last executing test programs:

11m25.267210782s ago: executing program 0 (id=7953):
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
ioctl$auto(r0, 0x5607, 0x7)
inotify_add_watch$auto(r0, 0x0, 0x9)

11m24.680530988s ago: executing program 0 (id=7957):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24040004}, 0x800)
openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/loginuid\x00', 0x309c02, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/irq/9/smp_affinity\x00', 0x129542, 0x0)
read$auto(0x3, 0x0, 0x7)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0xc)

11m24.222689723s ago: executing program 0 (id=7963):
close_range$auto(0x2, 0x8, 0x0)
r0 = socket(0xa, 0x3, 0x3a)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x6, 0x0)
socket(0xa, 0x2, 0x73)
getsockopt$auto(r0, 0x29, 0xcf, 0x0, 0x0)

11m24.06746246s ago: executing program 0 (id=7973):
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x3, 0x6)
lsm_list_modules$auto(0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0)
mkdir$auto(0x0, 0x353)

11m23.675858279s ago: executing program 0 (id=7968):
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
mmap$auto(0x0, 0xdb33, 0xe2, 0xeb1, 0x405, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/loginuid\x00', 0x109000, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
ioctl$auto(0x3, 0x400454ca, 0x38)
write$auto(r0, 0x0, 0x81)

11m23.218122004s ago: executing program 0 (id=7970):
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
epoll_create$auto(0x4)
mprotect$auto(0x0, 0x3ff, 0x6)
r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video17\x00', 0x80800, 0x0)
read$auto_v4l2_fops_v4l2_dev(r0, &(0x7f00000001c0)=""/191, 0x234)
r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video15\x00', 0x180, 0x0)
read$auto_v4l2_fops_v4l2_dev(r1, &(0x7f0000000000)=""/188, 0xbc)
close_range$auto(0x2, 0x8, 0x0)

11m22.828310715s ago: executing program 32 (id=7970):
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
epoll_create$auto(0x4)
mprotect$auto(0x0, 0x3ff, 0x6)
r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video17\x00', 0x80800, 0x0)
read$auto_v4l2_fops_v4l2_dev(r0, &(0x7f00000001c0)=""/191, 0x234)
r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video15\x00', 0x180, 0x0)
read$auto_v4l2_fops_v4l2_dev(r1, &(0x7f0000000000)=""/188, 0xbc)
close_range$auto(0x2, 0x8, 0x0)

10m24.664572296s ago: executing program 2 (id=8540):
close_range$auto(0x2, 0x8000, 0x0)
socket(0x2, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_CREATE_VM(r0, 0x4400ae8f, 0x0)

10m24.579687546s ago: executing program 2 (id=8542):
ioctl$auto_FIONREAD(0xffffffffffffffff, 0x541b, 0xfffffffffffffff9)
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100)
r0 = open(&(0x7f0000000080)='./file0\x00', 0xeee00, 0x31)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
bpf$auto(0x12, 0x0, 0x26)
write$auto(0x3, 0x0, 0x100082)
lseek$auto(r0, 0x7fffffffffffffff, 0x3)
truncate$auto(&(0x7f0000000040)='./file0\x00', 0x0)
openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0xc0a82, 0x0)

10m24.208029901s ago: executing program 2 (id=8544):
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [{0x580, 0x400, 0x2}]})

10m24.033377296s ago: executing program 2 (id=8545):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
unshare$auto(0x8000000)
r3 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$auto_IOAM6_CMD_ADD_SCHEMA(r2, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000100)={0x20, r3, 0x1, 0x70bd2a, 0x25dfdbfb, {0x4, 0x0, 0x900}, [@IOAM6_ATTR_SC_DATA={0x4}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0x9}]}, 0x20}, 0x1, 0x3000700, 0x0, 0x1}, 0x8054)
sendmsg$auto_IOAM6_CMD_ADD_SCHEMA(r1, &(0x7f0000000900)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000040)={&(0x7f0000000180)={0x770, r3, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@IOAM6_ATTR_SC_ID={0x8}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0x8}, @IOAM6_ATTR_SC_DATA={0xd2, 0x5, "0928378929f82cd94d6305225d79de91e7565a148e511c71cf83cf4370251b1ee4055d0eb81230c78d33fb2f8b6ec04cda4d56d8f3fe3c7526b90f0b0eefa2e456592953c7a4c6e5a0de089c9206947051343fb86e33606edd0ce8a7e82f66c4a65b205a553fc92822430374a54ebcda2ffdef119fde33a1fd8574c4073d3888ec706abb449616ead0931e2819d6fd12fd1cb69bf88e3b8faaa20e8e025e2bfd7f226f131913375b6b8c7d768bfd48eec52dfdd3ba5650e2e25ef4eee19c62d5a40a8afb7af51e9d419d245072fc"}, @IOAM6_ATTR_SC_DATA={0x26, 0x5, "858236b48aff23aecefb8e10534c3dc734861c7a9f199c262d58d9eda193700706fe"}, @IOAM6_ATTR_SC_DATA={0x361, 0x5, "8479b473fceeb4e7ac59025163c54c91ff7eb978ec1b70cad3eaad989b8e9e29479afef0673736eb4e9fca593b41dc5db2a290851fb7a0be7a6d392376a6fc8113abf06bff971dbe8cc76e3251a0841827f9378d866288fa08d2387d43b4554976235e2fafdab6e8cf98c64c1ebb6e01ca58f193727215ad82ceab5c1bd1266860d2a4e92d6084359a21f17caab6bddc074e57759c938a21dee1a7b0d70abff32778d5296eccf02cdb208cfb67684af28da02d3b8691ae91dbecc347103b397a1f7aec20d799c1f6b4b8c7ce7e50b73985ac77d4bb082959bb01d927b2cac524957f4a408931b10df09266c4b6c6330bd7bc3fd22d431a235ad59691c1645d9ac7416fca43f315df4fd90fba0bcab9d4d10d4ac0a4b568040050c52122a3706cd18ce93022b67f153de75b74ef3928b312eb1bb98b0caf68516f5817ca04e063f8f4f13f5b084f51205ec94cf80dadcfd33bfb2bc85a50ed73919f5e2a57f2a66431216f17af5bb5d455363da0a02e33db5d7ab9433d2cd3599f1b95908fe18a1faf5e4fa12b8446750f02a68ba73fe7b53b1ffac1215ec1abc0da0187b8a560c15ea780c8633751077fbfb04c6a11546379ad14e1dcff519ab82d74a35098b0b633fc4e95dcd078b9fd2fc6bcb589f5544f77dc327677f497b23e3c92868eefc2711ce290009e40448c95f850cca0c337939c01dc82bfed9d9b357553b8255f0957deaee54756527fc66114084c62a5898d6f6d9efd4a65c2313704a9ed671ca97618d5bc1eab87a142eee972949ff84076b81dc5283b014cf1715a979d072342233f67f652413584cc0f71b3f032383ce59585b0620f4ee895945e447c5d324888aef71a7d42fc4776e3022477e8f1241da90e8a877a2e9f82eed1cc3eca76ced94de2f07a287a7324f956d66dec932db0347d0741e9ffb4ae33794c87285392a5a61f92dfe0ea8819f32ba10cd0cc5af9ec2ee3515d40233ffd0364a2b48778c2a85def98c5cfe960054b3012516209a7c76fc1ab8a5347655a4b98e21eeac8f838a53cb6ab1215892ee8f25063953e1ae7b8751b217d21eb3c6c0210bfc73c0cbc0acdcdae9a0d29979ddd9daab2003792653f94d8323f420d724f41c6821f75ae46065ff4ff1e8affb6556027ecc9214ad4dde67866887a6aa0b338b935788bb7414e77362c94b2b52721cba8dfdf81f66caa11759b0b1b5dd0d5"}, @IOAM6_ATTR_SC_ID={0x8}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0x1}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0x5}, @IOAM6_ATTR_SC_DATA={0x2d1, 0x5, "a695e4b97e0e4eccc4099db715faf6de0af4f1dd61e992d9efa0e27aeacb3bc35bb7d0e5871ff08f8657930a5e7dfb2b87fa57fc8e8dd06e7ae2cd547c28771e8393b235fd7c6803dd3e073296597d9da492d58fe5f37bec9a1b6b1e6e05f596da119d711167f7699a46f2ff63490be6f3d7c9d325e8f3fac69b7856d2f08bb5a198b024f4e69ab01bad6c29fde19b88d714642340ea219ee7cd1e48533a9d3aed754e60e6fd852842100c92306f09c928d9371ad19752e0bd7d548cb15cc6923ce350e95ee503dad57c26bcf31d73ba6c54fbf0c8148c94c30e64d3c7ca2808e0462bb237be30dbb40164f4616c2f651d38b51486ea194ed6c32c048f5ffcf88e901bfaa559670572570a22863bf50a9a458d2430362c13f5000be9a887558d7b12183300a051892b31d56746f93ceeb38ef00dca1da4a1f195a57c9ff3dc3fa7e42c9f853d85eaebbddf14ca5f2b9c956b85d752a78af28b576ca6b4842b49db6e08a46933d56c66c396de43675bcc03c7a4cb2246e5feab8445a6ae96c2586e1b2b5c78cb0885d9a786016fc61c2cc172650b1de0147e0179ed8f68fae5ff2a8b9cdde5e9471037ac9c08a85986ce4d3fd85808ad6c46d3cc6353f78abaa1ac46c3ff130a3c8f9768906a16df45b8e29f798e03459e78f5f6f948a82f8a75ca2c1b38fd851f5a6171a971fc5e6705a58af82ce9ca246f708d33a3376fde7ea7e4bad58935301fadcac24a8e8f155259b57ce41bf02d44ebeabe929df0dba942537a06afe7787b8a2b2ca09b5daf775924f2f8b5f60dfc9ba1cce082a3ca12fe3f886bb97bf51d6733f3cd74ef93053ef8136d32ce90316d6d002c206265d131792404e5a1744ffc280e82a1aa63363ecd4b698dfc0cc50c493d80a97e2bb784d4ac2cea12d66b553e8ea424a9c14953c518baea493a8268a6fb0229e7e49fc073a7638785e3f2bc08ac84e9e5978992001a81d061d5e22ca3cb0b0d9eef61dfeab0eabf0016078dc5cbc69d"}]}, 0x770}, 0x1, 0x0, 0x0, 0x44}, 0x4000)
r4 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_NL802154_CMD_GET_SEC_KEY(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r4, 0x2474a7d9180cffa3, 0x70bd2d, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x40040}, 0x40c0)

10m23.798437143s ago: executing program 2 (id=8549):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket(0x2, 0x3, 0x6)
lsm_list_modules$auto(0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e)
ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0)
rename$auto(&(0x7f0000000480)='./file0\x00', 0x0)

10m23.648937134s ago: executing program 2 (id=8551):
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f00000000c0)={0x2, 0x0, [{0x561, 0xfffffe01, 0x35}]})

10m8.427475855s ago: executing program 33 (id=8551):
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f00000000c0)={0x2, 0x0, [{0x561, 0xfffffe01, 0x35}]})

5.146765698s ago: executing program 1 (id=11967):
mmap$auto(0x0, 0x20009, 0xdb, 0xeb1, 0x401, 0x2000000000008000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0xa, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x1, 0x0)
userfaultfd$auto(0x1)
r1 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
socket(0xa, 0x801, 0x84)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1, 0x1, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x801, 0x84)
socket(0x2, 0x801, 0x106)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
socket(0xa, 0x2, 0x3a)
io_uring_setup$auto(0x6, 0x0)
r2 = socket(0xa, 0x2, 0x88)
bpf$auto(0x0, &(0x7f0000000440)=@link_update={r2, @new_map_fd=r1, 0x4, @old_map_fd=r0}, 0xa3)

