last executing test programs:

9.102568016s ago: executing program 0 (id=76):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/serial8250/driver_override\x00', 0x22b42, 0x0)
ioctl$auto_BLKTRACESETUP32(0xffffffffffffffff, 0xc0401273, &(0x7f0000000240)={"22e777d3440b86a2e32793259b77d7d3f4ed2971a5a76a108a26992d5465a906", 0x1, 0x3, 0x3, 0xffffffffffff2795, 0xfffffffffffffffa, <r0=>0xffffffffffffffff})
timer_create$auto(0x79, &(0x7f00000002c0)={@sival_int=0x400, @raw=0x5db, 0x5c, @_tid=r0}, &(0x7f0000000300)=0x6)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = socket(0x15, 0x3, 0x1)
setsockopt$auto(r1, 0x65, 0x7, 0x0, 0x4)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r2 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)
read$auto(r2, 0x0, 0x1f42)
r3 = socket(0xa, 0x3, 0xff)
connect$auto(r3, &(0x7f00000018c0)=@generic={0xa}, 0x55)
r4 = openat$auto_ubifs_dir_operations_ubifs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bluetooth/hci1/hci1:201\x00', 0x101040, 0x0)
ioctl$auto_FS_IOC_GET_ENCRYPTION_POLICY_EX2(r4, 0xc0096616, &(0x7f0000000100)="c4ca711ece5a278851")
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
ioctl$auto_SNDRV_RAWMIDI_IOCTL_PVERSION(0xffffffffffffffff, 0x80045700, &(0x7f0000000140)=0x2)
r5 = open(&(0x7f0000000040)='./file0\x00', 0x4242, 0x40)
flock$auto(r5, 0x2)
flock$auto(r5, 0x2)
sendmsg$auto_NL802154_CMD_DEL_SEC_DEV(r5, &(0x7f0000000000)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00012bbd7000fddbdf251b00000005001200080000000500250009000000"], 0x24}, 0x1, 0x0, 0x0, 0x80}, 0xc011)
r6 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
adjtimex$auto(0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyua\x00', 0x20a04, 0x0)
r7 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f00000031c0)='/dev/ttyua\x00', 0x109000, 0x0)
read$auto(r6, 0x0, 0x9)
read$auto(r7, 0x0, 0x800)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_flow(0x0, 0xffffffffffffffff)
sendmsg$auto_OVS_FLOW_CMD_SET(r8, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NLBL_CIPSOV4_C_LIST(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, 0x0, 0x100, 0x70bd28, 0x25dfdbfb, {}, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x2}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x3fc}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000810}, 0x24040800)

8.895491645s ago: executing program 1 (id=79):
r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000240)='/dev/usbmon32\x00', 0x640, 0x0)
ioctl$auto_MON_IOCX_GET(r0, 0x40189206, 0x0)
unshare$auto(0x40000080)
socket(0xa, 0x3, 0x3b)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20006, 0xdf, 0xeb1, 0x401, 0x8000)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/machinecheck/machinecheck1/ignore_ce\x00', 0xa0202, 0x0)
sendfile$auto(r2, r2, 0x0, 0x1)
read$auto(r2, &(0x7f0000000140)='ovs_packet\x00', 0x0)
capset$auto(0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
select$auto(0x0, &(0x7f0000000040)={[0x9, 0x4, 0x34, 0x9, 0x1, 0x1, 0xa, 0x6, 0x5, 0x1, 0x0, 0xcf, 0x5, 0x213, 0x5, 0xb98]}, 0x0, 0x0, 0x0)
sendmsg$auto_TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYRES16, @ANYBLOB="010025bd7000fcdbdf25020000002c00018028003c80"], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x44)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/all/addr_gen_mode\x00', 0xa0202, 0x0)
write$auto(0xca, &(0x7f0000000400)='\x04>\x00\x1d\xa4\xd2\xc3\xec&9\v\xbc\xdein\xe1G8\x02\x18\x00\x00\xd3b\x01\xbd\x9b@\xb0\x00\x00\x00\x84\xa2\\\x15\xc4>\xa9\x82,\x95\xeeH\xf8}v\xb3\xcb(\xa90Abe\xc3\x8c\xcc\xe7\xb8\x00F\x89#\xb4\xf0F\xa1GH\xb5\x8f\x9dZ~\xea\xa3\x93\xc2\x04\xe1;b\x99\x97}Z\x7f\x0f\x90\xce\x85-e\xb6n\xbc\xc6=\xf8\xce\xe7\x1e]\x85|\xce\xd7L\x9b\xd3lb\xc5\xee\xdb\xcb\xbb\xd8\xd9\xd3\xf8 \xe9e\xe5\x80\x1c7B+]\\!\xcej}H\x03x\x83Z\x98\xb8\t\xde\xd4\xf5\xf32\xccR\xaa\xdd\x16\xab\xd8\x1d\"\xc7\xa5\xe1k\x1d\xd9k\xc6\xb2\xa7\x97\x9a\xf6\xfe\xef\x1a\xbd\xcb\xb8*\x8b9\x00R\xe9)?Em\xb2\xac\xd1\xf6\xff\xc1\xc7\xbdl\xa2+tI\xa3\xa8\xabVe\x87\xa9\xae9\x82\xd2.SCt\xcc\x8c7\x7f\xdc\xc3\xfb\x94\xfc\xdfc+\x04\xfb\xf5$\xecO1@\x99l;\xd3X\xd5\"\xec\x17hR\xc5\x99\x8b\x9f\xf3\xf48%\xfa\xf2\x1d\xc5\x10T\x83p0\xd7]\x83{\x81\xdei\xd2\xfc\xfd=3K\xc3\xfe\x12\x98\x8b\xbe\xd1+\xc4r\x7f\x8f5\xcc\xa6\xd8>k\xcc\xee\xe0\x9bW\x0e\xc63\x84^\xde`\xd2\xe8\xfc\x02\xef\xa4\xdc\xd0A\xd5`?9D\x1c\x1b\x1b\xd5\xcb\xfb\x03I\xc9\x97\xac#\x0ee\xc8ltL\x88\x17m~aA%\xd3\xaf\xaa6hf\x9b\x83\x02A\xb0\xf6\x14\xb3\x18B\xfd\x9ai\xf8j \a\x1es\xa3U\x98sqq,\xd2A4?l\xa2\x9c\xc9\x9fa\xe8\x99qw\xf3\x18\x12R+(%x\xb6\xf8\x92\xa5\xe4\xdd\xe9\xf2\x0e\xc8', 0x100)
socket(0xa, 0x801, 0x84)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
socket(0xa, 0x2, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
socket(0xa, 0x801, 0x84)
socket(0xa, 0x2, 0x3a)
io_uring_setup$auto(0x6, 0x0)
r3 = socket(0xa, 0x2, 0x88)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
bpf$auto(0x0, &(0x7f0000000000)=@link_update={r3, @new_prog_fd=0x4, 0x4, @old_prog_fd=r1}, 0xa3)
bpf$auto(0x1, &(0x7f0000000040)=@query={@target_ifindex, 0x4, 0x7, 0x9, 0x7f, @prog_cnt=0x4, 0x0, 0x80000000, 0xc, 0xb, 0x5}, 0x7)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)

7.790516134s ago: executing program 1 (id=83):
r0 = setfsuid$auto(0xee01)
ioctl$auto_KVM_GET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee2, &(0x7f0000000000)={0x39b, <r1=>0xee01, 0x9, 0xfffffffffffffff8})
msgctl$auto_IPC_RMID(0x8a, 0x0, &(0x7f00000000c0)={{0x9, r0, r1, 0x7, 0x0, 0x8, 0x8}, &(0x7f0000000040)=0x7, &(0x7f0000000080)=0xa, 0xe, 0x6, 0xfffffffffffff3fd, 0x10000, 0x80000000, 0x8, 0x6, 0xf00, @raw=0x4, @raw=0x80000000})
r2 = openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/smaps\x00', 0x161200, 0x0)
bind$auto(r2, &(0x7f0000000180)=@isdn={0x22, 0x3, 0x8, 0xc, 0x6}, 0x66dd)
r3 = gettid()
msgctl$auto_MSG_STAT(0x1000, 0xb, &(0x7f0000000240)={{0x2, r0, r1, 0x401, 0xfff, 0x8, 0x2}, &(0x7f00000001c0)=0x5, &(0x7f0000000200)=0x3, 0x5, 0x1, 0x8, 0x6, 0x3, 0x0, 0x0, 0x8, @inferred=0xffffffffffffffff, @inferred=r3})
r4 = socket(0x8, 0x800, 0x9)
lseek$auto(r2, 0x5, 0x2)
mremap$auto(0xfffffffffffff000, 0x1, 0x3b4e8058, 0xff, 0x8)
r5 = accept4$auto(r2, &(0x7f00000002c0)=@vsock={0x28, 0x0, 0x2711, @local}, &(0x7f0000000300)=0x2, 0x0)
close_range$auto(r2, r4, 0x7f)
write$auto(r4, &(0x7f0000000340)=':@\x00', 0x4)
rt_sigqueueinfo$auto(0xffffffffffffffff, 0x3, &(0x7f0000000380)={@_si_pad})
r6 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000400)='/proc/irq/25/affinity_hint\x00', 0x200040, 0x0)
openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f0000000440), 0x131002, 0x0)
rseq$auto(&(0x7f0000000480)={0xfffff51c, 0x4, 0x0, 0x6, 0xe, 0x1, "86b35bb44b59f7715e28cae2ae19af874e45eea663ed41426ea08068da"}, 0x1000000, 0x60f, 0x6)
timerfd_gettime$auto(r4, &(0x7f00000004c0)={{0xc7, 0x2}, {0x4, 0x800}})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000500), r7)
getuid()
read$auto_lru_gen_rw_fops_vmscan(r5, &(0x7f0000000540)=""/156, 0x9c)
ioctl$auto_FICLONE(r2, 0x40049409, r6)
mq_open$auto(&(0x7f0000000600)='\x00', 0xe000, 0x1, &(0x7f0000000640)={0xfffffffffffffffb, 0x1ff, 0x3, 0x8})
bpf$auto(0x4, &(0x7f0000000680)=@bpf_attr_7={@btf_id=0xfffffff0, 0x87, 0x3, <r8=>r4}, 0xf94f)
bpf$auto_BPF_PROG_ATTACH(0x8, &(0x7f0000000740)=@enable_stats={0x6}, 0x4)
sendmsg$auto_OVS_DP_CMD_GET(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x1c, 0x0, 0x0, 0x70bd2d, 0x25dfdbfd, {}, [@OVS_DP_ATTR_USER_FEATURES={0x8, 0x5, 0x8}]}, 0x1c}}, 0x4000000)
ioctl$auto_USB_RAW_IOCTL_EP0_STALL(r8, 0x550c, 0x0)
open(&(0x7f0000000900)='./file0\x00', 0xd0881, 0x0)
pivot_root$auto(&(0x7f0000000940)='/proc/irq/25/affinity_hint\x00', &(0x7f0000000980)='/proc/irq/25/affinity_hint\x00')

7.784096703s ago: executing program 2 (id=84):
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0xc0202, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x900, 0x0)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x2, 0x100)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
move_pages$auto(r1, 0x1002, 0x0, 0x0, 0x0, 0x0)
ioctl$auto_BLKPG(r0, 0x1269, 0x0) (fail_nth: 4)

7.756783365s ago: executing program 0 (id=85):
r0 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x40, 0x83)
read$auto(r0, 0x0, 0x1)
read$auto(r0, 0x0, 0xf6c1)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ETHTOOL_MSG_DEBUG_GET(r2, &(0x7f0000002880)={0x0, 0x0, &(0x7f0000002840)={&(0x7f00000027c0)={0x2c, r1, 0x1, 0x70bd27, 0x25dfdbfc, {}, [@ETHTOOL_A_DEBUG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x44005}, 0x20000000)
r3 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000040), 0x34b00, 0x0)
ioctl$auto_posix_clock_file_operations_posix_clock(r3, 0x40043d04, 0x0)

7.19064045s ago: executing program 1 (id=86):
r0 = openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f00000001c0), 0x121000, 0x0)
r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x248000, 0x0)
close_range$auto(r1, r0, 0x80000001)
openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f00000001c0), 0x121000, 0x0) (async)
openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x248000, 0x0) (async)
close_range$auto(r1, r0, 0x80000001) (async)

