last executing test programs:

6.253607423s ago: executing program 0 (id=888):
mmap$auto(0x0, 0x771c, 0xfffffffffffffffa, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/input/mice\x00', 0x28100, 0x0)
openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/smaps\x00', 0x101240, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/vidtv.0/i2c-0/i2c-dev/i2c-0/power/control\x00', 0xc0902, 0x0)
mmap$auto(0x8000, 0x8, 0x80008362, 0x6cf80010, 0xffffffffffffffff, 0x8000)
unshare$auto(0x40000080)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
lsm_list_modules$auto(0x0, &(0x7f0000000100)=0xbefc, 0x0)
ioctl$auto(r1, 0x89a0, 0x8)

5.3960315s ago: executing program 0 (id=889):
r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/bus/usb/006/001\x00', 0x40940, 0x0)
mmap$auto(0x2000, 0x9, 0x8, 0x12, r0, 0x4)
munmap$auto(0x0, 0xffffffff)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
bind$auto(0x3, 0x0, 0x6a)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/vhci_hcd.7/usb23/bNumInterfaces\x00', 0x600002, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/transparent_hugepage/khugepaged/max_ptes_shared\x00', 0x20b42, 0x0)
sendfile$auto(r2, r2, 0x0, 0x4f64a1d2)
read$auto(r1, 0x0, 0x20)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x78dd02, 0x0)
writev$auto(r3, &(0x7f00000001c0)={0x0, 0x7}, 0x40003)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/usb/drivers/appletouch/remove_id\x00', 0x18440, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000db, 0xeb1, 0x400, 0x8000)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video6\x00', 0x80383, 0x0)
ioctl$auto(r3, 0x1, r0)
mmap$auto(0x0, 0x10000, 0x4000000000db, 0xeb1, 0x2, 0x8000)
read$auto(r4, 0x0, 0x20)
unshare$auto(0x40000080)
mmap$auto(0x9cf, 0x141d92bf, 0xdf, 0x9b70, 0x2, 0x7fff)
r5 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x82842, 0x85)
read$auto(r5, 0x0, 0x0)
r6 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/rpc/use-gss-proxy\x00', 0x48041, 0x0)
write$auto(r6, 0x0, 0x400000004)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/fail-nth\x00', 0x882, 0x0)
writev$auto(r3, &(0x7f0000000200)={0x0}, 0x3)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS3\x00', 0x44000, 0x0)
syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff)
io_setup$auto(0xffff, &(0x7f0000000580))
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)

4.263762895s ago: executing program 0 (id=893):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x9, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff)
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000)
r4 = socket(0x2, 0x2, 0x0)
getsockopt$auto(r4, 0x0, 0x17, 0xfffffffffffffffc, 0x0)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002dbd7000f9dbdf250100000005000d00100000000500070010000000080009009c781e2108000a000800000014001f0000211e789c0000000a00ffff0000000014002000ff01faffffff00000000000000000000060002000100"], 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x400c004)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
ptrace$auto(0x10, r0, 0x4, 0x7ff)

4.095282343s ago: executing program 2 (id=895):
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x2c201, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
pipe$auto(0x0)
dup2$auto(0x5, 0x4)
splice$auto(0x4, 0x0, 0x2, 0x0, 0x80004001, 0x9)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pci0000:00/0000:00:04.0/numa_node\x00', 0x1a3b02, 0x0)
write$auto(r0, 0x0, 0xd)
write$auto(0x6, 0x0, 0x100000001)

3.382383381s ago: executing program 1 (id=898):
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000003200)=""/64, 0x40)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x2000000000000021, 0x2, 0x10000000000002)
socket(0x2a, 0x2, 0x0)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket(0x3a, 0x3, 0x0)
mlockall$auto(0x7)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x9, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804})
mmap$auto(0xfffffffffffffffc, 0x61, 0x9, 0xfa3d, 0x400, 0x8000)
pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xf5s\x1cJ\x99\x8a>c\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff)
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000)
r7 = socket(0x2, 0x2, 0x0)
r8 = getsockopt$auto(r7, 0x0, 0x17, 0xfffffffffffffffc, 0x0)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002dbd7000f9dbdf250100000005000d00100000000500070010000000080009009c781e2108000a000800000014001f0000211e789c0000000a00ffff0000000014002000ff01faffffff00000000000000000000060002000100"], 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x400c004)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
ptrace$auto(0x10, r2, 0x4, 0x7ff)
r9 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000180), r0)
sendmsg$auto_NL802154_CMD_ASSOCIATE(r3, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="a8030000", @ANYRES16=r9, @ANYBLOB="20002bbd7000fedb0701000000002083", @ANYRES32=r1, @ANYBLOB="040002800c004b00d2b00000000000000800370057000000f05bc05b38fdcf84f1aee3d8e0837f70cf4d981aa154cdacabcd7c4a6d7d1fa87d290af88b15657c6a88a3e33197451369dd0633185b3a80e71ddb210eedd00ae43ac31883e9b52730d95cdb87892425b896bbfc99c2752375c29b8b519e3569873d4f59836a34b08097eac1876972401cff9c1e6f4d20de6a7caa0970fdf2c72f19a130ded95ed83b1f00751a2e6901df7bc37f0ad1c5e1b5fc37bdf146d2c701dc80040086800400128008008400030000001b44db9ab05eebb05be64a22e7b9f383645ccb9d160db1e112e53de0bae6a3123f64252f1fbcb64e0ff67669e66cd9ce84e75c76f4217684859aa7cfc6e854cf8377dece546c1dc0b690195faf8a3383e64202f2a90e92d791b1d180ae788e4234cad9595324a55b9aba0c2a7eb952394ccae9dd2536a7291b9e1bc0fb9981b2949dc48582cf6cb644b16bcd767ba60e93414f4bb63d17bc1089a303bc1e6b05d629d500e2328356b07a78cdeaa55fb3bdbb2c4abcd66a25da24df23124a18f4ef48415859bab8e900dc00c0de8739de08bd67bf24ae339999cc0662254f345b22ad693417bf9102a4dce67eb98d7c13bacd8d222275c7792cc66b3fb216bbfdef6cdccd9da65939366988d86d76cda602811cddd17fdf3aafeffc886beea60da9ed11aac54a78fd086691869ca42be0f45e7edff97f180604a1cfaa76759b1808cab28c2a53d83cd453300b7ab2322651381f010922dcdba00fe1eb35e7c207de56f3bcfa1843f6c1f9f6d90e3da1ee7ad3a6a8b65ad297d08d0ecbc655637059bb8e768157d17e81188f72695baff036b581b866901dfadc40ed1cc701aa95dcb906cd0eb4aa806a52945ea3c5631b000000003ea24926dde458f5e50919e72acd02a917781ab5354142f67380db012579090c0ea7a85b6ad9d7147245a50f7e329ecd494d9e4ce6d79ece62ca68d1352edf2283476229c2fe7a0581fda7c45354a0d705018b402730e967f14c57901cb12bff171f840f2a681379cd60b297d84566bd436678e159787e5f0fa13da3b98eba0923b12ad54a5841159d038362bec7b532680bb3ef90c87d4b7c044975b41bf381afeee06966628e0d9b5a07bafda540386bacf8f8e6c8d5ec1b37aea29d2a835be7291595c48bb0e4f03d8c149028577e2d0402ec3dd9e90a018b555fd52654f660e6e3de861b66804f1431439a050029000100000008002700ffffffff08001d00", @ANYRES32=r8, @ANYBLOB], 0x3a8}, 0x1, 0x0, 0x0, 0x20040000}, 0x8014)
ptrace$auto_PTRACE_GETEVENTMSG(0x4201, r2, 0xf72, 0x0)
r10 = socket(0x2a, 0x2, 0x1)
connect$auto(r10, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x3, 0x4001}, 0x55)
bind$auto(0x3, &(0x7f0000000080)=@sco={0x1f, @none}, 0x6b)

3.137343709s ago: executing program 0 (id=899):
set_mempolicy$auto(0x3, 0x0, 0x9)
mmap$auto(0x0, 0x3, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/events/vmalloc/enable\x00', 0x20e01, 0x0)
r1 = io_uring_setup$auto(0x6, 0x0)
close_range$auto(r1, r0, 0x7fffffff)
r2 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x122640, 0x0)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, 0x0)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x48140, 0x0)
readv$auto(r3, &(0x7f00000000c0)={0x0, 0x5}, 0x3)
ioctl$auto_TIOCVHANGUP2(r3, 0x5437, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
mmap$auto(0x10001, 0x4ea, 0x3, 0xfe, 0xfffffffffffffffa, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0x1010001, 0x100000003)
read$auto(r2, &(0x7f0000000100)='*+/:\x00', 0x8)
read$auto(r4, 0x0, 0x20)
mmap$auto(0xff0f200000000000, 0x400008, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000140), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r5, &(0x7f0000001c00)={0x0, 0x0, &(0x7f0000001bc0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="d8b10657b8bf7ced9b4975252e0cd10665cc316f65dc25ac91d43defc167", @ANYRES16=r2, @ANYBLOB="11d9f0579d441232c90f7b7c6b237bb78c0796820f"], 0x1c}, 0x1, 0x0, 0x0, 0x24000040}, 0x64)
io_uring_setup$auto(0x6, 0x0)
madvise$auto(0x0, 0x200007, 0x19)
shmctl$auto_IPC_STAT(0x1, 0x2, 0x0)
unshare$auto(0x80040000080)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x105c0, 0x0)
madvise$auto(0x150, 0x6, 0x17)
clone$auto(0x2, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x514ab9b8)

3.13631048s ago: executing program 2 (id=900):
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x200440c0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, 0x0, 0x1, 0x0)
sendmsg$auto_MACSEC_CMD_DEL_RXSA(0xffffffffffffffff, 0x0, 0x20004010)
openat$auto_component_list_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00', @ANYRES16=0x0], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0x200000c4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='v'], 0x1ac}}, 0x40000)
r0 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x6, 0x1}, 0x5}, 0x3, 0x0)

2.911421018s ago: executing program 3 (id=901):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001d00), r0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match\x00', 0x20080, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000280)=""/175, 0xaf)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/pids.max\x00', 0xa0942, 0x0)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x0, 0x0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x3, 0x6, 0x0, 0x200000000000001, 0x368e, 0x2, {0x100000000, 0x4}, 0xff, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x8000000c, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3dd)
ustat$auto(0x801, 0x0)
sendmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
sysfs$auto(0x2, 0x23, 0x0)
r4 = socket(0x11, 0xa, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'vxcan1\x00'})
openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/oom_adj\x00', 0x400, 0x0)
r5 = ioctl$auto_TUNSETNOCSUM(0xffffffffffffffff, 0x400454c8, &(0x7f00000001c0)=0x4d)
bpf$auto(0x0, &(0x7f0000000100)=@batch={0x2, 0x9, 0x5, 0x4, 0x7, r5, 0x0, 0x400}, 0x6f4)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x200)
listmount$auto(&(0x7f0000000040)={0x200, @inferred=r1, 0x7f, 0x81, 0x400}, &(0x7f0000000140)=0x10000, 0xf, 0x5)
ioctl$auto_SNDCTL_DSP_SPEED(r2, 0xc0045002, &(0x7f00000000c0))
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
timer_create$auto(0x0, 0x0, 0x0)
timer_create$auto(0x3, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f0000000500)='/sys/kernel/debug/tracing/buffer_subbuf_size_kb\x00', 0x103200, 0x0)

2.258366907s ago: executing program 3 (id=902):
recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000280)={{0x0, 0x1ff, &(0x7f0000000040)={0x0, 0xd}, 0x9, 0x0, 0x80000001, 0x2}, 0x1}, 0x80000000, 0x7956, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0)
ioctl$auto_RTC_RD_TIME(r0, 0x80247009, 0x0)
socket(0xa, 0x2, 0x88)
socket(0x10, 0x2, 0xc)
sendmsg$auto_OVS_VPORT_CMD_NEW(0xffffffffffffffff, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x8100)
sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, 0x0, 0x40)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000)
r1 = socket(0x22, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x80044944, 0x0)
close_range$auto(0x2, 0x8, 0x0)
getuid()
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2b, 0x1, 0x0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0x1, 0xd4, 0x7fffffff, 0x6, 0x0, 0xa89e, 0x3690, 0x2, {0xfffffffc, 0x10000}, 0xa81e, 0x6, 0xffffffffffffffff, 0x1008000, 0x0, 0x80000080000004, 0x84, 0xffffffffffff6291, 0xffff, 0xdeb1, 0x806})
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/igmp6\x00', 0x101d41, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x1000000001c, 0x5, 0x100000000, 0x400000000009, 0x3fffffffff)
setresuid$auto(0x8, 0x8, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x1c, 0x0)

2.257434015s ago: executing program 1 (id=910):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001d00), r0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match\x00', 0x20080, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000280)=""/175, 0xaf)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/pids.max\x00', 0xa0942, 0x0)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x0, 0x0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x3, 0x6, 0x0, 0x200000000000001, 0x368e, 0x2, {0x100000000, 0x4}, 0xff, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x8000000c, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3dd)
ustat$auto(0x801, 0x0)
sendmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
sysfs$auto(0x2, 0x23, 0x0)
r4 = socket(0x11, 0xa, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'vxcan1\x00'})
openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/oom_adj\x00', 0x400, 0x0)
r5 = ioctl$auto_TUNSETNOCSUM(0xffffffffffffffff, 0x400454c8, &(0x7f00000001c0)=0x4d)
bpf$auto(0x0, &(0x7f0000000100)=@batch={0x2, 0x9, 0x5, 0x4, 0x7, r5, 0x0, 0x400}, 0x6f4)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x200)
listmount$auto(&(0x7f0000000040)={0x200, @inferred=r1, 0x7f, 0x81, 0x400}, &(0x7f0000000140)=0x10000, 0xf, 0x5)
ioctl$auto_SNDCTL_DSP_SPEED(r2, 0xc0045002, &(0x7f00000000c0))
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
timer_create$auto(0x0, 0x0, 0x0)
timer_create$auto(0x3, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f0000000500)='/sys/kernel/debug/tracing/buffer_subbuf_size_kb\x00', 0x103200, 0x0)

2.256838729s ago: executing program 2 (id=903):
ioctl$auto_XFS_IOC_PATH_TO_HANDLE(0xffffffffffffffff, 0xc0385869, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x405, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYRES32], 0x1ac}, 0x1, 0x0, 0x0, 0x4000084}, 0x801)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan0\x00'})
ioctl$auto_MON_IOCT_RING_SIZE(0xffffffffffffffff, 0x9204, 0x0)
connect$auto(0x3, 0x0, 0x54)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000)
openat$auto_debugfs_devm_entry_ops_file(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/cec/cec29/status\x00', 0x40600, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_generic(0xffffffffffffff9c, &(0x7f00000032c0)='/proc/kmsg\x00', 0x80002, 0x0)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
write$auto(r0, &(0x7f00000001c0)='/dev/audio1\x00JR\xe7\xae\xd27M<f\xa7\x02\x8f\xcb],\xd3\x1d\x8c\x8bB\xc7\xfc\x90\xd1\x03h$\x98\xc4\xc2#\xc0{\xf2\xdf\x83\xa40\xa5?\x8e\x92\xf5\"\xa9q\x8d\xf9uR\x82\xbe.\x82OD.5\xc2\xcd\xa4\xd9@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe9\x1f\xc4\x03)\xbb\xa3\xb5\x10\'{\x97\x0e\xb3\xa1\xe10H\xd4\xefe\xac.f\x82Lk\xe5\xb3\x11AT6R@\xbb\x8c\xa4\xf2\xe8\xafo\x17\xb9\b<|tB!\xa3\xa5\n\b\x8cA;\xbc\xc7\x91\xeb\xc0\xc7\xeb$\xc0\xa6', 0xa3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000001ff, 0xa, 0xd, 0x2, 0x9, 0x2, 0x20000000000000, 0x1, 0x8, 0x7, 0x8, 0x7, 0x4d40, 0x5, 0xfffffffffffffff7, 0x5]}, 0x0)
socket(0x2, 0x2, 0x88)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007)

1.904110618s ago: executing program 3 (id=904):
r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/bus/usb/006/001\x00', 0x40940, 0x0)
mmap$auto(0x2000, 0x9, 0x8, 0x12, r0, 0x4)
munmap$auto(0x0, 0xffffffff)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
bind$auto(0x3, 0x0, 0x6a)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/vhci_hcd.7/usb23/bNumInterfaces\x00', 0x600002, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/transparent_hugepage/khugepaged/max_ptes_shared\x00', 0x20b42, 0x0)
sendfile$auto(r2, r2, 0x0, 0x4f64a1d2)
read$auto(r1, 0x0, 0x20)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x78dd02, 0x0)
writev$auto(r3, &(0x7f00000001c0)={0x0, 0x7}, 0x40003)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/usb/drivers/appletouch/remove_id\x00', 0x18440, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000db, 0xeb1, 0x400, 0x8000)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video6\x00', 0x80383, 0x0)
ioctl$auto(r3, 0x1, r0)
mmap$auto(0x0, 0x10000, 0x4000000000db, 0xeb1, 0x2, 0x8000)
read$auto(r4, 0x0, 0x20)
unshare$auto(0x40000080)
mmap$auto(0x9cf, 0x141d92bf, 0xdf, 0x9b70, 0x2, 0x7fff)
r5 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x82842, 0x85)
read$auto(r5, 0x0, 0x0)
r6 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/rpc/use-gss-proxy\x00', 0x48041, 0x0)
write$auto(r6, 0x0, 0x400000004)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/fail-nth\x00', 0x882, 0x0)
writev$auto(r3, &(0x7f0000000200)={0x0}, 0x3)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS3\x00', 0x44000, 0x0)
syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff)
io_setup$auto(0xffff, &(0x7f0000000580))
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)