5.04439469s ago: executing program 5 (id=11968):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001d00), r0)
mmap$auto(0x0, 0x20006, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
r2 = socket(0x2b, 0x1, 0x0)
sendmsg$auto_NLBL_CIPSOV4_C_REMOVE(r2, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x2404c040)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r2)
sendmsg$auto_NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="417ab73a0f98156e6d82da779ea1c63a4dd706cd41e38a9c44e01d213c1889288fb9d90186b215653fe27be5fa51e4d38acefb053a0ef6850466cfb5b5e2b155c948a83c350288ecf998f4588bb7f5baab14a319dd804065572b7bf7c4ad9bc7dd7bbabd63023ee4f3782c02d0779513f4d933d700001e35167d90a85907c2e895d45cce840ca1ed857901b8faf76485d391e42c91f74a1068dd82455fffac9684c6334abf163710f8199d1d35bba82b9cdf6b33d3bfc0bf71e9cc04690f5b490ba421", @ANYRES16=r3, @ANYBLOB="00042dbd7000ffdbdf253700000008005d000500000006004f01030000003700fc00159a461023e956ea812d8944cae8d3633bab7be64087d551243817b4fd37cfc71a252edbacd9b84ecb0069f167699ee9f833f900"], 0x5c}, 0x1, 0x0, 0x0, 0xc114}, 0x14044094)
r4 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000600), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_IOAM6_CMD_DEL_NAMESPACE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x1c, r4, 0x9, 0x70bd2c, 0x25dfdbfb, {}, [@IOAM6_ATTR_NS_ID={0x6, 0x1, 0x8001}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x808)
sendmsg$auto_IOAM6_CMD_ADD_SCHEMA(r2, &(0x7f0000000a00)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f0000000380)={0x67c, r4, 0x100, 0x70bd2a, 0x25dfdbfb, {}, [@IOAM6_ATTR_SC_ID={0x8, 0x4, 0x5}, @IOAM6_ATTR_SC_DATA={0x6a, 0x5, "fe51e74221f195f0ee3f0282006d96b7f4705382b4a01722e53a30dfdc15ed87faf49561a27a1a70272b77253d68c00ac8300eab0d4f8b005529ddb33cb5c54ca8a526706b62fc36285e20dc8d25f1178259c634164208c601c562721b06e79511004528debb"}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0xfffffffc}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0xa}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0x21}, @IOAM6_ATTR_SC_DATA={0x2cb, 0x5, "ee820347b0ac66213686c751161fd162a1c8bc37817c12e282c32656a5aca33875ff2f9a155de53b3474e711c0f38d8b9911fd0f33978be004ec2fec9982c43ba7879489959f3a40b6a42634cc101c3c0847d048e883386de80e048e52db487847e874a7e7d755bad059f58341ad099cb970a6bcf4e790289f2c1ad715e1240d5ef59f6fe9768603338bbb9576bb17b43a61d1b8f03e516472919100c76128884137cd2da4410307f8587ca3b0550fa5e761e45d8cfdf709587b66bd59c192d4b4ec82b6758d68866cfc05da07a610e3e2860edc9e6c8bac535c09a0b7bbd7967b5bdb63444143c4d6d2213e6a65fe30934f567d209788af9db4cac7ef6a05ae6d23e80aad2efb6ddbf15e26d90f9a38c1778a85482282c241d7072b3c41c17fe4d178d93331020996cbb6d3ea76edaae5f7659b70adf2378c503c72439123c1c6728bd3018760a63e04388a5f3e654a360cd0b70617119d251a66204fbf38bdf3499d82b37ac914cacf9fb5113096b566354fc7b654feeb2231420c1fa9dd6968770afb03335ffb466bc95198f957585b6bfffd827ed98642eb706dc8405c421c81d04a85fed2a8d21cb4f6b92a78de69fb6192ac521c842fa7dc33c475859954a839e4615562d1a0db9d5715e278f90be35499b674df50c98dee9bcaf6e61266e3f4a49392ddde2e07fc21c29df607765871c8ea3f36d826794c3caf92907556d0b71687e8c7965aaa0455c84593e362aad9ad5756d321dd46545a5d026dbb144f9c7c9cca7b49f6571a0ff13e0624f2ffd85f6e453248327487f2cbe0d2cb4167b0290b66695bc248fe8ab8515f499ea9e661f4ee2c51e98ed8551755c654cc3a5480646c384723ec6b7d402022d985b0811efec65c4cd7f1254561b4680bb496d065259b90336009430300ad35767a65873d938e1363e8765863d35d35fee0eff5949dbdbf8f2a691f3c7de47d6589edcab9cebd6bbab7d7aa06d201a2bfc7dda2496a010c"}, @IOAM6_ATTR_SC_DATA={0x306, 0x5, "113e0afa652dccf27e01febab3b33939f0d7eeaa523d103c7812db85226456e2aa2074389ce5e2e4f74f70bf08c382eb25373f4485150aed462e31a31dfc91bf3778d73a2e44147ef22012c0675e165b1948cfe4604f3bbfdd3f1ee2215c006de64f41222b3ae82777cfa500f8d1cbc9d4827fcd621ca1b20a091a54b3f158c910661b97e5d0c0941506108d10edf4bd00cd6d86b3948fef5b074247b5b264b18e88cb57c09ca2e72f7a1f2a18a8be01a006abfe89b55001d0f3188dc40fbb4e5f4e031a31401218d31c839c7c8695236ffbe9063988c5f43451682001b7a238a76b0ab0a7fbacae5ae4aa908a6ffcb5a170af276f7d3397d23589578cbc3669b708f516a5589d68ed2e1e20314ac7be3779b515f668602bedc56dc70c4bac90924b42eea8d5bbe9c2bbfe4cf2eba5b325c7a2458221e3b58dca6b24b6c2edfbc98f32a1d63167267175d60dd7e17116588b21101f9099775092fbb0187d408f54242b247d17c41a10a6cd0c7eeb52e6804c3336c7bfcdc606a5d7a221ba6fc1d14bdaf1964c5bd78b318366906284e83f6637d3ad6cb9882a70b114e3d83288a1637747340aea6311384e97a113b4d16da2d767d35d671e3025d1393a09e6c5269205845df8fb834903679f8090ef8e1aa0b6b3433da77c739665812634d8f46d0da4cf682d76f1451de04076180d688c74a65e310b67e5f57dd1160eca901e8f272130466e438fe4a926af9ced719f746c9fc67ccaf42d9c4d38612331f7fd35b2df3c5389f6748fd53bc52adfa8e18e723a378245927b79ed241e886fcf2218afb56cfe51df4e6f44a1162a88c490ba906cd5ea403374124f9a022cb8b083556386863eeb8217794e4dae6352b6306643ce7e628d543c2dec2cef71d4cefd07f584cf1baaa3c4157665df66a4a595f9108f5f06a03aa106bcd4a0632221bb6117a16517c1ebaba93d301972fa344cd07147d8966fcac7a32f1b6ff3a2809a21aec503a2bc85dfeed626c90b05d3bb47a65f68a0ffaa058d63571a91d85900f435379b8404d1bd828423756f1bf2d8c2da935863f71dd1f8876496f3daca9bf058"}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0x2}]}, 0x67c}, 0x1, 0x0, 0x0, 0x4000}, 0x80)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
connect$auto(0x3, 0x0, 0x55)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x6, 0x19, 0x0, 0x4)
select$auto(0x4, 0x0, &(0x7f0000000080)={[0x209c, 0xe9e, 0x1, 0xd, 0x250, 0x100000001, 0x3, 0x2017d, 0x4, 0x40, 0xd, 0xd59, 0xfb, 0xff, 0x21, 0x100000001]}, 0x0, 0x0)
sendmsg$auto_ETHTOOL_MSG_RINGS_SET(r0, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010027bd700002dcdf251000000018000180140002006e657464657673696d30000000000000080011000e08"], 0x34}, 0x1, 0x0, 0x0, 0x90}, 0x80014)

4.841646444s ago: executing program 1 (id=11969):
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x37}}, 0x6e)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
r1 = socket(0x2, 0x1, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x28)
getsockopt$auto(r1, 0x0, 0x4, 0x0, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
unshare$auto(0x40000080)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
write$auto(0xffffffffffffffff, 0x0, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
close_range$auto(0x2, 0xa, 0x0)

4.79285891s ago: executing program 3 (id=11970):
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
ioctl$auto_TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x62c00, 0x0)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x101001, 0x0)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x2200, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x4, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0)
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
connect$auto(0x3, 0x0, 0x10)
unshare$auto(0x40000080)
r0 = socket(0xa, 0x2, 0x73)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002dbd7000f9dbdf250100000008000a0008000000050007003b000000080009009c781e01060002000100000008001700", @ANYRES32=r0], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x48080)
close_range$auto(0x2, 0x8, 0x0)

4.686670214s ago: executing program 5 (id=11972):
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x129800, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = openat$auto_full_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x103700, 0x0)
read$auto(r1, 0x0, 0x4000000081)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x37}}, 0x6e)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
syz_genetlink_get_family_id$auto_nl80211(0x0, r0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x8)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
sendto$auto(0x3, 0x0, 0x100000000, 0x8, 0x0, 0x1c)

4.156495158s ago: executing program 4 (id=11973):
socket(0x10, 0x2, 0x0)
openat$auto_proc_coredump_filter_operations_base(0xffffffffffffff9c, 0x0, 0x1cbec0, 0x0)
socket(0x28, 0x1, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
capset$auto(0x0, 0xfffffffffffffffe)
set_mempolicy$auto(0x3, 0x0, 0x9)
mmap$auto(0x0, 0x3, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
msgctl$auto_MSG_STAT_ANY(0x0, 0xd, &(0x7f00000000c0)={{0x4, 0xffffffffffffffff, 0x0, 0x7, 0x3, 0x8, 0x7}, 0x0, 0x0, 0x4, 0x3, 0x7fffffffffffffff, 0x2000, 0x5, 0x7fff, 0x2, 0x4})
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x2, 0x0)
r0 = socket(0x2, 0x3, 0x9)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
open(0x0, 0xa22c0, 0x155)
r1 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r1, 0x107, 0xf, 0x0, 0x6)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x46, 0x48})
sendmmsg$auto(r0, &(0x7f00000006c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={0x0, 0x49}, 0x5, 0x0, 0x5, 0x1}, 0x5}, 0x2, 0x3)

2.964910763s ago: executing program 1 (id=11974):
unshare$auto(0x40000080)
mmap$auto(0x0, 0x40009, 0xdd, 0x9b72, 0x7, 0x28000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x48040)
r0 = socket(0x26, 0x800, 0x0)
setsockopt$auto(r0, 0x114, 0x8, 0x0, 0x4)
select$auto(0x200, &(0x7f0000000240)={[0x80000, 0x1, 0xdede1b7, 0x0, 0x3, 0x8000, 0x5, 0x8890, 0x81, 0x0, 0x7fffffff, 0x9, 0xa23, 0x9, 0x2, 0x4]}, 0x0, &(0x7f0000000340)={[0x6240000000000000, 0x6467, 0x15e, 0x1, 0x1000, 0x0, 0x7, 0x7f8, 0x61, 0x3, 0x75, 0x4, 0x101, 0x1a4a284f, 0x2c, 0xfffffffffffff801]}, &(0x7f00000001c0)={0x10000, 0xa870})
r1 = socket(0x10, 0x2, 0x4)
r2 = socket(0x11, 0x80003, 0x300)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4004090)
setsockopt$auto(r2, 0x107, 0x12, 0x0, 0x4)
io_uring_setup$auto(0x4bf15e08, &(0x7f0000000000)={0x401, 0x8, 0xfe, 0x6fb3, 0x8a, 0x9, 0xffffffffffffffff, [0x100, 0x9, 0x7f], {0x2, 0x7, 0x3032, 0xe, 0xf, 0x5, 0x5, 0xfffffff9, 0xf08a2b3}, {0x0, 0xfc, 0x6, 0x0, 0x0, 0xf89, 0x9, 0x837, 0x8}})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'dummy0\x00'})
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00')
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000)
write$auto(r1, &(0x7f0000000000)='-\x00', 0x2fb)

2.964440133s ago: executing program 5 (id=11975):
mmap$auto(0x0, 0x8, 0x4000000000df, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/tty53\x00', 0x200, 0x0)
syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000000), 0xffffffffffffffff)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x109302, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0x7, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x0, 0x1, 0x2, 0x3, 0x95f4da0a, 0xefffffffffffffff, 0x3, 0x62, 0x80000001, 0x10000000000004, 0x6d40, 0x1, 0x2, 0xfffffffffffffffe]}, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0)
ioctl$auto(r0, 0x40104d14, r0)
socket(0x2b, 0x1, 0x1)
ioctl$auto(0xffffffffffffffff, 0x5522, 0xf15)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
r1 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/personality\x00', 0x40, 0x0)
pread64$auto(r1, &(0x7f0000001800)='#\\h,\x00', 0x3, 0x8)
ftruncate$auto(r0, 0xf154)
open(&(0x7f0000000080)='./file0\x00', 0x2020c0, 0x44)

2.955198288s ago: executing program 3 (id=11976):
select$auto(0x3, 0x0, 0x0, 0x0, 0x0)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$auto(0x3, 0xae60, 0x10000000000402)
clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6)
write$auto_tomoyo_operations_securityfs_if(0xffffffffffffffff, &(0x7f0000001300), 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_clone3(&(0x7f0000001280)={0x120020480, 0x0, 0x0, 0x0, {0x30}, 0x0, 0x0, 0x0, 0x0}, 0x58)
ioctl$auto_IMADDTIMER(r1, 0x80044940, 0x0)
shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa)
syz_clone(0x25342080, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0xc76, 0x8000)
shmdt$auto(&(0x7f0000000000)=':-h!/-^@(\']@%]/\x00')
mmap$auto(0x0, 0xc, 0x4000000000df, 0x44eb2, 0x10006, 0x300000000000)

2.954773308s ago: executing program 4 (id=11982):
mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x1d, 0x2, 0x2)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/bridge/bridge-nf-pass-vlan-input-dev\x00', 0x202, 0x0)
sendfile$auto(r0, r0, 0x0, 0x200)
connect$auto(0x3, 0x0, 0x55)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
write$auto(0x3, 0x0, 0x5c8)
socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x2, 0x9, 0x3, 0x16, 0x940, 0x1ffe0, 0x3, 0x6, 0x2, 0x9, 0x4, 0xfff, 0x7, 0xb0, 0x9, 0x8001, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8ac7, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}, 0x1fe, 0x81)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

2.571467238s ago: executing program 4 (id=11977):
socket$nl_generic(0x10, 0x3, 0x10)
bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x0, 0x4, 0x8201, 0x2, 0x8, 0x4, 0xe3, 0x3fffffffff, 0x8000000000001}, 0x1)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
semctl$auto_SETALL(0x7e8, 0x7, 0x11, 0x2)
ioperm$auto(0x7, 0x6, 0x2)
io_uring_setup$auto(0x6, 0x0)
bpf$auto(0x16, 0x0, 0xfffffffa)
r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/oom_adj\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0x1f40)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
memfd_create$auto(0x0, 0xe)
openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000400), 0x80001, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000000)='//\xf2\x00', 0x80000000)
mmap$auto(0x0, 0x9, 0xffb, 0xd7, 0x3, 0x0)
socket(0xa, 0x801, 0x84)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)

