last executing test programs:

2m10.660133398s ago: executing program 0 (id=521):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
getcwd$auto(0x0, 0x5) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0x5, 0x0)
pipe$auto(0x0) (async)
socket(0x11, 0x80003, 0x300) (async)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0)
r0 = pidfd_open$auto(0x1, 0x0)
setns(r0, 0x60020000)
r1 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
getdents$auto(r1, 0x0, 0x400018) (async)
ioctl$auto(0x3, 0x4020565a, 0x38) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket(0x11, 0x80003, 0x300)
io_uring_setup$auto(0x6, 0x0) (async)
setsockopt$auto(r3, 0x107, 0x14, 0x0, 0x4) (async)
sendto$auto(r2, 0x0, 0x13, 0xfffffff8, &(0x7f0000000440)=@phonet={0x23, 0x81, 0x2, 0x2}, 0x2) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop6\x00', 0x0, 0x0)
ioctl$auto_SG_GET_RESERVED_SIZE(r4, 0x1277, 0xfffffffffffffffd)
socket(0x2, 0x6, 0x0) (async)
openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, &(0x7f0000000000)='/dev/etherd/revalidate\x00', 0x200840, 0x0) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0)
ioctl$auto_KVM_GET_SUPPORTED_HV_CPUID(0xffffffffffffffff, 0xc008aec1, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, 0x0, 0x885b) (async)
r5 = openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$auto_IMADDTIMER(r5, 0x80044940, 0x0)

2m10.206747791s ago: executing program 0 (id=524):
fcntl$auto(0x0, 0x8, 0xffffffff80000000)
pread64$auto(0xffffffffffffffff, 0x0, 0x810000003d, 0x5)

2m9.881415371s ago: executing program 0 (id=527):
r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/security/tomoyo/exception_policy\x00', 0x80800, 0x0)
read$auto_tomoyo_operations_securityfs_if(r0, 0x0, 0x0)
mmap$auto(0x0, 0x9a, 0x4, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0xa, 0x2, 0x73)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mlockall$auto(0x8)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
write$auto(0x3, 0x0, 0x7fffffff)
ioctl$auto_SNDRV_PCM_IOCTL_FORWARD2(0xffffffffffffffff, 0x40084149, &(0x7f00000000c0)=0xab)
preadv$auto(0x40000000000003, 0x0, 0xa, 0xfffffffffffff806, 0x4)
r1 = socket(0x2b, 0x1, 0xffffffff)
r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x80080, 0x0)
ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0)
sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r1, 0x0, 0x20000001)
madvise$auto(0x0, 0xffffffffffff0004, 0x19)
kill$auto(0x0, 0x21)
madvise$auto(0x0, 0x200007, 0x8)
socket(0x1f, 0x3, 0xffffffff)
setsockopt$auto(0x3, 0x0, 0xc8, 0xfffffffffffffffc, 0x4)
openat$auto_ubifs_dir_operations_ubifs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bluetooth/hci4/hci4:201\x00', 0xa00, 0x0)
close_range$auto(r1, r2, 0x4)
socket(0x10, 0x2, 0xc)
socket(0x28, 0x1, 0x0)
connect$auto(0x3, &(0x7f0000000180), 0x54)
setsockopt$auto(0x400000000000003, 0x28, 0x2, 0x0, 0x56b)

2m8.977283693s ago: executing program 0 (id=533):
mmap$auto(0x0, 0x400008, 0xdf, 0xf1, 0x2, 0x8000)
r0 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
poll$auto(&(0x7f0000000180)={<r1=>r0, 0xfff7, 0x9816}, 0x7f, 0x9)
ioctl$auto_VHOST_SET_OWNER(r1, 0xaf01, 0x0)
ioctl$auto(0x3, 0x4008af03, 0x0)
capset$auto(0x0, 0x0)
ioctl$auto_VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, 0x0)
write$auto(0xffffffffffffffff, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
write$auto(0x3, 0x0, 0x5c8)
lseek$auto(0xffffffffffffffff, 0x0, 0x2000004)
mlockall$auto(0x7)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/cifs/traceSMB\x00', 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
read$auto(0x3, 0x0, 0x1f40)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/fail-nth\x00', 0x103002, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0xc00000, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000)

2m8.634949718s ago: executing program 0 (id=536):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x2, 0x2, 0x1)
r1 = io_uring_setup$auto(0x6, 0x0)
tkill$auto(0x1, 0x7)
keyctl$auto_KEYCTL_SESSION_TO_PARENT(0x12, 0x4000000c2, 0x9, 0x3, 0x48eafc79)
sendto$auto(r0, 0x0, 0xb, 0xc, &(0x7f0000000000)=@tipc=@id={0x1e, 0x3, 0x1, {0x4e24, 0x1}}, 0x1c)
syslog$auto(0x3, &(0x7f0000000000)='-@#%}#[\\}@(%\\/\x88*\xd5(\x00', 0xff)
r2 = socket(0x10, 0x2, 0x4)
sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400c72da808bf8d5feacf8510"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c001)
write$auto(r2, &(0x7f0000000000)='-\x00', 0x2fb)
read$auto(0x3, 0x0, 0x7c)
connect$auto(0x3, &(0x7f00000000c0), 0x55)
ioctl$auto_SCSI_IOCTL_SEND_COMMAND2(r1, 0x1, &(0x7f0000000040)="506cf03def5ddd00e8e09c7b3532bcb58e3e7e4570ed9b6fe5a56d1d6690525a72bb9340")
read$auto(0x3, 0x0, 0x7)
setsockopt$auto(0x3, 0x0, 0xc, 0x0, 0x5)
io_uring_setup$auto(0x6, 0x0)
write$auto(0x3, 0x0, 0xfdef)

2m7.781527166s ago: executing program 0 (id=539):
prctl$auto(0x53564d41, 0x7, 0xffffffffffffffff, 0x3, 0x80000000f4ff)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000002e00), 0xffffffffffffffff)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
io_uring_setup$auto(0x8000, &(0x7f0000000140)={0x2, 0x8, 0x3, 0x0, 0x7, 0x101, 0xffffffffffffffff, [0x95, 0x9], {0xffffff80, 0x9, 0x10, 0xb831, 0x3, 0xdbb, 0x3, 0xee9, 0x2}, {0x8001, 0x6, 0x8, 0x1, 0x8, 0x0, 0x4, 0x6, 0xf}})
ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x4)
socket(0x10, 0x2, 0x0)
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x101082, 0x0)
r0 = openat$auto_proc_environ_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/environ\x00', 0x2000, 0x0)
read$auto_proc_environ_operations_base(r0, 0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000002bc0)=""/82, 0x52)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/mem/full/uevent\x00', 0x40000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000080)=""/58, 0x3a)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), r2)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x1c, r3, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@HWSIM_ATTR_REG_HINT_ALPHA2={0x5, 0xb, '.'}]}, 0x1c}}, 0x4044820)

2m7.324096588s ago: executing program 32 (id=539):
prctl$auto(0x53564d41, 0x7, 0xffffffffffffffff, 0x3, 0x80000000f4ff)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000002e00), 0xffffffffffffffff)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
io_uring_setup$auto(0x8000, &(0x7f0000000140)={0x2, 0x8, 0x3, 0x0, 0x7, 0x101, 0xffffffffffffffff, [0x95, 0x9], {0xffffff80, 0x9, 0x10, 0xb831, 0x3, 0xdbb, 0x3, 0xee9, 0x2}, {0x8001, 0x6, 0x8, 0x1, 0x8, 0x0, 0x4, 0x6, 0xf}})
ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x4)
socket(0x10, 0x2, 0x0)
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x101082, 0x0)
r0 = openat$auto_proc_environ_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/environ\x00', 0x2000, 0x0)
read$auto_proc_environ_operations_base(r0, 0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000002bc0)=""/82, 0x52)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/mem/full/uevent\x00', 0x40000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000080)=""/58, 0x3a)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), r2)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x1c, r3, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@HWSIM_ATTR_REG_HINT_ALPHA2={0x5, 0xb, '.'}]}, 0x1c}}, 0x4044820)

1m16.106817883s ago: executing program 1 (id=678):
r0 = semctl$auto(0x7, 0x5, 0x0, 0x6)
sendmsg$auto_NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800c000}, 0xc, &(0x7f0000000800)={&(0x7f0000000880)=ANY=[@ANYBLOB="80050000", @ANYRESDEC=r0, @ANYBLOB="02002bbd7000fcdbdf25010000000400e2000000002000328005000300020000000500030002000000040005000800040000000000000be24c183fde5b9d4eaa60152c220b90f9370ed909cb387efd44283302b1f53dcde4e9bc252c784fea90af25c968b063e49d0c7166e007d16e", @ANYRES16=r0, @ANYBLOB="040016010c005800ffffffffffffff7f080026000500000004002501d9037a80060149808cd61c31c5041e3424464242515cd9843760c4a39a368d664b128f2554d7cbe75a4ed046fd887eff7b32574b4b5f43f77902742753d16f8cae6e16ee3ebdc99be3105e30e0a2812c3dc9fd9e039a40e8a2d3921af6b7f0e94d0b9538d31bea5aa744a5d88edc35b2bebe8507d82640b10d604ff44e7d53938909443a6b488eb8333626626206c43d86718f7453c970e23e15746b94efd81be2055161b11a154c2edaddf4285e09eb67814e9b99e048cbf8542040974cf57a8e79e7c6ebe14451438a95c02c9b0ad5366a612db43d8bfafe3eabd566dc38beb2019168041f668cbf5b1ba2a150601294a397983d6d6954cdc26e53aa3ee4a0bab50400598004003880000076cd57077d979100e88004000f8004006680c42ee4df924ddc93213865b27ed9ea52124b6f809722a06c5f6ff07ea8d7704250714382bf6ede5bdccb943b5fa10ebf7cc7d3a7ccf3cfee5518c49154b9e2dfaf7939345a592e87087bef5cebd5b6bef6c4c642ac2ded2a82107fd38198b25878067a74fcc2cd819e17aba7fc3aa7b9b7df036839f0bfe3193f097b12980715876b0d8aa70000008eec09695a2bcbae14c9b59a553a7b46ac085400ab00d0c1e731c250b3b410b2eea09b64806ecc49c523b5710dcbb489f1e6dbc65603ef7d871f09108bc1454c6a40d085f9a38a46b82376c855b9eb065043f08746acfb023c7ad836d820f1e2413623578e9ac971995474316bf5e581beded228af85e750383cd60a5c4de9604c4ef8b06da0039ab2a44163307abffb14b5aef5674d9e218bb25c26bfa083b532c1fa3449c688d2072559a56bc127dd2361b479d9a7d729001500d6287cae5cae2b9e14b7e9064b29928059dad524738cd06f57c0da7d728533f3401ad90c8f00000008004500c30000000800ce00", @ANYRES32=r0, @ANYBLOB="cf00cd80322ec26b9bb38d0e9afaa2c0874ac3e848639d8df78a33ca7dd35172144ee5281205bb1130043cafff0e1d122a1a5e672fd234e096abb46a0625dd53bb070ffb39414cd67a6968e0367ca4cbc85b6c4713f82fde473e8355e2c88465839d997b6d4f5689ff2782e2ee8fd258e705f09c10b7220c5b69534865c96dc200ca25b5ad7d6fa6518d34d17f1549bcd8a1ae0263563e6f12946e6ed3b4977708b3e2f8204650407a3e123ef60b6d59d005e018792f2eba02af4870949644792e86eb86a084fd45bddfaa0400ac80006d0009807f49c1940f0ebcb08a641f4742ac039046077b6ef41c72428180dac9c89b72d7344972df9c7678de43ddae99d98f88e8ae71ecf77d95e0a69dc2c4c59b1e20838f7038c156210c6e1ae3ada35a5a7efaa092efe30ed7af940463625634718c201e40e3faad1b73c6e100000000000048017d8058002f000dc86ed399b3947aff7d892b8f0d378bc3f220d8107e672289365bc737aa6e8cf4ba175ea6f2577746f3618aa0953faf27d4e04c91269057d85d64ff6f2391fd143ad2d2adfe4a8f06f3a1c7f5b2511442d672dfeb00ac80650026000b58b56e9170e61e524e38998906731c4a998a3e63140d3e941ad3d31df8be625add4c2703f1609f1ef9a4f815026c40182ac0c1f2145e0f6f84fc890bea1b95af513b434c22010ea4dfda761c438aee71f0cd72faa24058b95fdd2ad1145ebea200000008000300", @ANYRES32=r0, @ANYRESHEX=r0], 0x580}, 0x1, 0x0, 0x0, 0x60008810}, 0x20000040)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async, rerun: 64)
close_range$auto(0x2, 0x8, 0x0) (rerun: 64)
io_uring_setup$auto(0x6, 0x0) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
r1 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r1, 0x107, 0x12, 0x0, 0x4) (async)
pwrite64$auto(r1, &(0x7f0000000080)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x89\x06s\x1cJ\x99\x8a>c\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2\x00\x00', 0x7, 0x3) (async)
r2 = socket(0x2, 0x5, 0x0)
listen$auto(0x3, 0x83)
mmap$auto(0x0, 0x20009, 0x4000008000df, 0xeb1, 0x401, 0x8000) (async)
ioctl$auto(0x1, 0x541b, 0x8) (async)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa) (async)
r3 = clone$auto(0x21, 0x7, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) (async, rerun: 64)
recvmmsg$auto(r2, 0x0, 0x2010003, 0x80000001, 0x0) (rerun: 64)
close_range$auto(0x2, 0x8, 0x0) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = getpgid$auto(r3)
sched_getattr$auto(r5, &(0x7f0000000000)={0x5, 0x80000001, 0x2, 0xc19, 0x1, 0x0, 0xfffefffffffffff8, 0x4, 0xfff, 0x1}, 0xfff, 0x0) (async, rerun: 64)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x1) (rerun: 64)
ioctl$auto(0x4000000000000c8, 0x800454cf, 0x3) (async)
socket(0x11, 0x80003, 0x300) (async)
setsockopt$auto(r4, 0x107, 0x12, 0x0, 0x4)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0xffffffffffffffff, 0xfffffffffffffffe, 0x3ff, 0xffffffffffffffff, 0x8001) (async)
mmap$auto(0x0, 0x801004, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)
getpgid(0x0)

1m14.478815755s ago: executing program 1 (id=686):
mmap$auto(0x0, 0x101, 0x3, 0xeb1, 0xffffffffffffffff, 0x100000000)
io_uring_setup$auto(0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
memfd_create$auto(0x0, 0xe)
socket(0x2, 0x6, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0)
write$auto(0x3, 0x0, 0x100082)
mmap$auto(0x1, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8001)
openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fb0\x00', 0x0, 0x0)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
migrate_pages$auto(0x0, 0x8, 0x0, &(0x7f00000001c0)=0x7b)
sysfs$auto(0x7, 0x10001, 0x4)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0)
ioctl$auto_SNDCTL_DSP_CHANNELS(r0, 0xc0045006, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x6ae}, 0x7)
move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2)
semctl$auto_SETALL(0xffffffff, 0x7, 0x11, 0x1ff)
ioctl$auto_TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)=0x4)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9)
openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtd0\x00', 0x793fc0, 0x0)
memfd_create$auto(0x0, 0xe)
socket(0x2, 0x1, 0x106)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/007/001\x00', 0xa901, 0x0)
ioctl$auto(r1, 0x4008550c, r1)

1m1.682434676s ago: executing program 1 (id=712):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd8\x00', 0x80, 0x0)
ioctl$auto(r0, 0xab09, 0xffffffffffffffff)
r1 = openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/bluetooth/hci7/hci7:200/power/autosuspend_delay_ms\x00', 0x208000, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000004580), 0xffffffffffffffff)
sendmsg$auto_OVS_VPORT_CMD_DEL(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x20, r3, 0x601, 0x70bd29, 0x25dfdbfe, {}, [@OVS_VPORT_ATTR_UPCALL_STATS={0x4}, @OVS_VPORT_ATTR_PORT_NO={0x8, 0x1, 0x14ed4312}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x44000)
sendmsg$auto_OVS_VPORT_CMD_DEL(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x3c, r3, 0x200, 0x70bd27, 0x25dfdbfb, {}, [@OVS_VPORT_ATTR_PORT_NO={0x8, 0x1, 0x1}, @OVS_VPORT_ATTR_TYPE={0x8, 0x2, 0x3}, @OVS_VPORT_ATTR_NETNSID={0x8, 0x9, 0x4}, @OVS_VPORT_ATTR_TYPE={0x8, 0x2, 0x411}, @OVS_VPORT_ATTR_NETNSID={0x8, 0x9, 0x6}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040055}, 0x20000811)

58.341617775s ago: executing program 1 (id=721):
r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/irq/25/spurious\x00', 0x10b402, 0x0)
pread64$auto(r0, 0x0, 0x810000003d, 0x5)

57.697419878s ago: executing program 1 (id=724):
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
write$auto(0x3, 0x0, 0x7fffffff)
write$auto(0x1, 0x0, 0x80000000)
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000180), 0x200, 0x0)
preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/kernel/mm/ksm/use_zero_pages\x00', 0x8000, 0x0)
read$auto(r0, &(0x7f0000003740)='^.*\xf0\x00', 0x9)
r1 = openat$auto_nsim_dev_max_vfs_fops_dev(0xffffffffffffff9c, &(0x7f00000089c0)='/sys/kernel/debug/netdevsim/netdevsim1/max_vfs\x00', 0x101000, 0x0)
mmap$auto(0x0, 0xfffffffffffffffd, 0xdf, 0x10, 0x2, 0x8000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0x3, 0x80000, 0x6)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socketpair$auto(0x1, 0x2164, 0x8000000000000000, 0x0)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
mmap$auto(0x6, 0x400008, 0xe2, 0x9b72, r2, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
r4 = socket(0xa, 0x2, 0x88)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/mtd/mtd0/mtdblock0/trace/pid\x00', 0x1a1842, 0x0)
write$auto(r6, &(0x7f0000000000)='9\x00d1L\xff\x15\xba\xa17=(\xc1\xf8\xff\xff\v\xb5^\xa1/[', 0x8)
read$auto(0x3, 0x0, 0xf34)
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_fd=r1, r5, 0x4, 0x1ff, r4, @relative_id=0x13, 0xe600}, 0xf)

53.076022568s ago: executing program 1 (id=741):
r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/interrupts\x00', 0x12b402, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
getsockopt$auto(0x3, 0x200000000001, 0x2a, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x5, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@hci={0x1f, 0xfffe, 0x3}, 0x6a)
mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4)
r2 = open(&(0x7f0000000000)='./file0\x00', 0x101800, 0x100)
read$auto_nsim_dev_trap_fa_cookie_fops_dev(r2, 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000)
socket(0xa, 0x1, 0x100)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
socket(0x1e, 0x1, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
socket(0x23, 0x80805, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
r4 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x38, r4, 0x1b, 0x70bd24, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x8, 0x3, 0x0, 0x1, [@nested={0x4, 0x10}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "8982884700"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x44040}, 0xc800)
adjtimex$auto(&(0x7f0000000000)={0x4, 0x0, 0xcbe9, 0xffff, 0xa, 0x80000000, 0xd37f, 0x0, 0xffff, 0xc, 0x3, {0x10, 0x6}, 0xfffffffffffffffc, 0x4, 0x2, 0x4, 0x0, 0xfffffffffffffffa, 0x1, 0x0, 0x9, 0x7, 0x5})
pread64$auto(r0, 0x0, 0x810000003d, 0x5)

37.820672834s ago: executing program 33 (id=741):
r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/interrupts\x00', 0x12b402, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
getsockopt$auto(0x3, 0x200000000001, 0x2a, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x5, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@hci={0x1f, 0xfffe, 0x3}, 0x6a)
mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4)
r2 = open(&(0x7f0000000000)='./file0\x00', 0x101800, 0x100)
read$auto_nsim_dev_trap_fa_cookie_fops_dev(r2, 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000)
socket(0xa, 0x1, 0x100)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
socket(0x1e, 0x1, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
socket(0x23, 0x80805, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
r4 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x38, r4, 0x1b, 0x70bd24, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x8, 0x3, 0x0, 0x1, [@nested={0x4, 0x10}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "8982884700"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x44040}, 0xc800)
adjtimex$auto(&(0x7f0000000000)={0x4, 0x0, 0xcbe9, 0xffff, 0xa, 0x80000000, 0xd37f, 0x0, 0xffff, 0xc, 0x3, {0x10, 0x6}, 0xfffffffffffffffc, 0x4, 0x2, 0x4, 0x0, 0xfffffffffffffffa, 0x1, 0x0, 0x9, 0x7, 0x5})
pread64$auto(r0, 0x0, 0x810000003d, 0x5)

10.966822872s ago: executing program 2 (id=831):
clone$auto(0x3, 0x10430a33, 0x0, 0x0, 0x9)
openat$auto_fops_u32_ro_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim0/ports/1/bpf_offloaded_id\x00', 0x200080, 0x0)

10.422475148s ago: executing program 2 (id=832):
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
socket(0x2, 0x3, 0x4)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000)
mremap$auto(0x1fc000, 0xfee0, 0x3fd6, 0x3, 0xfffff000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
keyctl$auto(0x1, 0x5, 0x0, 0x81, 0x6)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1e, 0x8, 0x9, 0x0)
open(0x0, 0x22240, 0x55)
socket(0x2, 0x3, 0xa)
syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$auto(0x0, 0x4, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
ioctl$auto(0x3, 0xae60, 0x10000000000402)
ioctl$auto(0x3, 0xc018aec0, 0x38)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8)
connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55)
r1 = socket(0x11, 0x80003, 0x300)
name_to_handle_at$auto(0xffffffffffffffff, &(0x7f00000001c0)='/\x00', &(0x7f0000000200)={0x0, 0x200}, 0x0, 0x1001)
setsockopt$auto(r1, 0x107, 0x12, 0x0, 0x4)
write$auto(0x3, 0x0, 0xffeb)

7.99607607s ago: executing program 5 (id=839):
mmap$auto(0x0, 0x40000a, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x8000003, 0x7)
r1 = getpid()
process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000600)="70fb0a3edc9042f62445d60aca71eea529b32e26076e44410cced819202d537d16ec88c8d77ddf29783e05dec8e3a480d2eb81d4fc78d18bc8a3273e6f13967e7663638b43284a3d1ef5b3bca91a0e72d7da5b9727d827e2c0ec0a6be837bd379d7e986fc47f87aabe7a86960b334b0a973245105935ed1d62377838b14a1daedb0c614ddccf9c0d11f4bf5c65361a5bb83139f1e82073d0b921f0a49f3e8d651432cee2e81ce8ed30bcd577bec3376974571b0c5e2f698ef936d223e9c8a82e5019e84bc4c058683331232df07a3a7c7aef8bc7f737da8f18decd48b36061c6e5c64513b07eee251d", 0xffffffff}, 0x4, 0x8)
ioctl$auto_BLKTRACESETUP32(r0, 0xc0401273, &(0x7f00000001c0)={"079df5ecf9c177abe71e2da4db232e59ee69537f8c8b4decc22e572f7a7077bc", 0x10, 0x0, 0x10001, 0x769, 0x0, <r2=>r1})
capset$auto(&(0x7f00000000c0)={0x8, <r3=>r2}, &(0x7f0000000140)={0x81, 0x7, 0x3})
semctl$auto(0x8, 0x29f8989c, 0xa0, 0xfffffffffffeffff)
syz_clone3(&(0x7f0000000580)={0x111000000, &(0x7f00000002c0), &(0x7f0000000300), &(0x7f0000000380), {0x10}, &(0x7f00000003c0)=""/121, 0x79, &(0x7f0000000440)=""/231, &(0x7f0000000540)=[r2, r2, r3], 0x3, {r0}}, 0x58)
r4 = pidfd_open$auto(r3, 0x800)
msgsnd$auto(0x0, &(0x7f0000000340)={0x1, 0x6}, 0x27f80000000, 0x6)
r5 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000000), 0xc0402, 0x0)
mmap$auto(0xfffffffffffffffe, 0x7, 0xdf, 0x9b72, 0xffffffffffffffff, 0xfffffffffffffffd)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x8, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x8001, 0xa507}, 0x4}, 0x8000004, 0x4008)
r6 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004814}, 0x200448c5)
recvmmsg$auto(r6, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0x5, 0x10, 0x0)
ioctl$auto_posix_clock_file_operations_posix_clock(r5, 0x40103d0b, 0x0)
openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
setns(r4, 0x20000)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
capget$auto(0x0, 0x0)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x200, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0x7, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0x7, 0xb654, 0x2, 0x9)
setsockopt$auto(0xffffffffffffffff, 0x0, 0x1, 0x0, 0x1e)
write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9)
close_range$auto(0x2, 0x8, 0x0)

7.726815411s ago: executing program 2 (id=842):
mmap$auto(0xe9c1, 0x1, 0xffffffffffffffff, 0x11, 0xffffffffffffffff, 0x7)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x100000000000001, 0x2, 0xffffffffffffffff, 0x40df, 0xffffffffffffffff, 0x2)
ioprio_set$auto(0x2, 0x800000000, 0x8)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
r1 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
writev$auto(r0, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
ioctl$auto(r0, 0x5609, r1)
open(0x0, 0x161342, 0x100)
write$auto(0xffffffffffffffff, 0x0, 0x0)
rt_sigtimedwait$auto(0x0, 0x0, 0x0, 0x8)
bpf$auto(0x0, 0x0, 0xa3)
mmap$auto(0x0, 0x20009, 0x20004000000000df, 0xebf, 0xffffffffffffffff, 0x9)
unshare$auto(0x40000080)
fallocate$auto(0x8000000000000003, 0x2, 0x2, 0x0)
r2 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, 0x0, 0x28082, 0x0)
ioctl$auto(r2, 0xc0404d1a, r2)
socket(0x12, 0x4, 0x440a)
r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0)
write$auto(r3, 0x0, 0x7fffffff)
ioctl$auto_SNDCTL_DSP_SETFMT(r3, 0xc0045005, 0x0)
socket(0x25, 0x5, 0x0)
sendfile$auto(r0, 0x3, 0x0, 0xfdef)
io_setup$auto(0x10000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r2, 0x8000)
listen$auto(0x3, 0xa8000000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x0, 0x0)
openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x52c42, 0x0)
set_mempolicy$auto(0x4, &(0x7f0000000000)=0x1, 0x5)

6.930509571s ago: executing program 3 (id=846):
mmap$auto(0x0, 0x400008, 0xdf, 0xf1, 0x2, 0x8000)
r0 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
poll$auto(&(0x7f0000000180)={<r1=>r0, 0xfff7, 0x9816}, 0x7f, 0x9)
ioctl$auto_VHOST_SET_OWNER(r1, 0xaf01, 0x0)
ioctl$auto(0x3, 0x4008af03, 0x0)
capset$auto(0x0, 0x0)
ioctl$auto_VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, 0x0)
ioctl$auto_VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, 0x0)
write$auto(0xffffffffffffffff, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
write$auto(0x3, 0x0, 0x5c8)
lseek$auto(0xffffffffffffffff, 0x0, 0x2000004)
mlockall$auto(0x7)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/cifs/traceSMB\x00', 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
read$auto(0x3, 0x0, 0x1f40)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x103002, 0x0)
writev$auto(r2, 0x0, 0x3)
mmap$auto(0xc00000, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000)