7.160394327s ago: executing program 2 (id=87):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/edac_core/parameters/edac_mc_poll_msec\x00', 0x169301, 0x0)
mmap$auto(0x0, 0x400005, 0x800000000000df, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/mac80211_hwsim/hwsim14/power/runtime_suspended_time\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0x20)
write$auto(0x3, 0x0, 0x4)
r1 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, <r2=>r1, 0x0, 0x3}, 0xc)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
futex_wait$auto(0x0, 0x6, 0x2, 0x6, 0x0, 0xc3a)
mmap$auto(0x1635, 0x20007, 0xdf, 0xebd, r1, 0xc0af)
close_range$auto(0x2, 0x8, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x200, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000380), 0x400, 0x0)
ioctl$auto(r5, 0x4b45, r4)
sendmsg$auto_HSR_C_GET_NODE_STATUS(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x68}, 0x1, 0x0, 0x0, 0x4044080}, 0x40090)
r6 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000400), r2)
sendmsg$auto_OVS_VPORT_CMD_GET(r3, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x14, r6, 0x800, 0x70bd2c, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40d5}, 0x40600d0)
landlock_add_rule$auto(0xffffffffffffffff, 0x1, 0x0, 0x0)
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000800}, 0x4)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="27e9f024424312ed1eacf8a4096a317f384b8b14b7a1f4edd754b484b2d682", @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000280), r3)
sendmsg$auto_NL80211_CMD_LEAVE_IBSS(r7, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, r8, 0x800, 0x70bd29, 0x25dfdbfb}, 0x14}}, 0x40000)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
r9 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0)
io_uring_register$auto_IORING_REGISTER_SEND_MSG_RING(r9, 0x1f, &(0x7f0000000000)="7adfd649ccb45acd7aba85b1ca20c92f88c8e5c536677d675b6a7695b719761e8eb86e836e310356146743ed01aec41fd9c06dd59bf595b57e78b593998280a470d8615270ba78947bbef9e8e4e79dd2f0d6e1a3b4b5f9f35ab8c33607441eeb8e5da98235ad18b6eedfa583801cdae3af8b70db85a14efb02ce5c16db01ee2633956743485734b056fef17856b2db99834b20a9a731c62b02", 0x5)

7.104724534s ago: executing program 0 (id=88):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/ram14/queue/virt_boundary_mask\x00', 0x0, 0x0)
r0 = openat$auto_hwsim_fops_rx_rssi_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy7/hwsim/rx_rssi\x00', 0x2400, 0x0)
r1 = openat$auto_hpet_fops_hpet(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0)
r2 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0)
mmap$auto(0x0, 0x10, 0xa, 0x20000000000eb1, 0xffffffffffffffff, 0x40000000000000)
sysfs$auto(0x2, 0x1, 0x0)
r3 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r3, 0x8, 0x0, 0x0, 0x0)
close_range$auto(0x2, 0xa, 0x0)
read$auto_proc_pid_maps_operations_internal(r2, &(0x7f00000010c0)=""/4096, 0x1000)
sendfile$auto(r1, r0, 0x0, 0xbfb)

6.918340141s ago: executing program 1 (id=90):
unshare$auto(0x40000080)
r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r0, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@ETHTOOL_A_TUNNEL_INFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}]}, 0x2c}}, 0x1000000)

6.890082198s ago: executing program 0 (id=91):
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0xc0202, 0x0)
mmap$auto(0x3ffffffffffffffe, 0x202000c, 0x3, 0xeb1, 0xfffffffffffffffa, 0x6)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x900, 0x0)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x2, 0x100)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x480000, 0x0)
openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/netdevsim/del_device\x00', 0x501, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000180)='Z', 0x1)
r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cec2\x00', 0x101000, 0x0)
ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f00000000c0)={"58f99464", 0x8, 0x6, 0x1, 0x3, 0x5, "4bb69ec4b3f4c14539898e4c5682f5", "347f00", "a630df9d", "a0ed9959", ["cd9196b8fe1a8a7eb90401a9", "2f9c30017721de33c560b95a", "d3fe6c55a78d6932211c9b69", "ea334f1f1e5e27a1320d6edb"]})
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000048c0)='/dev/dsp1\x00', 0x20000, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
ioctl$auto_SNDCTL_DSP_SETFMT(r2, 0xc0045005, &(0x7f0000000180)="6da6b940dfe114cacac8b7cca871a393aaf922f69708e077a3ff54d760f973198c7f36202c9afdaf7bc2eb57e0")
close_range$auto(0x2, 0x8, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB='(\x00\x00\b', @ANYRESHEX=r3, @ANYBLOB="1b0026bd7000fddbdf250300000004000800100003800c000a000700000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000005eb07266c9f2c144f0bf19e8b6c594513128a6e41ee4793a66e8c6f8989f9686f8f5e2f3eaffffffffffffff95c1bef76c", @ANYRES16=0x0, @ANYBLOB="000326bd7000fedbdf2502000000"], 0x14}, 0x1, 0x0, 0x0, 0x4c894}, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="9001ed00", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x9}, 0x3, 0x0)
select$auto(0x4, 0x0, &(0x7f0000000100)={[0x9, 0x7, 0xfffffffffffffff9, 0x9, 0x7fb, 0x3, 0x6, 0x4000000002, 0x9, 0x1000, 0x1ff, 0xd, 0x6, 0x200000201, 0x4000000000007, 0x6]}, 0x0, 0x0)
r5 = openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = socket(0x2a, 0x2, 0x0)
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)
ioctl$auto(r6, 0x8912, 0x38)
capset$auto(&(0x7f0000000180)={0x19980330}, 0x0)
ioctl$auto_FICLONE(r0, 0x40049409, r5)
read$auto_uhid_fops_uhid(r5, 0x0, 0x0)

6.4565102s ago: executing program 2 (id=93):
socket(0x10, 0x3, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x40040}, 0x800)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="100026bd7000fedbdf250300000006000600810000000600070000800000060006000e0000000a00050000000000000000000a00010000000000000000000a000500db678e66a1300000080003003e00000006000600ff7f00000a0001"], 0x6c}, 0x1, 0x0, 0x0, 0x20040084}, 0x40090)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000426bd7000fddbdf250300000004000800040003374b0008"], 0x20}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
socket(0x21, 0x2, 0x2)
setsockopt$auto(0x3, 0x1000000110, 0x3, 0xffffffffffffffff, 0x0)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="db002cbd7000fbdbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20008851)
r0 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsu\x00', 0x108002, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000980), 0x102001, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/misc/hw_random/rng_available\x00', 0x22000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000001080)='/proc/sys/kernel/printk_devkmsg\x00', 0x202, 0x0)
r1 = epoll_create$auto(0x405a5d)
epoll_ctl$auto(r1, 0x1, r0, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

6.382651912s ago: executing program 0 (id=94):
socket(0x10, 0x3, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x40040}, 0x800)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="100026bd7000fedbdf250300000006000600810000000600070000800000060006000e0000000a00050000000000000000000a00010000000000000000000a000500db678e66a1300000080003003e00000006000600ff7f00000a0001"], 0x6c}, 0x1, 0x0, 0x0, 0x20040084}, 0x40090)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000426bd7000fddbdf250300000004000800040003374b0008"], 0x20}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="db002cbd7000fbdbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20008851)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x100000000000000, 0x9}, 0x7}, 0x3, 0x0)

6.074595566s ago: executing program 0 (id=95):
unshare$auto(0x40000080) (async)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async)
mmap$auto(0x0, 0x8, 0x3, 0x9b72, 0x2, 0x8000)
unshare$auto(0x40000080) (async, rerun: 32)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (rerun: 32)
mprotect$auto(0x6, 0x400000, 0x8) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socket(0xa, 0x2, 0x73)
arch_prctl$auto(0x5005, 0x200000000000006) (async)
sendto$auto(r0, 0x0, 0x402, 0x0, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x19) (async, rerun: 64)
getsockopt$auto(0xffffffffffffffff, 0x1, 0x1, &(0x7f00000002c0)='.*+%\x00', &(0x7f0000000300)=0xfff) (async, rerun: 64)
close_range$auto(0x2, 0x8, 0x0) (async)
mmap$auto(0x0, 0x6, 0x4000df, 0xeb1, 0x401, 0x8000) (async, rerun: 32)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/tty/ptyd1/power/runtime_active_time\x00', 0xa401, 0x0) (async, rerun: 32)
r2 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000140), 0x149a02, 0x0)
ioctl$auto_TUNSETSNDBUF(r2, 0x400454d4, &(0x7f00000001c0)=0x40) (async)
write$auto(r1, 0x0, 0x6f7) (async)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) (async)
r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x20000, 0x0)
ioctl$auto(r3, 0x40045108, 0x0) (async)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x8000000eb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4044010}, 0x40850) (async)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1) (async)
socket(0xa, 0x2, 0x88) (async, rerun: 32)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) (rerun: 32)

5.830132518s ago: executing program 2 (id=97):
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0xc0202, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x900, 0x0)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x2, 0x100)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
move_pages$auto(r1, 0x1002, 0x0, 0x0, 0x0, 0x0)
ioctl$auto_BLKPG(r0, 0x1269, 0x3000000)

4.876136694s ago: executing program 3 (id=98):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = socket(0x2, 0x1, 0x106)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/mnt\x00')
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x200009, 0x2, 0x40eb1, 0x602, 0x300000000000)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
madvise$auto(0x0, 0x20499d, 0x9)
setsockopt$auto(r2, 0x80, 0xffffffff, 0x0, 0x4)
mmap$auto(0x80000001, 0xa0fffe, 0x8000, 0x4000000050, r2, 0x8000)
ioctl$auto(0xffffffffffffffff, 0x541d, r2)
sendmsg$auto_NL80211_CMD_SET_INTERFACE(r1, 0x0, 0x20044000)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
unshare$auto(0x40000080)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
r4 = socket(0xf, 0x3, 0x2)
r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r6 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'veth0_virt_wifi\x00'})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000001c0)={'syzkaller0\x00', <r7=>0x0})
sendmsg$auto_NET_SHAPER_CMD_GET(r0, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="00000000e7320b00000000fdd1b7bc6e9bb054bbd7f3f3aff7cf7fe9b08079c976dfa33d105c131be1c559297b5a646a5147f5b2e428e62ade389a75d6be4c3e123f0f557f4b4e46492eba1f5c58e64e86605a65539e58573ccb9980251eaaf1fa1054e6d8bd58f0b2057227e78f09ac0af4ec35143fc18689ebfd94e14935cf46d5c52185cb8ea1274c875c0d972ababe17fb9b2b0477d55f80c609be5d0fe249a873753be520eebaf587bb04aa0db06575d28e24284f39c8c0604d56e5b2b881c2d1b4c954cf91b2b4d7ca19ffa11dbc2eceea5dfe9bdb9332465b4d00cb75b0d41b57be3cf66875c953e55fec10b41166735cc7294f023d5c8e4404ec477eee80b2aac142136b4f41cc7e3d15765cb5b6d12796cf7e6250e29435ac9e17d0c86cb630", @ANYRES16=0x0, @ANYBLOB="00042bbd7000fbdbdf250100000008000800", @ANYRES32=0x0, @ANYBLOB="1c0001800800020000000000080001008a00000008000200040000001c0001800800010072000000080002000500000004fd0200010000004400018008000200060000000800010009000000080002000000000008000100280d00000800020063000000080002009a0600000800020001000100080001000400000008000800", @ANYRES32=r7, @ANYBLOB], 0xa0}, 0x1, 0x0, 0x0, 0x4}, 0x4000841)
write$auto(r5, &(0x7f0000000400)='/dev/audio1\x00', 0xd680000000)