2.440978596s ago: executing program 5 (id=11978):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x6, 0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
getsid$auto(0x0)
socket(0xa, 0x5, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000680)='/dev/snd/midiC2D0\x00', 0x100, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
setsockopt$auto_SO_DEBUG(r1, 0x5, 0x1, &(0x7f0000000600)=']\'#\x00', 0x6)
ppoll$auto(&(0x7f0000000000)={r1, 0x8, 0x6}, 0x7, 0x0, 0x0, 0x8)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x84c, 0x0, 0x9, 0x0, 0x3, 0x10b}, 0x800009}, 0x1, 0x20000000)
socket$nl_generic(0x10, 0x3, 0x10)
userfaultfd$auto(0x1)
ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x8, 0x1}, 0x7f, 0x0, &(0x7f00000001c0)={0x3}, 0x8)
open$dir(&(0x7f0000000000)='./file0\x00', 0x40000, 0x6)
ioctl$sock_SIOCGIFINDEX(r0, 0x89b1, &(0x7f0000000900)={'bond0\x00'})

2.029738986s ago: executing program 4 (id=11979):
unshare$auto(0x40000080)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0)
stat$auto(0x0, &(0x7f0000000380)={0x3, 0x3, 0x6, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4, 0xa, 0xff, 0x100, 0x401, 0x5f57, 0x80000000, 0xaa})
writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x7}, 0x3)
getsockopt$auto_SO_PASSCRED(0xffffffffffffffff, 0x1, 0x10, 0x0, 0x0)
mmap$auto(0x0, 0x400005, 0x800000000000df, 0x9b72, 0x2, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x20048801)
ioperm$auto(0x400000ffff, 0xe, 0x1)
syz_genetlink_get_family_id$auto_taskstats(0x0, 0xffffffffffffffff)
writev$auto(0x3, 0x0, 0x8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
statmount$auto(0x0, 0x0, 0xfffff7fffffffffa, 0x81)
read$auto(0xffffffffffffffff, 0x0, 0x20)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0)
writev$auto(r1, 0x0, 0x3)
write$auto(0x3, 0x0, 0xfffffdef)
r2 = socket$nl_generic(0x11, 0x3, 0x10)
bind$auto(r2, &(0x7f0000000200)=@generic={0x11, "0000100000000000929e006300"}, 0x80)

1.765546215s ago: executing program 3 (id=11980):
mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000)
socket(0x10, 0x2, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/vkms/graphics/fb0/state\x00', 0xc2483, 0x0)
socket(0x10, 0x2, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x801, 0x84)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
socket(0xa, 0x2, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
socket(0xa, 0x801, 0x84)
socket(0xa, 0x2, 0x3a)
io_uring_setup$auto(0x6, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
open(0x0, 0x64842, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40001, 0x0)
r1 = socket(0xa, 0x2, 0x88)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
bpf$auto(0x0, &(0x7f0000000000)=@link_update={r1, @new_prog_fd=0x4, 0x4, @old_prog_fd=r0}, 0xa3)
bpf$auto(0x3, &(0x7f0000000040)=@query={@target_ifindex, 0x4, 0x7, 0x9, 0x7f, @prog_cnt=0x4, 0x0, 0x0, 0xc, 0xb, 0x5}, 0x7)

1.606281315s ago: executing program 4 (id=11981):
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x2a19c3, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x581402, 0x0)
r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$auto(0x0, 0x400008, 0x8, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x4020009, 0xdf, 0x40000eb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_FLUSH_PMKSA(r1, 0x0, 0x4004855)
syslog$auto(0x1, &(0x7f00000004c0)='-#:\x00[\xda\xe2\xc3L\xd30{Q\avP\x93\x87\x1e\xdd\x95\x1b\x19qI\vv\xacO*X0V\x93\x85\xff\xb2\xdd\xd8\xd5Kh\xfa\xa3\xc7\x9b}\xec\x1e\xdc\x80\x1fR\xc30\x9a\xae\\\'\x14\x98\x98\xc3iDv\x97\xdfTMt\xe5?\xd0\xcc\xb8\xfa\a\x7f\x7f\x00\x00\x00\x00\x00\x00\x00n_\xb1\x1c\x7f\xb0y\xec\xe2\xcc\x1a/\xfa{d\xe4BN\x9c\xb9\x87.\xfe\xe7&1j\xe6]\xc3\x9anE6\x81\xe4\xec\xfa\xefE\xf7\x17h\xf4pumR\xd55Dd(\x0f(b\x1aD\xf4\x03\xc3\\\xdf\x8f\xa8\x82\xab\x102\xd1\xaf\xcaT\x86\x171\x11Q4\x94\x9d\xf5\x9c\xe3\xaa\xf3\xd26i\xf9\xb2\xd9T\xc9\xfd\xba\x91^\x19\x95\xde\xbc \xa8\x98\xc3\xed\xe9,{\xd4\xa1\xe4p\xcf\b\f\xb4\xbe_\x90[\xec2\v\xca<`K-\xfc\xc3\xeaqt\x94\xe7\xce\xf1\xc5\x94~\xf6Cx\x0e\x98\xc7gE>*\x9c%\xa0\\\x14\t\tv.\x1c\x1a\xf1\xba\xc0>\xf4Hc\xc3\xfa\x03m\xec\\\xa6\xb9C\xd4\xf0@\x13\xba\xd21\xd3o\x11\xaau\x92\x181\x7f\x1da\xe7h:u\xd0\xa9\x04\tlcf\xf3\xb2.\xcfy\x19\x93)\xbf:\xc74\xb4\x06\x9d*\r\xcd\xf0\xd6eqv\xeb\xbbQ\xae\x8b\xdd \xe7\xcd\xfcV\x18i\xf1\xf4\xec\x92k\xe3Lv(A\x9d\xb4~\xd1[9\x84\x13B\xc6du\xab]F\x88\xfe\x88\xb4\x92\xcbk\xc32\xd0\x95\xe8\x97\xbe\x84wH\x16\x9755\xbe\xb8\xb3\xa7\x87GT=^\xc7 \xdb\xf3\xc9+k\xe1 \xa2\x06\xc6\x87[\xef\xfe\x12\xe0\x18\xe6\xbe\x1d\x98Y\xf9.L:\xf3\xb7\xdbc\x1a\xc1\xe6!k\x87\xa5\xe8z\xba\xb7\x13\xc7\x94E^\x80\x05\xfe\xfd\\\x88-g\xf4-e\xe4O\xfa\x87\xffi\x11\x8di\x02\xb9)hE\x83', 0xf6bb)
clone$auto(0x6, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x4000006)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.5/usb19/19-0:1.0/usb19-port3/state\x00', 0x2400, 0x0)
read$auto(r2, &(0x7f00000002c0)='\x91\xf3\xc5\xe7\xf4\xfc\x8e\xf5\x1a14\x8a\xd9\x9a\x11\xb1\x10q\xdf\x8doi\xfc\x9f\x18\x9a\xd4\x1d\xf7\xc7\xf9\xf8\xa2\xa3\x10Cs]\x01\xfec~\x9c\x9e\xb2\xa5Io\x11\x83\xf2\x06\a\xc0\xca\xcd\x1fHl2\xf4a\x88`\xd8(\x0fR\xb4\xcb\xc9\xf4E\xe8\xdd\xec\x85\xfa\xdc\xd7\x0eZ\xb5\x8f\x06\x89Ss6\x04\x00'/100, 0x5ff15ff9)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x101002, 0x0)
clone$auto(0x1, 0x27, 0x0, 0x0, 0x2)
setresuid$auto(0x0, 0xee01, 0x0)
getsockopt$auto(0xffffffffffffffff, 0x0, 0x42, 0x0, &(0x7f00000000c0)=0x1e)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000002c0), 0xa82, 0x0)
mq_timedsend$auto(0xffffffffffffffff, &(0x7f00000001c0)='@;\x94:IN\x18\xfa7Cl\x108\xcb#\x00\xa1Vq\xc9\x00\xa6=`<\x00\x00\xe7{\x87sN\xaa%\x10h\xc7\xebOi\x88\x8a#\xdf\x9a\xe9\x9f\x06\x0f\x18\x8b\x7f9%\xee\x1cT!\xae>\xf7E\xcc\x95\xf0\x01\x10Z\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x80, 0x9, 0x0)
shmget$auto(0x5, 0x7, 0xfffffff7)
madvise$auto(0x0, 0x200007, 0x19)

1.494938874s ago: executing program 5 (id=11983):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x2020008, 0x7, 0xb9, 0xfffffffffffffffa, 0x9)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
fcntl$auto(0x3, 0x4, 0xa553)
swapon$auto(&(0x7f0000000000)='/dev/loop7\x00', 0x4)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
socket(0x25, 0x6, 0x0)
mmap$auto(0x0, 0x20009, 0x3, 0x40000000000eb1, 0x401, 0x8000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_ocfs2_control_fops_stack_user(0xffffffffffffff9c, &(0x7f0000000000), 0x280, 0x0)
read$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000000040)=""/1, 0x1)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0)
close_range$auto(0x2, 0x8, 0x0)
fremovexattr$auto(0xc8, &(0x7f00000001c0)=',%{}\x00')
setgroups$auto(0xe32, 0x0)

1.454513147s ago: executing program 3 (id=11984):
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
socket(0x2, 0x80002, 0x73)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
sendmmsg$auto(0x3, 0x0, 0x3, 0x1c)
r0 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a4, 0xffff)
mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000)
syz_genetlink_get_family_id$auto_nl80211(0x0, r0)
sendmsg$auto_NL80211_CMD_RADAR_DETECT(0xffffffffffffffff, 0x0, 0x4008000)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0x80040, 0x0)
open(0x0, 0x22240, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000)
socket(0x15, 0x5, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)

897.107055ms ago: executing program 1 (id=11985):
unshare$auto(0x40000080)
mmap$auto(0x0, 0x40009, 0xdd, 0x9b72, 0x7, 0x28000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff)
r0 = socket(0x26, 0x800, 0x0)
setsockopt$auto(r0, 0x114, 0x8, 0x0, 0x4)
select$auto(0x200, &(0x7f0000000240)={[0x80000, 0x1, 0xdede1b7, 0x0, 0x3, 0x8000, 0x5, 0x8890, 0x81, 0x0, 0x7fffffff, 0x9, 0xa23, 0x9, 0x2, 0x4]}, 0x0, &(0x7f0000000340)={[0x6240000000000000, 0x6467, 0x15e, 0x1, 0x1000, 0x0, 0x7, 0x7f8, 0x61, 0x3, 0x75, 0x4, 0x101, 0x1a4a284f, 0x2c, 0xfffffffffffff801]}, 0x0)
r1 = socket(0x10, 0x2, 0x4)
r2 = socket(0x11, 0x80003, 0x300)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4004090)
setsockopt$auto(r2, 0x107, 0x12, 0x0, 0x4)
io_uring_setup$auto(0x4bf15e08, &(0x7f0000000000)={0x401, 0x8, 0x4, 0x6fb3, 0x1, 0x9, 0xffffffffffffffff, [0x100, 0x200009, 0x7f], {0x2, 0x7, 0x3032, 0xe, 0xf, 0x5, 0x5, 0xfffffff9, 0xf08a2b3}, {0x0, 0x7, 0x6, 0x0, 0x0, 0xf8b, 0x9, 0x837, 0x8}})
unshare$auto(0xfff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x800, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'dummy0\x00'})
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00')
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000)
write$auto(r1, &(0x7f0000000000)='-\x00', 0x2fb)

889.958695ms ago: executing program 3 (id=11986):
write$auto(0xffffffffffffffff, 0x0, 0x3f00)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
init_module$auto(0x0, 0xfffff, 0x0)
mkdir$auto(0x0, 0x8001)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
unshare$auto(0x40000080)
mmap$auto(0xfffffffffffffffd, 0x3, 0x4000000000de, 0x40eb1, 0x401, 0x300000000000)
r0 = socket(0xa, 0x1, 0x100)
setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x568)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/adsp1\x00', 0x101142, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, 0x0)
move_pages$auto(0xffffffffffffffff, 0xf54, 0x0, 0x0, 0x0, 0x2)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0)
read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/seq/clients\x00', 0x280, 0x0)
pread64$auto(r2, 0x0, 0x8, 0x8)
mmap$auto(0x0, 0x44, 0x3, 0x11, r0, 0xc)

532.247827ms ago: executing program 1 (id=11987):
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000240), 0x10b000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
prctl$auto(0x1000000003b, 0x4, 0x4, 0x9, 0x7)
mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0)
read$auto(r1, 0x0, 0x20)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
unshare$auto(0x40000080)
msgrcv$auto(0x71, 0x0, 0x0, 0x7fffffffffffffff, 0x5)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x5)
msgget$auto(0x0, 0x5)
msgsnd$auto(0x0, &(0x7f0000000080)={0x1, 0x6}, 0x8, 0x7)
msgrcv$auto(0x0, 0x0, 0x4bd, 0x1, 0xf1)

407.808175ms ago: executing program 5 (id=11988):
openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/mountinfo\x00', 0xe0000, 0x0)
syz_clone(0x80000000, &(0x7f0000000000)="085a1056b6aa2f10d8ddee0633aea682a5ff", 0x12, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x6, 0x0)
r0 = socket(0x10, 0x2, 0xa)
setsockopt$auto(r0, 0x104000000000010e, 0x1, 0x0, 0x16)
r1 = socket(0x10, 0x2, 0x4)
sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400c72da808bf8d5feacf8510"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c001)
write$auto(r1, &(0x7f0000000000)='-\x00', 0x2fb)
ioperm$auto(0x7, 0x71, 0x863)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETPOLICY(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000580)={0x1c, r3, 0x301, 0x70b52c, 0x25dfdbfb, {}, [@CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x17}]}, 0x1c}, 0x1, 0x0, 0x0, 0x400c01d}, 0x0)
r4 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000080), r2)
sendmsg$auto_MACSEC_CMD_UPD_TXSA(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002dbd7000fbdbdf250600000008000100", @ANYRES32=0x0, @ANYBLOB="2e453b2b86eb6609ac6b21859c95ef1c4960514a70c8613b16ee0a1d9d07d2fe7286fdd02c7145b82ccedbe325c98b019cf0fe4866fabde884a9e94061d34e65ee55d80c6cb3dc6493676626e1014705804fa60887b6f97ef95b7f74d7f7fb5cd2"], 0x24}, 0x1, 0x0, 0x0, 0x4008000}, 0x400c8d4)
iopl$auto(0x3)
ioperm$auto(0x5, 0x3432, 0x0)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/msr/events/tsc\x00', 0x305501, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000000140)=""/213, 0xd5)

