last executing test programs:

8m9.472755594s ago: executing program 2 (id=518):
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/kernel/tracepoint_printk\x00', 0x101202, 0x0)
sendfile$auto(r0, r0, 0x0, 0x4)
r1 = fanotify_init$auto(0x4f1, 0x1)
writev$auto(r1, &(0x7f0000000100)={0x0, 0x5}, 0x1)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/neigh/tunl0/anycast_delay\x00', 0x400902, 0x0)
mmap$auto(0x0, 0x9, 0x72, 0x8b72, 0x2, 0x8000)
r2 = prctl$auto(0x3, 0x7, 0xf2, 0x7, 0x5)
io_uring_setup$auto(0x48, 0x0)
keyctl$auto(0xa, 0x3, 0x0, 0x802000, 0xe)
r3 = socket(0x2a, 0x2, 0x0)
mprotect$auto(0x1ffff000, 0x7ffffffffffffffe, 0x4)
bind$auto(r3, &(0x7f0000000080)=@qipcrtr={0x2a, 0x1, 0xfffffffe}, 0x6b)
ioperm$auto(0x7, 0x6, 0x2)
openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, 0x0, 0x582, 0x0)
r4 = syz_genetlink_get_family_id$auto_thermal(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_FLUSH(r2, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x18, r4, 0x20, 0x70bd25, 0x25dfdbfb, {}, [@THERMAL_GENL_ATTR_TZ_GOV_NAME={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x44008014}, 0x4000000)
writev$auto(0x3, &(0x7f0000000100)={&(0x7f0000000340), 0x7111}, 0x8)

8m9.226072767s ago: executing program 2 (id=521):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0xa, 0x3, 0x3a)
ustat$auto(0x801, 0x0)
open(0x0, 0x10001, 0x144)
socket(0x3d, 0x1, 0x800004)
memfd_create$auto(&(0x7f0000000040)='A^^B\x00\xef\x97\x8aY\x00\x00\xd2\x8c\xb05\x03\\\xb2\xbf247{\xde\t8\f\x00\x00\v\x00\x82\xcc\"K\xe1II2R\xc7_\xa9\xf3\xa5\xfd\x15\xc6l\xcc\xbc\x8c\xad\x18', 0x24)
openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0)
seccomp$auto(0x3, 0x8, 0x0)
write$auto_ucma_fops_ucma(0xffffffffffffffff, &(0x7f0000000640)="bb0000000000c8197197437e84568d1d7e76ccd4c50af8510779a41d67867f5422be80614e6026ac219736ba25a01068d5cdfab8294ee14f52c04503712b135ec05812191c0acb0865baf969428f00d84de1ded0fe2806cfe0946367570f6b32949876a91d19db29871ebd93ea3a1913f25e65ab6ede9450e34f089577908a67b6482de0b577abfe0673dda185df9bfeab1a0aedd270069c55aaa7a88a", 0x9d)
r0 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000000), 0x808c1, 0x0)
openat$auto_proc_setgroups_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/setgroups\x00', 0x80100, 0x0)
mmap$auto(0x0, 0x2020007, 0x5fff, 0xeb1, 0xffffffffffffffff, 0x8000)
r1 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r2 = socket(0x10, 0x3, 0xa)
sendmsg$auto_NL80211_CMD_EXTERNAL_AUTH(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000a40)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYBLOB], 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x10)
write$auto(r1, 0x0, 0x45c)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f00000000c0)={0x8, "e6c26c22ab89af11056b0001ac097e0a0728d9300000c500", @inferred=<r3=>0xffffffffffffffff})
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
fstat$auto(0x2, 0x0)
socket(0x2, 0x3, 0xa)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$auto(0x5, 0x104000000000010e, 0x5, 0x0, 0x16)
bpf$auto(0x80000001, &(0x7f0000000580)=@raw_tracepoint={0x5, r3, 0x0, 0x2}, 0x6)
statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x44f, 0x7, 0x5, 0x1007181, 0x8a0b, 0x7, 0x7, 0x7ff, 0x89, 0x26, 0x4, 0x200000000001, 0x384, 0xfffffffffffffffa, 0x8, 0x0, 0x30, 0x0, 0x864, 0xe, 0x22000, 0x200, 0x0, 0x88, [0x200, 0x2, 0xffffffffffffffff, 0xfffffffffffffffe, 0x0, 0x401ffc, 0xfffffffffffffffc, 0xe, 0x1, 0x400, 0xfffffffffffffffd, 0xffffffffffffffff, 0x8, 0x4, 0x6, 0x0, 0x10000000000008, 0xc329, 0x8, 0x10000000000, 0xffffffffffffffff, 0x4, 0x2f, 0x0, 0x0, 0x3006, 0x2, 0xffff, 0x0, 0x100, 0x4, 0x6, 0x2, 0x88e, 0x40, 0xfffffffffffffffc, 0x8, 0xa38, 0x0, 0x4, 0xfffffffffffffffc, 0x2, 0x8, 0x10000000007, 0xc567, 0x8000000000]}, 0x9, 0xd)
ioctl$auto_FS_IOC_GETFSSYSFSPATH(r4, 0x80811501, 0xffffffffffffffff)
r5 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
ioctl$auto__ctl_fops_dm_ioctl(r5, 0x2, &(0x7f0000000380)="dcbb5fd7054bed139fb7f9fb1dca8fe1d88f65ee057c0e6faac40d106e4f0d52edf6e31c48e8d983ae3431fa707225c2c387e1a200b38759ba8e9187200e6d044ef46a534de751b1436f20ed7071b254509700aa726ea003a1b7b9ce2313756dc84bc4556ddac694c4553d72ed13a885176712c9cff968f74bd1d14ff734ad08e60cf7e7a7dd07d2b6ca9cb21ddaae68d2969afcf6c734f6ee1c63b1c93abf32264f9ec022b64c903276298739ee8ae7ac1fe14534ad54004f39ea1b99964702554c1494e1742baeae527cf3007d50fc92e924f73b6288e5d9fd071d2fba76b2fabd3faf5229f4c3168226346e3087026d3d2c8aed398d4988971e05ff0ab9f5f2328e7f51d5061584b44581a4c83e413718d3a82f87daf87d1d5a2c32fbaa58f095fbf34ccc603b632155c27289cb5598049a7c9160dfe8a01d5a1983408082941eb39db2a09c5a34dc876dfa58a589687aa0cf6be7b5b084a8f753758332896ec3adad7a79b751908ee2b3d25131f44185a0ed8d20e9b6b8a1ed11402b02e544b67caf3177eda039e64aaf295eca7953c165fa73afca96d7750663711101c6e14e44817c6ad4b1474132dd441ca5c9d7776c871ffacbd96910496cad7010b9b526135e84")
ioctl$auto__ctl_fops_dm_ioctl(r5, 0xfffffff7effffd05, &(0x7f00000001c0))

8m9.03082178s ago: executing program 2 (id=522):
r0 = prctl$auto_PR_RISCV_SET_ICACHE_FLUSH_CTX(0x47, 0x4, 0xffffffffffffffff, 0x0, 0x9)
mmap$auto_mtd_fops_mtdchar(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000015, 0x40010, r0, 0xf)
r1 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x129800, 0x0)
r2 = openat$auto_virtual_ncidev_fops_virtual_ncidev(0xffffffffffffff9c, &(0x7f0000000080), 0x10080, 0x0)
ioctl$auto_BTRFS_IOC_RM_DEV(r0, 0x5000940b, &(0x7f00000001c0)={@raw=0x56, "f7da3d84ab85c9176181c168f52b7b4311c71e0df425b9c6e5f78517efbce4fc2bb0ec12882d50e92b2d53e1142e4bfcaafbddbe898db07b419ac751051fc8a8ba5c71a0e2c74891fd4918019621edfd4e1718d64e5efc47c1a808d0a191e8bb826483c16690ee13d59eefc43628df3b831c39b9df6496c647a99cb82f9ff64a4951ac2c2088ec18fc8b2a6bc1ccf22b6bd3f87d3ffb09944c15d2a712a2dd956e0a603605b6b41f61b63b5758be5423addd3a6c56a8d3a2265f4f9686289a54fa30f2da828917c54f786f0130e6f6a69d9ee829ff4567d03d76bdde4577888487609835a37dbf9b9a156b800e7d47a3a88538138721b170107b63f10bb2824fe96b0e4fc466a403b754c51b92a409fa86024d5918c779ab7450b857358382d69c4e93441d0097fd50f898cc1be2150ea3a00a088a34c6118057433a2546c6b5fe68d1919262402d06a7dc8cba53167b8d6b1abcad50e4afa5e7ca7275bee84af93d37dd15c8e6a54650ac645035644512b03d6d96c94554065622fe4064c7afa1e779403a1766f8d8dc6e3310a46a38edce0e58c222c7161d6d9955a4c8ebf1e800cbabe1f2da3dec321685cd4648fda4d56607080093a236ad1e2ac3f5b21b77d37c9c54f2e39aa1e4ea4c9079e62f6f59c86c6ccb62cb62ac007dde4546714d2019832913a71133b15175f5dbac518fe7741f3fe7d765d73c79fbe625f8707c5be00756519a3eedf14b853055bce2e849e1bbc90d029ab65b18183315a44b99f3f58db384ee0b43c02bc10c655da730fb96632b72f885e87729dc313567181370fd512f59dccb05ccda621806a7720e9e4cd7b7aac4328c2fcf069b73a70d55cbefc64177684631674fbf9ef102fa12184a2c02cf8fcc9dcb689b21343290f6ffc2c69be7b270825a38362c8b6072aa7fa502ceeb92a792a02d7353d84d25945f6ef0200ab3c45f366e2f7791c6390800d61a09de399ce5f402b817b501ca612896cc97f713684126715553a3303537b08d5b00ebb92a443d9c19eb87c330811c86e9f559e45e578d18c14ad171b244459d587f32a8f32605596317d3701a5bef1e7ad5f307381b1293d2ba3a48a64eb6c836af29f4c19d3c87d2aecaaab613da236444e1d35112265d48ff29bc41e9811cf5d21b542c81009f703994eae407c8313ae1ea0e929a54f8385a78d8109d4c848572e1c9ed4668bee5159b5590dd1cee113d5bad7c87514a61aaa46d2e10a325088ebb23dc96e9bf854320c79e49a55c672c99cddfc43698837e3742d63100074dfa61f832c8c6945d7df3415fda7c1037650f18994f6f2ce8c76954db90af1b1c4104ba59ab29a8e3ed5fdcc07740deece2f0847fec925952ee7cfb147b9f962c95dc4b1abf6324b2ba1a52d21cb0f1c77266e49206b371acbe56bfb1ff8f74480bbc6f01ccf0e2bc8a35c259b20ff07e4a5a6f94253c8b26aa60d115f0c1f7267a68953ee63a3d57c76c56c079ca521d2992c495a58789184b95fa1a10dc47902fa7ac35fe13a33b8d459a0961020545097a2c88ddd376954ce6e579cc7ce77021b84fe5ce134fde5d53e9556c7d53dad70d1fb7de92eeef3bd17e3edabfd7b71e3ff564d89f697e774ff007210530d98c7cc6669dc1abcbeba0c7f79ae00987da241fb657ed13c9b9e64f56462e5236a6d72dfeffa328ad6424654ffd2753c7e22a41a4c81e76c85b6f77aaa780765d94a94bebc1fbe947d4ef5aeed8c16de0bb71bc224b542e7a87200df2133e653113484dce74f899513d1b8dfd51c1b2bfb2050e77323427c4850b7b54106e809453bf81cf373a1f594d516fcb5a8829fa5c83f6558928f5a3dcac2b333e868e8e1d8ed1d664578f91faf8a28d7007255309e2bd08d341a1749f0ec67b3697c53ce9130603c317d5ee0dfff8df4eff5b8477b16d538e37368d68bc014169eaf7bd6428f16bf861e50a19a6f9370b34b30203cbcebdf366649cb9e6889218fe231c99f191088a35e768a73391da893dfb03f4e0a947673c32e55fd585cfbfcc1aea72e8b7b90a4f256d4292f7eca3cbb4c51770c57466be893d49bab5436cec3890238fa6c9f61380206dc99d884dcc880518b785e1d480802c679c8ea3943529997a89518158e3d8acb1caf73ef31b8c60930c7b1694095516447f7a677961f918cfcb9f5de65f1cef2ed9e70c042b8bc2990d192cf8e01e0db92911e60b38740cebe103e3e7e27be31fd7c1a6d2d5b3236b69a89039880949ac4ccabe3e61ce97b9ed75c4bc44ee5fcb5ebfc60baadfd1f95815d2f3a5d36023d058aaef3f7da5dee7469390195de1ee3ad2f10360107225fa66d7a536b8ad766f6673015e51dd95c76173457c7eaf32b400996e5f8f53c445278f1b2e7175ae423df3dc8e83047d2169861addd17ecb454f524ca73d3ca3c2ce86cc5a2e83c02be7636af6a58bd23727a30655adc50fc7f8900244a357cf19f47f685f91f7705dd1be8e7ea51581de1e23a3804b6ccd2f9429839dbd03be993fa96e6bad919300213e6d45523338c10a7bbabdb6ba3baace788ecc29db421070677b5d27785ea6848e8c7b891f6be4f9da28e227f3fd1318e9a87819307da8034f38155d02042ccad5e53807c66cb9371d88d3da476439491c80f121819dc864a7f8e309736b46b3d0348c3f33907a274d0d13ff21b1939bb233193ada29d53cd0bc85bc398d196d107791ef2e00f6d0cb2f34c7b3a518fdd77a26b15bc053d035b5e6f11dbef82f3630349c7867ca49eaa7f11c7e74a6218bf23713fbb5eb74f7bd516b3a3bcc87b83c4364a165952dc6e7b264472ab962f3981ef9a957a0f41b096af267ab9759108f26613c4860217eb550c8382b01375bfc89819af62a26855fd665ab4153ff53f59e882feb765249f894d9f0238aedc409210b6aa3fd35713943fbff74f1ed3b64c65c4c6be8da667bfc7d9442fc2ed15b1580a1d6f1c6cd5aa90f8f8f8cb7ac1fd11293b9cf295b3210c20ecdfb6abdf071999ad3e8cfcc26dee91fc7dfa0c27d7a09f04d3c254b0714d2374d5353b7fbbf4ed841a9a7202d2b20b84bc37aa7eba72525bc2db923b33768dc114ec040e62ab55b97a9870a54397e74ff70d73c3949be6b4835178c7aa346bc7c7dbe3be10f0595d17c9d3d907a51404ecd5111cb70ddf2e2fc7f05101b335a740dbe8b194db58a9bcc6dd3fda05fdbb7902d6451eafb8f70b8133a97881a241bab30c8701e79258270f03dac26c6767b68f414ea808dffbc5fb14163305431f191a54bfb33da2bf2bafc1fa42718991b0aed57bbaeacdda1caa13cc7e6080ac76c81f07f081d2b655f6842c60df4eef213bbbc50002b0280f414694ea615dcbf23b53a49dcd5d12df87897c7e0a2550fee39d70243a4d15cde638a8adc9825c996572f8ea7554b01bda4a1a82e8d31ddd1e1df3284deb9bc3a83cf03551f1ecc63ac221f04d8a3cdbf7cf138103a6d08db24a578edf12214cfc610dd2e81e3ad498c582d5aca5b33addc0f708317b2032f4ef3c720439510f9c9aa508f9c02d3ea7f842a054a07c71fcc3b8acd55c074e21e351d097bb6806c979c07c55305f4b568a78a0345bbe241eec92089a5d81d4be261fc0c97e0f0cc5b972ec9a53a1d9cf4e74cfd7b43eb31566f92cf6b8ffe784ae28f60d43fc02080e4d2096e42537efd8575b457037d96e5aaa6b94eb3a2207d1116e145668c87dd1d938e461fef2a6eb845d19b212ca67a733fb3525730be77abd9d10cc1478042712ca0d0c6dffcb342f90dad47ce92509dcd85dc0d16b7d1bcf6ebf4c034db241f9d26c3cf2d0ca33cf5b326b5ab8208de7912e5afaa830fcbf432989173f61aaf02fb1f0869739814161188c40ae49ceceec74d48c24d0b0ad2374b179859f9e32442bb640556e749b315f8843fb71af7d67147e7c54d916a2c502b063480427f73f3aa660f34220460d36413600877ebd686395375cbf1a1f0486f8df0f9ce686c67452256dc86c47101a2685d8d09eb127f09f4076faec05729ef5e3f6a36678ac52ae09dbc04632f45ea700c2ef37e8531e526d380e24f707143c8bc91d07d33c1de695fd3e8ed309006c8d77cc48a435905c188e43e5838d2d15881dee7dea494e543e8d60a73deb3fdfe7b44a0e7984439ecd0cd546ef1a5eb4f126fce1784d690a37a98a751c413175a209d1eeb2d9214b6e2e9c8f33d20b5a6a9bfec56858fefa5d260be59a8c904c58aeb8ee28fa4502ef7a24b9b57bbe2e4a36e6e26c987ed16de1a7d9ab128834dd53cfba212b1739936e7361ace92cfb5bec3871d4df58f144a7270b16f04f4f8c6b0727b8fad61b24234da9bf251f579e3271855195769e69c01231ffcbaa4a33bcd093eeb84194952a4d04de4b497b2622737597bae81ddde87f3d8c5a130b77e0ba6c135df869ec2bcf1216dabfc6bdda3cafb43d937d9dc3b276d53b52c250aaa5bf107d899fcb54134e4fac771f6943214f254e994235d7dcb8b56b416bc89d74d7aae1024e3bc33b89ad3b3f3be1efc2872f107868d6ace53ca2349a969e6f81a75d0d28932c3f7aabe32097aa3e1febab17973b104e051a10dc5d942e24d24332c0ad7e61f634a0c972ab48a4c46cd5cbb82606a2f2baae544a90503b176f30b3caca59404cdb0d77385a6e9b728fa5c99c9d681a1a5d9232bcdf5477a37c6a1012f32a43a975a3e64e4079667efe1607476aeb5ca26db48f0ad7a16005d8014061d67a02c34a80cf55748d23dfc35b12e81a6e81e9f39ee8363dd38d66a7c1e0dcbc395472b70f22029f1a86538c18a19b5df4696d2e5c051f4d1bf5c73548fa1817d2caca4cedd18b6c3431d1fd813c7584dfbefd93b05a5e69c30ce849d1e26725ddd9c920b3d22b545135527c03fd840d8f0c19fc196e8dfbd23ffec127aaea4d62e590d4d1ec33b661165fab6764d36af3ce906ace5da4e38d25120a688fe0b7f343ae91fa9dae09631c3c03402d7c0ef1bcff56ebeea4b28b20590e6b4f4ffbc4c3bfd8019d7ea94541520440a90123c490e9d75019b879c00095547e5892bdd8c638a6dcc614c829bf13a231d26901ed7779b56b3e62de8cc20527ec3ef18c7ddac6d7177a0ac905eb96fcca7dd8e0a7e7e47b142be1dda95a87af7d7c4e0f43f1e06d553bd153392f799f19a6c035bd7e0ba9b2161241de96e16aa3d1ac7169289caac81b3a3ea4aa3838ca9a8f8eb63c9aec8eddad25a667eeb2917ff4c72964d93a989ea5a7d4f92f5bbf799d4f43bbc2486e403c4e5fd9161cd8174b8c776b37d91e20494dc2801a3b70dbe87dbaf0a9535ba7278678c1b1056a87d26cfabf12a3b91e0a1c02f66843599dde7a0a392b7b4aaff8ff653ba9b0eafb1e8e4d2d802ae08919d3ee6d101b959a5fc8649b60a504a3c2093fd3a0e3bbadb629c6f0d06473333a50240e2070ff95ffddce26cb52c7a923a8f65e9166d5027fe773e3bc2a7edde9ab73412edaf39464f83f7095752b620a6af41d5ad7b085383230e4c2f1e25c8640792bea2d791a09a6196e4f8290120b25daecabe3bf2c99fa7956e3af8ff0568ba84d950761eb4c97de0b864139d2e2db9eba8239793c61099189871babe4422a59763b39c5798a634913586812dedc79353b90f14c9c25c693b662c16a60ef46d4b3652ece73653ff5e49983ee3d7d553389c5532588f3bb48854d8724d7035bb85acf4241e01ca21be842c30e1787dd18eb404a25b0b3bc53c359df4d75f45a24c7b7bdae7f089d8a671999997e84fc13ed2e37c67fd"})
writev$auto(r2, &(0x7f0000000180)={&(0x7f00000000c0)="7d8b6642c4694ef6b2e5b0be4a0d6e1c6714e9805a7427c65dfcee20c53f7988a9fe8e045b7f94d35d572dd9e9d563b566f381830f7b2d9fcf65635c07803802611295c4975875cb41a385bcac95013e2905710d2a38071efebc94f7b264b3df3458e501b32534a51f0f665ba7d1fadced174b68ef6c9cf3c653269e61e89c3bc7febd8bfdfaf2be951b5e977a9249d8b39d5d880edd15607ba6827b9bff1461a96373dbb8179634c90b601487094359a53ca1", 0x9}, 0x101)
ioctl$auto(r1, 0x921064ac, 0xffffffffffffffff)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/pci0000:00/0000:00:03.0/resource1\x00', 0x0, 0x0)
lseek$auto(0x3, 0x8, 0x1)
acct$auto(&(0x7f0000000000)='/dev/dri/card0\x00')

8m8.877770694s ago: executing program 2 (id=525):
stat$auto(0x0, &(0x7f0000000080)={0xb, 0x3, 0x9, 0x7ff, 0x0, 0x0, 0x0, 0x9, 0xfff, 0x100000000, 0x9, 0x2, 0x93a8, 0x9, 0xff, 0x63, 0x8})
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x4080, 0x0)
bpf$auto(0x8, &(0x7f00000001c0)=@bpf_attr_5={@target_ifindex, r0, 0x22, 0x1, r0, @relative_fd=<r1=>r0, 0xca1}, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
init_module$auto(0x0, 0xffff9, 0x0)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x8000000000000000, 0x15)
madvise$auto(0x0, 0x2000000080000001, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8001)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000001ac0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000001b40)={'batadv0\x00', <r5=>0x0})
sendmsg$auto_BATADV_CMD_GET_GATEWAYS(r3, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={&(0x7f0000001b80)=ANY=[@ANYBLOB="fffffeff", @ANYRES16=r4, @ANYBLOB="011329bd7000fcdbdf250a00000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x40080}, 0x20008800)
ioctl$auto(r2, 0x4b63, 0xffffffffffffffff)
r6 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$auto_SNAPSHOT_ATOMIC_RESTORE(r6, 0x3304, 0x0)
capget$auto(0x0, 0xfffffffffffffffe)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
r7 = prctl$auto(0x400003b, 0x1, 0x0, 0x5, 0x7)
socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000380)={0x2, 0x7, 0x1ff, 0x7, 0x8, 0x4909b6f8, 0x1ffdf, 0x7, 0x200003, 0x7, 0xa121, 0x3, 0x0, 0x4, 0x9, 0x7, 0x20000006, 0x10011, 0x80, 0x100000000, 0x0, 0x80005, 0x2100, 0x1ff, 0x0, 0x84, [0x0, 0x0, 0x0, 0x4, 0x6, 0x2000, 0x0, 0x7, 0xa982, 0x0, 0x94cf, 0xfffffffffffffffd, 0x0, 0x80000, 0x5, 0x7ff, 0xffffffffffffbfff, 0x1, 0x6, 0x0, 0xfffffffffffffffd, 0x7, 0x4, 0x2000000000000000, 0x0, 0x0, 0x400000000005b8, 0x8, 0x0, 0x20, 0x0, 0x80000000006, 0xfffffffffffffffc, 0x2, 0x8000000000008, 0xfffffffffffffffc, 0x9, 0xa38, 0x7, 0x3, 0xfffffffffffffffd, 0x8, 0x4000000000, 0x7], "cef831e9b12b6ffc923e986c9b46895d012582ef898774ccc5e03ccbe2f92f5dc287c31008a243463dd9d0124b74ff0e42f7c267a735e710659980702d0ab4cea96dcc0667154984d685166f7a836323dbecc312ef199b8760afb780e17addc5f9fdc74d8d8df911543375cf1c055f6fd846ddc7998c94667e64bc6c4ad34b636067677c20d923f16b4f28cfd546c1"}, 0xd, 0xe)
sendmsg$auto_OVS_VPORT_CMD_DEL(r7, 0x0, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x1, 0x3b)
socket(0x2, 0x1, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_GET_WIPHY(r1, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000280)=ANY=[@ANYRES16=r8, @ANYRES8=r8], 0x18}, 0x1, 0x0, 0x0, 0x20004892}, 0x404c054)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event2\x00', 0x20081, 0x0)

8m7.07462198s ago: executing program 2 (id=532):
r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000040))
fcntl$auto(r0, 0x402, 0x8000007fffffdf)
mmap$auto(0x0, 0x9, 0xdf, 0x800009b72, r0, 0x3)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x0)
shutdown$auto(0x200000003, 0x2)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x169000, 0x0)
fcntl$auto(0x8000000000000001, 0x5, 0x8)
ioctl$auto(r1, 0xc0585604, r1)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x200, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8)
rt_sigsuspend$auto(0x0, 0x8)
openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x101, 0x0)
brk$auto(0x2)
statmount$auto(&(0x7f0000000000)={0x7e, @raw, 0x80000020, 0xd97, 0x2}, 0x0, 0x7ffffffff000, 0x0)

8m6.77186558s ago: executing program 2 (id=533):
epoll_create$auto(0x4)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x4040804)
socket(0x21, 0x2, 0x2)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
accept$auto(0x3, 0xffffffffffffffff, 0xffffffffffffffff)
lstat$auto(0x0, &(0x7f0000000180)={0x4, 0xf, 0x6, 0x76402f57, 0x0, 0x0, 0x0, 0x4, 0x2000000000, 0x400, 0x40000402, 0x5, 0x9, 0xffffffff7fffffff, 0x9, 0x2007, 0x20000010010b})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'})
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x4804)
r1 = clone$auto(0x21, 0x8cd, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x4)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$auto_qrtr_tun_ops_tun(r2, &(0x7f0000000300), 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
write$auto(0x3, 0x0, 0xffd8)
process_vm_readv$auto(r1, &(0x7f0000000040)={0x0, 0x8}, 0x80000001, &(0x7f00000000c0)={0x0, 0x9}, 0x3, 0x0)
bpf$auto(0x5, &(0x7f0000000100)=@task_fd_query={<r3=>r1, <r4=>0x2, 0x4, 0x0, 0x85, 0x7, 0x9, 0x10000000000006, 0x8001}, 0x101)
r5 = fcntl$auto_F_SET_RW_HINT(r4, 0x40c, r3)
write$auto_proc_sys_file_operations_proc_sysctl(r5, &(0x7f0000000000)="db5f85c680be61b241", 0x9)
ioctl$auto_USBDEVFS_GET_CAPABILITIES(r4, 0x8004551a, &(0x7f0000000240)=0x8000)

7m51.516519905s ago: executing program 32 (id=533):
epoll_create$auto(0x4)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x4040804)
socket(0x21, 0x2, 0x2)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
accept$auto(0x3, 0xffffffffffffffff, 0xffffffffffffffff)
lstat$auto(0x0, &(0x7f0000000180)={0x4, 0xf, 0x6, 0x76402f57, 0x0, 0x0, 0x0, 0x4, 0x2000000000, 0x400, 0x40000402, 0x5, 0x9, 0xffffffff7fffffff, 0x9, 0x2007, 0x20000010010b})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'})
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x4804)
r1 = clone$auto(0x21, 0x8cd, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x4)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$auto_qrtr_tun_ops_tun(r2, &(0x7f0000000300), 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
write$auto(0x3, 0x0, 0xffd8)
process_vm_readv$auto(r1, &(0x7f0000000040)={0x0, 0x8}, 0x80000001, &(0x7f00000000c0)={0x0, 0x9}, 0x3, 0x0)
bpf$auto(0x5, &(0x7f0000000100)=@task_fd_query={<r3=>r1, <r4=>0x2, 0x4, 0x0, 0x85, 0x7, 0x9, 0x10000000000006, 0x8001}, 0x101)
r5 = fcntl$auto_F_SET_RW_HINT(r4, 0x40c, r3)
write$auto_proc_sys_file_operations_proc_sysctl(r5, &(0x7f0000000000)="db5f85c680be61b241", 0x9)
ioctl$auto_USBDEVFS_GET_CAPABILITIES(r4, 0x8004551a, &(0x7f0000000240)=0x8000)

51.558345212s ago: executing program 3 (id=2738):
fanotify_init$auto(0x65, 0x2) (async)
r0 = fanotify_init$auto(0x65, 0x2)
read$auto_proc_pid_maps_operations_internal(r0, 0x0, 0x0)
mmap$auto(0x7, 0x400008, 0xe3, 0x200000014, r0, 0x8000)
mlockall$auto(0x7)
socket(0x23, 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r1 = socket(0xa, 0x2, 0x3a)
setsockopt$auto(r1, 0x29, 0x39, 0x0, 0x110)
io_uring_setup$auto(0x6, 0x0)
read$auto(0x3, 0x0, 0x80) (async)
read$auto(0x3, 0x0, 0x80)
close_range$auto(0x2, 0x8000, 0x0) (async)
close_range$auto(0x2, 0x8000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_TIOCSWINSZ2(r0, 0x5414, &(0x7f0000000000)="af22e1c0009035a95fa652dfa5643d9ebc18ded0b91417abc56a2a0808f7220e77a6d5a823c9af9e8e6d5faf680c253f34c4bf5c1ca95ae2ba0fef139e89c2a91ddec323e0b5ffecce521141d7af7b23380ca8e571f68d6a99591cd1bfce0fcd2f3c32dc180fff8ed0d4edd743c059bbfcafbc6342c9aeaf6511963f48fa1038599974663fb14f76e1e8368387")
eventfd$auto(0x4) (async)
eventfd$auto(0x4)
socket$nl_generic(0x10, 0x3, 0x10)
adjtimex$auto(&(0x7f00000000c0)={0x200, 0x0, 0x10, 0x80000000, 0xbbce, 0x50000000000, 0xb0, 0x0, 0x2f, 0xa0d9, 0x4, {0x9, 0x7}, 0x0, 0x409ef651, 0x5, 0x2, 0x0, 0x8, 0x52, 0x100000001, 0x165, 0x2, 0x80000000})
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)

