last executing test programs:

14m4.786460402s ago: executing program 3 (id=280):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
newfstatat$auto(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', &(0x7f00000000c0)={0x240000000000, 0x6, 0x7, 0x0, <r2=>0x0, 0x0, 0x0, 0x40, 0x1, 0x0, 0x2, 0x38d, 0xd, 0x3, 0x5, 0x1234f8e, 0x95e}, 0x7fff)
sendmsg$auto_NL80211_CMD_START_AP(r0, &(0x7f0000000400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000180)={0x20c, r1, 0x400, 0x70bd2b, 0x25dfdbfe, {}, [@NL80211_ATTR_WIPHY_SELF_MANAGED_REG={0x4}, @NL80211_ATTR_MLO_LINK_ID={0x5, 0x139, 0x9f}, @NL80211_ATTR_STA_SUPPORTED_CHANNELS={0x20, 0xbd, "439edaa9c84a7f699593a02e4b317900c5549ad3af2cfcc50a703a1d"}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x3}, @NL80211_ATTR_MLO_LINK_ID={0x5, 0x139, 0x2}, @NL80211_ATTR_CSA_IES={0x106, 0xb9, 0x0, 0x1, [@generic="7cb64ecd2167a32c8b5562c614c0d544a4b6ada3c4a4881c7a45b3b8569718501a9d0c7cb7aeee6061eb39ec05848e7d6b28a4ba12828a8467e91ac0f17f740beedb3f7e177e39dc246c3f559fce19773bb4b301548435f791848903adade7a3a9d3e22924ec17469634041dafc2278d43b307963992a79d6b32257173275a6178430a4594ec28b3b670a6c381b7b92feabc3d7bdf4f36ff789f7f690f0db0ca44f57ad71a3a168b4839f861f45246aa40847497314412aa821365207f78daec6d1bd556ea5c2a9650b0e5de020fccd42e92d8e7205ff6574dc806ce7aa00053bcca21dbaca2e40dd32b687e27f51a2bd19609ca18b0e69cdbe7", @typed={0x8, 0x139, 0x0, 0x0, @uid=r2}]}, @NL80211_ATTR_EHT_CAPABILITY={0x35, 0x136, "e59ed2712a91e4385127f170110c7ba9d3dd593323c61cf822d6393fda27cad04992cf3a52604abed0ee8a9182c878e873"}, @NL80211_ATTR_MPATH_NEXT_HOP={0x7b, 0x1a, "0f5a936e6aacf32c361639f0038843ee17a7225b90f946e28e5b04174cd92d7939395f3fa6d68369d658d612bceb1ac2f89973b35b833bb9fb49bfc8ad9303f9ed3a8316d08eb2cc7c0ca103d02114d2a89c23429b9723a8319bda270cb9989d8650f4ffac7fa897822eb393326287bba63f4c10644ae8"}]}, 0x20c}, 0x1, 0x0, 0x0, 0x8008000}, 0x40801)
process_vm_readv$auto(0x0, &(0x7f00000004c0)={&(0x7f0000000440)="b9934bade9c3516dd262adc526708d94731a3ffe8a2a98adc33a9089067eb8f70ec9fcbfbb3345f3877db6238bc89d60f0001652d1fd4667ae576cd69e4c6bd60ba461bda6c3418ac1c906da282d9fc8d54e2766b5ee07ce884292470c47387864dfc866fc307d30e3c42194ad5c25173b943aa1262d4aff3d1d2c", 0xfff}, 0x8, &(0x7f0000000580)={&(0x7f0000000500)="7f3073352f25088d859c6612f4e27c7d0179f797504075cc89ba15492e31368b1952ce14168ea9c3d63acde4d01b0926ed21d14c3e0d34b89406a92f920eb702a78e809f7e5d12909b76", 0x9}, 0x8, 0x8000)
r3 = bpf$auto_BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)=@batch={0x9, 0x3d, 0x7, 0x2df, 0x2, <r4=>r0, 0x498000000000000, 0xfffffffffffffff8}, 0xa)
process_madvise$auto_MADV_FREE(r3, &(0x7f00000006c0)={&(0x7f0000000680)="c7dc985fb9865b76b46e9ad3c4fca336797cd62e364ce32eb1b138c6a4009a498163e8", 0x6}, 0xce4, 0x8, 0x7742)
link$auto(&(0x7f0000000700)='./file0\x00', &(0x7f0000000740)='./file0\x00')
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000007c0)={'ip6erspan0\x00', <r5=>0x0})
sendmsg$auto_NL80211_CMD_ASSOC_MLO_RECONF(r3, &(0x7f0000000880)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x8a00000}, 0xc, &(0x7f0000000840)={&(0x7f0000000800)={0x30, r1, 0x200, 0x70bd29, 0x25dfdbfc, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r5}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0xf056}, @NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000010}, 0x54191a64261d5f92)
ioctl$auto_SNDRV_TIMER_IOCTL_NEXT_DEVICE(r3, 0xc0145401, &(0x7f00000008c0)={0xffff, 0x8001, 0x5, 0x7, 0xffe})
capset$auto(&(0x7f0000000900)={0x1, <r6=>0xffffffffffffffff}, &(0x7f0000000940)={0x6, 0x4, 0x6})
r7 = prctl$auto(0x6, 0x6, r6, 0x7ff, 0x7f)
mmap$auto(0x0, 0x6, 0x6, 0x100000011, r0, 0x7fffffff80000000)
ioctl$auto_SG_SET_TIMEOUT(r3, 0x2201, &(0x7f0000000980)="d627344a60bb1957aad70a58a028e9c7dcea3d2be8e085d9c114c2f18578557fd54af3098674496def9cd68390fc476ab3a446669bbc73f4e3b17348c4431f7ecc0d365965978793de54b588c47ad1a1f19785a5480c9010ca36371a6aca06c08e605ec69c943ae3c98735d5eb139ad44ce5d675b3e6be8899a9bf6a037b21aa09eec4eb74199957b3b55e338cf9ed16db2d0d2f50771d115811ed57db25cca5bc770e4206b87c")
read$auto_tun_fops_tun(r4, &(0x7f0000000a40)=""/180, 0xb4)
r8 = getpgid(r6)
sendmsg$auto_NL802154_CMD_SET_MAX_CSMA_BACKOFFS(r3, &(0x7f0000002b00)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000002ac0)={&(0x7f0000000b40)={0x1f78, 0x0, 0x8, 0x70bd26, 0x25dfdbff, {}, [@NL802154_ATTR_SCAN_CHANNELS={0x8, 0x21, 0x800}, @NL802154_ATTR_NETNS_FD={0x8, 0x1d, r3}, @NL802154_ATTR_SCAN_DONE_REASON={0x5, 0x25, 0x44}, @NL802154_ATTR_PID={0x8, 0x1c, r8}, @NL802154_ATTR_CCA_ED_LEVEL={0x8, 0xe, 0x8a}, @NL802154_ATTR_SEC_KEY={0x873, 0x30, 0x0, 0x1, [@generic="0fbc25a44274a2be3ef9807094756d6eeaacab9895d125225523cc5700e67c2730330dd231c6ad6c901c1a69aab7e2323be0e53ee61375cc9a889929f8e974fe42dc365ccbae5a97ce536d30387ca333e58b4e750c8dbb981f7bd828becae2cda0415c1997b5621b9140da94cb19e0c1eba5d4c216fa3cc7ed541e5092569fcd95f8225b3f2323fa8cffb982d6855144f2775bb29350b2796fd4b6c693056bc9a19752e56efe712d7f2e3500b4af73cedb8611664153068851b47ea5b06d67", @typed={0x14, 0x23, 0x0, 0x0, @ipv6=@empty}, @generic="8bea69706d1d93769ef119183a7c9f7b0b1b026c", @generic="99a159e34e7c6222bed407c9b4a51333cf30fe419cfab01e1df5485e9cf792523ac35ff5365d12eb38a6501158a0a94e152ccf7c831a82fa18e7be495f136298c27f682fea3f7aca63b5572534501367444fb40a73fc8ae6b8f096863b5e937772d755e1cafad803f0f94e5126af17a49e613abef1eda0d42725f89d8a0303d2201f8e598756c184f2d0625bf881995d4d10ee30b16755c9f9894bdb740d69deeba4f6db6330de5f2e5976a9ee2aba1a601849721a8c27bbff90887f634c4dbbb98c3c47ec29523b", @nested={0x39c, 0xe0, 0x0, 0x1, [@generic="29c90c268f3c6f9ace4df49e2ce28cd501e5850b05846a986672e455e10b0163eb415929f3971ea96c9d68f74bbe157ca65736f2ff9784f6048aa0bf9a8531f4c8a36f6f0aa4a2a78e886948bf1eddccb5aa161743911b7c21ab8af67957f644a15cd876b20b0224de315485228c98b5d215a9ebb4bd2f967e7465e3111b547d0cac5d5029362f2683b8c564d1ef8f4cdb038ecf67eb06ae5dc1370d57f6948efea1d9b6fea8336df00f65a8971432d7a72ddb994b6dbdf71ebfdf26cf2a21060b81b78acf5724970fc8899db4c7f7c8d063ed483b07df9dc0a70f960208e48d6bdaa50d14bcfa08d041bc", @typed={0x8, 0x4, 0x0, 0x0, @fd=r0}, @nested={0x4, 0xa1}, @typed={0x8, 0xac, 0x0, 0x0, @pid=r6}, @generic="ce7a7d2e61c48dbb61ffe40f63e186b42f33d185a62b6e5be60d3dad11511be770f9ce44e40682683109cff59a3ae067967ef68071e6f5ae16d91dc665cf4b34af578994841c6894d2d01ee99a3c7f206f63558b3df56c944b4fe8fbc17eb1cd0c914867bfd83202eb7c2d7cb27538cc880f7f0f", @nested={0x4, 0xc}, @generic="aded5d34654b54548a471b558ac55bb3c5eea4f845c691b9b3bdc3e4ae5bc1afd6b1332c0657312178e84e9250f04afb81ed84ae49cb60dcf0e1047b023bcdedd3002b9e66d91e3b8608da5dc65765b2a8fd0d0a4c2e8058611c8a855686da46d43f9c29a9a8471a56e84573d2de75d5115e7fb734c034276820c20c18c533417dab849d2edee5ff1a3562735045a4acdaac88d86d7ce61b1a4427ac54a04056efd0152eaad2a834c8f73a4e990811c2340f5635", @generic="0992ebee8664aa73bd0e33f00bb443a3b506ff523ad030b9bb5d0efe1d83da7927b129ebfd28c07a9856eda9e7620afd429aa6113d240804ff91e0ebb6ddbda2ab17b3ada73edb3bf71924b2a5cb8143718b1711cfa37bffedf73f09d95610d54bcee23e5ff7e79dd266d0f1c8d6771a16db405579b6c304ac6394e1caaa7bbd1533943dcc9ffd4d9b25b81caa310291c4aedf71505706ca9c54bf07d9fc28102b937d9d685b67311bb050317bfb5c9428f0764e612c8361739242fd934769886dea800a4c7e5395ffa4688217c7fc49d1db30188bdc7bb27c7c858b215dd6ed7b022219f0de2aebb1c196a690a9af38644465ddbb99faa058cd20", @generic="c255705bad6f916cad957c728ae81ee70607cebbb0d30252505e25b7608659e34b7eec72837435af9faa36e9bfd28bd8e4da5d36150a72b157f34b1efd18184349183af0acf82c249502d24376e76d1e0ec672a0b1ee8e0ed55a32788b0aa854e15a6037f0e65c0353d388817c5c716e28e0"]}, @generic="674af35da4c65e5d22c603129dbf0746c3554c14236c14cc96f8ea92e50a7598270ccdaa23f515855ace89f7b0cd41392dba778ab1f36c24517d9b73aed2272db71bf609554976418c1548e6b45afcbdee333825c66e04eb798b005539135a3cc84f17ed2917cbe227d93ab3e0ac1ac7aa68867da823f1fa7c117484dc7fe047", @nested={0x2a2, 0xc3, 0x0, 0x1, [@generic="ea334273407497694a86dcb9ddab59a120416fe283a7dbf2411dde1b2e6fef7ebcebc78691dbd03bfdb538c84b9821d4f7c47b544b85e272984007be00f4a25ec25e13f2aee31c332bc3eaec7de1312afa9134365836e29aab5f691a18585e8f385338829268656896bfebf79661608a2bb78cbc0e31967f99df4ce750911c2066467dfb00a1e0078c29685a6560a923dae3104ac2e62dffd949d16f420f9e3f8c4851d41f26f15dc8c096c8cb59a1087f71bd381ab2b7938a4a7cfa9c4b7db10eca0eca8982c7fa1d20ee5ca2f1", @nested={0x4, 0x14c}, @generic="a88fbe959206b2588a6375cf0ad448cd73ec871a243003219147bd458481201a0ba8a4f12144db48795e8de4e1499b4f5452f810ce3017b7a3e7d3b794fc92ef6427c72b63ed9e9504e228105e09091a28ed0aa0070999677a020e615b5c5a8b26434dba3bc4d6ee66060d1b890242ef4022455a7f1a5b58b34a7b03f9679e", @generic="d98ea1bb673fcab3cac1cab8936670e8d40931918aa497a749c9ecc2790a69e409e5d4c0da5637f3f8f1690b72c4264586a62792189e71461e9ef91fd0728194550da250ff79121d065c146df85897e1e2c18dce9b1dac0797b1fb05", @generic="29034a886582c590c19c2e1304f8725dedd2b49c6f8e3159bee7278d587a43b45fb48e474473d4150eafba391a5daf779321a39f089ed965570e98c41f59a29bfde338e8666a31dc09d16e39f1a67197a61b53c4487292647068e22e588b27649c39ac6bcbed05eadc0c9a2599e70b7a657d003ebe2967e51ccf512729eb30f362a1ea4c22d043cf0080b6854d56d69d9ac72a3a1b0c1acbfbb5dbbb7cc26cf7dba31444b35ccf9928e2e44d7f445862ebb57aaee32a49c3718ebc03e897af94e0d753c51d591035737785c6a1fa41550105dddd983b2ea2bcd56a89a91331c51be7e56886a60a4c546352cabc0abcf062"]}]}, @NL802154_ATTR_PEER={0x18, 0x28, 0x0, 0x1, [@typed={0x14, 0x95, 0x0, 0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}]}, @NL802154_ATTR_SEC_KEY={0x3b4, 0x30, 0x0, 0x1, [@nested={0xf7, 0xab, 0x0, 0x1, [@nested={0x4, 0x6a}, @generic="b3b7c1d4a81508d8692b54be96fb3baf9483ebcdf186316030e85973f98b496b6185b5226ef59eecb75923a24b8ec064f9836ea00de224cd618f573c1ce63762004f46e7ca552575da7b8bafa182a9132b3e188f9a38fa1006f016b4ca5aebd9266ff75f1c7a7cc51b5043628a8c450538a567627e428ce86f1564867959e0972557cc16beefec71455c6a00b76ddf77e1df6ea87f2a1719674d792f2ceb82ecc50c02c09c9f81df5d5f84d31344d4d2e2202d2085a3bb40a2b386a234afd75f6dcc9854540a7567ffc4df5955c8585cba68414a18c9f0683b6f734fe99b0aca599adb47fa45f9710383859ec4f9de"]}, @nested={0x1ed, 0x11d, 0x0, 0x1, [@generic="3ab777254996318532815ed04f9a980f83294269fe22aa2869a467db9d58501c8cdb83afd447bf", @nested={0x4, 0xc0}, @typed={0x5, 0xa9, 0x0, 0x0, @str='\x00'}, @generic="f5cb8ee097c03cf0c0b1fb040dc5ba7b92fa467fe46db94d50a0bd513de22e89ee9022bcdc9a18a5ca7c0bd9f3b0f97f12935d00b2642c85811f6b5cfb7ff6df16ff0899955131e1a8c8f6e13b0eefb17e30b3f79c573c336255dcc4080510c8ebe90dfc2b56d791b45e4bfb3da916b13df5223d89ce012da354d394fa591f39f6cabb4ccef55caece529dea8b93dc3038902ff71eba1a5b94788238aca5dbfec0a435ce439e4b66b936c077570db2f0497028d298bf8f5c94bb113b7fa4fabc041b5afe2114f6897e37e508373c6a3a6c7c920d2efeb72b3dceb333a26454193f1aa4307e2adead9f76b1db3d5fc4f39e4c", @typed={0x8, 0x128, 0x0, 0x0, @ipv4=@private=0xa010101}, @generic="0386c6bad2b7ba98d2b1a32979f2ac99f3c17c7c503a104f574d980e0ce79cf800d1651a57e016541c0c827219c30754445436afa18188fced6abe4f28cdae2cc1f402657f24e22c66f7e0881ec4af2d443c5d36984886d86d76d3c8e203d885d7334429588622080c3247ee457eb937d563190e115a709f03a41e45902ee1199933ff879b740d48353d0ac13447ab7d82b1eaa847f6801b686416855b4be661af8d854aa740ce4de7aaecc495e52243641d1ab4b0e60faab2f51f14"]}, @typed={0x8, 0x143, 0x0, 0x0, @u32=0xc}, @generic="8707742dc3968592960b8f5ccd966458e39498b99952fc8811bba696fa9f3b99916d604ac425d4adb0f9405247c5ba8ca531324d04fb6cabc0287d2bc07e31f80150ca58e324884a4246310344a6beb93932fa80b63d76e884f4481c5e419d06b55e144cd8887894544499b5d25e56edf2c7223ea4dd038cb56b002ae6f7300e0479eca3e7a13919c8bcf3ffb7f031dfc76a4527c423699f54156805bd32b97b42fea225d8116a5058ace7cfe32ca16e5a22042f29a065fc8adc9890121586a3"]}, @NL802154_ATTR_COORDINATOR={0x12f1, 0x1e, 0x0, 0x1, [@generic="29e78c716269d8faee1c73a59778db380fee66c0567133b53dfaa3be3ca023e1e15fec7bcf57aad3249878", @generic="68043cf93f2e9abbf399d58d0b9c7296cfca9d725043d64094bfb7a6c18e89570f07cb43b16b5a8e3a99262733e3205288bd0069c95887440f646c2a2defa658e0e6e92f9d3b0e4be0158ac64629d7833352b3f864e8662cfbc4052f4f828420f33b7de4ab861d84c063eab75cd92d55b427c3c1540d0ffc8e11f5fb9fb482c13f937ce4c9991765c050c2f27c89821ed07848b8f2c7e5b9afeba7d72a90cd6193e6b3bc7e707b072b412e1fb7de36d00a059855e6cd201413cfd05f0b2598f1d572", @typed={0x8, 0x16, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x25}}, @nested={0x126, 0xfc, 0x0, 0x1, [@generic="3d7738596d23eaa8fab25fd35b93466e797cb3bde722aae9aff756bd492ceaad811fdd19b7c30689e0b11a73283c97f9b3f04a1dd52c3eb6352f00e10aca165da7de7a481f233beb1d3714db200ad813e5a3f6697bd136b501ce09e70ed21fa8b637ab006587e30d382b1f0e1e1f4c04d700e0ccf8906263ecd59f2bc98a0fa604361a0f1b9d6decf5ed82cb795d131909b389460d40781c81dda4f88271f52b29dec5e369584fad4b961f7e564564da576fef8dbc36115ed1f16682f5408184eeca90a0c6e4b24617b1b03c72300eb555abd62ce5bfc3163ac16473299f6e1cacb88efae071440fbd1ac82ee4abe3", @nested={0x4, 0xd7}, @typed={0x8, 0x100, 0x0, 0x0, @ipv4=@rand_addr=0x64010100}, @generic="295740f54c6ddbdad9d979c919835769d719d1c826eddfdda22b39", @typed={0xc, 0x150, 0x0, 0x0, @str='nl80211\x00'}]}, @nested={0x8, 0x14d, 0x0, 0x1, [@nested={0x4, 0x69}]}, @generic="1826314ec6a150ee1db3e4d03b27a7e9b60b038acd0ec0cc97190aede0563ab70c50b786d2430e6ddb3dd90b262a1d5785aa2c3666fca675ced48c605e74ae80b4a4288d07e66b28107fccf7789b06561a04cb2b669148b4e6de2fadc2e094bcaf034aab46ecbdbb3d581e2bf8455d3fe67c2cc81e1704b7417e8805af4adf41dbb6e08cf4b42fa89028bad76bdc48d79dab1bd002ccc4d0d47c504fed81419dce10c3ce982da5eda4020e80d86a383d2433936e16085071fa27dc72f15b71421248160d", @generic="af0f0afc73bce8e2051a089981f8b92873ddb126aff40df4f172fb99608507f6d18977148a1e042ae054b853ca3bd7b8a673d9c6f8515cd08ea6a9b33ef56026411f2c7685bf39805623eb81c494341bcda2db9a077b25d79f3f74552f747a8fdfa9b1d0cdf36936ecd28078f41dcbf7feb7f813064adc604d5766b5f74dc3a485f017f3b09c4a91e69490c433651bcb0f1e7afa9d2e2d9cd46002129d4b0f477f5fe643b691cf19c0dcbd216af84ac3bd9b0951af8d5c3232df1146b7d8c41c3ad2519926739b3fccc3a72f3da00dbee331d635fb50875d257b952e8cc62ef6a296b8e5a89f9bccd8bd4d660932738414dc31be4592373b2aa3a729d3ef9af71a029bedc025377223f34fba461b033b8e853cefbc37d323a4698e3138ef1466e101d89298f403ca0fb9a1df444333187cfa40b6675d9bd99c814646dafcdd5997c9f3023cb1e48371cd8967ccc010897d811578e36099135ad0ed04051cfd0c349e6a0187e758c703d994d4c5337091615733b25674269484f80ff8d05b552aa779deaf79459f1a398bfbe127e016aa778d52ec8535400fa90cc5de8bd5b60ae9c2034a36c5d51653e0638cdfac0cdbdf996ad3230ccb8725109344f4ad06b79efb751578daaab3b7dd0b48acb37e3aea0e5eb1f89b211cf471ec3437240b36cf62feceae9656de782a47c1941e0ee2dc81c566a88934577bdb07f9acf5ef2ec26dfb5db78aef7722a6d07047ebf45239988ba09c0a04784ed9d4dcaefb4babcbb740145b997faac050855e3405b4e53b5d5228801935a0991f7d6f7872e921bd7e09c18fd196d8fed014b45ce34c4e54bea565f398232695b9e496b4b2a3bf99887e8935cc439e2e626a6efcbe4571e9e5c51af595db493afe72f459cc2a411bd86bbed15b9e07e83d4bd934a713fb9d8040d600d6162ec0e33e39d7870757c9a304d7abbfb69732958e8a72bff083adc45d0ac55b9d7556c73593005a3beb85906938c78d42b759a5888862bfa4056e970e7b60553af80a1e9202956f58042a02020f4d432c07b084361f9a53f01a54495d9cfcdb332b3e7a3ce50da3658e42c3c47bf778a2f43439fd71f1f6b9adcacbbeaaea13bc215634ed87480c072e248a32b213384ad13cf509117cbcb92edda2ec3b64e3f7a426567e112462fb567cf443fac71be50e5de68586a1ecf7fefeef3d4e53c70dc07ca5f9e7a4f7da6751efab668a2b0b461ae5732ab2b7ed3145d5783ac009efe808bc94a25e11252673c2775d0ef95fea03dbdeb7388de5a63c5b8fd31b6c343b882f8326d61101aac591827c88e45987fb494a0bf9e71185d9df1be73844d21067209a93a770cb252217c6e5f11e22a04eea9bfac771eb9c43b942c0aced21c7b0689e58e3b8ea4b7f4c4688c1ff6f74830600b9e3ac19cf917cee88458e52d6137663c1f5505ed9dc58939362d2f2860ba2071c91197f4527ac97e888c3ffc805c77ef11ef7ae57a83fe0378595c674fe627c993bc746f23d833c2a4d35543e43292a413687f28891dc709ad1bbc26fce6d18132f3345d8d7425aeb84fc7261e965df327c911ab96bfa4cf4d9423e2f674d1540d2984a1400dd9048708fa45920eec12225fd63b9e885e9d3d33fb4b0388d1bc9a813f76084c5eaf7764399f909814a572921afa224451c1fa4b145320b9ce3e009226055696af67615ab0bef40dfdfffbd9da7aa0d576851b47ce30073d18f9752ece1b50ae732bc7acd685c9fc0def5c7f1b20775ae77131b4bf50a04fb42d300f7b388cbbf23475ed72d2f57c140d741ea03e37295549947fb25856ca101d681e5d40b9e396258eeff47484e41350776cc0505d590e45e75ca7a596e8d4fe0b1c3fd1ceeb7bb418cbf8dd1929165110893cb70f440928a6d7a3c04c37949c59526a247d1ee786d7604e700ea0b5225b695c1879b9cbe516426f0a79be7d7d029353ee5842aa436079664956354d45d4cd9c76e9e328fa480bb60e04f2a003ddedf2c405bd5c04eb6cae4da06b79f402ba4697454c8bfb1125c52f7df8f07ec43201fad92619370e6b272c1d7048488d7e48ab14414d181a220f126d5b40a92b6abceec808592285ba364ecbd0774eda977125477824540b5d9b76b377e771683ad97ef62058293804f867d39882118e401a279194e3cab2bb85f2979a1cc3abf5270ddc38e7d8dde1a0b8da50635a8464d0af623651f547611a09532ea3cfc78626948be1850914c97912ac20de633989c0e7c69353f7c40fb3310d7924b48bd22625dede2c8d818c051507b273a3e15f4007e9f6581da3f688bf3a3f128e33f36dae8343385461463eff56e19d9f5c8d78de72465612accce0a62f7e0ed102493cb05f2da5dddd9d4f9a30a7a6c36c5d067bd1dcc709209783ab2481fcacf73717c41b6afb344ad85be3c5dbfc1847d5eda8ba8de556cb225e2d90fec45572121f88a8ed55d41104679111596d6308f1a64b7716a5965680f539d7ad8d11d00a0d79719617abc844fd3c0ec82d5a1373350bb347f242745c582911a1d682b3b45560be410c5515737a7a00958a08ad766fd7d342bdf3109c11b7e5f349d8794280215de55219921de6d3f5611e003ed2b69def7352c6cdc41a1962604e0e62a4c24da3c8d7c9e546e2b8bd217698c33c106d4f2427b0fd33e45bdf27dfdbc23e9ff9fb802bd6fda87b1d934d8f99fb0453bb0791991fb108fbc5d83befa8ab9c5f37c9ee0a6eee95a9f9cf45df2f6a3f004c0458565cb5716d9bd1d533f015d671739ac953ae797f17925be9b44816535f918de7400176b9e2c5a233490eababb435eb54d155d0217bb462ee34a9230e89096bc1e79ddfc7127c93c15d4b410bc5bc08c32b910304cea5a541919fdc16a142c5fd9138d18d646b250f46e19c257e1e21dc8ef0bd9b78759969ea5400fc5f79b20b5916771485e7c5414eb5735a5527e03c6543ad56eaed886d42246fea77d7a982395d673d94aa5bdce2763b1851acce479c9acbb62bedb1e481cc4e8ccc53e297839a856b397a42c9f5129dfa39fc96370cf592adeccebc3272544092ee02304d75734817a1de4c371d57201198ef9c8caabde92a2ba7e6b69f29326c8425db1dd5de7e91d6a772f3fa5b019064df1a20d5d7d8ba86655e4589155f55ee6b69e2d70794f22e41d17e67f84b73f1d2e4b63ba157b5a949b74fc2a58c147a268c41777e12b0d7ab2261bf36f25fced83711afb52b2f6153143a84c9a847779788dfdc4c3896bfe33791fe98c6e3eaccbdc131ec113d712a4721179eb779ce289c07335a230bb919746dcf5c662074f86707df7a2adeb5a73132b447b719a5dc4e95d2cbc4a280b28b157f123e7d63f97dc13df192546993728936f5f9701404f4b08a00e723ef4d9f88773580a3ed7a94feec990e0fd53a0fdcd2a298fdd21d3f542a1d81b455d2c1f61aeba6c0c44be7826707813eeb973f5a475c39d6bf8852ff536871f3438e1834b501cdf4ba37eea2d7bb25515a83d8f99cbd97220db40331d1d30bcd16558d2e214b53ff5fd9fb95c9d4a0101fc18f6108530c9f2f09747dd5fcba438b8175a6e87e31eb5c340496a06603bcbaa6e101812975f29bd3309d6e553688cb4328482aaa9019cb1250ec7e45bb40390bdcebea04ec167568a3fdc2b8960403136d802fc33a7bbfa98d6d5d038baeb01bf7a906e26aff29e0ca4e95bf413d5b49688e8df5437cd5beaf6a26d5d0834836041ca54b38efc039e71efa0f8f06cf8ea2b96ac32b678e35e173b137ac6fa978b779ec7821d01daf75fe1563ad93e7aa8b5e82460cfe25b259a497d7746c91ee40042a7ad62ea87dce20efde4515e9477421d082648b837dcfff9a1f2eade105729a01039e8a58accf624d6d165ecb9d5dde1c2ab7d11e93eb00277470f89bc2980f8261ee41f18027710901ec41ee5c08acb82874958ecb861f2bbf26d5fb723814c01aeab6112751ea751ef7ea643daadb6c82b9eac1b5f41665470fbcee2998a16d89f07e8524f537e41347e9820a7a34e43588edf95a2eef9f2a7e3f4dca632025bbd7b4a24bfaf4db7fc45349e28db6eff94239d761026a03c0dea2906f73fd58264ccb145e8e7ba65f7c80767fd7f2a57c3f13ac7dfb28fb1b3d002106bfba48224ce9901a4d14dde44365791dd676d64298a6d874a745683042633b28ed3f96396fa2ca64582c606c89f52f1cf3bf2658f84a28163efc128232aeb95bc0ab27d9f27890783e5a0071430dfb708df9df81a77c04fd9bbc0b4b6cfb98db6a2070a52889ee4df8152db938d6db6dc8a2fb3922a28de9028e888a40d7e92db64ff8e20f242dd1cad987ada26a6403a6fd269e1f94edffda39959a60526e4d273798f3a4b79ed4f7d5e9711426127b47b9fcc179505870babf1c842367ab116b8297e0d4b7e77dd7f4dc596df9c0c3614bae57a733f8b6e29b5aef3c8f0a2af40ed065ebee0d07fe70bf3a49a9f5b8b7ae97e84007dd653b0cc1619fa59c436bc2079192b48c506bcdd1811f40239e86df8d82ae0c931d879a285983037170c6ed693141c297a2b34d04a97d9daca3a76b34e9a6456169de7f0240ffd23b2339a90a6f38b8741f25390ba188f22d5c053b6e434170be71fbff91acd0fc86a2ea6a620161b52b7aeba11fb8df54a62429fc767d934e4c37e29ffca225cab51b61e32dc167db204c09f25ccda02a2f5d4f96c25d7d82a1fdd154f8b64b936fe6adb7f0b5286841bd621796bbe93befcc1b436250c4c35b79e52f5a6a79bfe8ba7ada1bdb036ad07fe1c3c0f8d601b3b3be13bb1c8653737d9d03a4032f697bf8e83166891db86b4a9157ba52c990cca50650919a40bd93f11e63c7cee737c38e6a15289866c53cd2ad2f10194b21a016884ff7807f9c0ebb400ae84fb05d0a86bebc9b653740488e125319fcbcccf5ff27b6d6ab7b19339a1cb70de35c0dfd20a10f9181b4baa3ffe584de7ec166521325ef253982e5266f38204448a1ba08ed165d6dab2cd19afb96c9d3e5025a1a6d29c0bd0ab84a29d2c043e1521c1a7d9353c025e6206db2946452fc769744e7b8da984c160b8fe15f482c748f6c6975fff86760b4c60e0ae057d1c64bc44703fdd08d3998312d65dd697d6303b7821759fc8bf88adab301438f12d88341451da16d76134e8d8143e2fe6a4e11d0bf2f79f3a705ba40a4354e4714a1567d937d12e60ecf762e0bb8357436e22aa537ddf3dcaf444651df928bd707d4dbe509b31b3866d6a1e8bf45f781b9a33370e6331ba92020dc485709e6b02c54564981106bd26d1432992ff73b297d42468bb6f7ea0e081cc2897821221adbe1578d41c6b4df38e7e189822fdefca6e66e146db9bdd52d70b7fe1f35922d19a15388d5489fbca3e00ba7cfff1285bf2356e883cad14a82f20edd4feced1fc4fd5effb8ce250e98b9cc2b81c791136693ec48d2781161d50784de8f9f168843ddfd8199b58b2b66bab235747ff6dfe98ea7384ae9fe68429eab5d6ca8418e792642586da6314662f99bd926eaf3d38bb50e4df6608f948b378b19addd5dd55b27fe3bf01c7f00c5f4734ce2a206934fdafce9dd7a1adae6c3e7ee6fb91a5d1af2db5694f3e9374ef01909ad5977ab21625e9bddb43df55441ea0cc92f37bb52b289452499e13f543ca72fcbc496ea642f83bfb57a08ad38e621eaf46a9882d3c00be7485bfe3aafa26d802d793f85d29ad88f40d030da07c15eb6c654dcfe1cb0218fc484420ddcbde043fcca85ad155961b0835c075c4809175bf04e017", @typed={0x4, 0x104}]}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0x7}]}, 0x1f78}, 0x1, 0x0, 0x0, 0x4000084}, 0xc0)
listxattr$auto(&(0x7f0000002b40)='./file0\x00', &(0x7f0000002b80)='x].*\x00', 0x100000001)
r9 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000002bc0)='/dev/ptyr2\x00', 0x400000, 0x0)
fcntl$auto_F_SETFD(r9, 0x2, 0xfffffffffffffffc)
ptrace$auto_PTRACE_SET_THREAD_AREA(0x1a, r8, 0x88, 0x1)
timer_settime$auto(0xfffffffc, 0x6, &(0x7f0000002c00)={{0x4, 0x2}, {0x5, 0x100}}, &(0x7f0000002c40)={{0x8, 0xfffffffffffffffb}, {0xffff, 0x3}})
write$auto(r9, &(0x7f0000002c80)='x].*\x00', 0x100)
r10 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000002d00), r3)
sendmsg$auto_L2TP_CMD_SESSION_DELETE(r0, &(0x7f0000002e00)={&(0x7f0000002cc0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000002dc0)={&(0x7f0000002d40)={0x48, r10, 0x4, 0x70bd26, 0x25dfdbfc, {}, [@L2TP_ATTR_FD={0x8, 0x17, r0}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x8}, @L2TP_ATTR_RECV_SEQ={0x5}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @mcast1}, @L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e23}]}, 0x48}, 0x1, 0x0, 0x0, 0x24000000}, 0x24044090)
ioctl$auto_TIOCVHANGUP2(r3, 0x5437, &(0x7f0000002e40)="02f557fc2aa21956948476c2e1d4d1b7b9")
socket(0x6, 0x6, 0x1)
ioctl$auto_FICLONERANGE(r3, 0x4020940d, 0xf246)
sendmsg$auto_IEEE802154_LIST_IFACE(r7, &(0x7f0000002f80)={&(0x7f0000002e80)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000002f40)={&(0x7f0000002f00)={0x1c, 0x0, 0x20, 0x70bd2d, 0x25dfdbfd, {}, [@IEEE802154_ATTR_PAN_COORD={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc040}, 0xd0c0)

