last executing test programs:

11m55.213296701s ago: executing program 0 (id=1):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
rseq$auto(&(0x7f00000002c0)={0xe, 0x400, 0x0, 0x20006, 0xffffffff, 0x2}, 0xfffffff4, 0x0, 0x7)
clock_nanosleep$auto(0x1, 0x200, &(0x7f0000000140)={0x0, 0x2800000a}, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
write$auto(0x3, 0x0, 0x7fffffff)
write$auto(0x1, 0x0, 0x80000000)
rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x10006, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6)
write$auto(0x3, 0x0, 0x10001)
mmap$auto(0x0, 0x401, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8001)
socket(0xa, 0x1, 0x84)
setsockopt$auto(0x3, 0x10000000084, 0x82, 0x0, 0x8)
rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}})
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5)
r0 = socket(0x2b, 0x1, 0x1)
r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0)
ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0x10010, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r0, 0x0, 0x20000001)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="2c0000001400c7"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_MPP(r0, 0x0, 0x880)
munmap$auto(0x8000, 0xffffffff)
getrandom$auto(0x0, 0x6000000, 0x3)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4)
mmap$auto(0x0, 0x2020009, 0x3, 0x400000eb1, 0xfffffffffffffffa, 0x8000)
sysfs$auto(0x2, 0x10000000000048, 0x0)
close_range$auto(0x2, 0x8, 0x0)

11m52.672525401s ago: executing program 1 (id=16):
socket(0xa, 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x40, 0x10006, 0x0)
shutdown$auto(0x200000003, 0x2)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/platform/dummy_hcd.5/usb6/power/wakeup\x00', 0x181c82, 0x0)
read$auto_stat_fops_per_vm_kvm_main(r0, &(0x7f0000000000)=""/14, 0xe)
r1 = openat$auto_nsim_pp_hold_fops_netdev(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/netdevsim/netdevsim3/ports/3/pp_hold\x00', 0xc0b02, 0x0)
write$auto(r1, 0x0, 0xc70)
r2 = openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, &(0x7f00000004c0), 0x101202, 0x0)
write$auto_nvmf_dev_fops_fabrics(r2, 0x0, 0x0)
prctl$auto(0x39, 0x1, 0x0, 0x0, 0x0)
write$auto(0xca, 0x0, 0x9)
bpf$auto(0x0, 0x0, 0xa3)

11m52.392652044s ago: executing program 0 (id=17):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda1\x00', 0xa4e00, 0x0)
ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x89b0, &(0x7f0000000140)={'bridge0\x00', <r3=>0x0})
r4 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000500), r1)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000540)={'pimreg0\x00', <r5=>0x0})
r6 = semctl$auto_SETVAL(0x9, 0x0, 0x10, 0x8)
sendmsg$auto_OVS_VPORT_CMD_DEL(r1, &(0x7f0000000ac0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000a80)={&(0x7f0000000580)={0x4a0, r4, 0x200, 0xc, 0x25dfdbfe, {}, [@OVS_VPORT_ATTR_TYPE={0x8, 0x2, 0x7fffffff}, @OVS_VPORT_ATTR_NETNSID={0x8, 0x9, 0x8}, @OVS_VPORT_ATTR_TYPE={0x8, 0x2, 0xc9c0}, @OVS_VPORT_ATTR_IFINDEX={0x8, 0x8, r5}, @OVS_VPORT_ATTR_OPTIONS={0x314, 0x4, 0x0, 0x1, [@generic="b6fabc2a77108566032687700cf2f1d86a3ede2ac316fcf680c4b1c0bad39f6f7710f4b23d37d6fa25f8d63a736d4496bebf8dce023b28bf3df2e383980783cc00b2b315884abc2dedd6a1d0b8ae1cfd0496732ce05f4b65aabc3a05fe5519d002b656a8f4d1d25bd6b2d7a8bd697ee97903f09fde4298fbfb8077069cdc96db4d0f5e4fa4ac2b53fdb8b6e6fe339982cf7dfb5086304d4dcfa59c5075adad5815461f173bbdf6307f9b1c48d8a22e703857c7d18c84bbde728b0d5e", @typed={0x8, 0xcf, 0x0, 0x0, @ipv4=@local}, @typed={0x4, 0x3b}, @generic="aeac0ee03bf6aa2502d761a720742de05a5fb56724373b13716333dfdf3c9eb90fb7096d1a1616bd4f168c4ea592b1bccaab681d3764d88085f2998661aedebb022a6ea68a173f26b2cc0bbbd7f537e70e234e3ee994db879123beaac67c8c50d072a361e590bb8dfac6176235f407d80d36ec74019edb0b557bd86b1408813a57dfd2021eefd6eddd35eb6186", @nested={0xfd, 0xad, 0x0, 0x1, [@nested={0x4, 0x6a}, @nested={0x4, 0xcf}, @nested={0x4, 0xff}, @typed={0xc, 0x108, 0x0, 0x0, @u64=0x5}, @typed={0x8, 0x5d, 0x0, 0x0, @uid=0xffffffffffffffff}, @typed={0xc, 0xfb, 0x0, 0x0, @str='nl80211\x00'}, @typed={0x8, 0x37, 0x0, 0x0, @pid=r6}, @generic="3f72706d9525d5aa433e29d95c3c72eacd32c7ec51a9e530c9ba678e659dde488d0eb0953a9b3d39d05a735489cc328a079e8eb0f9c7667f3f63193cac429e2828a2a05e6f5ba1c85a5d80780932b6b35a72a58834fec24637607d22905d5abb48973116e23b701d51174d8590", @typed={0x43, 0x130, 0x0, 0x0, @binary="6f3b90f14649d0ab6d5dcd01b0f331e2e24a4639d2fca040000aa500c9be446fd39ea73b770d76acc5f3783ada39b92029c25c5894640c143bdbd6b47ba84c"}, @typed={0x14, 0x7, 0x0, 0x0, @ipv6=@mcast2}]}, @generic="1a3a634cfbf642a42db866604fc2597bb306e43d926c599ee0d685856cdbe1eec1a5db94a1d124941ea189f2a637346cabe632dd50f7c5e8269bf5b013c7bca3a95688cfb35e8aac2a8c5655466087017b8badaa41940453700c8757bbd718f94dd48026607d3c80960c4a8694129380f3b87fefb5ef720b271d0a33cecc12c64a8d7e95d24da478c0167b15f63ab8df2d7157edee6de309bc13defee4f170352cfd7870d105e748a230e1", @nested={0x10, 0x139, 0x0, 0x1, [@typed={0xc, 0x3c, 0x0, 0x0, @u64=0xffffffffffffffff}]}]}, @OVS_VPORT_ATTR_UPCALL_PID={0x103, 0x5, "cca6fe5a68386a37fccefe33942fb43e0fddb769f7ef11d0de94abbdf9b6b9d2b1fa0b83c18cde35f29a276a63ba70b7b428410604aa0efc3f1a2964013242ddf9f8ec320dbc28f99567f3fb50efb2b68bf9cbd4028be130018c7b6417e4c0b4088c369efdc9bbf504fabd0843ba3a9e95c0bf541f14151ba05b241fb65935b3a143a7b94c80d5d20a45057f819b22e4e06ab25d42626bc52038dead912cdac1836ca15166333e5e531783644de2ef295e77643599aa5f90d8eee447811a6a214aae434cdd11080c7529a4d4b397553d62ba402c7f21fa2e2903090e1e6a923092839c6f519370f786d6741f0ee2be735762112ce807767abda33eb999513a"}, @OVS_VPORT_ATTR_IFINDEX={0x8, 0x8, r3}, @OVS_VPORT_ATTR_UPCALL_PID={0x49, 0x5, "a4a51ff6695ab3fc9d764b37a9d5e710d70114edf087b000550b3216d898ca83d4f922e6165c5b6ca619993f961dad07e8291d15770360805e15e17cad95bea01318627f65"}]}, 0x4a0}, 0x1, 0x0, 0x0, 0x54}, 0x40400c0)
openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0)
bpf$auto(0x6, 0xffffffffffffffff, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socketpair$auto(0xfff, 0x5, 0x10, 0x0)
ioprio_set$auto(0x3, 0x0, 0x4b34)
socket(0x15, 0x5, 0x0)
madvise$auto(0x1ffff000, 0x7, 0x100000000)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
sysfs$auto(0x2, 0x4d, 0x0)
syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2)
clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6)
mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
pselect6$auto(0xffffffff, 0x0, &(0x7f0000000180)={[0x182, 0x9bbb, 0x0, 0x3, 0x58, 0xb5, 0x8, 0x400, 0x6, 0x4, 0x7ff, 0xa5, 0x2, 0x7dde, 0xed1b, 0x8c5]}, 0x0, 0x0, 0x0)
flock$auto(0x6, 0x1)

11m52.103322341s ago: executing program 32 (id=17):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda1\x00', 0xa4e00, 0x0)
ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x89b0, &(0x7f0000000140)={'bridge0\x00', <r3=>0x0})
r4 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000500), r1)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000540)={'pimreg0\x00', <r5=>0x0})
r6 = semctl$auto_SETVAL(0x9, 0x0, 0x10, 0x8)
sendmsg$auto_OVS_VPORT_CMD_DEL(r1, &(0x7f0000000ac0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000a80)={&(0x7f0000000580)={0x4a0, r4, 0x200, 0xc, 0x25dfdbfe, {}, [@OVS_VPORT_ATTR_TYPE={0x8, 0x2, 0x7fffffff}, @OVS_VPORT_ATTR_NETNSID={0x8, 0x9, 0x8}, @OVS_VPORT_ATTR_TYPE={0x8, 0x2, 0xc9c0}, @OVS_VPORT_ATTR_IFINDEX={0x8, 0x8, r5}, @OVS_VPORT_ATTR_OPTIONS={0x314, 0x4, 0x0, 0x1, [@generic="b6fabc2a77108566032687700cf2f1d86a3ede2ac316fcf680c4b1c0bad39f6f7710f4b23d37d6fa25f8d63a736d4496bebf8dce023b28bf3df2e383980783cc00b2b315884abc2dedd6a1d0b8ae1cfd0496732ce05f4b65aabc3a05fe5519d002b656a8f4d1d25bd6b2d7a8bd697ee97903f09fde4298fbfb8077069cdc96db4d0f5e4fa4ac2b53fdb8b6e6fe339982cf7dfb5086304d4dcfa59c5075adad5815461f173bbdf6307f9b1c48d8a22e703857c7d18c84bbde728b0d5e", @typed={0x8, 0xcf, 0x0, 0x0, @ipv4=@local}, @typed={0x4, 0x3b}, @generic="aeac0ee03bf6aa2502d761a720742de05a5fb56724373b13716333dfdf3c9eb90fb7096d1a1616bd4f168c4ea592b1bccaab681d3764d88085f2998661aedebb022a6ea68a173f26b2cc0bbbd7f537e70e234e3ee994db879123beaac67c8c50d072a361e590bb8dfac6176235f407d80d36ec74019edb0b557bd86b1408813a57dfd2021eefd6eddd35eb6186", @nested={0xfd, 0xad, 0x0, 0x1, [@nested={0x4, 0x6a}, @nested={0x4, 0xcf}, @nested={0x4, 0xff}, @typed={0xc, 0x108, 0x0, 0x0, @u64=0x5}, @typed={0x8, 0x5d, 0x0, 0x0, @uid=0xffffffffffffffff}, @typed={0xc, 0xfb, 0x0, 0x0, @str='nl80211\x00'}, @typed={0x8, 0x37, 0x0, 0x0, @pid=r6}, @generic="3f72706d9525d5aa433e29d95c3c72eacd32c7ec51a9e530c9ba678e659dde488d0eb0953a9b3d39d05a735489cc328a079e8eb0f9c7667f3f63193cac429e2828a2a05e6f5ba1c85a5d80780932b6b35a72a58834fec24637607d22905d5abb48973116e23b701d51174d8590", @typed={0x43, 0x130, 0x0, 0x0, @binary="6f3b90f14649d0ab6d5dcd01b0f331e2e24a4639d2fca040000aa500c9be446fd39ea73b770d76acc5f3783ada39b92029c25c5894640c143bdbd6b47ba84c"}, @typed={0x14, 0x7, 0x0, 0x0, @ipv6=@mcast2}]}, @generic="1a3a634cfbf642a42db866604fc2597bb306e43d926c599ee0d685856cdbe1eec1a5db94a1d124941ea189f2a637346cabe632dd50f7c5e8269bf5b013c7bca3a95688cfb35e8aac2a8c5655466087017b8badaa41940453700c8757bbd718f94dd48026607d3c80960c4a8694129380f3b87fefb5ef720b271d0a33cecc12c64a8d7e95d24da478c0167b15f63ab8df2d7157edee6de309bc13defee4f170352cfd7870d105e748a230e1", @nested={0x10, 0x139, 0x0, 0x1, [@typed={0xc, 0x3c, 0x0, 0x0, @u64=0xffffffffffffffff}]}]}, @OVS_VPORT_ATTR_UPCALL_PID={0x103, 0x5, "cca6fe5a68386a37fccefe33942fb43e0fddb769f7ef11d0de94abbdf9b6b9d2b1fa0b83c18cde35f29a276a63ba70b7b428410604aa0efc3f1a2964013242ddf9f8ec320dbc28f99567f3fb50efb2b68bf9cbd4028be130018c7b6417e4c0b4088c369efdc9bbf504fabd0843ba3a9e95c0bf541f14151ba05b241fb65935b3a143a7b94c80d5d20a45057f819b22e4e06ab25d42626bc52038dead912cdac1836ca15166333e5e531783644de2ef295e77643599aa5f90d8eee447811a6a214aae434cdd11080c7529a4d4b397553d62ba402c7f21fa2e2903090e1e6a923092839c6f519370f786d6741f0ee2be735762112ce807767abda33eb999513a"}, @OVS_VPORT_ATTR_IFINDEX={0x8, 0x8, r3}, @OVS_VPORT_ATTR_UPCALL_PID={0x49, 0x5, "a4a51ff6695ab3fc9d764b37a9d5e710d70114edf087b000550b3216d898ca83d4f922e6165c5b6ca619993f961dad07e8291d15770360805e15e17cad95bea01318627f65"}]}, 0x4a0}, 0x1, 0x0, 0x0, 0x54}, 0x40400c0)
openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0)
bpf$auto(0x6, 0xffffffffffffffff, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socketpair$auto(0xfff, 0x5, 0x10, 0x0)
ioprio_set$auto(0x3, 0x0, 0x4b34)
socket(0x15, 0x5, 0x0)
madvise$auto(0x1ffff000, 0x7, 0x100000000)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
sysfs$auto(0x2, 0x4d, 0x0)
syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2)
clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6)
mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
pselect6$auto(0xffffffff, 0x0, &(0x7f0000000180)={[0x182, 0x9bbb, 0x0, 0x3, 0x58, 0xb5, 0x8, 0x400, 0x6, 0x4, 0x7ff, 0xa5, 0x2, 0x7dde, 0xed1b, 0x8c5]}, 0x0, 0x0, 0x0)
flock$auto(0x6, 0x1)

11m52.096221094s ago: executing program 1 (id=20):
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8000, 0x0)
socket(0x2, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_CREATE_VM(r0, 0x4048aecb, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)

11m51.734849095s ago: executing program 1 (id=22):
mmap$auto(0x0, 0x400008, 0xe3, 0x9b72, 0xffffffffffffffff, 0x8000)
io_uring_setup$auto(0x6, 0x0)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x82002, 0x0)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
write$auto(r0, 0x0, 0x1)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6)
migrate_pages$auto(0x0, 0x4, 0x0, 0x0)
write$auto(0x1, 0x0, 0x80000000)
ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0)
io_setup$auto(0xa7c9, &(0x7f0000000000))
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x840, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x81, 0x0)
ioctl$auto_BLKDISCARD(r1, 0x1277, 0x0)
r2 = syz_clone(0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$auto(0x10, r2, 0x7, 0x7)
wait4$auto(r2, 0x0, 0x0, 0x0)
getpgrp(r2)
io_setup$auto(0x5, &(0x7f0000000100)=0x80)
ptrace$auto_PTRACE_SETREGSET(0x4205, r2, 0x5, 0x5)
mmap$auto(0x400000000000, 0x2000b, 0x0, 0xeb2, 0x401, 0x8000)
socket(0x18, 0x2, 0x0)
landlock_create_ruleset$auto(0x0, 0xf4, 0x0)
readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7fffffffefff}, 0x7)
io_setup$auto(0x7ffe, &(0x7f0000000040))
socket(0xa, 0x801, 0x84)

11m50.589826065s ago: executing program 1 (id=23):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
statmount$auto(0x0, &(0x7f0000000180)={0x8000008, 0x1, 0x38a1, 0x3, 0x26, 0x940, 0x1ffde, 0x3, 0x6, 0x902c, 0x29, 0x400005, 0x3, 0x4, 0xb0, 0x8, 0x9, 0x3, 0x5, 0x6, 0x0, 0xffffffff, 0xfffffffe, 0x0, 0x0, 0x0, [0x3, 0x3, 0x200000000, 0x400000000, 0x0, 0x3903, 0x0, 0x4, 0x3, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xffffffeffffffffe, 0x4, 0x0, 0xceb, 0x0, 0xfffffffffffffffc, 0x0, 0x1, 0x96f, 0xffffffffffffffff, 0x2, 0x4001, 0x3, 0x0, 0xb548, 0x8, 0x1, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x3]}, 0xfffff7fffffffffa, 0x81)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
ioctl$auto(0xffffffffffffffff, 0xc0285443, 0x0)
read$auto(r1, 0x0, 0x20)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
sendmmsg$auto(r2, 0x0, 0x40, 0x80000001)
madvise$auto(0x110c230000, 0x31ca, 0x9)
socket(0x1d, 0x3, 0x1)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0xfffff4a4, 0x0, 0xfffffffffffffffd)
r3 = socket(0xb, 0x3, 0xd)
bpf$auto(0x0, &(0x7f0000000080)=@bpf_attr_4={0x1e, r3, 0xffffffff, <r4=>0xffffffffffffffff}, 0xd)
bpf$auto(0x3, &(0x7f0000000080)=@bpf_attr_3={0x5, 0x0, 0x702955be, 0x8, 0x4, 0x5, 0x80, 0xe1, 0x2, "0566c8ee7c78a925488276d7697a12bd", 0x0, 0x5, r4, 0x7, 0x9, 0x4, 0x7, 0x10000, 0x0, 0x8801, @attach_btf_obj_fd, 0x7e, 0x4, 0x1, 0x5, 0x3, r0}, 0x80)
msgrcv$auto(0x9, &(0x7f0000000000)={0x2, 0x6}, 0xfffffffffffffffc, 0x7, 0x8)
openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cec24\x00', 0x1250c0, 0x0)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
msgrcv$auto(0xffffee2e, &(0x7f0000000040)={0x10000, 0x1}, 0x1ff, 0x5, 0x7fffffff)
openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000c40)='/sys/kernel/config/nullb/features\x00', 0x200001, 0x0)
write$auto(0xc8, 0x0, 0x4040f6)

11m49.582896065s ago: executing program 1 (id=26):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
rseq$auto(&(0x7f00000002c0)={0xe, 0x400, 0x0, 0x20006, 0xffffffff, 0x2}, 0xfffffff4, 0x0, 0x7)
clock_nanosleep$auto(0x1, 0x200, &(0x7f0000000140)={0x0, 0x2800000a}, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
write$auto(0x3, 0x0, 0x7fffffff)
write$auto(0x1, 0x0, 0x80000000)
rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x10006, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6)
write$auto(0x3, 0x0, 0x10001)
mmap$auto(0x0, 0x401, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8001)
socket(0xa, 0x1, 0x84)
setsockopt$auto(0x3, 0x10000000084, 0x82, 0x0, 0x8)
rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}})
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5)
r0 = socket(0x2b, 0x1, 0x1)
r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0)
ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0x10010, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r0, 0x0, 0x20000001)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="2c0000001400c7"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_MPP(r0, 0x0, 0x880)
munmap$auto(0x8000, 0xffffffff)
getrandom$auto(0x0, 0x6000000, 0x3)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4)
mmap$auto(0x0, 0x2020009, 0x3, 0x400000eb1, 0xfffffffffffffffa, 0x8000)
sysfs$auto(0x2, 0x10000000000048, 0x0)
close_range$auto(0x2, 0x8, 0x0)

11m47.035812916s ago: executing program 1 (id=33):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
statmount$auto(0x0, &(0x7f0000000180)={0x8000008, 0x1, 0x38a1, 0x3, 0x26, 0x940, 0x1ffde, 0x3, 0x6, 0x902c, 0x29, 0x400005, 0x3, 0x4, 0xb0, 0x8, 0x9, 0x3, 0x5, 0x6, 0x0, 0xffffffff, 0xfffffffe, 0x0, 0x0, 0x0, [0x3, 0x3, 0x200000000, 0x400000000, 0x0, 0x3903, 0x0, 0x4, 0x3, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xffffffeffffffffe, 0x4, 0x0, 0xceb, 0x0, 0xfffffffffffffffc, 0x0, 0x1, 0x96f, 0xffffffffffffffff, 0x2, 0x4001, 0x3, 0x0, 0xb548, 0x8, 0x1, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x3]}, 0xfffff7fffffffffa, 0x81)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
ioctl$auto(0xffffffffffffffff, 0xc0285443, 0x0)
read$auto(r1, 0x0, 0x20)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
sendmmsg$auto(r2, 0x0, 0x40, 0x80000001)
madvise$auto(0x110c230000, 0x31ca, 0x9)
socket(0x1d, 0x3, 0x1)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0xfffff4a4, 0x0, 0xfffffffffffffffd)
r3 = socket(0xb, 0x3, 0xd)
bpf$auto(0x0, &(0x7f0000000080)=@bpf_attr_4={0x1e, r3, 0xffffffff, <r4=>0xffffffffffffffff}, 0xd)
bpf$auto(0x3, &(0x7f0000000080)=@bpf_attr_3={0x5, 0x0, 0x702955be, 0x8, 0x4, 0x5, 0x80, 0xe1, 0x2, "0566c8ee7c78a925488276d7697a12bd", 0x0, 0x5, r4, 0x7, 0x9, 0x4, 0x7, 0x10000, 0x0, 0x8801, @attach_btf_obj_fd, 0x7e, 0x4, 0x1, 0x5, 0x3, r0}, 0x80)
msgrcv$auto(0x9, &(0x7f0000000000)={0x2, 0x6}, 0xfffffffffffffffc, 0x7, 0x8)
openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cec24\x00', 0x1250c0, 0x0)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
msgrcv$auto(0xffffee2e, &(0x7f0000000040)={0x10000, 0x1}, 0x1ff, 0x5, 0x7fffffff)
openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000c40)='/sys/kernel/config/nullb/features\x00', 0x200001, 0x0)
write$auto(0xc8, 0x0, 0x4040f6)

11m46.60521794s ago: executing program 33 (id=33):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
statmount$auto(0x0, &(0x7f0000000180)={0x8000008, 0x1, 0x38a1, 0x3, 0x26, 0x940, 0x1ffde, 0x3, 0x6, 0x902c, 0x29, 0x400005, 0x3, 0x4, 0xb0, 0x8, 0x9, 0x3, 0x5, 0x6, 0x0, 0xffffffff, 0xfffffffe, 0x0, 0x0, 0x0, [0x3, 0x3, 0x200000000, 0x400000000, 0x0, 0x3903, 0x0, 0x4, 0x3, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xffffffeffffffffe, 0x4, 0x0, 0xceb, 0x0, 0xfffffffffffffffc, 0x0, 0x1, 0x96f, 0xffffffffffffffff, 0x2, 0x4001, 0x3, 0x0, 0xb548, 0x8, 0x1, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x3]}, 0xfffff7fffffffffa, 0x81)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
ioctl$auto(0xffffffffffffffff, 0xc0285443, 0x0)
read$auto(r1, 0x0, 0x20)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
sendmmsg$auto(r2, 0x0, 0x40, 0x80000001)
madvise$auto(0x110c230000, 0x31ca, 0x9)
socket(0x1d, 0x3, 0x1)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0xfffff4a4, 0x0, 0xfffffffffffffffd)
r3 = socket(0xb, 0x3, 0xd)
bpf$auto(0x0, &(0x7f0000000080)=@bpf_attr_4={0x1e, r3, 0xffffffff, <r4=>0xffffffffffffffff}, 0xd)
bpf$auto(0x3, &(0x7f0000000080)=@bpf_attr_3={0x5, 0x0, 0x702955be, 0x8, 0x4, 0x5, 0x80, 0xe1, 0x2, "0566c8ee7c78a925488276d7697a12bd", 0x0, 0x5, r4, 0x7, 0x9, 0x4, 0x7, 0x10000, 0x0, 0x8801, @attach_btf_obj_fd, 0x7e, 0x4, 0x1, 0x5, 0x3, r0}, 0x80)
msgrcv$auto(0x9, &(0x7f0000000000)={0x2, 0x6}, 0xfffffffffffffffc, 0x7, 0x8)
openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cec24\x00', 0x1250c0, 0x0)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
msgrcv$auto(0xffffee2e, &(0x7f0000000040)={0x10000, 0x1}, 0x1ff, 0x5, 0x7fffffff)
openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000c40)='/sys/kernel/config/nullb/features\x00', 0x200001, 0x0)
write$auto(0xc8, 0x0, 0x4040f6)

