_PEER_ATTR_RESP={0x14, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0x3c2}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0x4}]}]}, @NL80211_PMSR_ATTR_PEERS={0x4}, @NL80211_PMSR_ATTR_PEERS={0x4}, @NL80211_PMSR_ATTR_PEERS={0x1204, 0x5, 0x0, 0x1, [{0x1200, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0x1004, 0x1, "321b7aca9fb76548bcc8b17eb767f53bdb8c9918a0744267a56555a1af7b5a36bf981d3379a0f2bf9a04415e6079bc617fea4d7e1dab91f2f423e04e2e567bcb13f31ec75c69c4c26dd18eb13501ce8a961496c5e01d1b81a35a7cbfcf692958e96384f6c403026944b0624f77d2ce922a028f08e110d9e59c4ca555c8256921d10a40b5ad40a9491816bf4491e371a362c4893c693623e6486233e795adb58a0ed096b735f68b8381e16dcb675934060cc3a288a4888297b68968321a664bcffe647a976061e316ec20d7c49a77370305bfe1688f1afc44ed138632034df403938a857a89566efc65b4128ac547573f4de51c2b7795bd78d5ee57cf92e1e1162d41805f87837ee246bbba7f1b6aa58d99466e017e68ff1265ad7ba81bb76dfd4616b267f88721af500c48477bd637c30dd86ff85da6e6cda8d7bd124bfa31dca8f296191f23890bbf340ddf1b601c4ad19020cbbb803ab013c9329d696da8b8ef4cd264aa833ed58909bc0abd47f896f368c5cc12e0ef9bb0a92a2e626062575973c31b722fb6d95ab442364142ec8a0c456257be6c8ac5a92be45ceee724cd76e49f4b75a285ab406a7596add4bfd342ef07f41402931be55a0bd82f2fb4970e71b81e6e947c355eacdd8731829087ec189d15664388b1874a12327560d2351c1621aa121f44da1afcafce1220b9951b2a011ab656b17f4ba890cfd643046572c7d9310b3988122eeef0f963eff64aca9099fc4ba930c89225d59864ddb8650517683bc5209dc4ca7e00685f6771a13e5c70efabd06c796fffe159fa393cae501ebcb4a6e614ac168c0c1dedfad57cbbed8f115b6e2c73a4f67a2d4780e04e664b5abf8320c8f678c548e9045ea98344886473d8ecebe33adeaa6b86177db72f119c3f6c059f899ff2088ba71ec2e241a6f2e1c70422aafd3b02708dbd0e007e2b0cbfc0832ff89638dd1a5ebd72bbe10caa806990242805bd2a45ffd72ca837c6e6ccf8176bd7cc48a982aafdc2df999d79992f477a18810301a5ad9ba362922ccd4a55108da1c7478fa416e70434f9a5528ae035058d3d4de4457cc8aac766b1e2361141da3361b874f8280b491028144f7db98ed03e9b96210a60aebff5af4528f95e2ebf1ce969e96f109be0bd25e77ff855c1658bd850b003b6546a052cc4d6f9451accd22e818aa6a151788a946c4a334a645ee99b6d5c9fffce1103bd3b4c1795d950732f5e759598ec0d7a95d54cd92882332ea3f36d63a1725cef9af7f05dfbf99c3bef83262642bedb8b909f0af9e552d248615c045385d9fb6ad4d7bf1204500fe1df0a1a1ed1a908df909ef6c73ffb3342c2c9d5478706756207b4715404a766ad32c1c8e78cf86e2011fc92f9ade7b31c80f7760be20d541b525db8ebc9e521d5ccc33a43e89926b0a7f4848cb7e0d537cdaca37d8c3ab47a1999f1c82d66e146f8b2e492193b9bedb76ea6f738a45dbf8d6c90a327dda25782e132be1235c32fea791e528cf136ab0d4c5a8f3ce7e04766fb9c5ecfe3d1fcd4469191179a9b7f87881fc3236fea86302ede8c4ff79a177bbf5160e9a6b7eb516d9e566dd2768dd78b67bf8ff619db94563798c0c5a2e39804f7da7350521391fe1011f9c647fdaca45ccccb12149b4b0ae69c2d67730b3bd0dd20607f6d2ba94c53b0e0f9ffe8d46e7af14d5b55b65864e91a8031c4b3d85938629eb1f86f2aeb5e7ae808f2ab070ab3daa6308abaeb6c274941ef8aa08cdd2d4eff09b09d31ad3cfffe4c71520e88821d2aa4ef96c2453e80efeb901e10cf34c801f69aa4dbb3b3450fe6d86c6faac6013afef69587c4195a59528ee60322f7e36946e4d2b49d3a9e0ea47c290737ee3ba1e9bd3cf4fb7b61058c4e4532ec1fcced3053c8d8db97b09fc988a88ef5a0b245d317caa227d072c71d28d9cd6ccd9b8bce3750371264efce292afbcfefb7796b32b7e0ffa1ea57e43d101224f896c86e4eebc821bc4f96c780e28b4d81740876530e77fa10f666d35e511f4e5da713203618415f21042bb6fa3aa18dc5777e71d8090197f4809d143ee29a56310d7ac05e5f13f2a57b7ef4d1a5f4124eeed04eab2c8d4477c587fc1b36969f756e544d021f24b1dbc92243de2a7923b3046f0dda95403c3ca72151d095d3af12dc07f7260fc36e825743d1ffcd6f292bed05710ad62a43d27bf24043299a3544f24d08af61fd49f8191d02bfffc1a8cc0a83dcd867f5cf4696e785c1c0fd207e42d048f6051099ade7444727611a096d30086613e1fbbc5c684e907500555432732cedfa4e316393effed9a864208bb1fee7d626bbeebedd099d942be9b7676093de570e8a39c1325ffc8da86cfb8c434b23b9a4f9f9147c4b8c7da7c74986e9e044eb4750e2bd8ca20d006fddd9a76d20cb820bbc486f3eae54235011b560de26612529c45a6e354aed6f8bccba25bef09c70d93af3692a3d3c4496b53df90a296221a1bfbd8b5489be4d4319e33afc413967619e6b2f9777f78ab6e9664a00d364ee7b063e8d8fed871b50b86a412a0429634cdc6727579dd87496b2a5c8618d8cb769790016a24d63fb32ef31a5e81f987d92694c6971425a0c8c608c9ed51b0a8d8c7598a30b469434f714cf86a29c6d75388cc755d72ed730d74572ea3d3531ff00b8bdae70a1773568e16f001a34ad2ae390d5f57dee4850678e68438295682dbbf86f8bf97b18411054f1ee559c35c8144a7e353c936588dbed9fe7ab0f38540d6cd2d5ac2ceb55054f563e269c26180312f3098eff692b2948ab457508ac9aba5bf45ad32e7d7d4d4be1a517589293dc09c3fb588d2e2a7f9df0b3bb865feb5ca15cafb9c004bc262102bf6d129fb52f19b9ce81ba5c1d9f636841e20f626f7fa2fd8c34c32ef1c458772bc17f453df77c9e320d2d01c6feeb0f9b4fa4c488c35fcf0ca3d691a9198ac5f4b732dc37e3f7be78db29497e31c98fa6133c6c9b9db71b28339385383706843fa24528e422cdb2d54a2d9764cacac4e162aa939384fbfb4aac1affd6fd466f9ed743a73bd52bfc902a63e2bb5e0317b4f2673c5d8ce1d9cd0f9af008502936344d06714094b0c8b621e101da020d746f3126e52ccd24e32c1c81db8ceaf6f70d17b3754c3508292e3dfabc60565ba388b252892066357686f98cd8118f4ad35c445cdfd255a81ad16471c2a96705b34239f6b0a01d15caf55b551bd6977a2933fede3f03e556b6d8fb453dac846fa8ec9fb1fee70612d646708fbbcbfb780bd562ad926d2cc8123c3b88e67e037ab9565222a46e0152ebd47dfa9c8d92b810cd8cec159dc3b7c9f94adf1a285e5783cf1d19537ef7a18212029a778d9815038ce74da4ce3908e7b29f2b1e3c229d5185130634a3ea615a42c2d148e81d340ceee68c0ee070eb2352e7848f9689a30ed02c63fa10b5d6419edd8d5e14aa8fa8ffd48be5cec7d84a4b1069a77d68ddc70c4f5893feb62d54d3fcb616f9eed193170b9e9b1db8957abb5af4b1b2d15de0344349b27505f2b699cfb5302442c65bbebc5f7d6db03b2af37542dd40a0f78d56f1ad8a9acbc533144d7db3d3fd58f408df6ebfc4eb9c4a0789c0ddf7c43762d54237324d70b72b6204e69b43fbdaaecf88c5c901f9f91c6545d9bbe414a6be80de0e474cc92023e56ab90534cae51fd0afe5b68177c44e4361ab251c2b836bcc54ebd7713f1f6682b94f9b40496116f1e2bccf8297b06f04cd5eb717f00057e59b4abd247137951b76ce1de3959ac9130458432b208893686fc49746d32dcf5c92aa14d13f3ff8c628782ea9204e97c602099bde07734e1dc8270c90de3935bc3c41268286e2007edf96a2de84ec1c6a51773cb6cb68029e00941be0c4b2b3f6c19f312019b3df27d55acbaff940fbb877ea8588a00183e1fcb1708f285a7b4e26f9bc094e8a09398e664a2d69d72cdb5d63ee1f4b937c55f64f57b5e172c8252fc49a8de9cec86788644cc8eebb447a89b883685599e5685dc047f29e9f63602212e63037707f15f11eeb4b2fe70202ddbee19df5e4f287562d626d397d2858c75f85d49642baa9987c82bc9755b769ab94eebdc7f5f862c7f7fb20b0f24db6a2e0a4d5956ef7df94892ab28ffcd6b9922eb8e9ec8373d1a35d4d215d4ef01c35a9c6457e0b5c10620c512afee4fa5c48a848d888093842a543a08d00a41eb5df5687927f8a8651b740b4a4a6e1c51d09e00f5f8b6d95a0aafdd3c57cd5712f71861b271726aac570487d3915d0a19982cf7fa20b3c06c7ab65f055520711271c72fa3b5ee29f606e5bc61b1ed1594fd90bc883e299d519a335e4b20a31e37b33f062a44da067790c0c4946877589d4c4cbe153236489235c39161e25cff087c43c2d885b0c33b51e8de58ab8fa5d20c0a07f966b6163f558cf5e8c42bc3ef4b06759ad6328f9400409015fc62d8607c686247070e1494369767447f4f92bfaa0dde15f74f258fc48633bf6fb5ec1d57c6ce29eceb1d33cb94f6e3e584e7cb4c8da7b82090f69de8aa99117067c1f9f01ec2a3e09cd4fbebc87287dad6ab04f47201988f8ef8bf2924184eaee17950072aed91f43ee8e54b06e57a5a4fdc66168c605819720880b6ec7e0685f46e87688b5b13bb0ab8e1a89078f5166e42c344497a0bee104022f3fda0e10a4eace1430b75002afadff68877aeba455548d9590ff8e4e66e317b5af4614689f279b35f370a72e0c4f3e680e27ed0df93a6b4b73f6ebfa07028b5f7d27e8105f2087687149c4ce8adeed30678f1c0ee4334883197caacd21759bf15ca2fcc8636e989b589e87a441df7eef8f5cbfe3d28e53b6cb61140d3f3948d1a7b63f62033873b4b2244636f95a5bb5bd9055d9965ebee4e7629c190e4ec7c55ba59a9d265b515a73a9777066fc97bf0cec16cb952fd4e6fe86c0c180c376e83b3f44bfd264d45ce336dde17ef05153ea8d6134dc3ccd38e116836e8d3ace22ddda20e7a17ab6599021b0f2040af12c69bbe83db650621e204efa30470dbcf126db328e36614075dc8c6f29c81a47a872e0670fb5c2a0ad6ab84acf8c35feb6a83b1f91861b729776a05f19bcfb83c2b2830c903e11570dbb0f97be54b715aeb18b6002de9ad4ed1af298f7370ec937c46d7c3b187048a3da6c8523b0293e5b8b2eaa3bdf3d83218fe1008c66f78f3f27405507f947eacc8cba42d445a8598afcd8a246585c621882adb53772c95da40bbed46431f3c037f0e0ada1422c0f7a43a21a0ed4f47f7e8466f9087b72431f94b931dd5a654f01c2cc57db995f3c9cc90d4cdcf91b369b6d23f731a2ca07e05eaf8638b9fd5e7539c49551d4d6ec9ab625845c929e114aa4c4b5511f607788724b1978351d2f7f340ba3b9026de97bd5fad3efbad6f0630b4a8d03fd96cb78784e58dff8e7b08895f6146719530cd9e9f7cb56264bc3125c44d78dbe1a8aae24ffe1c38e4d7ddb5e7c21f63a4507f28993eb6cd62787dfc26d4a4869e3d19fb640ddc6e70bcf1884bbb179fc3a3d0911d27e2026e685795b2b6e34d0b091c6d677d300906dd314201e30676f7eac3f863ba9f52e957ddd3c33e84f24831167b2e9e69b81c3a7d60e6da8bc39fd28daccf4ce3385b95b3281b5ae377f2f5d770960b0fe421c7798fb2e341b7d17649fc19182954cf200a89f497198ba174fccf889f01e6b4cd102fd8131376beb9baf969e1289712db211997ffa8eab308ca92a0cff1abb5182f9ad41dec3a0e625d22d0ce940d38678a228ac7b09b6992df568ecc6681e8fbdefeacc0c0dc7747e"}, @NL80211_PMSR_PEER_ATTR_ADDR={0x48, 0x1, "cd4393be72d792576aa7f6664b2ba892f483a528e0b264c88c3d678944e7823e45a70dfc0e6e26002b7170ad72d0a2bc3946a72ebc9e915525d4f77ae8ce13282880aba4"}, @NL80211_PMSR_PEER_ATTR_ADDR={0xe6, 0x1, "b0ea79e134e3c694f031a6fbfa6acf663a01f508591b03044ab58038ec62f3405ec292cce80686a239ecd4f13d063932c2f312ecc43555b1c1c8a765dfca0334ec484930e6a4cd5d369f06d85f61bd8be9a6b49c903cc53e077afcbb9a120d578be017987bdc36be8d62e21db64113a24ba59acf497bce6553afb2b9a300c890a76e6b02437d3265a2f147213dbbbbaad04c441ad30e3ad00760a6495935e305b98c5fea43a523883a6f7f871469f236f703b4c9bf83552a2b12e1fdaed7ce54ddb63ff6c729a3427c5853c4ab6943055e1ceaa8be47a43e2869de32d2c53f15b0b3"}, @NL80211_PMSR_PEER_ATTR_ADDR={0xc8, 0x1, "db189fc87094e9a7476b81618b78ad9c51f2bbc09b28219e4d46d3c8c7fad8b015a1b95bfdcda01dcca7b6d0087fa6d9f0340934ba15f47e8b39e2b996a798de62c6d776723269e5caf2aefea30f8d6565a7371c5b20d8d8e903d0d9d3cf056d367d7a21621a080d46bfc76956cd2a46b8620d3ba910f383616079b52dfd0fda5f25aa632b19be4cddc7890cc7115914fbc04b31413a527a54348b36510d22a473c1586ef2a028a35c9b3d9e87fcd965e657a07ea06c1833b430fd435cf086d3cc3695c2"}]}]}]}]}, 0x1410}, 0x1, 0x0, 0x0, 0x4}, 0xc895)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0xf, 0x3, 0xe)

