last executing test programs:

6m31.91367998s ago: executing program 2 (id=1210):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/nfc/nfc0/rfkill0/soft\x00', 0xa001, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/fuse/parameters/allow_sys_admin_access\x00', 0xb02, 0x0)
sendfile$auto(r0, r1, 0x0, 0x6)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000040)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0)
close_range$auto(0x2, 0x8, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = socket(0x2, 0x3, 0x6)
lsm_list_modules$auto(0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x401c5820, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000002c0)={'veth1_vlan\x00', <r5=>0x0})
sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="e5b724bd7000fcdbd4251900000020000180140002006d616376746170300000ddffff4e2627748f1a60", @ANYRES32=r5, @ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x4010}, 0x4048800)
mkdir$auto(0x0, 0x353)
socketpair$auto(0x4004, 0x5, 0xfffffffc, 0x0)
open(0x0, 0x22040, 0x75)
socket(0x1a, 0x3, 0x8)
timer_create$auto_CLOCK_REALTIME(0x0, &(0x7f0000000140)={@sival_ptr=&(0x7f0000000040)="d4b4937bb340729862a605c42d36f6633fd280019434453882f1013bf12e112675d447", @raw=0x8000, 0x2}, &(0x7f0000000180))
connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x14}, 0x3}, 0x55)
mmap$auto(0x0, 0x2, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x8, 0x0)
r6 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtd0ro\x00', 0x0, 0x0)
ioctl$auto_BLKPG2(r6, 0x1269, 0x0)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x20004044}, 0x20008810)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x4, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

6m31.181438929s ago: executing program 2 (id=1214):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20b42, 0x0)
ioctl$auto_SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000040))
mmap$auto(0x0, 0x80003, 0xffd, 0x8000000008012, 0x3, 0x0)
connect$auto(0x4, 0x0, 0x10)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
close_range$auto(0x2, 0x8, 0x0)

6m15.780181052s ago: executing program 32 (id=1214):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20b42, 0x0)
ioctl$auto_SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000040))
mmap$auto(0x0, 0x80003, 0xffd, 0x8000000008012, 0x3, 0x0)
connect$auto(0x4, 0x0, 0x10)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
close_range$auto(0x2, 0x8, 0x0)

4m12.484304189s ago: executing program 1 (id=1707):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async, rerun: 32)
socket(0x10, 0x2, 0x0) (async, rerun: 32)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [@NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0x6}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x2e}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x1) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)
read$auto(r0, 0x0, 0x1f42)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f00000000c0)={0x0, 0x7}, 0x3) (async)
bpf$auto_BPF_LINK_CREATE(0x1c, 0x0, 0x6) (async)
r2 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
fcntl$auto(r2, 0x400, 0x1) (async)
ioctl$auto_SG_SET_COMMAND_Q(r2, 0x2271, &(0x7f0000000140)="aa5a1ccf7cd9870dc5ae17bd99c3fe0399b9d06538e2dabfaac3ad937f3e3b02cc2861745e0ce787943b2b9b169aa6b991cdd83e859e2e0440a09edbdf7f7aa782e92c9dd87d8cb23c2d06bde582ddff8da21b257b4f82aeec568e9a31175e69c223")
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8740, 0x0)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x10, 0x70bd2c, 0x25dfdbfd, {0xa, 0x0, 0xa00}}, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (async)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x5, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

4m12.009428325s ago: executing program 1 (id=1709):
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket(0x2a, 0x2, 0x1)
connect$auto(r0, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x1, 0xfffffffe}, 0x55)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
readv$auto(0x3, 0x0, 0x1)
r1 = socket(0x10, 0x2, 0x0)
socket(0xa, 0x80000, 0x8007d)
socket(0xa, 0x801, 0x106)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x0, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$auto(0x3, 0x4048aec9, r2)
socket(0x2, 0x2, 0x1)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x48041, 0x0)
write$auto(r4, 0x0, 0x6)
openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000001c0), 0x100, 0x0)
write$auto(r1, &(0x7f00000000c0)='\x04>\x00\x02\x18\x00\x00\xd3b\x01\xbd\x9b@\xb0\x00\x00\x00\x84\xa2\\\x15\xc4>\xa9\x82,\xf9y\xc7p\xf1w\xbe\xde\xe8\xc3\x01#\xcc\tF\xb6\x95\xeeH\xf8}v\xb3\xcb(\xa90Abe\xc3\x8c\xcc\xe7\xb8\x00F\x89#\xb4\xf0F\xa1\xd5\x1e\x8f\t\x9dZ~\xea\xa3\x93\xc2\x04\xe1;b\x99\x85\x00\x00\x00\xe2E\x00\x00-a\xb6n\xbc\xb4=\xf8\xce\x01\x1f]\x85|\xce\xd7\xff\xff\xd3lb\xc5\xee\xdb\xcb\xbb\xd8\x00\x80\x00\x00\xe9e\xe5\x80\x1c\x02\"\xa7&8U\xfd\xdc\x15\xae\xfa5\xb8}\x0e\xb4:\x91\xbb5\xd3{\xb2\xd0\xc0\x93=\xf8E\xceO\x1e\xd5\x8f\xdf\xaa\x1c\xfd\xb0h\xd8\xbc\xecA\xa6\xde\xd1=\xfd)d\x8f\vk\x1c+\xf7, \xf8]\xb3\xe9B\x02\f\'\xcf0\x06', 0x1ff)
r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/icmp\x00', 0xc0880, 0x0)
pread64$auto(r5, 0x0, 0x1ffffffffffe, 0xd59f)

4m11.347071404s ago: executing program 1 (id=1712):
syz_clone3(&(0x7f0000001240)={0x2000000, &(0x7f00000012c0)=<r0=>0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100), {0x27}, &(0x7f0000000140)=""/173, 0xad, &(0x7f0000000200)=""/4096, &(0x7f0000001200)=[0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x58)
sendmsg$auto_TIPC_NL_MON_SET(0xffffffffffffffff, &(0x7f0000002c00)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x80)
readv$auto(0xca, &(0x7f0000000040)={&(0x7f0000000000), 0x9}, 0x10)
move_pages$auto(0x1, 0x80000000000003fb, 0x0, 0x0, 0x0, 0x4)
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000)
ioctl$auto_UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f0000000400)={{0xc, 0x23, 0xa6, 0x83}, "66ac010005000000000068d590eb0d4a4cada7272464294b9183349eef4c1f028fdcc8ecc66fdd02316f064ebd893007abb4c0bbc3b822f66eb624ad63110d61771552c03de65800", 0x2})
ioctl$auto_UI_DEV_CREATE(0xffffffffffffffff, 0x5501, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0xa, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000001c0), r1)
sendmsg$auto_CTRL_CMD_GETPOLICY(r1, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB=' 7m<', @ANYRES32=r1, @ANYBLOB="010325bd7040ffdbdf250a0000000c0002006e6c383032313100"], 0x20}, 0x1, 0x0, 0x0, 0x30000881}, 0xc048810)
mprotect$auto(0x200000000000, 0x806121, 0x8)
close_range$auto(0x2, 0x8000, 0x0)
mmap$auto(0xfffffffffffffffe, 0x2020009, 0x6, 0xeb1, 0xfffffffffffffffa, 0x8000)
r2 = io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x1b, &(0x7f0000000000), 0x1)
socket(0x2, 0x3, 0x1)
mmap$auto(0x100000001, 0x420009, 0xdf, 0xeb1, r2, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/ksm/advisor_min_pages_to_scan\x00', 0x88282, 0x0)
read$auto(0x4, 0x0, 0xfdef)
syncfs$auto(r0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x400, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r3 = socket(0xa, 0x2, 0x0)
setsockopt$auto_SO_WIFI_STATUS(r3, 0x0, 0x29, 0x0, 0xbff)
mmap$auto(0x5, 0xe38, 0xbd53, 0x17, r3, 0x7)
socket(0x10, 0x2, 0x14)

4m10.913023146s ago: executing program 1 (id=1716):
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
ioctl$auto_BLKTRACESETUP32(0xffffffffffffffff, 0xc0401273, &(0x7f00000001c0)={"cbcf73105beaa3d62e0bd2b2367a95fa3f12731e6184c5cc7af5c7125d2f58da", 0xd, 0xe, 0x9, 0x4, 0xe9600000000000, <r0=>0x0})
prctl$auto(0x1000000003b, 0x800001, r0, 0x4e, 0x5)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
process_madvise$auto_PIDFD_SELF_THREAD_GROUP(0xffffffffffffb1e0, &(0x7f00000002c0)={0x0, 0x5}, 0xfffffffffffffff8, 0xd3, 0x9b8)
r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/020/001\x00', 0x400, 0x0)
ioctl$auto(r1, 0x80045503, 0xffffffffffffffff)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00082dbd7000fedbdf250300000008000400b70a000006000700008000000800", @ANYRES32, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100aaaaaaaaaa35000008000200", @ANYRES16, @ANYBLOB="06000600050000000800"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40)
socket(0x10, 0x2, 0x0)
sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[], 0x44}, 0x1, 0x0, 0x0, 0x10000000}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000)
ioctl$auto_XFS_IOC_GETBMAP(0xffffffffffffffff, 0xc0205826, &(0x7f0000000000)={0x101, 0xfffffffffffffff8, 0xffff, 0x2, 0x8ba})
mmap$auto(0x0, 0x8, 0x80000000000000df, 0x10004000eb1, 0x8, 0x8000008000)
close_range$auto(0x2, 0x8, 0x0)
sysfs$auto(0x2, 0x100000000000027, 0x0)
fsopen$auto(0x0, 0x1)
socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
modify_ldt$auto(0x1, 0x0, 0xffffffffffffffff)
modify_ldt$auto(0x1, 0x0, 0x10)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x8, 0x1, 0x8, 0xd, 0xe13, 0x81, 0xe, 0x2000000000000002, 0x0, 0x9, 0x8, 0x2, 0x80000001, 0x8627, 0x9, 0x20000800001, 0x3, 0x5, 0x7, 0x6, 0x6, 0x2, 0xffffffee, 0x2a17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x18, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x80000000, 0x0, 0x4, 0x0, 0x0, 0x27, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffffffffffe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2]}, 0x9, 0x0)

4m8.407514087s ago: executing program 1 (id=1723):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x6)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xe}, 0x800009}, 0x5, 0x20000000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_hcd.0/usb1/1-0:1.0/usb1-port1/quirks\x00', 0x103a42, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/module/psmouse/parameters/proto\x00', 0x20a42, 0x0)
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000580), 0x2802, 0x0)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, 0x0, 0x4, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x40)
openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/apparmor/prev\x00', 0x1, 0x0)
socketpair$auto(0x1e, 0x3, 0xffffff00, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x3}, 0x7}, 0x3, 0xcad7)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0x2, 0x8000)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
mmap$auto(0x0, 0x402000a, 0xffffffffffffffff, 0x400eb1, 0x401, 0x8000)
io_uring_setup$auto(0xa, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x2, 0x1, 0x84)
setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8)
setsockopt$auto(0x3, 0x10000000084, 0x18, 0x0, 0x8)
write$auto(0x3, 0x0, 0x100085)
close_range$auto(0x2, 0xa, 0x0)

4m7.456875781s ago: executing program 1 (id=1728):
keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8)
arch_prctl$auto_ARCH_GET_FS(0x1003, 0x7fffffffffffffff)
mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000)
arch_prctl$auto_ARCH_GET_FS(0x1003, 0x8)
r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000140), 0xffffffffffffffff)
r3 = socket(0x28, 0x805, 0x0)
bind$auto(r3, &(0x7f0000000080)=@in={0x28, 0x0, @rand_addr=0xffffffff}, 0x68)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/fs/cifs/mount_params\x00', 0x8000, 0x0)
pread64$auto(r4, 0x0, 0x8, 0x7fff)
fsconfig$auto_FSCONFIG_SET_BINARY(r3, 0x2, &(0x7f0000000040)='\x00', &(0x7f0000000280)="9dac035afc4a547c2da0a39645b4066fd30ae4b8c00e6967fd39f7e068da3d0f805600040e7ee3e88365322a4f5a1d4a025d041b963cfc3a26be25c592f2c62396ce7533715d8f356a54096c4a99ce7821fe599cd30ed45426c0f5afc08e059263fbdd7e58ffa8489678cd0ef712e44398cae4d5657a30637823fc9e2dbd22a647625845c8f9907d4f257e2478654611ac738d722d480a889d1f7146a73a0245d17355ce2bb25b032a39f36ed98a9857750bc78e9007541fb4c0e9981faec500ef287883d260cb2977eb", 0x6)
sendmsg$auto_OVS_FLOW_CMD_DEL(r1, &(0x7f0000000240)={0x0, 0xfffffffffffffd7c, &(0x7f0000000200)={&(0x7f0000000180)={0x24, r2, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@OVS_FLOW_ATTR_KEY={0x4}, @OVS_FLOW_ATTR_KEY={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x105, 0x0, 0x0, @fd=r1}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x800)
ioctl$auto_BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/advisor_max_cpu\x00', 0xa001, 0x0)
write$auto(r6, &(0x7f00000012c0)='0\x00\x00\x00\x00\xa8[\xa49\x02S\xba\xfc\x05<\xf1\xf9\x03\x8df\x0ec\xa05\x11<p\xca\x9b\xb6\xcc\t&b\x83F\xf4&\xf3\\\xa6\x8b\xbf4\x95\x14V\x15,f\x0eb\\\x06\xa5\xdf\xa1s\x7f\xfb>\xe5\xcf)\x8d\xffVE+\xad\xc3Z\xc2\x9f\xf3k9\xb3_\t\x05\xc1\xcd/1\x10\xd0|\xcd\x91\t\xe0\xcc\xd9\xfa\xeb\xd9\xfd\xd7Y\xfas\xb0E\xa6\xe3\xf9\xd6\a\xe6y\xab~f\xaf\b0\xe9%\xc9E\xda4tN\xf9\x94\xdd\xe4\x94\xc7\xd2\v\xaf\x15^V\'\x06\xc7\xb1\xe7\xfe s$\x1c\r*|%F\xc3\xf1\x9e\x1aA\xd3<\x81\xde\x95\x01b\xdc\xb6\xe6\xaa\x01\n%\x90\xa7\xbd\x91\xbc\x05dZ?\x18\xcfl\x044@\xc6\xac\xc6L(\x0e*\x19\\\x97Y+\x1b]&\xd2+W.\x10\vB\xa9\x93{&\xe1\x98\xde\xdd\xbf\xf3\x10.\xc7\xd1T\x9c\xcc\xaals\xb3\xda\xec>\xeb[\xd2\x8a\x06\a{\x91H\xfa,OVBZ\xa2 \xe2w\xc8\xac!Q6D\xfe\xb4\xa5@\x1dv\xa8\xb1\xd4\x0f\x9a{\x8f\xfd\x9e\x89`\xbb', 0xcd84)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
read$auto_stats_fops_2(r4, &(0x7f0000001400)=""/4096, 0x1000)
syz_clone(0x823e0411, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000080)=ANY=[@ANYBLOB="04010000", @ANYRES16=r7, @ANYBLOB="01002cbd7000fddbdf2502000000e50004006e6673819bb6241016fb3ab3155990f9c0c0882e21731fe91d272648766eb188bf153ca665bca1fabe47092a5f6b575f6d1b3a2cc6a6fdbacd00000001bfd3663221c4054541ac0483f199a035fbf3f43f289c8b9ddc56c500096dde7ac9db6eb1090ae78c64cad8390d1a40e15fb15ff8f3b15dadafd9d0a83ad43c8dbc0d675b1d98b272ac83f873af68408ca7cdb32b517922e88a682cca7cd9b33f4861dba3460a475526371519eb9b9e55ab86109daf3eda2852cbe6f78cf8b1dfe474e69f81b3bbc3bf8ed95643a703724a2ef64c9462c503ea847592c0cd16fb3c03000000000008000100"], 0x104}}, 0x4000)
r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/tty/ttydc/dev\x00', 0x80a01, 0x0)
write$auto(r8, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
r9 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/driver/rtc\x00', 0x88000, 0x0)
pread64$auto(r9, 0x0, 0x20, 0x0)
write$auto(r0, 0x0, 0x45c)

3m52.334999125s ago: executing program 33 (id=1728):
keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8)
arch_prctl$auto_ARCH_GET_FS(0x1003, 0x7fffffffffffffff)
mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000)
arch_prctl$auto_ARCH_GET_FS(0x1003, 0x8)
r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000140), 0xffffffffffffffff)
r3 = socket(0x28, 0x805, 0x0)
bind$auto(r3, &(0x7f0000000080)=@in={0x28, 0x0, @rand_addr=0xffffffff}, 0x68)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/fs/cifs/mount_params\x00', 0x8000, 0x0)
pread64$auto(r4, 0x0, 0x8, 0x7fff)
fsconfig$auto_FSCONFIG_SET_BINARY(r3, 0x2, &(0x7f0000000040)='\x00', &(0x7f0000000280)="9dac035afc4a547c2da0a39645b4066fd30ae4b8c00e6967fd39f7e068da3d0f805600040e7ee3e88365322a4f5a1d4a025d041b963cfc3a26be25c592f2c62396ce7533715d8f356a54096c4a99ce7821fe599cd30ed45426c0f5afc08e059263fbdd7e58ffa8489678cd0ef712e44398cae4d5657a30637823fc9e2dbd22a647625845c8f9907d4f257e2478654611ac738d722d480a889d1f7146a73a0245d17355ce2bb25b032a39f36ed98a9857750bc78e9007541fb4c0e9981faec500ef287883d260cb2977eb", 0x6)
sendmsg$auto_OVS_FLOW_CMD_DEL(r1, &(0x7f0000000240)={0x0, 0xfffffffffffffd7c, &(0x7f0000000200)={&(0x7f0000000180)={0x24, r2, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@OVS_FLOW_ATTR_KEY={0x4}, @OVS_FLOW_ATTR_KEY={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x105, 0x0, 0x0, @fd=r1}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x800)
ioctl$auto_BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/advisor_max_cpu\x00', 0xa001, 0x0)
write$auto(r6, &(0x7f00000012c0)='0\x00\x00\x00\x00\xa8[\xa49\x02S\xba\xfc\x05<\xf1\xf9\x03\x8df\x0ec\xa05\x11<p\xca\x9b\xb6\xcc\t&b\x83F\xf4&\xf3\\\xa6\x8b\xbf4\x95\x14V\x15,f\x0eb\\\x06\xa5\xdf\xa1s\x7f\xfb>\xe5\xcf)\x8d\xffVE+\xad\xc3Z\xc2\x9f\xf3k9\xb3_\t\x05\xc1\xcd/1\x10\xd0|\xcd\x91\t\xe0\xcc\xd9\xfa\xeb\xd9\xfd\xd7Y\xfas\xb0E\xa6\xe3\xf9\xd6\a\xe6y\xab~f\xaf\b0\xe9%\xc9E\xda4tN\xf9\x94\xdd\xe4\x94\xc7\xd2\v\xaf\x15^V\'\x06\xc7\xb1\xe7\xfe s$\x1c\r*|%F\xc3\xf1\x9e\x1aA\xd3<\x81\xde\x95\x01b\xdc\xb6\xe6\xaa\x01\n%\x90\xa7\xbd\x91\xbc\x05dZ?\x18\xcfl\x044@\xc6\xac\xc6L(\x0e*\x19\\\x97Y+\x1b]&\xd2+W.\x10\vB\xa9\x93{&\xe1\x98\xde\xdd\xbf\xf3\x10.\xc7\xd1T\x9c\xcc\xaals\xb3\xda\xec>\xeb[\xd2\x8a\x06\a{\x91H\xfa,OVBZ\xa2 \xe2w\xc8\xac!Q6D\xfe\xb4\xa5@\x1dv\xa8\xb1\xd4\x0f\x9a{\x8f\xfd\x9e\x89`\xbb', 0xcd84)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
read$auto_stats_fops_2(r4, &(0x7f0000001400)=""/4096, 0x1000)
syz_clone(0x823e0411, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000080)=ANY=[@ANYBLOB="04010000", @ANYRES16=r7, @ANYBLOB="01002cbd7000fddbdf2502000000e50004006e6673819bb6241016fb3ab3155990f9c0c0882e21731fe91d272648766eb188bf153ca665bca1fabe47092a5f6b575f6d1b3a2cc6a6fdbacd00000001bfd3663221c4054541ac0483f199a035fbf3f43f289c8b9ddc56c500096dde7ac9db6eb1090ae78c64cad8390d1a40e15fb15ff8f3b15dadafd9d0a83ad43c8dbc0d675b1d98b272ac83f873af68408ca7cdb32b517922e88a682cca7cd9b33f4861dba3460a475526371519eb9b9e55ab86109daf3eda2852cbe6f78cf8b1dfe474e69f81b3bbc3bf8ed95643a703724a2ef64c9462c503ea847592c0cd16fb3c03000000000008000100"], 0x104}}, 0x4000)
r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/tty/ttydc/dev\x00', 0x80a01, 0x0)
write$auto(r8, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
r9 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/driver/rtc\x00', 0x88000, 0x0)
pread64$auto(r9, 0x0, 0x20, 0x0)
write$auto(r0, 0x0, 0x45c)

2m28.115047391s ago: executing program 5 (id=2093):
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) (async)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, r0, 0x0) (async, rerun: 32)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0) (rerun: 32)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000100)={0x3, 0x0, [{0x639, 0x10, 0x1}]}) (async)
fanotify_init$auto(0xc, 0x8)

2m27.831592451s ago: executing program 5 (id=2094):
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0)
r1 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
ioctl$auto(r0, 0x560f, r1)
close_range$auto(0x2, 0x8, 0x0)
r2 = socket(0x2a, 0x2, 0x1)
connect$auto(r2, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x1, 0xfffffffe}, 0x55)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
readv$auto(0x3, 0x0, 0x1)
r3 = socket(0x10, 0x2, 0x0)
socket(0xa, 0x80000, 0x8007d)
socket(0xa, 0x801, 0x106)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x0, 0x0)
read$auto_tracing_total_entries_fops_trace(r1, &(0x7f00000001c0)=""/86, 0x56)
ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$auto(0x3, 0x4048aec9, r4)
socket(0x2, 0x2, 0x1)
r6 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/irq/2/smp_affinity_list\x00', 0x48041, 0x0)
write$auto(r6, 0x0, 0x6)
openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, 0x0, 0x100, 0x0)
write$auto(r3, &(0x7f00000000c0)='\x04>\x00\x02\x18\x00\x00\xd3b\x01\xbd\x9b@\xb0\x00\x00\x00\x84\xa2\\\x15\xc4>\xa9\x82,\xf9y\xc7p\xf1w\xbe\xde\xe8\xc3\x01#\xcc\tF\xb6\x95\xeeH\xf8}v\xb3\xcb(\xa90Abe\xc3\x8c\xcc\xe7\xb8\x00F\x89#\xb4\xf0F\xa1\xd5\x1e\x8f\t\x9dZ~\xea\xa3\x93\xc2\x04\xe1;b\x99\x85\x00\x00\x00\xe2E\x00\x00-a\xb6n\xbc\xb4=\xf8\xce\x01\x1f]\x85|\xce\xd7\xff\xff\xd3lb\xc5\xee\xdb\xcb\xbb\xd8\x00\x80\x00\x00\xe9e\xe5\x80\x1c\x02\"\xa7&8U\xfd\xdc\x15\xae\xfa5\xb8}\x0e\xb4:\x91\xbb5\xd3{\xb2\xd0\xc0\x93=\xf8E\xceO\x1e\xd5\x8f\xdf\xaa\x1c\xfd\xb0h\xd8\xbc\xecA\xa6\xde\xd1=\xfd)d\x8f\vk\x1c+\xf7, \xf8]\xb3\xe9B\x02\f\'\xcf0\x06', 0x1ff)
r7 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/icmp\x00', 0xc0880, 0x0)
pread64$auto(r7, 0x0, 0x1ffffffffffe, 0xd59f)

2m26.908070045s ago: executing program 5 (id=2097):
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x7, 0x8, <r0=>0xffffffffffffffff, [], {0x6, 0x6, 0x1, 0x1ff, 0x100, 0x83, 0x101, 0x6, 0x64f}, {0x100, 0x1, 0xff, 0x5, 0x1, 0x40, 0x876c5, 0x8, 0x100000000}})
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
r1 = open(&(0x7f0000000180)='./file0\x00', 0x40000, 0x4)
move_mount$auto(r0, 0x0, r1, 0x0, 0x400)
mmap$auto(0xffffffffffffffff, 0x4020009, 0x340, 0x80000000000019, 0x401, 0x8004)
r2 = socket(0x2, 0x5, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x4040, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
ioctl$auto(0x3, 0x1269, 0x38)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
getcwd$auto(0x0, 0xffffffffffffffff)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/net/bond0/bonding/arp_validate\x00', 0x94a00, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd5\x00', 0x20000, 0x0)
mmap$auto(0x0, 0x20009, 0x2, 0xeb1, r3, 0x8000)
r4 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0)
io_uring_setup$auto(0x6, 0x0)
r5 = socket(0xa, 0x1, 0x84)
setsockopt$auto(r5, 0x0, 0x60, 0x0, 0x4f)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
r6 = epoll_create$auto(0x8800001)
epoll_ctl$auto(r6, 0x1, r4, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
socketpair$auto(0x1e, 0x1, 0x0, 0x0)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$auto(0x10, r7, 0x4, 0x7ff)
ptrace$auto_PTRACE_SET_THREAD_AREA(0x1a, r7, 0x6f, 0x1)

2m26.439764555s ago: executing program 5 (id=2099):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$auto_TCP_METRICS_CMD_GET(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="00000010", @ANYRES16=r1, @ANYBLOB="01002bbd7000fbdbdf2501000000080001000a01010114000c00fc00"/42], 0x30}, 0x1, 0x0, 0x0, 0x4004055}, 0x20000000)
pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x3, 0x1ff, 0x1001, 0x5, 0x717e, 0x0, 0x7, 0x200000000000003, 0xd, 0x2, 0x80003, 0x4, 0x1ffffffffffd, 0xb5, 0xfffffffffffffffe, 0x7, 0x10002, 0x7f, 0x2a2, 0x5, 0xa, 0x22000, 0x200, 0x4, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x400, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0xffffffffffffffff, 0x100000000000]}, 0x1fe, 0xd)
dup3$auto(0x8000000000000001, 0x5, 0x800080000)
r4 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000003c0), 0x1541, 0x0)
ioctl$auto__ctl_fops_dm_ioctl(r4, 0xfffffffffffffd03, &(0x7f00000001c0))
socket(0x15, 0x5, 0x0)
madvise$auto(0x8001, 0x2, 0xfba)
connect$auto(0x3, &(0x7f00000018c0)=@ethernet={0x1, @remote}, 0x8)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/conf/ip6tnl0/bootp_relay\x00', 0x5014c0, 0x0)
openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/trace\x00', 0x82000, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89fc, &(0x7f0000000040)={'veth0_macvtap\x00'})
ioctl$auto_TUNSETNOCSUM(r3, 0x400454c8, &(0x7f0000000080)=0x7)
syslog$auto(0x4, &(0x7f0000000440)='/dev/mapper/control\x00', 0x7)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001180), r5)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000040)={0x1c, r6, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@HWSIM_ATTR_REG_CUSTOM_REG={0x8, 0xc, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x404c091}, 0x40000)

2m25.162185973s ago: executing program 5 (id=2101):
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
r0 = socket(0xa, 0x3, 0x3914)
ioctl$auto_PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x6, 0x50b301a, 0x2c, 0x2c, 0x0, 0x2})
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:480/min_ratio_fine\x00', 0x2062, 0x0)
openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/mixer\x00', 0x2, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
socket(0xa, 0x1, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003040), r1)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'netdevsim0\x00'})
sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(r1, &(0x7f0000003140)={0x0, 0x0, &(0x7f0000003100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="9a532a3ea3553df8bd4aa1a83550e036ffcaa9fa2cb299fb0f3716e18a2a5d8e3fe6c41040f5b7c53cee917ad8ad1cdd4eda329796e67c0686e3e3f2380973ca5d07b6ce55146220710d3d1e751250716ae3401d126752d54701a01b7b3d72ea5ef81da43be847b97643bfb11ce0fcaeacc0998727318b74706b54b5953775a76f2363950a9a1f57cc66e35951da485ba191c32db86079", @ANYRES16=r2, @ANYBLOB="010021bd7000fbdbdf251200000008000900010000000800070006000000"], 0x24}, 0x1, 0x0, 0x0, 0x4000004}, 0x20008800)
r3 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
getdents$auto(r3, 0x0, 0x400018)
ioctl$auto_UBI_IOCATT(r3, 0x40186f40, &(0x7f00000000c0)={0x7, 0x2, 0x7fff, 0x5, 0x7, 0x3})
mbind$auto(0x0, 0x2091d2, 0x1, 0x0, 0x7, 0x2)
mmap$auto(0x0, 0xf1, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
r4 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0)
ioctl$auto_SNDCTL_SEQ_GETOUTCOUNT(r4, 0x80045104, 0x0)
fstat$auto(0xffffffffffffffff, 0x0)
close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002)
mmap$auto(0x0, 0x4, 0x4000000000e3, 0x40eb1, 0x401, 0x300000000000)
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/uts\x00')
socket(0x2, 0xa, 0x1)
statx$auto(0xffffff9c, 0x0, 0x1000, 0x0, 0x0)
ioctl$auto(0x1, 0x890b, 0x8)
mmap$auto(0xfffffffffffffffc, 0x2000d, 0x4000000000db, 0xeb1, r0, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x4)
write$auto(0x3, 0x0, 0xffd8)