48.719805926s ago: executing program 5 (id=2691):
socket(0x2b, 0x1, 0x1)
socket(0xa, 0x5, 0x0)
setsockopt$auto(0x3, 0x10000000084, 0x1f, 0x0, 0x3ff)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/trace_pipe\x00', 0x2000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
setrlimit$auto(0xb, 0x0)
timer_create$auto(0x3, 0x0, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB="2f212abd"], 0x14}}, 0x4000000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000340)='/dev/snd/midiC2D3\x00', 0x2001, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000180)={[0x1ff, 0xd5b, 0xc, 0x37, 0x948a, 0x2, 0x15f4da0a, 0x1, 0x3, 0x300000000000600, 0x40080000001, 0x7, 0x6d3c, 0x5, 0x9]}, 0x0)
getsockopt$auto(0xffffffffffffffff, 0x0, 0x30, 0x0, &(0x7f0000000040)=0xdbb)
close_range$auto(0x2, 0x8, 0x0)
ioctl$auto(0x3, 0xae41, 0xffffffffffffffff)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x400005, 0xffffffffffeffffe, 0x9b72, 0xc76, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
unshare$auto(0x40000080)

47.549408359s ago: executing program 5 (id=2696):
r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$auto_UI_BEGIN_FF_ERASE(r0, 0xc00c55ca, &(0x7f0000000000)={0x8, 0x5, 0x5})
open(0x0, 0x161342, 0x100)
rseq$auto(0x0, 0x8000, 0x0, 0x6)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
mmap$auto(0x4, 0x20005, 0x4000000000df, 0x8000000000000014, 0xffffffffffffffff, 0x8000)
mmap$auto(0x9, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio\x00', 0x545040, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0x800010, 0xfffffffffffffffa, 0x7ffc)
connect$auto(0xffffffffffffffff, &(0x7f0000000140)=@qipcrtr={0x2a, 0x1, 0x3fff}, 0x57)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0x80000, 0x1)
sendmmsg$auto(0xffffffffffffffff, &(0x7f00000001c0)={{0x0, 0x5aa, 0x0, 0x5, 0x0, 0x5, 0x1000}, 0x5}, 0x2, 0x100)
mmap$auto(0x0, 0x4, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r1 = bpf$auto(0x16, 0xffffffffffffffff, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/platform/vhci_hcd.13/usb35/35-0:1.0/usb35-port5/over_current_count\x00', 0x10b003, 0x0)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, 0x0, 0x50)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_TCP_METRICS_CMD_DEL(r1, 0x0, 0x2004c0c1)
syz_genetlink_get_family_id$auto_nl80211(0x0, r2)
sendmsg$auto_NL80211_CMD_DEL_INTERFACE(0xffffffffffffffff, 0x0, 0x20000800)
read$auto(r0, 0x0, 0xbb)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x40, 0x0)
ioctl$auto_SNDRV_PCM_IOCTL_DROP2(r1, 0x4143, 0x0)
writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x3}, 0x1000000080003)
mmap$auto(0x0, 0x820006, 0xa, 0xffffffffffffffff, 0x401, 0x7)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyS3\x00', 0x2004c0, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0)
keyctl$auto(0x8, 0xfffffffffffffffd, 0xffffffffffffffff, 0x5092, 0x2)

46.39999329s ago: executing program 5 (id=2701):
syz_genetlink_get_family_id$auto_ovs_flow(0x0, 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
epoll_ctl$auto(0xffffffffffffffff, 0x2, r0, &(0x7f0000000080)={0x3, 0x1})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_seg6(&(0x7f00000003c0), 0xffffffffffffffff)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
socket(0x2, 0x1, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
r4 = socket(0x2, 0x80802, 0x0)
setsockopt$auto(r4, 0x11, 0x67, 0x0, 0x8)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
connect$auto(0x3, &(0x7f0000000140), 0x55)
socket(0x10, 0x2, 0x0)
socket(0x10, 0x2, 0x4)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
sendmsg$auto_BATADV_CMD_GET_HARDIF(r3, 0x0, 0x4008000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
sendmsg$auto_SEG6_CMD_SET_TUNSRC(r1, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000000040)={0x28, r2, 0x11, 0x70bd26, 0x25dfdbff, {}, [@SEG6_ATTR_DST={0x14, 0x1, @mcast1}]}, 0x28}, 0x1, 0x0, 0x0, 0x10}, 0x44892)
sendmsg$auto_SEG6_CMD_GET_TUNSRC(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r2, 0x0, 0x70bd2b, 0x25dfdbfb, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x5}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x40804}, 0x48894)
getpid()

45.693691934s ago: executing program 5 (id=2704):
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2c, 0x3, 0x0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffc, 0xd6, 0x1, 0x6, 0x0, 0x1, 0x368e, 0xffffffffffffffff, {0x100000000, 0x10000}, 0x5, 0x9, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000005, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948f, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x1, 0x7, 0x6d3f, 0x9, 0x4, 0xfffffffffffffffd]}, 0x0)
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x20600, 0x0)
mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0xeb1, 0xffffffffffffffff, 0x8000)
ioctl$auto___SNDRV_PCM_IOCTL_SYNC_PTR64(0xffffffffffffffff, 0xc0884123, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mount_setattr$auto(0x0, 0xfffffffffffffffe, 0x100, 0x0, 0x20)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
ioctl$auto__ctl_fops_dm_ioctl(r2, 0xfffffff7effffd05, &(0x7f00000001c0))
r3 = socket(0x1d, 0x2, 0x6)
r4 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r5=>0x0})
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r5, 0xfd}, 0x6a)
write$auto(r3, 0x0, 0xa3d9)
ioctl$auto(0x3, 0x4020ae76, 0x38)

44.629346099s ago: executing program 5 (id=2706):
socket(0x2b, 0x1, 0x1)
socket(0xa, 0x5, 0x0)
setsockopt$auto(0x3, 0x10000000084, 0x1f, 0x0, 0x3ff)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/trace_pipe\x00', 0x2000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
setrlimit$auto(0xb, 0x0)
timer_create$auto(0x3, 0x0, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB="2f212abd"], 0x14}}, 0x4000000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000340)='/dev/snd/midiC2D3\x00', 0x2001, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000180)={[0x1ff, 0xd5b, 0xc, 0x37, 0x948a, 0x2, 0x15f4da0a, 0x1, 0x3, 0x300000000000600, 0x40080000001, 0x7, 0x6d3c, 0x5, 0x9]}, 0x0)
getsockopt$auto(0xffffffffffffffff, 0x0, 0x30, 0x0, &(0x7f0000000040)=0xdbb)
close_range$auto(0x2, 0x8, 0x0)
ioctl$auto(0x3, 0xae41, 0xffffffffffffffff)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x400005, 0xffffffffffeffffe, 0x9b72, 0xc76, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
unshare$auto(0x40000080)

43.576054533s ago: executing program 5 (id=2709):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x2, 0xc, 0x1, 0xeb5, 0x401, 0x10000008000)
close_range$auto(0x2, 0x8000, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(r0, 0x18, &(0x7f00000003c0), 0x0)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_allowed_congestion_control\x00', 0x0, 0x0)
kexec_load$auto(0x5, 0x8000000000000000, &(0x7f0000000400)={@buf=&(0x7f00000003c0), 0x2, 0x1ff, 0xfa5}, 0x7)
ioctl$auto_COMEDI_CHANINFO(r0, 0x80306403, &(0x7f0000000140)={0x1000, &(0x7f0000000000)=0x5, &(0x7f0000000040)=0xc51, &(0x7f00000003c0)=0xffff0000})
read$auto_proc_sys_file_operations_proc_sysctl(r1, 0x0, 0x0)
setreuid$auto(0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r2 = socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xb8, 0x100000000, 0x8, 0x1b, 0x940, 0x1ffdc, 0x3, 0x2000000000000006, 0x2, 0x9, 0x5, 0xffffffffffffffff, 0x8001, 0xae, 0x9, 0x922, 0x7, 0x5, 0x5, 0x3, 0xfffffffe, 0x10000000, 0x200, 0x0, 0x8000, [0x0, 0x4, 0x0, 0xffffffffeffffffd, 0x2, 0x0, 0x0, 0x3, 0x80000001, 0x0, 0x6, 0x7fffffff, 0x0, 0x0, 0x0, 0x1, 0x7fffffff, 0x8, 0x1, 0x400200, 0x0, 0x7990, 0x400000000000000, 0x0, 0x8000000000000000, 0x80000000000000, 0x2, 0x3ffffffd, 0x0, 0xfffffffffffffbfe, 0x0, 0x0, 0x5, 0x0, 0xfffffffffffffffe, 0x8, 0xfffffffffffffffe, 0x80000000, 0x0, 0xd, 0x0, 0x8, 0x0, 0xfffffffffffffffd, 0x80000001, 0x8000000000000000]}, 0x1fe, 0x81)
sendmsg$auto_NL80211_CMD_EXTERNAL_AUTH(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a', @ANYRES16=0x0, @ANYBLOB="10002cbd7000fedbdf257f0000000600960012ff00000800a50001000000"], 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x10)
r3 = openat$auto_adf_ctl_ops_adf_ctl_drv(0xffffffffffffff9c, 0x0, 0x82201, 0x0)
semctl$auto(0x7ff, 0x44a, 0xff, 0xffffffff)
ioctl$auto_IOCTL_STOP_ACCEL_DEV(r3, 0x40096101, 0x0)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000004180)='/dev/snd/controlC1\x00', 0x28180, 0x0)
ioctl$auto(0x3, 0x400454ca, 0x38)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
write$auto(0x3, 0x0, 0xfdef)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xdc5e}, 0x800}, 0x7, 0x4008)
mmap$auto(0x0, 0x9, 0xc00000072, 0x8b72, 0x1000000002, 0x8000)

28.401039571s ago: executing program 34 (id=2709):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x2, 0xc, 0x1, 0xeb5, 0x401, 0x10000008000)
close_range$auto(0x2, 0x8000, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(r0, 0x18, &(0x7f00000003c0), 0x0)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_allowed_congestion_control\x00', 0x0, 0x0)
kexec_load$auto(0x5, 0x8000000000000000, &(0x7f0000000400)={@buf=&(0x7f00000003c0), 0x2, 0x1ff, 0xfa5}, 0x7)
ioctl$auto_COMEDI_CHANINFO(r0, 0x80306403, &(0x7f0000000140)={0x1000, &(0x7f0000000000)=0x5, &(0x7f0000000040)=0xc51, &(0x7f00000003c0)=0xffff0000})
read$auto_proc_sys_file_operations_proc_sysctl(r1, 0x0, 0x0)
setreuid$auto(0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r2 = socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xb8, 0x100000000, 0x8, 0x1b, 0x940, 0x1ffdc, 0x3, 0x2000000000000006, 0x2, 0x9, 0x5, 0xffffffffffffffff, 0x8001, 0xae, 0x9, 0x922, 0x7, 0x5, 0x5, 0x3, 0xfffffffe, 0x10000000, 0x200, 0x0, 0x8000, [0x0, 0x4, 0x0, 0xffffffffeffffffd, 0x2, 0x0, 0x0, 0x3, 0x80000001, 0x0, 0x6, 0x7fffffff, 0x0, 0x0, 0x0, 0x1, 0x7fffffff, 0x8, 0x1, 0x400200, 0x0, 0x7990, 0x400000000000000, 0x0, 0x8000000000000000, 0x80000000000000, 0x2, 0x3ffffffd, 0x0, 0xfffffffffffffbfe, 0x0, 0x0, 0x5, 0x0, 0xfffffffffffffffe, 0x8, 0xfffffffffffffffe, 0x80000000, 0x0, 0xd, 0x0, 0x8, 0x0, 0xfffffffffffffffd, 0x80000001, 0x8000000000000000]}, 0x1fe, 0x81)
sendmsg$auto_NL80211_CMD_EXTERNAL_AUTH(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a', @ANYRES16=0x0, @ANYBLOB="10002cbd7000fedbdf257f0000000600960012ff00000800a50001000000"], 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x10)
r3 = openat$auto_adf_ctl_ops_adf_ctl_drv(0xffffffffffffff9c, 0x0, 0x82201, 0x0)
semctl$auto(0x7ff, 0x44a, 0xff, 0xffffffff)
ioctl$auto_IOCTL_STOP_ACCEL_DEV(r3, 0x40096101, 0x0)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000004180)='/dev/snd/controlC1\x00', 0x28180, 0x0)
ioctl$auto(0x3, 0x400454ca, 0x38)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
write$auto(0x3, 0x0, 0xfdef)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xdc5e}, 0x800}, 0x7, 0x4008)
mmap$auto(0x0, 0x9, 0xc00000072, 0x8b72, 0x1000000002, 0x8000)

7.663414277s ago: executing program 4 (id=2836):
r0 = socket(0x2, 0x3, 0x1)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x40008000)
io_uring_setup$auto(0x6, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
connect$auto(r0, &(0x7f0000000000), 0x55)
sendmsg$auto_IPVS_CMD_SET_DEST(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040000}, 0x4000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
setsockopt$auto(0x3, 0x0, 0x21, 0x0, 0x28)
sendmmsg$auto(0x3, &(0x7f0000000040)={{0x0, 0x2, &(0x7f0000000080)={0x0, 0x1}, 0x10a, 0x0, 0xf401, 0x3ff}, 0xed7138c}, 0x200, 0x0)

6.898516716s ago: executing program 4 (id=2844):
r0 = openat$auto_ptdump_curusr_fops_(0xffffffffffffff9c, &(0x7f00000000c0), 0xc0, 0x0)
read$auto_ptdump_curusr_fops_(r0, &(0x7f0000000280)=""/4096, 0x1000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x8, 0xe)
socket(0x1, 0x6, 0x9)
memfd_create$auto(&(0x7f0000000040)='A^^\x02\x00\xef\x97\x8aY\x00\x00\xd2\x8c\xb05\x03\\\xb2\xbf247{\xde\t8\f\x00\x00\v\x00\x82\xcc\"K\xe1IIT\x00'/54, 0x4)
mmap$auto(0x800000, 0x9, 0x800, 0x8000000008011, 0x3, 0x80000000)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop15\x00', 0x400, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r1, 0x0, 0x20)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1, 0x8, 0x8000000000000000, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/vm/mmap_min_addr\x00', 0x101302, 0x0)
socket(0x11, 0x3, 0x6)
socket(0x2, 0x2, 0x1)
io_uring_setup$auto(0x6, 0x0)
io_uring_setup$auto(0x6, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000700), r3)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r5=>0x0})
sendmsg$auto_NL80211_CMD_SET_CHANNEL(r3, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000780)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010027bd7000fddbdf255100000008000300", @ANYRES32=r5], 0x1c}, 0x1, 0x0, 0x0, 0x4080}, 0x20000000)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_TIPC_NL_NET_GET(r6, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x20000000)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x143e41, 0x0)

6.483340637s ago: executing program 2 (id=2846):
open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14abfd)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg$auto(0xc0, &(0x7f0000000000)={{0x0, 0x22, 0x0, 0xa, 0x0, 0x989, 0x1}, 0x3}, 0x9a6, 0xfffffffe)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x2, 0x88)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x1, 0x0)
connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x0, @my=0x1}, 0x55)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/jbd2/sda1-8/info\x00', 0x2, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80302, 0x0)
socket(0x1e, 0x805, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_rfcomm_dlc_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x2682, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
write$auto(r0, &(0x7f00000001c0)='/dev/audio1\x00JR\xe7\xae\xd27M<f\xa7\x02\x8f\xcb],\xd3\x1d\x8c\x8bB\xc7\xfc\x90\xd1\x03h$\x98\xc4\xc2#\xc0{\xf2\xdf\x83\xa40\xa5?\x8e\x92\xf5\"\xa9q\x8d\xf9uR\x82\xbe.\x82OD.5\xc2\xcd\xa4\xd9@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe9\x1f\xc4\x03)\xbb\xa3\xb5\x10\'{\x97\x0e\xb3\xa1\xe10H\xd4\xefe\xac.f\x82Lk\xe5\xb3\x11AT6R@\xbb\x8c\xa4\xf2\xe8\xafo\x17\xb9\b<|tB!\xa3\xa5\n\b\x8cA;\xbc\xc7\x91\xeb\xc0\xc7\xeb$\xc0\xa6', 0xa3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x9000000, 0x2, 0x20000000000000, 0x1, 0x8, 0x300000000000000, 0x80000001, 0x7, 0x4d40, 0x5, 0x2]}, 0x0)

5.655451938s ago: executing program 4 (id=2847):
socket(0xa, 0x3, 0x3a)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
getsockopt$auto(r0, 0x0, 0x60, 0x0, &(0x7f00000000c0)=0x44)
setsockopt$auto(0x400000000000003, 0x29, 0xc8, 0x0, 0x567)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, 0x0, 0x8002, 0x0)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x0)
r1 = openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, &(0x7f0000000000)='/dev/etherd/err\x00', 0x0, 0x0)
read$auto_aoe_fops_aoechr(r1, 0x0, 0x0)
mmap$auto(0x0, 0x2000c, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
unshare$auto(0x40000080)
r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/mpls/platform_labels\x00', 0x202, 0x0)
pwrite64$auto(r2, 0x0, 0x7, 0x7)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_TIPC_NL_BEARER_GET(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f0000001300)={0x14, r4, 0x9d0da3446261172d, 0x70bd28, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x24000000}, 0x20008080)
symlink$auto(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00')
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f00000009c0)='/sys/kernel/tracing/uprobe_events\x00', 0x302, 0x0)

5.370252577s ago: executing program 2 (id=2848):
shmctl$auto_SHM_INFO(0x3, 0xe, &(0x7f0000000100)={{0x600, <r0=>0x0, <r1=>0x0, 0x80000001, 0x10000000, 0x3cf4c3, 0xe64}, 0x9f, 0x2, 0x5, 0x4, @raw=0x4, @raw, 0x3, 0x0, &(0x7f0000000080)='Vd', 0x0})
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
init_module$auto(0x0, 0xffff9, 0x0)
socket(0x2, 0x2, 0x0)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r4=>0x0})
sendmsg$auto_NL80211_CMD_SET_WIPHY(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="130026bd7000dddbdf25020000000800", @ANYRES32=r4, @ANYBLOB='\b\x00a\x00@\x00\x00\x00'], 0x24}, 0x1, 0x0, 0x0, 0x4004080}, 0x20040894)
semctl$auto_GETALL(0x7, 0x0, 0xd, 0x1)
shmctl$auto_IPC_SET(0x5, 0x1, &(0x7f00000001c0)={{0x4, <r5=>r0, r1, 0x0, 0x80, 0x119800, 0x9}, 0x1, 0x9, 0xfffffffffffffff9, 0x800, @raw=0x1, @raw=0xfffffff9, 0x5, 0x0, &(0x7f0000000280)="5f70ec21b9e5494c0217b6c23d39f0687837235f98b5482afb439344a92a5d78e6452abb20c9fb8205b95347c71c98c3c711d6a084b229e588f8393b6a7d4d4566db9628031a614ac905d9ac0e81da9fa0c10404fbcecaf5d7fe099b51f78219993ccec012aa8d1a47ab47f48c16cf843fe950ef09a12fd9717189e0e2859f59c18926cb243014e0b7cd8a0c5b64398d7ca86ffa6f85fd55de7b00bec27390aac530de275b34da5d98293c1f729333a9041110e1e27bc0f37c687aeb5c1dd0c2283ab17df32dd486b7cf88d752476d312a0f60a053864f11ededce7e44", &(0x7f0000000380)="d6e50f828a814092ca2d6632393752a1292c55356c671372a799907e8deea22ed692d37e307e01d08aa2db8a02a61bf3cd30fe7b3e502a7735f6145cfe110da82ca25a2058a1391526de9e5eb377cc40f54452980990cd6ef3aa24709b37b8d118efe44b747d0c557fffe4d99155f0b7230ff0fc104f7623aff214f6754296bf9469d76b7618fb32de5c15640b6fcdb6331f1d2a04defd1154d2a1ecc274acfe8bac4bac8a4168287aca7ae0aff5172114607426ccc66244ea776a3a960ee8b8c1a0ef77f89ea531c3e89ed088043a3ac46528b4eeec9e630989d1b5e426dbbf627eaf316c90264bd0b7eb0711090365c8a831e5774b8da31b3fa2ed03cf892d1f4282e82e9d603f49e76f32e388e57aadffc0462be753cef775a3cf67e2f64f8e3ccc5d73b9d173f66a312b1b180bbbb48bb12e3698712615651daf1a04c2eb5cad3a2b0ac5058b8877a231600dfa9fcc18f4a2951ba3914d8c90ba6a807858f4f58656403273d0f3c6808ab3275deaec9a629a398b2dfa06c420ddd0df334f271030aae2599c793a65b4523066aa0ff7b7c97020be42f67572a0be8e68e7b4fc5edb3ef4006102caa71a69085b38740f614dcf5fb327f021b305e45dfd3a7efdab8977402d112b49c42479bc70ad887ac6a4eb45c3937d30cc84f0c70a1ed47692253a5e7b07e50f517e5eccb4ab1aa8b26eb8d29c6997bc5a98ce8cb162c4eeef7356158c2b4470a64cfe513d5c05d58e3cf26e2bf23fba4aa531a67333abaa8b271b7b0645ecf8349416629a8cfa619e1eafd934ad4edc71568d48ecdb34f56608a55c0a1e28f69d3d6ff68835edfabc4e8db259d7f37856f5e7e2fbd4d085db9a7f24d5ae6ebeb3becaf2bd21a1854a2af2bd54a51b6984440e785555347cc01893183a5cb79de14f2283ebd30080258b6ffb0dd1d16f4ec2b3633d0fd7b252d721115ad469d414d054365aa9ddf94ff7e5cec26f54adee18b5a0c12c5064f3adc14d6b08a6ef068c963a4db55e8deda899c7b750c11e5eba99bb522f41f252311b0341f571d946318f5f95c152f394bd2a195b8c5bb7b03e40d279b236c7f35ff8fa3ac4e361363a48c3a4d3762563153f1d78d016bbdbe0e20c3af61da6c5063590135db628591a2e36e1aef710d3401508196a4e75cae9793d3e59ef7910d08a3f007f7d06c87867974c51a3dc264b80f0e9ad3a68998b403e7fb5542f7da47c2b129920dae789d96fc87581d04522c66777a4a5e4628326ace80db0de51a89eac8fc89b859aaf6026841109bf2eee4e2c8960711cba916a2746d72fadbb51953500985949127f23c15ddddbefa6f46d3db5eb21f564cf3ad4afb39ed27fa537174292631b2e78cbdcfeab18eac78ee64d7a660f6b10e35d766d9ddc6ebe978af363308b26d2b0ea00666227f8bcc252d946376be37a05bff7474abdb0cfd2b22b7a5e5702d119469b0aedc19814c3beab212ae597671b9746fd22d021afdb566d2fa31adadf549c52b9c370e44ab14cf823918e82ac49e23855b5248a360d9e900fff79a0f328b52de85802a2e7c9a227a8973bd89f960519f9114093507d610c1c2e1ee0b497dd7e9a858be36c6f12a81d52546b7f19304da273200df7619dcdac639cd97878e6c039e36e4ffc0081d25adda40cdc28f84d01b8066fc8d44b594ab2570f592987f25d33d1ecfc4803ef0cf310b03ff9621e952e63b789261842eb24a9d5b42ec1f8f55138e8fc72628cbc5dfce7603cf121313228d8035aa620aa3103f1ba3267484a6d1d02fa2d9297c435a0dae98613280f3e1479d0ddd4acaeaf0c80b4cf3b1aa024430ca8b4a1759acf0b461b87ba08c75a52b546d6102ab4c71aeb23fe55e5fb5cb0bdc948a20ebef0c278957910ef82fbb6c31665b58ded956bd4b43ba878faa7a8b8476027fa1d6bb729de33fa2edf1e1ff501e0c3dcec8cf97212e859a9ec7037a3a98f9adadc32e9f9c197a31774b82c51eaa1ff2606d37aad86ad5011fb9983f34d0d6ab737fbd966c3f2b52419285c7f1f87408251d7e46c8544bf459ea5952dbb48c43506851bf09b9a6807a8b2624f91797316892dcdf83a18682b9416ffa8d9508d90e690080b58dadbaa05a62f8a909a1ff15457e39696c16276323bf157c7528630811c4ebd82245aad20791bd8538f6293301e7eb25a0c477106ea2dbb6d3d1b8a98d0a5714fefa3ebcd3ef6c3b2e0cbe307fdea39bfe663b8b4e04519432c238b90c3322acf8075c282d8cb6f55543c063e49169429807a7751aaf47286683ffbc55979e5d97333efc2b758788bfa8ba258746d894325cf051ca1b734b9bf8be507d123618da92e57ccbc92e67efffcc97df70dc94d5eea5ddbe59c7602369923b7945627f668e6a6c62023b901ec9e7ab6b19ccd8f781f9d7d1bca4449c1aee9198daf84028a5db956df38e5aa1d55e1632566d0887819028d3396cfbea3219168dd984d126a650a9eb424f70a771d3af4836a81833f9a148d73f52b8a126d79cff864bfbf8f0e632e38abb92b13abd1e3d82ba8e70916b7e0f1651721577f6f8640cebeabbc2bdca069a2b7e1868006ae42a55aa010e7993c0627f336146c884003e44b75b00895eaddb94974ea4dcebd93b4ed5d36c9bf30a0dac59ce8ec003cdf23001b3da989b56623c5505a15eeabd1d92db5158dd41306c4002d2c6f267163bb8910fd2d97606e56fd0acae940ac22bd475fe28e29b37d7a5b2e210dbbb94070a3435e4e6d5991a9b2dcb8c387b922690a639ee0e04d6fd96b1a28e6bbe56eda7a018aa7ffbc9d11cb240c9e9a7513ffc26c5b3449298d82e17444f732144d1e28672c908dbbb9848070beca2865e38b1efa637c61a422a77104742f5436cdea2d733963b43ceaf215b3cb94be51b465e9037fd4ac08c3666602f049b257ffc9c7434f11bf6a4341f690956d089c533908d614e8bff39f127c076f166797b74efe347bbbec3f6b90b78e5606c0df249a7b0cd7273ad0dc34819cfb1bcfea0b513711b7e4e9394b792e55ff7c1c1ebb927d0c62aeaf74e22190036be5aebe5143291d58005b120ac976e0f81076235c9c7a6f73b5e177a58899292e557a04df4c8dc8d5a511017eecd0b06b284c04d0d49923bdd59f174e032f1b1cb388e13308437e968ea398a5e86465a6ca3e3053f71ea0d08fc3a073d1cb8bb0f1a56c99748c6c9ab30105bb7300e0710e752921176c8651896c73583087b60ae282bcbb0b8187e1094282c8dca95da2eee605d29b79a593d6e0d0072e3cd662b4ae4b0138677360382b8b41a9108457d2acd7bdcf51405c529ff20012009ab227d6e535a14b733c1f877317961cf324aa0aeb0139d23dcf90486035971bcafbcfd5b843e35a0a1a3b55737b96609547cdfea716b43840286fc4db9e639a86d46e025ced793e3a383e4f19169a0316837293f063abe33a04f13c613afd008b4c80517a08a8112b7808a0bf31effd8477fc120db8cdaac49294d5b1dc4489b99c6b642c27d0f0d6cc478a063a135389310a5f5aba61bd580c6aa1aa5ca51591d5cc3ca2ebdc071bcd67ef32f670dc9575f09ec82ae1d36ffbc4667f8017a222ee2cc7b599c55bcad4bee3fd1d0a0d3f7a919ca525c66e2068c156b25b33f6d1445ed354e04d9c034d92937ee1d2534875fc29c14bc3a4c3a8aa62b80e221d557c89e6faf6e6367dd1ea0d58778083be65da8cba71549baeef9ec3a91b889a902379e0d8d52fad0ba184cd32534a4ae65eb9218a1d2ce7dadfc74419d9e29850defa24fe71ddf78852e7da081c95f430f3dd0b5695f6505222f732ee2b92a1732deb094b3e62df5ff5f031a8f2f18b56910c60751583b4e952b2d97cf3b28bf89f46e71e5eefde62a87ccd212a0b9a8935b88a1fbea5dd52857cbb6d28cb16bf6fdfc8b09de37e1659677dab73d2850da24cf0993e654c7bd1afdf95ba909a0beaeff57e14b8a9a9140cc6e56b50c70d4a3a31988a32e818a074d531014c2629f30273d0ad684404ae0c59fc9ac0999c9c838f264bffed6c9310320650ad5d043a1b69c335d82f3e76a9b01d2c0f028f63f1b20811626c88073d5e6589ff378da1e79747c5f2dc7cb732208b86c5e63d7f097eb3734ed540e18254d4618f21ac9a0d0523c285a048120a5385c2ea66f0238ad1e2cdc31d53daf1dada1b1d30a757cac340f7e1698d71a96b49844786c61d37d60b84109fafef3d50673f0dbc862667c4a4596f8ece24a82654135347d3c69eeefdd2973007d26d586c85c5916ff737157799fcdf1591d495d2072be19a3102cf2c5b811d820896c9b7a9745ed28ef3c6f8415091c484716e1084b8141208fdfcad4bbf7c3c3deabea22af5096479ae6759697a09b5602a7a104555d65734525d2d316bc1506e50b6b6a1af526f69d9257a03531bbbd4824329772d42d2f5d9e393a409472a02dd283034cf31f1bc2ba74ccd6c2d4147eb3b7b70963eb11f3e8cbd0e3313443e0ee47cbf7c972b9c535e5f000f5222d3750036a7b5d796a9c4ce51e6664848f275c361a7e03fe3790985c8c80441ef3de84a515a9edc9581e48434959390592b345387d21fd8aa3ffe0fac3a311c4034bd70a3b28af31b4048f1e2d140496e9669c10037aba425cdea9c5fdac91f83efac75740279f6854c038eab6ee94e020dc3c3c065a99e0e863b4e0e8f3be01273393ebba934caefdeef69dc7cf63ae3765dee62c30fb0b458ef1c5b9d2a2125b80b0be9aec47e3e1d03ce25fe46cd8f321c98a3db5c144536fd03fa11af811ab8ecfc2a8927bdf4bb597364e04fcfec6bb318feb912382dc2ea58f84b4eb25b37c8c29481fcdd7b2cedc4327fb685cdb51d1d3cc796c032b3920e3a255237c251980a7e3c591933ae2b7aaa5eee7ce533067b50e305ba12b21287042916a5bff2a292f070aa70a3d42c11972a358d492c9b4dd351912c7d7d182b49277110478b4bc0d94cb95d58b4beb283fb1071fec38891d233d3378d28466bb36771895c79e9ee84eb9e9cc7b09fcd6a23f81df974c986909132204e4f0f43858dd876c0ab780d4808ec70bc465d46d21f2febd050c4a17dc865bbf157a393c34b0bc55f8b9db201b60ae3765347eceef2ce32f392107890af40337676327b6722de5c5e64c8ee9fcebdf74648062a5e7b2f3289b081a3a59ee7f94be88252b5b57213535edac49db6ce25402bbe98a3b7c88af045f56bec8a8a61572a93472dac896ce5f8302d62919deef58410c03fa5e7a3a612074eac2e8ec8830dd4a67dfd79a95068762ff37d26d8afec95a62b0d7041a89c1ad3c7c0a29b2dce7c78de045776d4346716be6a8f424bbc09d5397c3ab64e5670c88056e3e4f9ab121eb3924d324573c3bf38870a6ae052f698521ab0ba7bd13d4b96652b8115d13667956e64e75be1be1be12f6dc7a232d343d9191d31a1f4fe00df67e196b0bb560981043b6f1f8dc1685308bc80fc3948866404947a5bc84d9ee9ad5b30b061f0a7c7b8115121a008857a0aa5c57f7904deea5171e06921288854496dcb7d819615b99a5c42a6c3ef3c4cda69d7d83b515ecfabef558ab14d3c87ad66837e30471936ced9ed42fc51df1ab108c97e5bf8b9457379189e0290d408bea6e225f2880bd1ef27025b920f31d7d3eb8384dd813986cccc6615048174e906b6539a99448df27ac0cc78715fae54c49e1dc81b92aef89589242cf151a3de552bc1f6deca44fb8cb4fd07e660ef04da7017922425bc7da10f33654bef14a33d421d1cf3d9fbc168bf6fac1d642ebb40d6"})
openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
openat$auto_ftrace_event_format_fops_trace_events(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/format\x00', 0x54800, 0x0)
ioctl$auto(0x3, 0x80000541b, 0x38)
shutdown$auto(0x200000003, 0x2)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x300, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x2, 0x6, 0x0)
io_uring_setup$auto(0x6, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
connect$auto(0x3, &(0x7f00000018c0)=@l2={0x1f, 0xa, @none, 0x8, 0x1}, 0x55)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x5, 0x0)
shutdown$auto(0x200000003, 0x2)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000001480)={&(0x7f0000001380)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000001440)={&(0x7f00000014c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00032abd7000fedbdf250100000008000200", @ANYRES32=r5, @ANYBLOB="06007e1f", @ANYRES32=r4, @ANYBLOB="0000dbb1bd17009afc8022dd418ef1be3669edfa79f02e0d1cd62416cdf2ae7dcb2b"], 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x1)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/net/rose12/queues/rx-0/rps_cpus\x00', 0x20001, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000000040)='\t', 0x1)
unshare$auto(0x40000080)
capset$auto(0x0, &(0x7f0000000040)={0x80000000, 0x26, 0x80000001})