6.83283965s ago: executing program 5 (id=847):
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x4200000000, 0xfffffffffffffffe, 0x1, 0x1, 0x6, 0x0, 0x7, 0x368a, 0x2, {0x100000000, 0x5}, 0x5, 0x8, 0xfffffffffffffff6, 0x1008000, 0x0, 0x8, 0x81, 0xdfffffffffff6291, 0x6, 0x4, 0x808})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3db)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/tty29\x00', 0x0, 0x0)
ioctl$auto(r1, 0x5453, r1)
getrandom$auto(0x0, 0x8, 0x7)
r2 = syz_genetlink_get_family_id$auto_ila(&(0x7f0000000040), 0xffffffffffffffff)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/fs/ext4/sda1/mb_group_prealloc\x00', 0x8001, 0x0)
write$auto(r3, &(0x7f0000000000)='gJ\xdf\xd9\t\x8b7\x04\\\x00\x04x\x03\xcb\x12\xfa\b\x1c\xc7\xeb', 0x2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ILA_CMD_DEL(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYRES16=r2, @ANYBLOB="010021bd7000fbdbdf25020000000c0003000d0000ba0a9eecfd8c8a9acaeeeeb50100000000000c00030000000000000000", @ANYRES32=0x0, @ANYBLOB="05000700030000000c000100ff01000000000000"], 0x50}, 0x1, 0x0, 0x0, 0x4004004}, 0x10)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4)
madvise$auto(0x110c230000, 0x1, 0x9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/i8042/serio0/force_release\x00', 0xc2082, 0x0)
read$auto_proc_iter_file_ops_compat_inode(0xffffffffffffffff, &(0x7f00000007c0)=""/153, 0xfffffffffffffd19)
mmap$auto(0xfffffffffffffffc, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
shutdown$auto(r4, 0x1)
statx$auto(0xffffff9c, 0x0, 0x1000, 0x803, 0x0)
setsockopt$auto(0xffffffffffffffff, 0x29, 0x30, 0x0, 0x56b)
mmap$auto(0x0, 0x40009, 0x20036, 0x9b72, 0x7, 0x8)
ioctl$auto_IOCTL_VMCI_QUEUEPAIR_SETVA(0xffffffffffffffff, 0x7a4, 0x0)
socket(0x10, 0x2, 0xc)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)

6.122491153s ago: executing program 3 (id=849):
mlockall$auto(0x7)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r0 = set_tid_address$auto(0x0)
capset$auto(&(0x7f0000000040)={0x19980330, r0}, 0x0)
mmap$auto(0x0, 0x400008, 0xdc, 0x9b72, 0x2, 0x8000)
mprotect$auto(0x0, 0x7, 0x9)
remap_file_pages$auto(0x7, 0xff, 0x100, 0x401, 0x3)

5.647046486s ago: executing program 3 (id=851):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
statmount$auto(0x0, &(0x7f0000000180)={0x80000000, 0x1, 0x401bf, 0x7352, 0x3f, 0x8000, 0x1ffde, 0x7, 0x2, 0x4, 0x9, 0x3, 0x5, 0x8, 0x3000, 0x9, 0x6, 0x10002, 0x80, 0x400, 0x0, 0x7, 0x1ffc, 0x203, 0x400, 0x84, 0x0, 0x4000, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}, 0x1fe, 0xd)
openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000180), 0x8c00, 0x0)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x24008000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
r0 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0xfe, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

5.509833435s ago: executing program 3 (id=852):
setreuid$auto(0x7, 0x806)
bind$auto(0x3, 0x0, 0xf)
r0 = getpgid(0x0)
r1 = openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/dynamic_events\x00', 0x80301, 0x0)
write$auto_dynamic_events_ops_trace_dynevent(r1, &(0x7f0000000040)="6524b5aac083b05c1173a1174ad8f5246cdc9552bbdffc09852e4d", 0x1b)
rt_tgsigqueueinfo$auto(r0, r0, 0x20c, 0x0)
prlimit64$auto(r0, 0xa3d, 0x0, 0x0)
pipe2$auto(0x0, 0x80)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/igmp6\x00', 0x0, 0x0)
pread64$auto(r2, 0x0, 0x100000000008, 0x8000)
settimeofday$auto(0x0, 0x0)
socket(0x25, 0x5, 0x0)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0xfd, 0x0, 0xfffffffffffffffd)
r3 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x129843, 0x0)
ioctl$auto(r3, 0x921064b1, 0x8)
sendmsg$auto_TIPC_NL_NET_SET(0xffffffffffffffff, 0x0, 0x2)
ioctl$auto(0x3, 0x8b0b, 0x91)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/mnt\x00')
ioctl$auto(0x3, 0x4020940c, 0xffffffffffffffff)

5.354408982s ago: executing program 3 (id=853):
arch_prctl$auto_ARCH_MAP_VDSO_64(0x2003, 0x5)
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x140040b0}, 0x24002001)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
gettid()
open(0x0, 0x0, 0x152)
rseq$auto(&(0x7f00000001c0)={0x20006, 0x5, 0x0, 0x7, 0xffffffff, 0x80000001}, 0x7ffd, 0xa, 0xa)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
mmap$auto(0x100000000000000, 0x2, 0x4000000000df, 0x40df, 0x401, 0x2)
ioprio_set$auto(0x2, 0x800000000, 0x8)
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100)
write$auto(0xffffffffffffffff, &(0x7f0000000140)='\x00', 0x0)
rt_sigtimedwait$auto(0x0, 0x0, 0x0, 0x8)
unshare$auto(0x40000080)
fallocate$auto(0x8000000000000003, 0x2, 0x6, 0xcbd5d)
r1 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x4380, 0x0)
ioctl$auto(r1, 0xc0404d1a, r1)
socket(0x12, 0x4, 0x440a)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20b42, 0x0)
write$auto(r2, &(0x7f0000000040)='7\x00\\\x80\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\x00\x0e\v9\xb5j\x00\x04\xc8\x1fa\x1c\x1a\x05 \xfdr/D\xbf\x98\x06\xe5\xf6\x8d\x1fX\xe5\xbc\xbc\"}$', 0x7fffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$auto_WG_CMD_SET_DEVICE(r3, &(0x7f00000028c0)={0x0, 0x0, &(0x7f0000002880)={&(0x7f0000000000)={0x30, r4, 0x21, 0x70bd26, 0x25dfdbfe, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e20}]}, 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x80)
ioctl$auto_SNDCTL_DSP_SETFMT(r2, 0xc0045005, &(0x7f0000000040))

4.274897739s ago: executing program 5 (id=858):
mmap$auto(0x2, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
write$auto(0x4, 0x0, 0x100082)
poll$auto(0x0, 0x5, 0x108)
setrlimit$auto(0x9, 0x0)

3.965205203s ago: executing program 2 (id=859):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
shutdown$auto(0x200000003, 0x2)
mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
r0 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x80800, 0x0)
read$auto(r0, 0x0, 0x39b8)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x20004, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r1 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, 0x0, 0x6a)
sendmmsg$auto(r1, 0x0, 0x7, 0x20020000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002)
openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
socket(0x2, 0x801, 0x106)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
r2 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000001100)='/dev/mtd0\x00', 0x0, 0x0)
ioctl$auto_BLKPG2(r2, 0x1269, 0x0)
r3 = openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/numa_maps\x00', 0x20000, 0x0)
read$auto_proc_sessionid_operations_base(r3, &(0x7f00000000c0)=""/4096, 0x1000)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x400, 0x0)
shutdown$auto(0x200000003, 0x2)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
close_range$auto(0x2, 0x8, 0x0)
fcntl$auto(0xffffffffffffffff, 0x400, 0x1)
read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x0, 0x8000)

3.215960253s ago: executing program 5 (id=862):
r0 = socket(0x11, 0x3, 0x9)
sendmmsg$auto(r0, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200), 0xf}, 0x7, 0x0, 0x5, 0xe}, 0x5}, 0x1, 0x101)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x4000ebf, r0, 0x7fff)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000140), 0x22180, 0x0)
writev$auto(r1, &(0x7f00000003c0)={&(0x7f0000000540)="3ea225d32d6572e46b42c797cf8bb1e6b39bd2c7777940852dd19fe0b0fb8da20b27925b49be55b0f6094a5a988e72ce80dd715ebff5b5077790d30b24692bdf9bd9ad047870", 0x8000}, 0x9)
socket(0xa, 0x2, 0x73)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
setsockopt$auto(0x4, 0x29, 0x2a, 0x0, 0x200577)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x801, 0x0)
connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2711}, 0x51)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0)
select$auto(0x6, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x3, 0xfff, 0x1, 0x948b, 0x3, 0x95f4da2a, 0xffffffffffffffff, 0x3, 0x62, 0x7, 0x7, 0x6d3f, 0x9, 0x4, 0x5]}, 0x0)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mdstat\x00', 0x1c1080, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r3, &(0x7f00000010c0)=""/4096, 0x1000)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0)
ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000100)={[0x1ff, 0x6, 0x1, 0x3, 0x8, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80040021, 0x7, 0x6d3e, 0x7fff, 0x2, 0x6]}, 0x0)
select$auto(0x7f, &(0x7f0000000040)={[0x1, 0x7, 0x7, 0x2, 0xe, 0xffffffffffffc24e, 0xe1a, 0x7fffffffffffffff, 0x3, 0x4, 0x6, 0xb, 0x7, 0x7, 0xffffffffffffffff, 0x80]}, 0x0, &(0x7f0000000340)={[0xd6db, 0x9, 0xc2, 0x4, 0xffffffffffff2623, 0x3, 0x8001, 0xfa, 0x9, 0xe, 0x140, 0xc, 0x9, 0x2, 0x4, 0x6]}, &(0x7f0000000280)={0x9, 0xc89})
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f00000010c0)='/sys/kernel/debug/tracing/trace\x00', 0x80601, 0x0)
close_range$auto(0x2, 0x8, 0x0)
select$auto(0x3, &(0x7f0000000200)={[0x3, 0x2, 0x8, 0x18, 0xa2, 0x9, 0x6, 0xffffffffffffffff, 0x0, 0x6afdf79, 0x2, 0x80, 0xedb8, 0x9, 0x1, 0x8]}, &(0x7f0000000440)={[0x0, 0x4, 0x3ff, 0xfffffffffffffffa, 0x401, 0xfffffffffffffff7, 0x6, 0xffff, 0x0, 0x8, 0x110c, 0x7fe, 0x1, 0x0, 0x8, 0x8000000000000000]}, &(0x7f00000004c0)={[0xfffffffffffffff8, 0xffffffffffffffff, 0xff80000000000000, 0x9, 0xf, 0x4, 0x1, 0x6, 0x7, 0xffffffff, 0x0, 0xe422, 0xe022, 0x5, 0x2, 0xfffffffffffffff4]}, &(0x7f0000000180)={0x0, 0x9})

2.322435211s ago: executing program 5 (id=863):
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC2\x00', 0x0, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f00000001c0)=0x6)
unshare$auto(0x40000080)
unshare$auto(0x9)
socket(0x10, 0x2, 0x0) (async)
r1 = socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0x3185, 0xeb0, r1, 0x8000) (async)
mmap$auto(0x0, 0x20009, 0x3185, 0xeb0, r1, 0x8000)
statmount$auto(0x0, &(0x7f0000000040)={0x0, 0x0, 0x8, 0xffffff01, 0x9, 0x9, 0x7ffffffd, 0x7, 0x8, 0x5, 0x5, 0x9, 0x2, 0x8, 0x5, 0x8000000000f, 0xffffffffffffffff, 0x9, 0x80000000, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x3]}, 0x5, 0x0) (async)
statmount$auto(0x0, &(0x7f0000000040)={0x0, 0x0, 0x8, 0xffffff01, 0x9, 0x9, 0x7ffffffd, 0x7, 0x8, 0x5, 0x5, 0x9, 0x2, 0x8, 0x5, 0x8000000000f, 0xffffffffffffffff, 0x9, 0x80000000, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x3]}, 0x5, 0x0)
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYRES8=r0, @ANYRES16, @ANYRESDEC=r1], 0x24}, 0x1, 0x0, 0x0, 0xc045}, 0x4) (async)
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYRES8=r0, @ANYRES16, @ANYRESDEC=r1], 0x24}, 0x1, 0x0, 0x0, 0xc045}, 0x4)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\a\x00\x00'], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) (async)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\a\x00\x00'], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00'], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
socket(0x2c, 0x6, 0x3ff)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x222002, 0x0)
socket(0x11, 0x3, 0x9) (async)
socket(0x11, 0x3, 0x9)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0xf8ef6fb5aad8b5d6, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x5, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/loop15/queue/discard_granularity\x00', 0x8000, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x100400000000000, 0x8001, 0x800, 0x16, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x85cd, 0xffffffffffff0001, 0x9)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
close_range$auto(0x2, 0x8, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x801, 0x106)

2.302946622s ago: executing program 4 (id=864):
r0 = ioctl$auto_TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000100)={0x1ff, &(0x7f00000000c0)={0x2, 0x4, 0x0, @inferred=<r1=>0xffffffffffffffff}})
getpeername$auto(0xffffffffffffffff, &(0x7f00000001c0)=@hci={0x1f, 0x0, 0x1}, &(0x7f0000000200)=0x5278)
ioperm$auto(0x90d5, 0xc, 0x2)
membarrier$auto(0x4, 0x8000000000000000, 0xffffffff)
ioctl$auto_SG_SET_DEBUG(r1, 0x227e, &(0x7f0000000140)="f9eba84136e4a38972f56de7666604b201d9b11f64cb2cb2279d18c72480939a4866d521df4cb2cde16bd57582ff2ec4bb6b904c1ad6af57510cd231b9221616")
ioctl$auto_BLKTRACESETUP32(r1, 0xc0401273, &(0x7f0000000340)={"8326a18c21dd431d91ee768da1273b6d2fe59cc46aa1c197a09a1d06647d804d", 0x2, 0xffffff0d, 0x1, 0x5, 0x7, <r2=>0xffffffffffffffff})
timer_create$auto_CLOCK_TAI(0xb, &(0x7f00000003c0)={@sival_ptr=&(0x7f0000000240)="6a89669b80b2e30a30cf44c0881dd89625189cd93d9a4b1fd58efc50597e508ba10228459e94b41c3e80ad3787b211bf78395d1be43f19c08704d73a020f8459001f6e2dd669153a388c12ae92c98aa8bac9660bfaa92bdf9a6531746223241957f88138ba03577b0375336c5cb203573b26b04c5581fb45d1b919f5740ed590f093f98fef554426ea5ca56e4d172b817b0ba900760c4e2ae78b41f82d33d00769972184a5e250be71322ddfd5dce3d17c650b583faf47835c127924e6d3420b2665a03be2fbf067e0", @inferred=r0, 0x8, @_tid=r2}, &(0x7f0000000400)=0x3adb83f4)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r5=>0x0})
sendmsg$auto_NL80211_CMD_SET_WIPHY(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000800)={0x20, r3, 0x13, 0x70bd26, 0x25dfdbdd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r5}, @NL80211_ATTR_WIPHY_TXQ_PARAMS={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x8880}, 0x20040894)
ioctl$auto_TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000100)={0x1ff, &(0x7f00000000c0)={0x2, 0x4}}) (async)
getpeername$auto(0xffffffffffffffff, &(0x7f00000001c0)=@hci={0x1f, 0x0, 0x1}, &(0x7f0000000200)=0x5278) (async)
ioperm$auto(0x90d5, 0xc, 0x2) (async)
membarrier$auto(0x4, 0x8000000000000000, 0xffffffff) (async)
ioctl$auto_SG_SET_DEBUG(r1, 0x227e, &(0x7f0000000140)="f9eba84136e4a38972f56de7666604b201d9b11f64cb2cb2279d18c72480939a4866d521df4cb2cde16bd57582ff2ec4bb6b904c1ad6af57510cd231b9221616") (async)
ioctl$auto_BLKTRACESETUP32(r1, 0xc0401273, &(0x7f0000000340)={"8326a18c21dd431d91ee768da1273b6d2fe59cc46aa1c197a09a1d06647d804d", 0x2, 0xffffff0d, 0x1, 0x5, 0x7, 0xffffffffffffffff}) (async)
timer_create$auto_CLOCK_TAI(0xb, &(0x7f00000003c0)={@sival_ptr=&(0x7f0000000240)="6a89669b80b2e30a30cf44c0881dd89625189cd93d9a4b1fd58efc50597e508ba10228459e94b41c3e80ad3787b211bf78395d1be43f19c08704d73a020f8459001f6e2dd669153a388c12ae92c98aa8bac9660bfaa92bdf9a6531746223241957f88138ba03577b0375336c5cb203573b26b04c5581fb45d1b919f5740ed590f093f98fef554426ea5ca56e4d172b817b0ba900760c4e2ae78b41f82d33d00769972184a5e250be71322ddfd5dce3d17c650b583faf47835c127924e6d3420b2665a03be2fbf067e0", @inferred=r0, 0x8, @_tid=r2}, &(0x7f0000000400)=0x3adb83f4) (async)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) (async)
sendmsg$auto_NL80211_CMD_SET_WIPHY(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000800)={0x20, r3, 0x13, 0x70bd26, 0x25dfdbdd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r5}, @NL80211_ATTR_WIPHY_TXQ_PARAMS={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x8880}, 0x20040894) (async)

2.072665023s ago: executing program 3 (id=865):
unshare$auto(0x40000080)
mmap$auto(0x0, 0x20009, 0x4400000000df, 0xc157, 0x101000000000000, 0x7)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb2, 0x401, 0x8000)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_TIPC_NL_BEARER_DISABLE(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYRES16=r0, @ANYRES16, @ANYBLOB="010025bd7000fcdbdf25020000002c00018028003c8008001b80040043"], 0x40}, 0x1, 0x0, 0x0, 0x20004040}, 0x44)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="02002cbd7000fedbdf2502000000080003008000400008001d"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x841)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
socket(0x2, 0x1, 0x0)
epoll_create$auto(0x4)
mq_open$auto(0x0, 0x5, 0x3, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000840)='/proc/sys/vm/dirty_background_ratio\x00', 0x80000, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0xa, 0x3, 0x3, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0x8000]}, 0x0)
sched_get_priority_min$auto(0x40)
socket(0x2, 0xa, 0x0)
mmap$auto(0x0, 0x8, 0x3, 0x9b72, 0x2, 0x8000)
getsockopt$auto(0x3, 0x200000000001, 0x19, 0x0, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)

1.880823426s ago: executing program 4 (id=866):
sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYRESHEX, @ANYRES16, @ANYRESDEC], 0x14}, 0x1, 0x0, 0x0, 0x24048841}, 0x24004000)
socket(0x5, 0x2, 0x4)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x7fff, 0xfffffffffffffffd, 0xd4, 0x4, 0x28c, 0x0, 0x3, 0x8001, 0x9, {0xfffffffe, 0x5}, 0x5, 0x6, 0xfffffffffff7fffd, 0x1007ffd, 0x0, 0xfe, 0x81, 0xffffffffffff628e, 0xa747, 0x5, 0x804})
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa901, 0x0)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/ipv6_route\x00', 0x41900, 0x0)
pread64$auto(r2, 0x0, 0xe, 0x100000000007)
writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x7}, 0x3)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7fffe000)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/platform/snd_aloop.0/sound/card1/id\x00', 0x48a22, 0x0)
epoll_pwait$auto(r1, &(0x7f00000000c0)={0x7fffffff, 0x7}, 0x5, 0xae, &(0x7f00000001c0)={0x6}, 0x8)
write$auto(r3, 0x0, 0x3)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
ioctl$auto_SG_GET_RESERVED_SIZE(0xffffffffffffffff, 0x4c03, 0xfffffffffffffffd)
bind$auto(0x3, 0x0, 0x6a)
ioctl$auto__ctl_fops_dm_ioctl(0xffffffffffffffff, 0xfffffffffffffd0a, &(0x7f00000001c0))
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080))
socketpair$auto(0x4, 0x8, 0xfffffffd, 0x0)
open(0x0, 0x163340, 0x6a)
socket(0x21, 0x2, 0x2)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x4e24, @multicast2}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, 0x0, 0x145502, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x280440, 0x0)

1.834614318s ago: executing program 2 (id=867):
clock_nanosleep$auto(0x2, 0x1000, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x40000002c55, 0x0)
io_uring_register$auto(0x2, 0x11, &(0x7f0000000180), 0x83) (fail_nth: 6)

1.527577603s ago: executing program 4 (id=868):
r0 = syz_genetlink_get_family_id$auto_nbd(&(0x7f00000019c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22040, 0x75)
socket(0x840000000002, 0x3, 0xff)
connect$auto(0x3, &(0x7f0000000000), 0x55)
setsockopt$auto(0x3, 0x0, 0x1, 0x0, 0x2)
open(&(0x7f0000000140)='./file0\x00', 0x220c0, 0x60)
sendmsg$auto_NBD_CMD_RECONFIGURE(r1, &(0x7f0000001b40)={0x0, 0x0, &(0x7f0000001b00)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r0, @ANYBLOB="010029bd7000ffdbdf2503000000080001000600003d"], 0x1c}, 0x63, 0x0, 0x0, 0x4}, 0x4040010)

936.780536ms ago: executing program 2 (id=869):
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv6/conf/ipvlan1/router_solicitation_delay\x00', 0x202, 0x0)
sendfile$auto(r0, r0, 0x0, 0x7ffff000)
socket(0x10, 0x2, 0x0)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
socket(0x10, 0x2, 0x6)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/wireless\x00', 0x890100, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$auto_dma_heap_fops_dma_heap(r1, 0xffffffffffdffe00, &(0x7f0000000140)=';')
unshare$auto(0x40000080)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/uevent\x00', 0x800, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000100)=""/16, 0x10)
openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, 0x0, 0x48402, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/vivid.0/video4linux/radio4/uevent\x00', 0x38880, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/pids.max\x00', 0xa0942, 0x0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0x3, 0x3, 0x6, 0x0, 0x200000000000001, 0x368e, 0x2, {0x100000000, 0x7}, 0xff, 0x3, 0xfffffffffffffffd, 0x1008000, 0x0, 0x6, 0x81, 0xbfffffffffff628e, 0xa747, 0xdeb1, 0x804})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/audio1\x00', 0x101001, 0x0)
ioctl$auto_SNDCTL_DSP_NONBLOCK(r3, 0x500e, 0x0)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
socket(0x15, 0x5, 0x0)
ustat$auto(0x801, 0x0)
bpf$auto(0x9, &(0x7f00000005c0)=@query={@target_ifindex, 0x3, 0x10000, 0x400, 0x0, @prog_cnt=0x3, 0x0, 0x4, 0x9, 0x40, 0x2007fffffff}, 0x1)
mknod$auto(&(0x7f0000000080)=':,\x00', 0xcb, 0xfffffffa)
execve$auto(0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mknod$auto(&(0x7f0000000b00)='X))\x00', 0x63c1, 0x7ff)

774.099272ms ago: executing program 4 (id=870):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
statmount$auto(0x0, &(0x7f0000000180)={0x80000000, 0x1, 0x401bf, 0x7352, 0x3f, 0x8000, 0x1ffde, 0x7, 0x2, 0x4, 0x9, 0x3, 0x5, 0x8, 0x3000, 0x9, 0x6, 0x10002, 0x80, 0x400, 0x0, 0x7, 0x1ffc, 0x203, 0x400, 0x84, 0x0, 0x4000, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}, 0x1fe, 0xd)
openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000180), 0x8c00, 0x0)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="1000"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x24008000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
r0 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0xfe, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