2m23.873010962s ago: executing program 5 (id=2103):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/rpc/nfsd.fh/flush\x00', 0x4a141, 0x0)
writev$auto(r0, &(0x7f0000000240)={0x0, 0x5}, 0xa)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0)
r2 = bpf$auto(0x9, &(0x7f0000000100)=@bpf_attr_1={<r3=>0xffffffffffffffff, 0x1000, @value=0x3, 0x400084047dc}, 0x8e)
mmap$auto(0x0, 0xe983, 0x1000, 0xeb1, r1, 0xfffffffffffffffa)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_BATADV_CMD_TP_METER(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="000326bd70e7d205df2502000040"], 0x14}, 0x1, 0x0, 0x0, 0x4c894}, 0x4040804)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x9}, 0x3, 0x0)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/power/wakeup\x00', 0x2, 0x0)
sendfile$auto(0x3, 0x3, 0x0, 0x2000007)
kexec_load$auto(0x6, 0x2, &(0x7f00000002c0)={@buf=&(0x7f0000000200)="54d4", 0x2aa7, 0x6c0000bffd, 0xbffe}, 0x4)
mmap$auto(0x0, 0x400005, 0x800000000000df, 0x9b72, r3, 0x8000)
io_uring_setup$auto(0x6, 0x0)
r4 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r4, 0x107, 0xf, 0x0, 0x6)
r5 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x81)
ftruncate$auto(r5, 0xa0)
fsconfig$auto_FSCONFIG_CMD_CREATE_EXCL(r3, 0x8, &(0x7f0000000040)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/power/wakeup\x00', &(0x7f0000000300)="41d375ea046e67911d7446a163ab7ab5e9d69d8f877fcd4f28cc3eaf9c21c1dc8434852a220e1b57abe6b788a0e3dc5b680213e572830b794cda72b9fe6346119eb27d94681a027448975ea2d6546c141cf7352afc66206ffea1043f33a354159106f14fd90bf4cfc49fea0016388e0faede2591cf7cffea19bfb0b8c8378785d5f46b7192eaaab3702cfeb5df3877d277d8eb6bdf4752fd09ec6ab5525797181203c433aa8d2819fdc028017c08d705ed783da8a25618373f49b0e41c77ba85ac4b91e94792a386ab6ead447a8e78e7d81727a38afc6ff640db016cdb10f02419b624b35c3bcc0afbd3992a10", 0x2)
read$auto(0x3, 0x0, 0x0)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48})
sendmmsg$auto(r4, &(0x7f0000000140)={{&(0x7f0000000000), 0x5ac, &(0x7f00000001c0)={0x0, 0x7}, 0x5, 0x0, 0x5, 0x1}, 0x5}, 0x4, 0x1000100)

2m8.8078122s ago: executing program 34 (id=2103):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/rpc/nfsd.fh/flush\x00', 0x4a141, 0x0)
writev$auto(r0, &(0x7f0000000240)={0x0, 0x5}, 0xa)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0)
r2 = bpf$auto(0x9, &(0x7f0000000100)=@bpf_attr_1={<r3=>0xffffffffffffffff, 0x1000, @value=0x3, 0x400084047dc}, 0x8e)
mmap$auto(0x0, 0xe983, 0x1000, 0xeb1, r1, 0xfffffffffffffffa)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_BATADV_CMD_TP_METER(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="000326bd70e7d205df2502000040"], 0x14}, 0x1, 0x0, 0x0, 0x4c894}, 0x4040804)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x9}, 0x3, 0x0)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/power/wakeup\x00', 0x2, 0x0)
sendfile$auto(0x3, 0x3, 0x0, 0x2000007)
kexec_load$auto(0x6, 0x2, &(0x7f00000002c0)={@buf=&(0x7f0000000200)="54d4", 0x2aa7, 0x6c0000bffd, 0xbffe}, 0x4)
mmap$auto(0x0, 0x400005, 0x800000000000df, 0x9b72, r3, 0x8000)
io_uring_setup$auto(0x6, 0x0)
r4 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r4, 0x107, 0xf, 0x0, 0x6)
r5 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x81)
ftruncate$auto(r5, 0xa0)
fsconfig$auto_FSCONFIG_CMD_CREATE_EXCL(r3, 0x8, &(0x7f0000000040)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/power/wakeup\x00', &(0x7f0000000300)="41d375ea046e67911d7446a163ab7ab5e9d69d8f877fcd4f28cc3eaf9c21c1dc8434852a220e1b57abe6b788a0e3dc5b680213e572830b794cda72b9fe6346119eb27d94681a027448975ea2d6546c141cf7352afc66206ffea1043f33a354159106f14fd90bf4cfc49fea0016388e0faede2591cf7cffea19bfb0b8c8378785d5f46b7192eaaab3702cfeb5df3877d277d8eb6bdf4752fd09ec6ab5525797181203c433aa8d2819fdc028017c08d705ed783da8a25618373f49b0e41c77ba85ac4b91e94792a386ab6ead447a8e78e7d81727a38afc6ff640db016cdb10f02419b624b35c3bcc0afbd3992a10", 0x2)
read$auto(0x3, 0x0, 0x0)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48})
sendmmsg$auto(r4, &(0x7f0000000140)={{&(0x7f0000000000), 0x5ac, &(0x7f00000001c0)={0x0, 0x7}, 0x5, 0x0, 0x5, 0x1}, 0x5}, 0x4, 0x1000100)

1m1.508847585s ago: executing program 3 (id=2323):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/bond0/bonding/resend_igmp\x00', 0x1e2142, 0x0)
sendfile$auto(r0, r0, 0x0, 0x7fff) (async)
openat$auto_proc_mountstats_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000), 0x80020, 0x0)

1m1.111297944s ago: executing program 3 (id=2325):
r0 = socket(0xa, 0x2, 0xfffffffe)
getpeername$auto(r0, 0x0, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/adsp1\x00', 0x80502, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0x2000040080000004, 0xe)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54)
write$auto(0x3, 0x0, 0xfdef)
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/input/event0\x00', 0x2, 0x0)
socket(0x10, 0x2, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
fsconfig$auto_SHMEM_HUGE_FORCE(0xffffffffffffffff, 0x7, &(0x7f0000000100)='@+\\!\x00', &(0x7f00000001c0)="5b0fdf8e7220ade733b697e361a312e8797cf9bc410c090dd180de688ae19ee0f7d3ce7f185fa1b9c9867d234fdb5c62c6e305f1df4ca134c6413371cb668566fc407fc2b99e953d74e9fe557dc0d6dd24b7fd497737dfcd44938915c5131197660e57624aba5b26b726415e50ca4639", 0xfffffffffffffffe)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_SEG6_CMD_SET_TUNSRC(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="76280000740960e8d5e08e8f", @ANYRES16=r2, @ANYBLOB="010028bd7000fbdbdf25030000001400010000000000000000000000000000b34ce0"], 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x800)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0)
prctl$auto(0x100000f5, 0x8, 0x0, 0x0, 0x0)
write$auto(r3, &(0x7f00000000c0)='/dev/audio1\x00', 0x100000a3d9)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x3, 0x0, 0xfffffffffffffffc, 0x696b}, 0xed7138c}, 0x2, 0x9)
r4 = socket(0xa, 0x5, 0x84)
sendto$auto(r4, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "0000000000000600"}, 0x4000001c)
r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/sctp/assocs\x00', 0x0, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r5, &(0x7f0000000240)=""/11, 0xb)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/fs/nfs/net/nfs_client/identifier\x00', 0x82942, 0x0)
sendfile$auto(r6, r6, 0x0, 0x200)

59.674618576s ago: executing program 3 (id=2329):
mmap$auto(0x0, 0x20008, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x40401, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = io_uring_setup$auto(0x6, 0x0)
ioctl$auto(0x3, 0xae60, 0x10000000000402)
ioctl$auto(0x3, 0x4020aea5, 0x38)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r2 = socket(0x1d, 0x3, 0x1)
getsockopt$auto(r2, 0x65, 0x40002, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r3=>0x0})
r4 = openat$auto_udmabuf_fops_udmabuf(0xffffffffffffff9c, &(0x7f0000000040), 0x80400, 0x0)
bpf$auto_BPF_MAP_CREATE(0x0, &(0x7f0000000080)=@bpf_attr_3={0xfffffffa, 0x100, 0xda, 0x5, 0x10, 0x22, 0xff, 0x8, 0xd, "bc08208c8bb06ee88f6146748f9588d6", r3, 0xa, r4, 0x9, 0x0, 0x80000000, 0x5, 0xfffffffffffffff8, 0x5, 0x0, @attach_btf_obj_fd=r1, 0x0, 0x6, 0xc00, 0x8, 0x6, r1, r1}, 0xfffffff2)

58.952796504s ago: executing program 3 (id=2331):
r0 = openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/dri/vkms/clients\x00', 0x2100, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x40009, 0x36, 0x9b72, 0x7, 0x28000)
socketpair$auto(0x1, 0x2, 0x80000001, 0x0)
setsockopt$auto(0x3, 0x1, 0x2a, 0x0, 0x9)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/config.gz\x00', 0x20000, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a2, 0x4e)
shutdown$auto(0x200000003, 0x2)
r1 = socket(0x10, 0x4, 0x0)
r2 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_IPVS_CMD_DEL_DEST(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004f40)={&(0x7f0000004f80)={0x14, r2, 0x8574a35e83815fa9, 0x70bd28, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x14)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/mptcp/pm_type\x00', 0xe0002, 0x0)
fchdir$auto(r3)
getdents$auto(r0, &(0x7f00000001c0)={0x7f, 0x7, 0x1, "094b5931b138016cdd62853611447a10e579510161e4b18aade987809ccc388dc7b2b6922f949a57612588bd1b7b46e2aa87331bdddbd8c4b12783a92eb906ba412a9c6221cde846209009d7b3c3a1e5ddcfcd6f12e76bc001b22fda9f37135ee9fe6b8e4e72776ee8b0627ecadfa695f5446afd67cfca3ab81cf0237cd8e9bc1cfdb569a1d79aeb9123af7b1ad9b002315879dfd3e2b18d22d26a48e496d71abc8f01a57ee7a90bbaff872bcff09af1c5d91b19c4"}, 0x3ff)
write$auto(r3, &(0x7f0000000180)='//\xf2\x00', 0x8)
lseek$auto(r0, 0x9, 0x0)
bpf$auto_BPF_LINK_CREATE(0x1c, &(0x7f00000002c0)=@bpf_attr_5={@target_ifindex, <r4=>r0, 0x400, 0x9, r0, @relative_fd=r0, 0x9ee5}, 0x2c)
read$auto_proc_coredump_filter_operations_base(r4, &(0x7f0000000380)=""/254, 0xfe)
mmap$auto(0x200000003, 0x2020009, 0x5, 0x14, 0xfffffffffffffffa, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
io_uring_setup$auto(0x6, 0x0)
setsockopt$auto(0xffffffffffffffff, 0x104000000000010e, 0xffffffff, 0x0, 0x19)

58.701509936s ago: executing program 3 (id=2333):
read$auto(0xffffffffffffffff, 0x0, 0x401)
madvise$auto(0x0, 0xffffffffffff0001, 0x3)
mmap$auto(0x2, 0x100000001, 0x4000000000df, 0x17, 0xffffffffffffffff, 0x8000)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
madvise$auto(0x0, 0xffffffffffff0004, 0x19)
madvise$auto(0x0, 0x200007, 0x8)
r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/006/001\x00', 0xa901, 0x0)
ioctl$auto(r0, 0x4008550d, r0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000800), r1)
connect$auto(r1, &(0x7f0000000940)=@nl=@proc={0x10, 0x0, 0x25dfdbfd}, 0x1e)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
r2 = socket(0x10, 0x5, 0x2)
setsockopt$auto_SO_ATTACH_REUSEPORT_EBPF(r2, 0x1, 0x34, &(0x7f0000000100)='/proc/asound/card0/pcm0c/sub7/status\x00', 0xe81)
r3 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$auto_IOCTL_VMCI_QUEUEPAIR_ALLOC(r3, 0x7a8, 0x0)
r4 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0)
r5 = io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
r6 = epoll_create$auto(0x8800001)
epoll_ctl$auto(r6, 0x1, r4, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/oom_adj\x00', 0x3e00, 0x0)
fsconfig$auto_SHMEM_HUGE_FORCE(r5, 0x9, &(0x7f0000000080)='/proc/self/oom_adj\x00', &(0x7f00000000c0)="2af2fb3eee4a739bb811bc80524f00abc3efd5efd1b22c610f58d6a06879a9cde55cd88357de45170dbd6e09d1dbe2895a791731b84769be", 0xfffffffffffffffe)
close_range$auto(r2, r5, 0x2)
fanotify_init$auto(0x7, 0x6)
fanotify_mark$auto(0x400000000000, 0x9, 0xf2b, 0xffffffffffffffff, 0x0)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)

57.158588506s ago: executing program 3 (id=2339):
r0 = socket(0x15, 0x5, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f0000005380)={0x0, 0x0, &(0x7f0000005340)={&(0x7f0000000000)={0x1c, r2, 0x1, 0x870bd2b, 0x25dfdbfc, {}, [@NFSD_A_SERVER_SOCK_ADDR={0x8, 0x1, 0x0, 0x1, [@NFSD_A_SOCK_ADDR={0x4}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc000}, 0x20000000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x4, 0x8000)
read$auto(0x3, 0x0, 0x80)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @loopback}, 0x6a)
r3 = prctl$auto_PR_SET_MM_START_CODE(0x6969, 0x1, 0xffffffffffffffff, 0x7fff, 0x9)
r4 = syz_genetlink_get_family_id$auto_hsr(&(0x7f00000000c0), r1)
sendmsg$auto_HSR_C_GET_NODE_STATUS(r3, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x44, r4, 0x300, 0x70bd25, 0x25dfdbff, {}, [@HSR_A_IF2_AGE={0x8, 0x4, 0x5}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @random="051639136d03"}, @HSR_A_IF1_SEQ={0x6, 0x6, 0xf}, @HSR_A_IF2_AGE={0x8, 0x4, 0x1b85a000}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @random="fc8d2eefdaa8"}]}, 0x44}, 0x1, 0x0, 0x0, 0x20040000}, 0x40)
sendmsg$auto(r0, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0)

52.073931931s ago: executing program 6 (id=2355):
openat$auto_hwsim_fops_group_(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/ieee80211/phy13/hwsim/group\x00', 0x300000, 0x0)
mmap$auto(0x100020000, 0x8, 0xfffffffffffffffd, 0x1f, 0xffffffffffffffff, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/usbip-vudc.0/usbip_sockfd\x00', 0x103841, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r1 = socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
connect$auto(0x3, &(0x7f0000000080)=@llc={0x1a, 0x100, 0x2, 0x6, 0x5, 0x9, @local}, 0x54)
write$auto(r0, 0x0, 0xfdef)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYRESDEC=r1, @ANYRES16=r1, @ANYBLOB="0d566b3dd008e4edd9650200000000000008"], 0x24}, 0x1, 0x0, 0x0, 0x34000010}, 0x200000c4)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_async\x00', 0x183941, 0x0)
socket(0x2, 0x1, 0x106)
migrate_pages$auto(0x0, 0x99, 0x0, &(0x7f00000001c0)=0x7b)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80e42, 0x0)
ioctl$auto_SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f00000001c0))
r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SYNC(r3, 0x5001, 0x0)
write$auto(0x3, 0x0, 0x100082)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0)
select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000000001fc, 0x7, 0xd3e, 0x1, 0x9687, 0x100000000000003, 0x95f4da0a, 0x6, 0x3, 0x62, 0x5, 0x5, 0x6d3f, 0x7, 0x6, 0x6]}, 0x0)
write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
sendmsg$auto_TIPC_NL_NET_SET(0xffffffffffffffff, &(0x7f00000079c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40010}, 0x2)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x4, 0x3, 0x3, 0x3, 0x3, 0x3, 0x8000000000000000, 0x2, 0x6d3c, 0x3, 0x2, 0x8000000000000006]}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_psample(&(0x7f0000007a40), 0xffffffffffffffff)

50.749856408s ago: executing program 6 (id=2358):
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x1c4)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0xffffffffffffffff, 0x8, 0x2)
r0 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000007380)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x109041, 0x0)
write$auto(r0, &(0x7f0000008d40)='($}-)#@\x00', 0x3)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x10cc3, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000)
move_pages$auto(0x1, 0x1, 0x0, 0x0, 0x0, 0x8000000000000000)
mmap$auto(0x8, 0x3a02, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x9, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008)
r1 = socket(0xf, 0xa, 0xf)
setsockopt$auto(r1, 0x1, 0xc, 0x0, 0x7fffffff)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ttyS0\x00', 0x1, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40)
execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000)
r3 = socket(0x10, 0x2, 0x6)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv6/conf/team_slave_0/ioam6_id_wide\x00', 0x80, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/veth1_to_team/max_addresses\x00', 0x45ca82, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(r3, r4, 0x3)
open(0x0, 0x22240, 0x55)
socket(0x2, 0x3, 0xa)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8)

49.749260136s ago: executing program 6 (id=2360):
r0 = openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/dri/vkms/clients\x00', 0x2100, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x40009, 0x36, 0x9b72, 0x7, 0x28000)
socketpair$auto(0x1, 0x2, 0x80000001, 0x0)
setsockopt$auto(0x3, 0x1, 0x2a, 0x0, 0x9)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/config.gz\x00', 0x20000, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a2, 0x4e)
shutdown$auto(0x200000003, 0x2)
r1 = socket(0x10, 0x4, 0x0)
r2 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_IPVS_CMD_DEL_DEST(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004f40)={&(0x7f0000004f80)={0x14, r2, 0x8574a35e83815fa9, 0x70bd28, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x14)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/mptcp/pm_type\x00', 0xe0002, 0x0)
fchdir$auto(r3)
getdents$auto(r0, &(0x7f00000001c0)={0x7f, 0x7, 0x1, "094b5931b138016cdd62853611447a10e579510161e4b18aade987809ccc388dc7b2b6922f949a57612588bd1b7b46e2aa87331bdddbd8c4b12783a92eb906ba412a9c6221cde846209009d7b3c3a1e5ddcfcd6f12e76bc001b22fda9f37135ee9fe6b8e4e72776ee8b0627ecadfa695f5446afd67cfca3ab81cf0237cd8e9bc1cfdb569a1d79aeb9123af7b1ad9b002315879dfd3e2b18d22d26a48e496d71abc8f01a57ee7a90bbaff872bcff09af1c5d91b19c4"}, 0x3ff)
write$auto(r3, &(0x7f0000000180)='//\xf2\x00', 0x8)
lseek$auto(r0, 0x9, 0x0)
bpf$auto_BPF_LINK_CREATE(0x1c, &(0x7f00000002c0)=@bpf_attr_5={@target_ifindex, <r4=>r0, 0x400, 0x9, r0, @relative_fd=r0, 0x9ee5}, 0x2c)
read$auto_proc_coredump_filter_operations_base(r4, &(0x7f0000000380)=""/254, 0xfe)
mmap$auto(0x200000003, 0x2020009, 0x5, 0x14, 0xfffffffffffffffa, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
r5 = socket(0x10, 0x2, 0x4)
setsockopt$auto(r5, 0x104000000000010e, 0xffffffff, 0x0, 0x19)

49.593512509s ago: executing program 6 (id=2361):
r0 = prctl$auto_SECCOMP_MODE_STRICT(0x1ff, 0x1, 0x0, 0x1, 0x2)
ioctl$auto_EVIOCRMFF(r0, 0x40044581, &(0x7f0000000040)=0x8)
r1 = socket(0x1e, 0x1, 0x7)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb0, 0x401, 0x1003)
bpf$auto(0x3, &(0x7f0000000000)=@bpf_attr_1={0xffffffffffffffff, 0x2, @value=0x5711, 0x2}, 0x9f)
r2 = socket(0x10, 0x2, 0x4)
sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400c7"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000)
write$auto(r2, &(0x7f0000000000)='-\x00', 0x2fb)
move_pages$auto(0x0, 0x5, 0x0, &(0x7f00000003c0)=0x1, 0x0, 0x2)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, r3, 0x0)
r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0)
r5 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/schedstat\x00', 0x100800, 0x0)
read$auto_proc_single_file_operations_base(r5, &(0x7f00000000c0)=""/14, 0xe)
ioctl$auto(0x3, 0xae41, r4)
ioctl$auto_KVM_GET_MSRS(r3, 0x4008ae89, &(0x7f00000000c0)={0xdd, 0x0, [{0x40000108, 0x400}]})
ioctl$auto_FS_IOC_RESVSP(r1, 0x40305828, 0x6)
close_range$auto(0x2, 0x8, 0x0)
r6 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r7, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000004200)={&(0x7f0000000140)={0x2c, r6, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@HWSIM_ATTR_PMSR_SUPPORT={0x18, 0x1a, 0x0, 0x1, [@NL80211_PMSR_ATTR_TYPE_CAPA={0x14, 0x4, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_PREAMBLES={0x8, 0x5, 0x2}]}, @NL80211_PMSR_TYPE_FTM={0x4}]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40c8}, 0x4048000)
sendmsg$auto_HWSIM_CMD_REPORT_PMSR(r2, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x5c, r6, 0x200, 0x70bd27, 0x25dfdbfd, {}, [@HWSIM_ATTR_RADIO_NAME={0x6, 0x11, '&-'}, @HWSIM_ATTR_DESTROY_RADIO_ON_CLOSE={0x4}, @HWSIM_ATTR_CHANNELS={0x8, 0x9, 0x9}, @HWSIM_ATTR_MULTI_RADIO={0x4}, @HWSIM_ATTR_SUPPORT_P2P_DEVICE={0x4}, @HWSIM_ATTR_ADDR_TRANSMITTER={0x12, 0x2, "82b6c40709f26599146ee2800f00"}, @HWSIM_ATTR_FREQ={0x8, 0x13, 0x3ff}, @HWSIM_ATTR_IFTYPE_SUPPORT={0x8, 0x17, 0x6}, @HWSIM_ATTR_SIGNAL={0x8, 0x6, 0xffffffff}]}, 0x5c}, 0x1, 0x0, 0x0, 0xc0}, 0x804)

49.054409367s ago: executing program 6 (id=2364):
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8003)
mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0xf, 0x0)
chdir$auto(&(0x7f0000000000)='}[,&*}\x00')
mount$auto(0x0, &(0x7f00000001c0)='.\x00', 0x0, 0x100000, 0x0)
clone$auto(0x10fffffffe22000, 0x2, 0xfffffffffffffffc, 0xfffffffffffffffc, 0xe45e)
pivot_root$auto(&(0x7f0000000100)='..\x00', &(0x7f0000000340)='.\x00z\x86E\xb8\xf1\xcbx\xf6cu<\x0e\xd8\xa5\xcd~\xaf\x80\xd3\xf4\xe5\x02\xf9q p\xe2\x8b\xc0\xedf\xba\x16*\x8ar\xa0\'$A\xe5\xc5\x89\xcb\xd5\xac\x98,\xd4Pycv\xdd\xa1\x84\xfb\xe9\r\x82\x15P*IM\xf7.\xf3v\x85Q\xbc:\xef\xd5\x1a\x9e\xbck\x1d\x114^\x1b\x02\xa1\xb0(\xa2\xdb\xbc\x1a\t\x94\x14\xbb\xc8\xfa\x18I\xff\x7f\xab\xf0\x8f\xd3Gr\xfb5\xf1,\x11\x052u&\xde\x9aF\n\xf0\x06\xfc\x1b\x17\x82%\x14\xb3\x19\x13\f\xbe_\xfdi\x17\xfcv\x82*\xbf<\xfa5\xfd\x8b\x1d\x99\a`\xde\xf4\x8a,\tP) \xf4\xdc\r\x17x\xc6\x18Y\xeaaUY\xeb\xd2\x81\xbare\x00\x8e\xfdA\x93\xb9\xac\xf1\x0eq\x85\xd9\x90\x8a%K\x95\x8fm\v\x98y\x9bc-\xa7;\x117\x19)\x04\xb4\nJ\x0e\x1b\x97e\xee\xdb\xc3\xca\xfe\xa7y\x12\xff\xce')
r0 = open$dir(&(0x7f0000000040)='}[,&*}\x00', 0x420000, 0x180)
faccessat$auto(r0, &(0x7f0000000080)='}[,&*}\x00', 0x1a400000)

48.18260266s ago: executing program 6 (id=2366):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
rename$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00')
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
writev$auto(0x3, 0x0, 0x8009)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_flow(0x0, r0)
waitid$auto_P_PGID(0x2, 0x0, 0x0, 0x2, &(0x7f0000000140)={{0x6782, 0x3}, {0x0, 0x3}, 0x5, 0xffff, 0x8, 0x100000000, 0x6, 0x606, 0x100000001, 0x9, 0x8, 0x3, 0xffffffff80000001, 0x454f, 0x1, 0xffffffffffff176f})
bpf$auto(0x0, 0x0, 0x6f3)
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)
mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000)
futex_requeue$auto(0x0, 0x0, 0xfffffffe, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x400001, 0x0)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000)
statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0)
ioctl$auto(r1, 0x40104d05, 0x8)
bind$auto(0xffffffffffffffff, 0x0, 0x5)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
read$auto(r1, 0x0, 0x80)
sendmsg$auto_OVS_FLOW_CMD_DEL(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x18}, 0x1, 0x0, 0x0, 0x40}, 0x800)

42.040151044s ago: executing program 35 (id=2339):
r0 = socket(0x15, 0x5, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f0000005380)={0x0, 0x0, &(0x7f0000005340)={&(0x7f0000000000)={0x1c, r2, 0x1, 0x870bd2b, 0x25dfdbfc, {}, [@NFSD_A_SERVER_SOCK_ADDR={0x8, 0x1, 0x0, 0x1, [@NFSD_A_SOCK_ADDR={0x4}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc000}, 0x20000000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x4, 0x8000)
read$auto(0x3, 0x0, 0x80)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @loopback}, 0x6a)
r3 = prctl$auto_PR_SET_MM_START_CODE(0x6969, 0x1, 0xffffffffffffffff, 0x7fff, 0x9)
r4 = syz_genetlink_get_family_id$auto_hsr(&(0x7f00000000c0), r1)
sendmsg$auto_HSR_C_GET_NODE_STATUS(r3, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x44, r4, 0x300, 0x70bd25, 0x25dfdbff, {}, [@HSR_A_IF2_AGE={0x8, 0x4, 0x5}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @random="051639136d03"}, @HSR_A_IF1_SEQ={0x6, 0x6, 0xf}, @HSR_A_IF2_AGE={0x8, 0x4, 0x1b85a000}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @random="fc8d2eefdaa8"}]}, 0x44}, 0x1, 0x0, 0x0, 0x20040000}, 0x40)
sendmsg$auto(r0, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0)

39.480866088s ago: executing program 4 (id=2391):
r0 = socket(0xa, 0x5, 0x7)
setsockopt$auto(r0, 0x0, 0x24, 0x0, 0x9)
mmap$auto(0xffff7ffffffffffe, 0x400006, 0x2baa, 0x9b7b, r0, 0x1)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
getpeername$auto(r0, &(0x7f0000000140)=@phonet={0x23, 0x3, 0x7, 0x7a}, &(0x7f0000000180)=0x10)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
ioctl$auto(r1, 0x4b4a, 0x9)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
unshare$auto(0x40000080)
openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000000), 0x40001, 0x0)
openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x0, 0x0)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54)
openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/block/mtdblock0/sched/read0_fifo_list\x00', 0x0, 0x0)
lseek$auto(0x3, 0x7fffffffffffffff, 0x1)
write$auto_ocfs2_control_fops_stack_user(0xffffffffffffffff, &(0x7f0000003900)='\t', 0x1)
unshare$auto(0x40000080)
unshare$auto(0x40000080)
clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x5)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
munlock$auto(0xffff, 0x1)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, 0x0, 0x54)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
bpf$auto(0xfffffffe, &(0x7f00000001c0)=@query={@target_fd, 0x8, 0x3, 0x5, 0xff, @count=0xe35c, 0x0, 0x5, 0x80000000000006, 0xd9, 0xffffffff}, 0x6f2)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)

38.322977406s ago: executing program 4 (id=2392):
close_range$auto(0x2, 0x8, 0x0)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x0)
r0 = io_uring_setup$auto(0x6, 0x0)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x66)
syz_genetlink_get_family_id$auto_ethtool(0x0, r0)
bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3)
bpf$auto(0x100000001, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'bond0\x00'})
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
timer_create$auto(0x9, 0x0, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x401bf, 0x734f, 0x36, 0x67f, 0x1ffde, 0x7, 0x3, 0x20000002, 0xd, 0x3, 0x1, 0x2091, 0xb4, 0x9, 0x6, 0x6, 0x80, 0x4, 0x1cd7, 0x1000, 0x2000, 0x203, 0x0, 0x84}, 0x1fe, 0xd)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8040)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r1 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
timer_settime$auto(0x0, 0x4b, &(0x7f0000000040)={{0x3, 0x1}, {0xc, 0x4c}}, 0x0)
timer_gettime$auto(0x0, 0x0)
geteuid()
ioctl$auto_BLKTRACESETUP2(r0, 0xc0481273, &(0x7f00000001c0)={"4fb41784446f3c429407837060ab5be37571fcbcfa741d9cdcf876b0effab9bd", 0x5, 0x80000001, 0x2, 0x8, 0x411f})
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
mmap$auto(0x0, 0x6, 0x3, 0xeb1, 0x7, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x0, 0x0)

37.447240872s ago: executing program 4 (id=2393):
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x11, 0xa, 0x4)
socket(0xa, 0x5, 0x0)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop13\x00', 0x60742, 0x0)
write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
r1 = socket(0x15, 0x5, 0x0)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8004)
close_range$auto(0x2, 0x8, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_EVIOCGMASK(0xffffffffffffffff, 0x80104592, &(0x7f0000000000)={0x2000, 0x800004, 0x9})
syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000080), r1)
sendmsg$auto_NL802154_CMD_NEW_INTERFACE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x24000090}, 0x1)
io_uring_setup$auto(0x6, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r3 = semctl$auto_GETPID(0xb, 0x1, 0xb, 0x3)
migrate_pages$auto(r3, 0x8000000000000001, &(0x7f00000001c0)=0x2, &(0x7f0000000200)=0x9)
mmap$auto(0x0, 0xe97f, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
timer_create$auto(0x0, 0x0, 0x0)
r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r4, 0x0, 0x0)
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x100, 0x83, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}})

35.726299064s ago: executing program 4 (id=2400):
mmap$auto(0x5, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0)
r2 = socket(0x10, 0x2, 0x0)
recvmmsg$auto(r2, &(0x7f0000000140)={{0x0, 0x3, &(0x7f0000000080)={0x0, 0x400}, 0x5, 0x0, 0x2000000200002, 0x8}, 0x803}, 0xfffffff9, 0x10, 0x0)
write$auto_proc_clear_refs_operations_internal(r1, 0x0, 0xffffff4b)

34.745837054s ago: executing program 4 (id=2401):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram10\x00', 0x579702, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
mkdir$auto(&(0x7f0000000040)='}[,&*}\x00', 0xc001)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
madvise$auto(0x8000000000000001, 0xfffffffffffffffd, 0x4)
setreuid$auto(0x80000000, 0x7fffffffffffffff)
mount$auto(0x0, &(0x7f0000000100)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0x10001, 0x0)
mount$auto(0x0, &(0x7f0000000100)='}[,&*}\x00', 0x0, 0x4401d, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x14)