50.660648015s ago: executing program 3 (id=2746):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r0 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = open(0x0, 0x22240, 0x55)
socket(0x2, 0x3, 0xa)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) (async)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8)
connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) (async)
connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x66)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
mincore$auto(0x0, 0x10000, 0x0)
statx$auto(r1, 0x0, 0x1003, 0x4005, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) (async)
open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84)
openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f000000e680), 0x2, 0x0) (async)
openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f000000e680), 0x2, 0x0)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
socket(0x2, 0x1, 0x106)
socket(0x21, 0x2, 0x2)
bpf$auto(0x0, 0x0, 0x96)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0x29, 0x2, 0x0)
syz_genetlink_get_family_id$auto_netdev(0x0, r2) (async)
syz_genetlink_get_family_id$auto_netdev(0x0, r2)
fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d)
sendfile$auto(0x6, 0x3, 0x0, 0xfffffdef)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) (async)
r4 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB="cf51cc00000000", @ANYRES16=r4, @ANYBLOB="1b0026bd7000fddbdf2503000000040008001c000380180011801400f2800c00010000000000000000000400a08012000100898771f1c19f1779048590828847000004000280"], 0x4c}, 0x1, 0x0, 0x0, 0x4044}, 0xc800)
setsockopt$auto(r0, 0x1, 0x1, 0x0, 0xfffffffc)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
mmap$auto(0x0, 0x20008, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000)

49.682333646s ago: executing program 3 (id=2752):
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x8080}, 0x24004805)
lstat$auto(0x0, &(0x7f0000000180)={0x7, 0xb, 0xfffffffe, 0xffffffff, 0x0, 0x0, 0x0, 0x1000000006, 0x6, 0x7, 0x400, 0x7ffffffb, 0x8, 0xffffffff80000000, 0x1, 0x8, 0x107})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'})
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xffffeffe, 0x2)
io_uring_setup$auto(0x59, 0x0)
setresgid$auto(0x81, 0x800000a0, 0x8)
open(0x0, 0x64842, 0x0)
io_uring_setup$auto(0x6, 0x0)
statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0)
userfaultfd$auto(0x1)
ioctl$auto(0x3, 0xc018aa3f, 0xc)
socket(0x28, 0x1, 0x0)
io_uring_register$auto(0x2, 0x14, 0x0, 0x3)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
mmap$auto(0x0, 0x400008, 0xc, 0xf1, 0x2, 0x8000)
remap_file_pages$auto(0x1, 0x1000, 0x0, 0x8, 0x10007)
mmap$auto(0x0, 0x8, 0x1000000004, 0x13, 0x3, 0x110000000)

49.429364808s ago: executing program 3 (id=2753):
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/traceSMB\x00', 0x62441, 0x0)
mmap$auto(0x0, 0x8001, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000004c0), 0xffffffffffffffff)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, 0x0, 0x6a)
r0 = openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000540)='/dev/cpu/0/msr\x00', 0x0, 0x0)
ioctl$auto_X86_IOC_RDMSR_REGS(r0, 0xc02063a0, 0x0)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000b80)='/proc/sys/kernel/kptr_restrict\x00', 0x2c000, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nlbl_cipsov4(&(0x7f0000000000), r2)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x562, 0x0)
write$auto(r3, &(0x7f0000000440)='+\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7)
mmap$auto(0x4000, 0x2020009, 0x3, 0xeb1, r2, 0x8000)
mmap$auto(0x0, 0x4, 0xdf, 0x9b72, 0x2, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x2, 0x10000001, 0x10001, 0x0)
syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff)
sendmsg$auto_TIPC_NL_LINK_RESET_STATS(0xffffffffffffffff, 0x0, 0x40040050)
ioperm$auto(0x7, 0x6, 0x2)
fstat$auto(0x1, &(0x7f0000001a40)={0x2, 0x3, 0x1, 0x2, 0x3, 0x0, 0x0, 0x6, 0xe, 0x7, 0x3, 0x7, 0x7ff, 0xffffffff80000000, 0x7, 0x7ff, 0x81})
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x3, 0x6)
r4 = socket(0x10, 0x2, 0x0)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0xfffff4a4, 0x0, 0xfffffffffffffffd)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="1200", @ANYBLOB="72010000"], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=ANY=[@ANYBLOB="1b000000", @ANYBLOB="1a00279e"], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
read$auto(r1, 0x0, 0xb5)

49.201672385s ago: executing program 3 (id=2756):
mmap$auto(0x0, 0x20009, 0x804000000000df, 0xeb1, 0x404, 0x1000000008000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
read$auto(r0, &(0x7f00000001c0)='\\\x00', 0x8000)
socket(0x10, 0x2, 0x0)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), r0)
ioctl$auto_I2C_RDWR(0xffffffffffffffff, 0x707, &(0x7f0000000380)="67d93c266e8c")
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1000af"], 0x1ac}, 0x1, 0x0, 0x0, 0x22004840}, 0x4001)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

49.015433456s ago: executing program 3 (id=2759):
openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000002640)='/sys/kernel/debug/tracing/set_event_pid\x00', 0x2002, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
unshare$auto(0x40000080)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0)
ioctl$auto(r0, 0x8038550a, 0x1)
unshare$auto(0x40000080)
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, 0x0, 0x1541, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x6, 0x0)
pidfd_open$auto(0x1, 0x0)
socket(0x10, 0x3, 0x6)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB='\t\x00\x00\x00', @ANYBLOB="1a0027"], 0x1ac}, 0x1, 0x0, 0x0, 0xc080}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x40001, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/i8042/serio0/force_release\x00', 0xc2082, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r1 = getpid()
r2 = openat$auto_ctl_device_fops_user(0xffffffffffffff9c, &(0x7f0000000100), 0x20082, 0x0)
write$auto_ctl_device_fops_user(r2, &(0x7f0000000340)="a504ff4c280e43904055ceb3bc98cf2af453126b06d1f8b678ad4700b35e33bf24e0c6269dd4fcfeafaacd781a02e63a0f9cf51e53d742c6cd3e1a4531a69c151e3714d2418d3a55d79a114e8309e48778a229eef16577bd021ce7b48a29a4e1c32f5f0c3393287d", 0x68)
process_vm_readv$auto(r1, 0x0, 0x1, 0x0, 0x6, 0x0)
write$auto(0x3, 0x0, 0x5dc)
acct$auto(&(0x7f0000000080)='/sys/\xa3\x96\xcc\xfck\xe4\xe3\xfdtdevices/\xf0lat\x11or\x02\x16\xf8U\xcd?\x1b\x83ym/i80$2/ser~>\xe8 K\xb3\xdf \x02<\xca\xebaS\xe9\xf2\"\xf7$\xb3c\xd6\xce\xc6\vl\xabk\xee{\xfe\xbe\xf4&v\xb0Y\xb1^\xb6F\xa8\xe4\xce\xf4\xfa\xfe=\xeb\n7\x18\xe1?\xdd\x18\xccr\xa7\xde\x10:~!\xb45\x8c\x99\\\x89\xc6TS~gy&\xd1\xf0\x84\xda#0u\xc1\xd6\xb2\xd5\xc9\a\x94j\xd0\xe8\xac\x8fG\x9dY\xd3\x01\x06\xcfL\xaa\x95\xbaq\xf1\xca\xc6\xa2\x05\xc8zUd\x02L\x94[\x91\xab\xeb\xdf\x95y5^M\x8f\x9c\x85\xdd|g&\xa0m\xad!\xa7?\x8c\xb5\xe5\xe87\xc6\xe0\xdduH{1np\x99\xb5\x1aVlS\xeeW\x1d\xa61\xd9#zg\x7fi\x16\xfej8\x90\xa9\xf3<F\xf7\x9eo\x04\xb9\x1a\xf9\"\x02)\xbb\xfb\xc2\xc14\x04\xee\x16')
acct$auto(0x0)
ioctl$auto(0xffffffffffffffff, 0x40046207, 0x9)

33.563995854s ago: executing program 33 (id=2759):
openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000002640)='/sys/kernel/debug/tracing/set_event_pid\x00', 0x2002, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
unshare$auto(0x40000080)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0)
ioctl$auto(r0, 0x8038550a, 0x1)
unshare$auto(0x40000080)
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, 0x0, 0x1541, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x6, 0x0)
pidfd_open$auto(0x1, 0x0)
socket(0x10, 0x3, 0x6)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB='\t\x00\x00\x00', @ANYBLOB="1a0027"], 0x1ac}, 0x1, 0x0, 0x0, 0xc080}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x40001, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/i8042/serio0/force_release\x00', 0xc2082, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r1 = getpid()
r2 = openat$auto_ctl_device_fops_user(0xffffffffffffff9c, &(0x7f0000000100), 0x20082, 0x0)
write$auto_ctl_device_fops_user(r2, &(0x7f0000000340)="a504ff4c280e43904055ceb3bc98cf2af453126b06d1f8b678ad4700b35e33bf24e0c6269dd4fcfeafaacd781a02e63a0f9cf51e53d742c6cd3e1a4531a69c151e3714d2418d3a55d79a114e8309e48778a229eef16577bd021ce7b48a29a4e1c32f5f0c3393287d", 0x68)
process_vm_readv$auto(r1, 0x0, 0x1, 0x0, 0x6, 0x0)
write$auto(0x3, 0x0, 0x5dc)
acct$auto(&(0x7f0000000080)='/sys/\xa3\x96\xcc\xfck\xe4\xe3\xfdtdevices/\xf0lat\x11or\x02\x16\xf8U\xcd?\x1b\x83ym/i80$2/ser~>\xe8 K\xb3\xdf \x02<\xca\xebaS\xe9\xf2\"\xf7$\xb3c\xd6\xce\xc6\vl\xabk\xee{\xfe\xbe\xf4&v\xb0Y\xb1^\xb6F\xa8\xe4\xce\xf4\xfa\xfe=\xeb\n7\x18\xe1?\xdd\x18\xccr\xa7\xde\x10:~!\xb45\x8c\x99\\\x89\xc6TS~gy&\xd1\xf0\x84\xda#0u\xc1\xd6\xb2\xd5\xc9\a\x94j\xd0\xe8\xac\x8fG\x9dY\xd3\x01\x06\xcfL\xaa\x95\xbaq\xf1\xca\xc6\xa2\x05\xc8zUd\x02L\x94[\x91\xab\xeb\xdf\x95y5^M\x8f\x9c\x85\xdd|g&\xa0m\xad!\xa7?\x8c\xb5\xe5\xe87\xc6\xe0\xdduH{1np\x99\xb5\x1aVlS\xeeW\x1d\xa61\xd9#zg\x7fi\x16\xfej8\x90\xa9\xf3<F\xf7\x9eo\x04\xb9\x1a\xf9\"\x02)\xbb\xfb\xc2\xc14\x04\xee\x16')
acct$auto(0x0)
ioctl$auto(0xffffffffffffffff, 0x40046207, 0x9)

7.302109429s ago: executing program 5 (id=3014):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
open(&(0x7f00000001c0)='./cgroup\x00', 0x0, 0x6f)
mmap$auto(0x0, 0x20009, 0x7, 0xeb1, 0x401, 0x8000)
open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84)
r0 = socket(0xa, 0x2, 0x88)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'sit0\x00', <r3=>0x0})
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r3, r2, 0x4, 0x1ff, r0, @relative_id=0x13, 0xe600}, 0xf)
bpf$auto(0x2, 0x0, 0xc)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r4, 0x0, 0x3}, 0xc)

6.995645195s ago: executing program 5 (id=3015):
r0 = openat$auto_wakeup_sources_stats_fops_wakeup(0xffffffffffffff9c, &(0x7f0000000000), 0xc8400, 0x0)
lseek$auto(r0, 0x6, 0x1)
mmap$auto(0x40000000000000, 0x400008, 0xdf, 0x18, r0, 0x8000)
socket(0xa, 0x3, 0x2f)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4040010)
setfsuid$auto(0x401)
r1 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r1, 0x0, 0x7, 0x4008)
ioctl$auto_UDMABUF_CREATE(0xffffffffffffffff, 0x40187542, &(0x7f0000000000)={0xffffffffffffffff, 0x3, 0xfa, 0x4})
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
getrandom$auto(0x0, 0x6000000, 0x3)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0xa, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$auto_SO_TIMESTAMPNS_NEW(0xffffffffffffffff, 0x6, 0x40, &(0x7f0000000040)='!-\x00', &(0x7f0000000080)=0xfffff000)
r3 = socket(0x10, 0x2, 0xc)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000013c0)=ANY=[@ANYBLOB="18000000", @ANYRES8=0x0, @ANYRES8=r2, @ANYRES8], 0x18}}, 0x200080c0)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r3, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x10048884)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev5\x00', 0x280, 0x0)
r4 = getpid()
process_vm_readv$auto(r4, 0x0, 0x1, 0x0, 0x6, 0x0)
ioctl$auto(0x3, 0xc040563e, 0x38)

5.753195753s ago: executing program 5 (id=3022):
kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x2aa7, 0x6c0000c000, 0xc000}, 0x4)
ioperm$auto(0x3, 0xe, 0x2000000000000149)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
r1 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080))
fchdir$auto(r1)
mmap$auto(0x0, 0x9, 0x1000df, 0x9b72, 0x2, 0x8000)
getcwd$auto(0x0, 0x6)
renameat$auto(0x6, 0x0, 0x5, 0x0)
r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/iomem\x00', 0x101000, 0x0)
pread64$auto(r2, 0x0, 0xffffffff, 0x2000006)
ioctl$auto_I2C_TENBIT(r0, 0x704, &(0x7f0000000080)="adb0b195f7afcfd8ff8822e14440bf652954d743eef0aae62eb153b29dec220195f61d71d715bb2a95d3a899f909d50a2854b01b89da87003c2660f12f6ad3f3f431e54fc614d45082ad09f5b0ce47add3b40f4b8fc75deb800ace5b6dc40726b0b3b5e7f3b090060fed366066d846fa9bf0127f5c5fd1dfc1cf8590e1d10da6fc7fc6ca156ff05d7aeb1ffba1f5de91cf7c99a2229f7e080b608020d96097146a1b07b343f3b25f9d5edc7344020efb2ede79285e23cacf361e37170c9a888fb63991c687f913db72e65cbedf544e8af8d0aed9b415094b3ef31bad172824ead39fcea9c2396a88cd09d6438c")
shutdown$auto(0x200000003, 0x2)
unshare$auto(0x40000080)
recvmmsg$auto(0x3, 0x0, 0x687bcbd, 0x8, 0x0)

4.528081486s ago: executing program 4 (id=3029):
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/kcm\x00', 0x480, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000005c0), 0xffffffffffffffff)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
mmap$auto(0x0, 0xffe, 0xffb, 0x8000000008011, 0x3, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
write$auto(0x3, 0x0, 0x100082)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYRES32=r0, @ANYBLOB="18"], 0x1ac}}, 0x40000)
r1 = socket(0xa, 0x2, 0x88)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'bond0\x00', <r3=>0x0})
r4 = fcntl$auto_F_GETOWNER_UIDS(r1, 0x11, 0x0)
dup2$auto(r4, r1)
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r3, r2, 0x4, 0x1ff, r1, @relative_id=0x13, 0xe600}, 0xf)
statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x0, 0x7352, 0x3d, 0x200000000045f, 0x401ffde, 0x7, 0x3, 0x2, 0x9, 0x3eb, 0x5, 0x2, 0x3000, 0x9, 0x6, 0x10003, 0x80, 0x1, 0x0, 0x5, 0x1ffb, 0x203, 0x400, 0x84, [0x0, 0x0, 0x0, 0x100, 0x2000000000000000, 0x2000, 0xfffffffffffffffd, 0xa, 0x2000000070604ce7, 0x0, 0xfffffffffffffffd, 0x80000000, 0x3, 0x1, 0x4, 0x4, 0x800, 0xfffffffffffffffd, 0x200000000000, 0x0, 0xffffffffefffffff, 0xffffffff80000000, 0x0, 0xd, 0x2, 0xfffffffffffffffd, 0x400000000005b8, 0xc, 0x3fffffffff, 0x8, 0x4, 0x6, 0xffffffffffffffff, 0x890, 0x800000000000a, 0xfffffffffffffffc, 0x1000, 0x8000000a38, 0x0, 0x0, 0xfffffffffffffffc, 0x2, 0x5, 0x6, 0x0, 0xfffff]}, 0x9, 0xd)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r5 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

3.775397232s ago: executing program 4 (id=3036):
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/traceSMB\x00', 0x62441, 0x0)
get_robust_list$auto(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$auto(0x2000000000000d3, 0x20006, 0xdb, 0xeb1, 0x40000000000a5, 0x7)
ioctl$auto_TCFLSH2(r0, 0x5420, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000)
socket(0x18, 0x2, 0x0)
quotactl_fd$auto(0xffffffffffffffff, 0x1, 0x0, 0x0)
socket(0x2, 0x3, 0xfffffff1)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804})
r1 = socket(0x2b, 0x1, 0x1)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x203, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
lsm_set_self_attr$auto(0x9, &(0x7f00000000c0)={0x9, 0x4b14, 0x760, 0xdd, "7a2fe78b596ba85beee030b0ba4916c356aa87ed3c66cf84af9d7944ff1af07e1837a3b5223ead3e216100d260eafc27abc8228813d8bbf5637223dd476fa30ff2f7b14d5eb7b9a640832c98645fb29284d85346a1a1c5f46e103adc70612b6ac79353533eb29eafb8e5b6176e933b3c8c8e6af9a06be3014f1e10c62d332e429baae658c84ddf37edbd17ed99b8e94056bc77e5f74c51bca8ff1865a51c9bd25df8cf21746a108e33649d30117cf2397ca520d76d2098c05165aeba689c79b0dc34736ea4a33f5998fedc249873a63127bdf480ba0aa2b4d8c1cbeb37"}, 0x7f, 0x6)
syz_genetlink_get_family_id$auto_gtp(0x0, 0xffffffffffffffff)
sendmsg$auto_MACSEC_CMD_ADD_RXSA(0xffffffffffffffff, 0x0, 0x24000084)
sendmsg$auto_MACSEC_CMD_UPD_OFFLOAD(r1, &(0x7f0000000240)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f00000005c0)=ANY=[@ANYBLOB="f6708f1f", @ANYRES16=0x0, @ANYBLOB="00032dbd7000fcdbdf250a000000180002800400d4800700e300272600000500c000000000006c00028008007c80040013805e000f800400700004000280660b604cd61a488bf41bbaa4fa25a9bc48c94c957840976f65fa236582c3cc0bcbf761560b27b544cef7baba4820f730438ed08d4661d46b6e3907f51ad811e98de70cc3acb98b2f051d6824c0ff7cd9b3d200000c0003800800d00064010102"], 0xa4}, 0x1, 0x0, 0x0, 0x880}, 0x200040c0)
socket(0x2, 0x1, 0x0)
bind$auto(0xffffffffffffffff, 0x0, 0x6a)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffd]}, 0x0)

2.987422894s ago: executing program 5 (id=3041):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/loop10/queue/atomic_write_unit_min_bytes\x00', 0x60240, 0x0)
read$auto(r0, &(0x7f0000000340)='/\x00\x9br\xbb\xf8\x92\"8\xb9\t0\x1c\xe9\xcdiN\xa5\xf1\x00a\t\xc3.\x9f\xaew\x83\xd0\xde\xe0\xe9DLk\xb7\xc0\xc1\vv\xaa\xe7\'\xd7\'\xf1nL\xf1\x86s\xa2\xb0\a\x1e\x81Qa\xd7R\x18R\x86bo\x87$^\xa4:&M\x99\xd0@#S\x05\xb7\x0e\x7f}\xf0\x1a\xa4\x85=\xc4=\xb7\xf2\xc1\xcfQD\xea\xda\xf6\x03\xa8\xc1$\x0f\xd2K\b\xcd\x1c\x12\xd7\x8dFz\xe0\xbf\xad\x11a\b\x18\xaf\xa5\xf8\x8f\xc8\xcb\xbd\xb0K\x1b\xca\xc5M\xfb\x14\x87o\xca~\xbb\xce\x18\xb1Y\xda>\xbc\xdfI\xef\xaa\x81\xe8=br\xd1\xe2\x9b\x0e\x1d?,\xe0\x05\xdd%<\xec\xc3\xe2C\x9e0\xc6\xa2\a8E\x93{\xbe\xe0Z\x13\x1d\x0fB]n\x87\x89\xb8\xf1\xa6xo2\xe8\x94\xd8\xb3\xec\x9f\\\xac\x10!\x17&\x13Ik\xa5W\xdf<\x01Q\xdc,S\xc9\xbe\xf5\xc9s3I\xc1\xda\xf8\xa8K\to\xa8\xf6\xe6U\xd0\xee\xe8\a\xc2\x84\xd1\xe8\xf2\xff0n\xdf\x14\x91*!\xac\xd3g\'w`<\xd68i\x13\xa5,\x1d\x12\xd6\xcdjw\xe7\x98\xb9\xc5\xb2\xa0\xebu\x1d\xf5\x03\x84\xb2\xe3\xf6-.\x8e', 0x179)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r1)
open_by_handle_at$auto(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x9}, 0x3)
r3 = socket(0x11, 0x3, 0x9)
sendmmsg$auto(r3, &(0x7f0000000400)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000440)="661b0cbd4aeb33a218", 0x49}, 0x1, &(0x7f0000000200), 0x5, 0x3}, 0x5}, 0x2, 0x100)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000500)={&(0x7f0000000000), 0xc, &(0x7f00000004c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="739f10bf", @ANYRES16=r2, @ANYBLOB="00022abd7000fddbdf2521000000bb03b20041d36283edcbdb4a8eec2a6741ce0f8d0718600454a05a0b504c9489a51433b29c0aad1e5e8df735ca0083433f79e3eabcb3ebc4c7d1040e665c0f384f927e99f5c2fbb40ea40ab4c198a37972615ab7c7d4f78e2270cfeb5167070c8d8453e61931e04f11f2fc3b22334e8a7659eb6608236aa50001441e05a8306dc53ccb5680e6b67fb5b7582a8d98dbc9c81bd2b053e092dfb125361054f77c496a5b8583adc6334d5c205e4aca2e80cea1ac2a58812eb4a6578f9423f9b8e8ce611723e5839e02c8eca35b88cc5e99711b3d5ff80befc1b93da676cd4db27a7ac19f7fcd4da9c120ca91456bb3b31d221e03ce756d2a70c1274d0e9aeed6ffdec337e825aae46eb2c8cc0409c4fa34e8596079671fa54616b3ccb187c704d03e707c5ca1b69304a4de69775cc636510188be66132e1b7e0da7f0c04897ac0a285381afae6dda17c5fd53a30d2cb49af7ec6624ca5038b2053549ca445c65072ce91f89148d42c3c768def92dcf90c922f372f4c48147c86d8bbb3675505d23d95ceb3a231bdda84c5ff0ca6e8b6d57d572555420d6faa6dbe30e6027f61ef0353e101d9d2ada23d16f1dee21a874f2a9e83d967220734ffe0219e5de1b9248b96915e7f316b1821f40abe0a6e54ee4d2d224b4516fdb9d3e09dc64966bf67396571cfe63e5e0b540d8e96d2fe5ba515fd4b55aeffbfb4426b94488fa417715684d5def043626f93338c0d40ba8f9284f540d1619c8b7acd48297f9451ea72e8a725b006b53bcc85f1ee6b3ce45f305b82949d5bb4ed71520201f5973e262f5839302e5da7b20bdf9fb957c362cd296243834216f0aa98c70306be932cfb80fa068cd7c659eb2bb9fd11093593186cd48fbf9ac902cee461868c2ea497a64196e36272590cf2f6527fb82f10176d4a0625340d5f7d707a16f1d63fe30cb9aa6a768f1ee49e3d1aeb480edc321bf9997629799c7e572216845413f084088b0807f2e3c24afa401c360f0fe5508116a1dbe13557bef168157822084cae54e15bcaa0e9d7b3538265b52f66106f12f46c03cb12acd514478c067660efac2276103bbbb5a3907b62f48a146188e5228c145b61578b57033ebcc51c2cce3cec391c78a6777f29ab8ca7f9877dd20c6a4b8184ac8d1530c5b1576060595b30081c06dc758a91623650ff7dfb2658b0c270084138662785305ebe2e4460a2f6a0d2bb0595b2059cc53795b543c3475ae2c04a06901e1359c0be5c96f6c82985a5d02c43ec4579a632331922581e01fb17fcc65a22c9c3a53ab4d3c0d17bcca89ad80fdf4e302ee42d1eecc9ec3c0712be56592930e8cbc3f8295d7e3fd4a32000500f900ad000000280002013a6cd8d051d274f22300a6f76d6f4e1b2674a66534437aaa4d7897ccbecdb672eaf3555308000c01040000000800ef0008000000"], 0x410}, 0x1, 0x0, 0x0, 0x24008884}, 0x4880)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
process_vm_writev$auto(0x0, &(0x7f00000011c0)={&(0x7f00000001c0)="42777dd1330b458d0b5c44ca32e94fc00cfbce962ee7d8f31c0f90c327830f55adfdceafcc0f7b5a21ea23bdf5344d47d49d60218e57bb33118d04fdd37f5fd17f96a318132a5dd282784244bd58b9a0c8adc60d2f8535b3", 0x8}, 0x7, 0x0, 0x7, 0xb5)
sendmsg$auto_TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000002a80)={&(0x7f0000000200)=ANY=[@ANYBLOB="18000000", @ANYRES16=0x0, @ANYBLOB="01000200000000006bbc9d65365cbf8013"], 0x18}, 0x1, 0x0, 0x0, 0x4000094}, 0x8080)
r4 = socket(0x11, 0x3, 0x9)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48})
sendmmsg$auto(r4, &(0x7f00000006c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200)="4c0300000000000000a3677337f9eca9075f6bba441b", 0x49}, 0x5, 0x0, 0x5, 0x1}, 0x5}, 0x2, 0x100)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x5, 0x0)
getsockopt$auto(0x6, 0x40000000029, 0x4a, 0xfffffffffffffffe, 0x0)
connect$auto(0x3, &(0x7f00000000c0), 0x55)
r5 = syz_clone(0x8088a311, 0x0, 0xffffffffffffffa6, 0x0, 0x0, 0x0)
migrate_pages$auto(r5, 0x9, 0x0, 0x0)
setpgid$auto(r5, 0x0)
prlimit64$auto(r5, 0x0, 0x0, 0x0)

2.819950487s ago: executing program 5 (id=3042):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0)
r1 = openat$auto_nsim_dev_max_vfs_fops_dev(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim3/max_vfs\x00', 0x48002, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/006/001\x00', 0xe8c01, 0x0)
ioctl$auto(0x3, 0x4004550c, 0x1)
write$auto(r1, 0x0, 0x1)
ioctl$auto(r1, 0x80385509, r0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = socket(0x2b, 0x1, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup/irq.pressure\x00', 0x80, 0x0)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000400)='/dev/dri/card0\x00', 0x80400, 0x0)
read$auto(r3, &(0x7f0000000ac0)='vlan1\x00', 0x5)
bind$auto(0x3, &(0x7f0000000040)=@tipc=@nameseq={0x1e, 0x1, 0x3, {0x2, 0x2, 0x100000}}, 0x6a)
sendmmsg$auto(r2, &(0x7f0000000440)={{&(0x7f0000000480)="2924ba690205216ee6eea1361c6eecfc845414ecbcdf77439e3e7b0e05dfc82bda49e30251e0149e64f039be4ef970b6844ad8a6833a33b352c4896711e64ae928fb6742cdc9245ea5b058bba4945668905ffdf9e719247de1851415661dd621a03d1f30a6499a49783f23fe8a08b46b0a211480faa62a112bb8255eb27f4313cb77453f22772fcb08c57190b228bc763b8d136cac5bf9ef2877dda8e114a9a7be95d27d9db35f58c0e2f2ff3e2bdf2d3e11935158c1db95000000000c3f69c3ce07a269da3625031a6d05301d29b76cd1d57a419f18f0339673749d53e9c77c3cb3dd838956c34634a1dfbf523276476361a2a081776e8e8ccdb57cbe4f4e623c7e5d75a69ea6bb0487e2bc1e726ea87504f61e6bd4a8a8102ce0e2f38a47eefdf3ed5561ba3e6cc293b87645de3c8c1d3a41ace2da896338db76ceb73b7262de2701d45eb136cd3fd6601125fdf43805261dcddcce12a7ae711cdeaab775ac553abaeedf8e896fdd3f85f4e07a1d52816228fb64a40bbc4bba231dec31", 0x1012, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x200, 0xc2)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ttyu3\x00', 0x181403, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = semctl$auto_SEM_STAT(0x8, 0x9, 0x12, 0x4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="1b0026bd7000fddbdf250300000004000800080003800400128012000100898771f1c19f17790485908288470000040002807f606495a46a293163c920bad980c4be1d22ed032e30d0378b0717fa9a17bfbbeb31b49d44b50f38e91d2ac27b6f93428d5c787fd65172248c8ff08157abf511b7382e2bd5745676cfe5bb5f47fa2d73639795dfc6123bf940c7f8c0782a7ee216a094b1aa7bc0484b19f61e3522f1f456ab9fbbaeddaade430af34366fbca2abcce81440f02c885dc092cc9730daea158a522b559638ad4f2e2ffd57e95097f85c8157a0ceb078d10baa62c21ff6b27d6b92d044b8fc3702287249201595e3daccdcc94348ca48fecd0cb7b15d57571e6e3939de875dbebd6011524f785543d23f48f70c81bf7aedd915081e4b9dfd94919c501d365a678e549a79f786371cec187e0b6a8c430d1a4555b72d00e009853cbc147346a62b61c4c7c68712de287ae4e"], 0x38}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
rt_sigqueueinfo$auto(r4, 0x7, &(0x7f0000000080)={@siginfo_0_0={0x5, 0x5, 0x7, @_sigsys={&(0x7f00000001c0)="1d657c09d10d609510c641616617a286c9c77607b39cf1d2e0fe85b038419559a924ef90a5ea4322addb5e488531ba073efbdac2a2e4d460c397c94a6b95d3a853556f5b563c338cc7ce449cc3d5e1eed456a8fe65442bc9c1ed70ab374f6ba7", 0x4, 0x5}}})
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
shutdown$auto(0x200000003, 0x2)
socket(0x15, 0x5, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x55)
mincore$auto(0x1d, 0x4, &(0x7f0000000100)='\x00')

2.801096475s ago: executing program 4 (id=3044):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x3, 0x8)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
socket(0x29, 0x5, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000001440), 0xffffffffffffffff)
sendmsg$auto_L2TP_CMD_TUNNEL_GET(r1, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001480)={0x14, r2, 0x949398432f28d783, 0x70bd2d, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4040}, 0x4040)
ioperm$auto(0x8, 0x5, 0x8)
getpid()
r3 = open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2)
open_by_handle_at$auto(r3, &(0x7f0000000040)={0x8, 0x2, "0200000000000000"}, 0x2)
clone$auto(0x8001, 0x4000000000000a, 0xffffffffffffffff, 0xfffffffffffffffc, 0xb)
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/kernel/numa_balancing\x00', 0x2002, 0x0)
r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/team_slave_0/rpl_seg_enabled\x00', 0x20202, 0x0)
sendfile$auto(r4, r5, 0x0, 0x1)
close_range$auto(0x2, 0x8, 0x0)
r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000bc0), 0xffffffffffffffff)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x181881, 0x0)
mmap$auto(0x0, 0xb, 0x6, 0xeb1, 0x3ff, 0x8000)
write$auto(0x3, 0x0, 0x3f00)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000003480)={0x0, 0x0, &(0x7f0000003440)={&(0x7f0000000000)=ANY=[@ANYRESDEC, @ANYRES16=r6, @ANYBLOB="010026a19801fcdbdf251f"], 0x14}, 0x1, 0x0, 0x0, 0x20000044}, 0x44800)
msync$auto(0x4, 0x2ce, 0x2)