1.903071322s ago: executing program 2 (id=913):
ioctl$auto_XFS_IOC_PATH_TO_HANDLE(0xffffffffffffffff, 0xc0385869, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x405, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYRES32], 0x1ac}, 0x1, 0x0, 0x0, 0x4000084}, 0x801)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00'})
ioctl$auto_MON_IOCT_RING_SIZE(0xffffffffffffffff, 0x9204, 0x0)
connect$auto(0x3, 0x0, 0x54)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000)
openat$auto_debugfs_devm_entry_ops_file(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/cec/cec29/status\x00', 0x40600, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_generic(0xffffffffffffff9c, &(0x7f00000032c0)='/proc/kmsg\x00', 0x80002, 0x0)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
write$auto(r1, &(0x7f00000001c0)='/dev/audio1\x00JR\xe7\xae\xd27M<f\xa7\x02\x8f\xcb],\xd3\x1d\x8c\x8bB\xc7\xfc\x90\xd1\x03h$\x98\xc4\xc2#\xc0{\xf2\xdf\x83\xa40\xa5?\x8e\x92\xf5\"\xa9q\x8d\xf9uR\x82\xbe.\x82OD.5\xc2\xcd\xa4\xd9@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe9\x1f\xc4\x03)\xbb\xa3\xb5\x10\'{\x97\x0e\xb3\xa1\xe10H\xd4\xefe\xac.f\x82Lk\xe5\xb3\x11AT6R@\xbb\x8c\xa4\xf2\xe8\xafo\x17\xb9\b<|tB!\xa3\xa5\n\b\x8cA;\xbc\xc7\x91\xeb\xc0\xc7\xeb$\xc0\xa6', 0xa3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000001ff, 0xa, 0xd, 0x2, 0x9, 0x2, 0x20000000000000, 0x1, 0x8, 0x7, 0x8, 0x7, 0x4d40, 0x5, 0xfffffffffffffff7, 0x5]}, 0x0)
socket(0x2, 0x2, 0x88)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007)

1.88684989s ago: executing program 1 (id=905):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x9, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff)
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000)
r4 = socket(0x2, 0x2, 0x0)
getsockopt$auto(r4, 0x0, 0x17, 0xfffffffffffffffc, 0x0)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002dbd7000f9dbdf250100000005000d00100000000500070010000000080009009c781e2108000a000800000014001f0000211e789c0000000a00ffff0000000014002000ff01faffffff00000000000000000000060002000100"], 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x400c004)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
ptrace$auto(0x10, r0, 0x4, 0x7ff)

1.5686745s ago: executing program 1 (id=906):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
adjtimex$auto(0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff)
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000)
r4 = socket(0x2, 0x2, 0x0)
getsockopt$auto(r4, 0x0, 0x17, 0xfffffffffffffffc, 0x0)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002dbd7000f9dbdf250100000005000d00100000000500070010000000080009009c781e2108000a000800000014001f0000211e789c0000000a00ffff0000000014002000ff01faffffff00000000000000000000060002000100"], 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x400c004)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
ptrace$auto(0x10, r0, 0x4, 0x7ff)

1.227966431s ago: executing program 0 (id=907):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001d00), r0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match\x00', 0x20080, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000280)=""/175, 0xaf)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/pids.max\x00', 0xa0942, 0x0)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x0, 0x0)
mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x3, 0x6, 0x0, 0x200000000000001, 0x368e, 0x2, {0x100000000, 0x4}, 0xff, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x8000000c, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3dd)
r4 = socket(0x15, 0x5, 0x0)
ustat$auto(0x801, 0x0)
sendmsg$auto(r4, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
sysfs$auto(0x2, 0x23, 0x0)
r5 = socket(0x11, 0xa, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'vxcan1\x00'})
openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/oom_adj\x00', 0x400, 0x0)
r6 = ioctl$auto_TUNSETNOCSUM(0xffffffffffffffff, 0x400454c8, &(0x7f00000001c0)=0x4d)
bpf$auto(0x0, &(0x7f0000000100)=@batch={0x2, 0x9, 0x5, 0x4, 0x7, r6, 0x0, 0x400}, 0x6f4)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x200)
ioctl$auto_SNDCTL_DSP_SPEED(r2, 0xc0045002, &(0x7f00000000c0))
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
timer_create$auto(0x0, 0x0, 0x0)
timer_create$auto(0x3, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f0000000500)='/sys/kernel/debug/tracing/buffer_subbuf_size_kb\x00', 0x103200, 0x0)

1.227657728s ago: executing program 1 (id=908):
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000003200)=""/64, 0x40)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x2000000000000021, 0x2, 0x10000000000002)
socket(0x2a, 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r2 = socket(0x3a, 0x3, 0x0)
mlockall$auto(0x7)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x9, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804})
mmap$auto(0xfffffffffffffffc, 0x61, 0x9, 0xfa3d, 0x400, 0x8000)
pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xf5s\x1cJ\x99\x8a>c\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff)
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000)
r6 = socket(0x2, 0x2, 0x0)
r7 = getsockopt$auto(r6, 0x0, 0x17, 0xfffffffffffffffc, 0x0)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002dbd7000f9dbdf250100000005000d00100000000500070010000000080009009c781e2108000a000800000014001f0000211e789c0000000a00ffff0000000014002000ff01faffffff00000000000000000000060002000100"], 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x400c004)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
ptrace$auto(0x10, 0x0, 0x4, 0x7ff)
r8 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000180), r0)
sendmsg$auto_NL802154_CMD_ASSOCIATE(r2, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="a8030000", @ANYRES16=r8, @ANYBLOB="20002bbd7000fedb0701000000002083", @ANYRES32=r1, @ANYBLOB="040002800c004b00d2b00000000000000800370057000000f05bc05b38fdcf84f1aee3d8e0837f70cf4d981aa154cdacabcd7c4a6d7d1fa87d290af88b15657c6a88a3e33197451369dd0633185b3a80e71ddb210eedd00ae43ac31883e9b52730d95cdb87892425b896bbfc99c2752375c29b8b519e3569873d4f59836a34b08097eac1876972401cff9c1e6f4d20de6a7caa0970fdf2c72f19a130ded95ed83b1f00751a2e6901df7bc37f0ad1c5e1b5fc37bdf146d2c701dc80040086800400128008008400030000001b44db9ab05eebb05be64a22e7b9f383645ccb9d160db1e112e53de0bae6a3123f64252f1fbcb64e0ff67669e66cd9ce84e75c76f4217684859aa7cfc6e854cf8377dece546c1dc0b690195faf8a3383e64202f2a90e92d791b1d180ae788e4234cad9595324a55b9aba0c2a7eb952394ccae9dd2536a7291b9e1bc0fb9981b2949dc48582cf6cb644b16bcd767ba60e93414f4bb63d17bc1089a303bc1e6b05d629d500e2328356b07a78cdeaa55fb3bdbb2c4abcd66a25da24df23124a18f4ef48415859bab8e900dc00c0de8739de08bd67bf24ae339999cc0662254f345b22ad693417bf9102a4dce67eb98d7c13bacd8d222275c7792cc66b3fb216bbfdef6cdccd9da65939366988d86d76cda602811cddd17fdf3aafeffc886beea60da9ed11aac54a78fd086691869ca42be0f45e7edff97f180604a1cfaa76759b1808cab28c2a53d83cd453300b7ab2322651381f010922dcdba00fe1eb35e7c207de56f3bcfa1843f6c1f9f6d90e3da1ee7ad3a6a8b65ad297d08d0ecbc655637059bb8e768157d17e81188f72695baff036b581b866901dfadc40ed1cc701aa95dcb906cd0eb4aa806a52945ea3c5631b000000003ea24926dde458f5e50919e72acd02a917781ab5354142f67380db012579090c0ea7a85b6ad9d7147245a50f7e329ecd494d9e4ce6d79ece62ca68d1352edf2283476229c2fe7a0581fda7c45354a0d705018b402730e967f14c57901cb12bff171f840f2a681379cd60b297d84566bd436678e159787e5f0fa13da3b98eba0923b12ad54a5841159d038362bec7b532680bb3ef90c87d4b7c044975b41bf381afeee06966628e0d9b5a07bafda540386bacf8f8e6c8d5ec1b37aea29d2a835be7291595c48bb0e4f03d8c149028577e2d0402ec3dd9e90a018b555fd52654f660e6e3de861b66804f1431439a050029000100000008002700ffffffff08001d00", @ANYRES32=r7, @ANYBLOB], 0x3a8}, 0x1, 0x0, 0x0, 0x20040000}, 0x8014)
ptrace$auto_PTRACE_GETEVENTMSG(0x4201, 0x0, 0xf72, 0x0)
r9 = socket(0x2a, 0x2, 0x1)
connect$auto(r9, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x3, 0x4001}, 0x55)
bind$auto(0x3, &(0x7f0000000080)=@sco={0x1f, @none}, 0x6b)

1.220388679s ago: executing program 2 (id=909):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x9, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff)
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000)
r4 = socket(0x2, 0x2, 0x0)
getsockopt$auto(r4, 0x0, 0x17, 0xfffffffffffffffc, 0x0)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002dbd7000f9dbdf250100000005000d00100000000500070010000000080009009c781e2108000a000800000014001f0000211e789c0000000a00ffff0000000014002000ff01faffffff00000000000000000000060002000100"], 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x400c004)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
ptrace$auto(0x10, r0, 0x4, 0x7ff)

1.063616666s ago: executing program 3 (id=911):
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x200440c0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, 0x0, 0x1, 0x0)
sendmsg$auto_MACSEC_CMD_DEL_RXSA(0xffffffffffffffff, 0x0, 0x20004010)
openat$auto_component_list_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00', @ANYRES16=0x0], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0x200000c4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='v'], 0x1ac}}, 0x40000)
r0 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x6, 0x1}, 0x5}, 0x3, 0x0)

624.9585ms ago: executing program 2 (id=912):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
migrate_pages$auto(0x0, 0x8, 0x0, &(0x7f00000001c0)=0x7b)
r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0)
mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x401f, 0x1, 0x8e051, r0, 0x0)
bpf$auto(0xd, 0x0, 0x6f5)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
init_module$auto(0x0, 0xffff9, 0x0)
madvise$auto(0x0, 0x2, 0x19)
madvise$auto(0x0, 0x8000000000000000, 0x15)
madvise$auto(0x0, 0x2000000080000001, 0x3)
capget$auto(0x0, 0xfffffffffffffffe)
capset$auto(0x0, 0x0)
prctl$auto_PR_GET_NO_NEW_PRIVS(0x27, 0x1ff, 0x0, 0x3, 0xffffffffffff3ae6)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x80, 0x0)
move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x91e4)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_wakeup_sources_stats_fops_wakeup(0xffffffffffffff9c, &(0x7f0000000180), 0x4000, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)
r1 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/ksm_stat\x00', 0x2, 0x0)
read$auto_proc_single_file_operations_base(r1, &(0x7f0000000040)=""/228, 0xe4)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
openat$auto_hwsim_fops_rx_rssi_(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/ieee80211/phy16/hwsim/rx_rssi\x00', 0x0, 0x0)
r2 = socket(0xa, 0x5, 0x0)
getsockopt$auto(r2, 0x84, 0xc, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), r3)
sendmsg$auto_SMC_NETLINK_REMOVE_UEID(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x14, r4, 0x8, 0x70bd26, 0x25dfdbfc}, 0x14}}, 0x0)
sendmsg$auto_SMC_NETLINK_FLUSH_UEID(r2, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, r4, 0x4, 0x70bd2b, 0x25dfdbfc, {}, "ea655133c6bce273e539"}, 0x20}, 0x1, 0x0, 0x0, 0x10040000}, 0x0)

624.741762ms ago: executing program 3 (id=914):
openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0)
readv$auto(0x3, &(0x7f0000000100)={0x0, 0x7}, 0x7)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
open(&(0x7f0000000200)='./file0\x00', 0x290100, 0x479)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/hwdep\x00', 0x0, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000280)=""/65, 0x41)
r2 = socket(0xa, 0x2, 0x0)
setsockopt$auto(r2, 0x29, 0x37, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5', 0x110)
setsockopt$auto(r0, 0x29, 0x36, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5', 0x110)
close_range$auto(0x2, 0x8, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$auto_SO_ATTACH_REUSEPORT_CBPF(r3, 0x1, 0x33, &(0x7f0000000280)='o\x00\xfb\x00\x00\x00\xe4(\xe5\xb9Y\xacS\xbe\xcc4\xf9!\xd0\x92<\x9bf\x01j\x83\xb3\xd7a.\x92\xf5\xb0j\xd3\x01\xfe:\x93\xed\xe4\x16\a\xcemS\xeb\x93D\b\xdb\x0f\x9f\x903\xad?\x17\xddF2\x7f\x15~\x94\x1d\x1c\x83\x03\xb9K\x04\xd3\x99\xe6[\xf8\xddn`\xdb\x19\xa9R\xc2\x00\x8a\xc7>\xfbC\x9e\xcfY\xaa\xc9\x99_\x8d\xc14o\xd9\x97\xf9\xb6\x80\xc0Tf\xea\x82\x8f\x82^\xf7\x01\x894?\xf7\xb8\"\x9dd/\x15\xf5\x013\x84\xe8\xdev\x8eW\xfaym\x8a_\x0e\xc5\xde\x90\xc4$\xbb\xaa\x839]\x14m{R,i\x80\xecM.\xa9\'<\xd6\xc8\xd6\xc4\x1b\xd2\xd6\x193<\".\x85\xea\xb7\x9d\xa3r\xca\xeeP\xdeu4\xf2s\x9b\x03\xbex.\x17\xf2\xa4\xba\x9a$\x1f.e\v3.\xd1{}\x94\xd9\xc4\xf1\xa9\x9aK\xbc?0x\xa1G\xf5\xd3K\xf7\xa25=\x9f+\x1d\xe7\x00', 0x10)
r4 = openat$auto_sc_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f00000001c0), 0x2980c0, 0x0)
pread64$auto(r4, 0x0, 0x7ff, 0x8000000000000000)
mmap$auto(0x0, 0x3, 0x4000000000e2, 0x40eb1, 0x401, 0x300000000000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x2c201, 0x0)
mmap$auto(0x2, 0x4, 0x47e, 0x12, 0xffffffffffffffff, 0x4)
r5 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r6 = pipe$auto(0x0)
dup2$auto(0x5, 0x4)
setresuid$auto(0x8000000000000001, 0x1, 0x200)
mlockall$auto(0x7)
splice$auto(r6, 0x0, 0x2, 0x0, 0x80004001, 0x9)
r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x400882, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000180)={'batadv0\x00'})
r9 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r5)
sendmsg$auto_NL80211_CMD_START_SCHED_SCAN(r8, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000580)={0xf0, r9, 0x400, 0x70bd2c, 0x25dfdbff, {}, [@NL80211_ATTR_STA_CAPABILITY={0x6, 0xab, 0x1}, @NL80211_ATTR_OPMODE_NOTIF={0x5}, @NL80211_ATTR_BSS_SHORT_PREAMBLE={0x5, 0x1d, 0x1f}, @NL80211_ATTR_STA_FLAGS2={0xb3, 0x43, "8a21bc93ca34eb4b31e22964c52fa894c58a76d688588e685636fe5716670ea1142988776e8f2b2ddca5d11d47fea0e9afb4d6fa534e9f40ade8792ddd7010869b693cdb308e08293938498e693bc78211cdb958b3c88fed2aa1924f7729b4a115897aeb8db8f94a4f1ac6a2f4f8de1ca32d26ec2b0b84fe91ed9ae9b038bb0406df462db5aa1657566bf3cdcc455df7388f668f8c20889178a32a85ed39bbbbb7fd4d8774014ad873e4cc3a3c52c1"}, @NL80211_ATTR_DISABLE_HT={0x4}, @NL80211_ATTR_TWT_RESPONDER={0x4}, @NL80211_ATTR_PMK_REAUTH_THRESHOLD={0x5, 0x120, 0xf9}]}, 0xf0}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000)
write$auto(r7, 0x0, 0xd)