34.418201745s ago: executing program 4 (id=2403):
r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000340)='/dev/sg0\x00', 0x103002, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$auto_BCH_IOCTL_QUERY_UUID(r1, 0x8010bc01, &(0x7f0000000080)={{"2853dd7e2862d07acd1f661e70b3dbd2"}}) (async)
write$auto_sg_fops_sg(r0, &(0x7f00000000c0)="01000000000d0000624c492f4aa7a158ad329acb69abe1d4bbe91b3ddc84d02747403bbca33c95be8fb08baf91e29260d0df45df51303a4b3ba499af7309abda55e6848879cbc9ae9fa650f8b64e2d975b84e2880000000000b7d3fa772fa07ef185df007f9f9f87af7e891908e001f96cfe1ccbc9d1ee9b06b99d988d0cffeeb3c72b7d45350b2ecb45f5662e1dd0a321ab7289dd1865c54dad52f23f76b4fae4c327335e8c1e07480fb20dcc79a365f7b3285b72e45666bf491ca17e9b9ad811a859c1ade92f1fb29167cf1d", 0xcd)

34.182350267s ago: executing program 7 (id=2384):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd7\x00', 0x80000, 0x0)
r1 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000440), 0x20100, 0x0)
ioctl$auto_LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$auto_LOOP_CTL_GET_FREE(r1, 0x4c82, 0x0)
r2 = epoll_create$auto(0x4)
r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video48\x00', 0x18a041, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000040), r4)
r5 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/025/001\x00', 0x802, 0x0)
ioctl$auto_USBDEVFS_CONTROL(r5, 0xc0185500, &(0x7f0000000240)={0x0, 0x1, 0x1, 0x10, 0x1, 0x4, &(0x7f00000001c0)})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002a40), r6)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r4, &(0x7f00000050c0)={0x0, 0x0, &(0x7f0000005080)={&(0x7f0000002a80)={0x1c, r7, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@NFSD_A_SERVER_SOCK_ADDR={0x4}, @NFSD_A_SERVER_SOCK_ADDR={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20008050)
sendmsg$auto_NFSD_CMD_THREADS_GET(r4, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r7, 0x10, 0x70bd28, 0x25dfdbfe, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x24000814}, 0x4004846)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
getsockopt$auto(0xffffffffffffffff, 0x119, 0x1, 0x0, 0x0)
epoll_ctl$auto(r2, 0x1, r3, 0x0)
ioctl$auto_OTPGETREGIONINFO(r2, 0x400c4d0f, &(0x7f0000000000)={0x9, 0x0, 0x56b})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff)
sendfile$auto(r0, r0, &(0x7f0000000080)=0x7, 0x3)
prctl$auto(0x39, 0x1, 0x4, 0x5, 0x7)
sendmsg$auto_NBD_CMD_CONNECT(r8, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010025bd7000fddbdf2503000000040007800c00020005000000000000000800010007"], 0x2c}, 0x1, 0x0, 0x0, 0x20004080}, 0x8880)

33.042074429s ago: executing program 36 (id=2366):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
rename$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00')
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
writev$auto(0x3, 0x0, 0x8009)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_flow(0x0, r0)
waitid$auto_P_PGID(0x2, 0x0, 0x0, 0x2, &(0x7f0000000140)={{0x6782, 0x3}, {0x0, 0x3}, 0x5, 0xffff, 0x8, 0x100000000, 0x6, 0x606, 0x100000001, 0x9, 0x8, 0x3, 0xffffffff80000001, 0x454f, 0x1, 0xffffffffffff176f})
bpf$auto(0x0, 0x0, 0x6f3)
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)
mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000)
futex_requeue$auto(0x0, 0x0, 0xfffffffe, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x400001, 0x0)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000)
statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0)
ioctl$auto(r1, 0x40104d05, 0x8)
bind$auto(0xffffffffffffffff, 0x0, 0x5)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
read$auto(r1, 0x0, 0x80)
sendmsg$auto_OVS_FLOW_CMD_DEL(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x18}, 0x1, 0x0, 0x0, 0x40}, 0x800)

18.519218268s ago: executing program 37 (id=2403):
r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000340)='/dev/sg0\x00', 0x103002, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$auto_BCH_IOCTL_QUERY_UUID(r1, 0x8010bc01, &(0x7f0000000080)={{"2853dd7e2862d07acd1f661e70b3dbd2"}}) (async)
write$auto_sg_fops_sg(r0, &(0x7f00000000c0)="01000000000d0000624c492f4aa7a158ad329acb69abe1d4bbe91b3ddc84d02747403bbca33c95be8fb08baf91e29260d0df45df51303a4b3ba499af7309abda55e6848879cbc9ae9fa650f8b64e2d975b84e2880000000000b7d3fa772fa07ef185df007f9f9f87af7e891908e001f96cfe1ccbc9d1ee9b06b99d988d0cffeeb3c72b7d45350b2ecb45f5662e1dd0a321ab7289dd1865c54dad52f23f76b4fae4c327335e8c1e07480fb20dcc79a365f7b3285b72e45666bf491ca17e9b9ad811a859c1ade92f1fb29167cf1d", 0xcd)

18.44539698s ago: executing program 38 (id=2384):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd7\x00', 0x80000, 0x0)
r1 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000440), 0x20100, 0x0)
ioctl$auto_LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$auto_LOOP_CTL_GET_FREE(r1, 0x4c82, 0x0)
r2 = epoll_create$auto(0x4)
r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video48\x00', 0x18a041, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000040), r4)
r5 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/025/001\x00', 0x802, 0x0)
ioctl$auto_USBDEVFS_CONTROL(r5, 0xc0185500, &(0x7f0000000240)={0x0, 0x1, 0x1, 0x10, 0x1, 0x4, &(0x7f00000001c0)})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002a40), r6)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r4, &(0x7f00000050c0)={0x0, 0x0, &(0x7f0000005080)={&(0x7f0000002a80)={0x1c, r7, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@NFSD_A_SERVER_SOCK_ADDR={0x4}, @NFSD_A_SERVER_SOCK_ADDR={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20008050)
sendmsg$auto_NFSD_CMD_THREADS_GET(r4, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r7, 0x10, 0x70bd28, 0x25dfdbfe, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x24000814}, 0x4004846)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
getsockopt$auto(0xffffffffffffffff, 0x119, 0x1, 0x0, 0x0)
epoll_ctl$auto(r2, 0x1, r3, 0x0)
ioctl$auto_OTPGETREGIONINFO(r2, 0x400c4d0f, &(0x7f0000000000)={0x9, 0x0, 0x56b})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff)
sendfile$auto(r0, r0, &(0x7f0000000080)=0x7, 0x3)
prctl$auto(0x39, 0x1, 0x4, 0x5, 0x7)
sendmsg$auto_NBD_CMD_CONNECT(r8, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010025bd7000fddbdf2503000000040007800c00020005000000000000000800010007"], 0x2c}, 0x1, 0x0, 0x0, 0x20004080}, 0x8880)

14.291520769s ago: executing program 8 (id=2452):
mmap$auto(0x0, 0x4, 0x7, 0x40eb1, 0x401, 0x300000000000)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x401, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0)
r0 = socket(0x29, 0x2, 0x0)
r1 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
sendmsg$auto_ETHTOOL_MSG_EEE_SET(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x341a21}, 0xc, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="64060000", @ANYRES16=0x0, @ANYRESDEC=r1, @ANYRES32=0x0, @ANYBLOB="358a2c955721a15e6af4c0cd39753ed6590da6fcfdb4efad2564485fe5a62caf7c0898175b27f07b1c85730133e949efa807d8e735087fe0f8042bc045280b7ab272986759eb9e87d26e370132de17357418c6fc8c7ab5fd82e49ec57cc7469fdfea1c5b11f1e7b7487e14005100fe8000000000000000000000000000bbf38260e6b3a502e76360b37d89d3c982ce43ed58686f5bc3b23ca5a319b633b9251d5be0ac2b9fe0920b9e0a26f211dab8a766342bbc84e046b4c55a63a4c507de549fab77dccdd3f2ce86bb16beac82ce78f66af159058e18e7e2377788e1ed06723b45ef76aa47ddff855ab89a31bafc7a2520627b3b82b80ec48569cae31e1ac6d06c94aa9abf8d4537a5962e465433b34c1801757582dd85f475a858aaa39fe10f197b1c9baa448864613855e5eeb47fe27e8108463a4f7f2a10bf13e2ba8c2cc82df2e26847d0f8df2af25d60454717a806a9d43c6f007999309720205daed28eed9366962393bde63cbe1631da8320ff9d162c2d5dbc4db715e30b550400d880000000bda20048047414e05609382ca52e910ca66fbfea399b832b3e408f8503b49f61321c0ff295c03a9ee52f359bcec5cbfa81a0000def4e63c427570e24bc62046d0c4c9d9356b9efc3c8524184b1e81bb014e52250aa61e6ea1fbd34aec8bb51f8d61e3c70cf61cc53a3ce4e80bde4bac0cd2d05746edeea629e814f0800fe80abff413603c3debe24d481d4a45cf55f7472cf815b1b672d6f2cf8f9b8861de06ed796dfa58d2698ede4eea859a977416c586558fe19af3272935d11c1f400028008000d0003000000dd0007800400328004002c0014007800fe88000000000000000000000000010104009c8004002480dd95afd616ece44c7793ef38072e089e82cc4caabc1d98f434a71d49b7120e3300f40937789792d510c89f40832070a9d58c4f04f13c537659cb249cfe2375ffce7c6d6cf245b5a806272318e67c520d4c2933394d0763882e8f9b5bcc8e363faa92e5f0b0c2588210afd7a69bbeccc71babc1f59b5c63c2aace31a464e879ed8727c72ab4b4004201d153d2615e9ceb1e57afd1c6736f48ae040075800400000014009700fc020000000000000000000000000000000000080053800400d5807000018008000300000000001400020064766d72703100000000000000000000140002007465616d5f736c6176655f310000000008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="140002006261746164763000000000000000000100f6ff000300090000000800", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="0500060000000000c6000280f2dd72b145bd8a228623b822f95df183ce3f470612ca4b13cf74cd7c4d941b1cd7a71be91e78c88eb31ddb5ec965eff0dc8dae99f996d610fd65748cf457de07736ad236dd78e36d70ea9e78bf44803cc92f0ea4bafdd688934a271de22e4987dd0250cf3f73a2eef3c5d3f5a2e265cf7e91c319a1a420365c4b3649ceb413b5f7b19970611719de9ce78618233852d08cdeaa0db5603cc79c09ea44d6aa83e51760808eb0905b10a7bee087af8979894eafce94f346fbb30432a08a0b2b08001b00dfdd2fa50cd3a58cc533948772d2ca8b1cd0585d71183e9420bb0beaf811fdb78788aaa13c358e5fe42ec09d", @ANYRES32=0x0, @ANYBLOB="11ee5579d12666122dd15f769ba34355"], 0x664}, 0x1, 0x0, 0x0, 0x8040}, 0x4048010)
write$auto(r2, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9)
r3 = getpid()
mremap$auto(0x0, 0x4000007, 0x3fd7, 0x0, 0x20000020000000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/pci0000:00/pci_bus/0000:00/rescan\x00', 0xa001, 0x0)
mmap$auto(0x0, 0x4020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7114}, 0x8)
process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xbff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0)
ioctl$auto(0x3, 0x400454ca, 0x38)
close_range$auto(0x2, 0x8, 0x0)
memfd_create$auto(0x0, 0xe)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r4, &(0x7f0000000000)='//\xf2\x00', 0x80000000)
prctl$auto(0x1, 0x6, r3, 0xb117, 0x9)
mmap$auto(0x200000000000, 0x810004, 0x40000000000ffb, 0x8000000008011, 0x3, 0x8000)
read$auto_fragmentation_threshold_ops_(0xffffffffffffffff, &(0x7f00000000c0)=""/118, 0x76)
msync$auto(0x0, 0xe0, 0x6)
io_uring_setup$auto(0x6, 0x0)

12.796088083s ago: executing program 8 (id=2457):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
madvise$auto(0x0, 0x4, 0x401)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, 0x0, 0x8400, 0x0)
mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000)
r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0)
ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0)
r2 = epoll_create$auto(0x107fb9)
epoll_ctl$auto(r2, 0x1, r1, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f00000010c0), 0x4000, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
r3 = openat$auto_show_traces_fops_trace(0xffffffffffffff9c, 0x0, 0x100, 0x0)
pread64$auto(r3, &(0x7f0000000780)='\x03\xf2v\xad\x06\\\xdd\xa2\xc96\x00k.\x8fC\xb6\x83\x18\xe0\xfdh\xdf\xfe\x16\x18\xcf1\xe2\x16\xc1S/\xb3u\x04:Ew\x84\x15|yT\x83zV\xa2J\\\xe1H\xce\xffod\xfd\x9b\xccm\xc4\x16\xf6\x0f\xdc/yca\xb1\x1f^\x1b+\xfe nF\xa1Z\xc6\xec\xb5\x87I\xc6\xeaks\x02y8\x82_5\x17\x0e1C`\xc3XPI\xab\xa3*C\x84:\xedY\x17T\x1b\xeb&\xa4\xbb\xa7>\xd3v\xcf\x9eFL\xf0\xd3\xd3\x82\x0e\x1d\xc9\xe6\xfd\xbeb\xff0\x17?`\xa4\x11\x06\xaf\xd8\xea\\\x01\xda[\xe8%(p`\x01\xc7\xfc\t\x80\xb0\xb02\xe1\xe9\xee9\xb5\xc9\xd0\x18+\x10a@9|\x01T\xa5\xc4K\x03\a\xe4\xae\xf4\xf9\x98\x8a\x96\x9e\xbc\xca\x1e\x8e\x04X\xef\x85\x7f\x86\xa5\xbd[\xb6\xaf\xff\xc0K\n\x14\xdf\x8ei%\xd9vo\xf6\xb9\xc9\xa2pq2)2\f\x91\t!\xe9rq\xe7\x98\xee\x83\xb7&\xaeH\xc7\a\x05\x8a\xac\xb0fI\xae\xa5\xaa\x16e K\r\xf2\a#\xa1\xfc\x1e\xef\xa8\x1dXZ\x12\xfd)\xe4\xe7\x87\xdc\xd1\xf6\xbe,F\x06\xed\xeeD\xf2\x85x\xe4)\x91/jnf\xd9\xd7\x9d\xce\n\x8e\x9e\xd1\xdf\x02\xac\xab\x0es\xdc\x8ey(\x83\xb8\xa5\x9b\xa4\xaa\xae\xff\'\xa5\xe3\x96\xd1\x1d\x9d\x8a\xd0\x1b\xf0Y\xd0\xd0t8\xdb #\xf9h\x06+$\x03\xcc\xf9=\xdd\x95rw\x91\xd8\x9e\t\'b2\x99\xd5_\xa5*\x00\xfax@M>\xfb\xd2g\x1b\xd7\x97\xb3\f-cl\x99\xe32e\xc9\x17}\x1d1y\xcc\x144\xd2\x97V\r\x00\x00\x00\xf4j\x14\xbb\x82\x14\xa7\xae\x02\xee\x17\rz\xc9\xde\xa3\xeb%\xf0\xd0\xde\v\xa9\x8e\xa5T\"\xb1\xa2\v\xd7/\xe6\xebO`\xec\x90\x9c\xde+\xef*\x03\xb5\x0fK\xb2\xed\xaf3#\xe0.x\x9b\xba\xcc\xe50\beZ\xee\x00\x00\x00\x00\xac~\xab\xc4B\xce\xe1}n\x8c\x8by\x9c6\xbd\xa7\xb9\xdd\x1cX\x87\x1cor\xe1/\v\xfb\xa9\xda\f\x84l\xc3f\x8b}r\x04\xc0l\xd9\xe8A\x94\fdj\xf1\xe00z\xe8+\xec\xd7l\xd0Of\xaaF\xda\xe1\xa0\xb3p7`\xe8\x1f\xff\x05\\', 0xffff, 0x3)
write$auto(0xffffffffffffffff, 0x0, 0x4)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
getrandom$auto(0x0, 0x2, 0x4)
r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
madvise$auto(0x0, 0xffffffffffff0004, 0x19)
madvise$auto(0x0, 0x200007, 0x8)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x2020009, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)

7.572148721s ago: executing program 8 (id=2461):
r0 = openat$auto_proc_environ_operations_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/environ\x00', 0x688b80, 0x0)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/audio1\x00', 0x101001, 0x0)
ioctl$auto_SNDCTL_DSP_NONBLOCK(r1, 0x500e, 0x0) (async)
readv$auto(r0, &(0x7f0000001780)={0x0, 0x400}, 0x7f) (async)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async)
madvise$auto_MADV_GUARD_INSTALL(0x0, 0x100000000, 0x66) (async)
mmap$auto(0x0, 0x9, 0x72, 0x8b72, 0x2, 0x8000) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x1, 0x6) (async)
getsockopt$auto(0x6, 0x40000000029, 0x3, 0xfffffffffffffffe, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/timer_source\x00', 0x8002, 0x0)
write$auto(r2, 0x0, 0x200c)
setsockopt$auto_SO_RCVPRIORITY(r2, 0x3, 0x52, &(0x7f0000000040)='+\x00', 0x47)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptya9\x00', 0xbc0, 0x0) (async)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x4c1, 0x0) (async)
ppoll$auto(&(0x7f0000000080)={0xffffffffffffffff, 0x11b, 0x7ff}, 0xc, &(0x7f00000000c0)={0x3, 0x7f}, 0x0, 0x8) (async)
mmap$auto(0x0, 0x8, 0xfffffffffffffff8, 0x9b72, 0x5, 0x0) (async)
mincore$auto(0x1000, 0x100000000, 0x0) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth0/accept_ra_pinfo\x00', 0x2000, 0x0)
read$auto(r4, 0x0, 0x5ff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000001c0), 0xffffffffffffffff) (async)
r7 = setfsuid$auto(0xee00)
setreuid$auto(r7, 0x0) (async)
sendmsg$auto_NL802154_CMD_TRIGGER_SCAN(r5, &(0x7f00000004c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000480)={&(0x7f0000000200)=ANY=[@ANYBLOB, @ANYRES16=r6, @ANYBLOB="000829bd7000ffdbdf25230000000c0006007f51000000000000080016000101000048022d802e013880e0d5d6b656ef053745caec2c8a5d5f900a3c9fccde194da1a2ac8b32c9464725bb9e25206935313df674aaf778eecc40860345f8c18f510fbe10bd97644be8652b4712b812619f79dbf59199866ca05615ccef4ea4b276586ae019d60e7b60ca41c3d1558371fbf8a691f2cb8df0e4963319cd30edac9989e72308007e000000000004004280d45caae53f6199eeac120b2f4dc37b71f3d041cb415b674a4c88943e81373e57219929f9ff3f262f07502d26ae26999eb2225cbc36cf2b9ac2183d3cf559ff7d3f11dd6b12c312b68cd1b59a78ae5f6a9a2ee163207b92822b6117e03193a7ff1e932b1fbb4f1af66ba9ec44d5101d161eb942e58e5f597001d8097fd920e0995d2656bfef29ddbfb968", @ANYRES32=r4, @ANYBLOB="04002f8008006b00", @ANYRES32, @ANYBLOB="5858606dc35d196156edd240403c455df677373ead5b474ddfcb767be4e648386d56a4f976a9ca7bccbbb4f3b0c5d390c2b5c5f2a960df9aebfd29b24329e7adc3de6c4d4699fe1132efc0e8dc1a2a208b4c5727efd0d94a1b700789d32742dbe6edad1617e263534609b0513cd9c41f40441337fb979636167b193ddaaef6ef432f93c3af7ff511ff674bfc7fdf56a9ea6dea4dd4129f335797d89aad464ea6c71bbb736b0bd2f9ce1f42ab49684f28de77ff9087e32c6c22eab57b71a034b7184a41602f44fc2f8bb5ac187af395d3301fceee4701aaec02422654e180000008003900", @ANYRES32=r7, @ANYBLOB="0c008b00000000004575000008000b00f1000000"], 0x278}, 0x1, 0x0, 0x0, 0x1}, 0x4000040) (async)
sendmsg$auto_NL802154_CMD_SET_PAN_ID(r3, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x980000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x2c, r6, 0x400, 0xfffffc01, 0x25dfdbfd, {}, [@NL802154_ATTR_SEC_FRAME_COUNTER={0x8, 0x2c, 0x7ff}, @NL802154_ATTR_SCAN_TYPE={0x5, 0x1f, 0xa}, @NL802154_ATTR_TX_POWER={0x8, 0xb, 0x400}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x0)

7.057872728s ago: executing program 8 (id=2462):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socket(0x10, 0x2, 0x14) (async)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/rose7/queues/rx-0/rps_cpus\x00', 0x1c1002, 0x0) (async)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, 0x0, 0x180b01, 0x0) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_TIPC_NL_MON_GET(r1, 0x0, 0x4000) (async)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty29\x00', 0x0, 0x0) (async, rerun: 64)
mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0x2, 0x8000) (async, rerun: 64)
r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dri/card1\x00', 0x101002, 0x0)
ioctl$auto(r2, 0x900064d1, 0xc35) (async)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x48041, 0x0)
write$auto_proc_reg_file_ops_compat_inode(r3, 0x0, 0x0) (async)
unshare$auto(0x40000080)
socket(0xa, 0x1, 0x85)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) (async, rerun: 32)
mmap$auto(0x8000, 0x80, 0xe1, 0x9b72, r0, 0x8000) (rerun: 32)
open(0x0, 0x40, 0xa2) (async, rerun: 32)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) (async, rerun: 32)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x100, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) (async)
pread64$auto(r4, 0x0, 0x40000000f42c, 0x585)
write$auto(0x3, 0x0, 0xfffffdef) (async)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) (async)
mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x4, 0x8000) (async, rerun: 64)
r5 = clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) (async, rerun: 64)
r6 = signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0)
read$auto(r6, 0x0, 0x80000000006) (async)
tkill$auto(r5, 0x9)
unshare$auto(0x40000080)

6.736108307s ago: executing program 0 (id=2463):
socket(0x2, 0x5, 0x0)
socket(0x27, 0x4, 0x1)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/veth0_to_bridge/mtu\x00', 0x202, 0x0)
socket(0xa, 0x80803, 0x6)
mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0x6, 0x8000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
socket(0x10, 0x2, 0x0)
io_uring_setup$auto(0x6, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
statx$auto(0xffffff9c, 0x0, 0x1000, 0x803, 0x0)
r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev5\x00', 0x280, 0x0)
ioctl$auto(r1, 0xc040564a, r0)
shutdown$auto(0x200000003, 0x2)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)

6.286567096s ago: executing program 0 (id=2464):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0x4, 0x300000000000)
mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4)
close_range$auto(0x0, 0x5, 0x0)
openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f00000010c0), 0xa0042, 0x0)
select$auto(0x5, 0x0, &(0x7f0000000100)={[0x9, 0x200, 0x0, 0x8000000000000201, 0x9, 0x3, 0x6, 0x7, 0xd886, 0x5e58296b, 0x341, 0x41, 0x7, 0x200, 0x8, 0xc]}, 0x0, 0x0)
rename$auto(&(0x7f0000000180)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', &(0x7f0000000300)='v#\xd5\xaf>=\x14\xe6%\xf7\x8a\x8d\x9a\xae\x1a\xd6\xa8\xb8\x1d\xf5(\xb0\x1f\xbd\xcbV\n\"\xe3V\xfeP\xceN\xb2\xc32\xaf\xcc\x80\xfa\xf0\xd4\xd9|\xfe\x03y\xd16\x17\x99R\xca\xe5\xf4\xb4T\xfcv\xfc\xe6\x9cv\a\x00\xc2a\x16\xd1\x8a\x80\x90\x87\xa5s\x10\xed\x93\xd4\x15=\xc0\x1f\x0e\xb0\x18v}\x03!\xf0I\xe3}\x90\x9b\x92[\xfe2<7\xd3\x81\x9a~\xcd\r\x19\x9e\x10(5\xfd\x8b\x82\xd4\xc85\xc3\x93t\t\xd0\x9d\xca^n\xf3\xcb>\x1bO\xcej\xe0\xef\xf2\xd7\xc2}\x18\xd9`AO\x95<\x9aH\vu\xae\xd4\xea\x12\xb8\xd1\n\x01\x83r\x85\xbf*\x18\xa7 S:R\x14\x89Z3\x94\x8bP)')
acct$auto(&(0x7f0000000280)='/dev/ptp0\x00')
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
r0 = io_uring_setup$auto(0x400, 0x0)
readv$auto(r0, 0x0, 0xfffffffffffffffe)
ioctl$auto_SNDRV_PCM_IOCTL_WRITEI_FRAMES2(r0, 0x40184150, &(0x7f0000000000)={0x400, &(0x7f0000000080)="343c34f4f67943f8c5a6d2711d70652fee4313d3c1f329685b6b8f550343455f918e27b0ae3b990a62503f6b1b79485b703e972258fd30fd3f816e0224769469ae0e95e67d7bec24093e0401f8d6ddb149aa9b5f3608b78be0181c8e2cdc893887305a16808fb07872887ff1bd5ddef3e00131df8691ad34be8c67c2f273fc0d54a26b7fa4cd627da1600bcac89b6d671c23bbfd8be94856d4718fb18b913e084d7c38ce4b8d", 0x4})
madvise$auto(0x1, 0x5, 0x6)
clock_adjtime$auto(0xfffffffffffffffb, 0x0)

6.147656883s ago: executing program 9 (id=2440):
mmap$auto(0x0, 0x8000, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xfffffffffffffffe, 0x8000)
ustat$auto(0x801, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
madvise$auto(0x0, 0x2003f0, 0x15)
bpf$auto(0x5, 0x0, 0x102)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/graphics/fbcon/cursor_blink\x00', 0xa001, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
sysfs$auto(0x2, 0xe, 0x0)
lsm_list_modules$auto(0x0, 0x0, 0x0)
r1 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000000c0), 0x8040, 0x0)
r2 = gettid()
kill$auto(r2, 0x11)
ioctl$auto_dvb_demux_fops_dmxdev(r1, 0x40000403c6f2b, 0x0)
r3 = socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000)
socket(0x21, 0x2, 0x2)
poll$auto(&(0x7f0000000000)={0x3, 0x1, 0xa}, 0x5, 0x108)
setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9)
getsockopt$auto(r3, 0x0, 0x53, 0x0, &(0x7f0000000040)=0x2c)
ioctl$auto_dvb_demux_fops_dmxdev(r1, 0x6f29, 0x0)
eventfd2$auto(0x7ff, 0x6)
close_range$auto(0x2, 0x8, 0x0)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$auto(0x3, 0xae60, 0xffffffffffffffff)

5.843188326s ago: executing program 0 (id=2465):
socket(0x2, 0x1, 0x0)
mmap$auto(0x0, 0x400004, 0x400, 0x9b72, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x20009, 0xde, 0xeb1, 0xffffffffffffffff, 0x8000)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
get_mempolicy$auto(0x0, 0x0, 0x7f, 0x8, 0x3)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bus/usb/011/001\x00', 0x40, 0x0)
socket(0xa, 0x80000, 0x84)
socket(0x2a, 0x2, 0x0)
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
io_uring_setup$auto(0x6, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x48140, 0x0)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, 0x0, 0xc800)
r0 = syz_open_procfs$namespace(0x0, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xa3, 0xeb1, r1, 0x8000)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
r2 = socket(0xa, 0x5, 0x84)
sendto$auto(r2, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c)
setns(r0, 0x0)
mmap$auto(0x0, 0x22000c, 0xdf, 0x10000000020eb1, 0x40000000000a5, 0x8000)
move_pages$auto(0xffffffffffffffff, 0xa6, 0x0, 0x0, 0x0, 0x3)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
madvise$auto(0x0, 0x400053, 0x9)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004)
openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0)

5.638741533s ago: executing program 2 (id=2441):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
ioperm$auto(0x7, 0x5ad2, 0x8)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket(0x10, 0x2, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x6ab40, 0x0)
r2 = socketcall$auto(0x8000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
ioctl$auto_SNDCTL_TMR_CONTINUE(r3, 0x5404, &(0x7f0000000000)="a80b")
r4 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x80040, 0x40, 0xe}, 0x18)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/mtd/mtd0/ecc_strength\x00', 0x0, 0x0)
read$auto(r5, 0x0, 0x8000)
pidfd_getfd$auto(0xffffffffffffffff, r5, 0x5)
setresuid$auto(0x0, 0x2, 0x0)
fremovexattr$auto(r4, &(0x7f0000000000)='system.posix_acl_access\x00')
r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r2)
r7 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000002040)='/dev/snd/pcmC1D1c\x00', 0x80, 0x0)
ioctl$auto_SNDRV_PCM_IOCTL_PAUSE2(r7, 0x40044145, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0)

4.606801892s ago: executing program 0 (id=2466):
r0 = socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
recvmmsg$auto(r0, 0x0, 0x400fffd, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/devices/virtual/net/bond0/bonding/arp_ip_target\x00', 0xa0002, 0x0)
write$auto_ocfs2_control_fops_stack_user(r1, &(0x7f00000004c0)="ebe0d540ef48", 0x6)
semctl$auto(0x0, 0xe3, 0x0, 0x5)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x3, 0x6)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000380)='/dev/cuse\x00', 0x40100, 0x0)
clone$auto(0x20003b46, 0x401, 0x0, 0x0, 0x2)
r2 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0)
write$auto(r2, 0x0, 0xc3)
socket$nl_generic(0x10, 0x3, 0x10)
lsm_set_self_attr$auto(0x1, 0x0, 0x7, 0x6)
getsockname$auto(r1, &(0x7f0000000000)=@ax25={0x3, @bcast, 0x6}, &(0x7f0000000040)=0x6)
sendmmsg$auto(0x3, 0x0, 0x9a5, 0x47ffff7a)