2.70731405s ago: executing program 4 (id=3046):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x18, 0x401, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$auto(0x3, 0x10e, 0x2, 0xffffffffffffffff, 0x3)
getsockname$auto(r0, &(0x7f0000000d00)=@sco, &(0x7f0000000d40)=0x4)
socket(0x1, 0x1, 0x529)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000380)=ANY=[@ANYBLOB="4debe16aa20000ccf6f5c92b5fb94a5a8d67c55e23944abd3502146a06ba127ab29c346d967d77fd56ff", @ANYRES16=0x0, @ANYBLOB="01002cbd7000ffdbdf250a000000080003000100000008000100ffffffff"], 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x24008050)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00211459a600fbdbdf250200000008000300000000001b0004"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/memory/memory15/online\x00', 0xa001, 0x0)
write$auto(r1, &(0x7f0000000140)='0[.[\x00', 0xcd04)
getpeername$auto(r1, &(0x7f00000000c0)=@l2tp={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x16}, 0x3}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000001100), r3)
r5 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100)
sync_file_range$auto(r5, 0x0, 0x1, 0xfffffffc)
read$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(r5, &(0x7f0000000180)=""/80, 0x50)
sendmsg$auto_CTRL_CMD_GETFAMILY(r3, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000001140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="01002dbd7000ffdbdf25030000000600010030"], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x20000044)
r6 = syz_genetlink_get_family_id$auto_thermal(&(0x7f0000000200), r3)
sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TRIP(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB='\t\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010029bd7020fddbdf250200000058000b00d101da3e0c9bece53a64a0d36912b479f3dc8a538c590000000091621c0e4c52e2e86cfddb3dd057369560d8c2c9c83402ecd4ae7a66dd54249853a29918842a485552937e9ed0e9ea6f34b2d3f003470e3baace"], 0x6c}, 0x1, 0x0, 0x0, 0x4000080}, 0x0)
r7 = socket(0x1d, 0x2, 0x7)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'vcan0\x00'})
bind$auto(0x3, &(0x7f0000000040)=@isdn={0x22, 0x2, 0xae, 0x5, 0x2}, 0x6a)
sendto$auto(r7, 0x0, 0x6, 0xfffffff8, &(0x7f0000000440)=@can, 0x36)

2.152521733s ago: executing program 0 (id=3047):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0\x00'})
close_range$auto(0x0, 0xffffffffffffffff, 0x2)
socket(0xa, 0x2, 0x0)
futex$auto(&(0x7f0000000080)=0x1, 0x9, 0x1, 0x0, 0x0, 0xfffffffa)
futex$auto(&(0x7f0000000080)=0x2, 0xa, 0xf3b, 0x0, 0x0, 0x440a48ce)
r1 = socket(0x18, 0x5, 0x1)
connect$auto(r1, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a)
r2 = socket(0x18, 0x5, 0x1)
connect$auto(r2, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a)

1.992284387s ago: executing program 0 (id=3049):
r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0)
ioctl$auto_USBDEVFS_SETCONFIGURATION(r0, 0x80045505, &(0x7f0000000040)=0x5)
r1 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/pcmC1D1c\x00', 0x101102, 0x0)
ioctl$auto_SNDRV_PCM_IOCTL_WRITEI_FRAMES2(r1, 0x40184150, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/misc/cpu_dma_latency/power/autosuspend_delay_ms\x00', 0xf2c01, 0x0)
pwrite64$auto(r2, &(0x7f0000000340)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88d\x11\x00\x00\x00\x00?!\xff\xff\xba\xae\xb8-\x14\xe4\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\x00\x00\x9f\x1e\xf6\xa4*\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e#\xae\xa9\xc5\x93\x1dD\x811\xb9_\xdd*j\xfd\xeb\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;\x9e\x83\x120\x81\x11\x9a?g`sFh\x00\x00\xda,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xdex\xd8\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/228, 0xfdef, 0x2)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)
r3 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/extfrag/unusable_index\x00', 0x200, 0x0)
pread64$auto(r3, 0x0, 0xa8, 0x7)

1.985935103s ago: executing program 4 (id=3050):
madvise$auto(0x4000000000000, 0x8, 0x200)
brk$auto(0x9)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/stable_node_dups\x00', 0x20000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000280)=""/222, 0xde)
syz_clone3(&(0x7f0000000080)={0x123060000, 0x0, 0x0, 0x0, {0x14}, 0x0, 0x0, 0x0, &(0x7f0000000180)=[0x0], 0x1}, 0x58)
openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, r1, 0xb3c1)
r2 = socket(0x2, 0x3, 0xfffffff1)
mmap$auto(0x9, 0xfffffffffffffff7, 0x7, 0xebf, r2, 0x8001)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x3, 0x6, 0x0, 0x10000, 0x1, 0x2, {0x2100000000, 0x10000}, 0x1, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000004, 0x83, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x1800})
socket(0x2b, 0x800, 0x7)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
poll$auto(0x0, 0x2, 0x7)
mmap$auto(0x0, 0x1, 0x4000000000df, 0x40eb1, r1, 0x300000000000)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/lapb0/phys_port_id\x00', 0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000080)=""/71, 0x47)
socket(0xa, 0x800, 0x84)
open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2a, 0x2, 0x0)
ioctl$auto(0x3, 0x5411, 0xfffffffffffff4e0)
arch_prctl$auto(0x2001, 0x2)
socket(0xf, 0x80000, 0x7)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/ram0/io-timeout-fail\x00', 0x2, 0x0)
write$auto(r5, &(0x7f0000000100)='9\x00d1L\xff\x15\xba\xa17=(\xc1\xf8\xff\xff\v\xb5^\xa1/[', 0x8)

1.943466176s ago: executing program 1 (id=3051):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/loop10/queue/atomic_write_unit_min_bytes\x00', 0x60240, 0x0)
read$auto(r0, &(0x7f0000000340)='/\x00\x9br\xbb\xf8\x92\"8\xb9\t0\x1c\xe9\xcdiN\xa5\xf1\x00a\t\xc3.\x9f\xaew\x83\xd0\xde\xe0\xe9DLk\xb7\xc0\xc1\vv\xaa\xe7\'\xd7\'\xf1nL\xf1\x86s\xa2\xb0\a\x1e\x81Qa\xd7R\x18R\x86bo\x87$^\xa4:&M\x99\xd0@#S\x05\xb7\x0e\x7f}\xf0\x1a\xa4\x85=\xc4=\xb7\xf2\xc1\xcfQD\xea\xda\xf6\x03\xa8\xc1$\x0f\xd2K\b\xcd\x1c\x12\xd7\x8dFz\xe0\xbf\xad\x11a\b\x18\xaf\xa5\xf8\x8f\xc8\xcb\xbd\xb0K\x1b\xca\xc5M\xfb\x14\x87o\xca~\xbb\xce\x18\xb1Y\xda>\xbc\xdfI\xef\xaa\x81\xe8=br\xd1\xe2\x9b\x0e\x1d?,\xe0\x05\xdd%<\xec\xc3\xe2C\x9e0\xc6\xa2\a8E\x93{\xbe\xe0Z\x13\x1d\x0fB]n\x87\x89\xb8\xf1\xa6xo2\xe8\x94\xd8\xb3\xec\x9f\\\xac\x10!\x17&\x13Ik\xa5W\xdf<\x01Q\xdc,S\xc9\xbe\xf5\xc9s3I\xc1\xda\xf8\xa8K\to\xa8\xf6\xe6U\xd0\xee\xe8\a\xc2\x84\xd1\xe8\xf2\xff0n\xdf\x14\x91*!\xac\xd3g\'w`<\xd68i\x13\xa5,\x1d\x12\xd6\xcdjw\xe7\x98\xb9\xc5\xb2\xa0\xebu\x1d\xf5\x03\x84\xb2\xe3\xf6-.\x8e', 0x179)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r1)
open_by_handle_at$auto(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x9}, 0x3)
r3 = socket(0x11, 0x3, 0x9)
sendmmsg$auto(r3, &(0x7f0000000400)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000440)="661b0cbd4aeb33a218", 0x49}, 0x1, &(0x7f0000000200), 0x5, 0x3}, 0x5}, 0x2, 0x100)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000500)={&(0x7f0000000000), 0xc, &(0x7f00000004c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="739f10bf", @ANYRES16=r2, @ANYBLOB="00022abd7000fddbdf2521000000bb03b20041d36283edcbdb4a8eec2a6741ce0f8d0718600454a05a0b504c9489a51433b29c0aad1e5e8df735ca0083433f79e3eabcb3ebc4c7d1040e665c0f384f927e99f5c2fbb40ea40ab4c198a37972615ab7c7d4f78e2270cfeb5167070c8d8453e61931e04f11f2fc3b22334e8a7659eb6608236aa50001441e05a8306dc53ccb5680e6b67fb5b7582a8d98dbc9c81bd2b053e092dfb125361054f77c496a5b8583adc6334d5c205e4aca2e80cea1ac2a58812eb4a6578f9423f9b8e8ce611723e5839e02c8eca35b88cc5e99711b3d5ff80befc1b93da676cd4db27a7ac19f7fcd4da9c120ca91456bb3b31d221e03ce756d2a70c1274d0e9aeed6ffdec337e825aae46eb2c8cc0409c4fa34e8596079671fa54616b3ccb187c704d03e707c5ca1b69304a4de69775cc636510188be66132e1b7e0da7f0c04897ac0a285381afae6dda17c5fd53a30d2cb49af7ec6624ca5038b2053549ca445c65072ce91f89148d42c3c768def92dcf90c922f372f4c48147c86d8bbb3675505d23d95ceb3a231bdda84c5ff0ca6e8b6d57d572555420d6faa6dbe30e6027f61ef0353e101d9d2ada23d16f1dee21a874f2a9e83d967220734ffe0219e5de1b9248b96915e7f316b1821f40abe0a6e54ee4d2d224b4516fdb9d3e09dc64966bf67396571cfe63e5e0b540d8e96d2fe5ba515fd4b55aeffbfb4426b94488fa417715684d5def043626f93338c0d40ba8f9284f540d1619c8b7acd48297f9451ea72e8a725b006b53bcc85f1ee6b3ce45f305b82949d5bb4ed71520201f5973e262f5839302e5da7b20bdf9fb957c362cd296243834216f0aa98c70306be932cfb80fa068cd7c659eb2bb9fd11093593186cd48fbf9ac902cee461868c2ea497a64196e36272590cf2f6527fb82f10176d4a0625340d5f7d707a16f1d63fe30cb9aa6a768f1ee49e3d1aeb480edc321bf9997629799c7e572216845413f084088b0807f2e3c24afa401c360f0fe5508116a1dbe13557bef168157822084cae54e15bcaa0e9d7b3538265b52f66106f12f46c03cb12acd514478c067660efac2276103bbbb5a3907b62f48a146188e5228c145b61578b57033ebcc51c2cce3cec391c78a6777f29ab8ca7f9877dd20c6a4b8184ac8d1530c5b1576060595b30081c06dc758a91623650ff7dfb2658b0c270084138662785305ebe2e4460a2f6a0d2bb0595b2059cc53795b543c3475ae2c04a06901e1359c0be5c96f6c82985a5d02c43ec4579a632331922581e01fb17fcc65a22c9c3a53ab4d3c0d17bcca89ad80fdf4e302ee42d1eecc9ec3c0712be56592930e8cbc3f8295d7e3fd4a32000500f900ad000000280002013a6cd8d051d274f22300a6f76d6f4e1b2674a66534437aaa4d7897ccbecdb672eaf3555308000c01040000000800ef0008000000"], 0x410}, 0x1, 0x0, 0x0, 0x24008884}, 0x4880)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
process_vm_writev$auto(0x0, &(0x7f00000011c0)={&(0x7f00000001c0)="42777dd1330b458d0b5c44ca32e94fc00cfbce962ee7d8f31c0f90c327830f55adfdceafcc0f7b5a21ea23bdf5344d47d49d60218e57bb33118d04fdd37f5fd17f96a318132a5dd282784244bd58b9a0c8adc60d2f8535b3", 0x8}, 0x7, 0x0, 0x7, 0xb5)
sendmsg$auto_TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000002a80)={&(0x7f0000000200)=ANY=[@ANYBLOB="18000000", @ANYRES16=0x0, @ANYBLOB="01000200000000006bbc9d65365cbf8013"], 0x18}, 0x1, 0x0, 0x0, 0x4000094}, 0x8080)
r4 = socket(0x11, 0x3, 0x9)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48})
sendmmsg$auto(r4, &(0x7f00000006c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200)="4c0300000000000000a3677337f9eca9075f6bba441b", 0x49}, 0x5, 0x0, 0x5, 0x1}, 0x5}, 0x2, 0x100)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x5, 0x0)
setuid$auto(0x800000000008)
connect$auto(0x3, &(0x7f00000000c0), 0x55)
r5 = syz_clone(0x8088a311, 0x0, 0xffffffffffffffa6, 0x0, 0x0, 0x0)
migrate_pages$auto(r5, 0x9, 0x0, 0x0)
setpgid$auto(r5, 0x0)
prlimit64$auto(r5, 0x0, 0x0, 0x0)

1.855200282s ago: executing program 0 (id=3052):
socket(0x2, 0x3, 0x2)
setsockopt$auto(0x3, 0x0, 0xd3, 0xfffffffffffffffc, 0xfd72)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/nbd6/queue/zone_write_granularity\x00', 0x0, 0x0)
mbind$auto(0xd, 0x8, 0x3, &(0x7f0000000000)=0x6, 0x0, 0x7)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000001680)=""/59, 0x3b)

1.819842033s ago: executing program 1 (id=3053):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000400), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'wlan1\x00', <r2=>0x0})
sendmsg$auto_NL80211_CMD_GET_INTERFACE(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000700)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="010b27bd7000fda5c5a62073660008000300", @ANYRES32=r2], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4040080)

1.776479556s ago: executing program 0 (id=3054):
r0 = socket(0x10, 0x3, 0xa)
sendmsg$auto_HANDSHAKE_CMD_ACCEPT(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4040800}, 0x10010)

1.686022961s ago: executing program 1 (id=3055):
lstat$auto(0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
setresgid$auto(0x81, 0x800000a0, 0x8)
statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0)
io_uring_register$auto(0x2, 0x14, 0x0, 0x3)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
mmap$auto(0x0, 0x400008, 0xc, 0xf1, 0x2, 0x8000)
remap_file_pages$auto(0x1, 0x1000, 0x0, 0x8, 0x10007)
mmap$auto(0x0, 0x8, 0x1000000004, 0x13, 0x3, 0x110000000)

1.669599599s ago: executing program 0 (id=3056):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x11, 0x3, 0x2)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
pivot_root$auto(&(0x7f0000000040)='..\x00', &(0x7f0000000080)='.\x00')
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x33a00, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x6, 0x0)
mincore$auto(0x0, 0x12, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000180)='/dev/tty31\x00', 0x101a00, 0x0)
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000)
bind$auto(0x3, 0x0, 0x6b)
r1 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000280), 0x22600, 0x0)
read$auto(r1, 0x0, 0x0)
recvfrom$auto(r0, 0x0, 0x101, 0x100, 0x0, 0xfffffffffffffffd)
unshare$auto(0x40000080)
socket(0xa, 0x3, 0x3a)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
semctl$auto(0x201, 0xfffffffffffffffa, 0x3, 0x0)
ioctl$auto(0xc8, 0x400454d4, 0xe)

1.10403624s ago: executing program 1 (id=3057):
mmap$auto(0x0, 0x2020009, 0x8008003, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_clone(0x5000400, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4$auto(r1, 0x0, 0xc0000000, 0x0)
kill$auto(r1, 0x2)
bpf$auto(0x4, &(0x7f0000000000)=@bpf_attr_11={0x40000000000007ff, 0x9, 0xa6, 0x9, 0x10, 0x4, 0x4d08, r0}, 0x6f4)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xf)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_udc.5/udc/dummy_udc.5/srp\x00', 0x60301, 0x0)
r2 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/input/mouse0\x00', 0x200800, 0x0)
setsockopt$auto(r2, 0x2, 0xf, &(0x7f0000000040)='/*:--\x00', 0x1000)
acct$auto(&(0x7f0000000080)='/dev/input/mouse0\x00')
r3 = openat$auto_clk_summary_fops_(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/clk/clk_summary\x00', 0x2c2000, 0x0)
lseek$auto(r3, 0x4, 0x1)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000100), r4)
r5 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$auto_PPPIOCGFLAGS(0xffffffffffffffff, 0x8004745a, &(0x7f00000001c0)=0xef8)
r6 = getsockopt$auto(0xffffffffffffffff, 0x9, 0x1, &(0x7f0000000200)='/dev/input/mouse0\x00', &(0x7f0000000240)=0x2)
shmget$auto(0xfffffffe, 0x9, 0xc2f2)
io_setup$auto(0x7, &(0x7f0000000280)=0xc5)
r7 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000300), r6)
msgctl$auto_IPC_INFO(0x2, 0x3, &(0x7f00000003c0)={{0x7fffffff, <r8=>0xee00, 0xffffffffffffffff, 0x9, 0x800, 0x3, 0x5}, &(0x7f0000000340)=0x5, &(0x7f0000000380)=0x5, 0x1ff, 0x8, 0xffffffffffffff00, 0x2, 0x3134, 0x0, 0x3a0, 0xa9b4, @inferred=0xffffffffffffffff, @raw=0x800})
lstat$auto(&(0x7f0000000440)='./file0\x00', &(0x7f0000000480)={0x5, 0x5, 0x10001, 0x0, <r9=>0x0, 0xffffffffffffffff, 0x0, 0x10001, 0x101, 0x1, 0x0, 0x6, 0x80000001, 0x3, 0x5, 0x6, 0x9})
stat$auto(&(0x7f0000000540)='./file0\x00', &(0x7f0000000580)={0x2d4, 0x0, 0x1000, 0x3, <r10=>0x0, 0xee00, 0x0, 0xc, 0x8000000000000001, 0x405d, 0x7fffffffffffffff, 0x8, 0x111, 0x4, 0x2, 0x1, 0xfff})
sendmsg$auto_IPVS_CMD_DEL_DEST(r4, &(0x7f0000001b00)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10010}, 0xc, &(0x7f0000001ac0)={&(0x7f0000000640)={0x1444, r7, 0x20, 0x70bd26, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x2}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x401}, @IPVS_CMD_ATTR_DAEMON={0x118, 0x3, 0x0, 0x1, [@typed={0x8, 0xce, 0x0, 0x0, @uid=r8}, @nested={0x10b, 0x2, 0x0, 0x1, [@generic="641541e145e7ac1e86889a23223713cb110a9478930622ca3408bfe2a8aab9fb210866218e7b145683004320e38eac6081f5263f7c24bd0a7c62038890ef18373fb0c273492617d8b3ea2e55c0e8d77c88a182f16113a2658fea0ad55939b9857d12d2250e4d564b0f4f4e9c89e7ff856494e604e0f78bad679bc7948a4fb0fffee6a6cffa440d6c8981fb0412b31e7bf386a0c640dcf78ad057062fbe35d9956570bbd3d697963e6d9f50d4113548d1792cdcb80bb8697ce65b9de800703d7c0b8476c17cb4a9e7239a48872201a485695e9ca29167a866c839b71ad8eb94", @typed={0x14, 0x3a, 0x0, 0x0, @ipv6=@private2}, @nested={0x4, 0x10c}, @nested={0x4, 0x46}, @nested={0x4, 0x11d}, @typed={0x8, 0x97, 0x0, 0x0, @u32=0xf}]}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7}, @IPVS_CMD_ATTR_DAEMON={0x12e4, 0x3, 0x0, 0x1, [@generic="4c1eef47dd9f504056e0657a6cbc9c4c7c495a543ab9c90c671b4c5cde9729e9feb0dc65505f2344177f3052a62f", @nested={0x116c, 0x92, 0x0, 0x1, [@generic="a764a55b9bdd4689d741d029fa4cb83471088574337f367304362d6eb6753d330cad4270fc04a5541c0bfd040c0d1cec9b00ba1db644da3d70b0b4b372edd9663d53ecfff9b9835d03be1f14df0e24c71d7d7e7dd4ef9e416d129185fc0aebefc6a9ddcb1dcb932259b42cccfdeac78b91fcf34a77d633fe22fc46c9e029f012d6f060d9fd32ec29e31293916c9d02b0ac3e560d500e2246632115244975f2242c96a056e5a6038b8b5ec0f13146f55ebd7e9b08808acab7675f680b36cf526e7c367e93f7f6bd1e06380e60db7b5a4a3262c58d38efa06660ea00527117e3", @typed={0x1004, 0xc3, 0x0, 0x0, @binary="7b5da1da58877b71d05d22b70c77aa115d5b769ea069d489acb4aab7a74fb1b6b1a42af788d5f880178f89f19e2e6054c972acecaecbd6d7976f7f08d86f2c89b43f41db848b8a57bd91be998d8c54a17091ea11ed1378486855e54bce29ed70ae9b5941e71e73aadd6dfafdcc367c7fb1a6b5a54e00bfa84ed68304add31b02770241d0e1828504177c1bf1dcc86b2b2d58a8b5f67ff40ee34fe860d6a33c9f08ca40a1a6a4bbbd14fb218555eecd697bf22e0e2e6a58120790c56be70dda805402e9960851ee5a48527e94cca80a4d172936fe32e560bc5bd84ac0c290d9198eb437568588ee1d182daf81cff5d600b91afa8d5520ce65023c0fc6bcefef7b278e4dc98c2ee99034ed72acd2a5ed33d5e65b6d6e391e8a65cd1dc510cef4809562dab96d052e6fa73296037700f9fc504bb88d7ecb14fc1ee30eb83dbc1da73169c2ed438e305143540bcb8421c981c46e094d439fd8e73554baa7973e68baf1d0b52f286c44caef976d45e44d9ae1d733da08218f821905784b4186a3784ca9acf36dd9c009441c8155ba77b10a48712e777e03ed30c7741481c046f9d369303a65c5a29180af2c9a93c29d4753f1527ab81a08e4f7a7bd0eb4a4e258aced7d5a0053d64ce7d790db7f64ad54206c06500dd485cffbcb25661d12b7265c37191513fd89c4e25406d3af7dbfe48c1fe36ede28685c794ef616609caab3086a9226b7fc3d015f2572534a310c201105a0710340edb9c58ae61a9476375e03ae25072c51cc2bb7b993e658e87c782d5d8ccc322d27ea3bad039e2853217e38075c2cc613d7b12dd98957d3af1e9ea71ef9a380a634bc39cad470f350c3ba6644de664961d4be11a844580cc71f414fc515686f5599fdf6f07f994e149495044c85022b62dd190f9aa88f6ae96fe7f842bf5599a139b097a0b39b8a2e29a33bbf88b209fc0a8e44ed5933ad0e4c9a9a44fa1b4b53d81adae80511e561eb8bb7028cacbb9f387b8ed415b70b81db5ed75e9433004e5395f436ad14df2d38c857976e4721ee560ad412484157fada23528a8fc2cb0a7d7ed2c5a3ef338621fb8494ea231084cc24198d49189bb58a781c845cc034e667961466b538be323fe7a0650789070c91dc130edc65af611e41ab1bd75b055e372de71392dea61b785691bc12c423b7b5150754dab220f849f87ef22156b91b33a5163015981d909f0d1acfac476d0dd51d4c6db8461cc6f6b1ee3b2a39d3b79af3497676611d1d9513c2e528f021dd5ac76c9d23159cc6158e9154973e90a92df1162e7eb747a7a58d8e29ab8142dc306a02dbf4bf670f50f224ff2d91ff4d9ce2757a4213da454db5548c14b04b73c01ce5c97f7257c9ae866c8f3566b4dd2fbb94934d60f8922454ab800b88a1da0f5cda10b703ce57de4311c8c6e6c624dc87d24926c9019df4ae8c82c4f5876d9cfd2dff5f37b1d1ce75ecd70ea23e1868c4ccd69cfebc7e0e37669adf5c130b324e6ea441359c6b865f53a7b6155d8cdc8da73974fa7766887a78c530eb588f221982eee6425c66000476752bf0ec8b132f64fe6b3a4ecaab52621118d953f71c92ca898360ca2ab0b012ba40b0875ac69aa733874cbc5324f95f1342578ba0e252acdc5dce499a95c3714eb25a1d48c796746f3c4c69be444d95ed815d51675a5bcba086516766454dab88cd2b2876986a34d64be8102acab637036577f3d40bad8abad24fdbf9879c7b69f48306e471b60d6463ce87ec5eb2d2f29261c992f73e563d23b74968791d966ad6a42ada8ba7fd8eac4132f7fa1a02997ad0e3d0b321752b7cd4d84e378ef2879d0f49608776e5331145989c5d86777983ca427794f699e18ea87f98dce696fbcde0ab67a127841cb82162d534ddf7c2eed704b496b1a0ef7acbf5518ada050888fbf5d60ef5df25dd1ac87d61849960993b74b8b02dbdae1606f0d943c7d6bfd14dbfba8e31f880c142920a1251151a4447bd1936d9a8849837aeda95d015376f48b5c2cdca653fba03e9c2f026808312d511d35ecfea4f225c44b3b7c340b7443a78850d718be139a4e10674601c58d03a38fd94e5d8ec1c68ae06dbb8f1623d392e8dc75424011bf06c700d4982a35a166060acdd54317a00949d7af0076930220af6830e6dd4f56b5feff6084741ec18815b448d82f14d135082ea1f19302b7a1d7fb3289bb73f571a25048b1a0737e883097d6d3f65a5680e4723c916ade038a87133298ae642873aa4ec8867a2836ebabbc47b383c208678411845a6bda8b5fce03b69fac7b97c68e900165dcafe0f6891d43cf53f5d8feb96f24e5ba803d754dd7d7c0459acd385fe11aa62b61be558f108fcd53ab55ead196a65f8cb2fa1d399a7de131c7e109d37550e964522c7d7d8db4fb94c811669eac7669cab73fe612502c3cd558a7027ef051ad4589097329518d8fa0e4104ce92b6861a5c085895ff973b186039d8bbd3003bcc33bac8d911e0743181cf658a01347f9734fd775f27f7214d917de4bed9ea10de88c6828965514faef3265cd1a53ca291146d148f19c57863ceda5e3e1b3822227fa71e4f282d3ee26e071a50a1c27ff50f8a3dcdf4bf8bd1a3342d556dfaf5bca80ea9cb9fb08967ae9e8befb4c182f23d46ad494662c10ae47e527e735b1bdf218d8c86af01b094779b91caa077f29dfada4770f008ba6f0684f52c481c6ac7df73464fe9d4165e92012c6c62e4a7a52f96c74df9198d198e5c1834e2f76128e7a233566a4a47ce8de8736228115a171e41189ee5cebb7597664a94cb6e60c735e6e8b71153bf71e35c7a496bb7dcd9a6a55051c0c61158bc51d40ee0e4cca15ea3c672ccd840c0b197e8b351a315723b7b708aa7dc46b4ec85b9277b28b402aa0a0f4abdf6e1706fedc197769c2bc822c33f0897d7dd30e8970862460559fa614fa51123fe9d65803688641ad329855fb9d6ac177d523ffe5f738b5eea44224f25eb9e79d214bc4ca3c9cad05d025eedca199f4fad1d5d5c1afe7be5bd08c4df55c7098dd4e5b358f8cfd46993754c0b9caa0b39d79c68d4ceb5b7ce2c92fad5e35d51ed5d481f156f933d4f123217a8181bb782135ffda0193cd058ea4c4a299e5182117551ca3915d4594c289d1fd09d9e1491d3450e8709505d623e6f25162eaaaa7221c4fbd22652e0861ac909ca0d3bc6348e57191eb6e2795b151992f58cfd425abd9c4b0e1bfeee7846dd98d100765f19aaec5c3ec1351f0860395b9503534866f795923503efa3eee1c45f76a96b354d81c437fadf15b19d90718359b9f6d4206fd2ec72ec659a19cd20b503bae5a4a95f17fe9e58f25b6455a05d3f2892e78d8cafd40f63e974bfdd827920c78413959a1fa53a3061a2b5e13b8b2570547ef19e5c1183b9eca3b8874e1d31f3e5e1ce0638b48eb637ea0c8bb6f4f429ebd33977ba0b6fee1f57794e21a28513b05210792feb5342c4003844cfdb2651e3ba680b7a0d9b2c09f091dbdd8990d7e798e5d37f36488b9348b46807bead5c234e154268bca919d4f0d455dc69ff5e9e9ab22c91ca80c8529bfdf1e2a97c115c259a4becea1a4a22445e02ba4929bcd9f75be8d72aa82650e1e5da6ec43b0557e1aa60797945b2245d316377579cada23917226c2cf97f97bb124fa8fa465f617d880df3a79475298068796a1728a90bb79b31c88e3d46fa467fe66e7f58c92cb17de91fc895860c44ff79c8dcd9afb23ac3d3409b5ac88b649d74df2d843012420a770a8f92fbc8d83fe0a95d4f6578ec55cfce44a88c1c32a91182b06dd70509e06c6cb8ea161a51be361116adcad603518bb7b86ae3797d41be7071c770b12a2524357c8e1c0d945e3aa3bca63ff132688669d7279aa7eeae9aa0bcdf58e0756cca87d72f1760fddb29b4135a58685d25b2ab3c8a5fd1a31d674fb24d5daf8cf8fa4ca6391306a1ae30088ac197c9de38f9488c03561b7b2eaa4ce4e77a3fea6cadb2113f7c7f9c0983f93f61da19e9b5ef6e0082950f869ca0888e864657155adc1d3f534b601ed5dc5873078225960bdf26125e76ee8495820c5fa326eb6575377dd6aa3c34738c5c7e3f7fcf29455c69465e8acaa614a439d45de02cf818315965769e496c794661d356d6ef655fc4ceae056ea8ac6568b06403174539985b27bb40300e2635ffc9c6856a527cae68f76a0a11dd727ea75f94503e40b1638f005fc61c5458395ac43891394c8346c444c96fadf0bfc37699c6c82cfbbee2d0c497ed91133d6076fcb8d1afc43aae7ca47e158d66026c88911ea83d462ba1d5e0bd1b2baab74bf13e09d4c5feafbf0528e5a0e9fe143fe67d0b2edba45231eab307e4b80c47ac570b33ddbbcf1224beece3fa9dd3c534051141a79c85282e2b1dab181a5786e4dc790a87ec24e10a42eca69d08a6e65e0fb785d48463a7c0e1f7c9405c80bb4c8750cc361c7d1e474d4c6225fdfa1d1a4dfb21ba45d6b1d3a6d5e38b11ae28d7781c90710a8366103a9d865ef636057ec8ef5b1ab5376ded6cb775437a982815dfd3c88dad23fdd5ca24b6f8872b54a61b6d481f4f9604f99888c000911d2271f86f3b6d00f07a7536cf9cba8fa7b9f5ad3af1bcc14b8e8dbdcfd45c6b75c8fea320f7152ea4e714b29e093f79ad46e671f8ad25a8b5cd1a1be85d692ca8b7c0a39aa8cb7213497c2d8c9828fea427f80962b0d1457728d4e43ba473bdf69372798939b26eccd6bbb7548b2f7e60fbf547f7c812369b457fef46c31212fdd0a15dba249cff04e24ee1d75a3678ecfaa34c2c2b57e59bb0d9048e92e0b10e47958e1741466c4d42e0ba2984cd9777fce9f7d434b4b05c688af4005da1a27c97269d473a82945ec066c214d666212135c47701aa17b76298c1ec58ddd9aa5754da5a2062639cdbce78cc92c9d3b9691dbe98eb326cb39888720d48fa6135bc9ee1029aadc8ef78dc6063dee74acb3732c6aacdcd1c9af809abcf9c463b03fb20ff578190c7ac26ab535c6cd5420518da31af08230f5a673d433b6ddf394ea0e345b0387e17782464361285f26e479e275f1f37eae60c2477d87d8d52b57c56de82bd42f3e91dc9bded19aeab51637cb9090c3f5265ad2cafa6804e411c43bcc172f2ffc977d77149c1236e5b5178146a59337b6261e32aa6b72e9ef285e02f37ebe25601f156945bb602ea2f7bdec54d2e129a461deabf7f2d93c20d3ddade2454f52ab2ef83c3812677d8fbfa7467b19d37dfeed708bd8deb836e2df1bda806123e8189963b996ddaad93f5e57f91b56392e0f5e7c7449baf7096d3265475b5a40f64214fe9d2e0d6bf6f6df75c52d6ecdd2354f39fa04c8236476af9f8f30eaae33b3ed89f0008444955fa3c71087ae9efb29b46ff1913170ad1af4fdb2d2eba047795d032573d0867f2666665a246ffb3f858ceae7c1efcbfd286848b69101fce5ba5ebd7869aada81947e15c354b8bbcaefeb435ac567bbced0b16c62c7b5d290455800a94406145898ebbc989a3326b9f25722da58c65a980d788f930d50df3db47d5742ca7d444c7c6f12a0828404d932746687e6940f1a65eec727237c7b84b4cb5eac17a36811ef18c9dd6d36c4bbd3de98bc843706c3aea0ef845080e575b7beddcea0b6ec3dda4a6ddb74c533e6ad96e32ec7272693f73a6f4c726447bd3266235092455d9f4636a9d505ead794418d2ab515dd4d71d101074f478733417a6e9515f070e970cad8b1a2eb886ab8e52f63a37c1f59d262fa593c6e3d50a51163722cd92e0aad4a569b9f8ecc6a537e44969"}, @typed={0x8, 0xf1, 0x0, 0x0, @uid=r9}, @typed={0x16, 0x108, 0x0, 0x0, @str='/dev/input/mouse0\x00'}, @generic="fa85c33b35485f48c56c1535155bd58a67dec88c6322629e3b8ababc5f1882a23a0db66385d614a32fa9405b30028da2755c98bb526c41f638dec2f11121b436b817e6313e48c2a454d72c349c962d78d4acd21885782591b05223efaea6df4b8a7cc5fd6a"]}, @typed={0x7, 0x3d, 0x0, 0x0, @str='&&\x00'}, @typed={0x8, 0xd0, 0x0, 0x0, @ipv4=@broadcast}, @typed={0x8, 0x6d, 0x0, 0x0, @uid=r10}, @nested={0x83, 0x10c, 0x0, 0x1, [@typed={0x8, 0xa9, 0x0, 0x0, @ipv4=@multicast1}, @nested={0x4, 0xf9}, @nested={0x4, 0x10c}, @generic="f1c2d187c3af6ccd931bbb852dc4a309ae842b77dbd29cebb8d70973cf141c2ef0121515bf65d99de50f97e010ca8134e90bce10cb99b24e0e68216bdb2280747f61e2a2577a021a7baefb39ff765c8da549dc626f", @generic="56f7dbe8984b3d1c173f449a321f781d69a6", @typed={0x8, 0xab, 0x0, 0x0, @u32=0x3}]}, @generic="14a14a22ae4f02e1c3a1eeeabe8c372d70766bdfb64357cfa2de2a019a052a24029887448601d270a0a0c3d1ae2c04ec45e30d0b00f1f73868428ec2dc39b8f32efac82aac7a0cffe39d93f45556ae36a0", @generic="d093f1198abaa10ae2604b10eff35b0c7403659ecbd348efdab18e3ffd9d1c2f1ef4968625d0d7d478a724edb4", @nested={0x24, 0x148, 0x0, 0x1, [@typed={0x4, 0x7d}, @typed={0x14, 0xe7, 0x0, 0x0, @ipv6=@mcast2}, @typed={0x8, 0x42, 0x0, 0x0, @pid}]}, @typed={0x8, 0x11c, 0x0, 0x0, @ipv4=@loopback}]}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0xb1, 0x0, 0x0, @ipv4=@private=0xa010101}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x5}]}, 0x1444}, 0x1, 0x0, 0x0, 0x8080}, 0xc0c0)
read$auto_ftrace_subsystem_filter_fops_trace_events(r6, &(0x7f0000001b40)=""/147, 0x93)
fsconfig$auto_SHMEM_HUGE_ADVISE(0xffffffffffffffff, 0x64db, &(0x7f0000001c00)='IPVS\x00', &(0x7f0000001c40)="cbeb5a6edf6a99a087be28c85a49adbcd38c47287ff2bf8bfb9e229cad4940bdacb3ea10a2149a53a40d015e706f7d5e108bc0568249d48232f896f1525cb0e8833d9f3972ff1fb7402362f5579183285e785a27f309fd8b4460b6e4d26bd3e3e7306d45f1b37b72e81b84fa17fda7c010472c8dabe558ce232932ff2290fbe2fad49032fab9e9a523ee306c59344044b771f04780c111b3b09332989613494b1a1a", 0x3)
close_range$auto(r5, r3, 0x6)