4.374688137s ago: executing program 6 (id=2853):
r0 = socket(0x29, 0x2, 0x0)
setsockopt$auto(r0, 0x119, 0x3, 0x0, 0x2)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="69b5b2dfdabb136c46000229"], 0x14}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000000), r1)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="19"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

4.202987561s ago: executing program 6 (id=2855):
io_uring_setup$auto(0x6, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r0, &(0x7f0000000000)='//\xf2\x00', 0x80000000)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
r1 = socket(0xa, 0x801, 0x84)
getsockopt$auto(r1, 0x84, 0x7d, 0x0, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/ipv6_route\x00', 0x101000, 0x0)
sendmsg$auto_NL80211_CMD_STOP_AP(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0}, 0x1, 0x0, 0x0, 0xc}, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer2\x00', 0x40000, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
r3 = fanotify_init$auto(0x280, 0x1)
read$auto_snd_pcm_f_ops_pcm1(r3, &(0x7f00000000c0)=""/109, 0x6d)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
socket(0x10, 0x2, 0x0)
getsockopt$auto(0xffffffffffffffff, 0x84, 0x1, 0x0, 0x0)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000340), 0xffffffffffffffff)
syz_genetlink_get_family_id$auto_netdev(&(0x7f00000001c0), 0xffffffffffffffff)
mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0)
read$auto(r4, 0x0, 0x20)
writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x7}, 0x3)
setrlimit$auto(0x1000000007, 0x0)
userfaultfd$auto(0x1)
seccomp$auto(0xffff8001, 0x3, 0x0)
sendmsg$auto_NL802154_CMD_SET_MAX_CSMA_BACKOFFS(0xffffffffffffffff, 0x0, 0x8044)

4.010544393s ago: executing program 3 (id=2856):
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x5, 0x0)
socket(0xa, 0x801, 0x84)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2c, 0x3, 0x0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffc, 0xd6, 0x1, 0x6, 0x0, 0x1, 0x368e, 0xffffffffffffffff, {0x100000000, 0x10000}, 0x5, 0x9, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000005, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948f, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x1, 0x7, 0x6d3f, 0x9, 0x4, 0xfffffffffffffffd]}, 0x0)
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x20600, 0x0)
ioctl$auto___SNDRV_PCM_IOCTL_SYNC_PTR64(0xffffffffffffffff, 0xc0884123, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mount_setattr$auto(0x0, 0xfffffffffffffffe, 0x100, 0x0, 0x20)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
ioctl$auto__ctl_fops_dm_ioctl(r2, 0xfffffff7effffd05, &(0x7f00000001c0))
r3 = socket(0x1d, 0x2, 0x6)
r4 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r5=>0x0})
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r5, 0xfd}, 0x6a)
write$auto(r3, 0x0, 0xa3d9)
ioctl$auto(0x3, 0x4020ae76, 0x38)

2.591895421s ago: executing program 3 (id=2857):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x3, 0x1)
mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x0)
connect$auto(r0, &(0x7f0000000000), 0x55)
sendmmsg$auto(r0, &(0x7f0000000240)={{&(0x7f0000000100)="c9a19b9bd45daf8d1e42325618d266e9b4d29346a538f4501870f63224261ea46d2048306cb48caaa96d8e74944fe4311b40ed00640d041ca43967b3a4f18b86c38c26c9df10a988d1f2c1c69262f1908a4880ba65a9fca956c49dc5990384089f8c005c64f32d9bbba6f289964068a8ced940397118c0aa87e26591cfeead8827333219be3c5524a56ceb46dbe9688b2156", 0x10000, 0x0, 0x2, 0x0, 0x3, 0xfffff2cf}, 0x6}, 0x2319, 0x5)
unshare$auto(0x40000080)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x8000, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f00000000c0))
read$auto_nsim_dev_trap_fa_cookie_fops_dev(r1, &(0x7f0000000000)=""/156, 0x9c)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000000), r2)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
lsm_list_modules$auto(0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x801, 0x106)
socket(0xa, 0x5, 0x0)
setsockopt$auto(0x3, 0x10000000084, 0x75, 0x0, 0x8)
sendmsg$auto_IOAM6_CMD_ADD_SCHEMA(r2, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f00000000c0)={0x20, r3, 0x1, 0x70bd2a, 0x25dfdbfb, {0x4, 0x0, 0x900}, [@IOAM6_ATTR_SC_DATA={0x4}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0x9}]}, 0x20}, 0x1, 0x3000000, 0x0, 0x1}, 0x8010)
r4 = socket(0x10, 0x2, 0x1)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000"], 0x1ac}}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
recvmmsg$auto(r4, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x0, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x6}, 0x3, 0x0)
mmap$auto(0x1000, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
mseal$auto(0x200000000000000, 0x7dda, 0x0)
syz_genetlink_get_family_id$auto_smc_pnetid(0x0, 0xffffffffffffffff)

2.378952925s ago: executing program 4 (id=2858):
lstat$auto(0x0, &(0x7f0000000180)={0x0, 0x40001c, 0xfffe, 0x63, 0x0, 0xee00, 0x0, 0xffff, 0x8, 0x80000000000000a, 0x140000402, 0x40000000000001, 0x9, 0x1000, 0xd, 0x6, 0x2})
r0 = socket(0x2, 0x5, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0xb, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
unshare$auto(0x40000080)
mount_setattr$auto(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000640)={0x100030, 0x5f, 0x0, @raw=0x101}, 0x28b)
socket(0x1d, 0x2, 0x6)
openat$auto_fops_blob_file(0xffffffffffffff9c, &(0x7f0000011500), 0x40002, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ptyc9\x00', 0x20c40, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/midi2\x00', 0x4ca880, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x40000c, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/block/loop9/queue/rotational\x00', 0x242401, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x40d40, 0x1a0)
socket(0x10, 0x2, 0x14)
r1 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
ioctl$auto_TIOCSETD2(0xffffffffffffffff, 0x5423, 0x0)
write$auto(0x3, 0x0, 0xffd8)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
semtimedop$auto(0x3, 0x0, 0x8, &(0x7f00000000c0)={0xf3c7, 0x5})
userfaultfd$auto(0x1)
r2 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0)
ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r2, 0xc05c6104, &(0x7f0000000100)={"fda25684", 0xffff, 0x6, 0x3, 0x3, 0x9, "c625aa3f222ce10e00", "430600", "0400e6ad", "4e1d00", ["22df00000200", "f8ffffffff473a6f08e10005", "b06f8ca10c66eebcbd6f17c8", "5f0700000000000000392a98"]})
read$auto(r1, &(0x7f0000000040)='/dev/ptyc9\x00', 0x9)
close_range$auto(0x2, 0x8, 0x0)

2.043954742s ago: executing program 2 (id=2859):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x1000, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
mseal$auto(0x200000000000000, 0x7dda, 0x3000000)
syz_genetlink_get_family_id$auto_smc_pnetid(0x0, 0xffffffffffffffff)

1.686793922s ago: executing program 6 (id=2860):
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x5, 0x0)
socket(0xa, 0x801, 0x84)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2c, 0x3, 0x0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffc, 0xd6, 0x1, 0x6, 0x0, 0x1, 0x368e, 0xffffffffffffffff, {0x100000000, 0x10000}, 0x5, 0x9, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000005, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948f, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x1, 0x7, 0x6d3f, 0x9, 0x4, 0xfffffffffffffffd]}, 0x0)
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x20600, 0x0)
mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0xeb1, 0xffffffffffffffff, 0x8000)
ioctl$auto___SNDRV_PCM_IOCTL_SYNC_PTR64(0xffffffffffffffff, 0xc0884123, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mount_setattr$auto(0x0, 0xfffffffffffffffe, 0x100, 0x0, 0x20)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
ioctl$auto__ctl_fops_dm_ioctl(r2, 0xfffffff7effffd05, &(0x7f00000001c0))
r3 = socket(0x1d, 0x2, 0x6)
r4 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r5=>0x0})
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r5, 0xfd}, 0x6a)
write$auto(r3, 0x0, 0xa3d9)
ioctl$auto(0x3, 0x4020ae76, 0x38)

1.547407145s ago: executing program 2 (id=2861):
r0 = openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000004680)='/sys/kernel/debug/tracing/dynamic_events\x00', 0x502, 0x0)
write$auto_dynamic_events_ops_trace_dynevent(r0, &(0x7f0000000200)="65a9097e7ae10d907693b704c212df4651c13e9423", 0x15)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x48041, 0x0)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x24040004}, 0x800)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/loginuid\x00', 0x309c02, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/irq/9/smp_affinity\x00', 0x129542, 0x0)
read$auto(0x3, 0x0, 0x7)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0xc)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7ffffffff000}, 0xa)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)
statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x401bf, 0x7352, 0x40, 0x65c, 0x1ffde, 0xb, 0x3, 0x2, 0x9, 0x3, 0x5, 0x4, 0x3000, 0x8bf, 0x6, 0x10003, 0x80, 0x4, 0x0, 0x7, 0x1ffc, 0x203, 0x400, 0x84, [0x0, 0x0, 0x0, 0x100, 0x0, 0x2000, 0xfffffffffffffffd, 0xa, 0x78624ce7, 0x0, 0xfffffffffffffffd, 0x0, 0x3, 0x1, 0x4, 0x7, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x200000000000, 0x0, 0xffffffffefffffff, 0x3, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffd, 0x400000000005b8, 0xc, 0x4000000000, 0x8, 0x4, 0x6, 0xffffffffffffffff, 0x890, 0x800000000000a, 0xfffffffffffffffc, 0x1000, 0xa38, 0x0, 0x0, 0x6, 0x2, 0x4000000000, 0x6, 0x0, 0x100000]}, 0x1fe, 0xd)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r2 = prctl$auto_PR_SET_MM_START_DATA(0x100, 0x3, 0xffffffffffffffff, 0x5, 0x5)
ioctl$auto_PPPIOCGIDLE64(r2, 0x8010743f, &(0x7f0000000080)={0x8000000000000001, 0x4})
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
r3 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x4007, 0xb})
socket$nl_generic(0x10, 0x3, 0x10)
faccessat2$auto(0x1, &(0x7f0000000000)='\x00', 0x2, 0x1000)

1.440034809s ago: executing program 3 (id=2862):
mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_TIPC_NL_LINK_GET(r0, &(0x7f0000003e80)={0x0, 0x0, &(0x7f0000003e40)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010029bd70"], 0x34}}, 0x8040)
read$auto(0x3, 0x0, 0x1f40)
r1 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x3b71, 0x0)
r2 = socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000380)={0x8, 0x1, 0x9, 0x3, 0x9, 0x5, 0x1ffde, 0x3, 0x6, 0x2, 0x9, 0x5, 0x3, 0x4, 0xb0, 0x7, 0x2, 0x3, 0x5, 0x7, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, [0x0, 0x4, 0xffffffffffeffffc, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000cb2, 0xfffffffffffffffc, 0x1, 0x0, 0x3, 0x0, 0x0, 0xb23, 0x1, 0x0, 0x9, 0x0, 0x0, 0x7fffffff, 0x0, 0xfffffffffffffffe, 0x0, 0x8, 0x0, 0x0, 0x0, 0x7, 0x0, 0x2], "13c15a3f4bc6b237fe0f2e388c687134c99e891ee8657824281d5d0e4baa6b6a907b34cb1cc0adcdc4c0161463495aa036b3c20ceebf5a4e37f47b045f2c0a9c7353d97ac39434e09e8eb181c9611d1e0abd386b4a9b9ede"}, 0x1fe, 0x81)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0xc20f0000, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x8)

1.342945038s ago: executing program 6 (id=2863):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8000, 0x0)
r0 = socket(0x2, 0x1, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000080), r0)
sendmsg$auto_WG_CMD_GET_DEVICE(r3, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x8c, r4, 0x200, 0x70bd2b, 0x25dfdbfb, {}, [@WGDEVICE_A_PRIVATE_KEY={0x75, 0x3, "5feac2a397e69ac32d22c68e6542da86d33a9fa963c698d262c1d476fcfe5f341770d2d91638c155b5e3a8f72cb5cbb298bddbc6940b8a612501a0ad9a69a386c327a625659ce2fcafca33fbca0ad9d3cf9eab111b3729b80fb5fec5fdd26d1cf27805feb635dbc251c3235c7291075d05"}]}, 0x8c}, 0x1, 0x0, 0x0, 0x20000800}, 0x40000)
ioctl$auto_KVM_CREATE_VM(r1, 0x4008ae89, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x500, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2020007, 0xffffffffffffffff, 0xeb1, 0xffffffffffffffff, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
fanotify_init$auto(0x5, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0xfffffffffffffffc, 0x8, 0xdf, 0x9b72, 0x2, 0x100000000)
write$auto(0x3, 0x0, 0x100082)
bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x7, 0x4, 0x200, 0x1001, 0x0, 0xf, 0xffffffffffffffff, 0x1400000, 0x5}, 0x6f4)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x2, 0x3, 0x100)

1.22667577s ago: executing program 2 (id=2864):
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
epoll_ctl$auto(0xffffffffffffffff, 0x2, r0, &(0x7f0000000080)={0x3, 0x1})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_seg6(&(0x7f00000003c0), 0xffffffffffffffff)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
socket(0x2, 0x1, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
r4 = socket(0x2, 0x80802, 0x0)
setsockopt$auto(r4, 0x11, 0x67, 0x0, 0x8)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
connect$auto(0x3, &(0x7f0000000140), 0x55)
socket(0x10, 0x2, 0x0)
socket(0x10, 0x2, 0x4)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
sendmsg$auto_BATADV_CMD_GET_HARDIF(r3, 0x0, 0x4008000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
sendmsg$auto_SEG6_CMD_SET_TUNSRC(r1, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000000040)={0x28, r2, 0x11, 0x70bd26, 0x25dfdbff, {}, [@SEG6_ATTR_DST={0x14, 0x1, @mcast1}]}, 0x28}, 0x1, 0x0, 0x0, 0x10}, 0x44892)
sendmsg$auto_SEG6_CMD_GET_TUNSRC(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r2, 0x0, 0x70bd2b, 0x25dfdbfb, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x5}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x40804}, 0x48894)
getpid()

1.094607121s ago: executing program 6 (id=2865):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x800, 0x70bd2a, 0x25dfdbfb, {}, [@NFSD_A_SERVER_LEASETIME={0xfffffffffffffffd}, @NFSD_A_SERVER_GRACETIME={0x0, 0x2, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x24008011}, 0xc0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="180027"], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000140), r0)
sendmsg$auto_ETHTOOL_MSG_LINKINFO_SET(r0, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r1, 0xc00, 0x70bd27, 0x25dfdbfd, {}, [@ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8004}, 0x801)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
mount$auto(0x0, 0x0, 0x0, 0x3, 0x0)
mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000)
r2 = clone$auto(0x21, 0x8cd, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x4)
process_vm_readv$auto(r2, &(0x7f0000000040)={0x0, 0x8}, 0x8727, &(0x7f0000000080)={0x0, 0x100000000000002}, 0x6, 0x2)
fcntl$auto_F_OFD_GETLK(0xffffffffffffffff, 0x24, r2)

1.039292121s ago: executing program 3 (id=2866):
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="d300c7", @ANYRES16, @ANYBLOB='\x00', @ANYRES16, @ANYBLOB="080001060000000000000000", @ANYRES32=0x9], 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x0)
syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff) (async)
r0 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001980)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="1b0026bd8600fddbdf2503000000040008000c0003800800048088a8288012000100898771f1c19f1779048590828847000004000280"], 0x3c}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_DP_CMD_DEL(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01002abd7000fedbdf2502"], 0x38}, 0x1, 0x0, 0x0, 0x20040011}, 0x20000000) (async)
sendmsg$auto_OVS_DP_CMD_DEL(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01002abd7000fedbdf2502"], 0x38}, 0x1, 0x0, 0x0, 0x20040011}, 0x20000000)

794.928936ms ago: executing program 3 (id=2867):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x21, 0x2, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1d, 0x2, 0x2)
socket(0x1d, 0x2, 0x7)
setsockopt$auto(0x3, 0x6b, 0xb, 0xffffffffffffffff, 0x3)
r0 = openat$auto_lowpan_control_fops_6lowpan(0xffffffffffffff9c, &(0x7f0000002140), 0x575976d60f6bcdb7, 0x0)
r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000040), 0xffffffffffffffff)
writev$auto(r0, &(0x7f00000001c0)={&(0x7f0000000180)="7d8457ed529c820d1cd3aac91902f2d53f2f438e07cd3545c3fdff1cfbf8d55825fecee89a09ff9e8a6c5ef788", 0x1a400000000000}, 0x0)
sendmsg$auto_OVS_FLOW_CMD_SET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x18, r1, 0x2, 0x70bd27, 0x25dfdbff, {}, [@OVS_FLOW_ATTR_PROBE={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x65}, 0x84)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
r2 = getpid()
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x24040004}, 0x800)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff)
process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0)
r3 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000200), 0x103001, 0x0)
ioctl$auto_I2C_RDWR(r3, 0x707, 0x0)
pread64$auto(r0, 0x0, 0x663, 0x6)

785.462337ms ago: executing program 2 (id=2868):
openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000340), 0x40, 0x0)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_WOL_SET(r0, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000200)=ANY=[@ANYBLOB="14f00000", @ANYRES16=r1, @ANYBLOB="ebff26b57000f8dbdf250a"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x40)
splice$auto(0x4, 0x0, 0x2, 0x0, 0x1000, 0xf)