4.161068302s ago: executing program 2 (id=2467):
r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x40000, 0x0)
init_module$auto(&(0x7f0000000040), 0x8, &(0x7f0000000080)='/dev/sequencer2\x00')
ioctl$auto_SNDCTL_SYNTH_MEMAVL(r0, 0xc004510e, 0x0)
openat$auto_binder_ctl_fops_binderfs(0xffffffffffffff9c, 0x0, 0x82c00, 0x0)
mmap$auto(0x0, 0x400008, 0xdd, 0x9b72, 0x2, 0x8000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9)
r3 = getpid()
process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={0x0, 0x40000000001243}, 0xa, 0x0)
mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000)
move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2)
ioctl$auto(0x3, 0x400454ca, 0x38)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/dummy0/addr_gen_mode\x00', 0x1, 0x0)
writev$auto(0xffffffffffffffff, 0x0, 0x9)
close_range$auto(0xffffffffffffffff, 0x8, 0x0)
mmap$auto(0x0, 0x4020009, 0xdc, 0xeb1, 0xffffffffffffffff, 0x8000)
getsockopt$auto_SO_RCVMARK(r0, 0x6, 0x4b, &(0x7f0000000280)='/dev/sequencer2\x00', &(0x7f00000002c0)=0x218a8a23)
sendmsg$auto_NL802154_CMD_GET_SEC_DEV(r2, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, 0x0, 0x400, 0x70bd2a, 0x25dfdbff, {}, [@NL802154_ATTR_SEC_OUT_LEVEL={0x8, 0x2a, 0x200}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
pwritev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x5}, 0x80000001, 0x3, 0x9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
read$auto_tun_fops_tun(r2, 0x0, 0x0)
madvise$auto(0x0, 0x600009, 0x19)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x2000, 0x0)
r4 = socket(0x2, 0x1, 0x0)
getsockopt$auto_SO_PASSCRED(r4, 0x6, 0x10, &(0x7f0000000000)=',\x00', &(0x7f0000000040)=0x6)

3.882533425s ago: executing program 9 (id=2468):
mmap$auto(0x0, 0x40009, 0xdf, 0x13, 0x7, 0x28000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
clock_nanosleep$auto(0x9, 0x9aa, 0x0, 0x0)
ioctl$auto(0x3, 0x9, 0x38)
mmap$auto(0x5, 0x8, 0x4000000000e3, 0x800000000000017, 0x401, 0x5)
socket(0x11, 0x5, 0x1)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, 0x0, 0x191000, 0x0)
socket(0xa, 0x3, 0x3c)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x55)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xffff}, 0x1, 0x0, 0x0, 0x9}, 0x100007}, 0x3, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/trace_pipe\x00', 0x20c01, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/admmidi2\x00', 0x1, 0x0)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/net/dev_snmp6/veth0_virt_wifi\x00', 0x200000, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/bus/hid/drivers/saitek/bind\x00', 0xa081, 0x0)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x2020009, 0xfffc, 0x12, 0xfffffffffffffffa, 0x8000)
unshare$auto(0x40000080)
memfd_create$auto(&(0x7f0000000000)='\xd3\x00', 0x8)

2.303497599s ago: executing program 8 (id=2469):
connect$auto(0xffffffffffffffff, 0x0, 0x3a)
r0 = socket(0x2c, 0x3, 0x0)
bind$auto(r0, &(0x7f0000000080)=@xdp={0x2c, 0xc, 0x0, 0x1c}, 0x6b)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x8004, 0x7)
mmap$auto(0x0, 0x2, 0xffffffffffffffff, 0x44eb1, 0x602, 0x300000000000)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-0/xps_cpus\x00', 0x10b062, 0x0)
write$auto(r2, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
ioctl$auto(0x3, 0xae60, 0x10000000000402)
r3 = openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x2482, 0x0)
pread64$auto(r3, 0x0, 0x20000000001, 0x7fff)
ioctl$auto(0x3, 0xc008ae67, 0x38)
preadv$auto(0x40000000000003, 0x0, 0xb385, 0xc, 0xffffffffffffffff)
madvise$auto(0x61, 0x200007, 0x99)

2.068436195s ago: executing program 0 (id=2470):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/oom_adj\x00', 0x142, 0x0)
read$auto(r0, 0x0, 0x4)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
linkat$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x9)
unshare$auto(0x8000000)
mmap$auto(0x2, 0x100000040000d, 0x100000001, 0x9b72, 0x2, 0x8002)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000500)='/proc/sys/fs/xfs/stats_clear\x00', 0x1, 0x0)
write$auto(0x3, 0x0, 0x4)
r2 = open(&(0x7f0000000100)='\x00', 0x0, 0x40)
r3 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)={0x80480, 0x6, 0x10}, 0x18)
name_to_handle_at$auto(r3, &(0x7f0000000180)='/proc/thread-self/fail-nth\x00', &(0x7f0000000240)={0xc8, 0x100, "0b6f2bf83799e2c4e34daace2d14ba3a9f7ad133953c2c571abf93e26912ea6c4d785ed994d37db95db987d9bcb1d9f69e03da405542c9fc0b7088ac20cb80c693454d6c5d20b213eb48083044e49eb9d1d88897abe74fdf822a15ed7b2d1fef5714e2238ff89ab3e9d52937c371ae431f6446c4c300c1dbdb247158e9474c0354203a31d3bf67a86b60e843b6d9fd4b6f44b134f00b7d4008d7ad9ff1b35e7a3ff051c9b1e0785715b57b6be3ab63a60e7fd7405467807c84ac158d7f7bbed87298316ae579f6d2"}, &(0x7f0000000340)="5088da29122c8570330f23f29b04e61492b6c6c245d1b7d6dbac992b75f51ba7491d95f8fb7d75d1f5d6da0efd476fe0d4005e4ea443beeee25be57f80b7f5ac78f1a44602a23db26b48fd28ff3778c0de22bf8ddad48107be8cd726ec3b1bec5d15efc7fcf75d86a61ef8a4b71b9363874bc6860b2c95f71948a14fe087f8197789dd8ecc586ffa56d2ea1c76d87ffec3775cb290cd19a470ee935c4b46fcc3b45007eabfad48a47bc4a7672e9c172ea760ce5d41f0409098e8359a074bd64f37", 0x2)
getdents64$auto(r2, 0x0, 0x400)
process_madvise$auto(r2, &(0x7f0000000040)={&(0x7f0000000000)="9df4a2b3a6338f8efd6bfb7b253ceba9f6aa1016cd1beac9fd", 0x40}, 0x40, 0x5, 0x53)

1.227385466s ago: executing program 8 (id=2471):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8001)
io_uring_setup$auto(0x6, 0x0) (async)
socket(0x22, 0xa, 0x6) (async)
socket(0x11, 0x80003, 0x300)
socket(0x5, 0x4, 0xffffffba)
socket(0x2, 0x3, 0x2) (async)
socket(0x2, 0x4, 0x104) (async)
syz_open_procfs$namespace(0xffffffffffffffff, 0x0) (async)
socketpair$auto(0x4, 0x8000, 0x725e, 0x0) (async, rerun: 32)
socket(0x18, 0x2, 0x5) (async, rerun: 32)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000040), r0)
sendmsg$auto_WG_CMD_SET_DEVICE(r0, &(0x7f00000028c0)={0x0, 0x0, 0x0}, 0x80)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) (async)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, 0x0, 0x8001, 0x0)
r1 = openat$auto_nodes_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000000), 0x40c0, 0x0)
writev$auto(r1, 0x0, 0x0) (async, rerun: 64)
syz_genetlink_get_family_id$auto_ipvs(0x0, 0xffffffffffffffff) (rerun: 64)
openat$auto_bm_status_operations_binfmt_misc(0xffffffffffffff9c, 0x0, 0x4, 0x0) (async)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80000, 0x0) (async, rerun: 32)
prctl$auto(0x26, 0x1, 0x0, 0x0, 0x0) (rerun: 32)
mmap$auto(0x0, 0x40009, 0xdf, 0x10011, 0x7, 0x28000) (async, rerun: 32)
r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) (rerun: 32)
ioctl$auto_PPPIOCSMRU(r3, 0xc004743e, 0x0) (async)
sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_DELETE(r0, 0x0, 0x2000c890) (async)
writev$auto(r3, &(0x7f0000000000)={0x0, 0xb194}, 0x2) (async, rerun: 32)
landlock_restrict_self$auto(0xffffffffffffffff, 0x4) (async, rerun: 32)
read$auto(r2, 0x0, 0x20)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0)

1.224544348s ago: executing program 2 (id=2472):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = openat$auto_bsg_fops_bsg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/bsg/0:0:0:0\x00', 0x108100, 0x0)
sendmsg$auto_NL80211_CMD_REQ_SET_REG(r0, &(0x7f0000000400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000003c0)={&(0x7f00000000c0)={0x2cc, r1, 0x1, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_TDLS_SUPPORT={0x4}, @NL80211_ATTR_SCAN_SSIDS={0x19b, 0x2d, 0x0, 0x1, [@nested={0x8, 0x6, 0x0, 0x1, [@nested={0x4, 0xb7}]}, @generic="eae4", @typed={0x8, 0x9, 0x0, 0x0, @fd=r2}, @nested={0x63, 0xe2, 0x0, 0x1, [@generic="2da322d047014f4cfb7432ad32b61fdba6e664251d20c4c2091b8c8a1ee23482179424ef8aaa8363f498a7c4c263628c92aba7577627d791fbd99e547f679813a0d6255eb218453d79ec600f7a5c8b79760c6a", @typed={0x8, 0xba, 0x0, 0x0, @u32=0x9}, @nested={0x4, 0x2f}]}, @generic="b952c1db72832cfe4c6878ab1d0fa16107dbf73328f6d98ad594ee7c1c76eb9c1171e6a8ae449166ac51357ce6a2f0f6a0e279ed834d848b7d06592aa973b4a7e34635a9aab9cf66d0aca0e7ab0c067935af4a7cbc5ff9f83e48cebc23a33d375e959dcd5bc27a62a8b1cc7d67d5b06ccdefb9aeac21874dd41d3cd4cdf44d9bdfdc4934bed5f8bac9bfe139789df7d09f", @generic="d865f5808ecfb21378945c45e814c45d47bdefac400479050e934f7acb896894e8ee4fded2ea669008a2f015cfb22753a0429fa45d0422", @nested={0x10, 0x108, 0x0, 0x1, [@generic="8b44c2b16811484d1d55bbb9"]}, @generic="d0529645dbc328989aef128c9c5965c428851df4cd5dbae62cf4a7687ce6c8cb9eef6e228313f2ec269b211e5ba80971f15fea54dad5562fccbff4359fbb83b5c1ddec0c4bd0bf28ef"]}, @NL80211_ATTR_STA_FLAGS={0x105, 0x11, 0x0, 0x1, [@typed={0xc, 0x151, 0x0, 0x0, @u64=0x8a6}, @typed={0x4, 0x70}, @nested={0x8, 0x13b, 0x0, 0x1, [@nested={0x4, 0x46}]}, @generic="292b244882f6a4814906340bc353adde877c82f60cba7fccae729eeb66f2be9603e3d5cf2572fab0de1134578aa7cd6ee2f152e600e2f99890d0665b4535839488fa469bbfda9038ae1f292464da82f4efcedb821f486dd747fddb36437e929ca66e5b93d40878f0a0c03aa4", @typed={0xe, 0x30, 0x0, 0x0, @str='\xdc/!#[.^!\\\x00'}, @nested={0x58, 0x5c, 0x0, 0x1, [@typed={0x43, 0x13a, 0x0, 0x0, @binary="f276816afb21687254beaec2f48006bb89369d64403ae4d08b58396a4109e52dd5c5de1b46a2dcc42de0c307e5ed11bf54f95ffae34aa9eb22021fd29610c0"}, @typed={0x8, 0x10c, 0x0, 0x0, @ipv4=@multicast1}, @nested={0x4, 0xc3}, @nested={0x4, 0xa8}]}, @generic="d870b6af2e48dafe2fa92402643627cb0bc907818a"]}, @NL80211_ATTR_BSS_SHORT_PREAMBLE={0x5, 0x1d, 0x3}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x9}]}, 0x2cc}, 0x1, 0x0, 0x0, 0x20001001}, 0x24004010)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000440)='/dev/midi2\x00', 0x4c0100, 0x0)
ioctl$auto_SNDRV_RAWMIDI_IOCTL_INFO(r3, 0x810c5701, &(0x7f0000000480)={0x800, 0x7ff, 0x5, 0x8, 0x9, "b6db63bdc108f2aaaf80774ed9275c274acfead121df712860e6d50fad811eba972aff0e39ce7fc4c96cf247e5b15d90a089b72e87df4653b67f6c0bbade6e3a", "6c5f604ab23a4471ee2c589d30d5e0ca6b9bb85edc5fb927644cbbe1b046cc73d689ab29e56e183f09c322fc9eb562167ab3275959dd8c5cd96cc6c04dd519be1b291c9db0fa6f89cfc555760f70ce43", "c0b1798022b5f02004c07f9e15d0c3b976a0b67344ce84477baf74367dea1ed3", 0x2, 0x7, 0x2, "e9d563ea21b82d3e1052b72591fd1d4fc0141c4a00581b90b95ebea53469c6484ea66b5d70e9d941b8450f401113e5521a0d604c19eb8f2c0317baf3"})
openat$auto_tomoyo_self_operations_securityfs_if(0xffffffffffffff9c, &(0x7f00000005c0), 0xc9a002, 0x0)
getrlimit$auto(0x0, &(0x7f0000000600)={0x3, 0x9})
fsconfig$auto_XFS_DAX_INODE(r0, 0x4, &(0x7f0000000640)='\xdc/!#[.^!\\\x00', &(0x7f0000000680)="7a1e89ec3b7a6abc4b940c6c232cb6b64625698d20a83a21e62d837ba17b1a7a6461047fbff69dced53a91606e235305057b36ca0ab2e46fa4b5a44afd07cc2a0d9b80bcbd0d872ea36b781f0fa2847bb6dcc501172e5d04f4cf84b30ffe613172ed15a98dbc8a6abb4acaa3b440351236cc18f037362ef56b5c9174f32f1ed1ba4be8c1c2f04fa4a793551aabff5525cdbe3ddb6eff7be7050c0e23", 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000740)='/dev/loop1\x00', 0x200, 0x0)
r4 = epoll_create$auto(0xda)
ioctl$auto_SNDCTL_SEQ_THRESHOLD(r4, 0x4004510d, &(0x7f0000000780)="59a3e45f8cf053101a6fc2d4f0ac8f5a4e66fb77b4ecc0eb6beb7c282b2cbe09d8c37d751ab5cf702075079f847fb5b494")
request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f00000007c0)='%\x80\x00', &(0x7f0000000800)='\'\'#!-\x00', &(0x7f0000000840)='/dev/bsg/0:0:0:0\x00', 0xfffffffffffffffb)
socket(0x23, 0xa, 0xe2)
getrlimit$auto(0x800, &(0x7f0000000880)={0x9, 0x59})
r5 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f00000008c0)='/dev/sg0\x00', 0x80, 0x0)
r6 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000900)='/dev/nbd2\x00', 0x404000, 0x0)
ioctl$auto_BLKCRYPTOIMPORTKEY(r6, 0xc0401289, &(0x7f0000000940)={0x7fff, 0x0, 0x9, 0x9, [0x2, 0x9bf2, 0xc132, 0x91]})
setrlimit$auto(0x4, &(0x7f0000000980)={0x3e, 0xfffffffffffffffc})
request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f00000009c0)='\xdc/!#[.^!\\\x00', &(0x7f0000000a00)='d:^&@/,\x00', &(0x7f0000000a40)='%\x80\x00', 0xfffffffffffffffb)
r7 = wait4$auto(0x0, &(0x7f0000000a80)=0x3, 0x2c7b, &(0x7f0000000ac0)={{0x6, 0x10}, {0x8, 0x7}, 0x0, 0xf, 0x3, 0xfff, 0x7, 0x7fff, 0x5, 0x8, 0xa, 0xcf, 0x6, 0x3, 0x3, 0x8})
r8 = fcntl$auto(r5, 0xfffffeff, r7)
request_key$auto_KEY_SPEC_USER_SESSION_KEYRING(&(0x7f0000000b80)='/dev/bsg/0:0:0:0\x00', &(0x7f0000000bc0)='\x00', &(0x7f0000000c00)='/dev/loop1\x00', 0xfffffffffffffffb)
getrlimit$auto(0x5, &(0x7f0000000c40)={0x1})
r9 = openat$auto_ptdump_curusr_fops_(0xffffffffffffff9c, &(0x7f0000000c80), 0x80000, 0x0)
r10 = setfsgid$auto(0xee00)
fstat$auto(r9, &(0x7f0000000cc0)={0x0, 0x0, 0x7fffffff, 0x3, 0xffffffffffffffff, r10, 0x0, 0xc00000000, 0x4, 0x2, 0x7, 0xff, 0x5a, 0x1, 0x1, 0x8, 0x200})
ioctl$auto_BTRFS_IOC_ENCODED_WRITE(r4, 0x40809440, &(0x7f0000000e00)={&(0x7f0000000dc0)={&(0x7f0000000d80)="21fa162e47f23f5d9c9af4936820aeb9d2c42bf679", 0x7}, 0x1, 0x2, 0x400, 0x6, 0x8, 0x3, 0x9, 0xfffffc01, "08c0c4a49ac57d14f899ca7a95af1f9eecdc93f9f90aa3b9d7176d59ee0f9601ead5a1d97fb5f7ea6fb01b34177212526a00028295ceb55f65d6196346953126"})
syz_clone3(&(0x7f0000001fc0)={0x4006c00, &(0x7f0000000e80), &(0x7f0000000ec0), &(0x7f0000000f00), {0x20}, &(0x7f0000000f40)=""/54, 0x36, &(0x7f0000000f80)=""/4096, &(0x7f0000001f80)=[r7, r7], 0x2, {r8}}, 0x58)
fsopen$auto(&(0x7f0000002040)='\x00', 0x1)

43.714395ms ago: executing program 9 (id=2473):
r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x2000, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x80)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
syz_clone(0x20a08200, 0x0, 0x0, 0x0, 0x0, 0x0)
gettid()
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
getpid()
ioctl$auto_MON_IOCG_STATS(0xffffffffffffffff, 0x80089203, 0x0)
ioctl$auto(r0, 0x961064a0, 0x600000000200007)

41.124403ms ago: executing program 2 (id=2474):
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x801, 0x8)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x80, 0x0)
r0 = socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram10/queue/max_sectors_kb\x00', 0xe3102, 0x0)
sendfile$auto(r0, r1, 0x0, 0x3)

0s ago: executing program 0 (id=2475):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
r0 = seccomp$auto(0xc, 0x1, &(0x7f00000003c0)="448a6b9456ccd566caa5cad68bf9595d0aef258dca511c5661bf67da09eb43072c4483800a6543741ae76fc8052152110863c565a058fc57a6f73f3c267b37367afe66246549302392f5287acaf04f51eb37e3a69001cdc9f71637acac7a283b644439dc65e588e404099136193c928fdccf3b560e6f3eb2a951838b9f2dcf5b9a4ef6565c3efff9016d45dea88ca563d217c8423e")
sendmsg$auto_HSR_C_GET_NODE_STATUS(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000ff0000030004020000060007040080000300000000", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a0001000000000000000000060007000300000008000200", @ANYRES32=0x0, @ANYBLOB="0800030001"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40008d0) (async)
r1 = socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0) (async)
r2 = openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, &(0x7f0000000040), 0x80280, 0x0)
r3 = bpf$auto_BPF_LINK_CREATE(0x1c, &(0x7f0000000300)=@prog_bind_map={r1, r2, 0x2}, 0x3)
ioctl$auto_XFS_IOC_FREESP64(r3, 0x40305825, &(0x7f00000001c0)={0x8, 0xdae, 0xfffffffffffffffe, 0xff, 0x9, <r4=>0xffffffffffffffff})
prctl$auto_PR_SET_MM_ARG_END(0x3, 0x9, r4, 0xfffffffffffffff9, 0xc5) (async)
r5 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r6 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff) (rerun: 32)
sendmsg$auto_CTRL_CMD_GETPOLICY(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x28, r6, 0x301, 0x70bd2c, 0x25dfdbfb, {}, [@CTRL_ATTR_FAMILY_NAME={0x11, 0x2, 'ovs_datapath\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4019}, 0x0) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) (async)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

kernel console output (not intermixed with test programs):

