last executing test programs:

3m38.157713827s ago: executing program 0 (id=2097):
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000e1, 0x40eb1, 0x401, 0x300000000000)
ioctl$auto(0x3, 0xaea3, 0xffffffffffffffff)

3m37.729869673s ago: executing program 0 (id=2099):
getrandom$auto(&(0x7f0000000100)=']\x00\x00[\xd9\xbc\xad-j\v\xe8b\x01\x00\x00\x00\x00\x00\x00\x00', 0x1, 0x0)
mmap$auto(0x0, 0x40009, 0xa, 0x9b72, 0x2, 0x2)
r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
ioctl$auto_FS_IOC_MEASURE_VERITY2(0xffffffffffffffff, 0xc0046686, &(0x7f0000000140)={0x7, 0x4, "1b06a937f3111d4682b3fa343282f18a03aceb63eaa8c5a9bb1ed525cca596a25bf47815f9fb14228152928824f0e5e06ab5e6eeaa8510d57d45c0277a600298664b17352a047d7bf703b28d59bc82e1f8d942a10d8cffc3e7af5194aa97087468d69a75d4eacce96d8fc9b295a5056bd080cfd54db31bb4f796de5e380d9d21b6c7e7a19d459db60f9c94df4486cd4de1a50a3739bf6ab237356ca2a7"})
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r0, 0x8000)
msgctl$auto(0xf5, 0x23d, &(0x7f0000000080)={{0x1, <r1=>0xee01, 0x0, 0x84a, 0x7, 0x2, 0xff5f}, &(0x7f0000000000), &(0x7f0000000040)=0x3, 0x6, 0x7f, 0x8, 0x3ff, 0xffff, 0x9d, 0x38, 0x1, @raw=0x1})
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006)
r2 = setfsuid$auto(0x0)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000400), r0)
sendmsg$auto_NL80211_CMD_SET_MAC_ACL(r0, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000280)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x821}, 0x4000)
mmap$auto(0x0, 0x402000c, 0x6, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8000, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0xc, 0x0, 0x0)
setresuid$auto(r1, r2, 0xee00)
madvise$auto(0x0, 0xffffffffffff0001, 0x6)
r3 = socket(0x11, 0x80003, 0x300)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
name_to_handle_at$auto(0xffffffffffffffff, &(0x7f00000001c0)='/\x00', &(0x7f0000000200)={0x0, 0x200}, 0x0, 0x1001)
setsockopt$auto(r3, 0x107, 0x12, 0x0, 0x4)
io_uring_setup$auto(0x4bf15e08, &(0x7f0000000000)={0x401, 0x8, 0xfe, 0x6fb3, 0x8a, 0x9, 0xffffffffffffffff, [0x100, 0x9, 0x7f], {0x2, 0x7, 0x3032, 0xe, 0xf, 0x5, 0x5, 0xfffffff9, 0xf08a2b3}, {0x0, 0xfc, 0x6, 0x0, 0x0, 0xf89, 0x9, 0x837, 0x8}})
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84)
io_uring_setup$auto(0x6, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000001340)={'dummy0\x00', <r6=>0x0})
bpf$auto(0x0, &(0x7f0000000000)=@bpf_attr_5={@target_ifindex=r6, r5, 0x4, 0x10, <r7=>r4, @relative_id=0x13, 0xe600}, 0xf)
bpf$auto(0x7990, &(0x7f00000001c0)=@query={@target_fd=r7, 0x7ff, 0x7, 0x0, 0x20000003, @count=0x3, 0x0, 0xae, 0x2, 0x9, 0x80000001}, 0xc)

3m34.216215034s ago: executing program 0 (id=2117):
rseq$auto(0x0, 0x8000, 0x0, 0x6)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x4000080)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r0, 0x0, 0xa3d9)
setresuid$auto(0x0, 0x7, 0x8080)
shmget$auto(0xa, 0x10563, 0x568d1af2)
mmap$auto(0x0, 0x20008, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x1e, 0x1, 0x0)
socket(0x28, 0x5, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2b, 0x1, 0x1)
pipe2$auto(0x0, 0x80)
keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8)
keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x4, 0xffffffffffffffff, 0x4)
mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4)
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100)
fcntl$auto(0x3, 0x4, 0xa553)
write$auto(0x3, 0x0, 0xfffffdef)
rmdir$auto(&(0x7f0000000140)='./file0\x00')
read$auto(r1, 0x0, 0x8)

3m32.772354309s ago: executing program 0 (id=2116):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff)
openat$auto_l2cap_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)={0x58, r1, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@HWSIM_ATTR_RADIO_NAME={0x43, 0x11, '\x00\x87B\xfeP\xc6\xae\x16\x8eC\x9f\xdf*x$\xe5\xc1\x9b\xfd\x94\x8bY\xb5\xcb]\x1f\x1cR&\xf1v^g\xfe[\x822\x01E^(ZZ\xf9\xb1O\x8e\xf6-`r~\x86\xf0\x00\x00\x00\x00\x00\x00\x00\x00\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x801}, 0x4044820)

3m32.488012151s ago: executing program 0 (id=2118):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) (async)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0) (async)
read$auto(r0, &(0x7f0000000100)='nl80211\x00', 0xbe62) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030004020000060007000080000000000600010000000a0005000000000000000000b3fc010000000000000000000a0001000000000000000000060006000500000008000200", @ANYRES32=0x0, @ANYBLOB="080004000301"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x103000, 0x0) (async)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x20b02, 0x0) (async)
write$auto(0x3, 0x0, 0x100082) (async)
mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x82000000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) (async)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

3m32.179586115s ago: executing program 0 (id=2121):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000d40), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000002080)={&(0x7f0000000080)={0x1c, r1, 0x1, 0x70bd28, 0x25dfdbff, {}, [@NFSD_A_SERVER_SOCK_ADDR={0x4}, @NFSD_A_SERVER_SOCK_ADDR={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x4000)
r2 = getsockopt$auto_SO_PEERPIDFD(r0, 0x4, 0x4d, &(0x7f0000000040)='/sys/kernel/debug/dynamic_debug/control\x00', &(0x7f0000000240)=0x765)
ioctl$auto_IOCTL_VMCI_NOTIFY_RESOURCE(r2, 0x7a5, 0x0)

3m17.115354036s ago: executing program 32 (id=2121):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000d40), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000002080)={&(0x7f0000000080)={0x1c, r1, 0x1, 0x70bd28, 0x25dfdbff, {}, [@NFSD_A_SERVER_SOCK_ADDR={0x4}, @NFSD_A_SERVER_SOCK_ADDR={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x4000)
r2 = getsockopt$auto_SO_PEERPIDFD(r0, 0x4, 0x4d, &(0x7f0000000040)='/sys/kernel/debug/dynamic_debug/control\x00', &(0x7f0000000240)=0x765)
ioctl$auto_IOCTL_VMCI_NOTIFY_RESOURCE(r2, 0x7a5, 0x0)

2m32.44718418s ago: executing program 4 (id=2301):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x1d, 0x2, 0x6)
io_uring_setup$auto(0x6, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket(0x2, 0x6, 0x0)
socket(0x2, 0x6, 0x0)
epoll_create$auto(0x4)
epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x7000000)

2m32.203278964s ago: executing program 4 (id=2302):
mmap$auto(0x4, 0x7fffffffffffffff, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x1d, 0x2, 0x8)
io_uring_setup$auto(0x6, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket(0x2, 0x6, 0x0)
socket(0x2, 0x6, 0x0)
epoll_create$auto(0x4)
epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0)
r0 = socket(0x25, 0x1, 0x1)
mmap$auto(0x99d0, 0x280000000000, 0xdf, 0x9b72, 0x2, 0xd33)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
connect$auto(r0, &(0x7f0000000040)=@generic={0x25, "835aabaf5dc454e38226799f73aa"}, 0x18)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)

2m31.773082998s ago: executing program 4 (id=2304):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x20000, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socket(0xa, 0x2, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/loop10/mq/0/nr_tags\x00', 0x20000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000040)=""/156, 0x9c)
connect$auto(0x3, 0x0, 0x51)
r2 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000001080), r0)
sendmsg$auto_IPVS_CMD_SET_DEST(0xffffffffffffffff, &(0x7f00000023c0)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000002380)={&(0x7f00000010c0)={0x12b8, r2, 0x300, 0x70bd2c, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x2}, @IPVS_CMD_ATTR_SERVICE={0x1182, 0x1, 0x0, 0x1, [@generic="9d3348af343e07d515045df0988ee73e51f3deb4bfe68eca0c1e4686531175e3b21cb3e1093a57bdfaadc9cc655d3a16a6d80f57cc8be95913ac6ee82fca30eb26b1d01fe61f307e6103fc0c87a2ccf215d4a1d66b98bdfadd97839e00b9bef09cda424ff816d6906193035f16cf1392e639ec1c6fdb58b853abcc31164717a466f5", @generic="cd7ddd002715e294135090431a99c37852806ee6cc6f7f63bae7bae97c0b8919569eb1a6", @generic="ec271063525d241154532645f66e4c26eab8a3820236b3f7fbec404c8c077258f76a53cd95f7a9bc71f22629aab7cfa936881debf8ec97046c21a4ba4d465e3cf8bce586c3df2e1c60056320a4f5bb3c3aebca54a9b7ad4d5a8a12c38b4b5fbbc0d06612738d164fca3e0c4464f62907945f6edfb953a746bc3268befd8a018e1397357ff55eb3f178c9ba198a775cc60750816b6d558f854b9b08a7cfd1495771077b1f3b8c25647006133a09e319a23df218a0c28196306d5fa3ac32d677db2703b0e96b161e897a32a32c2661ece36daa2a6639cff3f912e5cf85634e0ffc4cc15c216a4c67a2b36b8bfd9a27e87fd5fa2cf383d8e7eb6ef7838bc828b1abd453469fbcd58c790fcbae3459122d7e3def8f1b54e2e9a6613a5140041cd5f35c79d82a4fc3a975a097b26215761f0faf32f7c9e1572579852bf16688ccfef279875690c78e61b92a2e523362f653db2fe9b7dc996c76fbc00f50d171b09dd1cc340af06c4470ebaec4e03a4d193e0dd71afcbba1e2145f30119d2ca95bd3a78b3152d498a71220b4c782ae80d92cd523a468d281a6d39beb33cb486eb5fd2f674f999c486a8bd8762b54db1f7d8c8b3d898a1952843b59a277dc293e67d4b13024306a94a1365617fb29afca795dcbec9ce763051ff728c4d2ef9ed9f02e5240a7c0d03e4826bf84fc3ee231d1373ec77dad83d33b6c4ec2e3eaed0196347022a1ec42c724af52842cf261224bc7b1659244e379fe25848fe55b0fc85d71434e5082755440ff5981b9f3a5ecd04eec3b741d3f1f3b82ce431d74b38a2b59b42300c33ae37b1b9dcc0599d833f84b61ad60413f0cd3177b0fc8dff8cb55c83f023f4d0a39be7ecb4fe755463fbed6888a70b70c271f3c6bd7ee116d42c07136772ae792b34b9f8652573a48e47904092fa91c4ac130ac7e415882cff4de152592082a2cb1afc234a04e54703d29f1381a32a34354f6b8e66288efdf267e384c5ca39bfda769d40697afbc4120686e68109e04e9be3be7f2887fb9273acb077162221bdcc2b91070f17fec7a1536b635a3c2122e26cece725b8da40eb47b29a846439ce80ff89fdc54d61df3d01a3871623a42afc45d541cb127d825379a27eeb5167cb0f99888a0b633118271b440deee79b6bb44483a123e513e57f4fbcd9bad9896878c87de3539ce1b0fda73ab2fae4ff34612ca6689954f916101e5a41fb4f3fffe15994c2746befd390bf8d4052f925aa1ed2364df05a127596315b13301629a06d0d195dd038a5026e461d021696ff4c8ead8c425b143bdc314e26b7e908639e4d923e9d6ad948be4c648ba440e49e5c49928ab8343f020c520dbfbbe6d25230f87c4e166aa43c33df8648c0f66585f3de0bbc9041735dc659cf310f99a62739c91d05c9bba0a2e3a0066a12a15cbf49d839654fba3bdc75b2f13651e843c5f5a98b2a7449eaf68c38b40076732d15cef6c4b52425430ff5c5aa4cc699692a5d650fbb46b18dbd7a29e9565148b9c7982cff1c04d72a6d1eb729f068186ae49f4046b07be0e7d3470292b3a95185a1c69c3f8d5a01924bc1ca50ee3cdd09b92bb6bc21debb588b0b3adc89709b2f8d779fd3b1ddb0ca2cec5967d3c2255b107afe2ec7de698f8461329b101eda81ea2ba42529fd9fb783ddb513e16f3212caad8430576912b4b1cf1bb5f4419ded1c546b7f19ef99f8c8c56398e88bd845b531e8217f4fa6a99366083f764852e24314a2fc430b954bbb105fe6a9b043a4dea12887f411b5c517dc0dea1fc40a2b7ad34cd3d4f9ef43cda2318168c333340f8a64c45caf44af82d0585214b8050277fb35050980acd8e8f8e42c48d630acecf03594151e9f2117120c5c90ddc089a7c631237ee3cebd203126ea506c836a7793c3be061b2cc5f20e62229d5a94498dd70c3d3de634bb28ce8eb53d481d8b5432b6262d5297636178c36de7f4608134a5719c0decf138dade84dd5b74d1f2ea9d01186dcd40e1e243f7ad75c2a9b0c6d4cf71cfebb37d74f3b0ff64caf863ea62f412088d8a81687174efc6dc5431573bda2aa8f0be0bcad1dd6607ff90dded0dbdf0318e5b79dc5984f0e94b84fdffd4042e6f6f99b92f29a76352a65e8c92a021bc5a13343a5e29667ce8b04742f16d4ea4da4f35f1a1491a34a1f8cc6dc9b8657b614fc327f20a16bd25b9a7c180491cff7c90ee56bbe4ee080dfb9a67437077732b7434e90cb88f3ced4f4bb6a0bafbf2246691fce760e14d5c2a83f7b370e336fd3a8471a0c037810cf1c932b44fcd28fdc056f93ba50fa884759e6a3f375226a177d12b3751829f2ba065235a5b077b4a52a5a76937231024715d9adea9b52cd2cf7aaeb304c7eb3e942e999b178c2d1d34f7be00a96de8058e2d9e50072b7ffdb0d396b477967498b650aa2a7692717c0a1fc64322d2632c93e61d5d0df7fbf95449391705be66d6931f2e457cd16fddf258786625c168c31ea69568edf2dbfcc8ef2e2a61b4b7723d3848b846d55ba9e9dac808033d47dc1ad311e0759da60decf3e7b0bd0f1e763fd5e8c225377f6b0b388bfd65a30f490dff6d03787a8c3f233a71bcc414544060eddd8be67cba7eb0bffff95c9f28ed30f41a67c942e003ea2ba9c8e55af1016655fedb0044c830ec7e4223d251a0543025d8cd190429c8426fd9d983f7146099881655744c6bb74e50ba242b8dcb756c5d52139fef1c99e973bcc96583b3fdf4fb05610fdd3400918caaefd9ff1857b20ea63d5ec582384a0ae9cc62cbfb32a9d7bb656c445966226bfc65433cc3bcb641a4dce0accfd4036d814f1680ba679d151ac2ce99f5e8ea8d2417abe309dba89609bb56853f2d1ee43acc5dc3372b7ccf6d7a286fc2c7b0466421eb5129826aa112abac68ddd9347b33398cf30414304c2a4dba904696cbf8cec99e23071e171db2e6701578fdc68504e572668c4acdfbef310796d9ebd8ec699b5427770aaefd808dada2c6ddb2eb1e296fc977e93473e587b67e1d3f49ebccf2e31a0ce9ddc41fb7308ba607f404704c3a8f8759fc01b611da0880bab6992bbec79bf51ffaf0cb96dcf767dffc275d62a3587b0ab122fe0d0f8213732bd65b1daaa2efee71fcbe765446da6e85132d7b176afc1a10f4b2e60a77c3528f33468ecc1b5070d10416f2c782e5d1375da35de7e2686421d99c0fe46be72279bad6c87226b53bc527e3c477fb6cc553993038df9711ae0a4221114773a27414dce4e42a45d8c5591b2f74a5a85d739b56faebb85ff9dfd304cb994e2dd4d7f90abe661bf01fa80a4da93845a6999ad0051fc477f509aa2d35533fc7dff37b464eeb3aa6eb399ae16364dd33e393a2daf716cb501b99b432e7b5c752f95cb0b87af31166b7a592bc56545b155c7c0a2321ac8a0201904ccfb68634feaff6b1408001d5ef39d8855969052e8c5637b3f52855efd31bec65fdd87cb2039776289ffc20aa01dc45abfedb8ab75fff960daed59f40789bb4463470c7bebb1c77b6dcc736ffccc7bf3c4fe9b1cbfa344015b2691cda75e07be9f8f7698b3f334a2421e171deeba357c4b173fd3bef00f5c09626744c5c3624ba26ca98f3a1abfc0e420e791a37f7eec3bca08f8fe6c9abec8efe9957b02588729d04808bb8ff0e8fef97bc4e187c0ca02187e1bc360e01e8458a59c4e6c667acbd151077d23b8f8428041ccba781c0a23036e0b9b506fd025f810b390dee06a66a5edd8d4cf6ab53f93f28f22c799e04555593522030d2912bebb470046adbd5eee6a41efb5be347f2f1fb3aad091fa75a72acf65a77adbd364575844c7b74967148aa1cb5664200a05ec3ba075a269b637e561a64ca752913ae15807389b58a1fd45341257d2edfe96bc8826a7575821a4437f84a61146bcb4d13618f4421ab3df60b8bd48aeef6aeee17d4767af066dac48e3682a713365b7f54252756be08e7bf80fcce027421a6f1441eef3c14a6a6d540ed3a7c0a81116f79907524120fc86f968a07aa1c3b2fd57d556300a65986a3f7581e9ed035dd82e5942080e02e89bd87d6281d207b932c42cbfbac022cd4a0e998634f00e32d683cfc52c92fdaf46148282d578b11df4465358ee6a35fc199c37335aa7a36aae41ae1421659711920eed18ff508cb9bda41c0701402d623882ee9b594f6c34d12b6633fa6b33cecbda274d64de2e40c11801c6f861665f9d615edf059192d07b71a13c5a10e69731945b903b17b2da406cf7c48191c71d0743f689da177520185e5da840ab23548a08926a8311254fbcd23029b57d97b14431497e20c4ed42f04cdfaf062d0fe4f477681cdf8cfb3227c2955f17cf2acd47276d0fc540012f73641bcbaa38259276e93fc09b222e758586f4658246061f97a3b80ce47bfde943cafe345eeea9f50e03f368b68c2f2275f51c1377845a19276f976d71dedc6a207689f02205628f77da48b445f4d42f1a67264e4319cec7b83f12ef1d9441a0078ac156b0759306442257c72342a59ce5732335d5ec67af90aed14ef81dd5e55e5af3896d7c0cffb33fff12545192ec759de6df50058e363dd67677bc3504265075a9e0a762c80b4c76362e49bad025c20b9369d63a553bf067b65e9d64297096886c3d713ef0b5874832ac480e97a43fcc092d393b20cb7f596d39e45fe48aa61517f8e1ffe4ab3be5fda0e341cef22e2bec54516fe347c9551db5c4311d351480c9cefa707128127c3ac5e2b33f98ecfb8ac222025acad5f66de5d1e2dfe246bb9ee9a89df9e6804f6101bad4e6ebcbc11265e4645b553df26b1ddaeaf1e717b748927e5713d512373b7795b3f84c7e62647db26c70d0e385aef075ee06eb27b46e7990641555c121df8d91e0463ef8dde1f260160efe46baa441b426a07ecb3fb52b44d7d403880d10532100d707a98b19ae498f4a570d4dc5330263846870446212724db5d54bc0594cf06e53f86da4cd974add5fe2a884a990d5ed257f67701fb5ce6d4ce84ade7fb6af2a1ee715b38f6e7e9ea1283876e48bfcb44268d0a6ff03986c09eca6a7a6d118139fa6a3a8db0f59485e820d99c4033175114964d0684665380715db25e659cd760c5ea20b444b5fc28d796b090614dc58d458f749a4cb6e4657e4d26860f0f7f7319bb477e554663f4e3d18c9ce81c5a816d738aa701893f34950cda60f4baad51d19a9ac176061a9245bfc7f4601b797e36cb0992d0fb6d7fee6b923464913a3638c711b19f0bf9683acf87a2dc4098fca8a08f7113fe00a0b1c0239235acde3491673e8522cb09ef1fb721f7b8132fd6af87d337b3bb4ac1fc13256010b28d6929ecf9793a52c40156d145daf77e0310f5a832ffa7d0ddde3a404ff4bccd27a890af28ba6f5a1361ddc961b2c78d4850f7d41093cfdeb8b9d5567378839dd8ea1b805b6854f0927a346c31c1f63071c3aef1b4c8882712254abf844c80ebd029bd455f8393f81bb73f77c918484bdf7e7a2e60e49b6894f7815c19eb64e2374fd14240177dd068f12d73d3fa14550dc81d7b0cb6fc7534beb8a231569b1c3949b450325ffc287773a12a5eb5cd37cc80b319a737b12d0d3d137d7364428b5f62fcf683b5c501210a1d3dc2709172bf285aa481005c18eb97c03fc5a7be798f07b954b1b5df5a43c60490f6e57fd44bfcb60cebc7ad184c3740332ae9610352b4ae85ae2b02ea8247c0347e04676f92fc2ba523e11230a4295d68ef4eb4158276f073764215a941bdc2a5ea84100f373f9554aa8b6ebcd7639a5eaa66f4d78ab8db9095bb7868d35e3aba2", @typed={0xc2, 0x14d, 0x0, 0x0, @binary="fdee061c690fd25a15a794e8e3d25fd104fc30a2d49dfbe282024475ad08adcda3bdd6fc4733aedbdefd55767dc8542b78b08ba62ab20366ddcdba24050f4a0f7bb87ee411ba58ef8224808cdac90fb2cdf924e8199b26d4deff156b6b64fa8e8c15388c4429498926ad3cdfbedbd45e4c3d40dd4b2180894f27180c06cb9669f4743c3d18000e5c8e3a222d656b01ddf794cccadb4190afc7b43fbc33f0e9ed8c2df01eb902d261d8740de51cdc7ba81f718379af4ea71898fa8287f267"}, @typed={0x8, 0xf2, 0x0, 0x0, @uid=0xee00}, @nested={0x8, 0x9f, 0x0, 0x1, [@nested={0x4, 0xce}]}, @typed={0x4, 0xfa, 0x0, 0x0, @binary}, @generic]}, @IPVS_CMD_ATTR_DAEMON={0x10f, 0x3, 0x0, 0x1, [@nested={0xc4, 0x148, 0x0, 0x1, [@nested={0x4, 0x64}, @typed={0xb, 0x64, 0x0, 0x0, @str='%]#.]$\x00'}, @typed={0xc, 0x37, 0x0, 0x0, @u64=0x40}, @generic="1fe28440730e37ed563fd59d4818d692df9d71080e4cec635ec63decf6d69dc1a933f84fabed1f6d8608a7bc100121302b0dbc8695482b4c740edcf62c6f967e9d73288fe90c5ba94132b4de8268dc90343f0691f4b8b7ed671baa367b9fd52bf4cad93e7ebb68240032184df136cbde9373e788f7edaf4ddff6a7c8a16445d7e80036dfd80477a77ae75d2fa4544c9f080344da2ebd8a3691eae8cba251e44db7fd935c"]}, @generic="4dbc7f47cdaf9c5729b96e592afec3a45a5b755dcd95cbfdee9db34090b0af3df5481933c323ea5304bbb41838cd88b90638f8ec71b0e8ebfdf9e9fa0c8d6dd4b13d7c621a11db"]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7}]}, 0x12b8}, 0x1, 0x0, 0x0, 0x40000}, 0x8004)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0)
shutdown$auto(0x200000003, 0x2)
sendmsg$auto_NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, 0x0, 0x20048800)
r3 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0)
ioctl$auto_MON_IOCX_MFETCH(r3, 0xc0109207, &(0x7f0000000100)={0x0, 0x4, 0x7})
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x28402, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000003680)={'wlan0\x00', <r7=>0x0})
sendmsg$auto_NL80211_CMD_NEW_KEY(r6, &(0x7f00000048c0)={0x0, 0x0, &(0x7f0000004880)={&(0x7f00000003c0)={0x24, r5, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NL80211_ATTR_KEY={0x8, 0x50, 0x0, 0x1, [@typed={0x4, 0x6, 0x0, 0x0, @binary}]}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r7}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x890)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000040)=""/4096, 0x1000)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x12, 0x940, 0x1fee0, 0x3, 0x6, 0x80000002, 0x9, 0x5, 0x2, 0x7, 0xb0, 0x9, 0x5, 0x3, 0x5, 0x7, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x400000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe]}, 0x1fe, 0x82)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r8 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
recvfrom$auto(r8, &(0x7f0000000380), 0x7, 0x1000, &(0x7f0000000080)=@can, &(0x7f00000000c0)=0x2)
sendmmsg$auto(r8, &(0x7f0000000200)={{0x0, 0x2000000, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

2m29.640592287s ago: executing program 4 (id=2313):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/cpu/smt/control\x00', 0xa6ac0, 0x0)
socket(0x29, 0x2, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
write$auto(0x3, 0x0, 0xfffffdef)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x3ec0)
sendfile$auto(r0, r0, 0x0, 0xffffffffffffffff)

2m29.344261995s ago: executing program 4 (id=2317):
ioctl$auto_IOCTL_VMCI_CTX_ADD_NOTIFICATION(0xffffffffffffffff, 0x7af, 0x0)
r0 = clone$auto(0x20003b42, 0x2, 0x0, 0x0, 0x2)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r1 = socket(0x2, 0x2, 0x1)
read$auto(0x3, 0x0, 0x7)
futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0)
setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x8)
sendto$auto(0x3, 0x0, 0x18, 0x101, 0x0, 0x1c)
connect$auto(0x3, &(0x7f0000000140), 0x55)
io_uring_setup$auto(0x6, 0x0)
write$auto(r1, 0x0, 0x8e)
pread64$auto(0xffffffffffffffff, 0x0, 0x7, 0x4000000000000007)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x4, 0x4, 0x5, 0x7)
semctl$auto_SEM_STAT(0xfffffff8, 0x9, 0x12, 0x2)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sched_getaffinity$auto(r0, 0x9, &(0x7f0000000000)=0x3)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
ioprio_get$auto(0x2, 0x1)
connect$auto(0x3, 0x0, 0x54)

2m28.741229951s ago: executing program 4 (id=2319):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rpc/nfsd.fh/flush\x00', 0xc8201, 0x0)
write$auto(r0, &(0x7f0000000100)='\x00', 0x1)
mbind$auto(0x0, 0x100000004, 0x4, 0x0, 0x20000000000006, 0x2)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
pipe$auto(0x0)

2m13.469565196s ago: executing program 33 (id=2319):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rpc/nfsd.fh/flush\x00', 0xc8201, 0x0)
write$auto(r0, &(0x7f0000000100)='\x00', 0x1)
mbind$auto(0x0, 0x100000004, 0x4, 0x0, 0x20000000000006, 0x2)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
pipe$auto(0x0)