297.999289ms ago: executing program 4 (id=871):
ioctl$auto_XFS_IOC_COMMIT_RANGE(0xffffffffffffffff, 0x40585883, &(0x7f0000000000)={<r0=>0xffffffffffffffff, 0x0, 0x1, 0x5, 0x5, 0x7, [0x4, 0x80000000, 0x2, 0x7, 0xffffffffffffffff, 0x3]})
ioctl$auto_VHOST_SET_VRING_ERR(0xffffffffffffffff, 0x4008af22, &(0x7f0000000080)={0x97, <r1=>r0})
sendmmsg$auto(r0, &(0x7f0000000280)={{&(0x7f00000000c0)="abb9ece68861a8b91b57b23138778961b863c8bc94ba2915a3273765deaf9c5f01bb7f4862", 0x101, &(0x7f0000000180)={&(0x7f0000000100)="226aa6a723b4569c6f4528307911d0151d2783b6124f2f1490e0c047de12536fd732f3aeebee59e524ac239b6fa5682910a461d1d7362ab7c734515566d52645e3f700fcc01d692354cba81186db2b4b679af6e38241902bfb8394c449a5f00730bff9b08ea28e82d9", 0x5}, 0x3f7, &(0x7f00000001c0)="c7e1977d93f07a95b18a277706c0a25f1e3f75f3731e87748a621618eb559b6c8a62970f3eef309be8aa07ef9ce173b4e960d5dbbdf40c91776187fb362b119a1e652844a0573bf2275d09e62bf2783a339119ff756f40c124e00961bfecb4fc1b68a4ad69d7c6a04ff0ff1de95d17763df068bfbf4c028ce8b9d684cd8ec88df47b02af61293b5b4e2291d2bb86651a1a9286367ed03ac9c48ab40cf9583fb9a065e71fc3a1b87c8098389c53f83f82fb9e13c5", 0xffffffffffffffff, 0x7}, 0x2}, 0x5, 0x9)
r2 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/cuse\x00', 0x521800, 0x0)
r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), r1)
sendmsg$auto_NFSD_CMD_THREADS_GET(r0, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x14, r3, 0x400, 0x70bd2d, 0x25dfdbfb, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000010)
sendfile$auto(r2, r2, &(0x7f0000000440)=0x8, 0xcc9)
openat$auto_fops_atomic_t_(0xffffffffffffff9c, &(0x7f0000000480)='/sys/kernel/debug/fail_usercopy/space\x00', 0x1e9000, 0x0)
ioctl$auto_BTRFS_IOC_SUBVOL_CREATE_V2(r1, 0x50009418, &(0x7f0000000540)={@raw=0x8001, 0x4, 0x74, @btrfs_ioctl_vol_args_v2_3_0={0x401, &(0x7f00000004c0)={0x2, 0x8, 0x912, 0x4, {0xffffffffffffff00, 0x9, 0xe, 0x1, 0x200}, [0x5, 0x1]}}, @subvolid=0xfffffffffffffff8})
r4 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000001540), 0x80000, 0x0)
r5 = ioctl$auto_TUNATTACHFILTER(r4, 0x401054d5, &(0x7f00000015c0)={0xa, &(0x7f0000001580)={0x2, 0x0, 0x7, @inferred=<r6=>r0}})
ioctl$auto_BTRFS_IOC_SCRUB_CANCEL(r1, 0x941c, 0x0)
write$auto_console_fops_tty_io(r0, &(0x7f0000001600)="69202fe03d62cee5d4e49b3dce4fc174", 0x10)
madvise$auto(0x3, 0x200, 0x2)
r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001680), r5)
sendmsg$auto_NL80211_CMD_SET_MULTICAST_TO_UNICAST(0xffffffffffffffff, &(0x7f0000001c00)={&(0x7f0000001640)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000001bc0)={&(0x7f00000016c0)={0x4cc, r7, 0x100, 0x70bd29, 0x25dfdbfe, {}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x7}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x5}, @NL80211_ATTR_REKEY_DATA={0x164, 0x7a, 0x0, 0x1, [@nested={0x8, 0xcf, 0x0, 0x1, [@nested={0x4, 0x11c}]}, @nested={0xf7, 0x13b, 0x0, 0x1, [@generic="b2bd4bc3c578d70f9b01e91dfad8bf48a134e2c814ed1466055d75e87e98e6c4e643fab45eecac8aa7abcd202faf203db172588cca660e8aa3d609ff43c1f36c681abd24e5a1493b82995296d8a3d5b512f9bd3f21046b71f63311195067af635eaa2e66e4b063", @nested={0x4, 0x80}, @generic="f4bcc32c3e5bd645d711a314ceb9a9a2bc83d87de4c984e7a9941dac1befb5f1060ded353924dc41ca83230a38368a681bdffafb49f81bb7a1d1f32c92bc5381bb34148e1417279581bd9ed063fd2bdd03aa84dbb38cc7aace10d5e057333c14fc0d3e76cabef0df3d9496566a16c9466148770a9718cef23472e140c2faf54b74d706c57de33990"]}, @nested={0x10, 0x127, 0x0, 0x1, [@typed={0x8, 0x137, 0x0, 0x0, @ipv4=@empty}, @nested={0x4, 0x14d}]}, @nested={0x50, 0xca, 0x0, 0x1, [@generic="0d2313183ceed7ad8dad568abd76295471e267b6b6580d2be46b847f1c43352f0c595cd76fb633557a6350fd0563ac235850deb74cbf4c81bb74f5b76becab122c436596b50103238f7060bc"]}]}, @NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x3}, @NL80211_ATTR_PREV_BSSID={0xd, 0x4f, "70e5fac73f5f316520"}, @NL80211_ATTR_NAN_FUNC={0x32c, 0xf0, 0x0, 0x1, [@nested={0x23d, 0xaa, 0x0, 0x1, [@typed={0x9, 0x10d, 0x0, 0x0, @str='nfsd\x00'}, @nested={0x4, 0x7c}, @generic="a8b9cffe72cf7498dd0fd7e1cd1d5abe410d53c1877063e79c609755aa8a5b9687f607790e7e7f9a220c3d35c47a9997ee377b524586d73ec5531f7682ed59fb2ffdabc74082b6c57ab2cf78f20b8901a59b8404b1d24fa6270892ce0d47edb29d8bd823a8735ef67e824546aa4c0c2ad169716d76f1397d473b2f5ae9c6dceefa264d544302ec9e1b7cb3c743686ee6bffa4f97a7e4d8d2363d6807fba7e369f7d859d32d2e39abf231e82cc1106db7e314c2a8cb1aa138dcfb65a10afed9ce0d41822233d2b0ad112f1e1cd7bd70e4e3edd3a64a1d94453e45eb9dee122e3649d9b1c83dc3b52fc09982b4", @generic="cb4ea4a12d5905d342d5e485a2b0092a130a7fe0bdba00d7fb36adfe9cc1ed99d3afd5f72ad4b7a6853cf2de908a6fdadd96bef21d456f1af704497c860a9b9068", @typed={0x4, 0x46}, @typed={0xf6, 0x4c, 0x0, 0x0, @binary="e5dbca04a88d0fbd11c3eed60373644a15cda3d00e3486804e11cc5ba0607c0760c50b2144fbf01455971388b0f28cd4ec5b10f0ad54a2db018a3c6826ab5e88fd2a50343ab4f5bfa3308dd3a6886915bae6b85e039ae2d7f74314e52f0456f30a52e3dfebc39695c10471cc0c9b99dc1488a84f682549398eaa7a7f12f468a44cb1ae2d12f10afb192fafe1283a6a8858738eb924269b3cfafe8bb5a11362827b1aa9476f05a6000d0742a014b3352445a60c862df8180df023e8cefb8badc19098cff36ec1c90c83034c2a6194c2c6ba55fe1c2db09d56dc52cbad8ed2b3b5fb4f7585371a3dc82312fdbf1cbabd795ec6"}]}, @generic="34c5815af9f89e3bb122b0cbe0fb62c13a0ab1ac17244b80e0f05146dfbc8392636ee1823b2ce3eafe8e4f41d942d6822f433dc0135d0a5066b8cbf1f78d64159322d2ffc90ab1d5a9879b8b1d2d4710", @nested={0x95, 0x35, 0x0, 0x1, [@nested={0x4, 0xc2}, @generic="acf2415fa83666dca815648b560de9c21899d191894e6fb86977cfc38b1ede22bfd4b47a398fbba6049cb3fc5a2f97ff35778b1b0c1757505d329b7f44b71e4f9bdbfda0e421ead3a2e36387d851ca8977c28db066deffd33a357c4c06e41d5007b67a3e100ddbb5bc3e8906d78612629a97a9c27b034b2eb6d6fcd773c3e0e291126f01119e70fd266f5ff3cd"]}]}]}, 0x4cc}, 0x1, 0x0, 0x0, 0x4c4c0}, 0x800)
msgctl$auto(0x6, 0x1, &(0x7f0000001cc0)={{0x8, <r8=>0x0, 0xffffffffffffffff, 0xfffffed0, 0x7, 0x5, 0xfc}, &(0x7f0000001c40)=0x9, &(0x7f0000001c80)=0xe, 0x5, 0x200, 0xffff, 0xd42, 0x3993, 0xe12, 0x900, 0x0, @inferred=<r9=>0xffffffffffffffff, @raw=0x40})
statx$auto(r6, &(0x7f0000001d40)='./file0\x00', 0x6, 0x4, &(0x7f0000001d80)={0x10000, 0x9, 0xd6, 0x5, <r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff, 0x10, 0x1ff, 0x0, 0x2, 0x400, 0xc, {0x80000001, 0x83e5}, {0xbbb, 0x10}, {0x3, 0xcd99}, {0x7, 0x9ffb}, 0x0, 0xaa7b, 0x80000001, 0x4, 0x8, 0x7, 0x0, 0x80, 0xe, 0x40, 0x5, 0x4, [0x70a, 0x2, 0x3, 0x6, 0x7fffffff, 0x9, 0x7, 0x7, 0x7203be3a]})
setresuid$auto(0xee01, r8, r10)
close_range$auto(r6, r0, 0x8)
ioctl$auto_XFS_IOC_ATTRMULTI_BY_HANDLE(r1, 0x4048587b, &(0x7f0000003240)={{<r12=>r0, &(0x7f0000001e80)="cd36c504b879add1582f43f0a022e338abae067b093c9be3b5b324c77aad791743ef604cb8306eec1cb787213b52ec63eac520d80b7c89e1378861553c2c4e4ef14a4253a19cb45a52a5240553fd37f5a63637be900f145e922bd9686986e7b739f2d9eaab1322047868c2f32900353197243bb2b912e5f80cd4077d931ca63740ab24ef7a1895fcdb88639a6ec3978e1345d0769f8adf3f2d4b9b9736d3ed0d8f4814a3e969f45e1437bb29748131c0d26c9b044f87b60a305febb6f3a09600907bc2b5231edf032f31df9d0ebc79f6f6f8075734997bfe51a3a1cddf1c8eb3ec8e4234ac329830d943b317c759f2d9c766af27179cf7bf40b0526141c5f9111bc8e2765dad95096ad543bc82fba3d61b2e42ff3768fbb6ee6ec189d30de541948fdcc7ca73eedbf4816eada5ab869d009c616554b20e066fd8cfb409c2655442b6203d45612ada2734286599446e6635d343e74cf8bb55e29c41aa358e4eb564230afbce58b8b02b0a48544501851ff9360e2e5bf74bb8a1c501327b0511a987e6b8f5aeeae38e5a8dd6fe4f95070b5b42450b2995592d462b1f22475c9247b36f3c48e23ca107cd67fe4b8116991c0596621556ecd0bfb00a3a4bfeb34b3d5d323c4b458b1196231d9131a93c02ede45160c5acefb8c2cb047fcf11263458e6d0efead0af9a96ed4a241121b66b781cdc91720f57a6aaadf827f90f9f818a1400fee31846a74876ff1bad5b1a0dee9636845b75929f3ec7e5014cd8e2119d983498fe10139f194b28b19ae0ca22949f6e728a9fc40d09cca7d40de9c77580fc2284805b9e0c95d3597090f856d6cfc80a4694f4834a6279dde931e0ae0f3c9dfad8fc61f9c91485258de2cc18c7fa646a9e13376a3b6e6350d2c302bf18c90e5a82c65ec9e3676f28e63d856769fc6ea8bfc37238cb1b17bbe2132a9ee3f8569e95e6a7def0acd26a31721f7e51397eea2dcc57f79a3332a7cf68d268cdd20edf800d2978f1482773fd634c34e5e26299e4f55e2a831e6b2b9a244e507342980941dadd42ec944a2e9eed93a9b5489db6478f75afefc8e289e25be40fc3fac131807bdb04b6bbe169219b7b406054f7b0044d6acf51d7a862b50f4ef11a9d6958eca8795495ce6fa7820f0851d80796a08ccd988b12f1bcecf591b76f7d0e22e1a31ebc38f4e74d80be9b66dca13de6ac4a9c1c535d4c4626bab256f267f198ab81a3418a8cb538bd9a6b2d84842a6adffa0f645dafb78246af61f0b15a5b8940316986254630efd1fd776e885c19666fbfd7786dcf533f3fddf0ffeabbacb28fe504259d12f34f3f207c57990519cc9985e1de6333d249141567016d34b55c88e6fb2510a7c53e7bfc15695887c7091c0ddb057431920d29a579695ede6cc91a8f93df41b9ddab422aeaba555ccf85de146b70376f32c06951e54926f069b7d9ff2acb17b7bd2fe0d563717e2bc9902346d768abc366c51cb5204ec67ebe8633fc4ad87c6575f439935f4b51dffeefc91d9897321761d3ee7794363daabfd7858a5c7c3222003be1fe174722e89aebb353b27663e2a2e0747acd3be767b63de49062e2c39cd44c62d416cc63e0fe271c06f635e1c8549a3909724e3e211d5f03de0a220476fae033e1902c1246f9c9fccbd12d932f13d7c3dee73fe308593ceaef1b758503a3acb0d0d547d6ba84b6f923da886fff8bd03970012a67d6a213a495e7daa877b8f8d6f6e280c8689820fb9b1e66607e0a15103efed4822196218be36ca5e8dca1baf4662ae1d25a4d1588dd01cbab5cd0988e5555889e4eb26d1ac4bc4960e3419df1db70649b5f6e54e4a65621664bea64ff48a7cc3f503aa910316f5059f3ebd9c380015534a8e0576b285a755c9ad1a18f5ee2b0bf93780830a4fbda84c6619071db0b3dec8647751f15000c6bfb04891d3ce3260a1ca9cb6c2f2eb72c1ec40b020ff50e9b3b5e674231fb31349b443602722207e601495614c4804bcbb037fc1c4812c42645b8bdebd0769635f533e7d6c498ffa92168db6c1b8709227b7d93965f44c3e121ee0686860b6fd3d149c9676227c8afc75230389c6564142437486ba59e85af9241810db4f9448a60f9ffa737e694db24f1d951642144ac916edc1387ad86319c8806e1635cd9743b1ce198e566159d7e0ddcfa8d029ede9eac0fb90badee8db71a4cf3fca31f7d332d55b359ddde9951bcf63ae0cb67c92c89656014b20054065a56b6ec36e481ec01147e3ce95f34a171fae6fe089b2e3a4614cb7918380c8e18561c9b15324ab786cbe15725312e553d217549e017c3282ae55e81ae6152d4adcd124498da7a92e3e0c0235ebb8d59c291638c0a7797aa8f7eca61be73e6e4f01273ac5cb2622c832674b17f506ee51d3d48484da9b9353015e5ed0cbae7440c1c2e1f91ebecc45bf10e649a2c2a985ed396e969cf0ba81dab9e7d2e8ba8adef6f372fd2462d69be7052ddf3dca7cdf2446018d7febb85412de03763f9dad5eeeea42292b574bf6932bafac7918f8ad872f5fcd8e1dc17e8cdb16e2d3ccf22350600d515719e6a6fe580ba3614c530cabfe1dad74c97362b034c96d9a5463271b79259472ce5d44299a45fe83422ea28e53a23911fc023a7f67aa91dbbb981b6fad7e8cab3f8ffd3d5692102b686befb331bd9e576168b5578a751bcc1909ca922c8cc6b4762ad8d292d064deeb18c7dbefe8194f1ce656ca660c27893646db12dbabd016712694c1fddac127d075fed21b76e87e179c4bdf5027fee6bd6b65b3c534954b8a4bebe4e52c81417d79010794b5dd6bd09b0d05d010373366888ffa005911b9e6a50df1f1dc085158cf1030333b77b9ef76566dbb965a21a225f8bde15d7af0cf3ef6c17f279370d1a42b05b092c2cb430f1530091ffbda9b27e915ff8016bacb326e14f2fd836dc0322526da3663a2a96d5b3da8b1e3fe6a706b2d873db1f61ac9036d33b322ab4ca380bc31cb49df4be54b0552151e51ad1aaf0094996fc055bdd043fdce1bebb3ac65eb187da86a851a40f8ce017108f6ea00aee2fbef863a943e108d1843055124d93e40394333473eb13ee3ee007a1f50ce334aa356616decf7aebe34a21ac34d667972cc35930a1597d1798f5e51e0b20b509bccca1d198008f9e4d28b11cc114d8d086346017e1cfa31dd0012966eb855e22bde3375150ed91908060bf00902a1a622c0f09b348facfa981db346cfa7d0477b09069ddcb7b8bda8c39b610003f9dd4266280684124055205fe341e52275fde7a9a1719798ce262642c2be8411051274961d07754d1d17fcd5e63de8af291899d75ad6894544605b87ffbe7b3994a12f14bd9dbe7edbe160b9f2b0589b826b0e6af6911b427866b50e8e375a4a91ce6062278d91d43aab6ad091d8edd6fcc5f869d4b2412c18a8f46172bd5c03860ecc9060b8f9ad5462d9eab2a76888404253e4bc11809b585b74d2614298c1df11d573c54273985c6f5940106db2eead03f7ff6765130742ee7399aac6bdd0754d0e2a243b75dee7837f009e942b96b37a09cf17bc3c56ff9d1231defdbf369435ca452d505b7bc94f253f9f3236d4158d5202e761c1d9419ac5693583bcbe79ebce63771e3a288708e5a7ba48dc65b7cf01d7a1a2526ff72571b1a160baf62a0ab3c515721c949eae365d863947040b156b964ff3bc834f1ef405274f0d08df6c4411813a4cdfa30006b5a991d463f775fe9a057cdca5305b09042ad464839132fdd12649a020827186a0e9195f3360915e771ce2b00ff93da8ee3e621b030dd6fc5c1c7e2fac69b16ae86fdd3db7211d3c8e868b720d0a98260c95ff4af944721d9db3f7f6db90aa6093340e5d37c273bb45442b0043ec4a2d653bc40a18d9b5819069fc8f63f000ffe492a1a0ce7f6838fdb05ecfa3ef64abb205ffc8f4c503b35d026eeafd85d37b12abfe4e7d69dee920a69b3d531a7783c74a627f9d5d984987a5f18759aacb1a23bb2645c80f05b8988090ae33226bdb60b9766a29e2c02247d92fcf5ca1d4358458101910d855e8f73a2a70f5bda6a4324d8f3bf8ba3de66c318483597dd73ca74be6e6dd505a655abf6de1f59d5bd39216a995de3139dc16a0898f1cfa60bafc461ff6da7188ecaf42cdd27e56a8c4596f6d3a6445d5276b8e923fdd17f6139f2c2701441b97ae572295b3640cb5395aa6db16c2684021ea2c34fa5dee7b4218ccee9add6442dd043edf3a7f3255b8feca8e58ff0632d5d2c2d5ff3aff472acf4e19ab06eec22f5652bb28981cf47262a1eea536cd4c08a9a6ba0c2416c95f5e697e78093728e87f6e82fa33490ab5ec6544b02d9f4f42ae731a3389c273b79434fd411ca15597b0fcc8f8ca382e54c4fa78f6cb051d3fdcc3f67f85b6916c7a04d50d1da3fc9f3a041586bee9b40604721746ad56a29b064795a63a44d2d64374846351761c30cdddf35dc4f43340623b08a550b91ecdec68e986790e72f38deae31f5d9d43018dc8f2f986426c225c5d011620e5254df2116f62611c9cf64a82b6713579a17b676f3b157eec1bfb3ade393fe0a06fa92f917f656674137ae2ec7b4f0e3866da3766f8ea3ab8f77f7cfd21623c006213f34def0fbce0c906920819c1b98054b9f2b582d5f87898356921591ca8edeb2e3bd47267824977dce23fdf95c65409da8f3528c706bc4cc5f55db477bc7b54c6ac67656e9aeda99de9fac28c82914a8496c9735e1fd3efe8e3684f162ad222f601ad7c2ce8cb3812e7669b4776334e1af03b93aa5efa62537269cdc9d21157499198ff030c9254d6b202c094b08c3fd3319184e8c0b1c8aa20a5e421c0e9cf93d6bf555d08900e670b9880d0b46661b74e7d071ca8d4d9e3bd04450cf21dcf9aeabd985fab5a77f07a6c7611fe76ce1c882c92651017b0df43d9ceaf2b63501dbcfbe294935618c34721b506903b05ba688d837502b247a5819c72597048148d7ac0f605d4ab63e3b59cf40be3b4ed0166c1105d6655b51265ff428e079ea7c03894f55ffdee8c376180329d28408c3250d197e6743782c273cd46a20e0685f3f6c42f86a581fe6592e3e881dc0f4858f57ba1d490e09698687853b182c5772d576cc8be5d56febf270d034604ecf18958bcc60449dd4d9ac4d61bd204b23be7b1ba37b7c12849b0bcf0e1c7010af9c6b82493224c1748413c06c2ee240fdeee465bc51eab34796cdf2df700c3268170809fb81f9526f4d351848f5bd5c1a64e7b34ec8cd34a4143e8820162a0febd099ef04447395f608c7281a31368a111d4641dc2dca9f2fe0443c84d102537a42deba049b788c6a68b0e4fc715cfbf08e2134213fc7375b5d58074abdff6b349a2467dba8c5840cdc030b6a314e10902ef22d6238169f35bffa51c6077f7b91a1f3f73aa643c09d9c7059ac0134d97f9bbd3c0470e6a87b275beff0c54ea64e0bd5aefae6a3fad017b52c44614923e134ba6e48b6ec569e738a0823a1d41e77f79d2da42b126e59c57d08019ac23e01b3d6dcb24485dc1ba2fca947bd2261e8ccb2cea714e740dfe4f1e6168ae3255c1a63e2d832e1ff5a5323bfe83558f7e8465b7b9a9e4f29b1d6cc51e4411d2f61c831dfccc90eacd49dc49fccbf58f13dc967a0eef4b7735adc3bda65be37408385ea28df340e99e26228f431663afa8744375f8f6839e729d1eaa27ea0e09e4db7aed310d4257972db2138f207b7c3166476f2a5eccc14d6962d9c571adfdb65e346fdecd55e6c041382ca6d8919baf258b0bc53b33a92ac29fd973cb9beb47c", 0x8, &(0x7f0000002e80)="a44dd20e8caa1504e43425249574549b0a22d340231588c9cfee25b7e40f58305a380c70846c039d98f4f8a0cb731e1c47a8c5d27e30041bbf9b7a80ed83a40afb32cfde8031d41ecb0226c0ef5b1988fe0943ded114679e8ac02839f5c6126d062638122f6f334ad7abec711d002240eb69e1daa8fb0161b06abebd27068074be14a3469c864490ec47f654fe401067e38580eb255ced0b7cb0b9e50b1c6a063c0f65ab4af6d6cee7ddef07335b04f6821df622952314a637e86ba9f3b17a1b807df7c3ca128bd249b655c1a955092794c6a8f3692eaf64d127fd18", 0x1, &(0x7f0000002f80)="141f4eb38229caabfed24a42606b5474cb3c9dfca3132bd838998ce91d526972f06681693e0d38f75b", &(0x7f0000002fc0)=0xd87}, 0x7fffffff, &(0x7f0000003200)={0xb7, 0x5, &(0x7f0000003000)="8ae014f4fd6a138d938cd4dd3c363c17dab6ba132dc6e62502048abd5107a3169986af80ac618e72bb93c665a897a3288a8265ad9d67bf63c55f41c103256433cf96620eec9696d733db6a0c3d1edc645791b8572c0b655abad4ed79df5ef4e9fe49cf1fd8a707ec625319eecd8392ac48364982919f1dd30643c5ed8285822932e27f4ef34863878c2003abe520004cc1d4dafc2b0141d2e0653d0451d541b50aca7b0c8f7d44e7449200a4cd564949a80b2fba3411e8358e7263b6fb328b47c02886a1a29b8f9e06b973e77b4d65ee850ceac3ad4f9527b27f", &(0x7f0000003100)="4eb79dbf6d03379e9a6f0f9829f522057c3a5d93e5224adc5af0a52e374a731383222e35a913b5c92759e849ff32a150628e951732a4bff059e1b0117969ea41e250b9068564d075068676a278b53e1d6a7b053a52524464fd19d240933f706bb27aa52fd3a0874ae2c28b54d719fb4ce4d7658848576032fc124d7be68c0cc445498e60d15a2e514c25ab31ced8f03421a431721a03658eba5328f46f065e14209c6213dd1c551585b8600d2f1fcbc4f6c664543e99800a0f1c81584e9f8d0ad11e3330bcf51fb1a717735ed203a6286d32b0e9b00c2b2c764d3b6cedc406beb8719ce6d0ec9c1c022b66e6769fda473c7b1db0a3ad330352", 0x6}})
sendmsg$auto_NL80211_CMD_GET_COALESCE(r12, &(0x7f0000003440)={&(0x7f00000032c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000003400)={&(0x7f0000003300)={0xe8, r7, 0x4, 0x70bd2b, 0x25dfdbfd, {}, [@NL80211_ATTR_SCAN_FREQ_KHZ={0xc7, 0x124, 0x0, 0x1, [@typed={0x8, 0x82, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0xec, 0x0, 0x0, @pid}, @generic="fb54dad53fb5ae8c56032978fb4d3e20038c9608a7905ae286a3915f7d5c5840488e2d50b778af31b12ed9b17cbd381cd12912a6f2b45eb1ef685c4b5e9c0f9fe107bb6a49fb816169178b6e5b17324aae365996413cc4bbcaf9ca8311ef48c5e388366c06abc4c5ec9543caf27c441c256d71e1cfe95af934eba0a76da0a6f3b533b8acca28ad838ac1754d4bbd0d722d32bf7c8687611caf33802b03d47e3a9dbf07b3d3424b1de41d1a6f2ebb1ffe6c293c"]}, @NL80211_ATTR_FREQ_FIXED={0x4}, @NL80211_ATTR_VIF_RADIO_MASK={0x8, 0x14d, 0x3}]}, 0xe8}, 0x1, 0x0, 0x0, 0x40000000}, 0x20004000)
r13 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f00000034c0), r12)
msgctl$auto_IPC_INFO(0x0, 0x3, &(0x7f0000003580)={{0x7, <r14=>r8, r11, 0x0, 0x1ff, 0x0, 0xfd}, &(0x7f0000003500)=0x2, &(0x7f0000003540)=0xd, 0x8, 0x2, 0x6, 0xfffffffffffffffa, 0x3, 0x10, 0xa, 0xff01, @inferred=<r15=>r9, @raw=0x2f83})
sendmsg$auto_WG_CMD_SET_DEVICE(r6, &(0x7f0000004740)={&(0x7f0000003480)={0x10, 0x0, 0x0, 0x2020002}, 0xc, &(0x7f0000004700)={&(0x7f0000003600)={0x10f4, r13, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@WGDEVICE_A_PEERS={0xaf, 0x8, 0x0, 0x1, [@typed={0x8, 0x13f, 0x0, 0x0, @uid=r14}, @generic="1e1cd470a45efb01722ff4e61c2d2d8cf50082223112e3e9132d0c44cd0d32ad48c9eec30428e9afa370ff1e4740413bd5e828f85a41abf0288b05872737db239b07015096b28f93d0f12d540a615cdf9b2f33e957151683f4ee4d76a31c7ee9262751ae598f4b8fcb88191731fa011def79ea68d085507c04a94e19855f20ee09521efae11594389e81006a20500bb904091b00ef3e49333c6a95fc4753858e57dddd"]}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'nicvf0\x00'}, @WGDEVICE_A_FLAGS={0x8, 0x5, 0x7}, @WGDEVICE_A_PRIVATE_KEY={0x1004, 0x3, "45e34eb30292625a6c1c065b9fc8a29f7cbb8bd96b0a178773b11bceb20222723e984be5d1dac206e55b7224583e4b9ed7a970b41ed02895ac897973751f25e0534bdecbbb17749a9d643062e683cd0135aafe2f1ce0fce00f24c7983591f43fcc65ac3903419a9e6dc4e9dd1b65fd849180ceb2378341eb5913f19b478fe95efcef2e0c90757301b75b70891509752b1c2b5f83c1c5f7e3d76e4a4c6d7bcfa902fead4d53778a986cf8fcf28ea7a8397f1c3a025bb1d73d05cbf748dc13140ae7d25cfb866a29c1d8b5224263b582af0b3d961907e3f46937e84ceab887496963c8267b506112f3b171438172c5fe342e568d16c0bfb9fde8253ebde6621ef612dc8c1a7b59c31ac6442905682065c7d7594eab8a4b8b12f6f1fff4496671900d362a8d60e39c19c8478ac2b48dc60516166ef166edde8c69eeddbc9a3dd274ea7de8bdd5381a1b92f9232dfb5ced0de1c82d6ca17f7be9109e217261f4a00b30b6d4c0b87603f5832ea5198cce1e10cd781bb5d2f680035c336b37c05df149573600bcd311c681694b27a8aa9b74d9259560974bd17c96f55586285e4cbc0e3a03825cf66b6915ffabdfeeab697d41d8f6e5c97a81037f98ee1b2d057291bc678c6008108d5f2006f38ffb71c6c3b77be7f1a43cc7a5ffaa01ae7d840ea6aa3b11c4be51e30790713838e29d471b195b911c31dcad40ae22e45b9b968949f3227bcd31323fa8e02439d4974c31f1ea7f2cf3be157d76b294b1adf98bb99d69702572d30baa3a956414ebe009dd9f0f110ea14add6b9ca123e3477a01fdc00370ac13b544ec7b356a476f0ceadbd73426d37adb064a2b3b4d44f44938876b33f0307b2fff03d9e70617f9c03a04931dc7bb8f3fcbd0fd77a69ffc571bae415da9195dec9094fd665fcf57c3760cfbc9f2c7ea1e8cfca7730ae2be9dc8cf7bc82503611cafc06b19fb26b76cac2b4df1b838329f3cf34c7839c64414809fa849a7852fe80b1520714482cc379303f7233c353e978b5179b833f88fd68a5a25c0a7a9f4811aafc85d5b1a8bc486fa3ac2d69a94868348c6deffbb85a65e6cf11d1708de70a86745aca61ed7e9433fc3c80f5d7e28e30a7caeab1c82b0ab603bd9bcdb277a283f3f4f68b7f410af0d69a9a6073f7ab70013717db1ffa468524703d73789f2abf05f4d136664ba400032ef59fec2d374fee9645ba804556e08d2ea10b3eef634c965f27f76495c6a9d4f428c3edb067b8a15cfd9050b4327ab95a154f148f02268e9c5be3161b1e4e2b45773170ac4da6e2167553d8cf2014880e646db85c057a717396c2e0fbaf9b5dd5c905270039b2aa97cb71d9818604c377ea88df9ea1640e8cfa7dee0d1e39fb076c1c23b01df8c197da4afba8c94854c4f5a3cf211a952d3e2035ba03971ff344a5607413f539646beb2e143e910420874c659f68bf1ec5ec58adeaa310fdbaeca13fcd259f1ace7de9bc24cdc5cd5fb2a546f658eb6422a82a23b18f3776f18b7c0ad806442ce3eea501734791f55b7a4ba6bc5905dbe9085aab6939dec836ca294f468669fec9e82326e02fb4489f3556b2730f5121dde0e9e2f40518660f2511604720373ab7cf9a42c70d4160806bf68ff12e6b0b61f7ae4c5e61521c6bba6aff53c265cbf090ca906ac62aea5e5250386cd4fb156a48baec44976ced87da7b9c0b78c0b82e3657d6177484264e8cd8d0c826f077412af93b1ded21df46aff3938ccc4bb13b78f6ea436fc8024fc5a8f1fafcb96dcf2794cfc733099904e3f16445b7f0d50c5dec4c2f86809edc7594db723f0ffbfb042e4694ef0145e34c0acf8f9337e3e65988bcff32ad1b724564f43e5dd6e121e2b6067f9e0df53f938609307f1e02ffb5e7a3212a34e9c2fbf61b42f9a140b2b9905dbdbba7359188e3f4ff248d8239d8f402f5cf109dda083ab726411cee59945a10958463b075202b2e94f13ff8ecc8a2a20e0ecb2c239af2d3e7e9b42b3fae5b0983c1fe280b1adc6a779c9e6c4279c2be4694f6869c993de39e8e817bb0d1c730ec1ec62e1943f23c659414e9bba0034b319b87fa0c28d5aa7b6eb55717562dcc7bde1e591a7740c6812fef91c44ebb59ef5057eb296bef18228ef2da4d976c1d0551ade347c6f729ae4893ab74447b6d8ee74791976951a9c05b3272589320cd47cf11ee64a58abbebbbe1ba93b685f7c82af3d4cdcdd4da6e30f73670d0c766ba0d6c9812ee6188a45c469888fc3da1af48e652ca2537552a4b043b312ffb91b6c84a282e685c7a3f482315ac9de7b49c5ecfd7bcddee736dbe43437e8276eea606bccb8a7b4807ecc56bdb5c43408eee6b41c3731a771177706562a116fc64314575bca79fa5dada2c169819e4bfce5115c759a246c198c37d6887749d153bf8155d3d40c5e88479f87d4b63e3f8a760a05755636006753bc6c5e2da9582f7404a01871f2d992cdab2a97d26b1a8e4d9cd4e9ec510f741e4fc3b4199728b09cb416cc3a5945b42da984af36b1827d6d3304c0c45980f53fea95dfde43f30cff4ebd4cf6c13056d12810360a8b0793831cbe5606b4d7652e2dc2332d58cf1a3d4fa0a3a74b15151a6b9e222bf77cb0ad6821fac6dcbd06c856dba15c01dbbf4d4b8d1eb46bb998d1d2b2010891d6c1b18375716adb343dea93f342e29cad48c939da4a323b7ad7e0695a229acf74f661143123f10ef7f7665c3b68dce0259c01cec6081570913a7908573652888ca1d8e663f38b8adbae8c48b7cc951ba327d8a085b58e2864bb0cd410fa25078a01afb18b337458b8d0ed596d6d6efcdf49e3bd450cc758e8e9b767bbfb2bb8d4791061b762522020171168edde92b71bb2cb6d7e549b9917b7ede83688dbb6c30d1aeb1c8096cd377e9c15c140bc5325913e5996e555047d464f8138309adf78a626b7cd5e0f841cd70dbd7e81ab6c68ce5165014ffe7bc03f782c27df77190e6e0f43cd523a663c983e0a9843fba1b84d06c7465577354f58ea519093e5a4b8b3aec1c4a7944986569d84f9d88b3a9daa3da3a25cbbc387f2f9a9ae9c7d4afc2aca787626260f8920baf0ddc130a646e09737deb351d727813d2ac6c3f79fba40909033f2ab69e5e4df2a4b0a485141a80d5c89e5da11517ea30f7a11957396ececc49d00836d109a97f00947e24c7574611b7e44da28d8369c44172231a204cd3097d97d3e6eca0061bdbee60d9a7e178e67bc81dc4d7dcebad2d26f7cddb301c428e2187907b3a3eec470add2ad09838f70bef08cf4567f1e24ea777ffcdd9b9b44cfec1c556bd003bce065d9f20eedabc6d03f50e816e983375550ecc5fbb56a254feea00eefdf8f3be04076a0c9aa22260f08ab7f1a6a42c3b9cef47e1e25800a870baff72b8e427f316fd7d9b0b7026b0eba69c4a0577eadba046492ce21c7fcf9a8119328b620bbdcdcf54d6539796a1c1e723c25a48c581208b9ad57f348b832a4900fddefd718cc22c5d35e078b1eafe75d6501b7b6912b549c1e13f32c83cef3c10e4f3c1296515dae43bb6026c60ed03cfe44f103f113a3165643d789933e6f53d1203e92d7acf302573f069cf6a0efedd0a94308b8f3106e9a3b57fef15b480cb7fb0a17719e678a1f058ca149dd7141ddc3bf78ffbe95b45caeb8341aa3324844c543d98c9258735e46c058e1509744043e2238bfb70b1dae6c1f4e62292360710027517116e7080878c722e97aea87b8c5ddc8c5c4bcf63aaee4953ea6a6d6e3feb78003037621190f5d7f16f0dd102d3e7b0f7ab0cb4e4f7fd66fd0c91e3e859cad15fd2f6671cc611f86c94bf824d2d3a1e2479a54f504bb747c47bd5684afd563ae249b0ea971fa5ebb8f0eaadadf68c84168abb1c77d870dc950c64331e4bb9f3cb06ab68f39c95197cedf8ab7490048e5c133cfa8aa6d86d89ded35e0c61ffee1e0b3434a5c37da0f684790477a535d69599ba492bd97d096cfe94c58d3b5886d54c33c61b04249b387d635595d369f19918334db200cf1503f4a61de51775bb08246a1e22ad010d3b25f7d5b217b6287f0aec3fb782c7758325e8f060f059fe0f6a5c5a59cc5fa870be40570de3fbbfa23e092c5bb093def0502f3f23b5cb4a13873966900bd3d55542f329b2c621cdc6a7b8273ffb5aba14f030c327cfe4137efe08abe5d3c2b9d40101a06556e20e56b4e1b2c6c81cc44d5b7ec0614b162dcc38811f4bfaedd9a8c4f68d69f19172668f3908dc8967a68439bbea1056daa4772d7828b78358978d80a3008d23c3a4df7b5ce495d5a904d9177f01de0ff2003c29d291c0de4e7f1f5bb5f71056aab56f4e96cf1a24f7f93420dd7a0256a2b76357c6077f0c522ef45b747b15a8a6b1a99a8605a75a46ecc827b9844a89a48356bee3278968033b85f0f865f22437b4dc3255df825015aa41222b24f7c600d3a34e3b11a3a7ec86ef9214c5faf520d58d307135fe1f3c3ebe253f0bd6ce8562d998b6ab2ca47aa87cd7644d1b6fbd4b35fce28f218b8f158f887777761703ba86ec3efe1b9c00e8cf2e64711709e3600effafe382b7c8a8ec664708b077dc091fb525624a534a4b5bfc03fa4cbf17928a17f7f4ba2a3441b4132254bd4569a1b2adf15aa9d2516915920abebdf817d25f73e25d20b4fa55a42f649b5a57f51377c5d269baa7ce15998899bc2f081e2689e16922ed781602eae4c3f0e466919d0f20392deeb000b0fa1ece7b708edab9322e743defefe8e72b689e92b6df9c71c844f389924c63b3cac0c32e144f08009693b97dde61d59d0a594ef4c7e20245c000770ba2f0011c2eba2692ca2dac967d5d9756eb20b15985745791f1438c0621c0f69c4a12aa74bc218ac4ef30b02e8b1cd668abfbb98ead12e54954911ab56fa00b052c3288ca4b776e299f2c3f72c5731bf670e311940eb81ed5716107f2da5b5a09afe25039572cbd44ecbc377e3718e17122de223a9b8b3b37a007f92b29b38e97f09e0f9994a74ce51aef1320597ad52155f48c66594655227e921b96d0581fd820e36ece56a5dfd9f23c564bc86988a921c76c1b611848faf74535ea5f0af0b52dcb51ced7e1722df285e9081c482905b7466694eaa608ded24b2341e6aa572bb138876677de692bb67a747bed1539895f4b513ccb39d2a12e165f442a69357a4c1cd0f4f8c0506f5b62a7719456df8120aae9453cfc3428e96cd50ffe336506634d4fa5a509ef7d3aa8052590b7c6ade6810f629c65b5c55e83b416ed7e345fd0bf274f8f9578e76d9c55e6e7c57f8d6541dcc9ec769c55efa00fe2c0f094cf9e6d79f136137e19caa24685334b914818ec210e6e96389413721f0106edb40e15ad869f01ffc846975d533f280c32b0137fa38f120c2eb2fc1ea9aa0c8868f0cd66ed5b94cdc77c3c61f21a86704ba28ff99c4b249dae9041ce356600fdcbd2fc6c02c807750295ba0ee7bff246ffbaef621d05e20a362f735c37abb61d92d2e808bf7c26e564b6d6ea2d72c5d90777d0ab8e2b95dc79b373bb9dfc31cf7ee4212d60fab564f601b94c3ce935939c12f2622fcbd9bcc144d5fcffa691cd84be31315bd363fb67a4a7b426072e726144f64c347b0e43ac964cd719dd7a943168fa4a44ca336f93ca1456845aba96ec12b1a65c3198de9a40d97fe215f75ed1128d665e0b84030966838c367d4058578ff05fb70f658da57f5d46a8685629d7db6ab350dd3ff95b27d4c3a09a1ded566ff9df2c23b1f7492ce7b202c2df33116ee29c49fef68025cdef3b916f1d287ee9d3defaec03a39338ed345"}, @WGDEVICE_A_IFINDEX={0x8}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x80}]}, 0x10f4}}, 0x0)
mprotect$auto(0x0, 0x9, 0x80000000)
r16 = getpgid(r15)
sendmsg$auto_NL80211_CMD_RADAR_DETECT(r1, &(0x7f0000004980)={&(0x7f0000004780)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000004940)={&(0x7f00000047c0)={0x14c, r7, 0x200, 0x70bd2d, 0x25dfdbff, {}, [@NL80211_ATTR_SSID={0x21, 0x34, "acef51beecad33c04a7c636896cca49ffdb060cb1759e228d8db2ac496"}, @NL80211_ATTR_STA_FLAGS2={0x33, 0x43, "6f2a41d90b45b7710040610c1e073aabeb3f001283f929b54f1e93df5a370e1767cd6dff1bd76bb8af7b83bf2d3589"}, @NL80211_ATTR_WIPHY_TXQ_PARAMS={0xde, 0x25, 0x0, 0x1, [@typed={0x8, 0xff, 0x0, 0x0, @pid=r16}, @generic="72f212eabc92aeeb6b93da8fa985ec076a0cf66266592d6156def2e626fb1f81d575dc020ff81bd5ddb23c98818172892d7a5fe9189a075f61d6b8a436a32f0949c37cdb89e0b89440ff0e2521da620f27ffc7e0dadebe1eb7fc83089097f8c0c5fa4c003c689f844454b0d177e26884111f79a9e827005f82a35400854219d651cbe55404705a419fc3e9f18d2e3e1481c0b5a12f1e38b5e00026abb29819dbb44b413ed2bee1391341d4ddbd5b8ed7ede0ba95878c32ae31eaecd84b671984ebe15463c74fa07ca0e2d5cd0525013038a6"]}]}, 0x14c}, 0x1, 0x0, 0x0, 0x4040082}, 0x20008840)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000049c0)='/sys/devices/virtual/dmi/id/chassis_serial\x00', 0x1730c2, 0x0)
ioctl$auto_NS_GET_MNTNS_ID(0xffffffffffffffff, 0x8008b705, &(0x7f0000004a40)=0x3)