795.46686ms ago: executing program 4 (id=3058):
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c0000005ecc0dff2cd4050000000000000031481de97c28ceea9076de95e55c0ec14d6ad0af0833ae146a020961a07c7fe633c1a9a0a0e771711ae870cfb2bea9223ae4c0b5247038baaa8e12110f9bd7c86675ff0e8efe236f9889a8e41d192b99b2cf63a6486c59377e39ff7d0ca4cb25c725fd62bc169ae2f8c837307e64ff58edc0b6017a4d7bcf94edb971bbcca0887a5116ebf6c8614736b604eca686cb3395940c6e6287906a22386d04098b345088ffdc697ff9dbbd80ec6058d6ba13b41808701a85f2276d149d893b66aea1b6b66bd7737c85f1385f3fbe53ff1182a7705479172f88ba0b2575f75049104ab8c2f312", @ANYRES16=0x0, @ANYBLOB="9bf22abd7000fcdbdf25010000000800090001000000"], 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x4)
r0 = openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f0000000300)='/dev/media3\x00', 0x220100, 0x0)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/snmp\x00', 0x0, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000040)=""/88, 0x58)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = fcntl$getown(r0, 0x9)
bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={r2, 0x4, 0x1, 0xb9, 0x8, 0xc, 0xffffffffffffffff, 0x2, 0x805}, 0x6f4)
bpf$auto(0x0, &(0x7f0000000000)=@link_update={0x2, @new_prog_fd=0x4, 0x7, @old_prog_fd=0x8000}, 0xa3)
bpf$auto(0x9, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x8}, 0xc)
removexattr$auto(0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mlock$auto(0x1000, 0x6)
mlockall$auto(0x800000000000005)
madvise$auto(0x0, 0x200007, 0x19)

737.873524ms ago: executing program 1 (id=3059):
lstat$auto(0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
setresgid$auto(0x81, 0x800000a0, 0x8)
statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0)
io_uring_register$auto(0x2, 0x14, 0x0, 0x3)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
mmap$auto(0x0, 0x400008, 0xc, 0xf1, 0x2, 0x8000)
r0 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fuse\x00', 0x88442, 0x0)
writev$auto(r0, &(0x7f00000018c0)={0x0, 0x2}, 0x8)
remap_file_pages$auto(0x1, 0x1000, 0x0, 0x8, 0x10007)
mmap$auto(0x0, 0x8, 0x1000000004, 0x13, 0x3, 0x110000000)

500.426243ms ago: executing program 1 (id=3060):
r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bus/usb/029/001\x00', 0x2b202, 0x0)
mmap$auto(0x2000, 0x9, 0x8, 0x8000000008011, r0, 0x0) (fail_nth: 6)

266.899829ms ago: executing program 5 (id=3061):
bpf$auto(0xfffffffc, 0x0, 0x6f4)
getpid()
openat$auto_vhost_net_fops_net(0xffffffffffffff9c, 0x0, 0x127282, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0xd2)
openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x14280, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x40000b, 0xdf, 0x9b72, 0x2, 0x8000)
prctl$auto(0x43, 0x17, 0x0, 0x100000000, 0xcf)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
r0 = memfd_create$auto(0x0, 0x4021)
mmap$auto(0xfffffffffffffffe, 0x25, 0x0, 0x9115, 0x0, 0x8000)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
ioctl$auto(0x3, 0x40246f4c, 0x38)
socket(0x10, 0x2, 0x4)
r1 = socket(0x2, 0x800, 0x8)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000)
ioperm$auto(0x3, 0xe, 0x2000000000000149)
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001)
chdir$auto(&(0x7f0000000000)='}[,&*}\x00')
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0xffe0}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
fsconfig$auto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
unshare$auto(0x40000080)
r2 = socket(0x2b, 0x1, 0x1)
getsockopt$auto(r2, 0x1, 0x3e, &(0x7f0000000040)='\t\x00T\xce\xb3O1\xa8\x98HgGKt\xc1\x91Cy\n\x106\xe3\xd8\x96\xe9\xf9\x7f`\x10\xbd\x06P\xec\xab\xd8\xb7\xb5\x9eW\x10w\xf0\xbf\x86\xca\x8bii', &(0x7f0000000080)=0x3)
sendmsg$auto_OVS_VPORT_CMD_DEL(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0xf7374674b920089e)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x181902, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/free_buffer\x00', 0x40600, 0x0)

0s ago: executing program 0 (id=3062):
r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bus/usb/029/001\x00', 0x2b202, 0x0)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x8f3b7a51b8162d21, 0x0)
r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/ext4/sda1/mb_groups\x00', 0x14b402, 0x0)
read$auto_proc_iter_file_ops_compat_inode(r2, &(0x7f0000000080)=""/170, 0xaa)
mprotect$auto(0x1ffff000, 0x8000000000000004, 0xd)
write$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000100)="0040a64c2cff010000a4d8394e", 0xd)
mmap$auto(0x2000, 0x9, 0x8, 0x8000000008011, r0, 0x0)

kernel console output (not intermixed with test programs):