498.25979ms ago: executing program 3 (id=915):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001d00), r0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match\x00', 0x20080, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000280)=""/175, 0xaf)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/pids.max\x00', 0xa0942, 0x0)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x0, 0x0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x3, 0x6, 0x0, 0x200000000000001, 0x368e, 0x2, {0x100000000, 0x4}, 0xff, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x8000000c, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3dd)
ustat$auto(0x801, 0x0)
sendmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
sysfs$auto(0x2, 0x23, 0x0)
r4 = socket(0x11, 0xa, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'vxcan1\x00'})
openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/oom_adj\x00', 0x400, 0x0)
r5 = ioctl$auto_TUNSETNOCSUM(0xffffffffffffffff, 0x400454c8, &(0x7f00000001c0)=0x4d)
bpf$auto(0x0, &(0x7f0000000100)=@batch={0x2, 0x9, 0x5, 0x4, 0x7, r5, 0x0, 0x400}, 0x6f4)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x200)
listmount$auto(&(0x7f0000000040)={0x200, @inferred=r1, 0x7f, 0x81, 0x400}, &(0x7f0000000140)=0x10000, 0xf, 0x5)
ioctl$auto_SNDCTL_DSP_SPEED(r2, 0xc0045002, &(0x7f00000000c0))
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
timer_create$auto(0x0, 0x0, 0x0)
timer_create$auto(0x3, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f0000000500)='/sys/kernel/debug/tracing/buffer_subbuf_size_kb\x00', 0x103200, 0x0)

443.816858ms ago: executing program 1 (id=916):
unshare$auto(0x40000080)
r0 = openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000008140)='/sys/kernel/debug/tracing/per_cpu/cpu1/buffer_size_kb\x00', 0x80100, 0x0)
read$auto_tracing_entries_fops_trace(r0, 0x0, 0x0)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r1 = socket(0xa, 0x1, 0x100)
setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x20b42, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r2, 0xc0045002, 0x0)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f00000003c0))
r3 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f00000001c0), r1)
msgctl$auto_MSG_STAT_ANY(0x8, 0xd, &(0x7f00000002c0)={{0x0, <r4=>0x0, 0x0, 0x0, 0x7, 0x1, 0x200}, &(0x7f0000000240)=0x80, &(0x7f0000000280)=0x6, 0x10000, 0x6, 0x7ff, 0x15, 0x3, 0x532f, 0x7f, 0x4, @inferred, @raw=0x4})
waitid$auto(0x2, 0xffffffffffffffff, &(0x7f0000000340)={@siginfo_0_0={0x5, 0x7, 0x800, @_sigchld={<r5=>0xffffffffffffffff, 0x0, 0x7, 0x80000001, 0x8000000000000000}}}, 0x6, &(0x7f00000003c0)={{0x8, 0x5}, {0x2, 0x9}, 0x2e, 0x250c, 0x8, 0x7fffffff, 0x4, 0x5, 0x588, 0x13, 0x7fffffffffffffff, 0xa, 0x265, 0x4, 0xb})
sendmsg$auto_IPVS_CMD_ZERO(r1, &(0x7f0000003000)={&(0x7f00000000c0), 0xc, &(0x7f0000002fc0)={&(0x7f0000000480)={0x1b54, r3, 0x10, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_SERVICE={0x43f, 0x1, 0x0, 0x1, [@generic="d61ee4564e853e92374055d9959228aee59b03b90af9268d24e44d193276b8c02acd66af800f37e6145cd220d9a21952d9e89c144a6eb36470cb712766d26d7ce02988898daf86640d05d9f9b8d0c203599e6acb5c49c8681d392e538124b66560eb97689e87e4850cbbc3136232eb9dab39c3aa52e1e9b031fc87b54847acb09487db6ca8e616163d7e5493243e5636a3d36f09e49e673cfe8e4245bbd8ef644d63f7cd290284d0c7", @nested={0x171, 0xcc, 0x0, 0x1, [@typed={0x8, 0xb8, 0x0, 0x0, @ipv4=@rand_addr=0x64010100}, @nested={0x4, 0xcf}, @nested={0x4, 0x13b}, @typed={0x80, 0xee, 0x0, 0x0, @binary="f811da689c0b3d8bcbc1d4df6902231aa98fb348ee815377d24452e625561939a7cec9071205c0720cc246d1e0fab97dbaa97be6daf7c14556c297c6bc9b8b84f1359fe212318aeb7917b00a585c8d09748abfbbeeac2e85003eaaf314b8e63bf8c11de8014f175b6a07944ce8300554754a78043ada80d18672986e"}, @typed={0xc, 0x21, 0x0, 0x0, @u64=0x6}, @generic="fac0bc8dc65b394e75b7affca35eda6f1fcf8f0534", @typed={0x8, 0x7e, 0x0, 0x0, @ipv4=@private=0xa010101}, @typed={0xb4, 0x12c, 0x0, 0x0, @binary="bdc3053ca6e1c49d5ce9d98da518f1a351e788996089c8874f2776981b974aab4da9ba5f32a2e9744a9db9bec01115091a2c4ccce06ef4e6fce908e529a0d6da0048c6971389cf668eeaff0c440d1bee9f0bf81a5c03160abdcc31c2cce2f12ad1f7c908cc82f23b49fef56d45b1475007c9e1d84e93895891631b9b4b865d748d118c2d3ee877b3745298e5918776a4d78cb894a0e5d06bdf0e8df8291aafc286b4f076087a2c8ebca7977d81c13289"}]}, @nested={0xdd, 0x5b, 0x0, 0x1, [@nested={0x4, 0xd4}, @generic="5d74ddeccc934ef1f7c2c46e36d363d6e0a044d562c025626013294c9785a2fc8215cd3c54817f964287924c8cffcff8fc08497deac0dd6b8f39bf87a7e760b22208174725618d212cee8061704b0b7843c42a67fc3a698211bac40f0470bd45cb2bd286ba51a07549df68c8ddc2f815f7b4e8792311ea341d6d832841a4e0d58ded39d2ce72c91ce351a186c6bedce22ff2328b405adbeb863fec4a4b6feb3f8d898359df5a5d0a1ab5a637aef337cd9960e232f9ff82c93c21ccfd6a0c5eb880ece49f23db5ca937f9511b105dd6715c494b8440"]}, @typed={0x5, 0xda, 0x0, 0x0, @str='\x00'}, @typed={0xb, 0xbf, 0x0, 0x0, @str='\xcd\\]{*}\x00'}, @generic="9ce0c05f4f7425e7452821576681817f5ce202e9d61e4b38e91ba7605b2230124de79dfd678aa91a258587d30b8cff96866680a17e6fa0b71868204b04cbcec284c584aac2a9242985e0723b89c8037a222cd9d2d47c12a01eab360ce1eb", @typed={0xcb, 0xe8, 0x0, 0x0, @binary="56ca2f1a02bc72afc813bca7c00ad44c0cc73807ba75c1e9653d6288013dabfcd70b19abe081ad8b5f5464f5d4d3441a13d9ba64b30e8e14c0e48a838a38d72d143e8c00f38eff44f06db349e2a37b0e7ec6e0f1be221db5055035ff8e5bed2d65bbeee6799d883c1b1da2e38d4be8567c5beadfc5543250e5905cc2612631f971b4d78da2ec92f48b3cf20938df8b433ca633e77481d36ab71694e16fce7f5f74602ced91499785f7827248d5f34bb1a0dac90727d261900c550c1d9899a4ff286024228ce9df"}]}, @IPVS_CMD_ATTR_DAEMON={0x12b9, 0x3, 0x0, 0x1, [@generic="f41f5fc12c51305369af57a0e5f330ad0c0ddf80557cf8f89ae21fa096f1bdd3d26afe4d373a4d8603b97219527560430e96200a37c2698090f907b8bb4c48d56172a29508feae980bb9af0a88bf0dea33c74079fc68d1c6ef84911885d15e652c459960e21ed66acda7b9ff3a40547d5ccb1e781e93857e2956af5dbe927eb4b4d6df5c57dd07e983abfecb1d9e2069fafe5e", @generic="5ae625c3ecc72dbb9f2fd7d2371a234efaf7ffd2d6bfd729b05747711fb29e7ec0d1d0e94ce5801153cfbef142492341e7c20a8b6a1a118442bf707009417f3d7716ce15cd536ea23ad00a64e7e364a8e2cdf4cf9120788c3f7c89137cab862f20edc5087d9a415009330fd46b827fae8502bcf8e2a94b4479097e1d60675da79b8a65c3a1a58819e135c6a13012dff15db858ea564488dc1adf2b38ec7fcd941c506fdad7bd513c9008a469b9511d85a9077ef883b1d2e0d1cfa96dfea22b8e652e398a2850c1a1272d3537920f3b812d5671b12eb5420bb1d1a0b50e9ddb054aaf3ca124cc9f58eb8a893db7495bfc27fc7114d5a624155caecfb792510b1ff0c39043b6d2182a655870b473202ab09cbc6e260197c405c7b9dab853e5a583a35eedd4a51ad9eb036bbcfa7fadc75f624a545b2124129450e0cfb280418d14af9b0bed2fe529904a23b02e9327f6848eac155c70bb81d35d28b783026f1f80c585b0811b7977f4e7295c4f68aefc6cc07caf272eae93b304e0c0b1c1fe760aeb780bf4d86ded88ebadf1f39f33d114bd2f6cd4922105fd790e2257eac797d674cf012edda1f529b6e4e6530a4d10dae9296d08737cbc799cb42a3152982ac7501366afe8fa458874c5ef092e2bf45be1cede902b0e43f24e333b15b8e78c3379c8389052c4a700df833b9e0345d7298b4e69afba7642009cf921aa48ef0bc57db7f578cc91f26debbd20714c9a4fbab7fc7c3f4d3e9125149920b12e7088fb778b41ff3f8669226af3fe731936037ced7006a7d3e05a2d685f36da739d414cdd8ca103b8e0b6914804b6af0ed71f94fd32460ab84c8449f945210f70de86516ab37001249e77210335faee9d26be1a77c4578640f2a3284c2e9a7b01062cbd3d9065fc0dafbfe783c3d102fbe5405eccf504760eeaf12f475b1dfb341e71492b8c443a2800c33fce8372093a4f6f79a4689e924f562e35a53ff763ff917d30c7af31eaa2b4cdc6acab8995b4d146b0ca0c0b4859343fbf92f2e24f708cd28fe646928036b428242815d46b2798d9e9ecd2b28ed5daa0c1df0abc271ed1daf479fb28406c0bb3d3084163dafb6674b5ccfcb078299e72c43d952b1f137829b4e9f086a58f0fe0b8534ad0b2c069f1b652e83d6fb581911af30ba90d10f43b4e2c2a122a73723846b8f29ded23ce9a68484fa077a9dcf6134018bb48001af70f588e76fddcd076e9a26af9952f9b8f230dd9da7199e8a33edadded4ed443a961786499fda11adda69308291a29c9668f0891ec8720204310c75275524488f9eff9d8e3335b377a3c53f78ab0222ba2fff540e9b4f5a9d42168850774785acf34fe54eaba0cc64a165e028e6011fbfd3dac77d760993668d2a66d5d4a932bdb3228d601e4b646bc2a6c83e5828242a190be531b25a13cb1a1324a6dbf32be6f4eb9ed009030cb0356a6c55dc7752fabc31de7039bbd29854f883272b573262ec5c832ac98736f27e6892c9e594a08d30a83c781b2b4d2022eec8e5f899a4d9d6b7e8a7990335d81709d2eaaac53e81dc79c95d9cda1b672d540d99ce6dc2f9318203dc76c089c49e1d0608908e350d4af0cd4cdc43b6ef68b83c21b2705b79706ae4fd91af7020b0d31d9510684d7c096d27e0c6cddfb484506c9e39cb86b15431ca995a468d7b18c147d018429641df72240e29b80df8174817406fb8ea97c0cb365420d526ccad8576374a49a367447f956db2bacafef9745f97e90663eb93ace1273e40f591deb957870582fd489a8272c4c0fcea8760486897e1aa0f48bcc1d028d4326657c7f25a554a70fa23813b658804fe65f00a9969d295c58f25f73734fd2a6508aef32fb11c72687bad6f8d2d47b06cdb32eb9d96c7b0fe51d97ba511647b866dcf72a44c1f9862174368a3d31184e6ad41f607a5a56c97e2ddc96c2c4d645d854897b16a3b3984c50e46015d0b6f10b7b608776fb809d800c05bda0937a5cd41b2749d55375dc91f76ee9efecbe8f9b881dfe18dbe661fbc025ecc1e4a97fdf16420037a4b7076b53d35e93bd203f815eeaf2a4d0c6029f21737685993dbf6cf7c923df7b0935961ecc89e68ed6dbf6f6aaa4b544b148e84498edac92537c458a5682a06f14a859cccec1ccba9994055369e53e0bcab5e129c383810a60a74749e4c9fb1139a14543f3810c06b782ecfb87e4052c1acd02ded63767a1128d1631755fac24fe3a5855300cea4aaf6bddb85c969f595c5b5263ecfeced3b8314c89dd9a3dbfeefe5187ae550d6c3ce9f5187d2975b1802c4490c2f0783ec1491a6e2bc526d721ccf82af1fa7ec560936f5ea411ad895926be7a15ac92c2692a603262eab31555cba55316898522452e2fd74a13d734dd10292f63ec73687cf2ec1df8bb2dc3873a491887c2819ab14b3552eb82dad48a9336ff6cf49c5a2a29dbcb40bb532ed8a95374d0804a535d792d62824ce6fba30fed2d247bd9bfa8cede0103dc7d064b361fa8db6a6bb8ff30788ed05c4c840ccd136f10ea6a615f026bb7e07e634090f419ff21e6c364a6e087c8be653e020cc84bc150