4.770240216s ago: executing program 2 (id=99):
unshare$auto(0x40000080)
r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0)
mmap$auto(0x0, 0x10000, 0xde, 0x11, r1, 0x28000)
madvise$auto(0x0, 0x2000040080000004, 0xe)
fcntl$auto_F_SETLK(r1, 0x6, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
pwritev$auto(0x3, 0x0, 0x5, 0x3, 0x9)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003140), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000040), r3)
socket(0x11, 0x80003, 0x300)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, 0x0, 0x0)
io_uring_setup$auto(0x3, 0x0)
open(0x0, 0x161342, 0x110)
fallocate$auto(0x8000000000000003, 0x0, 0x5e, 0x4cbd5d)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0)
lseek$auto(0x3, 0x2, 0x4)
ppoll$auto(0x0, 0x9, 0x0, 0x0, 0x8)
syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000300), r2)
r4 = setfsuid$auto(0xee01)
keyctl$auto(0x1d, 0xffffffffffffffff, r4, 0x0, 0x6)
getuid()
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$auto_NFC_CMD_SE_IO(r3, &(0x7f0000000440)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="f0130000", @ANYRES32=r0, @ANYRESDEC, @ANYRES16=r2, @ANYBLOB="f7e2f1949b2ba8bb3283ca723198fcc373254ac43581da0a095e63b631afda0e1d8afd65f8dedd0c16b4767b3f300ef45d4628a634c44515a96b33cf305f6f5a1c9e82fbcd3e7fc25768fd8013d5be3144fdc112cb89e12592be04d16233a7762c21952c99a75ca44f361b9881257a15d84dc4bc169bd52345ac292307b436b77739231cbbbb449d5f537a0abe4689c9af5d15cbee7c26ba15e167b692e8e61f50e4ace518a8d4fba5d20085b174db667890a252b86a92fe4b8f066291cc9ae4431778d629d58dfd1f580e08d730f61b0a35e1f03b777ac3806d6eba4074913ba83cefb29c643aac815e69809c6108d18a91ffc55f3fcdfb85db4376debddb4d4902fc3a0f1ece9ca85eaa0446d514f6c31aae99f6c23dfcbcaedb93209ca4f76f806e299338da60a0e0d546cbf1da3e0977113d4292b9d8ca881f105774203d1e8c7be196495ae9da26047aa895a62a36d60af8519a788e16d5b119ff4a42a138a3d6d4fb40f6da1355a47bb9b249b5120765c98008d69dcede5a0d68b7977ef989073f36b88e7b886c2e656745a8a3141dde2325d7e76b79154338f16dc590d6d5d203812c6f9ddfbc8f7dee2ea852a58f71694b8eff6c720d29f5e46d76cb208f9b6170526b3803bb1826f23cd2b293a0e15152e58f2e61ee3b0bd2a74658f12cb1f7037e2c1506acc1d0a2b5b1aa2c759cd23635cfc8aec2a068e8e54a643a0c3c658672dc35e10a9ac8a27ee9e13b77dceef9e83cde0e6248efc5d9832e549885641679872f51bc69a44dd8b4fdacde22f07da95d99ff7e3b4bf34ba6fafdb9f46d8d3d2dca42763d4989d9c1728e2a9498fcc2d1f0398ad515116c9a9e0c286ba524fa56aa11e148e3b1fc0eb6c683670c55d64b0039760bd62a94c0673f0f6d5ea85e14ed52445a9a3e77abf4c4222f3b047bce37e7bc3b5fc4d69fc4429619ac61a49a3ed37696570db09e0a8e98e89e8c6352025be48df2b096a4d5733abb0a11a7324ea28da5ab1a5e824e19e44cb2fd4676b1e42cde20da28f34aecb6bd9d0c9683ee81dbf8f9525c71f6b607f8a0732a3942f76e6253b888d4028fd85bb57b0b31759aaf4752ddc34cc3f5dc5ff5d0187027c5e86c2b943c622df9b34e05c387e65c371c6b1f1fbbf58d633689c1dc903d089dbf76aa18de135c399c90be54b756dff769ffd8adfb1d308cfd7e53ad5a38b2a686ed1c0665270a758b64a3b7cb5e794ee38f1beb26625eb9bac1616862f61358ed74687f55f47e3735acfb452f36ece00ebdd6c704d2c9df514daff16136de767255b10e5fb4ca813f03c6855e64a95deb36e4f46b00d69b4c8f6a47da32b013849095a25051d7ad656ce4de833d6557005f47a4fa4bb7ddd9043c12e845012dfc9b0e62b1dc7cd82123826b8bc1ff1d1391466682cc0768cadae275f401fc04c514ea6617ed47cb880a7acce3c719fe87eb518160db7a920042a6437a77a382c4a42bbf538f6c52903dcf483b5073e3de0e5e6766eff6cedb05a0eb53b5484a72283ec76614e7ba152e8c4008a644b45e8f195fc98840d2d56ec7f4248005a197d2e7bef860573dc86204c589901abd404f8f9bf047638252795e8cf3aa6ddc97d254f46e54b7f73e1fd8dbef9148cfc291c1413353a15c5a252aa4a2c8366b1c5ab1226dffd082d3bedaec1e2c7955b4bbde8bcfd243f415d8ff88564e9d34320148508f090cff06f2b4649e8544915c674292b007175b1571c1ba2a8377dc63d68adb64618bc74a38ac9a27d597468796d9850ea6a19e085d27fe39c3a9bb5973561c06470e9e81773c860f33d4739a1c229a05227be0b42697dd1ee523fd8c799ce726364fb54d0b544e76c91a31276fbe8a42a2a9509f433b15beec35a0c2fee9875bb1dbad8b7812366e423724436b7a9a395ccaeeb3b5a2b7794b9db317b247a234cc17192d8aead325991ab4e9e9afab0abb55339cbd321c35b156022a6ce3ccfd1d4017d0573de5734fe18947b7f210eafbb8ee80fffb6919f72f08466ca9a054908c3ded187ae2fb82c09f6af508ad409e8bcd00276b3525d1d20042d0c144b2da48ce58b98fcbe7d09d80c34eec6fb3edc2c7c0685a165bb1de3106c4e798862e3f4d0710b6f1f01663859a3a9d8eae2e40dc14fa290dd1064c099b38a5393ad827e1a1cee28662e22194f23d68c11ddce35b2eecbe16b9bf47590330be73ebddcfe14c98051a1a843d235cd41e9633dd1329b98a1d3c9377f617cc36d17067bf7acb7421aec7d7bd0a493208656c536319a5876eee07376b46fc382dd29288812853f92d82857f9349249e6833a87dae5e185cd3ce644ac91cdf5814a9033a770ee6716b066e6da995341189d44abbf3eb1b1c7043909bbb9a54b2857f5824d1b6cd1d0d3f040f5dac8e9760cb7328946262acb50d9f620023587151b3000d97db543005ecf5c63f8e134fd16cb18b155c9a47b745827554ac345318425bc46be501e698444aa7a381a0c3c8061beb278b997332b559ba26817fe04b5c0a8d7eb0149befe7473a4a5b00c47ac3750b7dcc3db9a15638d5001653963a8ef7ca2adbe94de2515d9bfd51a3c146c36f7a0338e5520d522f9e9261a1f9e6b082f8bfa55d61652545122bbd7eaea6bce017085d83289c1fe88a807963bc88256bb462019b1dc3f5fd3b0cdee1195ac7d7b40461dc7a900aa06ba290d59e3b505adfcc63ac23b021442d65fa434f179feca5e4c8ad29ad81c45ba34a5733fb102ffb96a077942fa6b1d3d3dfddbf2d20b8b5eec06983bfc4b94fad10c340df02ff4040ad8fec968832397db40c4121fdbebb62cb7812622222a71c42b880329d69cfcc2c2cf2849db8d257def4eb45282d567c5a6500e1015d42d7abc80d6d685aab776578b2ed14b0db7ac6eb74e8f99ca9194cb13b06250c180d4a9ed186be764f544b25f6486c3d087281daa283aa42e58df19c52a8f8ac0e792f5768a8de499eb95040f509ff43460117fbdb97755eb0399bba588a73f64b5e3559b753dff6b83feaff510a2382cbab156ba1254a424797bd3087dbdaaebd8265e211d8cdb2b584e5ad747fab2525a8c6eda9bcd28338f2f61d3641edb5bc247cc67a218706ab20af3ccfd874598265ec7c6098676492153b28e58237de1c1acf170a92bfa839dd41b9970544434c98d1af2b74887fae9e580963bbfad3fb555c0c21eb243835ca483de418d18fcc3c515341547d595dbae8499c351538736dab90796a9e4cfe0d4a777240e511baee654328d9e091ef0ed9112ebf8d76b0ffd2373d28e80634856d7cb728fceb4ca7219a6f3d384a8babee93dd3ccbe292b5a6d5f3e4de6eaeca8ed73596f3a050901af31f6ec3c9712952c372aa63b96ac781f74737a103dd614d36a93fd2ae41a65ffad37bc8eb73857ca3a1a843f883e2ffaca62f1c156c23810a12d93876ac0e262628d44748b5ee6938bbc7af49b7864ac0d4593fca42dd5057835b86ffe17aa32a6d36019f0f09a3d8d9efc1ffd9fcc9a90585031cc694b059ebda8072eafbfbe971d16974ad9bbabc49a1a6b0e6dd6e70ea7bce674c124a7bba84002838f598ab23c0d7c91cfd7772ea65dd2c331694854e528478effe317c7943e7e90c524a6abd9a23533bbf77cd3637f935becbb2a5232ad920d19d9ec6a7b6f1c6f3640b14593ae6a469fffd80dfd94ba3078e60a1cc0da70716b8d8e0187af49e3971a9921b1b1235ea082f8eb937f33577fc59276088c96f41d6a205b1875b3e3430b3f6e041d44b1c2a13893dcf4cebbb8c44308192f1183fbfab72ec0de64c6a05bda12f507202a25dc0d4b30b8547efdc668ecf061ee501062e5e41ba0bf54bcf82255749b8ef03de97a8e1f751d15e16d35a7e4c2cb9def909f5e3fc718cabef676acf4fc84bb483c53734c6893ef450dd0dc13f841ff892492e3bf5c7cb59adca182cbcff075a422f80bca73abc4db5bc13ccabc783e9cc3a464b5fbf60912092f51db6b6178e2b2617ffb0210403dc6a55fc7d435d317d780ed27b7a46cd907ade1aacaa87bf29a60181a28aed1b50712c007d721c6eb13de298b06917e059e2a2f54a6605c2ff0175162eb3680ce40223fdb9681142347fa2cf9f48ae24dc4082004119b87d1be8d0c43efd0b3d0668f01fc84708d08aa6cab239ba9892dc26b46eb9dc7cc32d5388afb8f0790111dab0860dbe20cd3035f56aa6abd6d80acf86fd92d0900e54c9a109a47475bccdc7ca5cf94d9551511441e8b3a59378be11a7d54738a03f5a9daa9d26f4f56faa9c0e9aeb64346f358ed7106d3c354d1b7706e209873a0d61ca05f6eb3e7f52a36d9e716b8742e4aa9ab2dc42a61b37f0df2949cd4ad78d8da413360c5e985c5bca987a21d27dab3e8412f27f220cffffc5dc2766f1f0f8eb39c2b0782b61233c00655ae814f79909a4618682cbc2e3b4fc95edd8478f1ae524284876dc9c2e74de31f479c35603f47b7ab8fd17bfbb564fc0bd200da4d0b902b6d9c9d40779d68263add962ea551ce28f86b504f170491bc22b056cb108ce0b86a3fddcc226f27ef3c215c1f3359c0e6b03a35729eaaba3f5cb9842a928fdbfee2d5edb23d231312f0ec6021167b0597a2864e3a8a66fc3a70c31446abf64db5210349e611fbdef9239c65f775feacd8ab884735efa2c4ccb5e0cee07922f0a41e296b52c12b3a9460c01ee89403cc00cbf01e08a4fd5c8c5e82a5b8a207c527ba92e1405320a4a5e76768729d19682870fa8990988c4c599e7426d86007075b9d97bbe175ddd0c861bab86ea83411a75b77744850eee542c2259f06e3ac98a6108c13e1878a0c7c941b45b305b542c6f8707d66ebdc169fce8ab9051812a0b7a2bda011a9b25ac4c3d007e3f2148c7d432540fa297f4b59d1057612114fc1d643211a31f42e1761b3f9e22db6246b0a3360d15bc1b0994733d291a84f236112599b60c630eeccea1af34a985dda89f8e8e760d00ff13b43271277f7f2c4f811db9267021af0f60e270533915f5662e8d8bcacc313d45725d4c164323a5b2737c43a8fd756fd4dcd3d81d2cbb37c72575e88e6d8e36e139a6d9dc91fddd0addcab134779d5716a025be35bfacdc35bd3a2f4fc18cc343b220a5ae16c7836e401fad039d08b424d25f854c77ddbc8f48862715b10b32d5e3ef8fa3e5934b4e461160f6f796287b8dc698a99cd419d47b67a4afdc750958c911968c8ce8bdff67627be6a032c98759e41eba283c8f053dfdfa4de701196102d3b32ff1762a5a0b774d5eb533de98590f86244ffb2bb95da4e6fdd486d43e7763f3862e3cc1866ef81a12aa4331fa3a89ed007f1e786eb1ca23b076c8ba5eac8bc2bcd87a3edf5f7957627d86d78276610cd312d49b0edf08d3bd17e06acad18ce8dd0442e300ecd28a678df324bb3834730e0a78bfb41e77209ad2e72013caa86c1bc655b8f7b652d3c4b140c06811476ddbeef8ae3785062e94dc1e0d1abeac5603a07f11b787cd6fceb0e04ab3d5ebe6052676b251f9f8a42162983501f0316c7353090cc7d12b1ddc41c3bfdc1cf0f07e2c26cf0c5a06124080466bf04075f0f334bc506c502595b8b40e8054b640871eb55d7e4086770a15f028f78f2141278c4129ad05be1679b86545de26e81d7e391974b845d0c3ef91e3c32133c47c6976938ac4b51a666524164c269b07b8184fb78990edf6f6fff08167059bf622347e51014984e9dca524ca11ed66aaea8c40fcfac206b491cd6705157b8c1f87b86ef426d1b972111977dd59c2e1e5112a0ab8678893a424a8fcb92f755e8d92fdafd1d9b72d2dfee0d4eeb479dd16a0a3fe588545c8e1c4b153749a826fec5b1b472f553e2c9fb68c2e6dfd2e008f1895e6404412983b00ee25bc1021022a29cb2926ce3ca0a196d16c12d4c84e992f8bd1313cb9b98a6b77a5f983f5cd817b0a30add60b3b8aded75d0c15ffabb0a010f20ea780755645785132745cef9de638ccbe5f347aa81ea44dc9eea68e9e69feb8f68be52c2b08002800", @ANYRES8=r4, @ANYBLOB="6391f07a", @ANYRESOCT, @ANYBLOB="54001d006071d2292da974c59967cc34589c171fb0d05cefd8a7cdf635aabc6524d880cb36a78a32fe935333264d243177f5b8a957d1872258dca602389630a3ca82571f6a1a663874cf847831f3b3c8f226b23add8fb71be55e18ccfd874182fef0ab0e3f2991d808fd596ed406ba698159ed3548a12ec37e16fae61f032b3e37e34645c40f4665f8116b7328ed568186c344bd3b51b1927def8375f92668e0a7b399340f696e61facd3057483e188e0080503c58c6b90bcd2625c04c2c9ee570d44d77d2c61c839c47e145186e46bb9e381dd833cf741400f7000000000000000000000000000000000000000005000f000d000000050005000000000000001d000200000050001f0038f2be077c618ab3aa899de7724cec1b3d3dbeeb4244f47a49cb74b6c6cea8ae232b1c29312655283e3ad7ac93da76a62a4122ca2317d781c5f6b4ec559b2be79f47e02ab41e6eda6bb50eed0ce9f62ef900"/357], 0x13f0}, 0x1, 0x0, 0x0, 0x4040000}, 0x20048010)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000640)={'wlan1\x00', <r5=>0x0})
sendmsg$auto_NETDEV_CMD_QSTATS_GET(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000", @ANYRESOCT, @ANYBLOB="010306000000000000000c00000008000100", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x20000000)