100.199796ms ago: executing program 4 (id=11989):
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = io_uring_setup$auto(0xb, 0x0)
r1 = socket(0x2, 0x5, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = socket(0x2, 0x80002, 0x73)
r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000180), r0)
sendmsg$auto_TIPC_NL_BEARER_SET(r2, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="000228bd7000fbdbdf25050000005300000049107b71764886c174cc96069a9d62cfceddc8864a9c8bdc447d56865891f0b630bca1040d0000000000001865914ff43913ad7f2e06c036653e4ab3eba634e0f7be9f4a76006da020d663a6ad24540b2ec5e4b192af74f34043"], 0x68}, 0x1, 0x0, 0x0, 0x200000d0}, 0x4040890)
socket(0x2, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
sendmmsg$auto(r1, &(0x7f0000000100)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f0000000000)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x1}, 0x2, 0x0)
close_range$auto(0x0, 0xffffeffe, 0x2)
pipe$auto(0x0)
unshare$auto(0x40000080)
setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd)
write$auto(0x3, 0x0, 0x81)
close_range$auto(0x2, 0x8, 0x0)

55.122885ms ago: executing program 3 (id=11990):
r0 = socket(0x2, 0x1, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket(0xa, 0x2, 0x88)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, r1, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r2)
ioctl$auto_KVM_CREATE_VM(r1, 0x4040aea0, 0x0)
close_range$auto(0x2, 0xa, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x3, 0x2)
getsockopt$auto(r0, 0x0, 0xcf, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
get_robust_list$auto(0x0, 0x0, 0x0)
r3 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0)
write$auto(r3, 0x0, 0xe)

0s ago: executing program 1 (id=11991):
unshare$auto(0x40000080)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r0 = socket(0xa, 0x1, 0x100)
setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x20b42, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f00000003c0))
syz_clone(0x800000, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x6, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000002)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
r2 = getpgid(0x0)
socket$nl_generic(0x10, 0x3, 0x10)
rt_tgsigqueueinfo$auto(0xffffffffffffffff, r2, 0x8, &(0x7f0000000100)={@siginfo_0_0={0x6, 0xe, 0x5, @_sigchld={r2, 0x0, 0x401, 0x5, 0x3}}})
mmap$auto(0x0, 0x2000d, 0x4080000200df, 0xeb1, 0x404, 0x8000)
r3 = socket(0x11, 0x3, 0x2)
getsockopt$auto(r3, 0x107, 0xc, 0x0, 0x0)
syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000040), r0)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40)
execve$auto(&(0x7f0000000180)='./file0\x00', &(0x7f0000000100)=&(0x7f0000000080)='\xac\x00', &(0x7f0000000000)=&(0x7f0000000200)=' ')

kernel console output (not intermixed with test programs):

