last executing test programs:

2m32.879854057s ago: executing program 1 (id=2360):
r0 = open(&(0x7f0000000000)='./file0\x00', 0x230402, 0x51)
r1 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000000080), r0)
sendmsg$auto_OVS_METER_CMD_SET(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x28, r1, 0x200, 0x70bd28, 0x25dfdbfc, {}, [@OVS_METER_ATTR_MAX_METERS={0x8, 0x7, 0x1}, @OVS_METER_ATTR_MAX_METERS={0x8}, @OVS_METER_ATTR_CLEAR={0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x8055}, 0x20000011)
mbind$auto(0x506, 0x6, 0x3, &(0x7f0000000180)=0xdaf, 0x7fffffff, 0x7)
r2 = openat$auto_proc_gid_map_operations_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/gid_map\x00', 0x400000, 0x0)
ioctl$auto_FS_IOC_SETFLAGS(r2, 0x40086602, r0)
r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'bond0\x00', <r4=>0x0})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'netpci0\x00', <r5=>0x0})
sendmsg$auto_ETHTOOL_MSG_MM_GET(r0, &(0x7f0000000400)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x90, r3, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@ETHTOOL_A_MM_HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x400}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xa}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_MM_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}]}, 0x90}, 0x1, 0x0, 0x0, 0x4004001}, 0x4048090)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000440), r0)
openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000480)='/dev/mtd0ro\x00', 0x20080, 0x0)
ioctl$auto__ctl_fops_dm_ioctl(r0, 0x2, &(0x7f00000004c0)="384c2611ea918d38af05d27d6e62574cd747dff8c3a5bfd889883efbfc45619169f065f6c084c300d51a1b1adb09cf5d7fee521bdf824143")
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/platform/vhci_hcd.5/usb20/dev\x00', 0x1a1001, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000580)={'veth0_to_bridge\x00', <r7=>0x0})
sendmsg$auto_ETHTOOL_MSG_PSE_GET(r0, &(0x7f0000000740)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000700)={&(0x7f00000005c0)={0x120, r3, 0x4, 0x70bd28, 0x25dfdbfd, {}, [@ETHTOOL_A_PSE_HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0x3}, @ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0x80}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_macvtap\x00'}]}, @ETHTOOL_A_PSE_HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0x7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macsec0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan1\x00'}]}, @ETHTOOL_A_PSE_HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xfffffff9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'caif0\x00'}, @ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0x10001}]}, @ETHTOOL_A_PSE_HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0xfffffff7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg0\x00'}, @ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0x4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_team\x00'}]}]}, 0x120}, 0x1, 0x0, 0x0, 0x20000000}, 0x800)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_SMC_NETLINK_GET_LGR_SMCR(r8, &(0x7f0000000900)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000008c0)={&(0x7f00000007c0)={0xcc, 0x0, 0x0, 0x70bd27, 0x25dfdbfc, {}, "3cff285baf145f9ac581b7a683971c0d8ef0c317132f0041bdc2ac06977bbda8bfaf2a2ff9ff8973f52ed4e8b4df0cf57698d1d72c91c239c52853299c54584c0963e2fd6fb5294221407746f49b43d7eb9b2872bc2dbfbc990b5736970356c0e55613fcb4a1b4d7bad41e324037223b707ac1d37819f12524c7ff55251945fcfa03aa6204447c4c2b220a325758aa3f0ff33931907b12c7ce4639e42344b8ffab1efbb67f7614262199ae5ab9a7869692ff7b3fb3"}, 0xcc}, 0x1, 0x0, 0x0, 0x40000d1}, 0x801)
openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000940)='/dev/fuse\x00', 0x6000, 0x0)
setsockopt$auto(r0, 0x26e, 0x1, &(0x7f0000000980)='/sys/devices/platform/vhci_hcd.5/usb20/dev\x00', 0x200)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f00000009c0)={'pimreg\x00', <r9=>0x0})
r10 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000a40), r8)
sendmsg$auto_WG_CMD_SET_DEVICE(r8, &(0x7f0000000d00)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000a80)={0x22c, r10, 0x800, 0x70bd27, 0x25dfdbff, {}, [@WGDEVICE_A_FLAGS={0x8, 0x5, 0x8}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x40}, @WGDEVICE_A_PRIVATE_KEY={0xd8, 0x3, "1d6556be0cfbd80ef10e1c879216e99a2dad599ecf6b4f80dfcfe69c552954ea54a37a6d26ea446d09d26858c6eb134815cd380a7e9186b08551a49b58a3fff6e99ebbe7e27b8aa9fb820d1cbc1b4f3192ed054eef8ad52cd0013af843443297f1fac95bfe6850bb7cfb76722f7ebd6c584e6f203c45a17dd98ed96b3150c4d12366eee4a94312bd0cca8efa14d86469714f559673b44363793406b8b73e70639b9d825d768f1040d595c1deb43f73bb09241650ed7339b3b2f839a676fc671914659f5d4c22d19fc0dc4daeb6ee344c2c818252"}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x8e0}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r9}, @WGDEVICE_A_PUBLIC_KEY={0xfa, 0x4, "a086e27d87b8e9696b24896335a0451f1a2e082b99fc4d34835978e88124fdd17cb5ba883920081b11050c186f166239aac5e1e751b7fc785e8eee7d3e7e3fcec573f3a75006421d81080d53c05bc2d34e567d21d9f80dd25b143d0b4e2035bf3da360e0bdf736afd094d6244fc52d3d702afa50eea37953ea6869f9964620e3a0fb625465de00bbef7baadf778ba5c7ca7b5595b60a1e547df81e0a0b0789329ca9ef30b9c249050f3af9fe18cb09fc1c0a4642dfb8e76da33e747dc984ac12f28ebaf89fb8724426c593645e54ccb87d3ad3b881e98a7c0e0881f1674968853347a79168a8fa981bf552938f320bc0254a689ea8c2"}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'ip6_vti0\x00'}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0xf}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e22}]}, 0x22c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
shmctl$auto_SHM_LOCK(0x0, 0xb, &(0x7f0000000ec0)={{0x5fe2ef00, <r11=>0xee00, 0xee01, 0x7, 0x4, 0xf83a, 0xb3de}, 0x3, 0x7fffffff, 0x7fffffff, 0xfffffffffffffff4, @inferred, @inferred=<r12=>0x0, 0x0, 0x0, &(0x7f0000000d80)="6d9a921ccf6cac987581a6de97af16f4d21a1d6ec2aa7858953f8454b46eb765afd2b5ebdee6ace188cabcb876bd76a4fcb2496a7e788eebe1e58abbab8d99ba1c1f1a30abdd14ca96d68b2f46d4d84ac44470a1f5b089ff1eebf05adc05c2de130ba7164dbe3537b0b2dff96a414f94d84bdef259f21ef86abec8a91087b1051a14cd8fafc7e2565d3cf60b5e29af07a82f4c2658a52cf85b56a3beb11db0326303bac8d351ddf48b71adf814a5459259a4153d6f90b191a7f5db0938", &(0x7f0000000e40)="97668e2194e8d10717dbc748abed369c2c1f1ca798fe3e066dee54bc8d126d5f8435cd1c57bc6cce7452d16da63acde24f19ba817390f9e108203f44c061f8ea61b13c69cafb5465b516034bce5c62fafa8dead8e6da6c7e60e043660f4abe7d4dbc791de22e6f5a0f7cef90af2f9bc95ddba74fa4f487ac9c"})
sendmsg$auto_NL802154_CMD_SET_PAN_ID(r0, &(0x7f0000002380)={&(0x7f0000000d40)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000002340)={&(0x7f0000000f40)={0x13f8, 0x0, 0x20, 0x70bd2d, 0x25dfdbfe, {}, [@NL802154_ATTR_SEC_OUT_LEVEL={0x8, 0x2a, 0x6d9}, @NL802154_ATTR_CCA_MODE={0x8, 0xc, 0x8c}, @NL802154_ATTR_WPAN_PHY_CAPS={0x13d4, 0x18, 0x0, 0x1, [@nested={0xe4, 0x30, 0x0, 0x1, [@typed={0x14, 0x140, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @local}}, @generic="abda1fd540cf7d3e53bd9d11b347cde5696b27cd37c7a702c4bfadaf962359502bdbe65ba576f87def08a8c6ef6bae2753eab2c6de06205f6c8ceb1e1af887f236174419b02ab2d6d5657892e0aa7b434937f4162ba1c3e332ecb3cd7409fe1fb7ad465a55bcccd3daa457552d12c94504b35bf7a30e70805fc3e2e4c87f7468aee1d2af7bdbbb2d148f1e83e4fd744d351fd77f1eaa0d90523432656db6862484d95396fc9f955c56ecce2a7e9852d9d8a69a3f2fe89fc663ebeca9997d4171", @typed={0x8, 0x119, 0x0, 0x0, @uid=r11}, @nested={0x4, 0x117}]}, @nested={0x16d, 0xcb, 0x0, 0x1, [@generic="962370f5741219d5663aeb04ec8827a28ea87efd081d0aa7072360189ae0df82bba51363497af8e3adc639f2a348cc3eb53cd6e677df27768ae2362de1d641e21fcd4bc754d28a2c2b36a9ceb2b6bf9f5a8a0b9aaee27a279704b4acd1f85f11b4a27c5b8cdd4a869faee4757bf86b78285c394a0ee866baf81993d0b301bde7f1b949071a9be3b31bfe10aee21a67fda72e87723f85aa7ce71c376d022637e21466c737e86527216a9b75f54d98bfeade0f67576418b3e3abd4f0def17f0f3c68168847c3d98ef2cbee7d4899eb55947716495dda9b05f3c9bc2868068c2d736748dfddf3f6c602b4038ff65e66ddd8", @generic="32c95b45fb218510fa04461594714883f23307e91ae68dae14e377ebc55d42bce6761bf1b1847c2fbd1e09f6ea4c0701143d8c71bf16be890fea4fccbd6968869c2d06326ea1236b35a5ecb34ab64428b7cc019ad303249d534cfb06edbf3397e29de002d0", @typed={0x8, 0xd, 0x0, 0x0, @ipv4=@multicast1}, @nested={0x4, 0x14a}, @nested={0x4, 0x148}, @nested={0x4, 0xa3}]}, @typed={0x8, 0x33, 0x0, 0x0, @fd=r6}, @typed={0x4, 0xe0}, @generic="34f25a52a8965e3bc6b02ece9a62d52f7a8fa00e4c3f22ecd8246c566d1314f70d702e640f0b847b28671a9d64418354d37e8337b19628186028415d3522e3eadf36bd31ae619c01d09752a9b1dfda6dd1c32686720d1ba7f30be6c2376e1010e9d6fd99f67ed5457ce0883bfebc5dc532dba39c2adc2b3b7001caeb363bec245aa6167d03cd3ca15adf1b64b63af4c0451504d3d31f16d69625781653b6a2aab44ded0c1fa4c36dc3aa6d812242ec9c1030280cf4b7b5680bec086df63ac4e65dcee191479047437b8d727da897fcc953e34d22a7064f857b01e2e6058d97a001412dcc832f4e1d5977d800832663af3afa9a6479ce3dd2778798b86f9dce9c4aad6dd5c5430adb604e441f92d0cea3adb14de72ff31cfeeaab26a9c705dbfe8bb4d9aff7b3f91a056cf51f572afb05b0577749fff2bf9f7a3816fdb8cb3f2b825bf1c3bd5c131034989643846d04f850a66ea597d682079c468ca04170cab87d391a8a9f26f0c67ce3ead84247aa7927721ec1728471a134fa2922265351d5db7b397d382fd0f4f8986ad07764ae546d39840a74c9d0f0a4e9d67acb9412d6ddab48cd2f191b385ba7207d5d684b13f23740211309bea9fa71be51f90e0749decd169f28e5683ae53aa92676ed2511ee5ee21f1db8505d02049c5dcd74556532da807b29da74f0a8e63788d3b8d74ee429f8f9ce1d025241f6ca25fb8a1322e3d2dc38447b9e3ed6f8f5abdac7521e7fd4d7f374019a38364315fc99a17e9d8d86de5b5307a9e4ed2d68e702b2ca4544df58e2868a2a3bc52419d9a0e897aad9c0febb5aa7339d6a80f1f42df98be2fea93ebaa501b8aca882330600727939eaabf8163cf51149b8ca14260317a045481e4867cac112c9ebe83a58eb563eb8ea56d62dcdf7009a084f978d63aaa825535fb3eb136048311d39f6a0f25b4e8e8a2a6b336b11caa087f793875aa501e4990432badb4ac10e43426958eb6e7934eaf0d136a0e84f3b8a82acbd0e57d43925816a407c5321d83cb025e06263127fb805dce5ec5a59aa3c1e695397c1349a7b36ad549b40b00a1521fd8a3e76638b9cd235189d918bc5fcaf78ed67e82624530cdfd1f0f9e4a92ade66ece59faeafec61661f84bc4515c5a9c0be94956bd180dba98561a28c25e6d0136e749a53cb8672acdb11d4a784b29d249dff0398d1a5742577899779ab2403386192fc95d6906c7e04fdb0dc19faeca2c6d7ce1526ea3892280958f3fbf4de73dc2cde152bf922cd3f1bc3dc1835e0079282e65cef10619fd61f8c967ad31f4d5059a3d52b804422704726717cc9b37d7a0ef7539f34f8d00209ee1967e61498d5f8245e7e1db48ed1e1cc113df22e1aac9f95e7a1a608b143bb11898335b3a4d311602cb0b55effa2704c481971a7809d4411b77fb93d0f50aebd4afe94139834e7aa981246c304dc6db6780bb2369e5af38a8955c3dcf348215c3b8536bb0072fb6f3105f169ab07b75834cae4d405ddda0ab19c0ece8084d8d419471a62068e33e9fa9dab0056d25fd692350b1d58e7274ce937f57f6b7af91426e97b7dc3202713267ca382ac69f328d650a41aae1328e51a15ab6860f30597e8135c10e93b67566ca3adc994e52fb33de0295dc5768ef624590b510454c946ffa13d4fbaa87a199135b00e1cf97d532a01fbc4137a49e585d4d4bffec87200d319fffcba7ded87303e4b2d0f0df71b37d131fb3b9bec9869a79c651b5892f496fc252c860602de4ed1f77c367e3bbbab92d2cd41087db9857f0f69491203b87d6553674772f9939f41aa25707b62795ed2f6279af2dae98e3117787edf272ec4bc4e1c8e89c96cbf7446941394317097c508e3780fc9cfa956875caa285ad831707a0ab46840ec8a69a1eab46dde327f566583b69e50678475d35954f2120fe1a85609a8975d8ad8850a2b97090b84d92398f46a2a084d37798982539d63d7d1002f0a0794b2d79407771187e5af4aadaebc1dcf7dd1d227ed7f564ef688bcd823b13ccb3a11e1c2abcbb72c162871cab13f61edb9ac13eb37a9d586a691f6fe4e043326a676dfbc154153c3fb794f19ce05a2c2924c03ad1b76dd561966ea172cb0a5d7677a01c363c96aa5371c6e0ccbdd2dbe09ed5ece5e339752560bd2367eb1201d9aab52e506c432da913974354619d0e2566a4c32d33a7b2779697be045e68efc93173968ace5a5495fac386cb6ea69c82e1fb10d667df8d8cea6bbf4cd79acb6896ff57f5fb586fe1b74a2f2a218faa7f879f76c44a6b13a632b28301369feb89d48e87aca39d736c2a88b1b93def4649b21e7e09b61fe74b965460910df986665993a5329e3358a0bf597a1b6d434e7e19f6373a3d6f8955fbac992c810c2ab0267cb70d3eed629aecc1af1e3410924f286fa19b82b3732262a4f5a462f028214cdd28f8fb9563e79ce6746a369b3464e8b91f4677da147c993616276dfefdd2ae8b9a75ae40ac385cca3cb4089761c665e9f5bcfb5cebe6e7d1b10491b98d639237f947e6c5090d0a935d33143c59a677f3126bac5c3fb4c920d8d3443d44ecfdd9a8b7d0149891f95a14d1240212ae82b81e1051201fedc53423591e3716fca0c6d8205e3b377138a514dc79bbab53343f5758ec8fe9902d4f208460a5f6da08b18381769172c9ddc89fa273a04f09387d7199242b8b75df16c4769af6d7e2d08e15c262f7592a52afd0c12f458a82f344391da858e5de4e326081bc0889c27cd29cd158d8a667392391ff84bc661fc6aec41442d43c83cbeadc347ede9a0827d5e8024e3c2403daa0473f23a992d8b62044c18120df3a150a06875ae7047f92520996c780587f614410f1e93ae6caffd10a626b133004b42a4c77d7d55b02d48214a2787e2e4e7e048cd50ab0852824c0eb63e54f3f622c6a884d865696c11463b46670d89bf749babdb93d606679bd38bb6015b5762ef0aaccdfdb71889a5eaefe4ab6fb7391a4a600e13bfa17b5c29daccb69c350a83e6c0d0ffe7b854618628fb3ac1a290d27609382216ecb5d7edbeec739390919618bdcee1b6379708cdef84ff378c1863965d2332d2789b9dde1647d91f084338611eca85beaae21725b4a2476184a9d187d6c920166881151e396d74c6c8ed919cc34d88f60464a9e4e5b77b1c630570c7da41a23c5184c2695dfae222577ca684b415538ba1ffc7c6b62d304d9c18e939f2563caa9551e65c99c36f640e6441bfa60920e13eb0d47b6de494fddae2cd6633880886a148372862d9755eb9080f373a8ffc532e1d1f55dc9d6f94936cc58a0d4ced8cacb8f7a33ba2c409545253d6fd22ba82b43150547ae59a0c1fdd2e93d6ec5673d47ee84445bf99792e26b6365baa29ab95da9edbbe5939072d05b3b9b9f114c58120d492ace3c1fdbcef22e0043e7cf765bc9372783cedbc1cb0263766cf0f03e020c289aef4960136686ba6ccef06a34243a80b611b2a8d961ccd8aafe5653f74de250c9a426a45fa867ec3901cd38083090c2e5751d68bf365ca1a97ea878ce798eb81fe77fa33d3c1f7dd0e44f10fba7e8ca3c6832957b4fda6a391c609ab33d0340a5790b3beab81fc10410d17c547bd1f102aaf50f9ca81f67bdf9f55e6433b1ac1bcb111d7c516a07a297a75f12724c595a986bc389ff7b213ab2cc99680b97f23a2f5b07c8835bd65f283fa5ed4a5de183ca71bc9914b6694e61cb568ef632e60faa197ce0d6b1fd25a5369ac2402c7098f6d467b5e1506ff03ab5532fd1727ad91fcad2cfd4fcc5c3d92577e32936610d814f04abc318acebb9815835e008f1e287a97441f0bbad2046387278c850ab26d59644e3a51b3ccb4e0aea81e9f6c82d817b760971a028d5aaecc1e93d5644e07d4040dd6cdfd88fcb333bf365bf7cb1acae4671d8a7e87e878a0bf24ef65db05feae864b37585501401669ab585da2eb9fa3329bec5ec46d1685b48d4af5e8ac9ef138687d09d2d9622480465ddc597e9e7618e75b1ebac868955a4bec1fff7838cd75dd36dd7abcccb7c776ea8d22908ba814b5457c6629feb76b95477f3551d2434c95716eafbc2f2d90b0bb0278dbab0b292ed30b0d9e06fef419c4df9c448e9e71b0dad2525b63da0bf45c2a29e204cbff836e4d418e00ff844f1c6c034b01904099c2dadaa82b1e03362936a1b39c1e459c0f0788f0761bcab4ae540a04c286b6224e9e90bf5bd75ca674ca507107d39275f1870e76dd8b4383bd7b2adb111ee4664bd3bc7f6f744e3e68671131c8d2c0fcf8ad02c679aa987cc9cd70070887001743c1e457f77c80dfe67814cf9cffe5eeb7de244408e459ac5364bebe152d394e68770daad355f992b357902b16e4ecbfe64199eeace2a889538b34aa542a6a7db176b5a450f57df2366e1d76726ba136d514ecbeaddb7146038e53a6bae35d125be80d2c32a9eb3bca51d7c60491eece9181b0bdd3f4744dcfcb2d272ba5d6ab254eeaacf4ed412f34859b4e566664885054fccdd055012fbaf1d4b09f3d6bf63682f86d58967f3dcf400ff8fb7e19765628cc5da289f3a915417248ce65b09103a4eda5a5df0b2ee30f4fab9b9193224120f9e42907fc5e6d7e59bdb78332a77bf08bbacc0f895baa6a0c27893d1c3432a8104ed7eda6e2a478402622138ef186c6699bdcfd09990ce8f5eb9e4da70bd216c647df1f0906e998e66e34ea3a36a2839204f3b103f819d63cd67675c45450f6d1bc76f1e9cff7025f652f24bab9bd6e3e4d216c1803801ea6ff8ebc47f4fb395f2e440f196c5811731b25f8b6d98f2a152cd51687caa3a679f349ec7e4a711f5623b2e6373531b2fe76b83dfa6bd7645b12e2533bd22a2849cc9e448c31c9df1753414f382e4e34fdd41ccb449a66cb10c88497ccecbddc825f58b4f2b1729dabf625c32cc7bd0591e13c47138ae406e4fb8a3339aeab8d1d1e54f894839c1043f4a39af8cf0d7f54de490d416ef4937c5cbe35fc588897615d89b606a0f4bc7f8bb9505fa6c8aeb50eb7cad6df0e0c503c6dda24d018462bdc4568af9df90fb7dfb6a7b1b8ee16ecb871556ff5a962d5211f3bc57ed0390aed41c65f2bbeb0fa70903634c07344b24df55bdb10270c764131c530513608332837f020b367bf35b7f7bae8e2d1f126ae868fd38bb5df9157aac5efffe56ce10f1b0be76eb7b36f1e102ec3da2f62648e20833ae6c17fca2979ab79ea8dc2de145ba4fce0ac715207f58add8f5d5ed39ef608c23ea87f836748bf416f9c6caa6f3fbd0219ae528abea3f6ddcf7a11833c42b5c64e9a7fc9dd9f10fff71994cc96722a15a50c95c4b7f0ff80097ad8b549c32aa3b9d287bc37e1e5c92d54a9cdaa44ad9692c2f0614cb2c064b64a5d47019bf4ad3d22ed2ad822398e2ee7d7a7b08dd1402d07db6af3c6608339128b8ff942f5f9b242e7b45dbfc1d594c83dc288490578b016a247ff291b9933fc29f6c170736edb1c496bc7801a92de2a806b3b8b128f0eb8385b4d2ed8a7d5ca762f563bc6e2a77ad05a12b40153f5cac7dcc4fb2e9aa5a17b277076b3ccd998cbdb15fa55418af14ab862cf1427dcb16b38da03e5d78bdd923b411b637a70ecec280d38155eb94feabe74730e8e5ead035d625a3efcbe7707adc877612b9a811088d068f6979143c47e5fd42bc08175f305cd28c100386df0a37bc4d74631a9170a84d46c96ed0967a8a60b2bd2ab32c3a4538d505c6d98e9dafe861a131861527de9768848fc5dd3b8e5e47eac2293ccbc9fb58ea520dacde3509b4f004b3379b8e3f8a1", @typed={0x4, 0xae}, @generic="96c385db58f7b891e3141c1c0c968b746c4492ff0534267322ca5d878078771463989cd52518dfc05a8ddf8f230562f19e1a0974c82753a8c01bf55374bfeb63dbb631b011b966b9420bb7804e1a6a234408779d47ac3c329d12a3b91cdc5a81003becba499903d49a2063b92e35dff5fe9753d46d064bb5", @generic="1560fe59c9c67985a2b62f5cf05f4fd4b1e4f12ec9b29e095e588e6661100762", @nested={0xd4, 0xb8, 0x0, 0x1, [@nested={0x4, 0x121}, @typed={0x8, 0xbc, 0x0, 0x0, @fd=r0}, @generic="2f0905629b5c508e04ec1b5122bdc889b0850cc2bda778a2f74ee7925cdbc14d27341708ff557cdc40a0a4ab83609a461adfff0f2b0d0d4668baf8a4c7f4a70989087d786d0e958f4a1d7fbcbd3dc0e5e68ce1c760ba2c1d375da5deb1c599ddbe7f115e237425b43650c374f85ea60da73134901cf4468ff97a85fc3a29ab8cba4cabef9669b99da6c36b8e70d38ffa827fcd40ca54921b39e74f76c662456f2ec709642a904a369d49a6b33a632be2fe1b8c9e4440c5edae36", @generic="45ae", @typed={0x8, 0x7, 0x0, 0x0, @uid=0xee01}]}]}]}, 0x13f8}, 0x1, 0x0, 0x0, 0x4c004}, 0x20000000)
r13 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000002400), r8)
sendmsg$auto_SEG6_CMD_GET_TUNSRC(r8, &(0x7f0000002500)={&(0x7f00000023c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000024c0)={&(0x7f0000002440)={0x4c, r13, 0x8, 0x70bd27, 0x25dfdbfb, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0x5}, @SEG6_ATTR_SECRETLEN={0x5}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x3}, @SEG6_ATTR_SECRET={0xe, 0x4, "cb3de902287a0a168bc2"}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x2}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4040000}, 0x20)
unshare$auto(0x5)
prctl$auto(0xffffd676, 0x0, r12, 0x8, 0x3b2)
socketpair$auto(0xd, 0x8000, 0x8000, &(0x7f0000002540)=0x8)