118.572423ms ago: executing program 5 (id=872):
r0 = socket(0x11, 0x3, 0x9)
sendmmsg$auto(r0, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200), 0xf}, 0x7, 0x0, 0x5, 0xe}, 0x5}, 0x1, 0x101)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x4000ebf, r0, 0x7fff)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000140), 0x22180, 0x0)
writev$auto(r1, &(0x7f00000003c0)={&(0x7f0000000540)="3ea225d32d6572e46b42c797cf8bb1e6b39bd2c7777940852dd19fe0b0fb8da20b27925b49be55b0f6094a5a988e72ce80dd715ebff5b5077790d30b24692bdf9bd9ad047870", 0x8000}, 0x9)
socket(0xa, 0x2, 0x73)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
setsockopt$auto(0x4, 0x29, 0x2a, 0x0, 0x200577)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x801, 0x0)
connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2711}, 0x51)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0)
select$auto(0x6, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x3, 0xfff, 0x1, 0x948b, 0x3, 0x95f4da2a, 0xffffffffffffffff, 0x3, 0x62, 0x7, 0x7, 0x6d3f, 0x9, 0x4, 0x5]}, 0x0)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mdstat\x00', 0x1c1080, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r3, &(0x7f00000010c0)=""/4096, 0x1000)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0)
ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000100)={[0x1ff, 0x6, 0x1, 0x3, 0x8, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80040021, 0x7, 0x6d3e, 0x7fff, 0x2, 0x6]}, 0x0)
select$auto(0x7f, &(0x7f0000000040)={[0x1, 0x7, 0x7, 0x2, 0xe, 0xffffffffffffc24e, 0xe1a, 0x7fffffffffffffff, 0x3, 0x4, 0x6, 0xb, 0x7, 0x7, 0xffffffffffffffff, 0x80]}, 0x0, &(0x7f0000000340)={[0xd6db, 0x9, 0xc2, 0x4, 0xffffffffffff2623, 0x3, 0x8001, 0xfa, 0x9, 0xe, 0x140, 0xc, 0x9, 0x2, 0x4, 0x6]}, &(0x7f0000000280)={0x9, 0xc89})
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f00000010c0)='/sys/kernel/debug/tracing/trace\x00', 0x80601, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/neigh/veth1_macvtap/locktime\x00', 0x103142, 0x0)

0s ago: executing program 4 (id=873):
syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000040), 0xffffffffffffffff)
openat$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000000), 0x8202, 0x0)
ioctl$auto(0xc8, 0x800454db, 0xffffffffffffffff)
mmap$auto(0x0, 0x20000000009, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto(r0, 0x89a0, 0x8)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{0x0, 0x4, 0x0, 0x2, 0x0, 0x20000}, 0x4}, 0x1f8, 0xb07e)
userfaultfd$auto(0x5)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
write$auto(r0, &(0x7f0000000140)=')-+\xa2\x00', 0x6)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
mmap$auto(0x0, 0xffffffff, 0xe0, 0x15, r0, 0x7)
r1 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0)
write$auto(r1, 0x0, 0xe)

kernel console output (not intermixed with test programs):

	


	













	

	



	

	







	
	

	




		






	
	


	
	








	




	





	
	












		



	


	
	
	
	
		

	



	
	
		

	

		
		



	

				

			
	

				


		

				












	
		

	


	
	

		
	
		
	
	



			








	


	


	



	

	

	

	

	




			
			
		


		


	

		


















	


	
	








	




	





		








	
	
	
	

syzkaller
syzkaller login: [  137.354838][ T6332] smc: net device syz_tun applied user defined pnetid ETHTOOL
[  137.451244][ T6322] netlink: 12 bytes leftover after parsing attributes in process `syz.3.88'.
[  137.738316][   T30] audit: type=1800 audit(6041561795.337:2): pid=6346 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.92" name=05 dev="tmpfs" ino=115 res=0 errno=0
[  138.036672][ T6353] FAULT_INJECTION: forcing a failure.
[  138.036672][ T6353] name failslab, interval 1, probability 0, space 0, times 0
[  138.060925][ T6353] CPU: 0 UID: 0 PID: 6353 Comm: syz.0.93 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(full) 
[  138.060972][ T6353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  138.060990][ T6353] Call Trace:
[  138.061001][ T6353]  <TASK>
[  138.061013][ T6353]  dump_stack_lvl+0x16c/0x1f0
[  138.061062][ T6353]  should_fail_ex+0x512/0x640
[  138.061113][ T6353]  ? __kmalloc_noprof+0xbf/0x510
[  138.061152][ T6353]  ? __register_sysctl_table+0xea2/0x1900
[  138.061189][ T6353]  should_failslab+0xc2/0x120
[  138.061229][ T6353]  __kmalloc_noprof+0xd2/0x510
[  138.061262][ T6353]  ? __register_sysctl_table+0xe8e/0x1900
[  138.061309][ T6353]  __register_sysctl_table+0xea2/0x1900
[  138.061356][ T6353]  ? __pfx___register_sysctl_table+0x10/0x10
[  138.061391][ T6353]  ? is_module_address+0x69/0xf0
[  138.061434][ T6353]  ? register_net_sysctl_sz+0x228/0x3e0
[  138.061487][ T6353]  ? __asan_memcpy+0x3c/0x60
[  138.061520][ T6353]  mptcp_net_init+0x499/0x620
[  138.061565][ T6353]  ? __pfx_mptcp_net_init+0x10/0x10
[  138.061608][ T6353]  ops_init+0x1df/0x5f0
[  138.061653][ T6353]  setup_net+0x21e/0x850
[  138.061698][ T6353]  ? __pfx_setup_net+0x10/0x10
[  138.061736][ T6353]  ? lockdep_init_map_type+0x5c/0x280
[  138.061780][ T6353]  ? __pfx_down_read_killable+0x10/0x10
[  138.061837][ T6353]  ? debug_mutex_init+0x37/0x70
[  138.061872][ T6353]  copy_net_ns+0x2a6/0x5f0
[  138.061919][ T6353]  create_new_namespaces+0x3ea/0xad0
[  138.061965][ T6353]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  138.062007][ T6353]  ksys_unshare+0x45b/0xa40
[  138.062052][ T6353]  ? __pfx_ksys_unshare+0x10/0x10
[  138.062093][ T6353]  ? xfd_validate_state+0x5d/0x180
[  138.062149][ T6353]  ? rcu_is_watching+0x12/0xc0
[  138.062189][ T6353]  __x64_sys_unshare+0x31/0x40
[  138.062233][ T6353]  do_syscall_64+0xcd/0x230
[  138.062282][ T6353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.062315][ T6353] RIP: 0033:0x7f9a0dd8e969
[  138.062341][ T6353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.062371][ T6353] RSP: 002b:00007f9a0ec7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  138.062401][ T6353] RAX: ffffffffffffffda RBX: 00007f9a0dfb5fa0 RCX: 00007f9a0dd8e969
[  138.062422][ T6353] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  138.062442][ T6353] RBP: 00007f9a0de10ab1 R08: 0000000000000000 R09: 0000000000000000
[  138.062460][ T6353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  138.062476][ T6353] R13: 0000000000000000 R14: 00007f9a0dfb5fa0 R15: 00007ffe2fb23368
[  138.062507][ T6353]  </TASK>
[  138.062607][ T6353] sysctl could not get directory: 
[  138.101201][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  138.104993][ T6353] /
[  138.110677][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  138.116173][ T6353] net/mptcp -12
[  139.686369][ T6379] ubi0: attaching mtd0
[  139.940467][ T6379] ubi0: scanning is finished
[  139.945209][ T6379] ubi0 error: ubi_read_volume_table: the layout volume was not found
[  140.229460][ T6379] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  143.936114][ T6447] Invalid ELF header magic: != ELF
[  145.174157][ T6460] netlink: 'syz.1.114': attribute type 32 has an invalid length.
[  146.014731][ T6467] netlink: 8 bytes leftover after parsing attributes in process `syz.1.116'.
[  147.047287][ T6464] kexec: Could not allocate control_code_buffer
[  147.893889][ T6498] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  149.291681][ T6535] netlink: 48 bytes leftover after parsing attributes in process `syz.2.131'.
[  149.660520][ T6537] could not allocate digest TFM handle 
[  149.677015][ T6543] misc userio: No port type given on /dev/userio
[  150.232912][ T6557] Invalid ELF header magic: != ELF
[  150.717615][ T6567] sg_write: process 146 (syz.3.140) changed security contexts after opening file descriptor, this is not allowed.
[  152.009965][ T6578] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(6.0.0), cmd(10)
[  152.352611][ T6595] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(6.0.0), cmd(10)
[  152.637187][ T6586] zswap: compressor  not available
[  153.127749][ T6593] workqueue: Failed to create a rescuer kthread for wq "nfc4_nci_tx_wq": -EINTR
[  154.076226][ T6644] syz.1.152 uses obsolete (PF_INET,SOCK_PACKET)
[  154.098574][ T6633] random: crng reseeded on system resumption
[  157.781054][ T6712] syz.0.165 (6712): attempted to duplicate a private mapping with mremap.  This is not supported.
[  157.805373][ T6699] random: crng reseeded on system resumption
[  157.821747][   T30] audit: type=1326 audit(6041561815.407:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6695 comm="syz.1.162" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8aaaf8e969 code=0x0
[  158.878214][ T6727] zram: Cannot change disksize for initialized device
[  159.885175][ T6735] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(6.0.0), cmd(10)
[  160.484324][ T6741] zram: Cannot change disksize for initialized device

syzkaller
syzkaller login: [  161.886275][ T6756] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  161.920168][ T6756] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  162.036416][ T6770] netlink: 93 bytes leftover after parsing attributes in process `syz.2.176'.
[  162.112345][ T6756] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  162.205395][ T6756] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  162.213889][ T6756] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  162.338549][ T6756] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  162.453725][ T6756] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  162.479034][ T6756] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  162.510989][ T6756] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  162.638967][ T6756] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  162.645110][ T6756] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  162.728276][ T6756] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  162.934074][ T6780] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(6.0.0), cmd(10)
[  163.158032][   T56] Bluetooth: hci0: command 0x0c1a tx timeout
[  163.913887][ T6774] netlink: 334 bytes leftover after parsing attributes in process `syz.0.174'.
[  164.235109][ T6795] netlink: zone id is out of range
[  164.240477][ T6795] netlink: zone id is out of range
[  164.245631][ T6795] netlink: zone id is out of range
[  164.250906][ T6795] netlink: zone id is out of range
[  164.256059][ T6795] netlink: zone id is out of range
[  164.264981][ T6795] netlink: zone id is out of range
[  164.270455][ T6795] netlink: zone id is out of range
[  164.275611][ T6795] netlink: zone id is out of range
[  164.279000][   T56] Bluetooth: hci1: command 0x0c1a tx timeout
[  164.293265][ T6795] netlink: zone id is out of range
[  164.321378][ T6795] netlink: zone id is out of range
[  164.517881][   T56] Bluetooth: hci2: command 0x0c1a tx timeout
[  164.683510][   T56] Bluetooth: hci3: command 0x0c1a tx timeout
[  165.237201][   T56] Bluetooth: hci0: command 0x0c1a tx timeout
[  166.357063][   T56] Bluetooth: hci1: command 0x0c1a tx timeout
[  166.597239][   T56] Bluetooth: hci2: command 0x0c1a tx timeout
[  166.767138][   T56] Bluetooth: hci3: command 0x0c1a tx timeout
[  167.260735][ T6858] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  167.317155][   T56] Bluetooth: hci0: command 0x0c1a tx timeout
[  167.818634][ T6857] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[  167.867873][ T6857] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  167.914152][ T6857] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  167.929327][ T6857] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  167.942203][ T6857] raw: 0000000000000000 0000000000000000 00000008ffffffff 0000000000000000
[  167.951361][ T6857] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  167.964322][ T6857] head: 0000000000000000 0000000000000000 00000008ffffffff 0000000000000000
[  167.976050][ T6857] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  167.995272][ T6871] syz.3.200 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  168.007056][ T6857] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  168.015816][ T6857] page dumped because: unmovable page
[  168.037368][ T6857] page_owner tracks the page as allocated
[  168.044479][ T6857] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 23, tgid 23 (ksoftirqd/1), ts 94537178292, free_ts 36360864687
[  168.075551][ T6857]  post_alloc_hook+0x181/0x1b0
[  168.087996][ T6857]  get_page_from_freelist+0x135c/0x3920
[  168.095985][ T6857]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  168.128601][ T6857]  alloc_pages_mpol+0x1fb/0x550
[  168.138710][ T6857]  alloc_pages_noprof+0x131/0x390
[  168.156073][ T6857]  skb_page_frag_refill+0x186/0x5a0
[  168.172708][ T6857]  try_fill_recv+0x79c/0x2690
[  168.182090][ T6857]  virtnet_poll+0x1e23/0x3c00
[  168.198589][ T6857]  __napi_poll.constprop.0+0xb7/0x550
[  168.204155][ T6857]  net_rx_action+0xa97/0x1010
[  168.212430][ T6857]  handle_softirqs+0x216/0x8e0
[  168.236071][ T6857]  run_ksoftirqd+0x3a/0x60
[  168.256638][ T6857]  smpboot_thread_fn+0x3f4/0xae0
[  168.264099][ T6857]  kthread+0x3c2/0x780
[  168.271706][ T6857]  ret_from_fork+0x45/0x80
[  168.276354][ T6857]  ret_from_fork_asm+0x1a/0x30
[  168.282874][ T6857] page last free pid 1 tgid 1 stack trace:
[  168.291918][ T6857]  __free_frozen_pages+0x69d/0xff0
[  168.302596][ T6857]  free_contig_range+0x135/0x3f0
[  168.311093][ T6857]  destroy_args+0x66f/0x830
[  168.317103][ T6857]  debug_vm_pgtable+0x130e/0x2d50
[  168.331112][ T6857]  do_one_initcall+0x120/0x6e0
[  168.343729][ T6857]  kernel_init_freeable+0x5c2/0x900
[  168.365020][ T6857]  kernel_init+0x1c/0x2b0
[  168.391110][ T6857]  ret_from_fork+0x45/0x80
[  168.409531][ T6857]  ret_from_fork_asm+0x1a/0x30
[  168.447238][   T56] Bluetooth: hci1: command 0x0c1a tx timeout
[  168.681013][   T56] Bluetooth: hci2: command 0x0c1a tx timeout
[  168.837195][   T56] Bluetooth: hci3: command 0x0c1a tx timeout
[  169.584078][ T6880] CIFS mount error: No usable UNC path provided in device string!
[  169.584078][ T6880] 
[  169.603733][ T6880] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  170.953611][ T6909] netlink: 4 bytes leftover after parsing attributes in process `syz.1.206'.
[  174.141135][ T6964] netlink: 8 bytes leftover after parsing attributes in process `syz.2.219'.

