last executing test programs:

2m33.524574975s ago: executing program 0 (id=835):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0225020000000800030080"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x20040004)
sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x5, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x5}, 0x3}, 0x40000204, 0x0)

2m33.322608196s ago: executing program 0 (id=837):
r0 = socket(0x2, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'geneve1\x00'})
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.7/usb8/bConfigurationValue\x00', 0x10b042, 0x0)
r2 = socket(0xa, 0x2, 0x73)
epoll_pwait2$auto(r2, 0x0, 0xffff8001, 0x0, 0x0, 0x8)
sendfile$auto(r1, r1, 0x0, 0x2)

2m33.01415181s ago: executing program 0 (id=838):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_TASKSTATS_CMD_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0xec}, 0x1, 0x0, 0x0, 0x4001}, 0x20000000)
r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)
read$auto(r0, 0x0, 0x1f40)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
shmctl$auto_SHM_UNLOCK(0x2, 0xc, 0x0)
keyctl$auto_KEYCTL_SET_TIMEOUT(0xf, 0x0, 0x0, 0x0, 0x0)
msgctl$auto_MSG_STAT(0x5, 0xb, 0x0)
geteuid()
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x40008000)

2m32.775997101s ago: executing program 0 (id=840):
r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r0, &(0x7f0000000080)="51426572911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde4727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aa7f1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f67f4edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb08dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e28782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1ba6ba383030730ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc054994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009a3b0424a634681b530dad9ef23f136a10c7287068e57f3c2de45adf0a105c328e0035b97168f4c17aa4610b2e6e1a6ba0b71c06417b7a9497be4a009b19d7162adfd4d7b6490faf3782a920281333ad09b848ab5f4d15534b8c4e43dc9604b0630f8d349b2c80a98fde0d460edfc0138dcc5d3974e682bbd555ac19625bf6e0607d8803391ec9c2dc41fc4e8bceae4f53507137324e2361726ae451d0ac0dd02914a067d52a577b812ddac4a34765c26a98839b3edb6290abff0c75991d6f8c1bd7540f38a7f25fec2f3539f894c938e1f3cf0ff1e6994d6a6ecc457a482f045ba712a85e8e31afd49c8e3480dc1c36d56ab2eceac6e5a847455d8ef4e3d45cd463c421bd1bc13cce2ca57dd88f0e7ab3446cdfa8cb3914c240936f1738af7009e9131b240b59af55d7e38307b91fc8f02410cfdcfacaa341607a801afa63640091eb00b860700ea882878a8d9838f5597b970366be7d167ddebfe3c9253b5dbf7f30a67ee4d87dccb3c723c20200aa5fc036caf12811b19ce49c81ce328d7b24587353ecb99bafd327e33303cf447b36800d1bed8ee10df527d55c0d5f7506fb11cb13380741135e5a8ee98a7bf3f8157986cf7c1c5dbdedaacbe3946b3d8809dec7387f006c062b93b6b481a806e5544ddeea7218fcc15c25a88164bfd0735e6290167cb2dbf4b4a317ba00b1fc27d203a6cff71ef8fe97a97d8e07af2ce1d0a0a2aa9ede7dd0572325075c83c2ecf866aa01654eff55ebe4e489e72152e6a3090e2348732704eb02997ffd23a63faabfbbbd1fb124cab606faed24a393058cea1c1286001ee5c0c1fa26b6a81ebdd4718a94cebdb45bfe812c771df398d3305da03d37ced9d0242b6da212dc9f5c14d7ff999bee20f6621792d1442e449eba8589a823e5e99c65fdffbaefe89e2e32406ec4cf574e335e2d288e4cdad56f4b1b57c364ed3e28809e480d6f410c7ebf43bd2a605d6a8c9facae6b7f8f2c56f792ae21fc0cc5dd9beae0cab3547ebb5467183c2f01bc315bd7bd191088886752dc5108093bdbc91348743440130f33d3dfa9c25490245e5fa904f8660e82253c826b7bea4e9a7a1c627e10c56d71878a644bd176016f29cf5398be14cc0fdec45c65e2b967aedb75212eed1eb05a44da62190009d1c08163b74813b82c27f1e6cd681a4b5150f967444b7bc930da68603fd706e96ba8663b2e50ef0a9b04e321a8a337b08fea7288a3fef5062c7e4c17ad3d490870d39c10b78a74eab25c993527e313a4f59d86de55aa9a8a63f734c2db556692fe993b0cd08e0ab5434c9ec02d5127354f55e6b5d5a7b61685d02edae21ece71d203abf7408211229a9ebbfdeffa2c0f38db274066d0706d80398c172e6daf4a0dce62c2287cbf0d30cfa313d7baf4e5caa18f594f0ab0d854f3cef76ff83e96fa49d0e0f8a47193b51a0a45aee2e1d9a5b372b8ee828f645a06979ec351d798480c7824e846028c02f58b5641acbae1e2079abd86182a662bb1642c9346d7fba628fb012da293acef33b8b76a8885c2e5d685348b6148c5b44409f58d8d5f29344fe8a2e4c2432ae622bb1912ea65d5574bff895025bd72cd780d59cbaa0886afd5d6676d2de6266903115525c075cc3f75ce9eba3787a890e1f758f0e502c4c9c0538dc942cf4e2d69742edeeddb66b1d459fcf6f744b2c40111104ab21fd4e99b4477e25cc5a9af59108c8b2f569d4ba227c754f294fdc1e6b383fd89861a203f4d4ee33814aeb21ee411a0d6918533aa2450b1e35c97ab6f01f3829c8a4c33fe0fbc81dd579bbdb44eda4f335d2bc512ca7f38f603c29033c94df2c9533f4422432f574a021e90a0fe3a4cf54de46e25986315b30956face49e26e8dcbcc9e1363627a9f38a2ee8304307dab4013d77f4c337551e2a6ac230788513cdd15e734263e4973c75757d9809c510977adc3be6c5b110597b09c7dad1f54e4506744710b53221e4a7982ac4c59bfae6370258b5af7864a4ca680addd736e35da579cc0e975e6cdefa3d082c8b4b10b205415c32797d9450c002895c9b405e5d7470f180f785dd601dfb7b", 0xd4f)

2m32.541681724s ago: executing program 0 (id=844):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/net/rose12/queues/rx-0/rps_cpus\x00', 0x20001, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000040), 0x0)
r1 = userfaultfd$auto(0x7)
ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f0000000080)={"0821d03d", 0x8e, 0x28, 0xa, 0x6, 0x401, "62f90aa80feac5b7d566ecb16c836d", "4000fff8", "0ce3ae63", "17dcfd6b", ["a96990a295f39dd3eb49d93a", "487b417a9181ae13ffa297d3", "c172d24c3205000000ff00", "632ba02f1eafb7a3fff420d1"]})
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/i8042/serio0/set\x00', 0x80302, 0x0)
sendfile$auto(r2, r2, 0x0, 0x3)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_clone3(&(0x7f00000004c0)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r3 = open(&(0x7f0000000200)='./file0/file0\x00', 0x191000, 0x110)
fcntl$auto(r3, 0x400, 0x1)
mmap$auto(0x0, 0x5e, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x42e681, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f00000000c0)=""/255, 0xff)
keyctl$auto(0x2000000000000016, 0x0, 0xfffffffffffffffc, 0x0, 0xc)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket(0xa, 0x1, 0x100)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/net/bond0/bonding/primary_reselect\x00', 0x1e2142, 0x0)
sendfile$auto(r5, r5, 0x0, 0x7fff)
unshare$auto(0xa4)
setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b)
r6 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x20b42, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r6, 0xc0045002, 0x0)
r7 = socket(0x10, 0x2, 0xc)
unshare$auto(0x40000080)
r8 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0)
write$auto(r8, &(0x7f0000000200)='/de\xef\xe7audio1\x00', 0xa3d9)
r9 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETPOLICY(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='q\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="4cb245184f86db27df250a000a"], 0xf8}}, 0x10004010)

2m30.445016098s ago: executing program 0 (id=852):
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0) (async)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0)
mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000) (async)
mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000)
write$auto(0x3, 0x0, 0x100082)
prctl$auto(0x35, 0x0, 0x4000000008, 0x0, 0x0)
mmap$auto(0x0, 0x7, 0xdf, 0x9b72, r0, 0x4000807c) (async)
mmap$auto(0x0, 0x7, 0xdf, 0x9b72, r0, 0x4000807c)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
socket(0x11, 0x80003, 0x300) (async)
r1 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r1, 0x107, 0x5, 0x0, 0x8004)
mmap$auto(0x0, 0x2, 0xffffffffffffffff, 0x40eb1, 0x602, 0x300000000000)
move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2) (async)
move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x82, 0x0)
r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x8000, 0x0)
read$auto(r3, 0x0, 0x9) (async)
read$auto(r3, 0x0, 0x9)
close_range$auto(0x2, 0x8, 0x0)
socket(0x1e, 0x805, 0x0)
get_mempolicy$auto(&(0x7f0000000000)=0x2, &(0x7f0000000080)=0xfffffffffffffffe, 0x80000001, 0x0, 0x4)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) (async)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
ioctl$auto(0x3, 0x40045532, 0x38)
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC1D0c\x00', 0x100, 0x0)
sendfile$auto(r2, r2, 0x0, 0x5)
openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) (async)
openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/system/cpu/cpuidle/current_driver\x00', 0x408440, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/pts/ptmx\x00', 0x8900, 0x0)
write$auto(0x3, 0x0, 0x7ffffffa)
write$auto(0x3, 0x0, 0x5c8)

2m15.391726712s ago: executing program 32 (id=852):
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0) (async)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0)
mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000) (async)
mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000)
write$auto(0x3, 0x0, 0x100082)
prctl$auto(0x35, 0x0, 0x4000000008, 0x0, 0x0)
mmap$auto(0x0, 0x7, 0xdf, 0x9b72, r0, 0x4000807c) (async)
mmap$auto(0x0, 0x7, 0xdf, 0x9b72, r0, 0x4000807c)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
socket(0x11, 0x80003, 0x300) (async)
r1 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r1, 0x107, 0x5, 0x0, 0x8004)
mmap$auto(0x0, 0x2, 0xffffffffffffffff, 0x40eb1, 0x602, 0x300000000000)
move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2) (async)
move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x82, 0x0)
r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x8000, 0x0)
read$auto(r3, 0x0, 0x9) (async)
read$auto(r3, 0x0, 0x9)
close_range$auto(0x2, 0x8, 0x0)
socket(0x1e, 0x805, 0x0)
get_mempolicy$auto(&(0x7f0000000000)=0x2, &(0x7f0000000080)=0xfffffffffffffffe, 0x80000001, 0x0, 0x4)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) (async)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
ioctl$auto(0x3, 0x40045532, 0x38)
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC1D0c\x00', 0x100, 0x0)
sendfile$auto(r2, r2, 0x0, 0x5)
openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) (async)
openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/system/cpu/cpuidle/current_driver\x00', 0x408440, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/pts/ptmx\x00', 0x8900, 0x0)
write$auto(0x3, 0x0, 0x7ffffffa)
write$auto(0x3, 0x0, 0x5c8)

8.413510452s ago: executing program 4 (id=1337):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/sound/ctl-led/speaker/mode\x00', 0x2a001, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x7)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
io_setup$auto(0x7ffe, &(0x7f0000000000))
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/igmp\x00', 0x100, 0x0)
pread64$auto(r1, 0x0, 0x8002a, 0x6)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/vivid.0/media4/model\x00', 0xa8000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000040)=""/194, 0xc2)
write$auto(r0, &(0x7f0000000040)='0\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
epoll_create$auto(0x4)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x44f, 0x7, 0x1, 0x1007181, 0x8a0d, 0x7, 0x7, 0x7, 0x89, 0x26, 0x4, 0x200000000001, 0xfffffffffffff343, 0xfffffffffffffffa, 0x500000000000000, 0x0, 0x30, 0x0, 0x864, 0xe, 0x22000, 0x9, 0x0, 0x84, [0x200, 0x2, 0x4, 0xfffffffffffffffe, 0x0, 0x401ffc, 0x0, 0xe, 0x1, 0x400, 0xfffffffffffffffd, 0x7, 0x8, 0x4, 0x6, 0x0, 0x10000000000008, 0xc329, 0x7fffffff, 0x0, 0xffffffffffffffff, 0x4, 0x31, 0x40, 0x100, 0x3006, 0x400000000005b8, 0xfffc, 0x10, 0x100, 0x4, 0x6, 0x5, 0x88e, 0x40, 0xff, 0x8, 0xa38, 0x1c0000000000000, 0x4, 0xfffffffffffffffc, 0x2, 0x8, 0x10000000006, 0xc567, 0x8200000000]}, 0x9, 0xd)
r3 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
ioctl$auto__ctl_fops_dm_ioctl(r3, 0xfffffff7effffd07, &(0x7f00000001c0))
ioctl$auto(0x3, 0xffffffff80088a02, 0x1)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/scsi/device_info\x00', 0x48041, 0x0)
write$auto_proc_reg_file_ops_compat_inode(r4, &(0x7f0000000080), 0x0)
setsockopt$auto_SO_CNX_ADVICE(r4, 0xa7c, 0x35, &(0x7f0000000200)=')\x00', 0x4)
r5 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp\x00', 0x2180, 0x0)
ioctl$auto_SNDCTL_DSP_SETSYNCRO(r5, 0x5015, &(0x7f0000000100)="20e47d321c8689434a4fc592e027240523b36472d9c46a209e48ebf2cc30146713acd97b98d99750a3d7a5eb7c50dc975a3e68b6db494cacd24ba8b619235b78b1c8c510bf755921c2bdd2376d797b170948492060d234b227b4e34d9ec06094be8b8373be3bca9a2337f0d9e27032b51d12f5eb110c1b769f66a60027aeb382fefbc80187aaab3d9437d81c648bb3dfdcb76ca0cdd9d62525f92c1f4bb60af445fd502e101733bb4fb05cbc3e4249adca67b861958af306ac3eaa164fd5a4d32528c727dc5ed45dc1ee181f")
seccomp$auto(0x3, 0x1, &(0x7f0000000000)="066c55cfc210a37fa41985933c37a812433238493c5dacbc85fef7250778565a124d62ad63")

5.782344147s ago: executing program 4 (id=1344):
r0 = openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, 0x0, 0x4e1641, 0x0)
r1 = gettid()
readv$auto(r0, &(0x7f0000000100)={&(0x7f0000000040), 0xd}, 0x8)
fcntl$auto_F_NOTIFY(r0, 0x402, r1)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x40, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000)
recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000240)={{&(0x7f00000000c0)="ee6b0f5d06457a", 0x8, &(0x7f0000000100)={&(0x7f00000001c0), 0xff}, 0x9, 0x0, 0x58d4, 0x92bd}, 0x6}, 0xf89b, 0x9, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r3 = openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, &(0x7f0000000040), 0x40081, 0x0)
ioctl$auto(r3, 0xffff, r2)
socket(0x11, 0xa, 0x9)
r4 = socket(0x2b, 0x1, 0x0)
mmap$auto(0x9, 0xb751, 0xd1, 0x14, r3, 0x2)
bind$auto(0x3, 0x0, 0x6a)
sendmmsg$auto(r4, 0x0, 0xfffffffe, 0x20000000)
openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0)
ioctl$auto_BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x1, 0x106)
socket(0xf, 0x3, 0x2)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x8000000000007, 0xd3e, 0x1, 0x948b, 0xffffffffffffffff, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x400007, 0x6d3f, 0xd, 0x6, 0xfffffffffffffffb]}, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/cpu/cpuidle/current_governor\x00', 0xa42, 0x0)
openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x8000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x1e, 0x805, 0x0)

5.628834841s ago: executing program 2 (id=1345):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/adsp1\x00', 0x1, 0x0)
ioctl$auto_SNDCTL_DSP_GETODELAY(r0, 0x80045017, &(0x7f0000000c00))
mmap$auto(0x0, 0xdb33, 0xe2, 0xeb1, 0x405, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
openat$auto_split_huge_pages_fops_huge_memory(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x40000008000)
sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800)
pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xf7s\x1cJ\x99\x00:\x00!\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0xe, 0x4)
kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x800c000, 0x4800c000, 0x800c000}, 0x4)
read$auto(0x3, 0x0, 0x7)
socket$nl_generic(0x10, 0x3, 0x10)

5.427145012s ago: executing program 1 (id=1347):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
uname$auto(0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
r0 = socket(0x2, 0x6, 0x0)
listen$auto(r0, 0x81)
mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4)
close_range$auto(0x2, 0xa, 0x0)
socket(0xa, 0x5, 0x0)
socket(0xa, 0x3, 0xff)
r1 = socket(0x2, 0x801, 0x100)
sendmsg$auto_IOAM6_CMD_NS_SET_SCHEMA(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44010}, 0x20000054)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge_slave_0\x00', <r2=>0x0})
bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_5={@target_ifindex=r2, r1, 0x9c, 0x0, 0x1, @relative_fd, 0x5}, 0x96)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x801, 0x0)
set_mempolicy$auto(0x6, &(0x7f0000000000)=0x3, 0x21)
syz_open_procfs$namespace(0x0, 0x0)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2f2)
io_uring_setup$auto(0x6, 0x0)
keyctl$auto(0x1ff, 0x3ff, 0xee00, 0x0, 0x2)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0xa, 0x10001, 0x10, 0x4, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x955b, 0x8, 0x7, 0x5}, 0x10)
epoll_create$auto(0x4)
madvise$auto(0x800000000000002, 0xffffff7fffff0004, 0x19)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x10442, 0x0)
unshare$auto(0x8000000)
semget$auto(0x40100200, 0x6, 0x8001)

4.817975426s ago: executing program 2 (id=1348):
socket(0x2b, 0x1, 0x0)
ioctl$auto(0xffffffffffffffff, 0x64c8, 0x1e2)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
unshare$auto(0x40000080)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x4, 0x0)
r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002240)='/dev/cec17\x00', 0x181680, 0x0)
ioctl$auto_CEC_DQEVENT(r0, 0xc0506107, 0x0)
ioctl$auto_CEC_DQEVENT(r0, 0xc0506107, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="72010000", @ANYRES32], 0x1ac}}, 0x4004)