1m41.695733093s ago: executing program 1 (id=2446):
r0 = openat$auto_sync_info_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x801, 0x0)
r1 = open$auto(&(0x7f0000000040)='./file0\x00', 0x2, 0x0)
ioctl$auto(r0, 0x0, r1)
r2 = syz_genetlink_get_family_id$auto_thermal(&(0x7f00000000c0), r1)
sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_ID(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x34, r2, 0xcb1da46356915563, 0x70bd2b, 0x25dfdbff, {}, [@THERMAL_GENL_ATTR_TZ_NAME={0x20, 0xb, '/sys/kernel/debug/sync/info\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x840}, 0x4000000)
r3 = openat$auto_fuse_conn_congestion_threshold_ops_control(0xffffffffffffff9c, &(0x7f00000001c0), 0x284080, 0x0)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000200), r1)
pread64$auto(r1, &(0x7f0000000240)='{-*-:\x00', 0x2, 0x5)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000002c0), r1)
syz_clone3(&(0x7f00000005c0)={0x1009000, &(0x7f0000000300), &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000380), {0x5}, &(0x7f00000003c0)=""/222, 0xde, &(0x7f00000004c0)=""/159, &(0x7f0000000580)=[0xffffffffffffffff], 0x1, {r1}}, 0x58)
sendmsg$auto_NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000700)={&(0x7f0000000280), 0xc, &(0x7f00000006c0)={&(0x7f0000000640)={0x48, r4, 0x300, 0x70bd29, 0x25dfdbfe, {}, [@NL80211_ATTR_PID={0x8, 0x52, r5}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0x8}, @NL80211_ATTR_TDLS_INITIATOR={0x4}, @NL80211_ATTR_ASSOC_SPP_AMSDU={0x4}, @NL80211_ATTR_BSS_SHORT_PREAMBLE={0x5, 0x1d, 0x51}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x7}, @NL80211_ATTR_ADMITTED_TIME={0x6, 0xd4, 0x81}]}, 0x48}, 0x1, 0x0, 0x0, 0x4004000}, 0x4000)
r6 = openat$auto_ocfs2_control_fops_stack_user(0xffffffffffffff9c, &(0x7f0000000740), 0x480440, 0x0)
close_range$auto(r0, r6, 0x5)
fsconfig$auto_JFFS2_COMPR_MODE_NONE(r1, 0x6deb, &(0x7f0000000780)='#:-^%{@-\x00', &(0x7f00000007c0)="a1e1bd0cc3d69e57fd9045accfc1c32be459070481e2491f6d7b27141b02e1e738edc30daec9f3a109ddf165b69eeadf", 0x0)
r7 = waitid$auto(0x0, r1, &(0x7f0000000800)={@_si_pad}, 0xfffffff7, &(0x7f0000000880)={{0xc, 0x80}, {0x8000000000000001, 0x2}, 0x85f, 0x8, 0x10, 0x1, 0x101, 0x3, 0x7, 0xc520, 0xa5ce, 0x2b0, 0xffffffffffffffff, 0xa0c4, 0xe9ce, 0xc})
prctl$auto_PR_SET_MM_END_CODE(0x7fffffff, 0x2, r7, 0x5, 0x3)
acct$auto(&(0x7f0000000940)='nl80211\x00')
mprotect$auto(0x0, 0x3, 0x5)
ioctl$auto_SNDRV_TIMER_IOCTL_TREAD64(r1, 0x400454a4, &(0x7f0000000980)=0x7)
ioctl$auto_TIOCGICOUNT2(r1, 0x545d, &(0x7f00000009c0)="fc232eb3a3bdd3ebcfa3d92f32901f539b970b272462c710df55461bb5873686f96a481aa989014625df74c85873ec88c0942c5691d80e33ebcc8af27acf539bb082ef8027d6b091ed02fd5a28752dc2b452b0c8d84878d41caf41")
r8 = gettid()
r9 = prctl$auto_PR_SET_SHADOW_STACK_STATUS(0x4b, 0x8, r8, 0x7, 0xfb)
getsockopt$auto_SO_ZEROCOPY(r3, 0x3, 0x3c, &(0x7f0000000a40)='nl80211\x00', &(0x7f0000000a80)=0x1)
r10 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000b00), r9)
sendmsg$auto_OVS_VPORT_CMD_GET(0xffffffffffffffff, &(0x7f0000000c00)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b40)={0x58, r10, 0x4, 0x70bd27, 0x25dfdbfd, {}, [@OVS_VPORT_ATTR_UPCALL_PID={0x42, 0x5, "3c3ca6615675f9177c86742aed5d5e0b341164a5cacd67a38ae0cf5b4c7b401ab05cec403b7eed73c617cd4aa717a6ff849e41d5d7400bc23d588ee556b8"}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000080}, 0x840)
r11 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000c40), 0x4800, 0x0)
ioctl$auto_NVRAM_SETCKS(r11, 0x7041, 0x0)
sendmmsg$auto(r9, &(0x7f0000000dc0)={{&(0x7f0000000c80)="3b2ba01922109f9d8f6c777945d20f", 0x0, &(0x7f0000000d40)={&(0x7f0000000cc0)="160f80c11587673046081ac87f02626451672671b27d7ca8f8c697cd1e95096b81da89647fae82bd4911113d9de3cd376e5bfb16f4fb5726064b6d1b3480f8eafb27da4e70f177b0ed16c23323cadc8891fc2ee8ed31c305e1", 0x8}, 0x7, &(0x7f0000000d80)="0231e2a61b0b41be6d4677bb46877da2ac6eb1715e130c245740c995684c78332fc63913a372d9c88b3af571", 0xa0, 0xc0000}}, 0x200, 0x5)
geteuid()
getsockopt$auto_SO_RCVTIMEO_NEW(r9, 0x10, 0x42, &(0x7f0000000e00)='nl80211\x00', &(0x7f0000000e40))

1m41.468900429s ago: executing program 1 (id=2448):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, 0x0, 0x1a1382, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
recvmmsg$auto(0x4, 0x0, 0xffffffff, 0xf500, 0x0)
sendmsg$auto_NETDEV_CMD_NAPI_GET(0xffffffffffffffff, 0x0, 0x0)
socket(0x11, 0x3, 0x2)
r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/lockdep\x00', 0x10b402, 0x0)
pread64$auto(r0, &(0x7f0000000000)='/proc/NesH\x1fk\xdd\x00\x00\x00\x00\x88\x00\x00\x00\x00\x00:\x19\xf4\xe2\xb7:\x81\xf8\xedl\x9d\x9a\'\xf8D,\xc0x\x1d\xf5JE\xcd7\xc3^\xbc2\xc7\xbf\xe5\x7f\xb93 \xcd${!\x9a`\x96\x86\x96D|\xf0H\x8c\x05:\xae\xa6\x88x\t\x18\x8b\xec\xd7\xe8<cd+o\xcf\x00\x95\xd5f\xfb\x14\xd4\x96\xe9?|\xc6\xb9\x95q\xe0\x1eMC\x88l\xc6\"\xa6\xdc#\x9b\x96U\x0e\xbb\xa0\xa4\x9f\xee\x106\'\xcb\xc7<\x0e\xbb\xd0(\x9b^z;\x81\xff\x8a-\x99\xa7`O\x06T\xa2\xd8&U?\xc9\xed\xce{\xd2\xbf\x04\x15\x92Z\xce\x83B', 0x8100000041, 0x413e)
pread64$auto(0xffffffffffffffff, 0x0, 0x40000000f42c, 0x2)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptyw5\x00', 0x0, 0x0)
unshare$auto(0x40000080)
socket(0xa, 0x3, 0x3a)
r1 = socket(0xa, 0x2, 0x3a)
r2 = socket(0x10, 0x2, 0x15)
syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETFAMILY(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYRES16=r1, @ANYBLOB], 0x14}, 0x1, 0x0, 0x0, 0x24040080}, 0x40805)
mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0)
prctl$auto(0x41555856, 0x4, 0x2008, 0x0, 0x0)
ioctl$auto(0x3, 0x890b, 0x38)

1m37.874355842s ago: executing program 1 (id=2454):
mmap$auto(0x0, 0x400008, 0xb, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000)
socket(0x2, 0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4008810}, 0x2000c041)
r0 = socket(0x2a, 0x1, 0x0)
ioprio_set$auto(0x6, 0x0, 0x8)
connect$auto(r0, &(0x7f0000000000)=@can, 0x8)
recvfrom$auto(r0, 0x0, 0xa, 0x6, 0x0, 0xfffffffffffffffd)
fcntl$auto(0xffffffffffffffff, 0x401, 0x5)
unshare$auto(0x40000080)
r1 = socket(0xa, 0x3, 0x3a)
epoll_wait$auto(r0, 0x0, 0x7ff, 0x6)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000100), r1)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
setsockopt$auto(0x400000000000003, 0x29, 0xd3, 0x0, 0x567)

1m35.497068783s ago: executing program 1 (id=2461):
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0)
socket(0x28, 0x1, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x48140, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/asound/card0/pcm0c/sub4/xrun_injection\x00', 0x400, 0x0)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x14}}, 0x4000000)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0)
write$auto_ep0_operations_inode(r1, &(0x7f0000000840)="e9066030690979838b8a59df3fafe88e4e3d7d31436dd74293752364", 0x1c)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000340)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4460, 0x15f4da0a, 0x1, 0x3, 0x300000000000000, 0x80000001, 0x7, 0x0, 0x5, 0x2]}, 0x0)
unshare$auto(0x40000080)
ioperm$auto(0x3, 0x5, 0x149)
process_madvise$auto(0x1, 0xfffffffffffffffc, 0x0, 0x14, 0x4000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_rb_simple_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/tracing_on\x00', 0x480800, 0x0)
prctl$auto(0x39, 0x1, 0x0, 0x0, 0x0)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x40802, 0x0)
sendmmsg$auto(0x3, 0x0, 0x3, 0x0)
openat$auto_state_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x121040, 0x0)
lseek$auto(0x3, 0x7fffffffffffffff, 0x0)
r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/renderD128\x00', 0x0, 0x0)
ioctl$auto(r2, 0x800064bc, 0x1e6)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
socket(0x10, 0x2, 0x0)
sendmsg$auto_MACSEC_CMD_DEL_RXSC(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010527bd7000fbdbdf25020000000800", @ANYRES32=0x0, @ANYBLOB="18"], 0x34}, 0x1, 0x0, 0x0, 0x4068811}, 0x80)
ppoll$auto(&(0x7f0000000080)={0xffffffffffffffff, 0x11b, 0xf}, 0xc, 0x0, 0x0, 0x8)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="1e0027"], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000)

1m34.44810914s ago: executing program 1 (id=2462):
msgctl$auto(0x26, 0x400, 0x0)
rseq$auto(&(0x7f00000002c0)={0xe, 0x400, 0x0, 0x20006, 0xffffffff, 0x2, "d2bc714b15630b92e25916e8feb8b48a95e5c387fcdbe41a727d927dea309d72f0ff4fd0244c777a1b6f8d8d728e143408"}, 0xfffffff4, 0x0, 0x7)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/dummy0/carrier\x00', 0x8182, 0x0)
rseq$auto(&(0x7f0000000340)={0xffff, 0x3, 0x40, 0x5bd, 0x0, 0x1, "fb256fa8a23567ed542e8700348f15fc29ff93ca591f5a7cc5f24c62ab278a056b77afaefbef282e5ab7a4a4da2e1e56d65f8770e918ea681a3cf5f708a7d448d806413f1321082f94addd1a1b43cad40f6359404d3e20690c7e41ae324cf97f72c0100f5abd3425557057f235ab69efd177fc546ad6f472e7a206775f246a106a4e78ebd77b6a649bf88654659fafbeaf52b62925db03eefb9c7c3d71"}, 0x8, 0x33d9ea5d, 0x6)
mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000)
write$auto(0xffffffffffffffff, 0x0, 0xf)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001)
mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00', &(0x7f0000000080)='nfsd\x00', 0x7, 0x0)
chdir$auto(&(0x7f0000000000)='}[,&*}\x00')
getcwd$auto(0x0, 0xffffffffffffffff)
socket(0x11, 0x6, 0x0)
ioperm$auto(0x3, 0xe, 0x2000000000000149)
syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000180), 0xffffffffffffffff)
setxattr$auto(0x0, 0x0, 0x0, 0x2, 0x2)
ioctl$auto_USBDEVFS_DISCARDURB(0xffffffffffffffff, 0x550b, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_MM_SET(0xffffffffffffffff, 0x0, 0x20000041)
bpf$auto(0x18, &(0x7f0000000040)=@bpf_attr_5={@target_fd, r0, 0x5, 0x8, 0xffffffffffffffff, @relative_id=0x3, 0x41b5c1ff}, 0x3)
r1 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x8)
open(&(0x7f0000000100)='.\x00', 0x591002, 0x408)
socket(0x2, 0x2, 0x0)
mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x1, 0x8000)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
madvise$auto(0x6e, 0x9, 0x7c4)
r3 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
ioctl$auto(r2, 0x5608, r3)

1m33.759847948s ago: executing program 1 (id=2466):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/vidtv.0/i2c-0/dvb/dvb0.dvr0/uevent\x00', 0x183800, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000003c0)=""/134, 0x86)
r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0)
close_range$auto(r1, r1, 0x95b)
write$auto(0xffffffffffffffff, 0x0, 0xc9c8)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/module/batman_adv/parameters/routing_algo\x00', 0x8182, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r3, 0x0, 0x20)
write$auto(r2, 0x0, 0xffc)
r4 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000240), 0x6b6a48598e8c3e56, 0x0)
writev$auto(r4, &(0x7f0000002bc0)={0x0, 0x7}, 0x7)
flock$auto(r1, 0x400)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x3, 0x6, 0x0, 0x10000, 0x1, 0x2, {0x2100000000, 0x10000}, 0x3, 0x6, 0xffffffffffffffdd, 0x1008000, 0x0, 0x80000004, 0x83, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x1800})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
adjtimex$auto(&(0x7f00000000c0)={0x9, 0x0, 0x867b, 0x4, 0x4, 0x8000000000000000, 0xffff8000, 0x0, 0x6, 0xefee, 0xb, {0x7, 0x8}, 0xffffffffffffffff, 0x200000001, 0x2, 0x4, 0x0, 0x2, 0x0, 0x755, 0xe, 0x4, 0x514})
r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r5, 0x0, 0x100000a3d9)
mmap$auto(0x0, 0x1, 0x4000000000df, 0x40eb1, 0xffffffffffffffff, 0x300000000000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
pwrite64$auto(0xc8, &(0x7f0000001880)='S\x00', 0xe, 0x3)
r6 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0)
ioctl$auto_PROCMAP_QUERY(r6, 0xc0686611, 0x0)
socket(0xa, 0x1, 0x84)
r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/virtual/net/bond0/bonding/mode\x00', 0x181002, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r7, &(0x7f0000001300)=""/4099, 0x1003)

1m18.681158276s ago: executing program 34 (id=2466):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/vidtv.0/i2c-0/dvb/dvb0.dvr0/uevent\x00', 0x183800, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000003c0)=""/134, 0x86)
r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0)
close_range$auto(r1, r1, 0x95b)
write$auto(0xffffffffffffffff, 0x0, 0xc9c8)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/module/batman_adv/parameters/routing_algo\x00', 0x8182, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r3, 0x0, 0x20)
write$auto(r2, 0x0, 0xffc)
r4 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000240), 0x6b6a48598e8c3e56, 0x0)
writev$auto(r4, &(0x7f0000002bc0)={0x0, 0x7}, 0x7)
flock$auto(r1, 0x400)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x3, 0x6, 0x0, 0x10000, 0x1, 0x2, {0x2100000000, 0x10000}, 0x3, 0x6, 0xffffffffffffffdd, 0x1008000, 0x0, 0x80000004, 0x83, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x1800})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
adjtimex$auto(&(0x7f00000000c0)={0x9, 0x0, 0x867b, 0x4, 0x4, 0x8000000000000000, 0xffff8000, 0x0, 0x6, 0xefee, 0xb, {0x7, 0x8}, 0xffffffffffffffff, 0x200000001, 0x2, 0x4, 0x0, 0x2, 0x0, 0x755, 0xe, 0x4, 0x514})
r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r5, 0x0, 0x100000a3d9)
mmap$auto(0x0, 0x1, 0x4000000000df, 0x40eb1, 0xffffffffffffffff, 0x300000000000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
pwrite64$auto(0xc8, &(0x7f0000001880)='S\x00', 0xe, 0x3)
r6 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0)
ioctl$auto_PROCMAP_QUERY(r6, 0xc0686611, 0x0)
socket(0xa, 0x1, 0x84)
r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/virtual/net/bond0/bonding/mode\x00', 0x181002, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r7, &(0x7f0000001300)=""/4099, 0x1003)

35.977899497s ago: executing program 5 (id=2697):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket(0x29, 0x2, 0x0)
r1 = socket(0x10, 0x2, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
sendmsg$auto_NL80211_CMD_GET_REG(r1, 0x0, 0x40000)
ioctl$auto(r0, 0x8929, 0x24)

34.893365337s ago: executing program 5 (id=2705):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vidtv.0/i2c-0/0-0060/uevent\x00', 0xac00, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
r0 = socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x4, 0x9, 0x7, 0x3c, 0x101, 0x1ffc0, 0x7, 0x6, 0x7fffffffffffffff, 0x0, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x2, 0x10000, 0x82, 0x7, 0x0, 0x7, 0x8, 0x200, 0x4, 0x84, [0x0, 0x7, 0x0, 0x7, 0xffffffffffffffff, 0x0, 0x401, 0x6, 0x70624ce7, 0x0, 0x4, 0xb, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffd, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x4, 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x400000000005b8, 0x100000000c, 0x0, 0x800, 0x0, 0x7, 0x2, 0xfc78, 0x8000000000008, 0x4, 0x200000000009, 0x40, 0x4, 0xffffffffffffffff, 0x3, 0x2, 0x4000000001, 0x0, 0x4, 0xffff]}, 0x202, 0xd)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mprotect$auto(0x1000, 0x400000, 0x4)
socket(0x23, 0x5, 0x0)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
socket(0x10, 0x2, 0x0)
openat$auto_rb_simple_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/tracing_on\x00', 0x40001, 0x0)
socket(0xa, 0x801, 0x100)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/kernel/cad_pid\x00', 0x8001, 0x0)
socket(0x2b, 0x1, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001040)='/sys/devices/virtual/net/teql0/statistics/rx_compressed\x00', 0xc2700, 0x0)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x55)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55)
write$auto(0x3, 0x0, 0xfdef)

34.318034641s ago: executing program 5 (id=2708):
mmap$auto(0x0, 0x40000b, 0xde, 0x9b72, 0xffffffffffffffff, 0x8000)
r0 = socket(0x11, 0xa, 0x1000)
ioctl$auto(r0, 0x2, 0x2)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
ioctl$auto(r1, 0x540b, 0x3)

33.774872162s ago: executing program 5 (id=2710):
unshare$auto(0x40000080)
semctl$auto_SETVAL(0x0, 0x7, 0x10, 0xfff)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket(0x2, 0x2, 0x0)
setsockopt$auto(r0, 0x17fd70a0, 0xa, &(0x7f0000000480)='\xba\xba\xd3\xc8[&P\x9c\xe7AJz\'\x91\xce=B}\xfe\xff\xff\xff\xa2r0\x92\xc3\x0ej\xee\x93\x1aoL\x87\xa0E\x96\xf63\xec\xe0\xb2\f\xa86v\xeb\xf1\xcb\xd4\xa9\v\xfd\xcc\x18\xc6\xc7\xe6\x17;6\xa4\xd1.3\x15i\x84\xf6\x83\x9c\xccxiw\xbe\x16\xf9\xa7\x14s\xfbl>4\x18*\xaar\xe1s\x19b\xfdd\x10\xa8\xdeX\b \xcb\aj\xe9\xa3\xe0m\xd2V\x7fwE\xea\xef\xcb\xe4L\x98\xaem\xb2u<^l/y\x8f\x87.T\x1c\x1d9\x04\xa5!\xa3\xed6\xb1>\xf30\x04M\xe3\a\xb61pZ\xff\x92\xeb6\xb4N\xdeP\x1bi\xe7\xe7\xc5\xbd{\xbb\x9d\xb1&|\x18h\x9e\xc4\xcfUP\x8b\xa3Jf\xbb\xe8h@\x90\xe4\t 7\x8e\xa7f\x15.\x86p{G\xaa{u\xa7\x91~+2\xa935\xc4D_\xad\'\xb9W_H\xbc\xdbR\xcc=f8\x00n\xfe\xf4\xd2\xde\xb3\b\xfc\'f1q\tD\x91cng\xe1b\xc9\x01\x91\xbf\xad\x06\xc1\xd9\xd50rb\xab\xb6LT\x8asg\xc9\xccX?\xbc\x96\xcb^\xc7I\x93E\xe5\x02\xca\xbfB>\x97\x13\b\xd5*\xd7\xb3\x11\xdf\xd2\xa6\x06\xc4\'\xf1|\xdbn\x04\x8a\xf0K\xfe\x12\x05A9\'\xf6\xea\x9d\xcc\xc4\x04Ui\xbc\xfc#z.\xe7\xfd\xa3\x1cw\xf6d\x8e\x0f\x0f\xf6\xda\xac\x96\xae[\xf7;\x8fJ\xd6122\x94\x88;\xd0\xa5\xa8\xf47\xb5\xae\xee\x910\xcb\xa8\xd2V[8QmLv\x847\x16\"_hn\x14\r\xe5p\xb6C\xc7\xfd\x8a\x8aM\x8a\x99\xcdA\xba\xd1\x9e\xf6\xff\xe4U\xeb\xa1\xfc\xbd@\xe4_sZ\xeco\xad\x9b\xb4b\xc4v\xec\xb5\xce/\xb7\x03{AQN\xa7\x87\xf8 \xc7\t\xed\xc2\x1c\x031$\xa0{:\x92\fc2D+8\x84tG~\xcd\xc5\xfb\x1dD\x84d\xffq(NU\x82?\x96\xdf0\xfd(\xd2\'\x1e\x89\xd8\x83\n\x0f\xd2\xc3\x84K\xe5\x00\xe8)]/\x1f*\x9e\x9e\xd7\xb0v:0\"r^\x88\xc0L\x98/\x04h\xc8\x83+\x89<Y\xc4\x95W\x95Q\x9f\x0e\x90\x83.\xe4', 0x800011)
socket(0x10, 0x2, 0x7fffffff)
mmap$auto(0x0, 0x7f, 0x1, 0xeb1, 0x401, 0x8000)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/midiC2D0\x00', 0x80102, 0x0)
r1 = socket(0x28, 0x1, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/asound/card0/pcm0c/sub4/xrun_injection\x00', 0x400, 0x0)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB="2f212abd"], 0x14}}, 0x4000000)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000340)={[0x1ff, 0x7, 0xd, 0xffffffffffffffcf, 0x948b, 0x4460, 0x15f4da0a, 0x1, 0x2, 0x300000000000000, 0x80000001, 0x7, 0x0, 0x5, 0x2]}, 0x0)
unshare$auto(0x40000080)
close_range$auto(0x2, r1, 0x0)
prctl$auto(0x39, 0x1, 0x0, 0x0, 0x0)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x242400, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x40802, 0x0)
io_uring_setup$auto(0x4bf15e08, &(0x7f0000000000)={0x405, 0x8, 0x20000006, 0x8000009, 0xffffffff, 0x4b, 0xffffffffffffffff, [0x104, 0x9, 0x7f], {0x2, 0xb, 0x2003034, 0xe, 0x4, 0xff, 0x2, 0xfffffff9, 0xf08a2b5}, {0x4000, 0x8, 0x9, 0x0, 0x0, 0xeca8, 0x2, 0x836, 0x59}})
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
sendmmsg$auto(0x3, 0x0, 0x3, 0x0)
r3 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dri/card1\x00', 0x0, 0x0)
ioctl$auto(r3, 0x800064bc, 0x1e6)
r4 = semctl$auto_GETPID(0x2, 0x2, 0xb, 0x3ff)
prctl$auto(0x40, 0x4aa9, r4, 0x25, 0x2)
bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3)
mmap$auto(0x0, 0x4000c, 0xdf, 0x9b72, 0x7, 0x28000)

32.666849739s ago: executing program 5 (id=2715):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000026d00)='/dev/dri/card1\x00', 0x2000, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$auto(0x10, r0, 0x4, 0x7ff)
ptrace$auto(0xf, r0, 0x0, 0x10000000000053)
io_uring_setup$auto(0xa, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
r1 = clone$auto(0xede, 0x3ff, &(0x7f0000000000)=0x1, &(0x7f0000000040)=0x7, 0xfffffffffffffffb)
wait4$auto(r1, &(0x7f0000000080)=0x8, 0x2, &(0x7f00000000c0)={{0x9, 0x4}, {0xb1, 0x1}, 0xffffffff, 0x1, 0x8e, 0xf, 0x2, 0x1, 0xb, 0xa, 0x9, 0x8, 0x1, 0x3, 0x401, 0x10})
close_range$auto(0x2, 0xa, 0x0)
open(0x0, 0xa240, 0x15e)
open(0x0, 0x161342, 0x100)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
pkey_free$auto(0xfffffffd)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000026d00)='/dev/dri/card1\x00', 0x2000, 0x0) (async)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
ptrace$auto(0x10, r0, 0x4, 0x7ff) (async)
ptrace$auto(0xf, r0, 0x0, 0x10000000000053) (async)
io_uring_setup$auto(0xa, 0x0) (async)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) (async)
clone$auto(0xede, 0x3ff, &(0x7f0000000000)=0x1, &(0x7f0000000040)=0x7, 0xfffffffffffffffb) (async)
wait4$auto(r1, &(0x7f0000000080)=0x8, 0x2, &(0x7f00000000c0)={{0x9, 0x4}, {0xb1, 0x1}, 0xffffffff, 0x1, 0x8e, 0xf, 0x2, 0x1, 0xb, 0xa, 0x9, 0x8, 0x1, 0x3, 0x401, 0x10}) (async)
close_range$auto(0x2, 0xa, 0x0) (async)
open(0x0, 0xa240, 0x15e) (async)
open(0x0, 0x161342, 0x100) (async)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000) (async)
madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async)
pkey_free$auto(0xfffffffd) (async)

32.607921512s ago: executing program 6 (id=2717):
mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = io_uring_setup$auto(0x6, 0x0)
r1 = fcntl$auto_F_OFD_GETLK(r0, 0x24, 0xffffffffffffffff)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r0)
sendmsg$auto_NL80211_CMD_ADD_TX_TS(r1, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="01000080", @ANYRES16=r2, @ANYBLOB="01002cbd7000ffdbdf2569000000fc022c80f00002804c00008008000100080000000800010009000000080001004500000008000100010000000800020001010000080002000d0000000800010009000000080002000000008008000100050000002c00008008000100ff7fffff080001000008000008000200050000000800020000100000080002000d0000000c00008008000200000000000c00008008000200960700000c00008008000100010000000c00008008000200f7fe00004400008008000100020000000800020009000000080002000100008008000200000000000800010005000000080002000e00000008000100040000000800020009000000540102803c00008008000100050000000800010081ffffff080002000800000008000100281900000800020005000000080001000600000008000200c80000001c0000800800010008000000080002000700000008000100090000001c00008008000200000000000800020000000000080001000f0000000c00008008000100000000002c000080080002000900000008000200ff000000080002000400000008000200fdffffff08000200f103000014000080080001009e00000008000200050000004c0000800800020007000000080001007f000000080002000300000008000100f400000008000200000800000800020009000000080002008c000000080001008801000008000200010000004400008008000100f7ffffff080001001000000008000200ff0f00000800010000000000080001000700000008000100ff010000080001000300000008000100d10900009c0002804c00008008000100090000000800020007000000080002000500000008000200c2430000080002000900000008000100760f0000080001000700000008000100f9ffffff08000200000000004c000080080001000100000008000200030000000800020002000000080001000800000008000100090000000800010000feffff080002000000000008000100000100000800020007000000080001000300000008000100d50a0000080001000600000005001d000300000006009800e1f300000800b700090000000800a500ff000000060098000a000000b500cd00086e69f850d2837c06779c3312f858dc3262cfee8fd57a9b8ffc162b05ee2831101f3a2514eab9df0bf4663685be6c540607c9e36b4cc8c3b6ad21f9d5b2ca80e15f77e2bbb430e761e278892d637a13c9802cf956e7cb605524d42b893775daffa8bdf34da4a9e1f3c1dd6986c5928bcb3295830b79fa1f7e0a55ab0b2e07d459a2918b2c69a808bbe37a8c09afe8f2031fb2dfdb10a2bc9fd89d3c5551e8a2f971e9a99ae85a52a084a995db4e76c0f50000000400460004006c00"], 0x3f8}, 0x1, 0x0, 0x0, 0x40}, 0x40)
r3 = socket(0x2, 0x5, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0)
getpeername$auto(r0, &(0x7f0000000240)=@rc={0x1f, @any, 0x8}, &(0x7f0000000280)=0x4)
ioctl$auto_EVIOCGMASK(r4, 0x80104592, &(0x7f0000000080)={0x2000, 0x800007, 0x5})
ioctl$auto(0x3, 0x80004509, 0x10000000000402)
ioctl$auto(0x3, 0x5404, 0x38)
socket(0x2, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
r5 = socket(0xa, 0x2, 0x0)
setsockopt$auto(r5, 0x29, 0x37, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5', 0x110)
setsockopt$auto(0x400000000000003, 0x29, 0x39, 0xffffffffffffffff, 0x0)
sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
mmap$auto(0x0, 0x2020009, 0xaa, 0xeb1, 0xffffffffffffffff, 0x8000)
ioctl$auto_TIOCGDEV2(0xffffffffffffffff, 0x5453, 0x0)
ioctl$auto_TIOCMBIC2(0xffffffffffffffff, 0x5417, &(0x7f0000000100))
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x4)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)

30.970577604s ago: executing program 6 (id=2721):
r0 = socket(0x10, 0x2, 0x9)
mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0)
read$auto(0x3, 0x0, 0x80)
sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r0, &(0x7f0000000100)={0x0, 0xf00, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0x4, 0x70bd28, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x80c0}, 0x4000000)
r1 = socket(0xa, 0x1, 0x84)
getsockopt$auto(r1, 0x84, 0x9, 0x0, &(0x7f0000000000)=0x9b)

30.970196343s ago: executing program 5 (id=2722):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x40008000)
r0 = io_uring_setup$auto(0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002580), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000002640)={0x0, 0x0, &(0x7f0000002600)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010025bd7000fddbf925020000000800010005000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x810)
close_range$auto(0x2, 0x8, 0x0)
sysfs$auto(0x2, 0x14, 0x0)
prctl$auto_PR_SET_MM_END_CODE(0xd, 0x2, 0x0, 0x2, 0x3)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
semctl$auto(0x7, 0x200, 0x1, 0xfffffffffffffffe)
r4 = socket(0x25, 0x3, 0x4)
getsockopt$auto(r4, 0x84, 0x10, 0x0, 0x0)
setsockopt$auto(0x3, 0x0, 0x2b, 0x0, 0x108)
r5 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0xffffffffffffffff, r0, 0x4)
socket(0x15, 0x5, 0x0)
socket(0x2, 0x1, 0x106)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
io_uring_setup$auto(0x6, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
connect$auto(0x3, &(0x7f00000018c0)=@in={0x2, 0x300, @loopback=0xac14140a}, 0x55)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
r6 = socket(0xa, 0x5, 0x0)
shutdown$auto(0x200000003, 0x2)
sendmsg$auto_TIPC_NL_BEARER_GET(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000000c0)=ANY=[@ANYRESOCT=r6, @ANYRES16=r5, @ANYRES64=r1, @ANYRES64=r5, @ANYRES32=r3], 0x2e0}, 0x1, 0x0, 0x0, 0x24008801}, 0x0)
mlockall$auto(0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)