a6e74e130aeeb7d3de487ad1b5037626d08d43ccbf3d05c9ba582ab565791190fe1e5e2fbfc4fba4f20e10b28c2fdb0c142b1ae386d9c38d6424bcd98ff2dd53cb589ab0624e7198a3cfca5990ce7ca47948f88da8a81a17c1634f3479bf579d6449506cb01e5e919f2375b0e0e19573e8800dc836dd8fec3b562e243be83c0e68a0ccdaab0a26028fd4d1baff8460b9a11e8cb7e7c70c7e7215848c066726af498658e08a9fbfcd01258d6dd7e41b5f81c5534c35a53c52b6b7d3cc58b559327013c4af329555ac58a05bd834065b171467974e4356fbff1cb7646847f645949c4e1538df47bb8f0800048c7720e7cda3a78ba0e06155a9854e29432f158d75a780012413d850ec9de04738a3e6174b3635be2a0a00995b8923fac2baf99c63d263e0c01249938869296dd20f3248d25cb9b8f235122de0e2fed9c594b6f35e8d1e8bc22ad0bd8c89755d5d1fd3e55f5fd1101d9c5ed5569dd0e9975b6ea4b40c1a5a85a3d91d79c3e6618a8ccfef6388aff8bb49697bf431f880d10243cd9341bb393e14c0bb2a29fb452d76c297921cd5dcb6cfc38850774055fdff90465031dfdfd6d155f2d1a44a3650843059202d0fe7eb4fe943d07b8b7fb42b52fac7f2432e7dac68072606cb0c9e71accce3b79258f3df09e068838c7d6b026469488a7ce48a3b604eb62de03f9fb25f7d07163600606e31323d69dc8b97c3778cdc6afed1b57caca110fcb327d396a4e60dc0fade7a52765b9dd298835626d10b9324f5dd8c080b0476d9906f30e262d406cf8a621138a019f0d4ee353ae57e42323dbe18ba5eecf2ac43228ecddf93d8da22f2c56b49f38e23ca8c8226a9e1238c46ade51b0c5431b49e17a19e9bd29474414fe619c2a8a2d8d2ee9bc6049e5fed82e7dfb780440d6e0341aa0c01dd4fe1be5b9ebf18d84e1f4ee5d5d51f541562ebb6853f04415b2b1f4299e5cb7c34bf992a6c887eec6db335f47fb00fdccdbe697d7b980aae7ae3f4f03b5f95c0c5e248000c655b3c55437d35f04887aebb3483846d04fd050b6f3c54477df0621d0a661734cb5147dfc1ccb16c4507d80ec78e6e178a002dff3463f749627cded70ea1bd4a075ab8ff57c7d07f8088f0d6572085aa1010a722b33d2e70b85d82e81ffbbc4421e2040b212d3ef8b62728f77055e4c34158f42f21f0d97aad5acd4ce6dac85ef91bb49577fa6d65bee36c097f5a2316d9449adf2b0412c4260cc02c5ac205d7f01ca5afbbd799da5b97373567d8220ff86356310c0240c0aaf84c70bca63ad914caae24ef6cdc073ec3f53cdd00491dc98fd665d795ac43f4a805b37534fcd4229dda97f9fb09d9f4546f3040daf3b010619c663199967f0b7fff40566d6139c40185a3abdb74c13da36354069e813f212616667e3fc362660a1e41d709603a3dc8855583af9251470d36b34fea46ed06204319840c0302f17660f83cd6755a677443fe7abfe2ac75b476a5c952d03bf77062df0523d46ef12c55d38de97978891af00fa53fbb9a721cc7ca739cdf477f8231ba39026dddaa15a42f0ea7554531738b3198fe7c703d24e7a9b7e5ac7edba5bdc5922b2240fb62c97aca7a389e684f9f37b2c48869ebf71754514f9f91e0fb211c894b46cabdbe6b3e05f23a3448997d4606fa387aa6293b7fae7abef53801bc5a6812fbaae6d29bcf5fcfc5b567bc1dfa306418d2ecd5cc92fa221a17e076cf8e36119da774c7e9e4728fc00d72b90475381f355d84a9dfecc23d4d19ba080ff3a6ec8681c31bf34413623c4157f97436b464149981ba20812d8e8e9f3f7e24b175c548771dc341f64c7957ce6cf38ef74e788bb312cd441e61ba520e6515ee26f26bfa4242367a59eeca5e369634c5a55d3a141cf6a0e7895711577d758e265f4cfa87398ad53ad1318ad1ab99c761f387eb6eb3e483246cbe7dbee0455e73c0959048dfed1bfcf54a7430b4d894a4158d62aba2c9ec39209b4f2549ae0f715275e13441c66de0374f0e94c074e407434ac844fcf1e5b6dc93eab57c8c3cc89f37df75e5d57376225977d8b811ec973455d577ba8e53dc1b2a83e69efa019c49fe42283edfad022654fffa0a3386258a65cfecf83facfc50bc949fb971c8ea117779e0e056d11a9b93fd1762e3692dff6083f4c544b857d1445d8006d12d5e4ccc61a70941876e95b52962b03d19161dad7e9f3dcc8cf481d0402967300959bf90e5f89633110d9a8cc3f41710ebb89902672d38e6a58a80f76f097f5cad9a44e5219c7a2714e1bf93b74c9546fbe4a90edf4cce46c18889bc7778d7ccdce0e5ff8aed5f29447b614333d82654895ced80783cbd9464c1c6471bb028253a73a93861d19ccf1ebfc60a14c7ae639e1f1792317ba75e8d3753d32e551442a69f4045b7a5ee129515c483e92fe6f0186e619db350b30abd1d2e0706f5b35dceb229607716731c58cda69663214eee99394e0d87ac1436f6015476f390db0555a2afd5ac99a9b7abea0242f7c8e852ee0ff00caff387099150c91652f24f64a0c395115b2dda98e088b7a00a13e7c2ef288eb0e53394de0e1968b8cf4042270ca84c2f4a251405b5716611914e9c21347e92dec6427d4012fed0d7dadcae1f1fdf5f8689e8f053d9e99de334b16078d0e44fa8f9ba1e3548960e4d22568b146aad596f5756699288b8d5031346e4ca5ad42e5e8a3d002d6d63dd1b95423d3b43af4f587bba7ef40ebdaf90a651475ceae0d1e34d7ec73cb7a817d862923d3d8afe6c12196a067c985f68dda4d9eedba499262bb46b8a723701d34142ca744463d804f1e6923dce06b367a338bacd4702e33f8c0b1ae05f557968f6bbadd05e5febaf2f42c87381162d50630ab405bf0d98ed771aa98a8f6d877decf87455251b8e46cf8195c9fa80b4aa40ef0a033cfbd5196b8815bc2d74fcb23a86a90de95e3826d1d9241241e1346e67b3da74c94d970d1c1b4365c001052efbb14abf650b45f50bbfa6984e5bae91cdee3cc0174d1f3fe27a4e2da8abaa2efb633a828ed61cb0b05002fca5a3dd4b38afd394a42a885ad70f9523f6860a89162d7b76ed24196514562171123a07efa10fac5228f4dcb2b685b3a0237e8fb51f9925adf5f62fc5f380c8a6dc1e763bce24f7d83922340d4b5ee8b1c705221be0567ca5cbbc8998b0191394cfee9844071a691efda151597c2ea426a190ccfa8353", @nested={0x115, 0xca, 0x0, 0x1, [@nested={0x4, 0x14e}, @generic="abe92600b869017fb91ef7ab5f4ddda41d09bb20a4320b671bde646e937c2cf91f349f8618aebcb035a367d2ee25359182fc3214fa1b93165cd597a622ad46ae7ded5a094336aa61f88ee0c96bfc6dbab6c4fa10aa044825c4999dae74fc52a5ff46b02a9e24c4e4bf3ea060dbe3319a1054e60e30624b380e4afd71b665cd96e3e4e10abf0b961b78f2faa04d77b7a5fd239ad868ed1b1a64c99cab6bb6f82b56d36284110adfc97ebecc720854633b9e76067a0d1c72e9d0f99d7dd945d8bfad9efdee722dc35e25af0b43e67ba365a2c87a3980db262f273a4700a0ebe723ee", @typed={0x8, 0x14c, 0x0, 0x0, @ipv4=@multicast2}, @typed={0x8, 0x26, 0x0, 0x0, @ipv4=@broadcast}, @typed={0x14, 0x26, 0x0, 0x0, @ipv6=@mcast2}, @typed={0x8, 0xd, 0x0, 0x0, @uid=r4}]}, @generic="e21b345caadd36a6baf626c33e2d7349f6edbb47385a94d2e862e39cde96e8cd65242fa8f161c2b7d1ef21be32a3d7ce063ed51a914736dd89cc1eb1253b17d5245388749a8af628c2aa43a1ccbe657331b95436cb4153b3fbc5bf004309f153aa9e286b1905ff3e445f2c7b0a226cc3879b80993e5fa73087d7d116c31460f5c68190b3faae800f31c5010317e20519dde735c9ce7a35e77ffd796be27c029d22fe74b725dd3691a5a477698b67808eb7508ec519a0149db6b2ff94723403a5554b0ba615d1ce0fe895607ba411dfcfb8d4", @typed={0x17, 0x75, 0x0, 0x0, @binary="52d30ea8ac3a40fd92901f61f89aa38f0c1efe"}, @nested={0x20, 0x1e, 0x0, 0x1, [@typed={0x14, 0xf9, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @typed={0x6, 0xb, 0x0, 0x0, @str='\xac\x00'}]}]}, @IPVS_CMD_ATTR_SERVICE={0x1c7, 0x1, 0x0, 0x1, [@typed={0x8, 0x3f, 0x0, 0x0, @ipv4=@multicast1}, @generic="8d033d0c85dafefa3a696bae95dd89afcf204693a297b2c290bffcf93666d130e5b116dee0f9f8efd3abed46b12c32dd03032d8891524eb8f896fe2b6b0d32a8c851c9e99b", @generic="e7098763153f66733a3744324001761da5ec2a744256d2ce9f585f7f89867c8620cb27e4022ed1d709dff8fff7400f10b2c7990baf3b7e85c0f88528a8388e1086e623028a96396b9b323aef839bef40711145486626c528857230a4228e8d89d975fc06d205f71a52edaffbc0871cb67872b6243d79ffba1563edd16e13", @typed={0x14, 0xe3, 0x0, 0x0, @ipv6=@mcast2}, @generic="404701247e23fcb09785c40514bf40a72fc9ba1f5193116ac0a4c92d1304474e1728efe4838121973b042f073285bf01e2b6776500f3ca92b7136df2a9a5ddef6c6e8edd663634436e2122759bc6d875408824de733ae8ab28278ae0c4afa02724e3a4aa22dce52a192fde2e0026c5f1f27efea5010d7bc13e6bf9a0d97e92", @typed={0x8, 0xe, 0x0, 0x0, @ipv4=@loopback}, @generic="6115c90166b914bbe4c538ea397feab54c88075687c39807c0014c19135423779a22fee7cb6b348b2a", @nested={0x33, 0x138, 0x0, 0x1, [@generic="e30357617f4e43e5e4e0e9248456799d87608f91822687e64b255956e5d0bb87d0192c9057bd68803f2df1a7d66ecb"]}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x2}, @IPVS_CMD_ATTR_DEST={0x26c, 0x2, 0x0, 0x1, [@nested={0xfc, 0xee, 0x0, 0x1, [@nested={0x4, 0xf3}, @nested={0x4, 0xbc}, @generic="f92656ef4bd15524072abd43ba1b5cd0eb8ec5f3f7c7d42e337ee8930eaa598eb87cd0113469a2578cef5c215eeeff4ee4866786efb2d3f2233e153ebe90d11461bd02a2040cd4ef90b599b2011cd8219d443d4fbf53abfe79b7a1cdc70e3faf4178c0430d06cc6f37ad5f5890eda80fc14cd22f5761a732291991c113d75ac162b34a21b5f51e9b4f5ecaaf4478da0174094934f3de501c41dcb5cae9daf77dca979f995d426ab0a716c03524694c410793f843bed5ba86881724e160412942a411c9b6615f217ee666d4abd5dd069ce26bd347fe68609c6180376d01b8883665843364b702c0bd8b2de345", @nested={0x4, 0x9b}]}, @nested={0x36, 0x55, 0x0, 0x1, [@generic="f67936b0a2e2622a6d78eee900f85ce6652443d402ea45607094ce870fcb3ef2b2dc381b04edfbbc85eac95b30af635f6130"]}, @typed={0x6, 0x12b, 0x0, 0x0, @str='\xac\x00'}, @nested={0x10, 0xc7, 0x0, 0x1, [@nested={0x4, 0x7f}, @typed={0x8, 0xbf, 0x0, 0x0, @pid=r5}]}, @nested={0x119, 0xea, 0x0, 0x1, [@typed={0x14, 0x103, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00'}, @generic="a58201f3921bcf3c0d51af48473eb8b8e272285517573710c14f50e844f738ef88a8a7d4884ca3a6f5973475500be2f57698db80635be7744417bde41a3fb8ccdd2bc0d8b70326fbf74b6a125d9d5ff2b6311a93854d090c3e22804676bc9d7800ae75fde83dc54e600cdc7e70c8716ba75be42eaf97d3b05df6373f9f021ecc10b5f9b1000eab49bac962a0aec7f9223636be3469b5fc171a153f1b2068a53872b8e97f3aa14cda82365189b70ac204e25907738c1205230a96a281ab840de7e8ff334bf8d58d2ed9d27e1e1f", @generic="bd9276a2043463664d8b0a8b0d0f70c68803a3e58938f759c1a43df4ef47c5c7cb2c148a914e00fcee91a55e3ecb31d764c65681"]}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xd}]}, 0x1b54}, 0x1, 0x0, 0x0, 0x1}, 0x24004800)
syz_clone(0x808000, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x6, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000002)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
r6 = getpgid(0x0)
socket$nl_generic(0x10, 0x3, 0x10)
rt_tgsigqueueinfo$auto(0xffffffffffffffff, r6, 0x8, &(0x7f0000000100)={@siginfo_0_0={0x6, 0xe, 0x5, @_sigchld={r6, 0x0, 0x401, 0x5, 0x3}}})
mmap$auto(0x0, 0x2000d, 0x4080000200df, 0xeb1, 0x404, 0x8000)
r7 = socket(0x11, 0x3, 0x2)
getsockopt$auto(r7, 0x107, 0xc, 0x0, 0x0)
syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000040), r1)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40)
execve$auto(&(0x7f0000000180)='./file0\x00', &(0x7f0000000100)=&(0x7f0000000080)='\xac\x00', &(0x7f0000000000)=&(0x7f0000000200)=' ')