 __kernel_text_address+0xd/0x40
[  631.585811][T15269]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  631.585845][T15269]  ? arch_stack_walk+0xa6/0x100
[  631.585905][T15269]  ? __lock_acquire+0x622/0x1c90
[  631.585946][T15269]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  631.586004][T15269]  ? policy_nodemask+0xea/0x4e0
[  631.586053][T15269]  alloc_pages_mpol+0x1fb/0x550
[  631.586100][T15269]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  631.586157][T15269]  alloc_pages_noprof+0x131/0x390
[  631.586204][T15269]  __pmd_alloc+0x3b/0x8b0
[  631.586259][T15269]  __handle_mm_fault+0xada/0x2aa0
[  631.586316][T15269]  ? mt_find+0x3e2/0xa20
[  631.586361][T15269]  ? __pfx___handle_mm_fault+0x10/0x10
[  631.586408][T15269]  ? __pfx_mt_find+0x10/0x10
[  631.586476][T15269]  ? find_vma+0xbf/0x140
[  631.586518][T15269]  ? __pfx_find_vma+0x10/0x10
[  631.586563][T15269]  handle_mm_fault+0x589/0xd10
[  631.586615][T15269]  ? __pkru_allows_pkey+0x21/0xb0
[  631.586670][T15269]  do_user_addr_fault+0x7a6/0x1370
[  631.586705][T15269]  ? rcu_is_watching+0x12/0xc0
[  631.586745][T15269]  exc_page_fault+0x64/0xc0
[  631.586785][T15269]  asm_exc_page_fault+0x26/0x30
[  631.586823][T15269] RIP: 0010:rep_movs_alternative+0x33/0x90
[  631.586876][T15269] Code: 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 4d 3c 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb
[  631.586911][T15269] RSP: 0018:ffffc9000b0a79a0 EFLAGS: 00050216
[  631.586938][T15269] RAX: 736e755f646d705f RBX: 0000000000000012 RCX: 0000000000000012
[  631.586956][T15269] RDX: ffffed100f58a806 RSI: ffff88807ac54017 RDI: 0000000000000000
[  631.586975][T15269] RBP: 0000000000000012 R08: 0000000000000000 R09: ffffed100f58a805
[  631.586993][T15269] R10: ffff88807ac54028 R11: 0000000000000001 R12: 0000000000000000
[  631.587012][T15269] R13: ffffc9000b0a7bb8 R14: ffff88807ac54017 R15: 0000000000000000
[  631.587056][T15269]  _copy_to_iter+0x4eb/0x1710
[  631.587099][T15269]  ? __pfx__copy_to_iter+0x10/0x10
[  631.587129][T15269]  ? s_next+0x7f/0xb0
[  631.587174][T15269]  ? traverse.part.0.constprop.0+0x2c5/0x650
[  631.587242][T15269]  seq_read_iter+0x71e/0x12d0
[  631.587389][T15269]  seq_read+0x3a3/0x570
[  631.587445][T15269]  ? __pfx_seq_read+0x10/0x10
[  631.587504][T15269]  ? get_pid_task+0xfc/0x250
[  631.587566][T15269]  ? __pfx_seq_read+0x10/0x10
[  631.587617][T15269]  proc_reg_read+0x240/0x330
[  631.587693][T15269]  ? __pfx_proc_reg_read+0x10/0x10
[  631.587741][T15269]  vfs_read+0x1e4/0xcf0
[  631.587785][T15269]  ? __pfx_vfs_read+0x10/0x10
[  631.587817][T15269]  ? find_held_lock+0x2b/0x80
[  631.587852][T15269]  ? __fget_files+0x204/0x3c0
[  631.587892][T15269]  ? __fget_files+0x20e/0x3c0
[  631.587921][T15269]  ? __fget_files+0x120/0x3c0
[  631.587964][T15269]  __x64_sys_pread64+0x1eb/0x250
[  631.588005][T15269]  ? __pfx___x64_sys_pread64+0x10/0x10
[  631.588060][T15269]  do_syscall_64+0xcd/0xfa0
[  631.588106][T15269]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  631.588153][T15269] RIP: 0033:0x7f3650b8f6c9
[  631.588182][T15269] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  631.588215][T15269] RSP: 002b:00007f36519f9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  631.588245][T15269] RAX: ffffffffffffffda RBX: 00007f3650de5fa0 RCX: 00007f3650b8f6c9
[  631.588267][T15269] RDX: 0000080000000008 RSI: 0000000000000000 RDI: 0000000000000003
[  631.588285][T15269] RBP: 00007f36519f9090 R08: 0000000000000000 R09: 0000000000000000
[  631.588306][T15269] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000001
[  631.588326][T15269] R13: 00007f3650de6038 R14: 00007f3650de5fa0 R15: 00007fff48409c58
[  631.588373][T15269]  </TASK>
[  632.068876][    C1] vkms_vblank_simulate: vblank timer overrun
[  632.752387][T15271] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1947'.
[  632.800022][T15271] veth0_vlan: entered allmulticast mode
[  632.952763][T15282] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1949'.
[  634.058708][T15302] nbd: must specify a device to reconfigure
[  634.068000][T15295] ima: policy update failed
[  634.124722][   T30] kauditd_printk_skb: 23 callbacks suppressed
[  634.124745][   T30] audit: type=1802 audit(4294968383.944:54): pid=15295 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1951" res=0 errno=0
[  635.000784][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  635.008228][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  635.460925][T15313] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1957'.
[  636.443780][T15322] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1958'.
[  636.800058][T15330] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1961'.
[  637.410651][T15341] FAULT_INJECTION: forcing a failure.
[  637.410651][T15341] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  637.482698][T15341] CPU: 0 UID: 0 PID: 15341 Comm: syz.5.1965 Not tainted syzkaller #0 PREEMPT(full) 
[  637.482743][T15341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  637.482762][T15341] Call Trace:
[  637.482773][T15341]  <TASK>
[  637.482785][T15341]  dump_stack_lvl+0x16c/0x1f0
[  637.482838][T15341]  should_fail_ex+0x512/0x640
[  637.482893][T15341]  should_fail_alloc_page+0xe7/0x130
[  637.482941][T15341]  prepare_alloc_pages+0x3c2/0x610
[  637.482985][T15341]  ? arch_stack_walk+0xa6/0x100
[  637.483022][T15341]  __alloc_frozen_pages_noprof+0x18b/0x2470
[  637.483069][T15341]  ? stack_trace_save+0x8e/0xc0
[  637.483107][T15341]  ? __pfx_stack_trace_save+0x10/0x10
[  637.483147][T15341]  ? stack_depot_save_flags+0x29/0x9c0
[  637.483219][T15341]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  637.483257][T15341]  ? kasan_save_stack+0x42/0x60
[  637.483294][T15341]  ? kasan_save_stack+0x33/0x60
[  637.483329][T15341]  ? kasan_save_track+0x14/0x30
[  637.483365][T15341]  ? __kasan_slab_alloc+0x89/0x90
[  637.483404][T15341]  ? kmem_cache_alloc_noprof+0x250/0x6e0
[  637.483435][T15341]  ? __pmd_alloc+0xbf/0x8b0
[  637.483476][T15341]  ? __handle_mm_fault+0xada/0x2aa0
[  637.483530][T15341]  ? _copy_to_iter+0x4eb/0x1710
[  637.483557][T15341]  ? seq_read_iter+0x71e/0x12d0
[  637.483606][T15341]  ? seq_read+0x3a3/0x570
[  637.483651][T15341]  ? proc_reg_read+0x240/0x330
[  637.483692][T15341]  ? vfs_read+0x1e4/0xcf0
[  637.483724][T15341]  ? __x64_sys_pread64+0x1eb/0x250
[  637.483763][T15341]  ? do_syscall_64+0xcd/0xfa0
[  637.483800][T15341]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  637.483846][T15341]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  637.483903][T15341]  ? policy_nodemask+0xea/0x4e0
[  637.483952][T15341]  alloc_pages_mpol+0x1fb/0x550
[  637.483999][T15341]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  637.484045][T15341]  ? __lock_acquire+0xb8a/0x1c90
[  637.484098][T15341]  ? __pfx_filemap_map_pages+0x10/0x10
[  637.484130][T15341]  alloc_pages_noprof+0x131/0x390
[  637.484176][T15341]  pte_alloc_one+0x1e/0x350
[  637.484214][T15341]  __do_fault+0x320/0x490
[  637.484245][T15341]  ? do_raw_spin_lock+0x12c/0x2b0
[  637.484299][T15341]  ? __pfx_filemap_map_pages+0x10/0x10
[  637.484328][T15341]  do_pte_missing+0x1a6/0x3ba0
[  637.484379][T15341]  ? __thp_vma_allowable_orders+0x1c8/0xcd0
[  637.484431][T15341]  ? __pmd_alloc+0x64f/0x8b0
[  637.484479][T15341]  __handle_mm_fault+0x1556/0x2aa0
[  637.484536][T15341]  ? mt_find+0x3e2/0xa20
[  637.484581][T15341]  ? __pfx___handle_mm_fault+0x10/0x10
[  637.484628][T15341]  ? __pfx_mt_find+0x10/0x10
[  637.484695][T15341]  ? find_vma+0xbf/0x140
[  637.484732][T15341]  ? __pfx_find_vma+0x10/0x10
[  637.484775][T15341]  handle_mm_fault+0x589/0xd10
[  637.484840][T15341]  ? __pkru_allows_pkey+0x21/0xb0
[  637.484896][T15341]  do_user_addr_fault+0x7a6/0x1370
[  637.484933][T15341]  ? rcu_is_watching+0x12/0xc0
[  637.484973][T15341]  exc_page_fault+0x64/0xc0
[  637.485014][T15341]  asm_exc_page_fault+0x26/0x30
[  637.485045][T15341] RIP: 0010:rep_movs_alternative+0x33/0x90
[  637.485098][T15341] Code: 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 4d 3c 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb
[  637.485129][T15341] RSP: 0018:ffffc90003c7f9a0 EFLAGS: 00050216
[  637.485155][T15341] RAX: 736e755f646d705f RBX: 0000000000000012 RCX: 0000000000000012
[  637.485175][T15341] RDX: ffffed100f569806 RSI: ffff88807ab4c017 RDI: 0000000000000000
[  637.485195][T15341] RBP: 0000000000000012 R08: 0000000000000000 R09: ffffed100f569805
[  637.485213][T15341] R10: ffff88807ab4c028 R11: 0000000000000001 R12: 0000000000000000
[  637.485231][T15341] R13: ffffc90003c7fbb8 R14: ffff88807ab4c017 R15: 0000000000000000
[  637.485270][T15341]  _copy_to_iter+0x4eb/0x1710
[  637.485310][T15341]  ? __pfx__copy_to_iter+0x10/0x10
[  637.485338][T15341]  ? s_next+0x7f/0xb0
[  637.485383][T15341]  ? traverse.part.0.constprop.0+0x2c5/0x650
[  637.485450][T15341]  seq_read_iter+0x71e/0x12d0
[  637.485521][T15341]  seq_read+0x3a3/0x570
[  637.485572][T15341]  ? __pfx_seq_read+0x10/0x10
[  637.485632][T15341]  ? get_pid_task+0xfc/0x250
[  637.485693][T15341]  ? __pfx_seq_read+0x10/0x10
[  637.485745][T15341]  proc_reg_read+0x240/0x330
[  637.485791][T15341]  ? __pfx_proc_reg_read+0x10/0x10
[  637.485844][T15341]  vfs_read+0x1e4/0xcf0
[  637.485890][T15341]  ? __pfx_vfs_read+0x10/0x10
[  637.485921][T15341]  ? find_held_lock+0x2b/0x80
[  637.485957][T15341]  ? __fget_files+0x204/0x3c0
[  637.485997][T15341]  ? __fget_files+0x20e/0x3c0
[  637.486026][T15341]  ? __fget_files+0x120/0x3c0
[  637.486073][T15341]  __x64_sys_pread64+0x1eb/0x250
[  637.486113][T15341]  ? __pfx___x64_sys_pread64+0x10/0x10
[  637.486166][T15341]  do_syscall_64+0xcd/0xfa0
[  637.486211][T15341]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  637.486243][T15341] RIP: 0033:0x7f65c2f8f6c9
[  637.486269][T15341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  637.486301][T15341] RSP: 002b:00007f65c3e55038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  637.486331][T15341] RAX: ffffffffffffffda RBX: 00007f65c31e5fa0 RCX: 00007f65c2f8f6c9
[  637.486354][T15341] RDX: 0000080000000008 RSI: 0000000000000000 RDI: 0000000000000003
[  637.486374][T15341] RBP: 00007f65c3e55090 R08: 0000000000000000 R09: 0000000000000000
[  637.486394][T15341] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000001
[  637.486413][T15341] R13: 00007f65c31e6038 R14: 00007f65c31e5fa0 R15: 00007ffd26a3a538
[  637.486459][T15341]  </TASK>
[  639.748934][T13580] Bluetooth: hci2: unexpected event 0x04 length: 435 > 10
[  639.749307][T13580] Bluetooth: hci2: connection err: -111
[  639.970681][T15379] FAULT_INJECTION: forcing a failure.
[  639.970681][T15379] name failslab, interval 1, probability 0, space 0, times 0
[  639.996905][T15379] CPU: 0 UID: 0 PID: 15379 Comm: syz.4.1975 Not tainted syzkaller #0 PREEMPT(full) 
[  639.996949][T15379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  639.996969][T15379] Call Trace:
[  639.996979][T15379]  <TASK>
[  639.996991][T15379]  dump_stack_lvl+0x16c/0x1f0
[  639.997036][T15379]  should_fail_ex+0x512/0x640
[  639.997086][T15379]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[  639.997123][T15379]  ? __pfx_filemap_map_pages+0x10/0x10
[  639.997154][T15379]  should_failslab+0xc2/0x120
[  639.997199][T15379]  kmem_cache_alloc_noprof+0x75/0x6e0
[  639.997233][T15379]  ? __lock_acquire+0xb8a/0x1c90
[  639.997274][T15379]  ? ptlock_alloc+0x1f/0x70
[  639.997329][T15379]  ? __pfx_filemap_map_pages+0x10/0x10
[  639.997361][T15379]  ? ptlock_alloc+0x1f/0x70
[  639.997409][T15379]  ptlock_alloc+0x1f/0x70
[  639.997457][T15379]  pte_alloc_one+0x84/0x350
[  639.997497][T15379]  __do_fault+0x320/0x490
[  639.997529][T15379]  ? do_raw_spin_lock+0x12c/0x2b0
[  639.997600][T15379]  ? __pfx_filemap_map_pages+0x10/0x10
[  639.997630][T15379]  do_pte_missing+0x1a6/0x3ba0
[  639.997682][T15379]  ? __thp_vma_allowable_orders+0x1c8/0xcd0
[  639.997733][T15379]  ? __pmd_alloc+0x64f/0x8b0
[  639.997781][T15379]  __handle_mm_fault+0x1556/0x2aa0
[  639.997838][T15379]  ? mt_find+0x3e2/0xa20
[  639.997885][T15379]  ? __pfx___handle_mm_fault+0x10/0x10
[  639.997934][T15379]  ? __pfx_mt_find+0x10/0x10
[  639.998002][T15379]  ? find_vma+0xbf/0x140
[  639.998041][T15379]  ? __pfx_find_vma+0x10/0x10
[  639.998085][T15379]  handle_mm_fault+0x589/0xd10
[  639.998138][T15379]  ? __pkru_allows_pkey+0x21/0xb0
[  639.998192][T15379]  do_user_addr_fault+0x7a6/0x1370
[  639.998228][T15379]  ? rcu_is_watching+0x12/0xc0
[  639.998268][T15379]  exc_page_fault+0x64/0xc0
[  639.998307][T15379]  asm_exc_page_fault+0x26/0x30
[  639.998338][T15379] RIP: 0010:rep_movs_alternative+0x33/0x90
[  639.998389][T15379] Code: 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 4d 3c 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb
[  639.998421][T15379] RSP: 0018:ffffc900035a79a0 EFLAGS: 00050216
[  639.998447][T15379] RAX: 736e755f646d705f RBX: 0000000000000012 RCX: 0000000000000012
[  639.998468][T15379] RDX: ffffed1006390c06 RSI: ffff888031c86017 RDI: 0000000000000000
[  639.998489][T15379] RBP: 0000000000000012 R08: 0000000000000000 R09: ffffed1006390c05
[  639.998509][T15379] R10: ffff888031c86028 R11: 0000000000000001 R12: 0000000000000000
[  639.998529][T15379] R13: ffffc900035a7bb8 R14: ffff888031c86017 R15: 0000000000000000
[  639.998580][T15379]  _copy_to_iter+0x4eb/0x1710
[  639.998623][T15379]  ? __pfx__copy_to_iter+0x10/0x10
[  639.998652][T15379]  ? s_next+0x7f/0xb0
[  639.998699][T15379]  ? traverse.part.0.constprop.0+0x2c5/0x650
[  639.998767][T15379]  seq_read_iter+0x71e/0x12d0
[  639.998838][T15379]  seq_read+0x3a3/0x570
[  639.998890][T15379]  ? __pfx_seq_read+0x10/0x10
[  639.998950][T15379]  ? get_pid_task+0xfc/0x250
[  639.999011][T15379]  ? __pfx_seq_read+0x10/0x10
[  639.999068][T15379]  proc_reg_read+0x240/0x330
[  639.999114][T15379]  ? __pfx_proc_reg_read+0x10/0x10
[  639.999161][T15379]  vfs_read+0x1e4/0xcf0
[  639.999204][T15379]  ? __pfx_vfs_read+0x10/0x10
[  639.999237][T15379]  ? find_held_lock+0x2b/0x80
[  639.999271][T15379]  ? __fget_files+0x204/0x3c0
[  639.999310][T15379]  ? __fget_files+0x20e/0x3c0
[  639.999340][T15379]  ? __fget_files+0x120/0x3c0
[  639.999385][T15379]  __x64_sys_pread64+0x1eb/0x250
[  639.999588][T15379]  ? __pfx___x64_sys_pread64+0x10/0x10
[  639.999644][T15379]  do_syscall_64+0xcd/0xfa0
[  639.999688][T15379]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  639.999720][T15379] RIP: 0033:0x7fc51758f6c9
[  639.999743][T15379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  639.999811][T15379] RSP: 002b:00007fc51837e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  639.999853][T15379] RAX: ffffffffffffffda RBX: 00007fc5177e5fa0 RCX: 00007fc51758f6c9
[  639.999874][T15379] RDX: 0000080000000008 RSI: 0000000000000000 RDI: 0000000000000003
[  639.999894][T15379] RBP: 00007fc51837e090 R08: 0000000000000000 R09: 0000000000000000
[  639.999914][T15379] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000001
[  639.999935][T15379] R13: 00007fc5177e6038 R14: 00007fc5177e5fa0 R15: 00007fff7f6c1f28
[  639.999982][T15379]  </TASK>
[  641.757067][T15418] FAULT_INJECTION: forcing a failure.
[  641.757067][T15418] name failslab, interval 1, probability 0, space 0, times 0
[  641.771844][T15418] CPU: 0 UID: 0 PID: 15418 Comm: syz.0.1983 Not tainted syzkaller #0 PREEMPT(full) 
[  641.771887][T15418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  641.771906][T15418] Call Trace:
[  641.771917][T15418]  <TASK>
[  641.771929][T15418]  dump_stack_lvl+0x16c/0x1f0
[  641.771976][T15418]  should_fail_ex+0x512/0x640
[  641.772032][T15418]  should_failslab+0xc2/0x120
[  641.772079][T15418]  __kmalloc_cache_noprof+0x72/0x780
[  641.772109][T15418]  ? __pfx___might_resched+0x10/0x10
[  641.772145][T15418]  ? nfc_genl_rcv_nl_event+0xc1/0x2e0
[  641.772201][T15418]  ? nfc_genl_rcv_nl_event+0xc1/0x2e0
[  641.772249][T15418]  nfc_genl_rcv_nl_event+0xc1/0x2e0
[  641.772300][T15418]  notifier_call_chain+0xbc/0x410
[  641.772343][T15418]  ? __pfx_nfc_genl_rcv_nl_event+0x10/0x10
[  641.772404][T15418]  blocking_notifier_call_chain+0x69/0xa0
[  641.772465][T15418]  netlink_release+0x16cf/0x2080
[  641.772514][T15418]  ? netlink_release+0x1e4/0x2080
[  641.772553][T15418]  ? __pfx_netlink_release+0x10/0x10
[  641.772593][T15418]  ? __pfx_locks_remove_file+0x10/0x10
[  641.772633][T15418]  __sock_release+0xb3/0x270
[  641.772670][T15418]  ? __pfx_sock_close+0x10/0x10
[  641.772702][T15418]  sock_close+0x1c/0x30
[  641.772733][T15418]  __fput+0x402/0xb70
[  641.772786][T15418]  task_work_run+0x150/0x240
[  641.772838][T15418]  ? __pfx_task_work_run+0x10/0x10
[  641.772888][T15418]  ? __pfx___do_sys_close_range+0x10/0x10
[  641.772933][T15418]  exit_to_user_mode_loop+0xec/0x130
[  641.772983][T15418]  do_syscall_64+0x426/0xfa0
[  641.773025][T15418]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  641.773058][T15418] RIP: 0033:0x7f3650b8f6c9
[  641.773084][T15418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  641.773115][T15418] RSP: 002b:00007f36519d8038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  641.773147][T15418] RAX: 0000000000000000 RBX: 00007f3650de6090 RCX: 00007f3650b8f6c9
[  641.773167][T15418] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  641.773185][T15418] RBP: 00007f3650c11f91 R08: 0000000000000000 R09: 0000000000000000
[  641.773205][T15418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  641.773225][T15418] R13: 00007f3650de6128 R14: 00007f3650de6090 R15: 00007fff48409c58
[  641.773270][T15418]  </TASK>
[  641.800983][T15414] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1982'.
[  641.821117][T15416] EXT4-fs: 2 callbacks suppressed
[  641.821146][T15416] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 948 with max blocks 75 with error 117
[  642.042473][T15416] EXT4-fs (sda1): This should not happen!! Data will be lost
[  642.042473][T15416] 
[  642.274273][T15423] FAULT_INJECTION: forcing a failure.
[  642.274273][T15423] name failslab, interval 1, probability 0, space 0, times 0
[  642.304804][T15423] CPU: 0 UID: 0 PID: 15423 Comm: syz.0.1984 Not tainted syzkaller #0 PREEMPT(full) 
[  642.304847][T15423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  642.304865][T15423] Call Trace:
[  642.304876][T15423]  <TASK>
[  642.304887][T15423]  dump_stack_lvl+0x16c/0x1f0
[  642.304933][T15423]  should_fail_ex+0x512/0x640
[  642.304979][T15423]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[  642.305017][T15423]  should_failslab+0xc2/0x120
[  642.305061][T15423]  kmem_cache_alloc_noprof+0x75/0x6e0
[  642.305095][T15423]  ? security_file_alloc+0x34/0x2b0
[  642.305137][T15423]  ? security_file_alloc+0x34/0x2b0
[  642.305170][T15423]  security_file_alloc+0x34/0x2b0
[  642.305205][T15423]  init_file+0x93/0x4c0
[  642.305252][T15423]  alloc_empty_file+0x73/0x1e0
[  642.305300][T15423]  alloc_file_pseudo+0x13a/0x230
[  642.305350][T15423]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  642.305424][T15423]  __shmem_file_setup+0x1a3/0x330
[  642.305481][T15423]  shmem_zero_setup+0x93/0x1a0
[  642.305519][T15423]  __mmap_region+0x2076/0x27a0
[  642.305558][T15423]  ? __pfx___mmap_region+0x10/0x10
[  642.305589][T15423]  ? finish_task_switch.isra.0+0x21c/0xc10
[  642.305628][T15423]  ? rcu_is_watching+0x12/0xc0
[  642.305662][T15423]  ? finish_task_switch.isra.0+0x221/0xc10
[  642.305697][T15423]  ? lockdep_hardirqs_on+0x7c/0x110
[  642.305743][T15423]  ? finish_task_switch.isra.0+0x221/0xc10
[  642.305817][T15423]  ? __pfx___schedule+0x10/0x10
[  642.305906][T15423]  ? trace_cap_capable+0x18d/0x200
[  642.305970][T15423]  mmap_region+0x1ab/0x3f0
[  642.306004][T15423]  ? __get_unmapped_area+0x267/0x440
[  642.306053][T15423]  do_mmap+0xa3e/0x1210
[  642.306109][T15423]  ? __pfx_do_mmap+0x10/0x10
[  642.306153][T15423]  ? __pfx_down_write_killable+0x10/0x10
[  642.306212][T15423]  vm_mmap_pgoff+0x29e/0x470
[  642.306264][T15423]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  642.306307][T15423]  ? cap_capable+0xb3/0x250
[  642.306350][T15423]  ? rcu_is_watching+0x12/0xc0
[  642.306392][T15423]  ? __x64_sys_futex+0x1e0/0x4c0
[  642.306446][T15423]  ? __x64_sys_futex+0x1e9/0x4c0
[  642.306498][T15423]  ksys_mmap_pgoff+0x7d/0x5c0
[  642.306538][T15423]  ? xfd_validate_state+0x61/0x180
[  642.306592][T15423]  __x64_sys_mmap+0x125/0x190
[  642.306648][T15423]  do_syscall_64+0xcd/0xfa0
[  642.306693][T15423]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  642.306727][T15423] RIP: 0033:0x7f3650b8f6c9
[  642.306753][T15423] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  642.306786][T15423] RSP: 002b:00007f36519f9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  642.306818][T15423] RAX: ffffffffffffffda RBX: 00007f3650de5fa0 RCX: 00007f3650b8f6c9
[  642.306840][T15423] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000
[  642.306860][T15423] RBP: 00007f3650c11f91 R08: ffffffffffffffff R09: 0000000000008000
[  642.306881][T15423] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[  642.306901][T15423] R13: 00007f3650de6038 R14: 00007f3650de5fa0 R15: 00007fff48409c58
[  642.306946][T15423]  </TASK>
[  642.626631][T15428] random: crng reseeded on system resumption
[  642.719892][T15428] Invalid ELF header magic: != ELF
[  642.850933][   T30] audit: type=1804 audit(4294968392.669:55): pid=15426 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1986" name="/newroot/sys/kernel/tracing/per_cpu/cpu1/trace" dev="tracefs" ino=260 res=1 errno=0
[  643.297664][T15428] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1987'.
[  643.392973][T15439] tc_dump_action: action bad kind
[  643.994544][T15457] kernel read not supported for file /�D� (pid: 15457 comm: syz.0.1993)
[  644.039900][   T30] audit: type=1800 audit(4294968393.859:56): pid=15457 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1993" name=12E644089E dev="mqueue" ino=48420 res=0 errno=0
[  644.129281][T15450] zswap: compressor  not available
[  644.320582][T15464] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1995'.
[  645.691513][T15497] device-mapper: ioctl: Invalid data size in the ioctl structure: 2147483647
[  646.659220][T15512] FAULT_INJECTION: forcing a failure.
[  646.659220][T15512] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  646.740410][T15512] CPU: 1 UID: 0 PID: 15512 Comm: syz.4.2007 Not tainted syzkaller #0 PREEMPT(full) 
[  646.740453][T15512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  646.740471][T15512] Call Trace:
[  646.740481][T15512]  <TASK>
[  646.740494][T15512]  dump_stack_lvl+0x16c/0x1f0
[  646.740537][T15512]  should_fail_ex+0x512/0x640
[  646.740593][T15512]  _copy_to_iter+0x463/0x1710
[  646.740633][T15512]  ? __pfx__copy_to_iter+0x10/0x10
[  646.740667][T15512]  ? page_reporting_process.cold+0x1d/0x1d
[  646.740711][T15512]  ? page_reporting_process.cold+0x1d/0x1d
[  646.740748][T15512]  ? s_show+0x253/0x320
[  646.740797][T15512]  seq_read_iter+0xd02/0x12d0
[  646.740868][T15512]  seq_read+0x3a3/0x570
[  646.740918][T15512]  ? __pfx_seq_read+0x10/0x10
[  646.740977][T15512]  ? get_pid_task+0xfc/0x250
[  646.741038][T15512]  ? __pfx_seq_read+0x10/0x10
[  646.741088][T15512]  proc_reg_read+0x240/0x330
[  646.741133][T15512]  ? __pfx_proc_reg_read+0x10/0x10
[  646.741185][T15512]  vfs_read+0x1e4/0xcf0
[  646.741228][T15512]  ? __pfx_vfs_read+0x10/0x10
[  646.741259][T15512]  ? find_held_lock+0x2b/0x80
[  646.741293][T15512]  ? __fget_files+0x204/0x3c0
[  646.741330][T15512]  ? __fget_files+0x20e/0x3c0
[  646.741360][T15512]  ? __fget_files+0x120/0x3c0
[  646.741404][T15512]  __x64_sys_pread64+0x1eb/0x250
[  646.741449][T15512]  ? __pfx___x64_sys_pread64+0x10/0x10
[  646.741501][T15512]  do_syscall_64+0xcd/0xfa0
[  646.741546][T15512]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  646.741579][T15512] RIP: 0033:0x7fc51758f6c9
[  646.741603][T15512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  646.741635][T15512] RSP: 002b:00007fc51837e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  646.741664][T15512] RAX: ffffffffffffffda RBX: 00007fc5177e5fa0 RCX: 00007fc51758f6c9
[  646.741685][T15512] RDX: 0000080000000008 RSI: 0000000000000000 RDI: 0000000000000003
[  646.741705][T15512] RBP: 00007fc51837e090 R08: 0000000000000000 R09: 0000000000000000
[  646.741724][T15512] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000001
[  646.741742][T15512] R13: 00007fc5177e6038 R14: 00007fc5177e5fa0 R15: 00007fff7f6c1f28
[  646.741787][T15512]  </TASK>
[  646.968370][    C1] vkms_vblank_simulate: vblank timer overrun
[  648.857693][T15557] FAULT_INJECTION: forcing a failure.
[  648.857693][T15557] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  648.895637][T15557] CPU: 1 UID: 0 PID: 15557 Comm: syz.3.2018 Not tainted syzkaller #0 PREEMPT(full) 
[  648.895681][T15557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  648.895701][T15557] Call Trace:
[  648.895711][T15557]  <TASK>
[  648.895722][T15557]  dump_stack_lvl+0x16c/0x1f0
[  648.895766][T15557]  should_fail_ex+0x512/0x640
[  648.895822][T15557]  _copy_to_user+0x32/0xd0
[  648.895854][T15557]  simple_read_from_buffer+0xcb/0x170
[  648.895909][T15557]  proc_fail_nth_read+0x197/0x240
[  648.895946][T15557]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  648.895984][T15557]  ? rw_verify_area+0xcf/0x6c0
[  648.896021][T15557]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  648.896057][T15557]  vfs_read+0x1e4/0xcf0
[  648.896096][T15557]  ? __pfx___mutex_lock+0x10/0x10
[  648.896146][T15557]  ? __pfx_vfs_read+0x10/0x10
[  648.896194][T15557]  ? __fget_files+0x20e/0x3c0
[  648.896239][T15557]  ksys_read+0x12a/0x250
[  648.896273][T15557]  ? __pfx_ksys_read+0x10/0x10
[  648.896323][T15557]  do_syscall_64+0xcd/0xfa0
[  648.896366][T15557]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  648.896400][T15557] RIP: 0033:0x7f494af8e0dc
[  648.896426][T15557] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  648.896457][T15557] RSP: 002b:00007f494bd7d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  648.896488][T15557] RAX: ffffffffffffffda RBX: 00007f494b1e5fa0 RCX: 00007f494af8e0dc
[  648.896510][T15557] RDX: 000000000000000f RSI: 00007f494bd7d0a0 RDI: 0000000000000004
[  648.896529][T15557] RBP: 00007f494bd7d090 R08: 0000000000000000 R09: 0000000000000000
[  648.896549][T15557] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000002
[  648.896568][T15557] R13: 00007f494b1e6038 R14: 00007f494b1e5fa0 R15: 00007fff871b4b88
[  648.896612][T15557]  </TASK>
[  649.085037][    C1] vkms_vblank_simulate: vblank timer overrun
[  649.686865][T15567] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input40
[  650.379247][T15578] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 960 with max blocks 63 with error 117
[  650.429792][T15578] EXT4-fs (sda1): This should not happen!! Data will be lost
[  650.429792][T15578] 
[  652.425284][T15607] ptrace attach of "./syz-executor exec"[15609] was attempted by "./syz-executor exec"[15607]
[  653.520616][T15626] random: crng reseeded on system resumption
[  653.884187][T13579] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 984 with max blocks 21 with error 117
[  653.904262][T13579] EXT4-fs (sda1): This should not happen!! Data will be lost
[  653.904262][T13579] 
[  653.927499][T13579] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 942 with max blocks 79 with error 117
[  653.951009][T13579] EXT4-fs (sda1): This should not happen!! Data will be lost
[  653.951009][T13579] 
[  653.989716][T13579] EXT4-fs (sda1): Delayed block allocation failed for inode 2030 at logical offset 2 with max blocks 2 with error 117
[  654.080766][T13579] EXT4-fs (sda1): This should not happen!! Data will be lost
[  654.080766][T13579] 
[  654.127148][T13579] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 956 with max blocks 65 with error 117
[  654.432728][T13579] EXT4-fs (sda1): This should not happen!! Data will be lost
[  654.432728][T13579] 
[  655.001153][T15647] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.2034: iget: checksum invalid
[  655.044473][T15647] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[  655.056420][T15647] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.2034: iget: checksum invalid
[  655.065855][T15648] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2034'.
[  655.067933][T15647] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[  655.111495][T15647] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.2034: iget: checksum invalid
[  655.145212][T15647] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[  655.205458][T15647] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.2034: iget: checksum invalid
[  655.218018][T15647] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  655.229351][T15647] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  655.243610][T15647] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  656.745685][T15681] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  656.753029][T15681] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  656.769964][T15681] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  656.831586][T15681] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  656.885446][T15681] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  656.931286][T15681] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  657.041772][T15681] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  657.520073][   T30] audit: type=1800 audit(4294968407.332:57): pid=15688 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=67602 res=0 errno=0
[  658.766836][T13580] Bluetooth: hci3: command 0x0c1a tx timeout
[  658.773568][T14263] Bluetooth: hci0: command 0x0c1a tx timeout
[  658.854779][T13580] Bluetooth: hci1: command 0x0c1a tx timeout
[  658.863951][T14263] Bluetooth: hci2: command 0x0c1a tx timeout
[  658.926277][T13580] Bluetooth: hci4: command 0x0c1a tx timeout
[  661.011886][T13580] Bluetooth: hci4: command 0x0c1a tx timeout
[  663.095290][T13580] Bluetooth: hci4: command 0x0c1a tx timeout
[  663.215735][T15817] HfR: entered promiscuous mode
[  663.436198][T15806] bridge0: port 4(team0) entered blocking state
[  663.444711][T15806] bridge0: port 4(team0) entered disabled state
[  663.451519][T15806] team0: entered allmulticast mode
[  663.456752][T15806] team_slave_0: entered allmulticast mode
[  663.463263][T15806] team_slave_1: entered allmulticast mode
[  663.480022][T15822] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2068'.
[  663.507537][T15806] team0: entered promiscuous mode
[  663.541952][T15806] team_slave_0: entered promiscuous mode
[  663.562982][T15806] team_slave_1: entered promiscuous mode
[  663.569185][T15831] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2068'.
[  663.596340][T15806] bridge0: port 4(team0) entered blocking state
[  663.602954][T15806] bridge0: port 4(team0) entered forwarding state
[  663.754405][T15831] HfR: left promiscuous mode
[  664.554505][T15841] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2073'.
[  664.729681][T15840] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2074'.
[  664.763386][T15840] netlink: 25 bytes leftover after parsing attributes in process `syz.5.2074'.
[  665.599112][T14103] EXT4-fs: 2 callbacks suppressed
[  665.599136][T14103] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 979 with max blocks 44 with error 117
[  665.618360][T14103] EXT4-fs (sda1): This should not happen!! Data will be lost
[  665.618360][T14103] 
[  665.657834][T14103] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 953 with max blocks 68 with error 117
[  665.748558][T14103] EXT4-fs (sda1): This should not happen!! Data will be lost
[  665.748558][T14103] 
[  665.807783][T14103] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 929 with max blocks 92 with error 117
[  665.854809][T14103] EXT4-fs (sda1): This should not happen!! Data will be lost
[  665.854809][T14103] 
[  665.903625][T14103] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 0 with max blocks 1 with error 117
[  665.923736][T15888] syz.5.2084 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  666.024787][T14103] EXT4-fs (sda1): This should not happen!! Data will be lost
[  666.024787][T14103] 
[  666.101270][T14103] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1383 with max blocks 87 with error 117
[  666.387317][T14103] EXT4-fs (sda1): This should not happen!! Data will be lost
[  666.387317][T14103] 
[  666.675821][T15896] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2087'.