ist_alloc+0x1b0/0x3f0
[  585.278372][T15182]  trace_pid_write+0x10f/0x470
[  585.278400][T15182]  ? __pfx_trace_pid_write+0x10/0x10
[  585.278427][T15182]  ? __pfx___mutex_lock+0x10/0x10
[  585.278462][T15182]  ? get_pid_task+0x35/0x250
[  585.278484][T15182]  ? lock_acquire+0x2f/0xb0
[  585.278510][T15182]  event_pid_write.isra.0+0x3b3/0x7a0
[  585.278536][T15182]  ? __pfx_event_pid_write.isra.0+0x10/0x10
[  585.278560][T15182]  ? lock_acquire+0x2f/0xb0
[  585.278583][T15182]  ? ksys_write+0x12b/0x250
[  585.278606][T15182]  ? __pfx_ftrace_event_pid_write+0x10/0x10
[  585.278630][T15182]  vfs_write+0x24c/0x1150
[  585.278650][T15182]  ? __fget_files+0x1fc/0x3a0
[  585.278677][T15182]  ? __pfx___mutex_lock+0x10/0x10
[  585.278707][T15182]  ? __pfx_vfs_write+0x10/0x10
[  585.278733][T15182]  ? __fget_files+0x206/0x3a0
[  585.278759][T15182]  ksys_write+0x12b/0x250
[  585.278780][T15182]  ? __pfx_ksys_write+0x10/0x10
[  585.278802][T15182]  ? rcu_is_watching+0x12/0xc0
[  585.278834][T15182]  ? rcu_is_watching+0x12/0xc0
[  585.278866][T15182]  do_syscall_64+0xcd/0x250
[  585.278888][T15182]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  585.278917][T15182] RIP: 0033:0x7fa97a78cde9
[  585.278935][T15182] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  585.278957][T15182] RSP: 002b:00007fa97b65e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  585.278979][T15182] RAX: ffffffffffffffda RBX: 00007fa97a9a6080 RCX: 00007fa97a78cde9
[  585.278994][T15182] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003
[  585.279007][T15182] RBP: 00007fa97b65e090 R08: 0000000000000000 R09: 0000000000000000
[  585.279021][T15182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  585.279035][T15182] R13: 0000000000000000 R14: 00007fa97a9a6080 R15: 00007ffd9bb5f508
[  585.279057][T15182]  </TASK>
[  585.934545][T15200] netlink: 1204 bytes leftover after parsing attributes in process `syz.1.2390'.
[  586.016213][T15200] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2390'.
[  586.079948][T15204] input input29: cannot allocate more than FF_MAX_EFFECTS effects
[  586.225743][T15203] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2391'.
[  586.428124][   T54] Bluetooth: hci2: command tx timeout
[  587.426562][T15235] Format for deleting device is "id" (uint).
[  588.433825][T15257] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2407'.
[  589.709440][T15289] FAULT_INJECTION: forcing a failure.
[  589.709440][T15289] name failslab, interval 1, probability 0, space 0, times 0
[  589.758181][T15289] CPU: 0 UID: 0 PID: 15289 Comm: syz.3.2418 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  589.758212][T15289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  589.758223][T15289] Call Trace:
[  589.758230][T15289]  <TASK>
[  589.758238][T15289]  dump_stack_lvl+0x16c/0x1f0
[  589.758270][T15289]  should_fail_ex+0x50a/0x650
[  589.758295][T15289]  ? fs_reclaim_acquire+0xae/0x150
[  589.758329][T15289]  ? trace_pid_list_alloc+0x27c/0x3f0
[  589.758353][T15289]  should_failslab+0xc2/0x120
[  589.758381][T15289]  __kmalloc_cache_noprof+0x68/0x420
[  589.758407][T15289]  trace_pid_list_alloc+0x27c/0x3f0
[  589.758431][T15289]  trace_pid_write+0x10f/0x470
[  589.758461][T15289]  ? __pfx_trace_pid_write+0x10/0x10
[  589.758489][T15289]  ? __pfx___mutex_lock+0x10/0x10
[  589.758525][T15289]  ? get_pid_task+0x35/0x250
[  589.758547][T15289]  ? lock_acquire+0x2f/0xb0
[  589.758573][T15289]  event_pid_write.isra.0+0x3b3/0x7a0
[  589.758600][T15289]  ? __pfx_event_pid_write.isra.0+0x10/0x10
[  589.758625][T15289]  ? lock_acquire+0x2f/0xb0
[  589.758649][T15289]  ? ksys_write+0x12b/0x250
[  589.758678][T15289]  ? __pfx_ftrace_event_pid_write+0x10/0x10
[  589.758703][T15289]  vfs_write+0x24c/0x1150
[  589.758725][T15289]  ? __fget_files+0x1fc/0x3a0
[  589.758749][T15289]  ? __pfx___mutex_lock+0x10/0x10
[  589.758780][T15289]  ? __pfx_vfs_write+0x10/0x10
[  589.758805][T15289]  ? __fget_files+0x206/0x3a0
[  589.758838][T15289]  ksys_write+0x12b/0x250
[  589.758859][T15289]  ? __pfx_ksys_write+0x10/0x10
[  589.758882][T15289]  ? rcu_is_watching+0x12/0xc0
[  589.758913][T15289]  ? rcu_is_watching+0x12/0xc0
[  589.758945][T15289]  do_syscall_64+0xcd/0x250
[  589.758967][T15289]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  589.758997][T15289] RIP: 0033:0x7fa97a78cde9
[  589.759014][T15289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  589.759036][T15289] RSP: 002b:00007fa97b67f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  589.759058][T15289] RAX: ffffffffffffffda RBX: 00007fa97a9a5fa0 RCX: 00007fa97a78cde9
[  589.759073][T15289] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003
[  589.759086][T15289] RBP: 00007fa97b67f090 R08: 0000000000000000 R09: 0000000000000000
[  589.759100][T15289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  589.759113][T15289] R13: 0000000000000000 R14: 00007fa97a9a5fa0 R15: 00007ffd9bb5f508
[  589.759135][T15289]  </TASK>
[  590.854306][T15296] tty tty12: ldisc open failed (-12), clearing slot 11
[  590.968265][ T5835] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  590.985078][ T5835] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  590.992711][ T5835] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  591.000285][ T5835] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  591.007848][ T5835] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  591.015109][ T5835] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  591.239677][T15301] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2421'.
[  591.321698][T15305] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2422'.
[  591.509654][T15302] chnl_net:caif_netlink_parms(): no params data found
[  591.657088][T15302] bridge0: port 1(bridge_slave_0) entered blocking state
[  591.665178][T15302] bridge0: port 1(bridge_slave_0) entered disabled state
[  591.674829][T15302] bridge_slave_0: entered allmulticast mode
[  591.831542][T15302] bridge_slave_0: entered promiscuous mode
[  591.842633][T15302] bridge0: port 2(bridge_slave_1) entered blocking state
[  591.849841][T15302] bridge0: port 2(bridge_slave_1) entered disabled state
[  591.857035][T15302] bridge_slave_1: entered allmulticast mode
[  591.868958][T15302] bridge_slave_1: entered promiscuous mode
[  591.933133][T15302] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  591.961130][T15302] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  592.067111][T15302] team0: Port device team_slave_0 added
[  592.111028][T15302] team0: Port device team_slave_1 added
[  593.068472][   T54] Bluetooth: hci1: command tx timeout
[  593.092601][T15302] batman_adv: batadv0: Adding interface: batadv_slave_0
[  593.122411][T15302] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  593.375872][T15302] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  593.404069][T15302] batman_adv: batadv0: Adding interface: batadv_slave_1
[  593.412100][T15302] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  593.456767][T15302] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  593.563657][T15302] hsr_slave_0: entered promiscuous mode
[  593.570045][T15302] hsr_slave_1: entered promiscuous mode
[  593.575990][T15302] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  593.665370][T15302] Cannot create hsr debugfs directory
[  593.767418][T15302] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  593.857532][T15302] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  594.161952][T15302] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  594.235361][T15302] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  594.343707][T15302] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  594.357608][T15302] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  594.399092][T15302] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  594.480922][T15302] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  594.595453][T15358] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2432'.
[  594.604964][T15302] 8021q: adding VLAN 0 to HW filter on device bond0
[  594.636032][T15302] 8021q: adding VLAN 0 to HW filter on device team0
[  594.664132][ T9630] bridge0: port 1(bridge_slave_0) entered blocking state
[  594.671304][ T9630] bridge0: port 1(bridge_slave_0) entered forwarding state
[  594.729070][ T3563] bridge0: port 2(bridge_slave_1) entered blocking state
[  594.736194][ T3563] bridge0: port 2(bridge_slave_1) entered forwarding state
[  594.757327][T15302] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  594.757353][T15302] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  594.937682][T15302] 8021q: adding VLAN 0 to HW filter on device batadv0
[  594.979552][T15302] veth0_vlan: entered promiscuous mode
[  594.989519][T15302] veth1_vlan: entered promiscuous mode
[  595.007127][T15302] veth0_macvtap: entered promiscuous mode
[  595.015511][T15302] veth1_macvtap: entered promiscuous mode
[  595.055006][T15302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  595.078913][T15302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  595.090765][T15302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  595.148365][   T54] Bluetooth: hci1: command tx timeout
[  595.234563][T15302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  595.250561][T15371] netlink: 'syz.0.2435': attribute type 15 has an invalid length.
[  595.262453][T15371] netlink: 'syz.0.2435': attribute type 16 has an invalid length.
[  595.271091][T15302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  595.283627][T15371] netlink: 'syz.0.2435': attribute type 17 has an invalid length.
[  595.302478][T15302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  595.328427][T15371] netlink: 'syz.0.2435': attribute type 19 has an invalid length.
[  595.350069][T15302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  595.368760][T15371] netlink: 238 bytes leftover after parsing attributes in process `syz.0.2435'.
[  595.397461][T15302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  595.444689][T15302] batman_adv: batadv0: Interface activated: batadv_slave_0
[  595.456636][T15375] input input30: cannot allocate more than FF_MAX_EFFECTS effects
[  595.480421][T15302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  595.491895][T15302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  595.501776][T15302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  595.512436][T15302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  595.522344][T15302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  595.536729][T15302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  595.546960][T15302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  595.557975][T15302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  595.559028][T15302] batman_adv: batadv0: Interface activated: batadv_slave_1
[  595.561518][T15302] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  595.561554][T15302] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  595.561584][T15302] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  595.561614][T15302] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  595.592188][T15302] ieee80211 phy25: Selected rate control algorithm 'minstrel_ht'
[  595.614904][T10328] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  595.614927][T10328] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  595.615818][T15302] ieee80211 phy26: Selected rate control algorithm 'minstrel_ht'
[  595.664160][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  595.664183][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  596.113333][T15397] kernel read not supported for file /P��r��	^�!��8���;�n�~Z�����J�p����-�����v<)�R�_�Wta���kG��6hmD�|v�Q (pid: 15397 comm: syz.1.2443)
[  596.134993][   T29] audit: type=1800 audit(8277292343.768:20): pid=15397 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2443" name=5002B9D50272BCD0095EC0217FC0DD38B080FA3B97056EF47E5A05F1EFD1F108D94A9B70DFE7CD1F842DBB05A5B8FCF7763C29DD5202D80D5F03E78E577461FABDAF066B47F7AA361C680B6D44FC7C76D451 dev="mqueue" ino=58790 res=0 errno=0
[  596.171105][T15385] Format for deleting device is "id" (uint).
[  596.347687][T15407] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2447'.
[  597.228350][   T54] Bluetooth: hci1: command tx timeout
[  598.468722][T15442] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  598.474810][T15442] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  598.572264][T15442] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  598.609915][T15442] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  598.645754][T15442] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  598.674951][T15442] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  598.705080][T15442] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  598.733116][T15442] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  598.776891][T15442] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  598.869608][T15442] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  599.008389][T15458] FAULT_INJECTION: forcing a failure.
[  599.008389][T15458] name failslab, interval 1, probability 0, space 0, times 0
[  599.028631][T15458] CPU: 1 UID: 0 PID: 15458 Comm: syz.4.2462 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  599.028664][T15458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  599.028677][T15458] Call Trace:
[  599.028685][T15458]  <TASK>
[  599.028693][T15458]  dump_stack_lvl+0x16c/0x1f0
[  599.028732][T15458]  should_fail_ex+0x50a/0x650
[  599.028758][T15458]  ? fs_reclaim_acquire+0xae/0x150
[  599.028793][T15458]  ? trace_pid_list_alloc+0x27c/0x3f0
[  599.028816][T15458]  should_failslab+0xc2/0x120
[  599.028843][T15458]  __kmalloc_cache_noprof+0x68/0x420
[  599.028870][T15458]  trace_pid_list_alloc+0x27c/0x3f0
[  599.028894][T15458]  trace_pid_write+0x10f/0x470
[  599.028925][T15458]  ? __pfx_trace_pid_write+0x10/0x10
[  599.028953][T15458]  ? __pfx___mutex_lock+0x10/0x10
[  599.028990][T15458]  ? get_pid_task+0x35/0x250
[  599.029013][T15458]  ? lock_acquire+0x2f/0xb0
[  599.029040][T15458]  event_pid_write.isra.0+0x3b3/0x7a0
[  599.029066][T15458]  ? __pfx_event_pid_write.isra.0+0x10/0x10
[  599.029088][T15458]  ? lock_acquire+0x2f/0xb0
[  599.029109][T15458]  ? ksys_write+0x12b/0x250
[  599.029132][T15458]  ? __pfx_ftrace_event_pid_write+0x10/0x10
[  599.029155][T15458]  vfs_write+0x24c/0x1150
[  599.029174][T15458]  ? __fget_files+0x1fc/0x3a0
[  599.029196][T15458]  ? __pfx___mutex_lock+0x10/0x10
[  599.029226][T15458]  ? __pfx_vfs_write+0x10/0x10
[  599.029249][T15458]  ? __fget_files+0x206/0x3a0
[  599.029282][T15458]  ksys_write+0x12b/0x250
[  599.029304][T15458]  ? __pfx_ksys_write+0x10/0x10
[  599.029327][T15458]  ? rcu_is_watching+0x12/0xc0
[  599.029357][T15458]  ? rcu_is_watching+0x12/0xc0
[  599.029390][T15458]  do_syscall_64+0xcd/0x250
[  599.029410][T15458]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  599.029438][T15458] RIP: 0033:0x7f243a78cde9
[  599.029454][T15458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  599.029474][T15458] RSP: 002b:00007f243b68d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  599.029493][T15458] RAX: ffffffffffffffda RBX: 00007f243a9a6080 RCX: 00007f243a78cde9
[  599.029507][T15458] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003
[  599.029520][T15458] RBP: 00007f243b68d090 R08: 0000000000000000 R09: 0000000000000000
[  599.029532][T15458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  599.029544][T15458] R13: 0000000000000000 R14: 00007f243a9a6080 R15: 00007ffca7ff0348
[  599.029562][T15458]  </TASK>
[  599.277706][    C1] vkms_vblank_simulate: vblank timer overrun
[  599.823706][T15477] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2469'.
[  599.948357][   T54] Bluetooth: hci4: command 0x0c1a tx timeout
[  600.508396][   T54] Bluetooth: hci0: command 0x0c1a tx timeout
[  600.668548][   T54] Bluetooth: hci2: command 0x0c1a tx timeout
[  600.748765][   T54] Bluetooth: hci1: command 0x0c1a tx timeout
[  600.911833][T15513] kernel read not supported for file /P��r��	^�!��8���;�n�~Z�����J�p����-�����v<)�R�_�Wta���kG��6hmD�|v�Q (pid: 15513 comm: syz.4.2478)
[  601.033162][   T29] audit: type=1800 audit(8277292348.668:21): pid=15513 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2478" name=5002B9D50272BCD0095EC0217FC0DD38B080FA3B97056EF47E5A05F1EFD1F108D94A9B70DFE7CD1F842DBB05A5B8FCF7763C29DD5202D80D5F03E78E577461FABDAF066B47F7AA361C680B6D44FC7C76D451 dev="mqueue" ino=58028 res=0 errno=0
[  601.233094][T15523] mkiss: ax0: crc mode is auto.
[  602.589417][   T54] Bluetooth: hci0: command 0x0c1a tx timeout
[  602.699186][T15553] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2489'.
[  602.748202][   T54] Bluetooth: hci2: command 0x0c1a tx timeout
[  602.828506][   T54] Bluetooth: hci1: command 0x0c1a tx timeout
[  603.083545][T15559] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2491'.
[  603.454229][T15573] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2494'.
[  604.668370][   T54] Bluetooth: hci0: command 0x0c1a tx timeout
[  604.828221][   T54] Bluetooth: hci2: command 0x0c1a tx timeout
[  604.913338][   T54] Bluetooth: hci1: command 0x0c1a tx timeout
[  605.725578][T15580] can: request_module (can-proto-0) failed.
[  607.377999][T15628] ieee80211 phy27: Selected rate control algorithm 'minstrel_ht'
[  608.171994][T15641] can: request_module (can-proto-0) failed.
[  609.421197][T15676] FAULT_INJECTION: forcing a failure.
[  609.421197][T15676] name failslab, interval 1, probability 0, space 0, times 0
[  609.474363][T15676] CPU: 1 UID: 0 PID: 15676 Comm: syz.4.2518 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  609.474396][T15676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  609.474410][T15676] Call Trace:
[  609.474417][T15676]  <TASK>
[  609.474426][T15676]  dump_stack_lvl+0x16c/0x1f0
[  609.474463][T15676]  should_fail_ex+0x50a/0x650
[  609.474490][T15676]  ? fs_reclaim_acquire+0xae/0x150
[  609.474524][T15676]  should_failslab+0xc2/0x120
[  609.474550][T15676]  __kmalloc_noprof+0xce/0x4f0
[  609.474575][T15676]  ? tomoyo_encode2+0x100/0x3e0
[  609.474603][T15676]  tomoyo_encode2+0x100/0x3e0
[  609.474630][T15676]  tomoyo_realpath_from_path+0x1a7/0x710
[  609.474657][T15676]  ? tomoyo_path_number_perm+0x235/0x5b0
[  609.474682][T15676]  tomoyo_path_number_perm+0x248/0x5b0
[  609.474704][T15676]  ? tomoyo_path_number_perm+0x235/0x5b0
[  609.474732][T15676]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  609.474755][T15676]  ? rcu_is_watching+0x12/0xc0
[  609.474790][T15676]  ? preempt_count_add+0x76/0x150
[  609.474821][T15676]  ? __pfx_lock_release+0x10/0x10
[  609.474847][T15676]  ? trace_lock_acquire+0x14e/0x1f0
[  609.474868][T15676]  ? __fget_files+0x40/0x3a0
[  609.474892][T15676]  ? lock_acquire+0x2f/0xb0
[  609.474915][T15676]  ? __fget_files+0x40/0x3a0
[  609.474940][T15676]  ? __fget_files+0x206/0x3a0
[  609.474965][T15676]  security_file_ioctl+0x9b/0x240
[  609.474990][T15676]  __x64_sys_ioctl+0xb7/0x200
[  609.475022][T15676]  do_syscall_64+0xcd/0x250
[  609.475044][T15676]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  609.475075][T15676] RIP: 0033:0x7f243a78cde9
[  609.475093][T15676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  609.475116][T15676] RSP: 002b:00007f243b6ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  609.475139][T15676] RAX: ffffffffffffffda RBX: 00007f243a9a5fa0 RCX: 00007f243a78cde9
[  609.475155][T15676] RDX: 0000000000000003 RSI: 000000008004b708 RDI: 0000000000000003
[  609.475170][T15676] RBP: 00007f243b6ae090 R08: 0000000000000000 R09: 0000000000000000
[  609.475183][T15676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  609.475197][T15676] R13: 0000000000000000 R14: 00007f243a9a5fa0 R15: 00007ffca7ff0348
[  609.475219][T15676]  </TASK>
[  609.475238][T15676] ERROR: Out of memory at tomoyo_realpath_from_path.
[  610.625270][ T5835] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260
[  610.625303][ T5835] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260
[  610.648162][ T5835] Bluetooth: hci2: Unknown advertising packet type: 0x7f
[  610.648221][ T5835] Bluetooth: hci2: Malformed LE Event: 0x0d
[  610.984109][T15689] caif:caif_disconnect_client(): nothing to disconnect
[  612.609000][T15729] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2537'.
[  613.153502][T15741] FAULT_INJECTION: forcing a failure.
[  613.153502][T15741] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  613.198636][T15741] CPU: 1 UID: 0 PID: 15741 Comm: syz.0.2539 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  613.198674][T15741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  613.198689][T15741] Call Trace:
[  613.198696][T15741]  <TASK>
[  613.198705][T15741]  dump_stack_lvl+0x16c/0x1f0
[  613.198742][T15741]  should_fail_ex+0x50a/0x650
[  613.198769][T15741]  ? __pfx___might_resched+0x10/0x10
[  613.198799][T15741]  should_fail_alloc_page+0xe7/0x130
[  613.198829][T15741]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  613.198867][T15741]  __alloc_frozen_pages_noprof+0x18e/0x2470
[  613.198895][T15741]  ? __pfx_stack_trace_save+0x10/0x10
[  613.198917][T15741]  ? stack_depot_save_flags+0x28/0x9e0
[  613.198944][T15741]  ? rcu_is_watching+0x12/0xc0
[  613.198977][T15741]  ? kasan_save_stack+0x42/0x60
[  613.199000][T15741]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  613.199027][T15741]  ? kmem_cache_alloc_noprof+0x1c8/0x3b0
[  613.199052][T15741]  ? __handle_mm_fault+0x9fb/0x2c60
[  613.199077][T15741]  ? do_user_addr_fault+0x7a3/0x13f0
[  613.199104][T15741]  ? exc_page_fault+0x5c/0xc0
[  613.199133][T15741]  ? asm_exc_page_fault+0x26/0x30
[  613.199162][T15741]  ? __get_user_1+0x18/0x30
[  613.199187][T15741]  ? trace_get_user+0xd6/0x990
[  613.199214][T15741]  ? trace_pid_write+0x2a9/0x470
[  613.199249][T15741]  ? event_pid_write.isra.0+0x3b3/0x7a0
[  613.199279][T15741]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  613.199309][T15741]  ? policy_nodemask+0xea/0x4e0
[  613.199337][T15741]  alloc_pages_mpol+0x1fc/0x540
[  613.199365][T15741]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  613.199392][T15741]  ? rcu_is_watching+0x12/0xc0
[  613.199425][T15741]  alloc_pages_noprof+0x131/0x390
[  613.199452][T15741]  pte_alloc_one+0x20/0x390
[  613.199481][T15741]  do_pte_missing+0x1aff/0x3e10
[  613.199505][T15741]  ? do_raw_spin_unlock+0x172/0x230
[  613.199536][T15741]  ? __pmd_alloc+0x3c2/0x870
[  613.199559][T15741]  __handle_mm_fault+0x1166/0x2c60
[  613.199587][T15741]  ? __pfx___handle_mm_fault+0x10/0x10
[  613.199620][T15741]  ? find_vma+0xc0/0x140
[  613.199651][T15741]  ? __pfx_find_vma+0x10/0x10
[  613.199681][T15741]  ? vfs_write+0x24c/0x1150
[  613.199705][T15741]  handle_mm_fault+0x3fa/0xaa0
[  613.199732][T15741]  do_user_addr_fault+0x7a3/0x13f0
[  613.199762][T15741]  exc_page_fault+0x5c/0xc0
[  613.199793][T15741]  asm_exc_page_fault+0x26/0x30
[  613.199821][T15741] RIP: 0010:__get_user_1+0x18/0x30
[  613.199849][T15741] Code: 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 ba 00 f0 ff ff ff 7f 00 00 48 39 d0 48 0f 47 c2 0f 01 cb <0f> b6 10 31 c0 0f 01 ca c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00
[  613.199871][T15741] RSP: 0018:ffffc9000457faa8 EFLAGS: 00050287
[  613.199889][T15741] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff81961fe9
[  613.199904][T15741] RDX: 00007ffffffff000 RSI: ffffffff81be3684 RDI: 0000000000000000
[  613.199919][T15741] RBP: ffffc9000457fbe0 R08: 0000000000000000 R09: fffffbfff20bfb02
[  613.199934][T15741] R10: ffffffff905fd817 R11: 0000000000000001 R12: 0000000000000000
[  613.199948][T15741] R13: 0000000000000000 R14: 0000000000000000 R15: 000000007ffff000
[  613.199966][T15741]  ? lock_release+0xa9/0x6f0
[  613.199991][T15741]  ? trace_get_user+0xc4/0x990
[  613.200020][T15741]  trace_get_user+0xd6/0x990
[  613.200046][T15741]  ? __kasan_kmalloc+0xaa/0xb0
[  613.200069][T15741]  ? trace_pid_list_alloc+0x303/0x3f0
[  613.200094][T15741]  trace_pid_write+0x2a9/0x470
[  613.200124][T15741]  ? __pfx_trace_pid_write+0x10/0x10
[  613.200152][T15741]  ? __pfx___mutex_lock+0x10/0x10
[  613.200188][T15741]  ? get_pid_task+0x35/0x250
[  613.200210][T15741]  ? lock_acquire+0x2f/0xb0
[  613.200243][T15741]  event_pid_write.isra.0+0x3b3/0x7a0
[  613.200269][T15741]  ? __pfx_event_pid_write.isra.0+0x10/0x10
[  613.200295][T15741]  ? lock_acquire+0x2f/0xb0
[  613.200320][T15741]  ? ksys_write+0x12b/0x250
[  613.200342][T15741]  ? __pfx_ftrace_event_pid_write+0x10/0x10
[  613.200367][T15741]  vfs_write+0x24c/0x1150
[  613.200389][T15741]  ? __fget_files+0x1fc/0x3a0
[  613.200413][T15741]  ? __pfx___mutex_lock+0x10/0x10
[  613.200448][T15741]  ? __pfx_vfs_write+0x10/0x10
[  613.200473][T15741]  ? __fget_files+0x206/0x3a0
[  613.200498][T15741]  ksys_write+0x12b/0x250
[  613.200520][T15741]  ? __pfx_ksys_write+0x10/0x10
[  613.200542][T15741]  ? rcu_is_watching+0x12/0xc0
[  613.200573][T15741]  ? rcu_is_watching+0x12/0xc0
[  613.200605][T15741]  do_syscall_64+0xcd/0x250
[  613.200627][T15741]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  613.200656][T15741] RIP: 0033:0x7fdfec18cde9
[  613.200674][T15741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  613.200695][T15741] RSP: 002b:00007fdfecf9f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  613.200715][T15741] RAX: ffffffffffffffda RBX: 00007fdfec3a6080 RCX: 00007fdfec18cde9
[  613.200730][T15741] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003
[  613.200744][T15741] RBP: 00007fdfecf9f090 R08: 0000000000000000 R09: 0000000000000000
[  613.200757][T15741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  613.200770][T15741] R13: 0000000000000000 R14: 00007fdfec3a6080 R15: 00007fff897f1438
[  613.200791][T15741]  </TASK>
[  614.179998][T15759] FAULT_INJECTION: forcing a failure.
[  614.179998][T15759] name failslab, interval 1, probability 0, space 0, times 0
[  614.196435][T15759] CPU: 1 UID: 0 PID: 15759 Comm: syz.4.2547 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  614.196478][T15759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  614.196492][T15759] Call Trace:
[  614.196499][T15759]  <TASK>
[  614.196508][T15759]  dump_stack_lvl+0x16c/0x1f0
[  614.196547][T15759]  should_fail_ex+0x50a/0x650
[  614.196572][T15759]  ? fs_reclaim_acquire+0xae/0x150
[  614.196607][T15759]  should_failslab+0xc2/0x120
[  614.196635][T15759]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  614.196661][T15759]  ? vma_merge_new_range+0x40a/0xbb0
[  614.196684][T15759]  ? vm_area_alloc+0x1f/0x1c0
[  614.196714][T15759]  vm_area_alloc+0x1f/0x1c0
[  614.196741][T15759]  __mmap_region+0x108d/0x2760
[  614.196768][T15759]  ? bpf_ksym_find+0x124/0x1c0
[  614.196796][T15759]  ? __pfx___mmap_region+0x10/0x10
[  614.196820][T15759]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  614.196857][T15759]  ? unwind_get_return_address+0x59/0xa0
[  614.196888][T15759]  ? arch_stack_walk+0xa7/0x100
[  614.196924][T15759]  ? __mutex_trylock_common+0xea/0x250
[  614.196952][T15759]  ? rcu_is_watching+0x12/0xc0
[  614.196993][T15759]  ? cap_capable+0xb3/0x250
[  614.197026][T15759]  mmap_region+0x32b/0x3f0
[  614.197055][T15759]  do_mmap+0xd8d/0x11b0
[  614.197079][T15759]  ? __pfx_do_mmap+0x10/0x10
[  614.197100][T15759]  ? __pfx_down_write_killable+0x10/0x10
[  614.197126][T15759]  vm_mmap_pgoff+0x203/0x3a0
[  614.197152][T15759]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  614.197178][T15759]  ? __fget_files+0x206/0x3a0
[  614.197205][T15759]  ksys_mmap_pgoff+0x32c/0x5c0
[  614.197225][T15759]  ? __pfx_ksys_write+0x10/0x10
[  614.197250][T15759]  __x64_sys_mmap+0x125/0x190
[  614.197280][T15759]  do_syscall_64+0xcd/0x250
[  614.197302][T15759]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  614.197333][T15759] RIP: 0033:0x7f243a78cde9
[  614.197350][T15759] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  614.197372][T15759] RSP: 002b:00007f243b6ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  614.197393][T15759] RAX: ffffffffffffffda RBX: 00007f243a9a5fa0 RCX: 00007f243a78cde9
[  614.197408][T15759] RDX: 0000001000000004 RSI: 0000000000000008 RDI: 0000000000000000
[  614.197422][T15759] RBP: 00007f243b6ae090 R08: 0000000000000003 R09: 0000000110000000
[  614.197436][T15759] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001
[  614.197449][T15759] R13: 0000000000000000 R14: 00007f243a9a5fa0 R15: 00007ffca7ff0348
[  614.197478][T15759]  </TASK>
[  614.445230][T15762] netlink: 'syz.1.2549': attribute type 15 has an invalid length.
[  614.454807][T15762] netlink: 'syz.1.2549': attribute type 16 has an invalid length.
[  614.462940][T15762] netlink: 'syz.1.2549': attribute type 17 has an invalid length.
[  614.477787][T15762] netlink: 'syz.1.2549': attribute type 19 has an invalid length.
[  614.493308][T15762] netlink: 'syz.1.2549': attribute type 27 has an invalid length.
[  614.503813][T15762] netlink: 'syz.1.2549': attribute type 28 has an invalid length.
[  614.515325][T15762] netlink: 'syz.1.2549': attribute type 29 has an invalid length.
[  614.523545][T15762] netlink: 'syz.1.2549': attribute type 30 has an invalid length.
[  614.532465][T15762] netlink: 18 bytes leftover after parsing attributes in process `syz.1.2549'.
[  614.985906][T15784] netlink: 172 bytes leftover after parsing attributes in process `syz.3.2554'.
[  615.410569][T15793] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2559'.
[  615.846471][T15793] bond0: (slave bond_slave_0): Releasing backup interface
[  616.273389][T15804] netlink: 'syz.3.2562': attribute type 15 has an invalid length.
[  616.281527][T15804] netlink: 'syz.3.2562': attribute type 16 has an invalid length.
[  616.332508][T15804] netlink: 18 bytes leftover after parsing attributes in process `syz.3.2562'.
[  616.515111][T15815] FAULT_INJECTION: forcing a failure.
[  616.515111][T15815] name failslab, interval 1, probability 0, space 0, times 0
[  616.548255][T15815] CPU: 0 UID: 0 PID: 15815 Comm: syz.0.2566 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  616.548287][T15815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  616.548302][T15815] Call Trace:
[  616.548309][T15815]  <TASK>
[  616.548318][T15815]  dump_stack_lvl+0x16c/0x1f0
[  616.548355][T15815]  should_fail_ex+0x50a/0x650
[  616.548381][T15815]  ? fs_reclaim_acquire+0xae/0x150
[  616.548413][T15815]  should_failslab+0xc2/0x120
[  616.548440][T15815]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  616.548470][T15815]  ? ima_inode_get+0x120/0x580
[  616.548545][T15815]  ima_inode_get+0x120/0x580
[  616.548578][T15815]  process_measurement+0x70a/0x2370
[  616.548608][T15815]  ? __pfx_process_measurement+0x10/0x10
[  616.548634][T15815]  ? __pfx__kstrtoull+0x10/0x10
[  616.548656][T15815]  ? lock_release+0x4e2/0x6f0
[  616.548689][T15815]  ? lock_release+0x4e2/0x6f0
[  616.548713][T15815]  ? aa_file_perm+0x4c6/0xfe0
[  616.548738][T15815]  ? trace_lock_acquire+0x14e/0x1f0
[  616.548758][T15815]  ? __pfx_kstrtouint+0x10/0x10
[  616.548786][T15815]  ? lock_release+0x4e2/0x6f0
[  616.548809][T15815]  ? ksys_write+0x12b/0x250
[  616.548830][T15815]  ? __pfx_lock_release+0x10/0x10
[  616.548855][T15815]  ? rcu_is_watching+0x12/0xc0
[  616.548886][T15815]  ima_file_mmap+0x1b3/0x1e0
[  616.548913][T15815]  ? __pfx_ima_file_mmap+0x10/0x10
[  616.548938][T15815]  ? preempt_count_add+0x76/0x150
[  616.548967][T15815]  security_mmap_file+0x88c/0x990
[  616.549000][T15815]  vm_mmap_pgoff+0xdb/0x3a0
[  616.549025][T15815]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  616.549050][T15815]  ? __fget_files+0x206/0x3a0
[  616.549075][T15815]  ksys_mmap_pgoff+0x32c/0x5c0
[  616.549096][T15815]  ? __pfx_ksys_write+0x10/0x10
[  616.549119][T15815]  __x64_sys_mmap+0x125/0x190
[  616.549153][T15815]  do_syscall_64+0xcd/0x250
[  616.549175][T15815]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  616.549204][T15815] RIP: 0033:0x7fdfec18cde9
[  616.549222][T15815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  616.549244][T15815] RSP: 002b:00007fdfecfc0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  616.549265][T15815] RAX: ffffffffffffffda RBX: 00007fdfec3a5fa0 RCX: 00007fdfec18cde9
[  616.549281][T15815] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000005
[  616.549295][T15815] RBP: 00007fdfecfc0090 R08: 0000000000000003 R09: 0000000000008000
[  616.549310][T15815] R10: 0000000000000411 R11: 0000000000000246 R12: 0000000000000001