4.485699357s ago: executing program 4 (id=1350):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
semctl$auto(0x7, 0x2, 0x13, 0x1)
r0 = socket(0xa, 0x801, 0x84)
getsockopt$auto(r0, 0x84, 0x10, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x2, 0x1, 0x84)
mmap$auto(0x3, 0x8000000000000001, 0x4000000000df, 0xeb1, 0x401, 0x8000)
capset$auto(0x0, 0x0)
setsockopt$auto(0x3, 0x10000000084, 0x76, 0x0, 0x8)
setsockopt$auto(0x3, 0x0, 0x2b, 0x0, 0x108)

4.226796302s ago: executing program 1 (id=1352):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/net/rose12/queues/rx-0/rps_cpus\x00', 0x20001, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000040)='\t', 0x1)
r1 = userfaultfd$auto(0x7)
ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f0000000080)={"0821d03d", 0x8e, 0x28, 0xa, 0x6, 0x401, "62f90aa80feac5b7d566ecb16c836d", "4000fff8", "0ce3ae63", "17dcfd6b", ["a96990a295f39dd3eb49d93a", "487b417a9181ae13ffa297d3", "c172d24c3205000000ff00", "632ba02f1eafb7a3fff420d1"]})
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/i8042/serio0/set\x00', 0x80302, 0x0)
sendfile$auto(r2, r2, 0x0, 0x3)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_clone3(&(0x7f00000004c0)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r3 = open(&(0x7f0000000200)='./file0/file0\x00', 0x191000, 0x110)
fcntl$auto(r3, 0x400, 0x1)
mmap$auto(0x0, 0x5e, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x42e681, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f00000000c0)=""/255, 0xff)
keyctl$auto(0x2000000000000016, 0x0, 0xfffffffffffffffc, 0x0, 0xc)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket(0xa, 0x1, 0x100)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/net/bond0/bonding/primary_reselect\x00', 0x1e2142, 0x0)
sendfile$auto(r5, r5, 0x0, 0x7fff)
unshare$auto(0xa4)
setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b)
r6 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x20b42, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r6, 0xc0045002, 0x0)
r7 = socket(0x10, 0x2, 0xc)
unshare$auto(0x40000080)
r8 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0)
write$auto(r8, &(0x7f0000000200)='/de\xef\xe7audio1\x00', 0xa3d9)
r9 = syz_genetlink_get_family_id$auto_nlctrl(0x0, 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETPOLICY(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='q\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="4cb245184f86db27df250a000a"], 0xf8}}, 0x10004010)

4.059231716s ago: executing program 4 (id=1353):
r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x100e42, 0x0)
write$auto_sg_fops_sg(r0, &(0x7f00000001c0)="bf5b1a8c24000000dbcbc7a996eea7f3804ca6c7591afff6578d2f5f520f687f316ba7327b581cd8d58309037c0ae2c7", 0x30)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000001480)='/proc/self/net/rxrpc/conns\x00', 0x501100, 0x0)
pread64$auto(r2, 0x0, 0x200000000006, 0x20fe)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0xff, 0x3, 0x8000000000018, 0xffffffffffffffff, 0x8000)
setdomainname$auto(0x0, 0x551)
syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000080), r1)
sendmsg$auto_NETDEV_CMD_NAPI_GET(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x20040001}, 0x8c0)
r3 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000000), r1)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r4 = socket(0x2, 0x6, 0x0)
r5 = getsockopt$auto(r4, 0x10d, 0x10, 0x0, &(0x7f0000000000)=0xb)
sendmsg$auto_IOAM6_CMD_ADD_SCHEMA(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000480)={0x14, r3, 0x400, 0x70bd2b, 0x25df5bfb, {0x4, 0x0, 0x900}}, 0x14}, 0x1, 0x3000700, 0x0, 0x40044}, 0x8010)
mknod$auto(&(0x7f0000000040)='./file0\x00', 0x40, 0x6c1)
ioctl$auto_SG_GET_REQUEST_TABLE(r0, 0x2286, &(0x7f0000000040))
r6 = semctl$auto_SEM_STAT(0x3, 0x3, 0x12, 0x7)
prctl$auto_PR_GET_FP_MODE(0x2e, 0xf, r6, 0xb, 0x0)
r7 = socket(0x2, 0x1, 0x106)
setsockopt$auto(r7, 0x6, 0x1, &(0x7f0000000040)='l2tp\x00', 0x7)
bind$auto(0x3, &(0x7f0000000080), 0x6d)
write$auto(r5, &(0x7f0000000180)='IOAM6\x00', 0xa18000000)

3.627683664s ago: executing program 2 (id=1354):
r0 = socket(0x28, 0x5, 0x0)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x7}, 0x3, 0x0)
bind$auto(r0, &(0x7f0000000080)=@in={0x28, 0x4e20, @broadcast}, 0x68)
mlockall$auto(0x7)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x9, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_ila(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ILA_CMD_ADD(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010028bd7000fddbdf2501"], 0x1c}}, 0x40000)
sendmsg$auto_ILA_CMD_FLUSH(r1, &(0x7f0000001f80)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000540)={0x14, r3, 0x1, 0x2, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4000004}, 0x40844)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r5 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff)
openat$auto_iommufd_fops_main(0xffffffffffffff9c, 0x0, 0x80001, 0x0)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r5], 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x400c004)
r6 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0)
clone$auto(0x8001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6)
ioprio_get$auto(0x2000000002, 0x0)
write$auto_fuse_dev_operations_fuse_i(r6, &(0x7f0000000440)="1100000005000000000000000001000000", 0x11)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x126, 0xf8, 0xffffffffffffffff, 0x8000)
r7 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)
ioctl$auto_TIOCSETD2(r7, 0x5423, 0x0)
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
r8 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r8, 0x107, 0x12, 0x0, 0x4)
close_range$auto(0x2, 0x8, 0x0)

3.383167229s ago: executing program 3 (id=1356):
socket$nl_generic(0x10, 0x3, 0x10)
open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000003c0)=""/192, 0xc0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/pcm0p/sub0/hw_params\x00', 0x1c1282, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000280)=""/65, 0x41)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x6000000, &(0x7f0000000000), 0x3)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0)
mmap$auto(0x0, 0x10000, 0x8000, 0xeb1, 0xfffffffffffffffa, 0x8000)
ppoll$auto(0x0, 0x9, 0x0, 0x0, 0x8)
madvise$auto(0x0, 0x200007, 0x19)
syz_clone3(0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0)
futex_wait$auto(0x0, 0x0, 0x7f, 0x2, 0x0, 0x1)
futex_wake$auto(0x0, 0x7, 0xfffffffb, 0x2)
sysfs$auto(0x2, 0x23, 0x0)
write$auto(0xffffffffffffffff, 0x0, 0x4)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_VERSION_SET(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24000001}, 0x4010)

2.8093631s ago: executing program 1 (id=1357):
syz_clone(0x40100100, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
r0 = socket(0x1d, 0x2, 0x7)
r1 = socket(0x2, 0xa, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r2=>0x0})
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r2}, 0x6a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'vcan0\x00', <r3=>0x0})
connect$auto(0x3, &(0x7f00000018c0)=@can={0x1d, r3}, 0x18)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xffcc}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
io_uring_setup$auto(0xa, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
mmap$auto(0x0, 0x80000400008, 0xdf, 0x13, 0x2, 0x48ff)
socket(0x2a, 0x7, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x609, 0xfffffffffffffffc, 0xffffefff, 0x800000000009b72, 0x2, 0x10000000008000)
sendmmsg$auto(0x3, 0x0, 0x9a5, 0x47ffff7a)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
write$auto(0xffffffffffffffff, 0x0, 0x81)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff)

2.652184674s ago: executing program 4 (id=1358):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000280)={{@raw, 0x0, 0x8f, 0x1, "3a2decb802497aa7605ed15fb0c8c3ac95169b44fe3b2cec328d69ee2b470aa96ecbc7741da6defcfa0c346e"}, 0x3, 0xff, 0x4, @raw=0x8, @integer64={0xf8b4, 0xf, 0x1}, "da0b801ac30c8a07880a9d364b64b63804ea957deb99b930bb49833df9493099a5e702ff609846c3e223c44fde0387679df9ec3131552aefa3cf3c8caca42975"})
mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000)
r0 = io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0xa, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}})
mmap$auto(0x0, 0x200004, 0x4000000000df, 0x15, r0, 0x300000000000)
connect$auto(0xffffffffffffffff, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/pcmC0D0p\x00', 0x480000, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
mmap$auto(0xfffffffffffffffd, 0x400, 0x800, 0x14, 0xfffffffffffffffa, 0x7)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x101400, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(r0, 0xae42, r0)
ioctl$auto(0x3, 0xae41, r1)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x181881, 0x0)
socket(0x2, 0x801, 0x100)
mmap$auto(0x0, 0xdb33, 0xe2, 0xeb1, 0x405, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
mmap$auto(0x0, 0x1ff, 0xdf, 0x200000810, 0xffffffffffffffff, 0x8000)
madvise$auto(0x0, 0x200007, 0x19)
madvise$auto(0x0, 0x2003f0, 0x15)
write$auto(0xffffffffffffffff, 0x0, 0x200002)
io_uring_setup$auto(0x6, 0x0)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x22fa02, 0x0)

2.619821824s ago: executing program 3 (id=1359):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x0)
fstat$auto(0xffffffffffffffff, &(0x7f0000000000)={0xc000, 0x80000003, 0x1, 0x100, 0x0, 0x0, 0x0, 0xffffffffffffff91, 0x8000fd3, 0x2, 0xef, 0x4, 0x80040000081, 0x6, 0x2, 0xfffffffffffffff8, 0x63})
openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socket(0x10, 0x3, 0x9)
write$auto(r0, 0x0, 0x5)
mmap$auto(0x0, 0xfff, 0xdf, 0x9b72, 0x400, 0x28000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
shmdt$auto(0x0)
madvise$auto(0x0, 0x3, 0x15)
adjtimex$auto(0x0)
mq_timedsend$auto(0xffffffffffffffff, 0x0, 0x4, 0x5, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0)
write$auto(0x3, 0x0, 0x6)
cachestat$auto(r1, 0x0, 0x0, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

1.987127814s ago: executing program 2 (id=1360):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) (async)
sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0)
pselect6$auto(0x1, 0x0, &(0x7f0000000240)={[0xf, 0x5e9, 0x8, 0x8e, 0xd, 0xfffffffffffff801, 0x2d44b40f, 0x831f, 0x4, 0xb911, 0x2, 0x81, 0x4, 0x6, 0x1, 0x5]}, 0x0, &(0x7f00000000c0)={0x4, 0x7}, 0x0) (async)
pselect6$auto(0x1, 0x0, &(0x7f0000000240)={[0xf, 0x5e9, 0x8, 0x8e, 0xd, 0xfffffffffffff801, 0x2d44b40f, 0x831f, 0x4, 0xb911, 0x2, 0x81, 0x4, 0x6, 0x1, 0x5]}, 0x0, &(0x7f00000000c0)={0x4, 0x7}, 0x0)
read$auto(r0, &(0x7f0000000100)='nl80211\x00', 0xbe62) (async)
read$auto(r0, &(0x7f0000000100)='nl80211\x00', 0xbe62)
openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/smaps\x00', 0x220001, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r1 = socket(0x2, 0x3, 0x100)
r2 = socket(0x10, 0x2, 0x0)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYRESOCT=0x0, @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030009000000060007000080000008000200", @ANYRES32=0x0, @ANYRES64=r2, @ANYRES32=0x0, @ANYBLOB="08001b"], 0x68}, 0x1, 0x0, 0x0, 0x4001}, 0x48090)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x4804)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004)
openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy17/total_ps_buffered\x00', 0x220a81, 0x0) (async)
openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy17/total_ps_buffered\x00', 0x220a81, 0x0)
write$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffffff, 0x0, 0x0) (async)
write$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc8}, 0x4, 0x0, 0xe2a1, 0x9}, 0xa}, 0x3, 0x8b8)

1.61597083s ago: executing program 2 (id=1361):
r0 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000001000)='/dev/loop5\x00', 0x40, 0x0)
ioctl$auto_BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000001040)={"23eb1cc7ffaa3115a2dec531678b36b23cf9d72dbd7f1bc81cf095baa2c7d9f6", 0x4, 0x3, 0x80000, 0x6, 0x1})
mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x404, 0x8000)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf250300000006000600810000000600070000800000060006000e0000000a00050000000000000000000a00010000000000000000000a000500aaaaaaaaaa400000080003003e00000008000200", @ANYRES32=0x0, @ANYBLOB="080004"], 0x68}, 0x1, 0x0, 0x0, 0x20040084}, 0x40090)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0xa, 0x2, 0x73)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
socket(0x1, 0x1, 0x0)
bind$auto(0x3, 0x0, 0x6b)
listen$auto(0x3, 0x81)
listen$auto(0x3, 0x81)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="72010000", @ANYRES16], 0x1ac}}, 0x4104)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
ioctl$auto_RTC_UIE_ON(r0, 0x7003, 0x0)
mmap$auto(0xfffffffffffffffe, 0x402000a, 0x6, 0xeb1, 0x401, 0x7ffc)
r2 = prctl$auto(0x7, 0x2, 0x4, 0x7, 0x204)
r3 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
ioctl$auto_dvb_demux_fops_dmxdev(r3, 0x6f2d, 0x0)
symlink$auto(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000040)='./file0\x00')
r4 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/input/event0\x00', 0x410000, 0x0)
sendmsg$auto_L2TP_CMD_TUNNEL_DELETE(r4, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000100)={&(0x7f0000000240)={0x120, 0x0, 0x2, 0x70bd27, 0x25dfdbfc, {}, [@L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x7ca}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x2}, @L2TP_ATTR_MRU={0x6, 0x1d, 0xf}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @empty}, @L2TP_ATTR_SEND_SEQ={0x5}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x7}, @L2TP_ATTR_NONE={0x80, 0x0, "6ee451a9e5044a8a775e9b5da55a42d3b79ab994010376a90b0deeac212293ef5dd96fe87df8dc7fee1313b85e2e8455f74df45986a4d45283c7d86a9cf3db52847c4b1dbd188cf9135b859a8a0de26c0341d53d4067fe1b3f0091007d63a10965f5832d9cbb413d28b7fb0088e291a65992af28fef545cfc19756ab"}, @L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x7}, @L2TP_ATTR_NONE={0x47, 0x0, "81208ca5c2c327d794332171c9c59f771a9d037b0e69fea61405f86c928e9b6d4bae84d46e9fc036b98bae303cae1e89da73f7afd28b4169e7addb0b6f15cd8fc733ea"}]}, 0x120}, 0x1, 0x0, 0x0, 0x1}, 0x40000)
ioctl$auto_SNDRV_TIMER_IOCTL_CREATE(r2, 0xc02054a5, &(0x7f0000000380)={0x3, r3, 0x7f, "11e92405f2d1132594b40d555b3fe0d0"})
syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000400), r4)

1.599935854s ago: executing program 1 (id=1362):
socket(0x2b, 0x1, 0x0)
ioctl$auto(0xffffffffffffffff, 0x64c8, 0x1e2)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
unshare$auto(0x40000080)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x4, 0x0)
r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002240)='/dev/cec17\x00', 0x181680, 0x0)
ioctl$auto_CEC_DQEVENT(r0, 0xc0506107, 0x0)
ioctl$auto_CEC_DQEVENT(r0, 0xc0506107, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="72010000", @ANYRES32], 0x1ac}}, 0x4004)

1.184393972s ago: executing program 3 (id=1363):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
fcntl$auto_F_OFD_SETLK(r0, 0x25, 0x0)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), r0)
sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010029bd7000fedbdf252f000000180001801400020076657468315f766c616e"], 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x4040000)
socket(0x10, 0x3, 0x9)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/net\x00')
mmap$auto(0x0, 0x7f, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = open$dir(&(0x7f0000000000)='./file0\x00', 0x42, 0x20)
open_tree$auto(r2, 0x0, 0x1001)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x29, 0x5, 0x0)
socket(0x1d, 0x2, 0x7)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1d, 0x2, 0x7)
socketpair$auto(0x1e, 0x1, 0x0, 0x0)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)
ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0)
ioctl$auto_TIOCSTI2(r3, 0x5412, &(0x7f00000000c0)="41d4b8fa")
pipe$auto(0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fb\x00', 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x15, 0x5, 0x0)
r5 = socket(0x10, 0x2, 0xc)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="18000000", @ANYRES8=r5, @ANYRES8=r4, @ANYRESDEC], 0x18}, 0x1, 0x0, 0x0, 0xc000}, 0x80)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
semctl$auto_GETALL(0x8, 0x7, 0xd, 0x3)

712.813446ms ago: executing program 3 (id=1364):
openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x2, 0x0)
mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000)
statmount$auto(0x0, &(0x7f0000000040)={0x0, 0x0, 0x38, 0xffffff01, 0x9, 0x9, 0x80000009, 0x7, 0x8, 0x5, 0xd, 0x7e, 0x2, 0x8, 0x5, 0xf, 0xffffffffffffffff, 0x9, 0x1, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x4, 0x0, 0x0, 0x0, 0x3, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x400000]}, 0x800, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
r0 = io_uring_setup$auto(0x40000008, &(0x7f0000000140)={0x3ff, 0x3, 0x9, 0x10001, 0xc, 0xc07, <r1=>0xffffffffffffffff, [0x7fd, 0x1001, 0x408], {0x9, 0x1, 0x6, 0x0, 0x420, 0x1001, 0x3fdc, 0x3, 0x5}, {0x8000002, 0x140, 0x54ed, 0x0, 0x101, 0xff, 0x7, 0xa, 0x3}})
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0x10, 0x2, 0x4)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000280), r2)
modify_ldt$auto(0x8, &(0x7f0000000380)="ecbf0a8e5f1bd70e8c7b7d5588725ee590c2ea1afa0cff4d5a94", 0x9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
remap_file_pages$auto(0x4, 0x2, 0x9, 0xb5, 0x634cda36)
rseq$auto(&(0x7f0000000300)={0xb, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x8)
fsmount$auto(r0, 0x0, 0x8)
setsockopt$auto(0x3, 0x10f, 0x10000, 0x0, 0x8)
mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffffffffffffffa, 0x8000)
semctl$auto(0xfffffff9, 0x24000, 0x1, 0xcd)
ioctl$auto_BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4)
setresuid$auto(0x0, 0x8, 0x8000)
mq_open$auto(&(0x7f00000002c0)='!\x00', 0x76d0, 0x101, 0x0)
sendmsg$auto_NL80211_CMD_LEAVE_MESH(r1, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000300)={&(0x7f0000000580)={0x16c, r3, 0x400, 0x70bd2b, 0x25dfcbfd, {}, [@NL80211_ATTR_KEY_DATA={0x1b, 0x7, "b9d593077307186875611b40268ec94734325e8fbacdde"}, @NL80211_ATTR_FREQ_FIXED={0x4}, @NL80211_ATTR_HE_CAPABILITY={0xffffffffffffffd4, 0x10d, "743d6753a4722f9bb450f94283f8e81c4c128cce2a67879ad1ab4df247991f30e43e"}, @NL80211_ATTR_RADAR_BACKGROUND={0x4}, @NL80211_ATTR_SAE_PWE={0x5, 0x12a, 0xa}, @NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST={0x6, 0xf7, {0x7, 0x9}}, @NL80211_ATTR_MESH_PEER_AID={0x6}, @NL80211_ATTR_PMKID={0xf0, 0x55, "93a4fcfddbf25cced9463c551e9613ab0f22ddfee902a9c9db73e923f595467e873b65c0e979b7eaff803b3e45483e0a879f6897a34381e2bea63595e8ee8b3297e8f27b1b43bd73dd92ee76c33cd10d888d32b0455f04b412e22984cf10c53881c427371f06ffdad45f85b63078771814178de6297a2fa8ac5f692a9e2545453f0e53ec12555e6e710949161fd77678451031526896500d584ee630cedf6d4e3ebcd7d831e58fed6b2c0586619a825fd026ab9c0c3daa5592c77d3ad68cdd5fc69d60fe51b50a8134f56559c4e2aa606c438e4b60d5f7dd6d1ecbcef502e13369c4fe2bf4f45daf63a64f97"}, @NL80211_ATTR_TIMED_OUT={0x4}]}, 0x16c}, 0x1, 0x0, 0x0, 0x200000c0}, 0x84)
sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