0s ago: executing program 0 (id=917):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001d00), r0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match\x00', 0x20080, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000280)=""/175, 0xaf)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/pids.max\x00', 0xa0942, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x0, 0x0)
mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x3, 0x6, 0x0, 0x200000000000001, 0x368e, 0x2, {0x100000000, 0x4}, 0xff, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x8000000c, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3dd)
r3 = socket(0x15, 0x5, 0x0)
ustat$auto(0x801, 0x0)
sendmsg$auto(r3, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
sysfs$auto(0x2, 0x23, 0x0)
r4 = socket(0x11, 0xa, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'vxcan1\x00'})
openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/oom_adj\x00', 0x400, 0x0)
r5 = ioctl$auto_TUNSETNOCSUM(0xffffffffffffffff, 0x400454c8, &(0x7f00000001c0)=0x4d)
bpf$auto(0x0, &(0x7f0000000100)=@batch={0x2, 0x9, 0x5, 0x4, 0x7, r5, 0x0, 0x400}, 0x6f4)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x200)
listmount$auto(&(0x7f0000000040)={0x200, @inferred=r1, 0x7f, 0x81, 0x400}, &(0x7f0000000140)=0x10000, 0xf, 0x5)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
timer_create$auto(0x0, 0x0, 0x0)
timer_create$auto(0x3, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f0000000500)='/sys/kernel/debug/tracing/buffer_subbuf_size_kb\x00', 0x103200, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.66' (ED25519) to the list of known hosts.
[   90.388191][ T5829] cgroup: Unknown subsys name 'net'
[   90.520880][ T5829] cgroup: Unknown subsys name 'cpuset'
[   90.530502][ T5829] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   92.449694][ T5829] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   94.765771][ T5840] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   94.806944][ T5844] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   94.812356][ T5852] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   94.814694][ T5844] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   94.823650][ T5852] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   94.830569][ T5844] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   94.836707][ T5852] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   94.845483][ T5844] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   94.856849][ T5844] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   94.865562][ T5852] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   94.865993][ T5844] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   94.881881][ T5844] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   94.889180][ T5852] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   94.890567][ T5844] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   94.898117][ T5852] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   94.911256][ T5852] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   94.921183][ T5852] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   94.932739][ T5852] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   94.951621][ T5847] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   94.959755][ T5852] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   95.507991][ T5848] chnl_net:caif_netlink_parms(): no params data found
[   95.674781][ T5845] chnl_net:caif_netlink_parms(): no params data found
[   95.768310][ T5838] chnl_net:caif_netlink_parms(): no params data found
[   95.793665][ T5842] chnl_net:caif_netlink_parms(): no params data found
[   95.845971][ T5848] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.853189][ T5848] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.861626][ T5848] bridge_slave_0: entered allmulticast mode
[   95.869946][ T5848] bridge_slave_0: entered promiscuous mode
[   95.934120][ T5848] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.941733][ T5848] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.949003][ T5848] bridge_slave_1: entered allmulticast mode
[   95.956727][ T5848] bridge_slave_1: entered promiscuous mode
[   96.006842][ T5845] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.013971][ T5845] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.021444][ T5845] bridge_slave_0: entered allmulticast mode
[   96.029396][ T5845] bridge_slave_0: entered promiscuous mode
[   96.077838][ T5845] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.085081][ T5845] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.093347][ T5845] bridge_slave_1: entered allmulticast mode
[   96.100965][ T5845] bridge_slave_1: entered promiscuous mode
[   96.174078][ T5848] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   96.187723][ T5848] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   96.203286][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.210666][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.218044][ T5838] bridge_slave_0: entered allmulticast mode
[   96.225773][ T5838] bridge_slave_0: entered promiscuous mode
[   96.236846][ T5845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   96.249308][ T5845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   96.285853][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.293126][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.300567][ T5838] bridge_slave_1: entered allmulticast mode
[   96.308476][ T5838] bridge_slave_1: entered promiscuous mode
[   96.391829][ T5845] team0: Port device team_slave_0 added
[   96.401935][ T5848] team0: Port device team_slave_0 added
[   96.408711][ T5842] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.418681][ T5842] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.426361][ T5842] bridge_slave_0: entered allmulticast mode
[   96.433686][ T5842] bridge_slave_0: entered promiscuous mode
[   96.459863][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   96.471394][ T5845] team0: Port device team_slave_1 added
[   96.482399][ T5848] team0: Port device team_slave_1 added
[   96.496317][ T5842] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.503688][ T5842] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.512080][ T5842] bridge_slave_1: entered allmulticast mode
[   96.519759][ T5842] bridge_slave_1: entered promiscuous mode
[   96.543551][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   96.642848][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0
[   96.650250][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   96.676653][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   96.689923][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_0
[   96.697963][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   96.724947][ T5848] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   96.737987][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_1
[   96.744973][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   96.771855][ T5848] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   96.788147][ T5842] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   96.811696][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1
[   96.819052][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   96.845487][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   96.869288][ T5842] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   96.881464][ T5838] team0: Port device team_slave_0 added
[   96.890947][ T5838] team0: Port device team_slave_1 added
[   96.936850][ T5842] team0: Port device team_slave_0 added
[   96.988942][ T5842] team0: Port device team_slave_1 added
[   96.996807][ T5847] Bluetooth: hci0: command tx timeout
[   96.997310][ T5852] Bluetooth: hci2: command tx timeout
[   97.002553][ T5847] Bluetooth: hci3: command tx timeout
[   97.008056][ T5154] Bluetooth: hci1: command tx timeout
[   97.030121][    T9] cfg80211: failed to load regulatory.db
[   97.039184][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0
[   97.046740][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   97.073395][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   97.147331][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1
[   97.154338][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   97.180852][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   97.200184][ T5848] hsr_slave_0: entered promiscuous mode
[   97.207634][ T5848] hsr_slave_1: entered promiscuous mode
[   97.216152][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_0
[   97.223266][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   97.249706][ T5842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   97.268426][ T5845] hsr_slave_0: entered promiscuous mode
[   97.275013][ T5845] hsr_slave_1: entered promiscuous mode
[   97.281828][ T5845] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   97.289773][ T5845] Cannot create hsr debugfs directory
[   97.306771][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_1
[   97.313780][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   97.339921][ T5842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   97.443377][ T5838] hsr_slave_0: entered promiscuous mode
[   97.450072][ T5838] hsr_slave_1: entered promiscuous mode
[   97.457735][ T5838] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   97.465354][ T5838] Cannot create hsr debugfs directory
[   97.551057][ T5842] hsr_slave_0: entered promiscuous mode
[   97.558483][ T5842] hsr_slave_1: entered promiscuous mode
[   97.564739][ T5842] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   97.572453][ T5842] Cannot create hsr debugfs directory
[   98.049284][ T5848] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   98.069720][ T5848] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   98.081646][ T5848] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   98.104023][ T5848] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   98.155768][ T5845] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   98.178149][ T5845] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   98.198070][ T5845] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   98.210476][ T5845] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   98.322174][ T5842] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   98.340591][ T5842] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   98.353074][ T5842] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   98.372335][ T5842] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   98.480160][ T5838] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   98.493591][ T5838] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   98.522378][ T5838] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   98.557978][ T5838] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   98.604670][ T5848] 8021q: adding VLAN 0 to HW filter on device bond0
[   98.669075][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0
[   98.725377][ T5848] 8021q: adding VLAN 0 to HW filter on device team0
[   98.750085][ T5845] 8021q: adding VLAN 0 to HW filter on device team0
[   98.787927][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.795197][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   98.808781][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.816028][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   98.845968][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0
[   98.870735][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.877925][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   98.891738][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.898914][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   98.927207][ T5842] 8021q: adding VLAN 0 to HW filter on device team0
[   98.966485][ T2989] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.973657][ T2989] bridge0: port 1(bridge_slave_0) entered forwarding state
[   99.019019][ T1099] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.026256][ T1099] bridge0: port 2(bridge_slave_1) entered forwarding state
[   99.076853][ T5847] Bluetooth: hci3: command tx timeout
[   99.079980][ T5852] Bluetooth: hci2: command tx timeout
[   99.082608][ T5847] Bluetooth: hci1: command tx timeout
[   99.090709][ T5154] Bluetooth: hci0: command tx timeout
[   99.174157][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0
[   99.243718][ T5838] 8021q: adding VLAN 0 to HW filter on device team0
[   99.321664][ T2989] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.328964][ T2989] bridge0: port 1(bridge_slave_0) entered forwarding state
[   99.401411][ T2989] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.408681][ T2989] bridge0: port 2(bridge_slave_1) entered forwarding state
[   99.613099][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0
[   99.652181][ T5848] 8021q: adding VLAN 0 to HW filter on device batadv0
[   99.834494][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0
[   99.852656][ T5848] veth0_vlan: entered promiscuous mode
[   99.882551][ T5845] veth0_vlan: entered promiscuous mode
[   99.903795][ T5848] veth1_vlan: entered promiscuous mode
[   99.957848][ T5845] veth1_vlan: entered promiscuous mode
[  100.044827][ T5848] veth0_macvtap: entered promiscuous mode
[  100.074712][ T5842] veth0_vlan: entered promiscuous mode
[  100.086535][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0
[  100.101016][ T5848] veth1_macvtap: entered promiscuous mode
[  100.129174][ T5842] veth1_vlan: entered promiscuous mode
[  100.185098][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_0
[  100.203715][ T5845] veth0_macvtap: entered promiscuous mode
[  100.221546][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_1
[  100.233831][ T5845] veth1_macvtap: entered promiscuous mode
[  100.258150][ T5848] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  100.269788][ T5848] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  100.280675][ T5848] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  100.289727][ T5848] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  100.316779][ T5842] veth0_macvtap: entered promiscuous mode
[  100.329247][ T5842] veth1_macvtap: entered promiscuous mode
[  100.359375][ T5838] veth0_vlan: entered promiscuous mode
[  100.379064][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  100.389911][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  100.403649][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0
[  100.420851][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  100.431767][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  100.443099][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  100.454142][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  100.468241][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0
[  100.479559][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  100.490567][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  100.502087][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1
[  100.525017][ T5838] veth1_vlan: entered promiscuous mode
[  100.539331][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  100.550028][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  100.560816][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  100.571705][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  100.583639][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1
[  100.602636][ T5845] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  100.611913][ T5845] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  100.621326][ T5845] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  100.630150][ T5845] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  100.653987][ T5842] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  100.663743][ T5842] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  100.672592][ T5842] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  100.682813][ T5842] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  100.849610][ T5838] veth0_macvtap: entered promiscuous mode
[  100.874190][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.883782][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.896613][ T5838] veth1_macvtap: entered promiscuous mode
[  100.917237][ T1099] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.925210][ T1099] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.943328][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  100.959773][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  100.970292][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  100.981139][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  100.991079][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  101.002772][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  101.014138][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0
[  101.053401][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  101.064101][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  101.076444][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  101.087080][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  101.097019][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  101.107519][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  101.119001][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1
[  101.144805][ T2968] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.162462][ T5852] Bluetooth: hci2: command tx timeout
[  101.162756][ T2968] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.168084][   T55] Bluetooth: hci1: command tx timeout
[  101.168131][   T55] Bluetooth: hci3: command tx timeout
[  101.168431][ T5154] Bluetooth: hci0: command tx timeout
[  101.191069][ T5838] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  101.205602][ T5838] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  101.214373][ T5838] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  101.223577][ T5838] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  101.259397][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.268849][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.355887][ T2968] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.363792][ T2968] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.432178][ T5845] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  101.554789][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.576702][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.646860][ T1099] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.654716][ T1099] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.751319][   T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.802515][ T5910] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  101.821101][   T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.856394][ T5911] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4'.
[  103.016000][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  103.135552][    T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!!
[  103.225568][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  103.236362][ T5154] Bluetooth: hci0: command tx timeout
[  103.241864][ T5852] Bluetooth: hci2: command tx timeout
[  103.245609][ T5847] Bluetooth: hci3: command tx timeout
[  103.248267][ T5852] Bluetooth: hci1: command tx timeout
[  103.560536][ T5934] process 'syz.1.7' launched ':,' with NULL argv: empty string added
[  104.626550][ T5947] Zero length message leads to an empty skb
[  105.116442][ T5955] netlink: 310 bytes leftover after parsing attributes in process `syz.3.12'.
[  105.120296][ T5955] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.122003][ T5955] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.123111][ T5935] FAULT_INJECTION: forcing a failure.
[  105.123111][ T5935] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  105.123186][ T5935] CPU: 0 UID: 0 PID: 5935 Comm: syz.0.6 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  105.123229][ T5935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  105.123254][ T5935] Call Trace:
[  105.123266][ T5935]  <TASK>
[  105.123283][ T5935]  dump_stack_lvl+0x16c/0x1f0
[  105.123344][ T5935]  should_fail_ex+0x512/0x640
[  105.123391][ T5935]  should_fail_alloc_page+0xe7/0x130
[  105.123430][ T5935]  prepare_alloc_pages+0x3c2/0x610
[  105.123480][ T5935]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  105.123546][ T5935]  ? __pfx___schedule+0x10/0x10
[  105.123599][ T5935]  ? __lock_acquire+0xaa4/0x1ba0
[  105.123630][ T5935]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  105.123696][ T5935]  ? lockdep_hardirqs_on+0x7c/0x110
[  105.123744][ T5935]  ? fb_var_to_videomode+0x4c9/0x690
[  105.123793][ T5935]  ? __pfx_fb_match_mode+0x10/0x10
[  105.123841][ T5935]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  105.123886][ T5935]  ? lockdep_hardirqs_on+0x7c/0x110
[  105.123940][ T5935]  ? vc_allocate+0x489/0x880
[  105.123990][ T5935]  __alloc_pages_noprof+0xb/0x1b0
[  105.124042][ T5935]  ___kmalloc_large_node+0x82/0x1e0
[  105.124082][ T5935]  ? con_is_visible+0x65/0x150
[  105.124136][ T5935]  __kmalloc_large_node_noprof+0x1c/0x70
[  105.124184][ T5935]  __kmalloc_noprof.cold+0xc/0x61
[  105.124243][ T5935]  vc_allocate+0x489/0x880
[  105.124298][ T5935]  ? __pfx_vc_allocate+0x10/0x10
[  105.124367][ T5935]  con_install+0xa1/0x600
[  105.124445][ T5935]  ? __pfx_con_install+0x10/0x10
[  105.124509][ T5935]  ? __pfx_con_install+0x10/0x10
[  105.124566][ T5935]  tty_init_dev.part.0+0x99/0x500
[  105.124606][ T5935]  tty_open+0xa50/0xf90
[  105.124649][ T5935]  ? __pfx_tty_open+0x10/0x10
[  105.124684][ T5935]  ? chrdev_open+0x58c/0x6a0
[  105.124752][ T5935]  ? __pfx_tty_open+0x10/0x10
[  105.124783][ T5935]  chrdev_open+0x231/0x6a0
[  105.124837][ T5935]  ? __pfx_chrdev_open+0x10/0x10
[  105.124896][ T5935]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  105.124956][ T5935]  do_dentry_open+0x741/0x1c10
[  105.125009][ T5935]  ? __pfx_chrdev_open+0x10/0x10
[  105.125075][ T5935]  vfs_open+0x82/0x3f0
[  105.125119][ T5935]  path_openat+0x1e5e/0x2d40
[  105.125190][ T5935]  ? __pfx_path_openat+0x10/0x10
[  105.125257][ T5935]  do_filp_open+0x20b/0x470
[  105.125312][ T5935]  ? __pfx_do_filp_open+0x10/0x10
[  105.125398][ T5935]  ? alloc_fd+0x471/0x7d0
[  105.125458][ T5935]  do_sys_openat2+0x11b/0x1d0
[  105.125493][ T5935]  ? __pfx_do_sys_openat2+0x10/0x10
[  105.125550][ T5935]  __x64_sys_openat+0x174/0x210
[  105.125587][ T5935]  ? __pfx___x64_sys_openat+0x10/0x10
[  105.125628][ T5935]  ? rcu_is_watching+0x12/0xc0
[  105.125685][ T5935]  do_syscall_64+0xcd/0x260
[  105.125753][ T5935]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.125801][ T5935] RIP: 0033:0x7fc8f638e169
[  105.125828][ T5935] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  105.125860][ T5935] RSP: 002b:00007fc8f727c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  105.125890][ T5935] RAX: ffffffffffffffda RBX: 00007fc8f65b6080 RCX: 00007fc8f638e169
[  105.125911][ T5935] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  105.125949][ T5935] RBP: 00007fc8f6410a68 R08: 0000000000000000 R09: 0000000000000000
[  105.125969][ T5935] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  105.125989][ T5935] R13: 0000000000000000 R14: 00007fc8f65b6080 R15: 00007ffeb0e7c0a8
[  105.126032][ T5935]  </TASK>
[  106.405738][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  106.794465][ T5973] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  107.500387][ T5979] mmap: syz.0.18 (5979) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  110.697730][ T6031] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list