OUND
[ 1269.030034][ T9262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1269.030045][ T9262] Workqueue: hci0 hci_rx_work
[ 1269.030064][ T9262] Call Trace:
[ 1269.030071][ T9262]  <TASK>
[ 1269.030078][ T9262]  dump_stack_lvl+0x16c/0x1f0
[ 1269.030106][ T9262]  sysfs_warn_dup+0x7f/0xa0
[ 1269.030125][ T9262]  sysfs_create_dir_ns+0x24b/0x2b0
[ 1269.030143][ T9262]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1269.030161][ T9262]  ? find_held_lock+0x2b/0x80
[ 1269.030178][ T9262]  ? do_raw_spin_unlock+0x172/0x230
[ 1269.030199][ T9262]  kobject_add_internal+0x2c4/0x9b0
[ 1269.030217][ T9262]  kobject_add+0x16e/0x240
[ 1269.030231][ T9262]  ? __pfx_kobject_add+0x10/0x10
[ 1269.030246][ T9262]  ? do_raw_spin_unlock+0x172/0x230
[ 1269.030267][ T9262]  ? kobject_put+0xab/0x5a0
[ 1269.030286][ T9262]  device_add+0x288/0x1a70
[ 1269.030301][ T9262]  ? __pfx_dev_set_name+0x10/0x10
[ 1269.030317][ T9262]  ? __pfx_device_add+0x10/0x10
[ 1269.030332][ T9262]  ? mgmt_send_event_skb+0x2fb/0x460
[ 1269.030358][ T9262]  hci_conn_add_sysfs+0x17e/0x230
[ 1269.030373][ T9262]  le_conn_complete_evt+0x1075/0x1d70
[ 1269.030399][ T9262]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1269.030419][ T9262]  ? bt_warn+0xe4/0x120
[ 1269.030446][ T9262]  ? __pfx_bt_warn+0x10/0x10
[ 1269.030471][ T9262]  hci_le_conn_complete_evt+0x23c/0x370
[ 1269.030497][ T9262]  hci_le_meta_evt+0x357/0x5e0
[ 1269.030511][ T9262]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[ 1269.030534][ T9262]  hci_event_packet+0x682/0x11c0
[ 1269.030554][ T9262]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1269.030569][ T9262]  ? __pfx_hci_event_packet+0x10/0x10
[ 1269.030591][ T9262]  ? kcov_remote_start+0x3c9/0x6d0
[ 1269.030611][ T9262]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1269.030636][ T9262]  hci_rx_work+0x2c5/0x16b0
[ 1269.030650][ T9262]  ? rcu_is_watching+0x12/0xc0
[ 1269.030667][ T9262]  process_one_work+0x9cc/0x1b70
[ 1269.030695][ T9262]  ? __pfx_process_one_work+0x10/0x10
[ 1269.030720][ T9262]  ? assign_work+0x1a0/0x250
[ 1269.030740][ T9262]  worker_thread+0x6c8/0xf10
[ 1269.030768][ T9262]  ? __pfx_worker_thread+0x10/0x10
[ 1269.030788][ T9262]  kthread+0x3c5/0x780
[ 1269.030806][ T9262]  ? __pfx_kthread+0x10/0x10
[ 1269.030826][ T9262]  ? rcu_is_watching+0x12/0xc0
[ 1269.030839][ T9262]  ? __pfx_kthread+0x10/0x10
[ 1269.030865][ T9262]  ret_from_fork+0x5d7/0x6f0
[ 1269.030884][ T9262]  ? __pfx_kthread+0x10/0x10
[ 1269.030903][ T9262]  ret_from_fork_asm+0x1a/0x30
[ 1269.030928][ T9262]  </TASK>
[ 1269.030950][ T9262] kobject: kobject_add_internal failed for hci0:0 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1269.339856][ T9262] Bluetooth: hci0: failed to register connection device
[ 1270.191008][ T2271] netlink: 'syz.3.11159': attribute type 5 has an invalid length.
[ 1270.270152][ T2273] netlink: 338 bytes leftover after parsing attributes in process `syz.1.11158'.
[ 1270.291255][ T2274] netlink: 'syz.3.11159': attribute type 5 has an invalid length.
[ 1270.342249][ T2271] netlink: 'syz.3.11159': attribute type 1 has an invalid length.
[ 1270.377243][ T2276] netlink: 13 bytes leftover after parsing attributes in process `syz.5.11160'.
[ 1270.411083][ T2274] netlink: 'syz.3.11159': attribute type 1 has an invalid length.
[ 1270.493967][ T2271] netlink: 12 bytes leftover after parsing attributes in process `syz.3.11159'.
[ 1270.542185][ T2274] netlink: 12 bytes leftover after parsing attributes in process `syz.3.11159'.
[ 1271.172990][ T2289] delete_channel: no stack
[ 1271.655132][ T2302] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007
[ 1271.724820][ T2302] Unable to find swap-space signature
[ 1271.999267][ T2307] netlink: 338 bytes leftover after parsing attributes in process `syz.5.11171'.
[ 1272.053591][ T2309] netlink: 28 bytes leftover after parsing attributes in process `syz.1.11172'.
[ 1274.368900][ T2334] netlink: 4 bytes leftover after parsing attributes in process `syz.5.11179'.
[ 1274.415748][ T2334] netlink: 13 bytes leftover after parsing attributes in process `syz.5.11179'.
[ 1277.124506][ T9262] Bluetooth: hci1: unexpected event 0x3e length: 508 > 260
[ 1277.124531][ T9262] Bluetooth: hci1: unexpected subevent 0x02 length: 507 > 260
[ 1277.140026][ T9262] Bluetooth: hci1: Dropping invalid advertising data
[ 1277.148686][ T9262] Bluetooth: hci1: unknown advertising packet type: 0xe9
[ 1277.187982][ T2385] FAULT_INJECTION: forcing a failure.
[ 1277.187982][ T2385] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1277.315889][ T2385] CPU: 0 UID: 0 PID: 2385 Comm: syz.4.11192 Tainted: G     U    I         6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full) 
[ 1277.315919][ T2385] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1277.315925][ T2385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1277.315934][ T2385] Call Trace:
[ 1277.315940][ T2385]  <TASK>
[ 1277.315946][ T2385]  dump_stack_lvl+0x16c/0x1f0
[ 1277.315972][ T2385]  should_fail_ex+0x512/0x640
[ 1277.315996][ T2385]  should_fail_alloc_page+0xe7/0x130
[ 1277.316013][ T2385]  prepare_alloc_pages+0x3c2/0x610
[ 1277.316029][ T2385]  ? lock_acquire+0x179/0x350
[ 1277.316049][ T2385]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 1277.316069][ T2385]  ? mlock_drain_local+0x22d/0x4f0
[ 1277.316094][ T2385]  ? try_to_migrate_one+0x14e1/0x35f0
[ 1277.316113][ T2385]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1277.316135][ T2385]  ? __pfx_try_to_migrate_one+0x10/0x10
[ 1277.316158][ T2385]  ? __up_read+0x1f8/0x750
[ 1277.316178][ T2385]  ? __pfx___up_read+0x10/0x10
[ 1277.316195][ T2385]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1277.316217][ T2385]  ? policy_nodemask+0xea/0x4e0
[ 1277.316239][ T2385]  alloc_pages_mpol+0x1fb/0x550
[ 1277.316253][ T2385]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1277.316271][ T2385]  folio_alloc_mpol_noprof+0x36/0x2f0
[ 1277.316298][ T2385]  alloc_migration_target_by_mpol+0x246/0x500
[ 1277.316316][ T2385]  ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[ 1277.316335][ T2385]  ? __pfx___might_resched+0x10/0x10
[ 1277.316351][ T2385]  ? folio_get_anon_vma+0xdd/0x760
[ 1277.316373][ T2385]  migrate_pages_batch+0x3bc/0x31a0
[ 1277.316392][ T2385]  ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[ 1277.316415][ T2385]  ? __pfx_migrate_pages_batch+0x10/0x10
[ 1277.316437][ T2385]  migrate_pages_sync+0x12d/0x8a0
[ 1277.316454][ T2385]  ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[ 1277.316476][ T2385]  ? __pfx_migrate_pages_sync+0x10/0x10
[ 1277.316490][ T2385]  ? __pfx_queue_pages_test_walk+0x10/0x10
[ 1277.316513][ T2385]  migrate_pages+0x1b67/0x23b0
[ 1277.316530][ T2385]  ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[ 1277.316553][ T2385]  ? __pfx_migrate_pages+0x10/0x10
[ 1277.316570][ T2385]  ? find_held_lock+0x2b/0x80
[ 1277.316588][ T2385]  ? up_write+0x1b2/0x520
[ 1277.316608][ T2385]  do_mbind+0x6f0/0xf30
[ 1277.316628][ T2385]  ? __pfx_do_mbind+0x10/0x10
[ 1277.316654][ T2385]  ? __pfx_get_nodes+0x10/0x10
[ 1277.316677][ T2385]  kernel_mbind+0x1e3/0x1f0
[ 1277.316694][ T2385]  ? __pfx_kernel_mbind+0x10/0x10
[ 1277.316715][ T2385]  do_syscall_64+0xcd/0x490
[ 1277.316729][ T2385]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1277.316749][ T2385] RIP: 0033:0x7f74f118e929
[ 1277.316764][ T2385] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1277.316780][ T2385] RSP: 002b:00007f74f1fd1038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[ 1277.316796][ T2385] RAX: ffffffffffffffda RBX: 00007f74f13b5fa0 RCX: 00007f74f118e929
[ 1277.316805][ T2385] RDX: 0000000100000000 RSI: 8000000000000001 RDI: 000000000000f000
[ 1277.316815][ T2385] RBP: 00007f74f1210b39 R08: 0000000000000006 R09: 0000000000000002
[ 1277.316824][ T2385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1277.316834][ T2385] R13: 0000000000000000 R14: 00007f74f13b5fa0 R15: 00007fff0e85fd08
[ 1277.316853][ T2385]  </TASK>
[ 1277.640766][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1278.958996][ T2423] openvswitch: netlink: Missing valid actions attribute.
[ 1279.161533][ T2404] FAULT_INJECTION: forcing a failure.
[ 1279.161533][ T2404] name failslab, interval 1, probability 0, space 0, times 0
[ 1279.203680][ T2404] CPU: 0 UID: 0 PID: 2404 Comm: syz.4.11196 Tainted: G     U    I         6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full) 
[ 1279.203709][ T2404] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1279.203715][ T2404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1279.203724][ T2404] Call Trace:
[ 1279.203731][ T2404]  <TASK>
[ 1279.203737][ T2404]  dump_stack_lvl+0x16c/0x1f0
[ 1279.203763][ T2404]  should_fail_ex+0x512/0x640
[ 1279.203784][ T2404]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1279.203806][ T2404]  should_failslab+0xc2/0x120
[ 1279.203820][ T2404]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1279.203839][ T2404]  ? trace_cap_capable+0x18d/0x200
[ 1279.203853][ T2404]  ? vm_area_dup+0x27/0x8d0
[ 1279.203876][ T2404]  vm_area_dup+0x27/0x8d0
[ 1279.203896][ T2404]  dup_mmap+0x877/0x21d0
[ 1279.203919][ T2404]  ? __pfx_dup_mmap+0x10/0x10
[ 1279.203953][ T2404]  copy_process+0x4081/0x76a0
[ 1279.203970][ T2404]  ? preempt_schedule_thunk+0x16/0x30
[ 1279.203995][ T2404]  ? __pfx_copy_process+0x10/0x10
[ 1279.204010][ T2404]  ? plist_check_head+0xa3/0x150
[ 1279.204031][ T2404]  ? futex_private_hash_put+0xc7/0x240
[ 1279.204050][ T2404]  kernel_clone+0xfc/0x960
[ 1279.204066][ T2404]  ? __pfx_futex_wake+0x10/0x10
[ 1279.204085][ T2404]  ? __pfx_kernel_clone+0x10/0x10
[ 1279.204112][ T2404]  __do_sys_clone+0xce/0x120
[ 1279.204129][ T2404]  ? __pfx___do_sys_clone+0x10/0x10
[ 1279.204144][ T2404]  ? ksys_unshare+0x687/0xa40
[ 1279.204170][ T2404]  ? xfd_validate_state+0x61/0x180
[ 1279.204194][ T2404]  do_syscall_64+0xcd/0x490
[ 1279.204208][ T2404]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1279.204222][ T2404] RIP: 0033:0x7f74f118e929
[ 1279.204239][ T2404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1279.204257][ T2404] RSP: 002b:00007f74f1fd0fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1279.204272][ T2404] RAX: ffffffffffffffda RBX: 00007f74f13b5fa0 RCX: 00007f74f118e929
[ 1279.204287][ T2404] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411
[ 1279.204296][ T2404] RBP: 00007f74f1210b39 R08: 0000000000000000 R09: 0000000000000000
[ 1279.204304][ T2404] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1279.204313][ T2404] R13: 0000000000000000 R14: 00007f74f13b5fa0 R15: 00007fff0e85fd08
[ 1279.204334][ T2404]  </TASK>
[ 1279.438720][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1279.519307][   T30] audit: type=1800 audit(4294967312.000:34): pid=2432 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.11202" name="ram7" dev="tmpfs" ino=2331 res=0 errno=0
[ 1280.005198][ T2452] netlink: 4 bytes leftover after parsing attributes in process `syz.1.11208'.
[ 1280.054361][ T2452] netlink: 25 bytes leftover after parsing attributes in process `syz.1.11208'.
[ 1281.807663][ T2486] FAULT_INJECTION: forcing a failure.
[ 1281.807663][ T2486] name failslab, interval 1, probability 0, space 0, times 0
[ 1281.860779][ T2486] CPU: 0 UID: 0 PID: 2486 Comm: syz.4.11216 Tainted: G     U    I         6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full) 
[ 1281.860808][ T2486] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1281.860815][ T2486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1281.860823][ T2486] Call Trace:
[ 1281.860829][ T2486]  <TASK>
[ 1281.860836][ T2486]  dump_stack_lvl+0x16c/0x1f0
[ 1281.860863][ T2486]  should_fail_ex+0x512/0x640
[ 1281.860883][ T2486]  ? __kvmalloc_node_noprof+0x124/0x620
[ 1281.860905][ T2486]  should_failslab+0xc2/0x120
[ 1281.860920][ T2486]  __kvmalloc_node_noprof+0x137/0x620
[ 1281.860940][ T2486]  ? alloc_netdev_mqs+0xfbe/0x1570
[ 1281.860959][ T2486]  ? alloc_netdev_mqs+0xfbe/0x1570
[ 1281.860971][ T2486]  alloc_netdev_mqs+0xfbe/0x1570
[ 1281.860988][ T2486]  internal_dev_create+0x8a/0x520
[ 1281.861005][ T2486]  ovs_vport_add+0x147/0x4d0
[ 1281.861042][ T2486]  new_vport+0x16/0x1d0
[ 1281.861072][ T2486]  ovs_dp_cmd_new+0x6ba/0xe60
[ 1281.861098][ T2486]  ? __pfx_ovs_dp_cmd_new+0x10/0x10
[ 1281.861122][ T2486]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[ 1281.861142][ T2486]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[ 1281.861192][ T2486]  genl_family_rcv_msg_doit+0x206/0x2f0
[ 1281.861213][ T2486]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1281.861231][ T2486]  ? trace_cap_capable+0x18d/0x200
[ 1281.861251][ T2486]  ? bpf_lsm_capable+0x9/0x10
[ 1281.861267][ T2486]  ? security_capable+0x7e/0x260
[ 1281.861281][ T2486]  ? ns_capable+0xd7/0x110
[ 1281.861297][ T2486]  genl_rcv_msg+0x55c/0x800
[ 1281.861317][ T2486]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1281.861335][ T2486]  ? __pfx_ovs_dp_cmd_new+0x10/0x10
[ 1281.861361][ T2486]  netlink_rcv_skb+0x155/0x420
[ 1281.861376][ T2486]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1281.861394][ T2486]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1281.861417][ T2486]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1281.861435][ T2486]  genl_rcv+0x28/0x40
[ 1281.861450][ T2486]  netlink_unicast+0x53d/0x7f0
[ 1281.861467][ T2486]  ? __pfx_netlink_unicast+0x10/0x10
[ 1281.861488][ T2486]  netlink_sendmsg+0x8d1/0xdd0
[ 1281.861506][ T2486]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1281.861529][ T2486]  ____sys_sendmsg+0xa98/0xc70
[ 1281.861546][ T2486]  ? copy_msghdr_from_user+0x10a/0x160
[ 1281.861566][ T2486]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1281.861587][ T2486]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1281.861609][ T2486]  ___sys_sendmsg+0x134/0x1d0
[ 1281.861630][ T2486]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1281.861649][ T2486]  ? __lock_acquire+0x622/0x1c90
[ 1281.861690][ T2486]  __sys_sendmsg+0x16d/0x220
[ 1281.861710][ T2486]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1281.861730][ T2486]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1281.861758][ T2486]  do_syscall_64+0xcd/0x490
[ 1281.861773][ T2486]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1281.861787][ T2486] RIP: 0033:0x7f74f118e929
[ 1281.861799][ T2486] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1281.861814][ T2486] RSP: 002b:00007f74f1fd1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1281.861829][ T2486] RAX: ffffffffffffffda RBX: 00007f74f13b5fa0 RCX: 00007f74f118e929
[ 1281.861838][ T2486] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000006
[ 1281.861848][ T2486] RBP: 00007f74f1210b39 R08: 0000000000000000 R09: 0000000000000000
[ 1281.861860][ T2486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1281.861868][ T2486] R13: 0000000000000000 R14: 00007f74f13b5fa0 R15: 00007fff0e85fd08
[ 1281.861887][ T2486]  </TASK>
[ 1283.260339][ T2505] netlink: 16 bytes leftover after parsing attributes in process `syz.1.11220'.
[ 1283.368057][ T2511] netlink: 93 bytes leftover after parsing attributes in process `syz.1.11220'.
[ 1284.201095][ T2522] FAULT_INJECTION: forcing a failure.
[ 1284.201095][ T2522] name failslab, interval 1, probability 0, space 0, times 0
[ 1284.340979][ T2522] CPU: 0 UID: 0 PID: 2522 Comm: syz.4.11224 Tainted: G     U    I         6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full) 
[ 1284.341008][ T2522] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1284.341015][ T2522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1284.341024][ T2522] Call Trace:
[ 1284.341029][ T2522]  <TASK>
[ 1284.341036][ T2522]  dump_stack_lvl+0x16c/0x1f0
[ 1284.341062][ T2522]  should_fail_ex+0x512/0x640
[ 1284.341082][ T2522]  ? __kvmalloc_node_noprof+0x124/0x620
[ 1284.341105][ T2522]  should_failslab+0xc2/0x120
[ 1284.341119][ T2522]  __kvmalloc_node_noprof+0x137/0x620
[ 1284.341139][ T2522]  ? v4l2_ctrl_new+0x97d/0x2180
[ 1284.341159][ T2522]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1284.341182][ T2522]  ? v4l2_ctrl_new+0x97d/0x2180
[ 1284.341203][ T2522]  v4l2_ctrl_new+0x97d/0x2180
[ 1284.341230][ T2522]  ? __pfx_v4l2_ctrl_new+0x10/0x10
[ 1284.341249][ T2522]  ? __pfx_v4l2_ctrl_new+0x10/0x10
[ 1284.341274][ T2522]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1284.341296][ T2522]  v4l2_ctrl_new_std+0x1be/0x290
[ 1284.341322][ T2522]  ? __pfx_v4l2_ctrl_new_std+0x10/0x10
[ 1284.341341][ T2522]  ? __pfx_v4l2_ctrl_new_std+0x10/0x10
[ 1284.341363][ T2522]  ? rcu_is_watching+0x12/0xc0
[ 1284.341377][ T2522]  ? trace_kmalloc+0x2b/0xd0
[ 1284.341390][ T2522]  ? __kvmalloc_node_noprof+0x298/0x620
[ 1284.341413][ T2522]  ? media_request_object_init+0x100/0x180
[ 1284.341432][ T2522]  vicodec_open+0x1f7/0xf90
[ 1284.341454][ T2522]  v4l2_open+0x225/0x490
[ 1284.341472][ T2522]  ? __pfx_v4l2_open+0x10/0x10
[ 1284.341490][ T2522]  chrdev_open+0x231/0x6a0
[ 1284.341510][ T2522]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1284.341528][ T2522]  ? __pfx_chrdev_open+0x10/0x10
[ 1284.341549][ T2522]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 1284.341570][ T2522]  do_dentry_open+0x744/0x1c10
[ 1284.341590][ T2522]  ? __pfx_chrdev_open+0x10/0x10
[ 1284.341613][ T2522]  vfs_open+0x82/0x3f0
[ 1284.341630][ T2522]  path_openat+0x1de4/0x2cb0
[ 1284.341656][ T2522]  ? __pfx_path_openat+0x10/0x10
[ 1284.341675][ T2522]  ? __lock_acquire+0xb8a/0x1c90
[ 1284.341695][ T2522]  do_filp_open+0x20b/0x470
[ 1284.341715][ T2522]  ? __pfx_do_filp_open+0x10/0x10
[ 1284.341747][ T2522]  ? alloc_fd+0x471/0x7d0
[ 1284.341770][ T2522]  do_sys_openat2+0x11b/0x1d0
[ 1284.341784][ T2522]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1284.341817][ T2522]  __x64_sys_openat+0x174/0x210
[ 1284.341833][ T2522]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1284.341857][ T2522]  do_syscall_64+0xcd/0x490
[ 1284.341873][ T2522]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1284.341888][ T2522] RIP: 0033:0x7f74f118e929
[ 1284.341901][ T2522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1284.341915][ T2522] RSP: 002b:00007f74f1fd1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1284.341929][ T2522] RAX: ffffffffffffffda RBX: 00007f74f13b5fa0 RCX: 00007f74f118e929
[ 1284.341939][ T2522] RDX: 00000000000c4400 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 1284.341949][ T2522] RBP: 00007f74f1210b39 R08: 0000000000000000 R09: 0000000000000000
[ 1284.341958][ T2522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1284.341967][ T2522] R13: 0000000000000000 R14: 00007f74f13b5fa0 R15: 00007fff0e85fd08
[ 1284.341986][ T2522]  </TASK>
[ 1285.158229][ T9262] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260
[ 1285.158253][ T9262] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260
[ 1285.178400][ T9262] Bluetooth: hci3: Unknown advertising packet type: 0x7f
[ 1285.178422][ T9262] Bluetooth: hci3: adv larger than maximum supported
[ 1285.185553][ T9262] Bluetooth: hci3: adv larger than maximum supported
[ 1285.192507][ T9262] Bluetooth: hci3: Malformed LE Event: 0x0d
[ 1285.665296][ T2536] FAULT_INJECTION: forcing a failure.
[ 1285.665296][ T2536] name failslab, interval 1, probability 0, space 0, times 0
[ 1285.748023][ T2536] CPU: 0 UID: 0 PID: 2536 Comm: syz.4.11227 Tainted: G     U    I         6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full) 
[ 1285.748052][ T2536] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1285.748058][ T2536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1285.748066][ T2536] Call Trace:
[ 1285.748075][ T2536]  <TASK>
[ 1285.748082][ T2536]  dump_stack_lvl+0x16c/0x1f0
[ 1285.748109][ T2536]  should_fail_ex+0x512/0x640
[ 1285.748129][ T2536]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1285.748152][ T2536]  should_failslab+0xc2/0x120
[ 1285.748165][ T2536]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1285.748186][ T2536]  ? locks_get_lock_context+0x243/0x410
[ 1285.748209][ T2536]  locks_get_lock_context+0x243/0x410
[ 1285.748230][ T2536]  generic_setlease+0x5e7/0x1300
[ 1285.748248][ T2536]  ? find_held_lock+0x2b/0x80
[ 1285.748263][ T2536]  ? __pfx_generic_setlease+0x10/0x10
[ 1285.748284][ T2536]  kernel_setlease+0x106/0x140
[ 1285.748299][ T2536]  vfs_setlease+0x258/0x2d0
[ 1285.748316][ T2536]  fcntl_setlease+0x3ed/0x5a0
[ 1285.748330][ T2536]  ? __pfx_fcntl_setlease+0x10/0x10
[ 1285.748354][ T2536]  do_fcntl+0x751/0x15a0
[ 1285.748368][ T2536]  ? __pfx_do_fcntl+0x10/0x10
[ 1285.748386][ T2536]  ? tomoyo_file_fcntl+0x6c/0xc0
[ 1285.748410][ T2536]  __x64_sys_fcntl+0x163/0x200
[ 1285.748425][ T2536]  do_syscall_64+0xcd/0x490
[ 1285.748439][ T2536]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1285.748454][ T2536] RIP: 0033:0x7f74f118e929
[ 1285.748467][ T2536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1285.748481][ T2536] RSP: 002b:00007f74f1fd1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[ 1285.748495][ T2536] RAX: ffffffffffffffda RBX: 00007f74f13b5fa0 RCX: 00007f74f118e929
[ 1285.748504][ T2536] RDX: 0000000000000001 RSI: 0000000000000400 RDI: 0000000000000005
[ 1285.748513][ T2536] RBP: 00007f74f1210b39 R08: 0000000000000000 R09: 0000000000000000
[ 1285.748521][ T2536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1285.748530][ T2536] R13: 0000000000000000 R14: 00007f74f13b5fa0 R15: 00007fff0e85fd08
[ 1285.748549][ T2536]  </TASK>
	

