last executing test programs:

13m47.060110825s ago: executing program 0 (id=357):
mq_open$auto(&(0x7f0000000000)='\xbe\xf2\x82\xe7\x14g\xb5\xeeMQ\x13\xa2_g\xbf\t\xfa\xf2_N\xb0{\xf9\xb57v\xeeG\xd9l\xbf\x86q w\x96\xd9\xe9\xa8\xe1\xf0\xc7\x1f\x1e\xc4\xc4\x89u\x83\xe8}\xbd\x7fO\x91\xc1UVW.\xb6\xad\x04u\x02w.\xec`O\xc1\x0e\x15\xe7:\xc9\x1bK\xcddY\x03\x95\xd1\xae\xc1\x9b\x96\x9faj\xd2\xfc\xfc\x1f7\xaf\xcan\xf6\xc0wK\xce\xe7Q\xae\xc9Hg\x01\xef\xda[\xe5\xa3\xa3%\'\x8f\xcf\x96X:\x04Dkt\x7f\xde\x80\x01\xddX\x91\x88\xa1\t\xc3\xf1\xfe[\x93$O8 b\xb4\x92\xf4\xbc\xc5\xb9\x989\xfcF\xec\xdc@\xdd\xdaeM\xe0U\xc8;\xf5\xe7$Q8\xd2\x87\xdd\xc5\x9d\xc5\xe8\xb5\xb5\xb8\xdfD\xd0\xe8t\x8aS\xaa\xbe\xaa\xba\x9e^0\x1a\xf8Y\xf5Jp\bu\xba\x98\x00\xf0H5\xa9u\x0e\xc4\x04\x13\xf58p\x9f\x11\xc07\xefS*|\xd87\x12\xd8\xce\xde0\xd82;\xcd\x18\r\xccI\x99\n\xd2\x86', 0xdd1, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
adjtimex$auto(&(0x7f00000005c0)={0xf332b6f, 0x0, 0xcea4, 0xfffffffffffffffd, 0xd4, 0x1, 0x0, 0x0, 0x1, 0x3692, 0x2, {0x100000004, 0x10000}, 0x5, 0x101, 0xfffffffffffffffd, 0x1007c02, 0x0, 0x9, 0x2000000000ffff, 0xdfffffffffff628c, 0x2, 0xdeb1, 0x808})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x82, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
socket(0xa, 0x1, 0x100)
r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
pread64$auto(r0, 0x0, 0x7ff, 0x400)
socket(0x1a, 0x1, 0x0)
r1 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x361900, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000180)={[0x1fc, 0x7, 0xd, 0x1, 0x2, 0x3, 0x88, 0x3, 0x0, 0x62, 0x7ff, 0x10, 0x6d3e, 0xc, 0x2, 0x6]}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x8800)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004)
ioctl$auto(0x3, 0x2287, r1)
mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000)
r3 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0)
write$auto_proc_mem_operations_base(r3, &(0x7f0000001680)="a7", 0x80000)
madvise$auto(0x2000000000, 0x201ff, 0x15)
prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0)
prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0)

13m43.991259588s ago: executing program 0 (id=361):
mmap$auto(0x0, 0xffff, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
mmap$auto(0x7, 0x4000a, 0x0, 0x9b72, 0x7, 0x28000)
r0 = socket(0x1d, 0x3, 0x1)
getsockopt$auto(r0, 0x65, 0x4, 0xffffffffffffffff, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r1 = prctl$auto_PR_SET_MM_START_DATA(0x80000001, 0x3, 0xffffffffffffffff, 0xa3, 0x1000)
r2 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r3=>0x0})
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r3, 0xfd}, 0x6a)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0xa, 0x3, 0xe, 0x940, 0x1ffde, 0x3, 0x4, 0x2, 0x9, 0x5, 0x6, 0x8, 0x1001000, 0x8, 0x2, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x8, 0x9]}, 0x4, 0x40000081)
ioctl$auto_VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x6)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r4 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40810}, 0x8044)

13m43.569866592s ago: executing program 0 (id=364):
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
close_range$auto(0x0, 0x5, 0x0)