syzkaller
syzkaller login: [  111.978892][ T6052] netlink: 20 bytes leftover after parsing attributes in process `syz.0.31'.
[  113.198333][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  113.207000][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  113.550744][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  113.559488][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  113.569530][    T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!!
[  113.578636][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  114.634626][ T6074] netlink: 20 bytes leftover after parsing attributes in process `syz.3.36'.
[  121.281460][ T6152] Invalid ELF header magic: != ELF
[  122.573750][ T6160] FAULT_INJECTION: forcing a failure.
[  122.573750][ T6160] name failslab, interval 1, probability 0, space 0, times 0
[  122.628586][ T6160] CPU: 1 UID: 0 PID: 6160 Comm: syz.0.52 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  122.628636][ T6160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  122.628655][ T6160] Call Trace:
[  122.628666][ T6160]  <TASK>
[  122.628678][ T6160]  dump_stack_lvl+0x16c/0x1f0
[  122.628732][ T6160]  should_fail_ex+0x512/0x640
[  122.628769][ T6160]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  122.628824][ T6160]  should_failslab+0xc2/0x120
[  122.628854][ T6160]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  122.628903][ T6160]  ? idr_get_next_ul+0x196/0x2e0
[  122.628944][ T6160]  ? __alloc_skb+0x2b2/0x380
[  122.628987][ T6160]  __alloc_skb+0x2b2/0x380
[  122.629033][ T6160]  ? __pfx___alloc_skb+0x10/0x10
[  122.629076][ T6160]  ? idr_get_next+0xec/0x150
[  122.629118][ T6160]  ? __pfx_idr_get_next+0x10/0x10
[  122.629166][ T6160]  ctrl_build_family_msg+0x36/0xa0
[  122.629203][ T6160]  ctrl_getfamily+0x354/0x540
[  122.629237][ T6160]  ? __pfx_ctrl_getfamily+0x10/0x10
[  122.629272][ T6160]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  122.629307][ T6160]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  122.629351][ T6160]  genl_family_rcv_msg_doit+0x206/0x2f0
[  122.629387][ T6160]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  122.629419][ T6160]  ? __pfx___mutex_lock+0x10/0x10
[  122.629466][ T6160]  ? genl_get_cmd+0x194/0x580
[  122.629528][ T6160]  ? __local_bh_enable_ip+0xa4/0x120
[  122.629572][ T6160]  ? __dev_queue_xmit+0x896/0x43e0
[  122.629605][ T6160]  ? __radix_tree_lookup+0x21f/0x2c0
[  122.629656][ T6160]  genl_rcv_msg+0x55c/0x800
[  122.629693][ T6160]  ? __pfx_genl_rcv_msg+0x10/0x10
[  122.629723][ T6160]  ? __pfx___dev_queue_xmit+0x10/0x10
[  122.629760][ T6160]  ? __pfx_ctrl_getfamily+0x10/0x10
[  122.629797][ T6160]  ? __lock_acquire+0xaa4/0x1ba0
[  122.629835][ T6160]  netlink_rcv_skb+0x16a/0x440
[  122.629885][ T6160]  ? __pfx_genl_rcv_msg+0x10/0x10
[  122.629919][ T6160]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  122.629989][ T6160]  ? __pfx_down_read+0x10/0x10
[  122.630029][ T6160]  ? netlink_deliver_tap+0x1ae/0xd30
[  122.630082][ T6160]  genl_rcv+0x28/0x40
[  122.630131][ T6160]  netlink_unicast+0x53a/0x7f0
[  122.630185][ T6160]  ? __pfx_netlink_unicast+0x10/0x10
[  122.630245][ T6160]  netlink_sendmsg+0x8d1/0xdd0
[  122.630302][ T6160]  ? __pfx_netlink_sendmsg+0x10/0x10
[  122.630367][ T6160]  __sys_sendto+0x495/0x510
[  122.630409][ T6160]  ? __pfx___sys_sendto+0x10/0x10
[  122.630461][ T6160]  ? fd_install+0x225/0x750
[  122.630525][ T6160]  ? xfd_validate_state+0x5d/0x180
[  122.630565][ T6160]  ? rcu_is_watching+0x12/0xc0
[  122.630612][ T6160]  __x64_sys_sendto+0xe0/0x1c0
[  122.630648][ T6160]  ? do_syscall_64+0x91/0x260
[  122.630696][ T6160]  ? lockdep_hardirqs_on+0x7c/0x110
[  122.630742][ T6160]  do_syscall_64+0xcd/0x260
[  122.630794][ T6160]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.630826][ T6160] RIP: 0033:0x7fc8f638fffc
[  122.630852][ T6160] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[  122.630883][ T6160] RSP: 002b:00007fc8f729bec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  122.630914][ T6160] RAX: ffffffffffffffda RBX: 00007fc8f729bfc0 RCX: 00007fc8f638fffc
[  122.630936][ T6160] RDX: 0000000000000028 RSI: 00007fc8f729c010 RDI: 0000000000000009
[  122.630956][ T6160] RBP: 0000000000000000 R08: 00007fc8f729bf14 R09: 000000000000000c
[  122.630976][ T6160] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000009
[  122.630995][ T6160] R13: 00007fc8f729bf68 R14: 00007fc8f729c010 R15: 0000000000000000
[  122.631043][ T6160]  </TASK>
[  123.543071][ T6159] FAULT_INJECTION: forcing a failure.
[  123.543071][ T6159] name failslab, interval 1, probability 0, space 0, times 0
[  123.543121][ T6159] CPU: 0 UID: 0 PID: 6159 Comm: syz.3.53 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  123.543162][ T6159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  123.543181][ T6159] Call Trace:
[  123.543192][ T6159]  <TASK>
[  123.543204][ T6159]  dump_stack_lvl+0x16c/0x1f0
[  123.543258][ T6159]  should_fail_ex+0x512/0x640
[  123.543294][ T6159]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  123.543343][ T6159]  should_failslab+0xc2/0x120
[  123.543375][ T6159]  __kmalloc_cache_noprof+0x6a/0x3e0
[  123.543421][ T6159]  ? vc_allocate+0x16c/0x880
[  123.543478][ T6159]  vc_allocate+0x16c/0x880
[  123.543530][ T6159]  ? __pfx_vc_allocate+0x10/0x10
[  123.543593][ T6159]  con_install+0xa1/0x600
[  123.543647][ T6159]  ? __pfx_con_install+0x10/0x10
[  123.543716][ T6159]  ? __pfx_con_install+0x10/0x10
[  123.543769][ T6159]  tty_init_dev.part.0+0x99/0x500
[  123.543807][ T6159]  tty_open+0xa50/0xf90
[  123.543849][ T6159]  ? __pfx_tty_open+0x10/0x10
[  123.543881][ T6159]  ? chrdev_open+0x10b/0x6a0
[  123.543938][ T6159]  ? __pfx_tty_open+0x10/0x10
[  123.543969][ T6159]  chrdev_open+0x231/0x6a0
[  123.544018][ T6159]  ? __pfx_apparmor_file_open+0x10/0x10
[  123.544060][ T6159]  ? __pfx_chrdev_open+0x10/0x10
[  123.544115][ T6159]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  123.544169][ T6159]  do_dentry_open+0x741/0x1c10
[  123.544217][ T6159]  ? __pfx_chrdev_open+0x10/0x10
[  123.544277][ T6159]  vfs_open+0x82/0x3f0
[  123.544317][ T6159]  path_openat+0x1e5e/0x2d40
[  123.544381][ T6159]  ? __pfx_path_openat+0x10/0x10
[  123.544442][ T6159]  do_filp_open+0x20b/0x470
[  123.544491][ T6159]  ? __pfx_do_filp_open+0x10/0x10
[  123.544572][ T6159]  ? alloc_fd+0x471/0x7d0
[  123.544631][ T6159]  do_sys_openat2+0x11b/0x1d0
[  123.544666][ T6159]  ? __pfx_do_sys_openat2+0x10/0x10
[  123.544739][ T6159]  __x64_sys_openat+0x174/0x210
[  123.544778][ T6159]  ? __pfx___x64_sys_openat+0x10/0x10
[  123.544819][ T6159]  ? rcu_is_watching+0x12/0xc0
[  123.544877][ T6159]  do_syscall_64+0xcd/0x260
[  123.544932][ T6159]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.544967][ T6159] RIP: 0033:0x7f3983f8e169
[  123.544993][ T6159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.545026][ T6159] RSP: 002b:00007f3984d97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  123.545058][ T6159] RAX: ffffffffffffffda RBX: 00007f39841b5fa0 RCX: 00007f3983f8e169
[  123.545080][ T6159] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  123.545102][ T6159] RBP: 00007f3984010a68 R08: 0000000000000000 R09: 0000000000000000
[  123.545121][ T6159] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  123.545142][ T6159] R13: 0000000000000000 R14: 00007f39841b5fa0 R15: 00007fff0a3233a8
[  123.545187][ T6159]  </TASK>
[  126.040679][ T6200] netlink: 4 bytes leftover after parsing attributes in process `syz.3.60'.
[  126.160122][ T6203] netlink: 330 bytes leftover after parsing attributes in process `syz.2.61'.
[  126.318341][ T6200] netlink: 346 bytes leftover after parsing attributes in process `syz.3.60'.
[  126.614148][   T30] audit: type=1800 audit(6039881960.221:2): pid=6210 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.62" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0
[  126.644392][ T6207] netlink: 346 bytes leftover after parsing attributes in process `syz.2.63'.
[  129.491105][ T6244] netlink: 226 bytes leftover after parsing attributes in process `syz.1.69'.
[  129.599785][ T6244] netlink: 4 bytes leftover after parsing attributes in process `syz.1.69'.
[  129.646484][ T6244] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check.
[  131.267760][ T6261] Invalid ELF header magic: != ELF
[  133.232502][ T6279] svc: failed to register nfsdv3 RPC service (errno 111).
[  133.271530][ T6279] svc: failed to register nfsaclv3 RPC service (errno 111).
[  135.128494][ T6302] netlink: 20 bytes leftover after parsing attributes in process `syz.2.80'.
[  136.258023][ T6314] capability: warning: `syz.2.84' uses 32-bit capabilities (legacy support in use)
[  137.560111][ T6334] FAULT_INJECTION: forcing a failure.
[  137.560111][ T6334] name failslab, interval 1, probability 0, space 0, times 0
[  137.618227][ T6334] CPU: 0 UID: 0 PID: 6334 Comm: syz.3.88 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  137.618273][ T6334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  137.618291][ T6334] Call Trace:
[  137.618302][ T6334]  <TASK>
[  137.618314][ T6334]  dump_stack_lvl+0x16c/0x1f0
[  137.618369][ T6334]  should_fail_ex+0x512/0x640
[  137.618413][ T6334]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  137.618474][ T6334]  should_failslab+0xc2/0x120
[  137.618505][ T6334]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  137.618561][ T6334]  ? register_ip_vs_app_inc+0x8c/0x4d0
[  137.618610][ T6334]  kmemdup_noprof+0x29/0x60
[  137.618643][ T6334]  register_ip_vs_app_inc+0x8c/0x4d0
[  137.618689][ T6334]  __ip_vs_ftp_init+0x14b/0x220
[  137.618743][ T6334]  ? __ip_vs_lblcr_init+0x189/0x330
[  137.618783][ T6334]  ? __pfx___ip_vs_ftp_init+0x10/0x10
[  137.618826][ T6334]  ops_init+0x1df/0x5f0
[  137.618878][ T6334]  setup_net+0x21e/0x850
[  137.618928][ T6334]  ? __pfx_setup_net+0x10/0x10
[  137.618972][ T6334]  ? lockdep_init_map_type+0x5c/0x280
[  137.619004][ T6334]  ? __pfx_down_read_killable+0x10/0x10
[  137.619041][ T6334]  ? debug_mutex_init+0x37/0x70
[  137.619086][ T6334]  copy_net_ns+0x2a6/0x5f0
[  137.619141][ T6334]  create_new_namespaces+0x3ea/0xad0
[  137.619198][ T6334]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  137.619254][ T6334]  ksys_unshare+0x45b/0xa40
[  137.619305][ T6334]  ? __pfx_ksys_unshare+0x10/0x10
[  137.619353][ T6334]  ? xfd_validate_state+0x5d/0x180
[  137.619400][ T6334]  ? rcu_is_watching+0x12/0xc0
[  137.619452][ T6334]  __x64_sys_unshare+0x31/0x40
[  137.619502][ T6334]  do_syscall_64+0xcd/0x260
[  137.619554][ T6334]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.619586][ T6334] RIP: 0033:0x7f3983f8e169
[  137.619612][ T6334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  137.619642][ T6334] RSP: 002b:00007f3984d97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  137.619673][ T6334] RAX: ffffffffffffffda RBX: 00007f39841b5fa0 RCX: 00007f3983f8e169
[  137.619694][ T6334] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  137.619713][ T6334] RBP: 00007f3984010a68 R08: 0000000000000000 R09: 0000000000000000
[  137.619732][ T6334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  137.619751][ T6334] R13: 0000000000000000 R14: 00007f39841b5fa0 R15: 00007fff0a3233a8
[  137.619793][ T6334]  </TASK>
[  137.990416][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  138.005681][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  138.455771][ T6375] netlink: 20 bytes leftover after parsing attributes in process `syz.2.89'.
[  138.614939][ T6331] kexec: Could not allocate control_code_buffer
[  139.234828][ T6382] netlink: 346 bytes leftover after parsing attributes in process `syz.3.93'.
[  139.332378][ T6387] netlink: 4 bytes leftover after parsing attributes in process `syz.2.94'.
[  139.480333][ T6387] netlink: 346 bytes leftover after parsing attributes in process `syz.2.94'.
[  141.296383][ T6406] FAULT_INJECTION: forcing a failure.
[  141.296383][ T6406] name failslab, interval 1, probability 0, space 0, times 0
[  141.334901][ T6406] CPU: 1 UID: 0 PID: 6406 Comm: syz.2.100 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  141.334949][ T6406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  141.334970][ T6406] Call Trace:
[  141.334981][ T6406]  <TASK>
[  141.334993][ T6406]  dump_stack_lvl+0x16c/0x1f0
[  141.335058][ T6406]  should_fail_ex+0x512/0x640
[  141.335096][ T6406]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  141.335155][ T6406]  should_failslab+0xc2/0x120
[  141.335186][ T6406]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  141.335240][ T6406]  ? __pfx___register_sysctl_table+0x10/0x10
[  141.335276][ T6406]  ? is_module_address+0x69/0xf0
[  141.335306][ T6406]  ? __ip_vs_lblcr_init+0x77/0x330
[  141.335348][ T6406]  ? __pfx___ip_vs_lblcr_init+0x10/0x10
[  141.335389][ T6406]  kmemdup_noprof+0x29/0x60
[  141.335424][ T6406]  __ip_vs_lblcr_init+0x77/0x330
[  141.335463][ T6406]  ? __pfx___ip_vs_lblcr_init+0x10/0x10
[  141.335499][ T6406]  ops_init+0x1df/0x5f0
[  141.335549][ T6406]  setup_net+0x21e/0x850
[  141.335599][ T6406]  ? __pfx_setup_net+0x10/0x10
[  141.335643][ T6406]  ? lockdep_init_map_type+0x5c/0x280
[  141.335675][ T6406]  ? __pfx_down_read_killable+0x10/0x10
[  141.335712][ T6406]  ? debug_mutex_init+0x37/0x70
[  141.335758][ T6406]  copy_net_ns+0x2a6/0x5f0
[  141.335813][ T6406]  create_new_namespaces+0x3ea/0xad0
[  141.335870][ T6406]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  141.335922][ T6406]  ksys_unshare+0x45b/0xa40
[  141.335973][ T6406]  ? __pfx_ksys_unshare+0x10/0x10
[  141.336030][ T6406]  ? xfd_validate_state+0x5d/0x180
[  141.336069][ T6406]  ? rcu_is_watching+0x12/0xc0
[  141.336122][ T6406]  __x64_sys_unshare+0x31/0x40
[  141.336172][ T6406]  do_syscall_64+0xcd/0x260
[  141.336224][ T6406]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.336257][ T6406] RIP: 0033:0x7fd9a6f8e169
[  141.336284][ T6406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.336314][ T6406] RSP: 002b:00007fd9a7dc4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  141.336344][ T6406] RAX: ffffffffffffffda RBX: 00007fd9a71b5fa0 RCX: 00007fd9a6f8e169
[  141.336365][ T6406] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  141.336383][ T6406] RBP: 00007fd9a7010a68 R08: 0000000000000000 R09: 0000000000000000
[  141.336402][ T6406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  141.336419][ T6406] R13: 0000000000000000 R14: 00007fd9a71b5fa0 R15: 00007ffe3da85ea8
[  141.336460][ T6406]  </TASK>
[  141.582917][    C1] vkms_vblank_simulate: vblank timer overrun
[  141.879990][ T6416] netlink: 8 bytes leftover after parsing attributes in process `syz.0.103'.
[  148.172788][ T6477] FAULT_INJECTION: forcing a failure.
[  148.172788][ T6477] name failslab, interval 1, probability 0, space 0, times 0
[  148.234801][ T6477] CPU: 1 UID: 0 PID: 6477 Comm: syz.1.118 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  148.234845][ T6477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  148.234864][ T6477] Call Trace:
[  148.234874][ T6477]  <TASK>
[  148.234885][ T6477]  dump_stack_lvl+0x16c/0x1f0
[  148.234939][ T6477]  should_fail_ex+0x512/0x640
[  148.234975][ T6477]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  148.235023][ T6477]  should_failslab+0xc2/0x120
[  148.235053][ T6477]  __kmalloc_cache_noprof+0x6a/0x3e0
[  148.235097][ T6477]  ? assoc_array_insert+0x10c/0x3970
[  148.235146][ T6477]  assoc_array_insert+0x10c/0x3970
[  148.235190][ T6477]  ? rcu_is_watching+0x12/0xc0
[  148.235230][ T6477]  ? trace_contention_end+0xdd/0x130
[  148.235263][ T6477]  ? __mutex_lock+0x1ca/0xb90
[  148.235319][ T6477]  ? __pfx_assoc_array_insert+0x10/0x10
[  148.235359][ T6477]  ? __pfx___might_resched+0x10/0x10
[  148.235417][ T6477]  ? down_write+0x14d/0x200
[  148.235444][ T6477]  ? __pfx_down_write+0x10/0x10
[  148.235475][ T6477]  __key_link_begin+0xf5/0x260
[  148.235523][ T6477]  key_link+0x103/0x310
[  148.235569][ T6477]  ? __pfx_key_link+0x10/0x10
[  148.235613][ T6477]  ? bpf_lsm_key_permission+0x9/0x10
[  148.235659][ T6477]  ? key_task_permission+0x2e5/0x400
[  148.235706][ T6477]  keyctl_get_persistent+0x5c3/0x8c0
[  148.235754][ T6477]  ? __pfx_keyctl_get_persistent+0x10/0x10
[  148.235799][ T6477]  ? __fget_files+0x20e/0x3c0
[  148.235856][ T6477]  ? ksys_write+0x1b9/0x240
[  148.235900][ T6477]  ? __pfx_ksys_write+0x10/0x10
[  148.235951][ T6477]  __do_sys_keyctl+0x1a9/0x590
[  148.235987][ T6477]  do_syscall_64+0xcd/0x260
[  148.236037][ T6477]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.236069][ T6477] RIP: 0033:0x7ff3a8f8e169
[  148.236093][ T6477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.236122][ T6477] RSP: 002b:00007ff3a9e46038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  148.236151][ T6477] RAX: ffffffffffffffda RBX: 00007ff3a91b5fa0 RCX: 00007ff3a8f8e169
[  148.236171][ T6477] RDX: fffffffffffffffc RSI: 00feffffffffffff RDI: 2000000000000016
[  148.236193][ T6477] RBP: 00007ff3a9e46090 R08: 000000000000000c R09: 0000000000000000
[  148.236212][ T6477] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  148.236230][ T6477] R13: 0000000000000001 R14: 00007ff3a91b5fa0 R15: 00007ffc6a2b1a78