696.615389ms ago: executing program 2 (id=1365):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/net/rose12/queues/rx-0/rps_cpus\x00', 0x20001, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000040)='\t', 0x1)
r1 = userfaultfd$auto(0x7)
ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f0000000080)={"0821d03d", 0x8e, 0x28, 0xa, 0x6, 0x401, "62f90aa80feac5b7d566ecb16c836d", "4000fff8", "0ce3ae63", "17dcfd6b", ["a96990a295f39dd3eb49d93a", "487b417a9181ae13ffa297d3", "c172d24c3205000000ff00", "632ba02f1eafb7a3fff420d1"]})
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/i8042/serio0/set\x00', 0x80302, 0x0)
sendfile$auto(r2, r2, 0x0, 0x3)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_clone3(&(0x7f00000004c0)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r3 = open(&(0x7f0000000200)='./file0/file0\x00', 0x191000, 0x110)
fcntl$auto(r3, 0x400, 0x1)
mmap$auto(0x0, 0x5e, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x42e681, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f00000000c0)=""/255, 0xff)
keyctl$auto(0x2000000000000016, 0x0, 0xfffffffffffffffc, 0x0, 0xc)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket(0xa, 0x1, 0x100)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/net/bond0/bonding/primary_reselect\x00', 0x1e2142, 0x0)
sendfile$auto(r5, r5, 0x0, 0x7fff)
unshare$auto(0xa4)
setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b)
r6 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x20b42, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r6, 0xc0045002, 0x0)
r7 = socket(0x10, 0x2, 0xc)
unshare$auto(0x40000080)
r8 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0)
write$auto(r8, &(0x7f0000000200)='/de\xef\xe7audio1\x00', 0xa3d9)
r9 = syz_genetlink_get_family_id$auto_nlctrl(0x0, 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETPOLICY(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='q\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="4cb245184f86db27df250a000a"], 0xf8}}, 0x10004010)

623.661918ms ago: executing program 1 (id=1366):
r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r0, &(0x7f0000000080)="51426572911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde4727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aa7f1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f67f4edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb08dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e28782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1ba6ba383030730ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc054994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009a3b0424a634681b530dad9ef23f136a10c7287068e57f3c2de45adf0a105c328e0035b97168f4c17aa4610b2e6e1a6ba0b71c06417b7a9497be4a009b19d7162adfd4d7b6490faf3782a920281333ad09b848ab5f4d15534b8c4e43dc9604b0630f8d349b2c80a98fde0d460edfc0138dcc5d3974e682bbd555ac19625bf6e0607d8803391ec9c2dc41fc4e8bceae4f53507137324e2361726ae451d0ac0dd02914a067d52a577b812ddac4a34765c26a98839b3edb6290abff0c75991d6f8c1bd7540f38a7f25fec2f3539f894c938e1f3cf0ff1e6994d6a6ecc457a482f045ba712a85e8e31afd49c8e3480dc1c36d56ab2eceac6e5a847455d8ef4e3d45cd463c421bd1bc13cce2ca57dd88f0e7ab3446cdfa8cb3914c240936f1738af7009e9131b240b59af55d7e38307b91fc8f02410cfdcfacaa341607a801afa63640091eb00b860700ea882878a8d9838f5597b970366be7d167ddebfe3c9253b5dbf7f30a67ee4d87dccb3c723c20200aa5fc036caf12811b19ce49c81ce328d7b24587353ecb99bafd327e33303cf447b36800d1bed8ee10df527d55c0d5f7506fb11cb13380741135e5a8ee98a7bf3f8157986cf7c1c5dbdedaacbe3946b3d8809dec7387f006c062b93b6b481a806e5544ddeea7218fcc15c25a88164bfd0735e6290167cb2dbf4b4a317ba00b1fc27d203a6cff71ef8fe97a97d8e07af2ce1d0a0a2aa9ede7dd0572325075c83c2ecf866aa01654eff55ebe4e489e72152e6a3090e2348732704eb02997ffd23a63faabfbbbd1fb124cab606faed24a393058cea1c1286001ee5c0c1fa26b6a81ebdd4718a94cebdb45bfe812c771df398d3305da03d37ced9d0242b6da212dc9f5c14d7ff999bee20f6621792d1442e449eba8589a823e5e99c65fdffbaefe89e2e32406ec4cf574e335e2d288e4cdad56f4b1b57c364ed3e28809e480d6f410c7ebf43bd2a605d6a8c9facae6b7f8f2c56f792ae21fc0cc5dd9beae0cab3547ebb5467183c2f01bc315bd7bd191088886752dc5108093bdbc91348743440130f33d3dfa9c25490245e5fa904f8660e82253c826b7bea4e9a7a1c627e10c56d71878a644bd176016f29cf5398be14cc0fdec45c65e2b967aedb75212eed1eb05a44da62190009d1c08163b74813b82c27f1e6cd681a4b5150f967444b7bc930da68603fd706e96ba8663b2e50ef0a9b04e321a8a337b08fea7288a3fef5062c7e4c17ad3d490870d39c10b78a74eab25c993527e313a4f59d86de55aa9a8a63f734c2db556692fe993b0cd08e0ab5434c9ec02d5127354f55e6b5d5a7b61685d02edae21ece71d203abf7408211229a9ebbfdeffa2c0f38db274066d0706d80398c172e6daf4a0dce62c2287cbf0d30cfa313d7baf4e5caa18f594f0ab0d854f3cef76ff83e96fa49d0e0f8a47193b51a0a45aee2e1d9a5b372b8ee828f645a06979ec351d798480c7824e846028c02f58b5641acbae1e2079abd86182a662bb1642c9346d7fba628fb012da293acef33b8b76a8885c2e5d685348b6148c5b44409f58d8d5f29344fe8a2e4c2432ae622bb1912ea65d5574bff895025bd72cd780d59cbaa0886afd5d6676d2de6266903115525c075cc3f75ce9eba3787a890e1f758f0e502c4c9c0538dc942cf4e2d69742edeeddb66b1d459fcf6f744b2c40111104ab21fd4e99b4477e25cc5a9af59108c8b2f569d4ba227c754f294fdc1e6b383fd89861a203f4d4ee33814aeb21ee411a0d6918533aa2450b1e35c97ab6f01f3829c8a4c33fe0fbc81dd579bbdb44eda4f335d2bc512ca7f38f603c29033c94df2c9533f4422432f574a021e90a0fe3a4cf54de46e25986315b30956face49e26e8dcbcc9e1363627a9f38a2ee8304307dab4013d77f4c337551e2a6ac230788513cdd15e734263e4973c75757d9809c510977adc3be6c5b110597b09c7dad1f54e4506744710b53221e4a7982ac4c59bfae6370258b5af7864a4ca680addd736e35da579cc0e975e6cdefa3d082c8b4b10b205415c32797d9450c002895c9b405e5d7470f180f785dd", 0xd4b) (fail_nth: 1)

468.685587ms ago: executing program 4 (id=1367):
mmap$auto(0x0, 0x9, 0x3ff57697, 0x9b72, 0xffffffffffffffff, 0x0)
close_range$auto(0x2, 0x8, 0x0)
memfd_create$auto(0x0, 0xe)
socket(0x2, 0x6, 0x0)
openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f00000000c0), 0x20a01, 0x0)
socket(0x2, 0x1, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
r0 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
r1 = geteuid()
setreuid$auto(r1, 0x0)
r2 = openat$auto_fuse_dir_operations_dir(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/virtual/bluetooth/hci7/hci7:201\x00', 0x20040, 0x0)
close_range$auto(r2, r0, 0xc9aa)
r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video56\x00', 0xa200, 0x0)
ioctl$auto(r3, 0xc0585611, r3)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000280)={'team_slave_1\x00', <r5=>0x0})
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r6, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r6)
read$auto(r6, &(0x7f0000000100)='nl80211\x00', 0xbe62)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030000020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a000500000000000000000008000200", @ANYRES32=r5, @ANYRES32=0x0, @ANYBLOB="08000300060000"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x300)

445.398556ms ago: executing program 3 (id=1368):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000840), r0)
sendmsg$auto_OVS_CT_LIMIT_CMD_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000f80)={0x68, r1, 0x1, 0x51bd2e, 0x25dfcbfb, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x4}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x50, 0x63, 0x0, 0x1, [@nested={0x4, 0x6}, @nested={0x35, 0x134, 0x0, 0x1, [@generic="d54237515a5c936d57817f7660", @nested={0x24, 0x2e, 0x0, 0x1, [@nested={0x4, 0x1e}, @typed={0xd, 0x105, 0x0, 0x0, @str='/dev/dsp\x00'}, @nested={0x4, 0x10d}, @typed={0x8, 0x90, 0x0, 0x0, @u32=0x9}]}]}, @typed={0x8, 0xd2, 0x0, 0x0, @ipv4=@rand_addr=0x64010101}, @typed={0x8, 0x38, 0x0, 0x0, @u32=0x4}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x40}, 0x4)

241.437037ms ago: executing program 3 (id=1369):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x0)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r0 = socket(0x11, 0x3, 0x9)
sendmmsg$auto(r0, &(0x7f00000006c0)={{&(0x7f0000000000), 0x5ac, &(0x7f00000000c0)={&(0x7f0000000080)="4c0300006bba861b000004000000a32457895897071b", 0x49}, 0x2, &(0x7f0000000700), 0x10000005, 0x1}, 0x5}, 0x2, 0x100)
r1 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$auto_NL802154_CMD_TRIGGER_SCAN(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000140)={&(0x7f00000014c0)=ANY=[@ANYBLOB="441000008db441335a090db70585641e5715874f15d3aa0ae1324dbb412ddd3e62496c2f5bcdd0ba476ffea639039c0b436f12511b2803b79442432720096c1cd28024775ab2b199acaa4e3de067c28695f7754a56997feaa8638532646cc6b7d211a97c5645e1a477c978f0332cc97d81910f6ff5e5d6563529570a7bb362ca0b746507b6ad8b562384a1675db8be3dd3ceda426de40e952da0fdf9cda776ff69bdb573a44f39b862a0b5b3958e773bd3", @ANYRES16=r1, @ANYBLOB="00042abd7000fedbdf252300000030102d8008004600040000000800510009000000abd35224c4a0b21b11b046dce88275c0c812836b380523b5062ce80ba01aafdcc496806f54d9c6770b156057391c9ebcd8df139a044d943e11aa1b71fbd75cf617851a51e5edadbc4f331305ed6e0d079fa5ae03aa03e7bbb8950adbff8f9673e4e8388868c905be0763e2003bffa51fcfd4a2482befec21468935e5b1b7bcb97e0512001b3680406f3cae36476877de6469392cf0c709e0d9ef3d21e98c8344231ae16bd4eed73e884644bda842f5fd79740c012cba5a0feffa88317e87b1fd29a063adc84a2dd47c9c66ad337ce93fd03ae652833b1695d0fcec1d4a20903829b9414695b52534ff501832153db72d362bd5f4f635dd55ca7b42676a34b5ea2f75ff0fb2a2cbd103f75c16e21661a3e216a9640d3d574fa12bb685e971f3694ad9305384e2b48e39422d7bcf310b798fd811beff978ce3bbb36e575348dd5024138abcfa16ea1d1329200930d2d86eac7d6f7fc0084f62a115ad28e890438a537d2f5335987da10c97b42667a5c7aafbe6d0bb28a39a94c91ef4a6b26f87fa0d3fc13191115f1790cb0d596c1e5d1724a2e20188e5335c2ba219dd84e830dc8ecb46ea98534776bfe7c274b083f86417472546b258c2227318b3737c8522fdbcb012f3e29536109841574cba9a3fe2effdf4bbda1d62dab70bdc1ccdc8d1e793a818157a4f7f06b9cc81018e0bd94641e466d143301f0b64d5d25641b5e6e64c941ae91e265ea3a9cc6f23c8d3117483e31d619d8f6bc36f6ab8694f43d86bb3de47868822602306d2200078fddaf3453ef0578e3bc9149b3b788d4c419c2603da868d07aaa77991bc3a645f8984aeb6d16817c363a7d547b48095279b688442fea2331f73246112e7f295ab5d510b9dd6e86758594d84cdf5a2544016818b407c552495ee1ba6aa2a752dc3512c5fd920d9c67f264f71c2ac3c0830c814759c3ef4c8ef36a2838f3ea7064c91f0d0823ccff0ed7f0e000cc9c2c20346f7dc4d4fcf8d10b716c9865519ee7321a5f2d25ef83ee2ceb77d9acd2608037754bee702fe10f25a5dd2166542248544a73650ccd509dd833059f5f7ed6a8d1250fc6123503bbf1a6fa852a8937b9936b3605b599547a379364e9e32feedab7ad03a14e690e6accb64e860d618ece63982a8a69930cac19fb7301ff2f06a21093503ac8684850cb370c964b36d8ecb046ed351d9ce7cc3e50071f4d323a5981473b323b5e01bb98f35aacca4cb62ac883e4b9aec63af7177c3c58cc86ddc069ec69be5ce296d4a0de786c6fb7071864c901064523a54bc21d2d6591881c976a0a1517364ddd4dc6944639ae3b56ddb0837c0f30bbeb4d03f9843993c678f97901b434db18f04886b201b97c1f02a67cbf0f2c21d0bf730aa4ce0e77afccb5efb1cb23194908a4f42e64748a7269226618e7861ca0487f626b688752f43c60cb521350196b66d5c25faef40b76b9ded8676674386690293813de2c1061c0f01bc336f116e4c78dcda8ace90f57eb988eb5cc03809a26b030fa51bf43df2e5b4b7201651bfafab1941a570fca0f47e76fa4f77e81258c7b62cbfd49e370aae43b2ebbb676cc2eda32188aa3e64f7ec78aa89f79740177eab2453a415850e1ba685f4f129e172ecd1d19ac998acc9e6d9e1910bd9d525b7a9132282c23f89bdb2227294ebeadf41ff639b6492937ce152fa4f5823db7ba137843e8b181b78dd08438c79bf953fde28f5a0aa2a8bd113ede89cb9193619e85dd6efee1039153040e857316e1841a1e64c50f60a5da8c01d8b5af5d30b5a0fb19fb3a8f385b0575b3bd72bb75592f4bd98a946c71c368f57fc85a371d087a4ed6b2507b8027a6fe3e562c4b7131479b9a94bc438dbf59030a6ae06ce0aac2e479357249bb6fe8231dca944c2371a94c560e1bc803661772a5bed71e226c98d2f499a9a67e90b8290c6f7b19a394d17e225d5117d31b2a4e5f6134614fdb46666d97026dc3d52a26748e59edd2827c3490f0cb37a2d71f554292d9b8b5aac348b8901babb8817ebef0ee53d925e5b326a1adc863630cd54c121f6c46db967a22600d59037b63915f6c5ae720e03f734306d2f0b30e37e2566478e27662344b055ecba2c739867d8b1b384818743a463f6445cb6e981ab9c7cd1f9bb83a96dfec3b822a90f8c271e61bfddce5ab0e03678f5024d8ba9f38b6093fcca37750a633355db42822eacce20733fd35500d50f100d87bdc9a82de13ad4d725e1c20b4524058a333f34a7548b4c59e09a5e95fc702ddba0ccc24924e3bf550a0ec7bf10bb7ce956ecc3fc6d2d4c90ef08999426b22a38da52d387f908072e3a37043be1991f0896179940b360196624b560769040f1a8001c5af7da8dc4081ea780932ad3ef2a00f06d1325ad753f7f5b3b05c57531fafd5bb0068de53f85cd50ea25115e2aef7bbd40df1006addd5e302fa70bc4afaa13f42fa3b1c07fbc46b22682a259831144903eff24ab5a39b808d80f1682f0b552d93d7e41ba43bf5d57adfa4e7718c71ff5723f5ebfee65e4a663ea6c615e1cb53d8c6d7919b01700aad55117bab6811a690486fbcfed0dbc6076543258d40006ce544299b7bc2d59096ee832e500fb98f6ded96dca9105463d2363f29174fc9491e7f5c4dfe6422cebf46d469b23d6cf267c1aa560baeb0c5fa1bb7ca864c3b07323535469b2ef01c08f3e8191d831f1ddcc426bde6bcbe54e4b7df58be4e440710d2a715a0f1f352f628fbd24981644b71adc28b73609cb56c214588bb4abab3752e53d819be722a624c9340f10cc62e766329654ddf020069e020837343b6cad70e5c4071af4f15be5960ee435d5865147d10af9a61e9a6edae9cbb165378c710234544dd9f6c512b50d9b9f84aa71dbf0286d4f9f8151bcb3df6568549efd4fc2c60180b5b3d39e0e05116d36ee546c76a1643fc8222504a1098285eac2b1fee72aec425e1473dfa427a91e1201749e362df34d3b3eb49caed2df7742b6e41aa27b553fc34d88efaa2126abb31e0b20b8065683bdb49cddcb2ae53b9d71627819087a385d8522826a04efd284a745df20f173c8a9864502959f4f8e1995fa9a0aae7d3fb690ada75a90a1fb151823751861b5beb3efb993c45e00ebff39e206013ec0e80c41179215d3cfd5740b976f34bf1289118aefbc3a4a7b5e48eb1e356f603a9e8218282442809b283fcb5306ed2346de6e3ea952d175d6ff8d35f2e148215fce02c5c51a0105bdbbdc6628f98428e1c98d585100187b83cc99820521e17e0eadd56cd23be2c53e8f58cf5c3e2ed3cdae5d13e4034519cac0174ae3840f2862e4fb0ed54b86436205962e52f0fd0bd5477b171d4befbba999d465dab11d77e7370c99966197fc4af73e61ac5659003a44a5a8f3ebd9178385c8695c978e311f069bbd5e722fe3e59cbcb8da67ff15d8674519e598d69c5cc3d38a769a21baa830f50390b4ebc8844f8ab18cd97378780f45fcced00b4c2116f7aaa90a6add419b01e0dbad010af924c1ce605f21a69f7bd318a1b94e927c3498247fbac38829c579134b7efabbdc53903ac8eb78db3ea569676673a2370b800c803d60305f7e55fda36d0be28f996f15d1ed0cbe70d896d7ce1b882f5a907166879d7adfc2a97cb0affe76ca4d8a9398fc6a6b5378d2eb9df673703deafc72cbc47ccc24f3dbe7a24f6fc99953feff969e9c2a5519220902967caf3552f4c83d23a055245159ae3d4029d2598a5a2e434540cbd98ac786b85e554941fd659e963cb06f1d5a80eff7784701f1eb85ba741cd5d339f270e828c1c1ff7bb168d05e6db6c291eb58377cb9f98ac07fbb6ec54729acc71508e46eaaa03e86ca3fc7066fcc2e54c9b83c5ccdeb79f232f7d53403ca6111c060fe509ebea7d8e7459796244779689bdffd01f59a0bbd3e6400dcde04a0ac3751d34bbe16e11e4a4af6e88bd4d399f51bf436160fc004443221982ff556c2e61e3145b7373169e37a99a8f7d7ee4b7f58e5d7ef60315bff2f057dfef7d23af14cbb06a06b38c045abd37eb631d9cc8e165503c51ab6f1d9123c3d1fcb6af06ad149264ba1413e6f538b358880e44cb5e824cec8b07db4f20dd12f651d257d051be6078f41424edc56f4b04967224ae7389df38a99370e7f8dbd6df27bdf43eb09de03dc7b8c1bbcac9d0457a0e4fb9cd66cf6fd0d4842deb7fffeb15eb4cd6732d34f9a04e9466a198fd49ff84624ae4c147d040c383ad1c27e28b3c6252f8f0e5de450b9c59175b7bf3f919b599330c7fcbbae10ed8bbe830250718b468f41032517e78e71a81902388b5278255a556746d6db7201a9a299d4a87465484c120560f105e71a0d265a2acb423a603303811f122165383c63073c680857f994eafa2cfd79a8afc3d833c82afdb8ba5a63b7c6cf521f66f49d993c0d47a2a9b50a3380bc6a39bdeefc5a1fbc7a80fcca6ebfcfed945784d0d8de685c22943f55254bbff2e950dfd845647359cde0fce72781cc9605050c8fd86feef01ab5ba9a1cd3d59367fbd7220bf15982eabe9fd21ed3ab2d73a515e019bc423ca182f6fe1da5d90273ad439a37a7f4239e06820627157014786d5e73a0985dd5156bd1d1ec350573d24d4d359f6f58bad922e480b07f05d62b52abb016302cdc1464d54c0419efbd7dae8c9ff48ee27007331c32e77880de10724ef16488c77fb5ff403a6339d6f1761af9cce96aa04474a3b911044e622edc7ed94d05fc8f2e96a44b219401d2bdd0c83e1f82fb9e60af82bf9473e7fc21988465ed28d910a62e9d65f1ac360284e5333db03e9382c8e21a3c9fd0ff6a96cb2b3d01211df34eb2d042e2e8a0058624c6c1674a7287603410e0beae0a23af531aacde074ae271509f1aed34e3886c013ec5513baceea522f38149b172d69bae1decb134472e784d54ae09a368f9f7cfb4e48433a4f1cbbc85cfabe64273a1b3f16236a709d65a40c38488210e1dff56babb3aca9548a63c37b5b9098a28900c0a5cccc35cdd4a35b966cf898e82e152b86d675cb334837df85f7223710fedcac5f16b56f38d94cebb018364bbc71ae3f9b8b80af35d6777fb24ef8778b6dafdae54ca8e6792530a99d2481f6233b2e8a2104f05c53b20c9ef387ce890bd80cebe53fda3844b0febf611009898fee3af092d7fef6064631f53f8ba59f20ddef7e7dce04a133bf62d2a674ea530f06f7de638645b4be935891204456408b226eb5c02256e87da90b72da5cab9da089c5803de8412d075df2a0bfa7ea4fab2da8b683363eb77b93548cca98c7c312e40d46c0be90b5304a9f94a1e1cc972558d4e5385bd639c001460fcdbf4f6a6355df192c9a79a1b62a33b3cabac0aeda42304624a94a9b986625bf7d2d28cdf1e8f8ce42c67bd1cdfc708d58b84a235bbf687679986239fefd50674f67d17fc74829b0d5f29124b162c9b51c12999d5d04088416d595168c972d249cd10248ceb89284be4f43ae6226c76ee1a82c825385f059352267f31a24f849e3b3d95d74d3a2f5b5d478c86f552420728f97918770f55fefa9107b7e019625f8e5bf32fe483f8f1b3c64aea57af9ae63c6b9d075fcdee57343e60ea797fd9d533984636c683ef2a7c84200ce78a1276c219b2b5fca121bef0075e2376a37d90fda6b4a77f980dc81871f76d3f9b50846c798be7c8fa6c126d2c07fea2b6793b2c07bdcef9795310bad02febfc342540ba8aff195588789e71d1f27d8db243552adf8f9259a662cab48540985ea956dd408444637accad789561afec942c1cb7de2fed9b2c8baa6b1a00858008002c00ac1e0001aa8702d79b4d08000b00ac1414aa0000"], 0x1044}, 0x1, 0x0, 0x0, 0x40400c0}, 0x1)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2b, 0x5, 0x2)
socket(0x2c, 0x3, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x2, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/midi2\x00', 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x109002, 0x0)
ioctl$auto_PPPIOCSMRU(r3, 0xc004743e, 0x0)
close_range$auto(0x0, 0x5, 0x0)
sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, 0x0, 0x8808)
signalfd4$auto(0xffffffff, &(0x7f0000000080)={0x8000}, 0x8, 0x0)
poll$auto(&(0x7f0000000040)={0xffffffffffffffff, 0x7, 0x8}, 0x80, 0x400400)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r4 = socket(0x2000000000000021, 0x2, 0x10000000000002)
setsockopt$auto(r4, 0x110, 0x1, 0x0, 0x4)
ioctl$auto_PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000040)={0x6, 0x0})
socket(0x2, 0x6, 0x0)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54)