653.164047ms ago: executing program 3 (id=2869):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
mmap$auto(0x0, 0x2020005, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
open(0x0, 0x22240, 0x155)
socket(0xa, 0x3, 0x3b)
r0 = socket(0x11, 0x80003, 0x300)
r1 = openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f00000020c0), 0x88840, 0x0)
readv$auto(r1, &(0x7f0000003100)={0x0, 0x2}, 0xb4)
sendmsg$auto_NL80211_CMD_CONTROL_PORT_FRAME(0xffffffffffffffff, 0x0, 0x8000)
modify_ldt$auto(0x1, 0x0, 0x10)
keyctl$auto(0x12, 0xf, 0x40000000c6e9, 0x81, 0xa472)
utimes$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x5, 0x4})
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socketpair$auto(0xffffffff, 0x5, 0x8000000000000000, 0x0)
request_key$auto(0x0, 0x0, 0x0, 0xfffffffd)
keyctl$auto(0x12, 0x102000000010001, 0x7f, 0x200, 0x3)
modify_ldt$auto(0x1, 0x0, 0x10)
r2 = openat$auto_long_retry_limit_ops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy8/long_retry_limit\x00', 0x100, 0x0)
close_range$auto(r0, r2, 0x1)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x200, 0x0)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x101, 0x7, 0xeb1, 0x3fd, 0x800007ffc)
io_uring_setup$auto(0x6, 0x0)
clone$auto(0x7, 0x7fffffffffffffff, 0xffffffffffffffff, 0x0, 0x1)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
fanotify_init$auto(0x65, 0x2)
dup2$auto(0x5, 0x4)
splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9)
write$auto(0x6, 0x0, 0x100000001)
connect$auto(0x3, 0x0, 0x55)

601.395917ms ago: executing program 6 (id=2870):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
memfd_create$auto(0x0, 0x9)
write$auto(0x3, 0x0, 0xfffffdef)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
mbind$auto(0x0, 0x2, 0x2, 0x0, 0x7, 0x0)
write$auto(0x3, 0x0, 0x7fffffff)
write$auto(0x1, &(0x7f0000000000)='//\xf2\x00', 0x80000000)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd)
landlock_create_ruleset$auto(0x0, 0x4dc, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D3\x00', 0x2841, 0x0)
read$auto(0xffffffffffffffff, 0x0, 0x8)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
readv$auto(r0, 0x0, 0x401)
close_range$auto(0x2, 0xa, 0x0)
socket(0x1e, 0xa, 0x1)
stat$auto(0x0, &(0x7f0000000140)={0x1d, 0x79, 0xde0e, 0x3, 0x0, 0x0, 0x0, 0x180000001, 0x4, 0x5, 0x2000000000001, 0x6, 0x1, 0xf0eb, 0x40000000001, 0x2, 0x9})
openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000002640)='/sys/kernel/debug/tracing/set_event_pid\x00', 0x212082, 0x0)
rseq$auto(&(0x7f0000000140)={0xe, 0x1, 0x0, 0x6, 0x4d, 0x6}, 0x8000, 0x0, 0x6)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x29, 0x2, 0x0)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x100, 0x83, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x3, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}})
io_uring_register$auto(0x2, 0x11, &(0x7f0000000180), 0x83)
mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000)
socket(0x28, 0x800, 0x0)
mremap$auto(0x1fc000, 0xfee0, 0x3fd6, 0x3, 0xeffff000)

592.614676ms ago: executing program 4 (id=2871):
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x5, 0x0)
socket(0xa, 0x801, 0x84)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2c, 0x3, 0x0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffc, 0xd6, 0x1, 0x6, 0x0, 0x1, 0x368e, 0xffffffffffffffff, {0x100000000, 0x10000}, 0x5, 0x9, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000005, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948f, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x1, 0x7, 0x6d3f, 0x9, 0x4, 0xfffffffffffffffd]}, 0x0)
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x20600, 0x0)
mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0xeb1, 0xffffffffffffffff, 0x8000)
ioctl$auto___SNDRV_PCM_IOCTL_SYNC_PTR64(0xffffffffffffffff, 0xc0884123, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mount_setattr$auto(0x0, 0xfffffffffffffffe, 0x100, 0x0, 0x20)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
ioctl$auto__ctl_fops_dm_ioctl(r2, 0xfffffff7effffd05, &(0x7f00000001c0))
r3 = socket(0x1d, 0x2, 0x6)
r4 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r5=>0x0})
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r5, 0xfd}, 0x6a)
write$auto(r3, 0x0, 0xa3d9)
ioctl$auto(0x3, 0x4020ae76, 0x38)

0s ago: executing program 4 (id=2872):
r0 = openat$auto_force_wakeup_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/bluetooth/hci0/force_wakeup\x00', 0x88f42, 0x0)
openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/tracing/events/vmalloc/purge_vmap_area_lazy/filter\x00', 0x2, 0x0)
writev$auto(0x3, &(0x7f0000000080)={0x0, 0x1}, 0x3)
write$auto_force_wakeup_fops_hci_vhci(r0, &(0x7f0000001780)='T', 0x1)

kernel console output (not intermixed with test programs):