30.708897508s ago: executing program 6 (id=2724):
r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080))
unshare$auto(0x40000080)
ioperm$auto(0xfb, 0x5, 0xe)
socket(0x2, 0x3, 0x406)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
ioctl$auto(0x3, 0xff09, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptyp8\x00', 0x0, 0x0)
openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x40000b, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0)
set_mempolicy_home_node$auto(0x600000, 0x7ff, 0x2, 0x0)
ioctl$auto_PROCMAP_QUERY(r1, 0xc0686611, &(0x7f0000000080)={0x101, 0x34, 0x7fff, 0x5, 0x80000000009, 0xffffffffffffffff, 0x800, 0x101, 0x1, 0x7f93, 0xfffffffe, 0x7ffffffd, 0x7fe, 0x7, 0x9})
socket(0x2, 0x5, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x2, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto(0x1, 0x8983, 0x4)
socket(0x2, 0x3, 0x6)
mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000)
r2 = openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, &(0x7f0000000100), 0x80, 0x0)
ioctl$auto_BCH_IOCTL_FSCK_OFFLINE(r2, 0x4018bc13, &(0x7f0000000000)={0x0, 0xe4b8, 0x3, [0xfd, 0x0, 0x8]})
close_range$auto(0x2, 0x8, 0x0)
fchdir$auto(r0)
exit$auto(0x7)
pivot_root$auto(&(0x7f0000000040)='..\x00', &(0x7f0000000080)='.\x00')
pivot_root$auto(&(0x7f0000000000)='\x00', &(0x7f00000000c0)=',:,+&{,,\x00')

29.607406099s ago: executing program 6 (id=2728):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x2, 0x3, 0xa)
mmap$auto(0x0, 0x20006, 0x100000002, 0xeb1, 0x401, 0x8000)
setsockopt$auto(0x3, 0x0, 0x2a, 0x0, 0x10001)
r0 = gettid()
kexec_load$auto(0x5, 0x2, 0x0, 0x4)
kill$auto(r0, 0x11)
timer_create$auto(0x8, 0x0, 0x0)
timer_settime$auto(0x0, 0x9, &(0x7f00000000c0)={{0x7fff, 0x6}, {0x40000007, 0x4}}, 0x0)
ioctl$auto_PPPIOCGFLAGS(0xffffffffffffffff, 0x8004745a, 0x0)
read$auto_mgts_fops_(0xffffffffffffffff, &(0x7f00000000c0)=""/224, 0xe0)
r1 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000002cc0)='/proc/tty/driver/usbserial\x00', 0x400, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/transparent_hugepage/enabled\x00', 0x500, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000080)=""/23, 0x17)
r4 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/block/nbd13/hctx0/cpu0/default_rq_list\x00', 0x78080, 0x0)
read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r4, &(0x7f0000001300)=""/4096, 0x1000)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'ipvlan1\x00', <r5=>0x0})
sendmsg$auto_MACSEC_CMD_UPD_OFFLOAD(r2, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f00000012c0)=ANY=[@ANYRES16=r1, @ANYRES16, @ANYBLOB="01002dbd7000fddbdf250a00000609000000", @ANYRES32=r5, @ANYBLOB="280109800c00"], 0x144}, 0x1, 0x0, 0x0, 0x4040085}, 0x0)
r6 = socket$nl_generic(0x11, 0x3, 0x10)
socketcall$auto_SYS_SETSOCKOPT(0xe, &(0x7f0000000240)=0xd9)
setsockopt$auto(r6, 0x9, 0x8, &(0x7f0000000040)='_\x00', 0x9)
lseek$auto(0x3, 0x20000, 0x1)
timer_settime$auto(0x0, 0xffff8000, &(0x7f00000000c0)={{0xf, 0x10007}, {0x9}}, 0x0)
rt_sigaction$auto(0xe, &(0x7f0000000580)={&(0x7f00000004c0)=0x0, 0x100000001, 0x0, {0x7}}, 0x0, 0x8)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x448000, 0x0)
r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/bus/usb/drivers/spca500/remove_id\x00', 0x743541, 0x0)
read$auto(r7, 0x0, 0x20)
openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000200), 0x40001, 0x0)

29.092919683s ago: executing program 6 (id=2729):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vidtv.0/i2c-0/0-0060/uevent\x00', 0xac00, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
r0 = socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x4, 0x9, 0x7, 0x3c, 0x101, 0x1ffc0, 0x7, 0x6, 0x7fffffffffffffff, 0x0, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x2, 0x10000, 0x82, 0x7, 0x0, 0x7, 0x8, 0x200, 0x4, 0x84, [0x0, 0x7, 0x0, 0x7, 0xffffffffffffffff, 0x0, 0x401, 0x6, 0x70624ce7, 0x0, 0x4, 0xb, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffd, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x4, 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x400000000005b8, 0x100000000c, 0x0, 0x800, 0x0, 0x7, 0x2, 0xfc78, 0x8000000000008, 0x4, 0x200000000009, 0x40, 0x4, 0xffffffffffffffff, 0x3, 0x2, 0x4000000001, 0x0, 0x4, 0xffff]}, 0x202, 0xd)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mprotect$auto(0x1000, 0x400000, 0x4)
socket(0x23, 0x5, 0x0)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
socket(0x10, 0x2, 0x0)
openat$auto_rb_simple_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/tracing_on\x00', 0x40001, 0x0)
socket(0xa, 0x801, 0x100)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/kernel/cad_pid\x00', 0x8001, 0x0)
socket(0x2b, 0x1, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001040)='/sys/devices/virtual/net/teql0/statistics/rx_compressed\x00', 0xc2700, 0x0)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x55)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55)
write$auto(0x3, 0x0, 0xfdef)

28.698375953s ago: executing program 6 (id=2732):
mmap$auto(0xfff, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
fcntl$auto(r0, 0x10, 0x2)
mbind$auto(0x0, 0xfa9d, 0x8001, &(0x7f0000000300)=0xc9e, 0x400, 0x1)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
openat$auto_tracing_saved_cmdlines_size_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/saved_cmdlines_size\x00', 0x2, 0x0)
write$auto(0x3, 0x0, 0x100085)
r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x20)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000000040))
socket(0x1, 0x5, 0x0)
bpf$auto(0x0, &(0x7f0000000000)=@query={@target_fd=<r3=>0xffffffffffffffff, 0x9, 0xfff, 0x7, 0x1, @count=0x10, 0x0, 0x8, 0x0, 0x3, 0x4}, 0x9f)
r4 = socket(0x10, 0x2, 0x4)
sendmsg$auto_NFSD_CMD_THREADS_SET(r4, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x400c000)
syslog$auto_SYSLOG_ACTION_READ(0x2, &(0x7f0000000180)='(^![\\/#\x00', 0xff6)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0)
umount2$auto(&(0x7f0000000040)='.\x00', 0x4)
umount2$auto(&(0x7f0000000000)='.\x00', 0x4)
fanotify_mark$auto(0xffffffffffffffff, 0x580, 0x10e, 0xffffffffffffffff, 0x0)
ioctl$auto_XFS_IOC_FREESP(r3, 0x4030580b, &(0x7f0000000280)={0x6, 0x401, 0x2, 0x8000000000000000, 0x10000, r2})
write$auto(r4, &(0x7f0000000340)='-\x000?\xb4\x12\f\'\xa0\x16\x0e: \vq\xd6`\xe4\xad\xe6\x02\x004\xd0\xb2\x1a\xf9\x87A\r\x02\xfe\xc9\xe1\xdcH\xe2\xdf\x82~\xcd\xbbZ\x98\xfb[\xb7OR\xaf\x14\xe3!\x05H\xc0(\xe8\x191\xb7\x9cc\x02\xe2I\xbc\xc0\x1d\xd8\xf9\xe7\x87[{J\x1d\'~\xb8ZA\v\x9f>\xf2\xe1|\xef\xd1\xae\xbf\x11PCy\xbb\x00\x00\r\xd3\xcb\xbc\xe4\x99o\xf22b\x00\x15\x0f.S\xff\x01\x00\x00\x00\x00\x00\x00\x9d\x86\x1a\xd0A\x89M\xfa\x95\xe3\xb5\xfbh\xd9mH\x13\xa9\x8d\xfaO\xee\x0f2^\x04\x00\x00\x00\x8fr\x1e\xbd2\x9eq\x15\xde\xd2\xa8\x97\xd4\xf7\x1b\xe4[\xa8\xd2m\x94~\x9c\x00\x00\x00\x00\x1d\x00\x00\x00\x00\x00R\xe7AG\x9d\xdb\x06>(\xb5a\xfb\xd0v\x00 IY\xbe\x19\x9f\xf7K\xf0\xcd\xc5r\xd9lpb\xb5\xa7i|D\xb7\xd0\xc8\x90\xc2,\x9e\x82<\x04\xed\x83\x06MU\x03@r\xcc\xee\xc0\xf8\xfbDm\x01;d\x02\x03\x9c\xd8N\x11\x89\t\xc7Fy\xe8s\xf3\xddM\xaf\"#sX\n\xa3\xac[MW\xfc\xf4\x99\xc8\xd7\x16E\x86\xd3\xcb\x1a\x8fw8[\x86\x8f\xf9\x04\xe0\xb2^\xadb+8\x80\xad\xd6,AP\xc6\xb1fA\xc4\x97\xe6\xb7\x9f\xfc\x98\x84/\xe6\xd8\x7f\xed\xc7>\xcb\x94y:qNG+\x9f\x89\xf0|\x11\xc8\xf0i\xf1T\xe4?I\vi.:\x1c\xb1\xd8\xc5C\xb2=Sj\xc1\xff', 0x2fb)
read$auto(r1, &(0x7f0000000000)='(^![\\/#\x00', 0xffff)
unshare$auto(0x40000080)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, 0x0, 0x80)
syz_genetlink_get_family_id$auto_nfc(&(0x7f00000000c0), r0)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x1000, 0x0)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/pagemap\x00', 0x802, 0x0)
r5 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x80080, 0x0)
ioctl$auto_EVIOCSMASK(r5, 0x40104593, &(0x7f0000000100)={0x24eb, 0x1, 0x10001})

15.919453554s ago: executing program 35 (id=2722):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x40008000)
r0 = io_uring_setup$auto(0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002580), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000002640)={0x0, 0x0, &(0x7f0000002600)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010025bd7000fddbf925020000000800010005000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x810)
close_range$auto(0x2, 0x8, 0x0)
sysfs$auto(0x2, 0x14, 0x0)
prctl$auto_PR_SET_MM_END_CODE(0xd, 0x2, 0x0, 0x2, 0x3)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
semctl$auto(0x7, 0x200, 0x1, 0xfffffffffffffffe)
r4 = socket(0x25, 0x3, 0x4)
getsockopt$auto(r4, 0x84, 0x10, 0x0, 0x0)
setsockopt$auto(0x3, 0x0, 0x2b, 0x0, 0x108)
r5 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0xffffffffffffffff, r0, 0x4)
socket(0x15, 0x5, 0x0)
socket(0x2, 0x1, 0x106)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
io_uring_setup$auto(0x6, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
connect$auto(0x3, &(0x7f00000018c0)=@in={0x2, 0x300, @loopback=0xac14140a}, 0x55)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
r6 = socket(0xa, 0x5, 0x0)
shutdown$auto(0x200000003, 0x2)
sendmsg$auto_TIPC_NL_BEARER_GET(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000000c0)=ANY=[@ANYRESOCT=r6, @ANYRES16=r5, @ANYRES64=r1, @ANYRES64=r5, @ANYRES32=r3], 0x2e0}, 0x1, 0x0, 0x0, 0x24008801}, 0x0)
mlockall$auto(0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)

13.549268092s ago: executing program 36 (id=2732):
mmap$auto(0xfff, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
fcntl$auto(r0, 0x10, 0x2)
mbind$auto(0x0, 0xfa9d, 0x8001, &(0x7f0000000300)=0xc9e, 0x400, 0x1)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
openat$auto_tracing_saved_cmdlines_size_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/saved_cmdlines_size\x00', 0x2, 0x0)
write$auto(0x3, 0x0, 0x100085)
r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x20)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000000040))
socket(0x1, 0x5, 0x0)
bpf$auto(0x0, &(0x7f0000000000)=@query={@target_fd=<r3=>0xffffffffffffffff, 0x9, 0xfff, 0x7, 0x1, @count=0x10, 0x0, 0x8, 0x0, 0x3, 0x4}, 0x9f)
r4 = socket(0x10, 0x2, 0x4)
sendmsg$auto_NFSD_CMD_THREADS_SET(r4, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x400c000)
syslog$auto_SYSLOG_ACTION_READ(0x2, &(0x7f0000000180)='(^![\\/#\x00', 0xff6)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0)
umount2$auto(&(0x7f0000000040)='.\x00', 0x4)
umount2$auto(&(0x7f0000000000)='.\x00', 0x4)
fanotify_mark$auto(0xffffffffffffffff, 0x580, 0x10e, 0xffffffffffffffff, 0x0)
ioctl$auto_XFS_IOC_FREESP(r3, 0x4030580b, &(0x7f0000000280)={0x6, 0x401, 0x2, 0x8000000000000000, 0x10000, r2})
write$auto(r4, &(0x7f0000000340)='-\x000?\xb4\x12\f\'\xa0\x16\x0e: \vq\xd6`\xe4\xad\xe6\x02\x004\xd0\xb2\x1a\xf9\x87A\r\x02\xfe\xc9\xe1\xdcH\xe2\xdf\x82~\xcd\xbbZ\x98\xfb[\xb7OR\xaf\x14\xe3!\x05H\xc0(\xe8\x191\xb7\x9cc\x02\xe2I\xbc\xc0\x1d\xd8\xf9\xe7\x87[{J\x1d\'~\xb8ZA\v\x9f>\xf2\xe1|\xef\xd1\xae\xbf\x11PCy\xbb\x00\x00\r\xd3\xcb\xbc\xe4\x99o\xf22b\x00\x15\x0f.S\xff\x01\x00\x00\x00\x00\x00\x00\x9d\x86\x1a\xd0A\x89M\xfa\x95\xe3\xb5\xfbh\xd9mH\x13\xa9\x8d\xfaO\xee\x0f2^\x04\x00\x00\x00\x8fr\x1e\xbd2\x9eq\x15\xde\xd2\xa8\x97\xd4\xf7\x1b\xe4[\xa8\xd2m\x94~\x9c\x00\x00\x00\x00\x1d\x00\x00\x00\x00\x00R\xe7AG\x9d\xdb\x06>(\xb5a\xfb\xd0v\x00 IY\xbe\x19\x9f\xf7K\xf0\xcd\xc5r\xd9lpb\xb5\xa7i|D\xb7\xd0\xc8\x90\xc2,\x9e\x82<\x04\xed\x83\x06MU\x03@r\xcc\xee\xc0\xf8\xfbDm\x01;d\x02\x03\x9c\xd8N\x11\x89\t\xc7Fy\xe8s\xf3\xddM\xaf\"#sX\n\xa3\xac[MW\xfc\xf4\x99\xc8\xd7\x16E\x86\xd3\xcb\x1a\x8fw8[\x86\x8f\xf9\x04\xe0\xb2^\xadb+8\x80\xad\xd6,AP\xc6\xb1fA\xc4\x97\xe6\xb7\x9f\xfc\x98\x84/\xe6\xd8\x7f\xed\xc7>\xcb\x94y:qNG+\x9f\x89\xf0|\x11\xc8\xf0i\xf1T\xe4?I\vi.:\x1c\xb1\xd8\xc5C\xb2=Sj\xc1\xff', 0x2fb)
read$auto(r1, &(0x7f0000000000)='(^![\\/#\x00', 0xffff)
unshare$auto(0x40000080)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, 0x0, 0x80)
syz_genetlink_get_family_id$auto_nfc(&(0x7f00000000c0), r0)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x1000, 0x0)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/pagemap\x00', 0x802, 0x0)
r5 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x80080, 0x0)
ioctl$auto_EVIOCSMASK(r5, 0x40104593, &(0x7f0000000100)={0x24eb, 0x1, 0x10001})

8.915214887s ago: executing program 3 (id=2789):
get_mempolicy$auto(0x0, 0x0, 0x8, 0x8, 0x4)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/firmware/memmap/5/end\x00', 0x1c1540, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000640)=""/224, 0xe0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x37}}, 0x6e)
open(&(0x7f0000000000)='./file0\x00', 0xa0c0, 0x83)
socket(0x2, 0x3, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0x2c, 0x80009, 0x0)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
io_uring_setup$auto(0x1, 0x0)
socket(0x29, 0x2, 0x0)
socketpair$auto(0x10001, 0xa, 0x4, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x107440, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
write$auto(0x3, 0x0, 0xfffffdef)
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffff6, 0x8000)
sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, 0x0, 0x4040000)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
socketpair$auto(0x0, 0x9, 0x800, 0x0)
setsockopt$auto(0xffffffffffffffff, 0x1, 0x8000003b, 0x0, 0x3)
syz_genetlink_get_family_id$auto_gtp(0x0, r2)
connect$auto(0x3, 0x0, 0x55)
shutdown$auto(0x200000003, 0x2)
socket(0x2, 0x1, 0x106)
openat$auto_vsock_device_ops_af_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x880, 0x0)
socket(0x29, 0x2, 0x0)
mmap$auto(0x0, 0x2000c, 0x4000000200df, 0xeb1, 0x404, 0x8000)
socketpair$auto(0x1e, 0x1, 0x0, 0x0)

7.537715206s ago: executing program 3 (id=2792):
openat$auto_proc_gid_map_operations_base(0xffffffffffffff9c, &(0x7f0000001480)='/proc/thread-self/gid_map\x00', 0x0, 0x0) (async)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000200)=""/114, 0x72) (async, rerun: 32)
r0 = socket(0x9, 0x1, 0x4) (rerun: 32)
syz_genetlink_get_family_id$auto_ethtool(0x0, r0) (async)
write$auto(r0, &(0x7f0000000040)='-:}\x00', 0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
mprotect$auto(0x5, 0x8000000000000004, 0x5)
madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async)
msync$auto(0x0, 0x2000000005, 0x6) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
r2 = syz_clone(0x40040000, 0x0, 0x0, 0x0, 0x0, 0x0)
move_pages$auto(r2, 0x1002, 0x0, 0x0, 0x0, 0x5)
r3 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card0\x00', 0x20100, 0x0)
ioctl$auto(r3, 0x64c7, 0x1e2) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) (async)
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)
capset$auto(0x0, &(0x7f0000000000)={0x3, 0x7, 0x2}) (async, rerun: 64)
r4 = socket(0xa, 0x2, 0x0) (rerun: 64)
setsockopt$auto(r4, 0x29, 0x37, 0x0, 0x94d9) (async)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x40000000}, 0x0)
r5 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/radio6\x00', 0x8a240, 0x0)
ioctl$auto(r5, 0x5646, r5)
read$auto_v4l2_fops_v4l2_dev(r5, &(0x7f0000000080)=""/27, 0x1b)

6.648204285s ago: executing program 2 (id=2793):
keyctl$auto(0x12, 0xf, 0x40000000c6e9, 0x81, 0xa472)
mmap$auto(0x0, 0x20009, 0x5, 0x200000000000c53, 0x401, 0x8000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
request_key$auto(0x0, 0x0, 0x0, 0xfffffffd)
r0 = socket(0xa, 0x5, 0x0)
getsockopt$auto(r0, 0x84, 0x9, 0x0, &(0x7f0000000080)=0x9c8)
keyctl$auto(0x12, 0x102000000010001, 0x7f, 0x200, 0x3)

6.482862625s ago: executing program 2 (id=2794):
r0 = socket(0x2, 0x1, 0x106)
setsockopt$auto(r0, 0x6, 0xd, &(0x7f0000000280)='lp\x00h\x85M\xdf\xdc\x83\x8a\xa7\xe4]U(\x01\t=\x1e\x00\x00', 0x4)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)
r1 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/renderD128\x00', 0x129800, 0x0)
ioctl$auto(r1, 0x9210641f, 0xd)
readv$auto(0x3, 0x0, 0x1)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
syz_genetlink_get_family_id$auto_seg6(0x0, r0)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8000, 0x3f00)
open(0x0, 0xa22c0, 0x155)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x2, 0x100)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)

6.163287818s ago: executing program 2 (id=2796):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x80440, 0x0)
ioctl$auto_I2C_TIMEOUT(r0, 0x702, 0x0)
r1 = fanotify_init$auto(0x5, 0x2)
r2 = io_uring_setup$auto(0x6, 0x0)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x169780, 0x0)
ioctl$auto_SG_GET_RESERVED_SIZE(r3, 0x4c00, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000280), r4)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000001280)={'macsec0\x00', <r6=>0x0})
accept4$auto(r2, &(0x7f00000012c0)=@xdp={0x2c, 0x6, r6, 0x24}, &(0x7f0000001300)=0x6, 0x101)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'geneve0\x00', <r7=>0x0})
sendmsg$auto_NL80211_CMD_REGISTER_BEACONS(r2, &(0x7f0000001240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000001200)={&(0x7f0000000100)={0x50, r5, 0x200, 0x70bd2c, 0x5, {}, [@NL80211_ATTR_COLOR_CHANGE_COUNT={0x5, 0x12f, 0x5}, @NL80211_ATTR_MBSSID_CONFIG={0x1c, 0x132, 0x0, 0x1, [@NL80211_MBSSID_CONFIG_ATTR_TX_IFINDEX={0x8}, @NL80211_MBSSID_CONFIG_ATTR_EMA={0x4}, @NL80211_MBSSID_CONFIG_ATTR_TX_IFINDEX={0x8, 0x4, r7}, @NL80211_MBSSID_CONFIG_ATTR_EMA={0x4}]}, @NL80211_ATTR_WIPHY_TX_POWER_SETTING={0x8, 0x61, 0x6}, @NL80211_ATTR_SCHED_SCAN_INTERVAL={0x8, 0x77, 0x1}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x5}]}, 0x50}, 0x1, 0x0, 0x0, 0x8}, 0x20008000)
openat$auto_ftrace_event_id_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/events/vmalloc/purge_vmap_area_lazy/id\x00', 0xa2582, 0x0)
ioctl$auto(0x3, 0x80000541b, 0x38)
r8 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/pcmC1D0c\x00', 0x2, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
setgroups$auto(0xe32, 0x0)
ioctl$auto___SNDRV_PCM_IOCTL_SYNC_PTR642(r8, 0xc0884123, &(0x7f0000000340)={0xfffffff7, 0x0, @reserved="1147ca8f35ca5af05cb8fc5e3a7af39b52d825270495011fd2d42e61578107c3770b758b446b763af96c471a4bff319e194608a15781b4a663f7561d842a49e8", @control={{}, 0xe68, {}, {}, 0x6}})
openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace\x00', 0x80001, 0x0)
syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000040), r2)

4.666769144s ago: executing program 3 (id=2798):
open(&(0x7f0000000800)='./file0\x00', 0x1636c0, 0x154)
fcntl$auto(0x3, 0x400, 0x9ec0000000000000)
open(&(0x7f0000000000)='./file0\x00', 0x4242, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x10677d, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)
read$auto(r0, &(0x7f0000000040)='.\'\x14$}-^\'^\\:(.\x00', 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$auto_NBD_CMD_STATUS(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x40)
sendmsg$auto_NBD_CMD_CONNECT(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="20f9e04ba0061bf66625010000000c0004010200000000000000"], 0x20}, 0x1, 0x0, 0x0, 0x50}, 0x40050)
read$auto(r0, 0x0, 0x1f40)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3)
r4 = gettid()
kill$auto(r4, 0x11)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/block/loop5/queue/nr_zones\x00', 0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f00000072c0)=""/137, 0x89)
openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/cpuset\x00', 0x181100, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030009000000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a000100aaaaaaaaaabb00000a000500aaaaaaaaaa370000080004001000000008000200", @ANYRES32=0x0, @ANYBLOB="88000e"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
lseek$auto(0x3, 0x20000, 0x1)
close_range$auto(0x2, 0x8, 0x0)

4.633786326s ago: executing program 2 (id=2799):
madvise$auto(0x0, 0x18, 0x17)
fsmount$auto(0xffffffffffffffff, 0x81, 0xc185)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, 0x0, 0xfd}, 0x6a)
sendmsg$auto_ETHTOOL_MSG_PLCA_GET_STATUS(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x600020d5}, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4)
sendmsg$auto_NCSI_CMD_SET_PACKAGE_MASK(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4c004}, 0x40080c0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x2, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x0, 0x0)
madvise$auto(0x0, 0x600007, 0x19)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0)
mbind$auto(0xffffffffffffffff, 0x2, 0x2, 0x0, 0x6, 0xc11)
write$auto(0x3, 0x0, 0x7fffffff)
write$auto(0x1, &(0x7f0000000000)='//\xf2\x00', 0x80000000)
bpf$auto(0x0, &(0x7f00000003c0)=@task_fd_query={0x0, r1, 0xd, 0x89, 0x2, 0x4, r1, 0x81, 0x9}, 0x6f4)
read$auto(0x3, 0x0, 0x80)
openat$auto_nsim_dev_take_snapshot_fops_dev(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/netdevsim/netdevsim4/take_snapshot\x00', 0x40000, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
readv$auto(r1, 0x0, 0x401)
close_range$auto(0x2, 0xa, 0x0)
socket(0x22, 0xa, 0x1)
accept$auto(0xffffffffffffffff, 0x0, 0x0)
openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/usb/usbmon/33t\x00', 0x800, 0x0)

3.99418567s ago: executing program 7 (id=2803):
set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x24c802, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0)
mmap$auto(0x0, 0x7fff, 0x3, 0xeb0, 0xfffffffffffffffa, 0x208000)
socket$nl_generic(0x10, 0x3, 0x10)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x40009, 0xa, 0x9b72, 0x2, 0x28000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
munlock$auto(0x9, 0x29b9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x7, 0x4, 0x200, 0x3, 0x8, 0xc, <r2=>0x2e, 0x0, 0x3}, 0x6f4)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
listmount$auto(&(0x7f0000000100)={0xba, @raw, 0xffffffffffffffff, 0xfffffffffffffff7}, 0x0, 0xf4240, 0x1)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
read$auto(0x3, 0x0, 0x9cd)
r3 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x143102, 0x0)
ioctl$auto(r3, 0x1275, r3)
syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000040), r2)
io_uring_register$auto(0x2, 0x16, &(0x7f0000000040), 0x1)

3.940834157s ago: executing program 8 (id=2777):
r0 = socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = syz_genetlink_get_family_id$auto_thermal(&(0x7f00000000c0), r0)
sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, r1, 0x200, 0x70bd29, 0x25dfdbfe, {}, [@THERMAL_GENL_ATTR_TZ_TRIP_TEMP={0x8, 0x8, 0x100}, @THERMAL_GENL_ATTR_CDEV_MAX_STATE={0x8, 0x12, 0x5}, @THERMAL_GENL_ATTR_TZ_TRIP_TYPE={0x8, 0x7, 0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x20040)
uname$auto(0x0)
setsockopt$auto(0x3, 0x10000000084, 0x85, 0x0, 0x90)
bind$auto(0x3, 0x0, 0x6a)
read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000e80)=""/199, 0xc7)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)

3.869803816s ago: executing program 8 (id=2804):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0)
memfd_create$auto(0x0, 0xb)
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
r0 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a4, 0xffff)
mmap$auto(0xfffffffffffffffd, 0x9, 0x0, 0x411, 0x1000000002, 0x8000)
madvise$auto(0x405, 0xffffffffffff0001, 0x15)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_RADAR_DETECT(0xffffffffffffffff, 0x0, 0x10008000)
sendmsg$auto_NL80211_CMD_STOP_NAN(0xffffffffffffffff, 0x0, 0x815)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
writev$auto(r0, 0x0, 0x7)
openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000040), 0x22080, 0x0)
readv$auto(0x3, 0x0, 0x1)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
pwrite64$auto(0xc8, &(0x7f0000000340)='\vX\xb5n\x91p\xe6\x1eRNcmyT\x04\xe9M\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\x85\x8a=\xbaKgn6\xa7\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\t\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9\x1d\xe1\xc6\x8b\xc0\xe8-\x94k\xef\x95\x1c\xcf_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/261, 0x5, 0x3d)
mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x0)
r1 = socket(0x10, 0x2, 0xfffffffc)
socketpair$auto(0x4d2cf812, 0x5, 0x8001, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22040, 0x75)
socket(0x8, 0x3, 0xff)
syz_clone(0x82001400, 0x0, 0x0, 0x0, 0x0, 0x0)
bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4e22, @remote}, 0x6a)
setsockopt$auto(r1, 0x2, 0x101, 0x0, 0x40d60)
mmap$auto(0x8b, 0xfffffffc, 0x10000000000df, 0xeb6, r1, 0x8000)
lsm_list_modules$auto(0x0, 0x0, 0x0)
openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/dynamic_events\x00', 0x80301, 0x0)
lsm_list_modules$auto(0x0, 0x0, 0x9)

3.789584099s ago: executing program 3 (id=2805):
r0 = openat$auto_force_suspend_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/bluetooth/hci0/force_suspend\x00', 0x1, 0x0)
r1 = socket(0xa, 0x5, 0x0)
mmap$auto(0x0, 0xa, 0xdb, 0x9b74, 0x5, 0x8000)
clone$auto(0x10051c, 0x6, 0x0, 0xffffffffffffffff, 0x80000001)
setsockopt$auto(0x3, 0x10000000084, 0xd, 0x0, 0x4)
mmap$auto(0x0, 0x2020009, 0x3, 0x50, r0, 0x7ffc)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
pipe$auto(0x0)
r2 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NL80211_CMD_DEL_PMK(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x44854}, 0x24000001)
sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x7, 0xd}, 0x800009}, 0x9, 0x20000000)
dup2$auto(0x5, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
semget$auto(0x0, 0x13c, 0x1ff)
recvmmsg$auto(0xffffffffffffffff, &(0x7f00000001c0)={{0x0, 0x1c, &(0x7f00000000c0)={0x0, 0x8005}, 0x400000000000002, 0x0, 0x5, 0xffd}}, 0x7, 0x5, 0x0)
r3 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/maps\x00', 0x100, 0x0)
ioctl$auto_PROCMAP_QUERY(r3, 0xc0686611, &(0x7f0000000340)={0x68, 0x100006, 0x4, 0x2000000000001, 0x3, 0x1, 0x20, 0x7, 0x5, 0x200, 0x3, 0xa, 0x1000, 0x4, 0x9})
semtimedop$auto(0x40, &(0x7f0000000080)={0xa, 0x81, 0x70}, 0x8f15, 0x0)
mprotect$auto(0x0, 0x3fd, 0x6)
mmap$auto(0xfffffffffffffffe, 0x20009, 0x20004000000000df, 0x80000eb1, r1, 0x8000000000000003)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/tty34\x00', 0x8000, 0x0)
r5 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0)
ioctl$auto(r5, 0x80dc5521, r4)
semctl$auto_GETNCNT(0x0, 0x0, 0xe, 0xa8)
bpf$auto(0x9, 0x0, 0x7f)
close_range$auto(0x2, 0xa, 0x4000000)
socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x0)