0s ago: executing program 1 (id=1370):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
madvise$auto(0x0, 0xfffffffffffefffd, 0x17)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
r0 = socket(0x2b, 0x1, 0x1)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, r0, 0x48000)
madvise$auto(0x0, 0x20499d, 0x9)
r1 = socket(0x2, 0x1, 0x0)
r2 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
listen$auto(r1, 0x7)
sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1, 0xb}, 0x800009}, 0x5, 0x2000fdff)
setsockopt$auto(0x3, 0x0, 0xc8, 0xfffffffffffffffc, 0x4)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r3 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(r3, r3, 0x0)
r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi2\x00', 0xa200, 0x0)
ioctl$auto(r4, 0xc0585611, r4)
connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55)
sendmmsg$auto(r2, 0x0, 0x9a6, 0xe000)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x100000000001, 0xdb, 0x9b72, 0x5, 0x8000)
socket(0x2, 0x1, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)

kernel console output (not intermixed with test programs):


			
	
	
	
	
	
	

	
		

	


	
	

		
	
		
	
	



			








	




	



















	
	
	

	



	


		

		





	



	

	

	


	
	

		

	



	


	


		



		


		


	



	
	









	
	






	





	






		










syzkaller
syzkaller login: [  264.156067][ T7905] netlink: 40 bytes leftover after parsing attributes in process `syz.1.434'.
[  264.570137][ T7915] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7
[  265.044235][ T5851] Bluetooth: hci1: unexpected event 0x1d length: 6 > 5
[  265.677857][ T7918] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8
[  271.578230][ T7986] sp0: Synchronizing with TNC
[  273.285896][ T8008] netlink: 186 bytes leftover after parsing attributes in process `syz.0.467'.
[  273.354858][ T5851] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18
[  274.117045][ T8015] FAULT_INJECTION: forcing a failure.
[  274.117045][ T8015] name failslab, interval 1, probability 0, space 0, times 0
[  274.117142][ T8015] CPU: 0 UID: 0 PID: 8015 Comm: syz.2.470 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  274.117177][ T8015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  274.117193][ T8015] Call Trace:
[  274.117203][ T8015]  <TASK>
[  274.117214][ T8015]  dump_stack_lvl+0x16c/0x1f0
[  274.117261][ T8015]  should_fail_ex+0x512/0x640
[  274.117292][ T8015]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  274.117334][ T8015]  should_failslab+0xc2/0x120
[  274.117362][ T8015]  __kmalloc_cache_noprof+0x6a/0x3e0
[  274.117401][ T8015]  ? trace_pid_list_alloc+0x27c/0x3f0
[  274.117450][ T8015]  trace_pid_list_alloc+0x27c/0x3f0
[  274.117498][ T8015]  trace_pid_write+0x10e/0x460
[  274.117537][ T8015]  ? __pfx_trace_pid_write+0x10/0x10
[  274.117568][ T8015]  ? __pfx___mutex_lock+0x10/0x10
[  274.117612][ T8015]  ? update_last_data+0xb3/0x480
[  274.117670][ T8015]  event_pid_write.isra.0+0x3cc/0x7c0
[  274.117719][ T8015]  ? __pfx_event_pid_write.isra.0+0x10/0x10
[  274.117778][ T8015]  vfs_write+0x25c/0x1180
[  274.117816][ T8015]  ? __pfx_ftrace_event_pid_write+0x10/0x10
[  274.117885][ T8015]  ? __pfx___mutex_lock+0x10/0x10
[  274.117926][ T8015]  ? __pfx_vfs_write+0x10/0x10
[  274.117980][ T8015]  ? __fget_files+0x20e/0x3c0
[  274.118037][ T8015]  ksys_write+0x12a/0x240
[  274.118086][ T8015]  ? __pfx_ksys_write+0x10/0x10
[  274.118124][ T8015]  ? rcu_is_watching+0x12/0xc0
[  274.118173][ T8015]  do_syscall_64+0xcd/0x260
[  274.118218][ T8015]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  274.118248][ T8015] RIP: 0033:0x7efffdb8d169
[  274.118273][ T8015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  274.118301][ T8015] RSP: 002b:00007efffea54038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  274.118328][ T8015] RAX: ffffffffffffffda RBX: 00007efffdda5fa0 RCX: 00007efffdb8d169
[  274.118347][ T8015] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003
[  274.118363][ T8015] RBP: 00007efffdc0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  274.118379][ T8015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  274.118395][ T8015] R13: 0000000000000000 R14: 00007efffdda5fa0 R15: 00007ffec73b33a8
[  274.118434][ T8015]  </TASK>
[  274.749728][ T8032] netlink: 28 bytes leftover after parsing attributes in process `syz.0.474'.
[  275.157054][ T8032] team0: Port device team_slave_0 removed
[  275.254216][ T8029] netlink: 93 bytes leftover after parsing attributes in process `syz.1.468'.
[  280.721583][ T8103] sp0: Synchronizing with TNC
[  280.886682][ T8109] netlink: 93 bytes leftover after parsing attributes in process `syz.1.488'.
[  281.664826][ T8114] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  281.716739][ T8114] netlink: 28 bytes leftover after parsing attributes in process `syz.2.493'.
	

	
		
	

	
		
			
	

	
		
	

	
		
			
	

	
		
	

	
		

	
		

	


	
	

		
	
		
	
	



			








	



	

	




	


	









	





	



		

		








	







	


	



	


	


		



		


		


	



	
	









	
	






	





	






		









			
	
	
	
		

	



	
	

			
	
	

	
		

	


		

		
	
		
	
	



			








	


	

		
		

	
		



		


	
	
	
	

	




	



	










	







	
	






	





	






		









			
	

	
		
			
	

	
		

	
		

	


	
	

		
	
		
	
	



			








	




	








		



			

		

		


	



		






	

		










	
	










	
	






	





	





		








	
	

			
	

	
		

	
		

	


	
	

		
	
		
	
	



			








	



	



		











	

			

		

		


	



		






	

		










	
	






	




	
	
	






	






	






		









			

				
	


	

	

	
	

	
	

	
	

	
	

	
		
	

	
		
	

	
	
	
	
	
	
	
	

	
	

	
	

	
	

	
		
	

	
		
		


			
		
	
		

		
		
		
			
		

	


	
		
		
			



		

		
	

		
	


		
	

			
		


	
		

	


	
	

		
	
		
	
	



			








	

	
	






	







		

		

	
	
		








	
	






	




	
	
	






	






	






		














	

	
		





	
		

	


	
	

		
	
		
	
	



			








	




	





		

	
	


	


	








		










	

		










	
	













	
	






	





	






		










	
		

	


	
	

		
	
		
	
	



			








	





	










	

	














	
		
		


	

	

	













	





		






	





	
	








	





	






		









	

	
	

	
	

	
	

	
	

	
	

	
	

	
	

	
	

		
	

	
	

	
	

	
	

	

	
		

	


		

		
	
		
	
	



			








	

	


	


	

	



	






	





	
	






	




	








	

	










	

		
	

	
		

		


			

			

			

			

			

			

			

	
	

	

			

			

			

	

		

	
		

	


	
	

		
	
		
	
	



			








	

	
	


	




	
	
	
	





	


			

	
	




	
	

	
	

	
	





	
	


	
	








	






	








		











	

					
		
	
	

	

	
				
	
		


	
	

		
		


		

		

	
	
	
	



	
	
	
	

	
		

	
	


		

	
	
			
	
			
	
	
	
		

	
		

	



	
	
		

	



	
	



	
	

	
	
	


	
		

	
	
	

			
	



	
	


	

	
		

	
		

	


		

		
	
		
	
	



			








	





	






	




	







	
	















	





	






		










	



	
	



	
		

	


	
	

		
	
		
	
	



			








	

	
	



	



















	
	
		
	
			
	






	






	








		















	




	
				
	
	


		
	
	
	
		

	
		

	



	
	
		

	



	
	



	
	


	
		

	


		

		
	
		
	
	



			








	



	









	







	
	






	






	







		














	

	
		
	
	

	
		
	

	
		

	


	
	

		
	
		
	
	



			








	





	
















	
		
		


	

	











	





		






	





	
	








	






	








		











	

	
		
	

	
		
	

	
		
	

	
		

	
				
	
	



	
		
	

	
		

	
		

	


		

		
	
		
	
	



			








	



	









	



	





	
	






	





	







		















	

	
		
			

		
	
		

			
	

	
		

		
	
		

	
	
	
	
	
	
			
	

	
		
			
	

	
		
	

	
		
	

	
		

	
		

	


	
	

		
	
		
	
	



			








	





	











	




	

	

	



	
	




	
	
	
		
		
	
	

	

	






	





	





		









	
	


	

	
		

		
	
		

	

	
		
			
	
	
	
	
	
	
						
	
				


						
	

							
				


						
	
						
	
						
	

	
		
			
			


	
	

	

	
	
	
	
		
		


	

	

	
	
		
		


			

	
	
	

			

	
	
	

			



	
	

		
	





	

	





	

	









		









	

	









		






	


	

	

	

				


		
		

		
		


	

	

	
	
		
		

		
		


	

	

	
	
	
	


	
	


		
	
	


	
	


		
	
	
	

	
		

	




	