28.578664057s ago: executing program 4 (id=1499):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/orangefs/perf_history_size\x00', 0x1182, 0x0)
mmap$auto(0x0, 0x4, 0xc00000072, 0x8b72, 0x1000000002, 0x8000)
r0 = timerfd_create$auto(0x8, 0x800)
read$auto_ppp_device_fops_ppp_generic(r0, 0x0, 0x0)
io_uring_setup$auto(0x86, 0x0)
prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x6)
socket(0x10, 0x4, 0xffffffc0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948e, 0x3, 0x15f4da0a, 0x3, 0x3, 0x8, 0x0, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x120e2, 0x0)
write$auto(r2, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETPOLICY(r3, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010325bd7040ffdbdf250a0000000c0002006e6c383032313100"], 0x28}, 0x1, 0x0, 0x0, 0x30000881}, 0xc040810)
write$auto(r2, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7)
r5 = socket(0x10, 0x3, 0xa)
sendmsg$auto_NL80211_CMD_EXTERNAL_AUTH(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYRES16=0x0, @ANYBLOB="00012cbd7000fedbdf257f0000000600f700050b00000600b10005000000"], 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x10)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
shmctl$auto_SHM_UNLOCK(0x7f, 0xc, &(0x7f0000000440)={{0x1ff, 0x0, 0xffffffffffffffff, 0x2, 0x1, 0x0, 0x1000}, 0x8, 0x3ff, 0xfffffffffffff464, 0x6, @inferred, @raw=0x4, 0x1, 0x0, 0x0, 0x0})
r6 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/pagemap\x00', 0x0, 0x0)
readv$auto(r6, &(0x7f0000000400)={0x0, 0x40}, 0x6)

26.597494937s ago: executing program 4 (id=1506):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00'})
socket(0x10, 0x2, 0x14)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x11, 0x80003, 0x300)
socket(0x10, 0x2, 0x0)
socket(0xa, 0x801, 0x100)
socket(0x2, 0x80002, 0x73)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x2, 0x3a)
socket(0xa, 0x2, 0x0)
socket(0xa, 0x2, 0x0)
r0 = socket(0x10, 0x2, 0x14)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14af"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r0], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x240008c1)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x2}, 0x3, 0x0)

26.187008945s ago: executing program 4 (id=1508):
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = clone3$auto(&(0x7f00000002c0)={0x4, 0x9, 0x1, 0x2, 0x8000, 0xffffffffffffffff, 0x7, 0x3, 0xffffffffffffffea, 0x8, 0x200}, 0x7)
ptrace$auto_PTRACE_GETSIGMASK(0x420a, r1, 0x6e3, 0x1)
ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptyzf\x00', 0x2200, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
io_setup$auto(0x7ffe, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0)
syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, r3)
write$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000200)='5', 0x1)
capset$auto(&(0x7f0000000340)={0x19980330}, 0x0)
select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x8, 0x4, 0x2, 0xb, 0x1, 0x4, 0x0, 0x7fff, 0xa, 0x193, 0xfffffffffffffff9, 0x3, 0x5e4, 0x1000, 0x1, 0x1]}, &(0x7f0000000380)={[0x8000000000000001, 0x5, 0x1, 0x10001, 0xe, 0xf, 0x5, 0x3, 0x59fc8000, 0x200006, 0x8000000000000000, 0x3, 0x800, 0x7, 0x1ff, 0x5]}, &(0x7f0000000280)={0x6, 0xc8})
open(&(0x7f0000000040)='./file0\x00', 0x40841, 0x8)
io_uring_register$auto_IORING_UNREGISTER_PERSONALITY(r0, 0xa, &(0x7f0000000180)="221aa2a2e1a47c16e9b935b36eb66fa98ca6d90b78e1fc1799ad1e15807c54f58fa1ee6c6927048cbda12b4e1ad0336a4b88db6e5c7e4fedd6852f33d0b576", 0x2f)
socket(0xa, 0x5, 0x94)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dri/card0\x00', 0x6c800, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)

23.311704415s ago: executing program 4 (id=1513):
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = clone3$auto(&(0x7f00000002c0)={0x4, 0x9, 0x1, 0x2, 0x8000, 0xffffffffffffffff, 0x7, 0x3, 0xffffffffffffffea, 0x8, 0x200}, 0x7)
ptrace$auto_PTRACE_GETSIGMASK(0x420a, r1, 0x6e3, 0x1)
ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptyzf\x00', 0x2200, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
io_setup$auto(0x7ffe, &(0x7f0000000000))
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0)
syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, r3)
write$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000200)='5', 0x1)
capset$auto(&(0x7f0000000340)={0x19980330}, 0x0)
select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x8, 0x4, 0x2, 0xb, 0x1, 0x4, 0x0, 0x7fff, 0xa, 0x193, 0xfffffffffffffff9, 0x3, 0x5e4, 0x1000, 0x1, 0x1]}, &(0x7f0000000380)={[0x8000000000000001, 0x5, 0x1, 0x10001, 0xe, 0xf, 0x5, 0x3, 0x59fc8000, 0x200006, 0x8000000000000000, 0x3, 0x800, 0x7, 0x1ff, 0x5]}, &(0x7f0000000280)={0x6, 0xc8})
open(&(0x7f0000000040)='./file0\x00', 0x40841, 0x8)
io_uring_register$auto_IORING_UNREGISTER_PERSONALITY(r0, 0xa, &(0x7f0000000180)="221aa2a2e1a47c16e9b935b36eb66fa98ca6d90b78e1fc1799ad1e15807c54f58fa1ee6c6927048cbda12b4e1ad0336a4b88db6e5c7e4fedd6852f33d0b576", 0x2f)
socket(0xa, 0x5, 0x94)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dri/card0\x00', 0x6c800, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)

12.56538683s ago: executing program 5 (id=1531):
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC0D0c\x00', 0x200, 0x0)
r0 = openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/trace_options\x00', 0x40000, 0x0)
listen$auto(r0, 0x611e)
poll$auto(0x0, 0x6, 0x8)
socketpair$auto(0x20, 0x5, 0x4000, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
open(0x0, 0x7ffd, 0x12)
madvise$auto(0x0, 0x200007, 0x19)
mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x9, 0x3)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
read$auto(0x3, 0x0, 0x80)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r1 = io_uring_setup$auto(0x406, 0x0)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
getrandom$auto(0x0, 0x6000000, 0x3)
r2 = syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
r3 = socket(0x11, 0x80003, 0x300)
io_uring_enter$auto(0x3, 0xa84, 0x80000001, 0xa, 0x0, 0x46)
sendmsg$auto_NL80211_CMD_SET_REKEY_OFFLOAD(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)={0x14, r2, 0x8, 0x70bd2b, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4040091}, 0x40850)
io_uring_enter$auto(r1, 0x7, 0x7ffffffb, 0x3, 0x0, 0x3)
move_pages$auto(0x0, 0xa, 0x0, 0x0, 0x0, 0x2)
io_uring_enter$auto(0x3, 0x5, 0x5f3, 0x3, 0x0, 0x2)

9.281981944s ago: executing program 5 (id=1536):
statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0)

8.942216785s ago: executing program 5 (id=1537):
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/oss\x00', 0xaa102, 0x0)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x82040, 0x0)
socket(0xa, 0x1, 0x100)
ioperm$auto(0x7, 0x5ad2, 0xc)
modify_ldt$auto(0x1, 0x0, 0x10)
r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
pread64$auto(r0, 0x0, 0x7ff, 0x400)
socket(0x2, 0x1, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0x12, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x400000000000948f, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x9, 0x1]}, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/kernel/kexec_load_disabled\x00', 0x202, 0x0)
sendfile$auto(r2, r2, 0x0, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0004, 0x19)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
close_range$auto(0x2, 0x8, 0x0)

8.221329731s ago: executing program 35 (id=1513):
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = clone3$auto(&(0x7f00000002c0)={0x4, 0x9, 0x1, 0x2, 0x8000, 0xffffffffffffffff, 0x7, 0x3, 0xffffffffffffffea, 0x8, 0x200}, 0x7)
ptrace$auto_PTRACE_GETSIGMASK(0x420a, r1, 0x6e3, 0x1)
ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptyzf\x00', 0x2200, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
io_setup$auto(0x7ffe, &(0x7f0000000000))
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0)
syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, r3)
write$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000200)='5', 0x1)
capset$auto(&(0x7f0000000340)={0x19980330}, 0x0)
select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x8, 0x4, 0x2, 0xb, 0x1, 0x4, 0x0, 0x7fff, 0xa, 0x193, 0xfffffffffffffff9, 0x3, 0x5e4, 0x1000, 0x1, 0x1]}, &(0x7f0000000380)={[0x8000000000000001, 0x5, 0x1, 0x10001, 0xe, 0xf, 0x5, 0x3, 0x59fc8000, 0x200006, 0x8000000000000000, 0x3, 0x800, 0x7, 0x1ff, 0x5]}, &(0x7f0000000280)={0x6, 0xc8})
open(&(0x7f0000000040)='./file0\x00', 0x40841, 0x8)
io_uring_register$auto_IORING_UNREGISTER_PERSONALITY(r0, 0xa, &(0x7f0000000180)="221aa2a2e1a47c16e9b935b36eb66fa98ca6d90b78e1fc1799ad1e15807c54f58fa1ee6c6927048cbda12b4e1ad0336a4b88db6e5c7e4fedd6852f33d0b576", 0x2f)
socket(0xa, 0x5, 0x94)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dri/card0\x00', 0x6c800, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)

6.875070355s ago: executing program 6 (id=1541):
socket(0x11, 0x80003, 0x300)
rt_sigqueueinfo$auto(0x0, 0xc74, &(0x7f0000000000)={@siginfo_0_0={0xf9, 0x14, 0x7e73, @_timer={0x0, 0x80000001, @sival_ptr=0x0, 0x5}}})
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-9/xps_rxqs\x00', 0x1a1842, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
open(&(0x7f0000000040)='./file0\x00', 0x44, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000003c0)=""/192, 0xc0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/pcm0p/sub0/info\x00', 0x1c1282, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000280)=""/65, 0x41)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
io_uring_setup$auto(0x3, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ppoll$auto(0x0, 0x9, 0x0, 0x0, 0x8)
madvise$auto(0x0, 0x200007, 0x19)
syz_clone3(0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0)
r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
write$auto(r1, 0x0, 0x4)

6.871297343s ago: executing program 0 (id=1548):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0xff)
openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, &(0x7f0000000200)='/dev/etherd/interfaces\x00', 0x200003, 0x0)
ioctl$auto_TUNSETDEBUG(0xffffffffffffffff, 0x400454c9, &(0x7f0000000480)=0x9)
r0 = open(0x0, 0x1e7d43, 0xa6)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x1d, 0x2, 0x7)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00'})
r1 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000000c0), r0)
sendmsg$auto_NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1], 0x1c}, 0x1, 0x0, 0x0, 0x4000804}, 0xc0084)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xca481, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/cpu/smt/control\x00', 0x2ab42, 0x0)
sendfile$auto(r2, r2, 0x0, 0x4f64a1d2)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x8, 0x1ff, 0x7c9, 0x26, 0x4909b6f5, 0x1ffde, 0x7, 0x3, 0x20000009, 0x9, 0x3, 0x4, 0x1, 0xb4, 0x9, 0x8, 0x10003, 0x80, 0x3, 0x0, 0xa, 0x22000, 0x200, 0x2, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffff8, 0x0, 0x0, 0x80000, 0x0, 0xffff, 0x10, 0x0, 0x8, 0x10000, 0x0, 0x0, 0x0, 0x6, 0xbdcc, 0x0, 0xfffffffffffffffe]}, 0x1fe, 0x7)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
ioctl$auto_XFS_IOC_FSBULKSTAT_SINGLE(r0, 0xc0205866, &(0x7f0000000440)={&(0x7f0000000380)=0x8000000000000000, 0x101, &(0x7f00000003c0)="9937c97ae696a65d95255038ceeb5f581bffd0ed84f466b633c973e5f9650a2853c2b4", &(0x7f0000000400)=0x492})
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r3 = socket(0x10, 0x2, 0x0)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptywd\x00', 0x101e81, 0x0)
ioctl$auto_TIOCSTI2(r4, 0x5412, &(0x7f0000000040))
sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x1892, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000140), 0xb, 0xa505}, 0x800}, 0x7, 0x4008)

6.571661475s ago: executing program 0 (id=1542):
r0 = syz_genetlink_get_family_id$auto_hsr(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_HSR_C_GET_NODE_LIST(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x14, r0, 0x1, 0x70bd24, 0x25dfdbfd}, 0x14}, 0x1, 0x6000, 0x0, 0x200000c0}, 0x2000c004)

6.305977376s ago: executing program 0 (id=1543):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001d80)='/sys/devices/virtual/sound/ctl-led/speaker/card0/attach\x00', 0x1, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000040)="3100001000000000002ca65de95b667827494d", 0x5e)
mmap$auto(0x0, 0x7, 0x4000000000e0, 0xeb1, 0x401, 0x400)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x20681, 0x0)
rseq$auto(&(0x7f00000001c0)={0xe, 0x6, 0x0, 0x9, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6)
migrate_pages$auto(0x0, 0x2, 0x0, &(0x7f00000000c0)=0x3)
mmap$auto(0x0, 0x2020009, 0x38e90acd, 0xeb1, 0xfffefffffffffffa, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80200, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x3, 0x40000000009f, 0x10000000040eb1, 0x401, 0x300000000000)
r1 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, 0x0, 0x260582, 0x0)
setsockopt$auto(0x400000000000003, 0x29, 0x1c, 0x0, 0x56b)
r2 = syz_clone(0x80f400, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x4, 0x3, 0x100040eb1, r1, 0x300000000002)
setsockopt$auto_SO_MAX_PACING_RATE(0xffffffffffffffff, 0x3, 0x2f, &(0x7f0000000300)='\xba\xf13\xa4o\xd3\xd2\xe0v\x95\xe6mAk\x90\xa1\xfd\xb0\xe1\xa6W\x85py\x91Q\xe7\xc9\x05\xce\x17\xe6<0e\x12\xe8/\x16\xf0\xd2\xe5\x06[\vFb\xd6\xc0sTv*\xa6\x97\xb4\xcf\xc8d^\xb1\x7f\xeeH\xd2\xa8\xeb\xad\xdfw\xad\x1e\xcf\x13\xd2\xbbh\xb7\xb1\xa2\x14\xbe=Q\xf3\xd6\x85\x8as\x04\x93\x8c3\n\x9e\xcc\xbdP\x89\xee\xa8\x82\x03\x97\xe6^\x85#\x11T\x8dE\xba\nF\xc2\xe2\x06k\xf0~\xa3\x86h\xc2\xb8\xcfk\x1f', 0x4)
r3 = pidfd_open$auto(0x0, 0x0)
setns(r3, 0x20000000)
rt_tgsigqueueinfo$auto(0xffffffffffffffff, 0x0, 0x8, 0x0)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40)
execve$auto(&(0x7f0000000180)='./file0\x00', &(0x7f0000000100)=&(0x7f0000000080)='\xac\x10', 0x0)
ptrace$auto(0x4206, r2, 0x0, 0x5)
mmap$auto(0x0, 0x400000000, 0x3, 0x18, 0xffffffffffffffff, 0x8005)
move_pages$auto(0x1, 0x233, 0x0, 0x0, 0x0, 0x8000000000000000)
symlink$auto(0x0, &(0x7f0000000000)='\'--[[\x14+\\\x00')

5.727148225s ago: executing program 5 (id=1544):
r0 = openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000004080)='/sys/kernel/debug/kvm/mmu_flooded\x00', 0x2, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
ioctl$auto_FIDEDUPERANGE(r0, 0xc0189436, 0x2)
socket(0x1d, 0x2, 0x6)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x181881, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x40000002c55, 0x0)
socket(0xa, 0x1, 0x84)
socket(0x2, 0x1, 0x0)
openat$auto_tracing_mark_fops_trace(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/tracing/trace_marker\x00', 0x201, 0x0)
socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vcsa1\x00', 0x1, 0x0)
socketpair$auto(0x1e, 0x5, 0xfffffffc, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x1f, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/usbip-vudc.0/usbip_sockfd\x00', 0x103841, 0x0)
write$auto(r1, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xabxo\xd9\x90\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xa5\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5Y\a\xc1\xe9(\x85R\x96\xe4\x86\\\x13\xa9\x1a&\x19\x8a9\x82\xf0\x83\f\xf7\xeb\x00\x00\x00\x00\x00\x00\x00\x00v\x92<e\x8b?#a\xa3 \xaa\x19\xde}\x10\xa4\x95\x02\x12\xbb\x13\xeb<\xc8x\x86\xc6\x12w2u\xe5\xb0\x8f\xda\x88R\xf4 @\xdc\x8e\xaa\xf0{\xa8,\xa3\xc7\x01\\\x03(\xc0\xb3\xf3\xf80eqo\x1a\xe0\xc6\xd9\xcf\xab\xf4_\xf2', 0x100000000)