14m4.603552575s ago: executing program 3 (id=281):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) (async)
r0 = openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f0000002d00)='/dev/media5\x00', 0x101000, 0x0)
mmap$auto(0x7fffffffe000, 0x61, 0x100001000000004, 0xfa31, 0x400, 0x8000) (async, rerun: 64)
ioctl$auto_media_devnode_fops_mc_devnode(r0, 0xc1007c00, 0x0) (async, rerun: 64)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000001840), r1) (async)
pidfd_send_signal$auto_PIDFD_SIGNAL_THREAD_GROUP(r1, 0x5, &(0x7f0000001000)={@siginfo_0_0={0x4, 0x80, 0x8000, @_sigsys={&(0x7f0000000000)="c26389c8722425802c98c8d50ea36ead9692a22662b4e3960445129d95ce45ad010cc148458a4926c5d92b59c9fb9c2f121c27e0c8e884cb097b36cb2c6d23e12271a69f82b6c56be8c772b636c902e6b189a979e8228f3d3d78711f3f54593b6e0f78de6d15801411614a075e8fafd090be75e72c9c7bc75dcc6935c7f7ce60ad17e2d9167a512df873210e3840afe75c4caddaafaecc770bbf0389aceb5713edb47c283c103f7e23c5575d44d175eb097197546ac150b2cc8217cd8188b2905f89068707e4406b4b3192409d753a703c1354c9308a79b8d49aeadc98973712cc57daa0ecfebb1be813e073e09b5ad78e30fedd6ae7cbfeced9f108afaf5aab1abe4c246abb2d67f73a41ae45fd27279519f5a48174f6e7af23749b111196fd2ff85119f9c31f8b6526b286f6c75b5fd62f7250f51a053823c163257aa7d0e3e087b5dcd7d96346ad0d67671689ba004b051f816cc46cf263038b636796b386eddfcecb3f9325207360c3d13d2b0be663c2855f35dcc92ad7931fc17623aa8b103e6549c3f66b8e80e85c67aa70655c3c690af461af41a41a3282d42899728d3defc937349c807ba7c2762e24f6666e455fa607e01e393edb98c82f97b2f0e870807a7ba80f5805b83aff0177015b14f34a1d67c6b2f4b13febb935ceccca1a782548e7d793ab306464e351f43d091c858228a7285d54b2cad259e8bbc9211516f0e3aacf73dd6c6373c6bb9ee95f3a2bb3136c6c6e37f171e7de7846186d328f7bbfcf0c9a3e06dba7774fa47dd9fe9d35196839615bac56608b3026b9acede0ef12b2beb2cb9261c8086bc3efb928691771b729273d80025575c9b22b317c64d4ce92a69244988a2bd99a07d5434a18900631802229296586fd58a083d80cf2250bcae97e038e0303ece8bc1252bca8371e2d3248c1750ab6b389d5cd5287cee3098dab261b296b8de9b99d2a7f2316e669b259c3d9bef419e2b5837e32d57ebd3d141d60324a9f259f27bf478380a6e568a71724d6b6d1216fc7f94662082cd52433e218e0ed2460faf2767eb326672500f896a40ab7f068ed8f3d4b51f7d101ab64b867dc7777222f9db931b42a86ae444d6c1f26aaee7b4147435179bec4313a1b50acd9822303277ced8088aa45e445f059855312a1c6840fe6dc90a55677d50566f57d44bf36d36ccc81913a1edecc7d998ab19a6c52d1b81b1e9bd4e6b63bdb73568f35ba4403bac6d952c695597850069c79f3bbffc7eaab9dd373426aa9fff49fae8f50180cf420fbe2af3c657500e5efb626506728668f8cf632445d14f607968f6e82721dc9128fce9d8ded64765117187e2df7f0504f51b16c02e5b1a9457ee44d1eb7eb1fe18e649698031c73f0e68b0adebfe7154b69d293bf0c2f2b9d83b3569e2e8919375ea39f7237c985e323bdfa20a735228be80bf116305c3494161fb27a66971286a4ba965778098c83f1a6b70f4052c650a91925aa0129ed5dc525dee4ee7db9499e656d09e19901cd445d186edd38f549b79b01cf8ecb1d8305b6b8778418784df0f815287f1ffe63baa84717181e8f35ed96a82b02899bf077f6140e320d6fa17b58c687fa22a749aa48001c98bc4ad3340ce242542885eb45a3559b334e6c68849c70a85bd2e360504b04f0dc4832aecce9c29e4f1734b2b08118ef58d3ec5649b55f4ab5153d1d451692c4f73bd0f4440b32715c800b0896b0a3aa0691f726939bcafd081632cc6fa849d31b0f8ba3ba9b56bba3ce06f1f4748e0dcba7a3279e267bcbde3a61745ef8be0d51b85ee78ae671827bc475acfe4d28870960d34d0a0b21d780e2b6f86ed413cc5c1c1b90b9793854948c26edb63c46ddae67110dd32ac00b12a84112347bf7ff53b576ffaca792422d157b19ad32827968d0ae74fdde0226cf8661c18dbda721651455c49ee7ca17d4e4d7653f32206a46b6d8c0ea171d567050f6bb1721e58f507a51c11b3a1df8c2157254232c6c034315aacb5cde51c78845820a3f58441b1f423548f82af3e87e6139d9dd950b3bc44914b33f0708a16bccb0bf634bed6ac010ee0af11d9c1686918894ac7ad0d6c7b202aa470ba18ceaac87a781896ba271f13d95f906de34a7080bd17bfef961df102f878569d8bc31a3b3f5a81ac4f5363137301ed16ad8dfd441f703cc7b302b1bcbeeb527735fe7f1168dc57d7b20785ab024fe770e06892a2835dcbbf2cbb77cfda9f54f123c71077d0c78c01a05c4c4b37ae067e9cc3b3e45c5c58b1a26896dedd4a34b19c90cb3f89fd6a85229af8b5b977feef53283041b78e040370db8779bf97f353e42206067c90cf74260bc0c0781da10c21e805dadbbe1f505d40c09c3f0268843fe92c3e3b7b23c9b493c395e62665daedf92a5c888c1f7cfc934988f26410d5372087cc4f38125ac235a537f014ae8320a2a07bd28b67859207830b26963b8a496382ddb32dcad976992128536b6294ef5b46f98cc4bd6259ff1de59c2316aaf39068a685b1d80efd6aa12befc70480728d366566477c1091dc8238881e57d1b1fee1df1860e9590736cfc100ff9e899d0dff2f9ac3d692781b26f8144bfc875171dbcf697dd268f0eda431fb7454c0bb50a77f9718006cee5ad68ec51a15b32c7069db2a3be83986bdee85478ba15ce948e815ff7edff2f5b8a82d866a3a1c6761539fc894df40c942ad3085473b789d3ce474e1d0652d4f1c8ce1adaab9a1cd4c6c170e137d9f5598a83096f97b9ca71130edd91ea34b50419ebad5b4069847e66f4675645681934de895d2e0e0b252757e0e20426a18ff2da32146a19673ea25a20c2d4499c08a99bc9f1cda480b166acab82fe5f48b1da7e3cdde11508f1d63b377ad72590f144e1272651ec25532d9b3f6346f128bbb31fbfc6fe0378ea73f48425b9af652bca2db72e7a9e8294a1b177b19e01de6c58256ea6581b9a74847d679a7b36a90c9973ef057b4a9dfc1c20288d7296d7886e1f0acaa5211e083d59be6ca28c45fc0517e5990a220b34129b4895b6703ab4c487a9d60aa02e75b586a40e24746820a8b63aa6d7deb2a750a03d6ed94440bfc411287dfea385f3fadb4c53c6de205899b57b49fa42956657130c87356c51ff7ec67857acbbb083d7240caeb4393d5d648f75832d4a369c0782816d47967d76d1ac7983dc644d4e4688bea9effb69024cffe1b4ee7adb85bf0007dca4c94f7015b35eba1856e77f442a9063343afb92ee14dd9e443fc3e8837c03c03ccff55a26dd714e685f3f985caa6033e46c9d4c15069ec110e63582147ab2addb310985a4fadf2191324318cdcf8caa8e4c9848fe6aaba55d82699029f41533e6515b48fd77cdb137e5fad703a68984abf285ad3281dd063aee2846dca3af22e3639562c428a0667f883d2b22308dcfa34c00ad20c098b9d0f239fe54a87f514c8d9bead218377f66a053cac50c97d54cffd34e9a0731dfc34aaf3bfe71d5bed4cdad060601a1cdea56755d6df4c6af45b905bddd671bf012c18944115883039bb46999e7e768dc26ce10acb1417f0aba3ca311a1a5b5cdf693ed201c8dd6dcaf42d05bca1a1abc608897b04c8170e9137dbfa8fb98bcce51d12158935207224e68f0ffacd9c239dfadc3424e78e35906a5e82938af3aa05c738567ef3c8d655a86fc9026471b09da7825d8dd353d86f6773ab3206eecadc512e4a9c578528b09d7fd73c73b478dbb66733fcb606fed597643a02a259e1e9e5c392873420acf76d3ad38cdf148db0ab3d89b3b61c869d2488f60907c561a05011cdfdc99e22cd081b859d38e67f0d46b67be7bbc43fb87f599355dc21db2ca049d70eaed9a096b2388426ea4d2d701e153ec94bcde784a19c9b21eec9aaceff58a88f8b6897c207f6eca45873d269040363ecab667a77703d4124f228e3fbbd876614cefb0584ffafc6823c922b3717c87e8fc69e19dbbd09a6910466315fef5efeec35808a656657d3d6f73f068890155f87c9f01bb5c8bc6558e215df0831549cac4d0e52bf0831cbad6b1331604a9c1ccf0aee67c60c388489008fc0983b5fee4d8e512e15046e84f667f280404ad9229d455dc86c60569eb88a4da8ccc7f4ef7bbcf20abbd4ed0697d9b73067edef495d2d376ef3b1420c33f6cb258c24036ed16ed0ea39bdbce345b709de74c481ae9af6944707869cab7c47e34c5723dfc90b291ef294ce33e97ad2a735498c4dca016737245fbf1d1bac34bab0dc529282f8f44dfc2dce07c8edabe5219342d20adb886852cc9202d8e8add400d19ca3f8be74a08b43513eda62a86a1f5df0ea33b6de4c4fd582349967054a9e6fe21b7855ad127b56a68d7a16ab2134d6b74525de389084e5f5b225ba58b64022a1246675100a39c6fc524ae3df6fe83be94c2fb0c43daa0679395bd5f8c7f2aaaf2cade59c78a95be301e5262aac45c921b654a6548ce255f0fefe3e7224e79d62506257cdb772befb70416c54adeba398fc19c6f9e282651a5780819b73bd07a0446e4d26038d07537a4470b5b758dd1e71813235373051bd58fefa2471d62fa31f2df6201f54e4876dc91f20c0cef2be57dc7f0217e499f908468bd4b4912b1d1ec50e32042e819a92a9eac0b26b5c09ec5649058aeb10b6b400c0a30d8581b500cfc479ab255ae817a001df2ce14798088bb472a468faace484b6947386bf97d7e8d2908ed3021e065b73b422baac8510d4c41384a71ce341af68d055e0242f6fc4b136d0628cece2667e2e2b1f5436151111db8a81aa044d873d0cb36b95c34f50eeabc9c2a9b64fcb886823ff1a631dac6483a65466659992f99c6bfc351820929a36eee248bdc4d5e57d78bd77b2b1d83c57d97d3b6b50d9337233a61d0825a856c55c918aa6d5f4eba4cce407a3cd03692b8dd9994fd80354f0765f942cfcbf0f83534c34b0324f56ecb4c21108d5ac6353e87bb53b2626435cd98d86e79dc389711cd3b9770fa01033152c8f0a667bf235a0f7efc396c6a0a5f64e8f5f78cdc519ffc4a8dd99f9b7ca71825a03539bb668b0b2bbe78393e7f52b7415275103b4c37549273e866f575dc9cd030d61d95009b4de921f29b2903e64ff1d4f0809d9121fb26514bc2f5b5e01f923063a4b4d29899d049fb5cb14523f0cac083ec395b256cdd2e8eeb02fa72c016c8ff7063f2aeb9f44de5fa6c0c30683d125eb634986ff0cfae3efa04e2ac132b37a4dfedb3abbc4e80ad37f2e9bcd9b6eac1936e83691a0799da634a8a36a6f9f6927e66c847f531ac3f2bbfda3a767832441b2afe1d4e9ccab350e2e01463f814a8193139c75b94d23ae70c18bc44234716b3d6a2ad69767357c827af1487d1682f164cd7bf381fe10f7913b93f01cccc368a3a1f5c2a85b6a18177c57fec36d00d0bb02fc5a417201cc942e39a0a135793159bbc5bd953a19b0a2b4a8b41e326cf3d015dcb80f423f7502341bfef4ea21c2601b6438466934b9148352a9c10909a5511f540d306919257cc258d383ae33c60eb4e85ee4852c3fc7aa31337694b493e3463a2b516ac77d9544a32deba93478d996be0dedad5b29c36ae38da308f20abf86de3e1bf03c934880941af562233f0f35ab9d48b1ca6151ad49bb11d173cd2b0272b84ba4b714e3415c0ef032eeba1682365719195a8f8b1411a2c1da90c0b63646363b4f564e2eaa9a0d7b57a1dd1bda027ebe67020983ee3a394bf4f659979543a81202c80ea004aea755754c3b483a2a1d8e28c415d3460877f7b099d6d1df2fcf6be8237d7d07e2a792f059cfe03", 0x6, 0x1}}}, 0x2)
sendmsg$auto_NL802154_CMD_GET_SEC_DEVKEY(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001980)={&(0x7f0000000000)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x4004804)

14m4.288976466s ago: executing program 3 (id=282):
openat$auto_proc_gid_map_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/gid_map\x00', 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xfffffffffffffffe, 0xffff7ffffffffffa, 0x4000000008000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
mmap$auto(0x2000000, 0x400008, 0xdf, 0x9b72, 0x100000000002, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card0/pcm0p/oss\x00', 0x480, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mmap$auto(0x0, 0x400008, 0xe2, 0x9b72, r0, 0x8000)
mkdir$auto(&(0x7f0000000180)='}[,&*}\x00', 0x8001)
mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd.', 0xd, 0x0)
ioctl$auto_TIOCSWINSZ2(0xffffffffffffffff, 0x5414, 0x0)
openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000003040)='/proc/self/io\x00', 0x440, 0x0)
read$auto_proc_single_file_operations_base(0xffffffffffffffff, &(0x7f0000000040)=""/9, 0x9)
io_uring_setup$auto(0x78, &(0x7f0000000140)={0x3ff, 0x3, 0x8, 0x10005, 0x12, 0xc05, r0, [0x7ff, 0xfff, 0x9], {0x6, 0x80000001, 0x5, 0x0, 0x400, 0xa, 0x5, 0x8, 0x1000000000e8}, {0x10000, 0x100, 0x2054f1, 0x0, 0xff, 0xff, 0x8d6, 0x4, 0x3}})
r1 = clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x60282, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
fstat$auto(0xffffffffffffffff, &(0x7f0000000000)={0x5, 0x80000003, 0x1, 0x100, <r3=>0x0, 0x0, 0x0, 0xffffffffffffff91, 0x8000fd3, 0x2, 0xef, 0x4, 0x80040000081, 0x8, 0x2, 0xfffffffffffffff8, 0x63})
msgctl$auto_IPC_INFO(0x44, 0x3, &(0x7f00000001c0)={{0x0, r3, 0x0, 0x2, 0x57e, 0xffff8001}, &(0x7f00000000c0)=0x6, &(0x7f0000000240)=0xff, 0x0, 0x9, 0x400, 0xfffffffffffffff9, 0x2, 0x18, 0x0, 0xfff8, @inferred=r1, @inferred=r1})
write$auto(r2, 0x0, 0x100082)
socket(0x23, 0x5, 0x80000000)
ioctl$auto_SNDCTL_DSP_SYNC(r2, 0x5001, 0xfffffffffffffffc)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x10000, 0xf4, 0xa, 0xeb1, 0x401, 0x5)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/ip_unprivileged_port_start\x00', 0x101202, 0x0)
write$auto(r4, 0x0, 0x3f00)
syz_clone3(&(0x7f0000000100)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mmap$auto(0x8001, 0xff, 0x80000001, 0x1010, 0xffffffffffffffff, 0x28000)

14m2.674925466s ago: executing program 3 (id=286):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400)
socket(0xa, 0x1, 0x100)
ioperm$auto(0x7, 0x5ad2, 0x8)
modify_ldt$auto(0x3, 0x0, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0)
socket(0xa, 0x801, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000ac0)='/proc/thread-self/net/sctp/remaddr\x00', 0x8200, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000b00)=""/147, 0x93)
r1 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
pread64$auto(r1, &(0x7f0000000040)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9e\xcb\xec\x9e{W\xed>\xe7l\xcb\x90\\/\x84\x99!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6', 0x7ff, 0x8000400)
socket(0x1e, 0x1, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000)
write$auto(0x3, 0x0, 0xffd8)
unshare$auto(0x40000080)
process_mrelease$auto(0xffffffffffffffff, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x8800)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84)
mincore$auto(0x1000, 0x8001, 0x0)

14m0.608051301s ago: executing program 3 (id=289):
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0)
ioctl$auto_TIOCGDEV2(r0, 0x542f, 0x0)
openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
pwritev$auto(0x3, &(0x7f0000001000)={0x0, 0x8}, 0x5, 0x3, 0x9)
ioperm$auto(0xc5, 0x3, 0xc115)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9)
adjtimex$auto(&(0x7f0000000080)={0x200, 0x0, 0xe, 0x6b, 0x9, 0x0, 0xe8, 0x0, 0x2, 0x703, 0x6, {0x7, 0x9}, 0x7, 0xfffffffffffffff8, 0x10, 0x600000, 0x0, 0xff, 0x7, 0xbdc, 0x9, 0x6, 0x815})
wait4$auto(r1, 0x0, 0x2, 0x0)

13m59.932995455s ago: executing program 3 (id=294):
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_allowed_congestion_control\x00', 0x0, 0x0)
r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x0, 0x0)
ioctl$auto_EVIOCSKEYCODE_V2(r0, 0x40284504, &(0x7f00000000c0)={0x5, 0x6, 0x4, 0xffffffff, "97cd39df48ec585319e6279a516e88e9087fb57a4d3cbdd8c860ad56b711bedf"})
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
socket(0x2, 0x1, 0x0)
sysfs$auto(0x2, 0x0, 0x0)
epoll_create$auto(0x1)
epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x5, 0x2, 0x40eb1, r2, 0x300000000000)
socket(0x10, 0x3, 0x0)
mmap$auto(0x0, 0xffff, 0xdf, 0x9b72, 0x2, 0x8000)
capset$auto(0x0, 0x0)
ioctl$auto_NS_GET_TGID_IN_PIDNS(0xffffffffffffffff, 0x8004b709, 0x0)
kexec_load$auto(0x6, 0x2, &(0x7f00000002c0)={@buf=&(0x7f0000000200)="54d407", 0x2aa7, 0x6c0000bffd, 0xbffe}, 0x4)
mmap$auto(0x0, 0x400005, 0x800000000000df, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x6, 0x0)
r3 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r3, 0x107, 0xf, 0x0, 0x6)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48})
sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200), 0x7}, 0x5, 0x0, 0x5, 0x1}, 0x5}, 0x4, 0x100)
move_pages$auto(0x0, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
ioctl$auto(r2, 0x400454ca, 0x38)
epoll_ctl$auto(0x5, 0x1, r1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
ioctl$auto_MEMWRITEOOB64(0xffffffffffffffff, 0xc0184d15, &(0x7f0000000200)={0x80, 0x0, 0x6d0, 0x6})
openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80480, 0x0)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
openat$auto_cpu_latency_qos_fops_qos(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)

13m44.400716703s ago: executing program 32 (id=294):
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_allowed_congestion_control\x00', 0x0, 0x0)
r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x0, 0x0)
ioctl$auto_EVIOCSKEYCODE_V2(r0, 0x40284504, &(0x7f00000000c0)={0x5, 0x6, 0x4, 0xffffffff, "97cd39df48ec585319e6279a516e88e9087fb57a4d3cbdd8c860ad56b711bedf"})
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
socket(0x2, 0x1, 0x0)
sysfs$auto(0x2, 0x0, 0x0)
epoll_create$auto(0x1)
epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x5, 0x2, 0x40eb1, r2, 0x300000000000)
socket(0x10, 0x3, 0x0)
mmap$auto(0x0, 0xffff, 0xdf, 0x9b72, 0x2, 0x8000)
capset$auto(0x0, 0x0)
ioctl$auto_NS_GET_TGID_IN_PIDNS(0xffffffffffffffff, 0x8004b709, 0x0)
kexec_load$auto(0x6, 0x2, &(0x7f00000002c0)={@buf=&(0x7f0000000200)="54d407", 0x2aa7, 0x6c0000bffd, 0xbffe}, 0x4)
mmap$auto(0x0, 0x400005, 0x800000000000df, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x6, 0x0)
r3 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r3, 0x107, 0xf, 0x0, 0x6)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48})
sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200), 0x7}, 0x5, 0x0, 0x5, 0x1}, 0x5}, 0x4, 0x100)
move_pages$auto(0x0, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
ioctl$auto(r2, 0x400454ca, 0x38)
epoll_ctl$auto(0x5, 0x1, r1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
ioctl$auto_MEMWRITEOOB64(0xffffffffffffffff, 0xc0184d15, &(0x7f0000000200)={0x80, 0x0, 0x6d0, 0x6})
openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80480, 0x0)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
openat$auto_cpu_latency_qos_fops_qos(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)

12m20.434072938s ago: executing program 0 (id=594):
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async)
r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
read$auto_force_wakeup_fops_hci_vhci(r0, &(0x7f0000000080)=""/218, 0xda)
set_mempolicy$auto(0x6, &(0x7f0000000000)=0x3, 0x21)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0x2, 0x8000) (async)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0)
r2 = socket(0x1d, 0x3, 0x1)
setsockopt$auto(r2, 0x65, 0x1, 0x0, 0x4) (async)
setsockopt$auto(r2, 0x65, 0x1, 0x0, 0x4)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
mlockall$auto(0x7)
clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9)
sendmsg$auto_NFC_CMD_DISABLE_SE(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000300)=ANY=[@ANYBLOB="bc000000", @ANYRES16=0x0, @ANYBLOB="200027bd7000fbdbdf2512000000a500138056cbfa42c40766659aa29e5e977fd8c0c5ea07452724775bbe2a991a68ffcde27d30d9539f5af41857c946a10ab75d4455ff05a8c7e2dd82a1b193c14603e7d524459341b3e50ef2aa9f0036e435055f7ced71ecabd242d2772183e1ecccd5862bebfb0c8f2d4aeb08712114c79f828805a9f502ad2cf56faf93edaa4aed6a9f231f9ebe64ef8a62707c3d2a42aedbf90b43fa34f4d09b7d0ddf851881011ee196000000369d7c7bb77a80ef34d5264f437c77dc3c5801be321b62f55347c95a130d67"], 0xbc}, 0x1, 0x0, 0x0, 0x8800}, 0x40404c8) (async)
sendmsg$auto_NFC_CMD_DISABLE_SE(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000300)=ANY=[@ANYBLOB="bc000000", @ANYRES16=0x0, @ANYBLOB="200027bd7000fbdbdf2512000000a500138056cbfa42c40766659aa29e5e977fd8c0c5ea07452724775bbe2a991a68ffcde27d30d9539f5af41857c946a10ab75d4455ff05a8c7e2dd82a1b193c14603e7d524459341b3e50ef2aa9f0036e435055f7ced71ecabd242d2772183e1ecccd5862bebfb0c8f2d4aeb08712114c79f828805a9f502ad2cf56faf93edaa4aed6a9f231f9ebe64ef8a62707c3d2a42aedbf90b43fa34f4d09b7d0ddf851881011ee196000000369d7c7bb77a80ef34d5264f437c77dc3c5801be321b62f55347c95a130d67"], 0xbc}, 0x1, 0x0, 0x0, 0x8800}, 0x40404c8)
r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0)
write$auto(r3, &(0x7f0000000200)='/de\xef\xe7audio1\x00', 0xa3d9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/extra\x00', 0xa142, 0x0) (async)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/extra\x00', 0xa142, 0x0)
r5 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/fs/jfs/TxAnchor\x00', 0x80000, 0x0)
read$auto_proc_iter_file_ops_compat_inode(r5, &(0x7f0000000400)=""/258, 0x102)
sendfile$auto(r4, r4, 0x0, 0x1000010000001fd) (async)
sendfile$auto(r4, r4, 0x0, 0x1000010000001fd)
writev$auto(r1, &(0x7f0000000080)={0x0, 0x1000}, 0x3)
socket(0x1e, 0x4, 0x0) (async)
socket(0x1e, 0x4, 0x0)
epoll_create$auto(0x3f) (async)
epoll_create$auto(0x3f)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x4, 0x0) (async)
socket(0x1e, 0x4, 0x0)
write$auto(r6, &(0x7f0000000180)='/de\xef\xe7audio1\x00', 0x47a)
write$auto(0xffffffffffffffff, 0x0, 0xfffffdef)
openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/smaps\x00', 0x400, 0x0)
pread64$auto(r4, &(0x7f0000000600)='/sstede\xc5\xbc\xeb>\xffc\x8e\xa7/act\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00 \xdf\xc0\xfd\xffw\xfe\xaf\xc6w\x9a\x19\x8d3\xf2\xb9K\xc7\xe6L\x7f\xf3\xb35\xff\xac\xc8\xffd\xba\x81\xdf\xf3\xf7Xt\xaa\"\xe2\ba-\x97\xd8-\f\xfe\t\xc1\xf1\xe6\xfe4\x1amg\xc7cf\x1e\xf9?\xab\x13\x9a{\x90\xf1]9\xb4a<\xe8\x9e&8s\xa1\xf8\xd2\xa1_,U\x14\xbd\x98\x8cY\xf6\xef\x10\xf4\x8d\x7f\x89V\xe3\xf6\x85\xb02[\x9d\x01\x97[\xfe\x8d\xbb4\xf7\xdba6sES\x84A$i\xa6\x1b\x8e\x99S.PW\xde\xbcf\xde\x98N\x97\xaaV\xfd\x19\x04\xb2\tRw~\xc3\xbf\xfa\xcb\xad\x9c\xb1\x1es\x13\xb6\x8d\xed', 0xfffffffffffff815, 0x108)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x7, 0x40000b, 0xb, 0x180000000000010, 0xffffffffffffffff, 0x800000003)
write$auto(0x3, 0x0, 0xfffffdef) (async)
write$auto(0x3, 0x0, 0xfffffdef)

12m17.960954234s ago: executing program 0 (id=602):
r0 = fcntl$auto_F_RDLCK(0xffffffffffffffff, 0x9, 0x0)
arch_prctl$auto(0x1001, 0x5) (async)
r1 = openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
pwrite64$auto(r1, 0x0, 0x6, 0xf6)
mmap$auto(0x7, 0x20009, 0x8000000000000000, 0xeb1, r0, 0x44d) (async)
socketpair$auto(0x1, 0x2, 0x3, 0x0) (async)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) (async)
r2 = socket(0xa, 0x801, 0x84) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
r3 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="120087045f06"], 0x1ac}}, 0x810) (async)
recvmmsg$auto(r3, &(0x7f0000000140)={{0x0, 0x4, &(0x7f0000000180)={0x0, 0x800}, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x10a, 0x8, 0x0) (async)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (async)
setsockopt$auto(r2, 0x10000000084, 0x0, 0x0, 0x10) (async)
r4 = socket(0xa, 0x1, 0x84) (async)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
socket(0x2, 0x80002, 0x73) (async)
socket(0xa, 0x5, 0x0)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000012c0)='/sys/devices/virtual/block/ram7/queue/iostats\x00', 0x8502, 0x0)
write$auto(r5, &(0x7f0000000100)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0x4) (async)
io_uring_setup$auto(0x40000002c55, 0x0) (async)
setsockopt$auto(r4, 0x10000000084, 0x7f, 0x0, 0xad4) (async)
connect$auto(0x4, 0x0, 0x10)

12m16.964989249s ago: executing program 0 (id=608):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), r0)
sendmsg$auto_ETHTOOL_MSG_LINKINFO_SET(r0, 0x0, 0x2000c840)

12m16.75994387s ago: executing program 0 (id=609):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
open(0x0, 0x22240, 0x155)
socket(0x1a, 0x2, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0xc0)
mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
close_range$auto(0x2, 0xa, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x4, 0x0)
r0 = socket(0x1e, 0x5, 0x8)
setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14)
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001)
mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0xf, 0x0)
chroot$auto(&(0x7f0000000080)='}[,&*}\x00')
pivot_root$auto(&(0x7f0000000300)='.\x00\xaf\xeb)\xae$\xfc\x00\xf8\x05AC\x9f\xbbR\xec\xc6c\x85\xc8\xa7\xe84sF\xe3U\x94\x99\x8fR\xd0\x98\f\xa5\xb1S\x7f\xc3\xa5\xc0\x97\x10qa\r\x02\xd2\xc8\xd2\x8e\xc7\x80\x11\x06#\xf5\x18|\xdc\x81Ai\xb6\x96iaR\xdbA\x04\x10\x99\xe6\xdb\xae`G\x1d9`T\xd8\xc6\xea\xf7\x96\xb5\xe9\x164e\xb1 S\x8f\x12_\x15y\x91F\xc89\xb1\xd24?\x89.,Z\xba,\"v\xde\xc4\xe0\x84\xca|\"\x96V\xd5P\xe4\xb9\xea\x88\x15\xacs\xc6\x83\xd6\x81\xd7\x11\x88\x9c\xdd\x8a\x0e\xea\x19|\x7f\xe3A8x\xce\xc1!q\xbbi\\\xd8\xa9\xe0\xed\x9e\x19\xc0IC9^\xfcJG\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000280)='.\x00')
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)
r1 = socket(0x2a, 0x2, 0x0)
ioctl$auto(r1, 0x8912, 0x38)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/timer\x00', 0x109000, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r2, &(0x7f0000005c80)=""/154, 0x9a)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
io_uring_setup$auto(0x6, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r3 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0xa901, 0x0)
ioctl$auto_USBDEVFS_CLAIM_PORT(r3, 0x80045518, 0x0)
mlock$auto(0xfbe8, 0x8)
socket(0x2, 0x5, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)

12m15.75524615s ago: executing program 0 (id=615):
mmap$auto(0x0, 0x2, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000)
pidfd_open$auto(0x1, 0x0)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/pids.events.local\x00', 0x103042, 0x0)
syz_genetlink_get_family_id$auto_batadv(&(0x7f00000002c0), 0xffffffffffffffff)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x5, 0x1f, 0x940, 0x1ffde, 0x3, 0x6, 0x8000003, 0x9, 0x5, 0x0, 0x4, 0xb0, 0x7, 0x2, 0x3, 0x205, 0x7, 0x0, 0x40000, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff]}, 0x1ff, 0x7d)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
r0 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

12m14.813048161s ago: executing program 0 (id=618):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pnp0/00:01/options\x00', 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
sysfs$auto(0x2, 0x3f, 0x0)
r0 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio1\x00', 0x20b42, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000580)='/sys/devices/virtual/thermal/cooling_device0/max_state\x00', 0x500, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000005c0)=""/8, 0x8)
r2 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)
read$auto(r2, 0x0, 0x1f40)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r3, &(0x7f0000000240)={0x0, 0x7}, 0x3)
shmctl$auto_SHM_UNLOCK(0x2, 0xc, 0x0)
write$auto(0xffffffffffffffff, 0x0, 0x3)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/system/node/node1/hugepages/hugepages-1048576kB/demote\x00', 0x183841, 0x0)
write$auto(r4, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(', 0x4)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
r5 = socket(0xa, 0x2, 0x3a)
getsockopt$auto(r5, 0x0, 0xf, 0xfffffffffffffffe, 0x0)