[  404.506950][ T9724] team0: Port device team_slave_1 added
[  404.688734][ T9724] batman_adv: batadv0: Adding interface: batadv_slave_0
[  404.700995][ T9724] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  404.800212][ T9724] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  404.930788][ T9724] batman_adv: batadv0: Adding interface: batadv_slave_1
[  404.973580][ T9724] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  405.015432][ T9724] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  405.301214][ T9847] netlink: 8 bytes leftover after parsing attributes in process `syz.3.949'.
[  405.372584][ T9724] hsr_slave_0: entered promiscuous mode
[  405.450048][ T9724] hsr_slave_1: entered promiscuous mode

syzkaller
syzkaller login: [  406.004069][   T55] Bluetooth: hci1: command tx timeout
[  406.491679][ T9854] sp0: Synchronizing with TNC
[  406.535260][ T9860] FAULT_INJECTION: forcing a failure.
[  406.535260][ T9860] name failslab, interval 1, probability 0, space 0, times 0
[  406.576969][ T9860] CPU: 1 UID: 0 PID: 9860 Comm: syz.1.951 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  406.577006][ T9860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  406.577021][ T9860] Call Trace:
[  406.577030][ T9860]  <TASK>
[  406.577040][ T9860]  dump_stack_lvl+0x16c/0x1f0
[  406.577080][ T9860]  should_fail_ex+0x512/0x640
[  406.577110][ T9860]  ? __kmalloc_cache_node_noprof+0x5a/0x420
[  406.577155][ T9860]  should_failslab+0xc2/0x120
[  406.577179][ T9860]  __kmalloc_cache_node_noprof+0x6d/0x420
[  406.577217][ T9860]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  406.577252][ T9860]  ? __get_vm_area_node+0x101/0x300
[  406.577291][ T9860]  __get_vm_area_node+0x101/0x300
[  406.577328][ T9860]  __vmalloc_node_range_noprof+0x277/0x1540
[  406.577377][ T9860]  ? kernel_read_file+0x6ff/0x910
[  406.577413][ T9860]  ? __lock_acquire+0xaa4/0x1ba0
[  406.577442][ T9860]  ? kernel_read_file+0x6ff/0x910
[  406.577474][ T9860]  ? __pfx__kstrtoull+0x10/0x10
[  406.577519][ T9860]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  406.577554][ T9860]  ? ima_read_file+0x142/0x1a0
[  406.577593][ T9860]  ? __pfx_ima_read_file+0x10/0x10
[  406.577634][ T9860]  ? __lock_acquire+0x5ca/0x1ba0
[  406.577657][ T9860]  ? kernel_read_file+0x6ff/0x910
[  406.577687][ T9860]  vmalloc_noprof+0x6b/0x90
[  406.577721][ T9860]  ? kernel_read_file+0x6ff/0x910
[  406.577750][ T9860]  kernel_read_file+0x6ff/0x910
[  406.577784][ T9860]  ? __pfx_kernel_read_file+0x10/0x10
[  406.577813][ T9860]  ? find_held_lock+0x2b/0x80
[  406.577847][ T9860]  ? get_pid_task+0xfc/0x250
[  406.577878][ T9860]  init_module_from_file+0xb8/0x150
[  406.577920][ T9860]  ? __pfx_init_module_from_file+0x10/0x10
[  406.577965][ T9860]  ? find_held_lock+0x2b/0x80
[  406.578013][ T9860]  ? find_held_lock+0x2b/0x80
[  406.578048][ T9860]  ? idempotent_init_module+0x5e1/0x790
[  406.578093][ T9860]  ? do_raw_spin_unlock+0x172/0x230
[  406.578126][ T9860]  idempotent_init_module+0x227/0x790
[  406.578171][ T9860]  ? __pfx_idempotent_init_module+0x10/0x10
[  406.578233][ T9860]  ? bpf_lsm_capable+0x9/0x10
[  406.578269][ T9860]  ? security_capable+0x7e/0x260
[  406.578299][ T9860]  __x64_sys_finit_module+0xbd/0x140
[  406.578328][ T9860]  do_syscall_64+0xcd/0x260
[  406.578377][ T9860]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.578405][ T9860] RIP: 0033:0x7f4f20b8d169
[  406.578427][ T9860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  406.578453][ T9860] RSP: 002b:00007f4f21a34038 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
[  406.578481][ T9860] RAX: ffffffffffffffda RBX: 00007f4f20da5fa0 RCX: 00007f4f20b8d169
[  406.578498][ T9860] RDX: 0000400000000004 RSI: 9999999999999999 RDI: 0000000000000003
[  406.578514][ T9860] RBP: 00007f4f21a34090 R08: 0000000000000000 R09: 0000000000000000
[  406.578530][ T9860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  406.578545][ T9860] R13: 0000000000000000 R14: 00007f4f20da5fa0 R15: 00007ffe8d64f6a8
[  406.578581][ T9860]  </TASK>
[  406.578593][ T9860] syz.1.951: vmalloc error: size 1792, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1
[  407.057255][ T9860] CPU: 1 UID: 0 PID: 9860 Comm: syz.1.951 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  407.057292][ T9860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  407.057308][ T9860] Call Trace:
[  407.057317][ T9860]  <TASK>
[  407.057327][ T9860]  dump_stack_lvl+0x16c/0x1f0
[  407.057368][ T9860]  warn_alloc+0x248/0x3a0
[  407.057411][ T9860]  ? __pfx_warn_alloc+0x10/0x10
[  407.057451][ T9860]  ? rcu_is_watching+0x12/0xc0
[  407.057485][ T9860]  ? trace_kmalloc+0x2b/0xd0
[  407.057510][ T9860]  ? __kmalloc_cache_node_noprof+0x272/0x420
[  407.057551][ T9860]  ? __kasan_kmalloc+0x8a/0xb0
[  407.057599][ T9860]  ? __get_vm_area_node+0x1e5/0x300
[  407.057641][ T9860]  __vmalloc_node_range_noprof+0xd31/0x1540
[  407.057682][ T9860]  ? __lock_acquire+0xaa4/0x1ba0
[  407.057711][ T9860]  ? kernel_read_file+0x6ff/0x910
[  407.057743][ T9860]  ? __pfx__kstrtoull+0x10/0x10
[  407.057788][ T9860]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  407.057823][ T9860]  ? ima_read_file+0x142/0x1a0
[  407.057858][ T9860]  ? __pfx_ima_read_file+0x10/0x10
[  407.057898][ T9860]  ? __lock_acquire+0x5ca/0x1ba0
[  407.057921][ T9860]  ? kernel_read_file+0x6ff/0x910
[  407.057949][ T9860]  vmalloc_noprof+0x6b/0x90
[  407.057980][ T9860]  ? kernel_read_file+0x6ff/0x910
[  407.058005][ T9860]  kernel_read_file+0x6ff/0x910
[  407.058037][ T9860]  ? __pfx_kernel_read_file+0x10/0x10
[  407.058066][ T9860]  ? find_held_lock+0x2b/0x80
[  407.058100][ T9860]  ? get_pid_task+0xfc/0x250
[  407.058130][ T9860]  init_module_from_file+0xb8/0x150
[  407.058173][ T9860]  ? __pfx_init_module_from_file+0x10/0x10
[  407.058215][ T9860]  ? find_held_lock+0x2b/0x80
[  407.058261][ T9860]  ? find_held_lock+0x2b/0x80
[  407.058299][ T9860]  ? idempotent_init_module+0x5e1/0x790
[  407.058342][ T9860]  ? do_raw_spin_unlock+0x172/0x230
[  407.058376][ T9860]  idempotent_init_module+0x227/0x790
[  407.058420][ T9860]  ? __pfx_idempotent_init_module+0x10/0x10
[  407.058480][ T9860]  ? bpf_lsm_capable+0x9/0x10
[  407.058517][ T9860]  ? security_capable+0x7e/0x260
[  407.058546][ T9860]  __x64_sys_finit_module+0xbd/0x140
[  407.058573][ T9860]  do_syscall_64+0xcd/0x260
[  407.058620][ T9860]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  407.058646][ T9860] RIP: 0033:0x7f4f20b8d169
[  407.058668][ T9860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  407.058692][ T9860] RSP: 002b:00007f4f21a34038 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
[  407.058718][ T9860] RAX: ffffffffffffffda RBX: 00007f4f20da5fa0 RCX: 00007f4f20b8d169
[  407.058734][ T9860] RDX: 0000400000000004 RSI: 9999999999999999 RDI: 0000000000000003
[  407.058750][ T9860] RBP: 00007f4f21a34090 R08: 0000000000000000 R09: 0000000000000000
[  407.058765][ T9860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  407.058780][ T9860] R13: 0000000000000000 R14: 00007f4f20da5fa0 R15: 00007ffe8d64f6a8
[  407.058816][ T9860]  </TASK>
[  407.063120][ T9724] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  407.092591][ T9860] Mem-Info:
[  407.409070][ T9724] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  407.416499][ T9860] active_anon:29118 inactive_anon:0 isolated_anon:0
[  407.416499][ T9860]  active_file:19964 inactive_file:39448 isolated_file:0
[  407.416499][ T9860]  unevictable:1093 dirty:620 writeback:0
[  407.416499][ T9860]  slab_reclaimable:10403 slab_unreclaimable:98719
[  407.416499][ T9860]  mapped:32107 shmem:8778 pagetables:951
[  407.416499][ T9860]  sec_pagetables:0 bounce:0
[  407.416499][ T9860]  kernel_misc_reclaimable:0
[  407.416499][ T9860]  free:1305008 free_pcp:1648 free_cma:0
[  407.416569][ T9860] Node 0 active_anon:116472kB inactive_anon:0kB active_file:79856kB inactive_file:157788kB unevictable:2836kB isolated(anon):0kB isolated(file):0kB mapped:128428kB dirty:2480kB writeback:0kB shmem:33576kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10608kB pagetables:3804kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  407.416637][ T9860] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  407.416700][ T9860] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  407.416771][ T9860] lowmem_reserve[]: 0 2482 2483 2483 2483
[  407.416825][ T9860] Node 0 DMA32 free:1301828kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB active_anon:116428kB inactive_anon:0kB active_file:79856kB inactive_file:156200kB unevictable:2836kB writepending:2480kB present:3129332kB managed:2541688kB mlocked:1400kB bounce:0kB free_pcp:4268kB local_pcp:1568kB free_cma:0kB
[  407.416897][ T9860] lowmem_reserve[]: 0 0 1 1 1
[  407.416950][ T9860] Node 0 Normal free:0kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1588kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:4kB free_cma:0kB
[  407.417018][ T9860] lowmem_reserve[]: 0 0 0 0 0
[  407.417070][ T9860] Node 1 Normal free:3902844kB boost:0kB min:55784kB low:69728kB high:83672kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:2312kB local_pcp:1348kB free_cma:0kB
[  407.417140][ T9860] lowmem_reserve[]: 0 0 0 0 0
[  407.417193][ T9860] Node 0 DMA: 0*4kB 0*8kB 0*16kB 
[  407.718694][ T9724] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  407.742119][ T9860] 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  407.788385][ T9860] Node 0 DMA32: 21*4kB (UE) 14*8kB (ME) 235*16kB (UME) 1376*32kB (UME) 839*64kB (UME) 408*128kB (UME) 210*256kB (UME) 104*512kB (UME) 36*1024kB (UME) 7*2048kB (M) 240*4096kB (UM) = 1295156kB
[  407.829301][ T9724] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  407.854211][ T9860] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  407.904597][ T9860] Node 1 Normal: 219*4kB (UME) 58*8kB (UME) 36*16kB (UME) 180*32kB (UME) 88*64kB (UME) 35*128kB (UME) 10*256kB (UE) 5*512kB (UE) 1*1024kB (U) 4*2048kB (UE) 945*4096kB (M) = 3902844kB
[  407.966284][ T9860] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  408.014115][ T9860] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  408.038241][ T9860] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  408.073994][ T9860] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  408.100380][ T9860] 70715 total pagecache pages
[  408.112794][ T9860] 0 pages in swap cache
[  408.118517][ T9860] Free swap  = 124996kB
[  408.126683][ T9860] Total swap = 124996kB
[  408.131308][ T9860] 2097051 pages RAM
[  408.174796][ T9860] 0 pages HighMem/MovableOnly
[  408.198374][ T9860] 429587 pages reserved
[  408.202978][ T9860] 0 pages cma reserved
[  408.644976][ T9877] netlink: 93 bytes leftover after parsing attributes in process `syz.3.953'.
[  408.771910][ T9724] 8021q: adding VLAN 0 to HW filter on device bond0
[  408.967563][ T9724] 8021q: adding VLAN 0 to HW filter on device team0
[  409.087515][ T2972] bridge0: port 1(bridge_slave_0) entered blocking state
[  409.095488][ T2972] bridge0: port 1(bridge_slave_0) entered forwarding state
[  409.139966][ T2972] bridge0: port 2(bridge_slave_1) entered blocking state
[  409.148091][ T2972] bridge0: port 2(bridge_slave_1) entered forwarding state
[  409.577506][ T9907] netlink: 93 bytes leftover after parsing attributes in process `syz.2.957'.
[  410.453040][ T9724] 8021q: adding VLAN 0 to HW filter on device batadv0
[  411.681800][ T9940] Invalid ELF header magic: != ELF
[  411.758262][ T9724] veth0_vlan: entered promiscuous mode
[  412.055371][ T9724] veth1_vlan: entered promiscuous mode
[  412.357605][ T9724] veth0_macvtap: entered promiscuous mode
[  412.377302][ T9724] veth1_macvtap: entered promiscuous mode
[  412.485094][ T9724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  412.507090][ T9724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  412.538769][ T9724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  412.568204][ T9724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  412.590323][ T9724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  412.612318][ T9724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  412.646449][ T9724] batman_adv: batadv0: Interface activated: batadv_slave_0
[  412.803307][ T9724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  412.850927][ T9724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  412.888735][ T9724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  412.900808][ T9724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  412.926543][ T9724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  412.951631][ T9724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  412.976134][ T9724] batman_adv: batadv0: Interface activated: batadv_slave_1
[  413.006925][ T9981] FAULT_INJECTION: forcing a failure.
[  413.006925][ T9981] name failslab, interval 1, probability 0, space 0, times 0
[  413.028589][ T9981] CPU: 0 UID: 0 PID: 9981 Comm: syz.1.968 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  413.028628][ T9981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  413.028643][ T9981] Call Trace:
[  413.028652][ T9981]  <TASK>
[  413.028662][ T9981]  dump_stack_lvl+0x16c/0x1f0
[  413.028705][ T9981]  should_fail_ex+0x512/0x640
[  413.028742][ T9981]  should_failslab+0xc2/0x120
[  413.028768][ T9981]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  413.028810][ T9981]  ? skb_clone+0x190/0x3f0
[  413.028852][ T9981]  skb_clone+0x190/0x3f0
[  413.028889][ T9981]  netlink_deliver_tap+0xabd/0xd30
[  413.028935][ T9981]  netlink_dump+0xb6d/0xd00
[  413.028976][ T9981]  ? __pfx_netlink_dump+0x10/0x10
[  413.029032][ T9981]  ? __asan_memset+0x23/0x50
[  413.029068][ T9981]  ? genl_start+0x67f/0x980
[  413.029115][ T9981]  __netlink_dump_start+0x6d6/0x990
[  413.029157][ T9981]  genl_family_rcv_msg_dumpit+0x1e2/0x2e0
[  413.029187][ T9981]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[  413.029213][ T9981]  ? genl_rcv_msg+0x577/0x800
[  413.029243][ T9981]  ? __pfx_genl_get_cmd+0x10/0x10
[  413.029279][ T9981]  ? __pfx_genl_start+0x10/0x10
[  413.029313][ T9981]  ? __pfx_genl_dumpit+0x10/0x10
[  413.029341][ T9981]  ? __pfx_genl_done+0x10/0x10
[  413.029366][ T9981]  ? __local_bh_enable_ip+0xa4/0x120
[  413.029399][ T9981]  ? __dev_queue_xmit+0x896/0x43e0
[  413.029425][ T9981]  ? __radix_tree_lookup+0x21f/0x2c0
[  413.029466][ T9981]  genl_rcv_msg+0x46e/0x800
[  413.029498][ T9981]  ? __pfx_genl_rcv_msg+0x10/0x10
[  413.029518][ T9981]  ? __pfx___dev_queue_xmit+0x10/0x10
[  413.029547][ T9981]  ? __pfx_nl802154_dump_interface+0x10/0x10
[  413.029582][ T9981]  ? __lock_acquire+0xaa4/0x1ba0
[  413.029622][ T9981]  netlink_rcv_skb+0x16a/0x440
[  413.029660][ T9981]  ? __pfx_genl_rcv_msg+0x10/0x10
[  413.029688][ T9981]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  413.029743][ T9981]  ? __pfx_down_read+0x10/0x10
[  413.029784][ T9981]  ? netlink_deliver_tap+0x1ae/0xd30
[  413.029827][ T9981]  genl_rcv+0x28/0x40
[  413.029863][ T9981]  netlink_unicast+0x53a/0x7f0
[  413.029906][ T9981]  ? __pfx_netlink_unicast+0x10/0x10
[  413.029937][ T9981]  ? __lock_acquire+0xaa4/0x1ba0
[  413.029970][ T9981]  netlink_sendmsg+0x8d1/0xdd0
[  413.030012][ T9981]  ? __pfx_netlink_sendmsg+0x10/0x10
[  413.030060][ T9981]  ____sys_sendmsg+0xa95/0xc70
[  413.030105][ T9981]  ? copy_msghdr_from_user+0x10a/0x160
[  413.030137][ T9981]  ? __pfx_____sys_sendmsg+0x10/0x10
[  413.030193][ T9981]  ___sys_sendmsg+0x134/0x1d0
[  413.030229][ T9981]  ? __pfx____sys_sendmsg+0x10/0x10
[  413.030325][ T9981]  __sys_sendmsg+0x16d/0x220
[  413.030360][ T9981]  ? __pfx___sys_sendmsg+0x10/0x10
[  413.030411][ T9981]  ? rcu_is_watching+0x12/0xc0
[  413.030458][ T9981]  do_syscall_64+0xcd/0x260
[  413.030500][ T9981]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  413.030529][ T9981] RIP: 0033:0x7f4f20b8d169
[  413.030551][ T9981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  413.030575][ T9981] RSP: 002b:00007f4f21a34038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  413.030602][ T9981] RAX: ffffffffffffffda RBX: 00007f4f20da5fa0 RCX: 00007f4f20b8d169
[  413.030619][ T9981] RDX: 0000000000000004 RSI: 0000200000001580 RDI: 0000000000000003
[  413.030636][ T9981] RBP: 00007f4f21a34090 R08: 0000000000000000 R09: 0000000000000000
[  413.030653][ T9981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  413.030669][ T9981] R13: 0000000000000000 R14: 00007f4f20da5fa0 R15: 00007ffe8d64f6a8
[  413.030708][ T9981]  </TASK>
[  413.455936][ T9724] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  413.467495][ T9724] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  413.477662][ T9724] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  413.491340][ T9724] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  413.734073][ T9992] sp0: Synchronizing with TNC
[  413.972967][ T2972] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  413.995691][ T2972] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  414.432332][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  414.432362][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  419.112779][T10095] sp0: Synchronizing with TNC
[  421.448855][T10132] page: refcount:3 mapcount:1 mapping:ffff88803767e598 index:0xda pfn:0x7a824
[  421.466311][T10147] could not allocate digest TFM handle binfmt_misc
[  421.500325][T10132] memcg:ffff8880534f2000
[  421.509830][T10132] aops:shmem_aops ino:5bb dentry name(?):"dev/zero"
[  421.518370][T10132] flags: 0xfff0000002011c(referenced|uptodate|dirty|active|swapbacked|node=0|zone=1|lastcpupid=0x7ff)
[  421.532937][T10132] raw: 00fff0000002011c ffffea0001ea0948 ffffea0001243cc8 ffff88803767e598
[  421.543337][T10132] raw: 00000000000000da 0000000000000000 0000000300000000 ffff8880534f2000
[  421.553594][T10132] page dumped because: unmovable page
[  421.559999][T10132] page_owner tracks the page as allocated
[  421.567800][T10132] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 10128, tgid 10127 (syz.4.994), ts 420514935746, free_ts 416811219990
[  421.595961][T10132]  post_alloc_hook+0x181/0x1b0
[  421.609651][T10132]  get_page_from_freelist+0x1193/0x39b0
[  421.618246][T10132]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  421.629097][T10132]  alloc_pages_mpol+0x1fb/0x550