5.116091349s ago: executing program 6 (id=1545):
statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0)

4.944018125s ago: executing program 6 (id=1546):
r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xd, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
r2 = getpid()
mlockall$auto(0x5)
rt_sigprocmask$auto(0x26, &(0x7f0000000040)={0x80000000}, &(0x7f0000000080)={0x9}, 0x8)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
unshare$auto(0x40000080)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
socket(0x11, 0xa, 0x300)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0xa)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00)
mincore$auto(0x1000, 0x8001, 0x0)
close_range$auto(0x2, 0x8, 0x0)
process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001245}, 0xa, 0x40000000000000)
ioctl$auto(0xffffffffffffffff, 0x400454c9, r0)

4.467685236s ago: executing program 0 (id=1547):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x2, 0xa, 0xa)
open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x8)
socket(0xa, 0x5, 0x0)
io_uring_setup$auto(0x1, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/vkms/graphics/fb0/state\x00', 0xc2481, 0x0)
io_uring_setup$auto(0x59, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x2000, 0x0)
r0 = open(0x0, 0x149443, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa901, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x5, 0x0)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x440, 0x0)
socket(0xa, 0x802, 0x3a)
socket(0x29, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b82, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0x10, 0x2, 0x14)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14af"], 0x14}, 0x1, 0x0, 0x0, 0x8800}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xffffffffffffff14, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r1], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x200440c0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x800)
sendmmsg$auto(r2, &(0x7f0000000080)={{0x0, 0x8001c01, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x1}, 0x7}, 0x3d55, 0x0)

4.059385211s ago: executing program 0 (id=1549):
mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008)
socket(0x29, 0x2, 0x0)
socket(0x10, 0x2, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_wireguard(0x0, r0)
sendmsg$auto_WG_CMD_SET_DEVICE(r0, 0x0, 0x810)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
setresuid$auto(0x0, 0xee00, 0xffffffffffffffff)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r1 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0)
read$auto(r1, 0x0, 0x39b8)
openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000140), 0x101, 0x0)
read$auto_fake_panic_fops_(0xffffffffffffffff, 0x0, 0x0)
socket(0x26, 0x6, 0x3)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2b, 0x1, 0x0)
mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4)

3.950096096s ago: executing program 5 (id=1550):
mmap$auto(0x0, 0x20009, 0xdf, 0x18, 0x200000000000404, 0x0)
sendmsg$auto_IOAM6_CMD_ADD_NAMESPACE(0xffffffffffffffff, &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8040}, 0x24004054)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/unix\x00', 0x121040, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000040)=""/153, 0x99)
getrandom$auto(0x0, 0x6000000, 0x3)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
mlockall$auto(0x7)
mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2)
gettid()
r1 = socket(0x2, 0x1, 0x0)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x4, 0x0, 0x7fff, 0x4}, 0x80000b}, 0x5, 0x20000000)
r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sg0\x00', 0x141000, 0x0)
bpf$auto(0x40, &(0x7f00000000c0)=@bpf_attr_0={0x0, 0x6, 0x8, 0x4, 0x800, 0xffffffffffffffff, 0x13, "f0f59673e700", 0x0, r2, 0xfffff588, 0x9, 0x2, 0x100000000000200}, 0x7f)
ioctl$auto_SCSI_IOCTL_SEND_COMMAND2(r2, 0x1, &(0x7f00000000c0))
r3 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x100e42, 0x0)
write$auto_sg_fops_sg(r3, &(0x7f00000001c0)="bf5b1a8c24000000dbcbc7a996eea7f3804ca6c7591afff6578d2f5f520f687f316ba7327b581cd8d58309037c0ae2c71a", 0x31)
r4 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000000), 0x123000, 0x0)
ioctl$auto_USB_RAW_IOCTL_EVENT_FETCH(r4, 0x80085502, &(0x7f00000001c0)={0x10, 0x1000})
ioctl$auto(r1, 0xffff, 0xffffffffffffffff)
syz_genetlink_get_family_id$auto_nl80211(0x0, r1)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)

2.468386079s ago: executing program 6 (id=1551):
mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x80000000000000a, 0x2, 0x0)
r0 = socket(0xa, 0x801, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x11}}, 0x54)
getsockopt$auto(r0, 0x84, 0x76, 0x0, &(0x7f0000000280)=0x1000c0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x200000000eb1, 0x401, 0x8000)
openat$auto_proc_pid_set_comm_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/comm\x00', 0x2, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/fs/ext4/sda1/msg_count\x00', 0x80, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(r2, &(0x7f0000002e40)={0x0, 0x0, &(0x7f0000002e00)={&(0x7f0000002e80)={0x30, r3, 0x1, 0x70bd2a, 0x25dfdbff, {}, [@ETHTOOL_A_DEBUG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}]}, @ETHTOOL_A_DEBUG_MSGMASK={0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x8050}, 0x4000080)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000000)=""/9, 0x9)
r4 = prctl$auto(0x16, 0x1, 0x6, 0xfffffffffffffffe, 0x4)
socket(0xa, 0x801, 0x84)
mmap$auto(0x0, 0xfff, 0xdf, 0xeb1, 0x401, 0x8000)
pipe2$auto(0x0, 0x80)
setsockopt$auto(0x3, 0x1, 0xd, 0x0, 0x8)
close_range$auto(0x2, 0x8000, 0x0)
getsockopt$auto_SO_PROTOCOL(r4, 0x8, 0x26, &(0x7f0000000000)='/proc/thread-self/comm\x00', &(0x7f0000000040)=0xc8b0)
write$auto(0x3, 0x0, 0x7fffffff)

1.657539685s ago: executing program 5 (id=1552):
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x15, 0x5, 0x0)
socket(0xa, 0x2, 0x88)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x46)
write$auto(0x3, 0x0, 0xffd8)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000bc0), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'veth1_to_bond\x00', <r3=>0x0})
sendmsg$auto_BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)={0x1c, r1, 0x305, 0x70bd23, 0x25dfdbfb, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40008}, 0x4000040)
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x4f1, 0x2, 0x8000)
r4 = socket(0x2, 0x6, 0xffffffee)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
setsockopt$auto(r4, 0x6, 0x8, 0x0, 0x10000)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0006, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
write$auto(0x3, 0x0, 0xfdef)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x400053, 0x9)
r5 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/stat\x00', 0x40440, 0x0)
read$auto_proc_single_file_operations_base(r5, &(0x7f0000000040)=""/9, 0x9)

1.093657989s ago: executing program 6 (id=1553):
ioctl$auto_NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, 0x0)
socket(0x2, 0x2, 0x88)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{0x0, 0x0, 0x0, 0x9, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008)
socket(0x1f, 0x3, 0x400001)
r0 = socket(0xf, 0x5, 0xf)
setsockopt$auto(r0, 0x6, 0xc, 0x0, 0x7fffffff)
mmap$auto(0x0, 0x20009, 0xdf, 0xebf, 0x401, 0x5)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, 0x0, 0x42100, 0x0)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_genetlink_get_family_id$auto_nlbl_unlbl(0x0, r2)
sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r2, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10010}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4081}, 0xc000)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40)
execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0xfffffe01, 0x22, 0x940, 0x1ffde, 0x3, 0x3, 0x7, 0x9, 0x5, 0x0, 0x8004, 0xb0, 0x7, 0x1, 0x3, 0x5, 0x7, 0xfffffffe, 0x0, 0x0, 0x1000, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, [0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x7, 0x281)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
socket(0x10, 0x2, 0x0)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
execve$auto(&(0x7f0000000240)='./file0\x00', 0x0, 0x0)
execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000100)=&(0x7f0000000300)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\xf20/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a0\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5\x94\xd0\xf5\xe7\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00')

449.397364ms ago: executing program 0 (id=1554):
prctl$auto(0x41, 0x3, 0x0, 0x0, 0x0)
prctl$auto(0x41, 0x3, 0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x801, 0x0)
socket(0xf, 0x3, 0x2)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
open(&(0x7f0000000100)='./bus\x00', 0x14d27e, 0x72)
socket(0x2, 0x1, 0x0)
select$auto(0x6, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x3, 0xfff, 0x1, 0x948b, 0x3, 0x95f4da2d, 0xc, 0x6, 0x62, 0x7, 0x7, 0x6d3f, 0xa, 0x4, 0x5]}, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000)
statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0)
ioctl$auto(r1, 0x40104d06, 0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x60a41, 0x0)
mprotect$auto(0x110c238000, 0x1, 0x3)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_hsr(&(0x7f0000000180), r2)
sendmsg$auto_HSR_C_GET_NODE_LIST(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x14, r3, 0x1, 0x70bd24, 0x25dfdbfd}, 0x14}, 0x1, 0x6000, 0x0, 0x200000c0}, 0x2000c004)

0s ago: executing program 6 (id=1555):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/virtual/net/eql/statistics/tx_carrier_errors\x00', 0x800, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000000)=""/45, 0x2d)
pipe2$auto(&(0x7f00000000c0), 0x0)
writev$auto(0xca, &(0x7f0000000080)={&(0x7f00000000c0), 0x2}, 0x2000000000000003)
prctl$auto_PR_SME_SET_VL(0x3f, 0x7, 0x7, 0x3, 0x7)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000004ec0), 0xffffffffffffffff)
socket(0x2, 0x5, 0x0)
mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0)
prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
sendmsg$auto_L2TP_CMD_NOOP(r2, &(0x7f0000004fc0)={0x0, 0x0, &(0x7f0000004f80)={&(0x7f0000004f00)={0x14, r3, 0x1, 0x70bd26, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x40)
write$auto_ocfs2_control_fops_stack_user(r1, &(0x7f0000000080)='\t', 0x1)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000002c0)={'batadv0\x00', <r7=>0x0})
sendmsg$auto_BATADV_CMD_GET_MCAST_FLAGS(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)={0x1c, r5, 0xf234609f6d79638b, 0x70bd2a, 0x25dfdbfe, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000080}, 0x40000)
r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/module/kvm_intel/parameters/vmentry_l1d_flush\x00', 0x82942, 0x0)
sendfile$auto(r8, r8, 0x0, 0x200)

kernel console output (not intermixed with test programs):


			


	

	

	


		
	
	

	

	
		

	


	
	

		
	
		
	
	



			








	





	





	














	

		











	

	
	
















	






	






		







	
	

	



			




	
		

	


	
	

		
	

			
	

		
	
	



			








	





	





	














	

		











	

	
	
















	





	




		











	
		
			
			


	


	

	
		

	
		

	


	
	

		
	
		
	
	



			








	




	






	
	




	

		











	

	
	
















	






	






		







	

	
		
	
	

	
	
	
	

	
	





		
	
	

	



	

	
	

	
	
	

	
		
	
	
					
	

	

	
		

	


	
	

		
	
		
	
	



			








	




	


















	
	

	






















	






	






	





		








	

	
	

	
		
	
		
	
	
	
	
	
	
	
	


		
	
	




	
		

	


	
	

		
	
		
	
	



			








	


		

	



		

		

		


		


















	










	






	






		







	
	
				
	



			




		
	
				
	



			



		
	
				
	



			



		
	
				
	



			


		


		



		



	




	

	
		


	
	




			

			
	

	

	


	

	
		
	
	

	

	

	
		


	
	

	
	

	
	

	
	

	
	

	
	

	
		
	

	
	

	
	

	
	

	
		
			
			

	


	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	







	

	
	





	
		

	


	
	

		
	
		
	
	



			








	




	









			


	





	
	

	

	
	






		
	


		
	









	







	








		









	
		

	


	
	

		
	
		
	
	



			








	




	









	
	






		











	

	
	
















	







	







		










	
		

	


	
	

		
	
		
	
	



			








	



	





















	

		






	








	






	





		







	
	

	
		
		
	
		
	
	

	
		
	

	
		
	

	

	

	
		

		

	
	

	
		
	

	
		

	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	

	


	


	
		
	
	
	

		




	

	

	
		
	
		


	
		

	
	

	

	

	
		
	
	
	
	
	
	


	
	

	
		

	


	
	

		
	
		
	
	



			








	




	










	







	

		











	

	
	
















	






	





		








	
		

	


	
	

		
	
		
	
	



			








	



	





















	






	








	







	







		









	

	
		

	


	

	
		
	

	
		
	

	

	

	
		
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	


	
	

	
		

	


	
	

		
	
		
	
	



			








	




	





	



	



	

	


	
	
			
	











	


	

	

		










		











	

	
	
















	






	






		









	
		
	
	

	
		
			


	

	
		
	

	
		
	

	
		
	

	

	

	
		

	
		

	


	

	

		
	
		
	
	



			








	

	






	
	




	





	

	
	

	


		
	
	








	


	



	



	



	
	

	






	




	











	
	











	


	


	



	
	

	
	

	

	

	


	

	


	






	







	







		










	
	


	
	

	
	

	
	

	
	

	
	
	
	

	
	
	

	

	

	
	

	
	

	
	

	
	

	
	

	
		

	

	
		
							
		


			
	
	


	

	

	


	
				
	
	



	
	



	
		

	


	
	

		
	
		
	
	



			








	



	









	










	





	



		

		








	








	

	
		



		

		

	
	











	









	







	







		









	

	
		

	




			