l(4.49.0), user(0.0.0), cmd(5)
[  553.811810][T14599] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1907'.
[  556.121787][T14648] svc: failed to register nfsdv3 RPC service (errno 111).
[  556.159465][T14643] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  556.176767][T14648] svc: failed to register nfsaclv3 RPC service (errno 111).
[  556.538759][T14660] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1919'.
[  557.232331][T14680] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1924'.
[  557.377930][T14687] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  563.209065][T14800] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1955'.
[  563.359820][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  563.366182][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  564.432524][T14817] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1958'.
[  565.338487][T14837] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1966'.
[  565.847879][T14848] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  566.384949][T14858] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1973'.
[  566.627396][T14863] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  569.051636][T14943] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1989'.
[  569.853557][T14962] FAULT_INJECTION: forcing a failure.
[  569.853557][T14962] name failslab, interval 1, probability 0, space 0, times 0
[  569.929501][T14962] CPU: 0 UID: 0 PID: 14962 Comm: syz.4.1993 Not tainted 6.14.0-rc5-syzkaller-00137-g00a7d39898c8 #0
[  569.929535][T14962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  569.929549][T14962] Call Trace:
[  569.929556][T14962]  <TASK>
[  569.929565][T14962]  dump_stack_lvl+0x16c/0x1f0
[  569.929601][T14962]  should_fail_ex+0x50a/0x650
[  569.929637][T14962]  ? fs_reclaim_acquire+0xae/0x150
[  569.929669][T14962]  ? tomoyo_encode2+0x100/0x3e0
[  569.929698][T14962]  should_failslab+0xc2/0x120
[  569.929722][T14962]  __kmalloc_noprof+0xcb/0x510
[  569.929755][T14962]  ? d_absolute_path+0x137/0x1b0
[  569.929781][T14962]  ? rcu_is_watching+0x12/0xc0
[  569.929809][T14962]  tomoyo_encode2+0x100/0x3e0
[  569.929845][T14962]  tomoyo_encode+0x29/0x50
[  569.929874][T14962]  tomoyo_realpath_from_path+0x19d/0x720
[  569.929916][T14962]  tomoyo_path_number_perm+0x248/0x590
[  569.929942][T14962]  ? tomoyo_path_number_perm+0x235/0x590
[  569.929973][T14962]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  569.930033][T14962]  ? __pfx_lock_release+0x10/0x10
[  569.930063][T14962]  ? trace_lock_acquire+0x14e/0x1f0
[  569.930094][T14962]  ? lock_acquire+0x2f/0xb0
[  569.930122][T14962]  ? __fget_files+0x40/0x3a0
[  569.930158][T14962]  ? __fget_files+0x206/0x3a0
[  569.930195][T14962]  security_file_ioctl+0x9b/0x240
[  569.930226][T14962]  __x64_sys_ioctl+0xb7/0x200
[  569.930257][T14962]  do_syscall_64+0xcd/0x250
[  569.930290][T14962]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  569.930322][T14962] RIP: 0033:0x7f5093b8d169
[  569.930347][T14962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  569.930370][T14962] RSP: 002b:00007f5094ac3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  569.930393][T14962] RAX: ffffffffffffffda RBX: 00007f5093da5fa0 RCX: 00007f5093b8d169
[  569.930409][T14962] RDX: 0000400000000840 RSI: 00000000c4c85513 RDI: 0000000000000005
[  569.930424][T14962] RBP: 00007f5094ac3090 R08: 0000000000000000 R09: 0000000000000000
[  569.930438][T14962] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  569.930452][T14962] R13: 0000000000000000 R14: 00007f5093da5fa0 R15: 00007ffd84d48c98
[  569.930484][T14962]  </TASK>
[  569.930503][T14962] ERROR: Out of memory at tomoyo_realpath_from_path.
[  571.631971][T14999] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  572.832274][T15018] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT
[  573.386963][T15045] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  573.576700][T15048] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2009'.
[  573.762186][T15052] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2010'.
[  574.102215][T15059] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  574.489810][T15070] cougar: G6 mapped to space
[  575.567673][T15087] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  578.796295][T15148] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2033'.
[  578.938828][T15151] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  579.983369][T15184] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  581.781338][T15237] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  582.415682][T15247] Invalid ELF header magic: != ELF
[  582.736727][T15251] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT
[  583.969518][T15276] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  584.161854][T15280] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  586.174601][T15338] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  586.751608][T15345] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  588.375232][T15380] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  588.822999][T15388] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT
[  590.249207][T15419] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  591.914592][T15455] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2099'.
[  594.492980][T15514] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2110'.
[  596.884581][T15555] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2122'.
[  599.286727][T15625] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2136'.
[  599.555239][T15639] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  599.762181][T15647] FAULT_INJECTION: forcing a failure.
[  599.762181][T15647] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  599.802778][T15647] CPU: 0 UID: 0 PID: 15647 Comm: syz.4.2141 Not tainted 6.14.0-rc5-syzkaller-00137-g00a7d39898c8 #0
[  599.802810][T15647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  599.802822][T15647] Call Trace:
[  599.802829][T15647]  <TASK>
[  599.802838][T15647]  dump_stack_lvl+0x16c/0x1f0
[  599.802873][T15647]  should_fail_ex+0x50a/0x650
[  599.802913][T15647]  _copy_to_user+0x32/0xd0
[  599.802941][T15647]  simple_read_from_buffer+0xd0/0x160
[  599.802974][T15647]  proc_fail_nth_read+0x198/0x270
[  599.803002][T15647]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  599.803033][T15647]  ? rw_verify_area+0xcf/0x680
[  599.803060][T15647]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  599.803088][T15647]  vfs_read+0x1df/0xbf0
[  599.803118][T15647]  ? __fget_files+0x1fc/0x3a0
[  599.803149][T15647]  ? __pfx___mutex_lock+0x10/0x10
[  599.803179][T15647]  ? __pfx_vfs_read+0x10/0x10
[  599.803218][T15647]  ? __fget_files+0x206/0x3a0
[  599.803259][T15647]  ksys_read+0x12b/0x250
[  599.803288][T15647]  ? __pfx_ksys_read+0x10/0x10
[  599.803327][T15647]  do_syscall_64+0xcd/0x250
[  599.803359][T15647]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  599.803398][T15647] RIP: 0033:0x7f5093b8bb7c
[  599.803417][T15647] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  599.803438][T15647] RSP: 002b:00007f5094ac3030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  599.803461][T15647] RAX: ffffffffffffffda RBX: 00007f5093da5fa0 RCX: 00007f5093b8bb7c
[  599.803476][T15647] RDX: 000000000000000f RSI: 00007f5094ac30a0 RDI: 0000000000000004
[  599.803490][T15647] RBP: 00007f5094ac3090 R08: 0000000000000000 R09: 0000000000000000
[  599.803504][T15647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  599.803517][T15647] R13: 0000000000000000 R14: 00007f5093da5fa0 R15: 00007ffd84d48c98
[  599.803549][T15647]  </TASK>
[  600.925564][T15668] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2147'.
[  600.973937][T15641] kexec: Could not allocate control_code_buffer
[  601.813493][T15694] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  602.233144][T15708] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2157'.
[  603.156697][T15732] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2164'.
[  605.339800][T15772] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  605.448929][T15776] futex_wake_op: syz.4.2173 tries to shift op by 64; fix this program
[  605.693311][T15785] nbd: must specify a size in bytes for the device
[  606.378933][T15799] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2180'.
[  606.771830][T15805] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2182'.
[  607.042774][T15814] Invalid ELF header magic: != ELF
[  607.080313][T15818] netlink: 'syz.5.2185': attribute type 72 has an invalid length.
[  607.111780][T15818] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2185'.
[  607.220807][T15814] FAULT_INJECTION: forcing a failure.
[  607.220807][T15814] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  607.295055][T15814] CPU: 1 UID: 0 PID: 15814 Comm: syz.5.2185 Not tainted 6.14.0-rc5-syzkaller-00137-g00a7d39898c8 #0
[  607.295088][T15814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  607.295101][T15814] Call Trace:
[  607.295108][T15814]  <TASK>
[  607.295117][T15814]  dump_stack_lvl+0x16c/0x1f0
[  607.295153][T15814]  should_fail_ex+0x50a/0x650
[  607.295194][T15814]  _copy_from_user+0x2e/0xd0
[  607.295221][T15814]  copy_msghdr_from_user+0x99/0x160
[  607.295254][T15814]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  607.295296][T15814]  ? __pfx___lock_acquire+0x10/0x10
[  607.295333][T15814]  ___sys_recvmsg+0xdc/0x1a0
[  607.295365][T15814]  ? __pfx____sys_recvmsg+0x10/0x10
[  607.295398][T15814]  ? find_held_lock+0x2d/0x110
[  607.295438][T15814]  ? __pfx___might_resched+0x10/0x10
[  607.295471][T15814]  ? __might_fault+0xe3/0x190
[  607.295501][T15814]  do_recvmmsg+0x2f8/0x740
[  607.295538][T15814]  ? __pfx_do_recvmmsg+0x10/0x10
[  607.295568][T15814]  ? vfs_write+0x306/0x1150
[  607.295605][T15814]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  607.295646][T15814]  ? __fget_files+0x206/0x3a0
[  607.295692][T15814]  __x64_sys_recvmmsg+0x239/0x290
[  607.295727][T15814]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  607.295771][T15814]  do_syscall_64+0xcd/0x250
[  607.295803][T15814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  607.295835][T15814] RIP: 0033:0x7fb30bd8d169
[  607.295854][T15814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  607.295876][T15814] RSP: 002b:00007fb30cbac038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  607.295898][T15814] RAX: ffffffffffffffda RBX: 00007fb30bfa5fa0 RCX: 00007fb30bd8d169
[  607.295914][T15814] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[  607.295928][T15814] RBP: 00007fb30cbac090 R08: 0000000000000000 R09: 0000000000000000
[  607.295942][T15814] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000002
[  607.295956][T15814] R13: 0000000000000000 R14: 00007fb30bfa5fa0 R15: 00007ffdc7b4fe58
[  607.295987][T15814]  </TASK>
[  607.552868][T15825] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  607.967617][T15834] futex_wake_op: syz.2.2190 tries to shift op by 64; fix this program
[  608.140297][T15839] nbd: must specify a size in bytes for the device
[  608.151902][T15838] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2191'.
[  611.699587][T15896] futex_wake_op: syz.5.2205 tries to shift op by 64; fix this program
[  612.031738][T15903] nbd: must specify a size in bytes for the device
[  612.131836][T15905] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2209'.
[  613.994758][T15938] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2215'.
[  614.029681][T15938] FAULT_INJECTION: forcing a failure.
[  614.029681][T15938] name failslab, interval 1, probability 0, space 0, times 0
[  614.042452][T15938] CPU: 0 UID: 0 PID: 15938 Comm: syz.4.2215 Not tainted 6.14.0-rc5-syzkaller-00137-g00a7d39898c8 #0
[  614.042482][T15938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  614.042496][T15938] Call Trace:
[  614.042502][T15938]  <TASK>
[  614.042511][T15938]  dump_stack_lvl+0x16c/0x1f0
[  614.042547][T15938]  should_fail_ex+0x50a/0x650
[  614.042582][T15938]  ? fs_reclaim_acquire+0xae/0x150
[  614.042614][T15938]  should_failslab+0xc2/0x120
[  614.042637][T15938]  kmem_cache_alloc_node_noprof+0x72/0x3c0
[  614.042671][T15938]  ? __alloc_skb+0x2b1/0x380
[  614.042707][T15938]  __alloc_skb+0x2b1/0x380
[  614.042737][T15938]  ? __pfx___alloc_skb+0x10/0x10
[  614.042769][T15938]  ? __nla_parse+0x40/0x60
[  614.042803][T15938]  ovs_dp_cmd_del+0x67/0x2a0
[  614.042832][T15938]  genl_family_rcv_msg_doit+0x202/0x2f0
[  614.042870][T15938]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  614.042904][T15938]  ? trace_cap_capable+0x1a2/0x210
[  614.042938][T15938]  ? bpf_lsm_capable+0x9/0x10
[  614.042962][T15938]  ? security_capable+0x7e/0x260
[  614.042987][T15938]  ? ns_capable+0xd7/0x110
[  614.043031][T15938]  genl_rcv_msg+0x565/0x800
[  614.043068][T15938]  ? __pfx_genl_rcv_msg+0x10/0x10
[  614.043101][T15938]  ? __pfx_ovs_dp_cmd_del+0x10/0x10
[  614.043139][T15938]  netlink_rcv_skb+0x16b/0x440
[  614.043169][T15938]  ? __pfx_genl_rcv_msg+0x10/0x10
[  614.043203][T15938]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  614.043247][T15938]  ? down_read+0xc9/0x330
[  614.043278][T15938]  ? __pfx_down_read+0x10/0x10
[  614.043308][T15938]  ? netlink_deliver_tap+0x1ae/0xd30
[  614.043342][T15938]  genl_rcv+0x28/0x40
[  614.043371][T15938]  netlink_unicast+0x53c/0x7f0
[  614.043405][T15938]  ? __pfx_netlink_unicast+0x10/0x10
[  614.043433][T15938]  ? __phys_addr_symbol+0x30/0x80
[  614.043455][T15938]  ? __check_object_size+0x488/0x710
[  614.043481][T15938]  netlink_sendmsg+0x8b8/0xd70
[  614.043513][T15938]  ? __pfx_netlink_sendmsg+0x10/0x10
[  614.043558][T15938]  ____sys_sendmsg+0xaaf/0xc90
[  614.043584][T15938]  ? copy_msghdr_from_user+0x10b/0x160
[  614.043618][T15938]  ? __pfx_____sys_sendmsg+0x10/0x10
[  614.043661][T15938]  ___sys_sendmsg+0x135/0x1e0
[  614.043691][T15938]  ? __pfx____sys_sendmsg+0x10/0x10
[  614.043727][T15938]  ? __pfx_lock_release+0x10/0x10
[  614.043754][T15938]  ? trace_lock_acquire+0x14e/0x1f0
[  614.043788][T15938]  ? __fget_files+0x206/0x3a0
[  614.043828][T15938]  __sys_sendmsg+0x16e/0x220
[  614.043860][T15938]  ? __pfx___sys_sendmsg+0x10/0x10
[  614.043913][T15938]  do_syscall_64+0xcd/0x250
[  614.043945][T15938]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  614.043976][T15938] RIP: 0033:0x7f5093b8d169
[  614.043995][T15938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  614.044021][T15938] RSP: 002b:00007f5094aa2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  614.044044][T15938] RAX: ffffffffffffffda RBX: 00007f5093da6080 RCX: 00007f5093b8d169
[  614.044059][T15938] RDX: 0000000020000000 RSI: 0000400000000400 RDI: 0000000000000005
[  614.044073][T15938] RBP: 00007f5094aa2090 R08: 0000000000000000 R09: 0000000000000000
[  614.044086][T15938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  614.044100][T15938] R13: 0000000000000000 R14: 00007f5093da6080 R15: 00007ffd84d48c98
[  614.044130][T15938]  </TASK>
[  614.437494][T15936] openvswitch: HfR: Dropping previously announced user features
[  614.725689][T15940] svc: failed to register nfsdv3 RPC service (errno 101).
[  614.734509][T15940] svc: failed to register nfsaclv3 RPC service (errno 101).
[  615.668304][T15977] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2223'.
[  616.097214][ T5852] Bluetooth: hci3: unexpected event 0x1d length: 6 > 5
[  616.260142][T15999] svc: failed to register nfsdv3 RPC service (errno 111).
[  616.329244][T15999] svc: failed to register nfsaclv3 RPC service (errno 111).
[  617.457943][T16008] kexec: Could not allocate control_code_buffer
[  621.337109][T16083] kexec: Could not allocate control_code_buffer
[  622.255617][T16147] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2262'.
[  622.298488][T16146] openvswitch: HfR: Dropping previously announced user features
[  622.350755][T16147] HfR: left promiscuous mode
[  622.702709][T16153] svc: failed to register nfsdv3 RPC service (errno 111).
[  622.727768][T16153] svc: failed to register nfsaclv3 RPC service (errno 111).
[  624.793436][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  624.799876][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  625.819437][T16228] svc: failed to register nfsdv3 RPC service (errno 101).
[  625.879978][T16228] svc: failed to register nfsaclv3 RPC service (errno 101).
[  627.493762][T16248] svc: failed to register nfsdv3 RPC service (errno 512).
[  627.530494][T16248] svc: failed to register nfsaclv3 RPC service (errno 512).
[  628.129988][T16295] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 0, inode_bitmap = 137
[  628.187552][T16295] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 1, inode_bitmap = 138
[  628.223521][T16295] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 0: bad block bitmap checksum
[  628.690070][ T5849] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  628.703421][ T5849] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  628.712663][ T5849] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  628.720827][ T5849] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  628.731431][ T5849] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  628.738807][ T5849] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  628.806652][ T8232] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  628.896222][ T8232] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  628.941574][T16297] chnl_net:caif_netlink_parms(): no params data found
[  628.968363][ T8232] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  629.024930][ T8232] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  629.054373][T16297] bridge0: port 1(bridge_slave_0) entered blocking state
[  629.061746][T16297] bridge0: port 1(bridge_slave_0) entered disabled state
[  629.069644][T16297] bridge_slave_0: entered allmulticast mode
[  629.076300][T16297] bridge_slave_0: entered promiscuous mode
[  629.085279][T16297] bridge0: port 2(bridge_slave_1) entered blocking state
[  629.093948][T16297] bridge0: port 2(bridge_slave_1) entered disabled state
[  629.102955][T16297] bridge_slave_1: entered allmulticast mode
[  629.110450][T16297] bridge_slave_1: entered promiscuous mode
[  629.140520][T16297] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  629.152420][T16297] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  629.228946][T16297] team0: Port device team_slave_0 added
[  629.253092][T16297] team0: Port device team_slave_1 added
[  629.259450][ T8232] bridge_slave_1: left allmulticast mode
[  629.265128][ T8232] bridge_slave_1: left promiscuous mode
[  629.271344][ T8232] bridge0: port 2(bridge_slave_1) entered disabled state
[  629.280419][ T8232] bridge_slave_0: left allmulticast mode
[  629.286091][ T8232] bridge_slave_0: left promiscuous mode
[  629.292371][ T8232] bridge0: port 1(bridge_slave_0) entered disabled state
[  629.699521][ T8232] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  629.713116][ T8232] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  629.723152][ T8232] bond0 (unregistering): Released all slaves
[  629.760799][T16297] batman_adv: batadv0: Adding interface: batadv_slave_0
[  629.767783][T16297] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  629.795820][T16297] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  629.819757][T16297] batman_adv: batadv0: Adding interface: batadv_slave_1
[  629.827097][T16297] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  629.874605][T16297] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  629.959917][T16297] hsr_slave_0: entered promiscuous mode
[  629.966651][T16297] hsr_slave_1: entered promiscuous mode
[  629.975951][T16297] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  629.985143][T16297] Cannot create hsr debugfs directory
[  630.788165][ T5852] Bluetooth: hci3: command tx timeout
[  631.925381][ T8232] hsr_slave_0: left promiscuous mode
[  631.946390][ T8232] hsr_slave_1: left promiscuous mode
[  631.956455][ T8232] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  631.971129][ T8232] batman_adv: batadv0: Removing interface: batadv_slave_0
[  631.993728][ T8232] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  632.019730][ T8232] batman_adv: batadv0: Removing interface: batadv_slave_1
[  632.065344][ T8232] veth1_macvtap: left promiscuous mode
[  632.084490][ T8232] veth0_macvtap: left promiscuous mode
[  632.090550][ T8232] veth1_vlan: left promiscuous mode
[  632.096004][ T8232] veth0_vlan: left promiscuous mode
[  632.687858][ T8232] team0 (unregistering): Port device team_slave_1 removed
[  632.753170][ T8232] team0 (unregistering): Port device team_slave_0 removed
[  632.858332][ T5852] Bluetooth: hci3: command tx timeout
[  633.768212][T16297] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  633.794594][T16297] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  633.820463][T16297] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  633.863582][T16297] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  634.037594][T16297] 8021q: adding VLAN 0 to HW filter on device bond0
[  634.075847][T16297] 8021q: adding VLAN 0 to HW filter on device team0
[  634.122204][T15326] bridge0: port 1(bridge_slave_0) entered blocking state
[  634.129425][T15326] bridge0: port 1(bridge_slave_0) entered forwarding state
[  634.146269][T15326] bridge0: port 2(bridge_slave_1) entered blocking state
[  634.153505][T15326] bridge0: port 2(bridge_slave_1) entered forwarding state
[  634.243275][T16297] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  634.355245][T16371] svc: failed to register nfsdv3 RPC service (errno 101).
[  634.380893][T16371] svc: failed to register nfsaclv3 RPC service (errno 101).
[  634.604797][T16297] 8021q: adding VLAN 0 to HW filter on device batadv0
[  634.901971][T16394] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  634.940711][ T5852] Bluetooth: hci3: command tx timeout
[  635.105668][T16297] veth0_vlan: entered promiscuous mode
[  635.173259][T16297] veth1_vlan: entered promiscuous mode
[  635.273433][T16297] veth0_macvtap: entered promiscuous mode
[  635.302116][T16297] veth1_macvtap: entered promiscuous mode
[  635.332209][T16297] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  635.346069][T16297] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  635.357677][T16297] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  635.376848][T16297] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  635.414942][T16297] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  635.446035][T16297] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  635.480724][T16297] batman_adv: batadv0: Interface activated: batadv_slave_0
[  635.577053][T16297] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  635.608719][T16297] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  635.633559][T16297] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  635.647560][T16297] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  635.668538][T16297] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  635.688512][T16297] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  635.703740][T16297] batman_adv: batadv0: Interface activated: batadv_slave_1
[  635.775146][T16297] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  635.788492][T16297] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  635.797430][T16297] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  635.818659][T16297] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  636.134483][T15321] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  636.152665][T15321] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  636.191045][T15321] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  636.199666][T15321] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  636.611918][T16421] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  637.018986][ T5852] Bluetooth: hci3: command tx timeout
[  638.678996][T16465] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  638.920428][T16476] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  641.749898][T16527] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  642.949509][T16540] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2327'.
[  643.018593][T16540] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2327'.
[  647.195305][T16632] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  648.286163][T16663] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  649.367464][T16687] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  651.087000][T16712] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  653.485249][T16739] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  655.055659][T16748] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  656.685719][T16774] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  656.718344][T16778] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  658.353261][T16802] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2381'.
[  658.847587][T16798] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2378'.
[  658.972156][T16798] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2378'.
[  659.163359][T16809] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  661.842650][T16839] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  663.052938][T16866] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  664.172463][T16881] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT
[  664.343319][T16876] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  665.947261][T16919] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  666.157126][T16918] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  666.984046][T16934] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT
[  671.370626][ T5849] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  671.381204][ T5849] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  671.391490][ T5849] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  671.410052][ T5849] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  671.433791][ T5849] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  671.445388][ T5849] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  671.959839][T15321] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  672.232564][T15321] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  672.487369][T15321] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  672.600526][T16992] chnl_net:caif_netlink_parms(): no params data found
[  672.690519][T15321] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  672.945631][T16992] bridge0: port 1(bridge_slave_0) entered blocking state
[  672.965689][T16992] bridge0: port 1(bridge_slave_0) entered disabled state
[  672.988592][T16992] bridge_slave_0: entered allmulticast mode
[  672.995732][T16992] bridge_slave_0: entered promiscuous mode
[  673.056443][T16992] bridge0: port 2(bridge_slave_1) entered blocking state
[  673.067516][T16992] bridge0: port 2(bridge_slave_1) entered disabled state
[  673.079128][T16992] bridge_slave_1: entered allmulticast mode
[  673.086341][T16992] bridge_slave_1: entered promiscuous mode
[  673.109284][T15321] bridge_slave_1: left allmulticast mode
[  673.115049][T15321] bridge_slave_1: left promiscuous mode
[  673.122199][T15321] bridge0: port 2(bridge_slave_1) entered disabled state
[  673.131456][T15321] bridge_slave_0: left allmulticast mode
[  673.137316][T15321] bridge_slave_0: left promiscuous mode
[  673.143585][T15321] bridge0: port 1(bridge_slave_0) entered disabled state
[  673.498204][ T5849] Bluetooth: hci4: command tx timeout
[  674.549199][T15321] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  674.564045][T15321] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  674.576125][T15321] bond0 (unregistering): Released all slaves
[  674.605160][T16992] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  674.625542][T16992] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  674.733882][T16992] team0: Port device team_slave_0 added
[  674.766403][T16992] team0: Port device team_slave_1 added
[  674.885908][T16992] batman_adv: batadv0: Adding interface: batadv_slave_0
[  674.914812][T16992] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  674.991767][T16992] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  675.101719][T16992] batman_adv: batadv0: Adding interface: batadv_slave_1
[  675.124125][T16992] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  675.175722][T16992] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  675.589167][ T5849] Bluetooth: hci4: command tx timeout
[  675.727979][T17048] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  675.835649][T16992] hsr_slave_0: entered promiscuous mode
[  675.877345][T16992] hsr_slave_1: entered promiscuous mode
[  675.914769][T16992] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  675.963661][T16992] Cannot create hsr debugfs directory
[  676.237789][T15321] hsr_slave_0: left promiscuous mode
[  676.247502][T15321] hsr_slave_1: left promiscuous mode
[  676.258272][T15321] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  676.281711][T15321] batman_adv: batadv0: Removing interface: batadv_slave_0
[  676.296596][T15321] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  676.304717][T15321] batman_adv: batadv0: Removing interface: batadv_slave_1
[  676.359246][T15321] veth0_macvtap: left promiscuous mode
[  676.365013][T15321] veth1_vlan: left promiscuous mode
[  676.379799][T15321] veth0_vlan: left promiscuous mode
[  676.928612][T15321] team0 (unregistering): Port device team_slave_1 removed
[  677.002386][T15321] team0 (unregistering): Port device team_slave_0 removed
[  677.659511][ T5849] Bluetooth: hci4: command tx timeout
[  678.030657][T17093] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  678.801240][T17103] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  679.738190][ T5849] Bluetooth: hci4: command tx timeout
[  679.904320][T16992] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  679.955005][T16992] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  680.002596][T16992] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  680.026800][T16992] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  680.206822][T16992] 8021q: adding VLAN 0 to HW filter on device bond0
[  680.244346][T16992] 8021q: adding VLAN 0 to HW filter on device team0
[  680.273873][ T8232] bridge0: port 1(bridge_slave_0) entered blocking state
[  680.281173][ T8232] bridge0: port 1(bridge_slave_0) entered forwarding state
[  680.295859][T15327] bridge0: port 2(bridge_slave_1) entered blocking state
[  680.303062][T15327] bridge0: port 2(bridge_slave_1) entered forwarding state
[  680.864501][T16992] 8021q: adding VLAN 0 to HW filter on device batadv0
[  681.540288][T16992] veth0_vlan: entered promiscuous mode
[  681.563472][T16992] veth1_vlan: entered promiscuous mode
[  681.604831][T16992] veth0_macvtap: entered promiscuous mode
[  681.633900][T16992] veth1_macvtap: entered promiscuous mode
[  681.684563][T16992] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  681.709309][T16992] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  681.725113][T16992] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  681.755678][T16992] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  681.786413][T16992] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  681.819562][T16992] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  681.839309][T16992] batman_adv: batadv0: Interface activated: batadv_slave_0