3.347434198s ago: executing program 1 (id=100):
unshare$auto(0x40000080)
r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r0, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@ETHTOOL_A_TUNNEL_INFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}]}, 0x2c}}, 0x4000000) (fail_nth: 5)

3.200669929s ago: executing program 2 (id=101):
r0 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2)
r1 = socket(0x10, 0x4, 0xffffffc0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1fd, 0x583, 0xd, 0x8fd6, 0x2, 0x1, 0x15f4da0a, 0x3, 0x7, 0x62, 0x80000001, 0x7, 0x8, 0x9, 0x1000, 0xfffffffffffffffe]}, 0x0)
r3 = openat$auto_proc_oom_score_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/oom_score_adj\x00', 0x20202, 0x0)
read$auto_proc_oom_score_adj_operations_base(r3, 0x0, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0)
write$auto(r4, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
clone3$auto(&(0x7f0000000340)={0x7fd, 0xffffffff, 0x1, 0x100, 0x5, 0xe, 0x4, 0x5, 0x1, 0x9, 0x31}, 0xf0e)
write$auto(r4, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
socket(0x10, 0x2, 0x0)
r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/ipv6_route\x00', 0x101000, 0x0)
pread64$auto(r5, 0x0, 0x8, 0xffff)
madvise$auto(0x0, 0x200007, 0x8)
setresuid$auto(0x2, 0x7, 0x8080)
socket(0x10, 0x2, 0x6)
syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff)
openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0)
kexec_load$auto(0x6a0, 0x9, 0x0, 0x80000001)
close_range$auto(0x2, 0x8, 0x0)
r6 = socket(0x2, 0x1, 0x106)
setsockopt$auto(r6, 0x1, 0x10, 0x0, 0x8)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0)
keyctl$auto(0x1d, 0xffffffffffffffff, 0x5, 0x5, 0x6)
r7 = ioctl$auto_TUNSETSNDBUF2(r0, 0x400454d4, &(0x7f0000000180)=0x8)
pidfd_send_signal$auto_PIDFD_SIGNAL_THREAD(r1, 0x36d9, &(0x7f0000000240)={@siginfo_0_0={0x3, 0x7f, 0x9, @_sigpoll={0x5, r7}}}, 0x1)

2.914654112s ago: executing program 3 (id=102):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/serial8250/driver_override\x00', 0x22b42, 0x0)
mmap$auto(0xfefffffffff, 0x2000b, 0x9, 0x5f, 0x401, 0x8000000000000000)
r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/oom_adj\x00', 0xa402, 0x0)
read$auto(r1, 0x0, 0x1f42)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000080)={0x0, 0x800000007}, 0x3)
pwritev2$auto(r1, &(0x7f0000000140)={&(0x7f0000000100)="6dca8659d10c00a84be89b6ba1b9b0122ad8502b4032cfb89fda178a03747cff8460647462d5373955d6", 0x1}, 0xd4, 0x7fffffffffffffff, 0x1, 0xb)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x115700, 0x0)
sendfile$auto(r0, r0, 0x0, 0x6)

1.963647793s ago: executing program 3 (id=103):
r0 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x7215c1, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000600)='/proc/sys/net/ipv4/vs/est_cpulist\x00', 0x2, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
r1 = socket(0x2a, 0x2, 0x1)
sendto$auto(r1, 0x0, 0xffff, 0x10000, &(0x7f0000000480)=@qipcrtr={0x2a, 0x4, 0xfffffffe}, 0x6)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
ioctl$auto_posix_clock_file_operations_posix_clock(r0, 0x40043d04, 0x0)

1.630306796s ago: executing program 3 (id=104):
r0 = socket(0x1e, 0x805, 0x0)
fsconfig$auto(r0, 0x3, &(0x7f0000000000)='4\x93f\x06\x04\x00\x00', &(0x7f0000000040), 0x7f)
mmap$auto(0x8000000000000001, 0x4, 0x0, 0x13, r0, 0x92b)
r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$auto_VHOST_SET_OWNER(r1, 0xaf01, 0x5)
setsockopt$auto_SO_CNX_ADVICE(r1, 0x9, 0x35, &(0x7f0000000000)='&,,-{%+{}$}]/:!.(\xda+\x00', 0x8)
ioctl$auto(r1, 0x4004af07, r1)
r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/pagemap\x00', 0x102, 0x0)
ioctl$auto_PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f0000000100)={0x61, 0x200001, 0x100000, 0x8000000000000000, 0x9, 0xffffffffffffffff, 0x56, 0x1000000bfe, 0x9, 0x2c, 0x0, 0xe7d5})

1.294561011s ago: executing program 3 (id=105):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/ram14/queue/virt_boundary_mask\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x240009, 0xdf, 0x9b72, 0x7, 0x28000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x100, 0x0)
r2 = syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f00000000c0), r0)
sendmsg$auto_TCP_METRICS_CMD_DEL(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x78, r2, 0x30, 0x70bd27, 0x25dfdbfb, {}, [@TCP_METRICS_ATTR_ADDR_IPV4={0x8, 0x1, @multicast1}, @TCP_METRICS_ATTR_ADDR_IPV6={0x14, 0x2, @mcast2}, @TCP_METRICS_ATTR_ADDR_IPV4={0x8, 0x1, @multicast1}, @TCP_METRICS_ATTR_ADDR_IPV4={0x8, 0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}, @TCP_METRICS_ATTR_SADDR_IPV4={0x8, 0xb, @private=0xa010101}, @TCP_METRICS_ATTR_ADDR_IPV6={0x14, 0x2, @mcast2}, @TCP_METRICS_ATTR_SADDR_IPV6={0x14, 0xc, @rand_addr=' \x01\x00'}, @TCP_METRICS_ATTR_SADDR_IPV4={0x8, 0xb, @multicast2}]}, 0x78}, 0x1, 0x0, 0x0, 0x804}, 0x4048000)
read$auto(r1, 0x0, 0x20)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3)
r4 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x109002, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x3, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
sendfile$auto(r4, r4, 0x0, 0x10000800000003)
sendfile$auto(0x1, 0x3, 0x0, 0xc01)

719.016868ms ago: executing program 1 (id=106):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(r0, &(0x7f0000000040)=@l2={0x1f, 0x9, @none, 0xd78, 0x2}, 0x2)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
socket(0x1d, 0x2, 0x6)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x40000)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
write$auto(0x3, 0x0, 0xfffffdef)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$auto_BLKTRACESETUP32(r2, 0xc0401273, &(0x7f0000000180)={"c16f6303d5736a1b0feb8f6a0554277f3190781cfe525c42f1ebed0dc940e2fd", 0x3, 0xff, 0x3798, 0xd, 0x810})
waitid$auto_P_ALL(0x0, 0x8, &(0x7f0000000200)={@_si_pad}, 0x2, &(0x7f0000000280)={{0x3, 0x1}, {0x5, 0x100000000}, 0x2, 0x2, 0x8, 0x6, 0x8, 0x7, 0x80, 0x14, 0x0, 0x1, 0xf34, 0x6, 0x1000200000, 0x6})
fcntl$getown(r0, 0x9)
msgctl$auto_MSG_STAT_ANY(0x5, 0xd, &(0x7f0000000380)={{0x4468ebf0, 0xee01, 0x0, 0x7, 0x6, 0x7, 0x2}, &(0x7f0000000100)=0x5, &(0x7f0000000340)=0xa, 0xfffffffffffffff8, 0x0, 0x3, 0x81, 0x3, 0x4, 0xf25, 0x5, @inferred, @raw=0x5})
msgctl$auto_IPC_SET(0x6, 0x1, &(0x7f00000004c0)={{0x401, 0xee00, 0x0, 0x7, 0x6, 0x8, 0x7}, &(0x7f0000000440)=0x2, &(0x7f0000000480)=0x3, 0x4, 0x80000000, 0x1, 0x1, 0x2, 0x6, 0x8, 0xc0, @inferred=0xffffffffffffffff})
r3 = gettid()
process_vm_readv$auto(r3, 0x0, 0x4, 0x0, 0x3, 0x0)
sendmsg$auto_TIPC_NL_LINK_SET(r2, 0x0, 0x4004840)
connect$auto(0x3, 0x0, 0x55)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x4000010}, 0x804)