[  616.549324][T15815] R13: 0000000000000000 R14: 00007fdfec3a5fa0 R15: 00007fff897f1438
[  616.549346][T15815]  </TASK>
[  616.948887][T15821] ucma_write: process 91 (syz.3.2567) changed security contexts after opening file descriptor, this is not allowed.
[  617.161766][T15832] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2576'.
[  617.595911][T15842] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2572'.
[  618.111718][T15849] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2573'.
[  618.277055][T15861] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2579'.
[  620.809980][T15918] zswap: compressor Y not available
[  621.454120][T15929] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2596'.
[  621.581423][T15937] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2597'.
[  621.956019][T15944] FAULT_INJECTION: forcing a failure.
[  621.956019][T15944] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  621.971813][T15944] CPU: 1 UID: 0 PID: 15944 Comm: syz.0.2599 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  621.971846][T15944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  621.971860][T15944] Call Trace:
[  621.971867][T15944]  <TASK>
[  621.971875][T15944]  dump_stack_lvl+0x16c/0x1f0
[  621.971913][T15944]  should_fail_ex+0x50a/0x650
[  621.971941][T15944]  _copy_from_user+0x2e/0xd0
[  621.971972][T15944]  kstrtobool_from_user+0x9a/0x160
[  621.971995][T15944]  ? __pfx_kstrtobool_from_user+0x10/0x10
[  621.972018][T15944]  ? rcu_is_watching+0x12/0xc0
[  621.972050][T15944]  ? trace_lock_acquire+0x14e/0x1f0
[  621.972072][T15944]  ? __pfx_traceSMB_proc_write+0x10/0x10
[  621.972094][T15944]  traceSMB_proc_write+0x23/0x60
[  621.972115][T15944]  proc_reg_write+0x23d/0x330
[  621.972140][T15944]  ? __pfx_proc_reg_write+0x10/0x10
[  621.972163][T15944]  vfs_write+0x24c/0x1150
[  621.972186][T15944]  ? __fget_files+0x1fc/0x3a0
[  621.972209][T15944]  ? __pfx___mutex_lock+0x10/0x10
[  621.972242][T15944]  ? __pfx_vfs_write+0x10/0x10
[  621.972267][T15944]  ? __fget_files+0x206/0x3a0
[  621.972293][T15944]  ksys_write+0x12b/0x250
[  621.972315][T15944]  ? __pfx_ksys_write+0x10/0x10
[  621.972337][T15944]  ? rcu_is_watching+0x12/0xc0
[  621.972368][T15944]  ? rcu_is_watching+0x12/0xc0
[  621.972401][T15944]  do_syscall_64+0xcd/0x250
[  621.972422][T15944]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  621.972452][T15944] RIP: 0033:0x7fdfec18cde9
[  621.972469][T15944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  621.972491][T15944] RSP: 002b:00007fdfecfc0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  621.972512][T15944] RAX: ffffffffffffffda RBX: 00007fdfec3a5fa0 RCX: 00007fdfec18cde9
[  621.972528][T15944] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003
[  621.972541][T15944] RBP: 00007fdfecfc0090 R08: 0000000000000000 R09: 0000000000000000
[  621.972555][T15944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  621.972568][T15944] R13: 0000000000000000 R14: 00007fdfec3a5fa0 R15: 00007fff897f1438
[  621.972589][T15944]  </TASK>
[  622.188045][    C1] vkms_vblank_simulate: vblank timer overrun
[  624.355994][T15993] kernel read not supported for file /P��r��	^�!��8���;�n�~Z�����J�p����-�����v<)�R�_�Wta���kG��6hmD�|v�Q (pid: 15993 comm: syz.0.2613)
[  624.409951][T15993] FAULT_INJECTION: forcing a failure.
[  624.409951][T15993] name failslab, interval 1, probability 0, space 0, times 0
[  624.476301][T15993] CPU: 1 UID: 0 PID: 15993 Comm: syz.0.2613 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  624.476334][T15993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  624.476348][T15993] Call Trace:
[  624.476356][T15993]  <TASK>
[  624.476364][T15993]  dump_stack_lvl+0x16c/0x1f0
[  624.476401][T15993]  should_fail_ex+0x50a/0x650
[  624.476427][T15993]  ? fs_reclaim_acquire+0xae/0x150
[  624.476461][T15993]  should_failslab+0xc2/0x120
[  624.476489][T15993]  __kmalloc_node_track_caller_noprof+0xcf/0x520
[  624.476517][T15993]  ? ima_alloc_tfm+0x21d/0x2d0
[  624.476544][T15993]  ? ima_collect_measurement+0x4a6/0xa10
[  624.476575][T15993]  krealloc_noprof+0x1fb/0x360
[  624.476602][T15993]  ima_collect_measurement+0x4a6/0xa10
[  624.476632][T15993]  ? security_mmap_file+0x88c/0x990
[  624.476662][T15993]  ? __pfx_ima_collect_measurement+0x10/0x10
[  624.476709][T15993]  ? __mutex_lock+0x1cc/0xb10
[  624.476741][T15993]  ? is_bad_inode+0xd/0x40
[  624.476765][T15993]  ? vfs_getxattr_alloc+0xf1/0x340
[  624.476790][T15993]  ? ima_get_hash_algo+0x27d/0x410
[  624.476815][T15993]  ? __pfx_ima_get_hash_algo+0x10/0x10
[  624.476843][T15993]  ? process_measurement+0x1271/0x2370
[  624.476869][T15993]  process_measurement+0x1271/0x2370
[  624.476900][T15993]  ? __pfx_process_measurement+0x10/0x10
[  624.476927][T15993]  ? __pfx__kstrtoull+0x10/0x10
[  624.476949][T15993]  ? lock_release+0x4e2/0x6f0
[  624.476978][T15993]  ? lock_release+0x4e2/0x6f0
[  624.477002][T15993]  ? aa_file_perm+0x4c6/0xfe0
[  624.477028][T15993]  ? trace_lock_acquire+0x14e/0x1f0
[  624.477049][T15993]  ? __pfx_kstrtouint+0x10/0x10
[  624.477080][T15993]  ? lock_release+0x4e2/0x6f0
[  624.477105][T15993]  ? ksys_write+0x12b/0x250
[  624.477127][T15993]  ? __pfx_lock_release+0x10/0x10
[  624.477153][T15993]  ? rcu_is_watching+0x12/0xc0
[  624.477187][T15993]  ima_file_mmap+0x1b3/0x1e0
[  624.477213][T15993]  ? __pfx_ima_file_mmap+0x10/0x10
[  624.477239][T15993]  ? preempt_count_add+0x76/0x150
[  624.477266][T15993]  security_mmap_file+0x88c/0x990
[  624.477292][T15993]  vm_mmap_pgoff+0xdb/0x3a0
[  624.477317][T15993]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  624.477346][T15993]  ? __fget_files+0x206/0x3a0
[  624.477371][T15993]  ksys_mmap_pgoff+0x32c/0x5c0
[  624.477392][T15993]  ? __pfx_ksys_write+0x10/0x10
[  624.477415][T15993]  __x64_sys_mmap+0x125/0x190
[  624.477446][T15993]  do_syscall_64+0xcd/0x250
[  624.477468][T15993]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  624.477497][T15993] RIP: 0033:0x7fdfec18cde9
[  624.477512][T15993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  624.477532][T15993] RSP: 002b:00007fdfecfc0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  624.477551][T15993] RAX: ffffffffffffffda RBX: 00007fdfec3a5fa0 RCX: 00007fdfec18cde9
[  624.477566][T15993] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000005
[  624.477579][T15993] RBP: 00007fdfecfc0090 R08: 0000000000000003 R09: 0000000000008000
[  624.477591][T15993] R10: 0000000000000411 R11: 0000000000000246 R12: 0000000000000001
[  624.477602][T15993] R13: 0000000000000000 R14: 00007fdfec3a5fa0 R15: 00007fff897f1438
[  624.477618][T15993]  </TASK>
[  624.784401][    C1] vkms_vblank_simulate: vblank timer overrun
[  624.950654][   T29] audit: type=1800 audit(8277292372.518:22): pid=15993 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2613" name=5002B9D50272BCD0095EC0217FC0DD38B080FA3B97056EF47E5A05F1EFD1F108D94A9B70DFE7CD1F842DBB05A5B8FCF7763C29DD5202D80D5F03E78E577461FABDAF066B47F7AA361C680B6D44FC7C76D451 dev="mqueue" ino=61077 res=0 errno=0
[  625.030521][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  625.037836][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  625.288906][T16003] FAULT_INJECTION: forcing a failure.
[  625.288906][T16003] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  625.319242][T16003] CPU: 1 UID: 0 PID: 16003 Comm: syz.3.2617 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  625.319277][T16003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  625.319290][T16003] Call Trace:
[  625.319298][T16003]  <TASK>
[  625.319307][T16003]  dump_stack_lvl+0x16c/0x1f0
[  625.319343][T16003]  should_fail_ex+0x50a/0x650
[  625.319372][T16003]  _copy_from_iter+0x4a5/0x1400
[  625.319404][T16003]  ? __pfx__copy_from_iter+0x10/0x10
[  625.319433][T16003]  ? __virt_addr_valid+0x1a4/0x590
[  625.319457][T16003]  ? __virt_addr_valid+0x5e/0x590
[  625.319478][T16003]  ? __phys_addr_symbol+0x30/0x80
[  625.319511][T16003]  ? __check_object_size+0x488/0x710
[  625.319541][T16003]  skb_copy_datagram_from_iter+0x124/0x710
[  625.319575][T16003]  ? lock_acquire+0x2f/0xb0
[  625.319604][T16003]  packet_sendmsg+0x220f/0x56c0
[  625.319629][T16003]  ? do_raw_spin_unlock+0x170/0x230
[  625.319669][T16003]  ? lock_release+0x4e2/0x6f0
[  625.319693][T16003]  ? is_bpf_text_address+0x8a/0x1a0
[  625.319718][T16003]  ? rcu_is_watching+0x12/0xc0
[  625.319749][T16003]  ? __pfx___might_resched+0x10/0x10
[  625.319776][T16003]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  625.319808][T16003]  ? __pfx_packet_sendmsg+0x10/0x10
[  625.319833][T16003]  ? aa_label_printk+0x520/0x610
[  625.319864][T16003]  ? __might_fault+0xe3/0x190
[  625.319893][T16003]  ? __might_fault+0xe3/0x190
[  625.319924][T16003]  ____sys_sendmsg+0x9ae/0xb40
[  625.319954][T16003]  ? __pfx_____sys_sendmsg+0x10/0x10
[  625.319984][T16003]  ? _kstrtoull+0x146/0x200
[  625.320005][T16003]  ? __pfx__kstrtoull+0x10/0x10
[  625.320026][T16003]  ? lock_release+0x4e2/0x6f0
[  625.320052][T16003]  ___sys_sendmsg+0x135/0x1e0
[  625.320076][T16003]  ? __pfx____sys_sendmsg+0x10/0x10
[  625.320098][T16003]  ? __pfx_kstrtouint+0x10/0x10
[  625.320124][T16003]  ? trace_lock_acquire+0x14e/0x1f0
[  625.320154][T16003]  __sys_sendmmsg+0x201/0x420
[  625.320179][T16003]  ? __pfx___sys_sendmmsg+0x10/0x10
[  625.320205][T16003]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  625.320244][T16003]  ? fput+0x67/0x440
[  625.320270][T16003]  ? ksys_write+0x1ba/0x250
[  625.320292][T16003]  ? __pfx_ksys_write+0x10/0x10
[  625.320317][T16003]  __x64_sys_sendmmsg+0x9c/0x100
[  625.320342][T16003]  do_syscall_64+0xcd/0x250
[  625.320364][T16003]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  625.320395][T16003] RIP: 0033:0x7f37ff78cde9
[  625.320413][T16003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  625.320435][T16003] RSP: 002b:00007f38005f5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  625.320457][T16003] RAX: ffffffffffffffda RBX: 00007f37ff9a5fa0 RCX: 00007f37ff78cde9
[  625.320473][T16003] RDX: 0000000000000002 RSI: 00002000000006c0 RDI: 0000000000000003
[  625.320487][T16003] RBP: 00007f38005f5090 R08: 0000000000000000 R09: 0000000000000000
[  625.320501][T16003] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001
[  625.320515][T16003] R13: 0000000000000000 R14: 00007f37ff9a5fa0 R15: 00007fffd93dc598
[  625.320536][T16003]  </TASK>
[  629.151218][T16061] delete_channel: no stack
[  630.326860][T16101] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2645'.
[  630.481416][T16115] kernel read not supported for file /P��r��	^�!��8���;�n�~Z�����J�p����-�����v<)�R�_�Wta���kG��6hmD�|v�Q (pid: 16115 comm: syz.0.2650)
[  630.497189][T16115] FAULT_INJECTION: forcing a failure.
[  630.497189][T16115] name failslab, interval 1, probability 0, space 0, times 0
[  630.563743][T16115] CPU: 1 UID: 0 PID: 16115 Comm: syz.0.2650 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  630.563779][T16115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  630.563792][T16115] Call Trace:
[  630.563799][T16115]  <TASK>
[  630.563808][T16115]  dump_stack_lvl+0x16c/0x1f0
[  630.563845][T16115]  should_fail_ex+0x50a/0x650
[  630.563873][T16115]  should_failslab+0xc2/0x120
[  630.563901][T16115]  __kmalloc_noprof+0xce/0x4f0
[  630.563926][T16115]  ? aa_label_asxprint+0x75/0x140
[  630.563959][T16115]  aa_label_asxprint+0x75/0x140
[  630.563999][T16115]  apparmor_lsmprop_to_secctx+0xb2/0x1a0
[  630.564025][T16115]  security_lsmprop_to_secctx+0x94/0x260
[  630.564052][T16115]  audit_log_task_context+0x136/0x1b0
[  630.564077][T16115]  ? __pfx_audit_log_task_context+0x10/0x10
[  630.564102][T16115]  ? from_kuid+0x89/0xd0
[  630.564129][T16115]  ? __pfx_from_kuid+0x10/0x10
[  630.564156][T16115]  ? ima_collect_measurement+0x755/0xa10
[  630.564187][T16115]  integrity_audit_message+0x26a/0x4c0
[  630.564212][T16115]  ? __pfx_integrity_audit_message+0x10/0x10
[  630.564236][T16115]  ? take_dentry_name_snapshot+0x314/0x730
[  630.564268][T16115]  integrity_audit_msg+0x41/0x60
[  630.564293][T16115]  ima_collect_measurement+0x77c/0xa10
[  630.564326][T16115]  ? __pfx_ima_collect_measurement+0x10/0x10
[  630.564355][T16115]  ? trace_lock_acquire+0x14e/0x1f0
[  630.564375][T16115]  ? tomoyo_check_open_permission+0x20f/0x3c0
[  630.564405][T16115]  ? __mutex_lock+0x1cc/0xb10
[  630.564436][T16115]  ? is_bad_inode+0xd/0x40
[  630.564459][T16115]  ? vfs_getxattr_alloc+0xf1/0x340
[  630.564484][T16115]  ? ima_get_hash_algo+0x27d/0x410
[  630.564508][T16115]  ? __pfx_ima_get_hash_algo+0x10/0x10
[  630.564536][T16115]  ? process_measurement+0x1271/0x2370
[  630.564562][T16115]  process_measurement+0x1271/0x2370
[  630.564592][T16115]  ? __pfx_process_measurement+0x10/0x10
[  630.564618][T16115]  ? __pfx__kstrtoull+0x10/0x10
[  630.564643][T16115]  ? lock_release+0x4e2/0x6f0
[  630.564670][T16115]  ? lock_release+0x4e2/0x6f0
[  630.564694][T16115]  ? aa_file_perm+0x4c6/0xfe0
[  630.564719][T16115]  ? trace_lock_acquire+0x14e/0x1f0
[  630.564738][T16115]  ? __pfx_kstrtouint+0x10/0x10
[  630.564769][T16115]  ? lock_release+0x4e2/0x6f0
[  630.564793][T16115]  ? ksys_write+0x12b/0x250
[  630.564815][T16115]  ? __pfx_lock_release+0x10/0x10
[  630.564840][T16115]  ? rcu_is_watching+0x12/0xc0
[  630.564872][T16115]  ima_file_mmap+0x1b3/0x1e0
[  630.564898][T16115]  ? __pfx_ima_file_mmap+0x10/0x10
[  630.564923][T16115]  ? preempt_count_add+0x76/0x150
[  630.564951][T16115]  security_mmap_file+0x88c/0x990
[  630.564977][T16115]  vm_mmap_pgoff+0xdb/0x3a0
[  630.565008][T16115]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  630.565033][T16115]  ? __fget_files+0x206/0x3a0
[  630.565057][T16115]  ksys_mmap_pgoff+0x32c/0x5c0
[  630.565078][T16115]  ? __pfx_ksys_write+0x10/0x10
[  630.565102][T16115]  __x64_sys_mmap+0x125/0x190
[  630.565132][T16115]  do_syscall_64+0xcd/0x250
[  630.565154][T16115]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  630.565183][T16115] RIP: 0033:0x7fdfec18cde9
[  630.565199][T16115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  630.565219][T16115] RSP: 002b:00007fdfecfc0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  630.565240][T16115] RAX: ffffffffffffffda RBX: 00007fdfec3a5fa0 RCX: 00007fdfec18cde9
[  630.565255][T16115] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000005
[  630.565269][T16115] RBP: 00007fdfecfc0090 R08: 0000000000000003 R09: 0000000000008000
[  630.565282][T16115] R10: 0000000000000411 R11: 0000000000000246 R12: 0000000000000001
[  630.565295][T16115] R13: 0000000000000000 R14: 00007fdfec3a5fa0 R15: 00007fff897f1438
[  630.565316][T16115]  </TASK>
[  630.568163][T16115] audit: error in audit_log_task_context
[  630.966524][   T29] audit: type=1800 audit(8277292378.138:23): pid=16115 uid=0 auid=4294967295 ses=4294967295 op=collect_data cause=failed comm="syz.0.2650" name=5002B9D50272BCD0095EC0217FC0DD38B080FA3B97056EF47E5A05F1EFD1F108D94A9B70DFE7CD1F842DBB05A5B8FCF7763C29DD5202D80D5F03E78E577461FABDAF066B47F7AA361C680B6D44FC7C76D451 dev="mqueue" ino=61077 res=0 errno=0
[  631.123044][T16130] kernel read not supported for file /P��r��	^�!��8���;�n�~Z�����J�p����-�����v<)�R�_�Wta���kG��6hmD�|v�Q (pid: 16130 comm: syz.1.2654)
[  631.163498][   T29] audit: type=1800 audit(8277292378.788:24): pid=16130 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2654" name=5002B9D50272BCD0095EC0217FC0DD38B080FA3B97056EF47E5A05F1EFD1F108D94A9B70DFE7CD1F842DBB05A5B8FCF7763C29DD5202D80D5F03E78E577461FABDAF066B47F7AA361C680B6D44FC7C76D451 dev="mqueue" ino=58790 res=0 errno=0
[  631.228139][T16128] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2653'.
[  631.415601][T16141] FAULT_INJECTION: forcing a failure.
[  631.415601][T16141] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  631.512264][T16141] CPU: 0 UID: 0 PID: 16141 Comm: syz.4.2658 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  631.512298][T16141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  631.512312][T16141] Call Trace:
[  631.512319][T16141]  <TASK>
[  631.512328][T16141]  dump_stack_lvl+0x16c/0x1f0
[  631.512365][T16141]  should_fail_ex+0x50a/0x650
[  631.512395][T16141]  _copy_to_user+0x32/0xd0
[  631.512425][T16141]  simple_read_from_buffer+0xd0/0x160
[  631.512459][T16141]  proc_fail_nth_read+0x198/0x270
[  631.512490][T16141]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  631.512520][T16141]  ? security_file_permission+0x71/0x210
[  631.512547][T16141]  ? rw_verify_area+0xcf/0x680
[  631.512579][T16141]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  631.512609][T16141]  vfs_read+0x1df/0xbf0
[  631.512630][T16141]  ? __fget_files+0x1fc/0x3a0
[  631.512654][T16141]  ? __pfx___mutex_lock+0x10/0x10
[  631.512686][T16141]  ? __pfx_vfs_read+0x10/0x10
[  631.512712][T16141]  ? __fget_files+0x206/0x3a0
[  631.512738][T16141]  ksys_read+0x12b/0x250
[  631.512759][T16141]  ? __pfx_ksys_read+0x10/0x10
[  631.512782][T16141]  ? rcu_is_watching+0x12/0xc0
[  631.512833][T16141]  ? rcu_is_watching+0x12/0xc0
[  631.512865][T16141]  do_syscall_64+0xcd/0x250
[  631.512887][T16141]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  631.512918][T16141] RIP: 0033:0x7f243a78b7fc
[  631.512935][T16141] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  631.512958][T16141] RSP: 002b:00007f243b6ae030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  631.512980][T16141] RAX: ffffffffffffffda RBX: 00007f243a9a5fa0 RCX: 00007f243a78b7fc
[  631.512995][T16141] RDX: 000000000000000f RSI: 00007f243b6ae0a0 RDI: 0000000000000004
[  631.513009][T16141] RBP: 00007f243b6ae090 R08: 0000000000000000 R09: 0000000000000000
[  631.513024][T16141] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000002
[  631.513045][T16141] R13: 0000000000000000 R14: 00007f243a9a5fa0 R15: 00007ffca7ff0348
[  631.513067][T16141]  </TASK>
[  632.465965][T16166] kernel read not supported for file /P��r��	^�!��8���;�n�~Z�����J�p����-�����v<)�R�_�Wta���kG��6hmD�|v�Q (pid: 16166 comm: syz.3.2663)
[  632.519941][T16166] FAULT_INJECTION: forcing a failure.
[  632.519941][T16166] name failslab, interval 1, probability 0, space 0, times 0
[  632.550805][T16166] CPU: 1 UID: 0 PID: 16166 Comm: syz.3.2663 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  632.550837][T16166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  632.550849][T16166] Call Trace:
[  632.550855][T16166]  <TASK>
[  632.550862][T16166]  dump_stack_lvl+0x16c/0x1f0
[  632.550898][T16166]  should_fail_ex+0x50a/0x650
[  632.550934][T16166]  should_failslab+0xc2/0x120
[  632.550963][T16166]  __kmalloc_noprof+0xce/0x4f0
[  632.550990][T16166]  ? aa_label_asxprint+0x75/0x140
[  632.551024][T16166]  aa_label_asxprint+0x75/0x140
[  632.551055][T16166]  apparmor_lsmprop_to_secctx+0xb2/0x1a0
[  632.551081][T16166]  security_lsmprop_to_secctx+0x94/0x260
[  632.551108][T16166]  audit_log_task_context+0x136/0x1b0
[  632.551134][T16166]  ? __pfx_audit_log_task_context+0x10/0x10
[  632.551159][T16166]  ? from_kuid+0x89/0xd0
[  632.551187][T16166]  ? __pfx_from_kuid+0x10/0x10
[  632.551214][T16166]  ? ima_collect_measurement+0x755/0xa10
[  632.551247][T16166]  integrity_audit_message+0x26a/0x4c0
[  632.551273][T16166]  ? __pfx_integrity_audit_message+0x10/0x10
[  632.551299][T16166]  ? take_dentry_name_snapshot+0x314/0x730
[  632.551332][T16166]  integrity_audit_msg+0x41/0x60
[  632.551354][T16166]  ima_collect_measurement+0x77c/0xa10
[  632.551382][T16166]  ? security_mmap_file+0x88c/0x990
[  632.551407][T16166]  ? __pfx_ima_collect_measurement+0x10/0x10
[  632.551444][T16166]  ? __mutex_lock+0x1cc/0xb10
[  632.551471][T16166]  ? is_bad_inode+0xd/0x40
[  632.551493][T16166]  ? vfs_getxattr_alloc+0xf1/0x340
[  632.551516][T16166]  ? ima_get_hash_algo+0x27d/0x410
[  632.551538][T16166]  ? __pfx_ima_get_hash_algo+0x10/0x10
[  632.551565][T16166]  ? process_measurement+0x1271/0x2370
[  632.551589][T16166]  process_measurement+0x1271/0x2370
[  632.551619][T16166]  ? __pfx_process_measurement+0x10/0x10
[  632.551646][T16166]  ? __pfx__kstrtoull+0x10/0x10
[  632.551669][T16166]  ? lock_release+0x4e2/0x6f0
[  632.551697][T16166]  ? lock_release+0x4e2/0x6f0
[  632.551721][T16166]  ? aa_file_perm+0x4c6/0xfe0
[  632.551746][T16166]  ? trace_lock_acquire+0x14e/0x1f0
[  632.551766][T16166]  ? __pfx_kstrtouint+0x10/0x10
[  632.551797][T16166]  ? lock_release+0x4e2/0x6f0
[  632.551822][T16166]  ? ksys_write+0x12b/0x250
[  632.551844][T16166]  ? __pfx_lock_release+0x10/0x10
[  632.551870][T16166]  ? rcu_is_watching+0x12/0xc0
[  632.551904][T16166]  ima_file_mmap+0x1b3/0x1e0
[  632.551936][T16166]  ? __pfx_ima_file_mmap+0x10/0x10
[  632.551961][T16166]  ? preempt_count_add+0x76/0x150
[  632.551989][T16166]  security_mmap_file+0x88c/0x990
[  632.552015][T16166]  vm_mmap_pgoff+0xdb/0x3a0
[  632.552040][T16166]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  632.552065][T16166]  ? __fget_files+0x206/0x3a0
[  632.552090][T16166]  ksys_mmap_pgoff+0x32c/0x5c0
[  632.552111][T16166]  ? __pfx_ksys_write+0x10/0x10
[  632.552134][T16166]  __x64_sys_mmap+0x125/0x190
[  632.552165][T16166]  do_syscall_64+0xcd/0x250
[  632.552187][T16166]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  632.552217][T16166] RIP: 0033:0x7f37ff78cde9
[  632.552234][T16166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  632.552256][T16166] RSP: 002b:00007f38005f5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  632.552278][T16166] RAX: ffffffffffffffda RBX: 00007f37ff9a5fa0 RCX: 00007f37ff78cde9
[  632.552293][T16166] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000005
[  632.552307][T16166] RBP: 00007f38005f5090 R08: 0000000000000003 R09: 0000000000008000
[  632.552322][T16166] R10: 0000000000000411 R11: 0000000000000246 R12: 0000000000000001
[  632.552335][T16166] R13: 0000000000000000 R14: 00007f37ff9a5fa0 R15: 00007fffd93dc598
[  632.552357][T16166]  </TASK>
[  632.552450][T16166] audit: error in audit_log_task_context
[  632.925020][   T29] audit: type=1800 audit(8277292380.158:25): pid=16166 uid=0 auid=4294967295 ses=4294967295 op=collect_data cause=failed comm="syz.3.2663" name=5002B9D50272BCD0095EC0217FC0DD38B080FA3B97056EF47E5A05F1EFD1F108D94A9B70DFE7CD1F842DBB05A5B8FCF7763C29DD5202D80D5F03E78E577461FABDAF066B47F7AA361C680B6D44FC7C76D451 dev="mqueue" ino=61956 res=0 errno=0
[  633.079840][T16175] FAULT_INJECTION: forcing a failure.
[  633.079840][T16175] name failslab, interval 1, probability 0, space 0, times 0
[  633.142575][T16175] CPU: 0 UID: 0 PID: 16175 Comm: syz.3.2665 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  633.142607][T16175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  633.142620][T16175] Call Trace:
[  633.142626][T16175]  <TASK>
[  633.142635][T16175]  dump_stack_lvl+0x16c/0x1f0
[  633.142672][T16175]  should_fail_ex+0x50a/0x650
[  633.142699][T16175]  ? fs_reclaim_acquire+0xae/0x150
[  633.142733][T16175]  should_failslab+0xc2/0x120
[  633.142761][T16175]  __kmalloc_node_noprof+0xd1/0x520
[  633.142787][T16175]  ? __pfx_aa_file_perm+0x10/0x10
[  633.142812][T16175]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  633.142838][T16175]  __kvmalloc_node_noprof+0xad/0x1a0
[  633.142861][T16175]  seq_read_iter+0x82a/0x12b0
[  633.142894][T16175]  ? __mutex_trylock_common+0xea/0x250
[  633.142937][T16175]  kernfs_fop_read_iter+0x414/0x580
[  633.142965][T16175]  ? rw_verify_area+0xcf/0x680
[  633.142998][T16175]  vfs_read+0x886/0xbf0
[  633.143021][T16175]  ? __pfx_vfs_read+0x10/0x10
[  633.143049][T16175]  ksys_read+0x12b/0x250
[  633.143071][T16175]  ? __pfx_ksys_read+0x10/0x10
[  633.143091][T16175]  ? rcu_is_watching+0x12/0xc0
[  633.143120][T16175]  ? rcu_is_watching+0x12/0xc0
[  633.143151][T16175]  do_syscall_64+0xcd/0x250
[  633.143173][T16175]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  633.143203][T16175] RIP: 0033:0x7f37ff78cde9
[  633.143219][T16175] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  633.143241][T16175] RSP: 002b:00007f38005f5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  633.143263][T16175] RAX: ffffffffffffffda RBX: 00007f37ff9a5fa0 RCX: 00007f37ff78cde9
[  633.143278][T16175] RDX: 000000000000003b RSI: 0000200000001680 RDI: 0000000000000003
[  633.143291][T16175] RBP: 00007f38005f5090 R08: 0000000000000000 R09: 0000000000000000
[  633.143303][T16175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  633.143314][T16175] R13: 0000000000000000 R14: 00007f37ff9a5fa0 R15: 00007fffd93dc598
[  633.143332][T16175]  </TASK>
[  633.734901][T16193] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2671'.
[  633.854560][T16197] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2673'.
[  635.260209][T16232] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2683'.
[  635.552110][T16244] kernel read not supported for file /P��r��	^�!��8���;�n�~Z�����J�p����-�����v<)�R�_�Wta���kG��6hmD�|v�Q (pid: 16244 comm: syz.1.2687)
[  635.581590][   T29] audit: type=1800 audit(8277292383.218:26): pid=16244 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2687" name=5002B9D50272BCD0095EC0217FC0DD38B080FA3B97056EF47E5A05F1EFD1F108D94A9B70DFE7CD1F842DBB05A5B8FCF7763C29DD5202D80D5F03E78E577461FABDAF066B47F7AA361C680B6D44FC7C76D451 dev="mqueue" ino=58790 res=0 errno=0
[  635.615164][    C1] vkms_vblank_simulate: vblank timer overrun
[  635.631520][T16246] kernel read not supported for file /P��r��	^�!��8���;�n�~Z�����J�p����-�����v<)�R�_�Wta���kG��6hmD�|v�Q (pid: 16246 comm: syz.0.2688)
[  635.654615][   T29] audit: type=1800 audit(8277292383.288:27): pid=16246 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2688" name=5002B9D50272BCD0095EC0217FC0DD38B080FA3B97056EF47E5A05F1EFD1F108D94A9B70DFE7CD1F842DBB05A5B8FCF7763C29DD5202D80D5F03E78E577461FABDAF066B47F7AA361C680B6D44FC7C76D451 dev="mqueue" ino=61077 res=0 errno=0
[  635.668377][T16246] FAULT_INJECTION: forcing a failure.
[  635.668377][T16246] name failslab, interval 1, probability 0, space 0, times 0
[  635.688176][    C1] vkms_vblank_simulate: vblank timer overrun
[  635.708120][T16246] CPU: 1 UID: 0 PID: 16246 Comm: syz.0.2688 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  635.708152][T16246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  635.708165][T16246] Call Trace:
[  635.708173][T16246]  <TASK>
[  635.708181][T16246]  dump_stack_lvl+0x16c/0x1f0
[  635.708220][T16246]  should_fail_ex+0x50a/0x650
[  635.708245][T16246]  ? fs_reclaim_acquire+0xae/0x150
[  635.708277][T16246]  should_failslab+0xc2/0x120
[  635.708302][T16246]  __kmalloc_noprof+0xce/0x4f0
[  635.708325][T16246]  ? ima_write_template_field_data+0x48/0x1c0
[  635.708349][T16246]  ima_write_template_field_data+0x48/0x1c0
[  635.708371][T16246]  ? ima_eventdigest_init_common+0xd5/0x3d0
[  635.708395][T16246]  ima_eventdigest_init_common+0x131/0x3d0
[  635.708418][T16246]  ? __pfx_ima_eventdigest_init_common+0x10/0x10
[  635.708449][T16246]  ? rcu_watching_snap_stopped_since+0x50/0x110
[  635.708483][T16246]  ? trace_kmalloc+0x2d/0xd0
[  635.708512][T16246]  ? __kmalloc_noprof+0x23b/0x4f0
[  635.708535][T16246]  ? trace_lock_acquire+0x14e/0x1f0
[  635.708556][T16246]  ? ima_alloc_init_template+0x195/0x720
[  635.708589][T16246]  ima_alloc_init_template+0x399/0x720
[  635.708621][T16246]  ima_store_measurement+0x1ea/0x5c0
[  635.708651][T16246]  ? __pfx_ima_store_measurement+0x10/0x10
[  635.708686][T16246]  ? __pfx_ima_get_hash_algo+0x10/0x10
[  635.708714][T16246]  process_measurement+0x1ee2/0x2370
[  635.708746][T16246]  ? __pfx_process_measurement+0x10/0x10
[  635.708772][T16246]  ? __pfx__kstrtoull+0x10/0x10
[  635.708794][T16246]  ? lock_release+0x4e2/0x6f0
[  635.708822][T16246]  ? lock_release+0x4e2/0x6f0
[  635.708845][T16246]  ? aa_file_perm+0x4c6/0xfe0
[  635.708871][T16246]  ? trace_lock_acquire+0x14e/0x1f0
[  635.708898][T16246]  ? __pfx_kstrtouint+0x10/0x10
[  635.708930][T16246]  ? lock_release+0x4e2/0x6f0
[  635.708954][T16246]  ? ksys_write+0x12b/0x250
[  635.708975][T16246]  ? __pfx_lock_release+0x10/0x10
[  635.709000][T16246]  ? rcu_is_watching+0x12/0xc0
[  635.709033][T16246]  ima_file_mmap+0x1b3/0x1e0
[  635.709059][T16246]  ? __pfx_ima_file_mmap+0x10/0x10
[  635.709084][T16246]  ? preempt_count_add+0x76/0x150
[  635.709112][T16246]  security_mmap_file+0x88c/0x990
[  635.709138][T16246]  vm_mmap_pgoff+0xdb/0x3a0
[  635.709163][T16246]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  635.709188][T16246]  ? __fget_files+0x206/0x3a0
[  635.709214][T16246]  ksys_mmap_pgoff+0x32c/0x5c0
[  635.709235][T16246]  ? __pfx_ksys_write+0x10/0x10
[  635.709258][T16246]  __x64_sys_mmap+0x125/0x190
[  635.709289][T16246]  do_syscall_64+0xcd/0x250
[  635.709310][T16246]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  635.709341][T16246] RIP: 0033:0x7fdfec18cde9
[  635.709358][T16246] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  635.709380][T16246] RSP: 002b:00007fdfecfc0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  635.709400][T16246] RAX: ffffffffffffffda RBX: 00007fdfec3a5fa0 RCX: 00007fdfec18cde9
[  635.709414][T16246] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000005
[  635.709427][T16246] RBP: 00007fdfecfc0090 R08: 0000000000000003 R09: 0000000000008000
[  635.709440][T16246] R10: 0000000000000411 R11: 0000000000000246 R12: 0000000000000001
[  635.709451][T16246] R13: 0000000000000000 R14: 00007fdfec3a5fa0 R15: 00007fff897f1438
[  635.709469][T16246]  </TASK>
[  636.030733][    C1] vkms_vblank_simulate: vblank timer overrun
[  636.152016][   T29] audit: type=1804 audit(8277292383.688:28): pid=16246 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.0.2688" name=5002B9D50272BCD0095EC0217FC0DD38B080FA3B97056EF47E5A05F1EFD1F108D94A9B70DFE7CD1F842DBB05A5B8FCF7763C29DD5202D80D5F03E78E577461FABDAF066B47F7AA361C680B6D44FC7C76D451 dev="mqueue" ino=61077 res=0 errno=0
[  636.186258][    C1] vkms_vblank_simulate: vblank timer overrun
[  637.476096][T16296] usb usb15: usbfs: interface 0 claimed by hub while 'syz.4.2705' sets config #5
[  637.496902][T16298] validate_nla: 6 callbacks suppressed
[  637.496920][T16298] netlink: 'syz.0.2706': attribute type 19 has an invalid length.
[  637.519401][T16298] netlink: 114 bytes leftover after parsing attributes in process `syz.0.2706'.
[  637.539245][T16301] FAULT_INJECTION: forcing a failure.
[  637.539245][T16301] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  637.576838][T16301] CPU: 1 UID: 0 PID: 16301 Comm: syz.1.2707 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  637.576873][T16301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  637.576887][T16301] Call Trace:
[  637.576894][T16301]  <TASK>
[  637.576903][T16301]  dump_stack_lvl+0x16c/0x1f0
[  637.576940][T16301]  should_fail_ex+0x50a/0x650
[  637.576966][T16301]  ? __pfx___might_resched+0x10/0x10
[  637.576998][T16301]  should_fail_alloc_page+0xe7/0x130
[  637.577027][T16301]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  637.577062][T16301]  ? bpf_ksym_find+0x124/0x1c0
[  637.577093][T16301]  __alloc_frozen_pages_noprof+0x18e/0x2470
[  637.577121][T16301]  ? __kernel_text_address+0xd/0x40
[  637.577146][T16301]  ? unwind_get_return_address+0x59/0xa0
[  637.577177][T16301]  ? arch_stack_walk+0xa7/0x100
[  637.577212][T16301]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  637.577240][T16301]  ? stack_trace_save+0x95/0xd0
[  637.577263][T16301]  ? ima_match_policy+0x855/0x2290
[  637.577295][T16301]  ? __pfx_lock_release+0x10/0x10
[  637.577320][T16301]  ? trace_lock_acquire+0x14e/0x1f0
[  637.577340][T16301]  ? kasan_save_stack+0x42/0x60
[  637.577363][T16301]  ? kasan_save_stack+0x33/0x60
[  637.577386][T16301]  ? ima_match_policy+0x134/0x2290
[  637.577416][T16301]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  637.577445][T16301]  ? policy_nodemask+0xea/0x4e0
[  637.577473][T16301]  alloc_pages_mpol+0x1fc/0x540
[  637.577501][T16301]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  637.577531][T16301]  folio_alloc_mpol_noprof+0x36/0x2f0
[  637.577562][T16301]  vma_alloc_folio_noprof+0xee/0x1b0
[  637.577591][T16301]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  637.577625][T16301]  ? trace_lock_acquire+0x14e/0x1f0
[  637.577645][T16301]  ? rcu_is_watching+0x12/0xc0
[  637.577677][T16301]  do_pte_missing+0x202f/0x3e10
[  637.577705][T16301]  __handle_mm_fault+0x1166/0x2c60
[  637.577732][T16301]  ? __pfx___handle_mm_fault+0x10/0x10
[  637.577764][T16301]  ? find_vma+0xc0/0x140
[  637.577794][T16301]  ? __pfx_find_vma+0x10/0x10
[  637.577828][T16301]  handle_mm_fault+0x3fa/0xaa0