syzkaller
syzkaller login: [  179.905401][ T7009] ptrace attach of "./syz-executor exec"[5830] was attempted by "./syz-executor exec"[7009]
[  182.211605][ T7077] ptrace attach of "./syz-executor exec"[5823] was attempted by "./syz-executor exec"[7077]
[  182.387758][ T7090] netlink: 24 bytes leftover after parsing attributes in process `syz.2.241'.
[  182.696192][ T7088] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(6.0.0), cmd(10)
[  183.107326][ T7102] netlink: 28 bytes leftover after parsing attributes in process `syz.2.243'.
[  184.228291][ T7139] netlink: 48 bytes leftover after parsing attributes in process `syz.1.249'.
[  186.971823][ T7185] ima: policy update failed
[  186.976632][   T30] audit: type=1802 audit(6041561844.567:4): pid=7185 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.261" res=0 errno=0
[  187.048222][ T7185] ubi0: attaching mtd0
[  187.119622][ T7185] ubi0 error: ubi_attach_mtd_dev: bad VID header (63) or data offsets (127)
[  187.686509][ T7190] ima: policy update failed
[  187.722728][   T30] audit: type=1802 audit(6041561845.287:5): pid=7190 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.260" res=0 errno=0
[  188.710754][ T7217] FAULT_INJECTION: forcing a failure.
[  188.710754][ T7217] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  188.738971][ T7216] netlink: 8 bytes leftover after parsing attributes in process `syz.3.269'.
[  188.760455][ T7217] CPU: 0 UID: 0 PID: 7217 Comm: syz.0.268 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(full) 
[  188.760488][ T7217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  188.760502][ T7217] Call Trace:
[  188.760509][ T7217]  <TASK>
[  188.760518][ T7217]  dump_stack_lvl+0x16c/0x1f0
[  188.760556][ T7217]  should_fail_ex+0x512/0x640
[  188.760594][ T7217]  should_fail_alloc_page+0xe7/0x130
[  188.760627][ T7217]  prepare_alloc_pages+0x3c2/0x610
[  188.760664][ T7217]  ? rcu_is_watching+0x12/0xc0
[  188.760689][ T7217]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  188.760717][ T7217]  ? __kernel_text_address+0xd/0x40
[  188.760754][ T7217]  ? unwind_get_return_address+0x59/0xa0
[  188.760783][ T7217]  ? arch_stack_walk+0xa6/0x100
[  188.760820][ T7217]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  188.760853][ T7217]  ? stack_trace_save+0x8e/0xc0
[  188.760877][ T7217]  ? __pfx_stack_trace_save+0x10/0x10
[  188.760901][ T7217]  ? stack_depot_save_flags+0x28/0xa50
[  188.760936][ T7217]  ? find_held_lock+0x2b/0x80
[  188.760962][ T7217]  ? kasan_save_stack+0x42/0x60
[  188.760990][ T7217]  ? __lock_acquire+0xaa4/0x1ba0
[  188.761019][ T7217]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  188.761053][ T7217]  ? policy_nodemask+0xea/0x4e0
[  188.761084][ T7217]  alloc_pages_mpol+0x1fb/0x550
[  188.761114][ T7217]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  188.761141][ T7217]  ? __page_table_check_ptes_set+0x1ae/0x420
[  188.761170][ T7217]  ? find_held_lock+0x2b/0x80
[  188.761197][ T7217]  alloc_pages_noprof+0x131/0x390
[  188.761226][ T7217]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  188.761249][ T7217]  get_free_pages_noprof+0xc/0x40
[  188.761280][ T7217]  kasan_populate_vmalloc_pte+0x2d/0x160
[  188.761304][ T7217]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  188.761328][ T7217]  __apply_to_page_range+0x617/0xd60
[  188.761368][ T7217]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  188.761396][ T7217]  ? __pfx___apply_to_page_range+0x10/0x10
[  188.761434][ T7217]  ? alloc_vmap_area+0x872/0x2970
[  188.761473][ T7217]  alloc_vmap_area+0x919/0x2970
[  188.761518][ T7217]  ? __pfx_alloc_vmap_area+0x10/0x10
[  188.761560][ T7217]  __get_vm_area_node+0x1a7/0x300
[  188.761602][ T7217]  __vmalloc_node_range_noprof+0x277/0x1540
[  188.761641][ T7217]  ? __do_sys_listmount+0x1c2/0xed0
[  188.761686][ T7217]  ? __do_sys_listmount+0x1c2/0xed0
[  188.761727][ T7217]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  188.761778][ T7217]  __kvmalloc_node_noprof+0x2ff/0x600
[  188.761802][ T7217]  ? __do_sys_listmount+0x1c2/0xed0
[  188.761844][ T7217]  ? __do_sys_listmount+0x1c2/0xed0
[  188.761884][ T7217]  ? __do_sys_listmount+0x1c2/0xed0
[  188.761918][ T7217]  __do_sys_listmount+0x1c2/0xed0
[  188.761958][ T7217]  ? __x64_sys_futex+0x1e0/0x4c0
[  188.761983][ T7217]  ? __x64_sys_futex+0x1e9/0x4c0
[  188.762009][ T7217]  ? __pfx___do_sys_listmount+0x10/0x10
[  188.762044][ T7217]  ? xfd_validate_state+0x5d/0x180
[  188.762093][ T7217]  do_syscall_64+0xcd/0x230
[  188.762130][ T7217]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.762154][ T7217] RIP: 0033:0x7f9a0dd8e969
[  188.762173][ T7217] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  188.762196][ T7217] RSP: 002b:00007f9a0ec3a038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca
[  188.762224][ T7217] RAX: ffffffffffffffda RBX: 00007f9a0dfb6160 RCX: 00007f9a0dd8e969
[  188.762239][ T7217] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100
[  188.762254][ T7217] RBP: 00007f9a0de10ab1 R08: 0000000000000000 R09: 0000000000000000
[  188.762268][ T7217] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  188.762281][ T7217] R13: 0000000000000000 R14: 00007f9a0dfb6160 R15: 00007ffe2fb23368
[  188.762310][ T7217]  </TASK>
[  188.762491][ T7217] syz.0.268: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null)
[  189.152730][ T7215] netlink: 20 bytes leftover after parsing attributes in process `syz.3.269'.
[  189.266966][ T7217] ,cpuset=/,mems_allowed=0-1
[  189.271981][ T7217] CPU: 0 UID: 0 PID: 7217 Comm: syz.0.268 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(full) 
[  189.272023][ T7217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  189.272042][ T7217] Call Trace:
[  189.272052][ T7217]  <TASK>
[  189.272068][ T7217]  dump_stack_lvl+0x16c/0x1f0
[  189.272118][ T7217]  warn_alloc+0x248/0x3a0
[  189.272156][ T7217]  ? __pfx_warn_alloc+0x10/0x10
[  189.272194][ T7217]  ? kfree+0x2b6/0x4d0
[  189.272230][ T7217]  ? __get_vm_area_node+0x1e5/0x300
[  189.272289][ T7217]  __vmalloc_node_range_noprof+0xd31/0x1540
[  189.272356][ T7217]  ? __do_sys_listmount+0x1c2/0xed0
[  189.272413][ T7217]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  189.272484][ T7217]  __kvmalloc_node_noprof+0x2ff/0x600
[  189.272517][ T7217]  ? __do_sys_listmount+0x1c2/0xed0
[  189.272566][ T7217]  ? __do_sys_listmount+0x1c2/0xed0
[  189.272619][ T7217]  ? __do_sys_listmount+0x1c2/0xed0
[  189.272663][ T7217]  __do_sys_listmount+0x1c2/0xed0
[  189.272718][ T7217]  ? __x64_sys_futex+0x1e0/0x4c0
[  189.272751][ T7217]  ? __x64_sys_futex+0x1e9/0x4c0
[  189.272793][ T7217]  ? __pfx___do_sys_listmount+0x10/0x10
[  189.272841][ T7217]  ? xfd_validate_state+0x5d/0x180
[  189.272911][ T7217]  do_syscall_64+0xcd/0x230
[  189.272958][ T7217]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.272988][ T7217] RIP: 0033:0x7f9a0dd8e969
[  189.273012][ T7217] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  189.273038][ T7217] RSP: 002b:00007f9a0ec3a038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca
[  189.273066][ T7217] RAX: ffffffffffffffda RBX: 00007f9a0dfb6160 RCX: 00007f9a0dd8e969
[  189.273087][ T7217] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100
[  189.273105][ T7217] RBP: 00007f9a0de10ab1 R08: 0000000000000000 R09: 0000000000000000
[  189.273125][ T7217] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  189.273143][ T7217] R13: 0000000000000000 R14: 00007f9a0dfb6160 R15: 00007ffe2fb23368
[  189.273184][ T7217]  </TASK>
[  189.273236][ T7217] Mem-Info:
[  189.280403][ T7216] device-mapper: ioctl: Unable to rename non-existent device,  to „
[  189.722167][ T7217] active_anon:30172 inactive_anon:0 isolated_anon:0
[  189.722167][ T7217]  active_file:3921 inactive_file:51353 isolated_file:0
[  189.722167][ T7217]  unevictable:768 dirty:631 writeback:0
[  189.722167][ T7217]  slab_reclaimable:10285 slab_unreclaimable:95517
[  189.722167][ T7217]  mapped:28159 shmem:25198 pagetables:799
[  189.722167][ T7217]  sec_pagetables:0 bounce:0
[  189.722167][ T7217]  kernel_misc_reclaimable:0
[  189.722167][ T7217]  free:1308822 free_pcp:5087 free_cma:0
[  189.722240][ T7217] Node 0 active_anon:120688kB inactive_anon:0kB active_file:15684kB inactive_file:205408kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:112636kB dirty:2524kB writeback:0kB shmem:99256kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10688kB pagetables:3196kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  189.722305][ T7217] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  189.722403][ T7217] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  189.722472][ T7217] lowmem_reserve[]: 0 2484 2486 2486 2486
[  189.722516][ T7217] Node 0 DMA32 free:1314588kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB active_anon:120636kB inactive_anon:0kB active_file:15684kB inactive_file:203588kB unevictable:1536kB writepending:2524kB present:3129332kB managed:2544168kB mlocked:0kB bounce:0kB free_pcp:14572kB local_pcp:1624kB free_cma:0kB
[  189.722583][ T7217] lowmem_reserve[]: 0 0 1 1 1
[  189.722625][ T7217] Node 0 Normal free:28kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB active_anon:52kB inactive_anon:0kB active_file:0kB inactive_file:1820kB unevictable:0kB writepending:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  189.722697][ T7217] lowmem_reserve[]: 0 0 0 0 0
[  189.722739][ T7217] Node 1 Normal free:3905312kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:5776kB local_pcp:3272kB free_cma:0kB
[  189.722803][ T7217] lowmem_reserve[]: 0 0 0 0 0
[  189.722845][ T7217] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  189.722988][ T7217] Node 0 DMA32: 1846*4kB (ME) 313*8kB (UME) 347*16kB (UME) 377*32kB (UME) 346*64kB (UME) 328*128kB (UME) 125*256kB (UME) 40*512kB (UME) 15*1024kB (UME) 4*2048kB (UME) 280*4096kB (M) = 1314544kB
[  189.723188][ T7217] Node 0 Normal: 1*4kB (M) 1*8kB (M) 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 28kB
[  189.723330][ T7217] Node 1 Normal: 186*4kB (UME) 52*8kB (UE) 40*16kB (UME) 184*32kB (UME) 106*64kB (UME) 28*128kB (UME) 9*256kB (UE) 4*512kB (UE) 6*1024kB (UME) 5*2048kB (UME) 944*4096kB (UM) = 3905416kB
[  189.723532][ T7217] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  189.723552][ T7217] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  189.723570][ T7217] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  189.723589][ T7217] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[  189.723607][ T7217] 80472 total pagecache pages
[  189.723616][ T7217] 0 pages in swap cache
[  189.723624][ T7217] Free swap  = 124964kB
[  189.723633][ T7217] Total swap = 124996kB
[  189.723642][ T7217] 2097051 pages RAM
[  189.723650][ T7217] 0 pages HighMem/MovableOnly
[  189.723658][ T7217] 428903 pages reserved
[  189.723666][ T7217] 0 pages cma reserved
[  190.381540][    C0] vkms_vblank_simulate: vblank timer overrun
[  190.702556][    C0] vkms_vblank_simulate: vblank timer overrun
[  190.778032][    C0] vkms_vblank_simulate: vblank timer overrun
[  191.060789][    C0] vkms_vblank_simulate: vblank timer overrun
[  191.138995][    C0] vkms_vblank_simulate: vblank timer overrun
[  192.073227][ T7254] netlink: 48 bytes leftover after parsing attributes in process `syz.2.276'.
[  192.853898][ T7260] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(6.0.0), cmd(10)
[  194.009227][ T7298] netlink: 346 bytes leftover after parsing attributes in process `syz.2.287'.
[  198.372090][ T7368] netlink: 16 bytes leftover after parsing attributes in process `syz.2.304'.
[  198.688713][ T7384] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  198.981446][ T7388] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(6.0.0), cmd(10)
[  199.486174][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  199.492689][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  199.942778][ T7400] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(6.0.0), cmd(10)
[  200.330358][ T7418] ceph: Failed to parse sending metrics switch value 'P^'
[  200.503363][ T7418] Invalid ELF header magic: != ELF
[  202.603729][ T7454] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(6.0.0), cmd(10)
[  203.819622][ T7477] net_ratelimit: 68 callbacks suppressed
[  203.819641][ T7477] openvswitch: netlink: Message has 4104 unknown bytes.
[  203.895891][ T7480] netlink: 28 bytes leftover after parsing attributes in process `syz.0.322'.
[  205.035561][ T7467] kexec: Could not allocate control_code_buffer
[  205.719609][ T7505] can: request_module (can-proto-3) failed.
[  205.943152][ T7501] can: request_module (can-proto-3) failed.
[  208.078342][ T7515] kexec: Could not allocate control_code_buffer
[  213.772285][ T7612] netlink: 'syz.0.350': attribute type 3 has an invalid length.
[  213.806356][ T7612] netlink: zone id is out of range
[  213.811938][ T7612] netlink: zone id is out of range
[  213.826896][ T7612] netlink: zone id is out of range
[  213.846885][ T7612] netlink: zone id is out of range
[  213.852073][ T7612] netlink: zone id is out of range
[  213.920291][ T7612] netlink: zone id is out of range
[  213.934587][ T7612] netlink: zone id is out of range
[  213.955954][ T7612] netlink: zone id is out of range
[  214.057349][ T7612] netlink: zone id is out of range
[  214.062565][ T7612] netlink: zone id is out of range
[  214.333405][ T7623] netlink: 28 bytes leftover after parsing attributes in process `syz.0.351'.
[  214.439896][   T30] audit: type=1800 audit(4294967309.800:6): pid=7620 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.347" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  215.646621][ T7646] netlink: 'syz.3.357': attribute type 32 has an invalid length.
[  216.508287][ T7662] input: isc as /devices/virtual/input/input7
[  216.549760][ T7662] FAULT_INJECTION: forcing a failure.
[  216.549760][ T7662] name failslab, interval 1, probability 0, space 0, times 0
[  216.581961][ T7662] CPU: 0 UID: 0 PID: 7662 Comm: syz.3.361 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(full) 
[  216.582025][ T7662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  216.582044][ T7662] Call Trace:
[  216.582054][ T7662]  <TASK>
[  216.582065][ T7662]  dump_stack_lvl+0x16c/0x1f0
[  216.582115][ T7662]  should_fail_ex+0x512/0x640
[  216.582170][ T7662]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  216.582215][ T7662]  should_failslab+0xc2/0x120
[  216.582254][ T7662]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  216.582294][ T7662]  ? kstrdup_const+0x63/0x80
[  216.582342][ T7662]  kstrdup+0x53/0x100
[  216.582384][ T7662]  kstrdup_const+0x63/0x80
[  216.582423][ T7662]  __kernfs_new_node+0x9b/0x8a0
[  216.582480][ T7662]  ? __pfx___kernfs_new_node+0x10/0x10
[  216.582537][ T7662]  ? find_held_lock+0x2b/0x80
[  216.582564][ T7662]  ? kernfs_root+0xee/0x2a0
[  216.582594][ T7662]  kernfs_new_node+0x13c/0x1e0
[  216.582629][ T7662]  kernfs_create_link+0xcc/0x240
[  216.582667][ T7662]  sysfs_do_create_link_sd+0x90/0x140
[  216.582712][ T7662]  sysfs_create_link+0x61/0xc0
[  216.582754][ T7662]  device_add+0xb14/0x1a70
[  216.582793][ T7662]  ? __pfx_device_add+0x10/0x10
[  216.582828][ T7662]  ? __pfx_exact_lock+0x10/0x10
[  216.582860][ T7662]  ? kobject_get+0xbb/0x150
[  216.582904][ T7662]  cdev_device_add+0xc2/0x1e0
[  216.582934][ T7662]  evdev_connect+0x3a4/0x4c0
[  216.582971][ T7662]  input_attach_handler.isra.0+0x181/0x260
[  216.583008][ T7662]  input_register_device+0xa84/0x1130
[  216.583046][ T7662]  uinput_ioctl_handler.isra.0+0x1357/0x1df0
[  216.583094][ T7662]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[  216.583152][ T7662]  ? find_held_lock+0x2b/0x80
[  216.583195][ T7662]  ? __pfx_uinput_ioctl+0x10/0x10
[  216.583241][ T7662]  __x64_sys_ioctl+0x190/0x200
[  216.583281][ T7662]  do_syscall_64+0xcd/0x230
[  216.583321][ T7662]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.583348][ T7662] RIP: 0033:0x7fd68c58e969
[  216.583369][ T7662] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  216.583396][ T7662] RSP: 002b:00007fd68a3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  216.583420][ T7662] RAX: ffffffffffffffda RBX: 00007fd68c7b5fa0 RCX: 00007fd68c58e969
[  216.583437][ T7662] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000007
[  216.583453][ T7662] RBP: 00007fd68c610ab1 R08: 0000000000000000 R09: 0000000000000000
[  216.583468][ T7662] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  216.583484][ T7662] R13: 0000000000000000 R14: 00007fd68c7b5fa0 R15: 00007ffc57252858
[  216.583517][ T7662]  </TASK>
[  216.914263][ T7662] input: failed to attach handler evdev to device input7, error: -12
[  217.472576][ T7686] vivid-009: =================  START STATUS  =================
[  217.480887][ T7686] vivid-009: Enable Output Cropping: true
[  217.487531][ T7686] vivid-009: Enable Output Composing: true
[  217.493472][ T7686] vivid-009: Enable Output Scaler: true
[  217.499623][ T7686] vivid-009: Tx RGB Quantization Range: Automatic
[  217.506079][ T7686] vivid-009: Transmit Mode: HDMI
[  217.511529][ T7686] vivid-009: Hotplug Present: 0x00000000
[  217.557764][ T7686] vivid-009: RxSense Present: 0x00000000
[  217.563746][ T7686] vivid-009: EDID Present: 0x00000000
[  217.571257][ T7686] vivid-009: ==================  END STATUS  ==================
[  218.261599][ T7699] netlink: 'syz.0.369': attribute type 32 has an invalid length.
[  219.849145][ T7707] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(6.0.0), cmd(10)
[  220.658213][   T30] audit: type=1804 audit(4294967315.990:7): pid=7728 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.374" name="/newroot/91/file0" dev="tmpfs" ino=496 res=1 errno=0
[  225.931623][ T7788] netlink: 28 bytes leftover after parsing attributes in process `syz.0.387'.
[  226.962966][ T7799] netlink: 306 bytes leftover after parsing attributes in process `syz.1.388'.
[  230.050396][ T7846] zswap: compressor  not available
[  230.453274][ T7874] net_ratelimit: 362 callbacks suppressed
[  230.453292][ T7874] openvswitch: netlink: Message has 4104 unknown bytes.
[  231.205234][ T7888] input: jJǸí¸ü;9ã%vø“û¨l�ÐQ 	J86Ö‘ as /devices/virtual/input/input8
[  231.605417][ T7893] netlink: 314 bytes leftover after parsing attributes in process `syz.2.400'.
[  232.806578][ T7909] netlink: 'syz.2.403': attribute type 32 has an invalid length.
[  234.489304][ T7919] netlink: 4 bytes leftover after parsing attributes in process `syz.0.404'.
[  237.965820][ T7970] netlink: 'syz.1.418': attribute type 32 has an invalid length.
[  239.387453][   T56] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  239.850969][ T7987] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(6.0.0), cmd(10)
[  240.411201][ T7996] FAULT_INJECTION: forcing a failure.
[  240.411201][ T7996] name failslab, interval 1, probability 0, space 0, times 0
[  240.424072][ T7996] CPU: 0 UID: 0 PID: 7996 Comm: syz.0.422 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(full) 
[  240.424111][ T7996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  240.424128][ T7996] Call Trace:
[  240.424137][ T7996]  <TASK>
[  240.424148][ T7996]  dump_stack_lvl+0x16c/0x1f0
[  240.424196][ T7996]  should_fail_ex+0x512/0x640
[  240.424238][ T7996]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  240.424293][ T7996]  should_failslab+0xc2/0x120
[  240.424331][ T7996]  __kmalloc_cache_noprof+0x6a/0x3e0
[  240.424383][ T7996]  ? resv_map_alloc+0x46/0x400
[  240.424426][ T7996]  resv_map_alloc+0x46/0x400
[  240.424468][ T7996]  hugetlb_reserve_pages+0x799/0xd90
[  240.424519][ T7996]  ? __pfx_hugetlb_reserve_pages+0x10/0x10
[  240.424568][ T7996]  ? atime_needs_update+0x8b/0x710
[  240.424614][ T7996]  hugetlbfs_file_mmap+0x4a1/0x730
[  240.424651][ T7996]  __mmap_region+0x1485/0x27c0
[  240.424696][ T7996]  ? __pfx___mmap_region+0x10/0x10
[  240.424725][ T7996]  ? kernel_text_address+0x8d/0x100
[  240.424797][ T7996]  ? stack_depot_save_flags+0x28/0xa50
[  240.424878][ T7996]  ? trace_cap_capable+0x18d/0x200
[  240.424905][ T7996]  ? cap_capable+0xb3/0x250
[  240.424936][ T7996]  mmap_region+0x1ab/0x3f0
[  240.424972][ T7996]  do_mmap+0xd8e/0x11b0
[  240.425015][ T7996]  ? __pfx_do_mmap+0x10/0x10
[  240.425054][ T7996]  ? __pfx_down_write_killable+0x10/0x10
[  240.425105][ T7996]  vm_mmap_pgoff+0x281/0x450
[  240.425153][ T7996]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  240.425193][ T7996]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  240.425235][ T7996]  ? hugetlbfs_get_inode+0x31f/0x730
[  240.425283][ T7996]  ksys_mmap_pgoff+0x1c8/0x5c0
[  240.425326][ T7996]  ? rcu_is_watching+0x12/0xc0
[  240.425358][ T7996]  __x64_sys_mmap+0x125/0x190
[  240.425393][ T7996]  do_syscall_64+0xcd/0x230
[  240.425439][ T7996]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.425471][ T7996] RIP: 0033:0x7f9a0dd8e969
[  240.425494][ T7996] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  240.425521][ T7996] RSP: 002b:00007f9a0ec7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  240.425549][ T7996] RAX: ffffffffffffffda RBX: 00007f9a0dfb5fa0 RCX: 00007f9a0dd8e969
[  240.425569][ T7996] RDX: 00004000000000e3 RSI: 0000000000200004 RDI: 0000000000000000
[  240.425586][ T7996] RBP: 00007f9a0de10ab1 R08: 000000000000000d R09: 0000300000000000
[  240.425603][ T7996] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000
[  240.425620][ T7996] R13: 0000000000000000 R14: 00007f9a0dfb5fa0 R15: 00007ffe2fb23368
[  240.425658][ T7996]  </TASK>
[  241.888338][ T7995] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.668454][ T8013] tipc: can't start tipc receive workqueue
[  244.447189][ T8044] netlink: 12 bytes leftover after parsing attributes in process `syz.1.430'.
[  244.880778][ T8046] ubi0: attaching mtd0
[  244.936087][ T8046] ubi0: scanning is finished
[  244.956762][ T8046] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record
[  245.142889][ T8033] HfR: entered promiscuous mode
[  245.207141][ T8041] openvswitch: HfR: Dropping previously announced user features
[  245.374592][ T8044] HfR: left promiscuous mode
[  245.474962][ T8046] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  246.568174][ T8070] bridge0: port 3(gretap0) entered blocking state
[  246.574963][ T8070] bridge0: port 3(gretap0) entered disabled state
[  246.712688][ T8070] gretap0: entered allmulticast mode
[  246.728108][ T8060] netlink: 48 bytes leftover after parsing attributes in process `syz.0.436'.
[  246.820526][ T8070] gretap0: entered promiscuous mode
[  246.826712][ T8070] bridge0: port 3(gretap0) entered blocking state
[  246.835426][ T8070] bridge0: port 3(gretap0) entered forwarding state
[  247.734594][ T8083] warning: `syz.3.439' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  247.924866][ T5826] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260
[  247.924893][ T5826] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260
[  247.924917][ T5826] Bluetooth: hci3: Unknown advertising packet type: 0x7f
[  247.924978][ T5826] Bluetooth: hci3: adv larger than maximum supported
[  247.925012][ T5826] Bluetooth: hci3: Malformed LE Event: 0x0d
[  250.150668][ T8125] openvswitch: netlink: Message has 4104 unknown bytes.
[  250.379757][ T8128] netlink: 'syz.3.448': attribute type 32 has an invalid length.
[  251.306728][ T8141] FAULT_INJECTION: forcing a failure.
[  251.306728][ T8141] name failslab, interval 1, probability 0, space 0, times 0
[  251.390398][ T8141] CPU: 0 UID: 0 PID: 8141 Comm: syz.1.453 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(full) 
[  251.390444][ T8141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  251.390470][ T8141] Call Trace:
[  251.390480][ T8141]  <TASK>
[  251.390496][ T8141]  dump_stack_lvl+0x16c/0x1f0
[  251.390548][ T8141]  should_fail_ex+0x512/0x640
[  251.390596][ T8141]  ? __kvmalloc_node_noprof+0x122/0x600
[  251.390633][ T8141]  should_failslab+0xc2/0x120
[  251.390664][ T8141]  __kvmalloc_node_noprof+0x135/0x600
[  251.390690][ T8141]  ? io_alloc_cache_init+0x33/0x170
[  251.390718][ T8141]  ? io_alloc_cache_init+0x33/0x170
[  251.390739][ T8141]  io_alloc_cache_init+0x33/0x170
[  251.390763][ T8141]  io_uring_setup+0x5ff/0x1ff0
[  251.390796][ T8141]  ? __pfx_io_uring_setup+0x10/0x10
[  251.390824][ T8141]  ? do_futex+0x122/0x350
[  251.390850][ T8141]  ? __pfx_do_futex+0x10/0x10
[  251.390875][ T8141]  ? fdget+0x187/0x210
[  251.390920][ T8141]  ? __sys_sendmsg+0x199/0x220
[  251.390959][ T8141]  ? rcu_is_watching+0x12/0xc0
[  251.390987][ T8141]  __x64_sys_io_uring_setup+0xc2/0x170
[  251.391020][ T8141]  do_syscall_64+0xcd/0x230
[  251.391055][ T8141]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.391079][ T8141] RIP: 0033:0x7f8aaaf8e969
[  251.391098][ T8141] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.391120][ T8141] RSP: 002b:00007f8aabe7a038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[  251.391142][ T8141] RAX: ffffffffffffffda RBX: 00007f8aab1b5fa0 RCX: 00007f8aaaf8e969
[  251.391157][ T8141] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006
[  251.391171][ T8141] RBP: 00007f8aab010ab1 R08: 0000000000000000 R09: 0000000000000000
[  251.391185][ T8141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  251.391198][ T8141] R13: 0000000000000000 R14: 00007f8aab1b5fa0 R15: 00007ffe04cf5f88
[  251.391227][ T8141]  </TASK>
[  252.650267][ T8165] bond0: option packets_per_slave: invalid value (Xµn‘pæ)
[  252.701997][ T8165] bond0: option packets_per_slave: allowed values 0 - 65535
[  252.989827][ T8175] random: crng reseeded on system resumption
	
	

	
	
	
		
	
	
			
	

	
		
	

	
		
	
	

	
	
	

	
	

	
	
	
		


	

	
	

	
	
	

	
	
	
			


	

	
	

	
	

	


	

	
	
	
	

	
	
	
	
	

	

	
		

	


	
	

		
	
		
	
	



			








	

	
	






	







	






	
	
		
	
			
	






	









	









		















				


	
		

	


	
	

		
	
	

	
		
		
	
	



			








	

	
	



	



















	
	
		
	
			
	






	






	






		












	
	

	
	
	

	
		
	

	
		

	
		

	


		

		
	
		
	
	



			








	

	


	


	

	



	






	





	
	






	



	




	

	






		


	

	
		

	

	
	
	

			

			
			
		