syzkaller
syzkaller login: [  494.148439][T14249] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1116'.
[  494.324387][T14249] bond0: (slave bond_slave_1): Releasing backup interface
[  496.248006][T14291] random: crng reseeded on system resumption
[  497.762725][T14301] netlink: 'syz.0.1122': attribute type 5 has an invalid length.
[  497.856212][T14303] HfR: entered promiscuous mode
[  497.942410][T14303] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1123'.
[  498.064575][T14303] openvswitch: HfR: Dropping previously announced user features
[  499.821604][T14384] random: crng reseeded on system resumption
[  499.916180][T14393] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1128'.
[  500.577114][T14403] block nbd7: not configured, cannot reconfigure
[  500.887576][T14399] FAULT_INJECTION: forcing a failure.
[  500.887576][T14399] name failslab, interval 1, probability 0, space 0, times 0
[  500.983934][T14399] CPU: 0 UID: 0 PID: 14399 Comm: syz.1.1129 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  500.983966][T14399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  500.983980][T14399] Call Trace:
[  500.983987][T14399]  <TASK>
[  500.983996][T14399]  dump_stack_lvl+0x16c/0x1f0
[  500.984046][T14399]  should_fail_ex+0x512/0x640
[  500.984090][T14399]  ? fs_reclaim_acquire+0xae/0x150
[  500.984117][T14399]  should_failslab+0xc2/0x120
[  500.984136][T14399]  __kmalloc_cache_noprof+0x6a/0x3e0
[  500.984164][T14399]  ? tomoyo_write_log2+0x33d/0xc10
[  500.984195][T14399]  tomoyo_write_log2+0x33d/0xc10
[  500.984226][T14399]  tomoyo_supervisor+0x15e/0x13b0
[  500.984263][T14399]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  500.984294][T14399]  ? __pfx_vsnprintf+0x10/0x10
[  500.984335][T14399]  ? tomoyo_encode2+0x329/0x3e0
[  500.984365][T14399]  ? tomoyo_check_path_number_acl+0xa6/0x2f0
[  500.984397][T14399]  tomoyo_path_number_perm+0x448/0x580
[  500.984423][T14399]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  500.984473][T14399]  ? find_held_lock+0x2b/0x80
[  500.984492][T14399]  ? hook_file_ioctl_common+0x145/0x410
[  500.984520][T14399]  ? __fget_files+0x20e/0x3c0
[  500.984552][T14399]  security_file_ioctl+0x9b/0x240
[  500.984578][T14399]  __x64_sys_ioctl+0xb7/0x210
[  500.984610][T14399]  do_syscall_64+0xcd/0x490
[  500.984643][T14399]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  500.984665][T14399] RIP: 0033:0x7f222db8e929
[  500.984680][T14399] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  500.984699][T14399] RSP: 002b:00007f222eaa1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  500.984718][T14399] RAX: ffffffffffffffda RBX: 00007f222ddb5fa0 RCX: 00007f222db8e929
[  500.984731][T14399] RDX: 00002000000000c0 RSI: 000000004018aee3 RDI: 0000000000000000
[  500.984743][T14399] RBP: 00007f222dc10b39 R08: 0000000000000000 R09: 0000000000000000
[  500.984756][T14399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  500.984767][T14399] R13: 0000000000000000 R14: 00007f222ddb5fa0 R15: 00007fff55ad2bf8
[  500.984792][T14399]  </TASK>
[  506.170924][T14582] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  506.236702][T14582] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  506.340227][T14582] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  506.400720][T14582] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  507.229591][T11699] Bluetooth: hci0: command 0x0c1a tx timeout
[  508.279355][T11699] Bluetooth: hci1: command 0x0c1a tx timeout
[  508.351781][T11699] Bluetooth: hci2: command 0x0c1a tx timeout
[  508.429377][T11699] Bluetooth: hci3: command 0x0c1a tx timeout
[  508.447526][T14639] Process accounting resumed
[  508.852992][T14667] netlink: 'syz.3.1147': attribute type 5 has an invalid length.
[  510.292644][T14740] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1150'.
[  511.311353][T14781] ubi0: attaching mtd0
[  511.382197][T14781] ubi0: scanning is finished
[  511.417527][T14781] ubi0 error: ubi_read_volume_table: the layout volume was not found
[  511.798521][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  511.811173][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  511.990426][T14781] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  512.822223][T14851] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1155'.
[  513.669639][T11699] Bluetooth: hci1: SCO packet for unknown connection handle 0
[  517.663470][T14928] vhci_hcd: invalid port number 16
[  517.878604][T14928] vhci_hcd: invalid port number 16
[  525.499071][T15101] netlink: 296 bytes leftover after parsing attributes in process `syz.1.1172'.
[  529.724717][   T30] audit: type=1800 audit(4294967320.950:25): pid=15173 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1182" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0
[  529.745153][    C0] vkms_vblank_simulate: vblank timer overrun
[  533.499994][T15233] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1189'.
[  533.639954][T15238] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1189'.
[  534.915436][T15262] random: crng reseeded on system resumption
[  540.934303][T15269] Process accounting paused
[  549.518917][T15635] ERROR: Out of memory at tomoyo_memory_ok.
[  549.655009][T15649] ERROR: Out of memory at tomoyo_memory_ok.
[  550.795759][T15719] Invalid ELF header magic: != ELF
[  550.865077][T15719] netlink: zone id is out of range
[  550.902252][T15719] netlink: zone id is out of range
[  551.082108][T15719] netlink: zone id is out of range
[  551.087248][T15719] netlink: zone id is out of range
[  551.246994][T15719] netlink: zone id is out of range
[  552.827154][T15765] ima: policy update failed
[  552.901643][   T30] audit: type=1802 audit(4294967344.130:26): pid=15765 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1219" res=0 errno=0
[  552.947352][T15765] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1219'.
[  553.750637][T15773] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1221'.
[  553.885631][T15783] netlink: 354 bytes leftover after parsing attributes in process `syz.3.1221'.
[  554.898690][T15784] FAULT_INJECTION: forcing a failure.
[  554.898690][T15784] name failslab, interval 1, probability 0, space 0, times 0
[  555.154834][T15784] CPU: 0 UID: 0 PID: 15784 Comm: syz.0.1222 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  555.154862][T15784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  555.154875][T15784] Call Trace:
[  555.154881][T15784]  <TASK>
[  555.154889][T15784]  dump_stack_lvl+0x16c/0x1f0
[  555.154924][T15784]  should_fail_ex+0x512/0x640
[  555.154958][T15784]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  555.154992][T15784]  should_failslab+0xc2/0x120
[  555.155012][T15784]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  555.155044][T15784]  ? __kernfs_new_node+0xd2/0x8e0
[  555.155075][T15784]  __kernfs_new_node+0xd2/0x8e0
[  555.155105][T15784]  ? __pfx___kernfs_new_node+0x10/0x10
[  555.155139][T15784]  ? find_held_lock+0x2b/0x80
[  555.155164][T15784]  ? kernfs_root+0xee/0x2a0
[  555.155197][T15784]  kernfs_new_node+0x13c/0x1e0
[  555.155233][T15784]  __kernfs_create_file+0x53/0x350
[  555.155258][T15784]  sysfs_add_file_mode_ns+0x207/0x3c0
[  555.155291][T15784]  internal_create_group+0x578/0xf30
[  555.155327][T15784]  ? __pfx_internal_create_group+0x10/0x10
[  555.155360][T15784]  ? kernfs_create_link+0x1bd/0x240
[  555.155386][T15784]  internal_create_groups+0x9d/0x150
[  555.155420][T15784]  device_add+0x6d1/0x1a70
[  555.155444][T15784]  ? __pfx_device_add+0x10/0x10
[  555.155464][T15784]  ? lockdep_init_map_type+0x5c/0x280
[  555.155493][T15784]  ? __init_waitqueue_head+0xca/0x150
[  555.155531][T15784]  netdev_register_kobject+0x182/0x3a0
[  555.155556][T15784]  register_netdevice+0x13dc/0x2270
[  555.155581][T15784]  ? __pfx_register_netdevice+0x10/0x10
[  555.155609][T15784]  __ip_tunnel_create+0x540/0x6e0
[  555.155634][T15784]  ? __pfx___ip_tunnel_create+0x10/0x10
[  555.155665][T15784]  ip_tunnel_init_net+0x22f/0x7d0
[  555.155692][T15784]  ? __pfx_ip_tunnel_init_net+0x10/0x10
[  555.155721][T15784]  ? trace_kmalloc+0x2b/0xd0
[  555.155740][T15784]  ? __kmalloc_noprof+0x242/0x510
[  555.155768][T15784]  ? lockdep_init_map_type+0x5c/0x280
[  555.155802][T15784]  ? __pfx_ipgre_tap_init_net+0x10/0x10
[  555.155837][T15784]  ops_init+0x1df/0x5f0
[  555.155858][T15784]  setup_net+0x1ff/0x510
[  555.155875][T15784]  ? lockdep_init_map_type+0x5c/0x280
[  555.155903][T15784]  ? __pfx_setup_net+0x10/0x10
[  555.155923][T15784]  ? debug_mutex_init+0x37/0x70
[  555.155945][T15784]  copy_net_ns+0x2a6/0x5f0
[  555.155969][T15784]  create_new_namespaces+0x3ea/0xa90
[  555.155996][T15784]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  555.156022][T15784]  ksys_unshare+0x45b/0xa40
[  555.156049][T15784]  ? __pfx_ksys_unshare+0x10/0x10
[  555.156077][T15784]  ? xfd_validate_state+0x61/0x180
[  555.156110][T15784]  __x64_sys_unshare+0x31/0x40
[  555.156135][T15784]  do_syscall_64+0xcd/0x490
[  555.156169][T15784]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  555.156189][T15784] RIP: 0033:0x7f02a3b8e929
[  555.156205][T15784] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  555.156225][T15784] RSP: 002b:00007f02a4a02038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  555.156243][T15784] RAX: ffffffffffffffda RBX: 00007f02a3db5fa0 RCX: 00007f02a3b8e929
[  555.156257][T15784] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  555.156269][T15784] RBP: 00007f02a3c10b39 R08: 0000000000000000 R09: 0000000000000000
[  555.156281][T15784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  555.156293][T15784] R13: 0000000000000000 R14: 00007f02a3db5fa0 R15: 00007ffd4c44c3e8
[  555.156319][T15784]  </TASK>
[  556.071063][T15811] FAULT_INJECTION: forcing a failure.
[  556.071063][T15811] name failslab, interval 1, probability 0, space 0, times 0
[  556.131440][T15811] CPU: 0 UID: 0 PID: 15811 Comm: syz.1.1227 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  556.131470][T15811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  556.131483][T15811] Call Trace:
[  556.131490][T15811]  <TASK>
[  556.131498][T15811]  dump_stack_lvl+0x16c/0x1f0
[  556.131535][T15811]  should_fail_ex+0x512/0x640
[  556.131566][T15811]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  556.131601][T15811]  should_failslab+0xc2/0x120
[  556.131621][T15811]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  556.131653][T15811]  ? find_held_lock+0x2b/0x80
[  556.131672][T15811]  ? vm_area_dup+0x27/0x8d0
[  556.131700][T15811]  ? dup_mmap+0x5cb/0x21d0
[  556.131728][T15811]  vm_area_dup+0x27/0x8d0
[  556.131762][T15811]  dup_mmap+0x877/0x21d0
[  556.131798][T15811]  ? __pfx_dup_mmap+0x10/0x10
[  556.131843][T15811]  copy_process+0x4081/0x76a0
[  556.131869][T15811]  ? __pfx___futex_wait+0x10/0x10
[  556.131911][T15811]  ? __pfx_copy_process+0x10/0x10
[  556.131950][T15811]  kernel_clone+0xfc/0x960
[  556.131978][T15811]  ? __pfx_kernel_clone+0x10/0x10
[  556.132020][T15811]  __do_sys_clone+0xce/0x120
[  556.132045][T15811]  ? __pfx___do_sys_clone+0x10/0x10
[  556.132070][T15811]  ? do_raw_spin_unlock+0x172/0x230
[  556.132115][T15811]  ? xfd_validate_state+0x61/0x180
[  556.132170][T15811]  do_syscall_64+0xcd/0x490
[  556.132208][T15811]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  556.132231][T15811] RIP: 0033:0x7f222db8e929
[  556.132248][T15811] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  556.132271][T15811] RSP: 002b:00007f222eaa0fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  556.132292][T15811] RAX: ffffffffffffffda RBX: 00007f222ddb5fa0 RCX: 00007f222db8e929
[  556.132307][T15811] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000098280000
[  556.132321][T15811] RBP: 00007f222dc10b39 R08: 0000000000000000 R09: 0000000000000000
[  556.132334][T15811] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  556.132348][T15811] R13: 0000000000000000 R14: 00007f222ddb5fa0 R15: 00007fff55ad2bf8
[  556.132377][T15811]  </TASK>
[  560.491325][T15911] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1234'.
[  562.932207][T15980] FAULT_INJECTION: forcing a failure.
[  562.932207][T15980] name failslab, interval 1, probability 0, space 0, times 0
[  563.050701][T15980] CPU: 0 UID: 0 PID: 15980 Comm: syz.1.1241 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  563.050729][T15980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  563.050740][T15980] Call Trace:
[  563.050747][T15980]  <TASK>
[  563.050754][T15980]  dump_stack_lvl+0x16c/0x1f0
[  563.050791][T15980]  should_fail_ex+0x512/0x640
[  563.050820][T15980]  ? __kmalloc_noprof+0xbf/0x510
[  563.050852][T15980]  ? lsm_blob_alloc+0x68/0x90
[  563.050881][T15980]  should_failslab+0xc2/0x120
[  563.050900][T15980]  __kmalloc_noprof+0xd2/0x510
[  563.050936][T15980]  lsm_blob_alloc+0x68/0x90
[  563.050966][T15980]  security_sk_alloc+0x30/0x270
[  563.050994][T15980]  sk_prot_alloc+0xfb/0x2a0
[  563.051019][T15980]  sk_alloc+0x36/0xc20
[  563.051048][T15980]  qrtr_create+0x84/0x1d0
[  563.051067][T15980]  __sock_create+0x338/0x8d0
[  563.051095][T15980]  __sys_socket+0x14d/0x260
[  563.051119][T15980]  ? __pfx___sys_socket+0x10/0x10
[  563.051143][T15980]  ? xfd_validate_state+0x61/0x180
[  563.051168][T15980]  ? __task_pid_nr_ns+0x17c/0x500
[  563.051200][T15980]  __x64_sys_socket+0x72/0xb0
[  563.051222][T15980]  ? lockdep_hardirqs_on+0x7c/0x110
[  563.051252][T15980]  do_syscall_64+0xcd/0x490
[  563.051285][T15980]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  563.051305][T15980] RIP: 0033:0x7f222db8e929
[  563.051321][T15980] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  563.051340][T15980] RSP: 002b:00007f222eaa1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  563.051359][T15980] RAX: ffffffffffffffda RBX: 00007f222ddb5fa0 RCX: 00007f222db8e929
[  563.051372][T15980] RDX: 0000000000000001 RSI: 0000000000000002 RDI: 000000000000002a
[  563.051384][T15980] RBP: 00007f222dc10b39 R08: 0000000000000000 R09: 0000000000000000
[  563.051396][T15980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  563.051408][T15980] R13: 0000000000000000 R14: 00007f222ddb5fa0 R15: 00007fff55ad2bf8
[  563.051432][T15980]  </TASK>
[  563.934177][T16003] ubi0: attaching mtd0
[  563.990701][T16003] ubi0: scanning is finished
[  564.053810][T16003] ubi0 error: ubi_read_volume_table: the layout volume was not found
[  564.744824][T16003] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  566.974823][ T4877] kworker/u8:8 (4877) used greatest stack depth: 20888 bytes left
[  567.491567][T16139] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1251'.
[  568.405749][T16092] kexec: Could not allocate control_code_buffer
[  569.834176][T16184] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1257'.
[  570.618089][T16192] sd 0:0:1:0: PR command failed: 1026
[  570.639481][T16192] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  570.669265][T16192] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  571.119645][T16203] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  571.404114][T16203] FAULT_INJECTION: forcing a failure.
[  571.404114][T16203] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  571.808817][T16203] CPU: 0 UID: 0 PID: 16203 Comm: syz.3.1262 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  571.808845][T16203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  571.808858][T16203] Call Trace:
[  571.808864][T16203]  <TASK>
[  571.808872][T16203]  dump_stack_lvl+0x16c/0x1f0
[  571.808908][T16203]  should_fail_ex+0x512/0x640
[  571.808941][T16203]  should_fail_alloc_page+0xe7/0x130
[  571.808963][T16203]  prepare_alloc_pages+0x3c2/0x610
[  571.808987][T16203]  ? rcu_is_watching+0x12/0xc0
[  571.809010][T16203]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  571.809043][T16203]  ? __lock_acquire+0xb8a/0x1c90
[  571.809086][T16203]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  571.809118][T16203]  ? do_raw_spin_lock+0x12c/0x2b0
[  571.809152][T16203]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  571.809183][T16203]  ? find_held_lock+0x2b/0x80
[  571.809211][T16203]  ? __lock_acquire+0xb8a/0x1c90
[  571.809236][T16203]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  571.809268][T16203]  ? policy_nodemask+0xea/0x4e0
[  571.809303][T16203]  alloc_pages_mpol+0x1fb/0x550
[  571.809322][T16203]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  571.809348][T16203]  folio_alloc_mpol_noprof+0x36/0x2f0