3.274855023s ago: executing program 3 (id=2806):
rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
bpf$auto(0x2400, &(0x7f0000000100)=@bpf_attr_5={@target_fd=0x5, 0x7f, 0x9c, 0x7b2, 0x1, @relative_fd=0x2, 0x80}, 0x96)

2.977401097s ago: executing program 8 (id=2807):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x80440, 0x0)
ioctl$auto_I2C_TIMEOUT(r0, 0x702, 0x0)
r1 = fanotify_init$auto(0x5, 0x2)
r2 = io_uring_setup$auto(0x6, 0x0)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x169780, 0x0)
ioctl$auto_SG_GET_RESERVED_SIZE(r3, 0x4c00, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000280), r4)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000001280)={'macsec0\x00', <r6=>0x0})
accept4$auto(r2, &(0x7f00000012c0)=@xdp={0x2c, 0x6, r6, 0x24}, &(0x7f0000001300)=0x6, 0x101)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'geneve0\x00', <r7=>0x0})
sendmsg$auto_NL80211_CMD_REGISTER_BEACONS(r2, &(0x7f0000001240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000001200)={&(0x7f0000000100)={0x50, r5, 0x200, 0x70bd2c, 0x5, {}, [@NL80211_ATTR_COLOR_CHANGE_COUNT={0x5, 0x12f, 0x5}, @NL80211_ATTR_MBSSID_CONFIG={0x1c, 0x132, 0x0, 0x1, [@NL80211_MBSSID_CONFIG_ATTR_TX_IFINDEX={0x8}, @NL80211_MBSSID_CONFIG_ATTR_EMA={0x4}, @NL80211_MBSSID_CONFIG_ATTR_TX_IFINDEX={0x8, 0x4, r7}, @NL80211_MBSSID_CONFIG_ATTR_EMA={0x4}]}, @NL80211_ATTR_WIPHY_TX_POWER_SETTING={0x8, 0x61, 0x6}, @NL80211_ATTR_SCHED_SCAN_INTERVAL={0x8, 0x77, 0x1}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x5}]}, 0x50}, 0x1, 0x0, 0x0, 0x8}, 0x20008000)
openat$auto_ftrace_event_id_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/events/vmalloc/purge_vmap_area_lazy/id\x00', 0xa2582, 0x0)
ioctl$auto(0x3, 0x80000541b, 0x38)
r8 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/pcmC1D0c\x00', 0x2, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
setgroups$auto(0xe32, 0x0)
ioctl$auto___SNDRV_PCM_IOCTL_SYNC_PTR642(r8, 0xc0884123, &(0x7f0000000340)={0xfffffff7, 0x0, @reserved="1147ca8f35ca5af05cb8fc5e3a7af39b52d825270495011fd2d42e61578107c3770b758b446b763af96c471a4bff319e194608a15781b4a663f7561d842a49e8", @control={{}, 0xe68, {}, {}, 0x6}})
openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace\x00', 0x80001, 0x0)
syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000040), r2)

2.710815882s ago: executing program 2 (id=2808):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x25, 0x1, 0x3)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x2, 0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
fanotify_init$auto(0x5, 0x2000000000002)
socket(0x2, 0x801, 0x100)
connect$auto(0x3, &(0x7f00000000c0), 0x55)
getsockopt$auto(r0, 0x6, 0x23, 0x0, &(0x7f0000000100)=0x14)

2.670108799s ago: executing program 3 (id=2809):
mmap$auto(0x0, 0x2000b, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
listen$auto(0x3, 0x81)
mlockall$auto(0x7)
ioctl$auto_I2C_RDWR(0xffffffffffffffff, 0x707, &(0x7f0000000040)="e96741e8e10feee33cc48dab419f5392b344278afc1f9f74d632e64c84b7b358718d44") (async)
ioctl$auto_I2C_RDWR(0xffffffffffffffff, 0x707, &(0x7f0000000040)="e96741e8e10feee33cc48dab419f5392b344278afc1f9f74d632e64c84b7b358718d44")
mmap$auto(0x0, 0x40009, 0x36, 0x9b72, 0x7, 0x28000) (async)
mmap$auto(0x0, 0x40009, 0x36, 0x9b72, 0x7, 0x28000)
socket(0x10, 0x2, 0x0) (async)
socket(0x10, 0x2, 0x0)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16, @ANYBLOB="1b0026bd7400fddbdf250300000004000800100003800c000980"], 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) (async)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16, @ANYBLOB="1b0026bd7400fddbdf250300000004000800100003800c000980"], 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00', @ANYRES16=0x0, @ANYBLOB="00211459a600fbdbdf2502000000080003000000"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00', @ANYRES16=0x0, @ANYBLOB="00211459a600fbdbdf2502000000080003000000"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000200bd7000fedbdf250200000800130001"], 0x24}, 0x1, 0x0, 0x0, 0x4c894}, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="180027"], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
read$auto(0xffffffffffffffff, 0x0, 0x20)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) (async)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
fcntl$auto(0x4, 0x4, 0xa553)
shutdown$auto(0x5, 0x2)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
unshare$auto(0x40000080) (async)
unshare$auto(0x40000080)
r2 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_L2TP_CMD_SESSION_MODIFY(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x64, r2, 0x8, 0x70bd28, 0x25dfdbff, {}, [@L2TP_ATTR_IP_DADDR={0x8, 0x19, 0x804}, @L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e20}, @L2TP_ATTR_USING_IPSEC={0x5, 0x15, 0xf}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0xffff8000}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x3ff}, @L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0x101}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x461}, @L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0x6}]}, 0x64}, 0x1, 0x0, 0x0, 0x4004005}, 0x4000081) (async)
sendmsg$auto_L2TP_CMD_SESSION_MODIFY(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x64, r2, 0x8, 0x70bd28, 0x25dfdbff, {}, [@L2TP_ATTR_IP_DADDR={0x8, 0x19, 0x804}, @L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e20}, @L2TP_ATTR_USING_IPSEC={0x5, 0x15, 0xf}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0xffff8000}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x3ff}, @L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0x101}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x461}, @L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0x6}]}, 0x64}, 0x1, 0x0, 0x0, 0x4004005}, 0x4000081)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/hung_task_check_interval_secs\x00', 0x88542, 0x0)
write$auto(r3, 0x0, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyzd\x00', 0x0, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0))

2.181931475s ago: executing program 2 (id=2810):
set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x24c802, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0)
mmap$auto(0x0, 0x7fff, 0x3, 0xeb0, 0xfffffffffffffffa, 0x208000)
socket$nl_generic(0x10, 0x3, 0x10)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0xf000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
listmount$auto(&(0x7f0000000100)={0xba, @raw, 0xffffffffffffffff, 0xfffffffffffffff7}, 0x0, 0xf4240, 0x1)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
read$auto(0x3, 0x0, 0x9cd)
r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x143102, 0x0)
ioctl$auto(r2, 0x1275, r2)
io_uring_register$auto(0x2, 0x16, &(0x7f0000000040), 0x1)

2.165861675s ago: executing program 7 (id=2811):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, r0, 0x2)
landlock_create_ruleset$auto(&(0x7f0000000000)={0x7, 0x400, 0x7}, 0x9, 0x0)
landlock_restrict_self$auto(r0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2000000000000021, 0x2, 0x10000000000002)
socket(0x2a, 0x2, 0x0)
socket(0x2a, 0x2, 0x1)
bind$auto(0x3, &(0x7f0000000080)=@qipcrtr={0x2a, 0x1, 0x8000}, 0x6b)
r1 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/ext4/sda1/fc_info\x00', 0x800, 0x0)
preadv$auto(r1, &(0x7f0000000200)={0x0, 0x101}, 0x3, 0x80000000, 0x2)

1.880262698s ago: executing program 7 (id=2812):
r0 = socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = syz_genetlink_get_family_id$auto_thermal(&(0x7f00000000c0), r0)
sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, r1, 0x200, 0x70bd29, 0x25dfdbfe, {}, [@THERMAL_GENL_ATTR_TZ_TRIP_TEMP={0x8, 0x8, 0x100}, @THERMAL_GENL_ATTR_CDEV_MAX_STATE={0x8, 0x12, 0x5}, @THERMAL_GENL_ATTR_TZ_TRIP_TYPE={0x8, 0x7, 0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x20040)
uname$auto(0x0)
setsockopt$auto(0x3, 0x10000000084, 0x85, 0x0, 0x90)
bind$auto(0x3, 0x0, 0x6a)
read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000e80)=""/199, 0xc7)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)

1.649082973s ago: executing program 7 (id=2813):
r0 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/snd/pcmC0D0p\x00', 0x40, 0x0)
ioctl$auto_SNDRV_PCM_IOCTL_HW_REFINE_OLD(r0, 0xc1004110, 0x0)
r1 = socket(0x28, 0x1, 0x0)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB="2f212abd"], 0x14}}, 0x4000000)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon1\x00', 0x4ad03, 0x0)
r2 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r3=>0x0})
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r3}, 0x6a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'veth0_to_bridge\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001d00), r5)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r8=>0x0})
sendmsg$auto_ETHTOOL_MSG_RINGS_SET(r5, &(0x7f0000001dc0)={0x0, 0xffffffffffffff1c, &(0x7f0000001d80)={&(0x7f0000001d40)={0x28, r6, 0x1, 0x70bd27, 0x25dfdbff, {}, [@ETHTOOL_A_RINGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}, @ETHTOOL_A_RINGS_RX_MINI={0x8, 0x7, 0x6}]}, 0x28}, 0x1, 0x0, 0x0, 0x90}, 0x80000)
r9 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r10=>0x0})
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r10, 0xfd}, 0x6a)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000000)={'veth0_macvtap\x00', <r13=>0x0})
sendmsg$auto_OVS_DP_CMD_NEW(r11, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, r12, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HfR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}, @OVS_DP_ATTR_IFINDEX={0x8, 0x9, r13}]}, 0x34}, 0x1, 0x0, 0x0, 0x801}, 0x80)
sendmsg$auto_NETDEV_CMD_QUEUE_GET2(r1, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x3c, 0x0, 0x2, 0x70bd25, 0x25dfdbfe, {}, [@NETDEV_A_QUEUE_IFINDEX={0x8, 0x2, r3}, @NETDEV_A_QUEUE_IFINDEX={0x8, 0x2, r4}, @NETDEV_A_QUEUE_IFINDEX={0x8, 0x2, r8}, @NETDEV_A_QUEUE_IFINDEX={0x8, 0x2, r10}, @NETDEV_A_QUEUE_IFINDEX={0x8, 0x2, r13}]}, 0x3c}, 0x1, 0x0, 0x0, 0x41}, 0x4044000)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r14 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r14, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
r15 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/user\x00')
fremovexattr$auto(r15, 0x0)
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, 0x0, 0x4c0c03, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000340)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4460, 0x15f4da0a, 0x1, 0x3, 0x300000000000000, 0x80000001, 0x7, 0x0, 0x5, 0x2]}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

1.200788171s ago: executing program 8 (id=2814):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0)
mbind$auto(0x0, 0x2, 0x2, 0x0, 0x7, 0x0)
write$auto(0x3, 0x0, 0x7fffffff)
write$auto(0x1, &(0x7f0000000000)='//\xf2\x00', 0x80000000)
bpf$auto(0x0, &(0x7f00000003c0)=@task_fd_query={0x0, r0, 0xd, 0x89, 0x2, 0x4, r0, 0x81, 0x9}, 0x6f4)
read$auto(0x3, 0x0, 0x80)
openat$auto_nsim_dev_take_snapshot_fops_dev(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/netdevsim/netdevsim4/take_snapshot\x00', 0x40000, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
readv$auto(r0, 0x0, 0x401)
close_range$auto(0x2, 0xa, 0x0)
socket(0x22, 0xa, 0x1)
accept$auto(0xffffffffffffffff, 0x0, 0x0)
openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x800, 0x0)
openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/usb/usbmon/18u\x00', 0x26040, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)

477.97308ms ago: executing program 7 (id=2815):
r0 = socketcall$auto_SYS_SEND(0x9, &(0x7f0000000000)=0x7)
ioctl$auto_VHOST_SET_LOG_BASE2(r0, 0x4008af04, &(0x7f0000000040)=0x5)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000000c0), r0)
sendmsg$auto_NFSD_CMD_VERSION_SET(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x18, r2, 0x20, 0x70bd2a, 0x25dfdbfd, {}, [@NFSD_A_SERVER_PROTO_VERSION={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x1}, 0x800)
r3 = openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f00000001c0), 0x80, 0x0)
ioctl$auto_FIOASYNC(r1, 0x5452, r3)
sendmsg$auto_NL80211_CMD_SET_KEY(r1, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x30000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x24, 0x0, 0x300, 0x70bd2c, 0x25dfdbfd, {}, [@NL80211_ATTR_WPA_VERSIONS={0x8, 0x4b, 0x5}, @NL80211_ATTR_SMPS_MODE={0x5, 0xd5, 0xc3}]}, 0x24}, 0x1, 0x0, 0x0, 0x4081}, 0x6c800)
madvise$auto(0x6033, 0x6, 0x2)
r4 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000340), r0)
sendmsg$auto_NFC_CMD_DEV_DOWN(r1, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x1c, r4, 0x915, 0x70bd29, 0x25dfdbfb, {}, [@NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0x9}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8001}, 0x8000)
r5 = getsockopt$auto_SO_PASSCRED(r3, 0x4, 0x10, &(0x7f0000000440)='nfc\x00', &(0x7f0000000480)=0xe400)
shmctl$auto_IPC_STAT(0x7f, 0x2, &(0x7f0000000640)={{0x9, <r6=>0xee01, 0x0, 0x3, 0x3, 0x4, 0x1}, 0x101, 0x400, 0x6, 0x5, @raw=0x3, @raw=0xfffffff2, 0xfc01, 0x0, &(0x7f0000000500)="1933883cd22a6e9344d9586dec19fa13e6fcfeb2ac312cd38d7e097eac9dc9748440d72a1193ab36bb3d2b98cc2c1d43b742b9e5e4def2dbf741206b9edf5f8e36bf39d46b2b4cc81cbb73681e158d14aa1011dfe08b016ce67cd16e3707c9132b0bf44844a2cde2d393fd9c45014034067fae76d913acdcbc123600fac778e6e0c7d2d019aa45d89eaad534761a22967830e0b1a6f5d5d4b1d01ae33e1a3bf07028a74f36cc17cacf8fb39eecaf0d44767f26db41ad319db10dcecd77da6588b308cafaa0084e411caddcfd0df72d0a2ce05e", &(0x7f0000000600)="0ec080015780d6bb6cc1eb3acf50db444dd2edd4c893abe19cac9bc8b445b982dd8828f554894a3ad9a4fa"})
sendmsg$auto_IPVS_CMD_NEW_SERVICE(r5, &(0x7f0000000980)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000940)={&(0x7f00000006c0)={0x26c, 0x0, 0x4, 0x70bd2d, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DAEMON={0x258, 0x3, 0x0, 0x1, [@nested={0x8, 0x145, 0x0, 0x1, [@nested={0x4, 0x41}]}, @nested={0x12c, 0x121, 0x0, 0x1, [@typed={0x14, 0xeb, 0x0, 0x0, @ipv6=@empty}, @typed={0x4, 0xad}, @typed={0x8, 0x4a, 0x0, 0x0, @uid=r6}, @generic="d4b2d70be7fda038f75a90e905c322d6763662cf293deef3b2b326c7fe8c9fe8bd20ac46dc27275a509fed7945d7a6977155d0091dac8b2efb38d2a1807084f1b9f890d2d815bcc294bca42ee911aeb285a7654c214941a826847512f1b95556b53dc5b250ba046d7706ce0a797ee756ccead03a9682cec07d093752489144a7d3f58c", @nested={0x4, 0x124}, @typed={0xc, 0x9f, 0x0, 0x0, @u64=0x5}, @generic="41863628f49f96113ff2ec3346f78ccc80b9dd27d14cf7c95f9e405b5d12e8dbf7846ad96690490b7c3e1097a665a85ff23ce2e4db871d333678d0aade437d20032c28df3a6c240e6240725c9d1d025efe9314c72e330471a677aeb77dab204c061be5a8131e5ad60267960ad1e9639b5dd375ba2e"]}, @nested={0x11d, 0xbd, 0x0, 0x1, [@nested={0x4, 0x4}, @nested={0x4, 0x109}, @nested={0x4, 0x9f}, @typed={0xb, 0xef, 0x0, 0x0, @str='%-\'[]^\x00'}, @nested={0x4, 0x11d}, @nested={0x4, 0xd5}, @generic="1c0d291e1109156907c2a01178bfc31c3626831f9f1416f7289d6cc18dc5c55b1e6308660c64c88b4eaae3b7b920fb2b8cd7fe330ef213f56e2fbdb2c11d333b30d513d9605f7e5622281180fe480d14196f09eea5ee2e8564a0df7629d34e0e2a41eb3d4709c87159fefe1d9664162a76a0b3172ff01e1067f9765d9436098fa829b4e8d1eeb23100763b777af0cd53f064ae49d15ad5e95c8278a60ddfcd613713202b80483ad182b25b9a5718254762940af8e885f25a333b7563f411fa77729cbef47f8cf6e1321c230bcdd25df787d0a5d9268b45b7df7156d0e022a51c0801a345ac87cadd024ad2b0ea6cb24aa423ebf6785a2e2811"]}]}]}, 0x26c}, 0x1, 0x0, 0x0, 0x4040}, 0x8811)
setsockopt$auto_SO_SNDTIMEO_NEW(r5, 0x0, 0x43, &(0x7f00000009c0)='\x00', 0x9)
ioctl$auto_AUTOFS_IOC_PROTOVER(r0, 0x80049363, &(0x7f0000000a00)=0x1ff)
r7 = clone$auto(0x8000, 0x0, &(0x7f0000000a40), &(0x7f0000000a80)=0xf, 0x200)
move_pages$auto(r7, 0x3f2a, &(0x7f0000000bc0)=&(0x7f0000000ac0)="2858b52746040690879c87223cd59fb580688bcbd9024c6e04d7193029b0034d894056c4af4fedcb83224cf064089cbc7f1ebc2a1eac09d08fd0d0e8d025a5122afc15aed194a05f84c535845714909f1df212a1bd10652194b24581157432f0f2e04270edcafdcb2dd348b9afeef1653ea37ffc840b93750977a0a239941c0a1968fcd1fcdd88e16fa1a4e4386dba09cf0780e1fb99db8b67eb57e4223f81f3db56e087abe5ebf65fac7aff6063feb5c8fc0e359088c5753bcac213f4c2ed0d0dec0d45e92419", &(0x7f0000000c00)=0x8000, &(0x7f0000000c40)=0x5, 0x6)
r8 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000cc0), r5)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000d00)={'hsr0\x00', <r9=>0x0})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000d40)={'veth1_macvtap\x00', <r10=>0x0})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000d80)={'ip6erspan0\x00', <r11=>0x0})
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r5, &(0x7f0000000f00)={&(0x7f0000000c80)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000ec0)={&(0x7f0000000dc0)={0xf8, r8, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [@ETHTOOL_A_CHANNELS_HEADER={0x74, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x80000000}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4687}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vxcan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bridge\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vxcan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip_vti0\x00'}]}, @ETHTOOL_A_CHANNELS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bond\x00'}]}, @ETHTOOL_A_CHANNELS_HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6_vti0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}]}, @ETHTOOL_A_CHANNELS_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x43c9617c}]}]}, 0xf8}, 0x1, 0x0, 0x0, 0x1}, 0x20000005)
ptrace$auto_PTRACE_SYSEMU(0x1f, r7, 0x5a1a, 0x6a9)
mbind$auto(0x8, 0x7ff, 0x0, &(0x7f0000000f40)=0x10000, 0xc, 0x3)
ioctl$auto_MEMGETREGIONCOUNT(r0, 0x80044d07, &(0x7f0000000f80)=0x3c3)
r12 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000001000), r0)
sendmsg$auto_NL802154_CMD_GET_WPAN_PHY(r0, &(0x7f0000001440)={&(0x7f0000000fc0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000001400)={&(0x7f0000001040)={0x3bc, r12, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@NL802154_ATTR_NETNS_FD={0x8, 0x1d, r0}, @NL802154_ATTR_SEC_ENABLED={0x5, 0x29, 0x1}, @NL802154_ATTR_SEC_KEY={0x390, 0x30, 0x0, 0x1, [@nested={0x4, 0x9d}, @nested={0xf1, 0xbd, 0x0, 0x1, [@typed={0x4, 0x92}, @generic="44e7e24c4af7cb5063ec014ab6a1d422c74d82391713dff2c2b1937c4eadc45ae876d4845e74601502f45d543ffaddfa3ad48aa7a7f29b2b27c2c7ac0ff3dd425c63a21b6871fbfc24cc9aca9438677d0e4e49f5926ae2ff3ce2ae4954febe8a7ac299c2c22190f5a4e20a6c10385fa27cb316e01bd235e24df1a3f4b9b6fd246788d14d91e46f1bccbf2eb27fe2fa111681c8624b49a033efe93358a183480d0e1c80a2d8d7ecd6ad376a3d311d84454b29c8dfc5815bbb0f9e99e4ff420267ba242bf43ab4a9", @typed={0x8, 0x81, 0x0, 0x0, @ipv4=@multicast1}, @generic="a9b06debe6976adfe66621e42c2f64f7f6a28a927fd03273f860"]}, @typed={0xc, 0x8e, 0x0, 0x0, @u64=0x4}, @nested={0x62, 0x4c, 0x0, 0x1, [@nested={0x4, 0xad}, @typed={0x1a, 0x6f, 0x0, 0x0, @binary="67a7d93e4f66cbc8444dafd323d973e4447436977632"}, @nested={0x4, 0x120}, @generic="5702a9155eb472fa21a4ac298e5343cb705ccc49a782ace64b0375697f4ca2bdf2eed4f8ee53a4172dde1d257447", @typed={0x8, 0x9, 0x0, 0x0, @uid=r6}, @nested={0x4, 0xf3}]}, @typed={0x8, 0x3c, 0x0, 0x0, @u32=0x9}, @nested={0x21b, 0xeb, 0x0, 0x1, [@generic="ebe3499004e8b99d5c4d8291a3c49ba56dfe12b187d3b8a6f3993ddf158763fcfcbe85d7fa30a7fb822ed2f0d965c6b44362e0b7ef30b90618e77b18268d598152883c04708a6affa94242e32cc5288e92100b8a8cc280a2a093d7be3556045d356dd0e873347bb8442052507bc231548956f8b991f8f6f96508fa1fb5d3c5e3e53d7bd34a40dfbb982214814130a910ae84e00df69c6f5e16b7737276f88773ae97e722e517e3ae393e0986f874861e942f5c5d16004856cfae9885af80922b957fa38251479c18fe00a3b3a184e9a761be8e59683ebea411d1b1d74457142a", @generic="f6a7af28b089a8c85a69c92d7e14", @generic="4ef3de936df0aa97bdbc790e63df39d12d9f2209ab65e4887b9f728fd68fc653fc1520183fd8019971bf96d187bbf0b6a5418ab6ca5b220f2ca76bd218c97db48a7a13a10d99af9b5224ae66e8334c130f91b302142604fcbbfe64465700c0a742a1a8ef45f46b0bc3f246844aa1afa46e8c0483095bb803b3700aae7b668b09698bde201ec6377520b0ddda04", @nested={0x4, 0x113}, @generic="cabb8670cffba37cb4d71c7e775b62e1206867835bf944237456", @nested={0x4, 0x4f}, @typed={0x8, 0x96, 0x0, 0x0, @str='nfc\x00'}, @generic="85883fe515405eedcff8f75ec3f031256b768be34417e939fa1befd0facc0627719edc277121fb521c43827f6a23555c2222d12e54f2e9bc0df9ee71bd8635d09fc4de70661416095e360052b432c0804339378a820afdc2eb2f29d1a3c518c42cb8f68c75b0", @typed={0x8, 0xed, 0x0, 0x0, @pid=r7}, @nested={0x4, 0x16}]}]}, @NL802154_ATTR_SUPPORTED_CHANNEL={0x8}]}, 0x3bc}, 0x1, 0x0, 0x0, 0x8000880}, 0x40000)
socket(0x27, 0x8000e, 0x3)
socket(0x2b, 0x80000, 0xfffffffe)

99.888948ms ago: executing program 7 (id=2816):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x0, 0x0)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
getrandom$auto(0x0, 0x6000000, 0x3)
write$auto(0x3, 0x0, 0xfffffdef)
sendfile$auto(0x6, 0x3, 0x0, 0xfffffdef)
socket(0xa, 0x2, 0x88)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000001700), r0)
sendmsg$auto_NETDEV_CMD_DEV_GET(r0, &(0x7f0000001840)={0x0, 0x0, &(0x7f0000001800)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="010326bd7000fedbdf2501000000e41970005e47261aada6d7230fd4d37e5dbac396c2e89872187e93a50c8a382618d49c39422fe34031dc0e4cc3393930148341f64f9687032e1cde245ce49659787e24d63c00"], 0x14}, 0x1, 0x0, 0x0, 0x4005}, 0x28044004)