2m32.366340429s ago: executing program 1 (id=2363):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/vidtv.0/i2c-0/dvb/dvb0.dvr0/uevent\x00', 0x183800, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000003c0)=""/134, 0x86)
r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0)
close_range$auto(r1, r1, 0x95b)
write$auto(0xffffffffffffffff, 0x0, 0xc9c8)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/module/batman_adv/parameters/routing_algo\x00', 0x8182, 0x0)
mmap$auto(0x1, 0x2000e, 0x76d, 0x16, 0xffffffffffffffff, 0x8002)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r3, 0x0, 0x20)
write$auto(r2, 0x0, 0xffc)
r4 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000240), 0x6b6a48598e8c3e56, 0x0)
writev$auto(r4, &(0x7f0000002bc0)={0x0, 0x7}, 0x7)
flock$auto(r1, 0x400)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x3, 0x6, 0x0, 0x10000, 0x1, 0x2, {0x2100000000, 0x10000}, 0x3, 0x6, 0xffffffffffffffdd, 0x1008000, 0x0, 0x80000004, 0x83, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x1800})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
adjtimex$auto(&(0x7f00000000c0)={0x9, 0x0, 0x867b, 0x4, 0x4, 0x8000000000000000, 0xffff8000, 0x0, 0x6, 0xefee, 0xb, {0x7, 0x8}, 0xffffffffffffffff, 0x200000001, 0x2, 0x4, 0x0, 0x2, 0x0, 0x755, 0xe, 0x4, 0x514})
r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r5, 0x0, 0x100000a3d9)
mmap$auto(0x0, 0x1, 0x4000000000df, 0x40eb1, 0xffffffffffffffff, 0x300000000000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
pwrite64$auto(0xc8, &(0x7f0000001880)='S\x00', 0xe, 0x3)
r6 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0)
ioctl$auto_PROCMAP_QUERY(r6, 0xc0686611, 0x0)
mmap$auto(0x0, 0x200, 0x100000000df, 0x9b70, r5, 0xfffffffffffffffc)
r7 = socket(0xa, 0x1, 0x84)
getsockopt$auto(r7, 0x84, 0x0, 0x0, 0x0)
r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/virtual/net/bond0/bonding/mode\x00', 0x181002, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r8, &(0x7f0000001300)=""/4099, 0x1003)

2m32.008289582s ago: executing program 1 (id=2364):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x25, 0x1, 0x3)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x2, 0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
fanotify_init$auto(0x5, 0x2000000000002)
socket(0x2, 0x801, 0x100)
connect$auto(0x3, &(0x7f00000000c0), 0x55)
getsockopt$auto(r0, 0x6, 0x23, 0x0, &(0x7f0000000100)=0x38)

2m31.745990607s ago: executing program 1 (id=2365):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, 0x0, 0x1a1382, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
recvmmsg$auto(0x4, 0x0, 0xffffffff, 0x3f00, 0x0)
sendmsg$auto_NETDEV_CMD_NAPI_GET(0xffffffffffffffff, 0x0, 0x0)
socket(0x11, 0x3, 0x2)
r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/lockdep\x00', 0x10b402, 0x0)
pread64$auto(r0, &(0x7f0000000000)='/proc/NesH\x1fk\xdd\x00\x00\x00\x00\x88\x00\x00\x00\x00\x00:\x19\xf4\xe2\xb7:\x81\xf8\xedl\x9d\x9a\'\xf8D,\xc0x\x1d\xf5JE\xcd7\xc3^\xbc2\xc7\xbf\xe5\x7f\xb93 \xcd${!\x9a`\x96\x86\x96D|\xf0H\x8c\x05:\xae\xa6\x88x\t\x18\x8b\xec\xd7\xe8<cd+o\xcf\x00\x95\xd5f\xfb\x14\xd4\x96\xe9?|\xc6\xb9\x95q\xe0\x1eMC\x88l\xc6\"\xa6\xdc#\x9b\x96U\x0e\xbb\xa0\xa4\x9f\xee\x106\'\xcb\xc7<\x0e\xbb\xd0(\x9b^z;\x81\xff\x8a-\x99\xa7`O\x06T\xa2\xd8&U?\xc9\xed\xce{\xd2\xbf\x04\x15\x92Z\xce\x83B', 0x8100000041, 0x413e)
pread64$auto(0xffffffffffffffff, 0x0, 0x40000000f42c, 0x2)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptyw5\x00', 0x0, 0x0)
unshare$auto(0x40000080)
socket(0xa, 0x3, 0x3a)
r1 = socket(0xa, 0x2, 0x3a)
r2 = socket(0x10, 0x2, 0x15)
syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETFAMILY(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYRES16=r1, @ANYBLOB], 0x14}, 0x1, 0x0, 0x0, 0x24040080}, 0x40805)
mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0)
prctl$auto(0x41555856, 0x4, 0x2008, 0x0, 0x0)
ioctl$auto(0x3, 0x890b, 0x38)

2m30.777077016s ago: executing program 1 (id=2369):
socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
r0 = socket(0x18, 0x6, 0x0)
ioperm$auto(0x7, 0x6, 0xffffffff)
close_range$auto(0x2, 0x8, 0x0)
memfd_create$auto(0x0, 0xe)
r1 = socket(0x2, 0x1, 0x106)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f00000000c0), 0x12, 0x0, 0x9, 0x0, 0x4, 0xb}, 0x800009}, 0x5, 0x20000000)
write$auto(0x3, 0x0, 0xfdf3)
recvfrom$auto(r1, 0x0, 0x8000000012, 0x4be0, 0x0, 0xfffffffffffffffd)
mincore$auto(0x1000, 0x8001, 0x0)
setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8)
bind$auto(0x3, &(0x7f0000000040)=@phonet={0x23, 0x82, 0x5, 0x7}, 0x1)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)

2m30.456554741s ago: executing program 1 (id=2370):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b7f, 0x2, 0xb6b9)
r0 = socket(0x2, 0x1, 0x0)
getsockopt$auto(0xffffffffffffffff, 0x1, 0x8001, 0xffffffffffffffff, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
write$auto(0x3, 0x0, 0xfffffdef)
mbind$auto(0x9, 0x84, 0x4, 0x0, 0x80000000, 0x7f)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x11, 0x402, 0x300000000000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x687bcbd, 0x8, 0x0)
shutdown$auto(0x200000003, 0x2)
sysfs$auto(0x2, 0x1b, 0x0)
r1 = openat$auto_bsg_fops_bsg(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bsg/1:0:0:0\x00', 0x301100, 0x0)
write$auto_tracing_mark_fops_trace(0xffffffffffffffff, 0x0, 0x1f00)
close_range$auto(0x2, 0x8000, 0x10000000)
socket(0xa, 0x2, 0x88)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000003fc0)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20a02, 0x0)
write$auto(r1, 0x0, 0x100082)
socket(0x5, 0x1, 0x1)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
socket(0x10, 0x2, 0x4)
mmap$auto(0x0, 0x1000000000005, 0x7ff, 0x40eb2, r1, 0x300000000000)
r2 = socket(0x1e, 0x4, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
futex$auto(0x0, 0x85, 0x10005, 0x0, 0x0, 0x10000007)
get_robust_list$auto(0x0, 0x0, 0x0)
setsockopt$auto(r2, 0x10f, 0x87, 0x0, 0x14)
read$auto(0x4, 0x0, 0xfdef)
socket(0x1e, 0x4, 0x0)

2m15.308306861s ago: executing program 32 (id=2370):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b7f, 0x2, 0xb6b9)
r0 = socket(0x2, 0x1, 0x0)
getsockopt$auto(0xffffffffffffffff, 0x1, 0x8001, 0xffffffffffffffff, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
write$auto(0x3, 0x0, 0xfffffdef)
mbind$auto(0x9, 0x84, 0x4, 0x0, 0x80000000, 0x7f)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x11, 0x402, 0x300000000000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x687bcbd, 0x8, 0x0)
shutdown$auto(0x200000003, 0x2)
sysfs$auto(0x2, 0x1b, 0x0)
r1 = openat$auto_bsg_fops_bsg(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bsg/1:0:0:0\x00', 0x301100, 0x0)
write$auto_tracing_mark_fops_trace(0xffffffffffffffff, 0x0, 0x1f00)
close_range$auto(0x2, 0x8000, 0x10000000)
socket(0xa, 0x2, 0x88)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000003fc0)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20a02, 0x0)
write$auto(r1, 0x0, 0x100082)
socket(0x5, 0x1, 0x1)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
socket(0x10, 0x2, 0x4)
mmap$auto(0x0, 0x1000000000005, 0x7ff, 0x40eb2, r1, 0x300000000000)
r2 = socket(0x1e, 0x4, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
futex$auto(0x0, 0x85, 0x10005, 0x0, 0x0, 0x10000007)
get_robust_list$auto(0x0, 0x0, 0x0)
setsockopt$auto(r2, 0x10f, 0x87, 0x0, 0x14)
read$auto(0x4, 0x0, 0xfdef)
socket(0x1e, 0x4, 0x0)

37.047683738s ago: executing program 3 (id=2683):
set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x24c802, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0)
mmap$auto(0x0, 0x7fff, 0x3, 0xeb0, 0xfffffffffffffffa, 0x208000)
socket$nl_generic(0x10, 0x3, 0x10)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)
getsockopt$auto_SO_PRIORITY(r0, 0x8, 0xc, &(0x7f0000000040)='&$&^+@#*-{#:/-}\x00', &(0x7f00000000c0)=0x1)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/snd_aloop.0/sound/card1/pcmC1D0c/pcm_class\x00', 0x100, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000180)=""/89, 0x59)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
listmount$auto(&(0x7f0000000100)={0xba, @raw, 0xffffffffffffffff, 0xfffffffffffffff7}, 0x0, 0xf4240, 0x1)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
read$auto(0x3, 0x0, 0x9cd)
r3 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x143102, 0x0)
ioctl$auto(r3, 0x1275, r3)
io_uring_register$auto(0x2, 0x16, &(0x7f0000000040), 0x1)

34.923099851s ago: executing program 3 (id=2691):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x0, 0x100000000008000)
close_range$auto(0x2, 0x8000, 0x0)
r0 = io_uring_setup$auto(0x6, 0x0)
socket(0x10, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
userfaultfd$auto(0x1)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
socket(0xa, 0x801, 0x84)
socket(0xa, 0x3, 0x73)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1, 0x1, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0xa, 0x801, 0x84)
socket(0x2, 0x801, 0x106)
io_uring_setup$auto(0x6, 0x0)
socket(0xa, 0x2, 0x3a)
socket(0xa, 0x2, 0x88)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
ppoll$auto(&(0x7f0000000000)={r2, 0x40}, 0x2, 0x0, 0x0, 0x8)
ioctl$auto_SNDCTL_DSP_SYNC(r2, 0x5001, 0xfffffffffffffffc)
r3 = set_tid_address$auto(&(0x7f0000000140)=0x9)
bpf$auto(0x4, &(0x7f0000000000)=@task_fd_query={r3, r1, 0x5, 0xfff, 0xc, 0x101, r0, 0x1, 0x40000000}, 0xa3)
bpf$auto(0x3, &(0x7f0000000040)=@query={@target_ifindex, 0x4, 0x7, 0x9, 0x7f, @prog_cnt=0x4, 0x0, 0x80000000, 0xc, 0xb, 0x5}, 0x7)

34.309484238s ago: executing program 3 (id=2692):
r0 = socket(0x2, 0x1, 0x106)
setsockopt$auto(r0, 0x6, 0xd, &(0x7f0000000280)='lp\x00h\x85M\xdf\xdc\x83\x8a\xa7\xe4]U(\x01\t=\x1e\x00\x00', 0x4)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)
r1 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/renderD128\x00', 0x129800, 0x0)
ioctl$auto(r1, 0x9210641f, 0xd)
readv$auto(0x3, 0x0, 0x1)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
syz_genetlink_get_family_id$auto_seg6(0x0, r0)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8000, 0x3f00)
open(0x0, 0xa22c0, 0x155)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x2, 0x100)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)

33.979197424s ago: executing program 3 (id=2693):
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$auto(0x3, 0x8030ae7c, 0xffffffffffffffff)

33.655507397s ago: executing program 3 (id=2695):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x80440, 0x0)
ioctl$auto_I2C_TIMEOUT(r0, 0x702, 0x0)
fanotify_init$auto(0x5, 0x2)
r1 = io_uring_setup$auto(0x6, 0x0)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x169780, 0x0)
ioctl$auto_SG_GET_RESERVED_SIZE(r2, 0x4c00, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000280), r3)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000001280)={'macsec0\x00', <r5=>0x0})
accept4$auto(r1, &(0x7f00000012c0)=@xdp={0x2c, 0x6, r5, 0x24}, &(0x7f0000001300)=0x6, 0x101)
sendmsg$auto_NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x200042}, 0xc, &(0x7f00000002c0)={&(0x7f0000001fc0)=ANY=[@ANYBLOB="2c100000b1525abf90888fc5b75d3490298561022d98c115d5fe9313ec25a71ac59f618692c3700f7fa5dbc5b446fa305c4029a65a0bb0c701787082f442cd964919adc29583c7122aaa96ac5cd8d3c65e9b8ae3e6eec45819f3eafb0a57c110ed52b9bf6d94d06ac49060877f02c3dc26197d9e631c919ce04427e26c4faae5aff377eddd46b9a70e0df487660ee5df6a30a6f083cea0", @ANYRES16=r4, @ANYBLOB="00042abd7000fcdbdf25370000000400ec000410020124496fcd79d8de93ec2aed3fc537da2a0e904102c552159b4381682c05b4532c0bfb737cbe36bff9057028aaf4ef52e1d4d1fc0aa143dc87ef29750cbc460f8047320687f60552761aeb8115a7bf7d1319512f2f8809226beb98953b242e8b60119e8bae0b4c9e67141c0f638dacf4b541d5a4d603aef2282a8bbdcd58fb13e099b72995e2be845bfd65bfc814be3035f4bfbccd374a07248f37da43e9ec91cca1cf224dcf9c5bda47814505a0218bc471ac2e17ff5a1818384bb35b3babdc06e8b798eb0054ea13ba60bf40c8850fdacb88a46d2c766673dea495a3131ae18d7bd88d8fe5df97451228bd3d4b44e5077a04a34930d85ee12230ee116f31a6979f3285faf0eb1f3ad8e5a47f8a725e5b1dc2c4b4bfdb1b3b0aed330c884b99c9f0931c13d63465f37c78f200dc4e98f8216f62831c72bb05a88a13face4ff322a0b9533fd4a0c587b465d01442238ed22ea18f0a5cdbf657647293831a67c9b92aaef001b98f7a42def82355e741a994837b09e769bfc4db7bdf2b6d123512c6e1fbefeb4de1c582d5cd00940fb3334d41a8c113800c46cc7694c441264545efdb523b8b6182f0ced760071e2a4022bdffaefa4cb634b3d2a51f047412cdfbed5def486f4990dfaf0e9c2488de635f5cb479a3daef2789660fef6994efb0796ff96df485610c0ceb2b6ff422d7e5f51a218170f67d8be17de66c542c9bc590981976b448e2292f1e71a6785ef163504963631a29679851d9b9d38c63c29bd0d75f4ff84fced658e7880e168b7631651f42c95be1a7fef3d73d115d5f989f4dc8f242f535105f0e9f0085da84470609403fea63b4accf529b2ba853aab7f856b31c9d6e09e23b6fe28151b259baf592d8496cb1b653ce2bbec34625290a3b6eb58ff7f7c71d28b9ca4ba4891f5c6416e798de06902e2969b5ac4ad9bddb1f337b7f4730b718d28260b8f8aa6c00a3595f400b81c39484eedb676d9c2b4cb6a1345b8a5d0599549cc8eeb582912106823dc201c64b1d3cb90a3bcc697c84f144f913de0f8599748387cccfb87e5320e66e2eb53b2bcf69309b2306b2dd0e68b196e944ce3f93d96528fe2b72f44d268a0245488eb3a3fa4268692401b40acd693901fb4f1b7d51ac0b39781454e8d2769c6003bc25c6354a368b1db12aa557bee1f8d05941c03e430500fb4ea8a47da7c8cc968b250d6f4031d0ee974ab5ee9da873c4e553a0cc092b81cf28de1d16537375e0512ee5fe7779d0b45e3ba553bf836b658087eab8c2a736b5460177a2338f24f27b1439d82e62545f9e586f5087b7a0eb1ddb30f4b01e1a7c5f1ce069f1611d0f518d930e29e7d34c7bc5d3ca5d840d310c3b530fc6ccd48bc2836cf64a25b06471c6c45d3018a7192295c633cd6339b2ec132de3be8ed73c617930b83e86a2d4f28f91df40fa1c9110dec39910c1c069419daebf3707fc2a24dd1e3126b045e390847447ac0a4802a084c14914e7f18db7d84482aa51048eace0186a2a1eb3a4d63e4307b8bcfba30d03046242700955891e31d32075a68040890f9b71e06268c7d6cca2bb29725528ea6e3416c03e80df6d4f3d8eb1d7494d89ad0638010c8eee4decf1a5c3ff0d32eb7aeeedb3c36e301f053de5ff87e740d46c0a73014cc6472785dd9000b99415dea1c56a26d21a288c7348782ee82fe3e55e7990c6a203a0caaa8390dcc66e271715361d0dfe8c1934c802f1ab3985a535ba66a3a6f0bee75f0a7ecd8a13f9b5ccbedaabda1ca82c8eef7e287cbc31397ffadd1a66423f421b3d96996ad9b1f93c986334becdd28c0a621440f8f2c6fd11821df851cc422dd6219d9b9f7599557193bf66823aa3e92ad811109ac0cb93c18b4486d7e9b8d8d514fd8de51d6e0b31d15d633dfdc2296fb2c78e848bb4216024ebd0712545805987626f437b595d4ff1c1325b2430a85ab031cbba55e4497511f9365c09cd34826892a5f7d5d9fe5757173f39fc5baa6c9e98fddf3b13621bbef18a4eb67f93f6544f74711d3911e52b2beb6bd2a5080865c8e391fb083db95c488d37bd5d4036fbb379491d7f7a99d4fb21048b88574096b4ae12acef4d442d69a992ed50bafe323f7bc16097c04a8979e90e0c7046d217cc26044059fb2c6ff26ad0cd98bc66671de07ddb5b89a9cf8194bb515f1b7210eeb4b3e738ced9a68ac551ce1f5f1f198cfc13446d8cd1dcdfa10683d97d81e6e86a702a371cc267dee416e7ac6aae870929b7b4e2605af559a8bf89d6cb06b9d38b64217fe83be910e30512ef51bb4ef2c1aa169c92e4f934ac91db67e22f19bf6a6c6ea0367c811772783fb5b41da15c3b13bcf6690bbf25e127e9c0a5780512e3aa8682b916c18136f2ded299ed735654f9824817677d006194a3409dc5ca75c41af15dc221819d0b4dd4997cd4aa20f255e623f2aced7309ccb79ccb8f73896451926a09279f0cfd2d927ad543313c78ad20dfdac7321b1c6d001d6fc03b183f03a9a06b2d54fd7b36d55398cbafa8ccdf9855389cf2da183ceaf5242faedf4cc8acbf40e7225f4836bff22ac6f5a0ca7b220e50e310c397c4dee75328210a383599eaa346377f8692c46a3887ffb3737d69df04db9d12b801be133a592cb085e6e9ee615a3710bfeaffcbf1089c523d64161bbb819f1dcfb1d89efab4d08eebb37113ad1502f18679d3083e04ccb45edf05c311c93ce799ad1b28df8d2eb2f7fcde50b7f54f45fccadfc296ba7592f8011892b38a7325be33b408414bb502dbe0ada3a93b524e7187d92499252739b940734facb4e2b4f92f7e7cf42d0575da483a2f9904a524cf129aeb1f332119813a2a90c1603fdf45f9883ce773dc2f1bb3c082fa98b9bc69d3ec9414c40faf895c3dba86975840684edcdd5bfd949339c8e8d60f95e48011d59a2a2b20e328286948275814e34463d4be1732c07ba4b3766a6f527d4cba56851499e686679dcc98cc5a342dc0218d92030b3c505426b8b3d6650c74cd08e386997b79a1770d2d6141729830dccccc114a1b3e02f65106259de4f4620b656e9dd038be1340cca23021fde489f5a3f70953518a24ed37258917228678a820fe805986d66797576aacde3eabad4ef70486a0abc84f8d00f7198000ce9c9b572bd12306c3903e76adf17c4088a370ffdf4defbb53b3e491a627e0aacb2dcc552c38e53299968a4188973ea33b5829864cb9d33f63254505c308bde3a683e175d223cc222a5ac931289efcd8e978991a500c138a59df3ad4ca7bb9ffdb0835638e3de759b1051d87e81fecdb82fc08ed4cc87265ba9fa94879bbd3524ef821e071f64e935a64fdf352d35644378498692756a28459219ea7a175393887892a3c5763e59bd7ecf9210550080f02ff4ee645cd7bbdaa2781c4d6d921825aba9024038b0374e134a2c1cc2833edc70426a22a4d852460e01e78013c1ac5441c097b36bc748bd889d860b48e691bfd248b6022bc9493e003171c3e539b4099e3bd0ee2045192b465a2cb650e353c826eba6a0803701dbb941f292a1e052a558b95f779b2562dc020674371abebf174071566024861c4c0c748813d67e8f6998a9e26512b7c69fad9b73d06dc9b716e1aa8a0a9872c0e6ddf5da511d642a5133bc60ba12a30adaf8119f3153eca66b4bebc2e930cbadb86b77bf8d0234f86df2720d800e7b49199dbb92b82a34b95b28ed866dafa323507379319a7125550ddf041013c13ebb74969d12803de30c0cfe0ca938a344041986c8032eaee2718a4e77f5fbbdff7a7de8d50aa2d1e017a973dfef4f8c2a335355dd856383697856b14be7c273ee66babc87eeb11ce964ff2043e970d39c8b1dc2daf90148af47690cb2c6ee7bb380d355810447e7fc5337075b08a1f2c1f8f94aab6a8f002f2299e8dd32908d93c2e31fc60c15a4c1beab44b2f8d00cc03e051ad578dcd88cd726a1c2813e75cce382c571fb22e1ca593a3e782a2acf1d745b987daaf5786dd690d0971d371cc8eef9eab560a968e16ca49843ba55891e684609412bf1bf5e896948013e867783f537110f904900ec78ade08ae6c92d32718b6dee17d344086f2199403aa8aa61c5c90d168bbb7a3eb3fc8760a920e4f9e4496843e9ca3bdde0bc8054458d0718df247b6f46952d6c9a914add5cc282e45b24687d5c96501714f72b81e70ea4756fe9932502a298e7bce0a037de5d3cac3408d496f1f604a061ed91c4096faf3d49f9dd54eb5e11d9af775deb1713c6279e235b61ce61e9f011fed019ab31522a000c3376c82d123f0ba2ec530fd768dfe9c0e507562fd74116006bdc665497458dc6a2a0e0c1c36a4cb96f67d4bd07befaf3b44745e05c95c3f7661f564a7fd848baa5b523fbd8cc35fd7c87479d7e1ea4984bdd580289bb96c55de7bb457aebea6a5c8d7846a07e75c9da9e61631c83dff1bb992366b780460157c2fff980e3d21f16e1ce759cfb1f40cc134ac31b6b48a3ced767a92f949fe7a8e81acbc3ffc4dc5b07853da6d2493ca8433d7658a4d14aac2aec48ca25ca8d13586d5b3ddbfde8dffb3586db19723de4b1ff86b1c7d5d352d4bf73d7fdf58be4c05baf9be820da95e7173fe900bd6fea3afcaca3b356c0b1e0839a308353edef43e6d51340a5770856149051f1a995decf59276b858d55e9c8da4b968a95bcfed41583c5cf9a9658d3b863094c303644555d39e1225340a1aba229610ac3496c2656406088825074b88f2ddcbfccdb527eb1590c68d193661044342b0b662edaaf17d5313101b45e57f2fcc44856db7846b7c815b8e1054fc55a40d38795279c6bccd72ff006a573b6bc052110ca848971fdbf17054f6a8cc1e736e3738bffe7e95a679bfa6533692f80c09a8c49283b634d93da2c35de2d86f9349c203b813dd6d9a50a4debe24a3c73fd2532d3bb17fa218a9daf576bd6f7ce898f3a3b0b7e1f5a99e87790e2e9ee9029b28bea8cec9de130997021991e7fa1531dd9cd3db43fb7f3c572e7c23ff875b0f6db24aebb3c0679b96e651df464ec64b766f8c517b5cdfdaccb6f208aec6b7333437b45f4dd31422009c86f2d5ad9bd137b29d1fa5db4fc773b1c30a58cf9b40310722134733a1c77febbddc2332a792dfebe9ce4fda013731c75151a2e4d566326be4271da8670b51af1f6cba477ca4dda48c2b7deab5f1d938f83a620871dbb1030f49f6118d4962af3caecb997189af50830a3efbc6d975fbff52fb0bdc003197108773f86c8863082a100b1221a8c2151a70fe6a8b88fc496825b95dda9a311fa162faf49e638ea3f978b7d932b7d7b442b7e07e3b27e6fbe7e5d956d6b74ae8b071ec8e26605311b6fca5187bfce427383650769b5206e5c8c9093ad582557167580f1a6009896bd83fd2c413fd6c158380718974445b757450939ebc77e29a4dd87073c7fc572aec1f53a60436128cf6006407ccd2a50d46e56448ab2cdc0eb140ce70a58bfce0bde1129173a4756fe61651b484d5d1d75b433d6d37c7ac7848d6c3e151ba900725eddf479d3e108e3ad26875e5c404fa15aca741781068e109d1805188c7170e4212f5859f8288e699d1ae5a1895d187b68737be773c857c05aaf6538c8c668f3160573e4e8cb69384ba78f04b7f987f4e10903bdf652d30cc9fdb7aebe7170c9d657a5e6a12138398681ec8669e64f9fb35e4782c44c380fcdad7bc6fac7bdda4b3044dc40ef009e72f069208e607a64748f4b12224c076aaef6b2ab33d1664c7a1389d8497860d8445c6aa6b05e748907b061196672ba7c702238a324e3908003880040000800800c30009000000"], 0x102c}, 0x1, 0x0, 0x0, 0x240000c0}, 0x4000005)
sendmsg$auto_NL80211_CMD_REGISTER_BEACONS(r1, &(0x7f0000001240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000001200)={&(0x7f0000000100)={0x50, r4, 0x200, 0x70bd2c, 0x5, {}, [@NL80211_ATTR_COLOR_CHANGE_COUNT={0x5, 0x12f, 0x5}, @NL80211_ATTR_MBSSID_CONFIG={0x1c, 0x132, 0x0, 0x1, [@NL80211_MBSSID_CONFIG_ATTR_TX_IFINDEX={0x8}, @NL80211_MBSSID_CONFIG_ATTR_EMA={0x4}, @NL80211_MBSSID_CONFIG_ATTR_TX_IFINDEX={0x8}, @NL80211_MBSSID_CONFIG_ATTR_EMA={0x4}]}, @NL80211_ATTR_WIPHY_TX_POWER_SETTING={0x8, 0x61, 0x6}, @NL80211_ATTR_SCHED_SCAN_INTERVAL={0x8, 0x77, 0x1}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x5}]}, 0x50}, 0x1, 0x0, 0x0, 0x8}, 0x20008000)
openat$auto_ftrace_event_id_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/events/vmalloc/purge_vmap_area_lazy/id\x00', 0xa2582, 0x0)
ioctl$auto(0x3, 0x80000541b, 0x38)
r6 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/pcmC1D0c\x00', 0x2, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
setgroups$auto(0xe32, 0x0)
ioctl$auto___SNDRV_PCM_IOCTL_SYNC_PTR642(r6, 0xc0884123, &(0x7f0000000340)={0xfffffff7, 0x0, @reserved="1147ca8f35ca5af05cb8fc5e3a7af39b52d825270495011fd2d42e61578107c3770b758b446b763af96c471a4bff319e194608a15781b4a663f7561d842a49e8", @control={{}, 0xe68, {}, {}, 0x6}})
openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace\x00', 0x80001, 0x0)
syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000040), r1)