12m14.131912018s ago: executing program 33 (id=618):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pnp0/00:01/options\x00', 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
sysfs$auto(0x2, 0x3f, 0x0)
r0 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio1\x00', 0x20b42, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000580)='/sys/devices/virtual/thermal/cooling_device0/max_state\x00', 0x500, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000005c0)=""/8, 0x8)
r2 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)
read$auto(r2, 0x0, 0x1f40)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r3, &(0x7f0000000240)={0x0, 0x7}, 0x3)
shmctl$auto_SHM_UNLOCK(0x2, 0xc, 0x0)
write$auto(0xffffffffffffffff, 0x0, 0x3)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/system/node/node1/hugepages/hugepages-1048576kB/demote\x00', 0x183841, 0x0)
write$auto(r4, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(', 0x4)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
r5 = socket(0xa, 0x2, 0x3a)
getsockopt$auto(r5, 0x0, 0xf, 0xfffffffffffffffe, 0x0)

6m47.33462056s ago: executing program 4 (id=1604):
mmap$auto(0x0, 0x4020009, 0x100000001, 0x16, 0x401, 0x8000)
r0 = syz_open_procfs$namespace(0x0, 0x0)
r1 = socket(0x1d, 0x3, 0x1)
r2 = getsockopt$auto(r1, 0x65, 0x1, 0xffffffffffffffff, 0x0)
r3 = socket(0x10, 0x2, 0x6)
r4 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_NL802154_CMD_SET_MAX_CSMA_BACKOFFS(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fddbdf251100fc00990f3f83331d687ee75c3c94587e1f5cd59006f73c6d6845a036a2fb8e18a48c5faf968c0e511a645aaae8aae65663a5c338dab6fb9aba2aaf595fd8b7bea6f1a0215903fdeca93d8aa4371660a82ede09d48262f353e478571052224dee7140b0e7b6fa79dfdd36ada6faa8cdeb0da918a84f600e34fe3b5a9a326bf73e18fe4d5269bf579bf0ec5ce21d2703ea772b6fda6cd19d8d34274f412e1ca5f937be6e163a7229d71c9f77f938b79c6d727f982553e7bc44719d857bd5c2c828cd6cf92a74647606454c190e3fc1e1094bb08409a9d7b040fd1c2412e247ef81d381957693fe084bc2627b6d3e920b28275cad3537e295f0078e3a9fbcbbeab992fe17d73fadf6671f79836e13548cf7dfc9bc5a97cbb5351ad5c26decb10ae46c3d835c991da34b59e2ed9742ff58c5e8e7"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x8044)
sendmsg$auto_NL802154_CMD_DEL_SEC_DEVKEY(r1, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r4, 0x4, 0x70bd2a, 0x25dfdbff, {}, [@NL802154_ATTR_SEC_ENABLED={0x5, 0x29, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x20000004)
ioctl$NS_GET_PARENT(r0, 0xb701, 0x0)
io_uring_register$auto_IORING_REGISTER_SEND_MSG_RING(r0, 0x1f, &(0x7f0000000180)="59eca86a6fc10b6cf7b24bb747129122fdc6e44b5bbde94771df101d4c046da15997e82ab7a6b9dbc954df6ce0eaa17d60b7af12b6a4e71c59e42f8ccb38f09f737f5eeb46b009a87ac2ec6d21320fd0e227fd2dfa4011840fa57e8ab1774ce1094924d85b6cc968eda0b70975c51c60cc4482feddc3dfc535b46d860c9be42c992af8454404865644940133f49907dfcaf4ab7416577a1497298e588b1941e957f7c21d4e50f42c4f497adc24908c5cc76bfd0c0b3b8c9b318b46e22c428736edb39eedde5d007857dd1c57a5052f9bf6ac7a0dd0bb53d99d26094c29e134427bc5c579552cd91958", 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="f38327b97000fedbdf250500000008000300", @ANYRES32=0x0, @ANYBLOB="78a6e3c2e1985c02ae9311"], 0x1c}}, 0x4008000)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000003c0)={'veth0_virt_wifi\x00', <r5=>0x0})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000400)={'ip6erspan0\x00', <r6=>0x0})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000440)={'\x00', <r7=>0x0})
sendmsg$auto_ETHTOOL_MSG_PLCA_GET_STATUS(r3, &(0x7f00000004c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000680)={0xfc, 0x0, 0x20, 0x70bd28, 0x25dfdbfc, {}, [@ETHTOOL_A_PLCA_HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}, @ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0xa5f5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xd276}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x100}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_PLCA_HEADER={0x60, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0xcea}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_virt_wifi\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0x84}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x42}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0x5}]}, @ETHTOOL_A_PLCA_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan0\x00'}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x804}, 0x40)
r8 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
fcntl$auto_F_SETLK(r8, 0x6, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
mbind$auto(0xf000, 0x1, 0x1, 0x0, 0x7fff, 0x2)
mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2)
io_uring_setup$auto(0x6, 0x0)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000140)={0x0, 0xd6c6}, 0x2, 0x0, 0x16}, 0x4}, 0xfff, 0xb07e)
mmap$auto(0x0, 0xdb33, 0xe2, 0xeb1, 0x405, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/loginuid\x00', 0x109000, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
ioctl$auto(0x3, 0x400454ca, 0x38)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)

6m42.450794723s ago: executing program 4 (id=1623):
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
ioctl$auto(0xffffffffffffffff, 0x4020565b, 0xffffffffffffffff)
sendmsg$auto_NETDEV_CMD_QUEUE_GET2(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x14, 0x0, 0x4, 0x70bd25, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0xc020}, 0x0)
mmap$auto(0x0, 0x40009, 0x6, 0x9b72, 0x7, 0x28000)
r0 = io_uring_setup$auto(0x2, 0x0)
r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cec24\x00', 0x0, 0x0)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/rpc/nfsd.fh/content\x00', 0x450c80, 0x0)
pread64$auto(r2, &(0x7f0000000540)='veth1\x00\xe0,\x17\xa0\xf7\x89Pl\x84K?\x01\x84\xa1i\xe00\x81p\xa0U \f\xdbP`:\xe2\'\xa7\xbf\xbd\x04\x18\xad\x90I^\x99M\xe0W\x14\x11\xf4\xeb\x90:\v\xc5\x13*\xfe\x90\xb1\xa9O\xa5\x05\xaa\x8fTi\xd6\x88Q\xda\xca', 0x20000000003f, 0x1)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/net/rpc/nfs4.idtoname/channel\x00', 0x8f3b7a51b80ebd01, 0x0)
write$auto_proc_reg_file_ops_compat_inode(r3, &(0x7f0000000040)="205c2020027e0dc0023af10e9bfa1babfa203753ca9a20370a", 0x19)
ioctl$auto_CEC_DQEVENT(r1, 0xc0506107, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000840), r4)
mmap$auto(0xb, 0xd74, 0x2, 0x18, r0, 0x3)
sendmsg$auto_OVS_CT_LIMIT_CMD_SET(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000006400)={0x1c, r5, 0x1, 0x70bd2b, 0x25dfcbfb, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x4}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20008885}, 0x4)
msgget$auto(0x0, 0x77d9)
poll$auto(&(0x7f0000001180)={r0, 0xd, 0xfe9c}, 0x7, 0x1000)
close_range$auto(0x2, 0x8, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r6 = socket(0x2, 0x2, 0x1)
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_4={0x1f, <r7=>r6, 0x10000, r0}, 0x10)
mmap$auto(0x8, 0x5, 0x9, 0x8000200008011, r7, 0x8001)
syz_clone(0x20000, 0x0, 0x0, 0x0, 0x0, 0x0)
mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000)
mlockall$auto(0x7)
modify_ldt$auto(0x1, &(0x7f00000001c0), 0x10)
r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop2/queue/iostats\x00', 0x20b02, 0x0)
sendfile$auto(r8, r8, 0x0, 0x3)

6m41.896380459s ago: executing program 4 (id=1625):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400)
socket(0xa, 0x1, 0x100)
ioperm$auto(0x7, 0x5ad2, 0x8)
modify_ldt$auto(0x1, 0x0, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0)
pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000)
select$auto(0x5, &(0x7f0000000080)={[0x20000009, 0xfffffffffffbfffc, 0x9, 0x5, 0xc, 0x3, 0x3, 0x1ffe000, 0x2, 0x2, 0x9, 0xf, 0xa657, 0x202, 0x6, 0x1]}, 0x0, 0x0, 0x0)
r1 = getpid()
process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f00000000c0), 0xffffffff}, 0x6, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev5\x00', 0x280, 0x0)
ioctl$auto(0x3, 0xc0585605, 0x38)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/block/loop10/queue/atomic_write_unit_min_bytes\x00', 0x240202, 0x0)
read$auto(r2, &(0x7f0000000240)='/\x00', 0x100000001)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
write$auto(0x3, 0x0, 0xffd8)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x8800)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x48b41, 0x0)
openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84)
mount$auto(0x0, &(0x7f0000001500)='./file0\x00', &(0x7f0000001540)='cifs\x00', 0x8002, 0x0)
mincore$auto(0x1000, 0x8001, 0x0)

6m38.70554925s ago: executing program 4 (id=1633):
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptya5\x00', 0x62c00, 0x0)
r0 = socket(0x2, 0x1, 0x0)
mmap$auto(0x0, 0x4020009, 0x2000000000406, 0xeb1, 0x401, 0x8000)
r1 = socket(0x10, 0x2, 0x4)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000001c0)={0x0, 0xc4}, 0x1, 0x0, 0x6, 0x9}, 0x7}, 0x3, 0x0)
bind$auto(r1, &(0x7f0000000040)=@nl=@proc={0x10, 0x0, 0x25dfdbff, 0x2}, 0xe)
close_range$auto(0x2, 0xa, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
listmount$auto(0x0, 0x0, 0x1, 0x1)
socket(0x2, 0x3, 0x2)
getsockopt$auto(r0, 0x0, 0xcf, 0x0, 0x0)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0xa2741, 0x0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xdff1, 0xfffffffffffffffd, 0xd4, 0xffffffffffffffc0, 0x7, 0x0, 0x80007, 0x2, 0x2, {0x2100000000, 0x10000}, 0x3, 0x6, 0x200, 0x1008000, 0x0, 0x80000004, 0x8, 0x5, 0x29a, 0xdeb1, 0x1800})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$auto(0xca, 0x0, 0x9)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd6\x00', 0x8000, 0x0)

6m37.980247132s ago: executing program 4 (id=1638):
listmount$auto(&(0x7f0000000100)={0x1f, @raw, 0x8000001c, 0xfffffffffffffff7, 0x2}, 0x0, 0x4ded, 0x0)
socket(0xa, 0x2, 0x3a)
read$auto(0x3, 0x0, 0x7)
mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000)
r0 = io_uring_setup$auto(0x52, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x55)
sendmmsg$auto(r0, &(0x7f0000000000)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x1000ffff}, 0x1, 0x0, 0x0, 0x49}, 0x100007}, 0x3, 0x0)
rseq$auto(&(0x7f0000000300)={0x9, 0x401, 0x0, 0x46, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6)
tkill$auto(0x1, 0x7)
unshare$auto(0x1)

6m36.681074528s ago: executing program 4 (id=1640):
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0)
r1 = io_uring_setup$auto(0x1, 0x0)
setsockopt$auto(r0, 0x1, 0x1, 0x0, 0x1000) (async, rerun: 64)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa) (rerun: 64)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe) (async)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) (async)
r3 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
ioctl$auto(r2, 0x4b72, r3)
write$auto_proc_sys_file_operations_proc_sysctl(r3, 0x0, 0x0) (async, rerun: 64)
capset$auto(0x0, &(0x7f0000000000)={0x3, 0x7, 0x8}) (rerun: 64)
clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9)
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/kernel/perf_event_max_contexts_per_stack\x00', 0x202, 0x0)
sendfile$auto(r4, r4, 0x0, 0x7fffe000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
socket(0x2, 0x6, 0x0) (async, rerun: 64)
connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @rand_addr=0x700}, 0x55) (rerun: 64)
r5 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000c40)='/dev/snd/pcmC1D0p\x00', 0x80000, 0x0)
ioctl$auto_TUNSETNOCSUM(r1, 0x400454c8, &(0x7f0000000040)=0x5)
ioctl$auto___SNDRV_PCM_IOCTL_SYNC_PTR32(r5, 0xc0844123, 0xfffffffffffffffe)
r6 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video2\x00', 0x8000, 0x0)
ioctl$auto(r6, 0xc0845657, r6) (async)
ioctl$auto_KVM_CHECK_EXTENSION(r0, 0xae03, 0xd0) (async, rerun: 64)
socket(0x1, 0x3, 0x34) (async, rerun: 64)
r7 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000580)='/proc/thread-self/net/raw6\x00', 0x500, 0x0) (async)
r8 = socket(0x2a, 0x2, 0x1)
connect$auto(r8, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0xfffffffe}, 0x55)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) (async)
writev$auto(0x3, &(0x7f0000000100)={&(0x7f0000000340), 0x7111}, 0x8)
pread64$auto(r7, &(0x7f0000000080)='\xd5u+~\xa7x\xe0VQ\x1a6\xcf\xce\xfa\xfbN\x19\b\xf64\r\x122i\xd6\x0e\xfa\x96\x9aV:\xe1G\x14\xb2\xd4N\x0e#jX:\xd0\xe4\xa9\xda\xaf\x98\x94G\xa8\xb4\xa7uPc\x1ang\xdb\xb4\xa7\xad\x1b\xcbonh\xd8\x99\x03\x10\xb0\xa5\xfey\xd5F,70\xecG\x8a\fz\x95\x7f\xb0Y{\xdd\xa1\xa3E\x03\xd4\xc67U\x93\n\xfc\xa4\x0e_\xf8\x94\xc3a\x00\xe6\xea4\xa2\x7ft\xeb\x8b$\x16\x0e\xe8j\xcaI\xe0c\x05\x12(\v\xef\xc5Z\xfb\xed\xa3\x01\x001\xa5\x18%\xae/\x1b6\xaa\xf5ysD\xa6\xee\xbf\xc0v\"\x93\x96\"\xcak.\x0e_\xb3\xf7\xac\x9e\xbd/w\xdf\xfc\xe24z\x0f\x8f\b\xbe\xda\xfb\xd0Jj\x97\xfa{\x9d\xfd\xfb\x14\x1f\xb0\xe7\b#\xb9\x01\xf7\xf5\x1c1\xfbNX\xd9\xf0\x97@\xff(\x99\x13M\xadM\b\xf5\xcd\xa3\xe1Q|\r\x18\xd5\xb4\x1c\xa5\xfd\xdf\x98\xd9\xa7\xf3u\xa8ak\xfaHS\xfa\x12\x85\x85\x14\b\x9c\x15\xc10\xb3\xd5.\x13\xc6\xb6\xbak:\xbf\x8f\xcd\x7f\a\xb8\x00\x00\x00', 0x202, 0x7)

6m35.983923908s ago: executing program 34 (id=1640):
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0)
r1 = io_uring_setup$auto(0x1, 0x0)
setsockopt$auto(r0, 0x1, 0x1, 0x0, 0x1000) (async, rerun: 64)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa) (rerun: 64)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe) (async)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) (async)
r3 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
ioctl$auto(r2, 0x4b72, r3)
write$auto_proc_sys_file_operations_proc_sysctl(r3, 0x0, 0x0) (async, rerun: 64)
capset$auto(0x0, &(0x7f0000000000)={0x3, 0x7, 0x8}) (rerun: 64)
clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9)
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/kernel/perf_event_max_contexts_per_stack\x00', 0x202, 0x0)
sendfile$auto(r4, r4, 0x0, 0x7fffe000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
socket(0x2, 0x6, 0x0) (async, rerun: 64)
connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @rand_addr=0x700}, 0x55) (rerun: 64)
r5 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000c40)='/dev/snd/pcmC1D0p\x00', 0x80000, 0x0)
ioctl$auto_TUNSETNOCSUM(r1, 0x400454c8, &(0x7f0000000040)=0x5)
ioctl$auto___SNDRV_PCM_IOCTL_SYNC_PTR32(r5, 0xc0844123, 0xfffffffffffffffe)
r6 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video2\x00', 0x8000, 0x0)
ioctl$auto(r6, 0xc0845657, r6) (async)
ioctl$auto_KVM_CHECK_EXTENSION(r0, 0xae03, 0xd0) (async, rerun: 64)
socket(0x1, 0x3, 0x34) (async, rerun: 64)
r7 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000580)='/proc/thread-self/net/raw6\x00', 0x500, 0x0) (async)
r8 = socket(0x2a, 0x2, 0x1)
connect$auto(r8, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0xfffffffe}, 0x55)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) (async)
writev$auto(0x3, &(0x7f0000000100)={&(0x7f0000000340), 0x7111}, 0x8)
pread64$auto(r7, &(0x7f0000000080)='\xd5u+~\xa7x\xe0VQ\x1a6\xcf\xce\xfa\xfbN\x19\b\xf64\r\x122i\xd6\x0e\xfa\x96\x9aV:\xe1G\x14\xb2\xd4N\x0e#jX:\xd0\xe4\xa9\xda\xaf\x98\x94G\xa8\xb4\xa7uPc\x1ang\xdb\xb4\xa7\xad\x1b\xcbonh\xd8\x99\x03\x10\xb0\xa5\xfey\xd5F,70\xecG\x8a\fz\x95\x7f\xb0Y{\xdd\xa1\xa3E\x03\xd4\xc67U\x93\n\xfc\xa4\x0e_\xf8\x94\xc3a\x00\xe6\xea4\xa2\x7ft\xeb\x8b$\x16\x0e\xe8j\xcaI\xe0c\x05\x12(\v\xef\xc5Z\xfb\xed\xa3\x01\x001\xa5\x18%\xae/\x1b6\xaa\xf5ysD\xa6\xee\xbf\xc0v\"\x93\x96\"\xcak.\x0e_\xb3\xf7\xac\x9e\xbd/w\xdf\xfc\xe24z\x0f\x8f\b\xbe\xda\xfb\xd0Jj\x97\xfa{\x9d\xfd\xfb\x14\x1f\xb0\xe7\b#\xb9\x01\xf7\xf5\x1c1\xfbNX\xd9\xf0\x97@\xff(\x99\x13M\xadM\b\xf5\xcd\xa3\xe1Q|\r\x18\xd5\xb4\x1c\xa5\xfd\xdf\x98\xd9\xa7\xf3u\xa8ak\xfaHS\xfa\x12\x85\x85\x14\b\x9c\x15\xc10\xb3\xd5.\x13\xc6\xb6\xbak:\xbf\x8f\xcd\x7f\a\xb8\x00\x00\x00', 0x202, 0x7)

1m20.447769292s ago: executing program 5 (id=2530):
r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003140), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, &(0x7f0000003200)={0x0, 0x0, &(0x7f00000031c0)={&(0x7f0000003180)=ANY=[@ANYBLOB, @ANYRES16=r0, @ANYBLOB='\x00'/14], 0x14}, 0x1, 0x0, 0x0, 0x6000091}, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
r1 = open(&(0x7f0000000800)='./file0\x00', 0xe4201, 0x17c)
fcntl$auto(r1, 0x400, 0x1)
socket(0x1, 0x2, 0x40000008)
unshare$auto(0x40000080)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/ip6_mr_vif\x00', 0x0, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r2, &(0x7f00000000c0)=""/4087, 0xff7)
mmap$auto(0x0, 0x20009, 0x7, 0xeb1, 0x0, 0x8000)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/ieee80211/phy2/power/control\x00', 0x600, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000140)=""/1, 0x1)
setsockopt$auto(0x400000000000003, 0x2000002b, 0x8, 0x0, 0xd902)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/mac80211_hwsim/hwsim0/net/wlan0/threaded\x00', 0xa001, 0x0)
write$auto(r4, &(0x7f0000000140)='0\x81=\"\xad\xff\x8d\xf9P\x18\xa4\xb0\xb4\xd9\x82=\xe1P\x05\x00\xfb&\xe8\xbf\x901\a2\xa2X`\a\xf1y\xb3\"=', 0xd4d0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd3/queue/iosched/write_expire\x00', 0x20681, 0x0)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x30)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(0x0, r5)
r6 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000580), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NFSD_CMD_POOL_MODE_SET(r7, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000040)={0x1c, r6, 0x1, 0x70bd25, 0x25dfdbfc, {}, [@NFSD_A_POOL_MODE_MODE={0x7, 0x1, '!%\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x4800)
mlockall$auto(0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
move_pages$auto(0x0, 0xd0, 0x0, 0x0, 0x0, 0x2)
bpf$auto(0x8, &(0x7f00000001c0)=@bpf_attr_0={0x7, 0xb5, 0x10, 0x4, 0x53400000, 0xffffffffffffffff, 0x9, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x2, 0x7, 0x7, 0x6}, 0x10)
r8 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/038/001\x00', 0xa821, 0x0)
ioctl$auto_USBDEVFS_SUBMITURB32(r8, 0x802c550a, &(0x7f00000001c0)=ANY=[@ANYBLOB="028006000000000005"])

1m18.388094997s ago: executing program 5 (id=2538):
r0 = ioctl$auto_TUNSETSTEERINGEBPF(0xffffffffffffffff, 0x800454e0, &(0x7f00000000c0)=0x105)
ioctl$auto_FS_IOC_GETFSLABEL2(r0, 0x81009431, &(0x7f00000001c0)="b4f1433d68a7519958a3de09ee40cf53031b4b266df9d42cd600667719b2deba8047f714a0590d18f39126d69d2a5344023c15432fa0eb855a1b218eaf7bdbd8a2ccc23225df1dd4159e19a801f66910f6bdd0f53b799f94a733418114ae4641e12ac358e0124b8e6538f9288ccca13aa24b255aaf9b51f28d51064ddde6ef67206cca3fcfc5ac65482b4b3d086635dcbba382b201f275125d3da8f3c9c19ad9168abb1ec0335f81f9cd2dddef142e5ef149005e37e32f1a7758c0f98b93fb10c9cfc057a3869ac8fd78733b8a259a6488d25814880810134e26d74620de1e0afa33fa5b4f0938822ac05059abb7fed056207d8e4bc8377aa9c4a7f3a0457e79")
mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000)
r1 = openat$auto_fops_x64_ro_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy6/netdev:wlan1/stations/08:02:11:00:00:00/driver_buffered_tids\x00', 0x208000, 0x0)
fcntl$auto_F_SETOWN(r1, 0x8, 0x0)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/fail-nth\x00', 0x2080, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xa083, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
bpf$auto(0x9, &(0x7f0000000100)=@enable_stats, 0x9)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0xc2503, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
getsockname$auto(0xffffffffffffffff, 0x0, 0x0)

1m15.674421046s ago: executing program 5 (id=2542):
r0 = socket(0x2, 0x1, 0x106)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3}, 0x55)
setsockopt$auto(r0, 0x6, 0xd, 0x0, 0x4)
sendmsg$auto_IEEE802154_SET_MACPARAMS(r0, 0x0, 0x80)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x80502, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x800000002, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, 0x0, 0x40090)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
sendmsg$auto_OVS_FLOW_CMD_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x18, 0x0, 0xb80, 0x70bd2b, 0x25dfdbfb, {}, [@OVS_FLOW_ATTR_MASK={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x48010}, 0x8000)
syz_genetlink_get_family_id$auto_802_15_4_mac(0x0, r0)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/thread-self/net/tcp\x00', 0x200, 0x0)
pread64$auto(r1, 0x0, 0x3f, 0x7fff)

1m14.236188277s ago: executing program 5 (id=2546):
mmap$auto(0x0, 0xfb1, 0xffffffff, 0x9b72, 0x2, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x5, 0x2000000000002)
symlink$auto(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00')
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x26, 0x80805, 0x0)
clone$auto(0x20003b46, 0x7, 0x0, 0x0, 0x2)
r0 = openat$auto_adf_ctl_ops_adf_ctl_drv(0xffffffffffffff9c, &(0x7f0000002140), 0x80, 0x0)
ioctl$auto_IOCTL_CONFIG_SYS_RESOURCE_PARAMETERS(r0, 0x40096100, &(0x7f0000002180)={@padding, 0x3})
ioctl$auto(0x3, 0xff06, 0x0)

1m13.887491241s ago: executing program 5 (id=2549):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
r1 = prctl$auto_PR_SCHED_CORE_CREATE(0x5, 0x1, 0xffffffffffffffff, 0x0, 0xf44)
r2 = syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_KSMBD_EVENT_STARTING_UP(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r2, 0x400, 0x70bd28, 0x25dfdbfb, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x24000850}, 0x20000090)
sendfile$auto(r0, 0x3, 0x0, 0x7ffff000)

1m12.769917724s ago: executing program 5 (id=2552):
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dmmidi2\x00', 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x5)
r1 = socket(0xa, 0x1, 0x84) (async)
bpf$auto(0x5, &(0x7f0000000000)=@link_create={@map_fd, @target_fd=<r2=>0xffffffffffffffff, 0x1, 0x7, @tracing={0x1000, 0x7fffffff}}, 0x7)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
r3 = socket(0x1d, 0x3, 0x1)
setsockopt$auto(r3, 0x65, 0x1, 0x0, 0x800) (async)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async)
socket(0x2, 0x1, 0x106) (async)
getcwd$auto(0x0, 0xffffffffffffffff) (async)
inotify_init1$auto(0x3000000000000)
inotify_add_watch$auto(0x4, 0x0, 0x9) (async)
getcwd$auto(0x0, 0xffffffffffffffff) (async)
inotify_add_watch$auto(0x4, 0x0, 0x9) (async)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async)
close_range$auto(0x2, 0x8, 0x0)
pipe$auto(&(0x7f0000001480)=<r4=>0xffffffffffffffff) (async)
clone3$auto(0x0, 0xfffffffffffffffb)
vmsplice$auto(r4, &(0x7f0000000000)={0x0, 0x7}, 0x5, 0x1)
write$auto(0x3, 0x0, 0xffd8)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async)
r5 = openat$auto_split_huge_pages_fops_huge_memory(0xffffffffffffff9c, &(0x7f0000000040), 0x12a382, 0x0)
ioctl$auto_RTC_RD_TIME(r2, 0x80247009, &(0x7f00000000c0)={0x7ff, 0x3ff, 0x92, 0x7, 0x7, 0x5, 0x8, 0x7fff, 0x5}) (async)
write$auto_split_huge_pages_fops_huge_memory(r5, &(0x7f0000000100)='1', 0x1) (async)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) (async)
connect$auto(0x3, &(0x7f0000000080)=@qipcrtr={0x2a, 0xffffffffffffffff, 0x3fff}, 0x54) (async)
io_uring_setup$auto(0x40000002c55, 0x0) (async)
setsockopt$auto(r1, 0x81, 0x7f, 0x0, 0xad4)
r6 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$auto_RTC_PARAM_GET(r6, 0x40187013, &(0x7f0000000000)={0x8, @ptr=0x7, 0x2})

57.568589453s ago: executing program 35 (id=2552):
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dmmidi2\x00', 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x5)
r1 = socket(0xa, 0x1, 0x84) (async)
bpf$auto(0x5, &(0x7f0000000000)=@link_create={@map_fd, @target_fd=<r2=>0xffffffffffffffff, 0x1, 0x7, @tracing={0x1000, 0x7fffffff}}, 0x7)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
r3 = socket(0x1d, 0x3, 0x1)
setsockopt$auto(r3, 0x65, 0x1, 0x0, 0x800) (async)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async)
socket(0x2, 0x1, 0x106) (async)
getcwd$auto(0x0, 0xffffffffffffffff) (async)
inotify_init1$auto(0x3000000000000)
inotify_add_watch$auto(0x4, 0x0, 0x9) (async)
getcwd$auto(0x0, 0xffffffffffffffff) (async)
inotify_add_watch$auto(0x4, 0x0, 0x9) (async)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async)
close_range$auto(0x2, 0x8, 0x0)
pipe$auto(&(0x7f0000001480)=<r4=>0xffffffffffffffff) (async)
clone3$auto(0x0, 0xfffffffffffffffb)
vmsplice$auto(r4, &(0x7f0000000000)={0x0, 0x7}, 0x5, 0x1)
write$auto(0x3, 0x0, 0xffd8)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async)
r5 = openat$auto_split_huge_pages_fops_huge_memory(0xffffffffffffff9c, &(0x7f0000000040), 0x12a382, 0x0)
ioctl$auto_RTC_RD_TIME(r2, 0x80247009, &(0x7f00000000c0)={0x7ff, 0x3ff, 0x92, 0x7, 0x7, 0x5, 0x8, 0x7fff, 0x5}) (async)
write$auto_split_huge_pages_fops_huge_memory(r5, &(0x7f0000000100)='1', 0x1) (async)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) (async)
connect$auto(0x3, &(0x7f0000000080)=@qipcrtr={0x2a, 0xffffffffffffffff, 0x3fff}, 0x54) (async)
io_uring_setup$auto(0x40000002c55, 0x0) (async)
setsockopt$auto(r1, 0x81, 0x7f, 0x0, 0xad4)
r6 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$auto_RTC_PARAM_GET(r6, 0x40187013, &(0x7f0000000000)={0x8, @ptr=0x7, 0x2})

19.387239127s ago: executing program 7 (id=2672):
mmap$auto(0x4, 0x7ff, 0x8, 0xeb1, 0x401, 0x200)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket(0xa, 0x2, 0x88)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bond0\x00', <r2=>0x0})
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r2, r1, 0x4, 0x1ff, r0, @relative_id=0x13, 0xe600}, 0xf)
r3 = socketpair$auto(0x1, 0x803, 0x8000000000000000, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r4, 0x0, 0x3}, 0xc)
readv$auto(0x6, &(0x7f00000000c0)={0x0, 0x1}, 0x1)
sysfs$auto(0x2, 0xd, 0x0)
r5 = fsopen$auto(0x0, 0x1)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
fsconfig$auto(r5, 0x3, &(0x7f0000000000)='Q**\x00', &(0x7f0000000040)="2b24c0bfbf", 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x1ac}}, 0x40000)
io_uring_setup$auto(0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
memfd_create$auto(0x0, 0xe)
socket(0x2, 0x6, 0x0)
write$auto(0x3, 0x0, 0x100082)
unshare$auto(0x40000080)
close_range$auto(r3, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
migrate_pages$auto(0x0, 0x8, 0x0, &(0x7f00000001c0)=0x7b)
r6 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0)
ioctl$auto_SNDCTL_DSP_CHANNELS(r6, 0xc0045006, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x6ae}, 0x7)

17.552312874s ago: executing program 7 (id=2675):
mmap$auto(0x0, 0x101, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
io_uring_setup$auto(0x1, 0x0)
umount2$auto(0x0, 0x8)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
memfd_create$auto(0x0, 0xe)
unshare$auto(0x40000080)
openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id\x00', 0x189002, 0x0)
mmap$auto(0x0, 0x202000a, 0x3, 0x40000eb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/rose11/tx_queue_len\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0x20)
write$auto(0x3, 0x0, 0x7fffffff)
fcntl$auto_F_GETFD(0xffffffffffffffff, 0x1, 0xffffffffffffc501)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800)
r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYRESHEX=r1], 0x2c}, 0x1, 0x0, 0x0, 0x24000000}, 0x4000000)
ioctl$auto_SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, 0x0)

15.835731072s ago: executing program 7 (id=2682):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0xe8)
r1 = openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cmdline\x00', 0x2080, 0x0)
read$auto_proc_mountinfo_operations_mnt_namespace(r1, &(0x7f0000000040)=""/66, 0x42)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000001240)='/proc/thread-self/fail-nth\x00', 0xa0302, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x0, 0x2000d, 0xe5, 0xeb1, 0x405, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
read$auto(0xffffffffffffffff, &(0x7f0000000200)='*$}\x00', 0xfff)
sendmsg$auto_TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYBLOB='J\x00\x00\x00', @ANYRES16, @ANYBLOB="010025bd7000fcdbdf25020000002c00018028003c8008001b"], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x44)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00'], 0x1ac}}, 0x40000)
r3 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4)
sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa507}, 0x800}, 0x7, 0x8)

15.455304724s ago: executing program 7 (id=2683):
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000000)
r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
r1 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0)
write$auto_mousedev_fops_mousedev(r1, &(0x7f0000000400)="85a8d00fede9eace3d1564e386c3dc6d7e4d4b5884475f10ad6202141a34e845042e735232a59ecc11ec01377536581bb82305f4ce74bd82b337132eff7be788f89f708e64ea19f02cade635827b3a04792b58e338d9408f5a0816109e55c7dffbb46109086e56262ececca86624249902474a5db4f6f4abcdc5ffdc59638daac8d8e2c0629b02cbbe82cd498d82cd32589aaf837db9d356b1545dcce2f8d84b45080b5ef753837480fed0ed54a06bf927402f3f3a180544ae9d7cf74bd2b3ad60e0da26b2950ad9d77a29826410104024d7454c9790a7a06a5833258381d8ccdf092e07d9d32a4d9d5d31ac67a24e12527a0c82b7f311c655040f1111ac16c67bbef1", 0x103)
r2 = getpid()
r3 = socket(0x2, 0x5, 0x0)
close_range$auto(r3, 0x8, 0x0)
socket(0x22, 0x3, 0x0)
bind$auto(r3, &(0x7f0000000040), 0x5)
process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0)
r4 = socket(0x11, 0x2, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22040, 0x75)
socket(0x1e, 0x3, 0xff)
connect$auto(0x3, &(0x7f0000000000), 0x55)
setsockopt$auto(0x3, 0x1, 0x29, 0x0, 0x28)
sendmmsg$auto(r4, &(0x7f00000001c0)={{0x0, 0x5aa, &(0x7f0000000100)={0x0, 0x5}, 0x5, 0x0, 0x5, 0x5b87cd72}, 0x5}, 0x2, 0x100)
ioctl$auto(r0, 0x400454cd, 0x38)