0s ago: executing program 8 (id=2817):
socket(0xf, 0x1, 0x400)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030000020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a000500000000000000000008000200", @ANYRES32, @ANYBLOB="08000200", @ANYRES32=0x0, @ANYBLOB="e00013"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090)
socket(0x2, 0x3, 0xfc)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}, 0x1, 0x0, 0xfffff000}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

kernel console output (not intermixed with test programs):

aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  866.175245][T17174] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  866.191380][T17174] batman_adv: batadv0: Interface activated: batadv_slave_0
[  866.225163][T17174] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  866.243041][T17174] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  866.254289][T17174] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  866.265972][T17174] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  866.276277][T17174] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  866.287473][T17174] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  866.298577][T17174] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  866.311653][T17174] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  866.330781][T17174] batman_adv: batadv0: Interface activated: batadv_slave_1
[  866.385735][T17174] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  866.400348][T17174] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  866.412582][T17174] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  866.430906][T17174] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  866.584065][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  866.592008][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  866.687208][ T3501] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  866.718991][ T3501] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  867.122966][ T5841] Bluetooth: hci2: command tx timeout
[  867.232915][T17255] FAULT_INJECTION: forcing a failure.
[  867.232915][T17255] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  867.272743][T17255] CPU: 1 UID: 0 PID: 17255 Comm: syz.1.2356 Not tainted 6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  867.272785][T17255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  867.272803][T17255] Call Trace:
[  867.272813][T17255]  <TASK>
[  867.272825][T17255]  dump_stack_lvl+0x16c/0x1f0
[  867.272868][T17255]  should_fail_ex+0x50a/0x650
[  867.272922][T17255]  _copy_from_iter+0x2a1/0x1560
[  867.272955][T17255]  ? __pfx_lock_release+0x10/0x10
[  867.272998][T17255]  ? trace_lock_acquire+0x14e/0x1f0
[  867.273034][T17255]  ? pipe_write+0x166/0x1b30
[  867.273081][T17255]  ? __pfx__copy_from_iter+0x10/0x10
[  867.273111][T17255]  ? __pfx___mutex_lock+0x10/0x10
[  867.273165][T17255]  copy_page_from_iter+0xa5/0x120
[  867.273201][T17255]  pipe_write+0xd1e/0x1b30
[  867.273259][T17255]  ? __pfx_pipe_write+0x10/0x10
[  867.273308][T17255]  ? apparmor_file_permission+0x251/0x400
[  867.273344][T17255]  ? bpf_lsm_file_permission+0x9/0x10
[  867.273392][T17255]  ? security_file_permission+0x71/0x210
[  867.273435][T17255]  ? rw_verify_area+0xcf/0x680
[  867.273477][T17255]  vfs_write+0x5ae/0x1150
[  867.273521][T17255]  ? __pfx_pipe_write+0x10/0x10
[  867.273581][T17255]  ? __pfx_vfs_write+0x10/0x10
[  867.273627][T17255]  ? __fget_files+0x40/0x3a0
[  867.273693][T17255]  ksys_write+0x207/0x250
[  867.273736][T17255]  ? __pfx_ksys_write+0x10/0x10
[  867.273792][T17255]  do_syscall_64+0xcd/0x250
[  867.273834][T17255]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  867.273878][T17255] RIP: 0033:0x7f6ef398cde9
[  867.273904][T17255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  867.273934][T17255] RSP: 002b:00007f6ef4824038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  867.273964][T17255] RAX: ffffffffffffffda RBX: 00007f6ef3ba6080 RCX: 00007f6ef398cde9
[  867.273986][T17255] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000001
[  867.274005][T17255] RBP: 00007f6ef4824090 R08: 0000000000000000 R09: 0000000000000000
[  867.274025][T17255] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  867.274044][T17255] R13: 0000000000000000 R14: 00007f6ef3ba6080 R15: 00007ffd19d879e8
[  867.274084][T17255]  </TASK>
[  869.203115][ T5841] Bluetooth: hci2: command tx timeout
[  870.448427][T14604] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  870.458972][T14604] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  870.470279][T14604] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  870.478925][T14604] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  870.487921][T14604] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  870.495965][T14604] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  871.755479][T17303] chnl_net:caif_netlink_parms(): no params data found
[  871.983384][T17330] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2373'.
[  872.049567][T17303] bridge0: port 1(bridge_slave_0) entered blocking state
[  872.064739][T17303] bridge0: port 1(bridge_slave_0) entered disabled state
[  872.072131][T17303] bridge_slave_0: entered allmulticast mode
[  872.087131][T17303] bridge_slave_0: entered promiscuous mode
[  872.128659][T17303] bridge0: port 2(bridge_slave_1) entered blocking state
[  872.142815][T17303] bridge0: port 2(bridge_slave_1) entered disabled state
[  872.170136][T17303] bridge_slave_1: entered allmulticast mode
[  872.210405][T17303] bridge_slave_1: entered promiscuous mode
[  872.223039][T17338] FAULT_INJECTION: forcing a failure.
[  872.223039][T17338] name failslab, interval 1, probability 0, space 0, times 0
[  872.235742][T17338] CPU: 1 UID: 0 PID: 17338 Comm: syz.3.2374 Not tainted 6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  872.235780][T17338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  872.235798][T17338] Call Trace:
[  872.235807][T17338]  <TASK>
[  872.235820][T17338]  dump_stack_lvl+0x116/0x1f0
[  872.235864][T17338]  should_fail_ex+0x50a/0x650
[  872.235911][T17338]  ? trace_lock_acquire+0x14e/0x1f0
[  872.235952][T17338]  should_failslab+0xc2/0x120
[  872.235981][T17338]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  872.236030][T17338]  ? __send_signal_locked+0x159/0x12c0
[  872.236070][T17338]  ? sig_get_ucounts+0x1c0/0x5b0
[  872.236108][T17338]  __send_signal_locked+0x159/0x12c0
[  872.236157][T17338]  group_send_sig_info+0x2aa/0x300
[  872.236212][T17338]  ? __pfx_group_send_sig_info+0x10/0x10
[  872.236272][T17338]  ? kill_pid_info_type+0x21/0x2a0
[  872.236318][T17338]  kill_pid_info_type+0x92/0x2a0
[  872.236370][T17338]  kill_proc_info+0x6f/0x1b0
[  872.236400][T17338]  kill_something_info+0x2a2/0x310
[  872.236428][T17338]  ? __task_pid_nr_ns+0x186/0x500
[  872.236471][T17338]  __x64_sys_kill+0xdc/0x140
[  872.236502][T17338]  ? __pfx___x64_sys_kill+0x10/0x10
[  872.236532][T17338]  ? xfd_validate_state+0x5d/0x180
[  872.236590][T17338]  do_syscall_64+0xcd/0x250
[  872.236631][T17338]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  872.236672][T17338] RIP: 0033:0x7f7ca158cde9
[  872.236696][T17338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  872.236727][T17338] RSP: 002b:00007f7ca233f038 EFLAGS: 00000246 ORIG_RAX: 000000000000003e
[  872.236755][T17338] RAX: ffffffffffffffda RBX: 00007f7ca17a6160 RCX: 00007f7ca158cde9
[  872.236775][T17338] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 00000000000009ca
[  872.236794][T17338] RBP: 00007f7ca160e2a0 R08: 0000000000000000 R09: 0000000000000000
[  872.236813][T17338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  872.236833][T17338] R13: 0000000000000000 R14: 00007f7ca17a6160 R15: 00007ffef9b43be8
[  872.236873][T17338]  </TASK>
[  872.564028][ T5841] Bluetooth: hci5: command tx timeout
[  872.596063][T17344] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2376'.
[  872.636947][T17303] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  872.684575][T17303] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  872.847899][T17303] team0: Port device team_slave_0 added
[  872.868553][T17303] team0: Port device team_slave_1 added
[  873.027758][T17303] batman_adv: batadv0: Adding interface: batadv_slave_0
[  873.034995][T17303] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  873.101660][T17303] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  873.184304][T15879] Process accounting resumed
[  873.190940][   T29] audit: type=1800 audit(6034851759.296:11): pid=17350 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2377" name="dbroot" dev="configfs" ino=72574 res=0 errno=0
[  873.247346][T17303] batman_adv: batadv0: Adding interface: batadv_slave_1
[  873.254964][T17303] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  873.282438][T17303] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  873.456201][T17303] hsr_slave_0: entered promiscuous mode
[  873.483117][T17303] hsr_slave_1: entered promiscuous mode
[  873.496216][T17303] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  873.514011][T17303] Cannot create hsr debugfs directory
[  874.642755][ T5841] Bluetooth: hci5: command tx timeout
[  874.798883][T17303] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  874.826030][T17303] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  874.884758][T17303] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  874.932993][T17373] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2383'.
[  874.951498][T17303] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  875.518174][T17379] netlink: 'syz.3.2386': attribute type 1 has an invalid length.
[  875.743443][T17303] 8021q: adding VLAN 0 to HW filter on device bond0
[  875.776358][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  875.782785][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  875.836892][T17303] 8021q: adding VLAN 0 to HW filter on device team0
[  875.894730][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  875.901946][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  875.930965][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  875.938210][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  875.991329][T17303] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  876.354115][T17303] 8021q: adding VLAN 0 to HW filter on device batadv0
[  876.702542][T17303] veth0_vlan: entered promiscuous mode
[  876.723330][ T5841] Bluetooth: hci5: command tx timeout
[  876.735195][T17303] veth1_vlan: entered promiscuous mode
[  876.840682][T17303] veth0_macvtap: entered promiscuous mode
[  876.857118][T17303] veth1_macvtap: entered promiscuous mode
[  876.938612][T17303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  876.958009][T17303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  876.979542][T17303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  876.999773][T17303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  877.009894][T17303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  877.020666][T17303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  877.033547][T17303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  877.047038][T17303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  877.057313][T17303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  877.156068][T17303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  877.176301][T17413] FAULT_INJECTION: forcing a failure.
[  877.176301][T17413] name failslab, interval 1, probability 0, space 0, times 0
[  877.188968][T17413] CPU: 0 UID: 0 PID: 17413 Comm: syz.2.2391 Not tainted 6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  877.189003][T17413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  877.189020][T17413] Call Trace:
[  877.189029][T17413]  <TASK>
[  877.189040][T17413]  dump_stack_lvl+0x116/0x1f0
[  877.189090][T17413]  should_fail_ex+0x50a/0x650
[  877.189130][T17413]  ? trace_lock_acquire+0x14e/0x1f0
[  877.189182][T17413]  should_failslab+0xc2/0x120
[  877.189208][T17413]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  877.189252][T17413]  ? __send_signal_locked+0x159/0x12c0
[  877.189287][T17413]  ? sig_get_ucounts+0x1c0/0x5b0
[  877.189321][T17413]  __send_signal_locked+0x159/0x12c0
[  877.189362][T17413]  group_send_sig_info+0x2aa/0x300
[  877.189407][T17413]  ? __pfx_group_send_sig_info+0x10/0x10
[  877.189459][T17413]  ? kill_pid_info_type+0x21/0x2a0
[  877.189500][T17413]  kill_pid_info_type+0x92/0x2a0
[  877.189546][T17413]  kill_proc_info+0x6f/0x1b0
[  877.189571][T17413]  kill_something_info+0x2a2/0x310
[  877.189599][T17413]  ? __task_pid_nr_ns+0x186/0x500
[  877.189640][T17413]  __x64_sys_kill+0xdc/0x140
[  877.189667][T17413]  ? __pfx___x64_sys_kill+0x10/0x10
[  877.189693][T17413]  ? xfd_validate_state+0x5d/0x180
[  877.189742][T17413]  do_syscall_64+0xcd/0x250
[  877.189778][T17413]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  877.189815][T17413] RIP: 0033:0x7f70d9d8cde9
[  877.189843][T17413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  877.189871][T17413] RSP: 002b:00007f70d7bd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000003e
[  877.189898][T17413] RAX: ffffffffffffffda RBX: 00007f70d9fa6160 RCX: 00007f70d9d8cde9
[  877.189916][T17413] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000034
[  877.189933][T17413] RBP: 00007f70d9e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  877.189949][T17413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  877.189966][T17413] R13: 0000000000000000 R14: 00007f70d9fa6160 R15: 00007ffe1b0205e8
[  877.189999][T17413]  </TASK>
[  877.424167][T17303] batman_adv: batadv0: Interface activated: batadv_slave_0
[  877.434628][T17303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  877.446136][T17303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  877.456330][T17303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  877.552370][T17303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  877.593075][T17303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  877.661387][T17303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  877.802856][T17303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  877.822771][T17303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  877.843110][T17303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  877.863066][T17303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  877.894934][T17303] batman_adv: batadv0: Interface activated: batadv_slave_1
[  877.922340][T17303] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  877.963393][T17303] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  877.972182][T17303] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  878.032999][T17303] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  878.173023][T17425] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2392'.
[  878.474647][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  878.482533][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  878.753670][T17426] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  878.802822][ T5841] Bluetooth: hci5: command tx timeout
[  879.034533][T17426] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  881.084813][T14604] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  881.095483][T14604] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  881.123487][T14604] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  881.152253][T14604] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  881.166637][T14604] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  881.187127][T14604] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  881.436598][   T80] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  881.531059][T17464] FAULT_INJECTION: forcing a failure.
[  881.531059][T17464] name failslab, interval 1, probability 0, space 0, times 0
[  881.543761][T17464] CPU: 1 UID: 0 PID: 17464 Comm: syz.2.2401 Not tainted 6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  881.543801][T17464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  881.543820][T17464] Call Trace:
[  881.543830][T17464]  <TASK>
[  881.543843][T17464]  dump_stack_lvl+0x116/0x1f0
[  881.543886][T17464]  should_fail_ex+0x50a/0x650
[  881.543932][T17464]  ? trace_lock_acquire+0x14e/0x1f0
[  881.543973][T17464]  should_failslab+0xc2/0x120
[  881.544003][T17464]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  881.544052][T17464]  ? __send_signal_locked+0x159/0x12c0
[  881.544092][T17464]  ? sig_get_ucounts+0x1c0/0x5b0
[  881.544132][T17464]  __send_signal_locked+0x159/0x12c0
[  881.544181][T17464]  group_send_sig_info+0x2aa/0x300
[  881.544239][T17464]  ? __pfx_group_send_sig_info+0x10/0x10
[  881.544301][T17464]  ? kill_pid_info_type+0x21/0x2a0
[  881.544349][T17464]  kill_pid_info_type+0x92/0x2a0
[  881.544403][T17464]  kill_proc_info+0x6f/0x1b0
[  881.544434][T17464]  kill_something_info+0x2a2/0x310
[  881.544463][T17464]  ? __task_pid_nr_ns+0x186/0x500
[  881.544528][T17464]  __x64_sys_kill+0xdc/0x140
[  881.544562][T17464]  ? __pfx___x64_sys_kill+0x10/0x10
[  881.544595][T17464]  ? xfd_validate_state+0x5d/0x180
[  881.544661][T17464]  do_syscall_64+0xcd/0x250
[  881.544706][T17464]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  881.544753][T17464] RIP: 0033:0x7f70d9d8cde9
[  881.544781][T17464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  881.544816][T17464] RSP: 002b:00007f70d7bd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000003e
[  881.544848][T17464] RAX: ffffffffffffffda RBX: 00007f70d9fa6160 RCX: 00007f70d9d8cde9
[  881.544872][T17464] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000045
[  881.544893][T17464] RBP: 00007f70d9e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  881.544915][T17464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  881.544935][T17464] R13: 0000000000000000 R14: 00007f70d9fa6160 R15: 00007ffe1b0205e8
[  881.544979][T17464]  </TASK>
[  882.014407][   T80] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  882.221502][   T80] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  882.468677][   T80] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  882.664498][T17479] bridge0: port 3(veth0_to_bridge) entered blocking state
[  882.673139][T17479] bridge0: port 3(veth0_to_bridge) entered disabled state
[  882.680516][T17479] veth0_to_bridge: entered allmulticast mode
[  882.735048][T17479] veth0_to_bridge: entered promiscuous mode
[  882.756809][T17455] chnl_net:caif_netlink_parms(): no params data found
[  883.290122][ T5841] Bluetooth: hci3: command tx timeout
[  883.590949][   T80] bridge_slave_1: left allmulticast mode
[  883.603833][T17500] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2410'.
[  883.864742][   T80] bridge_slave_1: left promiscuous mode
[  883.886797][   T80] bridge0: port 2(bridge_slave_1) entered disabled state
[  884.128084][   T80] bridge_slave_0: left allmulticast mode
[  884.152721][   T80] bridge_slave_0: left promiscuous mode
[  884.162583][   T80] bridge0: port 1(bridge_slave_0) entered disabled state
[  884.905551][T17455] bridge0: port 1(bridge_slave_0) entered blocking state
[  884.926937][T17455] bridge0: port 1(bridge_slave_0) entered disabled state
[  884.935170][T17455] bridge_slave_0: entered allmulticast mode
[  884.949786][T17455] bridge_slave_0: entered promiscuous mode
[  884.961333][T17455] bridge0: port 2(bridge_slave_1) entered blocking state
[  884.981916][T17455] bridge0: port 2(bridge_slave_1) entered disabled state
[  885.007250][T17455] bridge_slave_1: entered allmulticast mode
[  885.015927][T17455] bridge_slave_1: entered promiscuous mode
[  885.369523][ T5841] Bluetooth: hci3: command tx timeout
[  885.395559][T17455] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  885.441270][T17455] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  885.538781][T17455] team0: Port device team_slave_0 added
[  885.616896][T17455] team0: Port device team_slave_1 added
[  885.871986][T17455] batman_adv: batadv0: Adding interface: batadv_slave_0
[  885.899994][T17455] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  885.982475][T17455] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  886.101584][T17455] batman_adv: batadv0: Adding interface: batadv_slave_1
[  886.121433][T17455] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  886.178544][T17455] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  886.356768][T17455] hsr_slave_0: entered promiscuous mode
[  886.376961][T17455] hsr_slave_1: entered promiscuous mode
[  886.396063][T17455] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  886.412628][T17455] Cannot create hsr debugfs directory
[  886.729708][   T80] hsr_slave_0: left promiscuous mode
[  886.743668][   T80] hsr_slave_1: left promiscuous mode
[  886.758067][   T80] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  886.770589][   T80] batman_adv: batadv0: Removing interface: batadv_slave_0
[  886.794495][   T80] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  886.802235][   T80] batman_adv: batadv0: Removing interface: batadv_slave_1
[  886.853901][   T80] veth1_macvtap: left allmulticast mode
[  886.859681][   T80] veth1_macvtap: left promiscuous mode
[  886.876241][   T80] veth0_macvtap: left promiscuous mode
[  887.442838][ T5841] Bluetooth: hci3: command tx timeout
[  887.692886][T17565] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2416'.
[  888.260934][   T80] team0 (unregistering): Port device team_slave_1 removed
[  888.967311][   T80] team0 (unregistering): Port device team_slave_0 removed
[  889.525218][ T5841] Bluetooth: hci3: command tx timeout
[  890.939462][T17603] sctp: [Deprecated]: syz.5.2422 (pid 17603) Use of struct sctp_assoc_value in delayed_ack socket option.
[  890.939462][T17603] Use struct sctp_sack_info instead
[  891.323149][T17455] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  891.379567][T17455] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  891.515673][T17455] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  891.575514][T17455] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  892.921869][T17455] 8021q: adding VLAN 0 to HW filter on device bond0
[  893.207218][T17455] 8021q: adding VLAN 0 to HW filter on device team0
[  893.254312][ T3501] bridge0: port 1(bridge_slave_0) entered blocking state
[  893.261494][ T3501] bridge0: port 1(bridge_slave_0) entered forwarding state
[  893.314610][ T3501] bridge0: port 2(bridge_slave_1) entered blocking state
[  893.326085][ T3501] bridge0: port 2(bridge_slave_1) entered forwarding state
[  893.927161][T17455] 8021q: adding VLAN 0 to HW filter on device batadv0
[  894.039721][T17455] veth0_vlan: entered promiscuous mode
[  894.077638][T17455] veth1_vlan: entered promiscuous mode
[  894.166175][T17455] veth0_macvtap: entered promiscuous mode
[  894.214752][T17455] veth1_macvtap: entered promiscuous mode
[  894.283290][T17455] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  894.325679][T17455] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  894.342985][T17455] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  894.372221][T17455] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  894.401600][T17455] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  894.432895][T17455] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  894.460683][T17455] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  894.506906][T17455] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  894.531320][T17455] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  894.584728][T17455] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  894.626763][T17455] batman_adv: batadv0: Interface activated: batadv_slave_0
[  894.673133][T17455] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  894.695318][T17455] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  894.721710][T17455] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  894.742867][T17455] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  894.774662][T17455] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  894.812915][T17455] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  894.842896][T17455] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  894.861159][T17455] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  894.912880][T17455] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  894.932807][T17455] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  894.953733][T17455] batman_adv: batadv0: Interface activated: batadv_slave_1
[  895.074077][T17455] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  895.112615][T17455] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  895.121427][T17455] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  895.172658][T17455] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  895.592569][T17426] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  895.601249][T17426] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  896.072631][ T1150] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  896.122868][ T1150] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  896.146138][T17711] sysfs_service_op_show: Client not running :-5:
[  897.131525][T14604] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  897.142933][T14604] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  897.151265][T14604] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  897.171427][T14604] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  897.193395][T14604] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  897.200911][T14604] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  897.805462][T17729] chnl_net:caif_netlink_parms(): no params data found
[  898.275258][T17729] bridge0: port 1(bridge_slave_0) entered blocking state
[  898.298121][T17729] bridge0: port 1(bridge_slave_0) entered disabled state
[  898.311165][T17729] bridge_slave_0: entered allmulticast mode
[  898.338978][T17729] bridge_slave_0: entered promiscuous mode
[  898.358720][T17763] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2438'.
[  898.364185][T17729] bridge0: port 2(bridge_slave_1) entered blocking state
[  898.386487][T17729] bridge0: port 2(bridge_slave_1) entered disabled state
[  898.399363][T17729] bridge_slave_1: entered allmulticast mode
[  898.415622][T17729] bridge_slave_1: entered promiscuous mode
[  898.716362][ T1150] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  898.805379][T17729] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  898.828312][T17729] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  899.286122][ T5841] Bluetooth: hci6: command tx timeout
[  899.347782][ T1150] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  899.421298][T17729] team0: Port device team_slave_0 added
[  899.624402][T17729] team0: Port device team_slave_1 added
[  899.672946][T17729] batman_adv: batadv0: Adding interface: batadv_slave_0
[  899.707385][T17729] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  899.822671][T17729] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  900.005985][ T1150] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  900.046156][T17729] batman_adv: batadv0: Adding interface: batadv_slave_1
[  900.061289][T17729] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  900.131882][T17729] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  900.361850][ T1150] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  900.571230][T17729] hsr_slave_0: entered promiscuous mode
[  900.603337][T17729] hsr_slave_1: entered promiscuous mode
[  900.644599][T17729] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  900.672042][T17729] Cannot create hsr debugfs directory
[  901.362611][ T5841] Bluetooth: hci6: command tx timeout
[  901.582146][ T1150] veth0_to_bridge: left allmulticast mode
[  901.640266][ T1150] veth0_to_bridge: left promiscuous mode
[  901.646986][ T1150] bridge0: port 3(veth0_to_bridge) entered disabled state
[  901.752296][ T1150] bridge_slave_1: left allmulticast mode
[  901.802587][ T1150] bridge_slave_1: left promiscuous mode
[  901.808405][ T1150] bridge0: port 2(bridge_slave_1) entered disabled state
[  901.934178][ T1150] bridge_slave_0: left allmulticast mode
[  901.939911][ T1150] bridge_slave_0: left promiscuous mode
[  901.963420][ T1150] bridge0: port 1(bridge_slave_0) entered disabled state
[  902.961989][T17816] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2449'.
[  903.443438][ T5841] Bluetooth: hci6: command tx timeout
[  903.577339][ T1150] hsr_slave_0: left promiscuous mode
[  903.610825][ T1150] hsr_slave_1: left promiscuous mode
[  903.624800][ T1150] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  903.641973][ T1150] batman_adv: batadv0: Removing interface: batadv_slave_0
[  903.679214][ T1150] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  903.679292][ T1150] batman_adv: batadv0: Removing interface: batadv_slave_1
[  903.712891][ T1150] veth1_macvtap: left allmulticast mode
[  903.712946][ T1150] veth1_macvtap: left promiscuous mode
[  903.713074][ T1150] veth0_macvtap: left promiscuous mode
[  904.579053][ T1150] team0 (unregistering): Port device team_slave_1 removed
[  904.652873][ T1150] team0 (unregistering): Port device team_slave_0 removed
[  904.837163][T17842] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2452'.
[  905.522885][ T5841] Bluetooth: hci6: command tx timeout
[  905.968536][T17729] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  906.028755][T17729] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  906.083213][T17862] FAULT_INJECTION: forcing a failure.
[  906.083213][T17862] name failslab, interval 1, probability 0, space 0, times 0
[  906.095903][T17862] CPU: 1 UID: 0 PID: 17862 Comm: syz.2.2456 Not tainted 6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  906.095943][T17862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  906.095962][T17862] Call Trace:
[  906.095971][T17862]  <TASK>
[  906.095983][T17862]  dump_stack_lvl+0x116/0x1f0
[  906.096026][T17862]  should_fail_ex+0x50a/0x650
[  906.096072][T17862]  ? trace_lock_acquire+0x14e/0x1f0
[  906.096115][T17862]  should_failslab+0xc2/0x120
[  906.096144][T17862]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  906.096193][T17862]  ? __send_signal_locked+0x159/0x12c0
[  906.096232][T17862]  ? sig_get_ucounts+0x1c0/0x5b0
[  906.096288][T17862]  __send_signal_locked+0x159/0x12c0
[  906.096355][T17862]  group_send_sig_info+0x2aa/0x300
[  906.096416][T17862]  ? __pfx_group_send_sig_info+0x10/0x10
[  906.096481][T17862]  ? kill_pid_info_type+0x21/0x2a0
[  906.096532][T17862]  kill_pid_info_type+0x92/0x2a0
[  906.096589][T17862]  kill_proc_info+0x6f/0x1b0
[  906.096621][T17862]  kill_something_info+0x2a2/0x310
[  906.096651][T17862]  ? __task_pid_nr_ns+0x186/0x500
[  906.096697][T17862]  __x64_sys_kill+0xdc/0x140
[  906.096729][T17862]  ? __pfx___x64_sys_kill+0x10/0x10
[  906.096760][T17862]  ? xfd_validate_state+0x5d/0x180
[  906.096822][T17862]  do_syscall_64+0xcd/0x250
[  906.096864][T17862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  906.096910][T17862] RIP: 0033:0x7f70d9d8cde9
[  906.096935][T17862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  906.096968][T17862] RSP: 002b:00007f70d7bd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000003e
[  906.096998][T17862] RAX: ffffffffffffffda RBX: 00007f70d9fa6160 RCX: 00007f70d9d8cde9
[  906.097020][T17862] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000089
[  906.097040][T17862] RBP: 00007f70d9e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  906.097061][T17862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  906.097080][T17862] R13: 0000000000000000 R14: 00007f70d9fa6160 R15: 00007ffe1b0205e8
[  906.097121][T17862]  </TASK>
[  906.323529][T17729] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  906.348067][T17729] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  906.836022][T17877] FAULT_INJECTION: forcing a failure.
[  906.836022][T17877] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  906.857071][T17877] CPU: 1 UID: 0 PID: 17877 Comm: syz.2.2458 Not tainted 6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  906.857109][T17877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  906.857127][T17877] Call Trace:
[  906.857137][T17877]  <TASK>
[  906.857149][T17877]  dump_stack_lvl+0x16c/0x1f0
[  906.857193][T17877]  should_fail_ex+0x50a/0x650
[  906.857247][T17877]  _copy_from_user+0x2e/0xd0
[  906.857281][T17877]  copy_from_sockptr_offset+0x164/0x1a0
[  906.857325][T17877]  ? __might_fault+0xe3/0x190
[  906.857364][T17877]  ? __pfx_copy_from_sockptr_offset+0x10/0x10
[  906.857408][T17877]  ? __might_fault+0xe3/0x190
[  906.857459][T17877]  do_tcp_getsockopt+0x1ae1/0x27d0
[  906.857495][T17877]  ? __pfx_do_tcp_getsockopt+0x10/0x10
[  906.857528][T17877]  ? hlock_class+0x4e/0x130
[  906.857558][T17877]  ? mark_lock+0xb5/0xc60
[  906.857604][T17877]  ? hlock_class+0x4e/0x130
[  906.857634][T17877]  ? __lock_acquire+0x15a9/0x3c40
[  906.857688][T17877]  ? __pfx___lock_acquire+0x10/0x10
[  906.857727][T17877]  ? __pfx___lock_acquire+0x10/0x10
[  906.857766][T17877]  ? __pfx_mark_lock+0x10/0x10
[  906.857819][T17877]  ? hlock_class+0x4e/0x130
[  906.857847][T17877]  ? __lock_acquire+0xcc5/0x3c40
[  906.857889][T17877]  ? lock_acquire.part.0+0x11b/0x380
[  906.857936][T17877]  ? __mutex_trylock_common+0xea/0x250
[  906.857977][T17877]  ? __pfx___mutex_trylock_common+0x10/0x10
[  906.858018][T17877]  ? smc_getsockopt+0xbd/0x360
[  906.858056][T17877]  ? rcu_is_watching+0x12/0xc0
[  906.858086][T17877]  ? trace_contention_end+0xee/0x140
[  906.858129][T17877]  ? __mutex_lock+0x1cc/0xb10
[  906.858164][T17877]  ? __pfx___lock_acquire+0x10/0x10
[  906.858203][T17877]  ? smc_getsockopt+0xbd/0x360
[  906.858278][T17877]  tcp_getsockopt+0xdf/0x100
[  906.858314][T17877]  smc_getsockopt+0x163/0x360
[  906.858359][T17877]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  906.858409][T17877]  ? __pfx_smc_getsockopt+0x10/0x10
[  906.858446][T17877]  ? __might_fault+0xe3/0x190
[  906.858481][T17877]  ? __pfx_smc_getsockopt+0x10/0x10
[  906.858523][T17877]  do_sock_getsockopt+0x3fe/0x800
[  906.858556][T17877]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  906.858584][T17877]  ? __pfx_do_sys_openat2+0x10/0x10
[  906.858635][T17877]  __sys_getsockopt+0x12f/0x260
[  906.858684][T17877]  __x64_sys_getsockopt+0xbd/0x160
[  906.858723][T17877]  ? do_syscall_64+0x91/0x250
[  906.858758][T17877]  ? lockdep_hardirqs_on+0x7c/0x110
[  906.858791][T17877]  do_syscall_64+0xcd/0x250
[  906.858828][T17877]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  906.858868][T17877] RIP: 0033:0x7f70d9d8cde9
[  906.858892][T17877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  906.858919][T17877] RSP: 002b:00007f70dab02038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  906.858946][T17877] RAX: ffffffffffffffda RBX: 00007f70d9fa5fa0 RCX: 00007f70d9d8cde9
[  906.858966][T17877] RDX: 0000000000000023 RSI: 0000000000000006 RDI: 0000000000000003
[  906.858983][T17877] RBP: 00007f70dab02090 R08: 0000400000000100 R09: 0000000000000000
[  906.859002][T17877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  906.859020][T17877] R13: 0000000000000000 R14: 00007f70d9fa5fa0 R15: 00007ffe1b0205e8
[  906.859058][T17877]  </TASK>
[  907.191223][T17729] 8021q: adding VLAN 0 to HW filter on device bond0
[  907.361018][T17729] 8021q: adding VLAN 0 to HW filter on device team0
[  907.391346][ T3501] bridge0: port 1(bridge_slave_0) entered blocking state
[  907.398547][ T3501] bridge0: port 1(bridge_slave_0) entered forwarding state
[  907.435903][T17881] [U] 
[  907.438692][T17881] [U] 
[  907.439357][   T80] bridge0: port 2(bridge_slave_1) entered blocking state
[  907.441426][T17881] [U] 
[  907.448596][   T80] bridge0: port 2(bridge_slave_1) entered forwarding state
[  907.451137][T17881] [U] 
[  907.515365][T17881] [U] 
[  907.518164][T17881] [U] 
[  907.520942][T17881] [U] 
[  907.523696][T17881] [U] 
[  907.572033][T17881] [U] 
[  907.574843][T17881] [U] 
[  907.576427][T17729] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  907.577577][T17881] [U] 
[  907.590634][T17881] [U] 
[  907.612707][T17881] [U] 
[  907.615479][T17881] [U] 
[  907.618192][T17881] [U] 
[  907.620891][T17881] [U] 
[  907.678472][T17881] [U] 
[  907.681286][T17881] [U] 
[  907.684053][T17881] [U] 
[  907.686813][T17881] [U] 
[  907.731080][T17881] [U] 
[  907.733876][T17881] [U] 
[  907.736637][T17881] [U] 
[  907.739388][T17881] [U] 
[  907.801228][T17881] [U] 
[  907.804038][T17881] [U] 
[  907.806799][T17881] [U] 
[  907.809582][T17881] [U] 
[  907.899910][T17881] [U] 
[  907.902710][T17881] [U] 
[  907.905476][T17881] [U] 
[  907.908236][T17881] [U] 
[  907.992130][T17881] [U] 
[  907.994941][T17881] [U] 
[  907.997687][T17881] [U] 
[  908.000419][T17881] [U] 
[  908.126990][T17881] [U] 
[  908.129781][T17881] [U] 
[  908.132538][T17881] [U] 
[  908.135292][T17881] [U] 
[  908.227321][T17881] [U] 
[  908.230204][T17881] [U] 
[  908.232961][T17881] [U] 
[  908.235733][T17881] [U] 
[  908.239129][T17881] [U] 
[  908.241905][T17881] [U] 
[  908.244680][T17881] [U] 
[  908.247432][T17881] [U] 
[  908.251203][T17881] [U] 
[  908.253962][T17881] [U] 
[  908.256692][T17881] [U] 
[  908.259445][T17881] [U] 
[  908.262520][T17881] [U] 
[  908.265286][T17881] [U] 
[  908.268039][T17881] [U] 
[  908.270786][T17881] [U] 
[  908.273952][T17881] [U] 
[  908.276723][T17881] [U] 
[  908.279479][T17881] [U] 
[  908.282243][T17881] [U] 
[  908.285335][T17881] [U] 
[  908.288088][T17881] [U] 
[  908.290840][T17881] [U] 
[  908.293590][T17881] [U] 
[  908.312748][T17881] [U] 
[  908.315567][T17881] [U] 
[  908.318330][T17881] [U] 
[  908.321080][T17881] [U] 
[  908.344349][T17881] [U] 
[  908.347140][T17881] [U] 
[  908.349897][T17881] [U] 
[  908.352650][T17881] [U] 
[  908.355900][T17881] [U] 
[  908.358676][T17881] [U] 
[  908.361441][T17881] [U] 
[  908.364228][T17881] [U] 
[  908.376757][T17729] 8021q: adding VLAN 0 to HW filter on device batadv0
[  908.385378][T17881] [U] 
[  908.388176][T17881] [U] 
[  908.390979][T17881] [U] 
[  908.393737][T17881] [U] 
[  908.463722][T17881] [U] 
[  908.466527][T17881] [U] 
[  908.469284][T17881] [U] 
[  908.472082][T17881] [U] 
[  908.521382][T17881] [U] 
[  908.524178][T17881] [U] 
[  908.526923][T17881] [U] 
[  908.529688][T17881] [U] 
[  908.546404][T17881] [U] 
[  908.549201][T17881] [U] 
[  908.551952][T17881] [U] 
[  908.554710][T17881] [U] 
[  908.611334][T17881] [U] 
[  908.614143][T17881] [U] 
[  908.616910][T17881] [U] 
[  908.619651][T17881] [U] 
[  908.650066][T17729] veth0_vlan: entered promiscuous mode
[  908.656609][T17881] [U] 
[  908.659415][T17881] [U] 
[  908.662162][T17881] [U] 
[  908.663920][T17884] MTRR 1 not used
[  908.664892][T17881] [U] 
[  908.698135][T17881] [U] 
[  908.700921][T17881] [U] 
[  908.703678][T17881] [U] 
[  908.706460][T17881] [U] 
[  908.710365][T17881] [U] 
[  908.713155][T17881] [U] 
[  908.715902][T17881] [U] 
[  908.718643][T17881] [U] 
[  908.721830][T17881] [U] 
[  908.724632][T17881] [U] 
[  908.727393][T17881] [U] 
[  908.729435][T17729] veth1_vlan: entered promiscuous mode
[  908.730123][T17881] [U] 
[  908.739783][T17881] [U] 
[  908.742552][T17881] [U] 
[  908.745368][T17881] [U] 
[  908.748100][T17881] [U] 
[  908.751637][T17881] [U] 
[  908.754412][T17881] [U] 
[  908.757171][T17881] [U] 
[  908.759934][T17881] [U] 
[  908.841832][T17878] [U] 
[  909.066899][T17729] veth0_macvtap: entered promiscuous mode
[  909.095987][T17729] veth1_macvtap: entered promiscuous mode
[  909.182341][T17729] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  909.221534][T17729] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  909.245328][T17729] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  909.262099][T17729] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  909.277048][T17729] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  909.300288][T17729] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  909.310692][T17729] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  909.329899][T17729] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  909.340475][T17729] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  909.370519][T17729] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  909.381484][T17729] batman_adv: batadv0: Interface activated: batadv_slave_0
[  909.540475][T17729] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  909.598634][T17729] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  909.624181][T17729] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  909.636810][T17729] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  909.647135][T17729] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  909.658255][T17729] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  909.669278][T17729] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  909.680315][T17729] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  909.691398][T17729] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  909.707124][T17729] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  909.723831][T17729] batman_adv: batadv0: Interface activated: batadv_slave_1
[  909.758856][T17729] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  909.772943][T17729] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  909.782038][T17729] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  909.792290][T17729] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  909.945046][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  909.972052][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  910.029179][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  910.050177][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  914.399412][T17998] usb usb38: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  914.446638][T17998] vhci_hcd: default hub control req: 0000 v0000 i0000 l0