[  681.860801][T16992] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  681.898308][T16992] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  681.928110][T16992] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  681.958209][T16992] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  681.997378][T16992] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  682.033641][T17185] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  682.043899][T16992] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  682.070974][T16992] batman_adv: batadv0: Interface activated: batadv_slave_1
[  682.082370][T16992] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  682.091451][T16992] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  682.100480][T16992] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  682.118649][T16992] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  682.482273][T17201] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2453'.
[  682.503365][T15326] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  682.534450][T15326] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  682.537394][T17201] veth1_macvtap: left promiscuous mode
[  682.580394][T17201] macsec0: entered allmulticast mode
[  682.674660][ T8231] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  682.711369][ T8231] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  684.537142][ T5852] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  684.549200][ T5852] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  684.559495][ T5852] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  684.569563][ T5852] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  684.578780][ T5852] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  684.587402][ T5852] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  684.945686][T17237] chnl_net:caif_netlink_parms(): no params data found
[  685.162947][ T8231] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  685.205941][T17245] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2460'.
[  685.359803][ T8231] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  685.415140][T17237] bridge0: port 1(bridge_slave_0) entered blocking state
[  685.439663][T17237] bridge0: port 1(bridge_slave_0) entered disabled state
[  685.474761][T17237] bridge_slave_0: entered allmulticast mode
[  685.483756][T17237] bridge_slave_0: entered promiscuous mode
[  685.532349][ T8231] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  685.563203][T17237] bridge0: port 2(bridge_slave_1) entered blocking state
[  685.574659][T17237] bridge0: port 2(bridge_slave_1) entered disabled state
[  685.597595][T17237] bridge_slave_1: entered allmulticast mode
[  685.629437][T17237] bridge_slave_1: entered promiscuous mode
[  685.686070][ T8231] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  685.774578][T17237] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  685.805261][T17237] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  685.863103][T17237] team0: Port device team_slave_0 added
[  685.872242][T17237] team0: Port device team_slave_1 added
[  685.981668][T17237] batman_adv: batadv0: Adding interface: batadv_slave_0
[  685.997417][T17237] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  686.033562][T17237] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  686.062016][ T8231] bridge_slave_1: left allmulticast mode
[  686.068228][ T8231] bridge_slave_1: left promiscuous mode
[  686.073934][ T8231] bridge0: port 2(bridge_slave_1) entered disabled state
[  686.120083][ T8231] bridge_slave_0: left allmulticast mode
[  686.126156][ T8231] bridge_slave_0: left promiscuous mode
[  686.138448][ T8231] bridge0: port 1(bridge_slave_0) entered disabled state
[  686.242738][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  686.249947][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  686.625551][ T5852] Bluetooth: hci2: command tx timeout
[  687.580125][T17276] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  687.823380][ T8231] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  687.835486][ T8231] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  687.850000][ T8231] bond0 (unregistering): Released all slaves
[  687.879527][T17237] batman_adv: batadv0: Adding interface: batadv_slave_1
[  687.892498][T17237] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  687.943084][T17237] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  688.041714][ T8231] HSR: left promiscuous mode
[  688.265614][ T8231] HfR: left promiscuous mode
[  688.294438][T17288] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2469'.
[  688.333380][T17237] hsr_slave_0: entered promiscuous mode
[  688.350202][T17237] hsr_slave_1: entered promiscuous mode
[  688.377383][T17237] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  688.396759][T17237] Cannot create hsr debugfs directory
[  688.698238][ T5852] Bluetooth: hci2: command tx timeout
[  689.321126][T17316] FAULT_INJECTION: forcing a failure.
[  689.321126][T17316] name failslab, interval 1, probability 0, space 0, times 0
[  689.355681][T17316] CPU: 1 UID: 0 PID: 17316 Comm: syz.2.2475 Not tainted 6.14.0-rc5-syzkaller-00137-g00a7d39898c8 #0
[  689.355713][T17316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  689.355725][T17316] Call Trace:
[  689.355732][T17316]  <TASK>
[  689.355740][T17316]  dump_stack_lvl+0x16c/0x1f0
[  689.355775][T17316]  should_fail_ex+0x50a/0x650
[  689.355806][T17316]  ? fs_reclaim_acquire+0xae/0x150
[  689.355836][T17316]  should_failslab+0xc2/0x120
[  689.355857][T17316]  __kmalloc_node_noprof+0xd1/0x510
[  689.355886][T17316]  ? __pfx_aa_file_perm+0x10/0x10
[  689.355912][T17316]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  689.355948][T17316]  __kvmalloc_node_noprof+0xad/0x1a0
[  689.355980][T17316]  seq_read_iter+0x82a/0x12b0
[  689.356011][T17316]  ? __mutex_trylock_common+0xea/0x250
[  689.356050][T17316]  kernfs_fop_read_iter+0x414/0x580
[  689.356074][T17316]  ? rw_verify_area+0xcf/0x680
[  689.356103][T17316]  vfs_read+0x886/0xbf0
[  689.356134][T17316]  ? __pfx_vfs_read+0x10/0x10
[  689.356163][T17316]  ksys_read+0x12b/0x250
[  689.356187][T17316]  ? __pfx_ksys_read+0x10/0x10
[  689.356209][T17316]  do_syscall_64+0xcd/0x250
[  689.356228][T17316]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  689.356246][T17316] RIP: 0033:0x7f542c78d169
[  689.356258][T17316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  689.356271][T17316] RSP: 002b:00007f542d5f2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  689.356284][T17316] RAX: ffffffffffffffda RBX: 00007f542c9a5fa0 RCX: 00007f542c78d169
[  689.356293][T17316] RDX: 0000000000000076 RSI: 00004000000071c0 RDI: 0000000000000003
[  689.356301][T17316] RBP: 00007f542d5f2090 R08: 0000000000000000 R09: 0000000000000000
[  689.356309][T17316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  689.356316][T17316] R13: 0000000000000000 R14: 00007f542c9a5fa0 R15: 00007ffec31528b8
[  689.356333][T17316]  </TASK>
[  689.789357][T17320] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  689.998501][ T8231] hsr_slave_0: left promiscuous mode
[  690.029017][ T8231] hsr_slave_1: left promiscuous mode
[  690.038687][ T8231] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  690.067787][ T8231] batman_adv: batadv0: Removing interface: batadv_slave_0
[  690.078879][ T8231] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  690.086370][ T8231] batman_adv: batadv0: Removing interface: batadv_slave_1
[  690.426308][ T8231] veth1_macvtap: left allmulticast mode
[  690.432495][ T8231] veth1_macvtap: left promiscuous mode
[  690.438139][ T8231] veth0_macvtap: left promiscuous mode
[  690.443827][ T8231] veth1_vlan: left promiscuous mode
[  690.449228][ T8231] veth0_vlan: left promiscuous mode
[  690.785092][ T5852] Bluetooth: hci2: command tx timeout
[  691.326736][ T8231] team0 (unregistering): Port device team_slave_1 removed
[  691.389312][ T8231] team0 (unregistering): Port device team_slave_0 removed
[  692.115430][T17341] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2481'.
[  692.868184][ T5852] Bluetooth: hci2: command tx timeout
[  693.170516][T17361] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  694.100208][T17237] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  694.156520][T17237] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  694.205308][T17237] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  694.248681][T17237] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  694.454719][T17237] 8021q: adding VLAN 0 to HW filter on device bond0
[  694.487453][T17237] 8021q: adding VLAN 0 to HW filter on device team0
[  694.531070][ T3029] bridge0: port 1(bridge_slave_0) entered blocking state
[  694.538306][ T3029] bridge0: port 1(bridge_slave_0) entered forwarding state
[  694.549991][ T3029] bridge0: port 2(bridge_slave_1) entered blocking state
[  694.557226][ T3029] bridge0: port 2(bridge_slave_1) entered forwarding state
[  695.680310][T17237] 8021q: adding VLAN 0 to HW filter on device batadv0
[  695.715815][T17422] netlink: 322 bytes leftover after parsing attributes in process `syz.5.2491'.
[  696.202995][T17440] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  696.736331][T17237] veth0_vlan: entered promiscuous mode
[  696.748169][T17237] veth1_vlan: entered promiscuous mode
[  696.770914][T17237] veth0_macvtap: entered promiscuous mode
[  696.808506][T17237] veth1_macvtap: entered promiscuous mode
[  696.897192][T17237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  696.949429][T17237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  696.971382][T17237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  697.022274][T17237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  697.061955][T17237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  697.108144][T17237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  697.143344][T17237] batman_adv: batadv0: Interface activated: batadv_slave_0
[  697.204028][T17237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  697.235133][T17237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  697.250170][T17237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  697.261553][T17237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  697.272014][T17237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  697.290599][T17237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  697.339265][T17237] batman_adv: batadv0: Interface activated: batadv_slave_1
[  697.393508][T17460] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2497'.
[  697.474975][T17237] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  697.526578][T17237] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  697.564162][T17237] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  697.588051][T17237] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  697.850531][ T3507] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  697.899374][ T3507] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  697.988165][ T3507] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  698.018411][ T3507] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  699.483456][T17509] netlink: 'syz.5.2507': attribute type 1 has an invalid length.
[  699.665912][T15327] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  699.786123][ T5849] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  699.797584][ T5849] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  699.808890][ T5849] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  699.817332][ T5849] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  699.825484][ T5849] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  699.832948][ T5849] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  700.001786][T15327] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  700.031238][   T29] audit: type=1800 audit(4294967311.060:11): pid=17514 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2509" name="discovery_nqn" dev="configfs" ino=67432 res=0 errno=0
[  700.309241][T15327] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  700.655979][T15327] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  701.160238][T15327] bridge_slave_1: left allmulticast mode
[  701.206210][T15327] bridge_slave_1: left promiscuous mode
[  701.230074][T15327] bridge0: port 2(bridge_slave_1) entered disabled state
[  701.259067][T17527] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  701.300439][T15327] bridge_slave_0: left allmulticast mode
[  701.316368][T15327] bridge_slave_0: left promiscuous mode
[  701.334937][T15327] bridge0: port 1(bridge_slave_0) entered disabled state
[  701.900642][ T5852] Bluetooth: hci1: command tx timeout
[  702.974517][T15327] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  702.985799][T15327] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  703.000267][T15327] bond0 (unregistering): Released all slaves
[  703.141063][T15327] HfR: left promiscuous mode
[  703.309493][T17510] chnl_net:caif_netlink_parms(): no params data found
[  703.723850][T17510] bridge0: port 1(bridge_slave_0) entered blocking state
[  703.756995][T17510] bridge0: port 1(bridge_slave_0) entered disabled state
[  703.797136][T17510] bridge_slave_0: entered allmulticast mode
[  703.821779][T17510] bridge_slave_0: entered promiscuous mode
[  703.951109][T17510] bridge0: port 2(bridge_slave_1) entered blocking state
[  703.978118][ T5852] Bluetooth: hci1: command tx timeout
[  703.990342][T17510] bridge0: port 2(bridge_slave_1) entered disabled state
[  704.027780][T17510] bridge_slave_1: entered allmulticast mode
[  704.059365][T17510] bridge_slave_1: entered promiscuous mode
[  704.111978][T15327] hsr_slave_0: left promiscuous mode
[  704.121496][T15327] hsr_slave_1: left promiscuous mode
[  704.127462][T15327] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  704.135024][T15327] batman_adv: batadv0: Removing interface: batadv_slave_0
[  704.145539][T15327] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  704.153113][T15327] batman_adv: batadv0: Removing interface: batadv_slave_1
[  704.178926][T15327] veth0_macvtap: left promiscuous mode
[  704.184627][T15327] veth1_vlan: left promiscuous mode
[  704.190126][T15327] veth0_vlan: left promiscuous mode
[  704.815941][T15327] team0 (unregistering): Port device team_slave_0 removed
[  705.395311][T17510] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  705.409146][T17510] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  705.524539][T17510] team0: Port device team_slave_0 added
[  705.567341][T17510] team0: Port device team_slave_1 added
[  705.744917][T17510] batman_adv: batadv0: Adding interface: batadv_slave_0
[  705.767657][T17510] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  705.900033][T17510] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  705.946607][T17510] batman_adv: batadv0: Adding interface: batadv_slave_1
[  705.978841][T17510] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  706.036950][T17510] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  706.058372][ T5852] Bluetooth: hci1: command tx timeout
[  706.149368][T17510] hsr_slave_0: entered promiscuous mode
[  706.156261][T17510] hsr_slave_1: entered promiscuous mode
[  706.333532][T17609] syz.5.2527 uses obsolete (PF_INET,SOCK_PACKET)
[  708.140038][ T5852] Bluetooth: hci1: command tx timeout
[  708.233214][T17510] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  708.325058][T17510] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  708.737106][T17510] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  708.746510][T17653] usb usb38: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  708.794108][T17653] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  708.812407][T17510] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  709.132059][T17510] 8021q: adding VLAN 0 to HW filter on device bond0
[  709.229222][T17510] 8021q: adding VLAN 0 to HW filter on device team0
[  709.266490][T15321] bridge0: port 1(bridge_slave_0) entered blocking state
[  709.273890][T15321] bridge0: port 1(bridge_slave_0) entered forwarding state
[  709.334501][ T8232] bridge0: port 2(bridge_slave_1) entered blocking state
[  709.341734][ T8232] bridge0: port 2(bridge_slave_1) entered forwarding state
[  709.799941][T17510] 8021q: adding VLAN 0 to HW filter on device batadv0
[  709.938688][T17510] veth0_vlan: entered promiscuous mode
[  709.976620][T17510] veth1_vlan: entered promiscuous mode
[  710.054118][T17510] veth0_macvtap: entered promiscuous mode
[  710.124789][T17510] veth1_macvtap: entered promiscuous mode
[  710.281961][T17510] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  710.315259][T17510] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  710.325402][T17510] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  710.346155][T17510] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  710.366887][T17510] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  710.377645][T17510] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  710.390708][T17510] batman_adv: batadv0: Interface activated: batadv_slave_0
[  710.412611][T17510] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  710.423428][T17510] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  710.433829][T17510] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  710.445374][T17510] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  710.470778][T17510] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  710.502026][T17510] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  710.576858][T17510] batman_adv: batadv0: Interface activated: batadv_slave_1
[  710.607715][T17510] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  710.621575][T17510] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  710.647624][T17510] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  710.657231][T17510] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  711.145523][T15321] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  711.187544][T15321] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  711.264834][T15321] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  711.338327][T15321] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  711.608926][T17729] FAULT_INJECTION: forcing a failure.
[  711.608926][T17729] name failslab, interval 1, probability 0, space 0, times 0
[  711.656660][T17729] CPU: 1 UID: 0 PID: 17729 Comm: syz.2.2544 Not tainted 6.14.0-rc5-syzkaller-00137-g00a7d39898c8 #0
[  711.656693][T17729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  711.656706][T17729] Call Trace:
[  711.656712][T17729]  <TASK>
[  711.656722][T17729]  dump_stack_lvl+0x16c/0x1f0
[  711.656755][T17729]  should_fail_ex+0x50a/0x650
[  711.656794][T17729]  ? sctp_add_bind_addr+0x9a/0x3d0
[  711.656817][T17729]  should_failslab+0xc2/0x120
[  711.656839][T17729]  __kmalloc_cache_noprof+0x68/0x410
[  711.656869][T17729]  ? __sctp_v6_cmp_addr+0x206/0x530
[  711.656904][T17729]  sctp_add_bind_addr+0x9a/0x3d0
[  711.656931][T17729]  sctp_copy_local_addr_list+0x39e/0x5a0
[  711.656964][T17729]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  711.656998][T17729]  ? sctp_auth_asoc_copy_shkeys+0x2a7/0x360
[  711.657034][T17729]  ? sctp_bind_addr_copy+0xe0/0x530
[  711.657058][T17729]  sctp_bind_addr_copy+0xe0/0x530
[  711.657090][T17729]  sctp_connect_new_asoc+0x1d8/0x790
[  711.657125][T17729]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  711.657159][T17729]  ? lock_acquire+0x2f/0xb0
[  711.657195][T17729]  ? sctp_endpoint_lookup_assoc+0xac/0x2a0
[  711.657234][T17729]  __sctp_connect+0x3f5/0xc60
[  711.657269][T17729]  ? sctp_inet_connect+0xac/0x200
[  711.657301][T17729]  ? __pfx___sctp_connect+0x10/0x10
[  711.657333][T17729]  ? __pfx_sctp_inet_connect+0x10/0x10
[  711.657369][T17729]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  711.657405][T17729]  ? __pfx_sctp_inet_connect+0x10/0x10
[  711.657436][T17729]  sctp_inet_connect+0x15f/0x200
[  711.657469][T17729]  __sys_connect_file+0x13e/0x1a0
[  711.657501][T17729]  __sys_connect+0x14f/0x170
[  711.657529][T17729]  ? __pfx___sys_connect+0x10/0x10
[  711.657568][T17729]  ? __pfx_ksys_write+0x10/0x10
[  711.657605][T17729]  __x64_sys_connect+0x72/0xb0
[  711.657630][T17729]  ? lockdep_hardirqs_on+0x7c/0x110
[  711.657658][T17729]  do_syscall_64+0xcd/0x250
[  711.657689][T17729]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  711.657719][T17729] RIP: 0033:0x7f542c78d169
[  711.657737][T17729] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  711.657758][T17729] RSP: 002b:00007f542d5f2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  711.657781][T17729] RAX: ffffffffffffffda RBX: 00007f542c9a5fa0 RCX: 00007f542c78d169
[  711.657796][T17729] RDX: 0000000000000054 RSI: 0000400000000080 RDI: 0000000000000003
[  711.657809][T17729] RBP: 00007f542d5f2090 R08: 0000000000000000 R09: 0000000000000000
[  711.657822][T17729] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  711.657834][T17729] R13: 0000000000000000 R14: 00007f542c9a5fa0 R15: 00007ffec31528b8
[  711.657863][T17729]  </TASK>
[  712.505522][T17749] FAULT_INJECTION: forcing a failure.
[  712.505522][T17749] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  712.535564][T17747] netlink: 'syz.2.2546': attribute type 11 has an invalid length.
[  712.661882][T17749] CPU: 1 UID: 0 PID: 17749 Comm: syz.3.2548 Not tainted 6.14.0-rc5-syzkaller-00137-g00a7d39898c8 #0
[  712.661917][T17749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  712.661930][T17749] Call Trace:
[  712.661938][T17749]  <TASK>
[  712.661947][T17749]  dump_stack_lvl+0x16c/0x1f0
[  712.661983][T17749]  should_fail_ex+0x50a/0x650
[  712.662021][T17749]  _copy_from_user+0x2e/0xd0
[  712.662048][T17749]  core_sys_select+0x361/0xb80
[  712.662086][T17749]  ? __pfx_core_sys_select+0x10/0x10
[  712.662121][T17749]  ? find_held_lock+0x2d/0x110
[  712.662179][T17749]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  712.662216][T17749]  kern_select+0x15e/0x1e0
[  712.662245][T17749]  ? __pfx_kern_select+0x10/0x10
[  712.662278][T17749]  ? __pfx_ksys_write+0x10/0x10
[  712.662314][T17749]  __x64_sys_select+0xbd/0x160
[  712.662341][T17749]  ? do_syscall_64+0x91/0x250
[  712.662369][T17749]  ? lockdep_hardirqs_on+0x7c/0x110
[  712.662396][T17749]  do_syscall_64+0xcd/0x250
[  712.662426][T17749]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  712.662456][T17749] RIP: 0033:0x7fc01038d169
[  712.662475][T17749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  712.662496][T17749] RSP: 002b:00007fc0111f2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017
[  712.662517][T17749] RAX: ffffffffffffffda RBX: 00007fc0105a6080 RCX: 00007fc01038d169
[  712.662533][T17749] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e
[  712.662546][T17749] RBP: 00007fc0111f2090 R08: 0000000000000000 R09: 0000000000000000
[  712.662559][T17749] R10: 00004000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  712.662573][T17749] R13: 0000000000000000 R14: 00007fc0105a6080 R15: 00007ffd03939fb8
[  712.662601][T17749]  </TASK>
[  713.250936][T17741] Invalid ELF header magic: != ELF
[  714.009084][T17789] FAULT_INJECTION: forcing a failure.
[  714.009084][T17789] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  714.055174][T17789] CPU: 1 UID: 0 PID: 17789 Comm: syz.4.2558 Not tainted 6.14.0-rc5-syzkaller-00137-g00a7d39898c8 #0
[  714.055204][T17789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  714.055217][T17789] Call Trace:
[  714.055223][T17789]  <TASK>
[  714.055231][T17789]  dump_stack_lvl+0x16c/0x1f0
[  714.055264][T17789]  should_fail_ex+0x50a/0x650
[  714.055299][T17789]  _copy_to_user+0x32/0xd0
[  714.055325][T17789]  simple_read_from_buffer+0xd0/0x160
[  714.055355][T17789]  proc_fail_nth_read+0x198/0x270
[  714.055382][T17789]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  714.055409][T17789]  ? rw_verify_area+0xcf/0x680
[  714.055435][T17789]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  714.055461][T17789]  vfs_read+0x1df/0xbf0
[  714.055489][T17789]  ? __fget_files+0x1fc/0x3a0
[  714.055519][T17789]  ? __pfx___mutex_lock+0x10/0x10
[  714.055546][T17789]  ? __pfx_vfs_read+0x10/0x10
[  714.055582][T17789]  ? __fget_files+0x206/0x3a0
[  714.055619][T17789]  ksys_read+0x12b/0x250
[  714.055647][T17789]  ? __pfx_ksys_read+0x10/0x10
[  714.055682][T17789]  do_syscall_64+0xcd/0x250
[  714.055711][T17789]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  714.055739][T17789] RIP: 0033:0x7f46de78bb7c
[  714.055755][T17789] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  714.055775][T17789] RSP: 002b:00007f46dc5f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  714.055795][T17789] RAX: ffffffffffffffda RBX: 00007f46de9a5fa0 RCX: 00007f46de78bb7c
[  714.055810][T17789] RDX: 000000000000000f RSI: 00007f46dc5f60a0 RDI: 0000000000000004
[  714.055823][T17789] RBP: 00007f46dc5f6090 R08: 0000000000000000 R09: 0000000000000002
[  714.055836][T17789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  714.055849][T17789] R13: 0000000000000000 R14: 00007f46de9a5fa0 R15: 00007fffc59aac08
[  714.055878][T17789]  </TASK>
[  714.788305][T17819] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  716.165558][T17847] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  716.272843][T17850] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2575'.
[  716.285337][T17856] FAULT_INJECTION: forcing a failure.
[  716.285337][T17856] name failslab, interval 1, probability 0, space 0, times 0
[  716.318948][T17856] CPU: 1 UID: 0 PID: 17856 Comm: syz.4.2576 Not tainted 6.14.0-rc5-syzkaller-00137-g00a7d39898c8 #0
[  716.318978][T17856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  716.318991][T17856] Call Trace:
[  716.318998][T17856]  <TASK>
[  716.319007][T17856]  dump_stack_lvl+0x16c/0x1f0
[  716.319043][T17856]  should_fail_ex+0x50a/0x650
[  716.319078][T17856]  ? fs_reclaim_acquire+0xae/0x150
[  716.319111][T17856]  ? argv_split+0x18b/0x440
[  716.319134][T17856]  should_failslab+0xc2/0x120
[  716.319158][T17856]  __kmalloc_noprof+0xcb/0x510
[  716.319191][T17856]  ? __asan_memcpy+0x3c/0x60
[  716.319227][T17856]  argv_split+0x18b/0x440
[  716.319254][T17856]  ? __pfx___trace_uprobe_create+0x10/0x10
[  716.319288][T17856]  trace_probe_create+0x7e/0x110
[  716.319318][T17856]  ? __pfx_trace_probe_create+0x10/0x10
[  716.319357][T17856]  create_or_delete_trace_uprobe+0x5a/0xb0
[  716.319390][T17856]  trace_parse_run_command+0x1a9/0x3c0
[  716.319421][T17856]  ? __pfx_create_or_delete_trace_uprobe+0x10/0x10
[  716.319457][T17856]  ? __pfx_probes_write+0x10/0x10
[  716.319486][T17856]  vfs_write+0x24c/0x1150
[  716.319518][T17856]  ? __fget_files+0x1fc/0x3a0
[  716.319550][T17856]  ? __pfx___mutex_lock+0x10/0x10
[  716.319581][T17856]  ? __pfx_vfs_write+0x10/0x10
[  716.319622][T17856]  ? __fget_files+0x206/0x3a0
[  716.319664][T17856]  ksys_write+0x12b/0x250
[  716.319695][T17856]  ? __pfx_ksys_write+0x10/0x10
[  716.319736][T17856]  do_syscall_64+0xcd/0x250
[  716.319775][T17856]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  716.319806][T17856] RIP: 0033:0x7f46de78d169
[  716.319825][T17856] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  716.319846][T17856] RSP: 002b:00007f46dc5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  716.319868][T17856] RAX: ffffffffffffffda RBX: 00007f46de9a5fa0 RCX: 00007f46de78d169
[  716.319883][T17856] RDX: 0000000000000019 RSI: 0000400000000000 RDI: 0000000000000003
[  716.319898][T17856] RBP: 00007f46dc5f6090 R08: 0000000000000000 R09: 0000000000000000
[  716.319912][T17856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  716.319925][T17856] R13: 0000000000000000 R14: 00007f46de9a5fa0 R15: 00007fffc59aac08
[  716.319958][T17856]  </TASK>
[  716.322845][T17858] netlink: 354 bytes leftover after parsing attributes in process `syz.2.2575'.
[  717.287481][T17887] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2585'.
[  717.961156][T17894] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  718.232514][T17905] FAULT_INJECTION: forcing a failure.
[  718.232514][T17905] name failslab, interval 1, probability 0, space 0, times 0
[  718.282476][T17905] CPU: 0 UID: 0 PID: 17905 Comm: syz.2.2589 Not tainted 6.14.0-rc5-syzkaller-00137-g00a7d39898c8 #0
[  718.282509][T17905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  718.282523][T17905] Call Trace:
[  718.282530][T17905]  <TASK>
[  718.282540][T17905]  dump_stack_lvl+0x16c/0x1f0
[  718.282575][T17905]  should_fail_ex+0x50a/0x650
[  718.282616][T17905]  should_failslab+0xc2/0x120
[  718.282640][T17905]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  718.282676][T17905]  ? skb_clone+0x190/0x3f0
[  718.282715][T17905]  skb_clone+0x190/0x3f0
[  718.282749][T17905]  netlink_deliver_tap+0xabd/0xd30
[  718.282788][T17905]  netlink_dump+0xb60/0xd00
[  718.282821][T17905]  ? __pfx_netlink_dump+0x10/0x10
[  718.282866][T17905]  ? ethnl_tunnel_info_start+0x1cf/0x270
[  718.282897][T17905]  ? __pfx_ethnl_tunnel_info_start+0x10/0x10
[  718.282924][T17905]  ? genl_start+0x67d/0x960
[  718.282962][T17905]  __netlink_dump_start+0x6ca/0x970
[  718.282998][T17905]  genl_family_rcv_msg_dumpit+0x1e1/0x2e0
[  718.283037][T17905]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[  718.283082][T17905]  ? __pfx_genl_get_cmd+0x10/0x10
[  718.283112][T17905]  ? __pfx_genl_start+0x10/0x10
[  718.283142][T17905]  ? __pfx_genl_dumpit+0x10/0x10
[  718.283171][T17905]  ? __pfx_genl_done+0x10/0x10
[  718.283209][T17905]  ? __radix_tree_lookup+0x21f/0x2c0
[  718.283245][T17905]  genl_rcv_msg+0x470/0x800
[  718.283283][T17905]  ? __pfx_genl_rcv_msg+0x10/0x10
[  718.283328][T17905]  ? __pfx_ethnl_tunnel_info_start+0x10/0x10
[  718.283354][T17905]  ? __pfx_ethnl_tunnel_info_dumpit+0x10/0x10
[  718.283396][T17905]  netlink_rcv_skb+0x16b/0x440
[  718.283427][T17905]  ? __pfx_genl_rcv_msg+0x10/0x10
[  718.283463][T17905]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  718.283511][T17905]  ? down_read+0xc9/0x330
[  718.283541][T17905]  ? __pfx_down_read+0x10/0x10
[  718.283573][T17905]  ? netlink_deliver_tap+0x1ae/0xd30
[  718.283609][T17905]  genl_rcv+0x28/0x40
[  718.283639][T17905]  netlink_unicast+0x53c/0x7f0
[  718.283674][T17905]  ? __pfx_netlink_unicast+0x10/0x10
[  718.283707][T17905]  ? __phys_addr_symbol+0x30/0x80
[  718.283731][T17905]  ? __check_object_size+0x488/0x710
[  718.283761][T17905]  netlink_sendmsg+0x8b8/0xd70
[  718.283798][T17905]  ? __pfx_netlink_sendmsg+0x10/0x10
[  718.283845][T17905]  ____sys_sendmsg+0xaaf/0xc90
[  718.283871][T17905]  ? copy_msghdr_from_user+0x10b/0x160
[  718.283903][T17905]  ? __pfx_____sys_sendmsg+0x10/0x10
[  718.283947][T17905]  ___sys_sendmsg+0x135/0x1e0
[  718.283982][T17905]  ? __pfx____sys_sendmsg+0x10/0x10
[  718.284031][T17905]  ? __pfx_lock_release+0x10/0x10
[  718.284061][T17905]  ? trace_lock_acquire+0x14e/0x1f0
[  718.284100][T17905]  ? __fget_files+0x206/0x3a0
[  718.284143][T17905]  __sys_sendmsg+0x16e/0x220
[  718.284177][T17905]  ? __pfx___sys_sendmsg+0x10/0x10
[  718.284234][T17905]  do_syscall_64+0xcd/0x250
[  718.284267][T17905]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  718.284298][T17905] RIP: 0033:0x7f542c78d169
[  718.284321][T17905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  718.284340][T17905] RSP: 002b:00007f542d5d1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  718.284360][T17905] RAX: ffffffffffffffda RBX: 00007f542c9a6080 RCX: 00007f542c78d169