15.068981533s ago: executing program 7 (id=2685):
close_range$auto(0x2, 0xa, 0x0)
socket(0x11, 0x3, 0x9)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff)
recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000f80)={{0x0, 0x9, 0x0, 0x5, 0x0, 0x1, 0x80}, 0x8}, 0x10000, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x2, 0x801, 0x100)
listen$auto(0x3, 0x81)
poll$auto(&(0x7f0000000180)={<r2=>r1, 0x6, 0x6}, 0x6, 0x8)
listen$auto(r2, 0x1004)
mmap$auto(0x0, 0xdb33, 0xe2, 0xeb1, 0x405, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
write$auto(0xffffffffffffffff, 0x0, 0xffe)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
mmap$auto(0x0, 0x1ff, 0xdf, 0x200000810, 0xffffffffffffffff, 0x8000)
madvise$auto(0x0, 0x200007, 0x19)
madvise$auto(0x0, 0x2003f0, 0x15)
write$auto(0x3, 0x0, 0x100082)
io_uring_setup$auto(0x6, 0x0)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x29a02, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
socket(0xa, 0x3, 0x3a)
r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000001080)='/dev/v4l-touch5\x00', 0x2040, 0x0)
read$auto_v4l2_fops_v4l2_dev(r3, &(0x7f00000010c0)=""/22, 0x16)
r4 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/io\x00', 0x0, 0x0)
read$auto_proc_single_file_operations_base(r4, &(0x7f00000051c0)=""/103, 0x67)
sendmsg$auto_TIPC_NL_PUBL_GET(r0, &(0x7f0000001440)={0x0, 0x0, &(0x7f0000001400)={&(0x7f0000000000)=ANY=[@ANYRES64=r0, @ANYRESHEX=0x0], 0x1354}}, 0x40001)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)

10.326489315s ago: executing program 7 (id=2697):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/bus/pci/devices\x00', 0x10b402, 0x0)
pread64$auto(r0, 0x0, 0x8100000041, 0x3)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x11c03, &(0x7f00000002c0)={0x0, 0xc4}, 0xe, 0x0, 0x2, 0x3d7}, 0x7}, 0x803, 0x0)
open(&(0x7f0000000140)='./file0\x00', 0x220c0, 0x4) (async)
open(&(0x7f0000000140)='./file0\x00', 0x220c0, 0x4)
chmod$auto(&(0x7f00000000c0)='./file0\x00', 0xf4ba)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/misc/rdma_cm/abi_version\x00', 0x80, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000340)=""/4096, 0x1000)
execve$auto(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
setsockopt$auto_SO_TYPE(r1, 0x9c, 0x3, &(0x7f00000001c0)='&\\*\xc6$%-2%/\x00', 0x800)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000240), 0x222002, 0x0)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) (async)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
ioctl$auto(r2, 0x400454da, 0x38) (async)
ioctl$auto(r2, 0x400454da, 0x38)
unshare$auto(0x40000080) (async)
unshare$auto(0x40000080)
fchdir$auto(0xffffffffffffffff)
open(0x0, 0x4140, 0x0)
mount$auto(0x0, 0x0, 0x0, 0x8002, 0x0)
execve$auto(&(0x7f0000000100)='./file0\x00', &(0x7f00000002c0)=&(0x7f0000000040)='team_slave_1\x00', 0x0) (async)
execve$auto(&(0x7f0000000100)='./file0\x00', &(0x7f00000002c0)=&(0x7f0000000040)='team_slave_1\x00', 0x0)

8.775271734s ago: executing program 1 (id=2700):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002cbd7000fbdbdf250a000008080003000000000008000100", @ANYRES8=r0], 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x20008810)
mmap$auto(0x0, 0x4020009, 0xe3, 0xfffffffffffffffb, 0x401, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
munmap$auto(0x2, 0x1a525c0f)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x42, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0xb03840, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bdi/1:8/read_ahead_kb\x00', 0x280, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f00000003c0)=""/20, 0xfffffcc4)
sendfile$auto(r2, 0xffffffffffffffff, 0x0, 0x1)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
r4 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$auto_MACSEC_CMD_DEL_RXSA(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002abd7000fcdbdf2508000000040002800400038008000100", @ANYRES32=0x0, @ANYBLOB="12fc8e9999c73d8cc7a04c6e68b191ecd3413110cea00c6ba3352dead18a2b64a19ee5b092f26babd35e9be3854a73c9523439b6fc0263c16240a6cf94df2d940dcea23ccce06d6ee27f39dbcf4d61aa62b4b4d5a0f503a27a6daf0f4e58c977012fbb69b78884222a4a56bc51b7cc1472991b61d56f3e8395e5690a4b3fbf440641200c8e3be6a4f47f9d4d0c88bfb566c0f02ec18174007f6d05d984"], 0x24}, 0x1, 0x0, 0x0, 0x844}, 0x20004010)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000340), 0xffffffffffffffff)
madvise$auto(0x200000000008000, 0xffffffffffff0005, 0x404)
mmap$auto(0x0, 0xfffffffffffffff8, 0x6, 0x9b7c, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/hugepages/hugepages-2048kB/resv_hugepages\x00', 0x40200, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000000040)=""/65, 0x41)
setsockopt$auto(0x3, 0x6, 0x15, 0x0, 0xfb3)
mbind$auto(0x0, 0x800605, 0x8003, &(0x7f0000000100)=0xfffe, 0x3, 0x3)
ioctl$auto(0xc8, 0x400454cb, 0x5)

7.013039225s ago: executing program 6 (id=2702):
close_range$auto(0x2, 0x8, 0x0) (async, rerun: 32)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) (rerun: 32)
r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$auto(0x3, 0xae60, 0x10000000000402) (async, rerun: 64)
ioctl$auto(0x3, 0xae41, 0x38) (async, rerun: 64)
getsockopt$auto_SO_RCVTIMEO_NEW(r1, 0x101, 0x42, &(0x7f0000000000)='%]//Q#}[5&(:/-)@\x96%\x00', &(0x7f0000000040)=0x20000000) (async)
mmap$auto(0x1, 0x2, 0x4, 0x17, r1, 0x3ff)
unshare$auto(0x40000080)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)

6.261089145s ago: executing program 6 (id=2703):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
write$auto(r0, 0x0, 0xfffffdef)
mbind$auto(0x0, 0x800605, 0x8003, &(0x7f0000000100)=0xfffe, 0x3, 0x3)
mmap$auto(0x3, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
shmget$auto(0x400, 0x10563, 0x568c12f2)
semctl$auto(0x201, 0xfffffffffffffffa, 0x3, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r1 = open$dir(&(0x7f0000000000)='./file0\x00', 0x42, 0x20)
bpf$auto(0x9, &(0x7f0000000a40)=@prog_bind_map={0xffffffffffffffff, r1, 0x2f}, 0x121)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x20000, 0x0)
shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa)

6.120482965s ago: executing program 1 (id=2704):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0xe8)
r1 = openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cmdline\x00', 0x2080, 0x0)
read$auto_proc_mountinfo_operations_mnt_namespace(r1, &(0x7f0000000040)=""/66, 0x42)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000001240)='/proc/thread-self/fail-nth\x00', 0xa0302, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x0, 0x2000d, 0xe5, 0xeb1, 0x405, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/flags\x00', 0x101142, 0x0)
sendmsg$auto_TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYBLOB='J\x00\x00\x00', @ANYRES16, @ANYBLOB="010025bd7000fcdbdf25020000002c00018028"], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x44)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="7201", @ANYBLOB=' \x00'], 0x1ac}}, 0x40000)
r3 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4)
sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa507}, 0x800}, 0x7, 0x8)

6.035386696s ago: executing program 2 (id=2705):
openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram12\x00', 0x60742, 0x0)
openat$auto_fops_blob_file(0xffffffffffffff9c, &(0x7f0000011500), 0x40002, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
close_range$auto(r0, 0x8, 0x100)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/tty17\x00', 0x0, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptys3\x00', 0x101880, 0x0)
ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x4)

5.880981848s ago: executing program 1 (id=2706):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/bus/memstick/uevent\x00', 0x1, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f00000000c0)='\n', 0x1)
madvise$auto(0xfffffffffffffffb, 0x7, 0x3)
sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x40, r1, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_NAME={0xd, 0x1, '+#&\\!)*{\x00'}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HfR\x00'}, @OVS_DP_ATTR_NAME={0xc, 0x1, '\\:^}%[+\x00'}, @OVS_DP_ATTR_USER_FEATURES={0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x801}, 0x80)

5.56118828s ago: executing program 1 (id=2707):
unshare$auto(0x40000080)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
read$auto_fake_panic_fops_(0xffffffffffffffff, 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ad00, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x5, 0x0)
r1 = socket(0xa, 0x801, 0x84)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
msgctl$auto_IPC_INFO(0x100, 0x3, &(0x7f00000012c0)={{0x632, 0xffffffffffffffff, 0xee00, 0x1, 0x5, 0x1, 0x80}, 0x0, 0x0, 0x1b, 0x7, 0x5, 0x7, 0x1, 0xdd34, 0x7, 0x8, @raw=0xffff})
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
bind$auto(0x3, &(0x7f0000000040)=@vsock={0x28, 0x0, 0xffffffff}, 0x6b)
syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_IPVS_CMD_SET_SERVICE(0xffffffffffffffff, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000002a80)={&(0x7f0000000580)=ANY=[@ANYBLOB=',\x00\x00'], 0x2c}, 0x1, 0x0, 0x0, 0x44050}, 0x4008000)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x54)
get_robust_list$auto(0x0, 0x0, 0x0)
lsm_list_modules$auto(0x0, 0x0, 0x0)
r3 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000000180), r0)
sendmsg$auto_OVS_METER_CMD_SET(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="5c000000878102024ae569ec86b3b2933e15d58a4fb4da7c332266b9ddcd6e07d7b3e160a79cc48a8ff2a4dd99e63b6fbb6de7c4ffe28526415bea05064b75982acea7b03d3129", @ANYRES16=r3, @ANYBLOB="00032abd7000fedbdf250200000014000300faffffffffffffff04000000000000000800010008000000140003000100000000000000ffffffffffffffff08000700030000000c000500020000000000000004000200"], 0x5c}, 0x1, 0x0, 0x0, 0x4004000}, 0x4000000)
setsockopt$auto(r1, 0x1, 0x3f, 0x0, 0xb)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000680), r4)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_BATADV_CMD_GET_ORIGINATORS(r6, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010229bd7000fedbdf2508000000"], 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x4008005)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0xffffffff, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x1102, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/platform/snd_aloop.0/sound/card1/id\x00', 0x2d4662, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
read$auto(0x3, 0x0, 0xfffffdef)

5.036555125s ago: executing program 2 (id=2708):
syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff)
r0 = socket(0x25, 0x5, 0x9)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0)
ioctl$auto_SNDCTL_DSP_GETTRIGGER(r3, 0x80045010, &(0x7f0000004440))
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x20005, 0xdf, 0xeb1, r1, 0x3)
r5 = open_by_handle_at$auto(r2, 0x0, 0x7d)
setsockopt$auto(r5, 0x1, 0x1021, 0x0, 0xd)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mremap$auto(0x4000, 0xfee0, 0x9, 0x3, 0xfffff000)
mmap$auto(0x100000000, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
ioperm$auto(0x7, 0x6, 0x2)
close_range$auto(r5, r5, 0x2)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0)
r6 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nfc(0x0, r2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89fc, &(0x7f0000000040)={'bridge0\x00'})
sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r4, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[], 0x64}, 0x1, 0x0, 0x0, 0x4008000}, 0x4000)
read$auto(r6, 0x0, 0xb4d3)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000200), r0)
write$auto(r5, &(0x7f00000001c0)='nl80211\x00', 0xb)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x20040004)
write$auto(0x3, 0x0, 0xffd8)

4.238363736s ago: executing program 6 (id=2709):
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv6/conf/default/stable_secret\x00', 0x40d02, 0x0)
r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/fs/cifs/open_files\x00', 0x502, 0x0)
pread64$auto(r0, 0x0, 0x100000001, 0x100)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
socket(0xa, 0x2, 0x73)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
socket(0x1, 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x44, r2, 0x1, 0x70bd31, 0x25dfdbfd, {}, [@ETHTOOL_A_FEATURES_WANTED={0x18, 0x3, 0x0, 0x1, [@nested={0x14, 0x3, 0x0, 0x1, [@nested={0xc, 0xb0, 0x0, 0x1, [@typed={0x8, 0x2, 0x0, 0x0, @uid}]}, @nested={0x4, 0x1e}]}]}, @ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}]}]}, 0x44}}, 0x24048084)
bind$auto(0x3, 0x0, 0x6b)
listen$auto(0x3, 0x81)
ppoll$auto(0x0, 0x7f, 0x0, 0x0, 0x8)
openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, 0x0, 0x48402, 0x0)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv6/conf/default/ioam6_id_wide\x00', 0x40100, 0x0)
read$auto(r3, 0x0, 0x1ff)
write$auto(0x3, 0x0, 0xfdef)

3.165931028s ago: executing program 6 (id=2710):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0xf000, 0x8, 0x1000000003, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
pidfd_open$auto(0x0, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/fib_trie\x00', 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4$auto(r0, 0x0, 0x2, 0x0)
r1 = socket(0x2a, 0x2, 0x1)
connect$auto(r1, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0xfffffffe}, 0x55)
r2 = openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
read$auto(r2, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
statmount$auto(0x0, 0x0, 0x227, 0x0)
sendmsg$auto_NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4010000}, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x402, 0x0)
socket(0x10, 0x6, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/l2tp_ip6/uevent\x00', 0x2a001, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
write$auto(0xffffffffffffffff, 0x0, 0xfffffdef)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
shmget$auto(0x400, 0x10563, 0x568c12f2)
semctl$auto(0x201, 0xfffffffffffffffa, 0x3, 0x0)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x20000, 0x0)
shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa)

2.484376123s ago: executing program 2 (id=2711):
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/fs/cifs/LinuxExtensionsEnabled\x00', 0x842, 0x0) (async, rerun: 64)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/block/nbd2/mq/0/cpu_list\x00', 0xa0440, 0x0) (rerun: 64)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000080)=""/64, 0x40)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6c, 0x0, 0x0, 0xfffffffffffffffd, 0x4ea, 0x1, 0x6, 0x0, 0x1, 0x0, 0x8, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x6, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) (async)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000500)='/dev/video0\x00', 0x0, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) (async, rerun: 64)
r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) (async, rerun: 64)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x2, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x9, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffd]}, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) (async, rerun: 32)
r3 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async, rerun: 32)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
r4 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000140), 0x80, 0x0)
ioctl$auto_I2C_FUNCS(r4, 0x705, 0x0)
ioctl$auto_UI_BEGIN_FF_ERASE(r3, 0xc00c55ca, &(0x7f0000000340)={0x2000c, 0x5, 0x5}) (async, rerun: 32)
close_range$auto(0x2, 0x8, 0x0) (async, rerun: 32)
ioctl$auto_PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, 0x0)
socket(0x9, 0x1, 0x4) (async)
mprotect$auto(0x6, 0x8000000000000004, 0x9)
msync$auto(0x0, 0x2000000005, 0x6) (async)
socket$nl_generic(0x10, 0x3, 0x10)
read$auto_tracing_iter_fops_trace(r2, &(0x7f0000000200)=""/65, 0x41) (async)
madvise$auto(0x1, 0xfc00, 0xa) (async)
socket(0x15, 0x5, 0x0) (async)
eventfd$auto(0x7) (async)
open(&(0x7f0000004080)='./file0\x00', 0x40, 0x23)
socket(0x3, 0x3, 0x6) (async)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)

2.097188846s ago: executing program 2 (id=2712):
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/1:12/power/runtime_suspended_time\x00', 0x200, 0x0) (async)
r0 = openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe\x00', 0x68200, 0x0)
read$auto(r0, 0x0, 0x67) (async)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) (async)
mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video31\x00', 0x39f042, 0x0)
ioctl$auto(r1, 0xc0445624, r1) (async)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000005540)='/dev/input/event2\x00', 0xa481, 0x0)
ioctl$auto_EVIOCSKEYCODE_V2(r2, 0x40284504, 0x0) (async)
socket(0xa, 0x801, 0x84)
move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) (async)
mmap$auto(0x0, 0x810002, 0xffc, 0x15, 0x3, 0x8000) (async)
r3 = openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe\x00', 0x68200, 0x0)
read$auto(r3, 0x0, 0x0) (async)
unshare$auto(0x40000080) (async)
pipe$auto(0x0) (async)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x1, 0x5, 0x40, 0x1ffe0, 0x9, 0x64, 0x9, 0x2, 0x80003, 0x4, 0x1ffffffffffd, 0x28a2, 0x3, 0x0, 0x10007, 0x80, 0x2a0, 0x0, 0xa3, 0x22000, 0x200, 0x4, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}, 0x4, 0x9) (async)
write$auto(0xca, 0x0, 0x2d9) (async)
process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={0x0, 0xffffffff}, 0x6, 0x0) (async)
r4 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$auto_VHOST_SET_OWNER(r4, 0xaf01, 0x5) (async)
ioctl$auto(r4, 0x4008af04, 0x0) (async)
r5 = socket(0x6, 0x6, 0x0)
r6 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$auto_SEG6_CMD_SETHMAC(r5, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000b00)={0x1c, r6, 0xf1b, 0x70bd2a, 0x25dfdbff, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x44040}, 0x8040) (async)
fanotify_init$auto(0x4, 0x3)

1.986854315s ago: executing program 6 (id=2713):
syz_genetlink_get_family_id$auto_netdev(0x0, 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x4000000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x2, 0x6, 0x0)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r3=>0x0})
capget$auto(0x0, 0x0)
sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd7000fddbdf250800030008000300", @ANYRES32=r3], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097f751b33e}, 0x80)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000000c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002dbd7000fddbdf250c000000040003801800018014000200776c614e400377d8616e300000000000000000000000ce9e0d8f783839fa648131a96fbc21108893c89d024f065a271efa4a748ec868dfb34a7759d64a696667c770cf74aefd34e505307740fb02d23fb12e66a79b5ee7120e18de41861bb6d03713020044fb014ff69f8d9ab0cc03796a9a5b8585d4"], 0x30}, 0x1, 0x0, 0x0, 0x24004840}, 0x4000000)

1.382398116s ago: executing program 6 (id=2714):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0xe8)
r1 = openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cmdline\x00', 0x2080, 0x0)
read$auto_proc_mountinfo_operations_mnt_namespace(r1, &(0x7f0000000040)=""/66, 0x42)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000001240)='/proc/thread-self/fail-nth\x00', 0xa0302, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x0, 0x2000d, 0xe5, 0xeb1, 0x405, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/flags\x00', 0x101142, 0x0)
read$auto(r3, &(0x7f0000000200)='*$}\x00', 0xfff)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0)
ioctl$auto(0x3, 0x80045500, 0x38)
sendmsg$auto_TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYBLOB='J\x00\x00\x00', @ANYRES16, @ANYBLOB="010025bd7000fcdbdf25020000002c00018028003c8008001b"], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x44)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
r4 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4)
sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa507}, 0x800}, 0x7, 0x8)
r5 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000400), 0x80001, 0x0)
ioctl$auto(r5, 0x3b8a, 0x38)

1.238425225s ago: executing program 1 (id=2715):
r0 = openat$auto_force_wakeup_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/bluetooth/hci1/force_wakeup\x00', 0x19d302, 0x0)
read$auto_force_wakeup_fops_hci_vhci(r0, 0x0, 0x0)
mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000)
r1 = prctl$auto(0x1000000003b, 0x2, 0x4, 0x6, 0x10000007)
mmap$auto(0x0, 0x400400005, 0xdf, 0x9b7e, r1, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
socket(0x11, 0x80003, 0x300) (async)
socket(0x11, 0x80003, 0x300)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x6) (async)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x6)
r2 = open(0x0, 0x261c2, 0x4)
close_range$auto(0x2, 0x8000, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x26dc2, 0x84) (async)
r3 = open(&(0x7f0000000000)='./file0\x00', 0x26dc2, 0x84)
io_uring_setup$auto(0x2, 0x0)
r4 = openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000000), 0x88100, 0x0)
read$auto_ima_ascii_measurements_ops_ima_fs(r4, &(0x7f0000001080)=""/4096, 0x1000)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8000, 0x0)
r6 = socket(0xa, 0x2, 0x88)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1d, 0x2, 0x7)
connect$auto(0xffffffffffffffff, &(0x7f00000000c0)=@phonet={0x23, 0xa, 0x4, 0xe3}, 0x8)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000280)={'wg0\x00', <r8=>0x0})
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r8, r7, 0x4, 0x401, r6, @relative_id=0x13, 0xe600}, 0xf)
bpf$auto(0x2, &(0x7f00000002c0)=@raw_tracepoint={0x5, r3, 0x0, 0x3}, 0xc)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r2, 0x0, 0x3}, 0xc) (async)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r2, 0x0, 0x3}, 0xc)
bpf$auto(0x2, &(0x7f0000000500)=@bpf_attr_11={0x5, 0x200ffffffff, 0x9, 0x5, 0xf870e9f, 0x7, 0x8}, 0x9) (async)
bpf$auto(0x2, &(0x7f0000000500)=@bpf_attr_11={0x5, 0x200ffffffff, 0x9, 0x5, 0xf870e9f, 0x7, 0x8}, 0x9)
openat$auto_state_fops_(0xffffffffffffff9c, &(0x7f0000000900), 0x101002, 0x0) (async)
r9 = openat$auto_state_fops_(0xffffffffffffff9c, &(0x7f0000000900), 0x101002, 0x0)
read$auto_state_fops_(r9, &(0x7f0000000940)=""/19, 0x13) (async)
read$auto_state_fops_(r9, &(0x7f0000000940)=""/19, 0x13)
eventfd$auto(0x2200000c)

449.00153ms ago: executing program 1 (id=2716):
mmap$auto(0x2000000, 0x40009, 0xdf, 0x9b72, 0x7, 0x4)
socket(0x2b, 0x1, 0x4000000)
listen$auto(0x3, 0x81)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
lsm_list_modules$auto(&(0x7f0000000040)=0x80000001, &(0x7f0000000080)=0x96a, 0x1)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = socket(0x2b, 0x1, 0x0)
ppoll$auto(&(0x7f0000000000)={r0, 0x8, 0x6}, 0x7, 0x0, 0x0, 0x8)
sendmmsg$auto(r0, 0x0, 0x1, 0x20000000)
connect$auto(0x3, 0x0, 0x55)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/oss/devices\x00', 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
r1 = socket(0xa, 0x2, 0x0)
r2 = socket(0xa, 0x3, 0xff)
connect$auto(r2, &(0x7f00000018c0)=@generic={0xa}, 0x55)
socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x20009, 0x20004000000000df, 0xeb1, 0xffffffffffffffff, 0x8000)
setsockopt$auto(0x3, 0x10000000084, 0x1, 0x0, 0x5)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x3f)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x1ffff000, 0x7, 0x100000000)
mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2)
shmget$auto(0x8, 0x10563, 0x568d1af2)
madvise$auto(0x0, 0xffffffffffff0004, 0x19)
syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), r1)
getpgid$auto(0x0)

244.409344ms ago: executing program 2 (id=2717):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) (async, rerun: 32)
socket(0xa, 0x1, 0x100) (async, rerun: 32)
ioperm$auto(0x7, 0x5ad2, 0x8) (async)
modify_ldt$auto(0x1, 0x0, 0x10) (async)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0) (async, rerun: 64)
r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) (rerun: 64)
pread64$auto(r0, &(0x7f0000000040)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9e\xcb\xec\x9e{W\xed>\xe7l\xcb\x90\\/\x84\x99!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6', 0x7ff, 0x400)
socket(0x1e, 0x1, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) (async)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async)
socket(0x21, 0x3, 0x9) (async)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) (async, rerun: 32)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) (async, rerun: 32)
write$auto_event_trigger_fops_trace(r2, &(0x7f0000000340)="087a5fc885515accc34eb3c38a3a401bd245bdd75afcd2d75b35e79aaa1b0ef394e53c131e1cfc1a56d3a4b62413e7e10888135be1fabcd32641a9ce6a8e2af9eb715dcb518d6ed52cf5fe7db8422ba456f512a013f3b7da508d006908a53c9278190e211ae4b99973e46802f9af29cbf9c5a886def835e78a18d917430b73d52c9cb5a9433e8fe6f1027f96de", 0x8d) (async, rerun: 64)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async, rerun: 64)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
unshare$auto(0x40000080) (async, rerun: 32)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) (async, rerun: 32)
r3 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)
sendmsg$auto_NL802154_CMD_GET_SEC_DEV(0xffffffffffffffff, 0x0, 0x0)
futex_waitv$auto(&(0x7f0000000000)={0xfffffffffffffffd, 0x7e4, 0x2}, 0x1, 0x0, 0x0, 0x623d) (async)
read$auto(r3, 0x0, 0x1f40) (async, rerun: 64)
stat$auto(0x0, &(0x7f0000000380)={0x3, 0x3, 0x6, 0x4, 0x0, 0x0, 0x0, 0x7, 0xffffffffffffffff, 0x4, 0xc, 0xbb, 0x8, 0x401, 0x1, 0x80000000, 0xaa}) (rerun: 64)
r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3)
bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x100000d, <r5=>0xffffffffffffffff, 0x1, 0x3}, 0x6f3)
getsockopt$auto_SO_PASSCRED(r5, 0x1, 0x10, 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/tty/ptypb/power/control\x00', 0x124001, 0x0) (async)
mmap$auto(0xfff7fffffffffffa, 0x7ffffffe, 0xfffffffe, 0x14, r2, 0x8000)

0s ago: executing program 2 (id=2718):
r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) (async)
keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x0, 0x6) (async)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) (async)
openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f0000000080), 0x8240, 0x0)
eventfd$auto(0x8c)
openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x22a40, 0x0) (async)
socket(0x2, 0x801, 0x100)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/vkms/drm/card1/card1-Virtual-1/status\x00', 0x20b42, 0x0) (async)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
openat$auto_sc_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000040), 0x88080, 0x0) (async)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x202002, 0x0) (async)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) (async)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x4, 0x2, 0x15f4da0a, 0x1, 0x7fff, 0x300000000000000, 0x80000001, 0xdc, 0x6d3c, 0x0, 0x2, 0x2e]}, 0x0) (async)
keyctl$auto(0x15, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x8)
keyctl$auto(0xb, 0xdfffffffffffffff, 0x0, 0xffffffffffffffff, 0xe6) (async)
sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="297240559f546fd0408e11f5ef390839d8e998a3c0d5d9d38e5b96", @ANYRES16=r0, @ANYBLOB="130026bd7000dddbdf25020000000800c90002000000c4fd8c0008006200ff070000"], 0x28}, 0x1, 0x0, 0x0, 0x4000880}, 0x20040894)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'veth0_virt_wifi\x00', <r3=>0x0}) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r4)
sendmsg$auto_NL80211_CMD_STOP_AP(r4, &(0x7f0000001940)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="000029bd7000fbdbdf251000e30008000300", @ANYRES32=0x0, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x5a88314c8a109029}, 0xd92f8347893cd20c) (async)
semctl$auto_IPC_STAT(0x1, 0x8, 0x2, 0xffffffff) (async)
waitid$auto_P_PGID(0x2, 0xffffffffffffffff, &(0x7f0000001280)={@_si_pad}, 0x4, &(0x7f0000001300)={{0x7, 0x7}, {0x5, 0xffff}, 0xb8, 0x100f, 0xfff, 0x16280000000, 0x3, 0x8000000000000000, 0x7, 0x9, 0x200000217e, 0xbb0, 0x7, 0x9, 0x8000000000000001, 0x9})
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
socket(0x10, 0x2, 0x0)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYRES16=r3, @ANYRESDEC, @ANYRESDEC, @ANYBLOB="706c01f5192ed29fd0d31ddf15c2b3a9994bc5c0c71ae4b15243459381efb6feb21266adb842dadd1ec2e155540bef821e346ac1b9f4de50a6ad820bd184a77e0ab3f7675123201a9d549c67e53594d0fad1ee3953bd10e19caf3febabac38353d49a743f93f4bcd4976b51d8d600728f2d8d192", @ANYRESHEX, @ANYRESOCT=r0], 0x30}, 0x1, 0x0, 0x0, 0x40001}, 0x4400c000)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="db002cbd7000fbdbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20008810)

kernel console output (not intermixed with test programs):