inotify_init1$auto(0x800)
io_uring_setup$auto(0x4, 0x0)
open(0x0, 0x22240, 0x55)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x106)
bind$auto(r0, &(0x7f0000000000)=@in={0x2, 0x3, @multicast1}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
syz_genetlink_get_family_id$auto_ovs_vport(0x0, r0)
write$auto(0x3, 0x0, 0xfffffdf2)
connect$auto(0x3, 0x0, 0x55)
openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
close_range$auto(0x2, 0xa, 0x0)
socket(0xa, 0x2, 0x0)
r1 = socket(0xa, 0x3, 0xff)
connect$auto(r1, &(0x7f00000018c0)=@generic={0xa}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)

13m42.878854918s ago: executing program 0 (id=367):
socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0x6, 0x8000)
userfaultfd$auto(0x1)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
socket(0xa, 0x801, 0x84)
socket(0xa, 0x3, 0x73)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1, 0x1, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x801, 0x84)
socket(0x2, 0x801, 0x106)
io_uring_setup$auto(0x5, 0x0)
socket(0xa, 0x2, 0x0)
socket(0xa, 0x2, 0x3a)
io_uring_setup$auto(0x6, 0x0)
r0 = socket(0xa, 0x2, 0x88)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
bpf$auto(0x0, &(0x7f0000000000)=@link_update={r0, @new_prog_fd=0x4, 0x4, @old_prog_fd=r0}, 0xa3)
bpf$auto(0x4, &(0x7f0000000040)=@query={@target_ifindex, 0x7, 0x6, 0x9, 0x9, @prog_cnt=0x4, 0x0, 0x80000000, 0xc, 0x9, 0xffffffffffffff66}, 0x7)
open(&(0x7f0000001340)='./file0\x00', 0x149340, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0)
write$auto_ocfs2_control_fops_stack_user(r1, &(0x7f0000003900)='\t', 0x1)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/module/sunrpc/parameters/pool_mode\x00', 0x80302, 0x0)
sendfile$auto(r2, r2, 0x0, 0x43)

13m42.155965798s ago: executing program 0 (id=369):
mq_open$auto(&(0x7f0000000000)='\xbe\xf2\x82\xe7\x14g\xb5\xeeMQ\x13\xa2_g\xbf\t\xfa\xf2_N\xb0{\xf9\xb57v\xeeG\xd9l\xbf\x86q w\x96\xd9\xe9\xa8\xe1\xf0\xc7\x1f\x1e\xc4\xc4\x89u\x83\xe8}\xbd\x7fO\x91\xc1UVW.\xb6\xad\x04u\x02w.\xec`O\xc1\x0e\x15\xe7:\xc9\x1bK\xcddY\x03\x95\xd1\xae\xc1\x9b\x96\x9faj\xd2\xfc\xfc\x1f7\xaf\xcan\xf6\xc0wK\xce\xe7Q\xae\xc9Hg\x01\xef\xda[\xe5\xa3\xa3%\'\x8f\xcf\x96X:\x04Dkt\x7f\xde\x80\x01\xddX\x91\x88\xa1\t\xc3\xf1\xfe[\x93$O8 b\xb4\x92\xf4\xbc\xc5\xb9\x989\xfcF\xec\xdc@\xdd\xdaeM\xe0U\xc8;\xf5\xe7$Q8\xd2\x87\xdd\xc5\x9d\xc5\xe8\xb5\xb5\xb8\xdfD\xd0\xe8t\x8aS\xaa\xbe\xaa\xba\x9e^0\x1a\xf8Y\xf5Jp\bu\xba\x98\x00\xf0H5\xa9u\x0e\xc4\x04\x13\xf58p\x9f\x11\xc07\xefS*|\xd87\x12\xd8\xce\xde0\xd82;\xcd\x18\r\xccI\x99\n\xd2\x86', 0xdd1, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
adjtimex$auto(&(0x7f00000005c0)={0xf332b6f, 0x0, 0xcea4, 0xfffffffffffffffd, 0xd4, 0x1, 0x0, 0x0, 0x1, 0x3692, 0x2, {0x100000004, 0x10000}, 0x5, 0x101, 0xfffffffffffffffd, 0x1007c02, 0x0, 0x9, 0x2000000000ffff, 0xdfffffffffff628c, 0x2, 0xdeb1, 0x808})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x82, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
socket(0xa, 0x1, 0x100)
r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
pread64$auto(r0, 0x0, 0x7ff, 0x400)
socket(0x1a, 0x1, 0x0)