[  637.577855][T16301]  do_user_addr_fault+0x7a3/0x13f0
[  637.577885][T16301]  exc_page_fault+0x5c/0xc0
[  637.577916][T16301]  asm_exc_page_fault+0x26/0x30
[  637.577945][T16301] RIP: 0010:rep_movs_alternative+0x15/0x70
[  637.577973][T16301] Code: cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 83 f9 40 73 40 83 f9 08 73 21 85 c9 74 0f 8a 06 <88> 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84
[  637.577995][T16301] RSP: 0018:ffffc9000d47faf8 EFLAGS: 00050202
[  637.578014][T16301] RAX: 0000000000000030 RBX: 0000200000001680 RCX: 0000000000000002
[  637.578029][T16301] RDX: ffffed100de90801 RSI: ffff88806f484000 RDI: 0000200000001680
[  637.578045][T16301] RBP: ffffc9000d47fda0 R08: 0000000000000000 R09: ffffed100de90800
[  637.578059][T16301] R10: ffff88806f484001 R11: 0000000000000000 R12: 0000200000001682
[  637.578074][T16301] R13: 00007ffffffff000 R14: ffff88806f484000 R15: 0000000000000002
[  637.578095][T16301]  _copy_to_iter+0x384/0x1400
[  637.578126][T16301]  ? trace_lock_acquire+0x14e/0x1f0
[  637.578146][T16301]  ? __pfx_lock_release+0x10/0x10
[  637.578171][T16301]  ? __virt_addr_valid+0x1a4/0x590
[  637.578192][T16301]  ? __pfx__copy_to_iter+0x10/0x10
[  637.578219][T16301]  ? __virt_addr_valid+0x1a4/0x590
[  637.578239][T16301]  ? __virt_addr_valid+0x5e/0x590
[  637.578258][T16301]  ? __phys_addr_symbol+0x30/0x80
[  637.578289][T16301]  ? __check_object_size+0x488/0x710
[  637.578318][T16301]  seq_read_iter+0xd00/0x12b0
[  637.578355][T16301]  kernfs_fop_read_iter+0x414/0x580
[  637.578382][T16301]  ? rw_verify_area+0xcf/0x680
[  637.578413][T16301]  vfs_read+0x886/0xbf0
[  637.578436][T16301]  ? __pfx_vfs_read+0x10/0x10
[  637.578465][T16301]  ksys_read+0x12b/0x250
[  637.578484][T16301]  ? __pfx_ksys_read+0x10/0x10
[  637.578505][T16301]  ? rcu_is_watching+0x12/0xc0
[  637.578536][T16301]  ? rcu_is_watching+0x12/0xc0
[  637.578567][T16301]  do_syscall_64+0xcd/0x250
[  637.578589][T16301]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  637.578625][T16301] RIP: 0033:0x7f3976b8cde9
[  637.578640][T16301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  637.578662][T16301] RSP: 002b:00007f3977959038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  637.578682][T16301] RAX: ffffffffffffffda RBX: 00007f3976da5fa0 RCX: 00007f3976b8cde9
[  637.578698][T16301] RDX: 000000000000003b RSI: 0000200000001680 RDI: 0000000000000003
[  637.578712][T16301] RBP: 00007f3977959090 R08: 0000000000000000 R09: 0000000000000000
[  637.578726][T16301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  637.578740][T16301] R13: 0000000000000000 R14: 00007f3976da5fa0 R15: 00007fff1782c5d8
[  637.578761][T16301]  </TASK>
[  638.033410][    C1] vkms_vblank_simulate: vblank timer overrun
[  638.441706][T16319] kernel read not supported for file /P��r��	^�!��8���;�n�~Z�����J�p����-�����v<)�R�_�Wta���kG��6hmD�|v�Q (pid: 16319 comm: syz.1.2713)
[  638.457538][T16319] FAULT_INJECTION: forcing a failure.
[  638.457538][T16319] name failslab, interval 1, probability 0, space 0, times 0
[  638.471018][   T29] audit: type=1800 audit(8277292386.088:29): pid=16319 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2713" name=5002B9D50272BCD0095EC0217FC0DD38B080FA3B97056EF47E5A05F1EFD1F108D94A9B70DFE7CD1F842DBB05A5B8FCF7763C29DD5202D80D5F03E78E577461FABDAF066B47F7AA361C680B6D44FC7C76D451 dev="mqueue" ino=58790 res=0 errno=0
[  638.475796][T16319] CPU: 1 UID: 0 PID: 16319 Comm: syz.1.2713 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  638.475826][T16319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  638.475839][T16319] Call Trace:
[  638.475846][T16319]  <TASK>
[  638.475855][T16319]  dump_stack_lvl+0x16c/0x1f0
[  638.475892][T16319]  should_fail_ex+0x50a/0x650
[  638.475919][T16319]  ? fs_reclaim_acquire+0xae/0x150
[  638.475953][T16319]  should_failslab+0xc2/0x120
[  638.475980][T16319]  __kmalloc_noprof+0xce/0x4f0
[  638.476005][T16319]  ? ima_write_template_field_data+0xe9/0x1c0
[  638.476031][T16319]  ima_write_template_field_data+0xe9/0x1c0
[  638.476056][T16319]  ima_eventname_init_common.isra.0+0x113/0x1f0
[  638.476081][T16319]  ? __pfx_ima_eventname_init_common.isra.0+0x10/0x10
[  638.476107][T16319]  ? trace_kmalloc+0x2d/0xd0
[  638.476136][T16319]  ? __kmalloc_noprof+0x23b/0x4f0
[  638.476159][T16319]  ? trace_lock_acquire+0x14e/0x1f0
[  638.476181][T16319]  ? ima_alloc_init_template+0x195/0x720
[  638.476214][T16319]  ima_alloc_init_template+0x399/0x720
[  638.476245][T16319]  ima_store_measurement+0x1ea/0x5c0
[  638.476276][T16319]  ? __pfx_ima_store_measurement+0x10/0x10
[  638.476312][T16319]  ? __pfx_ima_get_hash_algo+0x10/0x10
[  638.476339][T16319]  process_measurement+0x1ee2/0x2370
[  638.476370][T16319]  ? __pfx_process_measurement+0x10/0x10
[  638.476397][T16319]  ? __pfx__kstrtoull+0x10/0x10
[  638.476418][T16319]  ? lock_release+0x4e2/0x6f0
[  638.476445][T16319]  ? lock_release+0x4e2/0x6f0
[  638.476469][T16319]  ? aa_file_perm+0x4c6/0xfe0
[  638.476494][T16319]  ? trace_lock_acquire+0x14e/0x1f0
[  638.476513][T16319]  ? __pfx_kstrtouint+0x10/0x10
[  638.476543][T16319]  ? lock_release+0x4e2/0x6f0
[  638.476567][T16319]  ? ksys_write+0x12b/0x250
[  638.476589][T16319]  ? __pfx_lock_release+0x10/0x10
[  638.476614][T16319]  ? rcu_is_watching+0x12/0xc0
[  638.476646][T16319]  ima_file_mmap+0x1b3/0x1e0
[  638.476672][T16319]  ? __pfx_ima_file_mmap+0x10/0x10
[  638.476704][T16319]  ? preempt_count_add+0x76/0x150
[  638.476730][T16319]  security_mmap_file+0x88c/0x990
[  638.476757][T16319]  vm_mmap_pgoff+0xdb/0x3a0
[  638.476781][T16319]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  638.476805][T16319]  ? __fget_files+0x206/0x3a0
[  638.476830][T16319]  ksys_mmap_pgoff+0x32c/0x5c0
[  638.476850][T16319]  ? __pfx_ksys_write+0x10/0x10
[  638.476874][T16319]  __x64_sys_mmap+0x125/0x190
[  638.476904][T16319]  do_syscall_64+0xcd/0x250
[  638.476926][T16319]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  638.476956][T16319] RIP: 0033:0x7f3976b8cde9
[  638.476973][T16319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  638.476994][T16319] RSP: 002b:00007f3977959038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  638.477015][T16319] RAX: ffffffffffffffda RBX: 00007f3976da5fa0 RCX: 00007f3976b8cde9
[  638.477031][T16319] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000005
[  638.477045][T16319] RBP: 00007f3977959090 R08: 0000000000000003 R09: 0000000000008000
[  638.477059][T16319] R10: 0000000000000411 R11: 0000000000000246 R12: 0000000000000002
[  638.477073][T16319] R13: 0000000000000000 R14: 00007f3976da5fa0 R15: 00007fff1782c5d8
[  638.477094][T16319]  </TASK>
[  638.921012][   T29] audit: type=1804 audit(8277292386.108:30): pid=16319 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.1.2713" name=5002B9D50272BCD0095EC0217FC0DD38B080FA3B97056EF47E5A05F1EFD1F108D94A9B70DFE7CD1F842DBB05A5B8FCF7763C29DD5202D80D5F03E78E577461FABDAF066B47F7AA361C680B6D44FC7C76D451 dev="mqueue" ino=58790 res=0 errno=0
[  638.955286][    C1] vkms_vblank_simulate: vblank timer overrun
[  639.185532][T16342] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2719'.
[  639.502119][T16359] smc: net device syz_tun erased user defined pnetid ETHTOOL
[  641.132706][T16408] kernel read not supported for file /P��r��	^�!��8���;�n�~Z�����J�p����-�����v<)�R�_�Wta���kG��6hmD�|v�Q (pid: 16408 comm: syz.4.2737)
[  641.197774][T16408] FAULT_INJECTION: forcing a failure.
[  641.197774][T16408] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  641.208470][   T29] audit: type=1800 audit(8277292388.828:31): pid=16408 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2737" name=5002B9D50272BCD0095EC0217FC0DD38B080FA3B97056EF47E5A05F1EFD1F108D94A9B70DFE7CD1F842DBB05A5B8FCF7763C29DD5202D80D5F03E78E577461FABDAF066B47F7AA361C680B6D44FC7C76D451 dev="mqueue" ino=58028 res=0 errno=0
[  641.212515][T16402] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2736'.
[  641.244413][    C1] vkms_vblank_simulate: vblank timer overrun
[  641.259846][T16408] CPU: 0 UID: 0 PID: 16408 Comm: syz.4.2737 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  641.259874][T16408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  641.259886][T16408] Call Trace:
[  641.259893][T16408]  <TASK>
[  641.259900][T16408]  dump_stack_lvl+0x16c/0x1f0
[  641.259934][T16408]  should_fail_ex+0x50a/0x650
[  641.259960][T16408]  _copy_to_user+0x32/0xd0
[  641.259987][T16408]  simple_read_from_buffer+0xd0/0x160
[  641.260019][T16408]  proc_fail_nth_read+0x198/0x270
[  641.260046][T16408]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  641.260073][T16408]  ? security_file_permission+0x71/0x210
[  641.260097][T16408]  ? rw_verify_area+0xcf/0x680
[  641.260125][T16408]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  641.260151][T16408]  vfs_read+0x1df/0xbf0
[  641.260170][T16408]  ? __fget_files+0x1fc/0x3a0
[  641.260193][T16408]  ? __pfx___mutex_lock+0x10/0x10
[  641.260223][T16408]  ? __pfx_vfs_read+0x10/0x10
[  641.260256][T16408]  ? __fget_files+0x206/0x3a0
[  641.260278][T16408]  ksys_read+0x12b/0x250
[  641.260296][T16408]  ? __pfx_ksys_read+0x10/0x10
[  641.260316][T16408]  ? rcu_is_watching+0x12/0xc0
[  641.260345][T16408]  ? rcu_is_watching+0x12/0xc0
[  641.260376][T16408]  do_syscall_64+0xcd/0x250
[  641.260397][T16408]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  641.260425][T16408] RIP: 0033:0x7f243a78b7fc
[  641.260442][T16408] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  641.260464][T16408] RSP: 002b:00007f243b6ae030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  641.260485][T16408] RAX: ffffffffffffffda RBX: 00007f243a9a5fa0 RCX: 00007f243a78b7fc
[  641.260499][T16408] RDX: 000000000000000f RSI: 00007f243b6ae0a0 RDI: 0000000000000004
[  641.260513][T16408] RBP: 00007f243b6ae090 R08: 0000000000000000 R09: 0000000000008000
[  641.260526][T16408] R10: 0000000000000411 R11: 0000000000000246 R12: 0000000000000002
[  641.260539][T16408] R13: 0000000000000000 R14: 00007f243a9a5fa0 R15: 00007ffca7ff0348
[  641.260558][T16408]  </TASK>
[  643.480148][T16483] kernel read not supported for file /P��r��	^�!��8���;�n�~Z�����J�p����-�����v<)�R�_�Wta���kG��6hmD�|v�Q (pid: 16483 comm: syz.0.2755)
[  643.556239][   T29] audit: type=1800 audit(8277292391.168:32): pid=16483 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2755" name=5002B9D50272BCD0095EC0217FC0DD38B080FA3B97056EF47E5A05F1EFD1F108D94A9B70DFE7CD1F842DBB05A5B8FCF7763C29DD5202D80D5F03E78E577461FABDAF066B47F7AA361C680B6D44FC7C76D451 dev="mqueue" ino=61077 res=0 errno=0
[  644.036972][T16501] dlm: process syz.3.2759 (16501) version mismatch user (1291781285.-1874653656.-1278323392) kernel (6.0.2)
[  645.675990][T16523] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2768'.
[  646.020110][T16529] 0x0
[  647.529752][T16535] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2771'.
[  647.841753][T16533] kernel read not supported for file /P��r��	^�!��8���;�n�~Z�����J�p����-�����v<)�R�_�Wta���kG��6hmD�|v�Q (pid: 16533 comm: syz.4.2771)
[  647.865036][   T29] audit: type=1800 audit(8277292395.498:33): pid=16533 uid=21 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2771" name=5002B9D50272BCD0095EC0217FC0DD38B080FA3B97056EF47E5A05F1EFD1F108D94A9B70DFE7CD1F842DBB05A5B8FCF7763C29DD5202D80D5F03E78E577461FABDAF066B47F7AA361C680B6D44FC7C76D451 dev="mqueue" ino=58028 res=0 errno=0
[  648.643783][T16559] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2785'.
[  649.075852][T16574] kernel read not supported for file /P��r��	^�!��8���;�n�~Z�����J�p����-�����v<)�R�_�Wta���kG��6hmD�|v�Q (pid: 16574 comm: syz.1.2780)
[  649.149831][   T29] audit: type=1800 audit(8277292396.788:34): pid=16574 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2780" name=5002B9D50272BCD0095EC0217FC0DD38B080FA3B97056EF47E5A05F1EFD1F108D94A9B70DFE7CD1F842DBB05A5B8FCF7763C29DD5202D80D5F03E78E577461FABDAF066B47F7AA361C680B6D44FC7C76D451 dev="mqueue" ino=58790 res=0 errno=0
[  649.731384][T16581] nbd: couldn't find device at index 0
[  649.811364][T16588] usb usb15: usbfs: interface 0 claimed by hub while 'syz.0.2784' sets config #5
[  650.296480][T16605] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2789'.
[  651.235467][T16626] usb usb15: usbfs: interface 0 claimed by hub while 'syz.1.2796' sets config #5
[  651.525686][T16631] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2797'.
[  651.775632][T16641] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2800'.
[  653.239484][T16659] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2805'.
[  653.257012][T16664] usb usb15: usbfs: interface 0 claimed by hub while 'syz.4.2807' sets config #5
[  653.940249][T16675] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  653.972611][T16675] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  653.988466][T16675] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  653.994602][T16675] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  654.461946][T16682] snd_aloop snd_aloop.0: control 16781581:65535:6:�'x?F���/��zF˷fC���:8 is already present
[  654.496061][T16682] FAULT_INJECTION: forcing a failure.
[  654.496061][T16682] name failslab, interval 1, probability 0, space 0, times 0
[  654.510472][T16682] CPU: 0 UID: 0 PID: 16682 Comm: syz.1.2813 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  654.510508][T16682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  654.510523][T16682] Call Trace:
[  654.510531][T16682]  <TASK>
[  654.510541][T16682]  dump_stack_lvl+0x16c/0x1f0
[  654.510580][T16682]  should_fail_ex+0x50a/0x650
[  654.510608][T16682]  ? fs_reclaim_acquire+0xae/0x150
[  654.510646][T16682]  ? alloc_tty_struct+0x98/0x8d0
[  654.510669][T16682]  should_failslab+0xc2/0x120
[  654.510698][T16682]  __kmalloc_cache_noprof+0x68/0x420
[  654.510726][T16682]  alloc_tty_struct+0x98/0x8d0
[  654.510748][T16682]  ? __pfx_alloc_tty_struct+0x10/0x10
[  654.510774][T16682]  pty_common_install+0x1bc/0xb30
[  654.510806][T16682]  ? __pfx_pty_install+0x10/0x10
[  654.510834][T16682]  tty_init_dev.part.0+0x99/0x660
[  654.510857][T16682]  tty_open+0xac1/0xf80
[  654.510878][T16682]  ? chrdev_open+0x596/0x6a0
[  654.510905][T16682]  ? __pfx_tty_open+0x10/0x10
[  654.510926][T16682]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  654.510958][T16682]  ? lock_acquire+0x2f/0xb0
[  654.510983][T16682]  ? chrdev_open+0x36b/0x6a0
[  654.511010][T16682]  ? __pfx_tty_open+0x10/0x10
[  654.511031][T16682]  chrdev_open+0x237/0x6a0
[  654.511058][T16682]  ? __pfx_chrdev_open+0x10/0x10
[  654.511085][T16682]  ? file_set_fsnotify_mode+0x163/0x5d0
[  654.511120][T16682]  do_dentry_open+0x735/0x1c40
[  654.511144][T16682]  ? __pfx_chrdev_open+0x10/0x10
[  654.511170][T16682]  ? inode_permission+0xdd/0x5f0
[  654.511226][T16682]  vfs_open+0x82/0x3f0
[  654.511255][T16682]  ? may_open+0x1f2/0x400
[  654.511289][T16682]  path_openat+0x1e88/0x2d80
[  654.511319][T16682]  ? __pfx_path_openat+0x10/0x10
[  654.511348][T16682]  do_filp_open+0x20c/0x470
[  654.511373][T16682]  ? __pfx_do_filp_open+0x10/0x10
[  654.511407][T16682]  ? alloc_fd+0x41f/0x760
[  654.511442][T16682]  do_sys_openat2+0x17a/0x1e0
[  654.511474][T16682]  ? __pfx_do_sys_openat2+0x10/0x10
[  654.511506][T16682]  ? __pfx_do_sys_openat2+0x10/0x10
[  654.511536][T16682]  ? __pfx___might_resched+0x10/0x10
[  654.511570][T16682]  __x64_sys_openat+0x175/0x210
[  654.511601][T16682]  ? __pfx___x64_sys_openat+0x10/0x10
[  654.511632][T16682]  ? syscall_user_dispatch+0x77/0x140
[  654.511663][T16682]  ? rcu_is_watching+0x12/0xc0
[  654.511698][T16682]  do_syscall_64+0xcd/0x250
[  654.511721][T16682]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  654.511753][T16682] RIP: 0033:0x7f3976b8cde9
[  654.511772][T16682] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  654.511796][T16682] RSP: 002b:00007f3977959038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  654.511820][T16682] RAX: ffffffffffffffda RBX: 00007f3976da5fa0 RCX: 00007f3976b8cde9
[  654.511837][T16682] RDX: 0000000000000200 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  654.511854][T16682] RBP: 00007f3976c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  654.511870][T16682] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  654.511885][T16682] R13: 0000000000000000 R14: 00007f3976da5fa0 R15: 00007fff1782c5d8
[  654.511909][T16682]  </TASK>
[  655.987588][ T5835] Bluetooth: hci4: command 0x0c1a tx timeout
[  656.028979][ T5835] Bluetooth: hci2: command 0x0c1a tx timeout
[  656.028990][   T54] Bluetooth: hci0: command 0x0c1a tx timeout
[  656.029020][   T54] Bluetooth: hci1: command 0x0c1a tx timeout
[  657.094683][T16727] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2825'.
[  657.763986][T16731] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2826'.
[  659.314335][   T54] Bluetooth: hci2: Malformed Event: 0x2f
[  659.539429][ T5840] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  659.546761][ T5840] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  659.554585][ T5840] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  659.562389][ T5840] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  659.570079][ T5840] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  659.577359][ T5840] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  659.950491][T16778] FAULT_INJECTION: forcing a failure.
[  659.950491][T16778] name failslab, interval 1, probability 0, space 0, times 0
[  660.002433][T16764] chnl_net:caif_netlink_parms(): no params data found
[  660.059725][T16778] CPU: 1 UID: 0 PID: 16778 Comm: syz.4.2838 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  660.059758][T16778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  660.059771][T16778] Call Trace:
[  660.059779][T16778]  <TASK>
[  660.059788][T16778]  dump_stack_lvl+0x16c/0x1f0
[  660.059825][T16778]  should_fail_ex+0x50a/0x650
[  660.059852][T16778]  ? fs_reclaim_acquire+0xae/0x150
[  660.059886][T16778]  should_failslab+0xc2/0x120
[  660.059914][T16778]  __kmalloc_node_noprof+0xd1/0x520
[  660.059941][T16778]  ? __pfx_lock_release+0x10/0x10
[  660.059967][T16778]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  660.059993][T16778]  __kvmalloc_node_noprof+0xad/0x1a0
[  660.060017][T16778]  seq_read_iter+0x82a/0x12b0
[  660.060049][T16778]  ? __mutex_trylock_common+0xea/0x250
[  660.060079][T16778]  ? apparmor_file_permission+0x251/0x400
[  660.060113][T16778]  ? bpf_lsm_file_permission+0x9/0x10
[  660.060143][T16778]  proc_reg_read_iter+0x21d/0x310
[  660.060169][T16778]  vfs_read+0x886/0xbf0
[  660.060194][T16778]  ? __pfx_vfs_read+0x10/0x10
[  660.060224][T16778]  ksys_read+0x12b/0x250
[  660.060246][T16778]  ? __pfx_ksys_read+0x10/0x10
[  660.060276][T16778]  ? rcu_is_watching+0x12/0xc0
[  660.060308][T16778]  ? rcu_is_watching+0x12/0xc0
[  660.060341][T16778]  do_syscall_64+0xcd/0x250
[  660.060364][T16778]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  660.060394][T16778] RIP: 0033:0x7f243a78cde9
[  660.060411][T16778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  660.060433][T16778] RSP: 002b:00007f243b6ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  660.060454][T16778] RAX: ffffffffffffffda RBX: 00007f243a9a5fa0 RCX: 00007f243a78cde9
[  660.060470][T16778] RDX: 0000000000000082 RSI: 00002000000018c0 RDI: 0000000000000003
[  660.060485][T16778] RBP: 00007f243b6ae090 R08: 0000000000000000 R09: 0000000000000000
[  660.060499][T16778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  660.060513][T16778] R13: 0000000000000000 R14: 00007f243a9a5fa0 R15: 00007ffca7ff0348
[  660.060535][T16778]  </TASK>
[  660.659662][T16764] bridge0: port 1(bridge_slave_0) entered blocking state
[  660.666821][T16764] bridge0: port 1(bridge_slave_0) entered disabled state
[  660.679555][T16764] bridge_slave_0: entered allmulticast mode
[  660.696540][T16764] bridge_slave_0: entered promiscuous mode
[  660.707399][T16764] bridge0: port 2(bridge_slave_1) entered blocking state
[  660.726033][T16764] bridge0: port 2(bridge_slave_1) entered disabled state
[  660.738616][T16764] bridge_slave_1: entered allmulticast mode
[  660.747065][T16764] bridge_slave_1: entered promiscuous mode
[  660.790329][T16764] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  660.829365][T16764] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  660.940336][T16764] team0: Port device team_slave_0 added
[  660.950512][T16764] team0: Port device team_slave_1 added
[  661.095276][T16764] batman_adv: batadv0: Adding interface: batadv_slave_0
[  661.109902][T16764] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  661.148435][T16764] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  661.160775][T16764] batman_adv: batadv0: Adding interface: batadv_slave_1
[  661.167933][T16764] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  661.182509][T16811] netlink: 'syz.4.2850': attribute type 15 has an invalid length.
[  661.208809][T16811] netlink: 'syz.4.2850': attribute type 16 has an invalid length.
[  661.221371][T16811] netlink: 'syz.4.2850': attribute type 17 has an invalid length.
[  661.238868][T16764] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  661.280159][T16812] snd_aloop snd_aloop.0: control 16781581:65535:6:�'x?F���/��zF˷fC���:8 is already present
[  661.338439][T16811] netlink: 'syz.4.2850': attribute type 19 has an invalid length.
[  661.346291][T16811] netlink: 'syz.4.2850': attribute type 27 has an invalid length.
[  661.379055][T16811] netlink: 'syz.4.2850': attribute type 28 has an invalid length.
[  661.410901][T16811] netlink: 'syz.4.2850': attribute type 29 has an invalid length.
[  661.414483][T16764] hsr_slave_0: entered promiscuous mode
[  661.431271][T16764] hsr_slave_1: entered promiscuous mode
[  661.438397][T16811] netlink: 'syz.4.2850': attribute type 30 has an invalid length.
[  661.441006][T16764] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  661.462886][T16764] Cannot create hsr debugfs directory
[  661.480214][T16811] netlink: 18 bytes leftover after parsing attributes in process `syz.4.2850'.
[  661.628617][ T5840] Bluetooth: hci3: command tx timeout
[  661.873928][T16764] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  661.943488][T16764] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  661.991204][T16764] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  662.023628][T16764] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  662.225351][T16834] FAULT_INJECTION: forcing a failure.
[  662.225351][T16834] name failslab, interval 1, probability 0, space 0, times 0
[  662.258614][T16834] CPU: 1 UID: 0 PID: 16834 Comm: syz.0.2852 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  662.258646][T16834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  662.258659][T16834] Call Trace:
[  662.258676][T16834]  <TASK>
[  662.258684][T16834]  dump_stack_lvl+0x16c/0x1f0
[  662.258723][T16834]  should_fail_ex+0x50a/0x650
[  662.258751][T16834]  ? fs_reclaim_acquire+0xae/0x150
[  662.258785][T16834]  should_failslab+0xc2/0x120
[  662.258813][T16834]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  662.258839][T16834]  ? vma_merge_new_range+0x40a/0xbb0
[  662.258864][T16834]  ? vm_area_alloc+0xe0/0x1c0
[  662.258895][T16834]  vm_area_alloc+0xe0/0x1c0
[  662.258922][T16834]  ? __pfx_hugetlb_vm_op_close+0x10/0x10
[  662.258954][T16834]  __mmap_region+0x108d/0x2760
[  662.258981][T16834]  ? bpf_ksym_find+0x124/0x1c0
[  662.259012][T16834]  ? __pfx___mmap_region+0x10/0x10
[  662.259039][T16834]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  662.259076][T16834]  ? unwind_get_return_address+0x59/0xa0
[  662.259108][T16834]  ? arch_stack_walk+0xa7/0x100
[  662.259152][T16834]  ? _parse_integer_limit+0x17f/0x1d0
[  662.259192][T16834]  ? cap_capable+0xb3/0x250
[  662.259227][T16834]  mmap_region+0x1ab/0x3f0
[  662.259255][T16834]  do_mmap+0xd8d/0x11b0
[  662.259280][T16834]  ? __pfx_do_mmap+0x10/0x10
[  662.259302][T16834]  ? __pfx_down_write_killable+0x10/0x10
[  662.259329][T16834]  vm_mmap_pgoff+0x203/0x3a0
[  662.259355][T16834]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  662.259379][T16834]  ? __x64_sys_openat+0x104/0x210
[  662.259413][T16834]  ksys_mmap_pgoff+0x7d/0x5c0
[  662.259433][T16834]  ? __pfx_ksys_write+0x10/0x10
[  662.259457][T16834]  __x64_sys_mmap+0x125/0x190
[  662.259489][T16834]  do_syscall_64+0xcd/0x250
[  662.259511][T16834]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  662.259540][T16834] RIP: 0033:0x7fdfec18cde9
[  662.259558][T16834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  662.259580][T16834] RSP: 002b:00007fdfecf7e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  662.259601][T16834] RAX: ffffffffffffffda RBX: 00007fdfec3a6160 RCX: 00007fdfec18cde9
[  662.259617][T16834] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000
[  662.259631][T16834] RBP: 00007fdfecf7e090 R08: 0000000000000002 R09: 0000000000008000
[  662.259646][T16834] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000001
[  662.259659][T16834] R13: 0000000000000000 R14: 00007fdfec3a6160 R15: 00007fff897f1438
[  662.259680][T16834]  </TASK>
[  663.111747][T16764] 8021q: adding VLAN 0 to HW filter on device bond0
[  663.171857][T16764] 8021q: adding VLAN 0 to HW filter on device team0
[  663.184809][ T3563] bridge0: port 1(bridge_slave_0) entered blocking state
[  663.191973][ T3563] bridge0: port 1(bridge_slave_0) entered forwarding state
[  663.230802][ T3563] bridge0: port 2(bridge_slave_1) entered blocking state
[  663.237917][ T3563] bridge0: port 2(bridge_slave_1) entered forwarding state
[  663.267807][T16764] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  663.300730][T16764] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  663.461691][T16846] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2857'.
[  663.616124][T16764] 8021q: adding VLAN 0 to HW filter on device batadv0
[  663.710691][ T5840] Bluetooth: hci3: command tx timeout
[  663.996359][T16862] netlink: 'syz.1.2859': attribute type 11 has an invalid length.
[  664.089154][T16764] veth0_vlan: entered promiscuous mode
[  664.115741][T16764] veth1_vlan: entered promiscuous mode
[  664.193170][T16764] veth0_macvtap: entered promiscuous mode
[  664.221133][T16764] veth1_macvtap: entered promiscuous mode
[  664.315460][ T9626] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  664.380355][T16764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  664.417271][T16764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  664.441429][T16764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  664.461459][T16764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  664.482509][T16764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  664.518812][T16764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  664.557405][T16764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  664.598391][T16764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  664.608250][T16764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  664.658440][T16764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  664.704632][T16764] batman_adv: batadv0: Interface activated: batadv_slave_0
[  664.771599][ T9626] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  664.817436][T16764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  664.859080][T16764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  664.888421][T16764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  664.919859][T16764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  664.950424][T16764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  664.971024][T16764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  664.990544][T16764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  665.015040][T16764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  665.060671][T16764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  665.076634][T16764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  665.103034][T16764] batman_adv: batadv0: Interface activated: batadv_slave_1
[  665.121584][T16764] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  665.138188][T16764] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  665.157382][T16764] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  665.188799][T16764] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  665.232790][ T9626] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  665.411777][ T9626] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  665.629854][T16764] ieee80211 phy28: Selected rate control algorithm 'minstrel_ht'
[  665.691352][ T9626] bridge_slave_1: left allmulticast mode
[  665.697075][ T9626] bridge_slave_1: left promiscuous mode
[  665.715710][ T9626] bridge0: port 2(bridge_slave_1) entered disabled state
[  665.744998][ T9626] bridge_slave_0: left allmulticast mode
[  665.751666][ T9626] bridge_slave_0: left promiscuous mode
[  665.764687][ T9626] bridge0: port 1(bridge_slave_0) entered disabled state
[  665.789423][ T5840] Bluetooth: hci3: command tx timeout
[  666.013381][ T9626] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  666.037131][ T9626] bond0 (unregistering): Released all slaves
[  666.242493][T16764] ieee80211 phy29: Selected rate control algorithm 'minstrel_ht'
[  666.250483][ T4508] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  666.258302][ T4508] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  666.347945][ T3563] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  666.371770][ T3563] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  666.581246][ T9626] hsr_slave_0: left promiscuous mode
[  666.608462][ T9626] hsr_slave_1: left promiscuous mode
[  666.634933][ T9626] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  666.659572][ T9626] batman_adv: batadv0: Removing interface: batadv_slave_0
[  666.675327][ T9626] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  666.689989][ T9626] batman_adv: batadv0: Removing interface: batadv_slave_1
[  666.722456][ T9626] veth1_macvtap: left promiscuous mode
[  666.728169][ T9626] veth0_macvtap: left promiscuous mode
[  666.735578][ T9626] veth1_vlan: left promiscuous mode
[  666.741035][ T9626] veth0_vlan: left promiscuous mode
[  666.925083][ T9626] team0 (unregistering): Port device team_slave_1 removed
[  666.945537][ T9626] team0 (unregistering): Port device team_slave_0 removed
[  667.025435][T16924] ieee80211 phy30: Selected rate control algorithm 'minstrel_ht'
[  667.868520][ T5840] Bluetooth: hci3: command tx timeout
[  668.114348][T16960] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2875'.
[  668.230433][T16981] FAULT_INJECTION: forcing a failure.
[  668.230433][T16981] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  668.407851][T16981] CPU: 1 UID: 0 PID: 16981 Comm: syz.5.2877 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  668.407889][T16981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  668.407903][T16981] Call Trace:
[  668.407910][T16981]  <TASK>
[  668.407919][T16981]  dump_stack_lvl+0x16c/0x1f0
[  668.407957][T16981]  should_fail_ex+0x50a/0x650
[  668.407983][T16981]  ? __pfx___might_resched+0x10/0x10
[  668.408014][T16981]  should_fail_alloc_page+0xe7/0x130
[  668.408044][T16981]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  668.408081][T16981]  __alloc_frozen_pages_noprof+0x18e/0x2470
[  668.408108][T16981]  ? arch_stack_walk+0xa7/0x100
[  668.408145][T16981]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  668.408173][T16981]  ? stack_trace_save+0x95/0xd0
[  668.408195][T16981]  ? rcu_is_watching+0x12/0xc0
[  668.408227][T16981]  ? lock_release+0x4e2/0x6f0
[  668.408253][T16981]  ? trace_lock_acquire+0x14e/0x1f0
[  668.408274][T16981]  ? kasan_save_stack+0x42/0x60
[  668.408298][T16981]  ? kasan_save_stack+0x33/0x60
[  668.408321][T16981]  ? ima_match_policy+0x134/0x2290
[  668.408356][T16981]  ? lock_acquire+0x2f/0xb0
[  668.408379][T16981]  ? ima_match_policy+0x134/0x2290
[  668.408408][T16981]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  668.408436][T16981]  ? policy_nodemask+0xea/0x4e0
[  668.408463][T16981]  alloc_pages_mpol+0x1fc/0x540
[  668.408490][T16981]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  668.408515][T16981]  ? rcu_is_watching+0x12/0xc0
[  668.408546][T16981]  ? lock_release+0x4e2/0x6f0
[  668.408570][T16981]  ? finish_task_switch.isra.0+0x212/0xcc0
[  668.408601][T16981]  folio_alloc_mpol_noprof+0x36/0x2f0
[  668.408640][T16981]  vma_alloc_folio_noprof+0xee/0x1b0