[  667.146942][T15903] FAULT_INJECTION: forcing a failure.
[  667.146942][T15903] name failslab, interval 1, probability 0, space 0, times 0
[  667.161588][T15903] CPU: 1 UID: 0 PID: 15903 Comm: syz.4.2090 Not tainted syzkaller #0 PREEMPT(full) 
[  667.161632][T15903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  667.161651][T15903] Call Trace:
[  667.161662][T15903]  <TASK>
[  667.161674][T15903]  dump_stack_lvl+0x16c/0x1f0
[  667.161721][T15903]  should_fail_ex+0x512/0x640
[  667.161770][T15903]  ? __kmalloc_cache_noprof+0x5f/0x780
[  667.161808][T15903]  should_failslab+0xc2/0x120
[  667.161852][T15903]  __kmalloc_cache_noprof+0x72/0x780
[  667.161885][T15903]  ? cuse_channel_open+0x4f/0x7f0
[  667.161931][T15903]  ? __pfx_cuse_channel_open+0x10/0x10
[  667.161969][T15903]  ? cuse_channel_open+0x4f/0x7f0
[  667.162008][T15903]  cuse_channel_open+0x4f/0x7f0
[  667.162049][T15903]  ? __pfx_cuse_channel_open+0x10/0x10
[  667.162092][T15903]  misc_open+0x26d/0x450
[  667.162142][T15903]  ? __pfx_misc_open+0x10/0x10
[  667.162192][T15903]  chrdev_open+0x234/0x6a0
[  667.162232][T15903]  ? __pfx_apparmor_file_open+0x10/0x10
[  667.162283][T15903]  ? __pfx_chrdev_open+0x10/0x10
[  667.162326][T15903]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  667.162381][T15903]  do_dentry_open+0x982/0x1530
[  667.162427][T15903]  ? __pfx_chrdev_open+0x10/0x10
[  667.162477][T15903]  vfs_open+0x82/0x3f0
[  667.162531][T15903]  path_openat+0x1de4/0x2cb0
[  667.162583][T15903]  ? __pfx_path_openat+0x10/0x10
[  667.162624][T15903]  ? __lock_acquire+0xb8a/0x1c90
[  667.162675][T15903]  do_filp_open+0x20b/0x470
[  667.162713][T15903]  ? __pfx_do_filp_open+0x10/0x10
[  667.162781][T15903]  ? alloc_fd+0x471/0x7d0
[  667.162827][T15903]  do_sys_openat2+0x11b/0x1d0
[  667.162872][T15903]  ? __pfx_do_sys_openat2+0x10/0x10
[  667.162940][T15903]  __x64_sys_openat+0x174/0x210
[  667.162993][T15903]  ? __pfx___x64_sys_openat+0x10/0x10
[  667.163045][T15903]  ? syscall_user_dispatch+0x78/0x140
[  667.163090][T15903]  do_syscall_64+0xcd/0xfa0
[  667.163135][T15903]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  667.163169][T15903] RIP: 0033:0x7fc51758f6c9
[  667.163196][T15903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  667.163229][T15903] RSP: 002b:00007fc51837e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  667.163260][T15903] RAX: ffffffffffffffda RBX: 00007fc5177e5fa0 RCX: 00007fc51758f6c9
[  667.163281][T15903] RDX: 0000000000181041 RSI: 0000200000000140 RDI: ffffffffffffff9c
[  667.163301][T15903] RBP: 00007fc517611f91 R08: 0000000000000000 R09: 0000000000000000
[  667.163320][T15903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  667.163339][T15903] R13: 00007fc5177e6038 R14: 00007fc5177e5fa0 R15: 00007fff7f6c1f28
[  667.163390][T15903]  </TASK>
[  668.292224][   T30] audit: type=1800 audit(4294968418.086:58): pid=15926 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=69005 res=0 errno=0
[  668.311756][    C0] vkms_vblank_simulate: vblank timer overrun
[  670.023118][T13580] Bluetooth: hci1: unexpected subevent 0x03 length: 253 > 9
[  671.266665][T15953] zswap: compressor  not available
[  671.709352][T15967] netlink: 342 bytes leftover after parsing attributes in process `syz.5.2103'.
[  673.356028][T15998] usb usb35: usbfs: process 15998 (syz.3.2111) did not claim interface 21 before use
[  674.771041][    T9] smpboot: CPU 1 is now offline
[  677.722030][T16054] FAULT_INJECTION: forcing a failure.
[  677.722030][T16054] name failslab, interval 1, probability 0, space 0, times 0
[  677.788856][T16054] CPU: 0 UID: 0 PID: 16054 Comm: syz.4.2124 Not tainted syzkaller #0 PREEMPT(full) 
[  677.788891][T16054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  677.788906][T16054] Call Trace:
[  677.788914][T16054]  <TASK>
[  677.788924][T16054]  dump_stack_lvl+0x16c/0x1f0
[  677.788959][T16054]  should_fail_ex+0x512/0x640
[  677.788996][T16054]  ? __kmalloc_noprof+0xca/0x880
[  677.789038][T16054]  should_failslab+0xc2/0x120
[  677.789071][T16054]  __kmalloc_noprof+0xdd/0x880
[  677.789110][T16054]  ? lsm_blob_alloc+0x68/0x90
[  677.789145][T16054]  ? lsm_blob_alloc+0x68/0x90
[  677.789198][T16054]  lsm_blob_alloc+0x68/0x90
[  677.789229][T16054]  security_sk_alloc+0x30/0x270
[  677.789267][T16054]  sk_prot_alloc+0x1c7/0x2a0
[  677.789300][T16054]  sk_alloc+0x36/0xc20
[  677.789339][T16054]  __netlink_create+0x5e/0x2c0
[  677.789378][T16054]  __netlink_kernel_create+0xed/0x750
[  677.789406][T16054]  ? __pfx___netlink_kernel_create+0x10/0x10
[  677.789431][T16054]  ? find_held_lock+0x2b/0x80
[  677.789457][T16054]  ? audit_net_init+0x190/0x440
[  677.789494][T16054]  audit_net_init+0x1ae/0x440
[  677.789525][T16054]  ? __pfx_audit_net_init+0x10/0x10
[  677.789557][T16054]  ? rcu_is_watching+0x12/0xc0
[  677.789582][T16054]  ? __pfx_audit_receive+0x10/0x10
[  677.789618][T16054]  ? __pfx_audit_multicast_bind+0x10/0x10
[  677.789654][T16054]  ? __pfx_audit_multicast_unbind+0x10/0x10
[  677.789691][T16054]  ? __pfx_genl_unbind+0x10/0x10
[  677.789717][T16054]  ? ops_init+0x77/0x5f0
[  677.789746][T16054]  ? __pfx_audit_net_init+0x10/0x10
[  677.789779][T16054]  ops_init+0x1e2/0x5f0
[  677.789807][T16054]  setup_net+0x100/0x390
[  677.789833][T16054]  ? __pfx_setup_net+0x10/0x10
[  677.789861][T16054]  ? debug_mutex_init+0x37/0x70
[  677.789888][T16054]  copy_net_ns+0x2f8/0x690
[  677.789919][T16054]  create_new_namespaces+0x3ea/0xa90
[  677.789954][T16054]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  677.789984][T16054]  ksys_unshare+0x45b/0xa40
[  677.790019][T16054]  ? __pfx_ksys_unshare+0x10/0x10
[  677.790053][T16054]  ? xfd_validate_state+0x61/0x180
[  677.790098][T16054]  __x64_sys_unshare+0x31/0x40
[  677.790130][T16054]  do_syscall_64+0xcd/0xfa0
[  677.790169][T16054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  677.790193][T16054] RIP: 0033:0x7fc51758f6c9
[  677.790212][T16054] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  677.790234][T16054] RSP: 002b:00007fc5157f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  677.790257][T16054] RAX: ffffffffffffffda RBX: 00007fc5177e6180 RCX: 00007fc51758f6c9
[  677.790274][T16054] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  677.790288][T16054] RBP: 00007fc517611f91 R08: 0000000000000000 R09: 0000000000000000
[  677.790303][T16054] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  677.790317][T16054] R13: 00007fc5177e6218 R14: 00007fc5177e6180 R15: 00007fff7f6c1f28
[  677.790350][T16054]  </TASK>
[  677.790425][T16054] audit: cannot initialize netlink socket in namespace
[  678.750165][T16065] blktrace: Concurrent blktraces are not allowed on loop2
[  678.786606][T16066] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2127'.
[  678.857769][T16066] ovs_��: entered promiscuous mode
[  679.366452][T16065] binder: 16061:16065 unknown command 0
[  679.408747][T16065] binder: 16061:16065 ioctl c0306201 200000000000 returned -22
[  680.068221][T16093] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2134'.
[  680.930412][T16102] FAULT_INJECTION: forcing a failure.
[  680.930412][T16102] name failslab, interval 1, probability 0, space 0, times 0
[  680.980483][T16102] CPU: 0 UID: 0 PID: 16102 Comm: syz.0.2137 Not tainted syzkaller #0 PREEMPT(full) 
[  680.980521][T16102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  680.980535][T16102] Call Trace:
[  680.980542][T16102]  <TASK>
[  680.980551][T16102]  dump_stack_lvl+0x16c/0x1f0
[  680.980583][T16102]  should_fail_ex+0x512/0x640
[  680.980618][T16102]  ? kmem_cache_alloc_lru_noprof+0x66/0x6e0
[  680.980647][T16102]  should_failslab+0xc2/0x120
[  680.980678][T16102]  kmem_cache_alloc_lru_noprof+0x79/0x6e0
[  680.980705][T16102]  ? __d_alloc+0x32/0xae0
[  680.980737][T16102]  ? __d_alloc+0x32/0xae0
[  680.980761][T16102]  __d_alloc+0x32/0xae0
[  680.980792][T16102]  d_alloc_pseudo+0x1c/0xc0
[  680.980830][T16102]  alloc_file_pseudo+0xcf/0x230
[  680.980866][T16102]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  680.980900][T16102]  ? alloc_fd+0x471/0x7d0
[  680.980928][T16102]  sock_alloc_file+0x50/0x210
[  680.980955][T16102]  __sys_socket+0x1c0/0x260
[  680.980987][T16102]  ? __pfx___sys_socket+0x10/0x10
[  680.981019][T16102]  ? xfd_validate_state+0x61/0x180
[  680.981052][T16102]  ? __pfx_ksys_write+0x10/0x10
[  680.981084][T16102]  __x64_sys_socket+0x72/0xb0
[  680.981114][T16102]  ? lockdep_hardirqs_on+0x7c/0x110
[  680.981143][T16102]  do_syscall_64+0xcd/0xfa0
[  680.981173][T16102]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  680.981197][T16102] RIP: 0033:0x7f3650b8f6c9
[  680.981214][T16102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  680.981236][T16102] RSP: 002b:00007f36519f9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  680.981258][T16102] RAX: ffffffffffffffda RBX: 00007f3650de5fa0 RCX: 00007f3650b8f6c9
[  680.981273][T16102] RDX: 000000000000000f RSI: 0000000000080003 RDI: 0000000000000011
[  680.981286][T16102] RBP: 00007f3650c11f91 R08: 0000000000000000 R09: 0000000000000000
[  680.981300][T16102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  680.981313][T16102] R13: 00007f3650de6038 R14: 00007f3650de5fa0 R15: 00007fff48409c58
[  680.981343][T16102]  </TASK>
[  681.190871][    C0] vkms_vblank_simulate: vblank timer overrun
[  686.954779][T16166] FAULT_INJECTION: forcing a failure.
[  686.954779][T16166] name failslab, interval 1, probability 0, space 0, times 0
[  687.058570][T16166] CPU: 0 UID: 0 PID: 16166 Comm: syz.3.2151 Not tainted syzkaller #0 PREEMPT(full) 
[  687.058603][T16166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  687.058617][T16166] Call Trace:
[  687.058624][T16166]  <TASK>
[  687.058633][T16166]  dump_stack_lvl+0x16c/0x1f0
[  687.058667][T16166]  should_fail_ex+0x512/0x640
[  687.058704][T16166]  ? kmem_cache_alloc_lru_noprof+0x66/0x6e0
[  687.058732][T16166]  should_failslab+0xc2/0x120
[  687.058765][T16166]  kmem_cache_alloc_lru_noprof+0x79/0x6e0
[  687.058789][T16166]  ? rcu_is_watching+0x12/0xc0
[  687.058815][T16166]  ? __d_alloc+0x32/0xae0
[  687.058847][T16166]  ? __d_alloc+0x32/0xae0
[  687.058872][T16166]  __d_alloc+0x32/0xae0
[  687.058902][T16166]  d_alloc_pseudo+0x1c/0xc0
[  687.058936][T16166]  alloc_file_pseudo+0xcf/0x230
[  687.058973][T16166]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  687.059008][T16166]  ? security_inode_init_security_anon+0x79/0x240
[  687.059054][T16166]  secretmem_file_create.constprop.0+0x89/0x290
[  687.059086][T16166]  __x64_sys_memfd_secret+0xc1/0x150
[  687.059114][T16166]  do_syscall_64+0xcd/0xfa0
[  687.059146][T16166]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  687.059169][T16166] RIP: 0033:0x7f494af8f6c9
[  687.059187][T16166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  687.059211][T16166] RSP: 002b:00007f494bd7d038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bf
[  687.059233][T16166] RAX: ffffffffffffffda RBX: 00007f494b1e5fa0 RCX: 00007f494af8f6c9
[  687.059249][T16166] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  687.059270][T16166] RBP: 00007f494b011f91 R08: 0000000000000000 R09: 0000000000000000
[  687.059285][T16166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  687.059299][T16166] R13: 00007f494b1e6038 R14: 00007f494b1e5fa0 R15: 00007fff871b4b88
[  687.059331][T16166]  </TASK>
[  687.557161][T14263] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  687.626218][T14263] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  687.675790][T14263] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  687.734887][T14263] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  687.769157][T14263] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  688.439657][T16169] chnl_net:caif_netlink_parms(): no params data found
[  689.171452][T16169] bridge0: port 1(bridge_slave_0) entered blocking state
[  689.212891][T16169] bridge0: port 1(bridge_slave_0) entered disabled state
[  689.236582][T16169] bridge_slave_0: entered allmulticast mode
[  689.272013][T16169] bridge_slave_0: entered promiscuous mode
[  689.308469][T16169] bridge0: port 2(bridge_slave_1) entered blocking state
[  689.345265][T16169] bridge0: port 2(bridge_slave_1) entered disabled state
[  689.373575][T16169] bridge_slave_1: entered allmulticast mode
[  689.413001][T16169] bridge_slave_1: entered promiscuous mode
[  689.558954][T16169] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  689.743217][T16169] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  689.886208][T16169] team0: Port device team_slave_0 added
[  689.901955][T13580] Bluetooth: hci5: command tx timeout
[  689.934042][T16169] team0: Port device team_slave_1 added
[  690.110856][T16169] batman_adv: batadv0: Adding interface: batadv_slave_0
[  690.150673][T16169] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  690.278427][T16169] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  690.335413][T16169] batman_adv: batadv0: Adding interface: batadv_slave_1
[  690.366234][T16169] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  690.476529][T16169] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  690.503179][T16217] FAULT_INJECTION: forcing a failure.
[  690.503179][T16217] name failslab, interval 1, probability 0, space 0, times 0
[  690.548804][T16217] CPU: 0 UID: 0 PID: 16217 Comm: syz.3.2162 Not tainted syzkaller #0 PREEMPT(full) 
[  690.548835][T16217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  690.548850][T16217] Call Trace:
[  690.548857][T16217]  <TASK>
[  690.548866][T16217]  dump_stack_lvl+0x16c/0x1f0
[  690.548898][T16217]  should_fail_ex+0x512/0x640
[  690.548938][T16217]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[  690.548982][T16217]  ? __pfx_nst_fop_open+0x10/0x10
[  690.549011][T16217]  should_failslab+0xc2/0x120
[  690.549042][T16217]  kmem_cache_alloc_noprof+0x75/0x6e0
[  690.549065][T16217]  ? rcu_is_watching+0x12/0xc0
[  690.549089][T16217]  ? seq_open+0x55/0x170
[  690.549123][T16217]  ? __pfx_nst_fop_open+0x10/0x10
[  690.549151][T16217]  ? seq_open+0x55/0x170
[  690.549180][T16217]  seq_open+0x55/0x170
[  690.549212][T16217]  __seq_open_private+0x3e/0xd0
[  690.549254][T16217]  nst_fop_open+0x24/0x120
[  690.549284][T16217]  full_proxy_open_regular+0x1b9/0x360
[  690.549322][T16217]  do_dentry_open+0x982/0x1530
[  690.549350][T16217]  ? __pfx_full_proxy_open_regular+0x10/0x10
[  690.549391][T16217]  vfs_open+0x82/0x3f0
[  690.549428][T16217]  path_openat+0x1de4/0x2cb0
[  690.549464][T16217]  ? __pfx_path_openat+0x10/0x10
[  690.549491][T16217]  ? __lock_acquire+0xb8a/0x1c90
[  690.549527][T16217]  do_filp_open+0x20b/0x470
[  690.549553][T16217]  ? __pfx_do_filp_open+0x10/0x10
[  690.549600][T16217]  ? alloc_fd+0x471/0x7d0
[  690.549631][T16217]  do_sys_openat2+0x11b/0x1d0
[  690.549666][T16217]  ? __pfx_do_sys_openat2+0x10/0x10
[  690.549712][T16217]  __x64_sys_openat+0x174/0x210
[  690.549748][T16217]  ? __pfx___x64_sys_openat+0x10/0x10
[  690.549795][T16217]  do_syscall_64+0xcd/0xfa0
[  690.549826][T16217]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  690.549850][T16217] RIP: 0033:0x7f494af8f6c9
[  690.549872][T16217] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  690.549895][T16217] RSP: 002b:00007f494bd7d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  690.549916][T16217] RAX: ffffffffffffffda RBX: 00007f494b1e5fa0 RCX: 00007f494af8f6c9
[  690.549931][T16217] RDX: 0000000000101080 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  690.549946][T16217] RBP: 00007f494b011f91 R08: 0000000000000000 R09: 0000000000000000
[  690.549960][T16217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  690.549974][T16217] R13: 00007f494b1e6038 R14: 00007f494b1e5fa0 R15: 00007fff871b4b88
[  690.550005][T16217]  </TASK>
[  690.864599][T16226] netlink: 'syz.3.2163': attribute type 1 has an invalid length.
[  690.966671][T16230] netlink: 'syz.3.2165': attribute type 1 has an invalid length.
[  691.403502][T16169] hsr_slave_0: entered promiscuous mode
[  691.474953][T16169] hsr_slave_1: entered promiscuous mode
[  691.496549][T16169] debugfs: 'hsr0' already exists in 'hsr'
[  691.512324][T16169] Cannot create hsr debugfs directory
[  691.982995][T13580] Bluetooth: hci5: command tx timeout
[  692.007739][T16169] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  692.031808][T16169] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  692.119989][T16169] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  692.158453][T16169] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  692.517634][T16169] 8021q: adding VLAN 0 to HW filter on device bond0
[  692.607314][T16169] 8021q: adding VLAN 0 to HW filter on device team0
[  692.686161][T13591] bridge0: port 1(bridge_slave_0) entered blocking state
[  692.693568][T13591] bridge0: port 1(bridge_slave_0) entered forwarding state
[  692.781500][T13591] bridge0: port 2(bridge_slave_1) entered blocking state
[  692.788769][T13591] bridge0: port 2(bridge_slave_1) entered forwarding state
[  693.870915][T16169] 8021q: adding VLAN 0 to HW filter on device batadv0
[  694.064133][T13580] Bluetooth: hci5: command tx timeout
[  694.799743][T16169] veth0_vlan: entered promiscuous mode
[  694.829897][T16169] veth1_vlan: entered promiscuous mode
[  694.899118][T16169] veth0_macvtap: entered promiscuous mode
[  694.922763][T16169] veth1_macvtap: entered promiscuous mode
[  694.972830][T16169] batman_adv: batadv0: Interface activated: batadv_slave_0
[  695.005984][T16169] batman_adv: batadv0: Interface activated: batadv_slave_1
[  695.034404][T16285] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  695.056867][T16285] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  695.077355][T16285] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  695.086290][T14102] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  695.102198][T16285] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  695.117145][T14102] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  695.145993][T16285] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  695.152238][T16285] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  695.183293][T16285] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  695.205957][T14102] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  695.224879][T14102] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  695.256737][T16285] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  695.754377][T16301] FAULT_INJECTION: forcing a failure.
[  695.754377][T16301] name failslab, interval 1, probability 0, space 0, times 0
[  695.768395][T16301] CPU: 0 UID: 7 PID: 16301 Comm: syz.3.2177 Not tainted syzkaller #0 PREEMPT(full) 
[  695.768433][T16301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  695.768448][T16301] Call Trace:
[  695.768457][T16301]  <TASK>
[  695.768467][T16301]  dump_stack_lvl+0x16c/0x1f0
[  695.768501][T16301]  should_fail_ex+0x512/0x640
[  695.768543][T16301]  should_failslab+0xc2/0x120
[  695.768576][T16301]  __kmalloc_noprof+0xdd/0x880
[  695.768616][T16301]  ? nsim_fib_event_nb+0x45e/0x10d0
[  695.768651][T16301]  ? nsim_fib_event_nb+0x45e/0x10d0
[  695.768677][T16301]  nsim_fib_event_nb+0x45e/0x10d0
[  695.768714][T16301]  call_fib_notifier+0x3c/0x80
[  695.768743][T16301]  fib6_node_dump+0x1ea/0x320
[  695.768771][T16301]  ? __pfx_fib6_node_dump+0x10/0x10
[  695.768807][T16301]  ? do_raw_write_lock+0x11c/0x3a0
[  695.768833][T16301]  fib6_walk_continue+0x452/0x8d0
[  695.768867][T16301]  fib6_walk+0x182/0x370
[  695.768896][T16301]  fib6_tables_dump+0x222/0x370
[  695.768931][T16301]  ? __pfx_fib6_tables_dump+0x10/0x10
[  695.768976][T16301]  fib6_dump+0x48/0x60
[  695.769005][T16301]  register_fib_notifier+0x123/0x470
[  695.769033][T16301]  ? __pfx_nsim_fib_dump_inconsistent+0x10/0x10
[  695.769067][T16301]  nsim_fib_create+0x938/0xc90
[  695.769105][T16301]  ? __pfx_nsim_fib_create+0x10/0x10
[  695.769145][T16301]  nsim_drv_probe+0xcec/0x1520
[  695.769175][T16301]  ? __pfx_nsim_drv_probe+0x10/0x10
[  695.769209][T16301]  ? kernfs_put+0x35/0x60
[  695.769246][T16301]  ? sysfs_create_link+0x68/0xc0
[  695.769277][T16301]  ? __pfx_nsim_bus_probe+0x10/0x10
[  695.769308][T16301]  really_probe+0x241/0xa90
[  695.769346][T16301]  __driver_probe_device+0x1de/0x440
[  695.769378][T16301]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  695.769409][T16301]  driver_probe_device+0x4c/0x1b0
[  695.769455][T16301]  __device_attach_driver+0x1df/0x310
[  695.769491][T16301]  ? __pfx___device_attach_driver+0x10/0x10
[  695.769524][T16301]  bus_for_each_drv+0x159/0x1e0
[  695.769552][T16301]  ? __pfx_bus_for_each_drv+0x10/0x10
[  695.769588][T16301]  __device_attach+0x1e4/0x4b0
[  695.769622][T16301]  ? __pfx___device_attach+0x10/0x10
[  695.769657][T16301]  ? do_raw_spin_unlock+0x172/0x230
[  695.769685][T16301]  bus_probe_device+0x17f/0x1c0
[  695.769717][T16301]  device_add+0x1148/0x1aa0
[  695.769742][T16301]  ? __pfx_device_add+0x10/0x10
[  695.769778][T16301]  ? lockdep_init_map_type+0x5c/0x280
[  695.769813][T16301]  ? __init_waitqueue_head+0xca/0x150
[  695.769844][T16301]  new_device_store+0x41b/0x730
[  695.769880][T16301]  ? __pfx_new_device_store+0x10/0x10
[  695.769914][T16301]  ? find_held_lock+0x2b/0x80
[  695.769940][T16301]  ? sysfs_file_kobj+0xe4/0x290
[  695.769965][T16301]  ? __pfx_new_device_store+0x10/0x10
[  695.769999][T16301]  bus_attr_store+0x74/0xb0
[  695.770022][T16301]  ? __pfx_bus_attr_store+0x10/0x10
[  695.770045][T16301]  sysfs_kf_write+0xf2/0x150
[  695.770074][T16301]  kernfs_fop_write_iter+0x3af/0x570
[  695.770096][T16301]  ? __pfx_sysfs_kf_write+0x10/0x10
[  695.770126][T16301]  do_iter_readv_writev+0x662/0x9e0
[  695.770154][T16301]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  695.770195][T16301]  vfs_writev+0x35f/0xde0
[  695.770228][T16301]  ? __pfx_vfs_writev+0x10/0x10
[  695.770249][T16301]  ? __mutex_lock+0x1c5/0x1060
[  695.770290][T16301]  ? __pfx___mutex_lock+0x10/0x10
[  695.770332][T16301]  ? __fget_files+0x20e/0x3c0
[  695.770365][T16301]  ? do_writev+0x132/0x340
[  695.770387][T16301]  do_writev+0x132/0x340
[  695.770410][T16301]  ? __pfx_do_writev+0x10/0x10
[  695.770449][T16301]  do_syscall_64+0xcd/0xfa0
[  695.770481][T16301]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  695.770506][T16301] RIP: 0033:0x7f494af8f6c9
[  695.770526][T16301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  695.770549][T16301] RSP: 002b:00007f494bd7d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  695.770572][T16301] RAX: ffffffffffffffda RBX: 00007f494b1e5fa0 RCX: 00007f494af8f6c9
[  695.770587][T16301] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000004
[  695.770602][T16301] RBP: 00007f494b011f91 R08: 0000000000000000 R09: 0000000000000000
[  695.770616][T16301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  695.770630][T16301] R13: 00007f494b1e6038 R14: 00007f494b1e5fa0 R15: 00007fff871b4b88
[  695.770663][T16301]  </TASK>
[  696.664830][T16304] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2178'.
[  696.689439][T16301] Failed to register fib notifier
[  696.748865][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  696.756084][T13580] Bluetooth: hci0: command 0x0c1a tx timeout
[  696.762223][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  697.055309][T13575] EXT4-fs: 6 callbacks suppressed
[  697.055326][T13575] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1422 with max blocks 48 with error 117
[  697.079940][T13591] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  697.095129][T13579] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  697.113710][T13575] EXT4-fs (sda1): This should not happen!! Data will be lost
[  697.113710][T13575] 
[  697.124227][T13591] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  697.132016][T13579] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  697.145420][T13580] Bluetooth: hci1: command 0x0c1a tx timeout
[  697.151591][T13580] Bluetooth: hci2: command 0x0c1a tx timeout
[  697.158024][T13580] Bluetooth: hci3: command 0x0c1a tx timeout
[  697.200566][T14263] Bluetooth: hci5: command 0x0c1a tx timeout
[  697.206872][T13575] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 990 with max blocks 31 with error 117
[  697.220588][T14263] Bluetooth: hci4: command 0x0c1a tx timeout
[  697.230105][T13575] EXT4-fs (sda1): This should not happen!! Data will be lost
[  697.230105][T13575] 
[  697.264376][T13575] EXT4-fs (sda1): Delayed block allocation failed for inode 2030 at logical offset 2 with max blocks 6 with error 117
[  697.285151][T13575] EXT4-fs (sda1): This should not happen!! Data will be lost
[  697.285151][T13575] 
[  697.306482][T13575] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1401 with max blocks 30 with error 117
[  697.344728][T13575] EXT4-fs (sda1): This should not happen!! Data will be lost
[  697.344728][T13575] 
[  697.379973][T13575] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 0 with max blocks 1 with error 117
[  697.403565][T13575] EXT4-fs (sda1): This should not happen!! Data will be lost
[  697.403565][T13575] 
[  698.333003][T16322] vhci_hcd: invalid port number 16
[  699.007911][T16343] netlink: 'syz.4.2184': attribute type 1 has an invalid length.
[  699.266352][T13580] Bluetooth: hci5: command 0x0c1a tx timeout
[  700.294009][T16363] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  700.478101][T16301] netdevsim netdevsim511: probe with driver netdevsim failed with error -1
[  700.654926][T16360] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2188'.
[  700.800188][T16369] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2191'.
[  701.077632][T16369] team_slave_0 (unregistering): left promiscuous mode
[  701.124346][T16369] team_slave_0 (unregistering): left allmulticast mode
[  701.202498][T16369] team0: Port device team_slave_0 removed
[  701.348310][T13580] Bluetooth: hci5: command 0x0c1a tx timeout
[  703.771582][T16400] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  707.039255][T16469] binder: 16462:16469 ioctl 4018620d 9 returned -22
[  707.088840][T16469] binder: 16462:16469 ioctl 4018620d 9 returned -22
[  708.103139][T16488] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2217'.
[  708.700011][T16501] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2220'.
[  713.043716][T16547] kAFS: Invalid Command on /proc/fs/afs/cells file
[  714.684652][T14263] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  714.694747][T14263] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  714.703583][T14263] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  714.713884][T14263] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  714.721636][T14263] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  716.041139][T16562] chnl_net:caif_netlink_parms(): no params data found
[  716.794967][T14263] Bluetooth: hci6: command tx timeout
[  716.869198][T16562] bridge0: port 1(bridge_slave_0) entered blocking state
[  716.905215][T16562] bridge0: port 1(bridge_slave_0) entered disabled state
[  716.918538][T16562] bridge_slave_0: entered allmulticast mode
[  716.948234][T16562] bridge_slave_0: entered promiscuous mode
[  717.013239][T16562] bridge0: port 2(bridge_slave_1) entered blocking state
[  717.049323][T16562] bridge0: port 2(bridge_slave_1) entered disabled state
[  717.069289][T16562] bridge_slave_1: entered allmulticast mode
[  717.095619][T16562] bridge_slave_1: entered promiscuous mode
[  717.255937][T14103] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  717.530098][T16562] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  717.567852][T16562] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  717.894197][T14103] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  717.922135][T16586] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2237'.
[  718.083422][T16562] team0: Port device team_slave_0 added
[  718.124029][T14103] bridge0: port 3(netdevsim1) entered disabled state
[  718.173170][T14103] netdevsim netdevsim0 netdevsim1 (unregistering): left allmulticast mode
[  718.191758][T14103] netdevsim netdevsim0 netdevsim1 (unregistering): left promiscuous mode
[  718.215503][T14103] bridge0: port 3(netdevsim1) entered disabled state
[  718.250239][T14103] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  718.289254][T16562] team0: Port device team_slave_1 added
[  718.458324][T16562] batman_adv: batadv0: Adding interface: batadv_slave_0
[  718.482326][T16562] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  718.568581][T16562] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  718.771155][T14103] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  718.862802][T16562] batman_adv: batadv0: Adding interface: batadv_slave_1
[  718.877640][T14263] Bluetooth: hci6: command tx timeout
[  718.897641][T16562] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  718.981037][T16562] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  719.410717][T16562] hsr_slave_0: entered promiscuous mode
[  719.420423][T16606] ima: policy update failed
[  719.427657][T16562] hsr_slave_1: entered promiscuous mode
[  719.453432][   T30] audit: type=1802 audit(4294968469.221:59): pid=16606 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.2242" res=0 errno=0
[  719.481209][T16562] debugfs: 'hsr0' already exists in 'hsr'
[  719.523390][T16562] Cannot create hsr debugfs directory
[  719.959028][T14103] team0: left allmulticast mode
[  719.988173][T14103] team_slave_1: left allmulticast mode
[  719.993743][T14103] team0: left promiscuous mode
[  720.029983][T14103] team_slave_1: left promiscuous mode
[  720.065519][T14103] bridge0: port 4(team0) entered disabled state
[  720.113444][T14103] bridge_slave_1: left allmulticast mode
[  720.147509][T14103] bridge_slave_1: left promiscuous mode
[  720.180657][T14103] bridge0: port 2(bridge_slave_1) entered disabled state
[  720.213070][T14103] bridge_slave_0: left allmulticast mode
[  720.262943][T14103] bridge_slave_0: left promiscuous mode
[  720.290583][T14103] bridge0: port 1(bridge_slave_0) entered disabled state
[  720.959725][T14263] Bluetooth: hci6: command tx timeout
[  722.096322][T14103] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  722.114533][T14103] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  722.130774][T14103] bond0 (unregistering): Released all slaves
[  722.291742][T14103] : left promiscuous mode
[  722.454333][T14103] ovs_��: left promiscuous mode
[  723.038410][T14263] Bluetooth: hci6: command tx timeout
[  725.535974][T14103] hsr_slave_0: left promiscuous mode
[  725.549595][T14103] hsr_slave_1: left promiscuous mode
[  725.570035][T14103] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  725.587838][T14103] batman_adv: batadv0: Removing interface: batadv_slave_0
[  725.612919][T14103] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  725.629729][T14103] batman_adv: batadv0: Removing interface: batadv_slave_1
[  725.677274][T14103] veth1_macvtap: left promiscuous mode
[  725.696485][T14103] veth0_macvtap: left promiscuous mode
[  725.706768][T14103] veth1_vlan: left promiscuous mode
[  725.717847][T14103] veth0_vlan: left promiscuous mode
[  726.539106][T14103] team0 (unregistering): Port device team_slave_1 removed
[  727.536681][T16562] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  727.662689][T16562] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  727.712471][T16562] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  727.761726][T13575] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1426 with max blocks 44 with error 117
[  727.791461][T16562] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  727.868403][T13575] EXT4-fs (sda1): This should not happen!! Data will be lost
[  727.868403][T13575] 
[  727.952782][T13575] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 990 with max blocks 31 with error 117
[  728.065260][T13575] EXT4-fs (sda1): This should not happen!! Data will be lost
[  728.065260][T13575] 
[  728.164321][T13575] EXT4-fs (sda1): Delayed block allocation failed for inode 2030 at logical offset 2 with max blocks 1 with error 117
[  728.275346][T13575] EXT4-fs (sda1): This should not happen!! Data will be lost
[  728.275346][T13575] 
[  728.354847][T13575] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1401 with max blocks 30 with error 117
[  728.423255][T16562] 8021q: adding VLAN 0 to HW filter on device bond0
[  728.460804][T13575] EXT4-fs (sda1): This should not happen!! Data will be lost
[  728.460804][T13575] 