  744.830653][T16555] vivid-003: RDS Rx I/O Mode: Block I/O
[  744.932676][T16555] vivid-003: Generate RBDS Instead of RDS: false
[  744.932710][T16555] vivid-003: RDS Reception: true
[  744.932733][T16555] vivid-003: RDS Program Type: 0 inactive
[  744.932762][T16555] vivid-003: RDS PS Name:  inactive
[  744.932788][T16555] vivid-003: RDS Radio Text:  inactive
[  744.932814][T16555] vivid-003: RDS Traffic Announcement: false inactive
[  744.932842][T16555] vivid-003: RDS Traffic Program: false inactive
[  744.933184][T16555] vivid-003: RDS Music: false inactive
[  744.933212][T16555] vivid-003: ==================  END STATUS  ==================
[  745.867270][T16577] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2018'.
[  747.498589][T16595] vivid-003: =================  START STATUS  =================
[  747.628452][T16595] vivid-003: Radio HW Seek Mode: Bounded
[  747.723944][T16595] vivid-003: Radio Programmable HW Seek: false
[  747.799539][T16595] vivid-003: RDS Rx I/O Mode: Block I/O
[  747.872630][T16595] vivid-003: Generate RBDS Instead of RDS: false
[  747.965398][T16595] vivid-003: RDS Reception: true
[  748.042164][T16595] vivid-003: RDS Program Type: 0 inactive
[  748.181271][T16595] vivid-003: RDS PS Name:  inactive
[  748.375756][T16595] vivid-003: RDS Radio Text:  inactive
[  748.381289][T16595] vivid-003: RDS Traffic Announcement: false inactive
[  748.736582][T16595] vivid-003: RDS Traffic Program: false inactive
[  749.024325][T16595] vivid-003: RDS Music: false inactive
[  749.109817][T16595] vivid-003: ==================  END STATUS  ==================
[  749.625017][T16634] program syz.2.2031 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  749.703240][T16631] delete_channel: no stack
[  752.370762][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  752.381382][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  752.644254][T16682] vivid-003: =================  START STATUS  =================
[  752.651927][T16682] vivid-003: Radio HW Seek Mode: Bounded
[  752.695623][T16682] vivid-003: Radio Programmable HW Seek: false
[  752.733009][T16682] vivid-003: RDS Rx I/O Mode: Block I/O
[  752.764357][T16682] vivid-003: Generate RBDS Instead of RDS: false
[  752.770825][T16682] vivid-003: RDS Reception: true
[  752.818701][T16682] vivid-003: RDS Program Type: 0 inactive
[  752.860963][T16682] vivid-003: RDS PS Name:  inactive
[  752.946902][T16682] vivid-003: RDS Radio Text:  inactive
[  752.989924][T16682] vivid-003: RDS Traffic Announcement: false inactive
[  753.044201][T16682] vivid-003: RDS Traffic Program: false inactive
[  753.064282][T16682] vivid-003: RDS Music: false inactive
[  753.098082][T16682] vivid-003: ==================  END STATUS  ==================
[  754.311342][T16695] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2045'.
[  754.435676][ T5838] Bluetooth: hci0: command 0x0406 tx timeout
[  756.108934][T16712] FAULT_INJECTION: forcing a failure.
[  756.108934][T16712] name failslab, interval 1, probability 0, space 0, times 0
[  756.145703][T16713] kernel read not supported for file /set_event_notrace_pid (pid: 16713 comm: syz.5.2048)
[  756.324793][T16712] CPU: 1 UID: 0 PID: 16712 Comm: syz.1.2049 Tainted: G     U              6.15.0-rc3-syzkaller-00342-g5bc1018675ec #0 PREEMPT(full) 
[  756.324833][T16712] Tainted: [U]=USER
[  756.324840][T16712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  756.324869][T16712] Call Trace:
[  756.324877][T16712]  <TASK>
[  756.324885][T16712]  dump_stack_lvl+0x16c/0x1f0
[  756.324916][T16712]  should_fail_ex+0x512/0x640
[  756.324946][T16712]  ? __kmalloc_noprof+0xbf/0x510
[  756.324973][T16712]  ? ops_init+0x77/0x5f0
[  756.324992][T16712]  should_failslab+0xc2/0x120
[  756.325019][T16712]  __kmalloc_noprof+0xd2/0x510
[  756.325042][T16712]  ? __raw_spin_lock_init+0x3a/0x110
[  756.325081][T16712]  ops_init+0x77/0x5f0
[  756.325106][T16712]  setup_net+0x21e/0x850
[  756.325131][T16712]  ? __pfx_setup_net+0x10/0x10
[  756.325152][T16712]  ? lockdep_init_map_type+0x5c/0x280
[  756.325181][T16712]  ? __pfx_down_read_killable+0x10/0x10
[  756.325215][T16712]  ? debug_mutex_init+0x37/0x70
[  756.325254][T16712]  copy_net_ns+0x2a6/0x5f0
[  756.325282][T16712]  create_new_namespaces+0x3ea/0xad0
[  756.325313][T16712]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  756.325340][T16712]  ksys_unshare+0x45b/0xa40
[  756.325370][T16712]  ? __pfx_ksys_unshare+0x10/0x10
[  756.325398][T16712]  ? xfd_validate_state+0x5d/0x180
[  756.325435][T16712]  ? rcu_is_watching+0x12/0xc0
[  756.325470][T16712]  __x64_sys_unshare+0x31/0x40
[  756.325500][T16712]  do_syscall_64+0xcd/0x230
[  756.325531][T16712]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  756.325558][T16712] RIP: 0033:0x7f808e58e969
[  756.325576][T16712] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  756.325599][T16712] RSP: 002b:00007f808f467038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  756.325621][T16712] RAX: ffffffffffffffda RBX: 00007f808e7b5fa0 RCX: 00007f808e58e969
[  756.325636][T16712] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  756.325650][T16712] RBP: 00007f808e610ab1 R08: 0000000000000000 R09: 0000000000000000
[  756.325664][T16712] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  756.325678][T16712] R13: 0000000000000000 R14: 00007f808e7b5fa0 R15: 00007ffcde9bbeb8
[  756.325706][T16712]  </TASK>
[  756.582181][T16697] Invalid ELF header magic: != ELF
[  756.843101][   T30] audit: type=1800 audit(4294967423.874:37): pid=16713 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.2048" name="set_event_notrace_pid" dev="tracefs" ino=17 res=0 errno=0
[  757.281744][T16720] FAULT_INJECTION: forcing a failure.
[  757.281744][T16720] name failslab, interval 1, probability 0, space 0, times 0
[  757.316321][T16720] CPU: 1 UID: 0 PID: 16720 Comm: syz.6.2051 Tainted: G     U              6.15.0-rc3-syzkaller-00342-g5bc1018675ec #0 PREEMPT(full) 
[  757.316368][T16720] Tainted: [U]=USER
[  757.316376][T16720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  757.316390][T16720] Call Trace:
[  757.316398][T16720]  <TASK>
[  757.316407][T16720]  dump_stack_lvl+0x16c/0x1f0
[  757.316440][T16720]  should_fail_ex+0x512/0x640
[  757.316474][T16720]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  757.316515][T16720]  should_failslab+0xc2/0x120
[  757.316543][T16720]  __kmalloc_cache_noprof+0x6a/0x3e0
[  757.316584][T16720]  ? do_raw_spin_lock+0x12c/0x2b0
[  757.316617][T16720]  ? ip6addrlbl_alloc+0x9a/0x2c0
[  757.316649][T16720]  ip6addrlbl_alloc+0x9a/0x2c0
[  757.316677][T16720]  ip6addrlbl_net_init+0x13d/0x400
[  757.316707][T16720]  ? __pfx_ip6addrlbl_net_init+0x10/0x10
[  757.316734][T16720]  ops_init+0x1df/0x5f0
[  757.316761][T16720]  setup_net+0x21e/0x850
[  757.316787][T16720]  ? __pfx_setup_net+0x10/0x10
[  757.316809][T16720]  ? lockdep_init_map_type+0x5c/0x280
[  757.316839][T16720]  ? __pfx_down_read_killable+0x10/0x10
[  757.316889][T16720]  ? debug_mutex_init+0x37/0x70
[  757.316927][T16720]  copy_net_ns+0x2a6/0x5f0
[  757.316955][T16720]  create_new_namespaces+0x3ea/0xad0
[  757.316986][T16720]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  757.317014][T16720]  ksys_unshare+0x45b/0xa40
[  757.317044][T16720]  ? __pfx_ksys_unshare+0x10/0x10
[  757.317073][T16720]  ? xfd_validate_state+0x5d/0x180
[  757.317111][T16720]  ? rcu_is_watching+0x12/0xc0
[  757.317138][T16720]  __x64_sys_unshare+0x31/0x40
[  757.317167][T16720]  do_syscall_64+0xcd/0x230
[  757.317197][T16720]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  757.317220][T16720] RIP: 0033:0x7f098cb8e969
[  757.317238][T16720] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  757.317261][T16720] RSP: 002b:00007f098d9c4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  757.317282][T16720] RAX: ffffffffffffffda RBX: 00007f098cdb5fa0 RCX: 00007f098cb8e969
[  757.317298][T16720] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  757.317312][T16720] RBP: 00007f098cc10ab1 R08: 0000000000000000 R09: 0000000000000000
[  757.317326][T16720] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  757.317340][T16720] R13: 0000000000000000 R14: 00007f098cdb5fa0 R15: 00007fff6d861e38
[  757.317374][T16720]  </TASK>
[  757.562172][    C1] hrtimer: interrupt took 239323117 ns
[  758.401616][T16728] vivid-003: =================  START STATUS  =================
[  758.467373][T16728] vivid-003: Radio HW Seek Mode: Bounded
[  758.559840][T16728] vivid-003: Radio Programmable HW Seek: false
[  758.647258][T16728] vivid-003: RDS Rx I/O Mode: Block I/O
[  758.687207][T16728] vivid-003: Generate RBDS Instead of RDS: false
[  758.762308][T16728] vivid-003: RDS Reception: true
[  758.828493][T16728] vivid-003: RDS Program Type: 0 inactive
[  758.902372][T16728] vivid-003: RDS PS Name:  inactive
[  758.988581][T16728] vivid-003: RDS Radio Text:  inactive
[  759.015778][T16728] vivid-003: RDS Traffic Announcement: false inactive
[  759.062587][T16728] vivid-003: RDS Traffic Program: false inactive
[  759.097460][T16728] vivid-003: RDS Music: false inactive
[  759.130864][T16728] vivid-003: ==================  END STATUS  ==================
[  759.264882][T16738] bridge0: port 4(hsr0) entered blocking state
[  759.340318][T16738] bridge0: port 4(hsr0) entered disabled state
[  759.440574][T16738] hsr0: entered allmulticast mode
[  759.541135][T16738] hsr_slave_0: entered allmulticast mode
[  759.584144][T16738] hsr_slave_1: entered allmulticast mode
[  759.717872][T16738] hsr0: entered promiscuous mode
[  759.749487][T16738] bridge0: port 4(hsr0) entered blocking state
[  759.755904][T16738] bridge0: port 4(hsr0) entered forwarding state
[  762.139601][T16816] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2066'.
[  762.901415][T16821] vivid-003: =================  START STATUS  =================
[  762.999270][T16821] vivid-003: Radio HW Seek Mode: Bounded
[  763.033168][T16821] vivid-003: Radio Programmable HW Seek: false
[  763.076631][T16821] vivid-003: RDS Rx I/O Mode: Block I/O
[  763.082257][T16821] vivid-003: Generate RBDS Instead of RDS: false
[  763.208895][T16821] vivid-003: RDS Reception: true
[  763.300259][T16821] vivid-003: RDS Program Type: 0 inactive
[  763.393142][T16821] vivid-003: RDS PS Name:  inactive
[  763.439978][T16821] vivid-003: RDS Radio Text:  inactive
[  763.578163][T16821] vivid-003: RDS Traffic Announcement: false inactive
[  763.658825][T16821] vivid-003: RDS Traffic Program: false inactive
[  763.773203][T16821] vivid-003: RDS Music: false inactive
[  763.778735][T16821] vivid-003: ==================  END STATUS  ==================
[  764.265681][T16849] netlink: 334 bytes leftover after parsing attributes in process `syz.6.2071'.
[  764.799874][T16866] netlink: 334 bytes leftover after parsing attributes in process `syz.6.2076'.
[  765.581923][T16869] vivid-003: =================  START STATUS  =================
[  765.582024][T16869] vivid-003: Radio HW Seek Mode: Bounded
[  765.582051][T16869] vivid-003: Radio Programmable HW Seek: false
[  765.582075][T16869] vivid-003: RDS Rx I/O Mode: Block I/O
[  765.582098][T16869] vivid-003: Generate RBDS Instead of RDS: false
[  765.582121][T16869] vivid-003: RDS Reception: true
[  765.582143][T16869] vivid-003: RDS Program Type: 0 inactive
[  765.582172][T16869] vivid-003: RDS PS Name:  inactive
[  765.582198][T16869] vivid-003: RDS Radio Text:  inactive
[  765.582226][T16869] vivid-003: RDS Traffic Announcement: false inactive
[  765.582254][T16869] vivid-003: RDS Traffic Program: false inactive
[  765.582281][T16869] vivid-003: RDS Music: false inactive
[  765.582308][T16869] vivid-003: ==================  END STATUS  ==================
[  767.014872][T16892] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2085'.
[  767.800420][T16917] netlink: 334 bytes leftover after parsing attributes in process `syz.5.2089'.
[  768.520307][T16921] vivid-003: =================  START STATUS  =================
[  768.646263][T16921] vivid-003: Radio HW Seek Mode: Bounded
[  768.749742][T16921] vivid-003: Radio Programmable HW Seek: false
[  768.808403][T16921] vivid-003: RDS Rx I/O Mode: Block I/O
[  768.881875][T16921] vivid-003: Generate RBDS Instead of RDS: false
[  768.985250][T16921] vivid-003: RDS Reception: true
[  769.004561][T16921] vivid-003: RDS Program Type: 0 inactive
[  769.039577][T16921] vivid-003: RDS PS Name:  inactive
[  769.079856][T16921] vivid-003: RDS Radio Text:  inactive
[  769.163116][T16921] vivid-003: RDS Traffic Announcement: false inactive
[  769.270529][T16921] vivid-003: RDS Traffic Program: false inactive
[  769.352478][T16921] vivid-003: RDS Music: false inactive
[  769.417973][T16921] vivid-003: ==================  END STATUS  ==================
[  769.580821][T16942] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2095'.
[  770.755731][T16960] can: request_module (can-proto-3) failed.
[  771.153793][T16962] netlink: 342 bytes leftover after parsing attributes in process `syz.5.2100'.
[  772.026747][T16955] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  772.055614][T16955] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  772.093384][T16955] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  772.130515][T16955] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  772.156882][T16955] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  772.181921][T16955] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  772.227783][T16955] CPU0 is offline.
[  772.472833][T16985] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2105'.
[  772.993148][T13799] Bluetooth: hci2: command 0x0c1a tx timeout
[  774.113100][T13799] Bluetooth: hci3: command 0x0c1a tx timeout
[  774.201517][T13799] Bluetooth: hci0: command 0x0406 tx timeout
[  774.210166][ T5838] Bluetooth: hci1: command 0x0419 tx timeout
[  775.179108][T16996] Invalid ELF header magic: != ELF
[  776.193813][T13799] Bluetooth: hci3: command 0x0c1a tx timeout
[  776.276247][T13799] Bluetooth: hci0: command 0x0406 tx timeout
[  777.154322][T17032] can: request_module (can-proto-4) failed.
[  777.820479][T17046] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2118'.
[  777.872565][T17046] FAULT_INJECTION: forcing a failure.
[  777.872565][T17046] name failslab, interval 1, probability 0, space 0, times 0
[  777.948602][T17046] CPU: 1 UID: 0 PID: 17046 Comm: syz.1.2118 Tainted: G     U              6.15.0-rc3-syzkaller-00342-g5bc1018675ec #0 PREEMPT(full) 
[  777.948657][T17046] Tainted: [U]=USER
[  777.948664][T17046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  777.948677][T17046] Call Trace:
[  777.948684][T17046]  <TASK>
[  777.948709][T17046]  dump_stack_lvl+0x16c/0x1f0
[  777.948755][T17046]  should_fail_ex+0x512/0x640
[  777.948786][T17046]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  777.948824][T17046]  should_failslab+0xc2/0x120
[  777.948852][T17046]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  777.948877][T17046]  ? __pmd_alloc+0xc3/0x870
[  777.948914][T17046]  __pmd_alloc+0xc3/0x870
[  777.948945][T17046]  ? find_held_lock+0x2b/0x80
[  777.948967][T17046]  __handle_mm_fault+0x948/0x2a40
[  777.948997][T17046]  ? __pfx___handle_mm_fault+0x10/0x10
[  777.949035][T17046]  ? find_vma+0xbf/0x140
[  777.949064][T17046]  ? __pfx_find_vma+0x10/0x10
[  777.949097][T17046]  handle_mm_fault+0x3fe/0xad0
[  777.949124][T17046]  do_user_addr_fault+0x7a6/0x1370
[  777.949149][T17046]  ? rcu_is_watching+0x12/0xc0
[  777.949171][T17046]  exc_page_fault+0x5c/0xc0
[  777.949196][T17046]  asm_exc_page_fault+0x26/0x30
[  777.949219][T17046] RIP: 0010:__get_user_4+0x14/0x20
[  777.949239][T17046] Code: 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 ba 00 f0 ff ff ff 7f 00 00 48 39 d0 48 0f 47 c2 0f 01 cb <8b> 10 31 c0 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90
[  777.949261][T17046] RSP: 0018:ffffc9000bc3fda0 EFLAGS: 00050283
[  777.949280][T17046] RAX: 0000000000000038 RBX: 0000000000000038 RCX: ffffc9000cd23000
[  777.949294][T17046] RDX: 00007ffffffff000 RSI: ffffffff855c99d2 RDI: ffffffff8bf467a0
[  777.949308][T17046] RBP: 000000000000000a R08: a23edf14cf8df726 R09: 0000000000000001
[  777.949322][T17046] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000003b8a
[  777.949334][T17046] R13: ffff888052f91800 R14: 0000000000000038 R15: ffffc9000bc3fe28
[  777.949359][T17046]  ? iommufd_fops_ioctl+0x122/0x4e0
[  777.949394][T17046]  iommufd_fops_ioctl+0x12c/0x4e0
[  777.949425][T17046]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  777.949459][T17046]  ? hook_file_ioctl_common+0x145/0x410
[  777.949496][T17046]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  777.949528][T17046]  __x64_sys_ioctl+0x190/0x200
[  777.949560][T17046]  do_syscall_64+0xcd/0x230
[  777.949589][T17046]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  777.949611][T17046] RIP: 0033:0x7f808e58e969
[  777.949627][T17046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  777.949648][T17046] RSP: 002b:00007f808f467038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  777.949667][T17046] RAX: ffffffffffffffda RBX: 00007f808e7b5fa0 RCX: 00007f808e58e969
[  777.949682][T17046] RDX: 0000000000000038 RSI: 0000000000003b8a RDI: 0000000000000006
[  777.949695][T17046] RBP: 00007f808e610ab1 R08: 0000000000000000 R09: 0000000000000000
[  777.949709][T17046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  777.949722][T17046] R13: 0000000000000000 R14: 00007f808e7b5fa0 R15: 00007ffcde9bbeb8
[  777.949750][T17046]  </TASK>
[  778.741482][T17086] vivid-003: =================  START STATUS  =================
[  778.771581][T17086] vivid-003: Radio HW Seek Mode: Bounded
[  778.787996][T17086] vivid-003: Radio Programmable HW Seek: false
[  778.850388][T17086] vivid-003: RDS Rx I/O Mode: Block I/O
[  778.873428][T17086] vivid-003: Generate RBDS Instead of RDS: false
[  778.911927][T17086] vivid-003: RDS Reception: true
[  778.941318][T17086] vivid-003: RDS Program Type: 0 inactive
[  778.961423][T17086] vivid-003: RDS PS Name:  inactive
[  778.981954][T17086] vivid-003: RDS Radio Text:  inactive
[  779.032183][T17086] vivid-003: RDS Traffic Announcement: false inactive
[  779.061078][T17086] vivid-003: RDS Traffic Program: false inactive
[  779.103522][T17086] vivid-003: RDS Music: false inactive
[  779.131042][T17086] vivid-003: ==================  END STATUS  ==================
[  779.176098][T17088] vivid-003: =================  START STATUS  =================
[  779.214293][T17088] vivid-003: Radio HW Seek Mode: Bounded
[  779.240929][T17088] vivid-003: Radio Programmable HW Seek: false
[  779.277518][T17088] vivid-003: RDS Rx I/O Mode: Block I/O
[  779.292033][T17088] vivid-003: Generate RBDS Instead of RDS: false
[  779.308916][T17088] vivid-003: RDS Reception: true
[  779.334457][T17088] vivid-003: RDS Program Type: 0 inactive
[  779.383628][T17088] vivid-003: RDS PS Name:  inactive
[  779.423505][T17088] vivid-003: RDS Radio Text:  inactive
[  779.430551][T17095] random: crng reseeded on system resumption
[  779.490314][T17088] vivid-003: RDS Traffic Announcement: false inactive
[  779.531859][T17088] vivid-003: RDS Traffic Program: false inactive
[  779.566777][T17088] vivid-003: RDS Music: false inactive
[  779.603567][T17088] vivid-003: ==================  END STATUS  ==================
[  781.280111][T17122] FAULT_INJECTION: forcing a failure.
[  781.280111][T17122] name failslab, interval 1, probability 0, space 0, times 0
[  781.377647][T17122] CPU: 1 UID: 0 PID: 17122 Comm: syz.1.2131 Tainted: G     U              6.15.0-rc3-syzkaller-00342-g5bc1018675ec #0 PREEMPT(full) 
[  781.377685][T17122] Tainted: [U]=USER
[  781.377692][T17122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  781.377704][T17122] Call Trace:
[  781.377711][T17122]  <TASK>
[  781.377718][T17122]  dump_stack_lvl+0x16c/0x1f0
[  781.377748][T17122]  should_fail_ex+0x512/0x640
[  781.377785][T17122]  ? __kmalloc_noprof+0xbf/0x510
[  781.377810][T17122]  ? __register_sysctl_table+0xea2/0x1900
[  781.377854][T17122]  should_failslab+0xc2/0x120
[  781.377881][T17122]  __kmalloc_noprof+0xd2/0x510
[  781.377903][T17122]  ? __register_sysctl_table+0xe8e/0x1900
[  781.377945][T17122]  __register_sysctl_table+0xea2/0x1900
[  781.377993][T17122]  ? __pfx___register_sysctl_table+0x10/0x10
[  781.378017][T17122]  ? is_module_address+0x69/0xf0
[  781.378046][T17122]  ? register_net_sysctl_sz+0x228/0x3e0
[  781.378077][T17122]  ? __asan_memcpy+0x3c/0x60
[  781.378114][T17122]  smc_sysctl_net_init+0xbb/0x3d0
[  781.378146][T17122]  ? __pfx_smc_net_init+0x10/0x10
[  781.378188][T17122]  smc_net_init+0x16/0x50
[  781.378217][T17122]  ops_init+0x1df/0x5f0
[  781.378242][T17122]  setup_net+0x21e/0x850
[  781.378265][T17122]  ? __pfx_setup_net+0x10/0x10
[  781.378285][T17122]  ? lockdep_init_map_type+0x5c/0x280
[  781.378312][T17122]  ? __pfx_down_read_killable+0x10/0x10
[  781.378345][T17122]  ? debug_mutex_init+0x37/0x70
[  781.378381][T17122]  copy_net_ns+0x2a6/0x5f0
[  781.378407][T17122]  create_new_namespaces+0x3ea/0xad0
[  781.378437][T17122]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  781.378462][T17122]  ksys_unshare+0x45b/0xa40
[  781.378490][T17122]  ? __pfx_ksys_unshare+0x10/0x10
[  781.378517][T17122]  ? xfd_validate_state+0x5d/0x180
[  781.378552][T17122]  ? rcu_is_watching+0x12/0xc0
[  781.378576][T17122]  __x64_sys_unshare+0x31/0x40
[  781.378603][T17122]  do_syscall_64+0xcd/0x230
[  781.378650][T17122]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  781.378673][T17122] RIP: 0033:0x7f808e58e969
[  781.378691][T17122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  781.378713][T17122] RSP: 002b:00007f808f467038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  781.378735][T17122] RAX: ffffffffffffffda RBX: 00007f808e7b5fa0 RCX: 00007f808e58e969
[  781.378750][T17122] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  781.378769][T17122] RBP: 00007f808e610ab1 R08: 0000000000000000 R09: 0000000000000000
[  781.378783][T17122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  781.378796][T17122] R13: 0000000000000000 R14: 00007f808e7b5fa0 R15: 00007ffcde9bbeb8
[  781.378824][T17122]  </TASK>
[  781.378833][T17122] sysctl could not get directory: /net/smc -12
[  782.330471][T17140] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2134'.
[  782.364023][T17140] bridge_slave_0: left allmulticast mode
[  782.394476][T17140] bridge_slave_0: left promiscuous mode
[  782.427757][T17140] bridge0: port 1(bridge_slave_0) entered disabled state
[  782.544926][T17146] hub 8-0:1.0: USB hub found
[  782.579809][T17146] hub 8-0:1.0: 1 port detected
[  783.037124][T17156] Invalid ELF header magic: != ELF
[  784.588208][T17188] netlink: 334 bytes leftover after parsing attributes in process `syz.6.2144'.
[  784.631119][T17188] FAULT_INJECTION: forcing a failure.
[  784.631119][T17188] name failslab, interval 1, probability 0, space 0, times 0
[  784.713965][T17188] CPU: 1 UID: 0 PID: 17188 Comm: syz.6.2144 Tainted: G     U              6.15.0-rc3-syzkaller-00342-g5bc1018675ec #0 PREEMPT(full) 
[  784.714005][T17188] Tainted: [U]=USER
[  784.714012][T17188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  784.714026][T17188] Call Trace:
[  784.714033][T17188]  <TASK>
[  784.714042][T17188]  dump_stack_lvl+0x16c/0x1f0
[  784.714074][T17188]  should_fail_ex+0x512/0x640
[  784.714106][T17188]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  784.714134][T17188]  should_failslab+0xc2/0x120
[  784.714161][T17188]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  784.714185][T17188]  ? __sys_sendmmsg+0x36e/0x420
[  784.714206][T17188]  ? getname_flags.part.0+0x4c/0x550
[  784.714246][T17188]  getname_flags.part.0+0x4c/0x550
[  784.714280][T17188]  getname_flags+0x93/0xf0
[  784.714313][T17188]  do_sys_openat2+0xb8/0x1d0
[  784.714343][T17188]  ? __pfx_do_sys_openat2+0x10/0x10
[  784.714382][T17188]  __x64_sys_openat+0x174/0x210
[  784.714412][T17188]  ? __pfx___x64_sys_openat+0x10/0x10
[  784.714444][T17188]  ? rcu_is_watching+0x12/0xc0
[  784.714471][T17188]  do_syscall_64+0xcd/0x230
[  784.714503][T17188]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  784.714525][T17188] RIP: 0033:0x7f098cb8e969
[  784.714543][T17188] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  784.714565][T17188] RSP: 002b:00007f098d9c4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  784.714587][T17188] RAX: ffffffffffffffda RBX: 00007f098cdb5fa0 RCX: 00007f098cb8e969
[  784.714601][T17188] RDX: 0000000000080001 RSI: 0000200000000400 RDI: ffffffffffffff9c
[  784.714616][T17188] RBP: 00007f098cc10ab1 R08: 0000000000000000 R09: 0000000000000000
[  784.714630][T17188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  784.714643][T17188] R13: 0000000000000000 R14: 00007f098cdb5fa0 R15: 00007fff6d861e38
[  784.714671][T17188]  </TASK>
[  785.056901][T17195] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2148'.
[  785.066930][T17196] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2148'.
[  786.139007][T17229] Invalid ELF header magic: != ELF
[  786.159645][T17223] vivid-003: =================  START STATUS  =================
[  786.213893][T17223] vivid-003: Radio HW Seek Mode: Bounded
[  786.230542][T17223] vivid-003: Radio Programmable HW Seek: false
[  786.252772][T17223] vivid-003: RDS Rx I/O Mode: Block I/O
[  786.301263][T17223] vivid-003: Generate RBDS Instead of RDS: false
[  786.332072][T17223] vivid-003: RDS Reception: true
[  786.354405][T17223] vivid-003: RDS Program Type: 0 inactive
[  786.385091][T17223] vivid-003: RDS PS Name:  inactive
[  786.451121][T17223] vivid-003: RDS Radio Text:  inactive
[  786.485194][T17223] vivid-003: RDS Traffic Announcement: false inactive
[  786.523501][T17223] vivid-003: RDS Traffic Program: false inactive
[  786.562158][T17223] vivid-003: RDS Music: false inactive
[  786.581862][T17223] vivid-003: ==================  END STATUS  ==================
[  789.211745][T17270] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2163'.
[  789.414608][T17275] FAULT_INJECTION: forcing a failure.
[  789.414608][T17275] name failslab, interval 1, probability 0, space 0, times 0
[  789.480622][T17275] CPU: 1 UID: 0 PID: 17275 Comm: syz.2.2164 Tainted: G     U              6.15.0-rc3-syzkaller-00342-g5bc1018675ec #0 PREEMPT(full) 
[  789.480666][T17275] Tainted: [U]=USER
[  789.480673][T17275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  789.480687][T17275] Call Trace:
[  789.480694][T17275]  <TASK>
[  789.480702][T17275]  dump_stack_lvl+0x16c/0x1f0
[  789.480734][T17275]  should_fail_ex+0x512/0x640
[  789.480765][T17275]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  789.480794][T17275]  should_failslab+0xc2/0x120
[  789.480821][T17275]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  789.480847][T17275]  ? radix_tree_node_alloc.constprop.0+0x7c/0x350
[  789.480875][T17275]  radix_tree_node_alloc.constprop.0+0x7c/0x350
[  789.480910][T17275]  idr_get_free+0x528/0xa30
[  789.480946][T17275]  idr_alloc_u32+0x190/0x2f0
[  789.480973][T17275]  ? __pfx_idr_alloc_u32+0x10/0x10
[  789.481001][T17275]  ? __pfx___mutex_lock+0x10/0x10
[  789.481035][T17275]  idr_alloc+0xc0/0x130
[  789.481057][T17275]  ? __pfx_idr_alloc+0x10/0x10
[  789.481081][T17275]  ? __radix_tree_lookup+0x21f/0x2c0
[  789.481110][T17275]  ppp_dev_configure+0x905/0xc80
[  789.481144][T17275]  ppp_ioctl+0x17e0/0x2660
[  789.481172][T17275]  ? find_held_lock+0x2b/0x80
[  789.481193][T17275]  ? __pfx_ppp_ioctl+0x10/0x10
[  789.481225][T17275]  ? __fget_files+0x20e/0x3c0
[  789.481263][T17275]  ? __pfx_ppp_ioctl+0x10/0x10
[  789.481290][T17275]  __x64_sys_ioctl+0x190/0x200
[  789.481323][T17275]  do_syscall_64+0xcd/0x230
[  789.481353][T17275]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  789.481376][T17275] RIP: 0033:0x7f618d78e969
[  789.481393][T17275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  789.481417][T17275] RSP: 002b:00007f618e543038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  789.481438][T17275] RAX: ffffffffffffffda RBX: 00007f618d9b6080 RCX: 00007f618d78e969
[  789.481454][T17275] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000007
[  789.481468][T17275] RBP: 00007f618d810ab1 R08: 0000000000000000 R09: 0000000000000000
[  789.481484][T17275] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  789.481497][T17275] R13: 0000000000000000 R14: 00007f618d9b6080 R15: 00007ffe78c362e8
[  789.481526][T17275]  </TASK>
[  789.705750][    C1] vkms_vblank_simulate: vblank timer overrun
[  789.821804][T17291] CIFS mount error: No usable UNC path provided in device string!
[  789.821804][T17291] 
[  789.831947][T17291] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  789.876636][T17293] netlink: 334 bytes leftover after parsing attributes in process `syz.5.2168'.
[  790.167619][T17293] FAULT_INJECTION: forcing a failure.
[  790.167619][T17293] name failslab, interval 1, probability 0, space 0, times 0
[  790.212551][T17293] CPU: 1 UID: 0 PID: 17293 Comm: syz.5.2168 Tainted: G     U              6.15.0-rc3-syzkaller-00342-g5bc1018675ec #0 PREEMPT(full) 
[  790.212591][T17293] Tainted: [U]=USER
[  790.212599][T17293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  790.212612][T17293] Call Trace:
[  790.212619][T17293]  <TASK>
[  790.212627][T17293]  dump_stack_lvl+0x16c/0x1f0
[  790.212658][T17293]  should_fail_ex+0x512/0x640
[  790.212689][T17293]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  790.212717][T17293]  should_failslab+0xc2/0x120
[  790.212745][T17293]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  790.212770][T17293]  ? __alloc_skb+0x2b2/0x380
[  790.212810][T17293]  __alloc_skb+0x2b2/0x380
[  790.212863][T17293]  ? __pfx___alloc_skb+0x10/0x10
[  790.212897][T17293]  ? __pfx_fib_nl_newrule+0x10/0x10
[  790.212929][T17293]  netlink_ack+0x15d/0xb80
[  790.212960][T17293]  netlink_rcv_skb+0x347/0x440
[  790.212984][T17293]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  790.213009][T17293]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  790.213047][T17293]  ? netlink_deliver_tap+0x1ae/0xd30
[  790.213074][T17293]  netlink_unicast+0x53a/0x7f0
[  790.213100][T17293]  ? __pfx_netlink_unicast+0x10/0x10
[  790.213122][T17293]  ? __lock_acquire+0xaa4/0x1ba0
[  790.213157][T17293]  netlink_sendmsg+0x8d1/0xdd0
[  790.213185][T17293]  ? __pfx_netlink_sendmsg+0x10/0x10
[  790.213218][T17293]  ____sys_sendmsg+0xa95/0xc70
[  790.213247][T17293]  ? copy_msghdr_from_user+0x10a/0x160
[  790.213267][T17293]  ? __pfx_____sys_sendmsg+0x10/0x10
[  790.213300][T17293]  ? kfree+0x252/0x4d0
[  790.213332][T17293]  ? schedule+0x2d7/0x3a0
[  790.213360][T17293]  ___sys_sendmsg+0x134/0x1d0
[  790.213382][T17293]  ? __pfx____sys_sendmsg+0x10/0x10
[  790.213427][T17293]  ? __pfx___might_resched+0x10/0x10
[  790.213457][T17293]  __sys_sendmmsg+0x200/0x420
[  790.213481][T17293]  ? __pfx___sys_sendmmsg+0x10/0x10
[  790.213510][T17293]  ? __pfx_do_futex+0x10/0x10
[  790.213546][T17293]  ? xfd_validate_state+0x5d/0x180
[  790.213583][T17293]  ? rcu_is_watching+0x12/0xc0
[  790.213608][T17293]  __x64_sys_sendmmsg+0x9c/0x100
[  790.213628][T17293]  ? lockdep_hardirqs_on+0x7c/0x110
[  790.213653][T17293]  do_syscall_64+0xcd/0x230
[  790.213683][T17293]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  790.213706][T17293] RIP: 0033:0x7f7ccc38e969
[  790.213724][T17293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  790.213747][T17293] RSP: 002b:00007f7ccd16f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  790.213768][T17293] RAX: ffffffffffffffda RBX: 00007f7ccc5b5fa0 RCX: 00007f7ccc38e969
[  790.213784][T17293] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000005
[  790.213798][T17293] RBP: 00007f7ccc410ab1 R08: 0000000000000000 R09: 0000000000000000
[  790.213812][T17293] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000000
[  790.213826][T17293] R13: 0000000000000000 R14: 00007f7ccc5b5fa0 R15: 00007ffe8aeb7b98
[  790.213858][T17293]  </TASK>
[  790.501227][    C1] vkms_vblank_simulate: vblank timer overrun
[  790.520225][T17297] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2169'.
[  790.634586][T17297] FAULT_INJECTION: forcing a failure.
[  790.634586][T17297] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  790.647781][T17297] CPU: 1 UID: 0 PID: 17297 Comm: syz.2.2169 Tainted: G     U              6.15.0-rc3-syzkaller-00342-g5bc1018675ec #0 PREEMPT(full) 
[  790.647822][T17297] Tainted: [U]=USER
[  790.647829][T17297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  790.647843][T17297] Call Trace:
[  790.647850][T17297]  <TASK>
[  790.647858][T17297]  dump_stack_lvl+0x16c/0x1f0
[  790.647889][T17297]  should_fail_ex+0x512/0x640
[  790.647923][T17297]  _copy_from_user+0x2e/0xd0
[  790.647957][T17297]  copy_msghdr_from_user+0x98/0x160
[  790.647979][T17297]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  790.648021][T17297]  ? kfree+0x252/0x4d0
[  790.648053][T17297]  ? schedule+0x2d7/0x3a0
[  790.648082][T17297]  ___sys_sendmsg+0xfe/0x1d0
[  790.648104][T17297]  ? __pfx____sys_sendmsg+0x10/0x10
[  790.648150][T17297]  ? __pfx___might_resched+0x10/0x10
[  790.648180][T17297]  __sys_sendmmsg+0x200/0x420
[  790.648204][T17297]  ? __pfx___sys_sendmmsg+0x10/0x10
[  790.648234][T17297]  ? __pfx_do_futex+0x10/0x10
[  790.648270][T17297]  ? xfd_validate_state+0x5d/0x180
[  790.648309][T17297]  ? rcu_is_watching+0x12/0xc0