[  421.638557][T10132]  folio_alloc_mpol_noprof+0x36/0x2f0
[  421.647595][T10132]  shmem_alloc_folio+0x9b/0x160
[  421.653300][T10132]  shmem_alloc_and_add_folio+0x499/0xc20
[  421.661929][T10132]  shmem_get_folio_gfp+0x687/0x1530
[  421.671341][T10132]  shmem_fault+0x1fe/0xa30
[  421.681562][T10132]  __do_fault+0x10a/0x490
[  421.689649][T10132]  do_pte_missing+0x1a6/0x3fb0
[  421.701187][T10132]  __handle_mm_fault+0x103d/0x2a40
[  421.726796][T10132]  handle_mm_fault+0x3fe/0xad0
[  421.741071][T10132]  do_user_addr_fault+0x7a6/0x1370
[  421.761267][T10132]  exc_page_fault+0x5c/0xc0
[  421.781307][T10132]  asm_exc_page_fault+0x26/0x30
[  421.796565][T10132] page last free pid 10145 tgid 10127 stack trace:
[  421.817947][T10132]  __free_frozen_pages+0x69d/0xff0
[  421.839171][T10132]  __folio_put+0x329/0x450
[  421.854328][T10132]  migrate_folio_done+0x298/0x340
[  421.870333][T10132]  migrate_pages_batch+0x1d19/0x31a0
[  421.916665][T10132]  migrate_pages_sync+0x12d/0x8a0
[  421.947264][T10132]  migrate_pages+0x1b28/0x2350
[  421.952725][T10132]  do_mbind+0x6f0/0xf30
[  421.973220][T10132]  kernel_mbind+0x1e3/0x1f0
[  421.981585][T10132]  do_syscall_64+0xcd/0x260
[  421.987212][T10132]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  425.191345][T10220] netlink: 93 bytes leftover after parsing attributes in process `syz.2.1011'.
[  427.125570][T10243] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1019'.
[  427.957149][T10254] FAULT_INJECTION: forcing a failure.
[  427.957149][T10254] name failslab, interval 1, probability 0, space 0, times 0
[  428.084096][T10254] CPU: 1 UID: 0 PID: 10254 Comm: syz.3.1022 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  428.084138][T10254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  428.084157][T10254] Call Trace:
[  428.084166][T10254]  <TASK>
[  428.084178][T10254]  dump_stack_lvl+0x16c/0x1f0
[  428.084225][T10254]  should_fail_ex+0x512/0x640
[  428.084259][T10254]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  428.084300][T10254]  should_failslab+0xc2/0x120
[  428.084329][T10254]  __kmalloc_cache_noprof+0x6a/0x3e0
[  428.084368][T10254]  ? ccid_get_builtin_ccids+0x79/0x200
[  428.084412][T10254]  ? kasan_save_track+0x14/0x30
[  428.084457][T10254]  ccid_get_builtin_ccids+0x79/0x200
[  428.084505][T10254]  dccp_feat_init+0x394/0x800
[  428.084548][T10254]  ? __pfx_dccp_feat_init+0x10/0x10
[  428.084578][T10254]  ? __pfx_dccp_keepalive_timer+0x10/0x10
[  428.084618][T10254]  ? lockdep_init_map_type+0x5c/0x280
[  428.084649][T10254]  ? do_init_timer+0xc9/0x110
[  428.084687][T10254]  ? __pfx_dccp_keepalive_timer+0x10/0x10
[  428.084726][T10254]  ? __pfx_dccp_delack_timer+0x10/0x10
[  428.084770][T10254]  dccp_init_sock+0x327/0x420
[  428.084801][T10254]  ? __pfx_dccp_v4_init_sock+0x10/0x10
[  428.084832][T10254]  dccp_v4_init_sock+0x1f/0xa0
[  428.084859][T10254]  ? __pfx_dccp_v4_init_sock+0x10/0x10
[  428.084889][T10254]  inet_create+0x936/0x1090
[  428.084918][T10254]  ? inet_create+0x93/0x1090
[  428.084952][T10254]  __sock_create+0x335/0x8d0
[  428.084988][T10254]  inet_ctl_sock_create+0x94/0x230
[  428.085035][T10254]  ? __pfx_inet_ctl_sock_create+0x10/0x10
[  428.085092][T10254]  ? __pfx_dccp_v4_init_net+0x10/0x10
[  428.085124][T10254]  dccp_v4_init_net+0x63/0x90
[  428.085156][T10254]  ops_init+0x1df/0x5f0
[  428.085200][T10254]  setup_net+0x21e/0x850
[  428.085245][T10254]  ? __pfx_setup_net+0x10/0x10
[  428.085280][T10254]  ? lockdep_init_map_type+0x5c/0x280
[  428.085308][T10254]  ? __pfx_down_read_killable+0x10/0x10
[  428.085359][T10254]  ? debug_mutex_init+0x37/0x70
[  428.085398][T10254]  copy_net_ns+0x2a6/0x5f0
[  428.085447][T10254]  create_new_namespaces+0x3ea/0xad0
[  428.085499][T10254]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  428.085553][T10254]  ksys_unshare+0x45b/0xa40
[  428.085597][T10254]  ? __pfx_ksys_unshare+0x10/0x10
[  428.085639][T10254]  ? xfd_validate_state+0x5d/0x180
[  428.085675][T10254]  ? rcu_is_watching+0x12/0xc0
[  428.085723][T10254]  __x64_sys_unshare+0x31/0x40
[  428.085766][T10254]  do_syscall_64+0xcd/0x260
[  428.085811][T10254]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  428.085840][T10254] RIP: 0033:0x7f8fd9b8d169
[  428.085863][T10254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  428.085891][T10254] RSP: 002b:00007f8fdaa73038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  428.085920][T10254] RAX: ffffffffffffffda RBX: 00007f8fd9da5fa0 RCX: 00007f8fd9b8d169
[  428.085940][T10254] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  428.085957][T10254] RBP: 00007f8fd9c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  428.085974][T10254] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  428.085991][T10254] R13: 0000000000000000 R14: 00007f8fd9da5fa0 R15: 00007ffc0402ebc8
[  428.086030][T10254]  </TASK>
[  428.716426][T10263] sp0: Synchronizing with TNC
[  430.676079][T10293] netlink: 93 bytes leftover after parsing attributes in process `syz.2.1029'.
[  431.468417][T10310] sp0: Synchronizing with TNC
[  431.608160][T10312] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1034'.
[  431.638577][T10316] zero sized request
[  435.617582][T10387] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1049'.
[  439.494798][T10442] netlink: 93 bytes leftover after parsing attributes in process `syz.2.1054'.
[  443.382567][T10484] synth uevent: /devices/virtual/tty/ptyza: unknown uevent action string
[  443.401235][T10484] tty ptyza: uevent: failed to send synthetic uevent: -22
[  443.971486][T10494] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1061'.
[  444.223167][T10491] netlink: 93 bytes leftover after parsing attributes in process `syz.1.1057'.
[  445.265134][T10502] ip_vti0: entered allmulticast mode
[  445.529190][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  445.544064][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  447.182027][T10527] sp0: Synchronizing with TNC
[  447.853618][T10533] usb usb15: usbfs: process 10533 (syz.3.1070) did not claim interface 0 before use
[  447.989282][T10531] netlink: 93 bytes leftover after parsing attributes in process `syz.4.1069'.
[  454.640639][T10602] netlink: 93 bytes leftover after parsing attributes in process `syz.1.1085'.
[  454.706676][T10606] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1087'.
[  455.139704][T10609] net_ratelimit: 29 callbacks suppressed
[  455.139732][T10609] openvswitch: netlink: Message has 16 unknown bytes.
[  455.402404][T10615] sp0: Synchronizing with TNC
[  457.406906][T10635] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1093'.
[  458.420225][T10652] netlink: 146 bytes leftover after parsing attributes in process `syz.2.1097'.
[  459.337709][   T55] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[  459.895571][T10672] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1104'.
[  460.014623][T10672] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  463.467352][T10680] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1107'.
[  464.159610][T10699] sp0: Synchronizing with TNC
[  466.341595][T10730] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1121'.
[  466.832451][T10741] sp0: Synchronizing with TNC
[  467.507895][   T30] audit: type=1800 audit(4294967634.161:6): pid=10751 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1126" name="dbroot" dev="configfs" ino=29181 res=0 errno=0
[  470.881299][T10800] FAULT_INJECTION: forcing a failure.
[  470.881299][T10800] name failslab, interval 1, probability 0, space 0, times 0
[  470.976452][T10800] CPU: 1 UID: 0 PID: 10800 Comm: syz.4.1138 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  470.976497][T10800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  470.976515][T10800] Call Trace:
[  470.976526][T10800]  <TASK>
[  470.976538][T10800]  dump_stack_lvl+0x16c/0x1f0
[  470.976587][T10800]  should_fail_ex+0x512/0x640
[  470.976620][T10800]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  470.976669][T10800]  should_failslab+0xc2/0x120
[  470.976697][T10800]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  470.976740][T10800]  ? mas_alloc_nodes+0x18b/0x8b0
[  470.976779][T10800]  mas_alloc_nodes+0x18b/0x8b0
[  470.976821][T10800]  mas_node_count_gfp+0x105/0x130
[  470.976857][T10800]  mas_preallocate+0x53e/0xcd0
[  470.976890][T10800]  ? __pfx_mas_preallocate+0x10/0x10
[  470.976932][T10800]  ? anon_vma_name+0x75/0x100
[  470.976967][T10800]  __split_vma+0x33b/0x1030
[  470.977013][T10800]  ? __pfx___split_vma+0x10/0x10
[  470.977071][T10800]  vms_gather_munmap_vmas+0x392/0x1310
[  470.977127][T10800]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  470.977174][T10800]  ? mas_walk+0x6a6/0x910
[  470.977235][T10800]  __mmap_region+0x314/0x27c0
[  470.977278][T10800]  ? finish_task_switch.isra.0+0x2fa/0xc10
[  470.977318][T10800]  ? __pfx___mmap_region+0x10/0x10
[  470.977358][T10800]  ? trace_sched_exit_tp+0xde/0x130
[  470.977413][T10800]  ? __lock_acquire+0x5ca/0x1ba0
[  470.977449][T10800]  ? __pfx___schedule+0x10/0x10
[  470.977531][T10800]  ? trace_cap_capable+0x18d/0x200
[  470.977560][T10800]  ? cap_capable+0xb3/0x250
[  470.977594][T10800]  mmap_region+0x1ab/0x3f0
[  470.977646][T10800]  do_mmap+0xd8e/0x11b0
[  470.977697][T10800]  ? __pfx_do_mmap+0x10/0x10
[  470.977732][T10800]  ? __pfx_down_write_killable+0x10/0x10
[  470.977780][T10800]  vm_mmap_pgoff+0x281/0x450
[  470.977818][T10800]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  470.977843][T10800]  ? map_id_range_up+0x2ce/0x3b0
[  470.977882][T10800]  ? __x64_sys_futex+0x1e0/0x4c0
[  470.977917][T10800]  ? __x64_sys_futex+0x1e9/0x4c0
[  470.977956][T10800]  ksys_mmap_pgoff+0x7d/0x5c0
[  470.977985][T10800]  ? rcu_is_watching+0x12/0xc0
[  470.978020][T10800]  __x64_sys_mmap+0x125/0x190
[  470.978054][T10800]  do_syscall_64+0xcd/0x260
[  470.978094][T10800]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  470.978137][T10800] RIP: 0033:0x7f6fbb58d169
[  470.978158][T10800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  470.978186][T10800] RSP: 002b:00007f6fbc3ca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  470.978213][T10800] RAX: ffffffffffffffda RBX: 00007f6fbb7a5fa0 RCX: 00007f6fbb58d169
[  470.978231][T10800] RDX: 00000000000000df RSI: 0000000000000008 RDI: 0000000000000000
[  470.978247][T10800] RBP: 00007f6fbb60e2a0 R08: 0000000000000002 R09: 0000000040008000
[  470.978263][T10800] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[  470.978277][T10800] R13: 0000000000000000 R14: 00007f6fbb7a5fa0 R15: 00007ffd9ddfe0c8
[  470.978313][T10800]  </TASK>
[  471.829727][T10810] FAULT_INJECTION: forcing a failure.
[  471.829727][T10810] name failslab, interval 1, probability 0, space 0, times 0
[  471.873948][T10810] CPU: 0 UID: 0 PID: 10810 Comm: syz.2.1140 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  471.873988][T10810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  471.874003][T10810] Call Trace:
[  471.874012][T10810]  <TASK>
[  471.874023][T10810]  dump_stack_lvl+0x16c/0x1f0
[  471.874064][T10810]  should_fail_ex+0x512/0x640
[  471.874110][T10810]  should_failslab+0xc2/0x120
[  471.874136][T10810]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  471.874176][T10810]  ? find_held_lock+0x2b/0x80
[  471.874208][T10810]  ? dst_alloc+0x99/0x1a0
[  471.874242][T10810]  dst_alloc+0x99/0x1a0
[  471.874275][T10810]  rt_dst_alloc+0x35/0x3a0
[  471.874315][T10810]  ip_route_output_key_hash_rcu+0x87a/0x28f0
[  471.874356][T10810]  ip_route_output_key_hash+0x137/0x2e0
[  471.874386][T10810]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  471.874428][T10810]  ? find_held_lock+0x2b/0x80
[  471.874465][T10810]  ip_route_output_flow+0x27/0x150
[  471.874496][T10810]  raw_sendmsg+0xd5c/0x38b0
[  471.874532][T10810]  ? aa_profile_af_perm+0x490/0x510
[  471.874564][T10810]  ? __pfx_raw_sendmsg+0x10/0x10
[  471.874623][T10810]  ? __pfx___might_resched+0x10/0x10
[  471.874660][T10810]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  471.874698][T10810]  ? aa_sk_perm+0x2f4/0xb10
[  471.874736][T10810]  ? __import_iovec+0x1c8/0x660
[  471.874769][T10810]  ? __might_fault+0xe3/0x190
[  471.874807][T10810]  ? __might_fault+0x13b/0x190
[  471.874847][T10810]  ? __pfx_raw_sendmsg+0x10/0x10
[  471.874877][T10810]  inet_sendmsg+0x119/0x140
[  471.874904][T10810]  ____sys_sendmsg+0x973/0xc70
[  471.874947][T10810]  ? copy_msghdr_from_user+0x10a/0x160
[  471.874982][T10810]  ? __pfx_____sys_sendmsg+0x10/0x10
[  471.875030][T10810]  ? __pfx__kstrtoull+0x10/0x10
[  471.875079][T10810]  ___sys_sendmsg+0x134/0x1d0
[  471.875125][T10810]  ? __pfx____sys_sendmsg+0x10/0x10
[  471.875184][T10810]  ? find_held_lock+0x2b/0x80
[  471.875249][T10810]  __sys_sendmmsg+0x200/0x420
[  471.875290][T10810]  ? __pfx___sys_sendmmsg+0x10/0x10
[  471.875339][T10810]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  471.875398][T10810]  ? fput+0x70/0xf0
[  471.875424][T10810]  ? ksys_write+0x1b9/0x240
[  471.875460][T10810]  ? __pfx_ksys_write+0x10/0x10
[  471.875494][T10810]  ? rcu_is_watching+0x12/0xc0
[  471.875535][T10810]  __x64_sys_sendmmsg+0x9c/0x100
[  471.875570][T10810]  ? lockdep_hardirqs_on+0x7c/0x110
[  471.875604][T10810]  do_syscall_64+0xcd/0x260
[  471.875646][T10810]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  471.875673][T10810] RIP: 0033:0x7efffdb8d169
[  471.875695][T10810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  471.875720][T10810] RSP: 002b:00007efffea54038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  471.875746][T10810] RAX: ffffffffffffffda RBX: 00007efffdda5fa0 RCX: 00007efffdb8d169
[  471.875764][T10810] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003
[  471.875778][T10810] RBP: 00007efffea54090 R08: 0000000000000000 R09: 0000000000000000
[  471.875794][T10810] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000001
[  471.875810][T10810] R13: 0000000000000000 R14: 00007efffdda5fa0 R15: 00007ffec73b33a8
[  471.875847][T10810]  </TASK>
[  472.227453][    C0] vkms_vblank_simulate: vblank timer overrun
[  473.804418][T10838] FAULT_INJECTION: forcing a failure.
[  473.804418][T10838] name failslab, interval 1, probability 0, space 0, times 0
[  473.874030][T10838] CPU: 0 UID: 0 PID: 10838 Comm: syz.4.1149 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  473.874068][T10838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  473.874082][T10838] Call Trace:
[  473.874091][T10838]  <TASK>
[  473.874102][T10838]  dump_stack_lvl+0x16c/0x1f0
[  473.874144][T10838]  should_fail_ex+0x512/0x640
[  473.874173][T10838]  ? __kvmalloc_node_noprof+0x122/0x600
[  473.874213][T10838]  should_failslab+0xc2/0x120
[  473.874240][T10838]  __kvmalloc_node_noprof+0x135/0x600
[  473.874290][T10838]  ? file_tty_write.constprop.0+0x6ed/0x9b0
[  473.874356][T10838]  ? file_tty_write.constprop.0+0x6ed/0x9b0
[  473.874397][T10838]  file_tty_write.constprop.0+0x6ed/0x9b0
[  473.874443][T10838]  ? rw_verify_area+0xcf/0x680
[  473.874480][T10838]  vfs_write+0x5ba/0x1180
[  473.874518][T10838]  ? __pfx_tty_write+0x10/0x10
[  473.874564][T10838]  ? __pfx_vfs_write+0x10/0x10
[  473.874597][T10838]  ? find_held_lock+0x2b/0x80
[  473.874658][T10838]  ksys_write+0x12a/0x240
[  473.874702][T10838]  ? __pfx_ksys_write+0x10/0x10
[  473.874735][T10838]  ? rcu_is_watching+0x12/0xc0
[  473.874780][T10838]  do_syscall_64+0xcd/0x260
[  473.874821][T10838]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  473.874848][T10838] RIP: 0033:0x7f6fbb58d169
[  473.874880][T10838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  473.874904][T10838] RSP: 002b:00007f6fbc3ca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  473.874930][T10838] RAX: ffffffffffffffda RBX: 00007f6fbb7a5fa0 RCX: 00007f6fbb58d169
[  473.874947][T10838] RDX: 0000000000000ace RSI: 0000200000000580 RDI: 0000000000000003
[  473.874962][T10838] RBP: 00007f6fbc3ca090 R08: 0000000000000000 R09: 0000000000000000
[  473.874977][T10838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  473.874992][T10838] R13: 0000000000000000 R14: 00007f6fbb7a5fa0 R15: 00007ffd9ddfe0c8
[  473.875029][T10838]  </TASK>
[  474.102711][    C0] vkms_vblank_simulate: vblank timer overrun
[  474.538612][T10835] netlink: 93 bytes leftover after parsing attributes in process `syz.2.1146'.
[  475.194137][T10856] usb usb8: usbfs: interface 0 claimed by hub while 'syz.1.1154' sets config #0
[  476.279789][T10866] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  476.288870][T10884] FAULT_INJECTION: forcing a failure.
[  476.288870][T10884] name fail_futex, interval 1, probability 0, space 0, times 0
[  476.313796][T10866] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  476.354691][T10866] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  476.361785][T10884] CPU: 1 UID: 0 PID: 10884 Comm: syz.3.1164 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  476.361823][T10884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  476.361839][T10884] Call Trace:
[  476.361849][T10884]  <TASK>
[  476.361860][T10884]  dump_stack_lvl+0x16c/0x1f0
[  476.361907][T10884]  should_fail_ex+0x512/0x640
[  476.361946][T10884]  get_futex_key+0x49e/0x1000
[  476.361989][T10884]  ? __pfx_get_futex_key+0x10/0x10
[  476.362024][T10884]  ? kfree+0x252/0x4d0
[  476.362073][T10884]  futex_wake+0xe7/0x4e0
[  476.362114][T10884]  ? __pfx_futex_wake+0x10/0x10
[  476.362141][T10884]  ? __pfx_vfs_writev+0x10/0x10
[  476.362183][T10884]  ? do_writev+0x218/0x330
[  476.362227][T10884]  do_futex+0x1e3/0x350
[  476.362268][T10884]  ? __pfx_do_futex+0x10/0x10
[  476.362304][T10884]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  476.362356][T10884]  __x64_sys_futex+0x1e0/0x4c0
[  476.362396][T10884]  ? fput+0x70/0xf0
[  476.362423][T10884]  ? __pfx___x64_sys_futex+0x10/0x10
[  476.362464][T10884]  ? __pfx_do_writev+0x10/0x10
[  476.362497][T10884]  ? rcu_is_watching+0x12/0xc0
[  476.362543][T10884]  do_syscall_64+0xcd/0x260
[  476.362586][T10884]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  476.362615][T10884] RIP: 0033:0x7f8fd9b8d169
[  476.362638][T10884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  476.362665][T10884] RSP: 002b:00007f8fdaa730e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  476.362692][T10884] RAX: ffffffffffffffda RBX: 00007f8fd9da5fa8 RCX: 00007f8fd9b8d169