[  718.284374][T17905] RDX: 0000000000000880 RSI: 0000400000000f80 RDI: 0000000000000004
[  718.284386][T17905] RBP: 00007f542d5d1090 R08: 0000000000000000 R09: 0000000000000000
[  718.284399][T17905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  718.284413][T17905] R13: 0000000000000000 R14: 00007f542c9a6080 R15: 00007ffec31528b8
[  718.284446][T17905]  </TASK>
[  718.636328][    C0] vkms_vblank_simulate: vblank timer overrun
[  719.197646][T17925] FAULT_INJECTION: forcing a failure.
[  719.197646][T17925] name failslab, interval 1, probability 0, space 0, times 0
[  719.241801][T17925] CPU: 1 UID: 0 PID: 17925 Comm: syz.2.2597 Not tainted 6.14.0-rc5-syzkaller-00137-g00a7d39898c8 #0
[  719.241835][T17925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  719.241849][T17925] Call Trace:
[  719.241856][T17925]  <TASK>
[  719.241866][T17925]  dump_stack_lvl+0x16c/0x1f0
[  719.241902][T17925]  should_fail_ex+0x50a/0x650
[  719.241942][T17925]  should_failslab+0xc2/0x120
[  719.241966][T17925]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  719.242002][T17925]  ? skb_clone+0x190/0x3f0
[  719.242041][T17925]  skb_clone+0x190/0x3f0
[  719.242075][T17925]  netlink_deliver_tap+0xabd/0xd30
[  719.242113][T17925]  netlink_unicast+0x5e1/0x7f0
[  719.242148][T17925]  ? __pfx_netlink_unicast+0x10/0x10
[  719.242181][T17925]  ? __phys_addr_symbol+0x30/0x80
[  719.242205][T17925]  ? __check_object_size+0x488/0x710
[  719.242232][T17925]  netlink_sendmsg+0x8b8/0xd70
[  719.242263][T17925]  ? __pfx_netlink_sendmsg+0x10/0x10
[  719.242305][T17925]  ____sys_sendmsg+0xaaf/0xc90
[  719.242330][T17925]  ? copy_msghdr_from_user+0x10b/0x160
[  719.242361][T17925]  ? __pfx_____sys_sendmsg+0x10/0x10
[  719.242397][T17925]  ___sys_sendmsg+0x135/0x1e0
[  719.242426][T17925]  ? __pfx____sys_sendmsg+0x10/0x10
[  719.242468][T17925]  ? __pfx_lock_release+0x10/0x10
[  719.242494][T17925]  ? trace_lock_acquire+0x14e/0x1f0
[  719.242537][T17925]  ? __fget_files+0x206/0x3a0
[  719.242575][T17925]  __sys_sendmsg+0x16e/0x220
[  719.242608][T17925]  ? __pfx___sys_sendmsg+0x10/0x10
[  719.242661][T17925]  do_syscall_64+0xcd/0x250
[  719.242693][T17925]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  719.242720][T17925] RIP: 0033:0x7f542c78d169
[  719.242737][T17925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  719.242757][T17925] RSP: 002b:00007f542d5f2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  719.242778][T17925] RAX: ffffffffffffffda RBX: 00007f542c9a5fa0 RCX: 00007f542c78d169
[  719.242792][T17925] RDX: 0000000020000000 RSI: 0000400000000380 RDI: 0000000000000003
[  719.242805][T17925] RBP: 00007f542d5f2090 R08: 0000000000000000 R09: 0000000000000000
[  719.242819][T17925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  719.242832][T17925] R13: 0000000000000000 R14: 00007f542c9a5fa0 R15: 00007ffec31528b8
[  719.242864][T17925]  </TASK>
[  719.733998][T17922] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2596'.
[  723.007546][T17970] usb usb32: usbfs: process 17970 (syz.3.2610) did not claim interface 0 before use
[  723.484781][T17972] block nbd0: not configured, cannot reconfigure
[  725.863283][T18009] FAULT_INJECTION: forcing a failure.
[  725.863283][T18009] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  725.960514][T18009] CPU: 0 UID: 0 PID: 18009 Comm: syz.2.2621 Not tainted 6.14.0-rc5-syzkaller-00137-g00a7d39898c8 #0
[  725.960544][T18009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  725.960557][T18009] Call Trace:
[  725.960564][T18009]  <TASK>
[  725.960572][T18009]  dump_stack_lvl+0x16c/0x1f0
[  725.960608][T18009]  should_fail_ex+0x50a/0x650
[  725.960647][T18009]  _copy_from_user+0x2e/0xd0
[  725.960673][T18009]  do_pages_stat+0x1e6/0x800
[  725.960708][T18009]  ? __pfx_do_pages_stat+0x10/0x10
[  725.960746][T18009]  ? cpuset_mems_allowed+0x1d9/0x480
[  725.960786][T18009]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  725.960813][T18009]  ? lockdep_hardirqs_on+0x7c/0x110
[  725.960849][T18009]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  725.960880][T18009]  kernel_move_pages+0x107d/0x1560
[  725.960907][T18009]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  725.960942][T18009]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  725.960974][T18009]  ? __pfx_kernel_move_pages+0x10/0x10
[  725.961002][T18009]  ? __fget_files+0x206/0x3a0
[  725.961038][T18009]  ? fput+0x67/0x440
[  725.961061][T18009]  ? ksys_write+0x1ba/0x250
[  725.961091][T18009]  ? __pfx_ksys_write+0x10/0x10
[  725.961124][T18009]  __x64_sys_move_pages+0xe0/0x1c0
[  725.961150][T18009]  ? do_syscall_64+0x91/0x250
[  725.961179][T18009]  ? lockdep_hardirqs_on+0x7c/0x110
[  725.961207][T18009]  do_syscall_64+0xcd/0x250
[  725.961238][T18009]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  725.961270][T18009] RIP: 0033:0x7f542c78d169
[  725.961288][T18009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  725.961310][T18009] RSP: 002b:00007f542d58f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000117
[  725.961332][T18009] RAX: ffffffffffffffda RBX: 00007f542c9a6240 RCX: 00007f542c78d169
[  725.961347][T18009] RDX: 0000000000000000 RSI: 0000000000001002 RDI: 0000000000000000
[  725.961361][T18009] RBP: 00007f542d58f090 R08: 0000000000000000 R09: 0000000000000002
[  725.961375][T18009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  725.961388][T18009] R13: 0000000000000000 R14: 00007f542c9a6240 R15: 00007ffec31528b8
[  725.961418][T18009]  </TASK>
[  727.087156][ T5852] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260
[  727.087194][ T5852] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260
[  727.108225][ T5852] Bluetooth: hci1: Unknown advertising packet type: 0x7f
[  727.108336][ T5852] Bluetooth: hci1: adv larger than maximum supported
[  727.116474][ T5852] Bluetooth: hci1: adv larger than maximum supported
[  727.123508][ T5852] Bluetooth: hci1: adv larger than maximum supported
[  727.130393][ T5852] Bluetooth: hci1: Malformed LE Event: 0x0d
[  727.258773][T18026] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2627'.
[  727.482158][T18026] bond0: (slave bond_slave_0): Releasing backup interface
[  727.837426][T18038] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  729.225836][T18056] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  730.357874][ T5852] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260
[  730.357914][ T5852] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260
[  730.373132][ T5852] Bluetooth: hci2: adv larger than maximum supported
[  730.373196][ T5852] Bluetooth: hci2: Unknown advertising packet type: 0x30
[  730.388062][ T5852] Bluetooth: hci2: Unknown advertising packet type: 0x20
[  730.396458][ T5852] Bluetooth: hci2: Unknown advertising packet type: 0x20
[  730.403825][ T5852] Bluetooth: hci2: Unknown advertising packet type: 0x20
[  730.411220][ T5852] Bluetooth: hci2: Unknown advertising packet type: 0x20
[  730.817727][T18080] FAULT_INJECTION: forcing a failure.
[  730.817727][T18080] name failslab, interval 1, probability 0, space 0, times 0
[  730.838354][T18080] CPU: 1 UID: 0 PID: 18080 Comm: syz.4.2642 Not tainted 6.14.0-rc5-syzkaller-00137-g00a7d39898c8 #0
[  730.838385][T18080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  730.838398][T18080] Call Trace:
[  730.838405][T18080]  <TASK>
[  730.838414][T18080]  dump_stack_lvl+0x16c/0x1f0
[  730.838449][T18080]  should_fail_ex+0x50a/0x650
[  730.838483][T18080]  ? fs_reclaim_acquire+0xae/0x150
[  730.838514][T18080]  ? tomoyo_realpath_from_path+0xb9/0x720
[  730.838545][T18080]  should_failslab+0xc2/0x120
[  730.838569][T18080]  __kmalloc_noprof+0xcb/0x510
[  730.838601][T18080]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  730.838640][T18080]  tomoyo_realpath_from_path+0xb9/0x720
[  730.838670][T18080]  ? tomoyo_path_number_perm+0x235/0x590
[  730.838700][T18080]  ? tomoyo_path_number_perm+0x235/0x590
[  730.838730][T18080]  tomoyo_path_number_perm+0x248/0x590
[  730.838756][T18080]  ? tomoyo_path_number_perm+0x235/0x590
[  730.838786][T18080]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  730.838844][T18080]  ? __pfx_lock_release+0x10/0x10
[  730.838874][T18080]  ? trace_lock_acquire+0x14e/0x1f0
[  730.838905][T18080]  ? lock_acquire+0x2f/0xb0
[  730.838932][T18080]  ? __fget_files+0x40/0x3a0
[  730.838968][T18080]  ? __fget_files+0x206/0x3a0
[  730.839004][T18080]  security_file_ioctl+0x9b/0x240
[  730.839035][T18080]  __x64_sys_ioctl+0xb7/0x200
[  730.839075][T18080]  do_syscall_64+0xcd/0x250
[  730.839108][T18080]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  730.839139][T18080] RIP: 0033:0x7f46de78d169
[  730.839159][T18080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  730.839181][T18080] RSP: 002b:00007f46dc5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  730.839204][T18080] RAX: ffffffffffffffda RBX: 00007f46de9a5fa0 RCX: 00007f46de78d169
[  730.839220][T18080] RDX: 0000000000000007 RSI: 0000000000005607 RDI: 0000000000000007
[  730.839233][T18080] RBP: 00007f46dc5f6090 R08: 0000000000000000 R09: 0000000000000000
[  730.839247][T18080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  730.839261][T18080] R13: 0000000000000000 R14: 00007f46de9a5fa0 R15: 00007fffc59aac08
[  730.839292][T18080]  </TASK>
[  730.839303][T18080] ERROR: Out of memory at tomoyo_realpath_from_path.
[  731.340305][ T5852] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  734.277431][T18153] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  735.171823][T18162] FAULT_INJECTION: forcing a failure.
[  735.171823][T18162] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  735.218230][T18162] CPU: 1 UID: 0 PID: 18162 Comm: syz.4.2662 Not tainted 6.14.0-rc5-syzkaller-00137-g00a7d39898c8 #0
[  735.218262][T18162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  735.218275][T18162] Call Trace:
[  735.218281][T18162]  <TASK>
[  735.218290][T18162]  dump_stack_lvl+0x16c/0x1f0
[  735.218326][T18162]  should_fail_ex+0x50a/0x650
[  735.218365][T18162]  _copy_from_iter+0x2a1/0x1560
[  735.218388][T18162]  ? trace_lock_acquire+0x14e/0x1f0
[  735.218419][T18162]  ? __pfx__copy_from_iter+0x10/0x10
[  735.218442][T18162]  ? __virt_addr_valid+0x1a4/0x590
[  735.218469][T18162]  ? __virt_addr_valid+0x5e/0x590
[  735.218491][T18162]  ? __phys_addr_symbol+0x30/0x80
[  735.218512][T18162]  ? __check_object_size+0x488/0x710
[  735.218538][T18162]  kernfs_fop_write_iter+0x19d/0x500
[  735.218567][T18162]  vfs_write+0x5ae/0x1150
[  735.218598][T18162]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  735.218627][T18162]  ? __pfx_vfs_write+0x10/0x10
[  735.218659][T18162]  ? __pfx_do_sys_openat2+0x10/0x10
[  735.218697][T18162]  ksys_write+0x12b/0x250
[  735.218725][T18162]  ? __pfx_ksys_write+0x10/0x10
[  735.218764][T18162]  do_syscall_64+0xcd/0x250
[  735.218797][T18162]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  735.218827][T18162] RIP: 0033:0x7f46de78d169
[  735.218847][T18162] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  735.218868][T18162] RSP: 002b:00007f46dc5d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  735.218891][T18162] RAX: ffffffffffffffda RBX: 00007f46de9a6080 RCX: 00007f46de78d169
[  735.218915][T18162] RDX: 000000007fffffff RSI: 0000000000000000 RDI: 0000000000000003
[  735.218929][T18162] RBP: 00007f46dc5d5090 R08: 0000000000000000 R09: 0000000000000000
[  735.218943][T18162] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  735.218956][T18162] R13: 0000000000000000 R14: 00007f46de9a6080 R15: 00007fffc59aac08
[  735.218987][T18162]  </TASK>
[  736.740000][T18179] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  737.071549][T18186] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2669'.
[  737.664335][T18200] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  738.935056][T18215] Invalid ELF header magic: != ELF
[  739.435636][T18213] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  739.449803][T18213] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  739.487537][T18213] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  739.497353][T18213] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  739.521919][T18213] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  739.636605][T18213] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  739.668340][T18213] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  739.706406][T18213] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  739.755500][T18213] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  739.813734][T18213] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  739.846417][T18213] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  739.992098][T18213] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  740.779685][T18261] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  741.100879][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout
[  741.498068][ T5852] Bluetooth: hci4: command 0x0c1a tx timeout
[  741.738109][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout
[  741.828157][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout
[  742.640199][T18279] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2690'.
[  743.178293][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout
[  743.239668][T18292] FAULT_INJECTION: forcing a failure.
[  743.239668][T18292] name fail_futex, interval 1, probability 0, space 0, times 0
[  743.351524][T18292] CPU: 1 UID: 0 PID: 18292 Comm: syz.3.2693 Not tainted 6.14.0-rc5-syzkaller-00137-g00a7d39898c8 #0
[  743.351560][T18292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  743.351574][T18292] Call Trace:
[  743.351580][T18292]  <TASK>
[  743.351590][T18292]  dump_stack_lvl+0x16c/0x1f0
[  743.351625][T18292]  should_fail_ex+0x50a/0x650
[  743.351661][T18292]  ? __lock_acquire+0x15a9/0x3c40
[  743.351695][T18292]  get_futex_key+0x1c3/0x1000
[  743.351726][T18292]  ? __pfx_get_futex_key+0x10/0x10
[  743.351772][T18292]  futex_wake+0xe8/0x4e0
[  743.351806][T18292]  ? __pfx_futex_wake+0x10/0x10
[  743.351841][T18292]  ? find_held_lock+0x2d/0x110
[  743.351874][T18292]  do_futex+0x1e5/0x350
[  743.351901][T18292]  ? __pfx_do_futex+0x10/0x10
[  743.351932][T18292]  ? __might_fault+0xe3/0x190
[  743.351958][T18292]  ? __might_fault+0xe3/0x190
[  743.351985][T18292]  mm_release+0x24e/0x300
[  743.352018][T18292]  do_exit+0x886/0x2d70
[  743.352046][T18292]  ? get_signal+0x8f7/0x26c0
[  743.352079][T18292]  ? __pfx_do_exit+0x10/0x10
[  743.352103][T18292]  ? do_raw_spin_lock+0x12d/0x2c0
[  743.352127][T18292]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  743.352154][T18292]  do_group_exit+0xd3/0x2a0
[  743.352181][T18292]  get_signal+0x24ed/0x26c0
[  743.352225][T18292]  ? __pfx_get_signal+0x10/0x10
[  743.352261][T18292]  ? __pfx_do_futex+0x10/0x10
[  743.352292][T18292]  arch_do_signal_or_restart+0x90/0x7e0
[  743.352320][T18292]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  743.352356][T18292]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  743.352387][T18292]  syscall_exit_to_user_mode+0x150/0x2a0
[  743.352418][T18292]  do_syscall_64+0xda/0x250
[  743.352451][T18292]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  743.352482][T18292] RIP: 0033:0x7fc01038d169
[  743.352502][T18292] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  743.352524][T18292] RSP: 002b:00007fc0112130e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  743.352545][T18292] RAX: fffffffffffffe00 RBX: 00007fc0105a5fa8 RCX: 00007fc01038d169
[  743.352560][T18292] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fc0105a5fa8
[  743.352574][T18292] RBP: 00007fc0105a5fa0 R08: 0000000000000000 R09: 0000000000000000
[  743.352588][T18292] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0105a5fac
[  743.352602][T18292] R13: 0000000000000000 R14: 00007ffd03939ed0 R15: 00007ffd03939fb8
[  743.352633][T18292]  </TASK>
[  743.629020][ T5852] Bluetooth: hci4: command 0x0c1a tx timeout
[  743.821446][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout
[  743.901067][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout
[  744.465932][T18311] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  745.259961][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout
[  745.634119][T18331] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  745.658342][ T5852] Bluetooth: hci4: command 0x0c1a tx timeout
[  745.898355][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout
[  745.978117][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout
[  746.538613][T18337] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  747.155398][T18345] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2707'.
[  747.662606][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  747.669585][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  749.182192][T18379] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  749.957794][T18395] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  750.700998][T18400] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  752.254318][T18416] FAULT_INJECTION: forcing a failure.
[  752.254318][T18416] name failslab, interval 1, probability 0, space 0, times 0
[  752.277778][T18416] CPU: 0 UID: 0 PID: 18416 Comm: syz.4.2726 Not tainted 6.14.0-rc5-syzkaller-00137-g00a7d39898c8 #0
[  752.277817][T18416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  752.277832][T18416] Call Trace:
[  752.277840][T18416]  <TASK>
[  752.277851][T18416]  dump_stack_lvl+0x16c/0x1f0
[  752.277890][T18416]  should_fail_ex+0x50a/0x650
[  752.277930][T18416]  ? fs_reclaim_acquire+0xae/0x150
[  752.277969][T18416]  should_failslab+0xc2/0x120
[  752.277992][T18416]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  752.278025][T18416]  ? alloc_empty_file+0x73/0x1e0
[  752.278054][T18416]  alloc_empty_file+0x73/0x1e0
[  752.278081][T18416]  alloc_file_pseudo+0x13b/0x230
[  752.278110][T18416]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  752.278145][T18416]  ? do_raw_spin_unlock+0x172/0x230
[  752.278177][T18416]  __anon_inode_getfile+0xf8/0x370
[  752.278215][T18416]  anon_inode_getfd+0x52/0xb0
[  752.278246][T18416]  map_create+0xbb4/0x1d20
[  752.278283][T18416]  ? __pfx_lock_release+0x10/0x10
[  752.278313][T18416]  ? trace_lock_acquire+0x14e/0x1f0
[  752.278338][T18416]  ? __pfx_map_create+0x10/0x10
[  752.278370][T18416]  ? lock_acquire+0x2f/0xb0
[  752.278398][T18416]  ? __might_fault+0xe3/0x190
[  752.278421][T18416]  ? __might_fault+0xe3/0x190
[  752.278451][T18416]  __sys_bpf+0x4391/0x49c0
[  752.278485][T18416]  ? __pfx_futex_wake+0x10/0x10
[  752.278522][T18416]  ? __pfx___sys_bpf+0x10/0x10
[  752.278556][T18416]  ? lock_acquire.part.0+0x11b/0x380
[  752.278589][T18416]  ? find_held_lock+0x2d/0x110
[  752.278622][T18416]  ? do_futex+0x123/0x350
[  752.278651][T18416]  ? __pfx_do_futex+0x10/0x10
[  752.278696][T18416]  ? xfd_validate_state+0x5d/0x180
[  752.278730][T18416]  ? rcu_is_watching+0x12/0xc0
[  752.278763][T18416]  __x64_sys_bpf+0x78/0xc0
[  752.278785][T18416]  ? lockdep_hardirqs_on+0x7c/0x110
[  752.278817][T18416]  do_syscall_64+0xcd/0x250
[  752.278851][T18416]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  752.278883][T18416] RIP: 0033:0x7f46de78d169
[  752.278903][T18416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  752.278927][T18416] RSP: 002b:00007f46dc5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  752.278951][T18416] RAX: ffffffffffffffda RBX: 00007f46de9a5fa0 RCX: 00007f46de78d169
[  752.278967][T18416] RDX: 0000000000000010 RSI: 00004000000000c0 RDI: 0000000000000000
[  752.278982][T18416] RBP: 00007f46de80e2a0 R08: 0000000000000000 R09: 0000000000000000
[  752.278996][T18416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  752.279009][T18416] R13: 0000000000000000 R14: 00007f46de9a5fa0 R15: 00007fffc59aac08
[  752.279037][T18416]  </TASK>
[  752.899935][T18423] FAULT_INJECTION: forcing a failure.
[  752.899935][T18423] name failslab, interval 1, probability 0, space 0, times 0
[  752.938206][T18423] CPU: 1 UID: 0 PID: 18423 Comm: syz.4.2729 Not tainted 6.14.0-rc5-syzkaller-00137-g00a7d39898c8 #0
[  752.938241][T18423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  752.938254][T18423] Call Trace:
[  752.938261][T18423]  <TASK>
[  752.938271][T18423]  dump_stack_lvl+0x16c/0x1f0
[  752.938306][T18423]  should_fail_ex+0x50a/0x650
[  752.938341][T18423]  ? fs_reclaim_acquire+0xae/0x150
[  752.938372][T18423]  ? fscontext_alloc_log+0x4a/0x1b0
[  752.938395][T18423]  should_failslab+0xc2/0x120
[  752.938418][T18423]  __kmalloc_cache_noprof+0x68/0x410
[  752.938449][T18423]  ? __pfx_smb3_init_fs_context+0x10/0x10
[  752.938486][T18423]  fscontext_alloc_log+0x4a/0x1b0
[  752.938512][T18423]  __x64_sys_fsopen+0x157/0x240
[  752.938537][T18423]  do_syscall_64+0xcd/0x250
[  752.938569][T18423]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  752.938601][T18423] RIP: 0033:0x7f46de78d169
[  752.938620][T18423] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  752.938642][T18423] RSP: 002b:00007f46dc5f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae
[  752.938664][T18423] RAX: ffffffffffffffda RBX: 00007f46de9a5fa0 RCX: 00007f46de78d169
[  752.938679][T18423] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  752.938693][T18423] RBP: 00007f46dc5f6090 R08: 0000000000000000 R09: 0000000000000000
[  752.938707][T18423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  752.938720][T18423] R13: 0000000000000000 R14: 00007f46de9a5fa0 R15: 00007fffc59aac08
[  752.938750][T18423]  </TASK>
[  753.421371][T18424] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  755.038171][T18452] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2739'.
[  756.386628][T18477] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  756.938627][T18484] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  757.057427][T18486] FAULT_INJECTION: forcing a failure.
[  757.057427][T18486] name failslab, interval 1, probability 0, space 0, times 0
[  757.159795][T18486] CPU: 1 UID: 0 PID: 18486 Comm: syz.4.2746 Not tainted 6.14.0-rc5-syzkaller-00137-g00a7d39898c8 #0
[  757.159829][T18486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  757.159843][T18486] Call Trace:
[  757.159850][T18486]  <TASK>
[  757.159859][T18486]  dump_stack_lvl+0x16c/0x1f0
[  757.159894][T18486]  should_fail_ex+0x50a/0x650
[  757.159930][T18486]  ? fs_reclaim_acquire+0xae/0x150
[  757.159962][T18486]  ? tomoyo_encode2+0x100/0x3e0
[  757.159992][T18486]  should_failslab+0xc2/0x120
[  757.160015][T18486]  __kmalloc_noprof+0xcb/0x510
[  757.160048][T18486]  ? d_absolute_path+0x137/0x1b0
[  757.160073][T18486]  ? rcu_is_watching+0x12/0xc0
[  757.160103][T18486]  tomoyo_encode2+0x100/0x3e0
[  757.160138][T18486]  tomoyo_encode+0x29/0x50
[  757.160168][T18486]  tomoyo_realpath_from_path+0x19d/0x720
[  757.160210][T18486]  tomoyo_path_number_perm+0x248/0x590
[  757.160236][T18486]  ? tomoyo_path_number_perm+0x235/0x590
[  757.160267][T18486]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  757.160293][T18486]  ? kasan_save_free_info+0x3b/0x60
[  757.160322][T18486]  ? putname+0x13c/0x180
[  757.160343][T18486]  ? kern_path_create+0x40/0x50
[  757.160415][T18486]  ? mark_held_locks+0x9f/0xe0
[  757.160449][T18486]  ? kasan_quarantine_put+0x10a/0x240
[  757.160478][T18486]  ? get_current_fs_domain+0x184/0x1f0
[  757.160509][T18486]  tomoyo_path_mknod+0x10d/0x190
[  757.160545][T18486]  ? __pfx_tomoyo_path_mknod+0x10/0x10
[  757.160583][T18486]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  757.160625][T18486]  security_path_mknod+0x161/0x310
[  757.160656][T18486]  unix_bind+0x2b2/0x1660
[  757.160694][T18486]  ? __pfx_aa_sk_perm+0x10/0x10
[  757.160728][T18486]  ? __pfx_unix_bind+0x10/0x10
[  757.160771][T18486]  __sys_bind+0x213/0x260
[  757.160802][T18486]  ? __pfx___sys_bind+0x10/0x10
[  757.160826][T18486]  ? __fget_files+0x206/0x3a0
[  757.160872][T18486]  ? __pfx_ksys_write+0x10/0x10
[  757.160911][T18486]  __x64_sys_bind+0x72/0xb0
[  757.160936][T18486]  ? lockdep_hardirqs_on+0x7c/0x110
[  757.160966][T18486]  do_syscall_64+0xcd/0x250
[  757.160998][T18486]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  757.161030][T18486] RIP: 0033:0x7f46de78d169
[  757.161049][T18486] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  757.161072][T18486] RSP: 002b:00007f46dc5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  757.161094][T18486] RAX: ffffffffffffffda RBX: 00007f46de9a5fa0 RCX: 00007f46de78d169
[  757.161110][T18486] RDX: 000000000000006a RSI: 0000400000000040 RDI: 0000000000000003
[  757.161124][T18486] RBP: 00007f46dc5f6090 R08: 0000000000000000 R09: 0000000000000000
[  757.161139][T18486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  757.161152][T18486] R13: 0000000000000000 R14: 00007f46de9a5fa0 R15: 00007fffc59aac08
[  757.161186][T18486]  </TASK>
[  757.161206][T18486] ERROR: Out of memory at tomoyo_realpath_from_path.
[  757.902232][T18497] FAULT_INJECTION: forcing a failure.
[  757.902232][T18497] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  757.984483][T18497] CPU: 1 UID: 0 PID: 18497 Comm: syz.3.2748 Not tainted 6.14.0-rc5-syzkaller-00137-g00a7d39898c8 #0
[  757.984520][T18497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  757.984536][T18497] Call Trace:
[  757.984544][T18497]  <TASK>
[  757.984555][T18497]  dump_stack_lvl+0x16c/0x1f0
[  757.984595][T18497]  should_fail_ex+0x50a/0x650
[  757.984632][T18497]  ? __pfx___might_resched+0x10/0x10
[  757.984677][T18497]  should_fail_alloc_page+0xe7/0x130
[  757.984705][T18497]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  757.984738][T18497]  ? hlock_class+0x4e/0x130
[  757.984768][T18497]  __alloc_frozen_pages_noprof+0x18e/0x2470
[  757.984807][T18497]  ? hlock_class+0x4e/0x130
[  757.984833][T18497]  ? mark_lock+0xb5/0xc60
[  757.984868][T18497]  ? __pfx_mark_lock+0x10/0x10
[  757.984903][T18497]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  757.984943][T18497]  ? hlock_class+0x4e/0x130
[  757.984968][T18497]  ? mark_lock+0xb5/0xc60
[  757.985000][T18497]  ? hlock_class+0x4e/0x130
[  757.985033][T18497]  ? hlock_class+0x4e/0x130
[  757.985058][T18497]  ? __lock_acquire+0xcc5/0x3c40
[  757.985092][T18497]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  757.985131][T18497]  ? policy_nodemask+0xea/0x4e0
[  757.985178][T18497]  alloc_pages_mpol+0x1fc/0x540
[  757.985204][T18497]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  757.985229][T18497]  ? __lock_acquire+0x15a9/0x3c40
[  757.985270][T18497]  folio_alloc_mpol_noprof+0x36/0x2f0
[  757.985300][T18497]  vma_alloc_folio_noprof+0xee/0x1b0
[  757.985326][T18497]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  757.985353][T18497]  ? find_held_lock+0x2d/0x110
[  757.985387][T18497]  do_pte_missing+0x202f/0x3e10
[  757.985444][T18497]  __handle_mm_fault+0x1166/0x2c60
[  757.985491][T18497]  ? __pfx___handle_mm_fault+0x10/0x10
[  757.985527][T18497]  ? follow_page_pte+0x3ac/0x1490
[  757.985562][T18497]  ? __pfx_lock_release+0x10/0x10
[  757.985622][T18497]  handle_mm_fault+0x3fa/0xaa0
[  757.985662][T18497]  __get_user_pages+0x773/0x36f0
[  757.985705][T18497]  ? __pfx_mt_find+0x10/0x10
[  757.985738][T18497]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  757.985772][T18497]  ? __pfx___get_user_pages+0x10/0x10
[  757.985810][T18497]  ? __mm_populate+0x21d/0x380
[  757.985853][T18497]  populate_vma_page_range+0x27f/0x3a0
[  757.985894][T18497]  ? __pfx_populate_vma_page_range+0x10/0x10
[  757.985929][T18497]  ? __pfx_find_vma_intersection+0x10/0x10
[  757.985962][T18497]  ? vm_mmap_pgoff+0x29b/0x3a0
[  757.986001][T18497]  __mm_populate+0x1d6/0x380
[  757.986038][T18497]  ? __pfx___mm_populate+0x10/0x10
[  757.986075][T18497]  ? up_write+0x1b2/0x520
[  757.986114][T18497]  vm_mmap_pgoff+0x2d3/0x3a0
[  757.986152][T18497]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  757.986190][T18497]  ? __x64_sys_futex+0x1e1/0x4c0
[  757.986219][T18497]  ? __x64_sys_futex+0x1ea/0x4c0
[  757.986252][T18497]  ksys_mmap_pgoff+0x7d/0x5c0
[  757.986280][T18497]  ? rcu_is_watching+0x12/0xc0
[  757.986310][T18497]  __x64_sys_mmap+0x125/0x190
[  757.986348][T18497]  do_syscall_64+0xcd/0x250
[  757.986383][T18497]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  757.986426][T18497] RIP: 0033:0x7fc01038d169
[  757.986447][T18497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  757.986471][T18497] RSP: 002b:00007fc011213038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  757.986495][T18497] RAX: ffffffffffffffda RBX: 00007fc0105a5fa0 RCX: 00007fc01038d169
[  757.986512][T18497] RDX: 00000000000000df RSI: 0000000000040009 RDI: 0000000000000000
[  757.986527][T18497] RBP: 00007fc01040e2a0 R08: 0000000000000007 R09: 0000000000028000
[  757.986543][T18497] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[  757.986558][T18497] R13: 0000000000000000 R14: 00007fc0105a5fa0 R15: 00007ffd03939fb8
[  757.986592][T18497]  </TASK>
[  758.813846][T18507] svc: failed to register nfsdv3 RPC service (errno 111).
[  758.862959][T18507] svc: failed to register nfsaclv3 RPC service (errno 111).
[  759.522928][T18516] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  759.644097][T18515] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2754'.
[  760.019570][T18521] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2756'.
[  760.904857][T18535] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2761'.
[  763.317613][T18560] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  763.750730][T18574] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  764.034331][ T5849] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  764.048528][ T5849] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  764.059419][ T5849] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  764.070272][ T5849] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  764.079063][ T5849] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  764.086526][ T5849] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  764.567116][T18583] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  764.900517][T18586] FAULT_INJECTION: forcing a failure.
[  764.900517][T18586] name failslab, interval 1, probability 0, space 0, times 0
[  764.918129][T18586] CPU: 0 UID: 0 PID: 18586 Comm: syz.2.2772 Not tainted 6.14.0-rc5-syzkaller-00137-g00a7d39898c8 #0
[  764.918165][T18586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  764.918180][T18586] Call Trace:
[  764.918187][T18586]  <TASK>
[  764.918197][T18586]  dump_stack_lvl+0x16c/0x1f0
[  764.918237][T18586]  should_fail_ex+0x50a/0x650
[  764.918274][T18586]  ? fs_reclaim_acquire+0xae/0x150
[  764.918309][T18586]  ? sctp_auth_shkey_create+0x87/0x1f0
[  764.918339][T18586]  should_failslab+0xc2/0x120
[  764.918363][T18586]  __kmalloc_cache_noprof+0x68/0x410
[  764.918404][T18586]  sctp_auth_shkey_create+0x87/0x1f0
[  764.918438][T18586]  sctp_endpoint_new+0x54a/0xc90
[  764.918474][T18586]  sctp_init_sock+0xe2c/0x1330
[  764.918503][T18586]  ? __pfx_sctp_v6_init_sock+0x10/0x10
[  764.918533][T18586]  sctp_v6_init_sock+0x16/0x70
[  764.918561][T18586]  ? __pfx_sctp_v6_init_sock+0x10/0x10
[  764.918589][T18586]  inet6_create+0xb53/0x1320
[  764.918619][T18586]  ? inet6_create+0x5d/0x1320
[  764.918662][T18586]  __sock_create+0x335/0x8d0
[  764.918698][T18586]  __sys_socket+0x14f/0x260
[  764.918727][T18586]  ? __pfx___sys_socket+0x10/0x10