0s ago: executing program 3 (id=107):
r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x60042, 0x0)
ioctl$auto_SG_SET_RESERVED_SIZE2(r0, 0x2275, &(0x7f0000000040)="d93ca7")
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
rt_sigqueueinfo$auto(0xffffffffffffffff, 0x26db, &(0x7f0000000080)={@siginfo_0_0={0x200, 0x2, 0x167, @_sigpoll={0x8, r0}}})
r1 = openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/loginuid\x00', 0x200, 0x0)
openat$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/netdevsim/netdevsim2/trap_flow_action_cookie\x00', 0x14200, 0x0)
ppoll$auto(&(0x7f0000000140)={r1, 0x7, 0xc000}, 0x7, &(0x7f0000000180)={0x6, 0x9}, &(0x7f00000001c0)={0x43a}, 0x8)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.230' (ED25519) to the list of known hosts.
[   99.066884][ T5822] cgroup: Unknown subsys name 'net'
[   99.236064][ T5822] cgroup: Unknown subsys name 'cpuset'
[   99.246951][ T5822] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[  101.105721][ T5822] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  102.343163][  T977] cfg80211: failed to load regulatory.db
[  103.599928][ T5837] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  103.610204][ T5837] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  103.631260][ T5848] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  103.639695][ T5848] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  103.648544][ T5848] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  103.662458][ T5851] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  103.670380][ T5851] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  103.690628][ T5851] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  103.699374][ T5851] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  103.708163][ T5851] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  103.717167][ T5851] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  103.727518][ T5851] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  103.734972][ T5851] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  103.745661][ T5849] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  103.764978][ T5853] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  103.781258][ T5853] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  103.801532][ T5853] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  103.802478][ T5848] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  103.817083][ T5848] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  103.826529][ T5837] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  104.366218][ T5836] chnl_net:caif_netlink_parms(): no params data found
[  104.529319][ T5842] chnl_net:caif_netlink_parms(): no params data found
[  104.658067][ T5839] chnl_net:caif_netlink_parms(): no params data found
[  104.676832][ T5841] chnl_net:caif_netlink_parms(): no params data found
[  104.702440][ T5836] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.709806][ T5836] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.718031][ T5836] bridge_slave_0: entered allmulticast mode
[  104.726184][ T5836] bridge_slave_0: entered promiscuous mode
[  104.765085][ T5836] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.772468][ T5836] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.779663][ T5836] bridge_slave_1: entered allmulticast mode
[  104.787914][ T5836] bridge_slave_1: entered promiscuous mode
[  104.934196][ T5836] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  104.947827][ T5836] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  104.964762][ T5842] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.972373][ T5842] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.979821][ T5842] bridge_slave_0: entered allmulticast mode
[  104.987486][ T5842] bridge_slave_0: entered promiscuous mode
[  105.052981][ T5842] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.060602][ T5842] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.068009][ T5842] bridge_slave_1: entered allmulticast mode
[  105.076135][ T5842] bridge_slave_1: entered promiscuous mode
[  105.127267][ T5839] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.136229][ T5839] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.144522][ T5839] bridge_slave_0: entered allmulticast mode
[  105.152564][ T5839] bridge_slave_0: entered promiscuous mode
[  105.161011][ T5839] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.168168][ T5839] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.175486][ T5839] bridge_slave_1: entered allmulticast mode
[  105.183599][ T5839] bridge_slave_1: entered promiscuous mode
[  105.206148][ T5841] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.213418][ T5841] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.220602][ T5841] bridge_slave_0: entered allmulticast mode
[  105.229081][ T5841] bridge_slave_0: entered promiscuous mode
[  105.240384][ T5836] team0: Port device team_slave_0 added
[  105.250194][ T5836] team0: Port device team_slave_1 added
[  105.288853][ T5842] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  105.298820][ T5841] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.307208][ T5841] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.314851][ T5841] bridge_slave_1: entered allmulticast mode
[  105.323691][ T5841] bridge_slave_1: entered promiscuous mode
[  105.346816][ T5839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  105.360422][ T5839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  105.373467][ T5842] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  105.420008][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_0
[  105.427296][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.453651][ T5836] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  105.510557][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_1
[  105.517840][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.545449][ T5836] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  105.588597][ T5841] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  105.614714][ T5839] team0: Port device team_slave_0 added
[  105.624622][ T5839] team0: Port device team_slave_1 added
[  105.634785][ T5842] team0: Port device team_slave_0 added
[  105.644735][ T5842] team0: Port device team_slave_1 added
[  105.654019][ T5841] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  105.738856][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_0
[  105.745909][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.772738][ T5839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  105.784058][ T5154] Bluetooth: hci2: command tx timeout
[  105.788569][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_1
[  105.797161][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.824071][ T5839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  105.860923][ T5837] Bluetooth: hci0: command tx timeout
[  105.861200][ T5848] Bluetooth: hci1: command tx timeout
[  105.866910][ T5154] Bluetooth: hci3: command tx timeout
[  105.898252][ T5841] team0: Port device team_slave_0 added
[  105.930396][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_0
[  105.937502][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.963583][ T5842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  105.982319][ T5836] hsr_slave_0: entered promiscuous mode
[  105.988983][ T5836] hsr_slave_1: entered promiscuous mode
[  105.998903][ T5841] team0: Port device team_slave_1 added
[  106.027577][ T5839] hsr_slave_0: entered promiscuous mode
[  106.034234][ T5839] hsr_slave_1: entered promiscuous mode
[  106.040529][ T5839] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  106.048578][ T5839] Cannot create hsr debugfs directory
[  106.055019][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_1
[  106.062356][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  106.088441][ T5842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  106.193167][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_0
[  106.200163][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  106.227303][ T5841] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  106.239775][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_1
[  106.246885][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  106.273551][ T5841] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  106.360661][ T5842] hsr_slave_0: entered promiscuous mode
[  106.367413][ T5842] hsr_slave_1: entered promiscuous mode
[  106.375332][ T5842] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  106.383052][ T5842] Cannot create hsr debugfs directory
[  106.498610][ T5841] hsr_slave_0: entered promiscuous mode
[  106.505730][ T5841] hsr_slave_1: entered promiscuous mode
[  106.512470][ T5841] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  106.520134][ T5841] Cannot create hsr debugfs directory
[  106.910959][ T5839] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  106.927861][ T5839] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  106.949909][ T5839] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  106.962078][ T5839] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  107.030813][ T5836] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  107.046736][ T5836] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  107.057984][ T5836] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  107.085938][ T5836] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  107.162745][ T5841] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  107.176091][ T5841] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  107.188445][ T5841] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  107.201557][ T5841] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  107.331361][ T5842] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  107.343176][ T5842] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  107.355721][ T5842] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  107.369269][ T5842] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  107.462533][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0
[  107.544365][ T5839] 8021q: adding VLAN 0 to HW filter on device team0
[  107.565396][ T5836] 8021q: adding VLAN 0 to HW filter on device bond0
[  107.578471][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.585923][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[  107.617444][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.624622][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[  107.696653][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0
[  107.740689][ T5841] 8021q: adding VLAN 0 to HW filter on device bond0
[  107.766244][ T5836] 8021q: adding VLAN 0 to HW filter on device team0
[  107.783391][ T5842] 8021q: adding VLAN 0 to HW filter on device team0
[  107.815642][   T62] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.822974][   T62] bridge0: port 1(bridge_slave_0) entered forwarding state
[  107.837062][   T62] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.844266][   T62] bridge0: port 2(bridge_slave_1) entered forwarding state
[  107.861983][ T5154] Bluetooth: hci2: command tx timeout
[  107.865345][ T1163] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.874619][ T1163] bridge0: port 1(bridge_slave_0) entered forwarding state
[  107.891571][ T5841] 8021q: adding VLAN 0 to HW filter on device team0
[  107.934156][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.941413][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  107.951760][ T5154] Bluetooth: hci1: command tx timeout
[  107.952644][ T5848] Bluetooth: hci3: command tx timeout
[  107.957204][ T5154] Bluetooth: hci0: command tx timeout
[  107.970204][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.977446][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  107.988379][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.995658][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  108.460662][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0
[  108.575350][ T5839] veth0_vlan: entered promiscuous mode
[  108.642405][ T5839] veth1_vlan: entered promiscuous mode
[  108.740328][ T5839] veth0_macvtap: entered promiscuous mode
[  108.774502][ T5839] veth1_macvtap: entered promiscuous mode
[  108.869949][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0
[  108.893151][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0
[  108.911478][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0
[  108.923457][ T5841] 8021q: adding VLAN 0 to HW filter on device batadv0
[  108.954656][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1
[  108.966849][ T5839] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  108.976374][ T5839] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  108.987240][ T5839] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  108.996647][ T5839] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.093202][ T5836] veth0_vlan: entered promiscuous mode
[  109.140411][ T5836] veth1_vlan: entered promiscuous mode
[  109.174953][ T5842] veth0_vlan: entered promiscuous mode
[  109.232797][ T5842] veth1_vlan: entered promiscuous mode
[  109.247087][ T5841] veth0_vlan: entered promiscuous mode
[  109.247449][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.264827][ T5841] veth1_vlan: entered promiscuous mode
[  109.271502][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.333709][ T5836] veth0_macvtap: entered promiscuous mode