[  790.648333][T17297]  __x64_sys_sendmmsg+0x9c/0x100
[  790.648354][T17297]  ? lockdep_hardirqs_on+0x7c/0x110
[  790.648380][T17297]  do_syscall_64+0xcd/0x230
[  790.648410][T17297]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  790.648433][T17297] RIP: 0033:0x7f618d78e969
[  790.648451][T17297] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  790.648473][T17297] RSP: 002b:00007f618e564038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  790.648493][T17297] RAX: ffffffffffffffda RBX: 00007f618d9b5fa0 RCX: 00007f618d78e969
[  790.648508][T17297] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000005
[  790.648521][T17297] RBP: 00007f618d810ab1 R08: 0000000000000000 R09: 0000000000000000
[  790.648534][T17297] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000000
[  790.648547][T17297] R13: 0000000000000000 R14: 00007f618d9b5fa0 R15: 00007ffe78c362e8
[  790.648574][T17297]  </TASK>
[  790.854759][    C1] vkms_vblank_simulate: vblank timer overrun
[  792.136218][T17326] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2175'.
[  793.326799][T17339] netlink: 'syz.6.2177': attribute type 1 has an invalid length.
[  793.835432][T17344] netlink: 'syz.6.2178': attribute type 1 has an invalid length.
[  793.908707][T17346] HfR: entered promiscuous mode
[  793.979398][T17346] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2179'.
[  794.057690][T17346] openvswitch: HfR: Dropping previously announced user features
[  794.118587][T17346] ubi: mtd0 is already attached to ubi0
[  794.502764][T17356] netlink: 334 bytes leftover after parsing attributes in process `syz.5.2182'.
[  799.515603][T17391] netlink: 'syz.6.2189': attribute type 4 has an invalid length.
[  799.535453][T17397] netlink: 334 bytes leftover after parsing attributes in process `syz.5.2191'.
[  799.585864][T17391] netlink: 314 bytes leftover after parsing attributes in process `syz.6.2189'.
[  799.647177][T17391] IPv6: NLM_F_CREATE should be specified when creating new route
[  799.679450][T17391] IPv6: Can't replace route, no match found
[  799.801401][ T5838] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  799.815687][ T5838] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  799.825734][ T5838] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  799.835829][ T5838] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  799.846629][ T5838] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  800.328973][T16519] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  800.735072][T16519] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  801.024657][T16519] bridge0: port 3(netdevsim1) entered disabled state
[  801.108486][T16519] netdevsim netdevsim2 netdevsim1 (unregistering): left allmulticast mode
[  801.187761][T16519] netdevsim netdevsim2 netdevsim1 (unregistering): left promiscuous mode
[  801.247140][T16519] bridge0: port 3(netdevsim1) entered disabled state
[  801.283662][T17417] vivid-003: =================  START STATUS  =================
[  801.313694][T17417] vivid-003: Radio HW Seek Mode: Bounded
[  801.345424][T16519] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  801.398651][T17417] vivid-003: Radio Programmable HW Seek: false
[  801.471951][T17417] vivid-003: RDS Rx I/O Mode: Block I/O
[  801.536888][T17417] vivid-003: Generate RBDS Instead of RDS: false
[  801.543306][T17417] vivid-003: RDS Reception: true
[  801.630347][T17430] netlink: 330 bytes leftover after parsing attributes in process `syz.1.2198'.
[  801.649967][T17417] vivid-003: RDS Program Type: 0 inactive
[  801.666061][T16519] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  801.724185][T17417] vivid-003: RDS PS Name:  inactive
[  801.777977][T17417] vivid-003: RDS Radio Text:  inactive
[  801.865380][T17417] vivid-003: RDS Traffic Announcement: false inactive
[  801.874783][T13799] Bluetooth: hci2: command tx timeout
[  802.018796][T17417] vivid-003: RDS Traffic Program: false inactive
[  802.128641][T17417] vivid-003: RDS Music: false inactive
[  802.134172][T17417] vivid-003: ==================  END STATUS  ==================
[  802.262173][T17401] chnl_net:caif_netlink_parms(): no params data found
[  802.655397][T16519] bridge_slave_1: left allmulticast mode
[  802.678620][T16519] bridge_slave_1: left promiscuous mode
[  802.685386][T16519] bridge0: port 2(bridge_slave_1) entered disabled state
[  802.806284][T16519] bridge_slave_0: left allmulticast mode
[  802.847860][T16519] bridge_slave_0: left promiscuous mode
[  802.882145][T16519] bridge0: port 1(bridge_slave_0) entered disabled state
[  802.914313][T17447] netlink: 334 bytes leftover after parsing attributes in process `syz.6.2201'.
[  803.593582][T16519] erspan0 (unregistering): left allmulticast mode
[  803.959082][T13799] Bluetooth: hci2: command tx timeout
[  804.181190][T16519] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  804.211755][T16519] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  804.232587][T16519] bond0 (unregistering): Released all slaves
[  804.689034][T17474] netlink: 334 bytes leftover after parsing attributes in process `syz.5.2205'.
[  804.874648][T17401] bridge0: port 1(bridge_slave_0) entered blocking state
[  804.904667][T17401] bridge0: port 1(bridge_slave_0) entered disabled state
[  804.972409][T17401] bridge_slave_0: entered allmulticast mode
[  805.028002][T17401] bridge_slave_0: entered promiscuous mode
[  805.062567][T17473] Invalid ELF header magic: != ELF
[  805.098143][T17401] bridge0: port 2(bridge_slave_1) entered blocking state
[  805.105389][T17401] bridge0: port 2(bridge_slave_1) entered disabled state
[  805.182201][T17401] bridge_slave_1: entered allmulticast mode
[  805.230171][T17401] bridge_slave_1: entered promiscuous mode
[  806.014817][T17401] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  806.038157][T13799] Bluetooth: hci2: command tx timeout
[  806.120340][T17401] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  806.868678][T17401] team0: Port device team_slave_0 added
[  807.145380][T17401] team0: Port device team_slave_1 added
[  807.363710][T17401] batman_adv: batadv0: Adding interface: batadv_slave_0
[  807.396408][T17401] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  807.492320][T17401] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  807.576134][T17485] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  807.701347][T17401] batman_adv: batadv0: Adding interface: batadv_slave_1
[  807.720373][T17401] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  807.746339][    C1] vkms_vblank_simulate: vblank timer overrun
[  807.823873][T17401] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  808.049920][T16519] hsr_slave_0: left promiscuous mode
[  808.117818][T13799] Bluetooth: hci2: command tx timeout
[  808.215494][T16519] hsr_slave_1: left promiscuous mode
[  808.342692][T16519] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  808.415920][T16519] batman_adv: batadv0: Removing interface: batadv_slave_0
[  808.753241][T16519] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  808.799775][T16519] batman_adv: batadv0: Removing interface: batadv_slave_1
[  809.096823][T16519] veth0_macvtap: left promiscuous mode
[  809.754753][T16519] team0 (unregistering): Port device team_slave_1 removed
[  809.806217][T16519] team0 (unregistering): Port device team_slave_0 removed
[  810.560549][T17401] hsr_slave_0: entered promiscuous mode
[  810.590941][T17401] hsr_slave_1: entered promiscuous mode
[  811.119786][T17531] netlink: 334 bytes leftover after parsing attributes in process `syz.5.2212'.
[  811.903292][T17552] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2215'.
[  813.421154][T17589] netlink: 342 bytes leftover after parsing attributes in process `syz.5.2221'.
[  813.519707][T17401] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  813.567913][T17401] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  813.624527][T17401] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  813.678696][T17401] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  813.695912][T17595] random: crng reseeded on system resumption
[  813.788390][T17592] FAULT_INJECTION: forcing a failure.
[  813.788390][T17592] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  813.817887][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  813.829927][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  813.923015][T17592] CPU: 1 UID: 0 PID: 17592 Comm: syz.1.2222 Tainted: G     U              6.15.0-rc3-syzkaller-00342-g5bc1018675ec #0 PREEMPT(full) 
[  813.923076][T17592] Tainted: [U]=USER
[  813.923083][T17592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  813.923097][T17592] Call Trace:
[  813.923104][T17592]  <TASK>
[  813.923112][T17592]  dump_stack_lvl+0x16c/0x1f0
[  813.923144][T17592]  should_fail_ex+0x512/0x640
[  813.923179][T17592]  _copy_to_iter+0x2a4/0x15a0
[  813.923220][T17592]  ? __pfx__copy_to_iter+0x10/0x10
[  813.923255][T17592]  ? __skb_recv_datagram+0x1b2/0x220
[  813.923292][T17592]  ? __pfx___skb_recv_datagram+0x10/0x10
[  813.923327][T17592]  simple_copy_to_iter+0x46/0x90
[  813.923358][T17592]  __skb_datagram_iter+0x125/0x8c0
[  813.923387][T17592]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  813.923419][T17592]  ? skb_recv_datagram+0x88/0xc0
[  813.923455][T17592]  skb_copy_datagram_iter+0x40/0x50
[  813.923488][T17592]  netlink_recvmsg+0x298/0xf20
[  813.923512][T17592]  ? __pfx_netlink_recvmsg+0x10/0x10
[  813.923532][T17592]  ? aa_sk_perm+0x2f4/0xb10
[  813.923558][T17592]  ? find_held_lock+0x2b/0x80
[  813.923578][T17592]  ? __pfx_aa_sk_perm+0x10/0x10
[  813.923601][T17592]  ? __fget_files+0x204/0x3c0
[  813.923646][T17592]  sock_recvmsg+0x1f6/0x250
[  813.923674][T17592]  __sys_recvfrom+0x203/0x310
[  813.923710][T17592]  ? __pfx___sys_recvfrom+0x10/0x10
[  813.923742][T17592]  ? find_held_lock+0x2b/0x80
[  813.923770][T17592]  ? rcu_is_watching+0x12/0xc0
[  813.923799][T17592]  ? xfd_validate_state+0x5d/0x180
[  813.923840][T17592]  ? rcu_is_watching+0x12/0xc0
[  813.923863][T17592]  __x64_sys_recvfrom+0xe0/0x1c0
[  813.923895][T17592]  ? do_syscall_64+0x91/0x230
[  813.923922][T17592]  ? lockdep_hardirqs_on+0x7c/0x110
[  813.923948][T17592]  do_syscall_64+0xcd/0x230
[  813.923977][T17592]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  813.923999][T17592] RIP: 0033:0x7f808e590734
[  813.924018][T17592] Code: 89 4c 24 1c e8 ed 5f 02 00 44 8b 54 24 1c 8b 3c 24 45 31 c9 89 c5 48 8b 54 24 10 48 8b 74 24 08 45 31 c0 b8 2d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 04 24 e8 39 60 02 00 48 8b 04
[  813.924045][T17592] RSP: 002b:00007f808f465f30 EFLAGS: 00000246 ORIG_RAX: 000000000000002d
[  813.924067][T17592] RAX: ffffffffffffffda RBX: 000000000000002d RCX: 00007f808e590734
[  813.924081][T17592] RDX: 0000000000001000 RSI: 00007f808f466010 RDI: 0000000000000009
[  813.924095][T17592] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  813.924107][T17592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000000040
[  813.924121][T17592] R13: 00007f808f465fc0 R14: 0000000000000013 R15: 0000000000000000
[  813.924147][T17592]  </TASK>
[  814.355606][T17604] FAULT_INJECTION: forcing a failure.
[  814.355606][T17604] name failslab, interval 1, probability 0, space 0, times 0
[  814.368487][T17604] CPU: 1 UID: 0 PID: 17604 Comm: syz.6.2224 Tainted: G     U              6.15.0-rc3-syzkaller-00342-g5bc1018675ec #0 PREEMPT(full) 
[  814.368524][T17604] Tainted: [U]=USER
[  814.368531][T17604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  814.368545][T17604] Call Trace:
[  814.368552][T17604]  <TASK>
[  814.368560][T17604]  dump_stack_lvl+0x16c/0x1f0
[  814.368593][T17604]  should_fail_ex+0x512/0x640
[  814.368622][T17604]  ? fs_reclaim_acquire+0xae/0x150
[  814.368657][T17604]  ? tomoyo_encode2+0x100/0x3e0
[  814.368685][T17604]  should_failslab+0xc2/0x120
[  814.368711][T17604]  __kmalloc_noprof+0xd2/0x510
[  814.368741][T17604]  tomoyo_encode2+0x100/0x3e0
[  814.368774][T17604]  tomoyo_encode+0x29/0x50
[  814.368801][T17604]  tomoyo_realpath_from_path+0x18f/0x6e0
[  814.368834][T17604]  ? tomoyo_profile+0x47/0x60
[  814.368869][T17604]  tomoyo_path_number_perm+0x245/0x580
[  814.368893][T17604]  ? tomoyo_path_number_perm+0x237/0x580
[  814.368920][T17604]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  814.368971][T17604]  ? find_held_lock+0x2b/0x80
[  814.369018][T17604]  ? count_memcg_events_mm.constprop.0+0x138/0x340
[  814.369051][T17604]  ? hook_file_ioctl_common+0x145/0x410
[  814.369078][T17604]  ? find_held_lock+0x2b/0x80
[  814.369107][T17604]  security_file_ioctl+0x9b/0x240
[  814.369136][T17604]  __x64_sys_ioctl+0xb7/0x200
[  814.369170][T17604]  do_syscall_64+0xcd/0x230
[  814.369211][T17604]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  814.369234][T17604] RIP: 0033:0x7f098cb8e969
[  814.369256][T17604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  814.369278][T17604] RSP: 002b:00007f098d9c4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  814.369298][T17604] RAX: ffffffffffffffda RBX: 00007f098cdb5fa0 RCX: 00007f098cb8e969
[  814.369312][T17604] RDX: 0000000100000101 RSI: 0000000000005760 RDI: 0000000000000001
[  814.369326][T17604] RBP: 00007f098d9c4090 R08: 0000000000000000 R09: 0000000000000000
[  814.369339][T17604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  814.369352][T17604] R13: 0000000000000000 R14: 00007f098cdb5fa0 R15: 00007fff6d861e38
[  814.369380][T17604]  </TASK>
[  814.369399][T17604] ERROR: Out of memory at tomoyo_realpath_from_path.
[  815.004374][T17612] nvme_fabrics: missing parameter 'transport=%s'
[  815.033699][T17612] nvme_fabrics: missing parameter 'nqn=%s'
[  815.178964][T17620] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78c04
[  815.197498][T17614] nvme_fabrics: missing parameter 'transport=%s'
[  815.204791][T17614] nvme_fabrics: missing parameter 'nqn=%s'
[  815.243102][T17620] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  815.250266][T17620] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[  815.473209][T17617] could not allocate digest TFM handle binfmt_misc
[  815.495041][T17620] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[  815.561521][T17620] page dumped because: unmovable page
[  815.623864][T17620] page_owner tracks the page as allocated
[  815.721816][T17620] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), pid 5818, tgid 5818 (syz-executor), ts 91682867350, free_ts 89978024079
[  815.879699][T17401] 8021q: adding VLAN 0 to HW filter on device bond0
[  815.892621][T17620]  post_alloc_hook+0x181/0x1b0
[  815.915916][T17620]  get_page_from_freelist+0x135c/0x3920
[  815.946510][T17620]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  815.980113][T17620]  alloc_pages_mpol+0x1fb/0x550
[  816.013756][T17401] 8021q: adding VLAN 0 to HW filter on device team0
[  816.032084][T17620]  alloc_pages_noprof+0x131/0x390
[  816.037167][T17620]  __vmalloc_node_range_noprof+0x732/0x1540
[  816.076002][T17620]  vzalloc_noprof+0x6b/0x90
[  816.080593][T17620]  swap_cgroup_swapon+0x28/0xd0
[  816.094674][T16519] bridge0: port 1(bridge_slave_0) entered blocking state
[  816.101861][T16519] bridge0: port 1(bridge_slave_0) entered forwarding state
[  816.142368][T17620]  __do_sys_swapon+0x167f/0x3bc0
[  816.156777][T17620]  do_syscall_64+0xcd/0x230
[  816.161357][T17620]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  816.191181][ T8130] bridge0: port 2(bridge_slave_1) entered blocking state
[  816.199535][ T8130] bridge0: port 2(bridge_slave_1) entered forwarding state
[  816.244478][T17620] page last free pid 5818 tgid 5818 stack trace:
[  816.250850][T17620]  __free_frozen_pages+0x69d/0xff0
[  816.302470][T17620]  vfree+0x176/0x960
[  816.306429][T17620]  kcov_close+0x34/0x60
[  816.361276][T17620]  __fput+0x3ff/0xb70
[  816.382530][T17620]  fput_close_sync+0x118/0x260
[  816.417857][T17620]  __x64_sys_close+0x8b/0x120
[  816.446808][T17620]  do_syscall_64+0xcd/0x230
[  816.492003][T17620]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  817.052272][T17664] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2230'.
[  817.376449][T17401] 8021q: adding VLAN 0 to HW filter on device batadv0
[  817.557466][T17677] vivid-003: =================  START STATUS  =================
[  817.681444][T17401] veth0_vlan: entered promiscuous mode
[  817.701050][T17677] vivid-003: Radio HW Seek Mode: Bounded
[  817.764046][T17401] veth1_vlan: entered promiscuous mode
[  817.784280][T17677] vivid-003: Radio Programmable HW Seek: false
[  817.790495][T17677] vivid-003: RDS Rx I/O Mode: Block I/O
[  817.837902][T17683] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2234'.
[  817.889987][T17677] vivid-003: Generate RBDS Instead of RDS: false
[  818.405919][T17677] vivid-003: RDS Reception: true
[  818.665594][T17677] vivid-003: RDS Program Type: 0 inactive
[  818.671399][T17677] vivid-003: RDS PS Name:  inactive
[  819.019464][T17677] vivid-003: RDS Radio Text:  inactive
[  819.045742][T17677] vivid-003: RDS Traffic Announcement: false inactive
[  819.052582][T17677] vivid-003: RDS Traffic Program: false inactive
[  819.079740][T17401] veth0_macvtap: entered promiscuous mode
[  819.128426][T17677] vivid-003: RDS Music: false inactive
[  819.146975][T17677] vivid-003: ==================  END STATUS  ==================
[  819.258858][T17401] veth1_macvtap: entered promiscuous mode
[  819.561764][T17401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  819.656914][T17401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  819.775345][T17694] CIFS mount error: No usable UNC path provided in device string!
[  819.775345][T17694] 
[  819.836859][T17401] batman_adv: batadv0: Interface activated: batadv_slave_0
[  820.029102][T17694] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  820.407384][T17401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  820.505547][T17401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  820.556897][T17401] batman_adv: batadv0: Interface activated: batadv_slave_1
[  820.653718][T17401] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  820.727985][T17401] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  820.776659][T17401] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  820.815341][T17401] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  821.384124][T16519] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  821.458487][T16519] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  821.625876][T10712] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  821.678020][T10712] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  821.709750][T17731] FAULT_INJECTION: forcing a failure.
[  821.709750][T17731] name failslab, interval 1, probability 0, space 0, times 0
[  821.832402][T17731] CPU: 1 UID: 0 PID: 17731 Comm: syz.1.2241 Tainted: G     U              6.15.0-rc3-syzkaller-00342-g5bc1018675ec #0 PREEMPT(full) 
[  821.832445][T17731] Tainted: [U]=USER
[  821.832452][T17731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  821.832466][T17731] Call Trace:
[  821.832473][T17731]  <TASK>
[  821.832481][T17731]  dump_stack_lvl+0x16c/0x1f0
[  821.832513][T17731]  should_fail_ex+0x512/0x640
[  821.832556][T17731]  ? __kmalloc_noprof+0xbf/0x510
[  821.832581][T17731]  ? watch_queue_set_size+0x23d/0x6b0
[  821.832612][T17731]  should_failslab+0xc2/0x120
[  821.832639][T17731]  __kmalloc_noprof+0xd2/0x510
[  821.832669][T17731]  watch_queue_set_size+0x23d/0x6b0
[  821.832711][T17731]  pipe_ioctl+0xab/0x2b0
[  821.832730][T17731]  ? __pfx_pipe_ioctl+0x10/0x10
[  821.832750][T17731]  __x64_sys_ioctl+0x190/0x200
[  821.832781][T17731]  do_syscall_64+0xcd/0x230
[  821.832809][T17731]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  821.832831][T17731] RIP: 0033:0x7f808e58e969
[  821.832847][T17731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  821.832867][T17731] RSP: 002b:00007f808f467038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  821.832887][T17731] RAX: ffffffffffffffda RBX: 00007f808e7b5fa0 RCX: 00007f808e58e969
[  821.832901][T17731] RDX: 0000000100000101 RSI: 0000000000005760 RDI: 0000000000000001
[  821.832914][T17731] RBP: 00007f808f467090 R08: 0000000000000000 R09: 0000000000000000
[  821.832926][T17731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  821.832939][T17731] R13: 0000000000000000 R14: 00007f808e7b5fa0 R15: 00007ffcde9bbeb8
[  821.832966][T17731]  </TASK>
[  822.315885][T17737] vivid-003: =================  START STATUS  =================
[  822.323563][T17737] vivid-003: Radio HW Seek Mode: Bounded
[  822.346521][T17737] vivid-003: Radio Programmable HW Seek: false
[  822.352730][T17737] vivid-003: RDS Rx I/O Mode: Block I/O
[  822.374887][T17737] vivid-003: Generate RBDS Instead of RDS: false
[  822.381274][T17737] vivid-003: RDS Reception: true
[  822.396747][T17737] vivid-003: RDS Program Type: 0 inactive
[  822.414849][T17737] vivid-003: RDS PS Name:  inactive
[  822.423597][T17737] vivid-003: RDS Radio Text:  inactive
[  822.431894][T17737] vivid-003: RDS Traffic Announcement: false inactive
[  822.454227][T17737] vivid-003: RDS Traffic Program: false inactive
[  822.482867][T17737] vivid-003: RDS Music: false inactive
[  822.500263][T17737] vivid-003: ==================  END STATUS  ==================
[  822.906108][T17747] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2242'.
[  823.214742][T17752] FAULT_INJECTION: forcing a failure.
[  823.214742][T17752] name failslab, interval 1, probability 0, space 0, times 0
[  823.335991][T17752] CPU: 1 UID: 0 PID: 17752 Comm: syz.5.2244 Tainted: G     U              6.15.0-rc3-syzkaller-00342-g5bc1018675ec #0 PREEMPT(full) 
[  823.336029][T17752] Tainted: [U]=USER
[  823.336036][T17752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  823.336049][T17752] Call Trace:
[  823.336056][T17752]  <TASK>
[  823.336064][T17752]  dump_stack_lvl+0x16c/0x1f0
[  823.336094][T17752]  should_fail_ex+0x512/0x640
[  823.336123][T17752]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  823.336162][T17752]  should_failslab+0xc2/0x120
[  823.336187][T17752]  __kmalloc_cache_noprof+0x6a/0x3e0
[  823.336222][T17752]  ? fqdir_init+0x4f/0x1f0
[  823.336246][T17752]  fqdir_init+0x4f/0x1f0
[  823.336267][T17752]  lowpan_frags_init_net+0x2d/0x3a0
[  823.336329][T17752]  ? __pfx_lowpan_frags_init_net+0x10/0x10
[  823.336358][T17752]  ops_init+0x1df/0x5f0
[  823.336385][T17752]  setup_net+0x21e/0x850
[  823.336411][T17752]  ? __pfx_setup_net+0x10/0x10
[  823.336432][T17752]  ? lockdep_init_map_type+0x5c/0x280
[  823.336463][T17752]  ? __pfx_down_read_killable+0x10/0x10
[  823.336498][T17752]  ? debug_mutex_init+0x37/0x70
[  823.336537][T17752]  copy_net_ns+0x2a6/0x5f0
[  823.336566][T17752]  create_new_namespaces+0x3ea/0xad0
[  823.336597][T17752]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  823.336624][T17752]  ksys_unshare+0x45b/0xa40
[  823.336655][T17752]  ? __pfx_ksys_unshare+0x10/0x10
[  823.336683][T17752]  ? xfd_validate_state+0x5d/0x180
[  823.336721][T17752]  ? rcu_is_watching+0x12/0xc0
[  823.336747][T17752]  __x64_sys_unshare+0x31/0x40
[  823.336776][T17752]  do_syscall_64+0xcd/0x230
[  823.336805][T17752]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  823.336828][T17752] RIP: 0033:0x7f7ccc38e969
[  823.336845][T17752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  823.336868][T17752] RSP: 002b:00007f7ccd16f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  823.336890][T17752] RAX: ffffffffffffffda RBX: 00007f7ccc5b5fa0 RCX: 00007f7ccc38e969
[  823.336905][T17752] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  823.336919][T17752] RBP: 00007f7ccc410ab1 R08: 0000000000000000 R09: 0000000000000000
[  823.336933][T17752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  823.336946][T17752] R13: 0000000000000000 R14: 00007f7ccc5b5fa0 R15: 00007ffe8aeb7b98
[  823.336974][T17752]  </TASK>
[  823.576900][    C1] vkms_vblank_simulate: vblank timer overrun
[  825.588218][T17793] blktrace: Concurrent blktraces are not allowed on loop5
[  826.080842][T17802] ptrace attach of "./syz-executor exec"[5836] was attempted by "./syz-executor exec"[17802]
[  827.003117][T17797] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2250'.
[  829.071611][T17829] vivid-003: =================  START STATUS  =================
[  829.185122][T17829] vivid-003: Radio HW Seek Mode: Bounded
[  829.478445][T17829] vivid-003: Radio Programmable HW Seek: false
[  829.688586][T17829] vivid-003: RDS Rx I/O Mode: Block I/O
[  829.873186][T17829] vivid-003: Generate RBDS Instead of RDS: false
[  830.078791][T17829] vivid-003: RDS Reception: true
[  830.281287][T17829] vivid-003: RDS Program Type: 0 inactive
[  830.421869][T17829] vivid-003: RDS PS Name:  inactive
[  830.454381][T17829] vivid-003: RDS Radio Text:  inactive
[  830.500010][T17829] vivid-003: RDS Traffic Announcement: false inactive
[  830.542557][T17829] vivid-003: RDS Traffic Program: false inactive
[  830.587398][T17829] vivid-003: RDS Music: false inactive
[  830.619107][T17829] vivid-003: ==================  END STATUS  ==================
[  832.777416][T17880] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2264'.
[  833.493002][T17878] ima: policy update failed
[  833.531880][   T30] audit: type=1802 audit(4294967306.545:38): pid=17878 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.2264" res=0 errno=0
[  834.347812][T17902] can: request_module (can-proto-3) failed.
[  834.486561][T17907] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2269'.
[  835.054867][T17911] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2270'.
[  839.923723][T17946] vivid-003: =================  START STATUS  =================
[  839.931405][T17946] vivid-003: Radio HW Seek Mode: Bounded
[  840.046497][T17949] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2279'.
[  840.256789][T17946] vivid-003: Radio Programmable HW Seek: false
[  840.326725][T17946] vivid-003: RDS Rx I/O Mode: Block I/O
[  840.461089][T17946] vivid-003: Generate RBDS Instead of RDS: false
[  840.576018][T17946] vivid-003: RDS Reception: true
[  840.708724][T17946] vivid-003: RDS Program Type: 0 inactive
[  840.844218][T17946] vivid-003: RDS PS Name:  inactive
[  840.945658][T17946] vivid-003: RDS Radio Text:  inactive
[  841.013381][T17946] vivid-003: RDS Traffic Announcement: false inactive
[  841.104951][T17946] vivid-003: RDS Traffic Program: false inactive
[  841.130788][T17946] vivid-003: RDS Music: false inactive
[  841.196585][T17946] vivid-003: ==================  END STATUS  ==================
[  841.946652][T17973] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2283'.
[  842.711432][T17973] team0: Port device team_slave_0 removed
[  845.305292][T18002] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2288'.
[  847.384502][T18015] netlink: 334 bytes leftover after parsing attributes in process `syz.6.2290'.
[  847.593447][T18014] vivid-003: =================  START STATUS  =================
[  847.680490][T18014] vivid-003: Radio HW Seek Mode: Bounded
[  847.718302][T18014] vivid-003: Radio Programmable HW Seek: false
[  847.831071][T18014] vivid-003: RDS Rx I/O Mode: Block I/O
[  848.082220][T18014] vivid-003: Generate RBDS Instead of RDS: false
[  848.261032][T18014] vivid-003: RDS Reception: true
[  848.456511][T18014] vivid-003: RDS Program Type: 0 inactive
[  848.501367][T18014] vivid-003: RDS PS Name:  inactive
[  848.506686][T18014] vivid-003: RDS Radio Text:  inactive
[  848.586156][T18014] vivid-003: RDS Traffic Announcement: false inactive
[  848.713043][T18014] vivid-003: RDS Traffic Program: false inactive
[  848.909869][T18014] vivid-003: RDS Music: false inactive
[  848.915543][T18014] vivid-003: ==================  END STATUS  ==================
[  849.424252][T18037] netlink: 334 bytes leftover after parsing attributes in process `syz.5.2295'.
[  849.820055][T18047] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2298'.
[  849.855511][T18035] Invalid ELF header magic: != ELF
[  852.770589][T18086] ptrace attach of "./syz-executor exec"[5836] was attempted by "./syz-executor exec"[18086]
[  853.369028][T18091] vivid-003: =================  START STATUS  =================
[  853.438793][T18091] vivid-003: Radio HW Seek Mode: Bounded
[  853.513024][T18091] vivid-003: Radio Programmable HW Seek: false
[  853.576552][T18091] vivid-003: RDS Rx I/O Mode: Block I/O
[  853.656990][T18091] vivid-003: Generate RBDS Instead of RDS: false
[  853.750951][T18091] vivid-003: RDS Reception: true
[  853.794658][T18091] vivid-003: RDS Program Type: 0 inactive
[  853.851013][T18091] vivid-003: RDS PS Name:  inactive
[  853.880762][T18091] vivid-003: RDS Radio Text:  inactive
[  853.952887][T18091] vivid-003: RDS Traffic Announcement: false inactive
[  853.959748][T18091] vivid-003: RDS Traffic Program: false inactive
[  854.059419][T18091] vivid-003: RDS Music: false inactive
[  854.087022][T18091] vivid-003: ==================  END STATUS  ==================
[  854.102350][T18098] ptrace attach of "./syz-executor exec"[9123] was attempted by "./syz-executor exec"[18098]
[  855.578013][T18120] nvme_fabrics: missing parameter 'transport=%s'
[  855.648031][T18120] nvme_fabrics: missing parameter 'nqn=%s'
[  855.880379][T18122] nvme_fabrics: missing parameter 'transport=%s'
[  855.929316][T18122] nvme_fabrics: missing parameter 'nqn=%s'
[  857.159369][T18132] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2315'.
[  857.204454][T18132] team_slave_0: entered allmulticast mode
[  858.290319][T18138] vivid-003: =================  START STATUS  =================
[  858.414953][T18138] vivid-003: Radio HW Seek Mode: Bounded
[  858.468460][T18138] vivid-003: Radio Programmable HW Seek: false
[  858.591916][T18142] netlink: zone id is out of range
[  858.607822][T18138] vivid-003: RDS Rx I/O Mode: Block I/O
[  858.632459][T18142] netlink: zone id is out of range
[  858.637606][T18142] netlink: zone id is out of range
[  858.671259][T18138] vivid-003: Generate RBDS Instead of RDS: false
[  858.785362][T18138] vivid-003: RDS Reception: true
[  858.808898][T18142] netlink: zone id is out of range
[  858.840888][T18138] vivid-003: RDS Program Type: 0 inactive
[  858.846682][T18138] vivid-003: RDS PS Name:  inactive
[  858.899997][T18142] netlink: zone id is out of range
[  858.952027][T18142] netlink: zone id is out of range
[  858.961104][T18138] vivid-003: RDS Radio Text:  inactive
[  859.004329][T18138] vivid-003: RDS Traffic Announcement: false inactive
[  859.034395][T18142] netlink: zone id is out of range
[  859.081627][T18138] vivid-003: RDS Traffic Program: false inactive
[  859.142707][T18142] netlink: zone id is out of range
[  859.147870][T18142] netlink: zone id is out of range
[  859.167848][T18138] vivid-003: RDS Music: false inactive
[  859.196177][T18138] vivid-003: ==================  END STATUS  ==================
[  859.287342][T18142] netlink: zone id is out of range
[  860.924799][T18179] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2324'.
[  861.651471][T18174] ima: policy update failed
[  861.657195][   T30] audit: type=1802 audit(4294967338.659:39): pid=18174 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.5.2324" res=0 errno=0
[  863.061507][T18218] Invalid ELF header magic: != ELF
[  863.609377][T18208] bond0: option all_slaves_active: invalid value ()
[  865.385288][T18233] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  865.542021][T18233] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  865.684128][T18233] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  865.784267][T18233] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  865.858060][T18233] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  866.011078][T18233] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  866.219280][T18233] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  866.515706][T18233] CPU0 is offline.
[  866.631784][T18264] vivid-003: =================  START STATUS  =================
[  866.709382][T18264] vivid-003: Radio HW Seek Mode: Bounded
[  866.771105][T18264] vivid-003: Radio Programmable HW Seek: false
[  866.894497][T18264] vivid-003: RDS Rx I/O Mode: Block I/O
[  866.977177][T18264] vivid-003: Generate RBDS Instead of RDS: false
[  867.071084][T18264] vivid-003: RDS Reception: true
[  867.076087][T18264] vivid-003: RDS Program Type: 0 inactive
[  867.204476][T18257] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  867.236999][T18264] vivid-003: RDS PS Name:  inactive
[  867.355499][T18264] vivid-003: RDS Radio Text:  inactive
[  867.423600][T13799] Bluetooth: hci3: command 0x0c1a tx timeout
[  867.461028][T18264] vivid-003: RDS Traffic Announcement: false inactive
[  867.467869][T18264] vivid-003: RDS Traffic Program: false inactive
[  867.700496][T18264] vivid-003: RDS Music: false inactive
[  867.743568][T13799] Bluetooth: hci0: command 0x0406 tx timeout
[  867.749623][T13799] Bluetooth: hci1: command 0x0419 tx timeout
[  867.843938][T18264] vivid-003: ==================  END STATUS  ==================
[  867.902210][T13799] Bluetooth: hci2: command 0x0c1a tx timeout
[  869.261567][T18279] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2347'.
[  869.501043][T13799] Bluetooth: hci3: command 0x0c1a tx timeout
[  869.988629][T13799] Bluetooth: hci2: command 0x0c1a tx timeout