[  571.809372][T16203]  shmem_alloc_folio+0x135/0x160
[  571.809398][T16203]  shmem_alloc_and_add_folio+0x499/0xc20
[  571.809432][T16203]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  571.809463][T16203]  ? shmem_allowable_huge_orders+0xcb/0x2f0
[  571.809497][T16203]  shmem_get_folio_gfp+0x67f/0x1600
[  571.809531][T16203]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  571.809561][T16203]  ? __lock_acquire+0x622/0x1c90
[  571.809590][T16203]  shmem_fault+0x1fe/0xa30
[  571.809620][T16203]  ? __pfx_shmem_fault+0x10/0x10
[  571.809653][T16203]  ? __lock_acquire+0xb8a/0x1c90
[  571.809685][T16203]  __do_fault+0x10a/0x490
[  571.809718][T16203]  ? __pfx_filemap_map_pages+0x10/0x10
[  571.809750][T16203]  __handle_mm_fault+0x374c/0x5490
[  571.809782][T16203]  ? __pfx___handle_mm_fault+0x10/0x10
[  571.809810][T16203]  ? __pte_offset_map_lock+0x174/0x310
[  571.809830][T16203]  ? find_held_lock+0x2b/0x80
[  571.809848][T16203]  ? find_held_lock+0x2b/0x80
[  571.809873][T16203]  ? follow_page_pte+0x3af/0x14c0
[  571.809901][T16203]  handle_mm_fault+0x589/0xd10
[  571.809932][T16203]  __get_user_pages+0x589/0x3b80
[  571.809964][T16203]  ? __pfx___get_user_pages+0x10/0x10
[  571.809987][T16203]  ? __pfx_down_read_killable+0x10/0x10
[  571.810009][T16203]  ? __lock_acquire+0xb8a/0x1c90
[  571.810040][T16203]  faultin_page_range+0x249/0x980
[  571.810070][T16203]  madvise_do_behavior+0x268/0x3f0
[  571.810099][T16203]  ? __pfx_madvise_do_behavior+0x10/0x10
[  571.810135][T16203]  do_madvise+0x161/0x230
[  571.810156][T16203]  ? __pfx_do_madvise+0x10/0x10
[  571.810189][T16203]  ? xfd_validate_state+0x61/0x180
[  571.810214][T16203]  ? __pfx_do_writev+0x10/0x10
[  571.810245][T16203]  __x64_sys_madvise+0xa9/0x110
[  571.810266][T16203]  ? lockdep_hardirqs_on+0x7c/0x110
[  571.810296][T16203]  do_syscall_64+0xcd/0x490
[  571.810329][T16203]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  571.810349][T16203] RIP: 0033:0x7f03ae78e929
[  571.810366][T16203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  571.810386][T16203] RSP: 002b:00007f03af6a6038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  571.810405][T16203] RAX: ffffffffffffffda RBX: 00007f03ae9b5fa0 RCX: 00007f03ae78e929
[  571.810419][T16203] RDX: 0000000000000017 RSI: 0000000000100000 RDI: 0000000000000000
[  571.810431][T16203] RBP: 00007f03ae810b39 R08: 0000000000000000 R09: 0000000000000000
[  571.810444][T16203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  571.810456][T16203] R13: 0000000000000000 R14: 00007f03ae9b5fa0 R15: 00007ffd0abdce78
[  571.810481][T16203]  </TASK>
[  572.232669][T16191] Process accounting resumed
[  573.241193][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  573.247500][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  574.447489][T16220] ERROR: Out of memory at tomoyo_memory_ok.
[  575.006162][T16309] FAULT_INJECTION: forcing a failure.
[  575.006162][T16309] name fail_futex, interval 1, probability 0, space 0, times 0
[  575.083983][T16320] ERROR: Out of memory at tomoyo_memory_ok.
[  575.090001][T16309] CPU: 0 UID: 0 PID: 16309 Comm: syz.1.1268 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  575.090026][T16309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  575.090039][T16309] Call Trace:
[  575.090045][T16309]  <TASK>
[  575.090052][T16309]  dump_stack_lvl+0x16c/0x1f0
[  575.090087][T16309]  should_fail_ex+0x512/0x640
[  575.090120][T16309]  get_futex_key+0x1d0/0x1540
[  575.090147][T16309]  ? __pfx_get_futex_key+0x10/0x10
[  575.090178][T16309]  futex_wake+0xea/0x530
[  575.090209][T16309]  ? __pfx_futex_wake+0x10/0x10
[  575.090236][T16309]  ? rcu_is_watching+0x12/0xc0
[  575.090266][T16309]  do_futex+0x1e3/0x350
[  575.090290][T16309]  ? __pfx_do_futex+0x10/0x10
[  575.090316][T16309]  ? __pfx___might_resched+0x10/0x10
[  575.090339][T16309]  __x64_sys_futex+0x1e0/0x4c0
[  575.090365][T16309]  ? __pfx_blkcg_maybe_throttle_current+0x10/0x10
[  575.090392][T16309]  ? __pfx___x64_sys_futex+0x10/0x10
[  575.090416][T16309]  ? xfd_validate_state+0x61/0x180
[  575.090450][T16309]  do_syscall_64+0xcd/0x490
[  575.090483][T16309]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  575.090503][T16309] RIP: 0033:0x7f222db8e929
[  575.090518][T16309] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  575.090538][T16309] RSP: 002b:00007f222ea800e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  575.090556][T16309] RAX: ffffffffffffffda RBX: 00007f222ddb6088 RCX: 00007f222db8e929
[  575.090569][T16309] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f222ddb608c
[  575.090581][T16309] RBP: 00007f222ddb6080 R08: 00007f222eaa2000 R09: 0000000000000000
[  575.090594][T16309] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f222ddb608c
[  575.090606][T16309] R13: 0000000000000000 R14: 00007fff55ad2b10 R15: 00007fff55ad2bf8
[  575.090631][T16309]  </TASK>
[  577.424588][T16403] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1271'.
[  577.665249][T16403] team0: Port device team_slave_1 removed
[  578.371764][T16418] netlink: 'syz.2.1273': attribute type 2 has an invalid length.
[  580.908934][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  580.915518][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  580.929073][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  580.935412][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  580.943994][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  580.950599][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  580.958608][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  580.977051][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  585.164830][T16610] netlink: 'syz.1.1286': attribute type 2 has an invalid length.
[  586.079930][T16649] netlink: 354 bytes leftover after parsing attributes in process `syz.3.1289'.
[  586.910889][T16647] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  586.935073][T16647] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  586.953246][T16647] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  586.980915][T16647] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  587.491965][   T30] audit: type=1326 audit(4294967378.720:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16664 comm="syz.0.1293" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f02a3b8e929 code=0x0
[  587.864139][T16699] ERROR: Out of memory at tomoyo_memory_ok.
[  588.429332][T16248] Bluetooth: hci0: command 0x0c1a tx timeout
[  588.999656][T16248] Bluetooth: hci3: command 0x0c1a tx timeout
[  589.005684][T16248] Bluetooth: hci2: command 0x0c1a tx timeout
[  589.012192][T16248] Bluetooth: hci1: command 0x0c1a tx timeout
[  589.294082][T16768] Bluetooth: hci1: SCO packet too small
[  589.780275][T16813] ERROR: Out of memory at tomoyo_memory_ok.
[  590.137214][T16815] ERROR: Out of memory at tomoyo_memory_ok.
[  592.000304][T16871] random: crng reseeded on system resumption
[  593.090552][T16915] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1309'.
[  593.130748][T16915] netlink: 102 bytes leftover after parsing attributes in process `syz.0.1309'.
[  595.019440][T16936] ubi0: attaching mtd0
[  595.025391][T16936] ubi0: scanning is finished
[  595.074803][T16936] ubi0 error: ubi_read_volume_table: the layout volume was not found
[  595.225519][T17002] FAULT_INJECTION: forcing a failure.
[  595.225519][T17002] name failslab, interval 1, probability 0, space 0, times 0
[  595.301841][T16936] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  595.341218][T17002] CPU: 0 UID: 0 PID: 17002 Comm: syz.1.1314 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  595.341245][T17002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  595.341257][T17002] Call Trace:
[  595.341263][T17002]  <TASK>
[  595.341271][T17002]  dump_stack_lvl+0x16c/0x1f0
[  595.341304][T17002]  should_fail_ex+0x512/0x640
[  595.341334][T17002]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  595.341368][T17002]  should_failslab+0xc2/0x120
[  595.341388][T17002]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  595.341418][T17002]  ? finish_task_switch.isra.0+0x21c/0xc10
[  595.341438][T17002]  ? vm_area_dup+0x27/0x8d0
[  595.341468][T17002]  vm_area_dup+0x27/0x8d0
[  595.341496][T17002]  __split_vma+0x18e/0x1070
[  595.341524][T17002]  ? __schedule+0x1181/0x5de0
[  595.341552][T17002]  ? __pfx___split_vma+0x10/0x10
[  595.341594][T17002]  vma_modify+0xee1/0x2030
[  595.341628][T17002]  ? __pfx_vma_modify+0x10/0x10
[  595.341663][T17002]  vma_modify_flags+0x212/0x2d0
[  595.341698][T17002]  ? __pfx_vma_modify_flags+0x10/0x10
[  595.341726][T17002]  ? mtree_range_walk+0x718/0xc00
[  595.341765][T17002]  ? mas_walk+0x6a6/0x910
[  595.341795][T17002]  mlock_fixup+0x27c/0xe50
[  595.341828][T17002]  apply_vma_lock_flags+0x261/0x390
[  595.341860][T17002]  ? __pfx_apply_vma_lock_flags+0x10/0x10
[  595.341889][T17002]  ? __pfx___might_resched+0x10/0x10
[  595.341916][T17002]  ? __pfx_down_write_killable+0x10/0x10
[  595.341939][T17002]  ? do_futex+0x122/0x350
[  595.341965][T17002]  do_mlock+0x2ac/0x810
[  595.341992][T17002]  ? do_unlinkat+0x159/0x6a0
[  595.342024][T17002]  ? __pfx_do_mlock+0x10/0x10
[  595.342050][T17002]  ? __x64_sys_futex+0x1e0/0x4c0
[  595.342073][T17002]  ? __x64_sys_futex+0x1e9/0x4c0
[  595.342102][T17002]  ? xfd_validate_state+0x61/0x180
[  595.342134][T17002]  __x64_sys_mlock+0x59/0x80
[  595.342163][T17002]  do_syscall_64+0xcd/0x490
[  595.342196][T17002]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  595.342216][T17002] RIP: 0033:0x7f222db8e929
[  595.342232][T17002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  595.342252][T17002] RSP: 002b:00007f222ea80038 EFLAGS: 00000246 ORIG_RAX: 0000000000000095
[  595.342270][T17002] RAX: ffffffffffffffda RBX: 00007f222ddb6080 RCX: 00007f222db8e929
[  595.342284][T17002] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000009
[  595.342295][T17002] RBP: 00007f222dc10b39 R08: 0000000000000000 R09: 0000000000000000
[  595.342307][T17002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  595.342319][T17002] R13: 0000000000000000 R14: 00007f222ddb6080 R15: 00007fff55ad2bf8
[  595.342345][T17002]  </TASK>
[  596.336802][T17037] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1318'.
[  596.451515][T17036] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1318'.
[  597.769136][T17100] ima: policy update failed
[  597.775328][   T30] audit: type=1802 audit(4294967389.000:28): pid=17100 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.1322" res=0 errno=0
[  597.793289][T17100] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1322'.
[  598.006215][T17107] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1323'.
[  598.501304][T17136] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1326'.
[  598.538199][T17136] team_slave_0: entered allmulticast mode
[  599.022824][T17108] ptrace attach of "./syz-executor exec"[5834] was attempted by "./syz-executor exec"[17108]
[  600.229633][T17172] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  600.238394][T17172] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  600.269525][T17172] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  600.287782][T17172] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  601.791203][T16768] Bluetooth: hci0: command 0x0c1a tx timeout
[  602.269202][T16768] Bluetooth: hci1: command 0x0c1a tx timeout
[  602.349753][T16768] Bluetooth: hci3: command 0x0c1a tx timeout
[  602.355778][T16768] Bluetooth: hci2: command 0x0c1a tx timeout
[  602.777708][T17193] Process accounting paused
[  602.856348][T17202] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1334'.
[  603.627244][T17223] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1338'.
[  604.392017][T16131] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  604.401340][T16131] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  604.409618][T16131] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  604.418902][T16131] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  604.427540][T16131] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  605.140931][T17349] random: crng reseeded on system resumption
[  605.182209][T17250] chnl_net:caif_netlink_parms(): no params data found
[  605.797826][T17250] bridge0: port 1(bridge_slave_0) entered blocking state
[  605.829586][T17250] bridge0: port 1(bridge_slave_0) entered disabled state
[  605.871512][T17250] bridge_slave_0: entered allmulticast mode
[  605.919272][T17250] bridge_slave_0: entered promiscuous mode
[  605.959495][T17250] bridge0: port 2(bridge_slave_1) entered blocking state
[  605.966587][T17250] bridge0: port 2(bridge_slave_1) entered disabled state
[  606.018748][T17437] ima: policy update failed
[  606.028541][T17250] bridge_slave_1: entered allmulticast mode
[  606.045938][   T30] audit: type=1802 audit(4294967397.270:29): pid=17437 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.1344" res=0 errno=0
[  606.065056][T17437] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1344'.
[  606.075635][T17250] bridge_slave_1: entered promiscuous mode
[  606.236340][T17250] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  606.290680][T17250] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  606.511745][T16131] Bluetooth: hci4: command tx timeout
[  606.562252][T17250] team0: Port device team_slave_0 added
[  606.607013][T17250] team0: Port device team_slave_1 added
[  606.614119][T17513] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1345'.
[  606.834692][T17250] batman_adv: batadv0: Adding interface: batadv_slave_0
[  606.876548][T17250] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  606.991756][T17250] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  607.056588][T17250] batman_adv: batadv0: Adding interface: batadv_slave_1
[  607.087940][T17250] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  607.214062][T17250] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  607.471835][T17250] hsr_slave_0: entered promiscuous mode
[  607.503429][T17250] hsr_slave_1: entered promiscuous mode
[  608.428303][T17250] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  608.450361][T17708] FAULT_INJECTION: forcing a failure.
[  608.450361][T17708] name failslab, interval 1, probability 0, space 0, times 0
[  608.481555][T17717] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1352'.
[  608.507470][T17250] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  608.523628][T17708] CPU: 0 UID: 0 PID: 17708 Comm: syz.0.1351 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  608.523662][T17708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  608.523675][T17708] Call Trace:
[  608.523682][T17708]  <TASK>
[  608.523690][T17708]  dump_stack_lvl+0x16c/0x1f0
[  608.523725][T17708]  should_fail_ex+0x512/0x640
[  608.523756][T17708]  ? fs_reclaim_acquire+0xae/0x150
[  608.523784][T17708]  ? tomoyo_init_log+0x1385/0x2140
[  608.523811][T17708]  should_failslab+0xc2/0x120
[  608.523831][T17708]  __kmalloc_noprof+0xd2/0x510
[  608.523870][T17708]  tomoyo_init_log+0x1385/0x2140
[  608.523912][T17708]  ? __pfx_tomoyo_init_log+0x10/0x10
[  608.523948][T17708]  tomoyo_write_log2+0x2f7/0xc10
[  608.523981][T17708]  tomoyo_supervisor+0x15e/0x13b0
[  608.524031][T17708]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  608.524073][T17708]  ? lockdep_hardirqs_on+0x7c/0x110
[  608.524106][T17708]  ? tomoyo_check_path_acl+0xad/0x210
[  608.524130][T17708]  ? tomoyo_check_acl+0x1f7/0x410
[  608.524153][T17708]  tomoyo_path_permission+0x270/0x3b0
[  608.524178][T17708]  tomoyo_check_open_permission+0x37b/0x3c0
[  608.524203][T17708]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  608.524226][T17708]  ? __lock_acquire+0xb8a/0x1c90
[  608.524277][T17708]  ? find_held_lock+0x2b/0x80
[  608.524302][T17708]  tomoyo_file_open+0x6b/0x90
[  608.524334][T17708]  security_file_open+0x84/0x1e0
[  608.524361][T17708]  do_dentry_open+0x596/0x1c10
[  608.524398][T17708]  vfs_open+0x82/0x3f0
[  608.524422][T17708]  path_openat+0x1de4/0x2cb0
[  608.524460][T17708]  ? __pfx_path_openat+0x10/0x10
[  608.524490][T17708]  ? __lock_acquire+0xb8a/0x1c90
[  608.524519][T17708]  do_filp_open+0x20b/0x470
[  608.524548][T17708]  ? __pfx_do_filp_open+0x10/0x10
[  608.524595][T17708]  ? alloc_fd+0x471/0x7d0
[  608.524628][T17708]  do_sys_openat2+0x11b/0x1d0
[  608.524655][T17708]  ? __pfx_do_sys_openat2+0x10/0x10