r1 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x361900, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000180)={[0x1fc, 0x7, 0xd, 0x1, 0x2, 0x3, 0x88, 0x3, 0x0, 0x62, 0x7ff, 0x10, 0x6d3e, 0xc, 0x2, 0x6]}, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0)
ioctl$auto(0x3, 0x2287, r1)
mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000)
r3 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0)
write$auto_proc_mem_operations_base(r3, &(0x7f0000001680)="a7", 0x80000)
madvise$auto(0x2000000000, 0x201ff, 0x15)
prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0)
prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0)

13m39.222120063s ago: executing program 0 (id=380):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x10b842, 0x0)
mmap$auto(0x0, 0xd2, 0x4000000000df, 0xeb1, 0x401, 0x80000000)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000600)='/dev/audio\x00', 0x20000, 0x0)
ioctl$auto_SOUND_MIXER_READ_STEREODEVS2(r1, 0x80044dfb, 0x0) (async)
ioctl$auto_SOUND_MIXER_READ_STEREODEVS2(r1, 0x80044dfb, 0x0)
io_uring_setup$auto(0x1d49, &(0x7f0000000340)={0x7fffffff, 0x10, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x8, 0x1, 0x80000000, 0x100, 0x83, 0xffff, 0x6, 0x9}, {0x100, 0x1, 0x52, 0x5, 0x11, 0x101, 0x876c5, 0xc9, 0x3}}) (async)
r2 = io_uring_setup$auto(0x1d49, &(0x7f0000000340)={0x7fffffff, 0x10, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x8, 0x1, 0x80000000, 0x100, 0x83, 0xffff, 0x6, 0x9}, {0x100, 0x1, 0x52, 0x5, 0x11, 0x101, 0x876c5, 0xc9, 0x3}})
io_uring_register$auto(r2, 0x15, 0x0, 0x9) (async)
io_uring_register$auto(r2, 0x15, 0x0, 0x9)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0)
read$auto(r4, 0x0, 0x20)
writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
read$auto(r0, &(0x7f00000000c0)='/sys/devices/~latform/vhci_hc$.7/usb23/23-0:1.0/~\xda=\x8eep_81/inver', 0x6864a34)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) (async)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto(0x3, 0x400454ca, 0x38)
capset$auto(0x0, 0x0)
write$auto(0x3, 0x0, 0xfdef) (async)
write$auto(0x3, 0x0, 0xfdef)

13m23.91057777s ago: executing program 32 (id=380):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x10b842, 0x0)
mmap$auto(0x0, 0xd2, 0x4000000000df, 0xeb1, 0x401, 0x80000000)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000600)='/dev/audio\x00', 0x20000, 0x0)
ioctl$auto_SOUND_MIXER_READ_STEREODEVS2(r1, 0x80044dfb, 0x0) (async)
ioctl$auto_SOUND_MIXER_READ_STEREODEVS2(r1, 0x80044dfb, 0x0)
io_uring_setup$auto(0x1d49, &(0x7f0000000340)={0x7fffffff, 0x10, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x8, 0x1, 0x80000000, 0x100, 0x83, 0xffff, 0x6, 0x9}, {0x100, 0x1, 0x52, 0x5, 0x11, 0x101, 0x876c5, 0xc9, 0x3}}) (async)
r2 = io_uring_setup$auto(0x1d49, &(0x7f0000000340)={0x7fffffff, 0x10, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x8, 0x1, 0x80000000, 0x100, 0x83, 0xffff, 0x6, 0x9}, {0x100, 0x1, 0x52, 0x5, 0x11, 0x101, 0x876c5, 0xc9, 0x3}})
io_uring_register$auto(r2, 0x15, 0x0, 0x9) (async)
io_uring_register$auto(r2, 0x15, 0x0, 0x9)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0)
read$auto(r4, 0x0, 0x20)
writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