[  872.057692][T13799] Bluetooth: hci2: command 0x0c1a tx timeout
[  872.153423][T18324] vivid-003: =================  START STATUS  =================
[  872.294199][T18324] vivid-003: Radio HW Seek Mode: Bounded
[  872.300556][T18324] vivid-003: Radio Programmable HW Seek: false
[  872.449704][T18324] vivid-003: RDS Rx I/O Mode: Block I/O
[  872.530614][T18324] vivid-003: Generate RBDS Instead of RDS: false
[  872.537126][T18324] vivid-003: RDS Reception: true
[  872.693343][T18324] vivid-003: RDS Program Type: 0 inactive
[  872.795145][T18324] vivid-003: RDS PS Name:  inactive
[  872.853838][T18324] vivid-003: RDS Radio Text:  inactive
[  872.931419][T18324] vivid-003: RDS Traffic Announcement: false inactive
[  872.989660][T18324] vivid-003: RDS Traffic Program: false inactive
[  873.089897][T18324] vivid-003: RDS Music: false inactive
[  873.139152][T18324] vivid-003: ==================  END STATUS  ==================
[  875.002010][ T5838] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  875.015242][ T5838] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  875.026925][ T5838] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  875.036410][ T5838] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  875.048087][ T5838] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  875.101532][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  875.107941][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  875.274981][T18351] random: crng reseeded on system resumption
[  876.810965][T18364] ptrace attach of "./syz-executor exec"[17401] was attempted by "./syz-executor exec"[18364]
[  877.023938][ T6065] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  877.174642][ T5838] Bluetooth: hci4: command tx timeout
[  877.615590][ T6065] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  877.859988][T18378] FAULT_INJECTION: forcing a failure.
[  877.859988][T18378] name failslab, interval 1, probability 0, space 0, times 0
[  877.939614][T18378] CPU: 1 UID: 0 PID: 18378 Comm: syz.5.2366 Tainted: G     U              6.15.0-rc3-syzkaller-00342-g5bc1018675ec #0 PREEMPT(full) 
[  877.939666][T18378] Tainted: [U]=USER
[  877.939674][T18378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  877.939690][T18378] Call Trace:
[  877.939697][T18378]  <TASK>
[  877.939706][T18378]  dump_stack_lvl+0x16c/0x1f0
[  877.939747][T18378]  should_fail_ex+0x512/0x640
[  877.939777][T18378]  ? fs_reclaim_acquire+0xae/0x150
[  877.939830][T18378]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  877.939862][T18378]  should_failslab+0xc2/0x120
[  877.939889][T18378]  __kmalloc_noprof+0xd2/0x510
[  877.939920][T18378]  tomoyo_realpath_from_path+0xc2/0x6e0
[  877.939954][T18378]  ? tomoyo_profile+0x47/0x60
[  877.939991][T18378]  tomoyo_path_number_perm+0x245/0x580
[  877.940016][T18378]  ? tomoyo_path_number_perm+0x237/0x580
[  877.940042][T18378]  ? do_raw_spin_unlock+0x134/0x230
[  877.940077][T18378]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  877.940139][T18378]  ? find_held_lock+0x2b/0x80
[  877.940159][T18378]  ? hook_file_ioctl_common+0x145/0x410
[  877.940191][T18378]  ? __fget_files+0x20e/0x3c0
[  877.940231][T18378]  security_file_ioctl+0x9b/0x240
[  877.940260][T18378]  __x64_sys_ioctl+0xb7/0x200
[  877.940293][T18378]  do_syscall_64+0xcd/0x230
[  877.940323][T18378]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  877.940358][T18378] RIP: 0033:0x7f7ccc38e969
[  877.940381][T18378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  877.940402][T18378] RSP: 002b:00007f7ccd16f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  877.940422][T18378] RAX: ffffffffffffffda RBX: 00007f7ccc5b5fa0 RCX: 00007f7ccc38e969
[  877.940436][T18378] RDX: 0000000000000038 RSI: 0000000000003b8a RDI: 0000000000000006
[  877.940450][T18378] RBP: 00007f7ccc410ab1 R08: 0000000000000000 R09: 0000000000000000
[  877.940462][T18378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  877.940475][T18378] R13: 0000000000000000 R14: 00007f7ccc5b5fa0 R15: 00007ffe8aeb7b98
[  877.940502][T18378]  </TASK>
[  877.940511][T18378] ERROR: Out of memory at tomoyo_realpath_from_path.
[  878.589505][ T6065] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  878.668229][T18356] chnl_net:caif_netlink_parms(): no params data found
[  878.948995][ T6065] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  879.195363][ T5838] Bluetooth: hci4: command tx timeout
[  879.299950][T18383] ptrace attach of "./syz-executor exec"[17401] was attempted by "./syz-executor exec"[18383]
[  879.605805][T18356] bridge0: port 1(bridge_slave_0) entered blocking state
[  879.640407][T18356] bridge0: port 1(bridge_slave_0) entered disabled state
[  879.678901][T18356] bridge_slave_0: entered allmulticast mode
[  879.720456][T18356] bridge_slave_0: entered promiscuous mode
[  879.838927][T18356] bridge0: port 2(bridge_slave_1) entered blocking state
[  879.867922][T18356] bridge0: port 2(bridge_slave_1) entered disabled state
[  879.909570][T18356] bridge_slave_1: entered allmulticast mode
[  879.955354][T18356] bridge_slave_1: entered promiscuous mode
[  880.278410][T18356] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  880.415474][T18356] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  880.643029][ T6065] hsr0: left allmulticast mode
[  880.650219][ T6065] hsr_slave_0: left allmulticast mode
[  880.674509][ T6065] hsr_slave_1: left allmulticast mode
[  880.703430][ T6065] hsr0: left promiscuous mode
[  880.721662][ T6065] bridge0: port 4(hsr0) entered disabled state
[  880.750348][ T6065] team0: left allmulticast mode
[  880.769737][ T6065] team_slave_0: left allmulticast mode
[  880.792827][ T6065] team_slave_1: left allmulticast mode
[  880.814434][ T6065] team0: left promiscuous mode
[  880.830985][ T6065] team_slave_0: left promiscuous mode
[  880.852902][ T6065] team_slave_1: left promiscuous mode
[  880.873990][ T6065] bridge0: port 3(team0) entered disabled state
[  880.909760][ T6065] bridge_slave_1: left allmulticast mode
[  880.929143][ T6065] bridge_slave_1: left promiscuous mode
[  880.948242][ T6065] bridge0: port 2(bridge_slave_1) entered disabled state
[  880.997683][ T6065] bridge_slave_0: left allmulticast mode
[  881.014646][ T6065] bridge_slave_0: left promiscuous mode
[  881.027219][ T6065] bridge0: port 1(bridge_slave_0) entered disabled state
[  881.231111][ T5838] Bluetooth: hci4: command tx timeout
[  881.974107][ T6065] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  881.997385][ T6065] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  882.027291][ T6065] bond0 (unregistering): Released all slaves
[  882.146440][T18356] team0: Port device team_slave_0 added
[  882.260379][T18356] team0: Port device team_slave_1 added
[  882.538272][T18356] batman_adv: batadv0: Adding interface: batadv_slave_0
[  882.583537][T18356] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  882.609553][    C1] vkms_vblank_simulate: vblank timer overrun
[  882.707547][T18356] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  882.760587][T18356] batman_adv: batadv0: Adding interface: batadv_slave_1
[  882.789517][T18356] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  882.891933][T18356] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  883.276418][ T5838] Bluetooth: hci4: command tx timeout
[  883.347890][T18356] hsr_slave_0: entered promiscuous mode
[  883.385663][T18356] hsr_slave_1: entered promiscuous mode
[  883.414084][T18356] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  883.421676][T18356] Cannot create hsr debugfs directory
[  883.756475][ T6065] hsr_slave_0: left promiscuous mode
[  883.798975][ T6065] hsr_slave_1: left promiscuous mode
[  883.872545][ T6065] veth1_macvtap: left promiscuous mode
[  883.949811][ T6065] veth0_macvtap: left promiscuous mode
[  884.049120][T18431] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2376'.
[  885.744849][ T6065] team0 (unregistering): Port device team_slave_1 removed
[  885.974210][ T6065] team0 (unregistering): Port device team_slave_0 removed
[  886.648236][T18454] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  891.247687][T18494] netlink: 342 bytes leftover after parsing attributes in process `syz.5.2383'.
[  892.165449][T18356] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  892.243047][T18356] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  892.304837][T18356] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  892.409437][T18356] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  893.522060][T18356] 8021q: adding VLAN 0 to HW filter on device bond0
[  893.675136][T18356] 8021q: adding VLAN 0 to HW filter on device team0
[  894.265798][T16807] bridge0: port 1(bridge_slave_0) entered blocking state
[  894.272971][T16807] bridge0: port 1(bridge_slave_0) entered forwarding state
[  894.356567][T16807] bridge0: port 2(bridge_slave_1) entered blocking state
[  894.363779][T16807] bridge0: port 2(bridge_slave_1) entered forwarding state
[  895.403127][T18356] 8021q: adding VLAN 0 to HW filter on device batadv0
[  895.638954][T18356] veth0_vlan: entered promiscuous mode
[  895.741489][T18356] veth1_vlan: entered promiscuous mode
[  895.893517][T18356] veth0_macvtap: entered promiscuous mode
[  895.989004][T18356] veth1_macvtap: entered promiscuous mode
[  896.089449][T18356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  896.168872][T18356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  896.212260][T18356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  896.288031][T18356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  896.353055][T18356] batman_adv: batadv0: Interface activated: batadv_slave_0
[  896.428691][T18356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  896.502512][T18356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  896.593098][T18356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  896.643344][T18356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  896.703585][T18356] batman_adv: batadv0: Interface activated: batadv_slave_1
[  896.803645][T18356] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  896.881539][T18356] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  896.890282][T18356] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  897.005843][T18356] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  897.161669][T18595] netlink: 342 bytes leftover after parsing attributes in process `syz.6.2396'.
[  897.446711][ T6065] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  897.505563][ T6065] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  897.686048][T16519] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  897.742882][T16519] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  899.723762][T18633] ima: policy update failed
[  899.766729][   T30] audit: type=1802 audit(4294968997.245:40): pid=18633 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.2403" res=0 errno=0
[  900.047957][T18639] zram: Removed device: zram0
[  900.403429][T18647] Invalid ELF header magic: != ELF
[  900.563754][T18643] vivid-003: =================  START STATUS  =================
[  900.571469][T18643] vivid-003: Radio HW Seek Mode: Bounded
[  900.664644][T18643] vivid-003: Radio Programmable HW Seek: false
[  900.693376][T18643] vivid-003: RDS Rx I/O Mode: Block I/O
[  900.699523][T18643] vivid-003: Generate RBDS Instead of RDS: false
[  900.777699][T18643] vivid-003: RDS Reception: true
[  900.812186][T18643] vivid-003: RDS Program Type: 0 inactive
[  900.874715][T18643] vivid-003: RDS PS Name:  inactive
[  900.900887][T18643] vivid-003: RDS Radio Text:  inactive
[  900.948118][T18617] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  900.969059][T18643] vivid-003: RDS Traffic Announcement: false inactive
[  901.024975][T18643] vivid-003: RDS Traffic Program: false inactive
[  901.061133][T18643] vivid-003: RDS Music: false inactive
[  901.103123][T18643] vivid-003: ==================  END STATUS  ==================
[  901.781230][T18673] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT
[  903.305916][T18770] can: request_module (can-proto-3) failed.
[  909.037710][T18827] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  911.938098][T18889] nvme_fabrics: missing parameter 'transport=%s'
[  911.974202][T18889] nvme_fabrics: missing parameter 'nqn=%s'
[  912.173937][T18891] nvme_fabrics: missing parameter 'transport=%s'
[  912.191976][T18891] nvme_fabrics: missing parameter 'nqn=%s'
[  912.535192][T18901] netlink: 198 bytes leftover after parsing attributes in process `syz.1.2438'.
[  913.563176][T18916] nvme_fabrics: missing parameter 'transport=%s'
[  913.589816][T18916] nvme_fabrics: missing parameter 'nqn=%s'
[  913.674931][ T5838] Bluetooth: hci0: Unable to find connection for big 0xd2
[  913.736112][T18918] nvme_fabrics: missing parameter 'transport=%s'
[  913.770798][T18918] nvme_fabrics: missing parameter 'nqn=%s'
[  915.027699][T18905] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  915.882107][T18952] nvme_fabrics: missing parameter 'transport=%s'
[  915.918189][T18952] nvme_fabrics: missing parameter 'nqn=%s'
[  916.043278][T18963] can0: slcan on ttyS2.
[  916.182071][T18956] nvme_fabrics: missing parameter 'transport=%s'
[  916.199791][T18955] can0 (unregistered): slcan off ttyS2.
[  916.218504][T18956] nvme_fabrics: missing parameter 'nqn=%s'
[  916.903779][T18986] hub 8-0:1.0: USB hub found
[  916.960677][T18986] hub 8-0:1.0: 1 port detected
[  917.296835][T18993] vivid-003: =================  START STATUS  =================
[  917.368842][T18993] vivid-003: Radio HW Seek Mode: Bounded
[  917.455433][T18993] vivid-003: Radio Programmable HW Seek: false
[  917.513843][T18993] vivid-003: RDS Rx I/O Mode: Block I/O
[  917.556274][T18993] vivid-003: Generate RBDS Instead of RDS: false
[  917.621239][T18993] vivid-003: RDS Reception: true
[  917.661289][T18993] vivid-003: RDS Program Type: 0 inactive
[  917.739964][T18993] vivid-003: RDS PS Name:  inactive
[  917.757979][T18993] vivid-003: RDS Radio Text:  inactive
[  917.800924][T18993] vivid-003: RDS Traffic Announcement: false inactive
[  917.843413][T18993] vivid-003: RDS Traffic Program: false inactive
[  917.883982][T18993] vivid-003: RDS Music: false inactive
[  917.929488][T18993] vivid-003: ==================  END STATUS  ==================
[  918.431148][T19013] nvme_fabrics: missing parameter 'transport=%s'
[  918.474653][T19013] nvme_fabrics: missing parameter 'nqn=%s'
[  918.481106][T19006] FAULT_INJECTION: forcing a failure.
[  918.481106][T19006] name failslab, interval 1, probability 0, space 0, times 0
[  918.539724][T19006] CPU: 1 UID: 0 PID: 19006 Comm: syz.5.2457 Tainted: G     U              6.15.0-rc3-syzkaller-00342-g5bc1018675ec #0 PREEMPT(full) 
[  918.539776][T19006] Tainted: [U]=USER
[  918.539787][T19006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  918.539801][T19006] Call Trace:
[  918.539809][T19006]  <TASK>
[  918.539818][T19006]  dump_stack_lvl+0x16c/0x1f0
[  918.539850][T19006]  should_fail_ex+0x512/0x640
[  918.539883][T19006]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  918.539924][T19006]  should_failslab+0xc2/0x120
[  918.539951][T19006]  __kmalloc_cache_noprof+0x6a/0x3e0
[  918.539988][T19006]  ? __asan_memcpy+0x3c/0x60
[  918.540030][T19006]  ? ip_vs_protocol_net_init+0xbe/0x300
[  918.540061][T19006]  ip_vs_protocol_net_init+0xbe/0x300
[  918.540091][T19006]  __ip_vs_init+0x239/0x520
[  918.540124][T19006]  ? __pfx___ip_vs_init+0x10/0x10
[  918.540155][T19006]  ops_init+0x1df/0x5f0
[  918.540182][T19006]  setup_net+0x21e/0x850
[  918.540208][T19006]  ? __pfx_setup_net+0x10/0x10
[  918.540230][T19006]  ? lockdep_init_map_type+0x5c/0x280
[  918.540260][T19006]  ? __pfx_down_read_killable+0x10/0x10
[  918.540296][T19006]  ? debug_mutex_init+0x37/0x70
[  918.540336][T19006]  copy_net_ns+0x2a6/0x5f0
[  918.540378][T19006]  create_new_namespaces+0x3ea/0xad0
[  918.540408][T19006]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  918.540434][T19006]  ksys_unshare+0x45b/0xa40
[  918.540464][T19006]  ? __pfx_ksys_unshare+0x10/0x10
[  918.540491][T19006]  ? xfd_validate_state+0x5d/0x180
[  918.540527][T19006]  ? rcu_is_watching+0x12/0xc0
[  918.540552][T19006]  __x64_sys_unshare+0x31/0x40
[  918.540581][T19006]  do_syscall_64+0xcd/0x230
[  918.540609][T19006]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  918.540631][T19006] RIP: 0033:0x7f7ccc38e969
[  918.540649][T19006] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  918.540672][T19006] RSP: 002b:00007f7ccd16f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  918.540693][T19006] RAX: ffffffffffffffda RBX: 00007f7ccc5b5fa0 RCX: 00007f7ccc38e969
[  918.540708][T19006] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  918.540721][T19006] RBP: 00007f7ccc410ab1 R08: 0000000000000000 R09: 0000000000000000
[  918.540735][T19006] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  918.540748][T19006] R13: 0000000000000000 R14: 00007f7ccc5b5fa0 R15: 00007ffe8aeb7b98
[  918.540778][T19006]  </TASK>
[  920.588165][T19045] netlink: 'syz.6.2462': attribute type 1 has an invalid length.
[  921.839441][T19055] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2465'.
[  922.343900][T19051] netlink: 326 bytes leftover after parsing attributes in process `syz.6.2463'.
[  924.109015][T19089] netlink: 2468 bytes leftover after parsing attributes in process `syz.2.2473'.
[  926.060392][T19121] vivid-003: =================  START STATUS  =================
[  926.136985][T19121] vivid-003: Radio HW Seek Mode: Bounded
[  926.226406][T19121] vivid-003: Radio Programmable HW Seek: false
[  926.308053][T19121] vivid-003: RDS Rx I/O Mode: Block I/O
[  926.422162][T19121] vivid-003: Generate RBDS Instead of RDS: false
[  926.514932][T19121] vivid-003: RDS Reception: true
[  926.536574][T19133] net_ratelimit: 12 callbacks suppressed
[  926.536592][T19133] sock: sock_set_timeout: `syz.1.2483' (pid 19133) tries to set negative timeout
[  926.553239][T19121] vivid-003: RDS Program Type: 0 inactive
[  926.581808][T19121] vivid-003: RDS PS Name:  inactive
[  926.620872][T19121] vivid-003: RDS Radio Text:  inactive
[  926.702824][T19121] vivid-003: RDS Traffic Announcement: false inactive
[  926.767406][T19121] vivid-003: RDS Traffic Program: false inactive
[  926.806481][T19121] vivid-003: RDS Music: false inactive
[  926.835921][T19121] vivid-003: ==================  END STATUS  ==================
[  927.173187][T19144] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2486'.
[  927.255976][T19144] FAULT_INJECTION: forcing a failure.
[  927.255976][T19144] name fail_futex, interval 1, probability 0, space 0, times 0
[  927.324535][T19144] CPU: 1 UID: 0 PID: 19144 Comm: syz.2.2486 Tainted: G     U              6.15.0-rc3-syzkaller-00342-g5bc1018675ec #0 PREEMPT(full) 
[  927.324575][T19144] Tainted: [U]=USER
[  927.324582][T19144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  927.324596][T19144] Call Trace:
[  927.324604][T19144]  <TASK>
[  927.324612][T19144]  dump_stack_lvl+0x16c/0x1f0
[  927.324643][T19144]  should_fail_ex+0x512/0x640
[  927.324679][T19144]  get_futex_key+0xabc/0x1000
[  927.324705][T19144]  ? __pfx_get_futex_key+0x10/0x10
[  927.324736][T19144]  futex_wake+0xe7/0x4e0
[  927.324761][T19144]  ? rcu_is_watching+0x12/0xc0
[  927.324784][T19144]  ? __pfx_futex_wake+0x10/0x10
[  927.324824][T19144]  do_futex+0x1e3/0x350
[  927.324847][T19144]  ? __pfx_do_futex+0x10/0x10
[  927.324869][T19144]  ? __might_fault+0xe3/0x190
[  927.324901][T19144]  mm_release+0x24e/0x300
[  927.324927][T19144]  do_exit+0x898/0x2c30
[  927.324955][T19144]  ? __pfx_futex_wake_mark+0x10/0x10
[  927.324988][T19144]  ? __pfx_do_exit+0x10/0x10
[  927.325017][T19144]  ? do_raw_spin_lock+0x12c/0x2b0
[  927.325050][T19144]  ? find_held_lock+0x2b/0x80
[  927.325075][T19144]  do_group_exit+0xd3/0x2a0
[  927.325108][T19144]  get_signal+0x2673/0x26d0
[  927.325142][T19144]  ? __pfx_get_signal+0x10/0x10
[  927.325167][T19144]  ? do_futex+0x122/0x350
[  927.325190][T19144]  ? __pfx_do_futex+0x10/0x10
[  927.325228][T19144]  arch_do_signal_or_restart+0x8f/0x7a0
[  927.325259][T19144]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  927.325303][T19144]  ? rcu_is_watching+0x12/0xc0
[  927.325326][T19144]  syscall_exit_to_user_mode+0x150/0x2a0
[  927.325353][T19144]  do_syscall_64+0xda/0x230
[  927.325381][T19144]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  927.325402][T19144] RIP: 0033:0x7fa7a1f8e969
[  927.325418][T19144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  927.325438][T19144] RSP: 002b:00007fa7a2d330e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  927.325458][T19144] RAX: fffffffffffffe00 RBX: 00007fa7a21b5fa8 RCX: 00007fa7a1f8e969
[  927.325472][T19144] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa7a21b5fa8
[  927.325485][T19144] RBP: 00007fa7a21b5fa0 R08: 0000000000000000 R09: 0000000000000000
[  927.325498][T19144] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa7a21b5fac
[  927.325511][T19144] R13: 0000000000000000 R14: 00007ffe75a15640 R15: 00007ffe75a15728
[  927.325536][T19144]  </TASK>
[  928.491457][T19161] WARNING! power/level is deprecated; use power/control instead
[  928.571258][T19164] ICMPv6: process `syz.1.2489' is using deprecated sysctl (syscall) net.ipv6.neigh.wg1.retrans_time - use net.ipv6.neigh.wg1.retrans_time_ms instead
[  929.222285][T19171] FAULT_INJECTION: forcing a failure.
[  929.222285][T19171] name failslab, interval 1, probability 0, space 0, times 0
[  929.358460][T19171] CPU: 1 UID: 0 PID: 19171 Comm: syz.6.2491 Tainted: G     U              6.15.0-rc3-syzkaller-00342-g5bc1018675ec #0 PREEMPT(full) 
[  929.358499][T19171] Tainted: [U]=USER
[  929.358506][T19171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  929.358520][T19171] Call Trace:
[  929.358527][T19171]  <TASK>
[  929.358536][T19171]  dump_stack_lvl+0x16c/0x1f0
[  929.358568][T19171]  should_fail_ex+0x512/0x640
[  929.358598][T19171]  ? __kmalloc_noprof+0xbf/0x510
[  929.358624][T19171]  ? fib_default_rule_add+0x4f/0x420
[  929.358645][T19171]  should_failslab+0xc2/0x120
[  929.358672][T19171]  __kmalloc_noprof+0xd2/0x510
[  929.358701][T19171]  fib_default_rule_add+0x4f/0x420
[  929.358724][T19171]  fib4_rules_init+0x52/0x1c0
[  929.358754][T19171]  fib_net_init+0x1dc/0x3f0
[  929.358773][T19171]  ? __pfx___register_sysctl_table+0x10/0x10
[  929.358798][T19171]  ? __pfx_fib_net_init+0x10/0x10
[  929.358818][T19171]  ? lockdep_init_map_type+0x5c/0x280
[  929.358849][T19171]  ? do_init_timer+0xc9/0x110
[  929.358872][T19171]  ? devinet_init_net+0x5c2/0x910
[  929.358898][T19171]  ? __pfx_fib_net_init+0x10/0x10
[  929.358917][T19171]  ops_init+0x1df/0x5f0
[  929.358946][T19171]  setup_net+0x21e/0x850
[  929.358971][T19171]  ? __pfx_setup_net+0x10/0x10
[  929.358992][T19171]  ? lockdep_init_map_type+0x5c/0x280
[  929.359020][T19171]  ? __pfx_down_read_killable+0x10/0x10
[  929.359054][T19171]  ? debug_mutex_init+0x37/0x70
[  929.359091][T19171]  copy_net_ns+0x2a6/0x5f0
[  929.359119][T19171]  create_new_namespaces+0x3ea/0xad0
[  929.359149][T19171]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  929.359175][T19171]  ksys_unshare+0x45b/0xa40
[  929.359211][T19171]  ? __pfx_ksys_unshare+0x10/0x10
[  929.359239][T19171]  ? xfd_validate_state+0x5d/0x180
[  929.359276][T19171]  ? rcu_is_watching+0x12/0xc0
[  929.359301][T19171]  __x64_sys_unshare+0x31/0x40
[  929.359330][T19171]  do_syscall_64+0xcd/0x230
[  929.359358][T19171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  929.359380][T19171] RIP: 0033:0x7f098cb8e969
[  929.359398][T19171] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  929.359420][T19171] RSP: 002b:00007f098d9c4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  929.359440][T19171] RAX: ffffffffffffffda RBX: 00007f098cdb5fa0 RCX: 00007f098cb8e969
[  929.359455][T19171] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  929.359469][T19171] RBP: 00007f098cc10ab1 R08: 0000000000000000 R09: 0000000000000000
[  929.359482][T19171] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  929.359495][T19171] R13: 0000000000000000 R14: 00007f098cdb5fa0 R15: 00007fff6d861e38
[  929.359522][T19171]  </TASK>
[  929.971894][T19176] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2494'.
[  930.681457][T19188] vivid-003: =================  START STATUS  =================
[  930.751970][T19188] vivid-003: Radio HW Seek Mode: Bounded
[  930.844237][T19188] vivid-003: Radio Programmable HW Seek: false
[  930.966989][T19188] vivid-003: RDS Rx I/O Mode: Block I/O
[  931.083605][T19188] vivid-003: Generate RBDS Instead of RDS: false
[  931.233093][T19188] vivid-003: RDS Reception: true
[  931.322774][T19188] vivid-003: RDS Program Type: 0 inactive
[  931.428939][T19188] vivid-003: RDS PS Name:  inactive
[  931.434221][T19188] vivid-003: RDS Radio Text:  inactive
[  931.549832][T19188] vivid-003: RDS Traffic Announcement: false inactive
[  931.556762][T19188] vivid-003: RDS Traffic Program: false inactive
[  931.656614][T19188] vivid-003: RDS Music: false inactive
[  931.705609][T19188] vivid-003: ==================  END STATUS  ==================
[  931.780155][T19200] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2498'.
[  933.095050][T19215] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  933.240198][T19215] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  933.330430][T19218] netlink: 346 bytes leftover after parsing attributes in process `syz.2.2502'.
[  933.644079][T19216] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  933.797178][T19216] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  933.835201][T19216] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  933.883038][T19216] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  933.937094][T19216] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  934.082222][T19216] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  934.180570][T19216] CPU0 is offline.
[  935.306976][T13799] Bluetooth: hci1: command 0x0419 tx timeout
[  935.865883][T13799] Bluetooth: hci2: command 0x0c1a tx timeout
[  935.871936][T13799] Bluetooth: hci0: command 0x0406 tx timeout
[  935.945871][T13799] Bluetooth: hci4: command 0x0c1a tx timeout
[  936.192791][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  936.199226][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  937.818346][T19281] sd 0:0:1:0: PR command failed: 1026
[  937.939673][T19281] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  938.029349][T13799] Bluetooth: hci4: command 0x0c1a tx timeout
[  938.049317][T19281] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  938.304227][T19298] sd 0:0:1:0: PR command failed: 1026
[  938.327500][T19298] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  938.334248][T19298] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  940.015602][T19325] ceph: Failed to parse sending metrics switch value 'P^'
[  940.105156][T13799] Bluetooth: hci4: command 0x0c1a tx timeout
[  940.247114][T19325] Invalid ELF header magic: != ELF
[  941.894819][T19331] nvme_fabrics: missing parameter 'transport=%s'
[  941.942832][T19331] nvme_fabrics: missing parameter 'nqn=%s'
[  942.089947][T19334] nvme_fabrics: unknown parameter or missing value '���������' in ctrl creation request
[  942.173647][   T30] audit: type=1806 audit(4294967320.101:41): xattr="." res=0
[  943.217019][T19361] vhci_hcd: invalid port number 242
[  943.340313][T19361] vhci_hcd: default hub control req: f2ff vffff i00f2 l65535
[  943.826248][T19382] vivid-003: =================  START STATUS  =================
[  943.963719][T19382] vivid-003: Radio HW Seek Mode: Bounded
[  944.176787][T19382] vivid-003: Radio Programmable HW Seek: false
[  944.295767][T19382] vivid-003: RDS Rx I/O Mode: Block I/O
[  944.417971][T19382] vivid-003: Generate RBDS Instead of RDS: false
[  944.610143][T19382] vivid-003: RDS Reception: true
[  944.740807][T19382] vivid-003: RDS Program Type: 0 inactive
[  944.907051][T19382] vivid-003: RDS PS Name:  inactive
[  945.198546][T19382] vivid-003: RDS Radio Text:  inactive
[  945.270726][T19382] vivid-003: RDS Traffic Announcement: false inactive
[  945.334153][T19382] vivid-003: RDS Traffic Program: false inactive
[  945.402619][T19382] vivid-003: RDS Music: false inactive
[  945.471193][T19382] vivid-003: ==================  END STATUS  ==================
[  945.721283][T13799] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18
[  948.195558][T19410] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  949.064627][T19432] FAULT_INJECTION: forcing a failure.
[  949.064627][T19432] name failslab, interval 1, probability 0, space 0, times 0
[  949.213361][T19432] CPU: 1 UID: 0 PID: 19432 Comm: syz.1.2545 Tainted: G     U              6.15.0-rc3-syzkaller-00342-g5bc1018675ec #0 PREEMPT(full) 
[  949.213402][T19432] Tainted: [U]=USER
[  949.213410][T19432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  949.213425][T19432] Call Trace:
[  949.213433][T19432]  <TASK>
[  949.213442][T19432]  dump_stack_lvl+0x16c/0x1f0
[  949.213476][T19432]  should_fail_ex+0x512/0x640
[  949.213508][T19432]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  949.213549][T19432]  should_failslab+0xc2/0x120
[  949.213577][T19432]  __kmalloc_cache_noprof+0x6a/0x3e0
[  949.213621][T19432]  ? kvm_dev_ioctl+0x1396/0x1ad0
[  949.213653][T19432]  kvm_dev_ioctl+0x1396/0x1ad0
[  949.213689][T19432]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  949.213725][T19432]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  949.213754][T19432]  __x64_sys_ioctl+0x190/0x200
[  949.213788][T19432]  do_syscall_64+0xcd/0x230
[  949.213818][T19432]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  949.213842][T19432] RIP: 0033:0x7fda2518e969
[  949.213861][T19432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  949.213884][T19432] RSP: 002b:00007fda25fa0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  949.213906][T19432] RAX: ffffffffffffffda RBX: 00007fda253b5fa0 RCX: 00007fda2518e969
[  949.213922][T19432] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000006
[  949.213937][T19432] RBP: 00007fda25210ab1 R08: 0000000000000000 R09: 0000000000000000
[  949.213951][T19432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  949.213966][T19432] R13: 0000000000000000 R14: 00007fda253b5fa0 R15: 00007ffef7397ab8
[  949.213994][T19432]  </TASK>
[  949.803663][   T30] audit: type=1800 audit(4294967327.645:42): pid=19459 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2551" name="file0" dev="tmpfs" ino=1130 res=0 errno=0
[  954.114193][T19473] FAULT_INJECTION: forcing a failure.
[  954.114193][T19473] name failslab, interval 1, probability 0, space 0, times 0
[  954.246142][   T30] audit: type=1800 audit(4294967332.177:43): pid=19474 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.2554" name="members" dev="configfs" ino=68848 res=0 errno=0
[  954.274253][T19473] CPU: 1 UID: 0 PID: 19473 Comm: syz.6.2554 Tainted: G     U              6.15.0-rc3-syzkaller-00342-g5bc1018675ec #0 PREEMPT(full) 
[  954.274293][T19473] Tainted: [U]=USER
[  954.274300][T19473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  954.274315][T19473] Call Trace:
[  954.274323][T19473]  <TASK>
[  954.274332][T19473]  dump_stack_lvl+0x16c/0x1f0
[  954.274366][T19473]  should_fail_ex+0x512/0x640
[  954.274398][T19473]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  954.274439][T19473]  should_failslab+0xc2/0x120
[  954.274467][T19473]  __kmalloc_cache_noprof+0x6a/0x3e0
[  954.274505][T19473]  ? kernfs_fop_open+0xa3a/0xda0
[  954.274558][T19473]  kernfs_fop_open+0xa3a/0xda0
[  954.274589][T19473]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  954.274630][T19473]  do_dentry_open+0x741/0x1c10
[  954.274655][T19473]  ? __pfx_kernfs_fop_open+0x10/0x10
[  954.274692][T19473]  vfs_open+0x82/0x3f0
[  954.274726][T19473]  path_openat+0x1e5e/0x2d40
[  954.274771][T19473]  ? __pfx_path_openat+0x10/0x10
[  954.274801][T19473]  do_filp_open+0x20b/0x470
[  954.274823][T19473]  ? __pfx_do_filp_open+0x10/0x10
[  954.274866][T19473]  ? alloc_fd+0x471/0x7d0
[  954.274908][T19473]  do_sys_openat2+0x11b/0x1d0
[  954.274938][T19473]  ? __pfx_do_sys_openat2+0x10/0x10
[  954.274979][T19473]  __x64_sys_openat+0x174/0x210
[  954.275010][T19473]  ? __pfx___x64_sys_openat+0x10/0x10
[  954.275043][T19473]  ? rcu_is_watching+0x12/0xc0
[  954.275073][T19473]  do_syscall_64+0xcd/0x230
[  954.275104][T19473]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  954.275128][T19473] RIP: 0033:0x7f098cb8e969
[  954.275146][T19473] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  954.275169][T19473] RSP: 002b:00007f098d9c4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  954.275191][T19473] RAX: ffffffffffffffda RBX: 00007f098cdb5fa0 RCX: 00007f098cb8e969
[  954.275207][T19473] RDX: 0000000000000b02 RSI: 00002000000010c0 RDI: ffffffffffffff9c
[  954.275222][T19473] RBP: 00007f098cc10ab1 R08: 0000000000000000 R09: 0000000000000000
[  954.275244][T19473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  954.275258][T19473] R13: 0000000000000000 R14: 00007f098cdb5fa0 R15: 00007fff6d861e38
[  954.275287][T19473]  </TASK>
[  955.606725][T13799] Bluetooth: hci4: unexpected subevent 0x01 length: 122 > 18
[  956.143620][T19493] vivid-003: =================  START STATUS  =================