[  608.524686][T17708]  __x64_sys_openat+0x174/0x210
[  608.524709][T17708]  ? __pfx___x64_sys_openat+0x10/0x10
[  608.524743][T17708]  do_syscall_64+0xcd/0x490
[  608.524776][T17708]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  608.524796][T17708] RIP: 0033:0x7f02a3b8e929
[  608.524812][T17708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  608.524832][T17708] RSP: 002b:00007f02a4a02038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  608.524851][T17708] RAX: ffffffffffffffda RBX: 00007f02a3db5fa0 RCX: 00007f02a3b8e929
[  608.524864][T17708] RDX: 0000000000001182 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  608.524876][T17708] RBP: 00007f02a3c10b39 R08: 0000000000000000 R09: 0000000000000000
[  608.524888][T17708] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  608.524900][T17708] R13: 0000000000000000 R14: 00007f02a3db5fa0 R15: 00007ffd4c44c3e8
[  608.524925][T17708]  </TASK>
[  608.805088][    C0] vkms_vblank_simulate: vblank timer overrun
[  608.834171][T17250] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  608.843754][T17250] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  608.886776][T16131] Bluetooth: hci4: command tx timeout
[  609.097728][T17723] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1352'.
[  609.490552][T17755] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1354'.
[  609.548286][T17758] Invalid ELF header magic: != ELF
[  609.654588][T17250] 8021q: adding VLAN 0 to HW filter on device bond0
[  609.745764][T17250] 8021q: adding VLAN 0 to HW filter on device team0
[  609.824869][T16174] bridge0: port 1(bridge_slave_0) entered blocking state
[  609.832401][T16174] bridge0: port 1(bridge_slave_0) entered forwarding state
[  609.925735][T16174] bridge0: port 2(bridge_slave_1) entered blocking state
[  609.932937][T16174] bridge0: port 2(bridge_slave_1) entered forwarding state
[  610.100573][T17250] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  610.561294][T17780] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1358'.
[  610.614746][T17784] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1358'.
[  610.838807][T17250] 8021q: adding VLAN 0 to HW filter on device batadv0
[  610.874718][T17788] nfsd: Unknown parameter '�'
[  610.909822][T16131] Bluetooth: hci4: command tx timeout
[  611.833125][T17250] veth0_vlan: entered promiscuous mode
[  611.875318][T17250] veth1_vlan: entered promiscuous mode
[  612.118761][T17250] veth0_macvtap: entered promiscuous mode
[  612.201914][T17250] veth1_macvtap: entered promiscuous mode
[  612.291220][T17250] batman_adv: batadv0: Interface activated: batadv_slave_0
[  612.332544][T17250] batman_adv: batadv0: Interface activated: batadv_slave_1
[  612.390073][T17250] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  612.448482][T17250] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  612.490880][T17250] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  612.524551][T17250] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  612.934665][T16155] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  612.975620][T16155] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  612.989641][T16131] Bluetooth: hci4: command tx timeout
[  613.110111][T16179] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  613.156755][T16179] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  613.200114][T17880] FAULT_INJECTION: forcing a failure.
[  613.200114][T17880] name failslab, interval 1, probability 0, space 0, times 0
[  613.254505][T17880] CPU: 0 UID: 0 PID: 17880 Comm: syz.1.1366 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  613.254532][T17880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  613.254551][T17880] Call Trace:
[  613.254557][T17880]  <TASK>
[  613.254564][T17880]  dump_stack_lvl+0x16c/0x1f0
[  613.254599][T17880]  should_fail_ex+0x512/0x640
[  613.254628][T17880]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  613.254658][T17880]  should_failslab+0xc2/0x120
[  613.254678][T17880]  __kmalloc_cache_noprof+0x6a/0x3e0
[  613.254705][T17880]  ? sctp_endpoint_new+0x7c/0xcd0
[  613.254730][T17880]  sctp_endpoint_new+0x7c/0xcd0
[  613.254755][T17880]  sctp_init_sock+0xe2d/0x1330
[  613.254773][T17880]  ? __pfx_sctp_v6_init_sock+0x10/0x10
[  613.254792][T17880]  sctp_v6_init_sock+0x16/0x70
[  613.254809][T17880]  ? __pfx_sctp_v6_init_sock+0x10/0x10
[  613.254828][T17880]  inet6_create+0xb2d/0x1300
[  613.254849][T17880]  ? inet6_create+0x7f/0x1300
[  613.254870][T17880]  __sock_create+0x338/0x8d0
[  613.254899][T17880]  inet_ctl_sock_create+0x94/0x230
[  613.254927][T17880]  ? __pfx_inet_ctl_sock_create+0x10/0x10
[  613.254952][T17880]  ? lockdep_init_map_type+0x5c/0x280
[  613.254980][T17880]  ? do_init_timer+0xc9/0x110
[  613.255004][T17880]  ? __pfx_sctp_ctrlsock_init+0x10/0x10
[  613.255036][T17880]  sctp_ctrlsock_init+0x40/0xf0
[  613.255067][T17880]  ops_init+0x1df/0x5f0
[  613.255088][T17880]  setup_net+0x1ff/0x510
[  613.255105][T17880]  ? lockdep_init_map_type+0x5c/0x280
[  613.255132][T17880]  ? __pfx_setup_net+0x10/0x10
[  613.255152][T17880]  ? debug_mutex_init+0x37/0x70
[  613.255178][T17880]  copy_net_ns+0x2a6/0x5f0
[  613.255201][T17880]  create_new_namespaces+0x3ea/0xa90
[  613.255229][T17880]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  613.255254][T17880]  ksys_unshare+0x45b/0xa40
[  613.255282][T17880]  ? __pfx_ksys_unshare+0x10/0x10
[  613.255308][T17880]  ? xfd_validate_state+0x61/0x180
[  613.255342][T17880]  __x64_sys_unshare+0x31/0x40
[  613.255367][T17880]  do_syscall_64+0xcd/0x490
[  613.255400][T17880]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  613.255420][T17880] RIP: 0033:0x7f222db8e929
[  613.255436][T17880] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  613.255455][T17880] RSP: 002b:00007f222eaa1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  613.255474][T17880] RAX: ffffffffffffffda RBX: 00007f222ddb5fa0 RCX: 00007f222db8e929
[  613.255487][T17880] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  613.255499][T17880] RBP: 00007f222dc10b39 R08: 0000000000000000 R09: 0000000000000000
[  613.255511][T17880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  613.255523][T17880] R13: 0000000000000000 R14: 00007f222ddb5fa0 R15: 00007fff55ad2bf8
[  613.255552][T17880]  </TASK>
[  613.529254][    C0] vkms_vblank_simulate: vblank timer overrun
[  613.805576][T17886] syz.2.1367 (17886): attempted to duplicate a private mapping with mremap.  This is not supported.
[  614.908040][T17916] kafs: addr_prefs: Invalid Command
[  616.014659][T17971] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1374'.
[  616.544884][T17980] can: request_module (can-proto-0) failed.
[  616.754591][T17989] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input23
[  616.900091][ T5186] ERROR: Out of memory at tomoyo_memory_ok.
[  621.569889][T18156] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1387'.
[  628.167995][T18243] FAULT_INJECTION: forcing a failure.
[  628.167995][T18243] name failslab, interval 1, probability 0, space 0, times 0
[  628.237945][T18243] CPU: 0 UID: 0 PID: 18243 Comm: syz.4.1397 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  628.237972][T18243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  628.237984][T18243] Call Trace:
[  628.237991][T18243]  <TASK>
[  628.237998][T18243]  dump_stack_lvl+0x16c/0x1f0
[  628.238039][T18243]  should_fail_ex+0x512/0x640
[  628.238069][T18243]  ? fs_reclaim_acquire+0xae/0x150
[  628.238095][T18243]  should_failslab+0xc2/0x120
[  628.238114][T18243]  __kmalloc_cache_noprof+0x6a/0x3e0
[  628.238142][T18243]  ? tomoyo_init_log+0x197/0x2140
[  628.238172][T18243]  tomoyo_init_log+0x197/0x2140
[  628.238198][T18243]  ? format_decode+0x1ad/0xd40
[  628.238224][T18243]  ? __pfx_format_decode+0x10/0x10
[  628.238257][T18243]  ? __pfx_tomoyo_init_log+0x10/0x10
[  628.238291][T18243]  tomoyo_write_log2+0x2f7/0xc10
[  628.238331][T18243]  tomoyo_supervisor+0x15e/0x13b0
[  628.238367][T18243]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  628.238410][T18243]  ? lockdep_hardirqs_on+0x7c/0x110
[  628.238443][T18243]  ? tomoyo_check_path_acl+0xad/0x210
[  628.238467][T18243]  ? tomoyo_check_acl+0x1f7/0x410
[  628.238490][T18243]  tomoyo_path_permission+0x270/0x3b0
[  628.238515][T18243]  tomoyo_check_open_permission+0x37b/0x3c0
[  628.238540][T18243]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  628.238564][T18243]  ? mntput_no_expire+0x15e/0xbb0
[  628.238613][T18243]  ? do_raw_spin_lock+0x12c/0x2b0
[  628.238651][T18243]  tomoyo_file_open+0x6b/0x90
[  628.238683][T18243]  security_file_open+0x84/0x1e0
[  628.238710][T18243]  do_dentry_open+0x596/0x1c10
[  628.238748][T18243]  vfs_open+0x82/0x3f0
[  628.238774][T18243]  path_openat+0x1de4/0x2cb0
[  628.238812][T18243]  ? __pfx_path_openat+0x10/0x10
[  628.238843][T18243]  ? __lock_acquire+0xb8a/0x1c90
[  628.238872][T18243]  do_filp_open+0x20b/0x470
[  628.238902][T18243]  ? __pfx_do_filp_open+0x10/0x10
[  628.238950][T18243]  ? alloc_fd+0x471/0x7d0
[  628.238984][T18243]  do_sys_openat2+0x11b/0x1d0
[  628.239006][T18243]  ? __pfx_do_sys_openat2+0x10/0x10
[  628.239027][T18243]  ? __sock_release+0x20b/0x270
[  628.239056][T18243]  __x64_sys_openat+0x174/0x210
[  628.239078][T18243]  ? __pfx___x64_sys_openat+0x10/0x10
[  628.239112][T18243]  do_syscall_64+0xcd/0x490
[  628.239149][T18243]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  628.239169][T18243] RIP: 0033:0x7fad5418e929
[  628.239184][T18243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  628.239204][T18243] RSP: 002b:00007fad51ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  628.239222][T18243] RAX: ffffffffffffffda RBX: 00007fad543b5fa0 RCX: 00007fad5418e929
[  628.239236][T18243] RDX: 0000000000000600 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  628.239249][T18243] RBP: 00007fad54210b39 R08: 0000000000000000 R09: 0000000000000000
[  628.239261][T18243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  628.239273][T18243] R13: 0000000000000000 R14: 00007fad543b5fa0 R15: 00007ffdeca58d28
[  628.239299][T18243]  </TASK>
[  630.316941][   T30] audit: type=1804 audit(4294967421.539:30): pid=18378 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1400" name="/newroot/337/file0" dev="tmpfs" ino=1816 res=1 errno=0
[  630.396249][   T30] audit: type=1800 audit(4294967421.569:31): pid=18378 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1400" name="file0" dev="tmpfs" ino=1816 res=0 errno=0
[  632.472811][T18399] kexec: Could not allocate control_code_buffer
[  633.071301][T16768] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  633.082327][T16768] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  633.090041][T16768] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  633.097712][T16768] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  633.105457][T16768] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  634.012530][T18421] chnl_net:caif_netlink_parms(): no params data found
[  634.164694][T16131] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  634.173943][T16131] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  634.181982][T16131] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  634.200799][T16131] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  634.210954][T16131] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  634.632092][T18421] bridge0: port 1(bridge_slave_0) entered blocking state
[  634.651915][T18421] bridge0: port 1(bridge_slave_0) entered disabled state
[  634.676824][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  634.683195][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  634.694206][T18421] bridge_slave_0: entered allmulticast mode
[  634.721554][T18421] bridge_slave_0: entered promiscuous mode
[  634.736051][T18421] bridge0: port 2(bridge_slave_1) entered blocking state
[  634.753418][T18421] bridge0: port 2(bridge_slave_1) entered disabled state
[  634.769675][T18421] bridge_slave_1: entered allmulticast mode
[  634.785784][T18421] bridge_slave_1: entered promiscuous mode
[  634.958351][T18421] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  635.003755][T18636] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  635.018002][T18421] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  635.149265][T16131] Bluetooth: hci5: command tx timeout
[  635.245267][T18421] team0: Port device team_slave_0 added
[  635.291935][T18421] team0: Port device team_slave_1 added
[  635.523676][T18421] batman_adv: batadv0: Adding interface: batadv_slave_0
[  635.542142][T18421] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  635.629897][T18421] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  635.684443][T18421] batman_adv: batadv0: Adding interface: batadv_slave_1
[  635.716932][T18421] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  635.802281][T18421] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  636.273579][T16131] Bluetooth: hci6: command tx timeout
[  636.489125][T18421] hsr_slave_0: entered promiscuous mode
[  636.519950][T18421] hsr_slave_1: entered promiscuous mode
[  636.526000][T18421] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  636.592346][T18421] Cannot create hsr debugfs directory
[  636.612264][T18567] chnl_net:caif_netlink_parms(): no params data found
[  637.239024][T16131] Bluetooth: hci5: command tx timeout
[  637.345994][T18567] bridge0: port 1(bridge_slave_0) entered blocking state
[  637.371013][T18567] bridge0: port 1(bridge_slave_0) entered disabled state
[  637.388822][T18567] bridge_slave_0: entered allmulticast mode
[  637.400690][T18567] bridge_slave_0: entered promiscuous mode
[  637.493322][T18567] bridge0: port 2(bridge_slave_1) entered blocking state
[  637.509285][T18567] bridge0: port 2(bridge_slave_1) entered disabled state
[  637.521802][T18567] bridge_slave_1: entered allmulticast mode
[  637.539248][T18567] bridge_slave_1: entered promiscuous mode
[  637.662281][T18567] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  637.707771][T18567] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  637.963208][T18567] team0: Port device team_slave_0 added
[  638.042744][T18567] team0: Port device team_slave_1 added
[  638.171093][T18567] batman_adv: batadv0: Adding interface: batadv_slave_0
[  638.178051][T18567] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  638.279265][T18567] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  638.355733][T16768] Bluetooth: hci6: command tx timeout
[  638.382975][T18567] batman_adv: batadv0: Adding interface: batadv_slave_1
[  638.397066][T18567] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  638.431742][T19090] Invalid ELF header magic: != ELF
[  638.467658][T18567] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  638.521508][T18421] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  638.600522][T18421] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  638.684725][T18421] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  638.751309][T18567] hsr_slave_0: entered promiscuous mode
[  638.768644][T18567] hsr_slave_1: entered promiscuous mode
[  638.782536][T18567] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  638.801498][T18567] Cannot create hsr debugfs directory
[  638.849777][T18421] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  639.310503][T16768] Bluetooth: hci5: command tx timeout
[  639.635811][T18421] 8021q: adding VLAN 0 to HW filter on device bond0
[  639.688626][T18567] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  639.764192][T18567] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  639.825015][T18421] 8021q: adding VLAN 0 to HW filter on device team0
[  639.841483][T18567] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  639.893164][T16179] bridge0: port 1(bridge_slave_0) entered blocking state
[  639.900295][T16179] bridge0: port 1(bridge_slave_0) entered forwarding state
[  639.923863][T16179] bridge0: port 2(bridge_slave_1) entered blocking state
[  639.930994][T16179] bridge0: port 2(bridge_slave_1) entered forwarding state
[  639.963821][T18567] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  640.344396][T18567] 8021q: adding VLAN 0 to HW filter on device bond0
[  640.434865][T16768] Bluetooth: hci6: command tx timeout
[  640.465382][T18567] 8021q: adding VLAN 0 to HW filter on device team0
[  640.587025][T17801] bridge0: port 1(bridge_slave_0) entered blocking state