[  728.562934][T13575] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 0 with max blocks 1 with error 117
[  728.578612][T16562] 8021q: adding VLAN 0 to HW filter on device team0
[  728.589131][T16738] Console: switching to colour VGA+ 80x25
[  728.645818][T13570] bridge0: port 1(bridge_slave_0) entered blocking state
[  728.653068][T13570] bridge0: port 1(bridge_slave_0) entered forwarding state
[  728.663882][T13575] EXT4-fs (sda1): This should not happen!! Data will be lost
[  728.663882][T13575] 
[  728.870717][T14103] bridge0: port 2(bridge_slave_1) entered blocking state
[  728.870987][T14103] bridge0: port 2(bridge_slave_1) entered forwarding state
[  729.093784][T16742] Console: switching to colour frame buffer device 128x48
[  730.697157][T16562] 8021q: adding VLAN 0 to HW filter on device batadv0
[  730.978891][T16562] veth0_vlan: entered promiscuous mode
[  731.091390][T16562] veth1_vlan: entered promiscuous mode
[  731.269479][T16795] syz.6.2266: vmalloc error: size 4096, failed to allocate pages, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  731.297241][T16562] veth0_macvtap: entered promiscuous mode
[  731.358916][T16562] veth1_macvtap: entered promiscuous mode
[  731.376418][T16795] CPU: 0 UID: 0 PID: 16795 Comm: syz.6.2266 Not tainted syzkaller #0 PREEMPT(full) 
[  731.376451][T16795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  731.376465][T16795] Call Trace:
[  731.376473][T16795]  <TASK>
[  731.376483][T16795]  dump_stack_lvl+0x16c/0x1f0
[  731.376517][T16795]  warn_alloc+0x248/0x3a0
[  731.376544][T16795]  ? __pfx_warn_alloc+0x10/0x10
[  731.376574][T16795]  ? alloc_pages_mpol+0x25a/0x550
[  731.376609][T16795]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  731.376640][T16795]  ? __pfx_alloc_pages_bulk_mempolicy_noprof+0x10/0x10
[  731.376682][T16795]  ? __kmalloc_node_noprof+0x364/0x8a0
[  731.376710][T16795]  ? __get_vm_area_node+0x208/0x330
[  731.376750][T16795]  __vmalloc_node_range_noprof+0x119b/0x1480
[  731.376796][T16795]  ? kernel_clone+0xfc/0x930
[  731.376834][T16795]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  731.376876][T16795]  ? rcu_is_watching+0x12/0xc0
[  731.376904][T16795]  ? kernel_clone+0xfc/0x930
[  731.376932][T16795]  __vmalloc_node_noprof+0xad/0xf0
[  731.376966][T16795]  ? kernel_clone+0xfc/0x930
[  731.376999][T16795]  copy_process+0x2c77/0x76a0
[  731.377028][T16795]  ? __pfx___futex_wait+0x10/0x10
[  731.377048][T16795]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  731.377087][T16795]  ? __pfx_copy_process+0x10/0x10
[  731.377124][T16795]  ? futex_private_hash_put+0xd5/0x190
[  731.377160][T16795]  kernel_clone+0xfc/0x930
[  731.377192][T16795]  ? __pfx_kernel_clone+0x10/0x10
[  731.377239][T16795]  __do_sys_clone+0xce/0x120
[  731.377277][T16795]  ? __pfx___do_sys_clone+0x10/0x10
[  731.377321][T16795]  ? xfd_validate_state+0x61/0x180
[  731.377367][T16795]  do_syscall_64+0xcd/0xfa0
[  731.377399][T16795]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  731.377423][T16795] RIP: 0033:0x7ff06758f6c9
[  731.377442][T16795] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  731.377465][T16795] RSP: 002b:00007ff068440038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  731.377488][T16795] RAX: ffffffffffffffda RBX: 00007ff0677e5fa0 RCX: 00007ff06758f6c9
[  731.377504][T16795] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 0000000000000001
[  731.377518][T16795] RBP: 00007ff067611f91 R08: 0000000000000000 R09: 0000000000000000
[  731.377533][T16795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  731.377547][T16795] R13: 00007ff0677e6038 R14: 00007ff0677e5fa0 R15: 00007ffd24361258
[  731.377578][T16795]  </TASK>
[  731.378373][T16795] Mem-Info:
[  731.670415][T16562] batman_adv: batadv0: Interface activated: batadv_slave_0
[  731.719731][T16562] batman_adv: batadv0: Interface activated: batadv_slave_1
[  732.133880][T14103] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  732.182623][T14103] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  732.288809][T14103] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  732.341958][T14103] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  732.519033][T14102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  732.548798][T14102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  732.615183][T16795] active_anon:36666 inactive_anon:19085 isolated_anon:0
[  732.615183][T16795]  active_file:12513 inactive_file:44662 isolated_file:0
[  732.615183][T16795]  unevictable:768 dirty:417 writeback:0
[  732.615183][T16795]  slab_reclaimable:12236 slab_unreclaimable:99165
[  732.615183][T16795]  mapped:35816 shmem:40905 pagetables:1724
[  732.615183][T16795]  sec_pagetables:0 bounce:0
[  732.615183][T16795]  kernel_misc_reclaimable:0
[  732.615183][T16795]  free:1241088 free_pcp:11659 free_cma:0
[  732.661115][    C0] vkms_vblank_simulate: vblank timer overrun
[  732.757468][T14102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  732.790165][T14102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  733.036631][T16795] Node 0 active_anon:142452kB inactive_anon:76340kB active_file:50052kB inactive_file:178516kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:143264kB dirty:1668kB writeback:0kB shmem:162084kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12944kB pagetables:6692kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  733.069188][    C0] vkms_vblank_simulate: vblank timer overrun
[  733.153411][T16810] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.2268: iget: checksum invalid
[  733.231052][T16810] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[  733.281507][T16795] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:132kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:152kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  733.311784][    C0] vkms_vblank_simulate: vblank timer overrun
[  733.416558][T16810] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.2268: iget: checksum invalid
[  733.484015][T16810] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[  733.506189][T16795] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  733.536163][    C0] vkms_vblank_simulate: vblank timer overrun
[  733.591073][T16810] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.2268: iget: checksum invalid
[  733.641716][T16810] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[  733.686500][T16795] lowmem_reserve[]: 0 2485 2487 2487 2487
[  733.707338][T16810] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.2268: iget: checksum invalid
[  733.726818][T16795] Node 0 DMA32 free:1049780kB boost:0kB min:34364kB low:42952kB high:51540kB reserved_highatomic:0KB free_highatomic:0KB active_anon:146920kB inactive_anon:76340kB active_file:50052kB inactive_file:178536kB unevictable:1536kB writepending:1932kB zspages:788kB present:3129332kB managed:2545072kB mlocked:0kB bounce:0kB free_pcp:37676kB local_pcp:37676kB free_cma:0kB
[  733.761040][    C0] vkms_vblank_simulate: vblank timer overrun
[  733.807226][T16810] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  733.845633][T16810] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  733.889351][T16810] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  733.943525][T16795] lowmem_reserve[]: 0 0 1 1 1
[  733.948307][T16795] Node 0 Normal free:0kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:4kB free_cma:0kB
[  733.978268][    C0] vkms_vblank_simulate: vblank timer overrun
[  734.193167][T16795] lowmem_reserve[]: 0 0 0 0 0
[  734.209954][T16795] Node 1 Normal free:3897420kB boost:0kB min:55512kB low:69388kB high:83264kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:132kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:9828kB local_pcp:9828kB free_cma:0kB
[  734.464499][T16795] lowmem_reserve[]: 0 0 0 0 0
[  734.483066][T16795] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  734.572309][T16795] Node 0 DMA32: 1223*4kB (ME) 1529*8kB (ME) 1782*16kB (UME) 1639*32kB (UME) 1300*64kB (UME) 722*128kB (UME) 321*256kB (UME) 137*512kB (UME) 42*1024kB (UME) 25*2048kB (UM) 128*4096kB (M) = 1044516kB
[  734.658601][T16817] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.2269: iget: checksum invalid
[  734.703952][T16795] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  734.734241][T16817] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[  734.785596][T16795] Node 1 Normal: 219*4kB (UME) 56*8kB (UME) 46*16kB (UME) 260*32kB (UME) 109*64kB (UME) 41*128kB (UME) 6*256kB (UM) 3*512kB (UM) 3*1024kB (UME) 1*2048kB (E) 944*4096kB (M) = 3897420kB
[  734.814907][T16817] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.2269: iget: checksum invalid
[  734.887070][T16817] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[  734.917434][T16795] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  734.978224][T16795] Node 0 hugepages_total=4 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  735.039732][T16795] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  735.058517][T16817] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.2269: iget: checksum invalid
[  735.123193][T16795] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[  735.143925][T16817] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[  735.188324][T16795] 98420 total pagecache pages
[  735.219834][T16817] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.2269: iget: checksum invalid
[  735.234177][T16795] 49 pages in swap cache
[  735.248459][T16795] Free swap  = 59120kB
[  735.279991][T16795] Total swap = 124996kB
[  735.289845][T16817] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  735.314377][T16795] 2097051 pages RAM
[  735.334400][T16795] 0 pages HighMem/MovableOnly
[  735.341445][T16817] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  735.357548][T16795] 428693 pages reserved
[  735.411943][T16795] 0 pages cma reserved
[  735.428365][T16817] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  735.884287][T13580] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  735.905456][T13580] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  735.914211][T13580] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  735.922118][T13580] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  735.930815][T13580] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  736.603151][T16855] zswap: compressor  not available
[  738.007490][T13580] Bluetooth: hci0: command tx timeout
[  738.118415][T16852] chnl_net:caif_netlink_parms(): no params data found
[  738.918786][T16852] bridge0: port 1(bridge_slave_0) entered blocking state
[  738.987019][T16852] bridge0: port 1(bridge_slave_0) entered disabled state
[  739.025261][T16852] bridge_slave_0: entered allmulticast mode
[  739.083940][T16852] bridge_slave_0: entered promiscuous mode
[  739.095881][T13580] Bluetooth: hci1: unexpected event 0x3e length: 508 > 260
[  739.095914][T13580] Bluetooth: hci1: unexpected subevent 0x02 length: 507 > 260
[  739.112368][T13580] Bluetooth: hci1: Dropping invalid advertising data
[  739.121618][T13580] Bluetooth: hci1: unknown advertising packet type: 0xe9
[  739.148993][T16852] bridge0: port 2(bridge_slave_1) entered blocking state
[  739.189801][T16852] bridge0: port 2(bridge_slave_1) entered disabled state
[  739.228609][T16852] bridge_slave_1: entered allmulticast mode
[  739.275253][T16852] bridge_slave_1: entered promiscuous mode
[  739.463963][T16852] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  739.528285][T16852] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  740.038078][T16852] team0: Port device team_slave_0 added
[  740.088189][T13580] Bluetooth: hci0: command tx timeout
[  740.128069][T16852] team0: Port device team_slave_1 added
[  740.296196][T16916] ubi0: attaching mtd0
[  740.312971][T16916] ubi0: scanning is finished
[  740.335090][T16916] ubi0 error: ubi_read_volume_table: the layout volume was not found
[  740.375300][T16852] batman_adv: batadv0: Adding interface: batadv_slave_0
[  740.402492][T16852] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  740.521696][T16852] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  740.575685][T16852] batman_adv: batadv0: Adding interface: batadv_slave_1
[  740.616601][T16852] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  740.678663][T16916] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  740.705653][T16852] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  740.994263][T16852] hsr_slave_0: entered promiscuous mode
[  741.029502][T16852] hsr_slave_1: entered promiscuous mode
[  741.052718][T16852] debugfs: 'hsr0' already exists in 'hsr'
[  741.067971][T16852] Cannot create hsr debugfs directory
[  741.854750][T16852] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  742.024962][T16852] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  742.168310][T13580] Bluetooth: hci0: command tx timeout
[  742.177386][T16852] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  742.380945][T16852] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  742.919997][T16852] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  742.996470][T16852] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  743.189909][T16852] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  743.361174][T16852] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  743.958296][T16984] ubi0: attaching mtd0
[  743.976084][T16984] ubi0: scanning is finished
[  743.993388][T16984] ubi0 error: ubi_read_volume_table: the layout volume was not found
[  744.008375][T16852] 8021q: adding VLAN 0 to HW filter on device bond0
[  744.066660][T16852] 8021q: adding VLAN 0 to HW filter on device team0
[  744.093247][T14102] bridge0: port 1(bridge_slave_0) entered blocking state
[  744.100994][T14102] bridge0: port 1(bridge_slave_0) entered forwarding state
[  744.216319][T14102] bridge0: port 2(bridge_slave_1) entered blocking state
[  744.223563][T14102] bridge0: port 2(bridge_slave_1) entered forwarding state
[  744.249541][T13580] Bluetooth: hci0: command tx timeout
[  744.472840][T16984] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  744.745794][T16968] kexec: Could not allocate control_code_buffer
[  744.961331][T16992] delete_channel: no stack
[  745.227798][T16852] 8021q: adding VLAN 0 to HW filter on device batadv0
[  746.154506][T16852] veth0_vlan: entered promiscuous mode
[  746.275785][T16852] veth1_vlan: entered promiscuous mode
[  746.454827][T16852] veth0_macvtap: entered promiscuous mode
[  746.505526][T16852] veth1_macvtap: entered promiscuous mode
[  747.042698][T16852] batman_adv: batadv0: Interface activated: batadv_slave_0
[  747.134557][T16852] batman_adv: batadv0: Interface activated: batadv_slave_1
[  747.237340][T14103] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  747.270362][T14103] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  747.310221][T14103] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  747.340609][T14103] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  747.590731][T13575] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  747.598779][T13575] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  747.753734][T13575] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  747.790385][T13575] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  748.314432][T17035] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2308'.
[  749.370904][T17033] FAULT_INJECTION: forcing a failure.
[  749.370904][T17033] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  749.514750][T17033] CPU: 0 UID: 0 PID: 17033 Comm: syz.6.2307 Not tainted syzkaller #0 PREEMPT(full) 
[  749.514784][T17033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  749.514799][T17033] Call Trace:
[  749.514807][T17033]  <TASK>
[  749.514815][T17033]  dump_stack_lvl+0x16c/0x1f0
[  749.514850][T17033]  should_fail_ex+0x512/0x640
[  749.514892][T17033]  should_fail_alloc_page+0xe7/0x130
[  749.514928][T17033]  prepare_alloc_pages+0x3c2/0x610
[  749.514964][T17033]  __alloc_frozen_pages_noprof+0x18b/0x2470
[  749.514989][T17033]  ? finish_task_switch.isra.0+0x21c/0xc10
[  749.515017][T17033]  ? rcu_is_watching+0x12/0xc0
[  749.515042][T17033]  ? finish_task_switch.isra.0+0x221/0xc10
[  749.515065][T17033]  ? lockdep_hardirqs_on+0x7c/0x110
[  749.515095][T17033]  ? finish_task_switch.isra.0+0x221/0xc10
[  749.515121][T17033]  ? rcu_is_watching+0x12/0xc0
[  749.515145][T17033]  ? trace_sched_exit_tp+0xd1/0x120
[  749.515182][T17033]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  749.515221][T17033]  ? __lock_acquire+0x622/0x1c90
[  749.515256][T17033]  ? __pfx___schedule+0x10/0x10
[  749.515280][T17033]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  749.515322][T17033]  ? policy_nodemask+0xea/0x4e0
[  749.515356][T17033]  alloc_pages_mpol+0x1fb/0x550
[  749.515390][T17033]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  749.515431][T17033]  folio_alloc_mpol_noprof+0x36/0x2f0
[  749.515479][T17033]  vma_alloc_folio_noprof+0xed/0x1e0
[  749.515517][T17033]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  749.515564][T17033]  do_pte_missing+0x2202/0x3ba0
[  749.515602][T17033]  ? find_held_lock+0x2b/0x80
[  749.515635][T17033]  __handle_mm_fault+0x1556/0x2aa0
[  749.515682][T17033]  ? __pfx___handle_mm_fault+0x10/0x10
[  749.515724][T17033]  ? lock_vma_under_rcu+0x176/0x530
[  749.515772][T17033]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[  749.515821][T17033]  handle_mm_fault+0x589/0xd10
[  749.515860][T17033]  ? __pkru_allows_pkey+0x21/0xb0
[  749.515900][T17033]  do_user_addr_fault+0x60c/0x1370
[  749.515925][T17033]  ? rcu_is_watching+0x12/0xc0
[  749.515953][T17033]  exc_page_fault+0x64/0xc0
[  749.515982][T17033]  asm_exc_page_fault+0x26/0x30
[  749.516005][T17033] RIP: 0033:0x7ff06745a5bb
[  749.516024][T17033] Code: 00 00 00 48 8d 3d 7d 3b 19 00 48 89 c1 31 c0 e8 cb 39 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d b1 3b 19 00 48 89 34 24 48 8b 14 24 48 8b
[  749.516047][T17033] RSP: 002b:00007ff06841dfb0 EFLAGS: 00010202
[  749.516066][T17033] RAX: 0000000000000000 RBX: 00007ff0677e6090 RCX: 0000000000000000
[  749.516081][T17033] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 00002000000009c0
[  749.516096][T17033] RBP: 00007ff067611f91 R08: 0000000000000000 R09: 0000000000000000
[  749.516110][T17033] R10: 00002000000009c0 R11: 0000000000000000 R12: 0000000000000000
[  749.516124][T17033] R13: 00007ff0677e6128 R14: 00007ff0677e6090 R15: 00007ffd24361258
[  749.516156][T17033]  </TASK>
[  749.519678][T17033] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  750.240115][T17048] delete_channel: no stack
[  752.412591][T17071] bond0: invalid ARP target specified
[  752.498892][T17072] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2316'.
[  752.871887][T14218] svc: failed to register nfsdv3 RPC service (errno 512).
[  752.980659][T14218] svc: failed to register nfsaclv3 RPC service (errno 512).
[  753.079921][T17074] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2317'.
[  753.638703][T17082] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2319'.
[  753.994680][T17081] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2318'.
[  754.664955][   T30] audit: type=1326 audit(4294968504.433:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17078 comm="syz.0.2318" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6ab8d8f6c9 code=0x0
[  754.907098][T17087] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  755.416000][T14103] EXT4-fs: 22 callbacks suppressed
[  755.416020][T14103] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 1007 with max blocks 14 with error 117
[  755.520084][T14103] EXT4-fs (sda1): This should not happen!! Data will be lost
[  755.520084][T14103] 
[  755.595083][T14103] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 960 with max blocks 61 with error 117
[  755.680647][T14103] EXT4-fs (sda1): This should not happen!! Data will be lost
[  755.680647][T14103] 
[  755.780359][T14103] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 1419 with max blocks 12 with error 117
[  755.874438][T14103] EXT4-fs (sda1): This should not happen!! Data will be lost
[  755.874438][T14103] 
[  755.931719][T14103] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 965 with max blocks 58 with error 117
[  756.034617][T14103] EXT4-fs (sda1): This should not happen!! Data will be lost
[  756.034617][T14103] 
[  756.140642][T14103] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 1316 with max blocks 122 with error 117
[  756.210773][T14103] EXT4-fs (sda1): This should not happen!! Data will be lost
[  756.210773][T14103] 
[  757.277121][T17131] input: jJǸ���;9�%v����l��Q�	J86�� as /devices/virtual/input/input44
[  757.942630][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  757.949062][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  758.551663][T17169] overlayfs: missing 'lowerdir'
[  759.061803][T17162] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  759.095780][T17162] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  759.121530][T17162] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  759.161577][T17162] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  759.208019][T17162] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  759.250141][T17162] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  759.337049][T17162] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  759.387740][T17162] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  759.415684][T17162] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  759.497645][T17162] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  760.657902][T13580] Bluetooth: hci3: command 0x0c1a tx timeout
[  760.996806][T17202] netlink: 342 bytes leftover after parsing attributes in process `syz.6.2346'.
[  761.142142][T13580] Bluetooth: hci4: command 0x0c1a tx timeout
[  761.149001][T14263] Bluetooth: hci1: command 0x0c1a tx timeout
[  761.217542][T14263] Bluetooth: hci6: command 0x0c1a tx timeout
[  761.223603][T14263] Bluetooth: hci5: command 0x0c1a tx timeout
[  761.267878][T17205] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2347'.
[  761.457460][T14263] Bluetooth: hci0: command 0x0c1a tx timeout
[  761.543890][T17206] EXT4-fs: 20 callbacks suppressed
[  761.543909][T17206] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 972 with max blocks 49 with error 117
[  761.577488][T17224] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2348'.
[  761.609271][T17224] veth0_vlan: entered allmulticast mode
[  761.625799][T17206] EXT4-fs (sda1): This should not happen!! Data will be lost
[  761.625799][T17206] 
[  761.681375][T17206] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 953 with max blocks 1 with error 117
[  761.759682][T17206] EXT4-fs (sda1): This should not happen!! Data will be lost
[  761.759682][T17206] 
[  761.813146][T17206] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 0 with max blocks 1 with error 117
[  761.877450][T17206] EXT4-fs (sda1): This should not happen!! Data will be lost
[  761.877450][T17206] 
[  762.024975][T17229] random: crng reseeded on system resumption
[  762.257191][T17238] MTRR 1 not used
[  763.298324][T14263] Bluetooth: hci6: command 0x0c1a tx timeout
[  763.541582][T14263] Bluetooth: hci0: command 0x0c1a tx timeout
[  764.648318][T17264] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2357'.
[  765.379366][T14263] Bluetooth: hci6: command 0x0c1a tx timeout
[  765.620403][T14263] Bluetooth: hci0: command 0x0c1a tx timeout
[  768.606696][T17299] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  768.651836][T17299] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  768.702242][T17299] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  768.749259][T17299] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  768.781458][T17299] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  768.833349][T17299] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  769.941521][T14263] Bluetooth: hci3: command 0x0c1a tx timeout
[  770.603036][T17333] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2373'.
[  770.612445][T17334] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2373'.
[  770.663609][T14263] Bluetooth: hci4: command 0x0c1a tx timeout
[  770.669682][T14263] Bluetooth: hci1: command 0x0c1a tx timeout
[  770.692605][T17334] bond0: (slave bond_slave_0): Releasing backup interface
[  770.742251][T14263] Bluetooth: hci5: command 0x0c1a tx timeout
[  770.822096][T14263] Bluetooth: hci6: command 0x0c1a tx timeout
[  770.902073][T14263] Bluetooth: hci0: command 0x0c1a tx timeout
[  772.203027][T17351] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2378'.
[  772.226201][T17351] veth0_vlan: entered allmulticast mode
[  772.719660][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  772.727535][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  772.752263][T17359] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2380'.
[  774.489266][T13580] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  774.499315][T13580] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  774.508271][T13580] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  774.517027][T13580] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  774.535516][T13580] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  774.610653][T17385] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input45
[  774.932461][T17386] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input46
[  775.519521][T17382] chnl_net:caif_netlink_parms(): no params data found
[  775.852266][T17382] bridge0: port 1(bridge_slave_0) entered blocking state
[  775.888343][T17382] bridge0: port 1(bridge_slave_0) entered disabled state
[  775.922271][T17382] bridge_slave_0: entered allmulticast mode
[  775.954581][T17382] bridge_slave_0: entered promiscuous mode
[  775.988886][T17382] bridge0: port 2(bridge_slave_1) entered blocking state
[  776.024219][T17382] bridge0: port 2(bridge_slave_1) entered disabled state
[  776.054697][T17382] bridge_slave_1: entered allmulticast mode
[  776.076926][T17382] bridge_slave_1: entered promiscuous mode
[  776.332884][T17382] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  776.376513][T17382] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  776.503304][T17382] team0: Port device team_slave_0 added
[  776.584900][T13580] Bluetooth: hci2: command tx timeout
[  776.595756][T17382] team0: Port device team_slave_1 added
[  776.705220][T17382] batman_adv: batadv0: Adding interface: batadv_slave_0
[  776.715777][T17382] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  776.749888][T17382] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  776.792578][T17382] batman_adv: batadv0: Adding interface: batadv_slave_1
[  776.800828][T17382] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  776.828045][T17382] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  776.938979][T17382] hsr_slave_0: entered promiscuous mode
[  776.946701][T17382] hsr_slave_1: entered promiscuous mode
[  776.953038][T17382] debugfs: 'hsr0' already exists in 'hsr'
[  776.959790][T17382] Cannot create hsr debugfs directory
[  777.496270][T17422] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2392'.
[  778.047680][T17382] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  778.088542][T17382] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  778.137531][T17382] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  778.158847][T17382] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  778.492459][T17382] 8021q: adding VLAN 0 to HW filter on device bond0
[  778.559367][T17382] 8021q: adding VLAN 0 to HW filter on device team0
[  778.597336][T13575] bridge0: port 1(bridge_slave_0) entered blocking state
[  778.604499][T13575] bridge0: port 1(bridge_slave_0) entered forwarding state
[  778.668643][T13580] Bluetooth: hci2: command tx timeout
[  778.689332][T13575] bridge0: port 2(bridge_slave_1) entered blocking state
[  778.696683][T13575] bridge0: port 2(bridge_slave_1) entered forwarding state
[  779.475981][T17382] 8021q: adding VLAN 0 to HW filter on device batadv0
[  780.216544][T17382] veth0_vlan: entered promiscuous mode
[  780.246486][T17382] veth1_vlan: entered promiscuous mode
[  780.334652][T17382] veth0_macvtap: entered promiscuous mode
[  780.370810][T17382] veth1_macvtap: entered promiscuous mode
[  780.431166][T17382] batman_adv: batadv0: Interface activated: batadv_slave_0
[  780.477774][T17382] batman_adv: batadv0: Interface activated: batadv_slave_1
[  780.518393][T13575] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  780.563378][T13575] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  780.606264][T13575] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  780.642047][T13575] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  780.748075][T13580] Bluetooth: hci2: command tx timeout
[  781.039085][T13570] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  781.066410][T13570] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  781.121464][T13575] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  781.131558][T13575] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  781.537040][T17485] block nbd7: not configured, cannot reconfigure
[  782.644337][T14263] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  782.654264][T14263] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  782.665077][T14263] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  782.674631][T14263] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  782.682635][T14263] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  782.830535][T14263] Bluetooth: hci2: command tx timeout
[  782.903217][T17488] chnl_net:caif_netlink_parms(): no params data found
[  782.998955][T17488] bridge0: port 1(bridge_slave_0) entered blocking state
[  783.006235][T17488] bridge0: port 1(bridge_slave_0) entered disabled state
[  783.014536][T17488] bridge_slave_0: entered allmulticast mode
[  783.022445][T17488] bridge_slave_0: entered promiscuous mode
[  783.033920][T17488] bridge0: port 2(bridge_slave_1) entered blocking state
[  783.041585][T17488] bridge0: port 2(bridge_slave_1) entered disabled state
[  783.050497][T17488] bridge_slave_1: entered allmulticast mode
[  783.061324][T17488] bridge_slave_1: entered promiscuous mode
[  783.102204][T17488] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  783.115418][T17488] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  783.160130][T17488] team0: Port device team_slave_0 added
[  783.171894][T17488] team0: Port device team_slave_1 added
[  783.204414][T17488] batman_adv: batadv0: Adding interface: batadv_slave_0
[  783.213082][T17488] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  783.250712][T17488] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  783.263634][T17488] batman_adv: batadv0: Adding interface: batadv_slave_1
[  783.272446][T17488] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  783.301919][T17488] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  783.360687][T17488] hsr_slave_0: entered promiscuous mode
[  783.367659][T17488] hsr_slave_1: entered promiscuous mode
[  783.374520][T17488] debugfs: 'hsr0' already exists in 'hsr'
[  783.383161][T17488] Cannot create hsr debugfs directory
[  783.770506][T17488] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  783.796300][T17488] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  783.817448][T17488] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  783.855072][T17488] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  784.081726][T17488] 8021q: adding VLAN 0 to HW filter on device bond0
[  784.128153][T17488] 8021q: adding VLAN 0 to HW filter on device team0
[  784.154616][T13575] bridge0: port 1(bridge_slave_0) entered blocking state
[  784.161816][T13575] bridge0: port 1(bridge_slave_0) entered forwarding state
[  784.220968][T13575] bridge0: port 2(bridge_slave_1) entered blocking state
[  784.228136][T13575] bridge0: port 2(bridge_slave_1) entered forwarding state
[  784.325375][T17488] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  784.500239][T17511] netlink: 334 bytes leftover after parsing attributes in process `syz.0.2407'.
[  784.731157][T17488] 8021q: adding VLAN 0 to HW filter on device batadv0
[  784.754951][T14263] Bluetooth: hci7: command tx timeout
[  785.347662][T17488] veth0_vlan: entered promiscuous mode
[  785.378463][T17488] veth1_vlan: entered promiscuous mode
[  785.449074][T17488] veth0_macvtap: entered promiscuous mode