32.057421602s ago: executing program 3 (id=2700):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0)
r1 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000001040)='/dev/snd/pcmC1D1c\x00', 0x20400, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
init_module$auto(0x0, 0xffff9, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/kallsyms\x00', 0x101000, 0x0)
pread64$auto(r2, 0x0, 0x800, 0x800000000002)
madvise$auto(0x0, 0x8000000000000000, 0x15)
madvise$auto(0x0, 0x2000000080000001, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8000)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x4008)
mmap$auto(0x0, 0x40009, 0x8000df, 0x9b72, 0x4, 0x8000)
mmap$auto(0x200000, 0x200006, 0x1, 0x40eb1, 0x602, 0xb00000000000)
ioperm$auto(0x1, 0xeb78, 0xc)
ioctl$auto_SNDRV_PCM_IOCTL_FORWARD2(r1, 0x40084149, 0x0)
getsockopt$auto_SO_RCVMARK(r1, 0x7, 0x4b, 0x0, &(0x7f0000000140)=0xfffffff7)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x2, 0x88)
setsockopt$auto(r0, 0x1, 0x44, &(0x7f0000000180)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\t\xf8p\xc6\xb9E\x81\xb6F\x96\xa6\xba\xf4\x98;n\xb2nA6\x1a\xb9\xac\xde\x0e\x90\x18\xf1\x13I\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\xc2\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x00\x00\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81', 0xa95e)

16.795566507s ago: executing program 33 (id=2700):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0)
r1 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000001040)='/dev/snd/pcmC1D1c\x00', 0x20400, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
init_module$auto(0x0, 0xffff9, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/kallsyms\x00', 0x101000, 0x0)
pread64$auto(r2, 0x0, 0x800, 0x800000000002)
madvise$auto(0x0, 0x8000000000000000, 0x15)
madvise$auto(0x0, 0x2000000080000001, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8000)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x4008)
mmap$auto(0x0, 0x40009, 0x8000df, 0x9b72, 0x4, 0x8000)
mmap$auto(0x200000, 0x200006, 0x1, 0x40eb1, 0x602, 0xb00000000000)
ioperm$auto(0x1, 0xeb78, 0xc)
ioctl$auto_SNDRV_PCM_IOCTL_FORWARD2(r1, 0x40084149, 0x0)
getsockopt$auto_SO_RCVMARK(r1, 0x7, 0x4b, 0x0, &(0x7f0000000140)=0xfffffff7)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x2, 0x88)
setsockopt$auto(r0, 0x1, 0x44, &(0x7f0000000180)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\t\xf8p\xc6\xb9E\x81\xb6F\x96\xa6\xba\xf4\x98;n\xb2nA6\x1a\xb9\xac\xde\x0e\x90\x18\xf1\x13I\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\xc2\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x00\x00\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81', 0xa95e)

11.716244837s ago: executing program 2 (id=2750):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
write$auto(0x3, 0x0, 0x7fffffff)
write$auto(0x1, 0x0, 0x8000003f)
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5)
r0 = socket(0x2b, 0x1, 0x1)
sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000001)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="2c0000001400c7"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x0)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x7, 0xfffffffffffffe01, 0x8011, 0x3, 0x8000)
syz_genetlink_get_family_id$auto_nl80211(0x0, r0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001480)={'vcan0\x00'})
sendmsg$auto_NL80211_CMD_GET_MPP(r0, 0x0, 0x880)
munmap$auto(0x0, 0xffffffff)
sendmsg$auto_IOAM6_CMD_ADD_NAMESPACE(0xffffffffffffffff, 0x0, 0x24004054)
getrandom$auto(0x0, 0x6000000, 0x3)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sysfs$auto(0x2, 0x10000000000048, 0x0)
fsopen$auto(0x0, 0x1)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)

11.155231541s ago: executing program 4 (id=2752):
r0 = socket(0x10, 0x2, 0x9)
mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0)
read$auto(0x3, 0x0, 0x80)
sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r0, &(0x7f0000000100)={0x0, 0x3408, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0x4, 0x70bd28, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x80c0}, 0x4000000)
r1 = socket(0xa, 0x1, 0x84)
getsockopt$auto(r1, 0x84, 0x9, 0x0, &(0x7f0000000000)=0x9b)

10.794216444s ago: executing program 4 (id=2753):
r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080))
unshare$auto(0x40000080)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
ioperm$auto(0xfb, 0x5, 0xe)
socket(0x2, 0x3, 0x406)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
ioctl$auto(0x3, 0xff09, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x40000b, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0)
set_mempolicy_home_node$auto(0x600000, 0x7ff, 0x2, 0x0)
ioctl$auto_PROCMAP_QUERY(r1, 0xc0686611, &(0x7f0000000080)={0x101, 0x34, 0x7fff, 0x5, 0x80000000009, 0xffffffffffffffff, 0x800, 0x101, 0x1, 0x7f93, 0xfffffffe, 0x7ffffffd, 0x7fe, 0x7, 0x9})
socket(0x2, 0x5, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x2, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto(0x1, 0x8983, 0x4)
socket(0x2, 0x3, 0x6)
mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000)
r2 = openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, &(0x7f0000000100), 0x80, 0x0)
ioctl$auto_BCH_IOCTL_FSCK_OFFLINE(r2, 0x4018bc13, &(0x7f0000000000)={0x0, 0xe4b8, 0x3, [0xfd, 0x0, 0x8]})
close_range$auto(0x2, 0x8, 0x0)
fchdir$auto(r0)
exit$auto(0x7)
pivot_root$auto(&(0x7f0000000040)='..\x00', &(0x7f0000000080)='.\x00')
pivot_root$auto(&(0x7f0000000000)='\x00', &(0x7f00000000c0)=',:,+&{,,\x00')

9.823650927s ago: executing program 2 (id=2755):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(0x3, 0x0, 0x3)
mmap$auto(0x0, 0x400008, 0xb, 0x9b72, 0x2, 0x8000)
socket(0x11, 0x80003, 0x300)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x742, 0x0)
openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000400)='/dev/cuse\x00', 0x1c1041, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/module/button/parameters/lid_init_state\x00', 0x2ac42, 0x0)
read$auto(r0, 0x0, 0x20)
read$auto(0x3, 0x0, 0x80)
ioctl$auto_XFS_IOC_ALLOCSP64(0xffffffffffffffff, 0x40305824, &(0x7f0000000040)={0xffff, 0x1, 0x1c0, 0x2, 0x4, <r1=>0xffffffffffffffff})
fcntl$auto_F_GETOWN_EX(r0, 0x10, r1)

8.786420999s ago: executing program 2 (id=2756):
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0)
socket(0x28, 0x1, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/asound/card0/pcm0c/sub4/xrun_injection\x00', 0x400, 0x0)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x14}}, 0x4000000)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0)
write$auto_ep0_operations_inode(r1, &(0x7f0000000840), 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000340)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4460, 0x15f4da0a, 0x1, 0x3, 0x300000000000000, 0x80000001, 0x7, 0x0, 0x5, 0x2]}, 0x0)
unshare$auto(0x40000080)
ioperm$auto(0x3, 0x5, 0x149)
process_madvise$auto(0x1, 0xfffffffffffffffc, 0x0, 0x14, 0x4000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_rb_simple_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/tracing_on\x00', 0x480800, 0x0)
prctl$auto(0x39, 0x1, 0x0, 0x0, 0x0)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x40802, 0x0)
sendmmsg$auto(0x3, 0x0, 0x3, 0x0)
openat$auto_state_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x121040, 0x0)
lseek$auto(0x3, 0x7fffffffffffffff, 0x0)
r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/renderD128\x00', 0x0, 0x0)
ioctl$auto(r2, 0x800064bc, 0x1e6)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
socket(0x10, 0x2, 0x0)
sendmsg$auto_MACSEC_CMD_DEL_RXSC(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010527bd7000fbdbdf25020000000800", @ANYRES32=0x0, @ANYBLOB="18"], 0x34}, 0x1, 0x0, 0x0, 0x4068811}, 0x80)
ppoll$auto(&(0x7f0000000080)={0xffffffffffffffff, 0x11b, 0xf}, 0xc, 0x0, 0x0, 0x8)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="1e0027"], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000)

6.868980036s ago: executing program 0 (id=2759):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
r0 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
fsopen$auto(&(0x7f0000000000)='nlctrl\x00', 0x3)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9)
r1 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000010c0), 0xffffffffffffffff)
madvise$auto(0x6, 0x1, 0xb)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000001100)={0x14, r1, 0x301, 0x70bd25, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0xc040810)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x400c810}, 0x20000041)
r2 = bpf$auto(0xfffff001, &(0x7f0000000000)=@bpf_attr_3={0xa332, 0x2, 0x7, 0x3, 0xfffffbff, 0x2, 0x1, 0x4, 0x7, "0108a5172d53c2dc73bf58e1423b2178", 0x0, 0x9, 0xffffffffffffffff, 0x81, 0x8, 0x81, 0xb03, 0x0, 0x3ff, 0x7, @attach_prog_fd, 0x2, 0x630, 0x57d, 0x9, 0x8}, 0xa3)
r3 = syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f0000000140), r2)
sendmsg$auto_MAC802154_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0xa8, r3, 0x0, 0x70bd26, 0x25dfdbfb, {}, [@MAC802154_HWSIM_ATTR_RADIO_EDGE={0x92, 0x2, 0x0, 0x1, [@generic="055ccda3c9796f5f8add8296fb24012bd6cf3edf6c874203d630d30a2b62858942bdd7fd2ac81f8b04e10dd08e119c26084ed037621f788d90d6a4f5b155c006cb8889d01d001c1b8d94bff262cbebaca0bcca78498a8dc6a1c8dcb2ae3391bbde1ccddc2e1037ab9cac4e7ccf0679c1e8d3fbab389e775c1ea5c092", @generic="c912928dd37cbcbe00e2", @nested={0x8, 0xf8, 0x0, 0x1, [@nested={0x4, 0x107}]}]}]}, 0xa8}, 0x1, 0x0, 0x0, 0x80}, 0x60000000)
writev$auto(0xca, &(0x7f0000000080)={&(0x7f0000000040), 0x1}, 0x7e)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
r4 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read$auto_uinput_fops_uinput(r4, &(0x7f0000001400)=""/4112, 0x1010)
read$auto(r4, 0x0, 0xfdf3)

6.09390589s ago: executing program 0 (id=2760):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="1b0026bd7000fddbdf25030000002c00000028000180240006801d00748004004d800800cff3", @ANYRES32, @ANYBLOB="040003002a9d272f660400338000000004000380040002"], 0x48}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x25, 0x1, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sysfs$auto(0x2, 0x4, 0x0)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB="ea12e528ded30ff1309c8b16"], 0x14}}, 0x4000080)
r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
fcntl$auto_F_GETLEASE(r2, 0x401, 0xffffffffffffffff)
syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff)
shmctl$auto_IPC_SET(0x7fa, 0x1, &(0x7f00000001c0)={{0xd2, 0xee00, 0xee01, 0xdb, 0x4, 0x10001, 0x2b}, 0x0, 0x80000000, 0x981, 0x213, @raw=0x5, @raw=0xe, 0x5, 0x0, &(0x7f0000000140)="59782289a49154875439ae6b14cee9cbc96b5e", 0x0})
r4 = gettid()
process_vm_readv$auto(r4, &(0x7f0000000040)={0x0, 0x2}, 0x4, &(0x7f00000000c0)={0x0, 0x100000000000002}, 0x3, 0x0)
gettid()
r5 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x101000, 0x0)
ioctl$auto_FBIOGET_VSCREENINFO(r5, 0x4600, &(0x7f00000000c0))
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
r6 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x1f00}, 0x40000)
gettimeofday$auto(0x0, &(0x7f0000000040)={0xec, 0xffff7fff})
sendfile$auto(r3, r5, &(0x7f0000000100)=0xfffffffffffffc01, 0xa)
madvise$auto(0x0, 0x2003f0, 0x15)
syz_genetlink_get_family_id$auto_batadv(&(0x7f00000004c0), r6)
sendmsg$auto_BATADV_CMD_GET_TRANSTABLE_GLOBAL(r6, 0x0, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)

3.799228307s ago: executing program 0 (id=2761):
mprotect$auto(0x0, 0x3fd, 0x6)

3.654385484s ago: executing program 2 (id=2762):
socket(0xa, 0x3, 0x3a)
setsockopt$auto(0x400000000000003, 0x29, 0xc8, 0x0, 0x567)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, 0x0, 0x8002, 0x0)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x0)
r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
r2 = socket(0x2a, 0x2, 0x6)
setresgid$auto(0xa05, 0x4, 0x0)
access$auto(0x0, 0x3)
connect$auto(0x3, 0xfffffffffffffffe, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2201, 0x0)
write$auto_console_fops_tty_io(r1, &(0x7f0000000140)="671d264add69b6440843b6e6688a2b5ad9df2669e6f9cd236532b20ed763c1dbfee3f787fc87cd0f5600ac8caf4bde4c30b530ac6ebbff950e1a647d6a08a1b55dde5a409b58", 0x46)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
r3 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000040), 0x8300, 0x0)
ioctl$auto_RTC_PIE_ON(r3, 0x7005, 0x0)
readv$auto(r3, &(0x7f00000004c0)={0x0, 0x4}, 0x5)
sendmsg$auto_OVS_VPORT_CMD_SET(r2, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f0000004480)=ANY=[@ANYBLOB="84150000", @ANYBLOB="dcb84b98c7d624e976f2ebf280f4746cad2518cdd74d3ebdd92d3e516008f93e4f7fff0bc147e5451cf6480948be46c6819f9640ffe54a8a2924a045c255bb7678e36fc8765c14938043e56b2b1168d327e2af37dd971fc8652cc4ce0177b6bde5b9a4f2f87120344d25b82ec40224d6ca4336a98c7156deff7e8fca05a214b5ce85b71ae384b6795edbc3fc3b7f21f743de8b98095f23f3d1bbae633d96f4f31d46d260be27f4daf68e21bdbf90e0dd61cfd2926d43f3d8c79724dcc332eb07d549171dfea5efaca63263425333298ed1350e51547c60a084d620b940d92153bc34243682034c1be202b9a79c2d4e1caad58847f237", @ANYBLOB="200628bd7000fddbdf250400000008000900070000000f020480100041005d2f2e5c2c26242b2e5d2900080032800400a20053a973a9c20cc07ebd651d3ce510e8b9a4f0cb82dac7d2e476b58e8b0f73e54cae8c405cc86287959d73302fe7a3a877cb586b96228f1488f7869e76b918105e41f1570161583786b4abcf2540c06cefc23dfaf2038f18627d65db3810d1dd9786a50fcefc9aa2017e6695b1c88b5f4fdbe104b33c49738f08ef1b86d4226b7af186b2ebcefaf2f8502f47cdfdef202522c58c2dccf355fb172a2d63f874c35e52d0313b4fb6f2bac3ddb47e48ad43fc13275155cbae16ce6b049308719283cab89f04e6f335e67565e8e4a0e9919b0400fe000800c800", @ANYRES32=r1, @ANYBLOB="7dcc93c83929d7082498541fc74372fe8a586a051f9bb4af68360d6fc1c8147e7dd6aea7fa4e59b68e2023e7daec05fcc772a81aa158f4544b9d2c4804f721aba7680bf0fca8b457a28cc71ff53dde884199b6dfb444c8a6648b7737411acb960a0a6767354bfa63e29b5f71d33e32e622c87aaabf5cd464e798baa3ee2c847dca5a0cd02772972cfe8526f8efabd6a4c08e7fb1f599c3f6437ab0d3df5edf94bd1c0006800400b98008000600ffffffff0c00a600400000000000000053855fdf56722448670da11d54ace7c5b6464681b9a1622435da18b68abc17aa22f1e032589af356196a96d483a85568fd84a5b2e32e7a4130efe97197c60daefb5115e1a23c600506600a9e6a015b5d99ef9a7ae0a4f05b27930e00080001000004000045130a805be722b39a52003a8ae63ef782aed6fd5ce77a7e831a8e686709b5e3dd347d68b05858a2920dfbea1e3f7db42974f5cab8c8ffd84482bcf7d7d6ed4b547192404b197524c916d47932090bb7d433af0735a02fb50d9b98e2a1fd2c24a2400921ba7ce2f169ecefbd218615af2c29528352530fb07f358b801f1583f34a6b5ea016c717185d1d2f56e07cfa4a8378b73f619bd0f8f7d145483523982d47454f5c882742e127a8ca5948f8d63335089316a5dc2e92b33666a7db67b01078800400a1808f478609e64532e9aef655cc97fc9e003f03cba1b66ce498ac5adc65ecf996f014cfea3ffd828136965d93800c1193ac83e3507c76c1bd534158b0b8fc0705fd91e0c60976688669a1b757790730ab85de21f53c9a46c68d8df2c074ba0379e92cd0e766c7635a217a67f5ee24ae78cdab58d9ebe7b23087b8bf4a7f08edad66e68ce845be28c0380400a580233ab30bd8e609b08645f4193283b885c72bed7de47824b565eeb38083be6871a3e88f2eb3a63fc287ae82ba0789a1ac213b88cb71f510e43ee6c2c8e8a2a7ea09c3a34922e00845a002d816c086875f17f7c3a84e33a73b56301ba3b045943e31dcadca984066cfee81349060d9be7a7b27f202a7a703beca8fb54fcc3e8c2c427060c872c91d39665f1f27164b3b0ad1a243738d17eb9dfb94a08644043bd7f982c95a24c81d689a8e726d57f416ed34afca2292db89a6e648c38e1c1b6a971cf88769f1a2434ceccff18daf2768c9edf8c6d5c4a2e3eb882e805662de3bc66ac31c8132d7eeae3a41a7354fd2edf45be452d45b7768c1cdae9be01128fbc3665f9297aa8a7a44ed2540eb6938b3e12ad81e9140564fba09dfe886262e6dd6c444df17f1da43dd7e65c6f80340b63f489034e4a045e78adbfdd24cd1db02d4b52cf25dfe20fd46846d9bcf64808448e835e8458a2c02c2c282f44103b043a8e52ca7efd2a0b6f98f65e09bd93cc6b453b4d0f835f6e07c97059991ad8f2f9ff67672767b5ee764599a87ac201287c14fda9da70dc225a561a94046cfe0a58303a8d5797b212d91792a2754bdabac163ee8d4cc28927abe4fde9c8dd2fb84c158584033431a6ad12def2f08c105ca61ede88f8407f1e247188d865d7148d4c3a553e4c06bb5b6b3d5c82b02d89875995aead02d14df5ad1ffb7b869f3a21346a514e059da59084887d72404677bcab21ae066c34330699c3a2abf86b1f6c5a6a19e93210a29831fa16fa74be148a8d5ccb3698e8fbf869cb66a4c79298af9758ac7992192062c737321bcfb0d095b226fca27a6dae627a807edbc461adea1a8829c40c02c94dc8908b69b26c5bb350ad4d3a98c68f7561ce842e6645941ad699de3e3849e74b9682b19bfa01b4f3b51da7e42e36b8c43254a1c63704ec7fd9085f324c0881608c5a839c001cc5740bc7bc65024ac225c84c194ced79a52e9ddf3ecb26c0c8e62683f836ffc66917600e94a5be7db46d83460e23ffc474e310cd14db1024d252b48a637b49ca9ad52a566e9c672d75752b247764f7006136f6f1b2345f4f53247f5607224105d098f47f57036733563ffef914a664020d113e7aaa2495865867d556b2bb76eae1ac0b39e687457c4ee140b4d21c6092a1c0f1299e8349c657e6dc1de5ea09c4b167f555adc9cf499fac8fa220f01cd2408ccc1810162d230542b15cd47d8267ecec0cc81a02e80177b4ee568f03dc2553292fa4fb4eb9b66abd4d482ae3beaa40f81f6fad1c883ca86ff9566fe65917b1d24f17dccdc410469d2c892e6ebc7f1d30fe6c56d38aeec8ad9cb479c7ac4b110ff26e922b623c4631ceceaa12fa71460063d91c4e4e763ed0bf96dd8151d8c96316d775bc0d746c2aa32cfe88e5f0fce1081e66ff4bec572cb8cf2e77e847d4e31564d3c63429305e8ccdc6eca0c1bb22aae57f0f06d876ff097d3fcfff70ce1cbe8a036a4798ea0342ddfc1532746ea3200d03a26514a47cd95e3f18829b782de66078328df0c7ba1ead379239ea2a0b569fd6916497bc0506c7896c7933e5e5c25693b36764da2434fd146146949eebae6a1e8c4a50299f1653f8cce8a1c4474626b14c239aa9a9bef550f3c1e0afd085eadb8427b5aed488b3fcf2764749d850bbd93f35b8af6fa73b722f9729ad74093bca572b6282c11d9b54f2c06a6927c9282062e6442c913e182e3c3407fe61bd4fa92ae1f1a1a80042fd10689e8c1caa4217549835c1d5636122d79306cc7e70becb93f2c6389e8f54e3258dd270d5f95740a307dd5cd3873c5b3e84bdbbe0bac1c9e601064f089a960aa46645e058f1e9a095dfdfce9d8301a43f9668982e2b432fc1e7fc067d5950f1ebe9b7677f6044d813c7377759074cd988e32d60927444fcdf50036e82de96022e92ab2120fd18d425e0c7cc3b5b0de9da7259dcea65295a0ae6cda4d91d59a3787343a5cd56588eb41292c7fef5c91f7fb7ca4ddf813cadf6b8627bea5e9111b19673b1910a147e254a7fac8af26eadf6b737bf4f2dfe859888c5552f01c82b9f01d7a6799c2951e77a30b5341de218d75abd5665efd32b08745e091ae7cd2bfa5187212e16a88e52e15caefef02b36abbaa996ab7c476e9f913095cb3bc3578bef54e90b965d8c8fa449636527bdb3afa49b136f32502adb91d07ae99801040779a5bdbe4f4ced3c1247381dc744b90525ac5654221e27ef1c1eb08e24509306085fcbaf05910f3d464426a9aa47d9e7ecd6a86f9dc74424002e64201835b4c1c0c8107607580b20f89051e2b0a582b2f05dcdcc066c27db0e57c6c5a89adde95b30668b647883a1a3c0c0f7a7097ee5fcd1e6d5ca69faf3d8b71fa15d34e1a20b2fe8343ff96f3be7801c8a8796235b9bc07f0830d0a5e2bcf684a3527bcb173a9d2d8195b1a1ed0d52e99a2c26396b1ca859eef5c22390c354e3aab59c3793dfcb9816bef1792f049c8c911f5e931df7b80048c0fdeb0167b718e23ca618902127a2ed1dacf30471e7575586944830903cf6adf2eeb59cc8f24750a4b7e2270a71007ca0841a0dc2dc9752b3111fbe61b901b63d480f78176afde877df2db3ff3860b45511a3a1c8f0963962c014ddf413ef5738260cd4de4c6dc124f1f38ee2a5fe8d7d67ba5dbc91c6ee7a4bf15cf1eb6c7364497f8ca8cb47c13e0c274798fc88bb59f908e0a6cfa5a70207baccf549d75cca6441e36e91de944a6badaa3e1a4898f5589d6451471a927dc23b400016ee26bdd4cf7bc26c792cd8cf3f5d72fb2099c4c5f6bce16c21050696aa7931dfb13c564d61178782aaffbc98aaa22c06f3cfaeacb5c95e29ad726ec83f0f92d594a78666cbc6fe95d93a97c7b11ef8464911fa5761aca261db87078725b51b138640e3c4d4a253afe5ecee0f69ad5fa205223cf4c66c06551b99482ef8a76b286319540b416063b2bfb26b276f28c959762db09ecf30962e137c4b592bdca2ef6397601fcb3a5d4547f4d8f3f0baa92fe746e3177af5e06499ea40d93b56e41a53b23d11f2ddbceef1f1ba0c1c7c3699fc608addff3d3ae818250d40536f55604141c07fa55f34d8eddd962e166b4b29aa7a52d2b41d826422ddc190bfc443d8622270d22f35d3ff1e5ec67de09f70284c92f88e9ceff1c9b4745dc16f81402390a34cb513c488e7d848e004ee714eda7a8f25a17dd7a2ec0b2e9150597b99d31062b5ab8e9c9f2883a866478f4ea0e00a76499196a3fb3e9f48668f57dd998fec7c6d9617d0b4d3428179c48daa586d9f51682e61f223e95197c9eb6243477bd83e94609599b0ea0fd1358fc2c862f33f221acd2a560cf053cf110e3556d0d992371baba036f7af10501253e95d0455dc813453243d21b4aade89113490e79fcdda3598b443e827c54ea2330035d7e4870436571fc5aa4441b502d9ba8e25384029a88a4616a828d080042b0442a7b614a65364217e5fcb02509dbb0c0a7f3a80d2a05fa79269f03557dfc51fa27a4265df8a3b2fdbd79add88aab7dae28adcaba0dc780b35ab399ae2808508f88dd8eeea9c45a5ca843e9eda409ad1d3bb262744e37794ec797180559a3f0a8785e27c05bb530fefe3b9cb017a91879f658f16c85b091d5910745b6807a5dccac8ba19a1426453093cd5e84918244dbf8a19a9f5aed935e984cee91e30749d9e5a3b4b76db4a29f3c36e5c6ea9748f559df7aac598d69428ebd62aeb96c21d3dad29eb8c9e8d485298c33617d7380904608aa6c04618f577ed179188edf2ce8432ecc20adefc04ba9903c11d6d9aea7b5e4b0ddb0f87b783786a06bcec61f283d7ab6600c877caec34cb952be92ff7b7320b4d84b62eae7eb397cfeb449e65a53a667163ea2b458806f3ea86310b2c03bcddf492f17d08eccac99c8784b724017c773d268ecba5462dc36e9832d3f46e58cf1abf5a31a4da93620c34f866f62d0d55907a17a78527509c5f51e64a034e5ff804fce7ea88d3def218818f6b3107b7a2120f46e7f90f22c4f8b93967372cfe596d56666628dbf1052ec85df6959c8a0498cf972cb0d8d59ffd8a7e89f037616aadf11269d6c91c4706c2b628c32035987de4672f8a9f578b1e916aeeafa6bd89a65922b65dfd35eb44bfdc64e261720fec1efeb81b29614ebf6b74404606000b2b566b7495b5a498d5069d20534d7e9d6d28a839ddc473cc2927bb11c8c36d79e281bc78aeb28b551ba77fc27cfc1d0e8c81d7da6bd0236e76590c892f4d450840b70c9e6f3dbfcc428cc94140f3f843e23afa0132b3311c7e9f514f455949cca0e5b0c4d25d6f0e4362c337269c247d657e237baff4a5a5b2a9e0047175678e2830d9cf39ef1795f42f16f5ec8d90c5d78f2807c6607eac8ab3495a4dcbd46352fe87522da448bdb7794e426fb4f5dd43f9ac0c20bd0a9fef7f632fda40b2b1498c473c092a5a65e587b979018619dd7059442249ca82d75881644db828bf5c50d8fd8488ab03b2f3264747b96860d72ae8bd75bf9ad31e245cd41a147c7b1bf58ae824a1afe84a6cefe011ee90415b81f6a09568592401077e7b1c85f1451962f60f3c52c9aaaea7cfe9c85f65fd5906710ef4cb4775c16cf2ef88d6ed86c3ded2aadd5248e7c4f7544bcb0d623a07031fa30158f83180d9b017a3bcaf4ef61ee1b2b194bb1d47c95b0143d32cf4afdd795d8ba11718f42a2c82caee58a772022b9cc1fa639c6581073845a9abdbe8e2125c2f5740e2f21c353a3309a96b8568c90c30e4913a0b340f7a7d5bca430199d1ca3c984b67a755fa5d32a0c884108cae3b50e6b42f16c4e7d6595cd796533b6133cc5369b6a9b7dbc1ccc7617e2eca5843dcf628bc9b68d7ec95457fdac15ba7b0e683ab7ffc7c2c9d7e64a7c1de3d914ee641b0aff1e6824369a6ae7113eb9cb7a90d873fd5c4db69d0494ffaef5ca460876e84a02ac3cda73e4cbb99c2fdda2589dbba44b93002ae997f1cef93a229375cf1f122ca714957d1ea48fd72d2cd9ab5f6b387a7207b9481d11d7d556d7e9448c70d91068776d07af12b4cac1ec72b90760877466f747cda173096e72189e20c4e3c7c34aba9ff0fb70b6733f3da05f8922dc202be8d906792eea41c9feeb0cb6d070d357ed5767b36f1ed4dc052da4ef425adb8aa855ebfc6a596f3f74aa6ac8a0759ab0a292173ded545e98ea019db458c59e1c0a4ec57deb455ce9415207dbb6affbad8dec1be4a682745bdf2500a4d74d5475ea2222a6119d32dcfd309ee8adc692775ba6f0d236a7505c7d9ad6f935c408f6149a22daa695fca9022c8b0c357ed256d8e547b56632d7b38a0c6ba41e15bf8ac280b5f66fc07fa9bfb5eae34df7d47ef774a67f1efe41a7c6f9ef6f7c51f571755636c4e6564f30dcaf24c55eefde487008d73121268ff5c0e13fc91eb0ea884f293567c4644afa21e037e5a10a71f06594cdc3004899d68208ebd43b40dd9279b22d5fd4dcf3616aeb7583189e2b9570a489dc9dcf5b73c42f009b39e87e6e59689331a85e80c3f83046efa016d6713bbd921eccb55646d44d657c392fb73d79ce41fcc764748152b72144ee1f1daf8f8fa95f3aa9d47d0f04477beae6d1be00301db67a5ed801eba23449b87800946d91f8df4a42b6d0f9a1fa239e273cf11c2fd1fc5b77b01a4032a8413b263057747a2ff0540bc9b2bd3ff2c2a7a01a4f12f5b2becd481f7c38c8dccd30e8cb4c098cd40cf31cd63925ce1e259a4dbe9648cf5bf0fc3be11bbbb45d0a797b705d96abf1a0abf79408fb563ffc395c4c2cff18001300215c2662c20d01206094289c7a7df38aed9e721b04008080c30021800400d78070754a50f5dc6117a6e673206c35b137a676157cceb9085f05273a286fe5f4114943fd7a72dd6acab1b33ba4b221b14143210f4b06889508d8497c72d3681bba18ecbe3ebf1668e48cd44f3bde2e909276a39302a9e9598e6238b9812b7b63699a9839d8de84336cbf50ba109b1cdee70007d9423ba539f71b35b1f50a05c41ba971a34da73c2ed9584141a3ffa2386cb31a845eb66f2b32e6aa26f9d46ac3b6cbeb2cc41a3d38a291984d985fb592ad93ce827285f8b8859736a7007b0bb2241246c3739f0883a566a76c763dd3ac1ea618b87dc29f0a53dd865dcaea5e6b96e7c1ce49bdd4a049b55967535dddd95d485ebbb7273ddde6cf5edbaacf9bda813b27eae3c14368e6149cd2d92060d3a01f12c8db0a306d414c6d97d8b1e805e16286cb5f4ec110ab77d0c94d89218ff4248ea79c0e9d963559e14da5bbaa1272a5a7a4f0360269b7f3006a2c9827a9998cea5412330e757f338d7a043d677c775b188f005678e0e0a3ca507751acc6303423c43b62523d22d6202588d2ca4f9932c40a2e040e4c3f068f42614ed859e454b71a428fa2d681242b1a19cb48670b7d2861f6f27565e655f2271ee0490f34fd094868d8915dd4e9b9ffd9e70028a9daa3ff5a5ed728490a15955ac519c40000000800cfcd3b700839ff66afbc46d83d0f5b14071bc7da8f48941bb2dc9da5"], 0x1584}}, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
kexec_load$auto(0x2, 0x0, &(0x7f0000000100)={@kbuf=&(0x7f00000000c0)="2f2fa3b5473a0f2d51936eb763de814f1970a50c40c8221eeec6e5138d29b6", 0x85, 0x7, 0x6}, 0x5)
close_range$auto(0x2, 0x8, 0x0)
pread64$auto(r0, &(0x7f0000000080)='\x00', 0x10001, 0x40)
openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f00000009c0)='/sys/kernel/tracing/uprobe_events\x00', 0x302, 0x0)