read$auto(r0, &(0x7f00000000c0)='/sys/devices/~latform/vhci_hc$.7/usb23/23-0:1.0/~\xda=\x8eep_81/inver', 0x6864a34)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) (async)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto(0x3, 0x400454ca, 0x38)
capset$auto(0x0, 0x0)
write$auto(0x3, 0x0, 0xfdef) (async)
write$auto(0x3, 0x0, 0xfdef)

1m25.214712392s ago: executing program 2 (id=2204):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x20000, 0xdf, 0x17, r0, 0x2000000000108000)
r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff)
epoll_create$auto(0x4)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
bpf$auto(0x0, 0x0, 0x6f3)
r2 = openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cpu/1/msr\x00', 0xf82, 0x0)
readv$auto(r2, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400)
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0xffffffffffffffff, 0x3)
getsockopt$auto_SO_BROADCAST(0xffffffffffffffff, 0xf7f, 0x6, 0x0, &(0x7f0000000180))
ioctl$auto_BTRFS_IOC_FORGET_DEV(r1, 0x50009405, &(0x7f00000011c0)={@inferred=r1, "147f624b05a2b22a62eb108f57b62c1a128c0f4a188dab9dc484db51686adb5a70d52b7f2f66145c31facd1cbb574c587628bd4cd6107b246f8f98fc23c6a864a492955d4c9350848a1d376d48008c8245ef620306a514c0e2f4dccf4932b8161402a453d31f6a2849bd701d53c73b5c87638db257f5ee75b4b2f3050dcd85bdda18e5f6c8f07bcbafc93b528f48baacd00dff67c662817347d58f7e2540061f146deeeb8a8fbea98e59c0ed49ac5898827aaa13b42a504dc9de98747915c70a39df9e7ad1373109c541923589e6364976cd3168fe3d0f085186627bde1577bbf260387eb8ecb5ad8d705de9f1e9b3d50ce454db9cbecf236dffbd3b274b5a7a63d3be027f04c7111ed622df2830ad588ef1d8b6c480b0f0772b5e7f621f8afa59a92859c296e01a7fa3f30f0d0d4337652988adb2b9d680d2c4f9896e1139548670c3598f33ba0f43def8ca1044626e75ca4d2b886f6db26ebb438a587407e59cf70e6cedf804044a4ccbccdcdcfd3e18152f5ac92af75d4deb491679de72f1b13ad5478ed08bb7acfc503580dae5c23583d01fdfecc9207f9e276540cf2328ba7a585937fd6acbda9a3a770277729be4f41177789decd4e0854b9861c08504c89215d7e8ce3473a0ad98f25d1d9e5fe2054a4ba9d3e0a67718ac00f384b74f5c8b24097e30e63af0c374c78f21d0af94486933450a311f8194051592e9e37607542244627393d338575c5a0a51815a01bd5ecf313cadddbb3c6bd4941a5c636b0c884ea266740b25c397ff3ea626070602d43ffbbebc0bddfdc47602432ecedce3bb6b0aba196f0eb714251d210bc979b4518005e41b5b6b0fc0ba793a8e77edd81553ce3a99cf9e7f4a9a41858e1971ac4127fa9995c888259e3436b7366e1344955ec1dd8628581a07056ec537e8196f87ab570af4fb4744f874fb283f8a54cae01cb32f70543eb60b6f65cc5269171d7e4cc0b76983aaba8d869d8848e496e2c5359251a39e5f9d1c0c6756456dcdd744e82594b2a6bfe3db7877c7fc123c259f8f70b36b3c48ae31875d5cf3eb6b00a32e107f419a079641e51c8233f4c304b4bf7942814ec1eb8166f0b168d76fb3c05cb1d0ccd66fd15cbb399f3730076246721f4d71f5bbcb63d2309c74878bb16ec592873f7514b66118673f808c2cb16b4a7b3be7b560b5183bb231be5829d9de866ecbf23c70779c6f9d37b7d185cdf53a328eeee8ea27931c68c68edad37f2a10fbfcffacbacb80e8c39a0504bddab3156c7c35ab417aee9c979bf14718975e59ec51a37516a71abd59ddc916de121937da400f09b85e96b554a1f5688b20e2df0f814163e46db2ef60268a6c57035008998b834560a7f9a69bcde2110f8d401321db671c7cd28fce473d9dd43d598ef1e576c93281a5a510fb48e7dbfe06451e2e9718ab0b6cd6ec02b6b62ae9d6cc7ec94af64311793125d92ef9ac91b0d99445c4dae30f46ef49f8068950a6a32661094ac22af30e313fc183ebe103e709be8bcb4e657a731ac05e55a5f3b772ec5