syzkaller
syzkaller login: [  916.984722][T18040] Invalid ELF header magic: != ELF
[  918.195879][T18068] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2503'.
[  918.432958][T18068] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2503'.
[  922.023407][T18125] tipc: Started in network mode
[  922.028345][T18125] tipc: Node identity ee00, cluster identity 4711
[  922.042705][T18125] tipc: Node number set to 60928
[  925.737391][T14604] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  925.792010][T14604] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  925.802028][T14604] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  925.820141][T14604] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  925.842640][T14604] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  925.852668][T14604] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  926.438423][T18169] chnl_net:caif_netlink_parms(): no params data found
[  926.554896][T18176] HfR: entered promiscuous mode
[  926.605299][T18176] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2527'.
[  926.763211][T18169] bridge0: port 1(bridge_slave_0) entered blocking state
[  926.770813][T18169] bridge0: port 1(bridge_slave_0) entered disabled state
[  926.813315][T18169] bridge_slave_0: entered allmulticast mode
[  926.820615][T18169] bridge_slave_0: entered promiscuous mode
[  926.864445][T18169] bridge0: port 2(bridge_slave_1) entered blocking state
[  926.903311][T18169] bridge0: port 2(bridge_slave_1) entered disabled state
[  926.910644][T18169] bridge_slave_1: entered allmulticast mode
[  926.934778][T18169] bridge_slave_1: entered promiscuous mode
[  927.083731][T18169] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  927.098618][T18169] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  927.114092][T18190] FAULT_INJECTION: forcing a failure.
[  927.114092][T18190] name failslab, interval 1, probability 0, space 0, times 0
[  927.128452][T18190] CPU: 0 UID: 0 PID: 18190 Comm: syz.5.2530 Not tainted 6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  927.128494][T18190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  927.128513][T18190] Call Trace:
[  927.128523][T18190]  <TASK>
[  927.128536][T18190]  dump_stack_lvl+0x16c/0x1f0
[  927.128582][T18190]  should_fail_ex+0x50a/0x650
[  927.128630][T18190]  ? fs_reclaim_acquire+0xae/0x150
[  927.128671][T18190]  ? tomoyo_realpath_from_path+0xb9/0x720
[  927.128716][T18190]  should_failslab+0xc2/0x120
[  927.128745][T18190]  __kmalloc_noprof+0xcb/0x510
[  927.128792][T18190]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  927.128847][T18190]  tomoyo_realpath_from_path+0xb9/0x720
[  927.128902][T18190]  ? tomoyo_path_number_perm+0x235/0x590
[  927.128943][T18190]  ? tomoyo_path_number_perm+0x235/0x590
[  927.128988][T18190]  tomoyo_path_number_perm+0x248/0x590
[  927.129024][T18190]  ? tomoyo_path_number_perm+0x235/0x590
[  927.129066][T18190]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  927.129108][T18190]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  927.129187][T18190]  ? __pfx___might_resched+0x10/0x10
[  927.129262][T18190]  security_file_ioctl+0x9b/0x240
[  927.129306][T18190]  __x64_sys_ioctl+0xb7/0x200
[  927.129349][T18190]  do_syscall_64+0xcd/0x250
[  927.129394][T18190]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  927.129441][T18190] RIP: 0033:0x7fd496f8cde9
[  927.129467][T18190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  927.129500][T18190] RSP: 002b:00007fd497e8d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  927.129531][T18190] RAX: ffffffffffffffda RBX: 00007fd4971a5fa0 RCX: 00007fd496f8cde9
[  927.129554][T18190] RDX: 0000400000000080 RSI: 000000004008af25 RDI: 0000000000000002
[  927.129575][T18190] RBP: 00007fd497e8d090 R08: 0000000000000000 R09: 0000000000000000
[  927.129596][T18190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  927.129617][T18190] R13: 0000000000000000 R14: 00007fd4971a5fa0 R15: 00007ffca0428a68
[  927.129659][T18190]  </TASK>
[  927.129674][T18190] ERROR: Out of memory at tomoyo_realpath_from_path.
[  927.467169][T18169] team0: Port device team_slave_0 added
[  927.488219][T18169] team0: Port device team_slave_1 added
[  927.584664][T18169] batman_adv: batadv0: Adding interface: batadv_slave_0
[  927.661306][T18169] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  927.834754][T18169] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  927.877136][T18169] batman_adv: batadv0: Adding interface: batadv_slave_1
[  927.903364][T18169] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  927.938240][ T5841] Bluetooth: hci0: command tx timeout
[  928.031580][T18169] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  928.548772][T18169] hsr_slave_0: entered promiscuous mode
[  928.567139][T18169] hsr_slave_1: entered promiscuous mode
[  928.594465][T18169] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  928.603821][T18169] Cannot create hsr debugfs directory
[  929.052691][ T5841] Bluetooth: hci4: command 0x0406 tx timeout
[  929.723546][T18169] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  929.825301][T18169] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  929.912808][T18169] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  929.959767][T18169] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  930.012564][T14604] Bluetooth: hci0: command tx timeout
[  930.641307][T18169] 8021q: adding VLAN 0 to HW filter on device bond0
[  930.663273][T18169] 8021q: adding VLAN 0 to HW filter on device team0
[  930.787973][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  930.795216][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  930.853059][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  930.860332][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  930.967480][T18231] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  930.975632][T18231] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  930.981843][T18231] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  931.000533][T18231] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  931.007018][T18231] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  931.072181][T18231] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  931.140955][T18231] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  931.161986][T18231] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  931.178991][T18231] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  931.220118][T18231] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  931.272638][T18231] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  931.329927][T18231] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  931.360047][T18231] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  931.415146][T18231] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  931.465195][T18231] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  931.507264][T18231] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  931.546119][T18231] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  931.586693][T18231] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  931.619658][T18169] 8021q: adding VLAN 0 to HW filter on device batadv0
[  932.086193][T18266] ovs_: entered promiscuous mode
[  932.427000][T18169] veth0_vlan: entered promiscuous mode
[  932.446336][T18270] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  932.477566][T18169] veth1_vlan: entered promiscuous mode
[  932.482747][T18270] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  932.492758][T18270] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  932.537280][T18270] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  932.545496][T18270] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  932.551831][T18270] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  932.560053][T18270] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  932.607242][T18169] veth0_macvtap: entered promiscuous mode
[  932.643607][T18169] veth1_macvtap: entered promiscuous mode
[  932.719214][T18169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  932.757366][T18169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  932.780973][T18169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  932.822665][T18169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  932.844716][T18169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  932.863974][T18169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  932.884416][T18169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  932.905697][T18169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  932.921694][T18169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  932.945770][T18169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  932.968472][T18169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  932.990667][T18169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  933.022185][T18169] batman_adv: batadv0: Interface activated: batadv_slave_0
[  933.104812][T18169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  933.128681][T18169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  933.152354][T18169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  933.164090][T18169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  933.182557][T18169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  933.198085][T18169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  933.221956][T18169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  933.243394][T18169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  933.261153][T18169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  933.273852][T18169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  933.300346][T18169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  933.315237][T18169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  933.327481][T18169] batman_adv: batadv0: Interface activated: batadv_slave_1
[  933.521768][T18169] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  933.537586][T18169] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  933.551598][T18169] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  933.569331][T18169] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  933.849527][   T80] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  933.865302][   T80] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  933.978260][ T1150] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  933.986283][ T1150] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  934.482742][T14604] Bluetooth: hci4: command 0x0406 tx timeout
[  934.488859][T14604] Bluetooth: hci1: command 0x0406 tx timeout
[  934.563712][ T5841] Bluetooth: hci6: command 0x0c1a tx timeout
[  934.569840][ T5841] Bluetooth: hci3: command 0x0c1a tx timeout
[  934.573202][   T54] Bluetooth: hci5: command 0x0c1a tx timeout
[  934.578019][T14604] Bluetooth: hci0: command 0x0419 tx timeout
[  934.581864][   T54] Bluetooth: hci2: command 0x0c1a tx timeout
[  934.673989][T18309] ALUA LU Group already has a valid ID, ignoring request
[  935.182777][T18330] FAULT_INJECTION: forcing a failure.
[  935.182777][T18330] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  935.212361][T18330] CPU: 0 UID: 0 PID: 18330 Comm: syz.5.2559 Not tainted 6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  935.212403][T18330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  935.212422][T18330] Call Trace:
[  935.212431][T18330]  <TASK>
[  935.212443][T18330]  dump_stack_lvl+0x16c/0x1f0
[  935.212486][T18330]  should_fail_ex+0x50a/0x650
[  935.212541][T18330]  _copy_from_user+0x2e/0xd0
[  935.212573][T18330]  restore_altstack+0x94/0x170
[  935.212609][T18330]  ? __pfx_restore_altstack+0x10/0x10
[  935.212665][T18330]  ? _raw_spin_unlock_irq+0x23/0x50
[  935.212699][T18330]  ? lockdep_hardirqs_on+0x7c/0x110
[  935.212748][T18330]  ? _raw_spin_unlock_irq+0x2e/0x50
[  935.212778][T18330]  ? set_current_blocked+0xdd/0x120
[  935.212819][T18330]  __do_sys_rt_sigreturn+0x13d/0x240
[  935.212856][T18330]  ? __pfx___do_sys_rt_sigreturn+0x10/0x10
[  935.212903][T18330]  do_syscall_64+0xcd/0x250
[  935.212940][T18330]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  935.212981][T18330] RIP: 0033:0x7fd496f28fb9
[  935.213005][T18330] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[  935.213034][T18330] RSP: 002b:00007fd497e4aa80 EFLAGS: 00000246 ORIG_RAX: 000000000000000f
[  935.213061][T18330] RAX: ffffffffffffffda RBX: 00007fd4971a6160 RCX: 00007fd496f28fb9
[  935.213081][T18330] RDX: 00007fd497e4aa80 RSI: 00007fd497e4abb0 RDI: 0000000000000011
[  935.213101][T18330] RBP: 00007fd49700e2a0 R08: 0000000000000000 R09: 0000000000000000
[  935.213120][T18330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  935.213138][T18330] R13: 0000000000000000 R14: 00007fd4971a6160 R15: 00007ffca0428a68
[  935.213175][T18330]  </TASK>
[  936.562933][   T54] Bluetooth: hci4: command 0x0406 tx timeout
[  936.642383][   T54] Bluetooth: hci2: command 0x0c1a tx timeout
[  936.652927][   T54] Bluetooth: hci0: command 0x0419 tx timeout
[  936.653137][T18311] Bluetooth: hci3: command 0x0c1a tx timeout
[  936.658971][   T54] Bluetooth: hci5: command 0x0c1a tx timeout
[  936.666622][T18311] Bluetooth: hci6: command 0x0c1a tx timeout
[  936.782527][T18367] FAULT_INJECTION: forcing a failure.
[  936.782527][T18367] name failslab, interval 1, probability 0, space 0, times 0
[  936.803565][T18367] CPU: 0 UID: 0 PID: 18367 Comm: syz.2.2572 Not tainted 6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  936.803613][T18367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  936.803634][T18367] Call Trace:
[  936.803644][T18367]  <TASK>
[  936.803659][T18367]  dump_stack_lvl+0x16c/0x1f0
[  936.803707][T18367]  should_fail_ex+0x50a/0x650
[  936.803757][T18367]  ? fs_reclaim_acquire+0xae/0x150
[  936.803803][T18367]  ? eeprom_prepare_data+0x1cc/0x930
[  936.803840][T18367]  should_failslab+0xc2/0x120
[  936.803871][T18367]  __kmalloc_noprof+0xcb/0x510
[  936.803921][T18367]  ? ethnl_default_dumpit+0x5e3/0xd30
[  936.803968][T18367]  eeprom_prepare_data+0x1cc/0x930
[  936.804012][T18367]  ? __pfx_eeprom_prepare_data+0x10/0x10
[  936.804057][T18367]  ? skb_put+0x138/0x1b0
[  936.804110][T18367]  ethnl_default_dumpit+0x649/0xd30
[  936.804169][T18367]  genl_dumpit+0x122/0x230
[  936.804218][T18367]  netlink_dump+0x53c/0xd00
[  936.804263][T18367]  ? __pfx_netlink_dump+0x10/0x10
[  936.804301][T18367]  ? eeprom_parse_request+0x364/0x720
[  936.804354][T18367]  ? ethnl_default_start+0x2dd/0x420
[  936.804394][T18367]  ? __pfx_ethnl_default_start+0x10/0x10
[  936.804430][T18367]  ? genl_start+0x67d/0x960
[  936.804487][T18367]  __netlink_dump_start+0x6ca/0x970
[  936.804555][T18367]  genl_family_rcv_msg_dumpit+0x1e1/0x2e0
[  936.804616][T18367]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[  936.804669][T18367]  ? rcu_is_watching+0x12/0xc0
[  936.804713][T18367]  ? __pfx_genl_start+0x10/0x10
[  936.804757][T18367]  ? __pfx_genl_dumpit+0x10/0x10
[  936.804804][T18367]  ? __pfx_genl_done+0x10/0x10
[  936.804853][T18367]  ? bpf_lsm_capable+0x9/0x10
[  936.804889][T18367]  ? security_capable+0x7e/0x260
[  936.804943][T18367]  ? ns_capable+0xd7/0x110
[  936.804996][T18367]  genl_rcv_msg+0x470/0x800
[  936.805051][T18367]  ? __pfx_genl_rcv_msg+0x10/0x10
[  936.805100][T18367]  ? __pfx_ethnl_default_start+0x10/0x10
[  936.805136][T18367]  ? __pfx_ethnl_default_dumpit+0x10/0x10
[  936.805177][T18367]  ? __pfx_ethnl_default_done+0x10/0x10
[  936.805215][T18367]  ? __pfx___lock_acquire+0x10/0x10
[  936.805272][T18367]  netlink_rcv_skb+0x16b/0x440
[  936.805316][T18367]  ? __pfx_genl_rcv_msg+0x10/0x10
[  936.805370][T18367]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  936.805433][T18367]  ? down_read+0xc9/0x330
[  936.805477][T18367]  ? __pfx_down_read+0x10/0x10
[  936.805523][T18367]  ? netlink_deliver_tap+0x1ae/0xd30
[  936.805572][T18367]  genl_rcv+0x28/0x40
[  936.805616][T18367]  netlink_unicast+0x53c/0x7f0
[  936.805667][T18367]  ? __pfx_netlink_unicast+0x10/0x10
[  936.805722][T18367]  ? __phys_addr_symbol+0x30/0x80
[  936.805752][T18367]  ? __check_object_size+0x488/0x710
[  936.805788][T18367]  netlink_sendmsg+0x8b8/0xd70
[  936.805835][T18367]  ? __pfx_netlink_sendmsg+0x10/0x10
[  936.805890][T18367]  ____sys_sendmsg+0xaaf/0xc90
[  936.805923][T18367]  ? copy_msghdr_from_user+0x10b/0x160
[  936.805967][T18367]  ? __pfx_____sys_sendmsg+0x10/0x10
[  936.806019][T18367]  ___sys_sendmsg+0x135/0x1e0
[  936.806068][T18367]  ? __pfx____sys_sendmsg+0x10/0x10
[  936.806127][T18367]  ? __pfx_lock_release+0x10/0x10
[  936.806176][T18367]  ? trace_lock_acquire+0x14e/0x1f0
[  936.806227][T18367]  ? __fget_files+0x206/0x3a0
[  936.806283][T18367]  __sys_sendmsg+0x16e/0x220
[  936.806327][T18367]  ? __pfx___sys_sendmsg+0x10/0x10
[  936.806370][T18367]  ? __x64_sys_futex+0x1e1/0x4c0
[  936.806431][T18367]  do_syscall_64+0xcd/0x250
[  936.806472][T18367]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  936.806514][T18367] RIP: 0033:0x7f70d9d8cde9
[  936.806539][T18367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  936.806569][T18367] RSP: 002b:00007f70dab02038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  936.806598][T18367] RAX: ffffffffffffffda RBX: 00007f70d9fa5fa0 RCX: 00007f70d9d8cde9
[  936.806619][T18367] RDX: 0000000000000082 RSI: 0000400000000e80 RDI: 0000000000000005
[  936.806639][T18367] RBP: 00007f70d9e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  936.806658][T18367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  936.806676][T18367] R13: 0000000000000000 R14: 00007f70d9fa5fa0 R15: 00007ffe1b0205e8
[  936.806716][T18367]  </TASK>
[  937.228080][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  937.234523][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  937.520603][T18376] FAULT_INJECTION: forcing a failure.
[  937.520603][T18376] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  937.538580][T18376] CPU: 1 UID: 0 PID: 18376 Comm: syz.6.2573 Not tainted 6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  937.538624][T18376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  937.538646][T18376] Call Trace:
[  937.538656][T18376]  <TASK>
[  937.538670][T18376]  dump_stack_lvl+0x16c/0x1f0
[  937.538717][T18376]  should_fail_ex+0x50a/0x650
[  937.538771][T18376]  _copy_from_user+0x2e/0xd0
[  937.538806][T18376]  restore_altstack+0x94/0x170
[  937.538843][T18376]  ? __pfx_restore_altstack+0x10/0x10
[  937.538884][T18376]  ? _raw_spin_unlock_irq+0x23/0x50
[  937.538916][T18376]  ? lockdep_hardirqs_on+0x7c/0x110
[  937.538953][T18376]  ? _raw_spin_unlock_irq+0x2e/0x50
[  937.538985][T18376]  ? set_current_blocked+0xdd/0x120
[  937.539032][T18376]  __do_sys_rt_sigreturn+0x13d/0x240
[  937.539071][T18376]  ? __pfx___do_sys_rt_sigreturn+0x10/0x10
[  937.539132][T18376]  do_syscall_64+0xcd/0x250
[  937.539175][T18376]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  937.539219][T18376] RIP: 0033:0x7f3ca0d28fb9
[  937.539244][T18376] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[  937.539275][T18376] RSP: 002b:00007f3ca1b7da80 EFLAGS: 00000246 ORIG_RAX: 000000000000000f
[  937.539306][T18376] RAX: ffffffffffffffda RBX: 00007f3ca0fa6160 RCX: 00007f3ca0d28fb9
[  937.539326][T18376] RDX: 00007f3ca1b7da80 RSI: 00007f3ca1b7dbb0 RDI: 0000000000000011
[  937.539346][T18376] RBP: 00007f3ca0e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  937.539366][T18376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  937.539385][T18376] R13: 0000000000000000 R14: 00007f3ca0fa6160 R15: 00007ffc12fc53b8
[  937.539424][T18376]  </TASK>
[  938.722789][T18311] Bluetooth: hci6: command 0x0c1a tx timeout
[  938.732402][T18311] Bluetooth: hci5: command 0x0c1a tx timeout
[  938.732433][   T54] Bluetooth: hci3: command 0x0c1a tx timeout
[  938.738463][T18311] Bluetooth: hci0: command 0x0419 tx timeout
[  938.746346][ T5841] Bluetooth: hci2: command 0x0c1a tx timeout
[  938.831590][   T29] audit: type=1806 audit(2053.830:12): xattr="" res=-22
[  938.917587][T18405] netlink: 342 bytes leftover after parsing attributes in process `syz.5.2582'.
[  939.223845][T18412] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2585'.
[  940.802350][   T54] Bluetooth: hci0: command 0x0419 tx timeout
[  940.994666][   T29] audit: type=1800 audit(2056.000:13): pid=18453 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.2592" name="dbroot" dev="configfs" ino=80372 res=0 errno=0
[  943.901495][T18510] warning: `syz.2.2605' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  944.294638][T18517] FAULT_INJECTION: forcing a failure.
[  944.294638][T18517] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  944.374261][T18517] CPU: 1 UID: 0 PID: 18517 Comm: syz.6.2607 Not tainted 6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  944.374309][T18517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  944.374331][T18517] Call Trace:
[  944.374341][T18517]  <TASK>
[  944.374354][T18517]  dump_stack_lvl+0x16c/0x1f0
[  944.374401][T18517]  should_fail_ex+0x50a/0x650
[  944.374466][T18517]  _copy_from_user+0x2e/0xd0
[  944.374503][T18517]  restore_altstack+0x94/0x170
[  944.374544][T18517]  ? __pfx_restore_altstack+0x10/0x10
[  944.374586][T18517]  ? _raw_spin_unlock_irq+0x23/0x50
[  944.374621][T18517]  ? lockdep_hardirqs_on+0x7c/0x110
[  944.374661][T18517]  ? _raw_spin_unlock_irq+0x2e/0x50
[  944.374695][T18517]  ? set_current_blocked+0xdd/0x120
[  944.374742][T18517]  __do_sys_rt_sigreturn+0x13d/0x240
[  944.374782][T18517]  ? __pfx___do_sys_rt_sigreturn+0x10/0x10
[  944.374841][T18517]  do_syscall_64+0xcd/0x250
[  944.374886][T18517]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  944.374932][T18517] RIP: 0033:0x7f3ca0d28fb9
[  944.374959][T18517] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[  944.374992][T18517] RSP: 002b:00007f3ca1b7da80 EFLAGS: 00000246 ORIG_RAX: 000000000000000f
[  944.375024][T18517] RAX: ffffffffffffffda RBX: 00007f3ca0fa6160 RCX: 00007f3ca0d28fb9
[  944.375047][T18517] RDX: 00007f3ca1b7da80 RSI: 00007f3ca1b7dbb0 RDI: 0000000000000011
[  944.375068][T18517] RBP: 00007f3ca0e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  944.375089][T18517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  944.375110][T18517] R13: 0000000000000000 R14: 00007f3ca0fa6160 R15: 00007ffc12fc53b8
[  944.375150][T18517]  </TASK>
[  945.089665][T18526] nbd: must specify a size in bytes for the device
[  945.450970][T18532] FAULT_INJECTION: forcing a failure.
[  945.450970][T18532] name failslab, interval 1, probability 0, space 0, times 0
[  945.503943][T18532] CPU: 1 UID: 0 PID: 18532 Comm: syz.3.2611 Not tainted 6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  945.503988][T18532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  945.504008][T18532] Call Trace:
[  945.504019][T18532]  <TASK>
[  945.504031][T18532]  dump_stack_lvl+0x16c/0x1f0
[  945.504076][T18532]  should_fail_ex+0x50a/0x650
[  945.504124][T18532]  ? fs_reclaim_acquire+0xae/0x150
[  945.504169][T18532]  should_failslab+0xc2/0x120
[  945.504199][T18532]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  945.504248][T18532]  ? __xlate_proc_name+0x173/0x210
[  945.504297][T18532]  ? __proc_create+0x2c0/0x8b0
[  945.504347][T18532]  __proc_create+0x2c0/0x8b0
[  945.504394][T18532]  ? __pfx___proc_create+0x10/0x10
[  945.504440][T18532]  ? _raw_write_unlock+0x28/0x50
[  945.504482][T18532]  ? proc_register+0x314/0x5f0
[  945.504565][T18532]  _proc_mkdir+0xbb/0x200
[  945.504598][T18532]  ? __pfx__proc_mkdir+0x10/0x10
[  945.504627][T18532]  ? kmem_cache_alloc_noprof+0x279/0x3d0
[  945.504688][T18532]  ? __pfx_netfilter_net_init+0x10/0x10
[  945.504722][T18532]  netfilter_net_init+0x37b/0x4b0
[  945.504753][T18532]  ? sysctl_net_init+0x27/0x30
[  945.504788][T18532]  ops_init+0x1df/0x5f0
[  945.504849][T18532]  setup_net+0x21f/0x860
[  945.504899][T18532]  ? __pfx_setup_net+0x10/0x10
[  945.504943][T18532]  ? down_read_killable+0xcc/0x380
[  945.504986][T18532]  ? __pfx_down_read_killable+0x10/0x10
[  945.505028][T18532]  ? __raw_spin_lock_init+0x3a/0x110
[  945.505082][T18532]  ? debug_mutex_init+0x37/0x70
[  945.505119][T18532]  copy_net_ns+0x2b4/0x6c0
[  945.505153][T18532]  create_new_namespaces+0x3ea/0xad0
[  945.505215][T18532]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  945.505271][T18532]  ksys_unshare+0x45d/0xa40
[  945.505306][T18532]  ? __pfx_ksys_unshare+0x10/0x10
[  945.505337][T18532]  ? xfd_validate_state+0x5d/0x180
[  945.505396][T18532]  __x64_sys_unshare+0x31/0x40
[  945.505428][T18532]  do_syscall_64+0xcd/0x250
[  945.505472][T18532]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  945.505517][T18532] RIP: 0033:0x7f055ff8cde9
[  945.505543][T18532] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  945.505575][T18532] RSP: 002b:00007f055ddf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  945.505606][T18532] RAX: ffffffffffffffda RBX: 00007f05601a5fa0 RCX: 00007f055ff8cde9
[  945.505629][T18532] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  945.505648][T18532] RBP: 00007f056000e2a0 R08: 0000000000000000 R09: 0000000000000000
[  945.505668][T18532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  945.505688][T18532] R13: 0000000000000000 R14: 00007f05601a5fa0 R15: 00007ffecb3712b8
[  945.505743][T18532]  </TASK>
[  945.505757][T18532] cannot create netfilter proc entry
[  948.188106][T18571] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2620'.
[  949.638578][   T29] audit: type=1800 audit(4294969360.651:14): pid=18592 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.2624" name="lu_gp_id" dev="configfs" ino=80698 res=0 errno=0
[  952.394331][T18658] netlink: 330 bytes leftover after parsing attributes in process `syz.6.2638'.
[  952.441970][T18658] ›: renamed from hsr0 (while UP)
[  952.462033][T18658] FAULT_INJECTION: forcing a failure.
[  952.462033][T18658] name failslab, interval 1, probability 0, space 0, times 0
[  952.517130][T18658] CPU: 1 UID: 0 PID: 18658 Comm: syz.6.2638 Not tainted 6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  952.517172][T18658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  952.517191][T18658] Call Trace:
[  952.517201][T18658]  <TASK>
[  952.517214][T18658]  dump_stack_lvl+0x16c/0x1f0
[  952.517260][T18658]  should_fail_ex+0x50a/0x650
[  952.517310][T18658]  ? fs_reclaim_acquire+0xae/0x150
[  952.517355][T18658]  should_failslab+0xc2/0x120
[  952.517383][T18658]  __kmalloc_node_track_caller_noprof+0xcf/0x510
[  952.517445][T18658]  ? kstrdup_const+0x63/0x80
[  952.517481][T18658]  kstrdup+0x53/0x100
[  952.517514][T18658]  kstrdup_const+0x63/0x80
[  952.517546][T18658]  __kernfs_new_node+0x9c/0x890
[  952.517587][T18658]  ? __pfx___kernfs_new_node+0x10/0x10
[  952.517623][T18658]  ? vsnprintf+0x320/0x1180
[  952.517657][T18658]  ? lock_acquire.part.0+0x11b/0x380
[  952.517694][T18658]  ? find_held_lock+0x2d/0x110
[  952.517748][T18658]  kernfs_new_node+0x186/0x240
[  952.517796][T18658]  kernfs_create_link+0xcc/0x240
[  952.517829][T18658]  sysfs_do_create_link_sd+0x90/0x140
[  952.517869][T18658]  sysfs_create_link+0x61/0xc0
[  952.517904][T18658]  netdev_adjacent_rename_links+0x381/0x480
[  952.517946][T18658]  ? __pfx_netdev_adjacent_rename_links+0x10/0x10
[  952.518005][T18658]  dev_change_name+0x2a5/0x920
[  952.518051][T18658]  ? __pfx_dev_change_name+0x10/0x10
[  952.518089][T18658]  ? __pfx_validate_linkmsg+0x10/0x10
[  952.518129][T18658]  ? __asan_memset+0x23/0x50