3.445046181s ago: executing program 0 (id=2763):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
r0 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
fsopen$auto(&(0x7f0000000000)='nlctrl\x00', 0x3)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9)
r1 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000010c0), 0xffffffffffffffff)
madvise$auto(0x6, 0x1, 0xb)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000001100)={0x14, r1, 0x301, 0x70bd25, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0xc040810)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x400c810}, 0x20000041)
r2 = bpf$auto(0xfffff001, &(0x7f0000000000)=@bpf_attr_3={0xa332, 0x2, 0x7, 0x3, 0xfffffbff, 0x2, 0x1, 0x4, 0x7, "0108a5172d53c2dc73bf58e1423b2178", 0x0, 0x9, 0xffffffffffffffff, 0x81, 0x8, 0x81, 0xb03, 0x0, 0x3ff, 0x7, @attach_prog_fd, 0x2, 0x630, 0x57d, 0x9, 0x8}, 0xa3)
r3 = syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f0000000140), r2)
sendmsg$auto_MAC802154_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0xa0, r3, 0x0, 0x70bd26, 0x25dfdbfb, {}, [@MAC802154_HWSIM_ATTR_RADIO_EDGE={0x8a, 0x2, 0x0, 0x1, [@generic="055ccda3c9796f5f8add8296fb24012bd6cf3edf6c874203d630d30a2b62858942bdd7fd2ac81f8b04e10dd08e119c26084ed037621f788d90d6a4f5b155c006cb8889d01d001c1b8d94bff262cbebaca0bcca78498a8dc6a1c8dcb2ae3391bbde1ccddc2e1037ab9cac4e7ccf0679c1e8d3fbab", @generic="c912928dd37cbcbe00e2", @nested={0x8, 0xf8, 0x0, 0x1, [@nested={0x4, 0x107}]}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x80}, 0x60000000)
writev$auto(0xca, &(0x7f0000000080)={&(0x7f0000000040), 0x1}, 0x7e)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
r4 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read$auto_uinput_fops_uinput(r4, &(0x7f0000001400)=""/4112, 0x1010)
read$auto(r4, 0x0, 0xfdf3)

3.44110367s ago: executing program 4 (id=2764):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
write$auto(0x3, 0x0, 0x7fffffff)
write$auto(0x1, 0x0, 0x80000000) (fail_nth: 5)
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5)
r0 = socket(0x2b, 0x1, 0x1)
sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000001)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="2c0000001400c7"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x0)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x7, 0xfffffffffffffe01, 0x8011, 0x3, 0x8000)
syz_genetlink_get_family_id$auto_nl80211(0x0, r0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001480)={'vcan0\x00'})
sendmsg$auto_NL80211_CMD_GET_MPP(r0, 0x0, 0x880)
munmap$auto(0x0, 0xffffffff)
sendmsg$auto_IOAM6_CMD_ADD_NAMESPACE(0xffffffffffffffff, 0x0, 0x24004054)
getrandom$auto(0x0, 0x6000000, 0x3)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sysfs$auto(0x2, 0x10000000000048, 0x0)
fsopen$auto(0x0, 0x1)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)

1.440203129s ago: executing program 4 (id=2765):
keyctl$auto(0x1, 0xfffffffd, 0x101, 0x1, 0x4000000000b8c)
keyctl$auto(0x12, 0xf, 0x40000000c6e9, 0x81, 0xa472)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
request_key$auto(0x0, 0x0, 0x0, 0xfffffffd)
socket(0xa, 0x5, 0x0)
keyctl$auto(0x12, 0x102000000010001, 0x7f, 0x200, 0x3)

1.434058767s ago: executing program 2 (id=2766):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vidtv.0/i2c-0/0-0060/uevent\x00', 0xac00, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
r0 = socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x4, 0x9, 0x7, 0x3c, 0x101, 0x1ffc0, 0x7, 0x6, 0x7fffffffffffffff, 0x0, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x2, 0x10000, 0x82, 0x7, 0x0, 0x7, 0x8, 0x200, 0x4, 0x84, [0x0, 0x7, 0x0, 0x7, 0xffffffffffffffff, 0x0, 0x401, 0x6, 0x70624ce7, 0x0, 0x4, 0xb, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffd, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x4, 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x400000000005b8, 0x100000000c, 0x0, 0x800, 0x0, 0x7, 0x2, 0xfc78, 0x8000000000008, 0x4, 0x200000000009, 0x40, 0x4, 0xffffffffffffffff, 0x3, 0x2, 0x4000000001, 0x0, 0x4, 0xffff]}, 0x202, 0xd)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mprotect$auto(0x1000, 0x400000, 0x4)
socket(0x23, 0x5, 0x0)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
socket(0x10, 0x2, 0x0)
openat$auto_rb_simple_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/tracing_on\x00', 0x40001, 0x0)
socket(0xa, 0x801, 0x100)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/kernel/cad_pid\x00', 0x8001, 0x0)
socket(0x2b, 0x1, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001040)='/sys/devices/virtual/net/teql0/statistics/rx_compressed\x00', 0xc2700, 0x0)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x55)
socket(0x2, 0x3, 0xa)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8)
connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55)
write$auto(0x3, 0x0, 0xfdef)

1.393254903s ago: executing program 0 (id=2767):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000002680), 0xffffffffffffffff)
sendmsg$auto_IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x24, r1, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_DAEMON={0x10, 0x3, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0x1}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x40014}, 0x0)

1.121533557s ago: executing program 4 (id=2768):
r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080))
socket(0x1d, 0x2, 0x2)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x18, 0x4, 0x0)
openat$auto_fops_blob_file(0xffffffffffffff9c, &(0x7f0000011500), 0x40002, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ptyc9\x00', 0x20c40, 0x0)
openat$auto_proc_mounts_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/mounts\x00', 0x121080, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x2, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/block/loop9/queue/rotational\x00', 0x103400, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x42dc0, 0x1a0)
socket(0x10, 0x2, 0x14)
io_uring_setup$auto(0x6, 0x0)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0xa0102, 0x0)
ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0)
write$auto(0x3, 0x0, 0x7fffffff)
sendfile$auto(0x1, 0x3, 0x0, 0x6)
fchdir$auto(r0)
exit$auto(0x7)
pivot_root$auto(&(0x7f0000000040)='..\x00', &(0x7f0000000080)='.\x00')
dup2$auto(r0, r0)

1.064791383s ago: executing program 0 (id=2769):
r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x241c0, 0x0)
r1 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/usb/usbmon/32t\x00', 0x82000, 0x0)
ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f00000004c0)={0x0, 0x7, 0x8, 0x8c53, 0x1, 0x4, 0x0})
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x48100, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
r3 = openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/kvm/mmu_cache_miss\x00', 0x80000, 0x0)
read$auto_stat_fops_per_vm_kvm_main(r3, 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r4 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYBLOB='^\x00', @ANYRES32, @ANYRES32, @ANYRES64, @ANYRES32], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
recvmmsg$auto(r4, &(0x7f0000000180)={{0x0, 0x10001, &(0x7f0000000080)={&(0x7f0000000040), 0x200}, 0x4, 0x0, 0x8, 0x7}, 0x7}, 0x5, 0x66a6, 0x0)
splice$auto(r4, &(0x7f0000000000)=0x1, r1, &(0x7f0000000080), 0x140000000000000, 0x5)
connect$auto(0x3, 0x0, 0x55)
sendmmsg$auto(0x3, 0x0, 0x200, 0x0)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
rmdir$auto(0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa081, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
pread64$auto(0xffffffffffffffff, 0x0, 0x8, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
sysfs$auto(0x2, 0x1e, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_seg6(&(0x7f00000003c0), 0xffffffffffffffff)

207.858662ms ago: executing program 2 (id=2770):
mmap$auto(0x0, 0x3, 0x4000000200df, 0x40eb2, 0x402, 0x300000000000)
capget$auto(&(0x7f0000000100)={0x8}, &(0x7f0000000140)={0x9, 0x8, 0x800})
close_range$auto(0x2, 0xa, 0x0)
socket(0x10, 0x2, 0x4)
openat$auto_safesetid_uid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
r0 = openat$auto_force_wakeup_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/bluetooth/hci0/force_wakeup\x00', 0x88f42, 0x0)
write$auto_force_wakeup_fops_hci_vhci(r0, &(0x7f0000001780)='T', 0x1)

0s ago: executing program 4 (id=2771):
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0)
socket(0x28, 0x1, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/asound/card0/pcm0c/sub4/xrun_injection\x00', 0x400, 0x0)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x14}}, 0x4000000)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0)
write$auto_ep0_operations_inode(r1, &(0x7f0000000840), 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000340)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4460, 0x15f4da0a, 0x1, 0x3, 0x300000000000000, 0x80000001, 0x7, 0x0, 0x5, 0x2]}, 0x0)
unshare$auto(0x40000080)
ioperm$auto(0x3, 0x5, 0x149)
process_madvise$auto(0x1, 0xfffffffffffffffc, 0x0, 0x14, 0x4000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_rb_simple_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/tracing_on\x00', 0x480800, 0x0)
prctl$auto(0x39, 0x1, 0x0, 0x0, 0x0)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x40802, 0x0)
sendmmsg$auto(0x3, 0x0, 0x3, 0x0)
openat$auto_state_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x121040, 0x0)
lseek$auto(0x3, 0x7fffffffffffffff, 0x0)
r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/renderD128\x00', 0x0, 0x0)
ioctl$auto(r2, 0x800064bc, 0x1e6)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
socket(0x10, 0x2, 0x0)
sendmsg$auto_MACSEC_CMD_DEL_RXSC(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010527bd7000fbdbdf25020000000800", @ANYRES32=0x0, @ANYBLOB="18"], 0x34}, 0x1, 0x0, 0x0, 0x4068811}, 0x80)
ppoll$auto(&(0x7f0000000080)={0xffffffffffffffff, 0x11b, 0xf}, 0xc, 0x0, 0x0, 0x8)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="1e0027"], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000)

kernel console output (not intermixed with test programs):

 batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  791.858844][T16096] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  791.913640][T16096] batman_adv: batadv0: Adding interface: batadv_slave_1
[  791.929975][T16096] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  791.964211][T16096] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  791.990298][ T1516] hsr_slave_0: left promiscuous mode
[  791.997566][ T1516] hsr_slave_1: left promiscuous mode
[  792.003774][ T1516] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  792.014226][ T1516] batman_adv: batadv0: Removing interface: batadv_slave_0
[  792.023316][ T1516] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  792.031334][ T1516] batman_adv: batadv0: Removing interface: batadv_slave_1
[  792.062596][ T1516] veth1_macvtap: left allmulticast mode
[  792.071392][ T1516] veth1_macvtap: left promiscuous mode
[  792.079658][ T1516] veth0_macvtap: left promiscuous mode
[  792.470497][ T1516] team0 (unregistering): Port device team_slave_1 removed
[  792.515036][ T1516] team0 (unregistering): Port device team_slave_0 removed
[  792.985347][T16096] hsr_slave_0: entered promiscuous mode
[  792.992361][T16096] hsr_slave_1: entered promiscuous mode
[  793.000284][T16096] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  793.021888][T16096] Cannot create hsr debugfs directory
[  793.495854][T16103] Bluetooth: hci2: command tx timeout
[  794.376919][T16205] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2260'.
[  795.312965][T16096] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  795.351734][T16096] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  795.369836][T16096] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  795.396692][T16096] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  795.586021][T16103] Bluetooth: hci2: command tx timeout
[  796.772992][T16096] 8021q: adding VLAN 0 to HW filter on device bond0
[  796.813970][T16096] 8021q: adding VLAN 0 to HW filter on device team0
[  797.222158][ T4844] bridge0: port 1(bridge_slave_0) entered blocking state
[  797.229372][ T4844] bridge0: port 1(bridge_slave_0) entered forwarding state
[  797.288148][ T4844] bridge0: port 2(bridge_slave_1) entered blocking state
[  797.295346][ T4844] bridge0: port 2(bridge_slave_1) entered forwarding state
[  798.012146][T16096] 8021q: adding VLAN 0 to HW filter on device batadv0
[  798.227169][T16277] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2269'.
[  798.318341][T16096] veth0_vlan: entered promiscuous mode
[  798.505080][T16096] veth1_vlan: entered promiscuous mode
[  798.645016][T16096] veth0_macvtap: entered promiscuous mode
[  798.701239][T16096] veth1_macvtap: entered promiscuous mode
[  798.750506][T16096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  798.775013][T16096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  798.799961][T16096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  798.825980][T16096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  798.859582][T16096] batman_adv: batadv0: Interface activated: batadv_slave_0
[  798.907800][T16096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  798.950418][T16096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  798.982953][T16096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  799.015228][T16096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  799.040361][T16096] batman_adv: batadv0: Interface activated: batadv_slave_1
[  799.088702][T16096] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  799.105817][T16096] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  799.114601][T16096] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  799.165846][T16096] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  799.511795][T16306] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2272'.
[  800.307885][ T1516] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  800.384274][ T1516] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  800.955446][ T1516] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  801.036531][ T1516] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  801.232135][T16350] bond0: option packets_per_slave: invalid value (Xµn‘pæ)
[  801.254715][T16350] bond0: option packets_per_slave: allowed values 0 - 65535
[  802.779348][T16394] FAULT_INJECTION: forcing a failure.
[  802.779348][T16394] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  802.888174][T16394] CPU: 0 UID: 0 PID: 16394 Comm: syz.3.2286 Tainted: G     U             6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  802.888226][T16394] Tainted: [U]=USER
[  802.888237][T16394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  802.888257][T16394] Call Trace:
[  802.888267][T16394]  <TASK>
[  802.888279][T16394]  dump_stack_lvl+0x16c/0x1f0
[  802.888325][T16394]  should_fail_ex+0x50a/0x650
[  802.888383][T16394]  copy_fpstate_to_sigframe+0x894/0xb20
[  802.888432][T16394]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  802.888483][T16394]  ? collect_signal+0x262/0x540
[  802.888520][T16394]  ? find_held_lock+0x2d/0x110
[  802.888559][T16394]  get_sigframe+0x4aa/0x9c0
[  802.888599][T16394]  ? __pfx_get_sigframe+0x10/0x10
[  802.888637][T16394]  ? _raw_spin_unlock_irq+0x23/0x50
[  802.888670][T16394]  ? siginfo_layout+0x1d2/0x290
[  802.888734][T16394]  x64_setup_rt_frame+0x129/0xcf0
[  802.888780][T16394]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[  802.888817][T16394]  ? kill_pid_info_type+0x102/0x2a0
[  802.888878][T16394]  arch_do_signal_or_restart+0x5e6/0x7e0
[  802.888917][T16394]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  802.888978][T16394]  syscall_exit_to_user_mode+0x150/0x2a0
[  802.889019][T16394]  do_syscall_64+0xda/0x250
[  802.889061][T16394]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  802.889106][T16394] RIP: 0033:0x7f1f1cb8cde9
[  802.889130][T16394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  802.889162][T16394] RSP: 002b:00007f1f1a9f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000003e
[  802.889192][T16394] RAX: 0000000000000000 RBX: 00007f1f1cda6160 RCX: 00007f1f1cb8cde9
[  802.889213][T16394] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 00000000000008ce
[  802.889232][T16394] RBP: 00007f1f1cc0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  802.889251][T16394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  802.889270][T16394] R13: 0000000000000000 R14: 00007f1f1cda6160 R15: 00007ffd437400d8
[  802.889309][T16394]  </TASK>
[  804.319314][T16103] Bluetooth: hci0: Unable to find connection for big 0xd2
[  805.261620][T16439] FAULT_INJECTION: forcing a failure.
[  805.261620][T16439] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  805.305503][T16439] CPU: 0 UID: 0 PID: 16439 Comm: syz.0.2298 Tainted: G     U             6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  805.305558][T16439] Tainted: [U]=USER
[  805.305568][T16439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  805.305588][T16439] Call Trace:
[  805.305599][T16439]  <TASK>
[  805.305611][T16439]  dump_stack_lvl+0x16c/0x1f0
[  805.305659][T16439]  should_fail_ex+0x50a/0x650
[  805.305715][T16439]  _copy_from_user+0x2e/0xd0
[  805.305753][T16439]  restore_altstack+0x94/0x170
[  805.305791][T16439]  ? __pfx_restore_altstack+0x10/0x10
[  805.305831][T16439]  ? _raw_spin_unlock_irq+0x23/0x50
[  805.305864][T16439]  ? lockdep_hardirqs_on+0x7c/0x110
[  805.305901][T16439]  ? _raw_spin_unlock_irq+0x2e/0x50
[  805.305933][T16439]  ? set_current_blocked+0xdd/0x120
[  805.305979][T16439]  __do_sys_rt_sigreturn+0x13d/0x240
[  805.306019][T16439]  ? __pfx___do_sys_rt_sigreturn+0x10/0x10
[  805.306069][T16439]  do_syscall_64+0xcd/0x250
[  805.306111][T16439]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  805.306157][T16439] RIP: 0033:0x7fa397b28fb9
[  805.306182][T16439] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[  805.306215][T16439] RSP: 002b:00007fa398a11a80 EFLAGS: 00000246 ORIG_RAX: 000000000000000f
[  805.306246][T16439] RAX: ffffffffffffffda RBX: 00007fa397da6160 RCX: 00007fa397b28fb9
[  805.306268][T16439] RDX: 00007fa398a11a80 RSI: 00007fa398a11bb0 RDI: 0000000000000011
[  805.306289][T16439] RBP: 00007fa397c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  805.306309][T16439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  805.306327][T16439] R13: 0000000000000000 R14: 00007fa397da6160 R15: 00007ffc67270b48
[  805.306365][T16439]  </TASK>
[  807.355955][   T29] audit: type=1804 audit(6034852753.953:16): pid=16479 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.2307" name="/newroot/sys/kernel/tracing/events/vmalloc/purge_vmap_area_lazy/id" dev="tracefs" ino=19680823 res=1 errno=0
[  809.013030][T16497] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2311'.
[  811.597666][T16546] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2324'.
[  814.298525][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  814.305049][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  816.261870][   T29] audit: type=1800 audit(6034852762.853:17): pid=16651 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2339" name="dbroot" dev="configfs" ino=66031 res=0 errno=0
[  816.282119][    C1] vkms_vblank_simulate: vblank timer overrun
[  816.318029][   T57] Process accounting resumed
[  819.506210][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  819.666167][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  819.686392][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  819.706172][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  820.020070][T16675] netlink: 'syz.0.2352': attribute type 5 has an invalid length.
[  820.046436][T16675] netlink: 314 bytes leftover after parsing attributes in process `syz.0.2352'.
[  821.257162][T16103] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  821.275980][T16103] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  821.285541][T16103] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  821.301070][T16103] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  821.311386][T16103] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  821.335403][T16103] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  821.469122][T16712] syz.0.2362 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  821.971693][   T11] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  822.125467][   T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  822.339947][   T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  822.425221][T16707] chnl_net:caif_netlink_parms(): no params data found
[  822.507792][   T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  822.927643][T16707] bridge0: port 1(bridge_slave_0) entered blocking state
[  822.934910][T16707] bridge0: port 1(bridge_slave_0) entered disabled state
[  822.942584][T16707] bridge_slave_0: entered allmulticast mode
[  822.950105][T16707] bridge_slave_0: entered promiscuous mode
[  822.991480][T16707] bridge0: port 2(bridge_slave_1) entered blocking state
[  822.998953][T16707] bridge0: port 2(bridge_slave_1) entered disabled state
[  823.006387][T16707] bridge_slave_1: entered allmulticast mode
[  823.013696][T16707] bridge_slave_1: entered promiscuous mode
[  823.151100][T16707] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  823.176240][   T11] bridge_slave_1: left allmulticast mode
[  823.186040][   T11] bridge_slave_1: left promiscuous mode
[  823.198261][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  823.259851][   T11] bridge_slave_0: left allmulticast mode
[  823.270227][   T11] bridge_slave_0: left promiscuous mode
[  823.296778][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  823.417228][T16103] Bluetooth: hci1: command tx timeout
[  823.887294][T16742] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2367'.
[  824.837027][T16707] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  824.997439][   T11] HfR: left promiscuous mode
[  825.042917][T16707] team0: Port device team_slave_0 added
[  825.100494][T16707] team0: Port device team_slave_1 added
[  825.249955][T16707] batman_adv: batadv0: Adding interface: batadv_slave_0
[  825.265856][T16707] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  825.325807][T16707] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  825.396897][T16707] batman_adv: batadv0: Adding interface: batadv_slave_1
[  825.403911][T16707] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  825.475801][T16707] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  825.495850][T16103] Bluetooth: hci1: command tx timeout
[  825.734695][T16707] hsr_slave_0: entered promiscuous mode
[  825.751587][T16707] hsr_slave_1: entered promiscuous mode
[  825.771547][T16707] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  825.789739][T16707] Cannot create hsr debugfs directory
[  825.916269][T16773] FAULT_INJECTION: forcing a failure.
[  825.916269][T16773] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  826.053350][T16773] CPU: 0 UID: 0 PID: 16773 Comm: syz.0.2372 Tainted: G     U             6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  826.053401][T16773] Tainted: [U]=USER
[  826.053412][T16773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  826.053431][T16773] Call Trace:
[  826.053440][T16773]  <TASK>
[  826.053451][T16773]  dump_stack_lvl+0x16c/0x1f0
[  826.053498][T16773]  should_fail_ex+0x50a/0x650
[  826.053562][T16773]  _copy_from_user+0x2e/0xd0
[  826.053597][T16773]  do_tcp_getsockopt+0x1e37/0x27d0
[  826.053638][T16773]  ? __pfx_do_tcp_getsockopt+0x10/0x10
[  826.053675][T16773]  ? hlock_class+0x4e/0x130
[  826.053709][T16773]  ? mark_lock+0xb5/0xc60
[  826.053759][T16773]  ? hlock_class+0x4e/0x130
[  826.053790][T16773]  ? __lock_acquire+0x15a9/0x3c40
[  826.053850][T16773]  ? __pfx___lock_acquire+0x10/0x10
[  826.053896][T16773]  ? __pfx___lock_acquire+0x10/0x10
[  826.053939][T16773]  ? __pfx_mark_lock+0x10/0x10
[  826.053983][T16773]  ? hlock_class+0x4e/0x130
[  826.054014][T16773]  ? __lock_acquire+0xcc5/0x3c40
[  826.054060][T16773]  ? lock_acquire.part.0+0x11b/0x380
[  826.054114][T16773]  ? __mutex_trylock_common+0xea/0x250
[  826.054162][T16773]  ? __pfx___mutex_trylock_common+0x10/0x10
[  826.054209][T16773]  ? smc_getsockopt+0xbd/0x360
[  826.054254][T16773]  ? rcu_is_watching+0x12/0xc0
[  826.054288][T16773]  ? trace_contention_end+0xee/0x140
[  826.054338][T16773]  ? __mutex_lock+0x1cc/0xb10
[  826.054378][T16773]  ? __pfx___lock_acquire+0x10/0x10
[  826.054423][T16773]  ? smc_getsockopt+0xbd/0x360
[  826.054483][T16773]  tcp_getsockopt+0xdf/0x100
[  826.054521][T16773]  smc_getsockopt+0x163/0x360
[  826.054568][T16773]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  826.054622][T16773]  ? __pfx_smc_getsockopt+0x10/0x10
[  826.054663][T16773]  ? __might_fault+0xe3/0x190
[  826.054701][T16773]  ? __pfx_smc_getsockopt+0x10/0x10
[  826.054747][T16773]  do_sock_getsockopt+0x3fe/0x800
[  826.054784][T16773]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  826.054816][T16773]  ? __pfx_do_sys_openat2+0x10/0x10
[  826.054869][T16773]  __sys_getsockopt+0x12f/0x260
[  826.054923][T16773]  __x64_sys_getsockopt+0xbd/0x160
[  826.054966][T16773]  ? do_syscall_64+0x91/0x250
[  826.055005][T16773]  ? lockdep_hardirqs_on+0x7c/0x110
[  826.055042][T16773]  do_syscall_64+0xcd/0x250
[  826.055085][T16773]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  826.055130][T16773] RIP: 0033:0x7fa397b8cde9
[  826.055154][T16773] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  826.055186][T16773] RSP: 002b:00007fa398a54038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  826.055217][T16773] RAX: ffffffffffffffda RBX: 00007fa397da5fa0 RCX: 00007fa397b8cde9
[  826.055237][T16773] RDX: 0000000000000023 RSI: 0000000000000006 RDI: 0000000000000003
[  826.055256][T16773] RBP: 00007fa398a54090 R08: 0000400000000100 R09: 0000000000000000
[  826.055276][T16773] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  826.055294][T16773] R13: 0000000000000000 R14: 00007fa397da5fa0 R15: 00007ffc67270b48
[  826.055335][T16773]  </TASK>
[  826.550609][   T11] hsr_slave_0: left promiscuous mode
[  826.592246][   T11] hsr_slave_1: left promiscuous mode
[  826.614441][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  826.658238][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  826.692568][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  826.716962][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  826.755316][   T11] veth1_macvtap: left allmulticast mode
[  826.776119][   T11] veth1_macvtap: left promiscuous mode
[  826.781774][   T11] veth0_macvtap: left promiscuous mode
[  827.575889][T16103] Bluetooth: hci1: command tx timeout
[  827.766647][   T11] team0 (unregistering): Port device team_slave_1 removed
[  827.871808][   T11] team0 (unregistering): Port device team_slave_0 removed
[  829.666829][T16103] Bluetooth: hci1: command tx timeout
[  830.413759][T16707] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  830.537580][T16707] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  830.603298][T16707] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  830.659476][T16707] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  831.072377][T16707] 8021q: adding VLAN 0 to HW filter on device bond0
[  831.136469][T16707] 8021q: adding VLAN 0 to HW filter on device team0
[  831.199468][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  831.206675][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  831.256334][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  831.263553][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  831.895209][T16707] 8021q: adding VLAN 0 to HW filter on device batadv0
[  832.002216][T16707] veth0_vlan: entered promiscuous mode
[  832.033643][T16707] veth1_vlan: entered promiscuous mode
[  832.117653][T16707] veth0_macvtap: entered promiscuous mode
[  832.138368][T16707] veth1_macvtap: entered promiscuous mode
[  832.197964][T16707] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  832.212909][T16707] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  832.224999][T16707] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  832.244370][T16707] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  832.288308][T16707] batman_adv: batadv0: Interface activated: batadv_slave_0
[  832.360237][T16707] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  832.395429][T16707] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  832.414767][T16707] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  832.463897][T16707] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  832.482491][T16707] batman_adv: batadv0: Interface activated: batadv_slave_1
[  832.548206][T16707] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  832.575831][T16707] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  832.584622][T16707] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  832.615997][T16707] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  833.279292][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  833.317304][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  833.441147][T13023] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  833.459325][T13023] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  835.768870][T16912] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2382'.
[  836.124756][T16921] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2385'.
[  836.363099][T16923] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2383'.
[  838.682089][T16951] FAULT_INJECTION: forcing a failure.
[  838.682089][T16951] name failslab, interval 1, probability 0, space 0, times 0
[  838.694785][T16951] CPU: 1 UID: 0 PID: 16951 Comm: syz.3.2392 Tainted: G     U             6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  838.694836][T16951] Tainted: [U]=USER
[  838.694847][T16951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  838.694867][T16951] Call Trace:
[  838.694877][T16951]  <TASK>
[  838.694890][T16951]  dump_stack_lvl+0x116/0x1f0
[  838.694938][T16951]  should_fail_ex+0x50a/0x650
[  838.694987][T16951]  ? trace_lock_acquire+0x14e/0x1f0
[  838.695031][T16951]  should_failslab+0xc2/0x120
[  838.695063][T16951]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  838.695116][T16951]  ? __send_signal_locked+0x159/0x12c0
[  838.695160][T16951]  ? sig_get_ucounts+0x1c0/0x5b0
[  838.695202][T16951]  __send_signal_locked+0x159/0x12c0
[  838.695255][T16951]  group_send_sig_info+0x2aa/0x300
[  838.695309][T16951]  ? __pfx_group_send_sig_info+0x10/0x10
[  838.695375][T16951]  ? kill_pid_info_type+0x21/0x2a0
[  838.695424][T16951]  kill_pid_info_type+0x92/0x2a0
[  838.695482][T16951]  kill_proc_info+0x6f/0x1b0
[  838.695514][T16951]  kill_something_info+0x2a2/0x310
[  838.695543][T16951]  ? __task_pid_nr_ns+0x186/0x500
[  838.695597][T16951]  __x64_sys_kill+0xdc/0x140
[  838.695630][T16951]  ? __pfx___x64_sys_kill+0x10/0x10
[  838.695663][T16951]  ? xfd_validate_state+0x5d/0x180
[  838.695724][T16951]  do_syscall_64+0xcd/0x250
[  838.695767][T16951]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  838.695811][T16951] RIP: 0033:0x7f1f1cb8cde9
[  838.695837][T16951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  838.695869][T16951] RSP: 002b:00007f1f1a9f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000003e
[  838.695898][T16951] RAX: ffffffffffffffda RBX: 00007f1f1cda6160 RCX: 00007f1f1cb8cde9
[  838.695920][T16951] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000943
[  838.695939][T16951] RBP: 00007f1f1cc0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  838.695958][T16951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  838.695977][T16951] R13: 0000000000000000 R14: 00007f1f1cda6160 R15: 00007ffd437400d8
[  838.696019][T16951]  </TASK>
[  839.084070][ T5834] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  839.101888][ T5834] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  839.124552][ T5834] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  839.151569][ T5834] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  839.171470][ T5834] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  839.181466][ T5834] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  839.800296][T16971] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2398'.
[  840.099913][T16952] chnl_net:caif_netlink_parms(): no params data found
[  840.537217][T16952] bridge0: port 1(bridge_slave_0) entered blocking state
[  840.544483][T16952] bridge0: port 1(bridge_slave_0) entered disabled state
[  840.578746][T16952] bridge_slave_0: entered allmulticast mode
[  840.597607][T16952] bridge_slave_0: entered promiscuous mode
[  840.620795][T16952] bridge0: port 2(bridge_slave_1) entered blocking state
[  840.656226][T16952] bridge0: port 2(bridge_slave_1) entered disabled state
[  840.663609][T16952] bridge_slave_1: entered allmulticast mode
[  840.727098][T16952] bridge_slave_1: entered promiscuous mode
[  840.813139][T16952] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  840.847551][T16952] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  840.984126][T16952] team0: Port device team_slave_0 added
[  841.012808][T16952] team0: Port device team_slave_1 added
[  841.167579][T16952] batman_adv: batadv0: Adding interface: batadv_slave_0
[  841.174638][T16952] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  841.245907][T16952] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  841.257314][ T5834] Bluetooth: hci4: command tx timeout
[  841.305353][T16952] batman_adv: batadv0: Adding interface: batadv_slave_1
[  841.334834][T16952] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  841.452287][T16952] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  841.604054][T16952] hsr_slave_0: entered promiscuous mode
[  841.631246][T16952] hsr_slave_1: entered promiscuous mode
[  841.653149][T16952] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  841.682630][T16952] Cannot create hsr debugfs directory
[  841.971874][T17013] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2406'.
[  842.133319][T17017] FAULT_INJECTION: forcing a failure.
[  842.133319][T17017] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  842.158864][T16952] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  842.160808][T17017] CPU: 1 UID: 0 PID: 17017 Comm: syz.0.2407 Tainted: G     U             6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  842.160863][T17017] Tainted: [U]=USER
[  842.160875][T17017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  842.160895][T17017] Call Trace:
[  842.160906][T17017]  <TASK>
[  842.160918][T17017]  dump_stack_lvl+0x16c/0x1f0
[  842.160968][T17017]  should_fail_ex+0x50a/0x650
[  842.161028][T17017]  _copy_from_user+0x2e/0xd0
[  842.161067][T17017]  restore_altstack+0x94/0x170
[  842.161108][T17017]  ? __pfx_restore_altstack+0x10/0x10
[  842.161151][T17017]  ? _raw_spin_unlock_irq+0x23/0x50
[  842.161186][T17017]  ? lockdep_hardirqs_on+0x7c/0x110
[  842.161227][T17017]  ? _raw_spin_unlock_irq+0x2e/0x50
[  842.161272][T17017]  ? set_current_blocked+0xdd/0x120
[  842.161324][T17017]  __do_sys_rt_sigreturn+0x13d/0x240
[  842.161368][T17017]  ? __pfx___do_sys_rt_sigreturn+0x10/0x10
[  842.161423][T17017]  do_syscall_64+0xcd/0x250
[  842.161469][T17017]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  842.161519][T17017] RIP: 0033:0x7fa397b28fb9
[  842.161547][T17017] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[  842.161580][T17017] RSP: 002b:00007fa398a11a80 EFLAGS: 00000246 ORIG_RAX: 000000000000000f
[  842.161611][T17017] RAX: ffffffffffffffda RBX: 00007fa397da6160 RCX: 00007fa397b28fb9
[  842.161635][T17017] RDX: 00007fa398a11a80 RSI: 00007fa398a11bb0 RDI: 0000000000000011
[  842.161657][T17017] RBP: 00007fa397c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  842.161678][T17017] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  842.161699][T17017] R13: 0000000000000000 R14: 00007fa397da6160 R15: 00007ffc67270b48
[  842.161739][T17017]  </TASK>
[  842.556163][T16952] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  842.583572][T16952] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  842.646527][T16952] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  842.829571][T17028] netlink: 'syz.3.2411': attribute type 1 has an invalid length.
[  842.905493][T16952] 8021q: adding VLAN 0 to HW filter on device bond0
[  842.967298][T16952] 8021q: adding VLAN 0 to HW filter on device team0
[  842.993494][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  843.000733][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  843.071706][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  843.078927][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  843.335968][ T5834] Bluetooth: hci4: command tx timeout
[  843.338128][T17034] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2413'.
[  844.094518][T16952] 8021q: adding VLAN 0 to HW filter on device batadv0
[  844.652747][T17065] FAULT_INJECTION: forcing a failure.
[  844.652747][T17065] name failslab, interval 1, probability 0, space 0, times 0
[  844.665531][T17065] CPU: 0 UID: 0 PID: 17065 Comm: syz.0.2417 Tainted: G     U             6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  844.665573][T17065] Tainted: [U]=USER
[  844.665582][T17065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  844.665598][T17065] Call Trace:
[  844.665606][T17065]  <TASK>
[  844.665616][T17065]  dump_stack_lvl+0x116/0x1f0
[  844.665656][T17065]  should_fail_ex+0x50a/0x650
[  844.665698][T17065]  ? trace_lock_acquire+0x14e/0x1f0
[  844.665737][T17065]  should_failslab+0xc2/0x120
[  844.665764][T17065]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  844.665806][T17065]  ? __send_signal_locked+0x159/0x12c0
[  844.665843][T17065]  ? sig_get_ucounts+0x1c0/0x5b0
[  844.665875][T17065]  __send_signal_locked+0x159/0x12c0
[  844.665917][T17065]  group_send_sig_info+0x2aa/0x300
[  844.665980][T17065]  ? __pfx_group_send_sig_info+0x10/0x10
[  844.666034][T17065]  ? kill_pid_info_type+0x21/0x2a0
[  844.666085][T17065]  kill_pid_info_type+0x92/0x2a0
[  844.666132][T17065]  kill_proc_info+0x6f/0x1b0
[  844.666159][T17065]  kill_something_info+0x2a2/0x310
[  844.666184][T17065]  ? __task_pid_nr_ns+0x186/0x500
[  844.666223][T17065]  __x64_sys_kill+0xdc/0x140
[  844.666250][T17065]  ? __pfx___x64_sys_kill+0x10/0x10
[  844.666277][T17065]  ? xfd_validate_state+0x5d/0x180
[  844.666328][T17065]  do_syscall_64+0xcd/0x250
[  844.666364][T17065]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  844.666403][T17065] RIP: 0033:0x7fa397b8cde9
[  844.666425][T17065] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  844.666451][T17065] RSP: 002b:00007fa398a12038 EFLAGS: 00000246 ORIG_RAX: 000000000000003e
[  844.666477][T17065] RAX: ffffffffffffffda RBX: 00007fa397da6160 RCX: 00007fa397b8cde9
[  844.666495][T17065] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000974