[  271.832383][ T8520] openvswitch: netlink: Message has 4104 unknown bytes.
[  272.029622][ T8523] netlink: 28 bytes leftover after parsing attributes in process `syz.1.537'.
[  272.222615][ T8517] smc: removing net device syz_tun with user defined pnetid ETHTOOL
[  272.571147][ T1143] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.774435][ T1143] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.900380][ T1143] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  273.720582][ T1143] bridge_slave_1: left allmulticast mode
[  273.721788][ T1143] bridge_slave_1: left promiscuous mode
[  273.723830][ T1143] bridge0: port 2(bridge_slave_1) entered disabled state
[  273.752259][ T1143] bridge_slave_0: left allmulticast mode
[  273.753281][ T1143] bridge_slave_0: left promiscuous mode
[  273.754371][ T1143] bridge0: port 1(bridge_slave_0) entered disabled state

syzkaller
syzkaller login: [  274.322030][   T56] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  274.326034][   T56] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  274.328130][   T56] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  274.330818][   T56] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  274.333233][   T56] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  275.454146][ T1143] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  275.460323][ T1143] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  275.463906][ T1143] bond0 (unregistering): Released all slaves
[  275.698443][ T1143] HfR: left promiscuous mode
[  276.359037][ T5826] Bluetooth: hci4: command tx timeout
[  276.711748][ T8595] program syz.1.549 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.996970][ T8554] chnl_net:caif_netlink_parms(): no params data found
[  277.137485][ T8606] netlink: 48 bytes leftover after parsing attributes in process `syz.1.551'.
[  277.548764][ T8611] netlink: 48 bytes leftover after parsing attributes in process `syz.2.552'.
[  278.077470][ T1143] hsr_slave_0: left promiscuous mode
[  278.104819][ T1143] hsr_slave_1: left promiscuous mode
[  278.106692][ T1143] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  278.107989][ T1143] batman_adv: batadv0: Removing interface: batadv_slave_0
[  278.116179][ T1143] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  278.125388][ T1143] batman_adv: batadv0: Removing interface: batadv_slave_1
[  278.225556][ T1143] veth1_macvtap: left promiscuous mode
[  278.234104][ T1143] veth0_macvtap: left promiscuous mode
[  278.235955][ T1143] veth1_vlan: left promiscuous mode
[  278.243045][ T1143] veth0_vlan: left promiscuous mode
[  278.436908][ T5826] Bluetooth: hci4: command tx timeout
[  278.738681][ T8620] vivid-009: =================  START STATUS  =================
[  278.739999][ T8620] vivid-009: Enable Output Cropping: true
[  278.740992][ T8620] vivid-009: Enable Output Composing: true
[  278.741979][ T8620] vivid-009: Enable Output Scaler: true
[  278.742955][ T8620] vivid-009: Tx RGB Quantization Range: Automatic
[  278.744113][ T8620] vivid-009: Transmit Mode: HDMI
[  278.758468][ T8620] vivid-009: Hotplug Present: 0x00000000
[  278.759454][ T8620] vivid-009: RxSense Present: 0x00000000
[  278.760413][ T8620] vivid-009: EDID Present: 0x00000000
[  278.765606][ T8620] vivid-009: ==================  END STATUS  ==================
[  280.181111][ T1143] team0 (unregistering): Port device team_slave_1 removed
[  280.438123][ T1143] team0 (unregistering): Port device team_slave_0 removed
[  280.557052][ T5826] Bluetooth: hci4: command tx timeout
[  281.385284][ T8554] bridge0: port 1(bridge_slave_0) entered blocking state
[  281.394395][ T8554] bridge0: port 1(bridge_slave_0) entered disabled state
[  281.395780][ T8554] bridge_slave_0: entered allmulticast mode
[  281.405288][ T8554] bridge_slave_0: entered promiscuous mode
[  281.422092][ T8554] bridge0: port 2(bridge_slave_1) entered blocking state
[  281.423379][ T8554] bridge0: port 2(bridge_slave_1) entered disabled state
[  281.424824][ T8554] bridge_slave_1: entered allmulticast mode
[  281.428996][ T8554] bridge_slave_1: entered promiscuous mode
[  281.557492][ T8554] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  281.574530][ T8554] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  281.874462][ T8554] team0: Port device team_slave_0 added
[  281.912120][ T8554] team0: Port device team_slave_1 added
[  282.454222][ T8554] batman_adv: batadv0: Adding interface: batadv_slave_0
[  282.455396][ T8554] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  282.463451][ T8554] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  282.490420][ T8554] batman_adv: batadv0: Adding interface: batadv_slave_1
[  282.491666][ T8554] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  282.496161][ T8554] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  282.597761][ T5826] Bluetooth: hci4: command tx timeout
[  282.821504][ T8671] netlink: 28 bytes leftover after parsing attributes in process `syz.2.559'.
[  282.932040][ T8554] hsr_slave_0: entered promiscuous mode
[  282.938981][ T8554] hsr_slave_1: entered promiscuous mode
[  283.602023][ T8685] ptrace attach of "./syz-executor exec"[5830] was attempted by "./syz-executor exec"[8685]
[  283.880729][ T8684] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[  283.882349][ T8684] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  283.883747][ T8684] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  283.885019][ T8684] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  283.886415][ T8684] raw: 0000000000000000 0000000000000000 00000008ffffffff 0000000000000000
[  283.888236][ T8684] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  283.889616][ T8684] head: 0000000000000000 0000000000000000 00000008ffffffff 0000000000000000
[  283.891149][ T8684] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  283.892573][ T8684] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  283.893993][ T8684] page dumped because: unmovable page
[  283.894861][ T8684] page_owner tracks the page as allocated
[  283.895849][ T8684] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 23, tgid 23 (ksoftirqd/1), ts 94537178292, free_ts 36360864687
[  283.925326][ T8684]  post_alloc_hook+0x181/0x1b0
[  283.990460][ T8684]  get_page_from_freelist+0x135c/0x3920
[  283.991638][ T8684]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  284.015907][ T8684]  alloc_pages_mpol+0x1fb/0x550
[  284.026179][ T8684]  alloc_pages_noprof+0x131/0x390
[  284.052213][ T8684]  skb_page_frag_refill+0x186/0x5a0
[  284.128853][ T8684]  try_fill_recv+0x79c/0x2690
[  284.129718][ T8684]  virtnet_poll+0x1e23/0x3c00
[  284.130501][ T8684]  __napi_poll.constprop.0+0xb7/0x550
[  284.131516][ T8684]  net_rx_action+0xa97/0x1010
[  284.132397][ T8684]  handle_softirqs+0x216/0x8e0
[  284.133188][ T8684]  run_ksoftirqd+0x3a/0x60
[  284.229761][ T8684]  smpboot_thread_fn+0x3f4/0xae0
[  284.230806][ T8684]  kthread+0x3c2/0x780
[  284.236282][ T8684]  ret_from_fork+0x45/0x80
[  284.240362][ T8684]  ret_from_fork_asm+0x1a/0x30
[  284.259342][ T8684] page last free pid 1 tgid 1 stack trace:
[  284.260455][ T8684]  __free_frozen_pages+0x69d/0xff0
[  284.261358][ T8684]  free_contig_range+0x135/0x3f0
[  284.262188][ T8684]  destroy_args+0x66f/0x830
[  284.263031][ T8684]  debug_vm_pgtable+0x130e/0x2d50
[  284.263894][ T8684]  do_one_initcall+0x120/0x6e0
[  284.264774][ T8684]  kernel_init_freeable+0x5c2/0x900
[  284.265717][ T8684]  kernel_init+0x1c/0x2b0
[  284.266446][ T8684]  ret_from_fork+0x45/0x80
[  284.268604][ T8684]  ret_from_fork_asm+0x1a/0x30
[  284.455733][ T8688] could not allocate digest TFM handle 
[  285.493664][ T8554] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  285.524319][ T8554] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  285.605616][ T8554] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  285.798705][ T8730] netlink: 48 bytes leftover after parsing attributes in process `syz.3.567'.
[  286.047320][ T8554] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  286.703167][ T8554] 8021q: adding VLAN 0 to HW filter on device bond0
[  286.774533][ T8554] 8021q: adding VLAN 0 to HW filter on device team0
[  286.803440][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  286.811406][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  286.862977][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  286.871008][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  286.981486][ T8743] netlink: 296 bytes leftover after parsing attributes in process `syz.3.570'.
[  287.620847][ T8554] 8021q: adding VLAN 0 to HW filter on device batadv0
[  288.092525][ T8789] netlink: 48 bytes leftover after parsing attributes in process `syz.2.577'.
[  288.963311][ T8800] FAULT_INJECTION: forcing a failure.
[  288.963311][ T8800] name failslab, interval 1, probability 0, space 0, times 0
[  288.999739][ T8800] CPU: 0 UID: 0 PID: 8800 Comm: syz.2.578 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(full) 
[  288.999782][ T8800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  288.999799][ T8800] Call Trace:
[  288.999809][ T8800]  <TASK>
[  288.999821][ T8800]  dump_stack_lvl+0x16c/0x1f0
[  288.999870][ T8800]  should_fail_ex+0x512/0x640
[  288.999913][ T8800]  ? __kvmalloc_node_noprof+0x122/0x600
[  288.999951][ T8800]  should_failslab+0xc2/0x120
[  288.999990][ T8800]  __kvmalloc_node_noprof+0x135/0x600
[  289.000023][ T8800]  ? __pfx___mutex_lock+0x10/0x10
[  289.000074][ T8800]  ? traverse.part.0.constprop.0+0x392/0x640
[  289.000129][ T8800]  ? traverse.part.0.constprop.0+0x392/0x640
[  289.000175][ T8800]  traverse.part.0.constprop.0+0x392/0x640
[  289.000236][ T8800]  seq_read_iter+0x932/0x12c0
[  289.000298][ T8800]  proc_reg_read_iter+0x21d/0x310
[  289.000334][ T8800]  vfs_read+0x8c8/0xc70
[  289.000373][ T8800]  ? __pfx_vfs_read+0x10/0x10
[  289.000398][ T8800]  ? find_held_lock+0x2b/0x80
[  289.000456][ T8800]  __x64_sys_pread64+0x1f4/0x250
[  289.000489][ T8800]  ? __pfx___x64_sys_pread64+0x10/0x10
[  289.000519][ T8800]  ? rcu_is_watching+0x12/0xc0
[  289.000560][ T8800]  do_syscall_64+0xcd/0x230
[  289.000608][ T8800]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  289.000639][ T8800] RIP: 0033:0x7fb02098e969
[  289.000663][ T8800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  289.000692][ T8800] RSP: 002b:00007fb021751038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  289.000721][ T8800] RAX: ffffffffffffffda RBX: 00007fb020bb5fa0 RCX: 00007fb02098e969
[  289.000741][ T8800] RDX: 000000810000003d RSI: 0000000000000000 RDI: 0000000000000003
[  289.000759][ T8800] RBP: 00007fb021751090 R08: 0000000000000000 R09: 0000000000000000
[  289.000778][ T8800] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000001
[  289.000796][ T8800] R13: 0000000000000000 R14: 00007fb020bb5fa0 R15: 00007ffd55640148
[  289.000837][ T8800]  </TASK>
[  289.110025][ T8554] veth0_vlan: entered promiscuous mode
[  289.503288][ T8554] veth1_vlan: entered promiscuous mode
[  289.599751][ T8554] veth0_macvtap: entered promiscuous mode
[  289.636250][ T8554] veth1_macvtap: entered promiscuous mode
[  289.733599][ T8554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  289.806835][ T8554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.827114][ T8554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  289.849079][ T8554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.870597][ T8554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  289.946950][ T8554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.960492][ T8554] batman_adv: batadv0: Interface activated: batadv_slave_0
[  289.983283][ T8554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  290.000839][ T8554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.059260][ T8554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  290.123611][ T8554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.219980][ T8554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  290.293510][ T8554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.350573][ T8554] batman_adv: batadv0: Interface activated: batadv_slave_1
[  290.424680][ T8554] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  290.480144][ T8554] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  290.506873][ T8554] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  290.532455][ T8554] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  290.924539][ T1143] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  290.936604][ T1143] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  291.058638][ T1143] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  291.100782][ T1143] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  292.501845][ T8855] netlink: 252 bytes leftover after parsing attributes in process `syz.3.585'.
[  292.538117][ T8855] netlink: 252 bytes leftover after parsing attributes in process `syz.3.585'.
[  293.458505][ T8872] FAULT_INJECTION: forcing a failure.
[  293.458505][ T8872] name failslab, interval 1, probability 0, space 0, times 0
[  293.521479][ T8872] CPU: 1 UID: 0 PID: 8872 Comm: syz.4.587 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(full) 
[  293.521513][ T8872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  293.521527][ T8872] Call Trace:
[  293.521534][ T8872]  <TASK>
[  293.521542][ T8872]  dump_stack_lvl+0x16c/0x1f0
[  293.521580][ T8872]  should_fail_ex+0x512/0x640
[  293.521610][ T8872]  ? __kmalloc_node_noprof+0xc5/0x500
[  293.521639][ T8872]  should_failslab+0xc2/0x120
[  293.521665][ T8872]  __kmalloc_node_noprof+0xd8/0x500
[  293.521691][ T8872]  ? alloc_slab_obj_exts+0x41/0xa0
[  293.521730][ T8872]  alloc_slab_obj_exts+0x41/0xa0
[  293.521764][ T8872]  __memcg_slab_post_alloc_hook+0x27b/0x940
[  293.521803][ T8872]  __kvmalloc_node_noprof+0x4ec/0x600
[  293.521825][ T8872]  ? mutex_lock_io_nested+0x920/0x920
[  293.521856][ T8872]  ? traverse.part.0.constprop.0+0x392/0x640
[  293.521895][ T8872]  ? traverse.part.0.constprop.0+0x392/0x640
[  293.521932][ T8872]  traverse.part.0.constprop.0+0x392/0x640
[  293.521977][ T8872]  seq_read_iter+0x932/0x12c0
[  293.522022][ T8872]  proc_reg_read_iter+0x21d/0x310
[  293.522048][ T8872]  vfs_read+0x8c8/0xc70
[  293.522075][ T8872]  ? __pfx_vfs_read+0x10/0x10
[  293.522094][ T8872]  ? find_held_lock+0x2b/0x80
[  293.522134][ T8872]  __x64_sys_pread64+0x1f4/0x250
[  293.522158][ T8872]  ? __pfx___x64_sys_pread64+0x10/0x10
[  293.522180][ T8872]  ? rcu_is_watching+0x12/0xc0
[  293.522209][ T8872]  do_syscall_64+0xcd/0x230
[  293.522244][ T8872]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.522268][ T8872] RIP: 0033:0x7f080cd8e969
[  293.522286][ T8872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  293.522307][ T8872] RSP: 002b:00007f080db94038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  293.522328][ T8872] RAX: ffffffffffffffda RBX: 00007f080cfb5fa0 RCX: 00007f080cd8e969
[  293.522343][ T8872] RDX: 000000810000003d RSI: 0000000000000000 RDI: 0000000000000003
[  293.522356][ T8872] RBP: 00007f080db94090 R08: 0000000000000000 R09: 0000000000000000
[  293.522370][ T8872] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000001
[  293.522383][ T8872] R13: 0000000000000000 R14: 00007f080cfb5fa0 R15: 00007ffdc9393668
[  293.522412][ T8872]  </TASK>
[  293.770292][    C1] vkms_vblank_simulate: vblank timer overrun
[  294.385451][ T8879] openvswitch: netlink: Message has 4104 unknown bytes.
[  297.705733][ T8943] FAULT_INJECTION: forcing a failure.
[  297.705733][ T8943] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  297.787224][ T8943] CPU: 0 UID: 0 PID: 8943 Comm: syz.2.597 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(full) 
[  297.787266][ T8943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  297.787284][ T8943] Call Trace:
[  297.787294][ T8943]  <TASK>
[  297.787305][ T8943]  dump_stack_lvl+0x16c/0x1f0
[  297.787352][ T8943]  should_fail_ex+0x512/0x640
[  297.787402][ T8943]  _copy_to_iter+0x2a4/0x15a0
[  297.787466][ T8943]  ? __pfx__copy_to_iter+0x10/0x10
[  297.787502][ T8943]  ? irq_get_nr_irqs+0x9/0x20
[  297.787533][ T8943]  ? int_seq_next+0x52/0x70
[  297.787569][ T8943]  ? traverse.part.0.constprop.0+0x2c5/0x640
[  297.787613][ T8943]  seq_read_iter+0x719/0x12c0
[  297.787659][ T8943]  proc_reg_read_iter+0x21d/0x310
[  297.787684][ T8943]  vfs_read+0x8c8/0xc70
[  297.787711][ T8943]  ? __pfx_vfs_read+0x10/0x10
[  297.787730][ T8943]  ? find_held_lock+0x2b/0x80
[  297.787782][ T8943]  __x64_sys_pread64+0x1f4/0x250
[  297.787815][ T8943]  ? __pfx___x64_sys_pread64+0x10/0x10
[  297.787859][ T8943]  do_syscall_64+0xcd/0x230
[  297.787906][ T8943]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.787942][ T8943] RIP: 0033:0x7fb02098e969
[  297.787967][ T8943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  297.787996][ T8943] RSP: 002b:00007fb021751038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  297.788025][ T8943] RAX: ffffffffffffffda RBX: 00007fb020bb5fa0 RCX: 00007fb02098e969
[  297.788045][ T8943] RDX: 000000810000003d RSI: 0000000000000000 RDI: 0000000000000003
[  297.788063][ T8943] RBP: 00007fb021751090 R08: 0000000000000000 R09: 0000000000000000
[  297.788081][ T8943] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000001
[  297.788099][ T8943] R13: 0000000000000000 R14: 00007fb020bb5fa0 R15: 00007ffd55640148
[  297.788140][ T8943]  </TASK>
[  299.667819][ T8971] netlink: 48 bytes leftover after parsing attributes in process `syz.1.602'.
[  300.870197][ T8980] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  300.877377][ T8980] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  300.885756][ T8980] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  300.932332][ T8980] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  300.965965][ T8980] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  300.981228][ T8980] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  301.510720][ T9000] netlink: 4 bytes leftover after parsing attributes in process `syz.2.608'.
[  301.585878][ T9000] FAULT_INJECTION: forcing a failure.
[  301.585878][ T9000] name failslab, interval 1, probability 0, space 0, times 0
[  301.631405][ T9000] CPU: 0 UID: 0 PID: 9000 Comm: syz.2.608 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(full) 
[  301.631449][ T9000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  301.631467][ T9000] Call Trace:
[  301.631477][ T9000]  <TASK>
[  301.631488][ T9000]  dump_stack_lvl+0x16c/0x1f0
[  301.631536][ T9000]  should_fail_ex+0x512/0x640
[  301.631577][ T9000]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  301.631615][ T9000]  should_failslab+0xc2/0x120
[  301.631653][ T9000]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  301.631687][ T9000]  ? __kernfs_new_node+0xd2/0x8a0
[  301.631741][ T9000]  __kernfs_new_node+0xd2/0x8a0
[  301.631795][ T9000]  ? __pfx___kernfs_new_node+0x10/0x10
[  301.631852][ T9000]  ? find_held_lock+0x2b/0x80
[  301.631883][ T9000]  ? kernfs_root+0xee/0x2a0
[  301.631918][ T9000]  kernfs_new_node+0x13c/0x1e0
[  301.631957][ T9000]  __kernfs_create_file+0x53/0x350
[  301.632007][ T9000]  sysfs_add_file_mode_ns+0x207/0x3c0
[  301.632063][ T9000]  internal_create_group+0x578/0xf30
[  301.632103][ T9000]  ? __pfx_internal_create_group+0x10/0x10
[  301.632140][ T9000]  ? kernfs_create_link+0x1bd/0x240
[  301.632196][ T9000]  internal_create_groups+0x9d/0x150
[  301.632229][ T9000]  device_add+0xf30/0x1a70
[  301.632275][ T9000]  ? __pfx_device_add+0x10/0x10
[  301.632315][ T9000]  ? lockdep_init_map_type+0x5c/0x280
[  301.632356][ T9000]  ? __init_waitqueue_head+0xca/0x150
[  301.632415][ T9000]  netdev_register_kobject+0x182/0x3a0
[  301.632460][ T9000]  register_netdevice+0x13dc/0x2270
[  301.632507][ T9000]  ? __pfx_register_netdevice+0x10/0x10
[  301.632556][ T9000]  internal_dev_create+0x2d3/0x520
[  301.632609][ T9000]  ovs_vport_add+0x144/0x4d0
[  301.632660][ T9000]  new_vport+0x16/0x1d0
[  301.632696][ T9000]  ovs_dp_cmd_new+0x6ba/0xe60
[  301.632747][ T9000]  ? __pfx_ovs_dp_cmd_new+0x10/0x10
[  301.632797][ T9000]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  301.632843][ T9000]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  301.632897][ T9000]  genl_family_rcv_msg_doit+0x206/0x2f0
[  301.632945][ T9000]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  301.632991][ T9000]  ? trace_cap_capable+0x18d/0x200
[  301.633031][ T9000]  ? bpf_lsm_capable+0x9/0x10
[  301.633062][ T9000]  ? security_capable+0x7e/0x260
[  301.633093][ T9000]  ? ns_capable+0xd7/0x110
[  301.633130][ T9000]  genl_rcv_msg+0x55c/0x800
[  301.633186][ T9000]  ? __pfx_genl_rcv_msg+0x10/0x10
[  301.633227][ T9000]  ? __pfx___dev_queue_xmit+0x10/0x10
[  301.633278][ T9000]  ? __pfx_ovs_dp_cmd_new+0x10/0x10
[  301.633322][ T9000]  ? __lock_acquire+0xaa4/0x1ba0
[  301.633371][ T9000]  netlink_rcv_skb+0x16a/0x440
[  301.633409][ T9000]  ? __pfx_genl_rcv_msg+0x10/0x10
[  301.633454][ T9000]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  301.633512][ T9000]  ? __pfx_down_read+0x10/0x10
[  301.633560][ T9000]  ? netlink_deliver_tap+0x1ae/0xd30
[  301.633600][ T9000]  genl_rcv+0x28/0x40
[  301.633638][ T9000]  netlink_unicast+0x53a/0x7f0
[  301.633682][ T9000]  ? __pfx_netlink_unicast+0x10/0x10
[  301.633719][ T9000]  ? __lock_acquire+0xaa4/0x1ba0
[  301.633771][ T9000]  netlink_sendmsg+0x8d1/0xdd0
[  301.633817][ T9000]  ? __pfx_netlink_sendmsg+0x10/0x10
[  301.633874][ T9000]  ____sys_sendmsg+0xa95/0xc70
[  301.633921][ T9000]  ? copy_msghdr_from_user+0x10a/0x160
[  301.633956][ T9000]  ? __pfx_____sys_sendmsg+0x10/0x10
[  301.634020][ T9000]  ___sys_sendmsg+0x134/0x1d0
[  301.634058][ T9000]  ? __pfx____sys_sendmsg+0x10/0x10
[  301.634150][ T9000]  __sys_sendmsg+0x16d/0x220
[  301.634194][ T9000]  ? __pfx___sys_sendmsg+0x10/0x10
[  301.634229][ T9000]  ? __x64_sys_futex+0x1e0/0x4c0
[  301.634275][ T9000]  ? rcu_is_watching+0x12/0xc0
[  301.634316][ T9000]  do_syscall_64+0xcd/0x230
[  301.634364][ T9000]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  301.634397][ T9000] RIP: 0033:0x7fb02098e969
[  301.634422][ T9000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  301.634451][ T9000] RSP: 002b:00007fb021751038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  301.634479][ T9000] RAX: ffffffffffffffda RBX: 00007fb020bb5fa0 RCX: 00007fb02098e969
[  301.634499][ T9000] RDX: 0000000002000000 RSI: 0000200000000080 RDI: 0000000000000007
[  301.634517][ T9000] RBP: 00007fb020a10ab1 R08: 0000000000000000 R09: 0000000000000000
[  301.634536][ T9000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  301.634554][ T9000] R13: 0000000000000000 R14: 00007fb020bb5fa0 R15: 00007ffd55640148
[  301.634596][ T9000]  </TASK>
[  302.372259][ T5826] Bluetooth: hci1: command 0x0c1a tx timeout
[  302.817525][ T5826] Bluetooth: hci4: unexpected event 0x3e length: 726 > 260
[  302.817570][ T5826] Bluetooth: hci4: unexpected subevent 0x0d length: 725 > 260
[  302.835581][ T5826] Bluetooth: hci4: Unknown advertising packet type: 0x7f
[  302.835633][ T5826] Bluetooth: hci4: adv larger than maximum supported
[  302.843817][ T5826] Bluetooth: hci4: Malformed LE Event: 0x0d
[  302.945261][ T5826] Bluetooth: hci3: command 0x0c1a tx timeout
[  302.954084][   T56] Bluetooth: hci2: command 0x0c1a tx timeout
[  302.996878][   T56] Bluetooth: hci4: command 0x0c1a tx timeout
[  305.055543][ T9042] random: crng reseeded on system resumption
[  305.089993][   T56] Bluetooth: hci4: command 0x0c1a tx timeout
[  305.528518][   T56] Bluetooth: hci3: Unable to find connection for big 0xd2
[  306.618148][ T9090] netlink: 8 bytes leftover after parsing attributes in process `syz.2.623'.
[  307.156929][   T56] Bluetooth: hci4: command 0x0c1a tx timeout
[  311.587575][ T9161] netlink: 342 bytes leftover after parsing attributes in process `syz.1.631'.
[  311.975539][ T9194] zram: Added device: zram2
[  312.581487][ T9221] netlink: 28 bytes leftover after parsing attributes in process `syz.2.641'.
[  317.541429][ T9335] usbip-vudc usbip-vudc.0: gadget not bound
[  320.305844][ T9361] ima: policy update failed
[  320.363557][   T30] audit: type=1802 audit(4294967303.980:8): pid=9361 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.657" res=0 errno=0
[  321.183212][ T9417] Invalid ELF header magic: != ELF
[  322.364247][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  322.371351][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  322.800668][ T9448] netlink: 28 bytes leftover after parsing attributes in process `syz.2.675'.
[  322.812130][ T9446] netlink: zone id is out of range
[  322.824928][ T9446] netlink: zone id is out of range
[  322.837389][ T9446] netlink: zone id is out of range
[  322.850131][ T9446] netlink: zone id is out of range
[  322.870211][ T9446] netlink: zone id is out of range
[  322.875901][ T9446] netlink: zone id is out of range