[  476.362710][T10884] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8fd9da5fac
[  476.362727][T10884] RBP: 00007f8fd9da5fa0 R08: 00007f8fdaa74000 R09: 0000000000000000
[  476.362745][T10884] R10: 0000000000000008 R11: 0000000000000246 R12: 00007f8fd9da5fac
[  476.362763][T10884] R13: 0000000000000000 R14: 00007ffc0402eae0 R15: 00007ffc0402ebc8
[  476.362801][T10884]  </TASK>
[  476.429190][T10866] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  476.599072][T10866] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  476.643708][T10866] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  477.341485][T10907] HfR: entered promiscuous mode
[  477.375875][T10907] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1173'.
[  477.432714][T10907] HfR: left promiscuous mode
[  477.472761][T10909] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  477.509674][T10911] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1174'.
[  477.764775][   T55] Bluetooth: hci0: command 0x0c1a tx timeout
[  477.925897][T10919] FAULT_INJECTION: forcing a failure.
[  477.925897][T10919] name fail_futex, interval 1, probability 0, space 0, times 0
[  478.057428][T10919] CPU: 1 UID: 0 PID: 10919 Comm: syz.2.1175 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  478.057474][T10919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  478.057492][T10919] Call Trace:
[  478.057502][T10919]  <TASK>
[  478.057514][T10919]  dump_stack_lvl+0x16c/0x1f0
[  478.057561][T10919]  should_fail_ex+0x512/0x640
[  478.057601][T10919]  get_futex_key+0x49e/0x1000
[  478.057648][T10919]  ? __pfx_get_futex_key+0x10/0x10
[  478.057686][T10919]  ? kfree+0x252/0x4d0
[  478.057736][T10919]  futex_wake+0xe7/0x4e0
[  478.057768][T10919]  ? __pfx_futex_wake+0x10/0x10
[  478.057796][T10919]  ? __pfx_vfs_writev+0x10/0x10
[  478.057839][T10919]  ? do_writev+0x218/0x330
[  478.057883][T10919]  do_futex+0x1e3/0x350
[  478.057925][T10919]  ? __pfx_do_futex+0x10/0x10
[  478.057962][T10919]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  478.058016][T10919]  __x64_sys_futex+0x1e0/0x4c0
[  478.058058][T10919]  ? fput+0x70/0xf0
[  478.058095][T10919]  ? __pfx___x64_sys_futex+0x10/0x10
[  478.058136][T10919]  ? __pfx_do_writev+0x10/0x10
[  478.058171][T10919]  ? rcu_is_watching+0x12/0xc0
[  478.058218][T10919]  do_syscall_64+0xcd/0x260
[  478.058262][T10919]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  478.058291][T10919] RIP: 0033:0x7efffdb8d169
[  478.058314][T10919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  478.058341][T10919] RSP: 002b:00007efffea540e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  478.058369][T10919] RAX: ffffffffffffffda RBX: 00007efffdda5fa8 RCX: 00007efffdb8d169
[  478.058388][T10919] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007efffdda5fac
[  478.058405][T10919] RBP: 00007efffdda5fa0 R08: 00007efffea55000 R09: 0000000000000000
[  478.058423][T10919] R10: 0000000000000008 R11: 0000000000000246 R12: 00007efffdda5fac
[  478.058441][T10919] R13: 0000000000000000 R14: 00007ffec73b32c0 R15: 00007ffec73b33a8
[  478.058478][T10919]  </TASK>
[  478.503969][   T55] Bluetooth: hci2: command 0x0c1a tx timeout
[  478.510663][   T55] Bluetooth: hci3: command 0x0c1a tx timeout
[  478.518215][   T55] Bluetooth: hci1: command 0x0c1a tx timeout
[  479.706232][T10960] sp0: Synchronizing with TNC
[  480.333457][T10972] FAULT_INJECTION: forcing a failure.
[  480.333457][T10972] name fail_futex, interval 1, probability 0, space 0, times 0
[  480.392980][T10972] CPU: 1 UID: 0 PID: 10972 Comm: syz.4.1186 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  480.393022][T10972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  480.393039][T10972] Call Trace:
[  480.393049][T10972]  <TASK>
[  480.393060][T10972]  dump_stack_lvl+0x16c/0x1f0
[  480.393106][T10972]  should_fail_ex+0x512/0x640
[  480.393146][T10972]  get_futex_key+0x49e/0x1000
[  480.393191][T10972]  ? __pfx_get_futex_key+0x10/0x10
[  480.393229][T10972]  ? kfree+0x252/0x4d0
[  480.393278][T10972]  futex_wake+0xe7/0x4e0
[  480.393309][T10972]  ? __pfx_futex_wake+0x10/0x10
[  480.393346][T10972]  ? __pfx_vfs_writev+0x10/0x10
[  480.393386][T10972]  ? do_writev+0x218/0x330
[  480.393430][T10972]  do_futex+0x1e3/0x350
[  480.393471][T10972]  ? __pfx_do_futex+0x10/0x10
[  480.393508][T10972]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  480.393557][T10972]  __x64_sys_futex+0x1e0/0x4c0
[  480.393594][T10972]  ? fput+0x70/0xf0
[  480.393620][T10972]  ? __pfx___x64_sys_futex+0x10/0x10
[  480.393654][T10972]  ? __pfx_do_writev+0x10/0x10
[  480.393681][T10972]  ? rcu_is_watching+0x12/0xc0
[  480.393721][T10972]  do_syscall_64+0xcd/0x260
[  480.393755][T10972]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  480.393780][T10972] RIP: 0033:0x7f6fbb58d169
[  480.393802][T10972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  480.393827][T10972] RSP: 002b:00007f6fbc3ca0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  480.393858][T10972] RAX: ffffffffffffffda RBX: 00007f6fbb7a5fa8 RCX: 00007f6fbb58d169
[  480.393874][T10972] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f6fbb7a5fac
[  480.393891][T10972] RBP: 00007f6fbb7a5fa0 R08: 00007f6fbc3cb000 R09: 0000000000000000
[  480.393906][T10972] R10: 0000000000000008 R11: 0000000000000246 R12: 00007f6fbb7a5fac
[  480.393919][T10972] R13: 0000000000000000 R14: 00007ffd9ddfdfe0 R15: 00007ffd9ddfe0c8
[  480.393952][T10972]  </TASK>
[  480.610781][ T5845] Bluetooth: hci1: command 0x0c1a tx timeout
[  480.722893][T10977] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1187'.
[  481.135456][T10986] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1189'.
[  482.400736][T11016] sp0: Synchronizing with TNC
[  482.644192][ T5845] Bluetooth: hci1: command 0x0c1a tx timeout
[  482.903573][T11030] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1198'.
[  484.494401][T11054] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1204'.
[  484.520756][T11051] netlink: 93 bytes leftover after parsing attributes in process `syz.1.1200'.
[  485.110845][T11066] sp0: Synchronizing with TNC
[  487.529278][T11113] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1220'.
[  488.631587][T11128] sp0: Synchronizing with TNC
[  489.428758][T11133] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1224'.
[  490.053251][T11150] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1231'.
[  490.958529][T11170] netlink: 93 bytes leftover after parsing attributes in process `syz.4.1232'.
[  492.161522][T11186] FAULT_INJECTION: forcing a failure.
[  492.161522][T11186] name failslab, interval 1, probability 0, space 0, times 0
[  492.226311][T11186] CPU: 1 UID: 0 PID: 11186 Comm: syz.1.1238 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  492.226354][T11186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  492.226372][T11186] Call Trace:
[  492.226382][T11186]  <TASK>
[  492.226394][T11186]  dump_stack_lvl+0x16c/0x1f0
[  492.226442][T11186]  should_fail_ex+0x512/0x640
[  492.226474][T11186]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  492.226519][T11186]  should_failslab+0xc2/0x120
[  492.226547][T11186]  __kmalloc_cache_noprof+0x6a/0x3e0
[  492.226580][T11186]  ? __lock_acquire+0xaa4/0x1ba0
[  492.226607][T11186]  ? snd_timer_instance_new+0x47/0x2e0
[  492.226653][T11186]  snd_timer_instance_new+0x47/0x2e0
[  492.226698][T11186]  snd_seq_timer_open+0x1cc/0x5e0
[  492.226739][T11186]  ? __pfx_snd_seq_timer_open+0x10/0x10
[  492.226777][T11186]  ? find_held_lock+0x2b/0x80
[  492.226816][T11186]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  492.226847][T11186]  ? lockdep_hardirqs_on+0x7c/0x110
[  492.226880][T11186]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  492.226914][T11186]  queue_use+0xe3/0x250
[  492.226940][T11186]  snd_seq_queue_alloc+0x2e5/0x550
[  492.226973][T11186]  snd_seq_ioctl_create_queue+0xa9/0x380
[  492.227009][T11186]  snd_seq_kernel_client_ctl+0x107/0x1c0
[  492.227050][T11186]  alloc_seq_queue+0xda/0x180
[  492.227090][T11186]  ? __pfx_alloc_seq_queue+0x10/0x10
[  492.227154][T11186]  ? mark_held_locks+0x49/0x80
[  492.227195][T11186]  ? _raw_spin_unlock_irq+0x23/0x50
[  492.227232][T11186]  snd_seq_oss_open+0x38c/0xa20
[  492.227299][T11186]  odev_open+0x6f/0x90
[  492.227335][T11186]  ? __pfx_odev_open+0x10/0x10
[  492.227373][T11186]  soundcore_open+0x409/0x580
[  492.227416][T11186]  ? __pfx_soundcore_open+0x10/0x10
[  492.227453][T11186]  chrdev_open+0x231/0x6a0
[  492.227495][T11186]  ? __pfx_apparmor_file_open+0x10/0x10
[  492.227530][T11186]  ? __pfx_chrdev_open+0x10/0x10
[  492.227575][T11186]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  492.227624][T11186]  do_dentry_open+0x741/0x1c10
[  492.227661][T11186]  ? __pfx_chrdev_open+0x10/0x10
[  492.227712][T11186]  vfs_open+0x82/0x3f0
[  492.227746][T11186]  path_openat+0x1e5e/0x2d40
[  492.227802][T11186]  ? __pfx_path_openat+0x10/0x10
[  492.227856][T11186]  do_filp_open+0x20b/0x470
[  492.227898][T11186]  ? __pfx_do_filp_open+0x10/0x10
[  492.227969][T11186]  ? alloc_fd+0x471/0x7d0
[  492.228011][T11186]  do_sys_openat2+0x11b/0x1d0
[  492.228036][T11186]  ? __pfx_do_sys_openat2+0x10/0x10
[  492.228063][T11186]  ? bpf_lsm_capable+0x9/0x10
[  492.228108][T11186]  __x64_sys_openat+0x174/0x210
[  492.228138][T11186]  ? __pfx___x64_sys_openat+0x10/0x10
[  492.228170][T11186]  ? rcu_is_watching+0x12/0xc0
[  492.228218][T11186]  do_syscall_64+0xcd/0x260
[  492.228278][T11186]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  492.228307][T11186] RIP: 0033:0x7f4f20b8d169
[  492.228332][T11186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  492.228360][T11186] RSP: 002b:00007f4f21a34038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  492.228391][T11186] RAX: ffffffffffffffda RBX: 00007f4f20da5fa0 RCX: 00007f4f20b8d169
[  492.228410][T11186] RDX: 00000000001c8340 RSI: 0000200000000540 RDI: ffffffffffffff9c
[  492.228428][T11186] RBP: 00007f4f20c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  492.228445][T11186] R10: 00000000000000bf R11: 0000000000000246 R12: 0000000000000000
[  492.228463][T11186] R13: 0000000000000000 R14: 00007f4f20da5fa0 R15: 00007ffe8d64f6a8
[  492.228503][T11186]  </TASK>
[  493.385661][T11198] FAULT_INJECTION: forcing a failure.
[  493.385661][T11198] name failslab, interval 1, probability 0, space 0, times 0
[  493.419675][T11198] CPU: 0 UID: 0 PID: 11198 Comm: syz.4.1242 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  493.419720][T11198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  493.419739][T11198] Call Trace:
[  493.419749][T11198]  <TASK>
[  493.419761][T11198]  dump_stack_lvl+0x16c/0x1f0
[  493.419833][T11198]  should_fail_ex+0x512/0x640
[  493.419866][T11198]  ? __kmalloc_noprof+0xbf/0x510
[  493.419914][T11198]  ? lsm_blob_alloc+0x68/0x90
[  493.419963][T11198]  should_failslab+0xc2/0x120
[  493.419992][T11198]  __kmalloc_noprof+0xd2/0x510
[  493.420053][T11198]  lsm_blob_alloc+0x68/0x90
[  493.420102][T11198]  security_prepare_creds+0x30/0x270
[  493.420148][T11198]  prepare_creds+0x56f/0x7d0
[  493.420184][T11198]  __sys_setfsgid+0xe3/0x380
[  493.420223][T11198]  ? rcu_is_watching+0x12/0xc0
[  493.420263][T11198]  do_syscall_64+0xcd/0x260
[  493.420308][T11198]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  493.420339][T11198] RIP: 0033:0x7f6fbb58d169
[  493.420364][T11198] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  493.420392][T11198] RSP: 002b:00007f6fbc3ca038 EFLAGS: 00000246 ORIG_RAX: 000000000000007b
[  493.420420][T11198] RAX: ffffffffffffffda RBX: 00007f6fbb7a5fa0 RCX: 00007f6fbb58d169
[  493.420439][T11198] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000ee01
[  493.420456][T11198] RBP: 00007f6fbb60e2a0 R08: 0000000000000000 R09: 0000000000000000
[  493.420474][T11198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  493.420491][T11198] R13: 0000000000000000 R14: 00007f6fbb7a5fa0 R15: 00007ffd9ddfe0c8
[  493.420530][T11198]  </TASK>
[  493.606578][    C0] vkms_vblank_simulate: vblank timer overrun
[  493.932872][T11204] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1243'.
[  496.220126][T11216] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  496.248160][T11216] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  496.279835][T11216] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  496.307277][T11216] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  496.549533][T11226] FAULT_INJECTION: forcing a failure.
[  496.549533][T11226] name fail_futex, interval 1, probability 0, space 0, times 0
[  496.609544][T11226] CPU: 0 UID: 0 PID: 11226 Comm: syz.1.1249 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  496.609589][T11226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  496.609607][T11226] Call Trace:
[  496.609617][T11226]  <TASK>
[  496.609628][T11226]  dump_stack_lvl+0x16c/0x1f0
[  496.609675][T11226]  should_fail_ex+0x512/0x640
[  496.609715][T11226]  get_futex_key+0x49e/0x1000
[  496.609756][T11226]  ? find_held_lock+0x2b/0x80
[  496.609795][T11226]  ? __pfx_get_futex_key+0x10/0x10
[  496.609833][T11226]  ? do_raw_spin_unlock+0x172/0x230
[  496.609868][T11226]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  496.609905][T11226]  ? trace_pid_list_is_set+0x100/0x150
[  496.609952][T11226]  futex_wait_setup+0x78/0x290
[  496.609979][T11226]  ? event_filter_pid_sched_wakeup_probe_post+0x103/0x270
[  496.610044][T11226]  __futex_wait+0x266/0x3c0
[  496.610074][T11226]  ? __pfx___futex_wait+0x10/0x10
[  496.610102][T11226]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  496.610145][T11226]  ? __pfx_futex_wake_mark+0x10/0x10
[  496.610190][T11226]  futex_wait+0xe8/0x380
[  496.610219][T11226]  ? __pfx_futex_wait+0x10/0x10
[  496.610257][T11226]  ? __fget_files+0x204/0x3c0
[  496.610305][T11226]  do_futex+0x229/0x350
[  496.610346][T11226]  ? __pfx_do_futex+0x10/0x10
[  496.610386][T11226]  ? fdget+0x187/0x210
[  496.610425][T11226]  ? __sys_sendmsg+0x199/0x220
[  496.610466][T11226]  __x64_sys_futex+0x1e0/0x4c0
[  496.610512][T11226]  ? __pfx___x64_sys_futex+0x10/0x10
[  496.610554][T11226]  ? rcu_is_watching+0x12/0xc0
[  496.610600][T11226]  do_syscall_64+0xcd/0x260
[  496.610643][T11226]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  496.610671][T11226] RIP: 0033:0x7f4f20b8d169
[  496.610695][T11226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  496.610723][T11226] RSP: 002b:00007f4f21a340e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  496.610750][T11226] RAX: ffffffffffffffda RBX: 00007f4f20da5fa8 RCX: 00007f4f20b8d169
[  496.610769][T11226] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f4f20da5fa8
[  496.610786][T11226] RBP: 00007f4f20da5fa0 R08: 0000000000000000 R09: 0000000000000000
[  496.610802][T11226] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4f20da5fac
[  496.610819][T11226] R13: 0000000000000000 R14: 00007ffe8d64f5c0 R15: 00007ffe8d64f6a8
[  496.610857][T11226]  </TASK>
[  496.872555][    C0] vkms_vblank_simulate: vblank timer overrun
[  497.764184][T11238] netlink: 93 bytes leftover after parsing attributes in process `syz.3.1251'.
[  497.846370][ T5845] Bluetooth: hci0: command 0x0c1a tx timeout
[  497.859688][T11241] Invalid ELF header magic: != ELF
[  498.324346][ T5845] Bluetooth: hci1: command 0x0c1a tx timeout
[  498.324411][   T55] Bluetooth: hci3: command 0x0c1a tx timeout
[  498.331000][ T5845] Bluetooth: hci2: command 0x0c1a tx timeout
[  499.364212][T11268] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1260'.
[  499.737449][T11278] sp0: Synchronizing with TNC
[  499.928286][T11283] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1265'.
[  500.199319][T11290] netlink: zone id is out of range
[  500.226741][T11290] netlink: zone id is out of range
[  500.258551][T11290] netlink: zone id is out of range
[  500.371839][T11290] netlink: zone id is out of range
[  500.514267][T11290] netlink: zone id is out of range
[  500.613265][T11290] netlink: zone id is out of range
[  500.677429][T11290] netlink: zone id is out of range
[  500.844178][T11290] netlink: zone id is out of range
[  500.878015][T11290] netlink: zone id is out of range
[  500.904155][T11290] netlink: zone id is out of range
[  502.837106][T11324] netlink: 93 bytes leftover after parsing attributes in process `syz.1.1275'.
[  503.407706][T11333] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1279'.
[  503.740680][T11331] sp0: Synchronizing with TNC
[  504.848038][T11346] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1280'.
[  504.883127][T11346] mac80211_hwsim hwsim4 wlan1: entered allmulticast mode
[  505.727986][ T5851] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18
[  505.736087][   T30] audit: type=1800 audit(4294967689.398:7): pid=11364 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1287" name="dbroot" dev="configfs" ino=31586 res=0 errno=0
[  506.970316][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  506.981008][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  507.074606][T11378] scsi_dev_info_list_add_str: bad dev info string ')���zD���5fk+*X��#�R8��4*�
�Vs�n�dv���qQW�}���~YrȀ-8VGDƘ���L�B�%v�†�v�}�Ypq|��?�O��[��,!��7xWDr���%�[�}�E�$3?�G����9��Ff=��l�r�GH;2L<��=��|�����8�-c��F�ո��"����[v�9�q��4��Mm�vq���k��[����(i���NDС�M��XPS��q��qX4�X`V��!;r�֍���)y]�W��zfI�H0���,�������v�{q8���שU�ܹ䑉m؛�H��T��w�C��z�-��nR%�2]��x0��5o�����Օ|3>�l�S*L���/�Cdgӑ��[C=Cw�e��m)����l#�' '��'�S���.�sHgi-��TY%ܹF��*8��nFT�H����?����i{' ''
[  507.127107][    C0] vkms_vblank_simulate: vblank timer overrun
[  509.731978][T11417] vivid-007: =================  START STATUS  =================
[  509.781885][T11417] vivid-007: Generate PTS: true
[  509.799153][T11417] vivid-007: Generate SCR: true
[  509.819327][T11417] tpg source WxH: 640x360 (Y'CbCr)
[  509.836330][T11417] tpg field: 1
[  509.886856][T11417] tpg crop: (0,0)/640x360
[  509.925677][T11417] tpg compose: (0,0)/640x360
[  509.998220][T11417] tpg colorspace: 8
[  510.002492][T11417] tpg transfer function: 0/0
[  510.088303][T11417] tpg Y'CbCr encoding: 0/0
[  510.124092][T11417] tpg quantization: 0/0
[  510.164469][T11417] tpg RGB range: 0/2
[  510.224785][T11417] vivid-007: ==================  END STATUS  ==================