[  844.666511][T17065] RBP: 00007fa397c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  844.666527][T17065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  844.666543][T17065] R13: 0000000000000000 R14: 00007fa397da6160 R15: 00007ffc67270b48
[  844.666578][T17065]  </TASK>
[  845.415986][ T5834] Bluetooth: hci4: command tx timeout
[  845.535161][T17076] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2419'.
[  845.940717][T16952] veth0_vlan: entered promiscuous mode
[  846.228035][T16952] veth1_vlan: entered promiscuous mode
[  846.319149][T16952] veth0_macvtap: entered promiscuous mode
[  846.380011][T16952] veth1_macvtap: entered promiscuous mode
[  846.507964][T16952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  846.555793][T16952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  846.575772][T16952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  846.604373][T16952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  846.645863][T16952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  846.666126][T16952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  846.699494][T16952] batman_adv: batadv0: Interface activated: batadv_slave_0
[  846.753516][T16952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  846.753548][T16952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  846.753566][T16952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  846.753587][T16952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  846.753602][T16952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  846.753633][T16952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  846.754765][T16952] batman_adv: batadv0: Interface activated: batadv_slave_1
[  846.948874][T16952] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  846.948930][T16952] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  846.948977][T16952] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  846.949023][T16952] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  847.122497][ T1516] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  847.122529][ T1516] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  847.205599][T13023] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  847.205629][T13023] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  847.504244][ T5834] Bluetooth: hci4: command tx timeout
[  849.355112][T17135] cougar: G6 mapped to space
[  854.722405][T16103] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  854.734975][T16103] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  854.747001][T16103] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  854.755109][T16103] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  854.764178][T16103] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  854.771769][T16103] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  855.351034][ T1139] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  856.066313][ T1139] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  856.562093][ T1139] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  856.858252][ T5834] Bluetooth: hci5: command tx timeout
[  857.041621][ T1139] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  857.313937][T17199] chnl_net:caif_netlink_parms(): no params data found
[  857.549309][ T1139] bridge_slave_1: left allmulticast mode
[  857.555051][ T1139] bridge_slave_1: left promiscuous mode
[  857.612167][ T1139] bridge0: port 2(bridge_slave_1) entered disabled state
[  857.716915][ T1139] bridge_slave_0: left allmulticast mode
[  857.722653][ T1139] bridge_slave_0: left promiscuous mode
[  857.756146][ T1139] bridge0: port 1(bridge_slave_0) entered disabled state
[  858.941610][ T5834] Bluetooth: hci5: command tx timeout
[  859.110087][T17199] bridge0: port 1(bridge_slave_0) entered blocking state
[  859.155899][T17199] bridge0: port 1(bridge_slave_0) entered disabled state
[  859.174289][T17199] bridge_slave_0: entered allmulticast mode
[  859.181796][T17199] bridge_slave_0: entered promiscuous mode
[  859.284318][T17199] bridge0: port 2(bridge_slave_1) entered blocking state
[  859.333718][T17199] bridge0: port 2(bridge_slave_1) entered disabled state
[  859.362299][T17199] bridge_slave_1: entered allmulticast mode
[  859.387152][T17199] bridge_slave_1: entered promiscuous mode
[  859.628696][T17199] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  859.793385][T17199] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  859.965843][ T1139] hsr_slave_0: left promiscuous mode
[  859.985863][ T1139] hsr_slave_1: left promiscuous mode
[  859.991885][ T1139] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  860.046636][ T1139] batman_adv: batadv0: Removing interface: batadv_slave_0
[  860.076832][ T1139] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  860.093166][ T1139] batman_adv: batadv0: Removing interface: batadv_slave_1
[  860.321103][ T1139] veth1_macvtap: left allmulticast mode
[  860.334387][ T1139] veth1_macvtap: left promiscuous mode
[  860.340186][ T1139] veth0_macvtap: left promiscuous mode
[  860.496544][T17271] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2457'.
[  861.017503][ T5834] Bluetooth: hci5: command tx timeout
[  861.792822][ T1139] team0 (unregistering): Port device team_slave_1 removed
[  861.931663][ T1139] team0 (unregistering): Port device team_slave_0 removed
[  863.054913][T17199] team0: Port device team_slave_0 added
[  863.095937][ T5834] Bluetooth: hci5: command tx timeout
[  863.238813][T17295] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2460'.
[  863.305828][T17199] team0: Port device team_slave_1 added
[  863.321084][T17295] macsec0: entered promiscuous mode
[  863.345901][T17295] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2460'.
[  863.582119][T17199] batman_adv: batadv0: Adding interface: batadv_slave_0
[  863.616422][T17199] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  863.701373][T17199] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  863.742644][T17300] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2461'.
[  863.771600][T17199] batman_adv: batadv0: Adding interface: batadv_slave_1
[  863.792117][T17199] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  863.831460][T17199] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  864.131181][T17199] hsr_slave_0: entered promiscuous mode
[  864.152014][T17199] hsr_slave_1: entered promiscuous mode
[  866.414675][T17199] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  866.449469][T17199] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  866.479103][T17199] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  866.546312][T17199] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  866.870734][T17199] 8021q: adding VLAN 0 to HW filter on device bond0
[  866.980928][T17199] 8021q: adding VLAN 0 to HW filter on device team0
[  867.047318][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  867.054506][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  867.189993][T13023] bridge0: port 2(bridge_slave_1) entered blocking state
[  867.197302][T13023] bridge0: port 2(bridge_slave_1) entered forwarding state
[  868.017982][T17372] FAULT_INJECTION: forcing a failure.
[  868.017982][T17372] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  868.085285][T17372] CPU: 1 UID: 0 PID: 17372 Comm: syz.3.2471 Tainted: G     U             6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  868.085336][T17372] Tainted: [U]=USER
[  868.085347][T17372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  868.085365][T17372] Call Trace:
[  868.085375][T17372]  <TASK>
[  868.085387][T17372]  dump_stack_lvl+0x16c/0x1f0
[  868.085432][T17372]  should_fail_ex+0x50a/0x650
[  868.085486][T17372]  copy_fpstate_to_sigframe+0x894/0xb20
[  868.085537][T17372]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  868.085586][T17372]  ? collect_signal+0x262/0x540
[  868.085623][T17372]  ? find_held_lock+0x2d/0x110
[  868.085661][T17372]  get_sigframe+0x4aa/0x9c0
[  868.085706][T17372]  ? __pfx_get_sigframe+0x10/0x10
[  868.085742][T17372]  ? _raw_spin_unlock_irq+0x23/0x50
[  868.085773][T17372]  ? siginfo_layout+0x1d2/0x290
[  868.085822][T17372]  x64_setup_rt_frame+0x129/0xcf0
[  868.085881][T17372]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[  868.085927][T17372]  ? kill_pid_info_type+0x102/0x2a0
[  868.085988][T17372]  arch_do_signal_or_restart+0x5e6/0x7e0
[  868.086027][T17372]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  868.086087][T17372]  syscall_exit_to_user_mode+0x150/0x2a0
[  868.086147][T17372]  do_syscall_64+0xda/0x250
[  868.086188][T17372]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  868.086230][T17372] RIP: 0033:0x7f1f1cb8cde9
[  868.086253][T17372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  868.086281][T17372] RSP: 002b:00007f1f1a9f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000003e
[  868.086307][T17372] RAX: 0000000000000000 RBX: 00007f1f1cda6160 RCX: 00007f1f1cb8cde9
[  868.086326][T17372] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 00000000000009b2
[  868.086342][T17372] RBP: 00007f1f1cc0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  868.086361][T17372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  868.086378][T17372] R13: 0000000000000000 R14: 00007f1f1cda6160 R15: 00007ffd437400d8
[  868.086412][T17372]  </TASK>
[  868.432694][T17380] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2472'.
[  868.594626][T17199] 8021q: adding VLAN 0 to HW filter on device batadv0
[  868.744776][T17199] veth0_vlan: entered promiscuous mode
[  868.775431][T17199] veth1_vlan: entered promiscuous mode
[  868.893737][T17199] veth0_macvtap: entered promiscuous mode
[  868.900195][T17199] veth1_macvtap: entered promiscuous mode
[  868.943890][T17199] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  868.943925][T17199] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  868.943941][T17199] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  868.943965][T17199] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  868.943982][T17199] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  868.944007][T17199] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  868.945216][T17199] batman_adv: batadv0: Interface activated: batadv_slave_0
[  868.974690][T17199] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  868.974725][T17199] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  868.974745][T17199] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  868.974770][T17199] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  868.974790][T17199] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  868.974814][T17199] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  868.983169][T17199] batman_adv: batadv0: Interface activated: batadv_slave_1
[  868.997919][T17199] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  868.997973][T17199] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  868.998016][T17199] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  868.998060][T17199] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  869.271199][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  869.271229][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  869.374408][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  869.374442][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  869.906983][T17364] tty tty12: ldisc open failed (-12), clearing slot 11
[  871.145592][T17421] FAULT_INJECTION: forcing a failure.
[  871.145592][T17421] name failslab, interval 1, probability 0, space 0, times 0
[  871.187225][T17421] CPU: 1 UID: 0 PID: 17421 Comm: syz.2.2478 Tainted: G     U             6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  871.187282][T17421] Tainted: [U]=USER
[  871.187294][T17421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  871.187322][T17421] Call Trace:
[  871.187334][T17421]  <TASK>
[  871.187347][T17421]  dump_stack_lvl+0x16c/0x1f0
[  871.187395][T17421]  should_fail_ex+0x50a/0x650
[  871.187448][T17421]  ? fs_reclaim_acquire+0xae/0x150
[  871.187495][T17421]  ? __netlink_kernel_create+0x180/0x750
[  871.187538][T17421]  should_failslab+0xc2/0x120
[  871.187570][T17421]  __kmalloc_noprof+0xcb/0x510
[  871.187631][T17421]  __netlink_kernel_create+0x180/0x750
[  871.187678][T17421]  ? __pfx___netlink_kernel_create+0x10/0x10
[  871.187725][T17421]  ? fib_default_rule_add+0x342/0x420
[  871.187776][T17421]  fib_net_init+0x237/0x3d0
[  871.187818][T17421]  ? __pfx_fib_net_init+0x10/0x10
[  871.187860][T17421]  ? __pfx_nl_fib_input+0x10/0x10
[  871.187908][T17421]  ? devinet_init_net+0x5c1/0x900
[  871.187955][T17421]  ? __pfx_fib_net_init+0x10/0x10
[  871.187994][T17421]  ops_init+0x1df/0x5f0
[  871.188046][T17421]  setup_net+0x21f/0x860
[  871.188102][T17421]  ? __pfx_setup_net+0x10/0x10
[  871.188164][T17421]  ? down_read_killable+0xcc/0x380
[  871.188209][T17421]  ? __pfx_down_read_killable+0x10/0x10
[  871.188252][T17421]  ? __raw_spin_lock_init+0x3a/0x110
[  871.188317][T17421]  ? debug_mutex_init+0x37/0x70
[  871.188357][T17421]  copy_net_ns+0x2b4/0x6c0
[  871.188393][T17421]  create_new_namespaces+0x3ea/0xad0
[  871.188456][T17421]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  871.188513][T17421]  ksys_unshare+0x45d/0xa40
[  871.188547][T17421]  ? __pfx_ksys_unshare+0x10/0x10
[  871.188579][T17421]  ? xfd_validate_state+0x5d/0x180
[  871.188638][T17421]  __x64_sys_unshare+0x31/0x40
[  871.188671][T17421]  do_syscall_64+0xcd/0x250
[  871.188714][T17421]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  871.188760][T17421] RIP: 0033:0x7f953e58cde9
[  871.188786][T17421] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  871.188820][T17421] RSP: 002b:00007f953c3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  871.188852][T17421] RAX: ffffffffffffffda RBX: 00007f953e7a5fa0 RCX: 00007f953e58cde9
[  871.188875][T17421] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  871.188895][T17421] RBP: 00007f953e60e2a0 R08: 0000000000000000 R09: 0000000000000000
[  871.188915][T17421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  871.188934][T17421] R13: 0000000000000000 R14: 00007f953e7a5fa0 R15: 00007ffded6fda48
[  871.188975][T17421]  </TASK>
[  871.453511][    C1] vkms_vblank_simulate: vblank timer overrun
[  871.726119][T17440] FAULT_INJECTION: forcing a failure.
[  871.726119][T17440] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  871.844917][T17440] CPU: 0 UID: 0 PID: 17440 Comm: syz.0.2479 Tainted: G     U             6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  871.844970][T17440] Tainted: [U]=USER
[  871.844982][T17440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  871.845003][T17440] Call Trace:
[  871.845013][T17440]  <TASK>
[  871.845027][T17440]  dump_stack_lvl+0x16c/0x1f0
[  871.845075][T17440]  should_fail_ex+0x50a/0x650
[  871.845135][T17440]  copy_fpstate_to_sigframe+0x894/0xb20
[  871.845189][T17440]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  871.845240][T17440]  ? collect_signal+0x262/0x540
[  871.845278][T17440]  ? find_held_lock+0x2d/0x110
[  871.845320][T17440]  get_sigframe+0x4aa/0x9c0
[  871.845362][T17440]  ? __pfx_get_sigframe+0x10/0x10
[  871.845402][T17440]  ? _raw_spin_unlock_irq+0x23/0x50
[  871.845436][T17440]  ? siginfo_layout+0x1d2/0x290
[  871.845499][T17440]  x64_setup_rt_frame+0x129/0xcf0
[  871.845547][T17440]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[  871.845586][T17440]  ? kill_pid_info_type+0x102/0x2a0
[  871.845650][T17440]  arch_do_signal_or_restart+0x5e6/0x7e0
[  871.845695][T17440]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  871.845752][T17440]  syscall_exit_to_user_mode+0x150/0x2a0
[  871.845796][T17440]  do_syscall_64+0xda/0x250
[  871.845840][T17440]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  871.845885][T17440] RIP: 0033:0x7fb6d518cde9
[  871.845910][T17440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  871.845942][T17440] RSP: 002b:00007fb6d2ff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000003e
[  871.845972][T17440] RAX: 0000000000000000 RBX: 00007fb6d53a6160 RCX: 00007fb6d518cde9
[  871.845993][T17440] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 000000000000000d
[  871.846012][T17440] RBP: 00007fb6d520e2a0 R08: 0000000000000000 R09: 0000000000000000
[  871.846032][T17440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  871.846051][T17440] R13: 0000000000000000 R14: 00007fb6d53a6160 R15: 00007fff1cf34c08
[  871.846091][T17440]  </TASK>
[  872.929313][T17465] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  872.936475][T17465] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  872.987396][T17465] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  873.019926][T17465] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  873.033054][T17465] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  873.055107][T17465] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  873.226947][T17465] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  873.340059][T17465] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  873.349509][T17465] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  873.378489][T17465] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  873.463156][T17465] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  873.513792][T17465] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  873.676706][T17465] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  874.855948][ T5834] Bluetooth: hci3: command 0x0406 tx timeout
[  875.032589][ T5834] Bluetooth: hci2: command 0x0c1a tx timeout
[  875.106941][ T5834] Bluetooth: hci1: command 0x0c1a tx timeout
[  875.278174][T17509] FAULT_INJECTION: forcing a failure.
[  875.278174][T17509] name failslab, interval 1, probability 0, space 0, times 0
[  875.290883][T17509] CPU: 1 UID: 0 PID: 17509 Comm: syz.0.2492 Tainted: G     U             6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  875.290926][T17509] Tainted: [U]=USER
[  875.290935][T17509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  875.290954][T17509] Call Trace:
[  875.290962][T17509]  <TASK>
[  875.290973][T17509]  dump_stack_lvl+0x116/0x1f0
[  875.291013][T17509]  should_fail_ex+0x50a/0x650
[  875.291057][T17509]  ? trace_lock_acquire+0x14e/0x1f0
[  875.291095][T17509]  should_failslab+0xc2/0x120
[  875.291122][T17509]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  875.291167][T17509]  ? __send_signal_locked+0x159/0x12c0
[  875.291210][T17509]  ? sig_get_ucounts+0x1c0/0x5b0
[  875.291244][T17509]  __send_signal_locked+0x159/0x12c0
[  875.291288][T17509]  group_send_sig_info+0x2aa/0x300
[  875.291335][T17509]  ? __pfx_group_send_sig_info+0x10/0x10
[  875.291391][T17509]  ? kill_pid_info_type+0x21/0x2a0
[  875.291435][T17509]  kill_pid_info_type+0x92/0x2a0
[  875.291483][T17509]  kill_proc_info+0x6f/0x1b0
[  875.291510][T17509]  kill_something_info+0x2a2/0x310
[  875.291535][T17509]  ? __task_pid_nr_ns+0x186/0x500
[  875.291574][T17509]  __x64_sys_kill+0xdc/0x140
[  875.291602][T17509]  ? __pfx___x64_sys_kill+0x10/0x10
[  875.291629][T17509]  ? xfd_validate_state+0x5d/0x180
[  875.291681][T17509]  do_syscall_64+0xcd/0x250
[  875.291717][T17509]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  875.291756][T17509] RIP: 0033:0x7fb6d518cde9
[  875.291778][T17509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  875.291806][T17509] RSP: 002b:00007fb6d2ff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000003e
[  875.291831][T17509] RAX: ffffffffffffffda RBX: 00007fb6d53a6160 RCX: 00007fb6d518cde9
[  875.291850][T17509] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 000000000000001c
[  875.291866][T17509] RBP: 00007fb6d520e2a0 R08: 0000000000000000 R09: 0000000000000000
[  875.291883][T17509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  875.291900][T17509] R13: 0000000000000000 R14: 00007fb6d53a6160 R15: 00007fff1cf34c08
[  875.291934][T17509]  </TASK>
[  875.568945][ T5834] Bluetooth: hci4: command 0x0c1a tx timeout
[  875.575141][ T5834] Bluetooth: hci5: command 0x0c1a tx timeout
[  875.742437][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  875.747591][ T5144] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  875.749497][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  875.766756][ T5144] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  875.775424][ T5144] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  875.783622][ T5144] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  875.791529][ T5144] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  875.799079][ T5144] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  875.887116][   T35] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  876.053564][T17511] HfR: entered promiscuous mode
[  876.065506][T17516] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2493'.
[  876.131269][   T35] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  876.304585][   T35] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  876.524421][   T35] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  876.951140][T17513] chnl_net:caif_netlink_parms(): no params data found
[  877.003832][   T35] bridge_slave_1: left allmulticast mode
[  877.030228][   T35] bridge_slave_1: left promiscuous mode
[  877.065953][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  877.095880][ T5144] Bluetooth: hci2: command 0x0c1a tx timeout
[  877.117639][   T35] bridge_slave_0: left allmulticast mode
[  877.123369][   T35] bridge_slave_0: left promiscuous mode
[  877.137970][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  877.176277][ T5144] Bluetooth: hci1: command 0x0c1a tx timeout
[  877.664481][ T5144] Bluetooth: hci5: command 0x0c1a tx timeout
[  877.671239][ T5144] Bluetooth: hci4: command 0x0c1a tx timeout
[  877.905872][   T29] audit: type=1806 audit(6034852824.483:18): xattr="" res=-22
[  877.922565][ T5144] Bluetooth: hci0: command tx timeout
[  878.829094][T17513] bridge0: port 1(bridge_slave_0) entered blocking state
[  878.856818][T17513] bridge0: port 1(bridge_slave_0) entered disabled state
[  878.864513][T17566] [U] 
[  878.867747][T17566] [U] 
[  878.870507][T17566] [U] 
[  878.873263][T17566] [U] 
[  878.906132][T17513] bridge_slave_0: entered allmulticast mode
[  878.914378][T17566] [U] 
[  878.917174][T17566] [U] 
[  878.919953][T17566] [U] 
[  878.922717][T17566] [U] 
[  878.941126][T17513] bridge_slave_0: entered promiscuous mode
[  878.960662][T17513] bridge0: port 2(bridge_slave_1) entered blocking state
[  878.976036][T17513] bridge0: port 2(bridge_slave_1) entered disabled state
[  878.983376][T17513] bridge_slave_1: entered allmulticast mode
[  879.013720][T17513] bridge_slave_1: entered promiscuous mode
[  879.056164][T17566] [U] 
[  879.058986][T17566] [U] 
[  879.061749][T17566] [U] 
[  879.064511][T17566] [U] 
[  879.148895][T17566] [U] 
[  879.151714][T17566] [U] 
[  879.154478][T17566] [U] 
[  879.157251][T17566] [U] 
[  879.178310][ T5144] Bluetooth: hci2: command 0x0c1a tx timeout
[  879.256654][ T5144] Bluetooth: hci1: command 0x0c1a tx timeout
[  879.389304][T17513] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  879.409110][T17566] [U] 
[  879.411939][T17566] [U] 
[  879.414685][T17566] [U] 
[  879.417462][T17566] [U] 
[  879.438857][T17513] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  879.516996][T17566] [U] 
[  879.519797][T17566] [U] 
[  879.522550][T17566] [U] 
[  879.525312][T17566] [U] 
[  879.597770][T17566] [U] 
[  879.600593][T17566] [U] 
[  879.603347][T17566] [U] 
[  879.606114][T17566] [U] 
[  879.722488][T17566] [U] 
[  879.725298][T17566] [U] 
[  879.728070][T17566] [U] 
[  879.730937][T17566] [U] 
[  879.735837][ T5144] Bluetooth: hci4: command 0x0c1a tx timeout
[  879.742013][ T5144] Bluetooth: hci5: command 0x0c1a tx timeout
[  879.816240][T17566] [U] 
[  879.819135][T17566] [U] 
[  879.821894][T17566] [U] 
[  879.824694][T17566] [U] 
[  879.866154][T17566] [U] 
[  879.868967][T17566] [U] 
[  879.871739][T17566] [U] 
[  879.874500][T17566] [U] 
[  879.908996][T17513] team0: Port device team_slave_0 added
[  879.916314][T17566] [U] 
[  879.919102][T17566] [U] 
[  879.921870][T17566] [U] 
[  879.924658][T17566] [U] 
[  879.961746][T17513] team0: Port device team_slave_1 added
[  879.975963][ T5834] Bluetooth: hci0: command tx timeout
[  879.982476][T17566] [U] 
[  879.985300][T17566] [U] 
[  879.988071][T17566] [U] 
[  879.990871][T17566] [U] 
[  879.994349][T17566] [U] 
[  879.997117][T17566] [U] 
[  879.999864][T17566] [U] 
[  880.002645][T17566] [U] 
[  880.006644][T17566] [U] 
[  880.009418][T17566] [U] 
[  880.012182][T17566] [U] 
[  880.014947][T17566] [U] 
[  880.019148][T17566] [U] 
[  880.021947][T17566] [U] 
[  880.024692][T17566] [U] 
[  880.027427][T17566] [U] 
[  880.032878][T17566] [U] 
[  880.035657][T17566] [U] 
[  880.038418][T17566] [U] 
[  880.041180][T17566] [U] 
[  880.045949][T17566] [U] 
[  880.048734][T17566] [U] 
[  880.051501][T17566] [U] 
[  880.054271][T17566] [U] 
[  880.058540][T17566] [U] 
[  880.061314][T17566] [U] 
[  880.064239][T17566] [U] 
[  880.067004][T17566] [U] 
[  880.071032][T17566] [U] 
[  880.073857][T17566] [U] 
[  880.076626][T17566] [U] 
[  880.079388][T17566] [U] 
[  880.110069][T17566] [U] 
[  880.112868][T17566] [U] 
[  880.115621][T17566] [U] 
[  880.118398][T17566] [U] 
[  880.152552][T17566] [U] 
[  880.155358][T17566] [U] 
[  880.158120][T17566] [U] 
[  880.160865][T17566] [U] 
[  880.185281][T17513] batman_adv: batadv0: Adding interface: batadv_slave_0
[  880.206228][T17513] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  880.264520][T17513] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  880.276096][T17566] [U] 
[  880.278890][T17566] [U] 
[  880.281651][T17566] [U] 
[  880.284439][T17566] [U] 
[  880.407434][T17566] [U] 
[  880.410250][T17566] [U] 
[  880.413005][T17566] [U] 
[  880.415764][T17566] [U] 
[  880.431097][T17513] batman_adv: batadv0: Adding interface: batadv_slave_1
[  880.458262][T17513] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  880.476051][T17566] [U] 
[  880.486978][T17566] [U] 
[  880.489728][T17566] [U] 
[  880.492479][T17566] [U] 
[  880.500696][T17569] MTRR 1 not used
[  880.529406][T17513] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  880.586210][T17566] [U] 
[  880.589040][T17566] [U] 
[  880.591791][T17566] [U] 
[  880.594547][T17566] [U] 
[  880.636679][T17566] [U] 
[  880.639493][T17566] [U] 
[  880.642268][T17566] [U] 
[  880.645034][T17566] [U] 
[  880.668622][T17566] [U] 
[  880.671435][T17566] [U] 
[  880.674200][T17566] [U] 
[  880.676968][T17566] [U] 
[  880.700688][T17566] [U] 
[  880.703502][T17566] [U] 
[  880.706253][T17566] [U] 
[  880.709053][T17566] [U] 
[  880.777923][T17566] [U] 
[  880.780746][T17566] [U] 
[  880.783518][T17566] [U] 
[  880.786306][T17566] [U] 
[  880.821767][T17566] [U] 
[  880.963878][T17513] hsr_slave_0: entered promiscuous mode
[  880.993601][T17513] hsr_slave_1: entered promiscuous mode
[  881.010753][T17513] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  881.051090][T17513] Cannot create hsr debugfs directory
[  881.365410][   T35] hsr_slave_0: left promiscuous mode
[  881.406080][   T35] hsr_slave_1: left promiscuous mode
[  881.450630][   T35] veth1_macvtap: left allmulticast mode
[  881.474169][   T35] veth1_macvtap: left promiscuous mode
[  881.490378][   T35] veth0_macvtap: left promiscuous mode
[  882.055851][ T5834] Bluetooth: hci0: command tx timeout
[  882.955369][   T35] team0 (unregistering): Port device team_slave_1 removed
[  883.267492][   T35] team0 (unregistering): Port device team_slave_0 removed
[  884.135960][ T5834] Bluetooth: hci0: command tx timeout
[  885.473542][T17650] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2515'.
[  885.824645][T17652] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2516'.
[  885.937966][T17513] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  886.012138][T17513] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  886.103785][T17513] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  886.150066][T17513] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  886.730873][T17513] 8021q: adding VLAN 0 to HW filter on device bond0
[  886.998591][T17513] 8021q: adding VLAN 0 to HW filter on device team0
[  887.329334][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  887.336604][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  887.407467][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  887.414659][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  887.646965][T17513] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  887.686034][T17513] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  887.765310][T17693] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2521'.
[  887.894897][T17690] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2521'.
[  888.812454][T17513] 8021q: adding VLAN 0 to HW filter on device batadv0