[  109.373691][ T5836] veth1_macvtap: entered promiscuous mode
[  109.386463][ T1331] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.395979][ T5842] veth0_macvtap: entered promiscuous mode
[  109.402147][ T1331] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.429111][ T5842] veth1_macvtap: entered promiscuous mode
[  109.477136][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0
[  109.500535][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0
[  109.513421][ T5841] veth0_macvtap: entered promiscuous mode
[  109.528678][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1
[  109.534749][ T5839] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  109.548540][ T5836] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.566356][ T5836] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.575303][ T5836] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.584211][ T5836] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.597558][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1
[  109.613597][ T5841] veth1_macvtap: entered promiscuous mode
[  109.633423][ T5842] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.645737][ T5842] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.654602][ T5842] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.667817][ T5842] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.788115][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_0
[  109.846521][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_1
[  109.906237][ T5841] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.919222][ T5841] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.929587][ T5841] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.939199][ T5841] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.951225][ T5154] Bluetooth: hci2: command tx timeout
[  110.022939][ T5837] Bluetooth: hci1: command tx timeout
[  110.022951][ T5848] Bluetooth: hci0: command tx timeout
[  110.034236][ T5154] Bluetooth: hci3: command tx timeout
[  110.131820][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  110.139732][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  110.176477][   T37] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  110.198938][   T37] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  110.289904][   T37] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  110.309129][   T37] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  110.389937][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  110.412986][ T1144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  110.430108][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  110.438662][ T1144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  110.597830][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  110.622669][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.020492][ T5936] process 'syz.2.3' launched '/dev/fd/8' with NULL argv: empty string added
[  111.029957][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  111.464306][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  111.889074][ T5947] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  111.932126][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  112.001213][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  112.010916][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  112.021255][ T5837] Bluetooth: hci2: command tx timeout
[  112.104312][ T5837] Bluetooth: hci0: command tx timeout
[  112.109815][ T5837] Bluetooth: hci1: command tx timeout
[  112.115325][ T5154] Bluetooth: hci3: command tx timeout
[  112.308575][ T5952] can: request_module (can-proto-3) failed.
[  112.353790][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  112.363144][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  112.371943][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  112.380832][    T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!!
[  112.389155][    T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!!
[  112.608499][ T5956] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  113.181809][ T5961] can: request_module (can-proto-3) failed.
[  114.145284][ T5984] can: request_module (can-proto-3) failed.
[  116.813059][ T6034] netlink: 266 bytes leftover after parsing attributes in process `syz.0.27'.
[  116.837232][ T6034] IPv6: NLM_F_CREATE should be specified when creating new route
[  116.858164][ T6034] Zero length message leads to an empty skb
[  117.353805][ T6051] vivid-003: =================  START STATUS  =================
[  117.362524][ T6051] vivid-003: Radio HW Seek Mode: Bounded
[  117.368978][ T6051] vivid-003: Radio Programmable HW Seek: false
[  117.384605][ T6051] vivid-003: RDS Rx I/O Mode: Block I/O
[  117.397237][ T6051] vivid-003: Generate RBDS Instead of RDS: false
[  117.416715][ T6051] vivid-003: RDS Reception: true
[  117.427818][ T6051] vivid-003: RDS Program Type: 0 inactive
[  117.440261][ T6051] vivid-003: RDS PS Name:  inactive
[  117.455506][ T6051] vivid-003: RDS Radio Text:  inactive
[  117.470030][ T6051] vivid-003: RDS Traffic Announcement: false inactive
[  117.488540][ T6051] vivid-003: RDS Traffic Program: false inactive
[  117.504858][ T6051] vivid-003: RDS Music: false inactive
[  117.514466][ T6058] FAULT_INJECTION: forcing a failure.
[  117.514466][ T6058] name failslab, interval 1, probability 0, space 0, times 1
[  117.528078][ T6051] vivid-003: ==================  END STATUS  ==================
[  117.528951][ T6055] FAULT_INJECTION: forcing a failure.
[  117.528951][ T6055] name failslab, interval 1, probability 0, space 0, times 1
[  117.575792][ T6058] CPU: 0 UID: 0 PID: 6058 Comm: syz.2.36 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[  117.575834][ T6058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  117.575857][ T6058] Call Trace:
[  117.575870][ T6058]  <TASK>
[  117.575885][ T6058]  dump_stack_lvl+0x16c/0x1f0
[  117.575941][ T6058]  should_fail_ex+0x512/0x640
[  117.575988][ T6058]  ? __kvmalloc_node_noprof+0x124/0x620
[  117.576037][ T6058]  should_failslab+0xc2/0x120
[  117.576065][ T6058]  __kvmalloc_node_noprof+0x137/0x620
[  117.576111][ T6058]  ? alloc_pages_bulk_noprof+0xa67/0x1410
[  117.576155][ T6058]  ? seq_read_iter+0x826/0x12c0
[  117.576202][ T6058]  ? seq_read_iter+0x826/0x12c0
[  117.576238][ T6058]  seq_read_iter+0x826/0x12c0
[  117.576278][ T6058]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  117.576354][ T6058]  kernfs_fop_read_iter+0x40f/0x5a0
[  117.576398][ T6058]  copy_splice_read+0x618/0xba0
[  117.576443][ T6058]  ? __mutex_lock+0x1ca/0xb90
[  117.576474][ T6058]  ? __pfx_copy_splice_read+0x10/0x10
[  117.576519][ T6058]  ? __pfx___mutex_lock+0x10/0x10
[  117.576560][ T6058]  ? __fget_files+0x204/0x3c0
[  117.576607][ T6058]  ? __pfx_copy_splice_read+0x10/0x10
[  117.576645][ T6058]  do_splice_read+0x282/0x370
[  117.576690][ T6058]  splice_file_to_pipe+0x109/0x120
[  117.576738][ T6058]  do_sendfile+0x400/0xe50
[  117.576789][ T6058]  ? __pfx_do_sendfile+0x10/0x10
[  117.576833][ T6058]  ? __fget_files+0x20e/0x3c0
[  117.576887][ T6058]  __x64_sys_sendfile64+0x1d8/0x220
[  117.576915][ T6058]  ? ksys_write+0x1ac/0x250
[  117.576957][ T6058]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  117.577022][ T6058]  do_syscall_64+0xcd/0x490
[  117.577056][ T6058]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.577089][ T6058] RIP: 0033:0x7fc300f8e929
[  117.577123][ T6058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.577151][ T6058] RSP: 002b:00007fc2fedf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  117.577179][ T6058] RAX: ffffffffffffffda RBX: 00007fc3011b5fa0 RCX: 00007fc300f8e929
[  117.577198][ T6058] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000001
[  117.577215][ T6058] RBP: 00007fc2fedf6090 R08: 0000000000000000 R09: 0000000000000000
[  117.577233][ T6058] R10: 0000000000000c01 R11: 0000000000000246 R12: 0000000000000001
[  117.577251][ T6058] R13: 0000000000000000 R14: 00007fc3011b5fa0 R15: 00007ffc417318f8
[  117.577291][ T6058]  </TASK>
[  117.581058][ T6055] CPU: 1 UID: 0 PID: 6055 Comm: syz.3.34 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[  117.581109][ T6055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  117.581130][ T6055] Call Trace:
[  117.581143][ T6055]  <TASK>
[  117.581160][ T6055]  dump_stack_lvl+0x16c/0x1f0
[  117.581225][ T6055]  should_fail_ex+0x512/0x640
[  117.581280][ T6055]  ? __kvmalloc_node_noprof+0x124/0x620
[  117.581338][ T6055]  should_failslab+0xc2/0x120
[  117.581371][ T6055]  __kvmalloc_node_noprof+0x137/0x620
[  117.581425][ T6055]  ? seq_read_iter+0x826/0x12c0
[  117.581478][ T6055]  ? seq_read_iter+0x826/0x12c0
[  117.581519][ T6055]  seq_read_iter+0x826/0x12c0
[  117.581565][ T6055]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  117.581648][ T6055]  kernfs_fop_read_iter+0x40f/0x5a0
[  117.581696][ T6055]  copy_splice_read+0x618/0xba0
[  117.581755][ T6055]  ? __pfx_copy_splice_read+0x10/0x10
[  117.581805][ T6055]  ? look_up_lock_class+0x6b/0x150
[  117.581869][ T6055]  ? lockdep_init_map_type+0x5c/0x280
[  117.581923][ T6055]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[  117.581977][ T6055]  ? __pfx_copy_splice_read+0x10/0x10
[  117.582020][ T6055]  do_splice_read+0x282/0x370
[  117.582071][ T6055]  splice_direct_to_actor+0x2a1/0xa30
[  117.582120][ T6055]  ? __pfx_direct_splice_actor+0x10/0x10
[  117.582176][ T6055]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  117.582236][ T6055]  do_splice_direct+0x174/0x240
[  117.582284][ T6055]  ? __pfx_do_splice_direct+0x10/0x10
[  117.582333][ T6055]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  117.582379][ T6055]  ? rw_verify_area+0xcf/0x680
[  117.582431][ T6055]  do_sendfile+0xb06/0xe50
[  117.582488][ T6055]  ? __pfx_do_sendfile+0x10/0x10
[  117.582543][ T6055]  ? __x64_sys_futex+0x1e0/0x4c0
[  117.582587][ T6055]  ? __x64_sys_futex+0x1e9/0x4c0
[  117.582645][ T6055]  __x64_sys_sendfile64+0x1d8/0x220
[  117.582682][ T6055]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  117.582757][ T6055]  do_syscall_64+0xcd/0x490
[  117.582795][ T6055]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.582833][ T6055] RIP: 0033:0x7fbff718e929
[  117.582862][ T6055] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.582898][ T6055] RSP: 002b:00007fbff8015038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  117.582931][ T6055] RAX: ffffffffffffffda RBX: 00007fbff73b6160 RCX: 00007fbff718e929
[  117.582956][ T6055] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[  117.582977][ T6055] RBP: 00007fbff7210b39 R08: 0000000000000000 R09: 0000000000000000
[  117.583000][ T6055] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000
[  117.583022][ T6055] R13: 0000000000000000 R14: 00007fbff73b6160 R15: 00007fff5e092bd8
[  117.583070][ T6055]  </TASK>
[  118.410574][ T6072] netlink: 330 bytes leftover after parsing attributes in process `syz.0.35'.
[  118.460581][ T6069] netlink: 16 bytes leftover after parsing attributes in process `syz.3.38'.
[  118.681424][ T6071] netlink: 93 bytes leftover after parsing attributes in process `syz.3.38'.
[  119.107794][ T6080] FAULT_INJECTION: forcing a failure.
[  119.107794][ T6080] name failslab, interval 1, probability 0, space 0, times 0
[  119.126728][ T6080] CPU: 0 UID: 0 PID: 6080 Comm: syz.0.40 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[  119.126771][ T6080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  119.126792][ T6080] Call Trace:
[  119.126802][ T6080]  <TASK>
[  119.126814][ T6080]  dump_stack_lvl+0x16c/0x1f0
[  119.126869][ T6080]  should_fail_ex+0x512/0x640
[  119.126916][ T6080]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  119.126970][ T6080]  should_failslab+0xc2/0x120
[  119.126999][ T6080]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  119.127046][ T6080]  ? __alloc_skb+0x2b2/0x380
[  119.127100][ T6080]  __alloc_skb+0x2b2/0x380
[  119.127147][ T6080]  ? __pfx___alloc_skb+0x10/0x10
[  119.127211][ T6080]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  119.127258][ T6080]  netlink_alloc_large_skb+0x69/0x130
[  119.127297][ T6080]  netlink_sendmsg+0x6a1/0xdd0
[  119.127340][ T6080]  ? __pfx_netlink_sendmsg+0x10/0x10
[  119.127395][ T6080]  ____sys_sendmsg+0xa98/0xc70
[  119.127434][ T6080]  ? copy_msghdr_from_user+0x10a/0x160
[  119.127484][ T6080]  ? __pfx_____sys_sendmsg+0x10/0x10
[  119.127543][ T6080]  ___sys_sendmsg+0x134/0x1d0
[  119.127598][ T6080]  ? __pfx____sys_sendmsg+0x10/0x10
[  119.127648][ T6080]  ? __lock_acquire+0x622/0x1c90
[  119.127742][ T6080]  __sys_sendmsg+0x16d/0x220
[  119.127773][ T6080]  ? __pfx___sys_sendmsg+0x10/0x10
[  119.127851][ T6080]  do_syscall_64+0xcd/0x490
[  119.127884][ T6080]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.127916][ T6080] RIP: 0033:0x7fbc9378e929
[  119.127949][ T6080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.127979][ T6080] RSP: 002b:00007fbc94674038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  119.128014][ T6080] RAX: ffffffffffffffda RBX: 00007fbc939b6080 RCX: 00007fbc9378e929
[  119.128035][ T6080] RDX: 0000000004000000 RSI: 0000200000000140 RDI: 0000000000000003
[  119.128053][ T6080] RBP: 00007fbc94674090 R08: 0000000000000000 R09: 0000000000000000
[  119.128070][ T6080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  119.128087][ T6080] R13: 0000000000000000 R14: 00007fbc939b6080 R15: 00007ffd02f5b388