[  764.918757][T18586]  ? rcu_is_watching+0x12/0xc0
[  764.918790][T18586]  __x64_sys_socket+0x72/0xb0
[  764.918817][T18586]  ? lockdep_hardirqs_on+0x7c/0x110
[  764.918847][T18586]  do_syscall_64+0xcd/0x250
[  764.918879][T18586]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  764.918912][T18586] RIP: 0033:0x7f542c78d169
[  764.918932][T18586] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  764.918955][T18586] RSP: 002b:00007f542d5f2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  764.918978][T18586] RAX: ffffffffffffffda RBX: 00007f542c9a5fa0 RCX: 00007f542c78d169
[  764.918994][T18586] RDX: 0000000000000084 RSI: 0000000000000801 RDI: 000000000000000a
[  764.919008][T18586] RBP: 00007f542c80e2a0 R08: 0000000000000000 R09: 0000000000000000
[  764.919024][T18586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  764.919038][T18586] R13: 0000000000000000 R14: 00007f542c9a5fa0 R15: 00007ffec31528b8
[  764.919070][T18586]  </TASK>
[  765.292455][T18577] chnl_net:caif_netlink_parms(): no params data found
[  765.381575][T18586] FAULT_INJECTION: forcing a failure.
[  765.381575][T18586] name failslab, interval 1, probability 0, space 0, times 0
[  765.408211][T18586] CPU: 0 UID: 0 PID: 18586 Comm: syz.2.2772 Not tainted 6.14.0-rc5-syzkaller-00137-g00a7d39898c8 #0
[  765.408247][T18586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  765.408261][T18586] Call Trace:
[  765.408266][T18586]  <TASK>
[  765.408277][T18586]  dump_stack_lvl+0x16c/0x1f0
[  765.408318][T18586]  should_fail_ex+0x50a/0x650
[  765.408358][T18586]  ? fs_reclaim_acquire+0xae/0x150
[  765.408393][T18586]  should_failslab+0xc2/0x120
[  765.408418][T18586]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  765.408456][T18586]  ? security_file_alloc+0x34/0x2b0
[  765.408493][T18586]  security_file_alloc+0x34/0x2b0
[  765.408528][T18586]  init_file+0x93/0x4c0
[  765.408555][T18586]  alloc_empty_file+0x91/0x1e0
[  765.408583][T18586]  path_openat+0xe1/0x2d80
[  765.408614][T18586]  ? hlock_class+0x4e/0x130
[  765.408640][T18586]  ? __lock_acquire+0x15a9/0x3c40
[  765.408683][T18586]  ? __pfx_path_openat+0x10/0x10
[  765.408720][T18586]  ? __pfx___lock_acquire+0x10/0x10
[  765.408751][T18586]  ? lock_acquire.part.0+0x11b/0x380
[  765.408784][T18586]  ? find_held_lock+0x2d/0x110
[  765.408814][T18586]  do_filp_open+0x20c/0x470
[  765.408849][T18586]  ? __pfx_do_filp_open+0x10/0x10
[  765.408894][T18586]  ? find_held_lock+0x2d/0x110
[  765.408941][T18586]  ? _raw_spin_unlock+0x28/0x50
[  765.408969][T18586]  ? alloc_fd+0x41f/0x760
[  765.409012][T18586]  do_sys_openat2+0x17a/0x1e0
[  765.409037][T18586]  ? __pfx_do_sys_openat2+0x10/0x10
[  765.409076][T18586]  __x64_sys_open+0x154/0x1e0
[  765.409103][T18586]  ? __pfx___x64_sys_open+0x10/0x10
[  765.409142][T18586]  do_syscall_64+0xcd/0x250
[  765.409176][T18586]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  765.409210][T18586] RIP: 0033:0x7f542c78d169
[  765.409231][T18586] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  765.409255][T18586] RSP: 002b:00007f542d5f2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  765.409275][T18586] RAX: ffffffffffffffda RBX: 00007f542c9a5fa0 RCX: 00007f542c78d169
[  765.409288][T18586] RDX: 0000000000000006 RSI: 0000000000010000 RDI: 0000400000000000
[  765.409303][T18586] RBP: 00007f542c80e2a0 R08: 0000000000000000 R09: 0000000000000000
[  765.409317][T18586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  765.409330][T18586] R13: 0000000000000000 R14: 00007f542c9a5fa0 R15: 00007ffec31528b8
[  765.409362][T18586]  </TASK>
[  766.219555][ T5852] Bluetooth: hci4: command tx timeout
[  766.459882][T18577] bridge0: port 1(bridge_slave_0) entered blocking state
[  766.480855][T18577] bridge0: port 1(bridge_slave_0) entered disabled state
[  766.507346][T18577] bridge_slave_0: entered allmulticast mode
[  766.629225][T18577] bridge_slave_0: entered promiscuous mode
[  766.647146][T18577] bridge0: port 2(bridge_slave_1) entered blocking state
[  766.657625][T18577] bridge0: port 2(bridge_slave_1) entered disabled state
[  766.682866][T18577] bridge_slave_1: entered allmulticast mode
[  766.692808][T18577] bridge_slave_1: entered promiscuous mode
[  766.793583][T18577] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  766.838531][T18577] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  766.896695][T18577] team0: Port device team_slave_0 added
[  767.134543][T18577] team0: Port device team_slave_1 added
[  767.165631][T18605] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  767.180178][T18577] batman_adv: batadv0: Adding interface: batadv_slave_0
[  767.187857][T18577] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  767.248043][T18577] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  767.270010][T18577] batman_adv: batadv0: Adding interface: batadv_slave_1
[  767.277008][T18577] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  767.328571][T18577] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  767.549186][T18577] hsr_slave_0: entered promiscuous mode
[  767.555587][T18577] hsr_slave_1: entered promiscuous mode
[  767.588681][T18577] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  767.596580][T18577] Cannot create hsr debugfs directory
[  768.130257][T18609] openvswitch: netlink: Message has 1 unknown bytes.
[  768.298430][ T5852] Bluetooth: hci4: command tx timeout
[  768.358460][T18577] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  768.382531][T18577] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  768.411269][T18577] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  768.444145][T18577] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  768.721209][T18577] 8021q: adding VLAN 0 to HW filter on device bond0
[  768.791189][T18577] 8021q: adding VLAN 0 to HW filter on device team0
[  768.826631][ T8232] bridge0: port 1(bridge_slave_0) entered blocking state
[  768.833937][ T8232] bridge0: port 1(bridge_slave_0) entered forwarding state
[  769.136051][T15327] bridge0: port 2(bridge_slave_1) entered blocking state
[  769.143250][T15327] bridge0: port 2(bridge_slave_1) entered forwarding state
[  769.159726][T18618] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  769.304381][T18577] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  770.043146][T18577] 8021q: adding VLAN 0 to HW filter on device batadv0
[  770.378128][ T5852] Bluetooth: hci4: command tx timeout
[  770.398385][T18577] veth0_vlan: entered promiscuous mode
[  770.420045][T18577] veth1_vlan: entered promiscuous mode
[  770.427445][T18649] FAULT_INJECTION: forcing a failure.
[  770.427445][T18649] name failslab, interval 1, probability 0, space 0, times 0
[  770.458508][T18649] CPU: 1 UID: 0 PID: 18649 Comm: syz.2.2784 Not tainted 6.14.0-rc5-syzkaller-00137-g00a7d39898c8 #0
[  770.458544][T18649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  770.458559][T18649] Call Trace:
[  770.458568][T18649]  <TASK>
[  770.458578][T18649]  dump_stack_lvl+0x16c/0x1f0
[  770.458615][T18649]  should_fail_ex+0x50a/0x650
[  770.458651][T18649]  ? fs_reclaim_acquire+0xae/0x150
[  770.458685][T18649]  should_failslab+0xc2/0x120
[  770.458708][T18649]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  770.458743][T18649]  ? __pmd_alloc+0xc3/0x870
[  770.458776][T18649]  __pmd_alloc+0xc3/0x870
[  770.458810][T18649]  copy_page_range+0x3cb6/0x5690
[  770.458872][T18649]  ? mas_destroy+0x5ba/0x9e0
[  770.458911][T18649]  ? __pfx_copy_page_range+0x10/0x10
[  770.458943][T18649]  ? mas_store+0x941/0x10d0
[  770.458985][T18649]  ? __pfx_mas_store+0x10/0x10
[  770.459016][T18649]  ? lock_acquire+0x2f/0xb0
[  770.459047][T18649]  ? copy_process+0x79c4/0x8c50
[  770.459082][T18649]  ? up_write+0x1b2/0x520
[  770.459121][T18649]  copy_process+0x7ccb/0x8c50
[  770.459172][T18649]  ? __pfx_copy_process+0x10/0x10
[  770.459198][T18649]  ? try_to_wake_up+0x953/0x1490
[  770.459238][T18649]  ? plist_check_head+0xa3/0x150
[  770.459271][T18649]  ? wake_up_q+0xb0/0x160
[  770.459299][T18649]  ? do_raw_spin_unlock+0x172/0x230
[  770.459330][T18649]  kernel_clone+0xfd/0x960
[  770.459362][T18649]  ? __pfx_futex_wake+0x10/0x10
[  770.459397][T18649]  ? __pfx_kernel_clone+0x10/0x10
[  770.459443][T18649]  __do_sys_clone+0xcf/0x120
[  770.459468][T18649]  ? __pfx___do_sys_clone+0x10/0x10
[  770.459494][T18649]  ? __pfx___might_resched+0x10/0x10
[  770.459546][T18649]  ? rcu_is_watching+0x12/0xc0
[  770.459584][T18649]  do_syscall_64+0xcd/0x250
[  770.459619][T18649]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  770.459652][T18649] RIP: 0033:0x7f542c78d169
[  770.459672][T18649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  770.459696][T18649] RSP: 002b:00007f542d5f1fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  770.459720][T18649] RAX: ffffffffffffffda RBX: 00007f542c9a5fa0 RCX: 00007f542c78d169
[  770.459737][T18649] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  770.459752][T18649] RBP: 00007f542c80e2a0 R08: 0000000000000000 R09: 0000000000000000
[  770.459767][T18649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  770.459782][T18649] R13: 0000000000000000 R14: 00007f542c9a5fa0 R15: 00007ffec31528b8
[  770.459818][T18649]  </TASK>
[  770.617139][T18651] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2785'.
[  770.809439][T18577] veth0_macvtap: entered promiscuous mode
[  770.880238][T18577] veth1_macvtap: entered promiscuous mode
[  770.932012][T18657] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  771.073034][T18577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  771.154172][T18577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  771.184534][T18577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  771.195772][T18577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  771.206151][T18577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  771.223979][T18577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  771.234825][T18577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  771.248472][T18577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  771.262231][T18577] batman_adv: batadv0: Interface activated: batadv_slave_0
[  771.406560][T18577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  771.451842][T18577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  771.480795][T18577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  771.501453][T18577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  771.518251][T18577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  771.535237][T18577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  771.556435][T18577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  771.576106][T18577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  771.593367][T18577] batman_adv: batadv0: Interface activated: batadv_slave_1
[  771.661185][T18577] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  771.698101][T18577] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  771.729423][T18577] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  771.739598][T18577] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  772.117196][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  772.130663][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  772.196060][T13212] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  772.213018][T13212] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  772.458403][ T5852] Bluetooth: hci4: command tx timeout
[  774.244317][T15326] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  774.417933][T18723] FAULT_INJECTION: forcing a failure.
[  774.417933][T18723] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  774.445023][T18723] CPU: 1 UID: 0 PID: 18723 Comm: syz.6.2803 Not tainted 6.14.0-rc5-syzkaller-00137-g00a7d39898c8 #0
[  774.445056][T18723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  774.445070][T18723] Call Trace:
[  774.445077][T18723]  <TASK>
[  774.445086][T18723]  dump_stack_lvl+0x16c/0x1f0
[  774.445122][T18723]  should_fail_ex+0x50a/0x650
[  774.445162][T18723]  _copy_from_user+0x2e/0xd0
[  774.445188][T18723]  snd_rawmidi_kernel_write1+0x4f9/0x880
[  774.445231][T18723]  snd_rawmidi_write+0x267/0xbe0
[  774.445267][T18723]  ? __pfx_snd_rawmidi_write+0x10/0x10
[  774.445297][T18723]  ? __pfx_default_wake_function+0x10/0x10
[  774.445332][T18723]  ? bpf_lsm_file_permission+0x9/0x10
[  774.445365][T18723]  ? security_file_permission+0x71/0x210
[  774.445397][T18723]  ? rw_verify_area+0xcf/0x680
[  774.445424][T18723]  ? __pfx_snd_rawmidi_write+0x10/0x10
[  774.445451][T18723]  vfs_write+0x24c/0x1150
[  774.445483][T18723]  ? __fget_files+0x1fc/0x3a0
[  774.445514][T18723]  ? __pfx_lock_release+0x10/0x10
[  774.445546][T18723]  ? __pfx_vfs_write+0x10/0x10
[  774.445577][T18723]  ? lock_acquire+0x2f/0xb0
[  774.445605][T18723]  ? __fget_files+0x40/0x3a0
[  774.445648][T18723]  ? __fget_files+0x206/0x3a0
[  774.445688][T18723]  ksys_write+0x207/0x250
[  774.445718][T18723]  ? __pfx_ksys_write+0x10/0x10
[  774.445757][T18723]  do_syscall_64+0xcd/0x250
[  774.445789][T18723]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  774.445821][T18723] RIP: 0033:0x7f894c98d169
[  774.445839][T18723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  774.445861][T18723] RSP: 002b:00007f894d83c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  774.445883][T18723] RAX: ffffffffffffffda RBX: 00007f894cba5fa0 RCX: 00007f894c98d169
[  774.445898][T18723] RDX: 000000000000a3d9 RSI: 0000400000000400 RDI: 0000000000000006
[  774.445912][T18723] RBP: 00007f894d83c090 R08: 0000000000000000 R09: 0000000000000000
[  774.445926][T18723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  774.445940][T18723] R13: 0000000000000000 R14: 00007f894cba5fa0 R15: 00007ffddd0172f8
[  774.445971][T18723]  </TASK>
[  774.779074][T15326] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  774.896870][T15326] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  775.151669][T15326] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  776.004957][T15326] bridge_slave_1: left allmulticast mode
[  776.025215][T15326] bridge_slave_1: left promiscuous mode
[  776.055990][T15326] bridge0: port 2(bridge_slave_1) entered disabled state
[  776.127463][T15326] bridge_slave_0: left allmulticast mode
[  776.137123][T15326] bridge_slave_0: left promiscuous mode
[  776.147910][T15326] bridge0: port 1(bridge_slave_0) entered disabled state
[  776.670840][T18766] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  776.909363][T18773] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  777.054797][T18779] Invalid ELF header magic: != ELF
[  777.073304][T18779] netlink: 'syz.6.2816': attribute type 72 has an invalid length.
[  777.090630][T18779] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2816'.
[  777.126387][T18780] FAULT_INJECTION: forcing a failure.
[  777.126387][T18780] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  777.148245][T18780] CPU: 1 UID: 0 PID: 18780 Comm: syz.6.2816 Not tainted 6.14.0-rc5-syzkaller-00137-g00a7d39898c8 #0
[  777.148277][T18780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  777.148290][T18780] Call Trace:
[  777.148298][T18780]  <TASK>
[  777.148307][T18780]  dump_stack_lvl+0x16c/0x1f0
[  777.148341][T18780]  should_fail_ex+0x50a/0x650
[  777.148381][T18780]  _copy_from_user+0x2e/0xd0
[  777.148406][T18780]  copy_msghdr_from_user+0x99/0x160
[  777.148440][T18780]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  777.148492][T18780]  ? __pfx___lock_acquire+0x10/0x10
[  777.148527][T18780]  ___sys_recvmsg+0xdc/0x1a0
[  777.148560][T18780]  ? __pfx____sys_recvmsg+0x10/0x10
[  777.148591][T18780]  ? find_held_lock+0x2d/0x110
[  777.148631][T18780]  ? __pfx___might_resched+0x10/0x10
[  777.148665][T18780]  ? __might_fault+0xe3/0x190
[  777.148693][T18780]  do_recvmmsg+0x2f8/0x740
[  777.148728][T18780]  ? __pfx_do_recvmmsg+0x10/0x10
[  777.148757][T18780]  ? vfs_write+0x306/0x1150
[  777.148794][T18780]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  777.148834][T18780]  ? __fget_files+0x206/0x3a0
[  777.148872][T18780]  __x64_sys_recvmmsg+0x239/0x290
[  777.148906][T18780]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  777.148949][T18780]  do_syscall_64+0xcd/0x250
[  777.148980][T18780]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  777.149011][T18780] RIP: 0033:0x7f894c98d169
[  777.149029][T18780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  777.149052][T18780] RSP: 002b:00007f894d81b038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  777.149075][T18780] RAX: ffffffffffffffda RBX: 00007f894cba6080 RCX: 00007f894c98d169
[  777.149090][T18780] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[  777.149104][T18780] RBP: 00007f894d81b090 R08: 0000000000000000 R09: 0000000000000000
[  777.149118][T18780] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000002
[  777.149132][T18780] R13: 0000000000000000 R14: 00007f894cba6080 R15: 00007ffddd0172f8
[  777.149162][T18780]  </TASK>
[  777.681799][T15326] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  777.698726][T15326] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  777.717040][T15326] bond0 (unregistering): Released all slaves
[  777.757118][T18785] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2818'.
[  778.575761][T15326] hsr_slave_0: left promiscuous mode
[  778.621111][T15326] hsr_slave_1: left promiscuous mode
[  778.647590][T15326] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  778.681091][T15326] batman_adv: batadv0: Removing interface: batadv_slave_0
[  778.741715][T15326] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  778.761546][T15326] batman_adv: batadv0: Removing interface: batadv_slave_1
[  778.813371][T15326] veth1_macvtap: left promiscuous mode
[  778.843047][T15326] veth0_macvtap: left promiscuous mode
[  778.866856][T15326] veth1_vlan: left promiscuous mode
[  778.877392][T15326] veth0_vlan: left promiscuous mode
[  781.362814][T15326] team0 (unregistering): Port device team_slave_1 removed
[  781.455339][T15326] team0 (unregistering): Port device team_slave_0 removed
[  782.751633][T18844] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  782.791806][T18844] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  782.855734][T18844] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  782.892280][T18844] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  782.917530][T18844] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  783.059851][T18844] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  783.674212][T18873] HfR: entered promiscuous mode
[  783.690313][T18873] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2832'.
[  783.743542][ T5852] Bluetooth: hci2: unexpected event 0x1d length: 6 > 5
[  783.960671][T18869] HfR: entered promiscuous mode
[  783.965768][T18877] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2833'.
[  784.006001][T18877] HfR: left promiscuous mode
[  784.186487][T18889] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  784.221043][T18891] openvswitch: HfR: Dropping previously announced user features
[  784.244427][T18891] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2839'.
[  784.304012][T18891] HfR: left promiscuous mode
[  784.483911][T18900] HfR: entered promiscuous mode
[  784.516834][T18900] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2840'.
[  784.618080][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout
[  784.658626][T18912] random: crng reseeded on system resumption
[  784.858346][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout
[  784.864641][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout
[  784.938083][ T5852] Bluetooth: hci4: command 0x0c1a tx timeout
[  786.461199][T18953] netlink: 'syz.2.2848': attribute type 72 has an invalid length.
[  786.490782][T18949] Invalid ELF header magic: != ELF
[  786.527890][T18953] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2848'.
[  786.567081][T18956] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  787.018339][ T5852] Bluetooth: hci4: command 0x0c1a tx timeout
[  787.904630][T18991] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  789.103760][ T5852] Bluetooth: hci4: command 0x0c1a tx timeout
[  790.010543][T19024] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  790.207341][T19030] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2861'.
[  790.293181][T19032] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2862'.
[  790.529711][T19043] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2864'.
[  790.584000][T19049] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2866'.
[  790.596911][T19048] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2866'.
[  790.617703][T19046] netlink: 342 bytes leftover after parsing attributes in process `syz.6.2865'.
[  791.281545][T19068] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  791.742808][T19083] ==================================================================
[  791.750944][T19083] BUG: KASAN: slab-use-after-free in force_wakeup_write+0x14d/0x170
[  791.758975][T19083] Read of size 1 at addr ffff88805b970231 by task syz.4.2872/19083
[  791.766902][T19083] 
[  791.769250][T19083] CPU: 0 UID: 0 PID: 19083 Comm: syz.4.2872 Not tainted 6.14.0-rc5-syzkaller-00137-g00a7d39898c8 #0
[  791.769281][T19083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  791.769296][T19083] Call Trace:
[  791.769305][T19083]  <TASK>
[  791.769315][T19083]  dump_stack_lvl+0x116/0x1f0
[  791.769352][T19083]  print_report+0xc3/0x670
[  791.769375][T19083]  ? __virt_addr_valid+0x5e/0x590
[  791.769400][T19083]  ? __phys_addr+0xc6/0x150
[  791.769426][T19083]  kasan_report+0xd9/0x110
[  791.769447][T19083]  ? force_wakeup_write+0x14d/0x170
[  791.769477][T19083]  ? force_wakeup_write+0x14d/0x170
[  791.769508][T19083]  force_wakeup_write+0x14d/0x170
[  791.769537][T19083]  ? __pfx_force_wakeup_write+0x10/0x10
[  791.769565][T19083]  ? rcu_watching_snap_stopped_since+0xe1/0x110
[  791.769594][T19083]  ? trace_lock_acquire+0x14e/0x1f0
[  791.769625][T19083]  full_proxy_write+0x13c/0x200
[  791.769658][T19083]  ? __pfx_full_proxy_write+0x10/0x10
[  791.769689][T19083]  vfs_write+0x24c/0x1150
[  791.769721][T19083]  ? __fget_files+0x1fc/0x3a0
[  791.769755][T19083]  ? __pfx___mutex_lock+0x10/0x10
[  791.769785][T19083]  ? __pfx_vfs_write+0x10/0x10
[  791.769819][T19083]  ? __fget_files+0x206/0x3a0
[  791.769855][T19083]  ksys_write+0x12b/0x250
[  791.769886][T19083]  ? __pfx_ksys_write+0x10/0x10
[  791.769921][T19083]  do_syscall_64+0xcd/0x250
[  791.769952][T19083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  791.769997][T19083] RIP: 0033:0x7f46de78d169
[  791.770018][T19083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  791.770044][T19083] RSP: 002b:00007f46dc5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  791.770068][T19083] RAX: ffffffffffffffda RBX: 00007f46de9a5fa0 RCX: 00007f46de78d169
[  791.770085][T19083] RDX: 0000000000000001 RSI: 0000400000001780 RDI: 0000000000000003
[  791.770102][T19083] RBP: 00007f46de80e2a0 R08: 0000000000000000 R09: 0000000000000000
[  791.770117][T19083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  791.770132][T19083] R13: 0000000000000000 R14: 00007f46de9a5fa0 R15: 00007fffc59aac08
[  791.770154][T19083]  </TASK>
[  791.770162][T19083] 
[  791.983139][T19083] Allocated by task 13212:
[  791.987554][T19083]  kasan_save_stack+0x33/0x60
[  791.992245][T19083]  kasan_save_track+0x14/0x30
[  791.996929][T19083]  __kasan_kmalloc+0xaa/0xb0
[  792.001524][T19083]  __kmalloc_noprof+0x21c/0x510
[  792.006380][T19083]  ieee802_11_parse_elems_full+0x1d0/0x3240
[  792.012276][T19083]  ieee80211_inform_bss+0xfd/0x1100
[  792.017486][T19083]  cfg80211_inform_single_bss_data+0x8f9/0x1df0
[  792.023735][T19083]  cfg80211_inform_bss_data+0x205/0x3ba0
[  792.029375][T19083]  cfg80211_inform_bss_frame_data+0x272/0x7a0
[  792.035455][T19083]  ieee80211_bss_info_update+0x311/0xab0
[  792.041099][T19083]  ieee80211_ibss_rx_queued_mgmt+0x189c/0x2f50
[  792.047266][T19083]  ieee80211_iface_work+0xc15/0xf50
[  792.052464][T19083]  cfg80211_wiphy_work+0x3ed/0x570
[  792.057584][T19083]  process_one_work+0x9c5/0x1ba0
[  792.062526][T19083]  worker_thread+0x6c8/0xf00
[  792.067119][T19083]  kthread+0x3af/0x750
[  792.071278][T19083]  ret_from_fork+0x45/0x80
[  792.075702][T19083]  ret_from_fork_asm+0x1a/0x30
[  792.080466][T19083] 
[  792.082780][T19083] Freed by task 13212:
[  792.086836][T19083]  kasan_save_stack+0x33/0x60
[  792.091519][T19083]  kasan_save_track+0x14/0x30
[  792.096205][T19083]  kasan_save_free_info+0x3b/0x60
[  792.101230][T19083]  __kasan_slab_free+0x51/0x70
[  792.106003][T19083]  kfree+0x2c4/0x4d0
[  792.109901][T19083]  ieee80211_inform_bss+0x76e/0x1100
[  792.115202][T19083]  cfg80211_inform_single_bss_data+0x8f9/0x1df0
[  792.121449][T19083]  cfg80211_inform_bss_data+0x205/0x3ba0
[  792.127084][T19083]  cfg80211_inform_bss_frame_data+0x272/0x7a0
[  792.133156][T19083]  ieee80211_bss_info_update+0x311/0xab0
[  792.138809][T19083]  ieee80211_ibss_rx_queued_mgmt+0x189c/0x2f50
[  792.144974][T19083]  ieee80211_iface_work+0xc15/0xf50
[  792.150176][T19083]  cfg80211_wiphy_work+0x3ed/0x570
[  792.155303][T19083]  process_one_work+0x9c5/0x1ba0
[  792.160245][T19083]  worker_thread+0x6c8/0xf00
[  792.164837][T19083]  kthread+0x3af/0x750
[  792.168907][T19083]  ret_from_fork+0x45/0x80
[  792.173334][T19083]  ret_from_fork_asm+0x1a/0x30
[  792.178102][T19083] 
[  792.180424][T19083] The buggy address belongs to the object at ffff88805b970000
[  792.180424][T19083]  which belongs to the cache kmalloc-1k of size 1024
[  792.194471][T19083] The buggy address is located 561 bytes inside of
[  792.194471][T19083]  freed 1024-byte region [ffff88805b970000, ffff88805b970400)
[  792.208359][T19083] 
[  792.210675][T19083] The buggy address belongs to the physical page:
[  792.217080][T19083] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88805b977000 pfn:0x5b970
[  792.227142][T19083] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  792.235634][T19083] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[  792.244146][T19083] page_type: f5(slab)
[  792.248129][T19083] raw: 00fff00000000240 ffff88801b041dc0 ffffea0001fa5010 ffffea0000498010
[  792.256716][T19083] raw: ffff88805b977000 000000000010000e 00000000f5000000 0000000000000000
[  792.265385][T19083] head: 00fff00000000240 ffff88801b041dc0 ffffea0001fa5010 ffffea0000498010
[  792.274052][T19083] head: ffff88805b977000 000000000010000e 00000000f5000000 0000000000000000
[  792.282724][T19083] head: 00fff00000000003 ffffea00016e5c01 ffffffffffffffff 0000000000000000
[  792.291410][T19083] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  792.300084][T19083] page dumped because: kasan: bad access detected
[  792.306488][T19083] page_owner tracks the page as allocated
[  792.312192][T19083] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5987, tgid 5987 (syz-executor), ts 80117002386, free_ts 79470593598
[  792.333557][T19083]  post_alloc_hook+0x181/0x1b0
[  792.338341][T19083]  get_page_from_freelist+0xfce/0x2f80
[  792.343810][T19083]  __alloc_frozen_pages_noprof+0x221/0x2470
[  792.349710][T19083]  alloc_pages_mpol+0x1fc/0x540
[  792.354557][T19083]  new_slab+0x23d/0x330
[  792.358712][T19083]  ___slab_alloc+0xc5d/0x1720
[  792.363390][T19083]  __slab_alloc.constprop.0+0x56/0xb0
[  792.368763][T19083]  __kmalloc_cache_noprof+0xfa/0x410
[  792.374049][T19083]  vhci_open+0x4c/0x430
[  792.378213][T19083]  misc_open+0x35a/0x420
[  792.382454][T19083]  chrdev_open+0x237/0x6a0
[  792.386877][T19083]  do_dentry_open+0x735/0x1c40
[  792.391651][T19083]  vfs_open+0x82/0x3f0
[  792.395716][T19083]  path_openat+0x1e88/0x2d80
[  792.400310][T19083]  do_filp_open+0x20c/0x470
[  792.404816][T19083]  do_sys_openat2+0x17a/0x1e0
[  792.409489][T19083] page last free pid 5958 tgid 5954 stack trace:
[  792.415811][T19083]  free_frozen_pages+0x6db/0xfb0
[  792.420759][T19083]  kimage_free_page_list+0x130/0x230
[  792.426075][T19083]  kimage_alloc_control_pages+0x38f/0x8e0
[  792.431815][T19083]  do_kexec_load+0x47e/0x8c0
[  792.436400][T19083]  __x64_sys_kexec_load+0x1bf/0x230
[  792.441597][T19083]  do_syscall_64+0xcd/0x250
[  792.446105][T19083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  792.452006][T19083] 
[  792.454322][T19083] Memory state around the buggy address:
[  792.459943][T19083]  ffff88805b970100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  792.468000][T19083]  ffff88805b970180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  792.476057][T19083] >ffff88805b970200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  792.484130][T19083]                                      ^
[  792.489762][T19083]  ffff88805b970280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  792.497818][T19083]  ffff88805b970300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  792.505877][T19083] ==================================================================
[  792.678025][T19083] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  792.685273][T19083] CPU: 0 UID: 0 PID: 19083 Comm: syz.4.2872 Not tainted 6.14.0-rc5-syzkaller-00137-g00a7d39898c8 #0
[  792.696057][T19083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  792.706134][T19083] Call Trace:
[  792.709437][T19083]  <TASK>
[  792.712389][T19083]  dump_stack_lvl+0x3d/0x1f0
[  792.717028][T19083]  panic+0x71d/0x800
[  792.720963][T19083]  ? __pfx_panic+0x10/0x10
[  792.725419][T19083]  ? preempt_schedule_thunk+0x1a/0x30
[  792.730830][T19083]  ? preempt_schedule_common+0x44/0xc0
[  792.736340][T19083]  check_panic_on_warn+0xab/0xb0
[  792.741314][T19083]  end_report+0x117/0x180
[  792.745674][T19083]  kasan_report+0xe9/0x110
[  792.750118][T19083]  ? force_wakeup_write+0x14d/0x170
[  792.755350][T19083]  ? force_wakeup_write+0x14d/0x170
[  792.760586][T19083]  force_wakeup_write+0x14d/0x170
[  792.765651][T19083]  ? __pfx_force_wakeup_write+0x10/0x10
[  792.771237][T19083]  ? rcu_watching_snap_stopped_since+0xe1/0x110
[  792.777511][T19083]  ? trace_lock_acquire+0x14e/0x1f0
[  792.782736][T19083]  full_proxy_write+0x13c/0x200
[  792.787606][T19083]  ? __pfx_full_proxy_write+0x10/0x10
[  792.792993][T19083]  vfs_write+0x24c/0x1150
[  792.797337][T19083]  ? __fget_files+0x1fc/0x3a0
[  792.802024][T19083]  ? __pfx___mutex_lock+0x10/0x10
[  792.807060][T19083]  ? __pfx_vfs_write+0x10/0x10
[  792.811833][T19083]  ? __fget_files+0x206/0x3a0
[  792.816526][T19083]  ksys_write+0x12b/0x250
[  792.820864][T19083]  ? __pfx_ksys_write+0x10/0x10
[  792.825728][T19083]  do_syscall_64+0xcd/0x250
[  792.830242][T19083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  792.836141][T19083] RIP: 0033:0x7f46de78d169
[  792.840553][T19083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  792.860162][T19083] RSP: 002b:00007f46dc5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  792.868667][T19083] RAX: ffffffffffffffda RBX: 00007f46de9a5fa0 RCX: 00007f46de78d169
[  792.876724][T19083] RDX: 0000000000000001 RSI: 0000400000001780 RDI: 0000000000000003
[  792.884781][T19083] RBP: 00007f46de80e2a0 R08: 0000000000000000 R09: 0000000000000000
[  792.892849][T19083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  792.900827][T19083] R13: 0000000000000000 R14: 00007f46de9a5fa0 R15: 00007fffc59aac08
[  792.908839][T19083]  </TASK>
[  792.912208][T19083] Kernel Offset: disabled
[  792.916525][T19083] Rebooting in 86400 seconds..