	
		
	

	
		
	

	
		
	

	
		
	

	
		
	

	
		
	

	
		

	
		

	


	
	

		
	
		
		

	

			





			








	



	

	




	


	









	





	



		

		








	








	

	
		



		

		

	
	











	









	




	





		







	

	
	

	
		
	

	
		

	


	
	

		
	
		
		

	

			





			








	




	





	

	
	
	
	


	
	





			


	













	

	
	
















	




	





		






	
	
	
	
	
	
	

	
		

	
		

	


	
	

		
	
		
		

	

			





			








	




	






	




	




	

	
	

	









	










	





	

	

	

	

















	

	

	


















	




	





		





			

	
		

	


		

		
	
		
		

	

			





			








	









	



	



	
	

	
	
	

	

	




	



	




	






	




	





		








	

	
		


	
	

	
		
	

	
		
	

	
		
	

	
		


	



	

	


	




	

	

	
		
	

	
		
	

	
		
	

	
		





	

	









		





	
		

	


	
	

		
	
		
		

	

			





			








	




	

	





	
	


	

	
	


	











	

	
	
















	




	





		






	
	

	
	
	
	

	
	
	

	
		
	

	
		

	
		

	


		

		
	
		
		

	

			





			








	




















	




	






		









	
		

	


	
	

		
	
	

	
		
	

	
		
		
		

	

			





			








	







	





	


















	

	
	
















	




	




		






	

	




	
		

	


	
	

		
	
		
		

	

			





			








	




	






		



		



	


	



	





		


		
	
	


		
	
		
	
		
		

	
	
	












	






	




	




		






	

	
		
	

	
		
	

	
		
	

	
		
	

	

		
		
	

	
		
	

	
		
	

	
		


		



	
		
	
	
	




	
				
	

	
		
	

	
		
	




	
				

			




	
		

	


	
	

		
	
	

	
		
		
		

	

			





			








	

	
	






	







	






	
	
	

		








	

	
	
















	




	





		











	

	
		

	
		

	


	

	

		
	
		
		

	

			





			








	

	






	
	



	
	























	










		
	
	






























	

	

	









	



	
	
	
	


	






	




	





		











	

	
	
	
	
	

	
		
	

	
		


		
		

	

			





			






















	

	









	



	
	
	
	


	






	




	





		





	

	
	
	
	



			
			
	
	
		



	


	








	
	




	
	
	

			
			
	

		
		
		


	







	



	
	
	

			
			
	

		
		
		


	







	



			
		
	
	
	
	

			
			
		






			
		
	
	
	
	

			
			
		






			
		
	
	
	
	

			
			
		






			
		
	
	
	
	

			
			
		















	
	
	


	
	
	
	
	
	
	
	
	
	
	


	
	











	
	
	
	
	
	
	
	
	
	
	





	





	





	





	






	











	






	

	
		
			

	

	
		

	

	

	
		

	


	

	

		
	
		
		

	

			





			








	

	






	
	




	


	




	

		
	
	








	


	


	



	



	



	
	
	








	













	
	

	










	
	







	







		




	
	
	
	
	

	
	
	

	






	




	





		






	

	
		
	

	
		



									

					
			


	

	
		


	

	
	
	
	

	
	
	
	
	
	
	
	

	
	
	
	
	
	
	
	

	
	
	
	
	
	
	
	
	
	

	

	
	
	
	
	
	
	
	
	
	

	
		

	


	

	

		
	
		
		

	

			





			








	

	













	







		
	
	









	
	

















	






	











	

		









	








	




	





		






	

	
		
	
	

	
	
	

	
		
	
	
	
	

	
		

	


	
	

		
	
		
		

	

			





			








	





	







	




	

	





	

	



	



	


	
	

	






	













	

	

	


















	




	




		






	

	
	

	
		
	

	
		
					
	

	
		
	
	
	
	

	
		

	


	

	

		
	
		
		

	

			





			








	

	

















































	
	

		
	
	








	








	







	






	









	









	








	




	





		







	

	
	
	
	
	
	
	
	

	
		

	
		

	


	
	

		
	
		
		

	

			





			








	




	





	
	
	
	




	

		











	

	
	
















	




	




		








	

	

			

	

	
		
	

	
		
	

	
		

		

	

	

	
		

	
		

	


	
	

		
	
		
		

	

			





			








	





	




	















	

		









	








	





	




		








































	
	









		

	

	
		

	
		

	


	
	

		
	
		
		

	

			





			








	




	









	









	

		











	

	
	
















	




	





		






	
		

	


	

	

		
	
		
		

	

			





			








	

	















	

	
			

















	

	


		
	
	












	



	


	






















	






	
	

	








	




	




		






	
		

	


	
	

		
	
		
		

	

			





			








	




	





	
	


	


	









		










	

		











	

	
	
















	




	





		






	

	
		



	



	

	


	

	

	
		






	
	


		
	

		
		

	

			





			




































	













	








	




	





		







	

	
	
	
	



			
			
	
	
		



	


	








	
	




	
	
	

			
			
	

		
		
		


	







	



	
	
	

			
			
	

		
		
		


	







	



			
		
	
	
	
	

			
			
		






			
		
	
	
	
	

			
			
		






			
		
	
	
	
	

			
			
		






			
		
	
	
	
	

			
			
		















	
	
	


	
	
	
	
	
	
	
	
	
	
	


	
	











	
	
	
	
	
	
	
	
	
	
	





	





	





	





	






	











	








	
	





	
				
	
		
	
	
		

	
		

	


	
	

		
	
		
		

	

			





			








	



	



		
		
		
		


	

	




		






	




	






		







	