[  148.236272][ T6477]  </TASK>
[  149.394034][ T6482] netlink: 4 bytes leftover after parsing attributes in process `syz.3.117'.
[  149.577747][ T6483] tty tty38: ldisc open failed (-12), clearing slot 37
[  151.366468][ T6515] netlink: zone id is out of range
[  151.893282][ T6520] FAULT_INJECTION: forcing a failure.
[  151.893282][ T6520] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  151.910079][ T6520] CPU: 1 UID: 0 PID: 6520 Comm: syz.0.127 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  151.910119][ T6520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  151.910137][ T6520] Call Trace:
[  151.910147][ T6520]  <TASK>
[  151.910158][ T6520]  dump_stack_lvl+0x16c/0x1f0
[  151.910210][ T6520]  should_fail_ex+0x512/0x640
[  151.910253][ T6520]  _copy_to_user+0x32/0xd0
[  151.910296][ T6520]  simple_read_from_buffer+0xcb/0x170
[  151.910344][ T6520]  proc_fail_nth_read+0x197/0x270
[  151.910386][ T6520]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  151.910431][ T6520]  ? rw_verify_area+0xcf/0x680
[  151.910468][ T6520]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  151.910513][ T6520]  vfs_read+0x1de/0xc70
[  151.910561][ T6520]  ? __pfx___mutex_lock+0x10/0x10
[  151.910609][ T6520]  ? __pfx_vfs_read+0x10/0x10
[  151.910664][ T6520]  ? __fget_files+0x20e/0x3c0
[  151.910723][ T6520]  ksys_read+0x12a/0x240
[  151.910765][ T6520]  ? __pfx_ksys_read+0x10/0x10
[  151.910819][ T6520]  do_syscall_64+0xcd/0x260
[  151.910869][ T6520]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.910900][ T6520] RIP: 0033:0x7fc8f638cb7c
[  151.910926][ T6520] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  151.910955][ T6520] RSP: 002b:00007fc8f729d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  151.910984][ T6520] RAX: ffffffffffffffda RBX: 00007fc8f65b5fa0 RCX: 00007fc8f638cb7c
[  151.911004][ T6520] RDX: 000000000000000f RSI: 00007fc8f729d0a0 RDI: 0000000000000003
[  151.911029][ T6520] RBP: 00007fc8f729d090 R08: 0000000000000000 R09: 0000000000000000
[  151.911047][ T6520] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  151.911064][ T6520] R13: 0000000000000001 R14: 00007fc8f65b5fa0 R15: 00007ffeb0e7c0a8
[  151.911104][ T6520]  </TASK>
[  156.658568][ T6561] Invalid ELF header magic: != ELF
[  156.794588][ T6580] netlink: 20 bytes leftover after parsing attributes in process `syz.2.136'.
[  157.885301][ T6586] netlink: 8 bytes leftover after parsing attributes in process `syz.2.138'.
[  159.401432][ T6610] netlink: 342 bytes leftover after parsing attributes in process `syz.1.144'.
[  159.553176][ T6607] netlink: 20 bytes leftover after parsing attributes in process `syz.0.141'.
[  161.666847][ T6632] misc userio: No port type given on /dev/userio
[  164.171929][ T6662] netlink: 4 bytes leftover after parsing attributes in process `syz.0.157'.
[  164.755040][ T6666] netlink: 20 bytes leftover after parsing attributes in process `syz.3.158'.
[  165.302989][ T6680] Invalid ELF header magic: != ELF
[  166.301408][ T6658] Invalid ELF header magic: != ELF
[  167.688480][ T6716] netlink: 20 bytes leftover after parsing attributes in process `syz.0.171'.
[  170.136718][ T6756] netlink: 20 bytes leftover after parsing attributes in process `syz.2.182'.
[  172.164786][ T6780] netlink: 20 bytes leftover after parsing attributes in process `syz.0.187'.
[  172.718380][ T6784] netlink: 20 bytes leftover after parsing attributes in process `syz.3.190'.
[  176.774422][ T6826] netlink: 20 bytes leftover after parsing attributes in process `syz.0.201'.
[  178.846459][ T6847] netlink: 16 bytes leftover after parsing attributes in process `syz.3.210'.
[  180.669253][ T6865] netlink: 20 bytes leftover after parsing attributes in process `syz.0.214'.
[  180.958999][ T6872] netlink: 28 bytes leftover after parsing attributes in process `syz.1.216'.
[  182.439101][ T6899] netlink: 20 bytes leftover after parsing attributes in process `syz.3.220'.
[  184.072375][ T5852] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18
[  184.242655][ T6923] netlink: 4 bytes leftover after parsing attributes in process `syz.3.228'.
[  184.393119][ T6923] netlink: 346 bytes leftover after parsing attributes in process `syz.3.228'.
[  186.502961][ T6965] netlink: 20 bytes leftover after parsing attributes in process `syz.2.237'.
[  187.314612][ T6975] netlink: 20 bytes leftover after parsing attributes in process `syz.0.238'.
[  187.837351][ T6988] netlink: 4 bytes leftover after parsing attributes in process `syz.2.244'.
[  187.966613][ T6990] netlink: 346 bytes leftover after parsing attributes in process `syz.2.244'.
[  188.482514][ T6993] netlink: 28 bytes leftover after parsing attributes in process `syz.2.246'.
[  188.502500][ T6993] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[  188.754649][ T7000] netlink: 20 bytes leftover after parsing attributes in process `syz.1.248'.
[  189.081962][ T6995] syz.2.246 uses obsolete (PF_INET,SOCK_PACKET)
[  189.660474][ T7030] netlink: 4 bytes leftover after parsing attributes in process `syz.2.254'.
[  189.695314][ T7016] Invalid ELF header magic: != ELF
[  189.785690][ T7033] netlink: 346 bytes leftover after parsing attributes in process `syz.2.254'.
[  190.316371][ T7040] netlink: 20 bytes leftover after parsing attributes in process `syz.2.258'.
[  191.166808][ T7053] netlink: 330 bytes leftover after parsing attributes in process `syz.3.262'.
[  191.394151][ T7046] netlink: 20 bytes leftover after parsing attributes in process `syz.2.260'.
[  191.468653][ T7048] netlink: 20 bytes leftover after parsing attributes in process `syz.1.261'.
[  193.810992][ T7091] __nla_validate_parse: 1 callbacks suppressed
[  193.811019][ T7091] netlink: 20 bytes leftover after parsing attributes in process `syz.3.273'.
[  195.149590][ T7106] netlink: 20 bytes leftover after parsing attributes in process `syz.0.274'.
[  195.286677][ T7112] netlink: 20 bytes leftover after parsing attributes in process `syz.2.280'.
[  195.469214][ T7120] netlink: 'syz.1.281': attribute type 1 has an invalid length.
[  196.173510][ T7125] Invalid ELF header magic: != ELF
[  197.396058][ T7149] netlink: 20 bytes leftover after parsing attributes in process `syz.2.290'.
[  197.816442][ T7152] netlink: 20 bytes leftover after parsing attributes in process `syz.3.292'.
[  199.412323][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  199.421783][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  200.345019][ T7201] netlink: 4 bytes leftover after parsing attributes in process `syz.1.305'.
[  200.404779][ T7201] netlink: 346 bytes leftover after parsing attributes in process `syz.1.305'.
[  200.629874][ T7198] netlink: 20 bytes leftover after parsing attributes in process `syz.3.304'.
[  201.161342][ T7217] netlink: 4 bytes leftover after parsing attributes in process `syz.3.310'.
[  201.337666][ T7207] netlink: 20 bytes leftover after parsing attributes in process `syz.2.307'.
[  202.244168][ T7235] netlink: 20 bytes leftover after parsing attributes in process `syz.3.315'.
[  202.933895][ T7243] netlink: 4 bytes leftover after parsing attributes in process `syz.0.317'.
[  202.967252][ T7243] netlink: 346 bytes leftover after parsing attributes in process `syz.0.317'.
[  208.626703][ T7367] netlink: 20 bytes leftover after parsing attributes in process `syz.1.345'.
[  208.872570][ T7370] netlink: 'syz.1.347': attribute type 10 has an invalid length.
[  208.895237][ T7370] netlink: 230 bytes leftover after parsing attributes in process `syz.1.347'.
[  209.128034][ T7353] kexec: Could not allocate control_code_buffer
[  209.774623][ T7390] netlink: 4 bytes leftover after parsing attributes in process `syz.1.355'.
[  209.814178][ T7390] netlink: 346 bytes leftover after parsing attributes in process `syz.1.355'.
[  209.814541][ T7389] netlink: 'syz.0.354': attribute type 4 has an invalid length.
[  211.430957][ T7412] Invalid ELF header magic: != ELF
[  212.080923][ T7424] netlink: 16 bytes leftover after parsing attributes in process `syz.1.364'.
[  212.450997][ T7431] netlink: 20 bytes leftover after parsing attributes in process `syz.2.365'.
[  214.169805][ T7461] FAULT_INJECTION: forcing a failure.
[  214.169805][ T7461] name failslab, interval 1, probability 0, space 0, times 0
[  214.169873][ T7461] CPU: 0 UID: 0 PID: 7461 Comm: syz.0.368 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  214.169938][ T7461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  214.169966][ T7461] Call Trace:
[  214.169975][ T7461]  <TASK>
[  214.169987][ T7461]  dump_stack_lvl+0x16c/0x1f0
[  214.170039][ T7461]  should_fail_ex+0x512/0x640
[  214.170073][ T7461]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  214.170127][ T7461]  should_failslab+0xc2/0x120
[  214.170157][ T7461]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  214.170205][ T7461]  ? sk_prot_alloc+0x60/0x2a0
[  214.170261][ T7461]  sk_prot_alloc+0x60/0x2a0
[  214.170313][ T7461]  sk_alloc+0x36/0xc20
[  214.170354][ T7461]  inet_create+0x3a1/0x1090
[  214.170386][ T7461]  ? inet_create+0x93/0x1090
[  214.170423][ T7461]  __sock_create+0x335/0x8d0
[  214.170470][ T7461]  __sys_socket+0x14d/0x260
[  214.170499][ T7461]  ? __fget_files+0x20e/0x3c0
[  214.170545][ T7461]  ? __pfx___sys_socket+0x10/0x10
[  214.170590][ T7461]  __x64_sys_socket+0x72/0xb0
[  214.170621][ T7461]  ? lockdep_hardirqs_on+0x7c/0x110
[  214.170666][ T7461]  do_syscall_64+0xcd/0x260
[  214.170718][ T7461]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.170750][ T7461] RIP: 0033:0x7fc8f638e169
[  214.170774][ T7461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.170803][ T7461] RSP: 002b:00007fc8f727c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  214.170831][ T7461] RAX: ffffffffffffffda RBX: 00007fc8f65b6080 RCX: 00007fc8f638e169
[  214.170851][ T7461] RDX: 0000000000000073 RSI: 0000000000080002 RDI: 0000000000000002
[  214.170871][ T7461] RBP: 00007fc8f6410a68 R08: 0000000000000000 R09: 0000000000000000
[  214.170890][ T7461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  214.170908][ T7461] R13: 0000000000000000 R14: 00007fc8f65b6080 R15: 00007ffeb0e7c0a8
[  214.170947][ T7461]  </TASK>
[  215.722940][ T7486] netlink: 20 bytes leftover after parsing attributes in process `syz.1.387'.
[  216.371078][ T7503] netlink: 4 bytes leftover after parsing attributes in process `syz.1.382'.
[  216.466466][ T7503] netlink: 346 bytes leftover after parsing attributes in process `syz.1.382'.
[  217.624845][ T7527] netlink: 20 bytes leftover after parsing attributes in process `syz.3.388'.
[  218.351858][ T7526] netlink: 20 bytes leftover after parsing attributes in process `syz.1.389'.
[  218.751112][   T30] audit: type=1804 audit(6039882060.351:3): pid=7539 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.392" name=08 dev="tmpfs" ino=556 res=1 errno=0
[  218.764001][ T7531] netlink: 20 bytes leftover after parsing attributes in process `syz.0.390'.
[  218.792718][ T7542] netlink: 93 bytes leftover after parsing attributes in process `syz.1.393'.
[  219.736173][ T5852] Bluetooth: hci2: unexpected subevent 0x01 length: 4 < 18
[  221.830060][ T7583] netlink: 20 bytes leftover after parsing attributes in process `syz.1.403'.
[  221.992817][ T5840] Bluetooth: hci3: command 0x0406 tx timeout
[  221.992847][ T5850] Bluetooth: hci2: command 0x0406 tx timeout
[  221.998995][ T5840] Bluetooth: hci1: command 0x0406 tx timeout
[  221.999041][ T5840] Bluetooth: hci0: command 0x0406 tx timeout
[  222.584802][ T7595] netlink: 20 bytes leftover after parsing attributes in process `syz.2.406'.
[  222.923612][ T7603] FAULT_INJECTION: forcing a failure.
[  222.923612][ T7603] name failslab, interval 1, probability 0, space 0, times 0
[  222.937703][ T7603] CPU: 1 UID: 0 PID: 7603 Comm: syz.0.407 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  222.937748][ T7603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  222.937768][ T7603] Call Trace:
[  222.937779][ T7603]  <TASK>
[  222.937791][ T7603]  dump_stack_lvl+0x16c/0x1f0
[  222.937845][ T7603]  should_fail_ex+0x512/0x640
[  222.937880][ T7603]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  222.937929][ T7603]  should_failslab+0xc2/0x120
[  222.937959][ T7603]  __kmalloc_cache_noprof+0x6a/0x3e0
[  222.938004][ T7603]  ? snd_timer_user_open+0x6b/0x180
[  222.938036][ T7603]  ? __pfx_snd_timer_user_open+0x10/0x10
[  222.938069][ T7603]  snd_timer_user_open+0x6b/0x180
[  222.938100][ T7603]  snd_open+0x1fe/0x450
[  222.938146][ T7603]  ? __pfx_snd_open+0x10/0x10
[  222.938192][ T7603]  chrdev_open+0x231/0x6a0
[  222.938240][ T7603]  ? __pfx_apparmor_file_open+0x10/0x10
[  222.938280][ T7603]  ? __pfx_chrdev_open+0x10/0x10
[  222.938332][ T7603]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  222.938384][ T7603]  do_dentry_open+0x741/0x1c10
[  222.938441][ T7603]  ? __pfx_chrdev_open+0x10/0x10
[  222.938500][ T7603]  vfs_open+0x82/0x3f0
[  222.938536][ T7603]  path_openat+0x1e5e/0x2d40
[  222.938598][ T7603]  ? __pfx_path_openat+0x10/0x10
[  222.938655][ T7603]  do_filp_open+0x20b/0x470
[  222.938704][ T7603]  ? __pfx_do_filp_open+0x10/0x10
[  222.938780][ T7603]  ? alloc_fd+0x471/0x7d0
[  222.938838][ T7603]  do_sys_openat2+0x11b/0x1d0
[  222.938872][ T7603]  ? __pfx_do_sys_openat2+0x10/0x10
[  222.938929][ T7603]  __x64_sys_openat+0x174/0x210
[  222.938965][ T7603]  ? __pfx___x64_sys_openat+0x10/0x10
[  222.939003][ T7603]  ? rcu_is_watching+0x12/0xc0
[  222.939056][ T7603]  do_syscall_64+0xcd/0x260
[  222.939108][ T7603]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.939140][ T7603] RIP: 0033:0x7fc8f638e169
[  222.939166][ T7603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  222.939196][ T7603] RSP: 002b:00007fc8f727c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  222.939227][ T7603] RAX: ffffffffffffffda RBX: 00007fc8f65b6080 RCX: 00007fc8f638e169
[  222.939248][ T7603] RDX: 0000000000000100 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  222.939269][ T7603] RBP: 00007fc8f6410a68 R08: 0000000000000000 R09: 0000000000000000
[  222.939289][ T7603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  222.939309][ T7603] R13: 0000000000000000 R14: 00007fc8f65b6080 R15: 00007ffeb0e7c0a8
[  222.939349][ T7603]  </TASK>
[  224.412530][ T7629] netlink: 20 bytes leftover after parsing attributes in process `syz.3.414'.
[  225.406509][ T7642] netlink: 20 bytes leftover after parsing attributes in process `syz.3.418'.
[  226.247327][ T7639] netlink: 20 bytes leftover after parsing attributes in process `syz.0.419'.
[  227.478073][ T7666] netlink: 8 bytes leftover after parsing attributes in process `syz.3.426'.
[  227.721485][ T7678] netlink: 346 bytes leftover after parsing attributes in process `syz.0.431'.
[  228.022750][ T7690] netlink: 28 bytes leftover after parsing attributes in process `syz.3.433'.
[  229.538295][ T7712] mkiss: ax0: crc mode is auto.
[  229.843540][ T7722] netlink: 338 bytes leftover after parsing attributes in process `syz.3.441'.
[  229.901328][ T7723] netlink: 338 bytes leftover after parsing attributes in process `syz.3.441'.
[  230.169761][ T7735] netlink: 346 bytes leftover after parsing attributes in process `syz.1.443'.
[  230.241567][ T5847] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[  233.401840][ T7776] netlink: 346 bytes leftover after parsing attributes in process `syz.3.454'.
[  235.022697][ T7816] netlink: 346 bytes leftover after parsing attributes in process `syz.2.464'.
[  236.562945][ T7828] kexec: Could not allocate control_code_buffer
[  236.825900][ T7851] netlink: 346 bytes leftover after parsing attributes in process `syz.2.474'.
[  239.877049][ T7901] netlink: 346 bytes leftover after parsing attributes in process `syz.2.485'.
[  240.072396][ T7907] netlink: 8 bytes leftover after parsing attributes in process `syz.3.487'.
[  240.854968][ T7916] netlink: 194 bytes leftover after parsing attributes in process `syz.1.489'.
[  242.487029][ T7947] netlink: 20 bytes leftover after parsing attributes in process `syz.1.499'.
[  242.577022][ T7946] netlink: 28 bytes leftover after parsing attributes in process `syz.0.498'.
[  244.352318][ T7990] netlink: 20 bytes leftover after parsing attributes in process `syz.3.509'.
[  246.283301][ T8023] netlink: 346 bytes leftover after parsing attributes in process `syz.2.519'.
[  246.696028][ T8025] netlink: 20 bytes leftover after parsing attributes in process `syz.2.520'.
[  247.069422][ T8032] netlink: 330 bytes leftover after parsing attributes in process `syz.1.522'.
[  247.324170][ T8032] syz.1.522 (8032) used greatest stack depth: 21208 bytes left
[  247.927663][ T8046] netlink: 346 bytes leftover after parsing attributes in process `syz.1.528'.
[  248.846434][   T30] audit: type=1800 audit(6039882098.453:4): pid=8062 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.532" name="file0" dev="tmpfs" ino=687 res=0 errno=0
[  250.206659][ T8083] netlink: 346 bytes leftover after parsing attributes in process `syz.1.538'.
[  253.081341][ T8122] netlink: 346 bytes leftover after parsing attributes in process `syz.1.548'.