[  668.408670][T16981]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  668.408701][T16981]  ? trace_lock_acquire+0x14e/0x1f0
[  668.408723][T16981]  ? rcu_is_watching+0x12/0xc0
[  668.408756][T16981]  do_pte_missing+0x202f/0x3e10
[  668.408786][T16981]  __handle_mm_fault+0x1166/0x2c60
[  668.408815][T16981]  ? __pfx___handle_mm_fault+0x10/0x10
[  668.408852][T16981]  handle_mm_fault+0x3fa/0xaa0
[  668.408880][T16981]  do_user_addr_fault+0x7a3/0x13f0
[  668.408911][T16981]  exc_page_fault+0x5c/0xc0
[  668.408942][T16981]  asm_exc_page_fault+0x26/0x30
[  668.408972][T16981] RIP: 0010:rep_movs_alternative+0x4a/0x70
[  668.409001][T16981] Code: 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 <f3> a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1
[  668.409023][T16981] RSP: 0018:ffffc9000d37fb20 EFLAGS: 00050206
[  668.409043][T16981] RAX: 0000000000000001 RBX: 00002000000018c0 RCX: 0000000000000082
[  668.409058][T16981] RDX: ffffed10036fc811 RSI: ffff88801b7e4000 RDI: 00002000000018c0
[  668.409074][T16981] RBP: ffffc9000d37fda0 R08: 0000000000000000 R09: ffffed10036fc810
[  668.409090][T16981] R10: ffff88801b7e4081 R11: 0000000000000000 R12: 0000200000001942
[  668.409105][T16981] R13: 00007ffffffff000 R14: ffff88801b7e4000 R15: 0000000000000082
[  668.409127][T16981]  _copy_to_iter+0x384/0x1400
[  668.409158][T16981]  ? trace_lock_acquire+0x14e/0x1f0
[  668.409180][T16981]  ? __virt_addr_valid+0x1a4/0x590
[  668.409202][T16981]  ? __pfx__copy_to_iter+0x10/0x10
[  668.409230][T16981]  ? __virt_addr_valid+0x1a4/0x590
[  668.409253][T16981]  ? __virt_addr_valid+0x5e/0x590
[  668.409274][T16981]  ? __phys_addr_symbol+0x30/0x80
[  668.409306][T16981]  ? __check_object_size+0x488/0x710
[  668.409336][T16981]  seq_read_iter+0xd00/0x12b0
[  668.409374][T16981]  proc_reg_read_iter+0x21d/0x310
[  668.409400][T16981]  vfs_read+0x886/0xbf0
[  668.409425][T16981]  ? __pfx_vfs_read+0x10/0x10
[  668.409455][T16981]  ksys_read+0x12b/0x250
[  668.409476][T16981]  ? __pfx_ksys_read+0x10/0x10
[  668.409499][T16981]  ? rcu_is_watching+0x12/0xc0
[  668.409530][T16981]  ? rcu_is_watching+0x12/0xc0
[  668.409562][T16981]  do_syscall_64+0xcd/0x250
[  668.409584][T16981]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  668.409620][T16981] RIP: 0033:0x7f624df8cde9
[  668.409638][T16981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  668.409660][T16981] RSP: 002b:00007f624ed87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  668.409681][T16981] RAX: ffffffffffffffda RBX: 00007f624e1a5fa0 RCX: 00007f624df8cde9
[  668.409697][T16981] RDX: 0000000000000082 RSI: 00002000000018c0 RDI: 0000000000000003
[  668.409711][T16981] RBP: 00007f624ed87090 R08: 0000000000000000 R09: 0000000000000000
[  668.409726][T16981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  668.409740][T16981] R13: 0000000000000000 R14: 00007f624e1a5fa0 R15: 00007fffc19248c8
[  668.409762][T16981]  </TASK>
[  669.395805][T17007] usb usb15: usbfs: interface 0 claimed by hub while 'syz.4.2884' sets config #5
[  670.023345][T17046] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2892'.
[  670.145819][T17054] netlink: 334 bytes leftover after parsing attributes in process `syz.0.2894'.
[  670.161082][T17037] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2890'.
[  670.401944][T17061] FAULT_INJECTION: forcing a failure.
[  670.401944][T17061] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  670.478874][T17061] CPU: 1 UID: 0 PID: 17061 Comm: syz.1.2895 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  670.478909][T17061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  670.478922][T17061] Call Trace:
[  670.478930][T17061]  <TASK>
[  670.478939][T17061]  dump_stack_lvl+0x16c/0x1f0
[  670.478976][T17061]  should_fail_ex+0x50a/0x650
[  670.479005][T17061]  _copy_to_user+0x32/0xd0
[  670.479036][T17061]  simple_read_from_buffer+0xd0/0x160
[  670.479070][T17061]  proc_fail_nth_read+0x198/0x270
[  670.479101][T17061]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  670.479131][T17061]  ? security_file_permission+0x71/0x210
[  670.479158][T17061]  ? rw_verify_area+0xcf/0x680
[  670.479198][T17061]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  670.479235][T17061]  vfs_read+0x1df/0xbf0
[  670.479256][T17061]  ? __fget_files+0x1fc/0x3a0
[  670.479280][T17061]  ? __pfx___mutex_lock+0x10/0x10
[  670.479312][T17061]  ? __pfx_vfs_read+0x10/0x10
[  670.479338][T17061]  ? __fget_files+0x206/0x3a0
[  670.479364][T17061]  ksys_read+0x12b/0x250
[  670.479385][T17061]  ? __pfx_ksys_read+0x10/0x10
[  670.479407][T17061]  ? rcu_is_watching+0x12/0xc0
[  670.479439][T17061]  ? rcu_is_watching+0x12/0xc0
[  670.479472][T17061]  do_syscall_64+0xcd/0x250
[  670.479493][T17061]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  670.479524][T17061] RIP: 0033:0x7f3976b8b7fc
[  670.479541][T17061] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  670.479563][T17061] RSP: 002b:00007f3977959030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  670.479585][T17061] RAX: ffffffffffffffda RBX: 00007f3976da5fa0 RCX: 00007f3976b8b7fc
[  670.479601][T17061] RDX: 000000000000000f RSI: 00007f39779590a0 RDI: 0000000000000004
[  670.479615][T17061] RBP: 00007f3977959090 R08: 0000000000000000 R09: 0000000000000000
[  670.479629][T17061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  670.479643][T17061] R13: 0000000000000000 R14: 00007f3976da5fa0 R15: 00007fff1782c5d8
[  670.479665][T17061]  </TASK>
[  671.075848][T17080] kernel read not supported for file /P��r��	^�!��8���;�n�~Z�����J�p����-�����v<)�R�_�Wta���kG��6hmD�|v�Q (pid: 17080 comm: syz.1.2899)
[  671.129535][   T29] audit: type=1800 audit(8277292418.768:35): pid=17080 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2899" name=5002B9D50272BCD0095EC0217FC0DD38B080FA3B97056EF47E5A05F1EFD1F108D94A9B70DFE7CD1F842DBB05A5B8FCF7763C29DD5202D80D5F03E78E577461FABDAF066B47F7AA361C680B6D44FC7C76D451 dev="mqueue" ino=58790 res=0 errno=0
[  671.168628][T17072] usb usb15: usbfs: interface 0 claimed by hub while 'syz.5.2898' sets config #5
[  671.296578][T17087] netlink: 'syz.4.2903': attribute type 15 has an invalid length.
[  671.318540][T17087] netlink: 'syz.4.2903': attribute type 16 has an invalid length.
[  671.326614][T17087] netlink: 'syz.4.2903': attribute type 17 has an invalid length.
[  671.352444][T17087] netlink: 'syz.4.2903': attribute type 19 has an invalid length.
[  671.371242][T17087] netlink: 'syz.4.2903': attribute type 27 has an invalid length.
[  671.391049][T17087] netlink: 'syz.4.2903': attribute type 28 has an invalid length.
[  671.402143][T17087] netlink: 'syz.4.2903': attribute type 29 has an invalid length.
[  671.423591][T17087] netlink: 'syz.4.2903': attribute type 30 has an invalid length.
[  671.450076][T17087] netlink: 18 bytes leftover after parsing attributes in process `syz.4.2903'.
[  674.003727][T17201] netlink: 'syz.1.2923': attribute type 15 has an invalid length.
[  674.080028][T17201] netlink: 'syz.1.2923': attribute type 16 has an invalid length.
[  674.098593][T17201] netlink: 18 bytes leftover after parsing attributes in process `syz.1.2923'.
[  675.447477][T17256] netlink: 18 bytes leftover after parsing attributes in process `syz.0.2934'.
[  676.002150][T17276] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2939'.
[  676.582440][T17306] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2946'.
[  677.240961][T17326] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2954'.
[  677.562832][T17329] Process accounting resumed
[  678.124832][T17365] usb usb15: usbfs: interface 0 claimed by hub while 'syz.1.2967' sets config #5
[  678.410665][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  678.418291][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  678.427388][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  678.443983][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  678.451458][   T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  678.459110][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  678.796610][T17373] chnl_net:caif_netlink_parms(): no params data found
[  678.907379][T17373] bridge0: port 1(bridge_slave_0) entered blocking state
[  678.919527][T17373] bridge0: port 1(bridge_slave_0) entered disabled state
[  678.938554][T17373] bridge_slave_0: entered allmulticast mode
[  678.945354][T17373] bridge_slave_0: entered promiscuous mode
[  678.952687][T17373] bridge0: port 2(bridge_slave_1) entered blocking state
[  678.960241][T17373] bridge0: port 2(bridge_slave_1) entered disabled state
[  678.967700][T17373] bridge_slave_1: entered allmulticast mode
[  678.974465][T17373] bridge_slave_1: entered promiscuous mode
[  679.007078][T17373] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  679.018204][T17373] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  679.052211][T17373] team0: Port device team_slave_0 added
[  679.060983][T17373] team0: Port device team_slave_1 added
[  679.083679][T17373] batman_adv: batadv0: Adding interface: batadv_slave_0
[  679.100673][T17373] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  679.131895][T17373] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  679.144098][T17373] batman_adv: batadv0: Adding interface: batadv_slave_1
[  679.185091][T17373] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  679.217809][T17373] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  679.234228][T17405] usb usb15: usbfs: interface 0 claimed by hub while 'syz.1.2978' sets config #5
[  679.273921][T17373] hsr_slave_0: entered promiscuous mode
[  679.280640][T17373] hsr_slave_1: entered promiscuous mode
[  679.287649][T17373] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  679.300560][T17373] Cannot create hsr debugfs directory
[  679.449680][T17373] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  679.557889][T17373] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  679.614415][T17414] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2983'.
[  679.635968][T17420] netlink: 338 bytes leftover after parsing attributes in process `syz.5.2984'.
[  679.662946][T17373] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  679.761510][T17373] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  679.975669][T17373] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  680.011951][T17373] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  680.024067][T17430] usb usb15: usbfs: interface 0 claimed by hub while 'syz.1.2987' sets config #5
[  680.041563][T17373] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  680.075025][T17373] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  680.451722][T17373] 8021q: adding VLAN 0 to HW filter on device bond0
[  680.466419][T17373] 8021q: adding VLAN 0 to HW filter on device team0
[  680.476824][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  680.483953][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  680.508543][ T5840] Bluetooth: hci1: command tx timeout
[  680.545580][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  680.552713][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  680.992968][T17373] 8021q: adding VLAN 0 to HW filter on device batadv0
[  681.773466][T17373] veth0_vlan: entered promiscuous mode
[  681.785070][T17373] veth1_vlan: entered promiscuous mode
[  681.840656][T17473] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2993'.
[  681.898306][T17373] veth0_macvtap: entered promiscuous mode
[  682.057524][T17373] veth1_macvtap: entered promiscuous mode
[  682.114407][T17373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  682.131236][T17373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  682.220049][T17373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  682.230742][T17373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  682.240850][T17373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  682.251369][T17373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  682.263123][T17373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  682.274647][T17373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  682.285721][T17373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  682.298448][T17373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  682.309358][T17373] batman_adv: batadv0: Interface activated: batadv_slave_0
[  682.340896][T17373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  682.368510][T17373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  682.379067][T17373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  682.391505][T17373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  682.402637][T17373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  682.424301][T17373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  682.434678][T17373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  682.454601][T17373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  682.465018][T17373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  682.498467][T17373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  682.523398][T17373] batman_adv: batadv0: Interface activated: batadv_slave_1
[  682.545712][T17373] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  682.568671][T17373] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  682.577410][T17373] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  682.588592][ T5840] Bluetooth: hci1: command tx timeout
[  682.608468][T17373] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  682.670313][T17373] ieee80211 phy31: Selected rate control algorithm 'minstrel_ht'
[  682.731331][T17373] ieee80211 phy32: Selected rate control algorithm 'minstrel_ht'
[  682.739395][ T9630] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  682.747215][ T9630] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  682.793736][T10328] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  682.811994][T10328] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  683.735600][T17516] validate_nla: 14 callbacks suppressed
[  683.735622][T17516] netlink: 'syz.5.3000': attribute type 15 has an invalid length.
[  683.770019][T17516] netlink: 'syz.5.3000': attribute type 16 has an invalid length.
[  683.788497][T17516] netlink: 'syz.5.3000': attribute type 17 has an invalid length.
[  683.796345][T17516] netlink: 'syz.5.3000': attribute type 19 has an invalid length.
[  683.843103][T17516] netlink: 'syz.5.3000': attribute type 27 has an invalid length.
[  683.851343][T17516] netlink: 'syz.5.3000': attribute type 28 has an invalid length.
[  683.878855][T17516] netlink: 'syz.5.3000': attribute type 29 has an invalid length.
[  683.889933][T17516] netlink: 'syz.5.3000': attribute type 30 has an invalid length.
[  683.909610][T17516] netlink: 18 bytes leftover after parsing attributes in process `syz.5.3000'.
[  684.668676][ T5840] Bluetooth: hci1: command tx timeout
[  684.974850][T17549] usb usb15: usbfs: interface 0 claimed by hub while 'syz.4.3007' sets config #5
[  685.112875][T17501] kexec: Could not allocate control_code_buffer
[  685.952579][T17583] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3015'.
[  685.995245][T17558] zswap: compressor  not available
[  686.191547][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  686.197867][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  686.603483][T17606] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3020'.
[  686.749601][ T5840] Bluetooth: hci1: command tx timeout
[  687.778574][T17667] usb usb15: usbfs: interface 0 claimed by hub while 'syz.4.3026' sets config #5
[  688.425965][T17682] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3029'.
[  689.426778][T17724] usb usb15: usbfs: interface 0 claimed by hub while 'syz.0.3037' sets config #5
[  689.540304][T17624] kexec: Could not allocate control_code_buffer
[  689.994341][T17757] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x7fbad2a19 pfn:0x78400
[  690.088544][T17757] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  690.095718][T17757] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[  690.112573][T17757] raw: 00000007fbad2a19 0000000000000000 00000001ffffffff 0000000000000000
[  690.150549][T17757] page dumped because: unmovable page
[  690.155969][T17757] page_owner tracks the page as allocated
[  690.163007][T17757] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), pid 14932, tgid 14932 (syz-executor), ts 570958542926, free_ts 475961350993
[  690.207374][T17757]  post_alloc_hook+0x181/0x1b0
[  690.219161][T17757]  get_page_from_freelist+0xfce/0x2f80
[  690.224887][T17757]  __alloc_frozen_pages_noprof+0x221/0x2470
[  690.238462][T17757]  alloc_pages_mpol+0x1fc/0x540
[  690.243362][T17757]  alloc_pages_noprof+0x131/0x390
[  690.288509][T17757]  __vmalloc_node_range_noprof+0x721/0x1530
[  690.300530][T17757]  vmalloc_user_noprof+0x6b/0x90
[  690.315563][T17757]  kcov_ioctl+0x4c/0x730
[  690.323157][T17757]  __x64_sys_ioctl+0x190/0x200
[  690.327970][T17757]  do_syscall_64+0xcd/0x250
[  690.337065][T17757]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  690.343640][T17757] page last free pid 12809 tgid 12787 stack trace:
[  690.352250][T17757]  free_frozen_pages+0x6db/0xfb0
[  690.357223][T17757]  __folio_put+0x32a/0x450
[  690.364316][T17757]  put_page+0x21e/0x280
[  690.372245][T17757]  skb_release_data+0x4d7/0x730
[  690.377173][T17757]  kfree_skb_list_reason+0x2c6/0x4c0
[  690.382784][T17757]  skb_release_data+0x553/0x730
[  690.399259][T17757]  sk_skb_reason_drop+0x129/0x1a0
[  690.408562][T17757]  kcm_release+0x241/0x760
[  690.413209][T17757]  __sock_release+0xb0/0x270
[  690.432333][T17757]  sock_close+0x1c/0x30
[  690.443025][T17757]  __fput+0x3ff/0xb70
[  690.451253][T17757]  task_work_run+0x14e/0x250
[  690.467831][T17757]  get_signal+0x1d3/0x2610
[  690.507800][T17757]  arch_do_signal_or_restart+0x90/0x7e0
[  690.528881][T17757]  syscall_exit_to_user_mode+0x150/0x2a0
[  690.556073][T17757]  do_syscall_64+0xda/0x250
[  690.698039][T17782] usb usb15: usbfs: interface 0 claimed by hub while 'syz.0.3049' sets config #5
[  692.185906][T17818] FAULT_INJECTION: forcing a failure.
[  692.185906][T17818] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  692.213121][T17818] CPU: 1 UID: 0 PID: 17818 Comm: syz.1.3060 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  692.213154][T17818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  692.213167][T17818] Call Trace:
[  692.213175][T17818]  <TASK>
[  692.213183][T17818]  dump_stack_lvl+0x16c/0x1f0
[  692.213220][T17818]  should_fail_ex+0x50a/0x650
[  692.213246][T17818]  ? __pfx___might_resched+0x10/0x10
[  692.213277][T17818]  should_fail_alloc_page+0xe7/0x130
[  692.213307][T17818]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  692.213344][T17818]  __alloc_frozen_pages_noprof+0x18e/0x2470
[  692.213372][T17818]  ? __page_table_check_zero+0x2d7/0x360
[  692.213402][T17818]  ? post_alloc_hook+0x171/0x1b0
[  692.213426][T17818]  ? get_page_from_freelist+0xfce/0x2f80
[  692.213451][T17818]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  692.213478][T17818]  ? rcu_is_watching+0x12/0xc0
[  692.213510][T17818]  ? find_next_iomem_res+0x3fb/0x4f0
[  692.213542][T17818]  ? __pfx_lock_release+0x10/0x10
[  692.213567][T17818]  ? trace_lock_acquire+0x14e/0x1f0
[  692.213589][T17818]  ? lock_acquire+0x2f/0xb0
[  692.213613][T17818]  ? find_next_iomem_res+0x54/0x4f0
[  692.213644][T17818]  ? do_raw_read_unlock+0x44/0xe0
[  692.213674][T17818]  ? _raw_read_unlock+0x28/0x50
[  692.213702][T17818]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  692.213731][T17818]  ? policy_nodemask+0xea/0x4e0
[  692.213758][T17818]  alloc_pages_mpol+0x1fc/0x540
[  692.213785][T17818]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  692.213814][T17818]  alloc_pages_noprof+0x131/0x390
[  692.213841][T17818]  __pmd_alloc+0x3f/0x870
[  692.213864][T17818]  remap_pfn_range_internal+0xb47/0xdb0
[  692.213888][T17818]  ? __pfx_lock_release+0x10/0x10
[  692.213913][T17818]  ? track_pfn_remap+0x2c3/0x490
[  692.213952][T17818]  ? __pfx_remap_pfn_range_internal+0x10/0x10
[  692.213975][T17818]  ? up_write+0x1b2/0x520
[  692.214004][T17818]  remap_pfn_range+0xcb/0x160
[  692.214025][T17818]  ? __pfx_remap_pfn_range+0x10/0x10
[  692.214046][T17818]  ? alloc_pages_noprof+0x23c/0x390
[  692.214074][T17818]  usbdev_mmap+0x7d9/0xb30
[  692.214098][T17818]  ? __pfx_usbdev_mmap+0x10/0x10
[  692.214120][T17818]  ? __raw_spin_lock_init+0x3a/0x110
[  692.214151][T17818]  __mmap_region+0x181f/0x2760
[  692.214177][T17818]  ? bpf_ksym_find+0x124/0x1c0
[  692.214206][T17818]  ? __pfx___mmap_region+0x10/0x10
[  692.214231][T17818]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  692.214268][T17818]  ? unwind_get_return_address+0x59/0xa0
[  692.214299][T17818]  ? arch_stack_walk+0xa7/0x100
[  692.214334][T17818]  ? _parse_integer_limit+0x17f/0x1d0
[  692.214371][T17818]  ? aa_file_perm+0x4d5/0xfe0
[  692.214400][T17818]  mmap_region+0x32b/0x3f0
[  692.214427][T17818]  do_mmap+0xd8d/0x11b0
[  692.214450][T17818]  ? __pfx_do_mmap+0x10/0x10
[  692.214470][T17818]  ? __pfx_down_write_killable+0x10/0x10
[  692.214495][T17818]  vm_mmap_pgoff+0x203/0x3a0
[  692.214519][T17818]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  692.214543][T17818]  ? __fget_files+0x206/0x3a0
[  692.214568][T17818]  ksys_mmap_pgoff+0x32c/0x5c0
[  692.214589][T17818]  ? __pfx_ksys_write+0x10/0x10
[  692.214613][T17818]  __x64_sys_mmap+0x125/0x190
[  692.214644][T17818]  do_syscall_64+0xcd/0x250
[  692.214667][T17818]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  692.214697][T17818] RIP: 0033:0x7f3976b8cde9
[  692.214715][T17818] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  692.214738][T17818] RSP: 002b:00007f3977959038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  692.214760][T17818] RAX: ffffffffffffffda RBX: 00007f3976da5fa0 RCX: 00007f3976b8cde9
[  692.214776][T17818] RDX: 0000000000000008 RSI: 0000000000000009 RDI: 0000000000002000
[  692.214790][T17818] RBP: 00007f3977959090 R08: 0000000000000003 R09: 0000000000000000
[  692.214804][T17818] R10: 0008000000008011 R11: 0000000000000246 R12: 0000000000000001
[  692.214818][T17818] R13: 0000000000000000 R14: 00007f3976da5fa0 R15: 00007fff1782c5d8
[  692.214839][T17818]  </TASK>
[  692.214931][T17818] ------------[ cut here ]------------
[  692.605017][T17818] WARNING: CPU: 1 PID: 17818 at arch/x86/mm/pat/memtype.c:983 get_pat_info+0x2c1/0x320
[  692.614743][T17818] Modules linked in:
[  692.618686][T17818] CPU: 1 UID: 0 PID: 17818 Comm: syz.1.3060 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  692.629655][T17818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  692.639859][T17818] RIP: 0010:get_pat_info+0x2c1/0x320
[  692.645181][T17818] Code: 49 89 1c 24 e9 0f ff ff ff e8 bb b6 4d 00 90 0f 0b 90 e9 ff fd ff ff 4c 89 ef e8 5a 98 b0 00 e9 f0 fe ff ff e8 a0 b6 4d 00 90 <0f> 0b 90 bb ea ff ff ff e9 e3 fe ff ff 4c 89 ff e8 4a 97 b0 00 e9
[  692.664868][T17818] RSP: 0018:ffffc9000d39f418 EFLAGS: 00010293
[  692.671067][T17818] RAX: 0000000000000000 RBX: ffff88804679eaa8 RCX: ffffffff816b35a4
[  692.679118][T17818] RDX: ffff88807d1c9e00 RSI: ffffffff816b3620 RDI: 0000000000000007
[  692.687103][T17818] RBP: 1ffff92001a73e84 R08: 0000000000000007 R09: 0000000000000020
[  692.695122][T17818] R10: 0000000000000028 R11: fffffffffffde1e0 R12: ffffc9000d39f520
[  692.703141][T17818] R13: 0000000000000000 R14: 0000000000000028 R15: ffff88804679eac8
[  692.711165][T17818] FS:  00007f39779596c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  692.720152][T17818] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  692.726931][T17818] CR2: 0000001b315a9ff8 CR3: 000000003555e000 CR4: 00000000003526f0
[  692.735077][T17818] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  692.743130][T17818] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  692.751265][T17818] Call Trace:
[  692.754557][T17818]  <TASK>
[  692.757506][T17818]  ? __warn+0xea/0x3c0
[  692.761635][T17818]  ? get_pat_info+0x2c1/0x320
[  692.766340][T17818]  ? report_bug+0x3c0/0x580
[  692.770926][T17818]  ? handle_bug+0x54/0xa0
[  692.775293][T17818]  ? exc_invalid_op+0x17/0x50
[  692.780042][T17818]  ? asm_exc_invalid_op+0x1a/0x20
[  692.785093][T17818]  ? get_pat_info+0x244/0x320
[  692.789849][T17818]  ? get_pat_info+0x2c0/0x320
[  692.794552][T17818]  ? get_pat_info+0x2c1/0x320
[  692.799289][T17818]  ? get_pat_info+0x2c0/0x320
[  692.803991][T17818]  ? __pfx_get_pat_info+0x10/0x10
[  692.809077][T17818]  ? do_raw_read_unlock+0x44/0xe0
[  692.814126][T17818]  ? _raw_read_unlock+0x28/0x50
[  692.819045][T17818]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  692.825126][T17818]  untrack_pfn+0xf7/0x4d0
[  692.829668][T17818]  ? __pfx_untrack_pfn+0x10/0x10
[  692.834636][T17818]  ? lock_release+0x4e2/0x6f0
[  692.839370][T17818]  ? zap_page_range_single+0x302/0x550
[  692.844857][T17818]  ? __pfx_lock_release+0x10/0x10
[  692.849937][T17818]  ? uprobe_munmap+0x20/0x5c0
[  692.854639][T17818]  ? trace_lock_acquire+0x14e/0x1f0
[  692.859909][T17818]  unmap_single_vma+0x1bd/0x2b0
[  692.864797][T17818]  zap_page_range_single+0x321/0x550
[  692.870150][T17818]  ? __pfx_zap_page_range_single+0x10/0x10
[  692.875991][T17818]  ? remap_pfn_range_internal+0xadb/0xdb0
[  692.881772][T17818]  ? track_pfn_remap+0x2c3/0x490
[  692.886742][T17818]  remap_pfn_range+0x130/0x160
[  692.891571][T17818]  ? __pfx_remap_pfn_range+0x10/0x10
[  692.896872][T17818]  ? alloc_pages_noprof+0x23c/0x390
[  692.902155][T17818]  usbdev_mmap+0x7d9/0xb30
[  692.906592][T17818]  ? __pfx_usbdev_mmap+0x10/0x10
[  692.911836][T17818]  ? __raw_spin_lock_init+0x3a/0x110
[  692.917155][T17818]  __mmap_region+0x181f/0x2760
[  692.921999][T17818]  ? bpf_ksym_find+0x124/0x1c0
[  692.926789][T17818]  ? __pfx___mmap_region+0x10/0x10
[  692.932113][T17818]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  692.938554][T17818]  ? unwind_get_return_address+0x59/0xa0
[  692.944221][T17818]  ? arch_stack_walk+0xa7/0x100
[  692.949153][T17818]  ? _parse_integer_limit+0x17f/0x1d0
[  692.954563][T17818]  ? aa_file_perm+0x4d5/0xfe0
[  692.959301][T17818]  mmap_region+0x32b/0x3f0
[  692.963747][T17818]  do_mmap+0xd8d/0x11b0
[  692.967923][T17818]  ? __pfx_do_mmap+0x10/0x10
[  692.972565][T17818]  ? __pfx_down_write_killable+0x10/0x10
[  692.978220][T17818]  vm_mmap_pgoff+0x203/0x3a0
[  692.982869][T17818]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  692.988006][T17818]  ? __fget_files+0x206/0x3a0
[  692.992756][T17818]  ksys_mmap_pgoff+0x32c/0x5c0
[  692.997531][T17818]  ? __pfx_ksys_write+0x10/0x10
[  693.002417][T17818]  __x64_sys_mmap+0x125/0x190
[  693.007117][T17818]  do_syscall_64+0xcd/0x250
[  693.011693][T17818]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  693.017608][T17818] RIP: 0033:0x7f3976b8cde9
[  693.022071][T17818] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  693.041919][T17818] RSP: 002b:00007f3977959038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  693.050457][T17818] RAX: ffffffffffffffda RBX: 00007f3976da5fa0 RCX: 00007f3976b8cde9
[  693.058499][T17818] RDX: 0000000000000008 RSI: 0000000000000009 RDI: 0000000000002000
[  693.066482][T17818] RBP: 00007f3977959090 R08: 0000000000000003 R09: 0000000000000000
[  693.074629][T17818] R10: 0008000000008011 R11: 0000000000000246 R12: 0000000000000001
[  693.082658][T17818] R13: 0000000000000000 R14: 00007f3976da5fa0 R15: 00007fff1782c5d8
[  693.090669][T17818]  </TASK>
[  693.093677][T17818] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  693.100940][T17818] CPU: 1 UID: 0 PID: 17818 Comm: syz.1.3060 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  693.111693][T17818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  693.121793][T17818] Call Trace:
[  693.125074][T17818]  <TASK>
[  693.128011][T17818]  dump_stack_lvl+0x3d/0x1f0
[  693.132607][T17818]  panic+0x71d/0x800
[  693.136508][T17818]  ? __pfx_panic+0x10/0x10
[  693.140912][T17818]  ? show_trace_log_lvl+0x29d/0x3d0
[  693.146118][T17818]  ? check_panic_on_warn+0x1f/0xb0
[  693.151237][T17818]  ? get_pat_info+0x2c1/0x320
[  693.155930][T17818]  check_panic_on_warn+0xab/0xb0
[  693.160858][T17818]  __warn+0xf6/0x3c0
[  693.164744][T17818]  ? get_pat_info+0x2c1/0x320
[  693.169423][T17818]  report_bug+0x3c0/0x580
[  693.173780][T17818]  handle_bug+0x54/0xa0
[  693.177950][T17818]  exc_invalid_op+0x17/0x50
[  693.182447][T17818]  asm_exc_invalid_op+0x1a/0x20
[  693.187298][T17818] RIP: 0010:get_pat_info+0x2c1/0x320
[  693.192587][T17818] Code: 49 89 1c 24 e9 0f ff ff ff e8 bb b6 4d 00 90 0f 0b 90 e9 ff fd ff ff 4c 89 ef e8 5a 98 b0 00 e9 f0 fe ff ff e8 a0 b6 4d 00 90 <0f> 0b 90 bb ea ff ff ff e9 e3 fe ff ff 4c 89 ff e8 4a 97 b0 00 e9
[  693.212198][T17818] RSP: 0018:ffffc9000d39f418 EFLAGS: 00010293
[  693.218264][T17818] RAX: 0000000000000000 RBX: ffff88804679eaa8 RCX: ffffffff816b35a4
[  693.226231][T17818] RDX: ffff88807d1c9e00 RSI: ffffffff816b3620 RDI: 0000000000000007
[  693.234200][T17818] RBP: 1ffff92001a73e84 R08: 0000000000000007 R09: 0000000000000020
[  693.242170][T17818] R10: 0000000000000028 R11: fffffffffffde1e0 R12: ffffc9000d39f520
[  693.250141][T17818] R13: 0000000000000000 R14: 0000000000000028 R15: ffff88804679eac8
[  693.258111][T17818]  ? get_pat_info+0x244/0x320
[  693.262799][T17818]  ? get_pat_info+0x2c0/0x320
[  693.267479][T17818]  ? get_pat_info+0x2c0/0x320
[  693.272157][T17818]  ? __pfx_get_pat_info+0x10/0x10
[  693.277185][T17818]  ? do_raw_read_unlock+0x44/0xe0
[  693.282212][T17818]  ? _raw_read_unlock+0x28/0x50
[  693.287064][T17818]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  693.292958][T17818]  untrack_pfn+0xf7/0x4d0
[  693.297293][T17818]  ? __pfx_untrack_pfn+0x10/0x10
[  693.302235][T17818]  ? lock_release+0x4e2/0x6f0
[  693.306915][T17818]  ? zap_page_range_single+0x302/0x550
[  693.312381][T17818]  ? __pfx_lock_release+0x10/0x10
[  693.317401][T17818]  ? uprobe_munmap+0x20/0x5c0
[  693.322072][T17818]  ? trace_lock_acquire+0x14e/0x1f0
[  693.327264][T17818]  unmap_single_vma+0x1bd/0x2b0
[  693.332120][T17818]  zap_page_range_single+0x321/0x550
[  693.337411][T17818]  ? __pfx_zap_page_range_single+0x10/0x10
[  693.343223][T17818]  ? remap_pfn_range_internal+0xadb/0xdb0
[  693.348941][T17818]  ? track_pfn_remap+0x2c3/0x490
[  693.353888][T17818]  remap_pfn_range+0x130/0x160
[  693.358647][T17818]  ? __pfx_remap_pfn_range+0x10/0x10
[  693.363934][T17818]  ? alloc_pages_noprof+0x23c/0x390
[  693.369133][T17818]  usbdev_mmap+0x7d9/0xb30
[  693.373548][T17818]  ? __pfx_usbdev_mmap+0x10/0x10
[  693.378483][T17818]  ? __raw_spin_lock_init+0x3a/0x110
[  693.383772][T17818]  __mmap_region+0x181f/0x2760
[  693.388535][T17818]  ? bpf_ksym_find+0x124/0x1c0
[  693.393297][T17818]  ? __pfx___mmap_region+0x10/0x10
[  693.398407][T17818]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  693.404573][T17818]  ? unwind_get_return_address+0x59/0xa0
[  693.410216][T17818]  ? arch_stack_walk+0xa7/0x100
[  693.415073][T17818]  ? _parse_integer_limit+0x17f/0x1d0
[  693.420449][T17818]  ? aa_file_perm+0x4d5/0xfe0
[  693.425124][T17818]  mmap_region+0x32b/0x3f0
[  693.429541][T17818]  do_mmap+0xd8d/0x11b0
[  693.433691][T17818]  ? __pfx_do_mmap+0x10/0x10
[  693.438273][T17818]  ? __pfx_down_write_killable+0x10/0x10
[  693.443903][T17818]  vm_mmap_pgoff+0x203/0x3a0
[  693.448508][T17818]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  693.453631][T17818]  ? __fget_files+0x206/0x3a0
[  693.458307][T17818]  ksys_mmap_pgoff+0x32c/0x5c0
[  693.463061][T17818]  ? __pfx_ksys_write+0x10/0x10
[  693.467908][T17818]  __x64_sys_mmap+0x125/0x190
[  693.472590][T17818]  do_syscall_64+0xcd/0x250
[  693.477091][T17818]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  693.482985][T17818] RIP: 0033:0x7f3976b8cde9
[  693.487392][T17818] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  693.506993][T17818] RSP: 002b:00007f3977959038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  693.515402][T17818] RAX: ffffffffffffffda RBX: 00007f3976da5fa0 RCX: 00007f3976b8cde9
[  693.523366][T17818] RDX: 0000000000000008 RSI: 0000000000000009 RDI: 0000000000002000
[  693.531328][T17818] RBP: 00007f3977959090 R08: 0000000000000003 R09: 0000000000000000
[  693.539291][T17818] R10: 0008000000008011 R11: 0000000000000246 R12: 0000000000000001
[  693.547253][T17818] R13: 0000000000000000 R14: 00007f3976da5fa0 R15: 00007fff1782c5d8
[  693.555225][T17818]  </TASK>
[  693.558473][T17818] Kernel Offset: disabled
[  693.562783][T17818] Rebooting in 86400 seconds..