[  119.128126][ T6080]  </TASK>
[  120.446325][ T6094] FAULT_INJECTION: forcing a failure.
[  120.446325][ T6094] name failslab, interval 1, probability 0, space 0, times 0
[  120.470817][ T6094] CPU: 0 UID: 0 PID: 6094 Comm: syz.1.43 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[  120.470860][ T6094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  120.470878][ T6094] Call Trace:
[  120.470888][ T6094]  <TASK>
[  120.470900][ T6094]  dump_stack_lvl+0x16c/0x1f0
[  120.470956][ T6094]  should_fail_ex+0x512/0x640
[  120.471003][ T6094]  ? fs_reclaim_acquire+0xae/0x150
[  120.471041][ T6094]  ? tomoyo_encode2+0x100/0x3e0
[  120.471082][ T6094]  should_failslab+0xc2/0x120
[  120.471111][ T6094]  __kmalloc_noprof+0xd2/0x510
[  120.471158][ T6094]  ? d_absolute_path+0x136/0x1a0
[  120.471195][ T6094]  tomoyo_encode2+0x100/0x3e0
[  120.471245][ T6094]  tomoyo_encode+0x29/0x50
[  120.471286][ T6094]  tomoyo_realpath_from_path+0x18f/0x6e0
[  120.471342][ T6094]  tomoyo_path_number_perm+0x245/0x580
[  120.471392][ T6094]  ? tomoyo_path_number_perm+0x237/0x580
[  120.471434][ T6094]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  120.471475][ T6094]  ? find_held_lock+0x2b/0x80
[  120.471543][ T6094]  ? find_held_lock+0x2b/0x80
[  120.471573][ T6094]  ? hook_file_ioctl_common+0x145/0x410
[  120.471621][ T6094]  ? __fget_files+0x20e/0x3c0
[  120.471670][ T6094]  security_file_ioctl+0x9b/0x240
[  120.471712][ T6094]  __x64_sys_ioctl+0xb7/0x210
[  120.471750][ T6094]  do_syscall_64+0xcd/0x490
[  120.471784][ T6094]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.471816][ T6094] RIP: 0033:0x7fa196f8e929
[  120.471841][ T6094] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  120.471870][ T6094] RSP: 002b:00007fa197ddf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  120.471900][ T6094] RAX: ffffffffffffffda RBX: 00007fa1971b5fa0 RCX: 00007fa196f8e929
[  120.471920][ T6094] RDX: 0000000000000000 RSI: 0000000000001269 RDI: 0000000000000003
[  120.471937][ T6094] RBP: 00007fa197ddf090 R08: 0000000000000000 R09: 0000000000000000
[  120.471955][ T6094] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  120.471972][ T6094] R13: 0000000000000000 R14: 00007fa1971b5fa0 R15: 00007ffdf7a5daa8
[  120.472012][ T6094]  </TASK>
[  120.472074][ T6094] ERROR: Out of memory at tomoyo_realpath_from_path.
[  121.458108][ T6104] FAULT_INJECTION: forcing a failure.
[  121.458108][ T6104] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  121.516368][ T6104] CPU: 1 UID: 0 PID: 6104 Comm: syz.2.46 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[  121.516414][ T6104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  121.516432][ T6104] Call Trace:
[  121.516443][ T6104]  <TASK>
[  121.516455][ T6104]  dump_stack_lvl+0x16c/0x1f0
[  121.516510][ T6104]  should_fail_ex+0x512/0x640
[  121.516562][ T6104]  _copy_to_user+0x32/0xd0
[  121.516614][ T6104]  simple_read_from_buffer+0xcb/0x170
[  121.516657][ T6104]  proc_fail_nth_read+0x197/0x270
[  121.516695][ T6104]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  121.516734][ T6104]  ? rw_verify_area+0xcf/0x680
[  121.516772][ T6104]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  121.516808][ T6104]  vfs_read+0x1e1/0xc60
[  121.516857][ T6104]  ? __pfx___mutex_lock+0x10/0x10
[  121.516886][ T6104]  ? __pfx_vfs_read+0x10/0x10
[  121.516939][ T6104]  ? __fget_files+0x20e/0x3c0
[  121.516995][ T6104]  ksys_read+0x12a/0x250
[  121.517045][ T6104]  ? __pfx_ksys_read+0x10/0x10
[  121.517099][ T6104]  do_syscall_64+0xcd/0x490
[  121.517131][ T6104]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.517162][ T6104] RIP: 0033:0x7fc300f8d33c
[  121.517187][ T6104] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  121.517216][ T6104] RSP: 002b:00007fc2fedf6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  121.517245][ T6104] RAX: ffffffffffffffda RBX: 00007fc3011b5fa0 RCX: 00007fc300f8d33c
[  121.517265][ T6104] RDX: 000000000000000f RSI: 00007fc2fedf60a0 RDI: 0000000000000004
[  121.517284][ T6104] RBP: 00007fc2fedf6090 R08: 0000000000000000 R09: 0000000000000000
[  121.517303][ T6104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  121.517321][ T6104] R13: 0000000000000000 R14: 00007fc3011b5fa0 R15: 00007ffc417318f8
[  121.517362][ T6104]  </TASK>
[  121.981450][ T6106] =======================================================
[  121.981450][ T6106] WARNING: The mand mount option has been deprecated and
[  121.981450][ T6106]          and is ignored by this kernel. Remove the mand
[  121.981450][ T6106]          option from the mount to silence this warning.
[  121.981450][ T6106] =======================================================
[  122.941815][ T6117] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input5
[  123.064210][ T6117] capability: warning: `syz.2.50' uses 32-bit capabilities (legacy support in use)
[  124.413530][ T6141] netlink: 330 bytes leftover after parsing attributes in process `syz.0.56'.
[  124.451671][ T6141] : renamed from bond_slave_1 (while UP)
[  124.852916][ T6145] FAULT_INJECTION: forcing a failure.
[  124.852916][ T6145] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  124.867492][ T6145] CPU: 0 UID: 0 PID: 6145 Comm: syz.1.57 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[  124.867533][ T6145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  124.867550][ T6145] Call Trace:
[  124.867560][ T6145]  <TASK>
[  124.867570][ T6145]  dump_stack_lvl+0x16c/0x1f0
[  124.867622][ T6145]  should_fail_ex+0x512/0x640
[  124.867671][ T6145]  _copy_to_user+0x32/0xd0
[  124.867720][ T6145]  simple_read_from_buffer+0xcb/0x170
[  124.867770][ T6145]  proc_fail_nth_read+0x197/0x270
[  124.867805][ T6145]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  124.867842][ T6145]  ? rw_verify_area+0xcf/0x680
[  124.867878][ T6145]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  124.867912][ T6145]  vfs_read+0x1e1/0xc60
[  124.867957][ T6145]  ? __pfx___mutex_lock+0x10/0x10
[  124.867984][ T6145]  ? __pfx_vfs_read+0x10/0x10
[  124.868036][ T6145]  ? __fget_files+0x20e/0x3c0
[  124.868087][ T6145]  ksys_read+0x12a/0x250
[  124.868127][ T6145]  ? __pfx_ksys_read+0x10/0x10
[  124.868177][ T6145]  do_syscall_64+0xcd/0x490
[  124.868208][ T6145]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.868236][ T6145] RIP: 0033:0x7fa196f8d33c
[  124.868260][ T6145] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  124.868287][ T6145] RSP: 002b:00007fa197ddf030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  124.868314][ T6145] RAX: ffffffffffffffda RBX: 00007fa1971b5fa0 RCX: 00007fa196f8d33c
[  124.868333][ T6145] RDX: 000000000000000f RSI: 00007fa197ddf0a0 RDI: 0000000000000004
[  124.868350][ T6145] RBP: 00007fa197ddf090 R08: 0000000000000000 R09: 0000000000000000
[  124.868366][ T6145] R10: 0000000000000c01 R11: 0000000000000246 R12: 0000000000000001
[  124.868383][ T6145] R13: 0000000000000000 R14: 00007fa1971b5fa0 R15: 00007ffdf7a5daa8
[  124.868420][ T6145]  </TASK>
[  126.616750][ T6169] lo: entered allmulticast mode
[  126.808027][ T6173] FAULT_INJECTION: forcing a failure.
[  126.808027][ T6173] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  126.846543][ T6173] CPU: 1 UID: 0 PID: 6173 Comm: syz.0.64 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[  126.846586][ T6173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  126.846604][ T6173] Call Trace:
[  126.846613][ T6173]  <TASK>
[  126.846625][ T6173]  dump_stack_lvl+0x16c/0x1f0
[  126.846681][ T6173]  should_fail_ex+0x512/0x640
[  126.846733][ T6173]  _copy_from_user+0x2e/0xd0
[  126.846784][ T6173]  blkpg_do_ioctl+0xe1/0x430
[  126.846831][ T6173]  ? __pfx_blkpg_do_ioctl+0x10/0x10
[  126.846886][ T6173]  ? __might_fault+0xe3/0x190
[  126.846930][ T6173]  ? __might_fault+0xe3/0x190
[  126.846970][ T6173]  ? __might_fault+0x13b/0x190
[  126.847026][ T6173]  blkdev_ioctl+0x59e/0x6d0
[  126.847064][ T6173]  ? __pfx_blkdev_ioctl+0x10/0x10
[  126.847110][ T6173]  ? __pfx_blkdev_ioctl+0x10/0x10
[  126.847149][ T6173]  __x64_sys_ioctl+0x18e/0x210
[  126.847189][ T6173]  do_syscall_64+0xcd/0x490
[  126.847222][ T6173]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.847253][ T6173] RIP: 0033:0x7fbc9378e929
[  126.847278][ T6173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  126.847308][ T6173] RSP: 002b:00007fbc94695038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  126.847338][ T6173] RAX: ffffffffffffffda RBX: 00007fbc939b5fa0 RCX: 00007fbc9378e929
[  126.847358][ T6173] RDX: 0000000000000000 RSI: 0000000000001269 RDI: 0000000000000003
[  126.847376][ T6173] RBP: 00007fbc94695090 R08: 0000000000000000 R09: 0000000000000000
[  126.847394][ T6173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  126.847411][ T6173] R13: 0000000000000000 R14: 00007fbc939b5fa0 R15: 00007ffd02f5b388
[  126.847451][ T6173]  </TASK>
[  127.187232][ T6168] lo: left allmulticast mode
[  127.265863][ T6184] FAULT_INJECTION: forcing a failure.
[  127.265863][ T6184] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  127.283496][ T6184] CPU: 0 UID: 0 PID: 6184 Comm: syz.1.65 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[  127.283548][ T6184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  127.283566][ T6184] Call Trace:
[  127.283576][ T6184]  <TASK>
[  127.283588][ T6184]  dump_stack_lvl+0x16c/0x1f0
[  127.283646][ T6184]  should_fail_ex+0x512/0x640
[  127.283694][ T6184]  ? page_copy_sane+0xcd/0x2d0
[  127.283746][ T6184]  copy_folio_from_iter_atomic+0x375/0x1aa0
[  127.283800][ T6184]  ? __pfx_copy_folio_from_iter_atomic+0x10/0x10
[  127.283833][ T6184]  ? shmem_write_begin+0x176/0x300
[  127.283878][ T6184]  ? __pfx_fault_in_readable+0x10/0x10
[  127.283911][ T6184]  ? __pfx_shmem_write_begin+0x10/0x10
[  127.283961][ T6184]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1260
[  127.284009][ T6184]  generic_perform_write+0x22c/0x930
[  127.284070][ T6184]  ? __pfx_generic_perform_write+0x10/0x10
[  127.284118][ T6184]  ? inode_needs_update_time.part.0+0x191/0x270
[  127.284184][ T6184]  shmem_file_write_iter+0x10e/0x140
[  127.284219][ T6184]  vfs_write+0x6c4/0x1150
[  127.284267][ T6184]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  127.284302][ T6184]  ? __pfx___mutex_lock+0x10/0x10
[  127.284334][ T6184]  ? __pfx_vfs_write+0x10/0x10
[  127.284407][ T6184]  ksys_write+0x12a/0x250
[  127.284452][ T6184]  ? __pfx_ksys_write+0x10/0x10
[  127.284521][ T6184]  do_syscall_64+0xcd/0x490
[  127.284556][ T6184]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.284591][ T6184] RIP: 0033:0x7fa196f8e929
[  127.284618][ T6184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  127.284648][ T6184] RSP: 002b:00007fa197ddf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  127.284678][ T6184] RAX: ffffffffffffffda RBX: 00007fa1971b5fa0 RCX: 00007fa196f8e929
[  127.284699][ T6184] RDX: 000000000000b8c5 RSI: 0000200000000280 RDI: 0000000000000006
[  127.284719][ T6184] RBP: 00007fa197010b39 R08: 0000000000000000 R09: 0000000000000000
[  127.284737][ T6184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  127.284755][ T6184] R13: 0000000000000000 R14: 00007fa1971b5fa0 R15: 00007ffdf7a5daa8
[  127.284797][ T6184]  </TASK>
[  128.430487][ T6197] sp0: Synchronizing with TNC
[  129.081305][ T6207] netlink: 12 bytes leftover after parsing attributes in process `syz.2.72'.
[  129.355946][ T6210] netlink: 266 bytes leftover after parsing attributes in process `syz.2.73'.
[  129.370834][ T6210] IPv6: NLM_F_CREATE should be specified when creating new route
[  130.264336][ T5154] Bluetooth: hci0: Unable to find connection for big 0xd2
[  130.514067][ T6237] FAULT_INJECTION: forcing a failure.
[  130.514067][ T6237] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  130.635541][ T6237] CPU: 0 UID: 0 PID: 6237 Comm: syz.2.82 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[  130.635584][ T6237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  130.635602][ T6237] Call Trace:
[  130.635612][ T6237]  <TASK>
[  130.635624][ T6237]  dump_stack_lvl+0x16c/0x1f0
[  130.635679][ T6237]  should_fail_ex+0x512/0x640
[  130.635732][ T6237]  _copy_from_iter+0x29f/0x16f0
[  130.635788][ T6237]  ? __alloc_skb+0x200/0x380
[  130.635838][ T6237]  ? __pfx__copy_from_iter+0x10/0x10
[  130.635890][ T6237]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  130.635941][ T6237]  netlink_sendmsg+0x829/0xdd0
[  130.635984][ T6237]  ? __pfx_netlink_sendmsg+0x10/0x10
[  130.636038][ T6237]  ____sys_sendmsg+0xa98/0xc70
[  130.636079][ T6237]  ? copy_msghdr_from_user+0x10a/0x160
[  130.636132][ T6237]  ? __pfx_____sys_sendmsg+0x10/0x10
[  130.636190][ T6237]  ___sys_sendmsg+0x134/0x1d0
[  130.636242][ T6237]  ? __pfx____sys_sendmsg+0x10/0x10
[  130.636289][ T6237]  ? __lock_acquire+0x622/0x1c90
[  130.636382][ T6237]  __sys_sendmsg+0x16d/0x220
[  130.636413][ T6237]  ? __pfx___sys_sendmsg+0x10/0x10
[  130.636499][ T6237]  do_syscall_64+0xcd/0x490
[  130.636532][ T6237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.636567][ T6237] RIP: 0033:0x7fc300f8e929
[  130.636591][ T6237] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  130.636620][ T6237] RSP: 002b:00007fc2fedd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  130.636650][ T6237] RAX: ffffffffffffffda RBX: 00007fc3011b6080 RCX: 00007fc300f8e929
[  130.636670][ T6237] RDX: 0000000004000000 RSI: 0000200000000140 RDI: 0000000000000003