	
[ 1401.239848][ T4501] netlink: 25 bytes leftover after parsing attributes in process `syz.1.11728'.
[ 1401.751282][ T4510] random: crng reseeded on system resumption
[ 1401.800715][ T4506] Invalid ELF header magic: != ELF
[ 1406.136999][ T4571] netlink: 326 bytes leftover after parsing attributes in process `syz.4.11744'.
[ 1406.198110][ T4571] veth1_macvtap: left promiscuous mode
[ 1406.407613][ T4576] netlink: 4 bytes leftover after parsing attributes in process `syz.1.11746'.
[ 1406.493791][ T4581] netlink: 354 bytes leftover after parsing attributes in process `syz.1.11746'.
[ 1408.246241][ T4601] sp0: Synchronizing with TNC
[ 1408.421951][ T4603] sp0: Synchronizing with TNC
[ 1409.061539][ T4596] Malformed UNC in devname
[ 1409.061539][ T4596] 
[ 1409.141725][ T4596] CIFS: VFS: Malformed UNC in devname
[ 1412.160942][ T4665] Invalid ELF header magic: != ELF
[ 1412.297283][ T4669] netlink: 28 bytes leftover after parsing attributes in process `syz.5.11771'.
[ 1412.312900][ T4669] bond0: entered promiscuous mode
[ 1412.328057][ T4669] bond_slave_1: entered promiscuous mode
[ 1412.508018][ T4673] sp0: Synchronizing with TNC
[ 1412.540789][ T4673] sp0: Found TNC
[ 1414.032959][ T4714] netlink: 25 bytes leftover after parsing attributes in process `syz.4.11786'.
[ 1415.095148][ T4735] bridge0: port 2(dummy0) entered blocking state
[ 1415.131924][ T4735] bridge0: port 2(dummy0) entered disabled state
[ 1415.171374][ T4735] dummy0: entered allmulticast mode
[ 1415.203201][ T4735] dummy0: entered promiscuous mode
[ 1415.770873][ T4751] size and base must be multiples of 4 kiB
[ 1415.809456][ T4751] CPU: 0 UID: 0 PID: 4751 Comm: syz.3.11796 Tainted: G     U    I         6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full) 
[ 1415.809486][ T4751] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1415.809493][ T4751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1415.809501][ T4751] Call Trace:
[ 1415.809507][ T4751]  <TASK>
[ 1415.809513][ T4751]  dump_stack_lvl+0x16c/0x1f0
[ 1415.809541][ T4751]  mtrr_add+0xdf/0x110
[ 1415.809559][ T4751]  mtrr_ioctl+0x7ef/0xcf0
[ 1415.809576][ T4751]  ? __pfx_mtrr_ioctl+0x10/0x10
[ 1415.809597][ T4751]  ? find_held_lock+0x2b/0x80
[ 1415.809616][ T4751]  ? __fget_files+0x20e/0x3c0
[ 1415.809635][ T4751]  ? __pfx_mtrr_ioctl+0x10/0x10
[ 1415.809651][ T4751]  proc_reg_unlocked_ioctl+0x226/0x320
[ 1415.809671][ T4751]  ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10
[ 1415.809692][ T4751]  __x64_sys_ioctl+0x18b/0x210
[ 1415.809710][ T4751]  do_syscall_64+0xcd/0x490
[ 1415.809724][ T4751]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1415.809739][ T4751] RIP: 0033:0x7f9b9218e929
[ 1415.809752][ T4751] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1415.809765][ T4751] RSP: 002b:00007f9b92fea038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1415.809780][ T4751] RAX: ffffffffffffffda RBX: 00007f9b923b6160 RCX: 00007f9b9218e929
[ 1415.809789][ T4751] RDX: 0000000000000003 RSI: 00000000400c4d01 RDI: 0000000000000003
[ 1415.809798][ T4751] RBP: 00007f9b92210b39 R08: 0000000000000000 R09: 0000000000000000
[ 1415.809807][ T4751] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1415.809815][ T4751] R13: 0000000000000000 R14: 00007f9b923b6160 R15: 00007ffe80d6d528
[ 1415.809836][ T4751]  </TASK>
[ 1419.523005][ T4798] netlink: 326 bytes leftover after parsing attributes in process `syz.4.11807'.
[ 1422.830973][ T4838] HfR: entered promiscuous mode
[ 1422.891792][ T4838] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied.
[ 1422.947436][ T4838] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11817'.
[ 1423.303125][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[ 1423.309558][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[ 1423.396915][ T4846] netlink: 'syz.5.11818': attribute type 1 has an invalid length.
[ 1424.507883][ T3781] Bluetooth: hci0: unexpected event 0x3d length: 726 > 14
[ 1424.521272][ T4862] kafs: addr_prefs: Invalid Command
[ 1426.360640][ T4893] random: crng reseeded on system resumption
[ 1428.319091][ T4913] netlink: 4724 bytes leftover after parsing attributes in process `syz.1.11835'.
[ 1431.078757][ T4969] input: jJǸ���;9�%v����l��Q�	J86�� as /devices/virtual/input/input36
[ 1431.217771][ T5193] ERROR: Out of memory at tomoyo_memory_ok.
[ 1435.327442][ T5015] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied.
[ 1435.433103][ T5013] HfR: entered promiscuous mode
[ 1435.461873][ T5018] netlink: 4 bytes leftover after parsing attributes in process `syz.4.11861'.
[ 1435.936391][ T5021] random: crng reseeded on system resumption
[ 1436.417443][ T5021] Unrecognized hibernate image header format!
[ 1436.431837][ T5021] PM: hibernation: Image mismatch: architecture specific data
[ 1438.181530][ T5038] kexec: Could not allocate control_code_buffer
[ 1438.635290][ T5060] random: crng reseeded on system resumption
[ 1439.092601][ T5065] Unrecognized hibernate image header format!
[ 1439.143117][ T5065] PM: hibernation: Image mismatch: architecture specific data
[ 1439.870892][ T5064] ovs_��: entered promiscuous mode
[ 1440.873350][ T5081] netlink: 28 bytes leftover after parsing attributes in process `syz.3.11881'.
[ 1442.131005][   T30] audit: type=1804 audit(4294967378.459:36): pid=5088 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.11883" name="/newroot/1214/file0" dev="tmpfs" ino=6357 res=1 errno=0
[ 1442.615300][ T5103] FAULT_INJECTION: forcing a failure.
[ 1442.615300][ T5103] name failslab, interval 1, probability 0, space 0, times 0
[ 1442.680725][ T5103] CPU: 0 UID: 0 PID: 5103 Comm: syz.3.11886 Tainted: G     U    I         6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full) 
[ 1442.680753][ T5103] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1442.680760][ T5103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1442.680769][ T5103] Call Trace:
[ 1442.680775][ T5103]  <TASK>
[ 1442.680782][ T5103]  dump_stack_lvl+0x16c/0x1f0
[ 1442.680808][ T5103]  should_fail_ex+0x512/0x640
[ 1442.680829][ T5103]  ? __kmalloc_noprof+0xbf/0x510
[ 1442.680850][ T5103]  ? xfrm_hash_alloc+0xd1/0x100
[ 1442.680869][ T5103]  should_failslab+0xc2/0x120
[ 1442.680884][ T5103]  __kmalloc_noprof+0xd2/0x510
[ 1442.680903][ T5103]  ? xfrm_nat_keepalive_net_init+0xa1/0x140
[ 1442.680921][ T5103]  xfrm_hash_alloc+0xd1/0x100
[ 1442.680940][ T5103]  xfrm_state_init+0x11e/0x630
[ 1442.680962][ T5103]  ? __pfx_xfrm_net_init+0x10/0x10
[ 1442.680989][ T5103]  xfrm_net_init+0x210/0xcc0
[ 1442.681014][ T5103]  ? __pfx_xfrm_net_init+0x10/0x10
[ 1442.681035][ T5103]  ops_init+0x1e2/0x5f0
[ 1442.681053][ T5103]  setup_net+0x1ff/0x510
[ 1442.681066][ T5103]  ? lockdep_init_map_type+0x5c/0x280
[ 1442.681085][ T5103]  ? __pfx_setup_net+0x10/0x10
[ 1442.681100][ T5103]  ? debug_mutex_init+0x37/0x70
[ 1442.681115][ T5103]  copy_net_ns+0x2a6/0x5f0
[ 1442.681132][ T5103]  create_new_namespaces+0x3ea/0xa90
[ 1442.681151][ T5103]  unshare_nsproxy_namespaces+0xc0/0x1f0
[ 1442.681168][ T5103]  ksys_unshare+0x45b/0xa40
[ 1442.681186][ T5103]  ? __pfx_ksys_unshare+0x10/0x10
[ 1442.681204][ T5103]  ? xfd_validate_state+0x61/0x180
[ 1442.681226][ T5103]  __x64_sys_unshare+0x31/0x40
[ 1442.681243][ T5103]  do_syscall_64+0xcd/0x490
[ 1442.681257][ T5103]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1442.681272][ T5103] RIP: 0033:0x7f9b9218e929
[ 1442.681285][ T5103] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1442.681298][ T5103] RSP: 002b:00007f9b9302c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1442.681312][ T5103] RAX: ffffffffffffffda RBX: 00007f9b923b5fa0 RCX: 00007f9b9218e929
[ 1442.681322][ T5103] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1442.681331][ T5103] RBP: 00007f9b92210b39 R08: 0000000000000000 R09: 0000000000000000
[ 1442.681340][ T5103] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1442.681348][ T5103] R13: 0000000000000000 R14: 00007f9b923b5fa0 R15: 00007ffe80d6d528
[ 1442.681367][ T5103]  </TASK>
[ 1445.313577][ T5138] FAULT_INJECTION: forcing a failure.
[ 1445.313577][ T5138] name failslab, interval 1, probability 0, space 0, times 0
[ 1445.393010][ T5138] CPU: 0 UID: 0 PID: 5138 Comm: syz.3.11896 Tainted: G     U    I         6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full) 
[ 1445.393040][ T5138] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1445.393046][ T5138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1445.393056][ T5138] Call Trace:
[ 1445.393061][ T5138]  <TASK>
[ 1445.393068][ T5138]  dump_stack_lvl+0x16c/0x1f0
[ 1445.393094][ T5138]  should_fail_ex+0x512/0x640
[ 1445.393115][ T5138]  ? __kmalloc_noprof+0xbf/0x510
[ 1445.393136][ T5138]  ? fib_default_rule_add+0x4f/0x420
[ 1445.393151][ T5138]  should_failslab+0xc2/0x120
[ 1445.393166][ T5138]  __kmalloc_noprof+0xd2/0x510
[ 1445.393189][ T5138]  fib_default_rule_add+0x4f/0x420
[ 1445.393206][ T5138]  fib4_rules_init+0xa6/0x1c0
[ 1445.393227][ T5138]  fib_net_init+0x1dc/0x3f0
[ 1445.393242][ T5138]  ? __pfx___register_sysctl_table+0x10/0x10
[ 1445.393265][ T5138]  ? __pfx_fib_net_init+0x10/0x10
[ 1445.393280][ T5138]  ? lockdep_init_map_type+0x5c/0x280
[ 1445.393300][ T5138]  ? do_init_timer+0xc9/0x110
[ 1445.393318][ T5138]  ? devinet_init_net+0x5c2/0x910
[ 1445.393337][ T5138]  ? __pfx_fib_net_init+0x10/0x10
[ 1445.393352][ T5138]  ops_init+0x1e2/0x5f0
[ 1445.393368][ T5138]  setup_net+0x1ff/0x510
[ 1445.393380][ T5138]  ? lockdep_init_map_type+0x5c/0x280
[ 1445.393398][ T5138]  ? __pfx_setup_net+0x10/0x10
[ 1445.393413][ T5138]  ? debug_mutex_init+0x37/0x70
[ 1445.393428][ T5138]  copy_net_ns+0x2a6/0x5f0
[ 1445.393448][ T5138]  create_new_namespaces+0x3ea/0xa90
[ 1445.393476][ T5138]  unshare_nsproxy_namespaces+0xc0/0x1f0
[ 1445.393493][ T5138]  ksys_unshare+0x45b/0xa40
[ 1445.393512][ T5138]  ? __pfx_ksys_unshare+0x10/0x10
[ 1445.393530][ T5138]  ? xfd_validate_state+0x61/0x180
[ 1445.393554][ T5138]  __x64_sys_unshare+0x31/0x40
[ 1445.393571][ T5138]  do_syscall_64+0xcd/0x490
[ 1445.393586][ T5138]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1445.393601][ T5138] RIP: 0033:0x7f9b9218e929
[ 1445.393613][ T5138] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1445.393627][ T5138] RSP: 002b:00007f9b9300b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1445.393641][ T5138] RAX: ffffffffffffffda RBX: 00007f9b923b6080 RCX: 00007f9b9218e929
[ 1445.393651][ T5138] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1445.393660][ T5138] RBP: 00007f9b92210b39 R08: 0000000000000000 R09: 0000000000000000
[ 1445.393669][ T5138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1445.393678][ T5138] R13: 0000000000000000 R14: 00007f9b923b6080 R15: 00007ffe80d6d528
[ 1445.393697][ T5138]  </TASK>
[ 1445.809539][ T5144] ERROR: Out of memory at tomoyo_memory_ok.
[ 1448.650603][ T5204] netlink: 28 bytes leftover after parsing attributes in process `syz.1.11911'.
[ 1449.460264][ T5225] random: crng reseeded on system resumption
[ 1456.357968][ T5318] netlink: 342 bytes leftover after parsing attributes in process `syz.1.11940'.
[ 1456.771412][ T5333] netlink: 4 bytes leftover after parsing attributes in process `syz.1.11942'.
[ 1457.121097][ T5340] netlink: 28 bytes leftover after parsing attributes in process `syz.1.11944'.
[ 1458.492586][ T5371] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input37
[ 1458.769761][ T5377] netlink: 4 bytes leftover after parsing attributes in process `syz.1.11949'.
[ 1458.898199][ T5380] netlink: 354 bytes leftover after parsing attributes in process `syz.1.11949'.
[ 1459.849679][ T5395] netlink: 4 bytes leftover after parsing attributes in process `syz.5.11953'.
[ 1460.350888][ T5406] netlink: 338 bytes leftover after parsing attributes in process `syz.1.11955'.
[ 1460.443334][   T30] audit: type=1800 audit(4294967396.775:37): pid=5410 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.11956" name="lu_gp_id" dev="configfs" ino=131696 res=0 errno=0
[ 1460.564595][ T5406] veth1_macvtap: entered promiscuous mode
[ 1460.587898][ T5399] could not allocate digest TFM handle 
[ 1460.609542][ T5406] macsec0: entered promiscuous mode
[ 1460.668794][ T5406] macsec0: entered allmulticast mode
[ 1460.712478][ T5406] veth1_macvtap: entered allmulticast mode
[ 1460.850994][ T5413] FAULT_INJECTION: forcing a failure.
[ 1460.850994][ T5413] name failslab, interval 1, probability 0, space 0, times 0
[ 1461.008974][ T5413] CPU: 0 UID: 2054 PID: 5413 Comm: syz.3.11958 Tainted: G     U    I         6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full) 
[ 1461.009004][ T5413] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1461.009011][ T5413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1461.009020][ T5413] Call Trace:
[ 1461.009026][ T5413]  <TASK>
[ 1461.009032][ T5413]  dump_stack_lvl+0x16c/0x1f0
[ 1461.009059][ T5413]  should_fail_ex+0x512/0x640
[ 1461.009079][ T5413]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1461.009102][ T5413]  should_failslab+0xc2/0x120
[ 1461.009116][ T5413]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1461.009136][ T5413]  ? mark_held_locks+0x49/0x80
[ 1461.009153][ T5413]  ? key_alloc+0x3e0/0x1330
[ 1461.009172][ T5413]  key_alloc+0x3e0/0x1330
[ 1461.009196][ T5413]  ? __pfx_key_alloc+0x10/0x10
[ 1461.009213][ T5413]  ? __pfx_key_default_cmp+0x10/0x10
[ 1461.009233][ T5413]  ? __pfx_keyring_search_iterator+0x10/0x10
[ 1461.009256][ T5413]  keyring_alloc+0x44/0xc0
[ 1461.009277][ T5413]  look_up_user_keyrings+0x510/0x760
[ 1461.009296][ T5413]  ? __pfx_look_up_user_keyrings+0x10/0x10