f89074fce97e565f560d172c6975dd1edde80507a9e442b208fd57520cbbcac16ddcb26fc8ef1d19d2cfb07e80d32aab1769e628303478aff29f0143140478b50d392fb3e53e0d386ea97d901c27ae5911330f337ef7048cb7f5307fb0231066c100177c09722719372aa5dcffbfa6e84469bfa884446d5848d6af5c4a324f0805e5a1c82e97387239ba24e8406edccd92d37c0bafd97160cea312ba3ef96b6982d28e0d5e2b3bba83dcee9f5de3155d635deebc55bc030f9dadc659a0b6f5a84d539077e785ed5ed098115b576a7238c3532cea0fe9f00cfad2112908e57e66be5e86339812b5257a03e735727ea8c4cf5bcf0820dcf87a906bd962806a2767971f6079613acfb781d514111f35ba1fcdecaa15764d9ca817794c536cb4b1d4a2f60cf116520aa1cd2f7ade5d38c195ee6aaa196ceeaad0a3d642b0e4b54a5c9ffe8941e4f661aba9b9d77a0e2af0d1dd8120810f4b4f93bc56a2405b32ec460ccfae654ed07abfbfc3dab30d5e0b77538033ee73833910ecb297be29cf034a1133583e5afd7633e4a1b44c844cd34eb7d5e07d74e695b4abea1a70b5eb902385563e30134ec33ada8dc78433b4eefa2ead19df77dfc71148607e5c708f7692f1645e7a323f175849bd045f0bbed4f6a06169deceb2a4d361493ee6db8c7b0bd18b9782f48f7459c9d9033221dcf6a07464c04df0b11f99a943e12b1b0b6dc71c3bfef7128b2df83f1ee99952e4cc0a51189a21302e998fd2ed37b2ae8bfd96a47d50eb3d196fea3af714157e6a4e0630e0944de57556aa3225b485388faed23a9a9d595a5ff296e8e29452ef5541230954d4d0f916a27781041902f13cf0e962527e1a0f659a95a0c3831bb62841ba3e01c74859818283ad0725e76ed82f695405fffccd90ad1be0ad211891546a2ab3f75b9872c3ad68c2f5f4d8510cf1e087e789c5ab821ef46e197a36986434b1569499ad2717db7b200afd77b7542ba00a46192341aee8fe3bfe3d6e0c2767cafca11ce2beaf97602ef9095e815ab6eaec42399865f724ee9d96217f45a84a0def5d87375c65e0430cdc83422b8d367982f2722e793c6ba37687d34f0e2068c114fae854a3158abba5f5689a40488d095de19071a71d8d7a17f4389f2d20c4c0f9c16760d52d166acc5c201cfaecc0fc54b7143c60aaaac0ae196b36f3e1447e3e0992be2642ca8302b24514bd06cce84279ce361bb8ce245ca5152848ab4cced61c67e4579c0db21efd26efc0780cf4a04b02ddaa54335fa327d57320307e0dc3fe1f6cdb686150e2235e05ddeba10a193d49408ee47f57229a6ff30351dedf61b8789900eb15db5b0069c57984ba31710509d88da1d78b3eface0ad5b2cb7f303e248cb68abfd5a0c3ac672d1f6178fe54ef67e034d38c01e3458d9b64a97eb0cccfae7efbbbc0c8b806e75ae5dbdf641d8daa862f90cac0d460c6f70a7765169cd1e9fe305db403e4e453ce84c35a3573751a93ca7dd478ba547449254f3d7ac7b05f345bf0eec346db042b982c964c81545bf05986d033df8e41e9e19d3561250514ed703444048f44763261a860aa3cf0b539544af9a1fc4ba7f989111e00dcab0e64b538a1019467c3b43641e13c2707a4fdc78648b92302a54a0e7e3de53488e852f0fe658557ad1df2cf12a898515769bcde0f4a3386764d5b2f0eba5eee1e3257215c005b3bad612ff43b4121efc277fe9b80c69eee2c1ffdcb3ef843485d636a0025848254e22cd2f51c1f85202ae22d53969072c1ec4dbb973a157059ed523b8dad9671f6bba68a9d4521564a826b208df019ea32eeaf5b8f973263fdcab4c2519ac0d5ce4c181b12ba71bb3fc02388e72e89a24152e07b264fb00b425633ca2b2aaccd7208d5df00002b7fa4502656593a8e84e4b620bc65a60bf3d3c8b0c1d0ac93bcc711b9cf206b1037d3437e515913badbd7ccf2a69b32cd5b828193dac41fe0ff1a869bf086927eff915e422be23f40a54a2384e478f74bb2a397ecd214224294d9300d921afad2f50960e9830dc1ac8ee08ea0ff474d40a23b1f7dbc7761120c889b3354281751342d2429eb2555a8a57063f61c6cb3115d99d41a040c4d9fb3c5ddec980abfef33562607b7ad6fc8ac67c8026d50f2e01d949d065a8ea488b3d0d7ba296c914352b99a6c36aad4c030d1f9bef8696cb6d9dee3835646695b2a43f8682405c118477dd6486699dcd9cb93d911dae691fabfdfcc76ae48bcdf5d5ea87