syzkaller
syzkaller login: [  511.967183][T11440] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1304'.
[  512.794355][T11447] random: crng reseeded on system resumption
[  513.436574][T11462] sp0: Synchronizing with TNC
[  513.687722][ T5851] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  513.687772][ T5851] Bluetooth: hci0: unexpected subevent 0x05 length: 725 > 12
[  514.234743][T11466] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1309'.
[  514.553979][ T5851] Bluetooth: hci3: unexpected event 0x1d length: 6 > 5
[  515.394952][T11482] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1315'.
[  515.764029][ T5851] Bluetooth: hci0: command 0x0c1a tx timeout
[  516.181004][T11483] netlink: 93 bytes leftover after parsing attributes in process `syz.2.1314'.
[  518.360894][ T5851] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[  519.974017][T11518] sp0: Synchronizing with TNC
[  521.132315][T11542] sp0: Synchronizing with TNC
[  521.509238][T11550] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1329'.
[  522.178049][T11567] netlink: 93 bytes leftover after parsing attributes in process `syz.1.1327'.
[  523.764563][T11585] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 3000000000
[  524.664182][T11591] sp0: Synchronizing with TNC
[  524.934472][T11600] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1341'.
[  527.528796][T11636] sp0: Synchronizing with TNC
[  528.483023][T11653] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1354'.
[  530.588542][T11690] sp0: Synchronizing with TNC
[  531.089887][T11699] FAULT_INJECTION: forcing a failure.
[  531.089887][T11699] name failslab, interval 1, probability 0, space 0, times 0
[  531.128484][T11699] CPU: 0 UID: 0 PID: 11699 Comm: syz.1.1366 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  531.128523][T11699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  531.128539][T11699] Call Trace:
[  531.128549][T11699]  <TASK>
[  531.128559][T11699]  dump_stack_lvl+0x16c/0x1f0
[  531.128605][T11699]  should_fail_ex+0x512/0x640
[  531.128635][T11699]  ? __kvmalloc_node_noprof+0x122/0x600
[  531.128678][T11699]  should_failslab+0xc2/0x120
[  531.128704][T11699]  __kvmalloc_node_noprof+0x135/0x600
[  531.128743][T11699]  ? file_tty_write.constprop.0+0x6ed/0x9b0
[  531.128929][T11699]  ? file_tty_write.constprop.0+0x6ed/0x9b0
[  531.128996][T11699]  file_tty_write.constprop.0+0x6ed/0x9b0
[  531.129053][T11699]  redirected_tty_write+0xd4/0x150
[  531.129095][T11699]  vfs_write+0x5ba/0x1180
[  531.129144][T11699]  ? __pfx_redirected_tty_write+0x10/0x10
[  531.129192][T11699]  ? __pfx_vfs_write+0x10/0x10
[  531.129225][T11699]  ? find_held_lock+0x2b/0x80
[  531.129287][T11699]  ksys_write+0x12a/0x240
[  531.129324][T11699]  ? __pfx_ksys_write+0x10/0x10
[  531.129359][T11699]  ? rcu_is_watching+0x12/0xc0
[  531.129405][T11699]  do_syscall_64+0xcd/0x260
[  531.129450][T11699]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  531.129479][T11699] RIP: 0033:0x7f4f20b8d169
[  531.129504][T11699] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  531.129531][T11699] RSP: 002b:00007f4f21a34038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  531.129559][T11699] RAX: ffffffffffffffda RBX: 00007f4f20da5fa0 RCX: 00007f4f20b8d169
[  531.129576][T11699] RDX: 0000000000000d4b RSI: 0000200000000080 RDI: 0000000000000003
[  531.129592][T11699] RBP: 00007f4f21a34090 R08: 0000000000000000 R09: 0000000000000000
[  531.129608][T11699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  531.129623][T11699] R13: 0000000000000000 R14: 00007f4f20da5fa0 R15: 00007ffe8d64f6a8
[  531.129661][T11699]  </TASK>
[  531.472646][T11708] netlink: 'syz.4.1367': attribute type 10 has an invalid length.
[  531.654011][T11708] netlink: 230 bytes leftover after parsing attributes in process `syz.4.1367'.
[  531.934828][T11708] team0: Port device team_slave_1 removed
[  532.095906][T11715] 
[  532.098550][T11715] ======================================================
[  532.106415][T11715] WARNING: possible circular locking dependency detected
[  532.114466][T11715] 6.15.0-rc1-syzkaller #0 Not tainted
[  532.120640][T11715] ------------------------------------------------------
[  532.120655][T11715] syz.1.1370/11715 is trying to acquire lock:
[  532.120669][T11715] ffffffff9012d9a8 (rtnl_mutex){+.+.}-{4:4}, at: ip_mroute_setsockopt+0x115/0x1040
[  532.120750][T11715] 
[  532.120750][T11715] but task is already holding lock:
[  532.120759][T11715] ffff88806705ad20 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x100/0xa00
[  532.120821][T11715] 
[  532.120821][T11715] which lock already depends on the new lock.
[  532.120821][T11715] 
[  532.120830][T11715] 
[  532.120830][T11715] the existing dependency chain (in reverse order) is:
[  532.120840][T11715] 
[  532.120840][T11715] -> #2 (&smc->clcsock_release_lock){+.+.}-{4:4}:
[  532.120877][T11715]        __mutex_lock+0x199/0xb90
[  532.120911][T11715]        smc_switch_to_fallback+0x2d/0x9f0
[  532.120935][T11715]        smc_sendmsg+0x13d/0x520
[  532.120956][T11715]        ____sys_sendmsg+0xa95/0xc70
[  532.120993][T11715]        ___sys_sendmsg+0x134/0x1d0
[  532.121022][T11715]        __sys_sendmsg+0x16d/0x220
[  532.121053][T11715]        do_syscall_64+0xcd/0x260
[  532.121090][T11715]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  532.121118][T11715] 
[  532.121118][T11715] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}:
[  532.121165][T11715]        lock_sock_nested+0x41/0xf0
[  532.121216][T11715]        sockopt_lock_sock+0x54/0x70
[  532.121250][T11715]        do_ip_setsockopt+0xfe/0x3240
[  532.121276][T11715]        ip_setsockopt+0x59/0xf0
[  532.121299][T11715]        sctp_setsockopt+0x169/0xb870
[  532.121328][T11715]        do_sock_setsockopt+0x221/0x470
[  532.121367][T11715]        __sys_setsockopt+0x1a0/0x230
[  532.121398][T11715]        __x64_sys_setsockopt+0xbd/0x160
[  532.121430][T11715]        do_syscall_64+0xcd/0x260
[  532.121468][T11715]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  532.121493][T11715] 
[  532.121493][T11715] -> #0 (rtnl_mutex){+.+.}-{4:4}:
[  532.121530][T11715]        __lock_acquire+0x1173/0x1ba0
[  532.121553][T11715]        lock_acquire+0x179/0x350
[  532.121576][T11715]        __mutex_lock+0x199/0xb90
[  532.121611][T11715]        ip_mroute_setsockopt+0x115/0x1040
[  532.121648][T11715]        do_ip_setsockopt+0x2ae/0x3240
[  532.121671][T11715]        ip_setsockopt+0x59/0xf0
[  532.121694][T11715]        ipv6_setsockopt+0x155/0x170
[  532.121730][T11715]        tcp_setsockopt+0xa4/0x100
[  532.121756][T11715]        smc_setsockopt+0x1b3/0xa00
[  532.121782][T11715]        do_sock_setsockopt+0x221/0x470
[  532.121821][T11715]        __sys_setsockopt+0x1a0/0x230
[  532.121851][T11715]        __x64_sys_setsockopt+0xbd/0x160
[  532.121882][T11715]        do_syscall_64+0xcd/0x260
[  532.121915][T11715]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  532.121940][T11715] 
[  532.121940][T11715] other info that might help us debug this:
[  532.121940][T11715] 
[  532.121949][T11715] Chain exists of:
[  532.121949][T11715]   rtnl_mutex --> sk_lock-AF_INET --> &smc->clcsock_release_lock
[  532.121949][T11715] 
[  532.121993][T11715]  Possible unsafe locking scenario:
[  532.121993][T11715] 
[  532.122001][T11715]        CPU0                    CPU1
[  532.122008][T11715]        ----                    ----
[  532.122016][T11715]   lock(&smc->clcsock_release_lock);
[  532.122035][T11715]                                lock(sk_lock-AF_INET);
[  532.122053][T11715]                                lock(&smc->clcsock_release_lock);
[  532.122072][T11715]   lock(rtnl_mutex);
[  532.122088][T11715] 
[  532.122088][T11715]  *** DEADLOCK ***
[  532.122088][T11715] 
[  532.122094][T11715] 1 lock held by syz.1.1370/11715:
[  532.122108][T11715]  #0: ffff88806705ad20 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x100/0xa00
[  532.122180][T11715] 
[  532.122180][T11715] stack backtrace:
[  532.122194][T11715] CPU: 1 UID: 0 PID: 11715 Comm: syz.1.1370 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full) 
[  532.122228][T11715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  532.122245][T11715] Call Trace:
[  532.122254][T11715]  <TASK>
[  532.122265][T11715]  dump_stack_lvl+0x116/0x1f0
[  532.122305][T11715]  print_circular_bug+0x275/0x350
[  532.122350][T11715]  check_noncircular+0x14c/0x170
[  532.122396][T11715]  __lock_acquire+0x1173/0x1ba0
[  532.122428][T11715]  lock_acquire+0x179/0x350
[  532.122455][T11715]  ? ip_mroute_setsockopt+0x115/0x1040
[  532.122497][T11715]  ? __pfx___might_resched+0x10/0x10
[  532.122540][T11715]  __mutex_lock+0x199/0xb90
[  532.122578][T11715]  ? ip_mroute_setsockopt+0x115/0x1040
[  532.122610][T11715]  ? lock_acquire+0x179/0x350
[  532.122632][T11715]  ? ip_mroute_setsockopt+0x115/0x1040
[  532.122664][T11715]  ? __pfx___mutex_lock+0x10/0x10
[  532.122695][T11715]  ? finish_task_switch.isra.0+0x221/0xc10
[  532.122726][T11715]  ? rcu_is_watching+0x12/0xc0
[  532.122754][T11715]  ? trace_sched_exit_tp+0xde/0x130
[  532.122790][T11715]  ? ip_mroute_setsockopt+0x115/0x1040
[  532.122820][T11715]  ? rtnl_lock+0x9/0x20
[  532.122840][T11715]  ip_mroute_setsockopt+0x115/0x1040
[  532.122871][T11715]  ? look_up_lock_class+0x59/0x150
[  532.122900][T11715]  ? 0xffffffffff600000
[  532.122919][T11715]  ? __pfx_ip_mroute_setsockopt+0x10/0x10
[  532.122953][T11715]  ? __lock_acquire+0xaa4/0x1ba0
[  532.122980][T11715]  do_ip_setsockopt+0x2ae/0x3240
[  532.123002][T11715]  ? __pfx___mutex_trylock_common+0x10/0x10
[  532.123026][T11715]  ? 0xffffffffff600000
[  532.123042][T11715]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  532.123064][T11715]  ? rcu_is_watching+0x12/0xc0
[  532.123092][T11715]  ? trace_contention_end+0xdd/0x130
[  532.123115][T11715]  ? __mutex_lock+0x1ca/0xb90
[  532.123156][T11715]  ? smc_setsockopt+0x100/0xa00
[  532.123181][T11715]  ? 0xffffffffff600000
[  532.123197][T11715]  ip_setsockopt+0x59/0xf0
[  532.123219][T11715]  ? 0xffffffffff600000
[  532.123235][T11715]  ipv6_setsockopt+0x155/0x170
[  532.123269][T11715]  ? 0xffffffffff600000
[  532.123286][T11715]  tcp_setsockopt+0xa4/0x100
[  532.123316][T11715]  smc_setsockopt+0x1b3/0xa00
[  532.123339][T11715]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  532.123377][T11715]  ? 0xffffffffff600000
[  532.123394][T11715]  ? __pfx_smc_setsockopt+0x10/0x10
[  532.123421][T11715]  ? __pfx_smc_setsockopt+0x10/0x10
[  532.123444][T11715]  do_sock_setsockopt+0x221/0x470
[  532.123478][T11715]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  532.123515][T11715]  ? 0xffffffffff600000
[  532.123533][T11715]  ? 0xffffffffff600000
[  532.123549][T11715]  __sys_setsockopt+0x1a0/0x230
[  532.123580][T11715]  __x64_sys_setsockopt+0xbd/0x160
[  532.123606][T11715]  ? do_syscall_64+0x91/0x260
[  532.123638][T11715]  ? lockdep_hardirqs_on+0x7c/0x110
[  532.123669][T11715]  do_syscall_64+0xcd/0x260
[  532.123702][T11715]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  532.123727][T11715] RIP: 0033:0x7f4f20b8d169
[  532.123746][T11715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  532.123770][T11715] RSP: 002b:00007f4f21a13038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  532.123793][T11715] RAX: ffffffffffffffda RBX: 00007f4f20da6080 RCX: 00007f4f20b8d169
[  532.123810][T11715] RDX: 00000000000000c8 RSI: 0000000000000000 RDI: 0000000000000003
[  532.123825][T11715] RBP: 00007f4f20c0e2a0 R08: 0000000000000004 R09: 0000000000000000
[  532.123839][T11715] R10: ffffffffff600000 R11: 0000000000000246 R12: 0000000000000000
[  532.123854][T11715] R13: 0000000000000000 R14: 00007f4f20da6080 R15: 00007ffe8d64f6a8
[  532.123872][T11715]  ? 0xffffffffff600000
[  532.123893][T11715]  </TASK>
[  533.869163][T11717] tty tty12: ldisc open failed (-12), clearing slot 11