[  640.594214][T17801] bridge0: port 1(bridge_slave_0) entered forwarding state
[  640.723251][T17801] bridge0: port 2(bridge_slave_1) entered blocking state
[  640.730424][T17801] bridge0: port 2(bridge_slave_1) entered forwarding state
[  640.856993][T18421] 8021q: adding VLAN 0 to HW filter on device batadv0
[  640.926011][T18567] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  641.391154][T16768] Bluetooth: hci5: command tx timeout
[  641.397887][T19338] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  641.634572][T18567] 8021q: adding VLAN 0 to HW filter on device batadv0
[  641.876252][T18421] veth0_vlan: entered promiscuous mode
[  641.928296][T18421] veth1_vlan: entered promiscuous mode
[  642.051468][T18421] veth0_macvtap: entered promiscuous mode
[  642.090702][T18421] veth1_macvtap: entered promiscuous mode
[  642.195593][T18421] batman_adv: batadv0: Interface activated: batadv_slave_0
[  642.245983][T18421] batman_adv: batadv0: Interface activated: batadv_slave_1
[  642.295569][T18421] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  642.341419][T18421] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  642.410017][T18421] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  642.418720][T18421] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  642.512361][T16768] Bluetooth: hci6: command tx timeout
[  642.865141][T18567] veth0_vlan: entered promiscuous mode
[  642.894382][T17801] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  642.928304][T17801] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  643.006758][T18567] veth1_vlan: entered promiscuous mode
[  643.118289][T18567] veth0_macvtap: entered promiscuous mode
[  643.148332][T17803] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  643.161698][T18567] veth1_macvtap: entered promiscuous mode
[  643.172208][T17803] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  643.262469][T18567] batman_adv: batadv0: Interface activated: batadv_slave_0
[  643.419478][T18567] batman_adv: batadv0: Interface activated: batadv_slave_1
[  643.531735][T18567] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  643.593571][T18567] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  643.633218][T18567] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  643.666193][T18567] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  643.991943][T17801] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  644.035366][T17801] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  644.124353][T17801] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  644.171945][T17801] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  647.723906][T16768] Bluetooth: hci5: unexpected event 0x3d length: 726 > 14
[  649.231456][T19499] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  649.288879][T19499] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  649.320296][T19499] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  649.346029][T19499] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  649.403093][T19499] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  649.444662][T19499] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  649.542657][T19499] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  649.616419][T19518] netlink: 'syz.0.1427': attribute type 1 has an invalid length.
[  649.642231][T19518] netlink: 33 bytes leftover after parsing attributes in process `syz.0.1427'.
[  649.768469][T19499] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  649.828956][T19499] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  649.882912][T19499] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  649.945695][T19499] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  649.990844][T19499] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  650.098712][T19499] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  650.591623][T16768] Bluetooth: hci0: command 0x0c1a tx timeout
[  651.314444][T16768] Bluetooth: hci1: command 0x0c1a tx timeout
[  651.389937][T16768] Bluetooth: hci3: command 0x0c1a tx timeout
[  651.396504][T16131] Bluetooth: hci2: command 0x0c1a tx timeout
[  651.469783][T16768] Bluetooth: hci4: command 0x0c1a tx timeout
[  651.790069][T16768] Bluetooth: hci5: command 0x0c1a tx timeout
[  651.950473][T16768] Bluetooth: hci6: command 0x0c1a tx timeout
[  653.550318][T16768] Bluetooth: hci4: command 0x0c1a tx timeout
[  653.808723][T19702] sd 0:0:1:0: PR command failed: 1026
[  653.842061][T19702] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  653.848784][T19702] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  653.875866][T16768] Bluetooth: hci5: command 0x0c1a tx timeout
[  654.029356][T16768] Bluetooth: hci6: command 0x0c1a tx timeout
[  654.897447][T19619] kexec: Could not allocate control_code_buffer
[  655.417101][T19771] FAULT_INJECTION: forcing a failure.
[  655.417101][T19771] name failslab, interval 1, probability 0, space 0, times 0
[  655.495228][T19771] CPU: 0 UID: 0 PID: 19771 Comm: syz.4.1441 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  655.495256][T19771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  655.495268][T19771] Call Trace:
[  655.495274][T19771]  <TASK>
[  655.495282][T19771]  dump_stack_lvl+0x16c/0x1f0
[  655.495317][T19771]  should_fail_ex+0x512/0x640
[  655.495347][T19771]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  655.495377][T19771]  should_failslab+0xc2/0x120
[  655.495395][T19771]  __kmalloc_cache_noprof+0x6a/0x3e0
[  655.495423][T19771]  ? cuse_channel_open+0x4f/0x7f0
[  655.495453][T19771]  ? __pfx_cuse_channel_open+0x10/0x10
[  655.495478][T19771]  cuse_channel_open+0x4f/0x7f0
[  655.495504][T19771]  ? __pfx_cuse_channel_open+0x10/0x10
[  655.495532][T19771]  misc_open+0x35a/0x420
[  655.495565][T19771]  ? __pfx_misc_open+0x10/0x10
[  655.495589][T19771]  chrdev_open+0x231/0x6a0
[  655.495621][T19771]  ? __pfx_apparmor_file_open+0x10/0x10
[  655.495646][T19771]  ? __pfx_chrdev_open+0x10/0x10
[  655.495680][T19771]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  655.495711][T19771]  do_dentry_open+0x744/0x1c10
[  655.495741][T19771]  ? __pfx_chrdev_open+0x10/0x10
[  655.495778][T19771]  vfs_open+0x82/0x3f0
[  655.495801][T19771]  path_openat+0x1de4/0x2cb0
[  655.495838][T19771]  ? __pfx_path_openat+0x10/0x10
[  655.495868][T19771]  ? __lock_acquire+0xb8a/0x1c90
[  655.495898][T19771]  do_filp_open+0x20b/0x470
[  655.495927][T19771]  ? __pfx_do_filp_open+0x10/0x10
[  655.495974][T19771]  ? alloc_fd+0x471/0x7d0
[  655.496008][T19771]  do_sys_openat2+0x11b/0x1d0
[  655.496029][T19771]  ? __pfx_do_sys_openat2+0x10/0x10
[  655.496061][T19771]  __x64_sys_openat+0x174/0x210
[  655.496084][T19771]  ? __pfx___x64_sys_openat+0x10/0x10
[  655.496117][T19771]  do_syscall_64+0xcd/0x490
[  655.496150][T19771]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  655.496171][T19771] RIP: 0033:0x7fad5418e929
[  655.496186][T19771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  655.496206][T19771] RSP: 002b:00007fad51fd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  655.496228][T19771] RAX: ffffffffffffffda RBX: 00007fad543b6080 RCX: 00007fad5418e929
[  655.496241][T19771] RDX: 00000000001c1041 RSI: 0000200000000140 RDI: ffffffffffffff9c
[  655.496254][T19771] RBP: 00007fad54210b39 R08: 0000000000000000 R09: 0000000000000000
[  655.496266][T19771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  655.496278][T19771] R13: 0000000000000000 R14: 00007fad543b6080 R15: 00007ffdeca58d28
[  655.496303][T19771]  </TASK>
[  655.869221][T19778] ptrace attach of "./syz-executor exec"[5827] was attempted by "./syz-executor exec"[19778]
[  656.030150][T16768] Bluetooth: hci4: command 0x0c1a tx timeout
[  656.036456][T16768] Bluetooth: hci5: command 0x0c1a tx timeout
[  656.141166][T16131] Bluetooth: hci6: command 0x0c1a tx timeout
[  657.412591][T19846] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  657.900717][T19889] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1445'.
[  660.689336][T20003] netlink: 'syz.4.1452': attribute type 1 has an invalid length.
[  660.736227][T20003] netlink: 33 bytes leftover after parsing attributes in process `syz.4.1452'.
[  661.544476][T20024] netlink: 296 bytes leftover after parsing attributes in process `syz.0.1453'.
[  662.248160][T20030] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  662.290811][T20030] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  662.319688][T20030] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  662.359318][T20030] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  662.387457][T20030] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  662.394439][T20053] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1456'.
[  662.414020][T20030] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  662.442507][T20030] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  663.470425][T16131] Bluetooth: hci0: command 0x0c1a tx timeout
[  664.351517][T16131] Bluetooth: hci3: command 0x0c1a tx timeout
[  664.358362][T16768] Bluetooth: hci2: command 0x0c1a tx timeout
[  664.366145][T16768] Bluetooth: hci1: command 0x0c1a tx timeout
[  664.429390][T20130] Bluetooth: hci5: command 0x0c1a tx timeout
[  664.435433][T16248] Bluetooth: hci4: command 0x0c1a tx timeout
[  664.510940][T20130] Bluetooth: hci6: command 0x0c1a tx timeout
[  665.893159][T20169] vhci_hcd: invalid port number 16
[  665.962793][T20169] vhci_hcd: invalid port number 16
[  667.468859][T20130] Bluetooth: hci0: unexpected event 0x3d length: 726 > 14
[  667.695781][T20223] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  667.795653][T20223] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  667.837579][T20223] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  667.884600][T20223] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  667.914923][T20223] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  667.945115][T20223] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  667.998318][T20223] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  668.838479][T20297] ubi0: attaching mtd0
[  668.884693][T20297] ubi0: scanning is finished
[  668.955360][T20297] ubi0 error: ubi_read_volume_table: the layout volume was not found
[  669.149277][T20130] Bluetooth: hci0: command 0x0c1a tx timeout
[  669.259885][T20297] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  669.677149][T20290] Invalid ELF header magic: != ELF
[  669.871572][T20130] Bluetooth: hci2: command 0x0c1a tx timeout
[  669.877720][T16248] Bluetooth: hci1: command 0x0c1a tx timeout
[  669.949545][T20130] Bluetooth: hci5: command 0x0c1a tx timeout
[  669.955591][T16248] Bluetooth: hci4: command 0x0c1a tx timeout
[  669.961669][T16131] Bluetooth: hci3: command 0x0c1a tx timeout
[  669.972179][T20313] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1475'.
[  670.029310][T20130] Bluetooth: hci6: command 0x0c1a tx timeout
[  670.071086][T20283] kexec: Could not allocate control_code_buffer
[  670.203876][T20313] team0: Port device team_slave_1 removed
[  672.515195][T20438] ptrace attach of "./syz-executor exec"[18567] was attempted by "./syz-executor exec"[20438]
[  674.602707][T20450] sd 0:0:1:0: PR command failed: 1026
[  674.602770][T20450] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  674.602812][T20450] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  675.530233][T20130] Bluetooth: hci6: unexpected event 0x3d length: 726 > 14
[  675.850861][T20478] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1483'.
[  677.975590][T20569] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1488'.
[  678.185720][T20569] team0: Port device team_slave_1 removed
[  680.042847][T20686] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1492'.
[  680.616172][T20608] ptrace attach of "./syz-executor exec"[17250] was attempted by "./syz-executor exec"[20608]
[  682.470158][T20742] Invalid ELF header magic: != ELF
[  682.554309][T20742] netlink: zone id is out of range
[  682.619374][T20742] netlink: zone id is out of range
[  682.715187][T20742] netlink: zone id is out of range
[  682.808504][T20742] netlink: zone id is out of range
[  682.913899][T20742] netlink: zone id is out of range
[  684.667466][T20812] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1501'.
[  685.107429][T20839] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1503'.
[  686.209426][T20878] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1506'.
[  686.322704][T20878] netlink: 354 bytes leftover after parsing attributes in process `syz.4.1506'.
[  686.683081][T20880] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1505'.
[  689.132822][T20958] GUP no longer grows the stack in syz.0.1510 (20958): 14000-401000 (4000)
[  689.311716][T20958] CPU: 0 UID: 0 PID: 20958 Comm: syz.0.1510 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  689.311745][T20958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  689.311758][T20958] Call Trace:
[  689.311764][T20958]  <TASK>
[  689.311772][T20958]  dump_stack_lvl+0x16c/0x1f0
[  689.311809][T20958]  gup_vma_lookup+0x1d2/0x220
[  689.311832][T20958]  __get_user_pages+0x271/0x3b80
[  689.311863][T20958]  ? process_vm_rw_core.constprop.0+0x1d8/0x9a0
[  689.311897][T20958]  ? kasan_save_stack+0x42/0x60
[  689.311927][T20958]  ? __pfx___get_user_pages+0x10/0x10
[  689.311949][T20958]  ? register_lock_class+0x41/0x4c0
[  689.311994][T20958]  ? __x64_sys_process_vm_readv+0xe2/0x1c0
[  689.312028][T20958]  ? do_syscall_64+0xcd/0x490
[  689.312071][T20958]  __gup_longterm_locked+0x20d/0x1840
[  689.312105][T20958]  ? __lock_acquire+0xb8a/0x1c90
[  689.312137][T20958]  ? __pfx___gup_longterm_locked+0x10/0x10
[  689.312176][T20958]  pin_user_pages_remote+0xed/0x140
[  689.312204][T20958]  ? __pfx_pin_user_pages_remote+0x10/0x10
[  689.312230][T20958]  ? mm_access+0x22d/0x2e0
[  689.312264][T20958]  process_vm_rw_core.constprop.0+0x41b/0x9a0
[  689.312312][T20958]  ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10
[  689.312350][T20958]  ? iovec_from_user+0xbb/0x140
[  689.312396][T20958]  ? iovec_from_user+0xbb/0x140
[  689.312433][T20958]  process_vm_rw+0x216/0x2c0
[  689.312469][T20958]  ? __pfx_process_vm_rw+0x10/0x10
[  689.312511][T20958]  ? __pfx___sys_sendmmsg+0x10/0x10
[  689.312571][T20958]  ? xfd_validate_state+0x61/0x180
[  689.312597][T20958]  ? __task_pid_nr_ns+0x17c/0x500
[  689.312628][T20958]  __x64_sys_process_vm_readv+0xe2/0x1c0
[  689.312675][T20958]  ? do_syscall_64+0x91/0x490
[  689.312705][T20958]  ? lockdep_hardirqs_on+0x7c/0x110
[  689.312738][T20958]  do_syscall_64+0xcd/0x490
[  689.312771][T20958]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  689.312791][T20958] RIP: 0033:0x7f02a3b8e929
[  689.312807][T20958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  689.312827][T20958] RSP: 002b:00007f02a49e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136
[  689.312845][T20958] RAX: ffffffffffffffda RBX: 00007f02a3db6080 RCX: 00007f02a3b8e929
[  689.312859][T20958] RDX: 0000000000000004 RSI: 0000200000000040 RDI: 0000000000000616
[  689.312871][T20958] RBP: 00007f02a3c10b39 R08: 0000000000000003 R09: 0000000000000000
[  689.312883][T20958] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000
[  689.312895][T20958] R13: 0000000000000000 R14: 00007f02a3db6080 R15: 00007ffd4c44c3e8
[  689.312920][T20958]  </TASK>
[  692.956339][T20130] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  696.129976][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  696.136397][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  698.878372][T21190] sd 0:0:1:0: PR command failed: 1026
[  698.921735][T21190] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  698.978668][T21190] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  699.965087][T21234] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  700.071182][T21234] FAULT_INJECTION: forcing a failure.
[  700.071182][T21234] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  700.148012][T21234] CPU: 0 UID: 0 PID: 21234 Comm: syz.6.1530 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  700.148039][T21234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  700.148051][T21234] Call Trace:
[  700.148057][T21234]  <TASK>
[  700.148065][T21234]  dump_stack_lvl+0x16c/0x1f0
[  700.148100][T21234]  should_fail_ex+0x512/0x640
[  700.148133][T21234]  should_fail_alloc_page+0xe7/0x130
[  700.148155][T21234]  prepare_alloc_pages+0x3c2/0x610
[  700.148179][T21234]  ? rcu_is_watching+0x12/0xc0