[ 1461.009319][ T5413]  lookup_user_key+0x1a3/0x1300
[ 1461.009338][ T5413]  ? __pfx_lookup_user_key+0x10/0x10
[ 1461.009352][ T5413]  ? do_futex+0x122/0x350
[ 1461.009373][ T5413]  ? __pfx_lookup_user_key_possessed+0x10/0x10
[ 1461.009394][ T5413]  ? fput+0x70/0xf0
[ 1461.009407][ T5413]  ? arch_syscall_is_vdso_sigreturn+0xb6/0x230
[ 1461.009427][ T5413]  keyctl_keyring_clear+0x24/0x1a0
[ 1461.009441][ T5413]  __do_sys_keyctl+0x355/0x590
[ 1461.009457][ T5413]  do_syscall_64+0xcd/0x490
[ 1461.009472][ T5413]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1461.009487][ T5413] RIP: 0033:0x7f9b9218e929
[ 1461.009499][ T5413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1461.009513][ T5413] RSP: 002b:00007f9b9302c038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[ 1461.009527][ T5413] RAX: ffffffffffffffda RBX: 00007f9b923b5fa0 RCX: 00007f9b9218e929
[ 1461.009537][ T5413] RDX: 0000000000000002 RSI: 00000000fffffffb RDI: 0000000000000007
[ 1461.009545][ T5413] RBP: 00007f9b92210b39 R08: 0000000000000008 R09: 0000000000000000
[ 1461.009553][ T5413] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000
[ 1461.009561][ T5413] R13: 0000000000000000 R14: 00007f9b923b5fa0 R15: 00007ffe80d6d528
[ 1461.009580][ T5413]  </TASK>
[ 1461.803846][ T5371] ovs_��: entered promiscuous mode
[ 1463.038766][ T5434] netlink: 20 bytes leftover after parsing attributes in process `syz.5.11965'.
[ 1463.304631][ T5437] futex_wake_op: syz.4.11971 tries to shift op by -9; fix this program
[ 1466.374197][ T5475] netlink: 28 bytes leftover after parsing attributes in process `syz.4.11982'.
[ 1466.771083][ T5488] FAULT_INJECTION: forcing a failure.
[ 1466.771083][ T5488] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1466.841193][ T5488] CPU: 0 UID: 0 PID: 5488 Comm: syz.4.11977 Tainted: G     U    I         6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full) 
[ 1466.841221][ T5488] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1466.841227][ T5488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1466.841236][ T5488] Call Trace:
[ 1466.841242][ T5488]  <TASK>
[ 1466.841248][ T5488]  dump_stack_lvl+0x16c/0x1f0
[ 1466.841275][ T5488]  should_fail_ex+0x512/0x640
[ 1466.841298][ T5488]  strncpy_from_user+0x3b/0x2e0
[ 1466.841319][ T5488]  __do_sys_memfd_create+0x1b2/0x8a0
[ 1466.841339][ T5488]  do_syscall_64+0xcd/0x490
[ 1466.841353][ T5488]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1466.841368][ T5488] RIP: 0033:0x7f74f118e929
[ 1466.841380][ T5488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1466.841393][ T5488] RSP: 002b:00007f74f1fd1038 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 1466.841407][ T5488] RAX: ffffffffffffffda RBX: 00007f74f13b5fa0 RCX: 00007f74f118e929
[ 1466.841420][ T5488] RDX: 0000000000000000 RSI: 000000000000000e RDI: 0000000000000000
[ 1466.841428][ T5488] RBP: 00007f74f1210b39 R08: 0000000000000000 R09: 0000000000000000
[ 1466.841438][ T5488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1466.841446][ T5488] R13: 0000000000000000 R14: 00007f74f13b5fa0 R15: 00007fff0e85fd08
[ 1466.841465][ T5488]  </TASK>
[ 1467.400472][ T5496] Console: switching to colour VGA+ 80x25
[ 1469.382176][ T3781] ==================================================================
[ 1469.390403][ T3781] BUG: KASAN: slab-out-of-bounds in enqueue_timer+0x515/0x540
[ 1469.397949][ T3781] Write of size 8 at addr ffff8880343592e0 by task kworker/u9:0/3781
[ 1469.406010][ T3781] 
[ 1469.408352][ T3781] CPU: 0 UID: 0 PID: 3781 Comm: kworker/u9:0 Tainted: G     U    I         6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full) 
[ 1469.408376][ T3781] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1469.408382][ T3781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1469.408393][ T3781] Workqueue: hci0 hci_devcd_rx
[ 1469.408415][ T3781] Call Trace:
[ 1469.408423][ T3781]  <TASK>
[ 1469.408430][ T3781]  dump_stack_lvl+0x116/0x1f0
[ 1469.408453][ T3781]  print_report+0xcd/0x680
[ 1469.408474][ T3781]  ? __virt_addr_valid+0x81/0x610
[ 1469.408489][ T3781]  ? __phys_addr+0xe8/0x180
[ 1469.408503][ T3781]  ? enqueue_timer+0x515/0x540
[ 1469.408518][ T3781]  kasan_report+0xe0/0x110
[ 1469.408531][ T3781]  ? enqueue_timer+0x515/0x540
[ 1469.408548][ T3781]  enqueue_timer+0x515/0x540
[ 1469.408564][ T3781]  __mod_timer+0x8ce/0xd30
[ 1469.408582][ T3781]  ? __pfx___mod_timer+0x10/0x10
[ 1469.408600][ T3781]  ? scnprintf+0xf6/0x150
[ 1469.408619][ T3781]  ? clear_pending_if_disabled+0xa8/0x210
[ 1469.408636][ T3781]  add_timer_global+0x8a/0xc0
[ 1469.408653][ T3781]  __queue_delayed_work+0x33a/0x460
[ 1469.408675][ T3781]  queue_delayed_work_on+0x1b5/0x200
[ 1469.408697][ T3781]  hci_devcd_rx+0x1202/0x1780
[ 1469.408717][ T3781]  ? __pfx_hci_devcd_rx+0x10/0x10
[ 1469.408735][ T3781]  ? finish_task_switch.isra.0+0x221/0xc10
[ 1469.408753][ T3781]  ? rcu_is_watching+0x12/0xc0
[ 1469.408768][ T3781]  process_one_work+0x9cc/0x1b70
[ 1469.408791][ T3781]  ? __pfx_process_one_work+0x10/0x10
[ 1469.408812][ T3781]  ? assign_work+0x1a0/0x250
[ 1469.408830][ T3781]  worker_thread+0x6c8/0xf10
[ 1469.408852][ T3781]  ? __kthread_parkme+0x19e/0x250
[ 1469.408867][ T3781]  ? __pfx_worker_thread+0x10/0x10
[ 1469.408887][ T3781]  kthread+0x3c5/0x780
[ 1469.408904][ T3781]  ? __pfx_kthread+0x10/0x10
[ 1469.408926][ T3781]  ? rcu_is_watching+0x12/0xc0
[ 1469.408939][ T3781]  ? __pfx_kthread+0x10/0x10
[ 1469.408957][ T3781]  ret_from_fork+0x5d7/0x6f0
[ 1469.408975][ T3781]  ? __pfx_kthread+0x10/0x10
[ 1469.408992][ T3781]  ret_from_fork_asm+0x1a/0x30
[ 1469.409010][ T3781]  </TASK>
[ 1469.409016][ T3781] 
[ 1469.611266][ T3781] Allocated by task 13:
[ 1469.615412][ T3781]  kasan_save_stack+0x33/0x60
[ 1469.620093][ T3781]  kasan_save_track+0x14/0x30
[ 1469.624875][ T3781]  __kasan_kmalloc+0xaa/0xb0
[ 1469.629642][ T3781]  __kmalloc_node_track_caller_noprof+0x221/0x510
[ 1469.636094][ T3781]  kmalloc_reserve+0xef/0x2c0
[ 1469.640853][ T3781]  __alloc_skb+0x166/0x380
[ 1469.645302][ T3781]  nsim_dev_trap_report_work+0x2b1/0xcf0
[ 1469.650930][ T3781]  process_one_work+0x9cc/0x1b70
[ 1469.655874][ T3781]  worker_thread+0x6c8/0xf10
[ 1469.660483][ T3781]  kthread+0x3c5/0x780
[ 1469.664566][ T3781]  ret_from_fork+0x5d7/0x6f0
[ 1469.669244][ T3781]  ret_from_fork_asm+0x1a/0x30
[ 1469.674109][ T3781] 
[ 1469.676429][ T3781] Freed by task 13:
[ 1469.680362][ T3781]  kasan_save_stack+0x33/0x60
[ 1469.685036][ T3781]  kasan_save_track+0x14/0x30
[ 1469.689967][ T3781]  kasan_save_free_info+0x3b/0x60
[ 1469.695014][ T3781]  __kasan_slab_free+0x51/0x70
[ 1469.699800][ T3781]  kfree+0x2b4/0x4d0
[ 1469.703700][ T3781]  skb_free_head+0x114/0x210
[ 1469.708291][ T3781]  skb_release_data+0x776/0x9c0
[ 1469.713136][ T3781]  consume_skb+0xbf/0x100
[ 1469.717451][ T3781]  nsim_dev_trap_report_work+0x8bd/0xcf0
[ 1469.723073][ T3781]  process_one_work+0x9cc/0x1b70
[ 1469.728019][ T3781]  worker_thread+0x6c8/0xf10
[ 1469.732602][ T3781]  kthread+0x3c5/0x780
[ 1469.736665][ T3781]  ret_from_fork+0x5d7/0x6f0
[ 1469.741266][ T3781]  ret_from_fork_asm+0x1a/0x30
[ 1469.746036][ T3781] 
[ 1469.748350][ T3781] The buggy address belongs to the object at ffff888034358000
[ 1469.748350][ T3781]  which belongs to the cache kmalloc-4k of size 4096
[ 1469.762480][ T3781] The buggy address is located 736 bytes to the right of
[ 1469.762480][ T3781]  allocated 4096-byte region [ffff888034358000, ffff888034359000)
[ 1469.777520][ T3781] 
[ 1469.779916][ T3781] The buggy address belongs to the physical page:
[ 1469.786324][ T3781] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x34358
[ 1469.795071][ T3781] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1469.803552][ T3781] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 1469.811087][ T3781] page_type: f5(slab)
[ 1469.815145][ T3781] raw: 00fff00000000040 ffff88801b842140 dead000000000122 0000000000000000
[ 1469.823728][ T3781] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[ 1469.832398][ T3781] head: 00fff00000000040 ffff88801b842140 dead000000000122 0000000000000000
[ 1469.841288][ T3781] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[ 1469.850050][ T3781] head: 00fff00000000003 ffffea0000d0d601 00000000ffffffff 00000000ffffffff
[ 1469.858799][ T3781] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[ 1469.867541][ T3781] page dumped because: kasan: bad access detected
[ 1469.873953][ T3781] page_owner tracks the page as allocated
[ 1469.879787][ T3781] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 13, tgid 13 (kworker/u8:1), ts 1469294891901, free_ts 1469154874477
[ 1469.901398][ T3781]  post_alloc_hook+0x1c0/0x230
[ 1469.906370][ T3781]  get_page_from_freelist+0x1321/0x3890
[ 1469.912156][ T3781]  __alloc_frozen_pages_noprof+0x261/0x23f0
[ 1469.918067][ T3781]  alloc_pages_mpol+0x1fb/0x550
[ 1469.923085][ T3781]  new_slab+0x23b/0x330
[ 1469.927323][ T3781]  ___slab_alloc+0xd9c/0x1940
[ 1469.932087][ T3781]  __slab_alloc.constprop.0+0x56/0xb0
[ 1469.937715][ T3781]  __kmalloc_node_track_caller_noprof+0x2ee/0x510
[ 1469.944123][ T3781]  kmalloc_reserve+0xef/0x2c0
[ 1469.948811][ T3781]  __alloc_skb+0x166/0x380
[ 1469.953311][ T3781]  nsim_dev_trap_report_work+0x2b1/0xcf0
[ 1469.958936][ T3781]  process_one_work+0x9cc/0x1b70
[ 1469.963970][ T3781]  worker_thread+0x6c8/0xf10
[ 1469.968575][ T3781]  kthread+0x3c5/0x780
[ 1469.972737][ T3781]  ret_from_fork+0x5d7/0x6f0
[ 1469.977433][ T3781]  ret_from_fork_asm+0x1a/0x30
[ 1469.982304][ T3781] page last free pid 5828 tgid 5828 stack trace:
[ 1469.988631][ T3781]  __free_frozen_pages+0x7fe/0x1180
[ 1469.993876][ T3781]  __folio_put+0x329/0x450
[ 1469.998332][ T3781]  skb_release_data+0x7fb/0x9c0
[ 1470.003199][ T3781]  __kfree_skb+0x4f/0x70
[ 1470.007543][ T3781]  tcp_ack+0x19b2/0x5c90
[ 1470.011779][ T3781]  tcp_rcv_established+0xda1/0x22e0
[ 1470.017325][ T3781]  tcp_v4_do_rcv+0x5ca/0xa90
[ 1470.022084][ T3781]  __release_sock+0x31b/0x400
[ 1470.027047][ T3781]  release_sock+0x5a/0x220
[ 1470.031494][ T3781]  tcp_sendmsg+0x38/0x50
[ 1470.035745][ T3781]  inet_sendmsg+0xb9/0x140
[ 1470.040163][ T3781]  sock_write_iter+0x4aa/0x5b0
[ 1470.044928][ T3781]  vfs_write+0x6c7/0x1150
[ 1470.049294][ T3781]  ksys_write+0x1f8/0x250
[ 1470.053621][ T3781]  do_syscall_64+0xcd/0x490
[ 1470.058118][ T3781]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1470.064665][ T3781] 
[ 1470.067066][ T3781] Memory state around the buggy address:
[ 1470.073121][ T3781]  ffff888034359180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1470.081376][ T3781]  ffff888034359200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1470.089511][ T3781] >ffff888034359280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1470.097834][ T3781]                                                        ^
[ 1470.105829][ T3781]  ffff888034359300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1470.114319][ T3781]  ffff888034359380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1470.122473][ T3781] ==================================================================
[ 1470.130764][ T3781] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1470.138215][ T3781] CPU: 0 UID: 0 PID: 3781 Comm: kworker/u9:0 Tainted: G     U    I         6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full) 
[ 1470.151923][ T3781] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[ 1470.157887][ T3781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1470.168255][ T3781] Workqueue: hci0 hci_devcd_rx
[ 1470.173126][ T3781] Call Trace:
[ 1470.176411][ T3781]  <TASK>
[ 1470.179441][ T3781]  dump_stack_lvl+0x3d/0x1f0
[ 1470.184076][ T3781]  panic+0x71c/0x800
[ 1470.188158][ T3781]  ? __pfx_panic+0x10/0x10
[ 1470.192608][ T3781]  ? __pfx__printk+0x10/0x10
[ 1470.197391][ T3781]  ? end_report+0x4c/0x170
[ 1470.201927][ T3781]  ? check_panic_on_warn+0x1f/0xb0
[ 1470.207302][ T3781]  ? enqueue_timer+0x515/0x540
[ 1470.212065][ T3781]  check_panic_on_warn+0xab/0xb0
[ 1470.217001][ T3781]  end_report+0x107/0x170
[ 1470.221417][ T3781]  kasan_report+0xee/0x110
[ 1470.225908][ T3781]  ? enqueue_timer+0x515/0x540
[ 1470.230757][ T3781]  enqueue_timer+0x515/0x540
[ 1470.235440][ T3781]  __mod_timer+0x8ce/0xd30
[ 1470.239964][ T3781]  ? __pfx___mod_timer+0x10/0x10
[ 1470.244992][ T3781]  ? scnprintf+0xf6/0x150
[ 1470.249319][ T3781]  ? clear_pending_if_disabled+0xa8/0x210
[ 1470.255221][ T3781]  add_timer_global+0x8a/0xc0
[ 1470.260119][ T3781]  __queue_delayed_work+0x33a/0x460
[ 1470.265866][ T3781]  queue_delayed_work_on+0x1b5/0x200
[ 1470.271422][ T3781]  hci_devcd_rx+0x1202/0x1780
[ 1470.276320][ T3781]  ? __pfx_hci_devcd_rx+0x10/0x10
[ 1470.281435][ T3781]  ? finish_task_switch.isra.0+0x221/0xc10
[ 1470.287437][ T3781]  ? rcu_is_watching+0x12/0xc0
[ 1470.292301][ T3781]  process_one_work+0x9cc/0x1b70
[ 1470.297240][ T3781]  ? __pfx_process_one_work+0x10/0x10
[ 1470.302610][ T3781]  ? assign_work+0x1a0/0x250
[ 1470.307192][ T3781]  worker_thread+0x6c8/0xf10
[ 1470.312061][ T3781]  ? __kthread_parkme+0x19e/0x250
[ 1470.317174][ T3781]  ? __pfx_worker_thread+0x10/0x10
[ 1470.322297][ T3781]  kthread+0x3c5/0x780
[ 1470.326474][ T3781]  ? __pfx_kthread+0x10/0x10
[ 1470.331066][ T3781]  ? rcu_is_watching+0x12/0xc0
[ 1470.335843][ T3781]  ? __pfx_kthread+0x10/0x10
[ 1470.340430][ T3781]  ret_from_fork+0x5d7/0x6f0
[ 1470.345104][ T3781]  ? __pfx_kthread+0x10/0x10
[ 1470.349691][ T3781]  ret_from_fork_asm+0x1a/0x30
[ 1470.354554][ T3781]  </TASK>
[ 1470.357639][ T3781] Kernel Offset: disabled
[ 1470.362303][ T3781] Rebooting in 86400 seconds..