fffdcaf4e14faaa36689da73c9012ff943a787ec0e83f52cf221219f3468bdc010698450a19717e4ed062ab7d682d9e18c4469581bd09cd31aeaf1d17afb02b9cd769f56830d0ad155e4898889b438edfb13fb40d46bfe082ae1cd0f287805e4f2d011f43cd070f883668f45612132b19ff2f406bf80a1e5e69c741c63bc366c102a7a7e78d92e058d1f771031e582094bc7536182ddf2b88ef13d6573d0d34183c5e4dff48654ec1d18a44f6b2c67b17eb06489523bc3e7908b612e5204985cad17ff99b41650e49e469d8d80f3a2e32e93826e02160fbf19d92ab300bee4319b333aa9e96ac46d22ed71cf8394663f62362fe145094d140588c2e6f3eadc0bc16f6f6172aeac1e9ca44d93fa1399c641729e21f97f25ce5b4163419235bb98a218fa9d50b7aaa835d122c0436352b27909dcab907e43630907b23713bb445b93b8ec840b17d3d4618dd38bf58f2a0a6c3272a00aa8704774078f565faa4195ddfc15b33b196e646ebd8ab55e74da11ab4c30d031785c7c168d30ca12d23dcfa4a5a4f883f3b887fb77d822dae0a161d6c3565037a1f36bb1cf1d8601d94e4111b4ee435a98c21577b1e647ba160921881339a00a2d04210e603dcd9dfe2c40d32e5d93d9e94a5c176ca6291d5befa75121ec0abd660e2bac1458bd5609a6d725af0895b0d559ad726f34b50a06fd45f86764508386ab65ade7c76d0ce07330bf0d342216a769c98edb854cad6f6b02e0d09e713bbb7e12c786edd9d1078f3c5d0a87d34d9326e938098d674fb2d1ab1e39e3683a3ef0e00d9b66d56582e9d5f2d61a60226ee2c9cda7d44ef0504d6109fcd7978207df3eb9ed5ac860e0172907362654efb54cd6d04f7a58578fa3853d65e9243730466085905cbf1e1b34ea7a2f9dd268495d49824045074debb4c9140dfdbfc81fc6d371ec49521ddd996fd8761ada5d427348503a57a73a3ac74a540df4c2af59a1ecf644c00ebfbffafbf2990776717a2687889da69fefd0b0cb33c8351d147bcf31f98c8909e554c7ffd2cc9f64e4eb6b9c4b232489a2d912f19f79108b73a38de79fafd4a885de47810bdc4658d6d773c97e523732997392f1e02396875eda8ff955ef0ad75145cc1819df6a53878b9f1c5964146dcd73eabed0df798aea5c533fc263bc8d2533e36cde59e2cdd2ffac12cd7e6bea69ccc14b0b22b7606a6f82e8528f8dc739cd5c0ed0795d49452f257be2068055dcfaa7589ca65820d31583a81834910d8d1327469e370339dce1d87c31a750a02270cdaef457da2d50abac6651357858c391464781009209d79cf4286045773fe247e705a14b162583cd89e850df91b7517bd0a4476ac02fdc1dbd0faa81fa1e829ad0a548236939efcdf63c15b868b8712ca05571d7c0b810cc02cba9d1ae63e987b59ec3281cd706d7571d6b69a92663f11a24a68dbc6b2436b8049986f78fbe8effcf94457d5085dbf8812abb1fd431c6b465203eb67070a936a665fb19273240ed1e3905ea27b996b74b31b1216a77734b106dd9752a5f430ac5aef718c6942379dbd342aa66537e655afa95ec78cadcfc80584045cd07d43911c4d7dc3a37a4cf3cdf6eea9904c441ec02cfe0515c6c360463237aa6b3fafebcb1a59be1bf5ebe4680819f3e78ccc1e517987db6220b45bf840fb8fc9b33757a0e258468a911f2504358981410b6daad15bb0ed81ff971ef3cc89f06dacfa45a37cb37e946f5010d0a308ff760227d439f07401839b7844bd4e5f5d1824c17797c5abfb5a326f6b4626f9789d8d7a074b7f223cc4183f68e14de037a197920a858c310e3602a3c6f319b506bc4c523af495a95b74eb88af2699cbbeecbab62811ed05a0ea5e292e72e565ccbeb3fda2f32ee05ff7bfa40bfead96ace132532026e553bc4438a65ea897d64e9cdec2baa75839f9ea4dba584b81a9b813dc648e3ac31c885ec5dcedda3efc7a3a700"})
r3 = openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, 0x0, 0x80101, 0x0)
recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x4, 0x0, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x10a, 0x8, 0x0)
writev$auto(r3, 0x0, 0x4)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
semget$auto(0x0, 0x13c, 0x0)
semctl$auto(0x0, 0x9, 0x0, 0x2)