[  889.232014][T17513] veth0_vlan: entered promiscuous mode
[  889.286647][T17513] veth1_vlan: entered promiscuous mode
[  889.409007][T17513] veth0_macvtap: entered promiscuous mode
[  889.479264][T17513] veth1_macvtap: entered promiscuous mode
[  889.533768][T17724] FAULT_INJECTION: forcing a failure.
[  889.533768][T17724] name failslab, interval 1, probability 0, space 0, times 0
[  889.585981][T17724] CPU: 1 UID: 0 PID: 17724 Comm: syz.2.2524 Tainted: G     U             6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  889.586033][T17724] Tainted: [U]=USER
[  889.586043][T17724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  889.586062][T17724] Call Trace:
[  889.586072][T17724]  <TASK>
[  889.586085][T17724]  dump_stack_lvl+0x16c/0x1f0
[  889.586132][T17724]  should_fail_ex+0x50a/0x650
[  889.586182][T17724]  ? fs_reclaim_acquire+0xae/0x150
[  889.586228][T17724]  ? eeprom_prepare_data+0x1cc/0x930
[  889.586265][T17724]  should_failslab+0xc2/0x120
[  889.586296][T17724]  __kmalloc_noprof+0xcb/0x510
[  889.586344][T17724]  ? ethnl_default_dumpit+0x5e3/0xd30
[  889.586393][T17724]  eeprom_prepare_data+0x1cc/0x930
[  889.586439][T17724]  ? __pfx_eeprom_prepare_data+0x10/0x10
[  889.586489][T17724]  ? skb_put+0x138/0x1b0
[  889.586544][T17724]  ethnl_default_dumpit+0x649/0xd30
[  889.586597][T17724]  genl_dumpit+0x122/0x230
[  889.586649][T17724]  netlink_dump+0x53c/0xd00
[  889.586695][T17724]  ? __pfx_netlink_dump+0x10/0x10
[  889.586734][T17724]  ? eeprom_parse_request+0x364/0x720
[  889.586790][T17724]  ? ethnl_default_start+0x2dd/0x420
[  889.586840][T17724]  ? __pfx_ethnl_default_start+0x10/0x10
[  889.586897][T17724]  ? genl_start+0x67d/0x960
[  889.586951][T17724]  __netlink_dump_start+0x6ca/0x970
[  889.587007][T17724]  genl_family_rcv_msg_dumpit+0x1e1/0x2e0
[  889.587063][T17724]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[  889.587117][T17724]  ? rcu_is_watching+0x12/0xc0
[  889.587162][T17724]  ? __pfx_genl_start+0x10/0x10
[  889.587207][T17724]  ? __pfx_genl_dumpit+0x10/0x10
[  889.587253][T17724]  ? __pfx_genl_done+0x10/0x10
[  889.587303][T17724]  ? bpf_lsm_capable+0x9/0x10
[  889.587337][T17724]  ? security_capable+0x7e/0x260
[  889.587393][T17724]  ? ns_capable+0xd7/0x110
[  889.587444][T17724]  genl_rcv_msg+0x470/0x800
[  889.587499][T17724]  ? __pfx_genl_rcv_msg+0x10/0x10
[  889.587550][T17724]  ? __pfx_ethnl_default_start+0x10/0x10
[  889.587584][T17724]  ? __pfx_ethnl_default_dumpit+0x10/0x10
[  889.587620][T17724]  ? __pfx_ethnl_default_done+0x10/0x10
[  889.587658][T17724]  ? __pfx___lock_acquire+0x10/0x10
[  889.587714][T17724]  netlink_rcv_skb+0x16b/0x440
[  889.587758][T17724]  ? __pfx_genl_rcv_msg+0x10/0x10
[  889.587810][T17724]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  889.587880][T17724]  ? down_read+0xc9/0x330
[  889.587924][T17724]  ? __pfx_down_read+0x10/0x10
[  889.587970][T17724]  ? netlink_deliver_tap+0x1ae/0xd30
[  889.588019][T17724]  genl_rcv+0x28/0x40
[  889.588064][T17724]  netlink_unicast+0x53c/0x7f0
[  889.588113][T17724]  ? __pfx_netlink_unicast+0x10/0x10
[  889.588169][T17724]  ? __phys_addr_symbol+0x30/0x80
[  889.588202][T17724]  ? __check_object_size+0x488/0x710
[  889.588239][T17724]  netlink_sendmsg+0x8b8/0xd70
[  889.588288][T17724]  ? __pfx_netlink_sendmsg+0x10/0x10
[  889.588347][T17724]  ____sys_sendmsg+0xaaf/0xc90
[  889.588383][T17724]  ? copy_msghdr_from_user+0x10b/0x160
[  889.588430][T17724]  ? __pfx_____sys_sendmsg+0x10/0x10
[  889.588486][T17724]  ___sys_sendmsg+0x135/0x1e0
[  889.588535][T17724]  ? __pfx____sys_sendmsg+0x10/0x10
[  889.588602][T17724]  ? __pfx_lock_release+0x10/0x10
[  889.588646][T17724]  ? trace_lock_acquire+0x14e/0x1f0
[  889.588699][T17724]  ? __fget_files+0x206/0x3a0
[  889.588756][T17724]  __sys_sendmsg+0x16e/0x220
[  889.588804][T17724]  ? __pfx___sys_sendmsg+0x10/0x10
[  889.588856][T17724]  ? __x64_sys_futex+0x1e1/0x4c0
[  889.588923][T17724]  do_syscall_64+0xcd/0x250
[  889.588967][T17724]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  889.589011][T17724] RIP: 0033:0x7f953e58cde9
[  889.589038][T17724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  889.589088][T17724] RSP: 002b:00007f953c3f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  889.589119][T17724] RAX: ffffffffffffffda RBX: 00007f953e7a5fa0 RCX: 00007f953e58cde9
[  889.589141][T17724] RDX: 0000000000000082 RSI: 0000400000000e80 RDI: 0000000000000005
[  889.589163][T17724] RBP: 00007f953e60e2a0 R08: 0000000000000000 R09: 0000000000000000
[  889.589196][T17724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  889.589218][T17724] R13: 0000000000000000 R14: 00007f953e7a5fa0 R15: 00007ffded6fda48
[  889.589261][T17724]  </TASK>
[  890.377949][T17513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  890.453677][T17513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  890.516420][T17513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  890.579641][T17513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  890.657196][T17513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  890.721934][T17513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  890.772769][T17513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  890.794083][T17513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  890.838223][T17513] batman_adv: batadv0: Interface activated: batadv_slave_0
[  890.899344][T17734] ovs_: entered promiscuous mode
[  890.927971][T17513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  890.992226][T17513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  891.046394][T17513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  891.095805][T17513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  891.140967][T17513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  891.194812][T17513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  891.236536][T17513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  891.295938][T17513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  891.342713][T17513] batman_adv: batadv0: Interface activated: batadv_slave_1
[  891.378685][T17513] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  891.465873][T17513] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  891.474675][T17513] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  891.515758][T17513] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  892.156043][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  892.174958][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  892.324391][ T1516] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  892.366566][ T1516] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  896.068303][T17816] FAULT_INJECTION: forcing a failure.
[  896.068303][T17816] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  896.108453][T17816] CPU: 1 UID: 0 PID: 17816 Comm: syz.2.2542 Tainted: G     U             6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  896.108501][T17816] Tainted: [U]=USER
[  896.108513][T17816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  896.108532][T17816] Call Trace:
[  896.108541][T17816]  <TASK>
[  896.108554][T17816]  dump_stack_lvl+0x16c/0x1f0
[  896.108597][T17816]  should_fail_ex+0x50a/0x650
[  896.108657][T17816]  _copy_to_user+0x32/0xd0
[  896.108695][T17816]  copy_to_sockptr_offset.constprop.0+0x15a/0x190
[  896.108745][T17816]  ? __pfx_copy_to_sockptr_offset.constprop.0+0x10/0x10
[  896.108796][T17816]  ? __local_bh_enable_ip+0xa4/0x120
[  896.108852][T17816]  do_tcp_getsockopt+0x1070/0x27d0
[  896.108890][T17816]  ? __pfx_do_tcp_getsockopt+0x10/0x10
[  896.108926][T17816]  ? hlock_class+0x4e/0x130
[  896.108958][T17816]  ? mark_lock+0xb5/0xc60
[  896.109006][T17816]  ? hlock_class+0x4e/0x130
[  896.109045][T17816]  ? __lock_acquire+0x15a9/0x3c40
[  896.109121][T17816]  ? __pfx___lock_acquire+0x10/0x10
[  896.109166][T17816]  ? __pfx___lock_acquire+0x10/0x10
[  896.109208][T17816]  ? __pfx_mark_lock+0x10/0x10
[  896.109255][T17816]  ? hlock_class+0x4e/0x130
[  896.109288][T17816]  ? __lock_acquire+0xcc5/0x3c40
[  896.109339][T17816]  ? lock_acquire.part.0+0x11b/0x380
[  896.109395][T17816]  ? __mutex_trylock_common+0xea/0x250
[  896.109445][T17816]  ? __pfx___mutex_trylock_common+0x10/0x10
[  896.109495][T17816]  ? smc_getsockopt+0xbd/0x360
[  896.109541][T17816]  ? rcu_is_watching+0x12/0xc0
[  896.109576][T17816]  ? trace_contention_end+0xee/0x140
[  896.109626][T17816]  ? __mutex_lock+0x1cc/0xb10
[  896.109665][T17816]  ? __pfx___lock_acquire+0x10/0x10
[  896.109708][T17816]  ? smc_getsockopt+0xbd/0x360
[  896.109768][T17816]  tcp_getsockopt+0xdf/0x100
[  896.109805][T17816]  smc_getsockopt+0x163/0x360
[  896.109846][T17816]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  896.109899][T17816]  ? __pfx_smc_getsockopt+0x10/0x10
[  896.109938][T17816]  ? __might_fault+0xe3/0x190
[  896.109975][T17816]  ? __pfx_smc_getsockopt+0x10/0x10
[  896.110019][T17816]  do_sock_getsockopt+0x3fe/0x800
[  896.110060][T17816]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  896.110090][T17816]  ? __pfx_do_sys_openat2+0x10/0x10
[  896.110142][T17816]  __sys_getsockopt+0x12f/0x260
[  896.110193][T17816]  __x64_sys_getsockopt+0xbd/0x160
[  896.110234][T17816]  ? do_syscall_64+0x91/0x250
[  896.110284][T17816]  ? lockdep_hardirqs_on+0x7c/0x110
[  896.110318][T17816]  do_syscall_64+0xcd/0x250
[  896.110358][T17816]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  896.110401][T17816] RIP: 0033:0x7f953e58cde9
[  896.110425][T17816] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  896.110474][T17816] RSP: 002b:00007f953c3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  896.110502][T17816] RAX: ffffffffffffffda RBX: 00007f953e7a5fa0 RCX: 00007f953e58cde9
[  896.110522][T17816] RDX: 0000000000000023 RSI: 0000000000000006 RDI: 0000000000000003
[  896.110541][T17816] RBP: 00007f953c3f6090 R08: 0000400000000100 R09: 0000000000000000
[  896.110561][T17816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  896.110580][T17816] R13: 0000000000000000 R14: 00007f953e7a5fa0 R15: 00007ffded6fda48
[  896.110619][T17816]  </TASK>
[  896.766071][T17813] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  896.776064][T17813] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  896.782247][T17813] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  896.876052][T17813] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  896.882184][T17813] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  896.892736][T17813] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  897.058059][T17813] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  897.427562][T17831] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  897.472033][T17831] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  897.534691][T17831] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  897.593106][T17831] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  897.668335][T17831] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  899.496409][ T5144] Bluetooth: hci1: command 0x0c1a tx timeout
[  899.502530][ T5144] Bluetooth: hci2: command 0x0c1a tx timeout
[  899.575965][ T5144] Bluetooth: hci4: command 0x0c1a tx timeout
[  899.655798][ T5144] Bluetooth: hci5: command 0x0c1a tx timeout
[  899.735872][ T5144] Bluetooth: hci0: command 0x0c1a tx timeout
[  899.920297][   T29] audit: type=1800 audit(6034852846.513:19): pid=17866 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2554" name="lu_gp_id" dev="configfs" ino=74173 res=0 errno=0
[  901.835747][ T5144] Bluetooth: hci0: command 0x0c1a tx timeout
[  902.953509][T17902] FAULT_INJECTION: forcing a failure.
[  902.953509][T17902] name failslab, interval 1, probability 0, space 0, times 0
[  902.966226][T17902] CPU: 1 UID: 0 PID: 17902 Comm: syz.3.2562 Tainted: G     U             6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  902.966277][T17902] Tainted: [U]=USER
[  902.966289][T17902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  902.966310][T17902] Call Trace:
[  902.966322][T17902]  <TASK>
[  902.966335][T17902]  dump_stack_lvl+0x116/0x1f0
[  902.966385][T17902]  should_fail_ex+0x50a/0x650
[  902.966436][T17902]  ? trace_lock_acquire+0x14e/0x1f0
[  902.966481][T17902]  should_failslab+0xc2/0x120
[  902.966514][T17902]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  902.966569][T17902]  ? __send_signal_locked+0x159/0x12c0
[  902.966620][T17902]  ? sig_get_ucounts+0x1c0/0x5b0
[  902.966663][T17902]  __send_signal_locked+0x159/0x12c0
[  902.966719][T17902]  group_send_sig_info+0x2aa/0x300
[  902.966778][T17902]  ? __pfx_group_send_sig_info+0x10/0x10
[  902.966846][T17902]  ? kill_pid_info_type+0x21/0x2a0
[  902.966898][T17902]  kill_pid_info_type+0x92/0x2a0
[  902.966958][T17902]  kill_proc_info+0x6f/0x1b0
[  902.966991][T17902]  kill_something_info+0x2a2/0x310
[  902.967023][T17902]  ? __task_pid_nr_ns+0x186/0x500
[  902.967070][T17902]  __x64_sys_kill+0xdc/0x140
[  902.967105][T17902]  ? __pfx___x64_sys_kill+0x10/0x10
[  902.967138][T17902]  ? xfd_validate_state+0x5d/0x180
[  902.967202][T17902]  do_syscall_64+0xcd/0x250
[  902.967248][T17902]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  902.967293][T17902] RIP: 0033:0x7f9be038cde9
[  902.967321][T17902] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  902.967355][T17902] RSP: 002b:00007f9bde1b4038 EFLAGS: 00000246 ORIG_RAX: 000000000000003e
[  902.967388][T17902] RAX: ffffffffffffffda RBX: 00007f9be05a6160 RCX: 00007f9be038cde9
[  902.967411][T17902] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000028
[  902.967432][T17902] RBP: 00007f9be040e2a0 R08: 0000000000000000 R09: 0000000000000000
[  902.967454][T17902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  902.967475][T17902] R13: 0000000000000000 R14: 00007f9be05a6160 R15: 00007ffe1248bc48
[  902.967519][T17902]  </TASK>
[  903.176444][    C1] vkms_vblank_simulate: vblank timer overrun
[  903.898709][ T5144] Bluetooth: hci0: command 0x0c1a tx timeout
[  904.443778][   T29] audit: type=1800 audit(6034852851.043:20): pid=17921 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2567" name="dbroot" dev="configfs" ino=74355 res=0 errno=0
[  906.239120][T17947] ptrace attach of "./syz-executor exec"[17513] was attempted by ""[17947]
[  907.631473][T17969] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2578'.
[  909.105589][T17996] netlink: 'syz.4.2584': attribute type 15 has an invalid length.
[  909.137907][T17996] netlink: 'syz.4.2584': attribute type 16 has an invalid length.
[  909.166022][T17996] netlink: 298 bytes leftover after parsing attributes in process `syz.4.2584'.
[  909.265626][T18005] openvswitch: netlink: VXLAN extension 64 out of range max 1
[  909.340359][T18004] netlink: 784 bytes leftover after parsing attributes in process `syz.0.2587'.
[  909.387811][T18004] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  910.027758][T18021] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2591'.
[  910.117626][T18021] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2591'.
[  910.586737][T18027] FAULT_INJECTION: forcing a failure.
[  910.586737][T18027] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  910.643535][T18027] CPU: 0 UID: 0 PID: 18027 Comm: syz.0.2593 Tainted: G     U             6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  910.643583][T18027] Tainted: [U]=USER
[  910.643593][T18027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  910.643612][T18027] Call Trace:
[  910.643621][T18027]  <TASK>
[  910.643634][T18027]  dump_stack_lvl+0x16c/0x1f0
[  910.643680][T18027]  should_fail_ex+0x50a/0x650
[  910.643737][T18027]  _copy_from_iter+0x2a1/0x1560
[  910.643773][T18027]  ? trace_lock_acquire+0x14e/0x1f0
[  910.643817][T18027]  ? __pfx__copy_from_iter+0x10/0x10
[  910.643856][T18027]  ? __virt_addr_valid+0x1a4/0x590
[  910.643896][T18027]  ? __virt_addr_valid+0x5e/0x590
[  910.643930][T18027]  ? __phys_addr_symbol+0x30/0x80
[  910.643963][T18027]  ? __check_object_size+0x488/0x710
[  910.644002][T18027]  file_tty_write.constprop.0+0x48d/0x9a0
[  910.644055][T18027]  vfs_write+0x5ae/0x1150
[  910.644101][T18027]  ? __pfx_tty_write+0x10/0x10
[  910.644142][T18027]  ? __pfx_vfs_write+0x10/0x10
[  910.644188][T18027]  ? __fget_files+0x40/0x3a0
[  910.644256][T18027]  ksys_write+0x12b/0x250
[  910.644300][T18027]  ? __pfx_ksys_write+0x10/0x10
[  910.644356][T18027]  do_syscall_64+0xcd/0x250
[  910.644399][T18027]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  910.644443][T18027] RIP: 0033:0x7fb6d518cde9
[  910.644469][T18027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  910.644502][T18027] RSP: 002b:00007fb6d5f3f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  910.644533][T18027] RAX: ffffffffffffffda RBX: 00007fb6d53a5fa0 RCX: 00007fb6d518cde9
[  910.644556][T18027] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003
[  910.644575][T18027] RBP: 00007fb6d5f3f090 R08: 0000000000000000 R09: 0000000000000000
[  910.644596][T18027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  910.644617][T18027] R13: 0000000000000000 R14: 00007fb6d53a5fa0 R15: 00007fff1cf34c08
[  910.644659][T18027]  </TASK>
[  912.916275][T18057] 
[  917.043910][T18089] vhci_hcd: default hub control req: 5df8 v0000 i0000 l0
[  918.158805][T18113] FAULT_INJECTION: forcing a failure.
[  918.158805][T18113] name failslab, interval 1, probability 0, space 0, times 0
[  918.171506][T18113] CPU: 0 UID: 0 PID: 18113 Comm: syz.3.2615 Tainted: G     U             6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  918.171556][T18113] Tainted: [U]=USER
[  918.171568][T18113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  918.171589][T18113] Call Trace:
[  918.171600][T18113]  <TASK>
[  918.171614][T18113]  dump_stack_lvl+0x116/0x1f0
[  918.171664][T18113]  should_fail_ex+0x50a/0x650
[  918.171715][T18113]  ? trace_lock_acquire+0x14e/0x1f0
[  918.171760][T18113]  should_failslab+0xc2/0x120
[  918.171792][T18113]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  918.171846][T18113]  ? __send_signal_locked+0x159/0x12c0
[  918.171890][T18113]  ? sig_get_ucounts+0x1c0/0x5b0
[  918.171932][T18113]  __send_signal_locked+0x159/0x12c0
[  918.172004][T18113]  group_send_sig_info+0x2aa/0x300
[  918.172060][T18113]  ? __pfx_group_send_sig_info+0x10/0x10
[  918.172124][T18113]  ? kill_pid_info_type+0x21/0x2a0
[  918.172174][T18113]  kill_pid_info_type+0x92/0x2a0
[  918.172231][T18113]  kill_proc_info+0x6f/0x1b0
[  918.172263][T18113]  kill_something_info+0x2a2/0x310
[  918.172293][T18113]  ? __task_pid_nr_ns+0x186/0x500
[  918.172339][T18113]  __x64_sys_kill+0xdc/0x140
[  918.172372][T18113]  ? __pfx___x64_sys_kill+0x10/0x10
[  918.172405][T18113]  ? xfd_validate_state+0x5d/0x180
[  918.172466][T18113]  do_syscall_64+0xcd/0x250
[  918.172511][T18113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  918.172557][T18113] RIP: 0033:0x7f9be038cde9
[  918.172582][T18113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  918.172613][T18113] RSP: 002b:00007f9bde1b4038 EFLAGS: 00000246 ORIG_RAX: 000000000000003e
[  918.172641][T18113] RAX: ffffffffffffffda RBX: 00007f9be05a6160 RCX: 00007f9be038cde9
[  918.172662][T18113] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000056
[  918.172681][T18113] RBP: 00007f9be040e2a0 R08: 0000000000000000 R09: 0000000000000000
[  918.172701][T18113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  918.172720][T18113] R13: 0000000000000000 R14: 00007f9be05a6160 R15: 00007ffe1248bc48
[  918.172763][T18113]  </TASK>
[  918.877487][T18124] sg_write: data in/out 32732/87 bytes for SCSI command 0x0-- guessing data in;
[  918.877487][T18124]    program syz.2.2618 not setting count and/or reply_len properly
[  918.925912][T18124] sg_write: data in/out 32732/16086 bytes for SCSI command 0x0-- guessing data in;
[  918.925912][T18124]    program syz.2.2618 not setting count and/or reply_len properly
[  918.954157][T18124] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2618'.
[  919.680341][T18139] FAULT_INJECTION: forcing a failure.
[  919.680341][T18139] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  919.777155][T18139] CPU: 0 UID: 0 PID: 18139 Comm: syz.4.2621 Tainted: G     U             6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  919.777209][T18139] Tainted: [U]=USER
[  919.777221][T18139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  919.777241][T18139] Call Trace:
[  919.777251][T18139]  <TASK>
[  919.777265][T18139]  dump_stack_lvl+0x16c/0x1f0
[  919.777313][T18139]  should_fail_ex+0x50a/0x650
[  919.777374][T18139]  _copy_from_user+0x2e/0xd0
[  919.777410][T18139]  restore_altstack+0x94/0x170
[  919.777450][T18139]  ? __pfx_restore_altstack+0x10/0x10
[  919.777490][T18139]  ? _raw_spin_unlock_irq+0x23/0x50
[  919.777525][T18139]  ? lockdep_hardirqs_on+0x7c/0x110
[  919.777564][T18139]  ? _raw_spin_unlock_irq+0x2e/0x50
[  919.777598][T18139]  ? set_current_blocked+0xdd/0x120
[  919.777646][T18139]  __do_sys_rt_sigreturn+0x13d/0x240
[  919.777686][T18139]  ? __pfx___do_sys_rt_sigreturn+0x10/0x10
[  919.777738][T18139]  do_syscall_64+0xcd/0x250
[  919.777789][T18139]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  919.777838][T18139] RIP: 0033:0x7f5913928fb9
[  919.777865][T18139] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[  919.777900][T18139] RSP: 002b:00007f5914848a80 EFLAGS: 00000246 ORIG_RAX: 000000000000000f
[  919.777931][T18139] RAX: ffffffffffffffda RBX: 00007f5913ba6160 RCX: 00007f5913928fb9
[  919.777954][T18139] RDX: 00007f5914848a80 RSI: 00007f5914848bb0 RDI: 0000000000000011
[  919.777976][T18139] RBP: 00007f5913a0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  919.777998][T18139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  919.778019][T18139] R13: 0000000000000000 R14: 00007f5913ba6160 R15: 00007ffe37820228
[  919.778061][T18139]  </TASK>
[  921.991307][T18173] block mtdblock0: the capability attribute has been deprecated.
[  925.984350][T18240] FAULT_INJECTION: forcing a failure.
[  925.984350][T18240] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  926.008624][T18240] CPU: 1 UID: 0 PID: 18240 Comm: syz.2.2646 Tainted: G     U             6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  926.008679][T18240] Tainted: [U]=USER
[  926.008690][T18240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  926.008710][T18240] Call Trace:
[  926.008722][T18240]  <TASK>
[  926.008736][T18240]  dump_stack_lvl+0x16c/0x1f0
[  926.008783][T18240]  should_fail_ex+0x50a/0x650
[  926.008843][T18240]  _copy_from_user+0x2e/0xd0
[  926.008878][T18240]  restore_altstack+0x94/0x170
[  926.008916][T18240]  ? __pfx_restore_altstack+0x10/0x10
[  926.008958][T18240]  ? _raw_spin_unlock_irq+0x23/0x50
[  926.008992][T18240]  ? lockdep_hardirqs_on+0x7c/0x110
[  926.009031][T18240]  ? _raw_spin_unlock_irq+0x2e/0x50
[  926.009065][T18240]  ? set_current_blocked+0xdd/0x120
[  926.009111][T18240]  __do_sys_rt_sigreturn+0x13d/0x240
[  926.009151][T18240]  ? __pfx___do_sys_rt_sigreturn+0x10/0x10
[  926.009208][T18240]  do_syscall_64+0xcd/0x250
[  926.009260][T18240]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  926.009307][T18240] RIP: 0033:0x7f953e528fb9
[  926.009333][T18240] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[  926.009368][T18240] RSP: 002b:00007f953c3b3a80 EFLAGS: 00000246 ORIG_RAX: 000000000000000f
[  926.009399][T18240] RAX: ffffffffffffffda RBX: 00007f953e7a6160 RCX: 00007f953e528fb9
[  926.009423][T18240] RDX: 00007f953c3b3a80 RSI: 00007f953c3b3bb0 RDI: 0000000000000011
[  926.009445][T18240] RBP: 00007f953e60e2a0 R08: 0000000000000000 R09: 0000000000000000
[  926.009467][T18240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  926.009488][T18240] R13: 0000000000000000 R14: 00007f953e7a6160 R15: 00007ffded6fda48
[  926.009529][T18240]  </TASK>
[  926.230748][T18242] FAULT_INJECTION: forcing a failure.
[  926.230748][T18242] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  926.291640][T18242] CPU: 1 UID: 0 PID: 18242 Comm: syz.0.2647 Tainted: G     U             6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  926.291684][T18242] Tainted: [U]=USER
[  926.291695][T18242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  926.291713][T18242] Call Trace:
[  926.291723][T18242]  <TASK>
[  926.291734][T18242]  dump_stack_lvl+0x16c/0x1f0
[  926.291777][T18242]  should_fail_ex+0x50a/0x650
[  926.291831][T18242]  _copy_to_user+0x32/0xd0
[  926.291884][T18242]  simple_read_from_buffer+0xd0/0x160
[  926.291930][T18242]  proc_fail_nth_read+0x198/0x270
[  926.291970][T18242]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  926.292013][T18242]  ? rw_verify_area+0xcf/0x680
[  926.292052][T18242]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  926.292092][T18242]  vfs_read+0x1df/0xbf0
[  926.292136][T18242]  ? __pfx_smc_getsockopt+0x10/0x10
[  926.292181][T18242]  ? __pfx_vfs_read+0x10/0x10
[  926.292226][T18242]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  926.292257][T18242]  ? __pfx_do_sys_openat2+0x10/0x10
[  926.292307][T18242]  ksys_read+0x12b/0x250
[  926.292350][T18242]  ? __pfx_ksys_read+0x10/0x10
[  926.292406][T18242]  do_syscall_64+0xcd/0x250
[  926.292449][T18242]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  926.292503][T18242] RIP: 0033:0x7fb6d518b7fc
[  926.292528][T18242] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  926.292559][T18242] RSP: 002b:00007fb6d5f3f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  926.292589][T18242] RAX: ffffffffffffffda RBX: 00007fb6d53a5fa0 RCX: 00007fb6d518b7fc
[  926.292612][T18242] RDX: 000000000000000f RSI: 00007fb6d5f3f0a0 RDI: 0000000000000004
[  926.292632][T18242] RBP: 00007fb6d5f3f090 R08: 0000000000000000 R09: 0000000000000000
[  926.292652][T18242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  926.292673][T18242] R13: 0000000000000000 R14: 00007fb6d53a5fa0 R15: 00007fff1cf34c08
[  926.292712][T18242]  </TASK>
[  932.598792][T18322] FAULT_INJECTION: forcing a failure.
[  932.598792][T18322] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  932.694989][T18322] CPU: 0 UID: 0 PID: 18322 Comm: syz.0.2669 Tainted: G     U             6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  932.695040][T18322] Tainted: [U]=USER
[  932.695051][T18322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  932.695071][T18322] Call Trace:
[  932.695081][T18322]  <TASK>
[  932.695094][T18322]  dump_stack_lvl+0x16c/0x1f0
[  932.695139][T18322]  should_fail_ex+0x50a/0x650
[  932.695197][T18322]  _copy_from_user+0x2e/0xd0
[  932.695233][T18322]  restore_altstack+0x94/0x170
[  932.695273][T18322]  ? __pfx_restore_altstack+0x10/0x10
[  932.695315][T18322]  ? _raw_spin_unlock_irq+0x23/0x50
[  932.695348][T18322]  ? lockdep_hardirqs_on+0x7c/0x110
[  932.695388][T18322]  ? _raw_spin_unlock_irq+0x2e/0x50
[  932.695422][T18322]  ? set_current_blocked+0xdd/0x120
[  932.695470][T18322]  __do_sys_rt_sigreturn+0x13d/0x240
[  932.695510][T18322]  ? __pfx___do_sys_rt_sigreturn+0x10/0x10
[  932.695562][T18322]  do_syscall_64+0xcd/0x250
[  932.695618][T18322]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  932.695669][T18322] RIP: 0033:0x7fb6d5128fb9
[  932.695694][T18322] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[  932.695725][T18322] RSP: 002b:00007fb6d5f3ea80 EFLAGS: 00000246 ORIG_RAX: 000000000000000f
[  932.695756][T18322] RAX: ffffffffffffffda RBX: 00007fb6d53a5fa0 RCX: 00007fb6d5128fb9
[  932.695779][T18322] RDX: 00007fb6d5f3ea80 RSI: 00007fb6d5f3ebb0 RDI: 0000000000000011
[  932.695799][T18322] RBP: 00007fb6d520e2a0 R08: 0000000000000000 R09: 0000000000000000
[  932.695820][T18322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  932.695840][T18322] R13: 0000000000000000 R14: 00007fb6d53a5fa0 R15: 00007fff1cf34c08
[  932.695882][T18322]  </TASK>
[  932.870536][    C0] vkms_vblank_simulate: vblank timer overrun
[  936.339394][T18317] kexec: Could not allocate control_code_buffer
[  936.934218][T18390] Malformed UNC in devname
[  936.934218][T18390] 
[  936.951639][T18390] CIFS: VFS: Malformed UNC in devname
[  937.179724][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  937.188364][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  938.308935][T18398] FAULT_INJECTION: forcing a failure.
[  938.308935][T18398] name failslab, interval 1, probability 0, space 0, times 0
[  938.365927][T18398] CPU: 0 UID: 0 PID: 18398 Comm: syz.0.2688 Tainted: G     U             6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  938.365982][T18398] Tainted: [U]=USER
[  938.365995][T18398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  938.366026][T18398] Call Trace:
[  938.366037][T18398]  <TASK>
[  938.366052][T18398]  dump_stack_lvl+0x16c/0x1f0
[  938.366100][T18398]  should_fail_ex+0x50a/0x650
[  938.366154][T18398]  ? fs_reclaim_acquire+0xae/0x150
[  938.366202][T18398]  should_failslab+0xc2/0x120
[  938.366237][T18398]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  938.366291][T18398]  ? jbd2__journal_start+0x193/0x6a0