[  322.895129][   T30] audit: type=1400 audit(4294967306.530:9): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=9444 comm="syz.1.674"
[  322.923011][ T9446] netlink: zone id is out of range
[  322.941367][ T9446] netlink: zone id is out of range
[  322.954962][ T9446] netlink: zone id is out of range
[  322.964196][ T9446] netlink: zone id is out of range
[  324.663260][ T9490] netlink: 20 bytes leftover after parsing attributes in process `syz.3.680'.
[  324.717315][ T9488] can: request_module (can-proto-0) failed.
[  324.838475][ T9490] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  324.874755][ T9490] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  325.809243][ T9525] netlink: 48 bytes leftover after parsing attributes in process `syz.4.685'.
[  326.932247][ T9542] binder: 9541:9542 ioctl c0306201 0 returned -14
[  329.327906][ T9590] netlink: 48 bytes leftover after parsing attributes in process `syz.2.698'.
[  330.106060][ T9621] netlink: 28 bytes leftover after parsing attributes in process `syz.4.700'.
[  330.116174][ T9620] netlink: 28 bytes leftover after parsing attributes in process `syz.4.700'.
[  330.367811][ T9629] netlink: 330 bytes leftover after parsing attributes in process `syz.4.700'.
[  330.516128][ T9634] Invalid ELF header magic: != ELF
[  330.646322][ T9621] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  330.654791][ T9621] batman_adv: batadv0: Removing interface: batadv_slave_0
[  330.862618][ T9621] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  330.916268][ T9621] batman_adv: batadv0: Removing interface: batadv_slave_1
[  337.042220][ T9683] dlm: non-version read from control device 128
[  337.061582][ T9683] Invalid ELF header magic: != ELF
[  340.945502][ T9723] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9
[  340.965655][ T9724] netlink: 48 bytes leftover after parsing attributes in process `syz.4.717'.
[  342.538227][ T9747] netlink: 28 bytes leftover after parsing attributes in process `syz.2.725'.
[  343.468141][ T9763] Process accounting resumed
[  344.335832][ T9778] netlink: 48 bytes leftover after parsing attributes in process `syz.2.732'.
[  345.535480][ T9789] netlink: 330 bytes leftover after parsing attributes in process `syz.4.736'.
[  347.945438][ T9816] netlink: 48 bytes leftover after parsing attributes in process `syz.3.742'.
[  348.132084][ T9483] syz.1.678 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  348.144170][ T9483] CPU: 1 UID: 0 PID: 9483 Comm: syz.1.678 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(full) 
[  348.144211][ T9483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  348.144229][ T9483] Call Trace:
[  348.144240][ T9483]  <TASK>
[  348.144251][ T9483]  dump_stack_lvl+0x16c/0x1f0
[  348.144301][ T9483]  dump_header+0x101/0x930
[  348.144347][ T9483]  oom_kill_process+0x270/0xa60
[  348.144394][ T9483]  out_of_memory+0x350/0x1700
[  348.144454][ T9483]  ? __pfx_out_of_memory+0x10/0x10
[  348.144509][ T9483]  mem_cgroup_out_of_memory+0x205/0x270
[  348.144558][ T9483]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  348.144618][ T9483]  ? do_raw_spin_unlock+0x172/0x230
[  348.144674][ T9483]  try_charge_memcg+0xa07/0x10c0
[  348.144724][ T9483]  ? __pfx_try_charge_memcg+0x10/0x10
[  348.144764][ T9483]  ? __print_lock_name+0xc1/0xe0
[  348.144797][ T9483]  ? rcu_read_unlock+0x17/0x60
[  348.144850][ T9483]  charge_memcg+0x8a/0x230
[  348.144890][ T9483]  __mem_cgroup_charge+0x2b/0x1e0
[  348.144936][ T9483]  shmem_alloc_and_add_folio+0x514/0xc20
[  348.144985][ T9483]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  348.145027][ T9483]  ? shmem_allowable_huge_orders+0xcb/0x2f0
[  348.145074][ T9483]  shmem_get_folio_gfp+0x687/0x1530
[  348.145119][ T9483]  ? __lock_acquire+0xaa4/0x1ba0
[  348.145160][ T9483]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  348.145202][ T9483]  ? __pte_offset_map_lock+0x155/0x2f0
[  348.145253][ T9483]  shmem_write_begin+0x160/0x300
[  348.145320][ T9483]  ? __pfx_shmem_write_begin+0x10/0x10
[  348.145360][ T9483]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1260
[  348.145412][ T9483]  ? __pfx_timestamp_truncate+0x10/0x10
[  348.145456][ T9483]  generic_perform_write+0x3cd/0x930
[  348.145509][ T9483]  ? __pfx_generic_perform_write+0x10/0x10
[  348.145550][ T9483]  ? inode_needs_update_time.part.0+0x191/0x270
[  348.145597][ T9483]  shmem_file_write_iter+0x10e/0x140
[  348.145643][ T9483]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  348.145684][ T9483]  __kernel_write_iter+0x317/0xa90
[  348.145720][ T9483]  ? __pfx___kernel_write_iter+0x10/0x10
[  348.145750][ T9483]  ? __up_read+0x1f8/0x750
[  348.145803][ T9483]  ? dump_user_range+0x73d/0xb30
[  348.145846][ T9483]  ? copy_mc_enhanced_fast_string+0x6/0xf
[  348.145888][ T9483]  dump_user_range+0x418/0xb30
[  348.145943][ T9483]  ? __pfx_dump_user_range+0x10/0x10
[  348.145990][ T9483]  ? elf_coredump_extra_notes_write+0xbd/0x430
[  348.146032][ T9483]  ? __pfx_writenote+0x10/0x10
[  348.146092][ T9483]  elf_core_dump+0x288a/0x3a90
[  348.146164][ T9483]  ? __pfx_elf_core_dump+0x10/0x10
[  348.146207][ T9483]  ? kasan_save_stack+0x42/0x60
[  348.146238][ T9483]  ? kasan_save_stack+0x33/0x60
[  348.146269][ T9483]  ? kasan_save_track+0x14/0x30
[  348.146299][ T9483]  ? __kasan_kmalloc+0xaa/0xb0
[  348.146330][ T9483]  ? do_coredump+0x17aa/0x4480
[  348.146369][ T9483]  ? get_signal+0x22e3/0x26d0
[  348.146402][ T9483]  ? arch_do_signal_or_restart+0x8f/0x7a0
[  348.146459][ T9483]  ? 0xffffffffff600000
[  348.146560][ T9483]  ? do_coredump+0x3183/0x4480
[  348.146598][ T9483]  do_coredump+0x3183/0x4480
[  348.146657][ T9483]  ? __pfx_do_coredump+0x10/0x10
[  348.146702][ T9483]  ? stack_trace_save+0x8e/0xc0
[  348.146739][ T9483]  ? __pfx_stack_trace_save+0x10/0x10
[  348.146769][ T9483]  ? stack_depot_save_flags+0x28/0xa50
[  348.146812][ T9483]  ? __lock_acquire+0xaa4/0x1ba0
[  348.146857][ T9483]  ? __kasan_slab_free+0x51/0x70
[  348.146891][ T9483]  ? kmem_cache_free+0x2d4/0x4d0
[  348.146920][ T9483]  ? __sigqueue_free+0xba/0x2a0
[  348.146962][ T9483]  ? get_signal+0xcba/0x26d0
[  348.146994][ T9483]  ? arch_do_signal_or_restart+0x8f/0x7a0
[  348.147099][ T9483]  ? proc_coredump_connector+0x2d1/0x4f0
[  348.147147][ T9483]  ? __pfx_proc_coredump_connector+0x10/0x10
[  348.147204][ T9483]  ? rcu_is_watching+0x12/0xc0
[  348.147240][ T9483]  get_signal+0x22e3/0x26d0
[  348.147287][ T9483]  ? force_sig_fault+0xc4/0x100
[  348.147325][ T9483]  ? __pfx_get_signal+0x10/0x10
[  348.147374][ T9483]  arch_do_signal_or_restart+0x8f/0x7a0
[  348.147419][ T9483]  ? trace_irq_disable.constprop.0+0xd4/0x120
[  348.147471][ T9483]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  348.147543][ T9483]  irqentry_exit_to_user_mode+0x13f/0x280
[  348.147590][ T9483]  asm_exc_page_fault+0x26/0x30
[  348.147620][ T9483] RIP: 0033:0x7f8aaaf8e969
[  348.147649][ T9483] Code: Unable to access opcode bytes at 0x7f8aaaf8e93f.
[  348.147662][ T9483] RSP: 002b:0000000000000007 EFLAGS: 00010246
[  348.147686][ T9483] RAX: 0000000000000000 RBX: 00007f8aab1b6240 RCX: 00007f8aaaf8e969
[  348.147705][ T9483] RDX: 9999999999999999 RSI: 0000000000000007 RDI: 0000000000000021
[  348.147724][ T9483] RBP: 00007f8aab010ab1 R08: 0000000000000006 R09: 0000000000000000
[  348.147742][ T9483] R10: ffffffff81000000 R11: 0000000000000246 R12: 0000000000000000
[  348.147761][ T9483] R13: 0000000000000001 R14: 00007f8aab1b6240 R15: 00007ffe04cf5f88
[  348.147788][ T9483]  ? 0xffffffff81000000
[  348.147820][ T9483]  </TASK>
[  348.668597][ T9483] memory: usage 307200kB, limit 307200kB, failcnt 17997
[  348.676301][ T9483] memory+swap: usage 432140kB, limit 9007199254740988kB, failcnt 0
[  348.685206][ T9483] kmem: usage 4448kB, limit 9007199254740988kB, failcnt 0
[  348.693202][ T9483] Memory cgroup stats for /syz1:
[  348.693447][ T9483] cache 309907456
[  348.703534][ T9483] rss 53248
[  348.707060][ T9483] rss_huge 0
[  348.710574][ T9483] shmem 309645312
[  348.714562][ T9483] mapped_file 28626944
[  348.719145][ T9483] dirty 0
[  348.723197][ T9483] writeback 0
[  348.726942][ T9483] workingset_refault_anon 2655
[  348.732181][ T9483] workingset_refault_file 30
[  348.737252][ T9483] swap 127938560
[  348.741148][ T9483] swapcached 57344
[  348.745246][ T9483] pgpgin 348962
[  348.749142][ T9483] pgpgout 276851
[  348.753039][ T9483] pgfault 192823
[  348.757264][ T9483] pgmajfault 629
[  348.761161][ T9483] inactive_anon 149204992
[  348.765927][ T9483] active_anon 159961088
[  348.770704][ T9483] inactive_file 0
[  348.774699][ T9483] active_file 0
[  348.778615][ T9483] unevictable 0
[  348.782453][ T9483] hierarchical_memory_limit 314572800
[  348.788533][ T9483] hierarchical_memsw_limit 9223372036854771712
[  348.795301][ T9483] total_cache 309907456
[  348.799891][ T9483] total_rss 53248
[  348.803881][ T9483] total_rss_huge 0
[  348.808710][ T9483] total_shmem 309645312
[  348.813286][ T9483] total_mapped_file 28626944
[  348.818385][ T9483] total_dirty 0
[  348.822225][ T9483] total_writeback 0
[  348.827090][ T9483] total_workingset_refault_anon 2655
[  348.832916][ T9483] total_workingset_refault_file 30
[  348.838663][ T9483] total_swap 127938560
[  348.843159][ T9483] total_swapcached 57344
[  348.847908][ T9483] total_pgpgin 348962
[  348.852282][ T9483] total_pgpgout 276851
[  348.856836][ T9483] total_pgfault 192823
[  348.861318][ T9483] total_pgmajfault 629
[  348.865784][ T9483] total_inactive_anon 149204992
[  348.871305][ T9483] total_active_anon 159961088
[  348.876475][ T9483] total_inactive_file 0
[  348.881193][ T9483] total_active_file 0
[  348.885569][ T9483] total_unevictable 0
[  348.890015][ T9483] anon_cost 0
[  348.893624][ T9483] file_cost 0
[  348.897346][ T9483] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.678,pid=9489,uid=0
[  348.914415][ T9483] Memory cgroup out of memory: Killed process 9489 (syz.1.678) total-vm:32900kB, anon-rss:0kB, file-rss:0kB, shmem-rss:27264kB, UID:0 pgtables:64kB oom_score_adj:1000
[  350.401956][ T9825] netlink: 342 bytes leftover after parsing attributes in process `syz.3.743'.
[  351.011508][   T32] oom_reaper: reaped process 9489 (syz.1.678), now anon-rss:0kB, file-rss:0kB, shmem-rss:25216kB
[  351.243284][ T9494] syz.1.678 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  351.611527][ T9494] CPU: 1 UID: 0 PID: 9494 Comm: syz.1.678 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(full) 
[  351.611569][ T9494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  351.611587][ T9494] Call Trace:
[  351.611598][ T9494]  <TASK>
[  351.611608][ T9494]  dump_stack_lvl+0x16c/0x1f0
[  351.611656][ T9494]  dump_header+0x101/0x930
[  351.611703][ T9494]  oom_kill_process+0x270/0xa60
[  351.611750][ T9494]  out_of_memory+0x350/0x1700
[  351.611802][ T9494]  ? __pfx_out_of_memory+0x10/0x10
[  351.611858][ T9494]  mem_cgroup_out_of_memory+0x205/0x270
[  351.611909][ T9494]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  351.611970][ T9494]  ? do_raw_spin_unlock+0x172/0x230
[  351.612027][ T9494]  try_charge_memcg+0xa07/0x10c0
[  351.612075][ T9494]  ? __pfx_try_charge_memcg+0x10/0x10
[  351.612132][ T9494]  ? __print_lock_name+0xc1/0xe0
[  351.612165][ T9494]  ? rcu_read_unlock+0x17/0x60
[  351.612219][ T9494]  charge_memcg+0x8a/0x230
[  351.612259][ T9494]  __mem_cgroup_charge+0x2b/0x1e0
[  351.612305][ T9494]  shmem_alloc_and_add_folio+0x514/0xc20
[  351.612353][ T9494]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  351.612397][ T9494]  ? shmem_allowable_huge_orders+0xcb/0x2f0
[  351.612445][ T9494]  shmem_get_folio_gfp+0x687/0x1530
[  351.612489][ T9494]  ? __lock_acquire+0xaa4/0x1ba0
[  351.612531][ T9494]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  351.612572][ T9494]  ? __pte_offset_map_lock+0x155/0x2f0
[  351.612624][ T9494]  shmem_write_begin+0x160/0x300
[  351.612675][ T9494]  ? __pfx_shmem_write_begin+0x10/0x10
[  351.612718][ T9494]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1260
[  351.612772][ T9494]  ? __pfx_timestamp_truncate+0x10/0x10
[  351.612811][ T9494]  generic_perform_write+0x3cd/0x930
[  351.612864][ T9494]  ? __pfx_generic_perform_write+0x10/0x10
[  351.612906][ T9494]  ? inode_needs_update_time.part.0+0x191/0x270
[  351.612953][ T9494]  shmem_file_write_iter+0x10e/0x140
[  351.613002][ T9494]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  351.613046][ T9494]  __kernel_write_iter+0x317/0xa90
[  351.613083][ T9494]  ? __pfx___kernel_write_iter+0x10/0x10
[  351.613121][ T9494]  ? __up_read+0x1f8/0x750
[  351.613171][ T9494]  ? dump_user_range+0x73d/0xb30
[  351.613212][ T9494]  ? copy_mc_enhanced_fast_string+0x6/0xf
[  351.613254][ T9494]  dump_user_range+0x418/0xb30
[  351.613307][ T9494]  ? __pfx_dump_user_range+0x10/0x10
[  351.613355][ T9494]  ? elf_coredump_extra_notes_write+0xbd/0x430
[  351.613398][ T9494]  ? __pfx_writenote+0x10/0x10
[  351.613455][ T9494]  elf_core_dump+0x288a/0x3a90
[  351.613522][ T9494]  ? __pfx_elf_core_dump+0x10/0x10
[  351.613568][ T9494]  ? kasan_save_stack+0x42/0x60
[  351.613598][ T9494]  ? kasan_save_stack+0x33/0x60
[  351.613629][ T9494]  ? kasan_save_track+0x14/0x30
[  351.613659][ T9494]  ? __kasan_kmalloc+0xaa/0xb0
[  351.613691][ T9494]  ? do_coredump+0x17aa/0x4480
[  351.613730][ T9494]  ? get_signal+0x22e3/0x26d0
[  351.613764][ T9494]  ? arch_do_signal_or_restart+0x8f/0x7a0
[  351.613821][ T9494]  ? 0xffffffffff600000
[  351.613921][ T9494]  ? do_coredump+0x3183/0x4480
[  351.613960][ T9494]  do_coredump+0x3183/0x4480
[  351.614019][ T9494]  ? __pfx_do_coredump+0x10/0x10
[  351.614063][ T9494]  ? stack_trace_save+0x8e/0xc0
[  351.614102][ T9494]  ? __pfx_stack_trace_save+0x10/0x10
[  351.614134][ T9494]  ? stack_depot_save_flags+0x28/0xa50
[  351.614183][ T9494]  ? __lock_acquire+0xaa4/0x1ba0
[  351.614234][ T9494]  ? __kasan_slab_free+0x51/0x70
[  351.614268][ T9494]  ? kmem_cache_free+0x2d4/0x4d0
[  351.614299][ T9494]  ? __sigqueue_free+0xba/0x2a0
[  351.614338][ T9494]  ? get_signal+0xcba/0x26d0
[  351.614371][ T9494]  ? arch_do_signal_or_restart+0x8f/0x7a0
[  351.614477][ T9494]  ? proc_coredump_connector+0x2d1/0x4f0
[  351.614526][ T9494]  ? __pfx_proc_coredump_connector+0x10/0x10
[  351.614585][ T9494]  ? rcu_is_watching+0x12/0xc0
[  351.614622][ T9494]  get_signal+0x22e3/0x26d0
[  351.614668][ T9494]  ? force_sig_fault+0xc4/0x100
[  351.614705][ T9494]  ? __pfx_get_signal+0x10/0x10
[  351.614754][ T9494]  arch_do_signal_or_restart+0x8f/0x7a0
[  351.614798][ T9494]  ? trace_irq_disable.constprop.0+0xd4/0x120
[  351.614842][ T9494]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  351.614915][ T9494]  irqentry_exit_to_user_mode+0x13f/0x280
[  351.614961][ T9494]  asm_exc_page_fault+0x26/0x30
[  351.614991][ T9494] RIP: 0033:0x7f8aaaf8e969
[  351.615021][ T9494] Code: Unable to access opcode bytes at 0x7f8aaaf8e93f.
[  351.615036][ T9494] RSP: 002b:0000000000000007 EFLAGS: 00010246
[  351.615060][ T9494] RAX: 0000000000000000 RBX: 00007f8aab1b6240 RCX: 00007f8aaaf8e969
[  351.615080][ T9494] RDX: 9999999999999999 RSI: 0000000000000007 RDI: 0000000000000021
[  351.615107][ T9494] RBP: 00007f8aab010ab1 R08: 0000000000000006 R09: 0000000000000000
[  351.615127][ T9494] R10: ffffffff81000000 R11: 0000000000000246 R12: 0000000000000000
[  351.615147][ T9494] R13: 0000000000000001 R14: 00007f8aab1b6240 R15: 00007ffe04cf5f88
[  351.615175][ T9494]  ? 0xffffffff81000000
[  351.615211][ T9494]  </TASK>
[  352.328571][ T9489] syz.1.678 (9489) used greatest stack depth: 19640 bytes left
[  352.838542][ T9494] memory: usage 293536kB, limit 307200kB, failcnt 18889
[  353.218529][ T9494] memory+swap: usage 412916kB, limit 9007199254740988kB, failcnt 0
[  353.264039][ T9494] kmem: usage 4116kB, limit 9007199254740988kB, failcnt 0
[  353.312841][ T9494] Memory cgroup stats for /syz1:
[  353.314208][ T9494] cache 296820736
[  353.358439][ T9494] rss 53248
[  353.362056][ T9494] rss_huge 0
[  353.365621][ T9494] shmem 296820736
[  353.425730][ T9494] mapped_file 27377664
[  353.568750][ T9494] dirty 0
[  353.572220][ T9494] writeback 0
[  353.576010][ T9494] workingset_refault_anon 2655
[  353.612342][ T9494] workingset_refault_file 30
[  353.643876][ T9494] swap 122449920
[  353.776340][ T9494] swapcached 57344
[  353.860304][ T9858] FAULT_INJECTION: forcing a failure.
[  353.860304][ T9858] name failslab, interval 1, probability 0, space 0, times 0
[  353.926287][ T9858] CPU: 1 UID: 0 PID: 9858 Comm: syz.4.751 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(full) 
[  353.926323][ T9858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  353.926338][ T9858] Call Trace:
[  353.926346][ T9858]  <TASK>
[  353.926355][ T9858]  dump_stack_lvl+0x16c/0x1f0
[  353.926393][ T9858]  should_fail_ex+0x512/0x640
[  353.926427][ T9858]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  353.926462][ T9858]  should_failslab+0xc2/0x120
[  353.926491][ T9858]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  353.926523][ T9858]  ? __kthread_create_on_node+0x186/0x3f0
[  353.926559][ T9858]  kvasprintf+0xbc/0x160
[  353.926597][ T9858]  ? __pfx_kvasprintf+0x10/0x10
[  353.926646][ T9858]  ? __pfx_cec_config_thread_func+0x10/0x10
[  353.926675][ T9858]  __kthread_create_on_node+0x186/0x3f0
[  353.926708][ T9858]  ? __pfx___kthread_create_on_node+0x10/0x10
[  353.926761][ T9858]  ? cec_adap_enable+0x77c/0xc30
[  353.926803][ T9858]  ? __pfx_cec_config_thread_func+0x10/0x10
[  353.926845][ T9858]  kthread_create_on_node+0xc7/0x100
[  353.926878][ T9858]  ? __pfx_kthread_create_on_node+0x10/0x10
[  353.926910][ T9858]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  353.926950][ T9858]  ? lockdep_init_map_type+0x5c/0x280
[  353.926985][ T9858]  ? lockdep_init_map_type+0x5c/0x280
[  353.927023][ T9858]  cec_claim_log_addrs+0x13e/0x2e0
[  353.927052][ T9858]  __cec_s_log_addrs+0xdc9/0x1670
[  353.927090][ T9858]  cec_ioctl+0x4b8/0x2970
[  353.927124][ T9858]  ? __pfx_cec_ioctl+0x10/0x10
[  353.927159][ T9858]  ? do_raw_spin_unlock+0x144/0x230
[  353.927197][ T9858]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  353.927227][ T9858]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  353.927262][ T9858]  ? do_vfs_ioctl+0x512/0x1990
[  353.927296][ T9858]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  353.927349][ T9858]  ? find_held_lock+0x2b/0x80
[  353.927370][ T9858]  ? hook_file_ioctl_common+0x145/0x410
[  353.927410][ T9858]  ? __pfx_cec_ioctl+0x10/0x10
[  353.927440][ T9858]  __x64_sys_ioctl+0x190/0x200
[  353.927475][ T9858]  do_syscall_64+0xcd/0x230
[  353.927511][ T9858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.927536][ T9858] RIP: 0033:0x7f080cd8e969
[  353.927554][ T9858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  353.927577][ T9858] RSP: 002b:00007f080db94038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  353.927599][ T9858] RAX: ffffffffffffffda RBX: 00007f080cfb5fa0 RCX: 00007f080cd8e969
[  353.927614][ T9858] RDX: 00002000000000c0 RSI: 00000000c05c6104 RDI: 0000000000000005
[  353.927629][ T9858] RBP: 00007f080ce10ab1 R08: 0000000000000000 R09: 0000000000000000
[  353.927643][ T9858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  353.927657][ T9858] R13: 0000000000000000 R14: 00007f080cfb5fa0 R15: 00007ffdc9393668
[  353.927686][ T9858]  </TASK>
[  354.699602][ T9494] pgpgin 352875
[  354.703490][ T9494] pgpgout 283959
[  354.780057][ T9494] pgfault 194223
[  354.891162][ T9494] pgmajfault 629
[  354.925014][ T9494] inactive_anon 162304000
[  354.993488][ T9494] active_anon 134139904
[  355.006562][ T9494] inactive_file 0
[  355.014338][ T9494] active_file 0
[  355.158489][ T9494] unevictable 0
[  355.195995][ T9494] hierarchical_memory_limit 314572800
[  355.251814][ T9494] hierarchical_memsw_limit 9223372036854771712
[  355.328161][ T9494] total_cache 296820736
[  355.366909][ T9494] total_rss 53248
[  355.371175][ T9494] total_rss_huge 0
[  355.375359][ T9494] total_shmem 296820736
[  355.384535][ T9494] total_mapped_file 27377664
[  355.391317][ T9494] total_dirty 0
[  355.395302][ T9494] total_writeback 0
[  355.408861][ T9494] total_workingset_refault_anon 2655
[  355.442407][ T9494] total_workingset_refault_file 30
[  355.535939][ T9494] total_swap 122449920
[  355.584845][ T9494] total_swapcached 57344
[  355.678095][ T9494] total_pgpgin 352875
[  355.691034][ T9874] vivid-003: =================  START STATUS  =================
[  355.704216][ T9874] vivid-003: Radio HW Seek Mode: Bounded
[  355.718456][ T9494] total_pgpgout 283959
[  355.722989][ T9494] total_pgfault 194223
[  355.746880][ T9494] total_pgmajfault 629
[  355.793819][ T9494] total_inactive_anon 162304000
[  355.800500][ T9874] vivid-003: Radio Programmable HW Seek: false
[  355.842010][ T9874] vivid-003: RDS Rx I/O Mode: Block I/O
[  355.882183][ T9874] vivid-003: Generate RBDS Instead of RDS: false
[  355.902027][ T9874] vivid-003: RDS Reception: true
[  355.909974][ T9874] vivid-003: RDS Program Type: 0 inactive
[  355.916454][ T9874] vivid-003: RDS PS Name:  inactive
[  355.922409][ T9874] vivid-003: RDS Radio Text:  inactive
[  356.036872][ T9874] vivid-003: RDS Traffic Announcement: false inactive
[  356.056902][ T9874] vivid-003: RDS Traffic Program: false inactive
[  356.072261][ T9874] vivid-003: RDS Music: false inactive
[  356.083921][ T9874] vivid-003: ==================  END STATUS  ==================
[  356.214218][ T9494] total_active_anon 134139904
[  356.271536][ T9494] total_inactive_file 0
[  356.276285][ T9494] total_active_file 0
[  356.332474][ T9494] total_unevictable 0
[  356.443249][ T9494] anon_cost 0
[  356.568413][ T9494] file_cost 0
[  356.608281][ T9494] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.678,pid=9479,uid=0
[  356.745349][ T9494] Memory cgroup out of memory: Killed process 9479 (syz.1.678) total-vm:32900kB, anon-rss:0kB, file-rss:0kB, shmem-rss:21220kB, UID:0 pgtables:64kB oom_score_adj:1000
[  357.713276][ T9903] netlink: 48 bytes leftover after parsing attributes in process `syz.3.757'.
[  360.678470][ T9486] syz.1.678 (9486) used greatest stack depth: 19528 bytes left
[  363.454886][ T5826] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  363.465133][ T5826] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  363.479109][ T5826] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  363.492616][ T5826] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  363.501532][ T5826] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  363.952042][T10000] chnl_net:caif_netlink_parms(): no params data found
[  365.268924][T10030] netlink: 28 bytes leftover after parsing attributes in process `syz.2.776'.
[  365.557121][   T56] Bluetooth: hci5: command tx timeout
[  366.145472][ T9480] syz.1.678 (9480) used greatest stack depth: 19336 bytes left
[  366.979552][T10054] netlink: 48 bytes leftover after parsing attributes in process `syz.3.781'.
[  367.639006][   T56] Bluetooth: hci5: command tx timeout
[  367.772703][T10000] bridge0: port 1(bridge_slave_0) entered blocking state
[  367.800100][T10000] bridge0: port 1(bridge_slave_0) entered disabled state
[  367.834674][T10000] bridge_slave_0: entered allmulticast mode
[  367.878319][T10000] bridge_slave_0: entered promiscuous mode
[  368.035637][T10000] bridge0: port 2(bridge_slave_1) entered blocking state
[  368.054231][T10000] bridge0: port 2(bridge_slave_1) entered disabled state
[  368.094595][T10000] bridge_slave_1: entered allmulticast mode
[  368.103832][T10000] bridge_slave_1: entered promiscuous mode
[  368.266494][T10000] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  368.513301][T10000] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  368.615460][T10065] FAULT_INJECTION: forcing a failure.
[  368.615460][T10065] name failslab, interval 1, probability 0, space 0, times 0
[  368.680384][T10065] CPU: 1 UID: 0 PID: 10065 Comm: syz.4.784 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(full) 
[  368.680419][T10065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  368.680434][T10065] Call Trace:
[  368.680442][T10065]  <TASK>
[  368.680450][T10065]  dump_stack_lvl+0x16c/0x1f0
[  368.680489][T10065]  should_fail_ex+0x512/0x640
[  368.680524][T10065]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  368.680554][T10065]  should_failslab+0xc2/0x120
[  368.680584][T10065]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  368.680610][T10065]  ? __proc_create+0xc3/0x8c0
[  368.680635][T10065]  ? __proc_create+0x2ce/0x8c0
[  368.680665][T10065]  __proc_create+0x2ce/0x8c0
[  368.680692][T10065]  ? __pfx___proc_create+0x10/0x10
[  368.680724][T10065]  ? _raw_write_unlock+0x28/0x50
[  368.680760][T10065]  ? proc_register+0x314/0x5f0
[  368.680790][T10065]  proc_create_reg+0x7d/0x180
[  368.680821][T10065]  proc_create_net_data+0x8e/0x1b0
[  368.680851][T10065]  ? __pfx_proc_create_net_data+0x10/0x10
[  368.680889][T10065]  sctp_proc_init+0x199/0x270
[  368.680925][T10065]  ? __pfx_sctp_defaults_init+0x10/0x10
[  368.680960][T10065]  sctp_defaults_init+0x74a/0xd80