[  952.518178][T18658]  do_setlink.constprop.0+0x2fe9/0x3f80
[  952.518217][T18658]  ? vprintk_emit+0x39e/0x6f0
[  952.518249][T18658]  ? __pfx_vprintk_emit+0x10/0x10
[  952.518279][T18658]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  952.518318][T18658]  ? lock_acquire.part.0+0x11b/0x380
[  952.518365][T18658]  ? __mutex_trylock_common+0xea/0x250
[  952.518420][T18658]  ? __pfx___mutex_trylock_common+0x10/0x10
[  952.518458][T18658]  ? rtnl_setlink+0x2bc/0x790
[  952.518494][T18658]  ? rcu_is_watching+0x12/0xc0
[  952.518522][T18658]  ? trace_contention_end+0xee/0x140
[  952.518562][T18658]  ? __mutex_lock+0x1cc/0xb10
[  952.518592][T18658]  ? __pfx_aa_get_newest_label+0x10/0x10
[  952.518619][T18658]  ? rcu_is_watching+0x12/0xc0
[  952.518644][T18658]  ? rtnl_setlink+0x2bc/0x790
[  952.518677][T18658]  ? trace_cap_capable+0x1a2/0x210
[  952.518705][T18658]  ? __pfx___mutex_lock+0x10/0x10
[  952.518755][T18658]  rtnl_setlink+0x3d9/0x790
[  952.518794][T18658]  ? __pfx_rtnl_setlink+0x10/0x10
[  952.518828][T18658]  ? __kasan_slab_free+0x51/0x70
[  952.518869][T18658]  ? dev_hard_start_xmit+0x9a/0x7b0
[  952.518948][T18658]  ? aa_get_newest_label+0x376/0x680
[  952.518980][T18658]  ? find_held_lock+0x2d/0x110
[  952.519016][T18658]  ? rtnetlink_rcv_msg+0x93a/0xea0
[  952.519052][T18658]  ? __pfx_lock_release+0x10/0x10
[  952.519088][T18658]  ? trace_lock_acquire+0x14e/0x1f0
[  952.519125][T18658]  ? __pfx_rtnl_setlink+0x10/0x10
[  952.519179][T18658]  rtnetlink_rcv_msg+0x95b/0xea0
[  952.519221][T18658]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  952.519277][T18658]  netlink_rcv_skb+0x16b/0x440
[  952.519315][T18658]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  952.519356][T18658]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  952.519410][T18658]  ? netlink_deliver_tap+0x1ae/0xd30
[  952.519451][T18658]  netlink_unicast+0x53c/0x7f0
[  952.519492][T18658]  ? __pfx_netlink_unicast+0x10/0x10
[  952.519530][T18658]  ? __phys_addr_symbol+0x30/0x80
[  952.519558][T18658]  ? __check_object_size+0x488/0x710
[  952.519589][T18658]  netlink_sendmsg+0x8b8/0xd70
[  952.519631][T18658]  ? __pfx_netlink_sendmsg+0x10/0x10
[  952.519679][T18658]  ____sys_sendmsg+0xaaf/0xc90
[  952.519709][T18658]  ? copy_msghdr_from_user+0x10b/0x160
[  952.519749][T18658]  ? __pfx_____sys_sendmsg+0x10/0x10
[  952.519777][T18658]  ? __lock_acquire+0xcc5/0x3c40
[  952.519818][T18658]  ? hlock_class+0x4e/0x130
[  952.519846][T18658]  ? __lock_acquire+0x15a9/0x3c40
[  952.519892][T18658]  ___sys_sendmsg+0x135/0x1e0
[  952.519933][T18658]  ? __pfx____sys_sendmsg+0x10/0x10
[  952.519971][T18658]  ? __pfx___lock_acquire+0x10/0x10
[  952.520045][T18658]  ? __pfx___might_resched+0x10/0x10
[  952.520088][T18658]  ? __might_fault+0xe3/0x190
[  952.520121][T18658]  __sys_sendmmsg+0x201/0x420
[  952.520166][T18658]  ? __pfx___sys_sendmmsg+0x10/0x10
[  952.520217][T18658]  ? __pfx_do_futex+0x10/0x10
[  952.520268][T18658]  ? xfd_validate_state+0x5d/0x180
[  952.520307][T18658]  ? rcu_is_watching+0x12/0xc0
[  952.520342][T18658]  __x64_sys_sendmmsg+0x9c/0x100
[  952.520394][T18658]  ? lockdep_hardirqs_on+0x7c/0x110
[  952.520426][T18658]  do_syscall_64+0xcd/0x250
[  952.520460][T18658]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  952.520499][T18658] RIP: 0033:0x7f3ca0d8cde9
[  952.520520][T18658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  952.520547][T18658] RSP: 002b:00007f3ca1bc0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  952.520573][T18658] RAX: ffffffffffffffda RBX: 00007f3ca0fa5fa0 RCX: 00007f3ca0d8cde9
[  952.520591][T18658] RDX: 0000000000000003 RSI: 0000400000000080 RDI: 0000000000000003
[  952.520608][T18658] RBP: 00007f3ca0e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  952.520625][T18658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  952.520642][T18658] R13: 0000000000000000 R14: 00007f3ca0fa5fa0 R15: 00007ffc12fc53b8
[  952.520675][T18658]  </TASK>
[  953.034439][    C1] vkms_vblank_simulate: vblank timer overrun
[  953.335109][T18662] netlink: 342 bytes leftover after parsing attributes in process `syz.5.2639'.
[  956.831251][T18716] FAULT_INJECTION: forcing a failure.
[  956.831251][T18716] name failslab, interval 1, probability 0, space 0, times 0
[  956.843940][T18716] CPU: 0 UID: 0 PID: 18716 Comm: syz.6.2649 Not tainted 6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  956.843978][T18716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  956.844012][T18716] Call Trace:
[  956.844021][T18716]  <TASK>
[  956.844034][T18716]  dump_stack_lvl+0x116/0x1f0
[  956.844077][T18716]  should_fail_ex+0x50a/0x650
[  956.844122][T18716]  ? trace_lock_acquire+0x14e/0x1f0
[  956.844163][T18716]  should_failslab+0xc2/0x120
[  956.844192][T18716]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  956.844242][T18716]  ? __send_signal_locked+0x159/0x12c0
[  956.844282][T18716]  ? sig_get_ucounts+0x1c0/0x5b0
[  956.844321][T18716]  __send_signal_locked+0x159/0x12c0
[  956.844370][T18716]  group_send_sig_info+0x2aa/0x300
[  956.844421][T18716]  ? __pfx_group_send_sig_info+0x10/0x10
[  956.844488][T18716]  ? kill_pid_info_type+0x21/0x2a0
[  956.844560][T18716]  kill_pid_info_type+0x92/0x2a0
[  956.844619][T18716]  kill_proc_info+0x6f/0x1b0
[  956.844663][T18716]  kill_something_info+0x2a2/0x310
[  956.844694][T18716]  ? __task_pid_nr_ns+0x186/0x500
[  956.844744][T18716]  __x64_sys_kill+0xdc/0x140
[  956.844778][T18716]  ? __pfx___x64_sys_kill+0x10/0x10
[  956.844812][T18716]  ? xfd_validate_state+0x5d/0x180
[  956.844876][T18716]  do_syscall_64+0xcd/0x250
[  956.844922][T18716]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  956.844970][T18716] RIP: 0033:0x7f3ca0d8cde9
[  956.844997][T18716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  956.845031][T18716] RSP: 002b:00007f3ca1b7e038 EFLAGS: 00000246 ORIG_RAX: 000000000000003e
[  956.845063][T18716] RAX: ffffffffffffffda RBX: 00007f3ca0fa6160 RCX: 00007f3ca0d8cde9
[  956.845086][T18716] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000068
[  956.845107][T18716] RBP: 00007f3ca0e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  956.845129][T18716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  956.845149][T18716] R13: 0000000000000000 R14: 00007f3ca0fa6160 R15: 00007ffc12fc53b8
[  956.845193][T18716]  </TASK>
[  957.156828][T18722] sg_write: data in/out 32732/87 bytes for SCSI command 0x0-- guessing data in;
[  957.156828][T18722]    program syz.5.2651 not setting count and/or reply_len properly
[  957.274124][T18722] sg_write: data in/out 32732/16086 bytes for SCSI command 0x0-- guessing data in;
[  957.274124][T18722]    program syz.5.2651 not setting count and/or reply_len properly
[  957.324727][T18719] netlink: 330 bytes leftover after parsing attributes in process `syz.5.2651'.
[  957.832330][T18730] openvswitch: netlink: VXLAN extension 64 out of range max 1
[  957.862442][T18730] netlink: 784 bytes leftover after parsing attributes in process `syz.5.2653'.
[  957.890686][T18730] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  958.521356][T18734] ptrace attach of "./syz-executor exec"[17729] was attempted by ""[18734]
[  960.447491][T18776] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2665'.
[  960.500978][T18773] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2665'.
[  964.009449][T18839] FAULT_INJECTION: forcing a failure.
[  964.009449][T18839] name fail_futex, interval 1, probability 0, space 0, times 0
[  964.024769][T18839] CPU: 1 UID: 0 PID: 18839 Comm: syz.2.2681 Not tainted 6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  964.024814][T18839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  964.024834][T18839] Call Trace:
[  964.024845][T18839]  <TASK>
[  964.024857][T18839]  dump_stack_lvl+0x16c/0x1f0
[  964.024903][T18839]  should_fail_ex+0x50a/0x650
[  964.024961][T18839]  get_futex_key+0x4a3/0x1000
[  964.025002][T18839]  ? __pfx_lock_release+0x10/0x10
[  964.025049][T18839]  ? __pfx_get_futex_key+0x10/0x10
[  964.025090][T18839]  ? lock_acquire+0x2f/0xb0
[  964.025137][T18839]  ? find_held_lock+0x2d/0x110
[  964.025184][T18839]  futex_wait_setup+0x78/0x290
[  964.025242][T18839]  __futex_wait+0x267/0x3c0
[  964.025290][T18839]  ? __pfx___futex_wait+0x10/0x10
[  964.025341][T18839]  ? try_to_wake_up+0x953/0x1490
[  964.025391][T18839]  ? __pfx_futex_wake_mark+0x10/0x10
[  964.025456][T18839]  futex_wait+0xe9/0x380
[  964.025504][T18839]  ? __pfx_futex_wait+0x10/0x10
[  964.025561][T18839]  ? __pfx_perf_event_namespaces+0x10/0x10
[  964.025611][T18839]  ? lock_acquire.part.0+0x11b/0x380
[  964.025667][T18839]  do_futex+0x22b/0x350
[  964.025707][T18839]  ? __pfx_do_futex+0x10/0x10
[  964.025762][T18839]  ? put_files_struct+0x3b/0x370
[  964.025810][T18839]  ? ksys_unshare+0x53c/0xa40
[  964.025848][T18839]  __x64_sys_futex+0x1e1/0x4c0
[  964.025892][T18839]  ? __pfx___x64_sys_futex+0x10/0x10
[  964.025947][T18839]  do_syscall_64+0xcd/0x250
[  964.025989][T18839]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  964.026035][T18839] RIP: 0033:0x7f70d9d8cde9
[  964.026059][T18839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  964.026090][T18839] RSP: 002b:00007f70dab020e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  964.026120][T18839] RAX: ffffffffffffffda RBX: 00007f70d9fa5fa8 RCX: 00007f70d9d8cde9
[  964.026142][T18839] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f70d9fa5fa8
[  964.026162][T18839] RBP: 00007f70d9fa5fa0 R08: 0000000000000000 R09: 0000000000000000
[  964.026192][T18839] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f70d9fa5fac
[  964.026213][T18839] R13: 0000000000000000 R14: 00007ffe1b020500 R15: 00007ffe1b0205e8
[  964.026253][T18839]  </TASK>
[  964.034021][T18837] block mtdblock0: the capability attribute has been deprecated.
[  965.350466][T18868] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed
[  965.403980][T18868] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff)
[  966.977649][T18901] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2695'.
[  967.999074][T18928] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2701'.
[  974.392015][T19024] kexec: Could not allocate control_code_buffer
[  974.962431][T19059] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2731'.
[  975.116132][T19062] Malformed UNC in devname
[  975.116132][T19062] 
[  975.133807][T19062] CIFS: VFS: Malformed UNC in devname
[  976.994939][T19081] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2738'.
[  977.886329][T19098] FAULT_INJECTION: forcing a failure.
[  977.886329][T19098] name failslab, interval 1, probability 0, space 0, times 0
[  977.953618][T19098] CPU: 1 UID: 0 PID: 19098 Comm: syz.3.2744 Not tainted 6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  977.953661][T19098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  977.953682][T19098] Call Trace:
[  977.953691][T19098]  <TASK>
[  977.953704][T19098]  dump_stack_lvl+0x16c/0x1f0
[  977.953748][T19098]  should_fail_ex+0x50a/0x650
[  977.953796][T19098]  ? fs_reclaim_acquire+0xae/0x150
[  977.953838][T19098]  should_failslab+0xc2/0x120
[  977.953867][T19098]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  977.953915][T19098]  ? jbd2__journal_start+0x193/0x6a0
[  977.953967][T19098]  jbd2__journal_start+0x193/0x6a0
[  977.954018][T19098]  __ext4_journal_start_sb+0x19f/0x660
[  977.954057][T19098]  ? ext4_dirty_inode+0xa1/0x130
[  977.954110][T19098]  ? __pfx_ext4_dirty_inode+0x10/0x10
[  977.954152][T19098]  ext4_dirty_inode+0xa1/0x130
[  977.954192][T19098]  ? rcu_is_watching+0x12/0xc0
[  977.954225][T19098]  __mark_inode_dirty+0x1ec/0xe50
[  977.954262][T19098]  generic_update_time+0xcf/0xf0
[  977.954296][T19098]  file_modified+0x207/0x240
[  977.954328][T19098]  ext4_punch_hole+0x34a/0x10d0
[  977.954384][T19098]  ext4_fallocate+0x9b7/0x3950
[  977.954429][T19098]  ? rcu_is_watching+0x12/0xc0
[  977.954461][T19098]  ? trace_lock_acquire+0x14e/0x1f0
[  977.954498][T19098]  ? madvise_vma_behavior+0x1c8b/0x1dd0
[  977.954557][T19098]  ? __pfx_ext4_fallocate+0x10/0x10
[  977.954606][T19098]  vfs_fallocate+0x60d/0x10d0
[  977.954658][T19098]  ? __pfx_vfs_fallocate+0x10/0x10
[  977.954706][T19098]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  977.954765][T19098]  madvise_vma_behavior+0x1c8b/0x1dd0
[  977.954809][T19098]  ? __pfx_madvise_vma_behavior+0x10/0x10
[  977.954850][T19098]  ? find_vma_prev+0xdb/0x160
[  977.954893][T19098]  ? __pfx_find_vma_prev+0x10/0x10
[  977.954950][T19098]  ? __pfx_rwsem_read_trylock+0x10/0x10
[  977.955003][T19098]  ? do_madvise+0x2b3/0x7c0
[  977.955044][T19098]  ? __pfx_madvise_vma_behavior+0x10/0x10
[  977.955087][T19098]  madvise_walk_vmas+0x1cf/0x2c0
[  977.955125][T19098]  ? __pfx_madvise_walk_vmas+0x10/0x10
[  977.955172][T19098]  do_madvise+0x366/0x7c0
[  977.955212][T19098]  ? __pfx_do_madvise+0x10/0x10
[  977.955251][T19098]  ? __x64_sys_futex+0x1e1/0x4c0
[  977.955303][T19098]  ? rcu_is_watching+0x12/0xc0
[  977.955346][T19098]  __x64_sys_madvise+0xa9/0x110
[  977.955382][T19098]  ? lockdep_hardirqs_on+0x7c/0x110
[  977.955420][T19098]  do_syscall_64+0xcd/0x250
[  977.955464][T19098]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  977.955510][T19098] RIP: 0033:0x7f055ff8cde9
[  977.955537][T19098] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  977.955570][T19098] RSP: 002b:00007f055ddf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  977.955603][T19098] RAX: ffffffffffffffda RBX: 00007f05601a5fa0 RCX: 00007f055ff8cde9
[  977.955626][T19098] RDX: 0000000000000009 RSI: 00000000000031ca RDI: 000000110c230000
[  977.955646][T19098] RBP: 00007f056000e2a0 R08: 0000000000000000 R09: 0000000000000000
[  977.955667][T19098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  977.955687][T19098] R13: 0000000000000000 R14: 00007f05601a5fa0 R15: 00007ffecb3712b8
[  977.955729][T19098]  </TASK>
[  978.603460][T19107] Invalid ELF header magic: != ELF
[  984.896507][T19145] FAULT_INJECTION: forcing a failure.
[  984.896507][T19145] name failslab, interval 1, probability 0, space 0, times 0
[  984.929648][T19145] CPU: 1 UID: 0 PID: 19145 Comm: syz.3.2754 Not tainted 6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  984.929688][T19145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  984.929707][T19145] Call Trace:
[  984.929716][T19145]  <TASK>
[  984.929729][T19145]  dump_stack_lvl+0x16c/0x1f0
[  984.929771][T19145]  should_fail_ex+0x50a/0x650
[  984.929816][T19145]  ? fs_reclaim_acquire+0xae/0x150
[  984.929854][T19145]  ? sk_prot_alloc+0x1a8/0x2a0
[  984.929888][T19145]  should_failslab+0xc2/0x120
[  984.929921][T19145]  __kmalloc_noprof+0xcb/0x510
[  984.929962][T19145]  ? find_held_lock+0x2d/0x110
[  984.929998][T19145]  sk_prot_alloc+0x1a8/0x2a0
[  984.930029][T19145]  sk_alloc+0x36/0xb90
[  984.930067][T19145]  mISDN_sock_create+0x275/0x410
[  984.930105][T19145]  __sock_create+0x335/0x8d0
[  984.930143][T19145]  __sys_socket+0x14f/0x260
[  984.930175][T19145]  ? __pfx___sys_socket+0x10/0x10
[  984.930208][T19145]  ? rcu_is_watching+0x12/0xc0
[  984.930244][T19145]  __x64_sys_socket+0x72/0xb0
[  984.930274][T19145]  ? lockdep_hardirqs_on+0x7c/0x110
[  984.930307][T19145]  do_syscall_64+0xcd/0x250
[  984.930364][T19145]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  984.930406][T19145] RIP: 0033:0x7f055ff8cde9
[  984.930449][T19145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  984.930480][T19145] RSP: 002b:00007f055ddd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  984.930511][T19145] RAX: ffffffffffffffda RBX: 00007f05601a6080 RCX: 00007f055ff8cde9
[  984.930533][T19145] RDX: 0000000000000022 RSI: 0000000000000002 RDI: 0000000000000022
[  984.930552][T19145] RBP: 00007f056000e2a0 R08: 0000000000000000 R09: 0000000000000000
[  984.930571][T19145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  984.930590][T19145] R13: 0000000000000000 R14: 00007f05601a6080 R15: 00007ffecb3712b8
[  984.930648][T19145]  </TASK>
[  985.635584][T19153] sd 0:0:1:0: PR command failed: 1026
[  985.641065][T19153] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  985.649054][T19153] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  985.659729][T19153] FAULT_INJECTION: forcing a failure.
[  985.659729][T19153] name failslab, interval 1, probability 0, space 0, times 0
[  985.672963][T19153] CPU: 0 UID: 0 PID: 19153 Comm: syz.3.2756 Not tainted 6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  985.673000][T19153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  985.673016][T19153] Call Trace:
[  985.673025][T19153]  <TASK>
[  985.673036][T19153]  dump_stack_lvl+0x16c/0x1f0
[  985.673077][T19153]  should_fail_ex+0x50a/0x650
[  985.673120][T19153]  ? fs_reclaim_acquire+0xae/0x150
[  985.673158][T19153]  should_failslab+0xc2/0x120
[  985.673185][T19153]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  985.673230][T19153]  ? security_inode_alloc+0x3b/0x2b0
[  985.673266][T19153]  security_inode_alloc+0x3b/0x2b0
[  985.673297][T19153]  inode_init_always_gfp+0xce4/0x1030
[  985.673365][T19153]  alloc_inode+0x82/0x230
[  985.673394][T19153]  sock_alloc+0x40/0x280
[  985.673443][T19153]  sock_create_lite+0x82/0x120
[  985.673493][T19153]  __netlink_kernel_create+0xbe/0x750
[  985.673532][T19153]  ? do_raw_spin_unlock+0x81/0x230
[  985.673563][T19153]  ? __pfx___netlink_kernel_create+0x10/0x10
[  985.673611][T19153]  ? fib_default_rule_add+0x342/0x420
[  985.673649][T19153]  fib_net_init+0x237/0x3d0
[  985.673680][T19153]  ? __pfx_fib_net_init+0x10/0x10
[  985.673711][T19153]  ? __pfx_nl_fib_input+0x10/0x10
[  985.673745][T19153]  ? devinet_init_net+0x5c1/0x900
[  985.673780][T19153]  ? __pfx_fib_net_init+0x10/0x10
[  985.673808][T19153]  ops_init+0x1df/0x5f0
[  985.673849][T19153]  setup_net+0x21f/0x860
[  985.673908][T19153]  ? __pfx_setup_net+0x10/0x10
[  985.673945][T19153]  ? down_read_killable+0xcc/0x380
[  985.673982][T19153]  ? __pfx_down_read_killable+0x10/0x10
[  985.674017][T19153]  ? __raw_spin_lock_init+0x3a/0x110
[  985.674062][T19153]  ? debug_mutex_init+0x37/0x70
[  985.674093][T19153]  copy_net_ns+0x2b4/0x6c0
[  985.674122][T19153]  create_new_namespaces+0x3ea/0xad0
[  985.674172][T19153]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  985.674219][T19153]  ksys_unshare+0x45d/0xa40
[  985.674247][T19153]  ? __pfx_ksys_unshare+0x10/0x10
[  985.674273][T19153]  ? xfd_validate_state+0x5d/0x180
[  985.674321][T19153]  __x64_sys_unshare+0x31/0x40
[  985.674348][T19153]  do_syscall_64+0xcd/0x250
[  985.674383][T19153]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  985.674420][T19153] RIP: 0033:0x7f055ff8cde9
[  985.674441][T19153] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  985.674467][T19153] RSP: 002b:00007f055ddf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  985.674498][T19153] RAX: ffffffffffffffda RBX: 00007f05601a5fa0 RCX: 00007f055ff8cde9
[  985.674517][T19153] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  985.674551][T19153] RBP: 00007f056000e2a0 R08: 0000000000000000 R09: 0000000000000000
[  985.674575][T19153] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  985.674592][T19153] R13: 0000000000000000 R14: 00007f05601a5fa0 R15: 00007ffecb3712b8
[  985.674625][T19153]  </TASK>
[  986.323521][T19164] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2758'.
[  986.769844][T19176] netlink: 'syz.3.2763': attribute type 1 has an invalid length.
[  986.788593][T19177] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(4.262144.1), cmd(5)
[  986.803012][T19176] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(4.262144.1), cmd(5)
[  987.957755][ T5841] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  987.972002][ T5841] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  987.980648][ T5841] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  988.000564][ T5841] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  988.010127][ T5841] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  988.018283][ T5841] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  988.619330][T19200] chnl_net:caif_netlink_parms(): no params data found
[  988.793021][T19212] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2772'.
[  988.887739][T19213] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2772'.
[  988.931005][T19200] bridge0: port 1(bridge_slave_0) entered blocking state
[  988.952200][T19200] bridge0: port 1(bridge_slave_0) entered disabled state
[  988.963342][T19200] bridge_slave_0: entered allmulticast mode
[  988.971405][T19200] bridge_slave_0: entered promiscuous mode
[  988.992095][T19200] bridge0: port 2(bridge_slave_1) entered blocking state
[  989.014767][T19200] bridge0: port 2(bridge_slave_1) entered disabled state
[  989.042870][T19200] bridge_slave_1: entered allmulticast mode
[  989.062433][T19200] bridge_slave_1: entered promiscuous mode
[  989.173660][T19200] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  989.239925][T19200] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  989.432244][T19200] team0: Port device team_slave_0 added
[  989.446184][T19200] team0: Port device team_slave_1 added
[  989.555124][T19200] batman_adv: batadv0: Adding interface: batadv_slave_0
[  989.562168][T19200] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  989.609866][T19200] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  989.668889][T19200] batman_adv: batadv0: Adding interface: batadv_slave_1
[  989.685264][T19200] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  989.772719][T19200] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  990.007692][T19200] hsr_slave_0: entered promiscuous mode
[  990.023665][T19200] hsr_slave_1: entered promiscuous mode
[  990.043617][T19200] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  990.072001][T19200] Cannot create hsr debugfs directory
[  990.083391][ T5841] Bluetooth: hci7: command tx timeout
[  990.470884][   T54] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  990.483564][   T54] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  990.492438][   T54] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  990.506905][   T54] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  990.520965][   T54] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  990.530829][   T54] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  990.850847][T19200] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  990.892163][T19200] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  990.913386][T19200] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  990.961949][T19200] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  991.154895][T19232] chnl_net:caif_netlink_parms(): no params data found
[  991.269985][T19200] 8021q: adding VLAN 0 to HW filter on device bond0
[  991.334697][T19243] warn_alloc: 1 callbacks suppressed
[  991.334719][T19243] syz.3.2779: vmalloc error: size 18446744073709551615, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1
[  991.363722][T19243] CPU: 1 UID: 0 PID: 19243 Comm: syz.3.2779 Not tainted 6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  991.363760][T19243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  991.363778][T19243] Call Trace:
[  991.363789][T19243]  <TASK>
[  991.363801][T19243]  dump_stack_lvl+0x16c/0x1f0
[  991.363843][T19243]  warn_alloc+0x24d/0x3a0
[  991.363891][T19243]  ? __pfx_warn_alloc+0x10/0x10
[  991.363943][T19243]  ? lock_acquire.part.0+0x11b/0x380
[  991.364002][T19243]  __vmalloc_node_range_noprof+0x10dc/0x1530
[  991.364044][T19243]  ? rcu_is_watching+0x12/0xc0
[  991.364076][T19243]  ? trace_contention_end+0xee/0x140
[  991.364168][T19243]  ? __mutex_lock+0x1cc/0xb10
[  991.364202][T19243]  ? tomoyo_path_number_perm+0x46d/0x590
[  991.364238][T19243]  ? dvb_dvr_do_ioctl+0x15d/0x290
[  991.364277][T19243]  ? dvb_dvr_do_ioctl+0x7e/0x290
[  991.364317][T19243]  ? __pfx___mutex_lock+0x10/0x10
[  991.364355][T19243]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  991.364399][T19243]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  991.364440][T19243]  ? do_vfs_ioctl+0x513/0x1990
[  991.364478][T19243]  ? dvb_dvr_do_ioctl+0x15d/0x290
[  991.364534][T19243]  vmalloc_noprof+0x6b/0x90
[  991.364580][T19243]  ? dvb_dvr_do_ioctl+0x15d/0x290
[  991.364621][T19243]  dvb_dvr_do_ioctl+0x15d/0x290
[  991.364668][T19243]  dvb_usercopy+0x165/0x320
[  991.364707][T19243]  ? __pfx_dvb_dvr_do_ioctl+0x10/0x10
[  991.364751][T19243]  ? __pfx_dvb_usercopy+0x10/0x10
[  991.364788][T19243]  ? __pfx_lock_release+0x10/0x10
[  991.364852][T19243]  ? __fget_files+0x206/0x3a0
[  991.364908][T19243]  dvb_dvr_ioctl+0x29/0x40
[  991.364947][T19243]  ? __pfx_dvb_dvr_ioctl+0x10/0x10
[  991.364987][T19243]  __x64_sys_ioctl+0x190/0x200
[  991.365030][T19243]  do_syscall_64+0xcd/0x250
[  991.365075][T19243]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  991.365131][T19243] RIP: 0033:0x7f055ff8cde9
[  991.365158][T19243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  991.365192][T19243] RSP: 002b:00007f055ddf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  991.365225][T19243] RAX: ffffffffffffffda RBX: 00007f05601a5fa0 RCX: 00007f055ff8cde9
[  991.365247][T19243] RDX: ffffffffffffffff RSI: 0000000000006f2d RDI: 0000000000000007
[  991.365269][T19243] RBP: 00007f056000e2a0 R08: 0000000000000000 R09: 0000000000000000
[  991.365291][T19243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  991.365311][T19243] R13: 0000000000000000 R14: 00007f05601a5fa0 R15: 00007ffecb3712b8
[  991.365353][T19243]  </TASK>
[  991.365366][T19243] Mem-Info:
[  991.630850][T19243] active_anon:14604 inactive_anon:1 isolated_anon:0
[  991.630850][T19243]  active_file:8643 inactive_file:48786 isolated_file:0
[  991.630850][T19243]  unevictable:1658 dirty:655 writeback:0
[  991.630850][T19243]  slab_reclaimable:11382 slab_unreclaimable:111523
[  991.630850][T19243]  mapped:53018 shmem:1544 pagetables:886
[  991.630850][T19243]  sec_pagetables:0 bounce:0
[  991.630850][T19243]  kernel_misc_reclaimable:0
[  991.630850][T19243]  free:1243430 free_pcp:3346 free_cma:0
[  991.688347][T19200] 8021q: adding VLAN 0 to HW filter on device team0
[  991.696284][T19243] Node 0 active_anon:58716kB inactive_anon:4kB active_file:34572kB inactive_file:195136kB unevictable:5096kB isolated(anon):0kB isolated(file):0kB mapped:212272kB dirty:2616kB writeback:0kB shmem:4840kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11492kB pagetables:3544kB sec_pagetables:0kB all_unreclaimable? no
[  991.729369][T19232] bridge0: port 1(bridge_slave_0) entered blocking state
[  991.760766][T19232] bridge0: port 1(bridge_slave_0) entered disabled state
[  991.780937][T19243] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:8kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  991.789551][T19232] bridge_slave_0: entered allmulticast mode
[  991.831967][T19232] bridge_slave_0: entered promiscuous mode
[  991.852750][T19243] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  991.898319][T19232] bridge0: port 2(bridge_slave_1) entered blocking state
[  991.906352][T19232] bridge0: port 2(bridge_slave_1) entered disabled state
[  991.913836][T19232] bridge_slave_1: entered allmulticast mode
[  991.921138][T19232] bridge_slave_1: entered promiscuous mode
[  991.935343][T17426] bridge0: port 1(bridge_slave_0) entered blocking state
[  991.942495][T17426] bridge0: port 1(bridge_slave_0) entered forwarding state
[  991.989908][T19243] lowmem_reserve[]: 0 2487 2487 0 0
[  991.996747][T19243] Node 0 