[  956.247817][T19493] vivid-003: Radio HW Seek Mode: Bounded
[  956.357494][T19493] vivid-003: Radio Programmable HW Seek: false
[  956.363718][T19493] vivid-003: RDS Rx I/O Mode: Block I/O
[  956.520633][T19493] vivid-003: Generate RBDS Instead of RDS: false
[  956.576710][T19493] vivid-003: RDS Reception: true
[  956.644352][T19493] vivid-003: RDS Program Type: 0 inactive
[  956.686625][T19493] vivid-003: RDS PS Name:  inactive
[  956.691892][T19493] vivid-003: RDS Radio Text:  inactive
[  956.795316][T19493] vivid-003: RDS Traffic Announcement: false inactive
[  956.862158][T19493] vivid-003: RDS Traffic Program: false inactive
[  956.905319][T19493] vivid-003: RDS Music: false inactive
[  956.941034][T19493] vivid-003: ==================  END STATUS  ==================
[  958.477813][T19488] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  958.813335][T19527] netlink: 93 bytes leftover after parsing attributes in process `syz.1.2564'.
[  958.901783][T19523] netlink: 93 bytes leftover after parsing attributes in process `syz.1.2564'.
[  966.279056][T13799] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  966.289089][T13799] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  966.299474][T13799] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  966.310291][T13799] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  966.318372][T13799] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  967.199036][T19607] openvswitch: netlink: Multiple metadata blocks provided
[  967.403130][T19615] rnbd_client L213: map_device: Parameters missing
[  967.621324][T19599] chnl_net:caif_netlink_parms(): no params data found
[  968.086792][T19624] Invalid ELF header magic: != ELF
[  968.227443][T19571] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  968.300991][T19599] bridge0: port 1(bridge_slave_0) entered blocking state
[  968.308143][T19599] bridge0: port 1(bridge_slave_0) entered disabled state
[  968.374655][T19599] bridge_slave_0: entered allmulticast mode
[  968.411112][T13799] Bluetooth: hci3: command tx timeout
[  968.420630][T19599] bridge_slave_0: entered promiscuous mode
[  968.463227][T19599] bridge0: port 2(bridge_slave_1) entered blocking state
[  968.507881][T19599] bridge0: port 2(bridge_slave_1) entered disabled state
[  968.550945][T19599] bridge_slave_1: entered allmulticast mode
[  968.611695][T19599] bridge_slave_1: entered promiscuous mode
[  969.163762][T19599] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  969.256778][T19599] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  969.393440][T19639] Malformed UNC in devname
[  969.393440][T19639] 
[  969.443586][T19639] CIFS: VFS: Malformed UNC in devname
[  969.593130][T19599] team0: Port device team_slave_0 added
[  969.657842][T19599] team0: Port device team_slave_1 added
[  969.678580][   T30] audit: type=1800 audit(4294967347.615:44): pid=19646 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2592" name="discovery_nqn" dev="configfs" ino=69639 res=0 errno=0
[  969.981568][T19599] batman_adv: batadv0: Adding interface: batadv_slave_0
[  969.989070][T19599] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  970.164076][T19599] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  970.258459][T19599] batman_adv: batadv0: Adding interface: batadv_slave_1
[  970.322652][T19599] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  970.467118][T13799] Bluetooth: hci3: command tx timeout
[  970.518179][T19599] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  970.928655][T19599] hsr_slave_0: entered promiscuous mode
[  970.993558][T19599] hsr_slave_1: entered promiscuous mode
[  971.032050][T19599] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  971.090811][T19599] Cannot create hsr debugfs directory
[  971.110345][T19665] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2596'.
[  971.360650][T19667] nbd: must specify an index to disconnect
[  972.437852][T13799] Bluetooth: hci3: command tx timeout
[  973.966553][T19599] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  974.050155][T19599] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  974.194220][T19599] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  974.275432][T19599] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  974.434414][T13799] Bluetooth: hci3: command tx timeout
[  974.893062][T19599] 8021q: adding VLAN 0 to HW filter on device bond0
[  975.534896][T19700] bridge0: port 3(syz_tun) entered blocking state
[  975.565915][T19700] bridge0: port 3(syz_tun) entered disabled state
[  975.601703][T19700] syz_tun: entered allmulticast mode
[  975.630488][T19700] syz_tun: entered promiscuous mode
[  975.654527][T19700] bridge0: port 3(syz_tun) entered blocking state
[  975.661067][T19700] bridge0: port 3(syz_tun) entered forwarding state
[  975.714464][T19599] 8021q: adding VLAN 0 to HW filter on device team0
[  975.735503][T19702] FAULT_INJECTION: forcing a failure.
[  975.735503][T19702] name failslab, interval 1, probability 0, space 0, times 0
[  975.791508][T19702] CPU: 1 UID: 0 PID: 19702 Comm: syz.1.2604 Tainted: G     U              6.15.0-rc3-syzkaller-00342-g5bc1018675ec #0 PREEMPT(full) 
[  975.791547][T19702] Tainted: [U]=USER
[  975.791554][T19702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  975.791568][T19702] Call Trace:
[  975.791575][T19702]  <TASK>
[  975.791584][T19702]  dump_stack_lvl+0x16c/0x1f0
[  975.791622][T19702]  should_fail_ex+0x512/0x640
[  975.791653][T19702]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  975.791680][T19702]  should_failslab+0xc2/0x120
[  975.791707][T19702]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  975.791731][T19702]  ? getname_flags.part.0+0x4c/0x550
[  975.791763][T19702]  getname_flags.part.0+0x4c/0x550
[  975.791794][T19702]  getname_flags+0x93/0xf0
[  975.791828][T19702]  do_sys_openat2+0xb8/0x1d0
[  975.791856][T19702]  ? __pfx_do_sys_openat2+0x10/0x10
[  975.791893][T19702]  __x64_sys_openat+0x174/0x210
[  975.791922][T19702]  ? __pfx___x64_sys_openat+0x10/0x10
[  975.791953][T19702]  ? rcu_is_watching+0x12/0xc0
[  975.791979][T19702]  do_syscall_64+0xcd/0x230
[  975.792008][T19702]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  975.792030][T19702] RIP: 0033:0x7fda2518e969
[  975.792046][T19702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  975.792067][T19702] RSP: 002b:00007fda25fa0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  975.792087][T19702] RAX: ffffffffffffffda RBX: 00007fda253b5fa0 RCX: 00007fda2518e969
[  975.792101][T19702] RDX: 0000000000080001 RSI: 0000200000000400 RDI: ffffffffffffff9c
[  975.792115][T19702] RBP: 00007fda25210ab1 R08: 0000000000000000 R09: 0000000000000000
[  975.792128][T19702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  975.792141][T19702] R13: 0000000000000000 R14: 00007fda253b5fa0 R15: 00007ffef7397ab8
[  975.792167][T19702]  </TASK>
[  976.264368][T10712] bridge0: port 1(bridge_slave_0) entered blocking state
[  976.271550][T10712] bridge0: port 1(bridge_slave_0) entered forwarding state
[  976.327159][T10712] bridge0: port 2(bridge_slave_1) entered blocking state
[  976.334316][T10712] bridge0: port 2(bridge_slave_1) entered forwarding state
[  976.485701][T19708] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2606'.
[  976.612700][T19599] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  976.642716][T19713] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21
[  976.949936][   T36] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  977.489805][   T36] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  977.647051][T19599] 8021q: adding VLAN 0 to HW filter on device batadv0
[  977.776041][T19733] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2612'.
[  977.834582][   T36] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  978.107007][   T36] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  978.859463][   T36] netdevsim netdevsim15 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  979.010634][T19756] FAULT_INJECTION: forcing a failure.
[  979.010634][T19756] name failslab, interval 1, probability 0, space 0, times 0
[  979.161105][T19760] cougar: G6 mapped to space
[  979.321318][T19756] CPU: 1 UID: 0 PID: 19756 Comm: syz.1.2617 Tainted: G     U              6.15.0-rc3-syzkaller-00342-g5bc1018675ec #0 PREEMPT(full) 
[  979.321360][T19756] Tainted: [U]=USER
[  979.321368][T19756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  979.321382][T19756] Call Trace:
[  979.321389][T19756]  <TASK>
[  979.321411][T19756]  dump_stack_lvl+0x16c/0x1f0
[  979.321442][T19756]  should_fail_ex+0x512/0x640
[  979.321473][T19756]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  979.321500][T19756]  should_failslab+0xc2/0x120
[  979.321526][T19756]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  979.321551][T19756]  ? getname_flags.part.0+0x4c/0x550
[  979.321582][T19756]  getname_flags.part.0+0x4c/0x550
[  979.321614][T19756]  getname_flags+0x93/0xf0
[  979.321647][T19756]  do_sys_openat2+0xb8/0x1d0
[  979.321675][T19756]  ? __pfx_do_sys_openat2+0x10/0x10
[  979.321713][T19756]  __x64_sys_openat+0x174/0x210
[  979.321742][T19756]  ? __pfx___x64_sys_openat+0x10/0x10
[  979.321772][T19756]  ? rcu_is_watching+0x12/0xc0
[  979.321799][T19756]  do_syscall_64+0xcd/0x230
[  979.321828][T19756]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  979.321850][T19756] RIP: 0033:0x7fda2518e969
[  979.321867][T19756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  979.321889][T19756] RSP: 002b:00007fda25fa0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  979.321909][T19756] RAX: ffffffffffffffda RBX: 00007fda253b5fa0 RCX: 00007fda2518e969
[  979.321924][T19756] RDX: 0000000000080001 RSI: 0000200000000400 RDI: ffffffffffffff9c
[  979.321938][T19756] RBP: 00007fda25210ab1 R08: 0000000000000000 R09: 0000000000000000
[  979.321951][T19756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  979.321964][T19756] R13: 0000000000000000 R14: 00007fda253b5fa0 R15: 00007ffef7397ab8
[  979.321990][T19756]  </TASK>
[  979.674493][T19599] veth0_vlan: entered promiscuous mode
[  979.685528][T19599] veth1_vlan: entered promiscuous mode
[  979.709952][T19599] veth0_macvtap: entered promiscuous mode
[  979.725931][T19599] veth1_macvtap: entered promiscuous mode
[  979.883227][T19599] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  979.957045][T19599] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  980.000332][T19599] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  980.032808][T19599] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  980.091251][T19599] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  980.146273][T19599] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  980.188699][T19599] batman_adv: batadv0: Interface activated: batadv_slave_0
[  980.253443][T19599] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  980.340644][T19599] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  980.402016][T19599] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  980.458330][T19599] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  980.517751][T19599] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  980.588608][T19599] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  980.658820][T19599] batman_adv: batadv0: Interface activated: batadv_slave_1
[  980.904800][T19599] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  980.957999][T19599] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  981.014340][T19599] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  981.087408][T19599] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  981.569375][T19800] Invalid ELF header magic: != ELF
[  982.849048][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  982.887821][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  982.924698][   T36] bond0 (unregistering): Released all slaves
[  983.140324][   T36] .SR: left promiscuous mode
[  983.244751][T19819] random: crng reseeded on system resumption
[  983.376583][   T36] HfR: left promiscuous mode
[  983.580258][   T36] tipc: Left network mode
[  984.948825][   T36] hsr_slave_0: left promiscuous mode
[  985.002420][   T36] hsr_slave_1: left promiscuous mode
[  985.095523][   T36] veth0_macvtap: left promiscuous mode
[  985.153157][T19845] netlink: 'syz.1.2629': attribute type 4 has an invalid length.
[  985.202583][T19845] netlink: 314 bytes leftover after parsing attributes in process `syz.1.2629'.
[  987.674415][   T36] team0 (unregistering): Port device team_slave_1 removed
[  988.277797][ T6065] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  988.318294][ T6065] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  988.464031][ T6065] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  988.532416][ T6065] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  989.576670][T19883] vivid-003: =================  START STATUS  =================
[  989.645678][T19883] vivid-003: Radio HW Seek Mode: Bounded
[  989.731401][T19883] vivid-003: Radio Programmable HW Seek: false
[  989.792101][T19883] vivid-003: RDS Rx I/O Mode: Block I/O
[  989.896202][T19883] vivid-003: Generate RBDS Instead of RDS: false
[  990.072474][T19883] vivid-003: RDS Reception: true
[  990.120519][T19883] vivid-003: RDS Program Type: 0 inactive
[  990.226845][T19883] vivid-003: RDS PS Name:  inactive
[  990.253385][T19883] vivid-003: RDS Radio Text:  inactive
[  990.314770][T19883] vivid-003: RDS Traffic Announcement: false inactive
[  990.381997][T19883] vivid-003: RDS Traffic Program: false inactive
[  990.424935][T19883] vivid-003: RDS Music: false inactive
[  990.467626][T19883] vivid-003: ==================  END STATUS  ==================
[  992.051951][T19946] loop6: detected capacity change from 0 to 8
[  994.269387][T19985] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input22
[  994.298489][T19987] netlink: set zone limit has 8 unknown bytes
[  995.055625][T20011] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2650'.
[  996.258402][   T30] audit: type=1800 audit(4294967374.661:45): pid=20024 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2653" name="file0" dev="tmpfs" ino=1250 res=0 errno=0
[  996.279011][    C1] vkms_vblank_simulate: vblank timer overrun
[  996.285920][T20025] random: crng reseeded on system resumption
[  997.164212][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  997.177896][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  997.482643][T20042] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2656'.
[  997.591832][T20042] veth1_macvtap: left promiscuous mode
[ 1000.154348][T20092] lo: entered allmulticast mode
[ 1000.509336][T20098] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[ 1000.515775][T20098] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[ 1000.631178][T20095] lo: left allmulticast mode
[ 1002.760682][T20141] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2671'.
[ 1002.807751][T20079] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[ 1003.145998][T20134] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(108.0.100), cmd(3)
[ 1005.192925][T20179] FAULT_INJECTION: forcing a failure.
[ 1005.192925][T20179] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1005.213916][   T30] audit: type=1800 audit(4294967383.617:46): pid=20180 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.2675" name="lu_gp_id" dev="configfs" ino=72987 res=0 errno=0
[ 1005.312021][T20179] CPU: 1 UID: 0 PID: 20179 Comm: syz.2.2676 Tainted: G     U              6.15.0-rc3-syzkaller-00342-g5bc1018675ec #0 PREEMPT(full) 
[ 1005.312064][T20179] Tainted: [U]=USER
[ 1005.312072][T20179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 1005.312087][T20179] Call Trace:
[ 1005.312094][T20179]  <TASK>
[ 1005.312103][T20179]  dump_stack_lvl+0x16c/0x1f0
[ 1005.312138][T20179]  should_fail_ex+0x512/0x640
[ 1005.312175][T20179]  get_futex_key+0x49e/0x1000
[ 1005.312202][T20179]  ? __pfx_get_futex_key+0x10/0x10
[ 1005.312236][T20179]  futex_wake+0xe7/0x4e0
[ 1005.312267][T20179]  ? __pfx_futex_wake+0x10/0x10
[ 1005.312299][T20179]  ? kmem_cache_free+0x2d4/0x4d0
[ 1005.312323][T20179]  ? fd_install+0x225/0x750
[ 1005.312366][T20179]  ? putname+0x154/0x1a0
[ 1005.312397][T20179]  do_futex+0x1e3/0x350
[ 1005.312422][T20179]  ? __pfx_do_futex+0x10/0x10
[ 1005.312454][T20179]  __x64_sys_futex+0x1e0/0x4c0
[ 1005.312481][T20179]  ? __x64_sys_openat+0x174/0x210
[ 1005.312512][T20179]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1005.312539][T20179]  ? rcu_is_watching+0x12/0xc0
[ 1005.312568][T20179]  do_syscall_64+0xcd/0x230
[ 1005.312600][T20179]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1005.312625][T20179] RIP: 0033:0x7fa7a1f8e969
[ 1005.312644][T20179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1005.312671][T20179] RSP: 002b:00007fa7a2d330e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1005.312694][T20179] RAX: ffffffffffffffda RBX: 00007fa7a21b5fa8 RCX: 00007fa7a1f8e969
[ 1005.312711][T20179] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fa7a21b5fac
[ 1005.312726][T20179] RBP: 00007fa7a21b5fa0 R08: 00007fa7a2d34000 R09: 0000000000000000
[ 1005.312741][T20179] R10: 0000000000000006 R11: 0000000000000246 R12: 00007fa7a21b5fac
[ 1005.312756][T20179] R13: 0000000000000000 R14: 00007ffe75a15640 R15: 00007ffe75a15728
[ 1005.312786][T20179]  </TASK>
[ 1006.903350][T20132] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[ 1009.247534][T20202] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[ 1011.595456][T20230] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[ 1012.140349][T20285] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1012.248207][T20285] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1012.353090][T20285] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1012.365726][T20293] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2695'.
[ 1012.409897][T20285] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1012.657193][T20285] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1012.921445][T20285] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1012.927433][T20285] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1013.210708][T20285] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1013.447031][T20285] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1013.495421][T20285] CPU0 is offline.
[ 1014.195182][T13799] Bluetooth: hci0: command 0x0406 tx timeout
[ 1014.270903][T13799] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1014.433926][T13799] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1014.799962][T20312] delete_channel: no stack
[ 1014.995076][T13799] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1016.284624][T20314] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[ 1016.509564][T13799] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1016.729351][T20363] synth uevent: /bus/memstick: unknown uevent action string
[ 1016.770104][T20363] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2706'.
[ 1016.949207][T20361] sp0: Synchronizing with TNC
[ 1017.070106][T13799] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1018.590379][T13799] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1019.150558][T13799] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1020.670195][T20405] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2713'.
[ 1021.231740][T13799] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1021.302402][T20416] FAULT_INJECTION: forcing a failure.
[ 1021.302402][T20416] name failslab, interval 1, probability 0, space 0, times 0
[ 1021.360993][T20416] CPU: 1 UID: 0 PID: 20416 Comm: syz.6.2714 Tainted: G     U              6.15.0-rc3-syzkaller-00342-g5bc1018675ec #0 PREEMPT(full) 
[ 1021.361035][T20416] Tainted: [U]=USER
[ 1021.361044][T20416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 1021.361058][T20416] Call Trace:
[ 1021.361066][T20416]  <TASK>
[ 1021.361075][T20416]  dump_stack_lvl+0x16c/0x1f0
[ 1021.361107][T20416]  should_fail_ex+0x512/0x640
[ 1021.361142][T20416]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1021.361180][T20416]  should_failslab+0xc2/0x120
[ 1021.361210][T20416]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1021.361237][T20416]  ? alloc_empty_file+0x55/0x1e0
[ 1021.361270][T20416]  alloc_empty_file+0x55/0x1e0
[ 1021.361304][T20416]  path_openat+0xe0/0x2d40
[ 1021.361324][T20416]  ? __x64_sys_openat+0x174/0x210
[ 1021.361355][T20416]  ? do_syscall_64+0xcd/0x230
[ 1021.361383][T20416]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1021.361417][T20416]  ? __pfx_path_openat+0x10/0x10
[ 1021.361447][T20416]  do_filp_open+0x20b/0x470
[ 1021.361469][T20416]  ? __pfx_do_filp_open+0x10/0x10
[ 1021.361511][T20416]  ? alloc_fd+0x471/0x7d0
[ 1021.361554][T20416]  do_sys_openat2+0x11b/0x1d0
[ 1021.361585][T20416]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1021.361627][T20416]  __x64_sys_openat+0x174/0x210
[ 1021.361659][T20416]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1021.361693][T20416]  ? rcu_is_watching+0x12/0xc0
[ 1021.361723][T20416]  do_syscall_64+0xcd/0x230
[ 1021.361753][T20416]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1021.361777][T20416] RIP: 0033:0x7f098cb8e969
[ 1021.361796][T20416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1021.361820][T20416] RSP: 002b:00007f098d9c4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1021.361842][T20416] RAX: ffffffffffffffda RBX: 00007f098cdb5fa0 RCX: 00007f098cb8e969
[ 1021.361858][T20416] RDX: 0000000000080001 RSI: 0000200000000400 RDI: ffffffffffffff9c
[ 1021.361873][T20416] RBP: 00007f098cc10ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1021.361888][T20416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1021.361902][T20416] R13: 0000000000000000 R14: 00007f098cdb5fa0 R15: 00007fff6d861e38
[ 1021.361931][T20416]  </TASK>
[ 1022.606165][T20440] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4)
[ 1022.668833][T20442] ==================================================================
[ 1022.676929][T20442] BUG: KASAN: slab-use-after-free in dvb_device_open+0x36a/0x3b0
[ 1022.684673][T20442] Read of size 8 at addr ffff88802a100e18 by task syz.2.2718/20442
[ 1022.692563][T20442] 
[ 1022.694895][T20442] CPU: 1 UID: 0 PID: 20442 Comm: syz.2.2718 Tainted: G     U              6.15.0-rc3-syzkaller-00342-g5bc1018675ec #0 PREEMPT(full) 
[ 1022.694931][T20442] Tainted: [U]=USER
[ 1022.694939][T20442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 1022.694954][T20442] Call Trace:
[ 1022.694966][T20442]  <TASK>
[ 1022.694975][T20442]  dump_stack_lvl+0x116/0x1f0
[ 1022.695003][T20442]  print_report+0xc3/0x670
[ 1022.695028][T20442]  ? __virt_addr_valid+0x5e/0x590
[ 1022.695056][T20442]  ? __phys_addr+0xc6/0x150
[ 1022.695084][T20442]  ? dvb_device_open+0x36a/0x3b0
[ 1022.695111][T20442]  kasan_report+0xe0/0x110
[ 1022.695137][T20442]  ? dvb_device_open+0x36a/0x3b0
[ 1022.695167][T20442]  ? __pfx_dvb_device_open+0x10/0x10
[ 1022.695196][T20442]  dvb_device_open+0x36a/0x3b0
[ 1022.695226][T20442]  ? __pfx_dvb_device_open+0x10/0x10
[ 1022.695254][T20442]  chrdev_open+0x231/0x6a0
[ 1022.695276][T20442]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1022.695305][T20442]  ? __pfx_chrdev_open+0x10/0x10
[ 1022.695328][T20442]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 1022.695364][T20442]  do_dentry_open+0x741/0x1c10
[ 1022.695387][T20442]  ? __pfx_chrdev_open+0x10/0x10
[ 1022.695412][T20442]  vfs_open+0x82/0x3f0
[ 1022.695440][T20442]  path_openat+0x1e5e/0x2d40
[ 1022.695466][T20442]  ? __pfx_path_openat+0x10/0x10
[ 1022.695490][T20442]  do_filp_open+0x20b/0x470
[ 1022.695510][T20442]  ? __pfx_do_filp_open+0x10/0x10
[ 1022.695540][T20442]  ? alloc_fd+0x471/0x7d0
[ 1022.695577][T20442]  do_sys_openat2+0x11b/0x1d0
[ 1022.695604][T20442]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1022.695638][T20442]  __x64_sys_openat+0x174/0x210
[ 1022.695668][T20442]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1022.695698][T20442]  ? rcu_is_watching+0x12/0xc0
[ 1022.695722][T20442]  do_syscall_64+0xcd/0x230
[ 1022.695750][T20442]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1022.695772][T20442] RIP: 0033:0x7fa7a1f8e969
[ 1022.695790][T20442] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1022.695814][T20442] RSP: 002b:00007fa7a2d12038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1022.695836][T20442] RAX: ffffffffffffffda RBX: 00007fa7a21b6080 RCX: 00007fa7a1f8e969
[ 1022.695853][T20442] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 1022.695869][T20442] RBP: 00007fa7a2010ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1022.695884][T20442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1022.695899][T20442] R13: 0000000000000000 R14: 00007fa7a21b6080 R15: 00007ffe75a15728
[ 1022.695921][T20442]  </TASK>
[ 1022.695930][T20442] 
[ 1022.948806][T20442] Allocated by task 1:
[ 1022.952868][T20442]  kasan_save_stack+0x33/0x60
[ 1022.957555][T20442]  kasan_save_track+0x14/0x30
[ 1022.962254][T20442]  __kasan_kmalloc+0xaa/0xb0
[ 1022.966847][T20442]  dvb_register_device+0x1e4/0x2370
[ 1022.972061][T20442]  dvb_register_frontend+0x5a6/0x880
[ 1022.977362][T20442]  vidtv_bridge_probe+0x459/0xa90
[ 1022.982397][T20442]  platform_probe+0xff/0x1f0
[ 1022.986999][T20442]  really_probe+0x23e/0xa90
[ 1022.991504][T20442]  __driver_probe_device+0x1de/0x440
[ 1022.996795][T20442]  driver_probe_device+0x4c/0x1b0
[ 1023.001823][T20442]  __driver_attach+0x283/0x580
[ 1023.006586][T20442]  bus_for_each_dev+0x13b/0x1d0
[ 1023.011469][T20442]  bus_add_driver+0x2e9/0x690
[ 1023.016151][T20442]  driver_register+0x15c/0x4b0
[ 1023.020922][T20442]  vidtv_bridge_init+0x45/0x80
[ 1023.025699][T20442]  do_one_initcall+0x120/0x6e0
[ 1023.030476][T20442]  kernel_init_freeable+0x5c2/0x900
[ 1023.035677][T20442]  kernel_init+0x1c/0x2b0
[ 1023.040019][T20442]  ret_from_fork+0x45/0x80
[ 1023.044472][T20442]  ret_from_fork_asm+0x1a/0x30
[ 1023.049249][T20442] 
[ 1023.051570][T20442] Freed by task 20440:
[ 1023.055647][T20442]  kasan_save_stack+0x33/0x60
[ 1023.060326][T20442]  kasan_save_track+0x14/0x30
[ 1023.065007][T20442]  kasan_save_free_info+0x3b/0x60
[ 1023.070044][T20442]  __kasan_slab_free+0x51/0x70
[ 1023.074808][T20442]  kfree+0x2b6/0x4d0
[ 1023.078715][T20442]  dvb_device_put.part.0+0x60/0x90
[ 1023.083849][T20442]  dvb_device_open+0x2a4/0x3b0
[ 1023.088633][T20442]  chrdev_open+0x231/0x6a0
[ 1023.093049][T20442]  do_dentry_open+0x741/0x1c10
[ 1023.097935][T20442]  vfs_open+0x82/0x3f0
[ 1023.102010][T20442]  path_openat+0x1e5e/0x2d40
[ 1023.106603][T20442]  do_filp_open+0x20b/0x470
[ 1023.111106][T20442]  do_sys_openat2+0x11b/0x1d0
[ 1023.115787][T20442]  __x64_sys_openat+0x174/0x210
[ 1023.120687][T20442]  do_syscall_64+0xcd/0x230
[ 1023.125197][T20442]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1023.131090][T20442] 
[ 1023.133411][T20442] The buggy address belongs to the object at ffff88802a100e00
[ 1023.133411][T20442]  which belongs to the cache kmalloc-256 of size 256
[ 1023.147493][T20442] The buggy address is located 24 bytes inside of
[ 1023.147493][T20442]  freed 256-byte region [ffff88802a100e00, ffff88802a100f00)
[ 1023.161241][T20442] 
[ 1023.163563][T20442] The buggy address belongs to the physical page:
[ 1023.169979][T20442] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2a100
[ 1023.178741][T20442] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1023.187240][T20442] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 1023.194803][T20442] page_type: f5(slab)
[ 1023.198789][T20442] raw: 00fff00000000040 ffff88801b441b40 dead000000000122 0000000000000000
[ 1023.207375][T20442] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 1023.215966][T20442] head: 00fff00000000040 ffff88801b441b40 dead000000000122 0000000000000000
[ 1023.224639][T20442] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 1023.233309][T20442] head: 00fff00000000001 ffffea0000a84001 00000000ffffffff 00000000ffffffff
[ 1023.241978][T20442] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[ 1023.250643][T20442] page dumped because: kasan: bad access detected
[ 1023.257048][T20442] page_owner tracks the page as allocated
[ 1023.262763][T20442] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 24332557826, free_ts 0
[ 1023.282478][T20442]  post_alloc_hook+0x181/0x1b0
[ 1023.287249][T20442]  get_page_from_freelist+0x135c/0x3920
[ 1023.292797][T20442]  __alloc_frozen_pages_noprof+0x263/0x23a0
[ 1023.298692][T20442]  alloc_pages_mpol+0x1fb/0x550
[ 1023.303551][T20442]  new_slab+0x244/0x340
[ 1023.307729][T20442]  ___slab_alloc+0xd9c/0x1940
[ 1023.312420][T20442]  __slab_alloc.constprop.0+0x56/0xb0
[ 1023.317811][T20442]  __kmalloc_cache_noprof+0xfb/0x3e0
[ 1023.323112][T20442]  bus_add_driver+0x92/0x690
[ 1023.327714][T20442]  driver_register+0x15c/0x4b0
[ 1023.332486][T20442]  usb_register_driver+0x216/0x4d0
[ 1023.337614][T20442]  do_one_initcall+0x120/0x6e0
[ 1023.342389][T20442]  kernel_init_freeable+0x5c2/0x900
[ 1023.347604][T20442]  kernel_init+0x1c/0x2b0
[ 1023.351944][T20442]  ret_from_fork+0x45/0x80
[ 1023.356402][T20442]  ret_from_fork_asm+0x1a/0x30
[ 1023.361182][T20442] page_owner free stack trace missing
[ 1023.366546][T20442] 
[ 1023.368866][T20442] Memory state around the buggy address:
[ 1023.374494][T20442]  ffff88802a100d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1023.382580][T20442]  ffff88802a100d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1023.390662][T20442] >ffff88802a100e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1023.398752][T20442]                             ^
[ 1023.403598][T20442]  ffff88802a100e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1023.411678][T20442]  ffff88802a100f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1023.419737][T20442] ==================================================================
[ 1024.628548][T20437] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1024.663202][T20437] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1024.743050][T20437] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1024.749183][T20437] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1024.885731][T20437] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1024.943096][T20437] CPU0 is offline.
[ 1025.721263][T20442] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1025.728520][T20442] CPU: 1 UID: 0 PID: 20442 Comm: syz.2.2718 Tainted: G     U              6.15.0-rc3-syzkaller-00342-g5bc1018675ec #0 PREEMPT(full) 
[ 1025.742164][T20442] Tainted: [U]=USER
[ 1025.745967][T20442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 1025.756111][T20442] Call Trace:
[ 1025.759394][T20442]  <TASK>
[ 1025.762329][T20442]  dump_stack_lvl+0x3d/0x1f0
[ 1025.766936][T20442]  panic+0x71c/0x800
[ 1025.770855][T20442]  ? __pfx_panic+0x10/0x10
[ 1025.775286][T20442]  ? mark_held_locks+0x49/0x80
[ 1025.780089][T20442]  ? preempt_schedule_thunk+0x16/0x30
[ 1025.785485][T20442]  ? dvb_device_open+0x36a/0x3b0
[ 1025.790437][T20442]  ? preempt_schedule_common+0x44/0xc0
[ 1025.795907][T20442]  ? check_panic_on_warn+0x1f/0xb0
[ 1025.801038][T20442]  ? dvb_device_open+0x36a/0x3b0
[ 1025.805993][T20442]  check_panic_on_warn+0xab/0xb0
[ 1025.810955][T20442]  end_report+0x107/0x170
[ 1025.815296][T20442]  kasan_report+0xee/0x110
[ 1025.819722][T20442]  ? dvb_device_open+0x36a/0x3b0
[ 1025.824675][T20442]  ? __pfx_dvb_device_open+0x10/0x10
[ 1025.829977][T20442]  dvb_device_open+0x36a/0x3b0
[ 1025.834759][T20442]  ? __pfx_dvb_device_open+0x10/0x10
[ 1025.840082][T20442]  chrdev_open+0x231/0x6a0
[ 1025.844524][T20442]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1025.850102][T20442]  ? __pfx_chrdev_open+0x10/0x10
[ 1025.855064][T20442]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 1025.861853][T20442]  do_dentry_open+0x741/0x1c10
[ 1025.866628][T20442]  ? __pfx_chrdev_open+0x10/0x10
[ 1025.871580][T20442]  vfs_open+0x82/0x3f0
[ 1025.875663][T20442]  path_openat+0x1e5e/0x2d40
[ 1025.880265][T20442]  ? __pfx_path_openat+0x10/0x10
[ 1025.885229][T20442]  do_filp_open+0x20b/0x470
[ 1025.889767][T20442]  ? __pfx_do_filp_open+0x10/0x10
[ 1025.894835][T20442]  ? alloc_fd+0x471/0x7d0
[ 1025.899211][T20442]  do_sys_openat2+0x11b/0x1d0
[ 1025.903918][T20442]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1025.909150][T20442]  __x64_sys_openat+0x174/0x210
[ 1025.914118][T20442]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1025.919511][T20442]  ? rcu_is_watching+0x12/0xc0
[ 1025.924288][T20442]  do_syscall_64+0xcd/0x230
[ 1025.928808][T20442]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1025.934743][T20442] RIP: 0033:0x7fa7a1f8e969
[ 1025.939164][T20442] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1025.958778][T20442] RSP: 002b:00007fa7a2d12038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1025.967212][T20442] RAX: ffffffffffffffda RBX: 00007fa7a21b6080 RCX: 00007fa7a1f8e969
[ 1025.975202][T20442] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 1025.983190][T20442] RBP: 00007fa7a2010ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1025.991173][T20442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1025.999151][T20442] R13: 0000000000000000 R14: 00007fa7a21b6080 R15: 00007ffe75a15728
[ 1026.007140][T20442]  </TASK>
[ 1026.010222][T20442] Kernel Offset: disabled
[ 1026.014574][T20442] Rebooting in 86400 seconds..