[  938.366344][T18398]  ? __pfx___might_resched+0x10/0x10
[  938.366403][T18398]  jbd2__journal_start+0x193/0x6a0
[  938.366461][T18398]  __ext4_journal_start_sb+0x19f/0x660
[  938.366506][T18398]  ? ext4_do_writepages+0xc04/0x32d0
[  938.366555][T18398]  ext4_do_writepages+0xc04/0x32d0
[  938.366609][T18398]  ? __pfx___lock_acquire+0x10/0x10
[  938.366677][T18398]  ? __pfx_ext4_do_writepages+0x10/0x10
[  938.366732][T18398]  ? __pfx___lock_acquire+0x10/0x10
[  938.366778][T18398]  ? do_writepages+0x1b3/0x820
[  938.366821][T18398]  ? ext4_writepages+0x303/0x730
[  938.366862][T18398]  ext4_writepages+0x303/0x730
[  938.366908][T18398]  ? __pfx_ext4_writepages+0x10/0x10
[  938.366968][T18398]  ? lock_acquire+0x2f/0xb0
[  938.367012][T18398]  ? do_writepages+0x5b7/0x820
[  938.367058][T18398]  ? __pfx_ext4_writepages+0x10/0x10
[  938.367105][T18398]  do_writepages+0x1b3/0x820
[  938.367147][T18398]  ? __pfx_do_writepages+0x10/0x10
[  938.367180][T18398]  ? wbc_attach_fdatawrite_inode+0x13a/0x190
[  938.367219][T18398]  ? __pfx_lock_release+0x10/0x10
[  938.367266][T18398]  ? do_raw_spin_lock+0x12d/0x2c0
[  938.367300][T18398]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  938.367333][T18398]  ? lock_acquire+0x2f/0xb0
[  938.367376][T18398]  ? wbc_attach_fdatawrite_inode+0x24/0x190
[  938.367417][T18398]  ? do_raw_spin_unlock+0x172/0x230
[  938.367457][T18398]  filemap_fdatawrite_wbc+0x104/0x160
[  938.367495][T18398]  __filemap_fdatawrite_range+0xb3/0xf0
[  938.367539][T18398]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  938.367632][T18398]  ? find_held_lock+0x2d/0x110
[  938.367674][T18398]  ? ext4_fallocate+0x139/0x3950
[  938.367729][T18398]  filemap_write_and_wait_range+0xa3/0x130
[  938.367780][T18398]  ext4_punch_hole+0x194/0x10d0
[  938.367842][T18398]  ext4_fallocate+0x9b7/0x3950
[  938.367893][T18398]  ? rcu_is_watching+0x12/0xc0
[  938.367929][T18398]  ? trace_lock_acquire+0x14e/0x1f0
[  938.367970][T18398]  ? madvise_vma_behavior+0x1c8b/0x1dd0
[  938.368023][T18398]  ? __pfx_ext4_fallocate+0x10/0x10
[  938.368078][T18398]  vfs_fallocate+0x60d/0x10d0
[  938.368131][T18398]  ? __pfx_vfs_fallocate+0x10/0x10
[  938.368184][T18398]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  938.368246][T18398]  madvise_vma_behavior+0x1c8b/0x1dd0
[  938.368290][T18398]  ? __pfx_madvise_vma_behavior+0x10/0x10
[  938.368330][T18398]  ? find_vma_prev+0xdb/0x160
[  938.368376][T18398]  ? __pfx_find_vma_prev+0x10/0x10
[  938.368432][T18398]  ? __pfx_rwsem_read_trylock+0x10/0x10
[  938.368484][T18398]  ? __pfx_futex_wait+0x10/0x10
[  938.368533][T18398]  ? do_madvise+0x2b3/0x7c0
[  938.368574][T18398]  ? __pfx_madvise_vma_behavior+0x10/0x10
[  938.368611][T18398]  madvise_walk_vmas+0x1cf/0x2c0
[  938.368648][T18398]  ? __pfx_madvise_walk_vmas+0x10/0x10
[  938.368696][T18398]  do_madvise+0x366/0x7c0
[  938.368738][T18398]  ? __pfx_do_madvise+0x10/0x10
[  938.368776][T18398]  ? __x64_sys_futex+0x1e1/0x4c0
[  938.368828][T18398]  ? rcu_is_watching+0x12/0xc0
[  938.368871][T18398]  __x64_sys_madvise+0xa9/0x110
[  938.368908][T18398]  ? lockdep_hardirqs_on+0x7c/0x110
[  938.368948][T18398]  do_syscall_64+0xcd/0x250
[  938.368993][T18398]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  938.369049][T18398] RIP: 0033:0x7fb6d518cde9
[  938.369077][T18398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  938.369112][T18398] RSP: 002b:00007fb6d5f3f038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  938.369145][T18398] RAX: ffffffffffffffda RBX: 00007fb6d53a5fa0 RCX: 00007fb6d518cde9
[  938.369168][T18398] RDX: 0000000000000009 RSI: 00000000000031ca RDI: 000000110c230000
[  938.369189][T18398] RBP: 00007fb6d520e2a0 R08: 0000000000000000 R09: 0000000000000000
[  938.369210][T18398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  938.369230][T18398] R13: 0000000000000000 R14: 00007fb6d53a5fa0 R15: 00007fff1cf34c08
[  938.369273][T18398]  </TASK>
[  938.369292][T18398] EXT4-fs (sda1): ext4_do_writepages: jbd2_start: 9223372036854775807 pages, ino 1924; err -12
[  939.773284][T18411] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2690'.
[  939.795842][T18411] veth1_macvtap: entered allmulticast mode
[  940.123579][T18427] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2694'.
[  941.737184][T18442] Invalid ELF header magic: != ELF
[  945.636058][T18497] FAULT_INJECTION: forcing a failure.
[  945.636058][T18497] name failslab, interval 1, probability 0, space 0, times 0
[  945.648759][T18497] CPU: 1 UID: 0 PID: 18497 Comm: syz.2.2711 Tainted: G     U             6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  945.648810][T18497] Tainted: [U]=USER
[  945.648821][T18497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  945.648841][T18497] Call Trace:
[  945.648853][T18497]  <TASK>
[  945.648866][T18497]  dump_stack_lvl+0x116/0x1f0
[  945.648912][T18497]  should_fail_ex+0x50a/0x650
[  945.648961][T18497]  ? trace_lock_acquire+0x14e/0x1f0
[  945.649005][T18497]  should_failslab+0xc2/0x120
[  945.649037][T18497]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  945.649089][T18497]  ? __send_signal_locked+0x159/0x12c0
[  945.649132][T18497]  ? sig_get_ucounts+0x1c0/0x5b0
[  945.649173][T18497]  __send_signal_locked+0x159/0x12c0
[  945.649225][T18497]  group_send_sig_info+0x2aa/0x300
[  945.649280][T18497]  ? __pfx_group_send_sig_info+0x10/0x10
[  945.649346][T18497]  ? kill_pid_info_type+0x21/0x2a0
[  945.649397][T18497]  kill_pid_info_type+0x92/0x2a0
[  945.649453][T18497]  kill_proc_info+0x6f/0x1b0
[  945.649485][T18497]  kill_something_info+0x2a2/0x310
[  945.649515][T18497]  ? __task_pid_nr_ns+0x186/0x500
[  945.649561][T18497]  __x64_sys_kill+0xdc/0x140
[  945.649595][T18497]  ? __pfx___x64_sys_kill+0x10/0x10
[  945.649636][T18497]  ? xfd_validate_state+0x5d/0x180
[  945.649700][T18497]  do_syscall_64+0xcd/0x250
[  945.649744][T18497]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  945.649792][T18497] RIP: 0033:0x7f953e58cde9
[  945.649818][T18497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  945.649849][T18497] RSP: 002b:00007f953c3b4038 EFLAGS: 00000246 ORIG_RAX: 000000000000003e
[  945.649880][T18497] RAX: ffffffffffffffda RBX: 00007f953e7a6160 RCX: 00007f953e58cde9
[  945.649901][T18497] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000154
[  945.649921][T18497] RBP: 00007f953e60e2a0 R08: 0000000000000000 R09: 0000000000000000
[  945.649959][T18497] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  945.649979][T18497] R13: 0000000000000000 R14: 00007f953e7a6160 R15: 00007ffded6fda48
[  945.650022][T18497]  </TASK>
[  948.378281][T18517] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2716'.
[  948.390517][T18517] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2716'.
[  948.511845][T18522] sp0: Synchronizing with TNC
[  949.637473][T18532] FAULT_INJECTION: forcing a failure.
[  949.637473][T18532] name failslab, interval 1, probability 0, space 0, times 0
[  949.650174][T18532] CPU: 1 UID: 0 PID: 18532 Comm: syz.4.2721 Tainted: G     U             6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  949.650226][T18532] Tainted: [U]=USER
[  949.650239][T18532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  949.650261][T18532] Call Trace:
[  949.650271][T18532]  <TASK>
[  949.650286][T18532]  dump_stack_lvl+0x116/0x1f0
[  949.650335][T18532]  should_fail_ex+0x50a/0x650
[  949.650388][T18532]  ? trace_lock_acquire+0x14e/0x1f0
[  949.650434][T18532]  should_failslab+0xc2/0x120
[  949.650468][T18532]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  949.650523][T18532]  ? __send_signal_locked+0x159/0x12c0
[  949.650569][T18532]  ? sig_get_ucounts+0x1c0/0x5b0
[  949.650612][T18532]  __send_signal_locked+0x159/0x12c0
[  949.650667][T18532]  group_send_sig_info+0x2aa/0x300
[  949.650723][T18532]  ? __pfx_group_send_sig_info+0x10/0x10
[  949.650792][T18532]  ? kill_pid_info_type+0x21/0x2a0
[  949.650856][T18532]  kill_pid_info_type+0x92/0x2a0
[  949.650917][T18532]  kill_proc_info+0x6f/0x1b0
[  949.650952][T18532]  kill_something_info+0x2a2/0x310
[  949.650992][T18532]  ? __task_pid_nr_ns+0x186/0x500
[  949.651041][T18532]  __x64_sys_kill+0xdc/0x140
[  949.651077][T18532]  ? __pfx___x64_sys_kill+0x10/0x10
[  949.651112][T18532]  ? xfd_validate_state+0x5d/0x180
[  949.651179][T18532]  do_syscall_64+0xcd/0x250
[  949.651227][T18532]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  949.651275][T18532] RIP: 0033:0x7f591398cde9
[  949.651303][T18532] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  949.651337][T18532] RSP: 002b:00007f5914849038 EFLAGS: 00000246 ORIG_RAX: 000000000000003e
[  949.651367][T18532] RAX: ffffffffffffffda RBX: 00007f5913ba6160 RCX: 00007f591398cde9
[  949.651391][T18532] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 000000000000011f
[  949.651411][T18532] RBP: 00007f5913a0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  949.651433][T18532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  949.651454][T18532] R13: 0000000000000000 R14: 00007f5913ba6160 R15: 00007ffe37820228
[  949.651497][T18532]  </TASK>
[  958.200700][ T5834] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  958.213199][ T5834] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  958.223395][ T5834] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  958.234482][ T5834] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  958.242499][ T5834] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  958.252575][ T5834] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  959.176676][T18617] chnl_net:caif_netlink_parms(): no params data found
[  960.070785][T18584] kexec: Could not allocate control_code_buffer
[  960.182269][T18617] bridge0: port 1(bridge_slave_0) entered blocking state
[  960.201807][T18617] bridge0: port 1(bridge_slave_0) entered disabled state
[  960.218881][T18617] bridge_slave_0: entered allmulticast mode
[  960.247357][T18617] bridge_slave_0: entered promiscuous mode
[  960.255896][T18617] bridge0: port 2(bridge_slave_1) entered blocking state
[  960.263120][T18617] bridge0: port 2(bridge_slave_1) entered disabled state
[  960.296717][T18617] bridge_slave_1: entered allmulticast mode
[  960.304077][T18617] bridge_slave_1: entered promiscuous mode
[  960.306110][ T5834] Bluetooth: hci3: command tx timeout
[  960.685976][T18617] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  960.733298][T18617] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  961.179638][ T1139] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  961.282825][T18617] team0: Port device team_slave_0 added
[  961.417725][ T1139] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  961.489463][T18617] team0: Port device team_slave_1 added
[  961.781627][ T1139] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  961.885962][T18617] batman_adv: batadv0: Adding interface: batadv_slave_0
[  961.892994][T18617] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  962.005739][T18617] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  962.040592][T18617] batman_adv: batadv0: Adding interface: batadv_slave_1
[  962.075760][T18617] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  962.185875][T18617] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  962.267659][ T1139] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  962.376723][ T5834] Bluetooth: hci3: command tx timeout
[  962.528628][T18617] hsr_slave_0: entered promiscuous mode
[  962.563255][T18617] hsr_slave_1: entered promiscuous mode
[  962.585127][T18617] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  962.611706][T18617] Cannot create hsr debugfs directory
[  963.393946][ T1139] bridge_slave_1: left allmulticast mode
[  963.424234][ T1139] bridge_slave_1: left promiscuous mode
[  963.448380][ T1139] bridge0: port 2(bridge_slave_1) entered disabled state
[  963.517860][ T1139] bridge_slave_0: left allmulticast mode
[  963.532850][ T1139] bridge_slave_0: left promiscuous mode
[  963.559746][ T1139] bridge0: port 1(bridge_slave_0) entered disabled state
[  964.465909][ T5834] Bluetooth: hci3: command tx timeout
[  965.454250][ T1139] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  965.484866][ T1139] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  965.511598][ T1139] bond0 (unregistering): Released all slaves
[  966.538843][ T5834] Bluetooth: hci3: command tx timeout
[  966.716016][ T1139] hsr_slave_0: left promiscuous mode
[  966.747741][ T1139] hsr_slave_1: left promiscuous mode
[  966.764072][ T1139] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  966.791442][ T1139] batman_adv: batadv0: Removing interface: batadv_slave_0
[  966.833261][ T1139] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  966.852249][ T1139] batman_adv: batadv0: Removing interface: batadv_slave_1
[  966.907472][ T1139] veth1_macvtap: left promiscuous mode
[  966.913090][ T1139] veth0_macvtap: left promiscuous mode
[  966.936977][ T1139] veth1_vlan: left promiscuous mode
[  966.942682][ T1139] veth0_vlan: left promiscuous mode
[  968.059810][T18724] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2760'.
[  968.748349][ T1139] team0 (unregistering): Port device team_slave_1 removed
[  968.817764][ T1139] team0 (unregistering): Port device team_slave_0 removed
[  969.500935][T18617] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  969.534364][T18617] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  969.618580][T18617] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  969.634190][T18617] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  970.037685][T18617] 8021q: adding VLAN 0 to HW filter on device bond0
[  970.160044][T18617] 8021q: adding VLAN 0 to HW filter on device team0
[  970.267085][T18726] bridge0: port 1(bridge_slave_0) entered blocking state
[  970.274275][T18726] bridge0: port 1(bridge_slave_0) entered forwarding state
[  970.334183][T18726] bridge0: port 2(bridge_slave_1) entered blocking state
[  970.341452][T18726] bridge0: port 2(bridge_slave_1) entered forwarding state
[  970.509363][T18617] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  970.572388][T18744] FAULT_INJECTION: forcing a failure.
[  970.572388][T18744] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  970.765709][T18744] CPU: 1 UID: 0 PID: 18744 Comm: syz.4.2764 Tainted: G     U             6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  970.765756][T18744] Tainted: [U]=USER
[  970.765766][T18744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  970.765788][T18744] Call Trace:
[  970.765797][T18744]  <TASK>
[  970.765810][T18744]  dump_stack_lvl+0x16c/0x1f0
[  970.765852][T18744]  should_fail_ex+0x50a/0x650
[  970.765905][T18744]  _copy_from_iter+0x2a1/0x1560
[  970.765942][T18744]  ? policy_nodemask+0xea/0x4e0
[  970.765990][T18744]  ? __pfx__copy_from_iter+0x10/0x10
[  970.766022][T18744]  ? alloc_pages_mpol+0x25b/0x540
[  970.766052][T18744]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  970.766108][T18744]  copy_page_from_iter+0xa5/0x120
[  970.766142][T18744]  pipe_write+0xd1e/0x1b30
[  970.766201][T18744]  ? __pfx_pipe_write+0x10/0x10
[  970.766257][T18744]  ? apparmor_file_permission+0x251/0x400
[  970.766291][T18744]  ? bpf_lsm_file_permission+0x9/0x10
[  970.766337][T18744]  ? security_file_permission+0x71/0x210
[  970.766377][T18744]  ? rw_verify_area+0xcf/0x680
[  970.766418][T18744]  vfs_write+0x5ae/0x1150
[  970.766468][T18744]  ? __pfx_pipe_write+0x10/0x10
[  970.766516][T18744]  ? __pfx_vfs_write+0x10/0x10
[  970.766559][T18744]  ? __fget_files+0x40/0x3a0
[  970.766621][T18744]  ksys_write+0x207/0x250
[  970.766662][T18744]  ? __pfx_ksys_write+0x10/0x10
[  970.766714][T18744]  do_syscall_64+0xcd/0x250
[  970.766755][T18744]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  970.766797][T18744] RIP: 0033:0x7f591398cde9
[  970.766821][T18744] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  970.766850][T18744] RSP: 002b:00007f591486a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  970.766878][T18744] RAX: ffffffffffffffda RBX: 00007f5913ba6080 RCX: 00007f591398cde9
[  970.766899][T18744] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000001
[  970.766917][T18744] RBP: 00007f591486a090 R08: 0000000000000000 R09: 0000000000000000
[  970.766936][T18744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  970.766955][T18744] R13: 0000000000000000 R14: 00007f5913ba6080 R15: 00007ffe37820228
[  970.767012][T18744]  </TASK>
[  971.401720][T18617] 8021q: adding VLAN 0 to HW filter on device batadv0
[  972.201935][T18617] veth0_vlan: entered promiscuous mode
[  972.254917][T18617] veth1_vlan: entered promiscuous mode
[  972.346565][T18778] netlink: 'syz.0.2767': attribute type 1 has an invalid length.
[  972.380118][T18617] veth0_macvtap: entered promiscuous mode
[  972.424381][T18617] veth1_macvtap: entered promiscuous mode
[  972.494525][T18617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  972.552777][T18617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  972.596115][T18617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  972.634890][T18617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  972.655740][T18617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  972.686690][T18617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  972.734876][T18617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  972.786236][T18617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  972.828697][T18617] batman_adv: batadv0: Interface activated: batadv_slave_0
[  972.860557][T18617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  972.919757][T18617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  972.945799][T18617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  972.975891][T18617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  973.022505][T18617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  973.061305][T18617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  973.093133][T18617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  973.132542][T18617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  973.185495][T18617] batman_adv: batadv0: Interface activated: batadv_slave_1
[  973.254356][T18617] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  973.304755][T18617] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  973.334145][T18617] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  973.354474][T18617] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  973.679770][T18802] ==================================================================
[  973.687923][T18802] BUG: KASAN: slab-use-after-free in force_wakeup_write+0x14d/0x170
[  973.695980][T18802] Read of size 1 at addr ffff88805f8e7a31 by task syz.2.2770/18802
[  973.703935][T18802] 
[  973.706301][T18802] CPU: 1 UID: 0 PID: 18802 Comm: syz.2.2770 Tainted: G     U             6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  973.706349][T18802] Tainted: [U]=USER
[  973.706361][T18802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  973.706381][T18802] Call Trace:
[  973.706392][T18802]  <TASK>
[  973.706405][T18802]  dump_stack_lvl+0x116/0x1f0
[  973.706451][T18802]  print_report+0xc3/0x620
[  973.706521][T18802]  ? __virt_addr_valid+0x5e/0x590
[  973.706555][T18802]  ? __phys_addr+0xc6/0x150
[  973.706590][T18802]  kasan_report+0xd9/0x110
[  973.706620][T18802]  ? force_wakeup_write+0x14d/0x170
[  973.706660][T18802]  ? force_wakeup_write+0x14d/0x170
[  973.706706][T18802]  force_wakeup_write+0x14d/0x170
[  973.706746][T18802]  ? __pfx_force_wakeup_write+0x10/0x10
[  973.706798][T18802]  ? rcu_watching_snap_stopped_since+0xd1/0x110
[  973.706840][T18802]  ? trace_lock_acquire+0x14e/0x1f0
[  973.706883][T18802]  full_proxy_write+0x13c/0x200
[  973.706932][T18802]  ? __pfx_full_proxy_write+0x10/0x10
[  973.706975][T18802]  vfs_write+0x24c/0x1150
[  973.707021][T18802]  ? __fget_files+0x1fc/0x3a0
[  973.707069][T18802]  ? __pfx___mutex_lock+0x10/0x10
[  973.707110][T18802]  ? __pfx_vfs_write+0x10/0x10
[  973.707161][T18802]  ? __fget_files+0x206/0x3a0
[  973.707214][T18802]  ksys_write+0x12b/0x250
[  973.707259][T18802]  ? __pfx_ksys_write+0x10/0x10
[  973.707310][T18802]  do_syscall_64+0xcd/0x250
[  973.707354][T18802]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  973.707403][T18802] RIP: 0033:0x7f953e58cde9
[  973.707429][T18802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  973.707465][T18802] RSP: 002b:00007f953c3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  973.707499][T18802] RAX: ffffffffffffffda RBX: 00007f953e7a5fa0 RCX: 00007f953e58cde9
[  973.707523][T18802] RDX: 0000000000000001 RSI: 0000400000001780 RDI: 0000000000000004
[  973.707545][T18802] RBP: 00007f953e60e2a0 R08: 0000000000000000 R09: 0000000000000000
[  973.707567][T18802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  973.707588][T18802] R13: 0000000000000000 R14: 00007f953e7a5fa0 R15: 00007ffded6fda48
[  973.707619][T18802]  </TASK>
[  973.707631][T18802] 
[  973.763177][T18802] Allocated by task 17513:
[  973.763196][T18802]  kasan_save_stack+0x33/0x60
[  973.772662][ T1139] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  973.773963][T18802]  kasan_save_track+0x14/0x30
[  973.807793][ T1139] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  973.810568][T18802]  __kasan_kmalloc+0xaa/0xb0
[  973.960707][T18802]  vhci_open+0x4c/0x430
[  973.964898][T18802]  misc_open+0x35a/0x420
[  973.969153][T18802]  chrdev_open+0x237/0x6a0
[  973.973600][T18802]  do_dentry_open+0x735/0x1c40
[  973.978390][T18802]  vfs_open+0x82/0x3f0
[  973.982477][T18802]  path_openat+0x1e88/0x2d80
[  973.987123][T18802]  do_filp_open+0x20c/0x470
[  973.991661][T18802]  do_sys_openat2+0x17a/0x1e0
[  973.996375][T18802]  __x64_sys_openat+0x175/0x210
[  974.001253][T18802]  do_syscall_64+0xcd/0x250
[  974.005870][T18802]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  974.011791][T18802] 
[  974.014121][T18802] Freed by task 18443:
[  974.018197][T18802]  kasan_save_stack+0x33/0x60
[  974.022911][T18802]  kasan_save_track+0x14/0x30
[  974.027637][T18802]  kasan_save_free_info+0x3b/0x60
[  974.032688][T18802]  __kasan_slab_free+0x51/0x70
[  974.037487][T18802]  kfree+0x2c4/0x4d0
[  974.041421][T18802]  vhci_release+0xbb/0xf0
[  974.045773][T18802]  __fput+0x3ff/0xb70
[  974.049774][T18802]  task_work_run+0x14e/0x250
[  974.054390][T18802]  do_exit+0xad8/0x2d70
[  974.058566][T18802]  do_group_exit+0xd3/0x2a0
[  974.063089][T18802]  get_signal+0x24ed/0x26c0
[  974.067641][T18802]  arch_do_signal_or_restart+0x90/0x7e0
[  974.073209][T18802]  syscall_exit_to_user_mode+0x150/0x2a0
[  974.078874][T18802]  do_syscall_64+0xda/0x250
[  974.083402][T18802]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  974.089326][T18802] 
[  974.091660][T18802] The buggy address belongs to the object at ffff88805f8e7800
[  974.091660][T18802]  which belongs to the cache kmalloc-1k of size 1024
[  974.105733][T18802] The buggy address is located 561 bytes inside of
[  974.105733][T18802]  freed 1024-byte region [ffff88805f8e7800, ffff88805f8e7c00)
[  974.119645][T18802] 
[  974.122004][T18802] The buggy address belongs to the physical page:
[  974.128434][T18802] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88805f8e4000 pfn:0x5f8e0
[  974.138539][T18802] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  974.147057][T18802] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[  974.155593][T18802] page_type: f5(slab)
[  974.159608][T18802] raw: 00fff00000000240 ffff88801b041dc0 ffffea000086f610 ffffea0001764410
[  974.168211][T18802] raw: ffff88805f8e4000 000000000010000d 00000000f5000000 0000000000000000
[  974.176814][T18802] head: 00fff00000000240 ffff88801b041dc0 ffffea000086f610 ffffea0001764410
[  974.185500][T18802] head: ffff88805f8e4000 000000000010000d 00000000f5000000 0000000000000000
[  974.194206][T18802] head: 00fff00000000003 ffffea00017e3801 ffffffffffffffff 0000000000000000
[  974.202896][T18802] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  974.211574][T18802] page dumped because: kasan: bad access detected
[  974.218006][T18802] page_owner tracks the page as allocated
[  974.223736][T18802] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5837, tgid 5837 (syz-executor), ts 92046284069, free_ts 32194003466
[  974.245131][T18802]  post_alloc_hook+0x181/0x1b0
[  974.249932][T18802]  get_page_from_freelist+0xfce/0x2f80
[  974.255427][T18802]  __alloc_frozen_pages_noprof+0x221/0x2470
[  974.261363][T18802]  alloc_pages_mpol+0x1fc/0x540
[  974.266232][T18802]  new_slab+0x23d/0x330
[  974.270413][T18802]  ___slab_alloc+0xc5d/0x1720
[  974.275126][T18802]  __slab_alloc.constprop.0+0x56/0xb0
[  974.280519][T18802]  __kmalloc_node_noprof+0x2f0/0x510
[  974.285853][T18802]  qdisc_alloc+0xbb/0xc50
[  974.290206][T18802]  qdisc_create_dflt+0x73/0x430
[  974.295078][T18802]  dev_activate+0x63a/0x12b0
[  974.299695][T18802]  __dev_open+0x3e4/0x540
[  974.304059][T18802]  __dev_change_flags+0x561/0x720
[  974.309108][T18802]  dev_change_flags+0x8f/0x160
[  974.313898][T18802]  do_setlink.constprop.0+0x699/0x3f80
[  974.319406][T18802]  rtnl_newlink+0x1306/0x1d60
[  974.324112][T18802] page last free pid 1 tgid 1 stack trace:
[  974.329931][T18802]  free_frozen_pages+0x6db/0xfb0
[  974.334916][T18802]  free_contig_range+0x133/0x3f0
[  974.339909][T18802]  destroy_args+0x66f/0x830
[  974.344466][T18802]  debug_vm_pgtable+0x130f/0x2d60
[  974.349530][T18802]  do_one_initcall+0x128/0x700
[  974.354335][T18802]  kernel_init_freeable+0x5c7/0x900
[  974.359562][T18802]  kernel_init+0x1c/0x2b0
[  974.363923][T18802]  ret_from_fork+0x45/0x80
[  974.368373][T18802]  ret_from_fork_asm+0x1a/0x30
[  974.373156][T18802] 
[  974.375485][T18802] Memory state around the buggy address:
[  974.381127][T18802]  ffff88805f8e7900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  974.389298][T18802]  ffff88805f8e7980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  974.397386][T18802] >ffff88805f8e7a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  974.405461][T18802]                                      ^
[  974.411107][T18802]  ffff88805f8e7a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  974.419211][T18802]  ffff88805f8e7b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  974.427282][T18802] ==================================================================
[  974.531919][ T1139] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  974.556191][T18802] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  974.563500][T18802] CPU: 0 UID: 0 PID: 18802 Comm: syz.2.2770 Tainted: G     U             6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  974.575876][T18802] Tainted: [U]=USER
[  974.579708][T18802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  974.589831][T18802] Call Trace:
[  974.593136][T18802]  <TASK>
[  974.596094][T18802]  dump_stack_lvl+0x3d/0x1f0
[  974.600738][T18802]  panic+0x71d/0x800
[  974.604684][T18802]  ? __pfx_panic+0x10/0x10
[  974.609148][T18802]  ? preempt_schedule_thunk+0x1a/0x30
[  974.614577][T18802]  ? preempt_schedule_common+0x44/0xc0
[  974.620095][T18802]  check_panic_on_warn+0xab/0xb0
[  974.625083][T18802]  end_report+0x117/0x180
[  974.629481][T18802]  kasan_report+0xe9/0x110
[  974.633957][T18802]  ? force_wakeup_write+0x14d/0x170
[  974.639211][T18802]  ? force_wakeup_write+0x14d/0x170
[  974.644463][T18802]  force_wakeup_write+0x14d/0x170
[  974.649541][T18802]  ? __pfx_force_wakeup_write+0x10/0x10
[  974.655143][T18802]  ? rcu_watching_snap_stopped_since+0xd1/0x110
[  974.661436][T18802]  ? trace_lock_acquire+0x14e/0x1f0
[  974.666690][T18802]  full_proxy_write+0x13c/0x200
[  974.671605][T18802]  ? __pfx_full_proxy_write+0x10/0x10
[  974.677028][T18802]  vfs_write+0x24c/0x1150
[  974.681411][T18802]  ? __fget_files+0x1fc/0x3a0
[  974.686151][T18802]  ? __pfx___mutex_lock+0x10/0x10
[  974.691222][T18802]  ? __pfx_vfs_write+0x10/0x10
[  974.696037][T18802]  ? __fget_files+0x206/0x3a0
[  974.700770][T18802]  ksys_write+0x12b/0x250
[  974.705170][T18802]  ? __pfx_ksys_write+0x10/0x10
[  974.710096][T18802]  do_syscall_64+0xcd/0x250
[  974.714669][T18802]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  974.720623][T18802] RIP: 0033:0x7f953e58cde9
[  974.725344][T18802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  974.745007][T18802] RSP: 002b:00007f953c3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  974.753485][T18802] RAX: ffffffffffffffda RBX: 00007f953e7a5fa0 RCX: 00007f953e58cde9
[  974.761509][T18802] RDX: 0000000000000001 RSI: 0000400000001780 RDI: 0000000000000004
[  974.769523][T18802] RBP: 00007f953e60e2a0 R08: 0000000000000000 R09: 0000000000000000
[  974.777550][T18802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  974.785572][T18802] R13: 0000000000000000 R14: 00007f953e7a5fa0 R15: 00007ffded6fda48
[  974.793606][T18802]  </TASK>
[  974.796984][T18802] Kernel Offset: disabled
[  974.801329][T18802] Rebooting in 86400 seconds..