[  992.000607][T19232] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  992.027385][T19243] DMA32 free:1057668kB boost:0kB min:34152kB low:42688kB high:51224kB reserved_highatomic:0KB active_anon:58008kB inactive_anon:4kB active_file:35472kB inactive_file:195048kB unevictable:5096kB writepending:2716kB present:3129332kB managed:2547544kB mlocked:3560kB bounce:0kB free_pcp:11216kB local_pcp:340kB free_cma:0kB
[  992.074559][T19243] lowmem_reserve[]: 0 0 0 0 0
[  992.079476][T19243] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:8kB inactive_anon:0kB active_file:0kB inactive_file:88kB unevictable:0kB writepending:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:0kB free_cma:0kB
[  992.136520][T19243] lowmem_reserve[]: 0 0 0 0 0
[  992.141458][T19243] Node 1 Normal free:3901652kB boost:0kB min:55748kB low:69684kB high:83620kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:8kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:256kB local_pcp:256kB free_cma:0kB
[  992.172151][ T5841] Bluetooth: hci7: command tx timeout
[  992.197323][T19232] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  992.238845][ T3501] bridge0: port 2(bridge_slave_1) entered blocking state
[  992.246056][ T3501] bridge0: port 2(bridge_slave_1) entered forwarding state
[  992.292759][T19243] lowmem_reserve[]: 0 0 0 0 0
[  992.297604][T19243] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  992.354266][T19232] team0: Port device team_slave_0 added
[  992.382743][T19243] Node 0 DMA32: 659*4kB (ME) 1296*8kB (UME) 885*16kB (ME) 391*32kB (UME) 341*64kB (ME) 165*128kB (UME) 113*256kB (UME) 52*512kB (ME) 42*1024kB (UME) 25*2048kB (M) 203*4096kB (M) = 1063868kB
[  992.405360][T19232] team0: Port device team_slave_1 added
[  992.449458][T19243] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  992.463234][T19243] Node 1 Normal: 3*4kB (UME) 48*8kB (UME) 63*16kB (UME) 135*32kB (UME) 124*64kB (UME) 45*128kB (UME) 29*256kB (UME) 20*512kB (UM) 10*1024kB (UM) 4*2048kB (UE) 939*4096kB (UM) = 3901660kB
[  992.485441][T19243] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  992.496550][T19243] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  992.512359][T19232] batman_adv: batadv0: Adding interface: batadv_slave_0
[  992.520001][T19243] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  992.529659][T19232] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  992.529718][T19232] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  992.564726][T19200] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  992.577671][T19243] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  992.588117][T19243] 59464 total pagecache pages
[  992.593802][T19243] 26 pages in swap cache
[  992.598094][T19243] Free swap  = 124640kB
[  992.602288][T19243] Total swap = 124996kB
[  992.603407][T19200] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  992.617562][T19243] 2097051 pages RAM
[  992.621419][T19243] 0 pages HighMem/MovableOnly
[  992.626661][T19243] 428507 pages reserved
[  992.630861][T19243] 0 pages cma reserved
[  992.644023][ T5841] Bluetooth: hci8: command tx timeout
[  992.684388][T19232] batman_adv: batadv0: Adding interface: batadv_slave_1
[  992.697108][T19232] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  992.724550][T19232] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  992.851170][T19232] hsr_slave_0: entered promiscuous mode
[  992.904808][T19232] hsr_slave_1: entered promiscuous mode
[  992.911107][T19232] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  992.919628][T19232] Cannot create hsr debugfs directory
[  993.488894][T19232] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  993.532170][T19232] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  993.551976][T19232] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  993.684956][T19232] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  993.794539][T19200] 8021q: adding VLAN 0 to HW filter on device batadv0
[  994.156013][T19232] 8021q: adding VLAN 0 to HW filter on device bond0
[  994.243242][ T5841] Bluetooth: hci7: command tx timeout
[  994.264683][T19232] 8021q: adding VLAN 0 to HW filter on device team0
[  994.310559][ T3501] bridge0: port 1(bridge_slave_0) entered blocking state
[  994.317815][ T3501] bridge0: port 1(bridge_slave_0) entered forwarding state
[  994.412379][   T80] bridge0: port 2(bridge_slave_1) entered blocking state
[  994.419596][   T80] bridge0: port 2(bridge_slave_1) entered forwarding state
[  994.689956][T19200] veth0_vlan: entered promiscuous mode
[  994.735010][ T5841] Bluetooth: hci8: command tx timeout
[  994.848413][T19200] veth1_vlan: entered promiscuous mode
[  994.940286][T19200] veth0_macvtap: entered promiscuous mode
[  994.958481][T19200] veth1_macvtap: entered promiscuous mode
[  995.039838][T19200] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  995.088183][T19200] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  995.106846][T19200] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  995.119562][T19200] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  995.130102][T19200] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  995.142425][T19200] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  995.152947][T19200] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  995.164126][T19200] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  995.174946][T19200] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  995.186151][T19200] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  995.196943][T19200] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  995.208103][T19200] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  995.218639][T19200] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  995.242688][T19200] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  995.266480][T19200] batman_adv: batadv0: Interface activated: batadv_slave_0
[  995.331426][T19200] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  995.382775][T19200] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  995.402670][T19200] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  995.427262][T19200] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  995.472741][T19200] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  995.484136][T19200] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  995.502817][T19200] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  995.522761][T19200] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  995.532892][T19200] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  995.544671][T19200] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  995.559382][T19200] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  995.608074][T19200] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  995.632823][T19200] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  995.648224][T19200] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  995.675797][T19200] batman_adv: batadv0: Interface activated: batadv_slave_1
[  995.700168][T19200] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  995.735924][T19200] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  995.765137][T19200] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  995.780245][T19200] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  995.917930][T19316] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2791'.
[  996.069582][T19232] 8021q: adding VLAN 0 to HW filter on device batadv0
[  996.142965][ T9034] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  996.186151][ T9034] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  996.250820][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  996.292832][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  996.323376][ T5841] Bluetooth: hci7: command tx timeout
[  996.765248][T19232] veth0_vlan: entered promiscuous mode
[  996.797894][T19232] veth1_vlan: entered promiscuous mode
[  996.805303][ T5841] Bluetooth: hci8: command tx timeout
[  996.896716][T19232] veth0_macvtap: entered promiscuous mode
[  996.958665][T19232] veth1_macvtap: entered promiscuous mode
[  997.025343][T19232] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  997.092712][T19232] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  997.136463][T19232] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  997.175869][T19232] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  997.208610][T19232] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  997.236391][T19232] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  997.256888][T19232] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  997.280580][T19232] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  997.296781][T19232] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  997.310985][T19232] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  997.322202][T19232] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  997.333915][T19232] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  997.352436][T19232] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  997.366994][T19232] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  997.381585][T19232] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  997.393697][T19232] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  997.422438][T19232] batman_adv: batadv0: Interface activated: batadv_slave_0
[  997.434496][T19232] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  997.446057][T19232] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  997.462715][T19232] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  997.473828][T19232] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  997.474010][T19320] vivid-003: =================  START STATUS  =================
[  997.488498][T19232] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  997.509175][T19232] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  997.525207][T19320] vivid-003: Radio HW Seek Mode: Bounded
[  997.539884][T19232] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  997.555095][T19320] vivid-003: Radio Programmable HW Seek: false
[  997.568383][T19232] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  997.585981][T19320] vivid-003: RDS Rx I/O Mode: Block I/O
[  997.593820][T19232] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  997.612780][T19232] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  997.623097][T19320] vivid-003: Generate RBDS Instead of RDS: false
[  997.634986][T19232] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  997.652724][T19320] vivid-003: RDS Reception: true
[  997.658001][T19232] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  997.670324][T19320] vivid-003: RDS Program Type: 0 inactive
[  997.678709][T19232] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  997.699664][T19320] vivid-003: RDS PS Name:  inactive
[  997.705439][T19232] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  997.723840][T19320] vivid-003: RDS Radio Text:  inactive
[  997.729987][T19232] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  997.750657][T19232] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  997.765547][T19320] vivid-003: RDS Traffic Announcement: false inactive
[  997.784536][T19232] batman_adv: batadv0: Interface activated: batadv_slave_1
[  997.787598][T19320] vivid-003: RDS Traffic Program: false inactive
[  997.837020][T19232] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  997.857565][T19320] vivid-003: RDS Music: false inactive
[  997.872950][T19232] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  997.875560][T19320] vivid-003: ==================  END STATUS  ==================
[  997.886267][T19232] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  997.912728][T19232] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  998.538604][T17420] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  998.567359][T17420] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  998.657403][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  998.665668][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  998.836941][ T9034] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  998.852062][ T9034] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  998.893715][ T5841] Bluetooth: hci8: command tx timeout
[  999.041579][T19363] FAULT_INJECTION: forcing a failure.
[  999.041579][T19363] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  999.106019][T19363] CPU: 1 UID: 0 PID: 19363 Comm: syz.3.2798 Not tainted 6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[  999.106061][T19363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  999.106079][T19363] Call Trace:
[  999.106088][T19363]  <TASK>
[  999.106100][T19363]  dump_stack_lvl+0x16c/0x1f0
[  999.106143][T19363]  should_fail_ex+0x50a/0x650
[  999.106196][T19363]  _copy_from_user+0x2e/0xd0
[  999.106229][T19363]  restore_altstack+0x94/0x170
[  999.106265][T19363]  ? __pfx_restore_altstack+0x10/0x10
[  999.106302][T19363]  ? _raw_spin_unlock_irq+0x23/0x50
[  999.106332][T19363]  ? lockdep_hardirqs_on+0x7c/0x110
[  999.106385][T19363]  ? _raw_spin_unlock_irq+0x2e/0x50
[  999.106418][T19363]  ? set_current_blocked+0xdd/0x120
[  999.106464][T19363]  __do_sys_rt_sigreturn+0x13d/0x240
[  999.106503][T19363]  ? __pfx___do_sys_rt_sigreturn+0x10/0x10
[  999.106553][T19363]  do_syscall_64+0xcd/0x250
[  999.106597][T19363]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  999.106686][T19363] RIP: 0033:0x7f055ff28fb9
[  999.106712][T19363] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[  999.106745][T19363] RSP: 002b:00007f055ddb3a80 EFLAGS: 00000246 ORIG_RAX: 000000000000000f
[  999.106807][T19363] RAX: ffffffffffffffda RBX: 00007f05601a6160 RCX: 00007f055ff28fb9
[  999.106831][T19363] RDX: 00007f055ddb3a80 RSI: 00007f055ddb3bb0 RDI: 0000000000000011
[  999.106862][T19363] RBP: 00007f056000e2a0 R08: 0000000000000000 R09: 0000000000000000
[  999.106884][T19363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  999.106905][T19363] R13: 0000000000000000 R14: 00007f05601a6160 R15: 00007ffecb3712b8
[  999.106946][T19363]  </TASK>
[ 1003.363033][   T30] INFO: task syz.4.2319:17090 blocked for more than 142 seconds.
[ 1003.372406][   T30]       Not tainted 6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[ 1003.391825][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1003.411206][   T30] task:syz.4.2319      state:D stack:26160 pid:17090 tgid:17089 ppid:16391  task_flags:0x400140 flags:0x00000004
[ 1003.460927][   T30] Call Trace:
[ 1003.471097][   T30]  <TASK>
[ 1003.481295][   T30]  __schedule+0xf43/0x5890
[ 1003.485853][   T30]  ? __pfx___lock_acquire+0x10/0x10
[ 1003.491117][   T30]  ? __pfx___lock_acquire+0x10/0x10
[ 1003.507591][   T30]  ? __pfx___schedule+0x10/0x10
[ 1003.512544][   T30]  ? schedule+0x298/0x350
[ 1003.542637][   T30]  ? __pfx_lock_release+0x10/0x10
[ 1003.547791][   T30]  ? __mutex_trylock_common+0x78/0x250
[ 1003.572784][   T30]  ? lock_acquire+0x2f/0xb0
[ 1003.577388][   T30]  ? schedule+0x1fd/0x350
[ 1003.581774][   T30]  schedule+0xe7/0x350
[ 1003.604595][   T30]  schedule_preempt_disabled+0x13/0x30
[ 1003.620522][   T30]  __mutex_lock+0x6bd/0xb10
[ 1003.627148][   T30]  ? expkey_flush+0x18/0x90
[ 1003.642677][   T30]  ? __pfx___mutex_lock+0x10/0x10
[ 1003.648029][   T30]  ? do_raw_spin_unlock+0x172/0x230
[ 1003.662639][   T30]  ? _raw_spin_unlock+0x28/0x50
[ 1003.667870][   T30]  ? __pfx_cache_clean+0x10/0x10
[ 1003.682752][   T30]  ? __pfx___might_resched+0x10/0x10
[ 1003.693638][   T30]  ? __pfx_expkey_flush+0x10/0x10
[ 1003.702885][   T30]  ? expkey_flush+0x18/0x90
[ 1003.707458][   T30]  expkey_flush+0x18/0x90
[ 1003.723149][   T30]  write_flush.constprop.0+0x2a1/0x3a0
[ 1003.728734][   T30]  ? __pfx_write_flush.constprop.0+0x10/0x10
[ 1003.764516][   T30]  ? rcu_is_watching+0x12/0xc0
[ 1003.782785][   T30]  ? trace_lock_acquire+0x14e/0x1f0
[ 1003.788079][   T30]  ? __pfx_write_flush_procfs+0x10/0x10
[ 1003.812746][   T30]  proc_reg_write+0x23d/0x330
[ 1003.817523][   T30]  ? __pfx_proc_reg_write+0x10/0x10
[ 1003.842869][   T30]  vfs_write+0x24c/0x1150
[ 1003.847303][   T30]  ? __fget_files+0x1fc/0x3a0
[ 1003.852043][   T30]  ? __pfx___mutex_lock+0x10/0x10
[ 1003.872658][   T30]  ? __pfx_vfs_write+0x10/0x10
[ 1003.877534][   T30]  ? __fget_files+0x206/0x3a0
[ 1003.882284][   T30]  ksys_write+0x12b/0x250
[ 1003.922883][   T30]  ? __pfx_ksys_write+0x10/0x10
[ 1003.927847][   T30]  ? syscall_user_dispatch+0x7a/0x130
[ 1003.973544][   T30]  do_syscall_64+0xcd/0x250
[ 1003.995200][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1004.001206][   T30] RIP: 0033:0x7f612498cde9
[ 1004.052632][   T30] RSP: 002b:00007f612570d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1004.061136][   T30] RAX: ffffffffffffffda RBX: 00007f6124ba5fa0 RCX: 00007f612498cde9
[ 1004.092658][   T30] RDX: 0000000000000001 RSI: 0000400000000100 RDI: 0000000000000003
[ 1004.100716][   T30] RBP: 00007f6124a0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 1004.113826][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1004.121856][   T30] R13: 0000000000000000 R14: 00007f6124ba5fa0 R15: 00007fff79040408
[ 1004.130544][   T30]  </TASK>
[ 1004.134040][   T30] 
[ 1004.134040][   T30] Showing all locks held in the system:
[ 1004.141786][   T30] 2 locks held by kworker/u8:0/11:
[ 1004.149509][   T30]  #0: ffff88801ef23148 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0
[ 1004.174296][T19438] netlink: 'syz.8.2817': attribute type 19 has an invalid length.
[ 1004.182750][   T30]  #1: ffffc90000107d18 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0
[ 1004.195248][T19438] netlink: 114 bytes leftover after parsing attributes in process `syz.8.2817'.
[ 1004.221894][   T30] 1 lock held by khungtaskd/30:
[ 1004.227197][   T30]  #0: ffffffff8e1bcc80 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x7f/0x390
[ 1004.263855][   T30] 2 locks held by syz.0.2121/16217:
[ 1004.269133][   T30]  #0: ffffffff8ff995f0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[ 1004.292632][   T30]  #1: ffffffff8e5bfd68 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40
[ 1004.304976][   T30] 2 locks held by syz.2.2143/16304:
[ 1004.310231][   T30]  #0: ffff888032a9a0e0 (&type->s_umount_key#50){++++}-{4:4}, at: deactivate_super+0xd6/0x100
[ 1004.321117][   T30]  #1: ffffffff8e5bfd68 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0
[ 1004.342226][   T30] 3 locks held by syz.4.2319/17090:
[ 1004.351573][   T30]  #0: ffff888034a45eb8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x267/0x390
[ 1004.371549][   T30]  #1: ffff8881446ee420 (sb_writers#3){.+.+}-{0:0}, at: ksys_write+0x12b/0x250
[ 1004.392639][   T30]  #2: ffffffff8e5bfd68 (nfsd_mutex){+.+.}-{4:4}, at: expkey_flush+0x18/0x90
[ 1004.401559][   T30] 1 lock held by syz-executor/17174:
[ 1004.419944][   T30]  #0: ffffffff8e1c80f8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x1a4/0x3b0
[ 1004.431593][   T30] 2 locks held by syz-executor/17455:
[ 1004.437515][   T30]  #0: ffff888059d4e0e0 (&type->s_umount_key#50){++++}-{4:4}, at: deactivate_super+0xd6/0x100
[ 1004.448290][   T30]  #1: ffffffff8e5bfd68 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0
[ 1004.459480][   T30] 2 locks held by getty/18000:
[ 1004.464686][   T30]  #0: ffff8880317330a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[ 1004.474883][   T30]  #1: ffffc90003df52f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0xfba/0x1480
[ 1004.495430][   T30] 2 locks held by syz.5.2722/19012:
[ 1004.500680][   T30]  #0: ffffffff8ff995f0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[ 1004.509618][   T30]  #1: ffffffff8e5bfd68 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x694/0xbe0
[ 1004.532751][   T30] 2 locks held by syz.6.2732/19060:
[ 1004.538007][   T30]  #0: ffff88807a2460e0 (&type->s_umount_key#50){++++}-{4:4}, at: deactivate_super+0xd6/0x100
[ 1004.549248][   T30]  #1: ffffffff8e5bfd68 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0
[ 1004.572710][   T30] 2 locks held by syz.3.2785/19277:
[ 1004.577987][   T30] 1 lock held by syz.3.2805/19384:
[ 1004.584502][   T30] 4 locks held by syz.3.2809/19406:
[ 1004.590086][   T30]  #0: ffffffff8fee2c10 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x292/0x6c0
[ 1004.612772][   T30]  #1: ffffffff8fef88e8 (rtnl_mutex){+.+.}-{4:4}, at: caif_exit_net+0x64/0x3c0
[ 1004.621890][   T30]  #2: ffff88802fdb3580 (&caifn->caifdevs.lock){+.+.}-{4:4}, at: caif_exit_net+0x7b/0x3c0
[ 1004.642749][   T30]  #3: ffffffff8e1c80f8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x1a4/0x3b0
[ 1004.654133][   T30] 2 locks held by syz.3.2809/19407:
[ 1004.660296][   T30]  #0: ffffffff8fee2c10 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x292/0x6c0
[ 1004.682700][   T30]  #1: ffffffff8fef88e8 (rtnl_mutex){+.+.}-{4:4}, at: cangw_pernet_exit_batch+0x15/0xa0
[ 1004.693306][   T30] 
[ 1004.702995][   T30] =============================================
[ 1004.702995][   T30] 
[ 1004.711458][   T30] NMI backtrace for cpu 0
[ 1004.711474][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[ 1004.711502][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1004.711517][   T30] Call Trace:
[ 1004.711524][   T30]  <TASK>
[ 1004.711534][   T30]  dump_stack_lvl+0x116/0x1f0
[ 1004.711568][   T30]  nmi_cpu_backtrace+0x27b/0x390
[ 1004.711608][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1004.711642][   T30]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[ 1004.711685][   T30]  watchdog+0xf62/0x12b0
[ 1004.711727][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1004.711763][   T30]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1004.711793][   T30]  ? __kthread_parkme+0x148/0x220
[ 1004.711818][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1004.711856][   T30]  kthread+0x3af/0x750
[ 1004.711886][   T30]  ? __pfx_kthread+0x10/0x10
[ 1004.711919][   T30]  ? __pfx_kthread+0x10/0x10
[ 1004.711949][   T30]  ret_from_fork+0x45/0x80
[ 1004.711981][   T30]  ? __pfx_kthread+0x10/0x10
[ 1004.712011][   T30]  ret_from_fork_asm+0x1a/0x30
[ 1004.712049][   T30]  </TASK>
[ 1004.712060][   T30] Sending NMI from CPU 0 to CPUs 1:
[ 1004.833636][    C1] NMI backtrace for cpu 1
[ 1004.833653][    C1] CPU: 1 UID: 0 PID: 17174 Comm: syz-executor Not tainted 6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[ 1004.833680][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1004.833695][    C1] RIP: 0010:PageMemcgKmem+0x0/0x1f0
[ 1004.833726][    C1] Code: e9 3c fe ff ff 48 89 df e8 2d 00 0e 00 e9 09 fe ff ff 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <48> b8 00 00 00 00 00 fc ff df 55 48 8d 6f 08 53 48 89 fb 48 89 ea
[ 1004.833749][    C1] RSP: 0018:ffffc9000434fbe8 EFLAGS: 00000202
[ 1004.833768][    C1] RAX: 0000000000000001 RBX: ffffea0001292fc0 RCX: ffffffff820e5f07
[ 1004.833784][    C1] RDX: 0000000000000000 RSI: ffffffff8bd343c0 RDI: ffffea0001292fc0
[ 1004.833799][    C1] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffbfff20c4e22
[ 1004.833814][    C1] R10: ffffffff90627117 R11: 0000000000000000 R12: ffffea0001292fc0
[ 1004.833829][    C1] R13: ffff88802e7b8200 R14: 0000000000000000 R15: 0000000000000000
[ 1004.833844][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[ 1004.833866][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1004.833882][    C1] CR2: 00005596575d3088 CR3: 000000000df80000 CR4: 00000000003526f0
[ 1004.833897][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1004.833911][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1004.833925][    C1] Call Trace:
[ 1004.833932][    C1]  <NMI>
[ 1004.833940][    C1]  ? nmi_cpu_backtrace+0x1d8/0x390
[ 1004.833980][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[ 1004.834011][    C1]  ? nmi_handle+0x1ac/0x5d0
[ 1004.834046][    C1]  ? __pfx_PageMemcgKmem+0x10/0x10
[ 1004.834070][    C1]  ? default_do_nmi+0x6a/0x160
[ 1004.834112][    C1]  ? exc_nmi+0x170/0x1e0
[ 1004.834146][    C1]  ? end_repeat_nmi+0xf/0x53
[ 1004.834183][    C1]  ? trace_mm_page_free+0x37/0x180
[ 1004.834212][    C1]  ? __pfx_PageMemcgKmem+0x10/0x10
[ 1004.834237][    C1]  ? __pfx_PageMemcgKmem+0x10/0x10
[ 1004.834275][    C1]  ? __pfx_PageMemcgKmem+0x10/0x10
[ 1004.834299][    C1]  </NMI>
[ 1004.834306][    C1]  <TASK>
[ 1004.834313][    C1]  free_frozen_pages+0xfe/0xfb0
[ 1004.834347][    C1]  vfree+0x174/0x950
[ 1004.834375][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1004.834400][    C1]  ? __pfx_kcov_close+0x10/0x10
[ 1004.834432][    C1]  kcov_put+0x2a/0x40
[ 1004.834461][    C1]  kcov_close+0xd/0x20
[ 1004.834492][    C1]  __fput+0x3ff/0xb70
[ 1004.834513][    C1]  ? cleanup_mnt+0x266/0x450
[ 1004.834563][    C1]  task_work_run+0x14e/0x250
[ 1004.834597][    C1]  ? __pfx_task_work_run+0x10/0x10
[ 1004.834636][    C1]  do_exit+0xad8/0x2d70
[ 1004.834661][    C1]  ? do_group_exit+0x1c3/0x2a0
[ 1004.834688][    C1]  ? __pfx_lock_release+0x10/0x10
[ 1004.834723][    C1]  ? do_raw_spin_lock+0x12d/0x2c0
[ 1004.834746][    C1]  ? __pfx_do_exit+0x10/0x10
[ 1004.834771][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1004.834800][    C1]  do_group_exit+0xd3/0x2a0
[ 1004.834828][    C1]  __x64_sys_exit_group+0x3e/0x50
[ 1004.834855][    C1]  x64_sys_call+0x151f/0x1720
[ 1004.834883][    C1]  do_syscall_64+0xcd/0x250
[ 1004.834915][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1004.834951][    C1] RIP: 0033:0x7f70d9d8cde9
[ 1004.834970][    C1] Code: Unable to access opcode bytes at 0x7f70d9d8cdbf.
[ 1004.834982][    C1] RSP: 002b:00007ffe1b020858 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 1004.835005][    C1] RAX: ffffffffffffffda RBX: 00007f70d9e0fa8f RCX: 00007f70d9d8cde9
[ 1004.835022][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043
[ 1004.835038][    C1] RBP: 00007f70d9e0faa1 R08: 00007ffe1b01e5f7 R09: 00000000000927c0
[ 1004.835054][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006
[ 1004.835070][    C1] R13: 00000000000927c0 R14: 00000000000f4a63 R15: 00007ffe1b020a00
[ 1004.835100][    C1]  </TASK>
[ 1005.547566][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[ 1005.554489][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.14.0-rc3-syzkaller-00012-g2408a807bfc3 #0
[ 1005.565066][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1005.575170][   T30] Call Trace:
[ 1005.578485][   T30]  <TASK>
[ 1005.581448][   T30]  dump_stack_lvl+0x3d/0x1f0
[ 1005.586105][   T30]  panic+0x71d/0x800
[ 1005.590090][   T30]  ? __pfx_panic+0x10/0x10
[ 1005.594569][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[ 1005.599998][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1005.606044][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[ 1005.611495][   T30]  ? watchdog+0xdcc/0x12b0
[ 1005.615977][   T30]  ? watchdog+0xdbf/0x12b0
[ 1005.620467][   T30]  watchdog+0xddd/0x12b0
[ 1005.624779][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1005.629516][   T30]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1005.634773][   T30]  ? __kthread_parkme+0x148/0x220
[ 1005.639844][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1005.644587][   T30]  kthread+0x3af/0x750
[ 1005.648704][   T30]  ? __pfx_kthread+0x10/0x10
[ 1005.653347][   T30]  ? __pfx_kthread+0x10/0x10
[ 1005.657971][   T30]  ret_from_fork+0x45/0x80
[ 1005.662428][   T30]  ? __pfx_kthread+0x10/0x10
[ 1005.667054][   T30]  ret_from_fork_asm+0x1a/0x30
[ 1005.671859][   T30]  </TASK>
[ 1005.675222][   T30] Kernel Offset: disabled
[ 1005.679566][   T30] Rebooting in 86400 seconds..