[  785.484171][T17488] veth1_macvtap: entered promiscuous mode
[  785.535277][T17488] batman_adv: batadv0: Interface activated: batadv_slave_0
[  785.569600][T17488] batman_adv: batadv0: Interface activated: batadv_slave_1
[  785.601201][T13575] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  785.623031][T13575] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  785.668947][T13575] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  785.687783][T13575] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  785.838608][T13575] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  785.871668][T13575] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  785.924279][T13570] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  785.942139][T13570] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  786.368301][T17546] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2414'.
[  786.723652][T17546] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  786.758947][T17546] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  786.781594][T17546] bond0 (unregistering): Released all slaves
[  786.830663][T14263] Bluetooth: hci7: command tx timeout
[  787.877267][T17564] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2419'.
[  788.911819][T14263] Bluetooth: hci7: command tx timeout
[  790.992712][T14263] Bluetooth: hci7: command tx timeout
[  792.276177][T17206] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 972 with max blocks 49 with error 117
[  792.328708][T17206] EXT4-fs (sda1): This should not happen!! Data will be lost
[  792.328708][T17206] 
[  792.387545][T17206] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 953 with max blocks 68 with error 117
[  792.437840][T17206] EXT4-fs (sda1): This should not happen!! Data will be lost
[  792.437840][T17206] 
[  792.475191][T17206] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 0 with max blocks 1 with error 117
[  792.528278][T17206] EXT4-fs (sda1): This should not happen!! Data will be lost
[  792.528278][T17206] 
[  792.556597][T17206] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1393 with max blocks 77 with error 117
[  792.617866][T17206] EXT4-fs (sda1): This should not happen!! Data will be lost
[  792.617866][T17206] 
[  793.830537][T17652] vivid-007: =================  START STATUS  =================
[  793.860851][T17652] vivid-007: Generate PTS: true
[  793.893657][T17652] vivid-007: Generate SCR: true
[  793.898572][T17652] tpg source WxH: 320x240 (Y'CbCr)
[  793.941970][T17652] tpg field: 1
[  793.950810][T17652] tpg crop: (0,0)/320x240
[  793.975394][T17652] tpg compose: (0,0)/320x240
[  793.999436][T17652] tpg colorspace: 8
[  794.040558][T17652] tpg transfer function: 0/0
[  794.055443][T17652] tpg Y'CbCr encoding: 0/0
[  794.099398][T17652] tpg quantization: 0/0
[  794.130695][T17652] tpg RGB range: 0/2
[  794.140593][T17652] vivid-007: ==================  END STATUS  ==================
[  797.455301][T13580] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  797.464779][T13580] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  797.473485][T13580] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  797.486106][T13580] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  797.493619][T13580] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  797.573654][T14263] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  797.591870][T14263] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  797.600590][T14263] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  797.614493][T14263] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  797.623049][T14263] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  797.983216][T17662] chnl_net:caif_netlink_parms(): no params data found
[  798.222151][T17664] chnl_net:caif_netlink_parms(): no params data found
[  798.326401][T17675] netlink: 28 bytes leftover after parsing attributes in process `syz.8.2443'.
[  798.473964][T17675] veth0_vlan: entered allmulticast mode
[  798.518950][T17662] bridge0: port 1(bridge_slave_0) entered blocking state
[  798.553449][T17662] bridge0: port 1(bridge_slave_0) entered disabled state
[  798.574648][T17662] bridge_slave_0: entered allmulticast mode
[  798.612288][T17662] bridge_slave_0: entered promiscuous mode
[  798.656796][T17662] bridge0: port 2(bridge_slave_1) entered blocking state
[  798.682883][T17662] bridge0: port 2(bridge_slave_1) entered disabled state
[  798.694978][T17662] bridge_slave_1: entered allmulticast mode
[  798.724790][T17662] bridge_slave_1: entered promiscuous mode
[  798.944261][T17662] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  799.028858][T17662] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  799.178434][T17664] bridge0: port 1(bridge_slave_0) entered blocking state
[  799.208474][T17664] bridge0: port 1(bridge_slave_0) entered disabled state
[  799.233528][T17664] bridge_slave_0: entered allmulticast mode
[  799.250323][T17664] bridge_slave_0: entered promiscuous mode
[  799.273789][T17662] team0: Port device team_slave_0 added
[  799.286668][T17664] bridge0: port 2(bridge_slave_1) entered blocking state
[  799.300508][T17664] bridge0: port 2(bridge_slave_1) entered disabled state
[  799.318185][T17664] bridge_slave_1: entered allmulticast mode
[  799.339442][T17664] bridge_slave_1: entered promiscuous mode
[  799.355965][T17662] team0: Port device team_slave_1 added
[  799.493339][T17664] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  799.512972][T17662] batman_adv: batadv0: Adding interface: batadv_slave_0
[  799.558516][T14263] Bluetooth: hci8: command tx timeout
[  799.565383][T17662] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  799.678209][T17662] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  799.716588][T14263] Bluetooth: hci9: command tx timeout
[  799.725315][T17662] batman_adv: batadv0: Adding interface: batadv_slave_1
[  799.745797][T17662] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  799.827546][T17662] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  799.856610][T17664] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  800.021131][T17664] team0: Port device team_slave_0 added
[  800.054517][T17662] hsr_slave_0: entered promiscuous mode
[  800.067554][T17662] hsr_slave_1: entered promiscuous mode
[  800.074034][T17662] debugfs: 'hsr0' already exists in 'hsr'
[  800.081201][T17662] Cannot create hsr debugfs directory
[  800.102615][T17664] team0: Port device team_slave_1 added
[  800.288312][T17664] batman_adv: batadv0: Adding interface: batadv_slave_0
[  800.304135][T17710] FAULT_INJECTION: forcing a failure.
[  800.304135][T17710] name failslab, interval 1, probability 0, space 0, times 0
[  800.324939][T17664] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  800.366857][T17710] CPU: 0 UID: 0 PID: 17710 Comm: syz.8.2450 Not tainted syzkaller #0 PREEMPT(full) 
[  800.366892][T17710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  800.366907][T17710] Call Trace:
[  800.366916][T17710]  <TASK>
[  800.366952][T17710]  dump_stack_lvl+0x16c/0x1f0
[  800.366987][T17710]  should_fail_ex+0x512/0x640
[  800.367024][T17710]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[  800.367054][T17710]  should_failslab+0xc2/0x120
[  800.367086][T17710]  kmem_cache_alloc_noprof+0x75/0x6e0
[  800.367110][T17710]  ? __pfx_acpi_ut_track_stack_ptr+0x10/0x10
[  800.367135][T17710]  ? acpi_ps_alloc_op+0x29d/0x360
[  800.367164][T17710]  ? acpi_ps_alloc_op+0x29d/0x360
[  800.367185][T17710]  acpi_ps_alloc_op+0x29d/0x360
[  800.367206][T17710]  ? acpi_ut_status_exit+0x103/0x1c0
[  800.367232][T17710]  acpi_ps_create_op+0x4bd/0xd30
[  800.367273][T17710]  ? __pfx_acpi_ps_create_op+0x10/0x10
[  800.367311][T17710]  ? __pfx_acpi_ut_trace_ptr+0x10/0x10
[  800.367344][T17710]  acpi_ps_parse_loop+0xf06/0x2470
[  800.367388][T17710]  ? acpi_ut_trace+0x1d7/0x2a0
[  800.367411][T17710]  ? __pfx_acpi_ps_parse_loop+0x10/0x10
[  800.367447][T17710]  ? kmem_cache_alloc_noprof+0x2a1/0x6e0
[  800.367470][T17710]  ? __pfx_acpi_ut_track_stack_ptr+0x10/0x10
[  800.367493][T17710]  ? acpi_ut_create_thread_state+0x6d/0x170
[  800.367541][T17710]  acpi_ps_parse_aml+0x817/0x1170
[  800.367586][T17710]  acpi_ps_execute_method+0x5c4/0xe90
[  800.367618][T17710]  acpi_ns_evaluate+0x98c/0x16d0
[  800.367652][T17710]  acpi_evaluate_object+0x4ca/0xdf0
[  800.367694][T17710]  ? __pfx_acpi_evaluate_object+0x10/0x10
[  800.367731][T17710]  ? __mutex_trylock_common+0xe9/0x250
[  800.367773][T17710]  acpi_evaluate_integer+0xdd/0x200
[  800.367802][T17710]  ? __pfx_acpi_evaluate_integer+0x10/0x10
[  800.367845][T17710]  ? __pfx_status_show+0x10/0x10
[  800.367879][T17710]  status_show+0xa0/0x120
[  800.367917][T17710]  ? __pfx_status_show+0x10/0x10
[  800.367966][T17710]  dev_attr_show+0x56/0xe0
[  800.368005][T17710]  ? __pfx_dev_attr_show+0x10/0x10
[  800.368040][T17710]  sysfs_kf_seq_show+0x216/0x3e0
[  800.368074][T17710]  seq_read_iter+0x50e/0x12d0
[  800.368127][T17710]  kernfs_fop_read_iter+0x46c/0x610
[  800.368151][T17710]  ? rw_verify_area+0xcf/0x6c0
[  800.368177][T17710]  vfs_read+0x8bf/0xcf0
[  800.368207][T17710]  ? __pfx___mutex_lock+0x10/0x10
[  800.368240][T17710]  ? __pfx_vfs_read+0x10/0x10
[  800.368286][T17710]  ksys_read+0x12a/0x250
[  800.368312][T17710]  ? __pfx_ksys_read+0x10/0x10
[  800.368347][T17710]  do_syscall_64+0xcd/0xfa0
[  800.368379][T17710]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  800.368404][T17710] RIP: 0033:0x7fc0b698f6c9
[  800.368424][T17710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  800.368448][T17710] RSP: 002b:00007fc0b7831038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  800.368470][T17710] RAX: ffffffffffffffda RBX: 00007fc0b6be5fa0 RCX: 00007fc0b698f6c9
[  800.368487][T17710] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000003
[  800.368502][T17710] RBP: 00007fc0b6a11f91 R08: 0000000000000000 R09: 0000000000000000
[  800.368517][T17710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  800.368532][T17710] R13: 00007fc0b6be6038 R14: 00007fc0b6be5fa0 R15: 00007ffef3c35058
[  800.368565][T17710]  </TASK>
[  800.371298][T17710] ACPI Error: 
[  800.736815][T17664] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  800.796645][T17712] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2451'.
[  800.834714][T17664] batman_adv: batadv0: Adding interface: batadv_slave_1
[  800.845267][T17664] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  800.911030][T17664] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  801.007144][T17710] Aborting method \_SB.LNKA._STA due to previous error (AE_NO_MEMORY) (20250807/psparse-529)
[  801.222042][T17664] hsr_slave_0: entered promiscuous mode
[  801.240540][T17664] hsr_slave_1: entered promiscuous mode
[  801.273571][T17664] debugfs: 'hsr0' already exists in 'hsr'
[  801.288205][T17664] Cannot create hsr debugfs directory
[  801.637809][T14263] Bluetooth: hci8: command tx timeout
[  801.793050][T17662] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  801.804486][T14263] Bluetooth: hci9: command tx timeout
[  801.871913][T17662] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  801.924020][T17662] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  801.968877][T17662] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  803.229181][T17662] 8021q: adding VLAN 0 to HW filter on device bond0
[  803.282865][T17756] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2458'.
[  803.376913][T17756] ipvlan0: entered promiscuous mode
[  803.386169][T17756] ipvlan0: entered allmulticast mode
[  803.473308][T17662] 8021q: adding VLAN 0 to HW filter on device team0
[  803.596711][T14102] bridge0: port 1(bridge_slave_0) entered blocking state
[  803.603918][T14102] bridge0: port 1(bridge_slave_0) entered forwarding state
[  803.661924][T14102] bridge0: port 2(bridge_slave_1) entered blocking state
[  803.669112][T14102] bridge0: port 2(bridge_slave_1) entered forwarding state
[  803.722160][T14263] Bluetooth: hci8: command tx timeout
[  803.879316][T14263] Bluetooth: hci9: command tx timeout
[  804.087877][T17664] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  804.400729][T17664] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  804.437688][T17664] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  804.587894][T17664] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  804.999214][T14263] Bluetooth: hci3: command 0x0c1a tx timeout
[  805.014908][T17662] 8021q: adding VLAN 0 to HW filter on device batadv0
[  805.041429][T17749] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  805.142849][T17664] 8021q: adding VLAN 0 to HW filter on device bond0
[  805.274360][T17664] 8021q: adding VLAN 0 to HW filter on device team0
[  805.780234][T13579] bridge0: port 1(bridge_slave_0) entered blocking state
[  805.787402][T13579] bridge0: port 1(bridge_slave_0) entered forwarding state
[  805.802679][T14263] Bluetooth: hci8: command tx timeout
[  805.890041][T13579] bridge0: port 2(bridge_slave_1) entered blocking state
[  805.897203][T13579] bridge0: port 2(bridge_slave_1) entered forwarding state
[  805.962561][T14263] Bluetooth: hci9: command tx timeout
[  806.182872][T17749] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  806.223781][T17749] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  806.329921][T17749] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  806.395596][T17749] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  806.429871][T17749] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  806.470144][T17749] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  806.520343][T17749] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  806.573945][T17749] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  806.689376][T17749] Bluetooth: hci7: Opcode 0x0c1a failed: -4
[  806.709179][T17749] Bluetooth: hci7: Opcode 0x0406 failed: -4
[  806.739295][T17749] Bluetooth: hci7: Opcode 0x0406 failed: -4
[  806.792712][T17749] Bluetooth: hci8: Opcode 0x0c1a failed: -4
[  806.817109][T17749] Bluetooth: hci8: Opcode 0x0406 failed: -4
[  806.858944][T17662] veth0_vlan: entered promiscuous mode
[  806.875735][T17749] Bluetooth: hci8: Opcode 0x0406 failed: -4
[  806.937974][T17749] Bluetooth: hci9: Opcode 0x0c1a failed: -4
[  806.960798][T17662] veth1_vlan: entered promiscuous mode
[  806.966558][T17749] Bluetooth: hci9: Opcode 0x0406 failed: -4
[  807.013247][T17749] Bluetooth: hci9: Opcode 0x0406 failed: -4
[  807.085084][T14263] Bluetooth: hci1: command 0x0c1a tx timeout
[  807.114718][T17664] 8021q: adding VLAN 0 to HW filter on device batadv0
[  807.202843][T17662] veth0_macvtap: entered promiscuous mode
[  807.310644][T17662] veth1_macvtap: entered promiscuous mode
[  807.445919][T17664] veth0_vlan: entered promiscuous mode
[  807.501719][T17662] batman_adv: batadv0: Interface activated: batadv_slave_0
[  807.533479][T17664] veth1_vlan: entered promiscuous mode
[  807.565842][T17662] batman_adv: batadv0: Interface activated: batadv_slave_1
[  807.680318][T13579] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  807.751270][T13579] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  807.807664][T17664] veth0_macvtap: entered promiscuous mode
[  807.918439][T17206] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  807.946890][T17817] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2460'.
[  807.973877][T17206] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  808.024998][T17664] veth1_macvtap: entered promiscuous mode
[  808.251938][T17664] batman_adv: batadv0: Interface activated: batadv_slave_0
[  808.285824][T14263] Bluetooth: hci4: command 0x0c1a tx timeout
[  808.361328][T14263] Bluetooth: hci5: command 0x0c1a tx timeout
[  808.412210][T17220] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  808.420076][T17220] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  808.450692][T14263] Bluetooth: hci0: command 0x0c1a tx timeout
[  808.456763][T14263] Bluetooth: hci6: command 0x0c1a tx timeout
[  808.525199][T14263] Bluetooth: hci2: command 0x0c1a tx timeout
[  808.595947][T17664] batman_adv: batadv0: Interface activated: batadv_slave_1
[  808.653076][T13579] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  808.733511][T13579] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  808.761985][T14263] Bluetooth: hci7: command 0x0c1a tx timeout
[  808.783852][T13579] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  808.837873][T13579] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  808.841951][T14263] Bluetooth: hci8: command 0x0c1a tx timeout
[  808.875579][T17220] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  808.875603][T17220] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  809.001390][T14263] Bluetooth: hci9: command 0x0c1a tx timeout
[  809.297262][T17220] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  809.297288][T17220] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  809.552861][T13579] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  809.552887][T13579] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  810.223285][T17860] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 959 with max blocks 64 with error 117
[  810.223327][T17860] EXT4-fs (sda1): This should not happen!! Data will be lost
[  810.223327][T17860] 
[  810.603108][T14263] Bluetooth: hci2: command 0x0c1a tx timeout
[  810.846692][T14263] Bluetooth: hci7: command 0x0c1a tx timeout
[  810.923809][T14263] Bluetooth: hci8: command 0x0c1a tx timeout
[  811.068251][T17859] ttyS ttyS2: ldisc open failed (-12), clearing slot 2
[  811.086608][T14263] Bluetooth: hci9: command 0x0c1a tx timeout
[  811.139142][T17884] bond0: invalid ARP target specified
[  812.684984][T14263] Bluetooth: hci2: command 0x0c1a tx timeout
[  812.927276][T14263] Bluetooth: hci7: command 0x0c1a tx timeout
[  813.013191][T14263] Bluetooth: hci8: command 0x0c1a tx timeout
[  813.163781][T14263] Bluetooth: hci9: command 0x0c1a tx timeout
[  814.162185][T17916] FAULT_INJECTION: forcing a failure.
[  814.162185][T17916] name failslab, interval 1, probability 0, space 0, times 0
[  814.398638][T17923] syz.0.2470 (17923): /proc/17915/oom_adj is deprecated, please use /proc/17915/oom_score_adj instead.
[  814.505295][T17916] CPU: 0 UID: 0 PID: 17916 Comm: syz.0.2470 Not tainted syzkaller #0 PREEMPT(full) 
[  814.505329][T17916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  814.505344][T17916] Call Trace:
[  814.505353][T17916]  <TASK>
[  814.505362][T17916]  dump_stack_lvl+0x16c/0x1f0
[  814.505397][T17916]  should_fail_ex+0x512/0x640
[  814.505434][T17916]  ? __kmalloc_cache_noprof+0x5f/0x780
[  814.505462][T17916]  should_failslab+0xc2/0x120
[  814.505495][T17916]  __kmalloc_cache_noprof+0x72/0x780
[  814.505518][T17916]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  814.505550][T17916]  ? shrinker_alloc+0xf5/0xbf0
[  814.505593][T17916]  ? shrinker_alloc+0xf5/0xbf0
[  814.505619][T17916]  shrinker_alloc+0xf5/0xbf0
[  814.505648][T17916]  ? mark_held_locks+0x49/0x80
[  814.505681][T17916]  ? pcpu_memcg_post_alloc_hook+0x1e/0x690
[  814.505713][T17916]  ? __pfx_shrinker_alloc+0x10/0x10
[  814.505745][T17916]  ? lockdep_init_map_type+0x5c/0x280
[  814.505780][T17916]  ? __raw_spin_lock_init+0x3a/0x110
[  814.505818][T17916]  ? __init_rwsem+0x12d/0x1b0
[  814.505857][T17916]  alloc_super+0x776/0xb60
[  814.505892][T17916]  sget_fc+0x116/0xc20
[  814.505917][T17916]  ? __pfx_set_anon_super_fc+0x10/0x10
[  814.505958][T17916]  ? __pfx_mqueue_fill_super+0x10/0x10
[  814.505991][T17916]  get_tree_nodev+0x28/0x190
[  814.506018][T17916]  mqueue_get_tree+0xf1/0x130
[  814.506050][T17916]  vfs_get_tree+0x8e/0x340
[  814.506088][T17916]  fc_mount_longterm+0x1a/0x270
[  814.506126][T17916]  mq_init_ns+0x426/0x620
[  814.506166][T17916]  copy_ipcs+0x2d6/0x550
[  814.506206][T17916]  create_new_namespaces+0x20a/0xa90
[  814.506233][T17916]  ? security_capable+0x7e/0x260
[  814.506272][T17916]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  814.506303][T17916]  ksys_unshare+0x45b/0xa40
[  814.506336][T17916]  ? __pfx_ksys_unshare+0x10/0x10
[  814.506369][T17916]  ? xfd_validate_state+0x61/0x180
[  814.506413][T17916]  __x64_sys_unshare+0x31/0x40
[  814.506445][T17916]  do_syscall_64+0xcd/0xfa0
[  814.506476][T17916]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  814.506501][T17916] RIP: 0033:0x7f6ab8d8f6c9
[  814.506520][T17916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  814.506543][T17916] RSP: 002b:00007f6ab9c37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  814.506572][T17916] RAX: ffffffffffffffda RBX: 00007f6ab8fe5fa0 RCX: 00007f6ab8d8f6c9
[  814.506588][T17916] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000
[  814.506603][T17916] RBP: 00007f6ab8e11f91 R08: 0000000000000000 R09: 0000000000000000
[  814.506619][T17916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  814.506633][T17916] R13: 00007f6ab8fe6038 R14: 00007f6ab8fe5fa0 R15: 00007fffe2ec5008
[  814.506666][T17916]  </TASK>
[  814.782586][    C0] vkms_vblank_simulate: vblank timer overrun
[  815.574623][   T31] INFO: task syz.5.2103:15966 blocked for more than 143 seconds.
[  815.605852][   T31]       Not tainted syzkaller #0
[  815.642981][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  815.698241][   T31] task:syz.5.2103      state:D stack:26328 pid:15966 tgid:15965 ppid:14527  task_flags:0x400140 flags:0x00080002
[  815.776071][   T31] Call Trace:
[  815.779552][   T31]  <TASK>
[  815.782601][   T31]  __schedule+0x1190/0x5de0
[  815.852616][   T31]  ? check_path.constprop.0+0x24/0x50
[  815.892877][   T31]  ? __lock_acquire+0x622/0x1c90
[  815.923358][   T31]  ? __pfx___schedule+0x10/0x10
[  815.962305][   T31]  ? find_held_lock+0x2b/0x80
[  815.986250][   T31]  ? schedule+0x2d7/0x3a0
[  815.990664][   T31]  ? expkey_flush+0x20/0x90
[  816.036562][   T31]  schedule+0xe7/0x3a0
[  816.040785][   T31]  schedule_preempt_disabled+0x13/0x30
[  816.114524][   T31]  __mutex_lock+0x818/0x1060
[  816.140366][   T31]  ? expkey_flush+0x20/0x90
[  816.165560][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  816.170652][   T31]  ? do_raw_spin_unlock+0x172/0x230
[  816.262909][   T31]  ? _raw_spin_unlock+0x28/0x50
[  816.277721][   T31]  ? __pfx_cache_clean+0x10/0x10
[  816.314642][   T31]  ? __pfx___might_resched+0x10/0x10
[  816.332348][   T31]  ? __pfx_expkey_flush+0x10/0x10
[  816.354625][   T31]  ? expkey_flush+0x20/0x90
[  816.386285][   T31]  expkey_flush+0x20/0x90
[  816.390712][   T31]  write_flush.constprop.0+0x2af/0x3d0
[  816.435539][   T31]  ? __pfx_write_flush.constprop.0+0x10/0x10
[  816.459285][   T31]  ? iovec_from_user+0xbb/0x140
[  816.537309][   T31]  ? __pfx_write_flush_procfs+0x10/0x10
[  816.543116][   T31]  proc_reg_write+0x240/0x330
[  816.694798][   T31]  ? __pfx_proc_reg_write+0x10/0x10
[  816.700063][   T31]  vfs_writev+0x5df/0xde0
[  816.704423][   T31]  ? __pfx_vfs_writev+0x10/0x10
[  816.826064][   T31]  ? __mutex_lock+0x1c5/0x1060
[  816.831086][   T31]  ? kmem_cache_free+0x2d4/0x6c0
[  816.897317][   T31]  ? putname+0x154/0x1a0
[  816.901634][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  816.974933][   T31]  ? __fget_files+0x20e/0x3c0
[  816.979692][   T31]  ? do_writev+0x132/0x340
[  817.024995][   T31]  do_writev+0x132/0x340
[  817.029300][   T31]  ? __pfx_do_writev+0x10/0x10
[  817.034086][   T31]  do_syscall_64+0xcd/0xfa0
[  817.115024][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  817.120988][   T31] RIP: 0033:0x7f65c2f8f6c9
[  817.155011][   T31] RSP: 002b:00007f65c3e55038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  817.163680][   T31] RAX: ffffffffffffffda RBX: 00007f65c31e5fa0 RCX: 00007f65c2f8f6c9
[  817.259996][   T31] RDX: 000000000000000a RSI: 0000200000000240 RDI: 0000000000000003
[  817.305133][   T31] RBP: 00007f65c3011f91 R08: 0000000000000000 R09: 0000000000000000
[  817.313273][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  817.405766][   T31] R13: 00007f65c31e6038 R14: 00007f65c31e5fa0 R15: 00007ffd26a3a538
[  817.413836][   T31]  </TASK>
[  817.555400][   T31] 
[  817.555400][   T31] Showing all locks held in the system:
[  817.686515][   T31] 1 lock held by khungtaskd/31:
[  817.691445][   T31]  #0: ffffffff8e3c45e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0
[  817.825441][   T31] 2 locks held by getty/5589:
[  817.830190][   T31]  #0: ffff88814d39a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  817.925464][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0
[  817.965090][   T31] 2 locks held by syz-executor/11895:
[  818.005479][   T31]  #0: ffff88802a8920e0 (&type->s_umount_key#50){++++}-{4:4}, at: deactivate_super+0xd6/0x100
[  818.038665][   T31]  #1: ffffffff8e7ed348 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0
[  818.073198][   T31] 2 locks held by syz.1.1728/14218:
[  818.085569][   T31]  #0: ffffffff9018ee90 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  818.093949][   T31]  #1: ffffffff8e7ed348 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x687/0xbc0
[  818.155595][   T31] 3 locks held by syz.5.2103/15966:
[  818.160844][   T31]  #0: ffff888048f2c0f8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370
[  818.195619][   T31]  #1: ffff88807bb6c420 (sb_writers#3){.+.+}-{0:0}, at: do_writev+0x132/0x340
[  818.204593][   T31]  #2: ffffffff8e7ed348 (nfsd_mutex){+.+.}-{4:4}, at: expkey_flush+0x20/0x90
[  818.264027][   T31] 2 locks held by syz-executor/16169:
[  818.295628][   T31]  #0: ffff88802a8d60e0 (&type->s_umount_key#50){++++}-{4:4}, at: deactivate_super+0xd6/0x100
[  818.335801][   T31]  #1: ffffffff8e7ed348 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0
[  818.345488][   T31] 3 locks held by kworker/0:4/16297:
[  818.375103][   T31]  #0: ffff88813ff15948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  818.405691][   T31]  #1: ffffc9000c777d00 (free_ipc_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  818.415446][   T31]  #2: ffffffff8e3cfb78 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x284/0x3c0
[  818.447058][   T31] 2 locks held by syz.3.2339/17165:
[  818.452305][   T31]  #0: ffffffff9018ee90 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  818.476213][   T31]  #1: ffffffff8e7ed348 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xd5/0x1b10
[  818.505760][   T31] 2 locks held by syz.7.2384/17482:
[  818.511007][   T31]  #0: ffffffff9018ee90 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  818.545873][   T31]  #1: ffffffff8e7ed348 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xd5/0x1b10
[  818.570144][   T31] 1 lock held by syz-executor/17488:
[  818.575479][   T31]  #0: ffffffff900eb0c8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x230
[  818.610672][   T31] 2 locks held by syz-executor/17664:
[  818.623048][   T31]  #0: ffffffff900eb0c8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x230
[  818.641484][   T31]  #1: ffffffff8e3cfb78 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x1a3/0x3c0
[  818.651997][   T31] 1 lock held by syz.0.2466/17888:
[  818.657457][   T31]  #0: ffffffff900eb0c8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x230
[  818.823852][   T31] 
[  818.836656][   T31] =============================================
[  818.836656][   T31] 
[  818.845120][   T31] NMI backtrace for cpu 0
[  818.845139][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  818.845174][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  818.845189][   T31] Call Trace:
[  818.845198][   T31]  <TASK>
[  818.845208][   T31]  dump_stack_lvl+0x116/0x1f0
[  818.845243][   T31]  nmi_cpu_backtrace+0x27b/0x390
[  818.845278][   T31]  ? _raw_spin_unlock_irqrestore+0x61/0x80
[  818.845306][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  818.845342][   T31]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[  818.845382][   T31]  watchdog+0xf3f/0x1170
[  818.845409][   T31]  ? rcu_is_watching+0x12/0xc0
[  818.845435][   T31]  ? __pfx_watchdog+0x10/0x10
[  818.845456][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  818.845487][   T31]  ? __kthread_parkme+0x19e/0x250
[  818.845519][   T31]  ? __pfx_watchdog+0x10/0x10
[  818.845540][   T31]  kthread+0x3c5/0x780
[  818.845575][   T31]  ? __pfx_kthread+0x10/0x10
[  818.845611][   T31]  ? rcu_is_watching+0x12/0xc0
[  818.845636][   T31]  ? __pfx_kthread+0x10/0x10
[  818.845671][   T31]  ret_from_fork+0x675/0x7d0
[  818.845705][   T31]  ? __pfx_kthread+0x10/0x10
[  818.845740][   T31]  ret_from_fork_asm+0x1a/0x30
[  818.845792][   T31]  </TASK>
[  819.304822][T14102] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  819.443368][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  819.451372][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  819.500550][T14102] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  819.737942][T14102] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  819.854373][T14102] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  820.148185][T14102] bridge_slave_1: left allmulticast mode
[  820.153883][T14102] bridge_slave_1: left promiscuous mode
[  820.196920][T14102] bridge0: port 2(bridge_slave_1) entered disabled state
[  820.239259][T14102] bridge_slave_0: left allmulticast mode
[  820.245065][T14102] bridge_slave_0: left promiscuous mode
[  820.287280][T14102] bridge0: port 1(bridge_slave_0) entered disabled state
[  821.261871][T14102] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  821.279622][T14102] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  821.299851][T14102] bond0 (unregistering): Released all slaves
[  821.624769][T14102] hsr_slave_0: left promiscuous mode
[  821.650699][T14102] hsr_slave_1: left promiscuous mode
[  821.662559][T14102] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  821.687406][T14102] batman_adv: batadv0: Removing interface: batadv_slave_0
[  821.708699][T14102] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  821.716217][T14102] batman_adv: batadv0: Removing interface: batadv_slave_1
[  821.775894][T14102] veth1_macvtap: left promiscuous mode
[  821.797971][T14102] veth0_macvtap: left promiscuous mode
[  821.817210][T14102] veth1_vlan: left promiscuous mode
[  821.823914][T14102] veth0_vlan: left promiscuous mode
[  822.753162][T14102] team0 (unregistering): Port device team_slave_1 removed
[  822.815443][T14102] team0 (unregistering): Port device team_slave_0 removed
[  822.930301][T17220] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 972 with max blocks 49 with error 117
[  822.954782][T17220] EXT4-fs (sda1): This should not happen!! Data will be lost
[  822.954782][T17220] 
[  822.975535][T17220] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 971 with max blocks 50 with error 117
[  823.017439][T17220] EXT4-fs (sda1): This should not happen!! Data will be lost
[  823.017439][T17220] 
[  823.045402][T17220] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 0 with max blocks 1 with error 117
[  823.085679][T17220] EXT4-fs (sda1): This should not happen!! Data will be lost
[  823.085679][T17220] 
[  823.793954][T14102] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  823.913928][T14102] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  823.994080][T14102] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  824.093024][T14102] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  824.384486][T14102] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  824.491378][T14102] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  824.591789][T14102] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  824.706047][T14102] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  824.994582][T14102] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  825.103273][T14102] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  825.181284][T14102] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  825.270936][T14102] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  825.482460][T14102] bridge_slave_1: left allmulticast mode
[  825.500439][T14102] bridge_slave_1: left promiscuous mode
[  825.506205][T14102] bridge0: port 2(bridge_slave_1) entered disabled state
[  825.531422][T14102] bridge_slave_0: left allmulticast mode
[  825.537107][T14102] bridge_slave_0: left promiscuous mode
[  825.561220][T14102] bridge0: port 1(bridge_slave_0) entered disabled state
[  825.592644][T14102] bridge_slave_1: left allmulticast mode
[  825.598342][T14102] bridge_slave_1: left promiscuous mode