[  130.636688][ T6237] RBP: 00007fc2fedd5090 R08: 0000000000000000 R09: 0000000000000000
[  130.636706][ T6237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  130.636723][ T6237] R13: 0000000000000000 R14: 00007fc3011b6080 R15: 00007ffc417318f8
[  130.636762][ T6237]  </TASK>
[  131.051613][ T6242] FAULT_INJECTION: forcing a failure.
[  131.051613][ T6242] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  131.069302][ T6242] CPU: 0 UID: 0 PID: 6242 Comm: syz.2.84 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[  131.069345][ T6242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  131.069362][ T6242] Call Trace:
[  131.069372][ T6242]  <TASK>
[  131.069383][ T6242]  dump_stack_lvl+0x16c/0x1f0
[  131.069439][ T6242]  should_fail_ex+0x512/0x640
[  131.069492][ T6242]  _copy_to_user+0x32/0xd0
[  131.069546][ T6242]  simple_read_from_buffer+0xcb/0x170
[  131.069589][ T6242]  proc_fail_nth_read+0x197/0x270
[  131.069628][ T6242]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  131.069668][ T6242]  ? rw_verify_area+0xcf/0x680
[  131.069708][ T6242]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  131.069745][ T6242]  vfs_read+0x1e1/0xc60
[  131.069794][ T6242]  ? __pfx___mutex_lock+0x10/0x10
[  131.069825][ T6242]  ? __pfx_vfs_read+0x10/0x10
[  131.069880][ T6242]  ? __fget_files+0x20e/0x3c0
[  131.069935][ T6242]  ksys_read+0x12a/0x250
[  131.069979][ T6242]  ? __pfx_ksys_read+0x10/0x10
[  131.070025][ T6242]  ? fput+0x70/0xf0
[  131.070061][ T6242]  do_syscall_64+0xcd/0x490
[  131.070095][ T6242]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.070126][ T6242] RIP: 0033:0x7fc300f8d33c
[  131.070152][ T6242] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  131.070196][ T6242] RSP: 002b:00007fc2fedf6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  131.070225][ T6242] RAX: ffffffffffffffda RBX: 00007fc3011b5fa0 RCX: 00007fc300f8d33c
[  131.070245][ T6242] RDX: 000000000000000f RSI: 00007fc2fedf60a0 RDI: 0000000000000004
[  131.070262][ T6242] RBP: 00007fc2fedf6090 R08: 0000000000000000 R09: 0000000000000000
[  131.070279][ T6242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  131.070296][ T6242] R13: 0000000000000000 R14: 00007fc3011b5fa0 R15: 00007ffc417318f8
[  131.070336][ T6242]  </TASK>
[  132.118253][ T6258] Format for deleting device is "id" (uint).
[  135.894340][ T6322] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6
[  135.938242][ T6323] FAULT_INJECTION: forcing a failure.
[  135.938242][ T6323] name failslab, interval 1, probability 0, space 0, times 0
[  136.070960][ T6323] CPU: 0 UID: 0 PID: 6323 Comm: syz.1.100 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[  136.071004][ T6323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  136.071022][ T6323] Call Trace:
[  136.071032][ T6323]  <TASK>
[  136.071044][ T6323]  dump_stack_lvl+0x16c/0x1f0
[  136.071099][ T6323]  should_fail_ex+0x512/0x640
[  136.071152][ T6323]  should_failslab+0xc2/0x120
[  136.071182][ T6323]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  136.071232][ T6323]  ? skb_clone+0x190/0x3f0
[  136.071273][ T6323]  skb_clone+0x190/0x3f0
[  136.071304][ T6323]  netlink_deliver_tap+0xabd/0xd30
[  136.071354][ T6323]  netlink_unicast+0x5df/0x7f0
[  136.071397][ T6323]  ? __pfx_netlink_unicast+0x10/0x10
[  136.071446][ T6323]  netlink_sendmsg+0x8d1/0xdd0
[  136.071492][ T6323]  ? __pfx_netlink_sendmsg+0x10/0x10
[  136.071545][ T6323]  ____sys_sendmsg+0xa98/0xc70
[  136.071585][ T6323]  ? copy_msghdr_from_user+0x10a/0x160
[  136.071635][ T6323]  ? __pfx_____sys_sendmsg+0x10/0x10
[  136.071696][ T6323]  ___sys_sendmsg+0x134/0x1d0
[  136.071756][ T6323]  ? __pfx____sys_sendmsg+0x10/0x10
[  136.071802][ T6323]  ? __lock_acquire+0x622/0x1c90
[  136.071896][ T6323]  __sys_sendmsg+0x16d/0x220
[  136.071927][ T6323]  ? __pfx___sys_sendmsg+0x10/0x10
[  136.072016][ T6323]  do_syscall_64+0xcd/0x490
[  136.072049][ T6323]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.072081][ T6323] RIP: 0033:0x7fa196f8e929
[  136.072105][ T6323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  136.072132][ T6323] RSP: 002b:00007fa197dbe038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  136.072161][ T6323] RAX: ffffffffffffffda RBX: 00007fa1971b6080 RCX: 00007fa196f8e929
[  136.072180][ T6323] RDX: 0000000004000000 RSI: 0000200000000140 RDI: 0000000000000003
[  136.072198][ T6323] RBP: 00007fa197dbe090 R08: 0000000000000000 R09: 0000000000000000
[  136.072215][ T6323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  136.072232][ T6323] R13: 0000000000000000 R14: 00007fa1971b6080 R15: 00007ffdf7a5daa8
[  136.072271][ T6323]  </TASK>
[  136.288618][    C0] vkms_vblank_simulate: vblank timer overrun
[  138.116391][ T6336] FAULT_INJECTION: forcing a failure.
[  138.116391][ T6336] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  138.153514][ T6336] CPU: 0 UID: 0 PID: 6336 Comm: syz.3.105 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[  138.153563][ T6336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  138.153590][ T6336] Call Trace:
[  138.153601][ T6336]  <TASK>
[  138.153614][ T6336]  dump_stack_lvl+0x16c/0x1f0
[  138.153672][ T6336]  should_fail_ex+0x512/0x640
[  138.153727][ T6336]  should_fail_alloc_page+0xe7/0x130
[  138.153760][ T6336]  prepare_alloc_pages+0x3c2/0x610
[  138.153805][ T6336]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  138.153853][ T6336]  ? copy_splice_read+0x1a8/0xba0
[  138.153891][ T6336]  ? stack_trace_save+0x8e/0xc0
[  138.153926][ T6336]  ? __pfx_stack_trace_save+0x10/0x10
[  138.153959][ T6336]  ? stack_depot_save_flags+0x28/0xa40
[  138.154017][ T6336]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  138.154064][ T6336]  ? kasan_save_stack+0x33/0x60
[  138.154112][ T6336]  ? __kasan_kmalloc+0xaa/0xb0
[  138.154154][ T6336]  ? copy_splice_read+0x1a8/0xba0
[  138.154190][ T6336]  ? do_splice_read+0x282/0x370
[  138.154224][ T6336]  ? splice_direct_to_actor+0x2a1/0xa30
[  138.154261][ T6336]  ? do_splice_direct+0x174/0x240
[  138.154298][ T6336]  ? do_sendfile+0xb06/0xe50
[  138.154338][ T6336]  ? __x64_sys_sendfile64+0x1d8/0x220
[  138.154365][ T6336]  ? do_syscall_64+0xcd/0x490
[  138.154421][ T6336]  alloc_pages_bulk_noprof+0x71c/0x1410
[  138.154485][ T6336]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  138.154543][ T6336]  ? trace_kmalloc+0x2b/0xd0
[  138.154572][ T6336]  ? __kmalloc_noprof+0x242/0x510
[  138.154641][ T6336]  copy_splice_read+0x1e1/0xba0
[  138.154682][ T6336]  ? __pfx_pipe_to_null+0x10/0x10
[  138.154718][ T6336]  ? __pfx_copy_splice_read+0x10/0x10
[  138.154756][ T6336]  ? pipe_unlock+0x4a/0x70
[  138.154803][ T6336]  ? __pfx_splice_from_pipe+0x10/0x10
[  138.154857][ T6336]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[  138.154904][ T6336]  ? __pfx_copy_splice_read+0x10/0x10
[  138.154941][ T6336]  do_splice_read+0x282/0x370
[  138.154985][ T6336]  splice_direct_to_actor+0x2a1/0xa30
[  138.155027][ T6336]  ? __pfx_direct_splice_actor+0x10/0x10
[  138.155078][ T6336]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  138.155130][ T6336]  do_splice_direct+0x174/0x240
[  138.155173][ T6336]  ? __pfx_do_splice_direct+0x10/0x10
[  138.155216][ T6336]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  138.155259][ T6336]  ? bpf_lsm_file_permission+0x9/0x10
[  138.155293][ T6336]  ? security_file_permission+0x71/0x210
[  138.155336][ T6336]  ? rw_verify_area+0xcf/0x680
[  138.155380][ T6336]  do_sendfile+0xb06/0xe50
[  138.155431][ T6336]  ? __pfx_do_sendfile+0x10/0x10
[  138.155482][ T6336]  ? __x64_sys_futex+0x1e0/0x4c0
[  138.155521][ T6336]  ? __x64_sys_futex+0x1e9/0x4c0
[  138.155564][ T6336]  __x64_sys_sendfile64+0x1d8/0x220
[  138.155608][ T6336]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  138.155678][ T6336]  do_syscall_64+0xcd/0x490
[  138.155711][ T6336]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.155744][ T6336] RIP: 0033:0x7fbff718e929
[  138.155770][ T6336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.155801][ T6336] RSP: 002b:00007fbff8057038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  138.155831][ T6336] RAX: ffffffffffffffda RBX: 00007fbff73b5fa0 RCX: 00007fbff718e929
[  138.155852][ T6336] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000007
[  138.155869][ T6336] RBP: 00007fbff7210b39 R08: 0000000000000000 R09: 0000000000000000
[  138.155887][ T6336] R10: 0010000800000003 R11: 0000000000000246 R12: 0000000000000000
[  138.155905][ T6336] R13: 0000000000000000 R14: 00007fbff73b5fa0 R15: 00007fff5e092bd8
[  138.155946][ T6336]  </TASK>
[  138.513438][    C0] vkms_vblank_simulate: vblank timer overrun
[  139.479039][ T5154] ==================================================================
[  139.487191][ T5154] BUG: KASAN: vmalloc-out-of-bounds in hci_devcd_dump+0x142/0x240
[  139.495061][ T5154] Read of size 140 at addr ffffc90005319000 by task kworker/u9:1/5154
[  139.503265][ T5154] 
[  139.505648][ T5154] CPU: 1 UID: 0 PID: 5154 Comm: kworker/u9:1 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[  139.505687][ T5154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  139.505715][ T5154] Workqueue: hci0 hci_devcd_timeout
[  139.505762][ T5154] Call Trace:
[  139.505774][ T5154]  <TASK>
[  139.505787][ T5154]  dump_stack_lvl+0x116/0x1f0
[  139.505838][ T5154]  print_report+0xcd/0x680
[  139.505885][ T5154]  ? __virt_addr_valid+0x81/0x610
[  139.505921][ T5154]  ? hci_devcd_dump+0x142/0x240
[  139.505963][ T5154]  kasan_report+0xe0/0x110
[  139.506014][ T5154]  ? hci_devcd_dump+0x142/0x240
[  139.506064][ T5154]  kasan_check_range+0x100/0x1b0
[  139.506099][ T5154]  __asan_memcpy+0x23/0x60
[  139.506140][ T5154]  hci_devcd_dump+0x142/0x240
[  139.506185][ T5154]  hci_devcd_timeout+0xb5/0x2e0
[  139.506228][ T5154]  ? rcu_is_watching+0x12/0xc0
[  139.506263][ T5154]  process_one_work+0x9cf/0x1b70
[  139.506320][ T5154]  ? __pfx_process_one_work+0x10/0x10
[  139.506374][ T5154]  ? assign_work+0x1a0/0x250
[  139.506419][ T5154]  worker_thread+0x6c8/0xf10
[  139.506471][ T5154]  ? __kthread_parkme+0x19e/0x250
[  139.506509][ T5154]  ? __pfx_worker_thread+0x10/0x10
[  139.506555][ T5154]  kthread+0x3c2/0x780
[  139.506598][ T5154]  ? __pfx_kthread+0x10/0x10
[  139.506641][ T5154]  ? rcu_is_watching+0x12/0xc0
[  139.506672][ T5154]  ? __pfx_kthread+0x10/0x10
[  139.506728][ T5154]  ret_from_fork+0x5d4/0x6f0
[  139.506771][ T5154]  ? __pfx_kthread+0x10/0x10
[  139.506816][ T5154]  ret_from_fork_asm+0x1a/0x30
[  139.506858][ T5154]  </TASK>
[  139.506868][ T5154] 
[  139.659400][ T5154] The buggy address ffffc90005319000 belongs to a vmalloc virtual mapping
[  139.667930][ T5154] Memory state around the buggy address:
[  139.673608][ T5154]  ffffc90005318f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  139.681699][ T5154]  ffffc90005318f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  139.689783][ T5154] >ffffc90005319000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  139.697865][ T5154]                    ^
[  139.701949][ T5154]  ffffc90005319080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  139.710035][ T5154]  ffffc90005319100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  139.718112][ T5154] ==================================================================
[  139.731323][ T5154] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  139.738592][ T5154] CPU: 1 UID: 0 PID: 5154 Comm: kworker/u9:1 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[  139.750805][ T5154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  139.760895][ T5154] Workqueue: hci0 hci_devcd_timeout
[  139.766147][ T5154] Call Trace:
[  139.769457][ T5154]  <TASK>
[  139.772420][ T5154]  dump_stack_lvl+0x3d/0x1f0
[  139.777062][ T5154]  panic+0x71c/0x800
[  139.780997][ T5154]  ? __pfx_panic+0x10/0x10
[  139.785449][ T5154]  ? mark_held_locks+0x49/0x80
[  139.790257][ T5154]  ? preempt_schedule_thunk+0x16/0x30
[  139.795669][ T5154]  ? hci_devcd_dump+0x142/0x240
[  139.800566][ T5154]  ? preempt_schedule_common+0x44/0xc0
[  139.806069][ T5154]  ? check_panic_on_warn+0x1f/0xb0
[  139.811220][ T5154]  ? hci_devcd_dump+0x142/0x240
[  139.816109][ T5154]  check_panic_on_warn+0xab/0xb0
[  139.821088][ T5154]  end_report+0x107/0x170
[  139.825461][ T5154]  kasan_report+0xee/0x110
[  139.829920][ T5154]  ? hci_devcd_dump+0x142/0x240
[  139.834815][ T5154]  kasan_check_range+0x100/0x1b0
[  139.839786][ T5154]  __asan_memcpy+0x23/0x60
[  139.844240][ T5154]  hci_devcd_dump+0x142/0x240
[  139.848960][ T5154]  hci_devcd_timeout+0xb5/0x2e0
[  139.853854][ T5154]  ? rcu_is_watching+0x12/0xc0
[  139.858663][ T5154]  process_one_work+0x9cf/0x1b70
[  139.863656][ T5154]  ? __pfx_process_one_work+0x10/0x10
[  139.869081][ T5154]  ? assign_work+0x1a0/0x250
[  139.873718][ T5154]  worker_thread+0x6c8/0xf10
[  139.878448][ T5154]  ? __kthread_parkme+0x19e/0x250
[  139.883510][ T5154]  ? __pfx_worker_thread+0x10/0x10
[  139.888704][ T5154]  kthread+0x3c2/0x780
[  139.892816][ T5154]  ? __pfx_kthread+0x10/0x10
[  139.897453][ T5154]  ? rcu_is_watching+0x12/0xc0
[  139.902252][ T5154]  ? __pfx_kthread+0x10/0x10
[  139.906883][ T5154]  ret_from_fork+0x5d4/0x6f0
[  139.911519][ T5154]  ? __pfx_kthread+0x10/0x10
[  139.916149][ T5154]  ret_from_fork_asm+0x1a/0x30
[  139.920966][ T5154]  </TASK>
[  139.924267][ T5154] Kernel Offset: disabled
[  139.928621][ T5154] Rebooting in 86400 seconds..