[  368.681001][T10065]  ? __pfx_sctp_defaults_init+0x10/0x10
[  368.681036][T10065]  ops_init+0x1df/0x5f0
[  368.681069][T10065]  setup_net+0x21e/0x850
[  368.681100][T10065]  ? __pfx_setup_net+0x10/0x10
[  368.681128][T10065]  ? lockdep_init_map_type+0x5c/0x280
[  368.681161][T10065]  ? __pfx_down_read_killable+0x10/0x10
[  368.681202][T10065]  ? debug_mutex_init+0x37/0x70
[  368.681227][T10065]  copy_net_ns+0x2a6/0x5f0
[  368.681262][T10065]  create_new_namespaces+0x3ea/0xad0
[  368.681296][T10065]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  368.681325][T10065]  ksys_unshare+0x45b/0xa40
[  368.681359][T10065]  ? __pfx_ksys_unshare+0x10/0x10
[  368.681391][T10065]  ? xfd_validate_state+0x5d/0x180
[  368.681431][T10065]  ? rcu_is_watching+0x12/0xc0
[  368.681461][T10065]  __x64_sys_unshare+0x31/0x40
[  368.681493][T10065]  do_syscall_64+0xcd/0x230
[  368.681530][T10065]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.681554][T10065] RIP: 0033:0x7f080cd8e969
[  368.681573][T10065] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  368.681596][T10065] RSP: 002b:00007f080db73038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  368.681618][T10065] RAX: ffffffffffffffda RBX: 00007f080cfb6080 RCX: 00007f080cd8e969
[  368.681634][T10065] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  368.681648][T10065] RBP: 00007f080ce10ab1 R08: 0000000000000000 R09: 0000000000000000
[  368.681663][T10065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  368.681677][T10065] R13: 0000000000000000 R14: 00007f080cfb6080 R15: 00007ffdc9393668
[  368.681707][T10065]  </TASK>
[  369.512655][T10000] team0: Port device team_slave_0 added
[  369.661933][   T54] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  369.725181][   T56] Bluetooth: hci5: command tx timeout
[  370.240819][T10000] team0: Port device team_slave_1 added
[  370.541082][   T54] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  370.869746][T10074] FAULT_INJECTION: forcing a failure.
[  370.869746][T10074] name failslab, interval 1, probability 0, space 0, times 0
[  370.952973][   T54] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  370.983118][T10074] CPU: 0 UID: 0 PID: 10074 Comm: syz.3.787 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(full) 
[  370.983180][T10074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  370.983200][T10074] Call Trace:
[  370.983210][T10074]  <TASK>
[  370.983221][T10074]  dump_stack_lvl+0x16c/0x1f0
[  370.983271][T10074]  should_fail_ex+0x512/0x640
[  370.983315][T10074]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  370.983372][T10074]  should_failslab+0xc2/0x120
[  370.983411][T10074]  __kmalloc_cache_noprof+0x6a/0x3e0
[  370.983461][T10074]  ? ww_mutex_lock+0x37/0x160
[  370.983504][T10074]  ? vkms_plane_duplicate_state+0x45/0x130
[  370.983561][T10074]  ? modeset_lock+0x114/0x6e0
[  370.983595][T10074]  vkms_plane_duplicate_state+0x45/0x130
[  370.983648][T10074]  drm_atomic_get_plane_state+0x20b/0x590
[  370.983695][T10074]  drm_client_modeset_commit_atomic+0x237/0x7e0
[  370.983750][T10074]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  370.983838][T10074]  drm_client_modeset_commit_locked+0x14d/0x580
[  370.983887][T10074]  drm_client_modeset_commit+0x4f/0x80
[  370.983928][T10074]  __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200
[  370.983965][T10074]  ? __pfx_drm_fbdev_client_restore+0x10/0x10
[  370.984017][T10074]  drm_fbdev_client_restore+0x2c/0x40
[  370.984062][T10074]  drm_client_dev_restore+0x1f3/0x2a0
[  370.984108][T10074]  drm_release+0x2c4/0x360
[  370.984147][T10074]  ? __pfx_drm_release+0x10/0x10
[  370.984182][T10074]  __fput+0x3ff/0xb70
[  370.984232][T10074]  task_work_run+0x14d/0x240
[  370.984286][T10074]  ? __pfx_task_work_run+0x10/0x10
[  370.984336][T10074]  ? __pfx___do_sys_close_range+0x10/0x10
[  370.984367][T10074]  ? rcu_is_watching+0x12/0xc0
[  370.984405][T10074]  syscall_exit_to_user_mode+0x27b/0x2a0
[  370.984451][T10074]  do_syscall_64+0xda/0x230
[  370.984502][T10074]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  370.984544][T10074] RIP: 0033:0x7fd68c58e969
[  370.984570][T10074] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  370.984603][T10074] RSP: 002b:00007fd68a3d5038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  370.984633][T10074] RAX: 0000000000000000 RBX: 00007fd68c7b6080 RCX: 00007fd68c58e969
[  370.984653][T10074] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  370.984671][T10074] RBP: 00007fd68c610ab1 R08: 0000000000000000 R09: 0000000000000000
[  370.984689][T10074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  370.984708][T10074] R13: 0000000000000000 R14: 00007fd68c7b6080 R15: 00007ffc57252858
[  370.984750][T10074]  </TASK>
[  371.388083][T10000] batman_adv: batadv0: Adding interface: batadv_slave_0
[  371.410211][T10000] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  371.643225][T10000] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  371.696511][T10085] netlink: 48 bytes leftover after parsing attributes in process `syz.2.789'.
[  371.797047][   T56] Bluetooth: hci5: command tx timeout
[  371.997595][   T54] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.157736][T10000] batman_adv: batadv0: Adding interface: batadv_slave_1
[  372.165446][T10000] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  372.328330][T10000] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  372.454998][T10094] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10
[  372.485484][T10095] random: crng reseeded on system resumption
[  372.565502][T10098] netlink: 'syz.3.793': attribute type 1 has an invalid length.
[  372.721006][T10000] hsr_slave_0: entered promiscuous mode
[  372.748082][T10000] hsr_slave_1: entered promiscuous mode
[  372.767795][T10000] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  372.795106][T10000] Cannot create hsr debugfs directory
[  373.531684][   T54] bridge_slave_1: left allmulticast mode
[  373.550230][   T54] bridge_slave_1: left promiscuous mode
[  373.556616][   T54] bridge0: port 2(bridge_slave_1) entered disabled state
[  373.680115][T10024] Process accounting paused
[  373.788746][   T54] bridge_slave_0: left allmulticast mode
[  373.794993][   T54] bridge_slave_0: left promiscuous mode
[  373.808890][   T54] bridge0: port 1(bridge_slave_0) entered disabled state
[  374.702458][T10114] netlink: 48 bytes leftover after parsing attributes in process `syz.2.797'.
[  376.324545][   T54] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  376.548899][   T54] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  376.668452][   T54] bond0 (unregistering): Released all slaves
[  377.241455][T10000] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  377.604453][T10139] netlink: 48 bytes leftover after parsing attributes in process `syz.2.804'.
[  377.700957][T10000] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  377.978510][T10000] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  378.459670][T10000] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  379.722013][T10000] 8021q: adding VLAN 0 to HW filter on device bond0
[  379.834039][T10000] 8021q: adding VLAN 0 to HW filter on device team0
[  379.890393][ T6139] bridge0: port 1(bridge_slave_0) entered blocking state
[  379.898415][ T6139] bridge0: port 1(bridge_slave_0) entered forwarding state
[  379.985078][ T6139] bridge0: port 2(bridge_slave_1) entered blocking state
[  379.993062][ T6139] bridge0: port 2(bridge_slave_1) entered forwarding state
[  380.123673][   T54] hsr_slave_0: left promiscuous mode
[  380.160468][   T54] hsr_slave_1: left promiscuous mode
[  380.167537][T10179] netlink: 28 bytes leftover after parsing attributes in process `syz.3.809'.
[  380.190160][   T54] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  380.206610][   T54] batman_adv: batadv0: Removing interface: batadv_slave_0
[  380.217383][T10181] random: crng reseeded on system resumption
[  380.246167][   T54] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  380.275279][   T54] batman_adv: batadv0: Removing interface: batadv_slave_1
[  380.327195][   T54] veth1_macvtap: left promiscuous mode
[  380.333375][   T54] veth0_macvtap: left promiscuous mode
[  380.357076][   T54] veth1_vlan: left promiscuous mode
[  380.363132][   T54] veth0_vlan: left promiscuous mode
[  381.562899][   T54] team0 (unregistering): Port device team_slave_1 removed
[  381.613728][   T54] team0 (unregistering): Port device team_slave_0 removed
[  383.802781][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  383.804144][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  383.929881][T10000] 8021q: adding VLAN 0 to HW filter on device batadv0
[  385.089003][T10000] veth0_vlan: entered promiscuous mode
[  385.195643][T10000] veth1_vlan: entered promiscuous mode
[  385.459046][T10000] veth0_macvtap: entered promiscuous mode
[  385.480408][T10000] veth1_macvtap: entered promiscuous mode
[  385.600131][T10000] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  385.601978][T10000] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.603583][T10000] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  385.605240][T10000] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.638570][T10000] batman_adv: batadv0: Interface activated: batadv_slave_0
[  385.694111][T10000] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  385.697262][T10000] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.698927][T10000] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  385.700679][T10000] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.703595][T10000] batman_adv: batadv0: Interface activated: batadv_slave_1
[  385.730166][T10000] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  385.731642][T10000] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  385.733082][T10000] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  385.734454][T10000] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  386.165015][T10278] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  386.167777][T10278] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  386.170152][T10278] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  386.176280][T10278] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  386.182534][T10278] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  386.245768][T10278] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  386.520777][ T9944] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  386.522133][ T9944] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  386.581393][ T9586] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  386.582794][ T9586] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  388.196951][   T56] Bluetooth: hci5: command 0x0c1a tx timeout
[  388.198037][   T56] Bluetooth: hci4: command 0x0c1a tx timeout
[  388.199071][   T56] Bluetooth: hci3: command 0x0c1a tx timeout
[  388.200064][   T56] Bluetooth: hci1: command 0x0c1a tx timeout
[  390.277674][ T5826] Bluetooth: hci5: command 0x0c1a tx timeout
[  392.082602][T10392] netlink: 48 bytes leftover after parsing attributes in process `syz.3.838'.
[  392.356859][ T5826] Bluetooth: hci5: command 0x0c1a tx timeout
[  392.645732][T10407] netlink: 338 bytes leftover after parsing attributes in process `syz.3.843'.
[  392.709137][T10409] ubi0: attaching mtd0
[  392.711109][T10409] ubi0: scanning is finished
[  392.711173][T10409] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record
[  392.894817][T10414] Invalid ELF header magic: != ELF
[  392.985919][T10419] FAULT_INJECTION: forcing a failure.
[  392.985919][T10419] name failslab, interval 1, probability 0, space 0, times 0
[  392.986060][T10419] CPU: 1 UID: 0 PID: 10419 Comm: syz.3.845 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(full) 
[  392.986093][T10419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  392.986108][T10419] Call Trace:
[  392.986116][T10419]  <TASK>
[  392.986125][T10419]  dump_stack_lvl+0x16c/0x1f0
[  392.986166][T10419]  should_fail_ex+0x512/0x640
[  392.986200][T10419]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  392.986254][T10419]  should_failslab+0xc2/0x120
[  392.986286][T10419]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  392.986316][T10419]  ? __pmd_alloc+0xc3/0x870
[  392.986358][T10419]  __pmd_alloc+0xc3/0x870
[  392.986399][T10419]  __handle_mm_fault+0x948/0x2a40
[  392.986435][T10419]  ? __pfx___handle_mm_fault+0x10/0x10
[  392.986483][T10419]  ? find_vma+0xbf/0x140
[  392.986524][T10419]  ? __pfx_find_vma+0x10/0x10
[  392.986570][T10419]  handle_mm_fault+0x3fe/0xad0
[  392.986606][T10419]  do_user_addr_fault+0x7a6/0x1370
[  392.986639][T10419]  ? rcu_is_watching+0x12/0xc0
[  392.986670][T10419]  exc_page_fault+0x5c/0xc0
[  392.986707][T10419]  asm_exc_page_fault+0x26/0x30
[  392.986734][T10419] RIP: 0010:rep_movs_alternative+0x30/0x90
[  392.986767][T10419] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08
[  392.986796][T10419] RSP: 0018:ffffc9000d6a7d18 EFLAGS: 00050246
[  392.986820][T10419] RAX: 0000000000000001 RBX: 0000200000000180 RCX: 0000000000000008
[  392.986839][T10419] RDX: fffff52001ad4fb7 RSI: 0000200000000180 RDI: ffffc9000d6a7db0
[  392.986858][T10419] RBP: 0000000000000008 R08: 0000000000000001 R09: fffff52001ad4fb6
[  392.986876][T10419] R10: ffffc9000d6a7db7 R11: 0000000000000000 R12: 0000000000000000
[  392.986895][T10419] R13: ffffc9000d6a7db0 R14: 0000000000000008 R15: 0000000000000011
[  392.986938][T10419]  _copy_from_user+0x98/0xd0
[  392.986987][T10419]  __io_uring_register+0x152c/0x2310
[  392.987037][T10419]  ? trace_contention_end+0xdd/0x130
[  392.987079][T10419]  ? __pfx___io_uring_register+0x10/0x10
[  392.987125][T10419]  ? __mutex_lock+0x1ca/0xb90
[  392.987168][T10419]  ? __x64_sys_io_uring_register+0x159/0x280
[  392.987225][T10419]  ? __pfx___mutex_lock+0x10/0x10
[  392.987269][T10419]  ? __fget_files+0x20e/0x3c0
[  392.987307][T10419]  ? fput+0x20/0xf0
[  392.987346][T10419]  __x64_sys_io_uring_register+0x169/0x280
[  392.987392][T10419]  do_syscall_64+0xcd/0x230
[  392.987431][T10419]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.987456][T10419] RIP: 0033:0x7fd68c58e969
[  392.987480][T10419] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  392.987510][T10419] RSP: 002b:00007fd68a3f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[  392.987537][T10419] RAX: ffffffffffffffda RBX: 00007fd68c7b5fa0 RCX: 00007fd68c58e969
[  392.987557][T10419] RDX: 0000200000000180 RSI: 0000000000000011 RDI: 0000000000000002
[  392.987576][T10419] RBP: 00007fd68a3f6090 R08: 0000000000000000 R09: 0000000000000000
[  392.987595][T10419] R10: 0000000000000083 R11: 0000000000000246 R12: 0000000000000001
[  392.987613][T10419] R13: 0000000000000000 R14: 00007fd68c7b5fa0 R15: 00007ffc57252858
[  392.987654][T10419]  </TASK>
[  393.007830][T10414] Invalid ELF header magic: != ELF
[  393.022513][T10409] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  394.478107][T10456] netlink: 32 bytes leftover after parsing attributes in process `syz.4.850'.
[  394.539980][T10458] ubi0: attaching mtd0
[  394.542019][T10458] ubi0: scanning is finished
[  394.542090][T10458] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record
[  394.566014][T10456] HfR: entered promiscuous mode
[  394.586233][T10457] openvswitch: HfR: Dropping previously announced user features
[  394.742595][T10458] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  395.127424][T10475] queue_state_write: unsupported operation ''
[  395.127485][T10475] queue_state_write: use 'run', 'start' or 'kick'
[  395.624319][T10439] tty tty12: ldisc open failed (-12), clearing slot 11
[  395.657791][T10433] ttyS ttyS1: ldisc open failed (-12), clearing slot 1
[  395.713582][T10440] tty tty29: ldisc open failed (-12), clearing slot 28
[  398.332687][T10542] netlink: 'syz.3.865': attribute type 29 has an invalid length.
[  398.398525][T10542] netlink: 334 bytes leftover after parsing attributes in process `syz.3.865'.
[  398.736106][T10555] FAULT_INJECTION: forcing a failure.
[  398.736106][T10555] name failslab, interval 1, probability 0, space 0, times 0
[  398.760177][T10555] CPU: 1 UID: 0 PID: 10555 Comm: syz.2.867 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(full) 
[  398.760219][T10555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  398.760237][T10555] Call Trace:
[  398.760248][T10555]  <TASK>
[  398.760258][T10555]  dump_stack_lvl+0x16c/0x1f0
[  398.760304][T10555]  should_fail_ex+0x512/0x640
[  398.760335][T10555]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  398.760363][T10555]  should_failslab+0xc2/0x120
[  398.760391][T10555]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  398.760416][T10555]  ? ptlock_alloc+0x1f/0x70
[  398.760441][T10555]  ptlock_alloc+0x1f/0x70
[  398.760462][T10555]  pte_alloc_one+0x6d/0x380
[  398.760487][T10555]  __pte_alloc+0x6d/0x3c0
[  398.760537][T10555]  ? __pfx___pte_alloc+0x10/0x10
[  398.760569][T10555]  ? do_raw_spin_lock+0x12c/0x2b0
[  398.760604][T10555]  ? find_held_lock+0x2b/0x80
[  398.760633][T10555]  do_pte_missing+0x2925/0x3fb0
[  398.760670][T10555]  ? _raw_spin_unlock+0x28/0x50
[  398.760697][T10555]  ? __pmd_alloc+0x3c2/0x870
[  398.760734][T10555]  __handle_mm_fault+0x103d/0x2a40
[  398.760766][T10555]  ? __pfx___handle_mm_fault+0x10/0x10
[  398.760806][T10555]  ? find_vma+0xbf/0x140
[  398.760838][T10555]  ? __pfx_find_vma+0x10/0x10
[  398.760873][T10555]  handle_mm_fault+0x3fe/0xad0
[  398.760903][T10555]  do_user_addr_fault+0x7a6/0x1370
[  398.760930][T10555]  ? rcu_is_watching+0x12/0xc0
[  398.760954][T10555]  exc_page_fault+0x5c/0xc0
[  398.760986][T10555]  asm_exc_page_fault+0x26/0x30
[  398.761009][T10555] RIP: 0010:rep_movs_alternative+0x30/0x90
[  398.761035][T10555] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08
[  398.761058][T10555] RSP: 0018:ffffc9000cf97d18 EFLAGS: 00050246
[  398.761076][T10555] RAX: 0000000000000001 RBX: 0000200000000180 RCX: 0000000000000008
[  398.761091][T10555] RDX: fffff520019f2fb7 RSI: 0000200000000180 RDI: ffffc9000cf97db0
[  398.761106][T10555] RBP: 0000000000000008 R08: 0000000000000001 R09: fffff520019f2fb6
[  398.761120][T10555] R10: ffffc9000cf97db7 R11: 0000000000000000 R12: 0000000000000000
[  398.761134][T10555] R13: ffffc9000cf97db0 R14: 0000000000000008 R15: 0000000000000011
[  398.761170][T10555]  _copy_from_user+0x98/0xd0
[  398.761219][T10555]  __io_uring_register+0x152c/0x2310
[  398.761270][T10555]  ? trace_contention_end+0xdd/0x130
[  398.761303][T10555]  ? __pfx___io_uring_register+0x10/0x10
[  398.761339][T10555]  ? __mutex_lock+0x1ca/0xb90
[  398.761374][T10555]  ? __x64_sys_io_uring_register+0x159/0x280
[  398.761415][T10555]  ? __pfx___mutex_lock+0x10/0x10
[  398.761455][T10555]  ? __fget_files+0x20e/0x3c0
[  398.761490][T10555]  ? fput+0x20/0xf0
[  398.761525][T10555]  __x64_sys_io_uring_register+0x169/0x280
[  398.761572][T10555]  do_syscall_64+0xcd/0x230
[  398.761607][T10555]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  398.761631][T10555] RIP: 0033:0x7fb02098e969
[  398.761655][T10555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  398.761677][T10555] RSP: 002b:00007fb021730038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[  398.761698][T10555] RAX: ffffffffffffffda RBX: 00007fb020bb6080 RCX: 00007fb02098e969
[  398.761713][T10555] RDX: 0000200000000180 RSI: 0000000000000011 RDI: 0000000000000002
[  398.761727][T10555] RBP: 00007fb021730090 R08: 0000000000000000 R09: 0000000000000000
[  398.761741][T10555] R10: 0000000000000083 R11: 0000000000000246 R12: 0000000000000001
[  398.761755][T10555] R13: 0000000000000000 R14: 00007fb020bb6080 R15: 00007ffd55640148
[  398.761784][T10555]  </TASK>
[  400.907839][T10573] Oops: general protection fault, probably for non-canonical address 0xdffffc000000000e: 0000 [#1] SMP KASAN PTI
[  400.920996][T10573] KASAN: null-ptr-deref in range [0x0000000000000070-0x0000000000000077]
[  400.930293][T10573] CPU: 0 UID: 0 PID: 10573 Comm: syz.4.873 Not tainted 6.15.0-rc5-syzkaller-00032-g0d8d44db295c #0 PREEMPT(full) 
[  400.943517][T10573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  400.954598][T10573] RIP: 0010:__mutex_lock+0x14f/0xb90
[  400.960458][T10573] Code: d0 7c 08 84 d2 0f 85 ab 07 00 00 8b 35 9a f9 47 0f 85 f6 75 29 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 60 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 93 07 00 00 48 3b 5b 60 0f 85 e0 01 00 00 bf 01
[  400.982054][T10573] RSP: 0018:ffffc9000b44fa80 EFLAGS: 00010202
[  400.988743][T10573] RAX: dffffc0000000000 RBX: 0000000000000010 RCX: 1ffffffff35654bc
[  400.997520][T10573] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000070
[  401.006295][T10573] RBP: ffffc9000b44fbc0 R08: ffffffff8a75c137 R09: ffffed100fe908d0
[  401.015070][T10573] R10: ffffc9000b44fbe0 R11: 0000000000000000 R12: dffffc0000000000
[  401.023845][T10573] R13: ffffc9000b44fb00 R14: 0000000000000000 R15: 1ffff92001689f5a
[  401.032625][T10573] FS:  00007f080db946c0(0000) GS:ffff8881249ec000(0000) knlGS:0000000000000000
[  401.042468][T10573] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  401.049733][T10573] CR2: 0000001b31206ff8 CR3: 0000000069a6e000 CR4: 00000000003526f0
[  401.058515][T10573] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  401.067290][T10573] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  401.076064][T10573] Call Trace:
[  401.079678][T10573]  <TASK>
[  401.082911][T10573]  ? trace_kmem_cache_alloc+0x28/0xc0
[  401.088851][T10573]  ? kmem_cache_alloc_node_noprof+0x225/0x3b0
[  401.095541][T10573]  ? hci_devcd_register+0x47/0x170
[  401.101185][T10573]  ? __pfx___mutex_lock+0x10/0x10
[  401.106738][T10573]  ? __asan_memset+0x23/0x50
[  401.111837][T10573]  ? __build_skb_around+0x278/0x3b0
[  401.117592][T10573]  ? __alloc_skb+0x200/0x380
[  401.122657][T10573]  ? __pfx___alloc_skb+0x10/0x10
[  401.128102][T10573]  ? __pfx_vhci_coredump_hdr+0x10/0x10
[  401.134135][T10573]  ? __pfx_vhci_coredump+0x10/0x10
[  401.139777][T10573]  ? hci_devcd_register+0x47/0x170
[  401.145418][T10573]  hci_devcd_register+0x47/0x170
[  401.150870][T10573]  force_devcd_write+0x16c/0x340
[  401.156321][T10573]  ? __pfx_force_devcd_write+0x10/0x10
[  401.162358][T10573]  full_proxy_write+0x13c/0x200
[  401.167716][T10573]  vfs_write+0x25c/0x1180
[  401.172496][T10573]  ? __pfx_full_proxy_write+0x10/0x10
[  401.178425][T10573]  ? __pfx___mutex_lock+0x10/0x10
[  401.183984][T10573]  ? __pfx_vfs_write+0x10/0x10
[  401.189239][T10573]  ? __fget_files+0x20e/0x3c0
[  401.194417][T10573]  ksys_write+0x12a/0x240
[  401.199199][T10573]  ? __pfx_ksys_write+0x10/0x10
[  401.204544][T10573]  ? rcu_is_watching+0x12/0xc0
[  401.209803][T10573]  do_syscall_64+0xcd/0x230
[  401.214784][T10573]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.221297][T10573] RIP: 0033:0x7f080cd8e969
[  401.226171][T10573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  401.247762][T10573] RSP: 002b:00007f080db94038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  401.257047][T10573] RAX: ffffffffffffffda RBX: 00007f080cfb5fa0 RCX: 00007f080cd8e969
[  401.265827][T10573] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000005
[  401.274604][T10573] RBP: 00007f080ce10ab1 R08: 0000000000000000 R09: 0000000000000000
[  401.283383][T10573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  401.292173][T10573] R13: 0000000000000000 R14: 00007f080cfb5fa0 R15: 00007ffdc9393668
[  401.300984][T10573]  </TASK>
[  401.304312][T10573] Modules linked in:
[  401.309635][T10573] ---[ end trace 0000000000000000 ]---
[  401.384302][T10573] RIP: 0010:__mutex_lock+0x14f/0xb90
[  401.398730][T10573] Code: d0 7c 08 84 d2 0f 85 ab 07 00 00 8b 35 9a f9 47 0f 85 f6 75 29 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 60 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 93 07 00 00 48 3b 5b 60 0f 85 e0 01 00 00 bf 01
[  401.426225][T10573] RSP: 0018:ffffc9000b44fa80 EFLAGS: 00010202
[  401.433263][T10573] RAX: dffffc0000000000 RBX: 0000000000000010 RCX: 1ffffffff35654bc
[  401.450544][T10573] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000070
[  401.463623][T10573] RBP: ffffc9000b44fbc0 R08: ffffffff8a75c137 R09: ffffed100fe908d0
[  401.519255][T10573] R10: ffffc9000b44fbe0 R11: 0000000000000000 R12: dffffc0000000000
[  401.547068][T10573] R13: ffffc9000b44fb00 R14: 0000000000000000 R15: 1ffff92001689f5a
[  401.556110][T10573] FS:  00007f080db946c0(0000) GS:ffff8881249ec000(0000) knlGS:0000000000000000
[  401.582240][T10573] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  401.596779][T10573] CR2: 000056272dc5f950 CR3: 0000000069a6e000 CR4: 00000000003526f0
[  401.607057][T10573] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  401.618325][T10573] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  401.630581][T10573] Kernel panic - not syncing: Fatal exception
[  401.637646][T10573] Kernel Offset: disabled
[  401.642409][T10573] Rebooting in 86400 seconds..