1m24.32173672s ago: executing program 2 (id=2207):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nl80211(0x0, r0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r2=>0x0})
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)={0x30, r1, 0xd0d58b333228212f, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r2}, @NL80211_ATTR_SCAN_FREQUENCIES={0x14, 0x2c, 0x0, 0x1, [@typed={0x8, 0xed, 0x0, 0x0, @fd}, @typed={0x8, 0xaa, 0x0, 0x0, @uid}]}]}, 0x30}}, 0x20000800)

1m24.087522075s ago: executing program 2 (id=2210):
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82000, 0x0)
r0 = socket(0xa, 0x1, 0x100)
getsockopt$auto_SO_RCVPRIORITY(r0, 0x2, 0x52, &(0x7f00000001c0)='/dev/virtual_nci\x00', &(0x7f0000000240)=0x7)
ioperm$auto(0x7, 0x5ad2, 0x8)
r1 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
pread64$auto(r1, 0x0, 0x7ff, 0x400)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x400000000000948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
process_mrelease$auto(0xffffffffffffffff, 0x0)
inotify_init1$auto(0x403)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
pselect6$auto(0x2, &(0x7f0000000340)={[0x100000001, 0x7fff, 0x8, 0xb, 0xfffffffffffffff9, 0xd65b, 0x3, 0xd, 0x9, 0x5, 0x548f, 0x1, 0x2, 0xb, 0x7f, 0x8001]}, &(0x7f00000003c0)={[0xff, 0x81, 0x5, 0x3, 0x0, 0x9, 0x5a17, 0x86, 0x200, 0x1, 0xd815, 0x2b, 0x400, 0x1, 0x2]}, &(0x7f0000000440)={[0x8000, 0xebf4, 0x2, 0x1ff, 0xffffffffffffffff, 0x5eb4db7a, 0x7dac, 0x2, 0x8000, 0x3, 0x10, 0x1ea12f0b, 0x2, 0x6, 0xd, 0x4]}, &(0x7f0000000280)={0x10001, 0xffffffff}, &(0x7f00000004c0)="4c41f417ff2a416fadc5331a019baebb429dbf84f29785e14e154606dd2aa73709f6b13124dfdef955a23a87062bb0ac9ab5f08d81926c924b332bbf75eb67512c")
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
r3 = socket(0xa, 0x2, 0x3a)
setsockopt$auto(r3, 0x29, 0x4e, &(0x7f0000000180)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91_\vBj\x0eQ\xce\x16\'C\x8c\x01\x80\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\x00\x00\x00\x00\xe4\xa5\xfe\xb5', 0x10000110)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
bind$auto(0x3, &(0x7f0000000040)=@generic={0xa, "02d0ac0c00e435826339c7328903"}, 0x6a)

1m23.018151229s ago: executing program 2 (id=2212):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x20000, 0xdf, 0x17, r0, 0x2000000000108000)
r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff)
epoll_create$auto(0x4)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
bpf$auto(0x0, 0x0, 0x6f3)
r2 = openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cpu/1/msr\x00', 0xf82, 0x0)
readv$auto(r2, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400)
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0xffffffffffffffff, 0x3)
getsockopt$auto_SO_BROADCAST(0xffffffffffffffff, 0xf7f, 0x6, 0x0, &(0x7f0000000180))