[  257.426784][ T8168] netlink: 20 bytes leftover after parsing attributes in process `syz.0.561'.
[  257.725296][ T8177] netlink: 20 bytes leftover after parsing attributes in process `syz.0.563'.
[  258.994284][ T8196] netlink: 20 bytes leftover after parsing attributes in process `syz.3.567'.
[  259.453652][ T8209] netlink: 20 bytes leftover after parsing attributes in process `syz.3.571'.
[  259.764498][ T8217] netlink: 346 bytes leftover after parsing attributes in process `syz.3.574'.
[  259.920205][ T8214] netlink: 20 bytes leftover after parsing attributes in process `syz.0.572'.
[  260.492611][ T8237] ICMPv6: process `syz.3.579' is using deprecated sysctl (syscall) net.ipv6.neigh.wg1.retrans_time - use net.ipv6.neigh.wg1.retrans_time_ms instead
[  260.843679][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  260.855074][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  261.386861][ T8253] netlink: 346 bytes leftover after parsing attributes in process `syz.0.585'.
[  261.704555][ T8256] netlink: 20 bytes leftover after parsing attributes in process `syz.0.586'.
[  262.431257][ T8270] block2mtd: error: cannot open device 
[  262.444623][ T8270] block2mtd: error: cannot open device 
[  263.100803][ T8286] netlink: 20 bytes leftover after parsing attributes in process `syz.3.597'.
[  263.435210][ T8291] netlink: 20 bytes leftover after parsing attributes in process `syz.0.596'.
[  266.624940][ T8323] netlink: 20 bytes leftover after parsing attributes in process `syz.3.606'.
[  268.964128][ T8364] netlink: 20 bytes leftover after parsing attributes in process `syz.1.617'.
[  269.242701][ T8377] netlink: 20 bytes leftover after parsing attributes in process `syz.1.619'.
[  269.714721][ T8390] netlink: 20 bytes leftover after parsing attributes in process `syz.3.620'.
[  271.700975][ T8408] netlink: 20 bytes leftover after parsing attributes in process `syz.1.628'.
[  271.730790][ T5154] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18
[  271.744209][ T5154] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18
[  272.101366][ T8431] FAULT_INJECTION: forcing a failure.
[  272.101366][ T8431] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  272.126862][ T8431] CPU: 1 UID: 0 PID: 8431 Comm: syz.3.631 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  272.126903][ T8431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  272.126920][ T8431] Call Trace:
[  272.126930][ T8431]  <TASK>
[  272.126945][ T8431]  dump_stack_lvl+0x16c/0x1f0
[  272.126997][ T8431]  should_fail_ex+0x512/0x640
[  272.127037][ T8431]  _copy_to_user+0x32/0xd0
[  272.127078][ T8431]  simple_read_from_buffer+0xcb/0x170
[  272.127123][ T8431]  proc_fail_nth_read+0x197/0x270
[  272.127166][ T8431]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  272.127210][ T8431]  ? rw_verify_area+0xcf/0x680
[  272.127244][ T8431]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  272.127288][ T8431]  vfs_read+0x1de/0xc70
[  272.127332][ T8431]  ? __pfx___mutex_lock+0x10/0x10
[  272.127376][ T8431]  ? __pfx_vfs_read+0x10/0x10
[  272.127430][ T8431]  ? __fget_files+0x20e/0x3c0
[  272.127471][ T8431]  ? __fget_files+0x180/0x3c0
[  272.127523][ T8431]  ksys_read+0x12a/0x240
[  272.127564][ T8431]  ? __pfx_ksys_read+0x10/0x10
[  272.127618][ T8431]  do_syscall_64+0xcd/0x260
[  272.127667][ T8431]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.127698][ T8431] RIP: 0033:0x7f3983f8cb7c
[  272.127723][ T8431] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  272.127763][ T8431] RSP: 002b:00007f3984d76030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  272.127792][ T8431] RAX: ffffffffffffffda RBX: 00007f39841b6080 RCX: 00007f3983f8cb7c
[  272.127812][ T8431] RDX: 000000000000000f RSI: 00007f3984d760a0 RDI: 0000000000000003
[  272.127830][ T8431] RBP: 00007f3984d76090 R08: 0000000000000000 R09: 0000000000000009
[  272.127847][ T8431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  272.127864][ T8431] R13: 0000000000000000 R14: 00007f39841b6080 R15: 00007fff0a3233a8
[  272.127904][ T8431]  </TASK>
[  273.518368][ T8451] block2mtd: error: cannot open device 
[  274.569810][ T8464] netlink: 20 bytes leftover after parsing attributes in process `syz.2.643'.
[  274.964440][ T8472] netlink: 20 bytes leftover after parsing attributes in process `syz.2.644'.
[  276.515204][ T8495] netlink: 20 bytes leftover after parsing attributes in process `syz.0.652'.
[  277.994998][ T8515] netlink: 20 bytes leftover after parsing attributes in process `syz.1.657'.
[  279.533471][ T8546] netlink: 20 bytes leftover after parsing attributes in process `syz.1.666'.
[  282.276401][ T8588] netlink: 20 bytes leftover after parsing attributes in process `syz.0.676'.
[  284.782281][ T8645] netlink: 20 bytes leftover after parsing attributes in process `syz.3.689'.
[  285.115759][ T8641] netlink: 20 bytes leftover after parsing attributes in process `syz.2.690'.
[  287.506391][ T8691] netlink: 20 bytes leftover after parsing attributes in process `syz.3.701'.
[  288.088954][ T8703] Invalid ELF header magic: != ELF
[  289.047679][ T8712] ubi0: attaching mtd0
[  289.054710][ T8712] ubi0: scanning is finished
[  289.081758][ T8712] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record
[  289.325591][ T8712] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  289.709225][ T8723] netlink: 20 bytes leftover after parsing attributes in process `syz.2.710'.
[  290.528219][ T8732] netlink: 20 bytes leftover after parsing attributes in process `syz.3.712'.
[  291.569395][ T8758] netlink: 'syz.1.721': attribute type 1 has an invalid length.
[  291.925946][ T8775] netlink: 20 bytes leftover after parsing attributes in process `syz.3.723'.
[  292.479152][ T8758] could not allocate digest TFM handle 
[  292.853382][ T8782] netlink: 20 bytes leftover after parsing attributes in process `syz.0.724'.
[  292.901209][ T8783] netlink: 20 bytes leftover after parsing attributes in process `syz.3.725'.
[  294.814071][ T8815] netlink: 20 bytes leftover after parsing attributes in process `syz.2.734'.
[  294.843408][ T8807] erspan0: entered allmulticast mode
[  297.939312][ T8863] netlink: 20 bytes leftover after parsing attributes in process `syz.0.744'.
[  298.709475][ T8875] netlink: 20 bytes leftover after parsing attributes in process `syz.2.749'.
[  301.536582][ T8930] netlink: 20 bytes leftover after parsing attributes in process `syz.1.759'.
[  303.115693][ T8962] netlink: 20 bytes leftover after parsing attributes in process `syz.1.770'.
[  303.515585][ T8975] netlink: 20 bytes leftover after parsing attributes in process `syz.1.774'.
[  305.011756][ T8995] netlink: 342 bytes leftover after parsing attributes in process `syz.2.779'.
[  305.084631][ T8995] netlink: 302 bytes leftover after parsing attributes in process `syz.2.779'.
[  305.314520][ T9002] netlink: 206 bytes leftover after parsing attributes in process `syz.2.782'.
[  305.342733][ T9004] netlink: 20 bytes leftover after parsing attributes in process `syz.0.781'.
[  307.452917][ T9039] netlink: 20 bytes leftover after parsing attributes in process `syz.0.790'.
[  308.513368][ T9045] netlink: 20 bytes leftover after parsing attributes in process `syz.1.793'.
[  310.191176][ T9074] netlink: 20 bytes leftover after parsing attributes in process `syz.1.803'.
[  310.779754][ T9083] netlink: 20 bytes leftover after parsing attributes in process `syz.1.805'.
[  311.467145][ T9090] netlink: 20 bytes leftover after parsing attributes in process `syz.1.807'.
[  312.704754][ T9114] netlink: 20 bytes leftover after parsing attributes in process `syz.3.812'.
[  313.956942][ T9130] netlink: 20 bytes leftover after parsing attributes in process `syz.3.815'.
[  318.347394][ T9205] netlink: 20 bytes leftover after parsing attributes in process `syz.2.833'.
[  319.339877][ T9216] netlink: 20 bytes leftover after parsing attributes in process `syz.1.835'.
[  320.465225][ T9253] netlink: 20 bytes leftover after parsing attributes in process `syz.2.845'.
[  322.106045][ T5154] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[  322.280580][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  322.288247][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  322.600649][ T9297] netlink: 20 bytes leftover after parsing attributes in process `syz.1.856'.
[  323.980031][ T9318] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  323.988225][ T9318] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  324.062585][ T9318] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  324.088195][ T9318] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  324.160010][ T9318] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  324.175554][ T9318] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  324.221792][ T9318] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  324.246876][ T9318] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  324.263680][ T9318] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  324.798530][ T9332] netlink: 20 bytes leftover after parsing attributes in process `syz.3.866'.
[  325.719162][ T5154] Bluetooth: hci0: command 0x0406 tx timeout
[  326.120658][ T5154] Bluetooth: hci1: command 0x0406 tx timeout
[  326.195428][ T5154] Bluetooth: hci2: command 0x0406 tx timeout
[  326.275738][ T5154] Bluetooth: hci3: command 0x0406 tx timeout
[  326.420629][ T9361] netlink: 20 bytes leftover after parsing attributes in process `syz.1.873'.
[  327.795459][ T5154] Bluetooth: hci0: command 0x0406 tx timeout
[  328.140192][ T9378] netlink: 20 bytes leftover after parsing attributes in process `syz.2.877'.
[  328.215493][ T5154] Bluetooth: hci1: command 0x0406 tx timeout
[  328.275513][ T5154] Bluetooth: hci2: command 0x0406 tx timeout
[  328.362053][ T5154] Bluetooth: hci3: command 0x0406 tx timeout
[  330.355729][ T5154] Bluetooth: hci2: command 0x0406 tx timeout
[  332.979950][ T9443] netlink: 20 bytes leftover after parsing attributes in process `syz.2.891'.
[  333.446191][ T9452] netlink: 20 bytes leftover after parsing attributes in process `syz.0.893'.
[  334.491334][ T9468] netlink: 20 bytes leftover after parsing attributes in process `syz.1.898'.
[  335.621645][ T9496] netlink: 20 bytes leftover after parsing attributes in process `syz.1.905'.
[  335.851147][ T9504] netlink: 20 bytes leftover after parsing attributes in process `syz.1.906'.
[  336.355194][ T9514] netlink: 20 bytes leftover after parsing attributes in process `syz.2.909'.
[  336.516889][ T9509] netlink: 20 bytes leftover after parsing attributes in process `syz.1.908'.
[  337.458994][ T9533] 
[  337.461479][ T9533] ======================================================
[  337.468523][ T9533] WARNING: possible circular locking dependency detected
[  337.475596][ T9533] 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 Not tainted
[  337.482750][ T9533] ------------------------------------------------------
[  337.489775][ T9533] syz.1.916/9533 is trying to acquire lock:
[  337.495674][ T9533] ffff88805f35aea8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_switch_to_fallback+0x2d/0x9f0
[  337.506412][ T9533] 
[  337.506412][ T9533] but task is already holding lock:
[  337.513782][ T9533] ffff88805f35a658 (sk_lock-AF_INET6){+.+.}-{0:0}, at: smc_sendmsg+0x47/0x520
[  337.522708][ T9533] 
[  337.522708][ T9533] which lock already depends on the new lock.
[  337.522708][ T9533] 
[  337.533139][ T9533] 
[  337.533139][ T9533] the existing dependency chain (in reverse order) is:
[  337.542169][ T9533] 
[  337.542169][ T9533] -> #2 (sk_lock-AF_INET6){+.+.}-{0:0}:
[  337.549932][ T9533]        lock_sock_nested+0x41/0xf0
[  337.555157][ T9533]        sockopt_lock_sock+0x54/0x70
[  337.560466][ T9533]        do_ipv6_setsockopt+0x204a/0x4420
[  337.566215][ T9533]        ipv6_setsockopt+0xcb/0x170
[  337.571438][ T9533]        tcp_setsockopt+0xa4/0x100
[  337.576566][ T9533]        do_sock_setsockopt+0x221/0x470
[  337.582142][ T9533]        __sys_setsockopt+0x1a0/0x230
[  337.587531][ T9533]        __x64_sys_setsockopt+0xbd/0x160
[  337.593183][ T9533]        do_syscall_64+0xcd/0x260
[  337.598237][ T9533]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.604669][ T9533] 
[  337.604669][ T9533] -> #1 (rtnl_mutex){+.+.}-{4:4}:
[  337.611915][ T9533]        __mutex_lock+0x199/0xb90
[  337.616979][ T9533]        do_ipv6_setsockopt+0x2042/0x4420
[  337.622734][ T9533]        ipv6_setsockopt+0xcb/0x170
[  337.627964][ T9533]        tcp_setsockopt+0xa4/0x100
[  337.633124][ T9533]        smc_setsockopt+0x1b3/0xa00
[  337.638378][ T9533]        do_sock_setsockopt+0x221/0x470
[  337.643986][ T9533]        __sys_setsockopt+0x1a0/0x230
[  337.649389][ T9533]        __x64_sys_setsockopt+0xbd/0x160
[  337.655048][ T9533]        do_syscall_64+0xcd/0x260
[  337.660110][ T9533]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.666550][ T9533] 
[  337.666550][ T9533] -> #0 (&smc->clcsock_release_lock){+.+.}-{4:4}:
[  337.675190][ T9533]        __lock_acquire+0x1173/0x1ba0
[  337.680587][ T9533]        lock_acquire+0x179/0x350
[  337.685637][ T9533]        __mutex_lock+0x199/0xb90
[  337.690810][ T9533]        smc_switch_to_fallback+0x2d/0x9f0
[  337.696750][ T9533]        smc_sendmsg+0x13d/0x520
[  337.701704][ T9533]        ____sys_sendmsg+0xa95/0xc70
[  337.707035][ T9533]        ___sys_sendmsg+0x134/0x1d0
[  337.712261][ T9533]        __sys_sendmsg+0x16d/0x220
[  337.717401][ T9533]        do_syscall_64+0xcd/0x260
[  337.722461][ T9533]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.728899][ T9533] 
[  337.728899][ T9533] other info that might help us debug this:
[  337.728899][ T9533] 
[  337.739140][ T9533] Chain exists of:
[  337.739140][ T9533]   &smc->clcsock_release_lock --> rtnl_mutex --> sk_lock-AF_INET6
[  337.739140][ T9533] 
[  337.752826][ T9533]  Possible unsafe locking scenario:
[  337.752826][ T9533] 
[  337.760284][ T9533]        CPU0                    CPU1
[  337.765656][ T9533]        ----                    ----
[  337.771025][ T9533]   lock(sk_lock-AF_INET6);
[  337.775553][ T9533]                                lock(rtnl_mutex);
[  337.782071][ T9533]                                lock(sk_lock-AF_INET6);
[  337.789173][ T9533]   lock(&smc->clcsock_release_lock);
[  337.794557][ T9533] 
[  337.794557][ T9533]  *** DEADLOCK ***
[  337.794557][ T9533] 
[  337.802704][ T9533] 1 lock held by syz.1.916/9533:
[  337.807647][ T9533]  #0: ffff88805f35a658 (sk_lock-AF_INET6){+.+.}-{0:0}, at: smc_sendmsg+0x47/0x520
[  337.817000][ T9533] 
[  337.817000][ T9533] stack backtrace:
[  337.822914][ T9533] CPU: 1 UID: 0 PID: 9533 Comm: syz.1.916 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  337.822960][ T9533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  337.822981][ T9533] Call Trace:
[  337.822993][ T9533]  <TASK>
[  337.823005][ T9533]  dump_stack_lvl+0x116/0x1f0
[  337.823048][ T9533]  print_circular_bug+0x275/0x350
[  337.823091][ T9533]  check_noncircular+0x14c/0x170
[  337.823138][ T9533]  __lock_acquire+0x1173/0x1ba0
[  337.823171][ T9533]  lock_acquire+0x179/0x350
[  337.823197][ T9533]  ? smc_switch_to_fallback+0x2d/0x9f0
[  337.823229][ T9533]  ? __pfx___might_resched+0x10/0x10
[  337.823273][ T9533]  ? rcu_is_watching+0x12/0xc0
[  337.823313][ T9533]  __mutex_lock+0x199/0xb90
[  337.823357][ T9533]  ? smc_switch_to_fallback+0x2d/0x9f0
[  337.823388][ T9533]  ? __lock_acquire+0xaa4/0x1ba0
[  337.823416][ T9533]  ? smc_switch_to_fallback+0x2d/0x9f0
[  337.823445][ T9533]  ? __pfx___mutex_lock+0x10/0x10
[  337.823488][ T9533]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  337.823521][ T9533]  ? smc_switch_to_fallback+0x2d/0x9f0
[  337.823546][ T9533]  smc_switch_to_fallback+0x2d/0x9f0
[  337.823574][ T9533]  smc_sendmsg+0x13d/0x520
[  337.823607][ T9533]  ____sys_sendmsg+0xa95/0xc70
[  337.823632][ T9533]  ? copy_msghdr_from_user+0x10a/0x160
[  337.823666][ T9533]  ? __pfx_____sys_sendmsg+0x10/0x10
[  337.823692][ T9533]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  337.823732][ T9533]  ___sys_sendmsg+0x134/0x1d0
[  337.823773][ T9533]  ? __pfx____sys_sendmsg+0x10/0x10
[  337.823826][ T9533]  __sys_sendmsg+0x16d/0x220
[  337.823862][ T9533]  ? __pfx___sys_sendmsg+0x10/0x10
[  337.823900][ T9533]  ? __x64_sys_futex+0x1e0/0x4c0
[  337.823942][ T9533]  ? rcu_is_watching+0x12/0xc0
[  337.823977][ T9533]  do_syscall_64+0xcd/0x260
[  337.824018][ T9533]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.824044][ T9533] RIP: 0033:0x7ff3a8f8e169
[  337.824074][ T9533] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  337.824099][ T9533] RSP: 002b:00007ff3a9e25038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  337.824122][ T9533] RAX: ffffffffffffffda RBX: 00007ff3a91b6080 RCX: 00007ff3a8f8e169
[  337.824139][ T9533] RDX: 0000000024004800 RSI: 0000200000003000 RDI: 0000000000000003
[  337.824155][ T9533] RBP: 00007ff3a9010a68 R08: 0000000000000000 R09: 0000000000000000
[  337.824170][ T9533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  337.824185][ T9533] R13: 0000000000000000 R14: 00007ff3a91b6080 R15: 00007ffc6a2b1a78
[  337.824209][ T9533]  </TASK>
[  338.712625][ T9536] Invalid ELF header magic: != ELF