[  700.148201][T21234]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  700.148234][T21234]  ? __lock_acquire+0xb8a/0x1c90
[  700.148270][T21234]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  700.148301][T21234]  ? do_raw_spin_lock+0x12c/0x2b0
[  700.148333][T21234]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  700.148364][T21234]  ? find_held_lock+0x2b/0x80
[  700.148391][T21234]  ? __lock_acquire+0xb8a/0x1c90
[  700.148416][T21234]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  700.148448][T21234]  ? policy_nodemask+0xea/0x4e0
[  700.148483][T21234]  alloc_pages_mpol+0x1fb/0x550
[  700.148503][T21234]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  700.148528][T21234]  folio_alloc_mpol_noprof+0x36/0x2f0
[  700.148553][T21234]  shmem_alloc_folio+0x135/0x160
[  700.148578][T21234]  shmem_alloc_and_add_folio+0x499/0xc20
[  700.148612][T21234]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  700.148644][T21234]  ? shmem_allowable_huge_orders+0xcb/0x2f0
[  700.148678][T21234]  shmem_get_folio_gfp+0x67f/0x1600
[  700.148712][T21234]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  700.148743][T21234]  ? __lock_acquire+0x622/0x1c90
[  700.148772][T21234]  shmem_fault+0x1fe/0xa30
[  700.148802][T21234]  ? __pfx_shmem_fault+0x10/0x10
[  700.148836][T21234]  ? __lock_acquire+0xb8a/0x1c90
[  700.148868][T21234]  __do_fault+0x10a/0x490
[  700.148898][T21234]  ? __pfx_filemap_map_pages+0x10/0x10
[  700.148930][T21234]  __handle_mm_fault+0x374c/0x5490
[  700.148964][T21234]  ? __pfx___handle_mm_fault+0x10/0x10
[  700.148997][T21234]  ? __pte_offset_map_lock+0x174/0x310
[  700.149018][T21234]  ? find_held_lock+0x2b/0x80
[  700.149036][T21234]  ? find_held_lock+0x2b/0x80
[  700.149061][T21234]  ? follow_page_pte+0x3af/0x14c0
[  700.149090][T21234]  handle_mm_fault+0x589/0xd10
[  700.149126][T21234]  __get_user_pages+0x589/0x3b80
[  700.149158][T21234]  ? __pfx___get_user_pages+0x10/0x10
[  700.149181][T21234]  ? __pfx_down_read_killable+0x10/0x10
[  700.149204][T21234]  ? __lock_acquire+0xb8a/0x1c90
[  700.149234][T21234]  faultin_page_range+0x249/0x980
[  700.149265][T21234]  madvise_do_behavior+0x268/0x3f0
[  700.149289][T21234]  ? __pfx_madvise_do_behavior+0x10/0x10
[  700.149325][T21234]  do_madvise+0x161/0x230
[  700.149346][T21234]  ? __pfx_do_madvise+0x10/0x10
[  700.149379][T21234]  ? xfd_validate_state+0x61/0x180
[  700.149404][T21234]  ? __pfx_do_writev+0x10/0x10
[  700.149435][T21234]  __x64_sys_madvise+0xa9/0x110
[  700.149456][T21234]  ? lockdep_hardirqs_on+0x7c/0x110
[  700.149486][T21234]  do_syscall_64+0xcd/0x490
[  700.149519][T21234]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  700.149540][T21234] RIP: 0033:0x7fccd6d8e929
[  700.149555][T21234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  700.149575][T21234] RSP: 002b:00007fccd7bd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  700.149593][T21234] RAX: ffffffffffffffda RBX: 00007fccd6fb5fa0 RCX: 00007fccd6d8e929
[  700.149606][T21234] RDX: 0000000000000017 RSI: 0000000000100000 RDI: 0000000000000000
[  700.149618][T21234] RBP: 00007fccd6e10b39 R08: 0000000000000000 R09: 0000000000000000
[  700.149630][T21234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  700.149642][T21234] R13: 0000000000000000 R14: 00007fccd6fb5fa0 R15: 00007ffd79754f68
[  700.149667][T21234]  </TASK>
[  702.752080][T21290] ERROR: Out of memory at tomoyo_memory_ok.
[  704.496604][T21345] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1540'.
[  705.198906][T16248] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  705.208947][T16248] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  705.227858][T16248] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  705.244386][T16248] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  705.254602][T16248] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  705.891083][T21437] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1548'.
[  706.038455][T21360] chnl_net:caif_netlink_parms(): no params data found
[  706.642879][T21528] ERROR: Out of memory at tomoyo_memory_ok.
[  706.730816][T21360] bridge0: port 1(bridge_slave_0) entered blocking state
[  706.769016][T21360] bridge0: port 1(bridge_slave_0) entered disabled state
[  706.815155][T21360] bridge_slave_0: entered allmulticast mode
[  706.858104][T21360] bridge_slave_0: entered promiscuous mode
[  706.905164][T21360] bridge0: port 2(bridge_slave_1) entered blocking state
[  706.959799][T21360] bridge0: port 2(bridge_slave_1) entered disabled state
[  706.998886][T21360] bridge_slave_1: entered allmulticast mode
[  707.034101][T21360] bridge_slave_1: entered promiscuous mode
[  707.303597][T21360] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  707.318392][T20130] Bluetooth: hci7: command tx timeout
[  707.396080][T21360] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  707.712040][T21360] team0: Port device team_slave_0 added
[  707.821565][T21360] team0: Port device team_slave_1 added
[  707.885947][T21576] usbip-vudc usbip-vudc.0: gadget not bound
[  707.967373][T21360] batman_adv: batadv0: Adding interface: batadv_slave_0
[  707.993312][T21360] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  708.118255][T21360] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  708.189717][T21360] batman_adv: batadv0: Adding interface: batadv_slave_1
[  708.232849][T21360] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  708.368032][T21649] netlink: 354 bytes leftover after parsing attributes in process `syz.0.1547'.
[  708.411967][T21360] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  709.107043][T21360] hsr_slave_0: entered promiscuous mode
[  709.134763][T21360] hsr_slave_1: entered promiscuous mode
[  709.152243][T21360] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  709.185412][T21360] Cannot create hsr debugfs directory
[  709.398475][T20130] Bluetooth: hci7: command tx timeout
[  709.639688][T21672] program syz.5.1550 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  710.212071][T21360] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  710.299700][T21360] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  710.343778][T21360] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  710.475683][T21360] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  710.757217][T21360] 8021q: adding VLAN 0 to HW filter on device bond0
[  710.834955][T21360] 8021q: adding VLAN 0 to HW filter on device team0
[  710.886871][T17801] bridge0: port 1(bridge_slave_0) entered blocking state
[  710.894042][T17801] bridge0: port 1(bridge_slave_0) entered forwarding state
[  711.020638][T16135] bridge0: port 2(bridge_slave_1) entered blocking state
[  711.027750][T16135] bridge0: port 2(bridge_slave_1) entered forwarding state
[  711.097498][   T30] audit: type=1326 audit(4294967502.319:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21792 comm="syz.6.1551" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fccd6d8e929 code=0x0
[  711.119143][    C0] vkms_vblank_simulate: vblank timer overrun
[  711.205196][T21360] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  711.479962][T20130] Bluetooth: hci7: command tx timeout
[  711.727822][T21813] ERROR: Out of memory at tomoyo_memory_ok.
[  711.862679][T21360] 8021q: adding VLAN 0 to HW filter on device batadv0
[  712.749417][   T31] INFO: task kworker/u10:0:16130 blocked for more than 143 seconds.
[  712.784217][   T31]       Not tainted 6.16.0-rc4-syzkaller #0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  712.794749][T16248] Bluetooth: hci6: Malformed HCI Event
[  712.839314][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  712.919826][   T31] task:kworker/u10:0   state:D stack:26952 pid:16130 tgid:16130 ppid:2      task_flags:0x4208060 flags:0x00004000
[  713.009959][   T31] Workqueue: netns cleanup_net
[  713.037143][   T31] Call Trace:
[  713.071901][T21360] veth0_vlan: entered promiscuous mode
[  713.086040][   T31]  <TASK>
[  713.101605][   T31]  __schedule+0x116a/0x5de0
[  713.131706][   T31]  ? __lock_acquire+0x622/0x1c90
[  713.142076][T21360] veth1_vlan: entered promiscuous mode
[  713.179575][   T31]  ? __pfx___schedule+0x10/0x10
[  713.196529][   T31]  ? find_held_lock+0x2b/0x80
[  713.229227][   T31]  ? schedule+0x2d7/0x3a0
[  713.254573][   T31]  schedule+0xe7/0x3a0
[  713.258683][   T31]  schedule_timeout+0x257/0x290
[  713.297834][T21360] veth0_macvtap: entered promiscuous mode
[  713.307705][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  713.351099][T21360] veth1_macvtap: entered promiscuous mode
[  713.359723][   T31]  ? mark_held_locks+0x49/0x80
[  713.364516][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  713.397253][   T31]  __wait_for_common+0x2ff/0x4e0
[  713.427948][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  713.436330][T21360] batman_adv: batadv0: Interface activated: batadv_slave_0
[  713.459219][   T31]  ? __pfx___wait_for_common+0x10/0x10
[  713.488324][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  713.500395][T21360] batman_adv: batadv0: Interface activated: batadv_slave_1
[  713.538787][   T31]  ? flush_workqueue_prep_pwqs+0x2e9/0x510
[  713.554925][T16248] Bluetooth: hci7: command tx timeout
[  713.570916][T21360] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  713.580421][   T31]  __flush_workqueue+0x3e2/0x1230
[  713.585492][   T31]  ? __pfx___flush_workqueue+0x10/0x10
[  713.630976][T21360] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  713.644187][   T31]  ? reacquire_held_locks+0xcd/0x1f0
[  713.659252][   T31]  ? __pfx_sock_def_readable+0x10/0x10
[  713.679501][T21360] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  713.709433][   T31]  ? __pfx_sock_def_readable+0x10/0x10
[  713.724145][T21360] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  713.733220][   T31]  rds_tcp_listen_stop+0x104/0x150
[  713.738363][   T31]  ? __pfx_rds_tcp_exit_net+0x10/0x10
[  713.784927][   T31]  rds_tcp_exit_net+0xcb/0x810
[  713.811173][   T31]  ? __pfx_rds_tcp_exit_net+0x10/0x10
[  713.842076][   T31]  ? __pfx___might_resched+0x10/0x10
[  713.871944][   T31]  ? __pfx_rds_tcp_exit_net+0x10/0x10
[  713.882226][T21832] zswap: compressor  not available
[  713.919653][   T31]  ops_undo_list+0x2eb/0xab0
[  713.939166][   T31]  ? __pfx_ops_undo_list+0x10/0x10
[  713.944325][   T31]  ? __local_bh_enable_ip+0xa4/0x120
[  713.996960][   T31]  cleanup_net+0x408/0x890
[  714.069215][   T31]  ? __pfx_cleanup_net+0x10/0x10
[  714.099817][   T31]  ? rcu_is_watching+0x12/0xc0
[  714.104630][   T31]  process_one_work+0x9cf/0x1b70
[  714.199325][   T31]  ? __pfx_process_one_work+0x10/0x10
[  714.204753][   T31]  ? assign_work+0x1a0/0x250
[  714.232578][   T31]  worker_thread+0x6c8/0xf10
[  714.237305][   T31]  ? __pfx_worker_thread+0x10/0x10
[  714.268960][   T31]  kthread+0x3c5/0x780
[  714.276861][   T31]  ? __pfx_kthread+0x10/0x10
[  714.303203][   T31]  ? rcu_is_watching+0x12/0xc0
[  714.307995][   T31]  ? __pfx_kthread+0x10/0x10
[  714.326946][   T31]  ret_from_fork+0x5d4/0x6f0
[  714.350670][   T31]  ? __pfx_kthread+0x10/0x10
[  714.355293][   T31]  ret_from_fork_asm+0x1a/0x30
[  714.372559][   T31]  </TASK>
[  714.389301][   T31] 
[  714.389301][   T31] Showing all locks held in the system:
[  714.397046][   T31] 1 lock held by khungtaskd/31:
[  714.527337][   T31]  #0: ffffffff8e5c47c0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0
[  714.599191][   T31] 3 locks held by kworker/0:2/14013:
[  714.604495][   T31]  #0: ffff88801b880d48 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  714.669591][   T31]  #1: ffffc9000af67d10 (free_ipc_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  714.719146][   T31]  #2: ffffffff8e5cfdb8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x284/0x3c0
[  714.756956][   T31] 2 locks held by getty/14242:
[  714.774028][   T31]  #0: ffff888031dde0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  714.799130][   T31]  #1: ffffc900032a42f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0
[  714.819501][   T31] 3 locks held by kworker/u10:0/16130:
[  714.824976][   T31]  #0: ffff88801c6fe148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  714.850316][   T31]  #1: ffffc9000b147d10 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  714.869800][   T31]  #2: ffffffff90337c90 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xad/0x890
[  714.899027][   T31] 3 locks held by kworker/u10:4/16174:
[  714.905055][   T31]  #0: ffff8880311f2148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  714.925253][   T31]  #1: ffffc9000ab27d10 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  714.937862][   T31]  #2: ffffffff9034dce8 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_dad_work+0x120/0x14e0
[  714.948360][   T31] 1 lock held by syz.3.1297/16762:
[  714.953661][   T31]  #0: ffffffff90337c90 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0
[  714.964160][   T31] 1 lock held by syz.2.1379/17998:
[  714.969458][   T31]  #0: ffffffff90337c90 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0
[  714.978885][   T31] 1 lock held by syz.1.1382/18053:
[  714.984268][   T31]  #0: ffffffff90337c90 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0
[  715.002776][   T31] 1 lock held by syz-executor/18567:
[  715.008159][   T31]  #0: ffffffff9034dce8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x230
[  715.017915][   T31] 1 lock held by syz.4.1513/21022:
[  715.023237][   T31]  #0: ffffffff90337c90 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0
[  715.032824][   T31] 1 lock held by syz.0.1554/21823:
[  715.038036][   T31]  #0: ffffffff8e5cfdb8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x1a3/0x3c0
[  715.102678][   T31] 
[  715.105022][   T31] =============================================
[  715.105022][   T31] 
[  715.155986][   T31] NMI backtrace for cpu 0
[  715.156002][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  715.156031][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  715.156045][   T31] Call Trace:
[  715.156053][   T31]  <TASK>
[  715.156062][   T31]  dump_stack_lvl+0x116/0x1f0
[  715.156106][   T31]  nmi_cpu_backtrace+0x27b/0x390
[  715.156130][   T31]  ? _raw_spin_unlock_irqrestore+0x61/0x80
[  715.156161][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  715.156189][   T31]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[  715.156217][   T31]  watchdog+0xf70/0x12c0
[  715.156253][   T31]  ? __pfx_watchdog+0x10/0x10
[  715.156282][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  715.156314][   T31]  ? __kthread_parkme+0x19e/0x250
[  715.156340][   T31]  ? __pfx_watchdog+0x10/0x10
[  715.156370][   T31]  kthread+0x3c5/0x780
[  715.156399][   T31]  ? __pfx_kthread+0x10/0x10
[  715.156429][   T31]  ? rcu_is_watching+0x12/0xc0
[  715.156450][   T31]  ? __pfx_kthread+0x10/0x10
[  715.156484][   T31]  ret_from_fork+0x5d4/0x6f0
[  715.156511][   T31]  ? __pfx_kthread+0x10/0x10
[  715.156540][   T31]  ret_from_fork_asm+0x1a/0x30
[  715.156574][   T31]  </TASK>
[  715.156588][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  715.279793][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  715.289871][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  715.299929][   T31] Call Trace:
[  715.303210][   T31]  <TASK>
[  715.306146][   T31]  dump_stack_lvl+0x3d/0x1f0
[  715.310754][   T31]  panic+0x71c/0x800
[  715.314658][   T31]  ? __pfx_panic+0x10/0x10
[  715.319087][   T31]  ? ret_from_fork_asm+0x1a/0x30
[  715.324037][   T31]  ? nmi_backtrace_stall_check+0x6e/0x540
[  715.329786][   T31]  ? irq_work_queue+0xce/0x100
[  715.334573][   T31]  ? watchdog+0xdda/0x12c0
[  715.339005][   T31]  ? watchdog+0xdcd/0x12c0
[  715.343441][   T31]  watchdog+0xdeb/0x12c0
[  715.347703][   T31]  ? __pfx_watchdog+0x10/0x10
[  715.352393][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  715.358031][   T31]  ? __kthread_parkme+0x19e/0x250
[  715.363158][   T31]  ? __pfx_watchdog+0x10/0x10
[  715.367854][   T31]  kthread+0x3c5/0x780
[  715.371938][   T31]  ? __pfx_kthread+0x10/0x10
[  715.376540][   T31]  ? rcu_is_watching+0x12/0xc0
[  715.381311][   T31]  ? __pfx_kthread+0x10/0x10
[  715.385916][   T31]  ret_from_fork+0x5d4/0x6f0
[  715.390530][   T31]  ? __pfx_kthread+0x10/0x10
[  715.395149][   T31]  ret_from_fork_asm+0x1a/0x30
[  715.399931][   T31]  </TASK>
[  715.403008][   T31] Kernel Offset: disabled
[  715.407339][   T31] Rebooting in 86400 seconds..