ioctl$auto_BTRFS_IOC_FORGET_DEV(r1, 0x50009405, &(0x7f00000011c0)={@inferred=r1, "147f624b05a2b22a62eb108f57b62c1a128c0f4a188dab9dc484db51686adb5a70d52b7f2f66145c31facd1cbb574c587628bd4cd6107b246f8f98fc23c6a864a492955d4c9350848a1d376d48008c8245ef620306a514c0e2f4dccf4932b8161402a453d31f6a2849bd701d53c73b5c87638db257f5ee75b4b2f3050dcd85bdda18e5f6c8f07bcbafc93b528f48baacd00dff67c662817347d58f7e2540061f146deeeb8a8fbea98e59c0ed49ac5898827aaa13b42a504dc9de98747915c70a39df9e7ad1373109c541923589e6364976cd3168fe3d0f085186627bde1577bbf260387eb8ecb5ad8d705de9f1e9b3d50ce454db9cbecf236dffbd3b274b5a7a63d3be027f04c7111ed622df2830ad588ef1d8b6c480b0f0772b5e7f621f8afa59a92859c296e01a7fa3f30f0d0d4337652988adb2b9d680d2c4f9896e1139548670c3598f33ba0f43def8ca1044626e75ca4d2b886f6db26ebb438a587407e59cf70e6cedf804044a4ccbccdcdcfd3e18152f5ac92af75d4deb491679de72f1b13ad5478ed08bb7acfc503580dae5c23583d01fdfecc9207f9e276540cf2328ba7a585937fd6acbda9a3a770277729be4f41177789decd4e0854b9861c08504c89215d7e8ce3473a0ad98f25d1d9e5fe2054a4ba9d3e0a67718ac00f384b74f5c8b24097e30e63af0c374c78f21d0af94486933450a311f8194051592e9e37607542244627393d338575c5a0a51815a01bd5ecf313cadddbb3c6bd4941a5c636b0c884ea266740b25c397ff3ea626070602d43ffbbebc0bddfdc47602432ecedce3bb6b0aba196f0eb714251d210bc979b4518005e41b5b6b0fc0ba793a8e77edd81553ce3a99cf9e7f4a9a41858e1971ac4127fa9995c888259e3436b7366e1344955ec1dd8628581a07056ec537e8196f87ab570af4fb4744f874fb283f8a54cae01cb32f70543eb60b6f65cc5269171d7e4cc0b76983aaba8d869d8848e496e2c5359251a39e5f9d1c0c6756456dcdd744e82594b2a6bfe3db7877c7fc123c259f8f70b36b3c48ae31875d5cf3eb6b00a32e107f419a079641e51c8233f4c304b4bf7942814ec1eb8166f0b168d76fb3c05cb1d0ccd66fd15cbb399f3730076246721f4d71f5bbcb63d2309c74878bb16ec592873f7514b66118673f808c2cb16b4a7b3be7b560b5183bb231be5829d9de866ecbf23c70779c6f9d37b7d185cdf53a328eeee8ea27931c68c68edad37f2a10fbfcffacbacb80e8c39a0504bddab3156c7c35ab417aee9c979bf14718975e59ec51a37516a71abd59ddc916de121937da400f09b85e96b554a1f5688b20e2df0f814163e46db2ef60268a6c57035008998b834560a7f9a69bcde2110f8d401321db671c7cd28fce473d9dd43d598ef1e576c93281a5a510fb48e7dbfe06451e2e9718ab0b6cd6ec02b6b62ae9d6cc7ec94af64311793125d92ef9ac91b0d99445c4dae30f46ef49f8068950a6a32661094ac22af30e313fc183ebe103e709be8bcb4e657a731ac05e55a5f3b772ec5f89074fce97e565f560d172c6975dd1edde80507a9e442b208fd57520cbbcac16ddcb26fc8ef1d19d2cfb07e80d32aab1769e628303478aff29f0143140478b50d392fb3e53e0d386ea97d901c27ae5911330f337ef7048cb7f5307fb0231066c100177c09722719372aa5dcffbfa6e84469bfa884446d5848d6af5c4a324f0805e5a1c82e97387239ba24e8406edccd92d37c0bafd97160cea312ba3ef96b6982d28e0d5e2b3bba83dcee9f5de3155d635deebc55bc030f9dadc659a0b6f5a84d539077e785ed5ed098115b576a7238c3532cea0fe9f00cfad2112908e57e66be5e86339812b5257a03e735727ea8c4cf5bcf0820dcf87a906bd962806a2767971f6079613acfb781d514111f35ba1fcdecaa15764d9ca817794c536cb4b1d4a2f60cf116520aa1cd2f7ade5d38c195ee6aaa196ceeaad0a3d642b0e4b54a5c9ffe8941e4f661aba9b9d77a0e2af0d1dd8120810f4b4f93bc56a2405b32ec460ccfae654ed07abfbfc3dab30d5e0b77538033ee73833910ecb297be29cf034a1133583e5afd7633e4a1b44c844cd34eb7d5e07d74e695b4abea1a70b5eb902385563e30134ec33ada8dc78433b4eefa2ead19df77dfc71148607e5c708f7692f1645e7a323f175849bd045f0bbed4f6a06169deceb2a4d361493ee6db8c7b0bd18b9782f48f7459c9d9033221dcf6a07464c04df0b11f99a943e12b1b0b6dc71c3bfef7128b2df83f1ee99952e4cc0a51189a21302e998fd2ed37b2ae8bfd96a47d50eb3d196fea3af714157e6a4e0630e0944de57556aa3225b485388faed23a9a9d595a5ff296e8e29452ef5541230954d4d0f916a27781041902f13cf0e962527e1a0f659a95a0c3831bb62841ba3e01c74859818283ad0725e76ed82f695405fffccd90ad1be0ad211891546a2ab3f75b9872c3ad68c2f5f4d8510cf1e087e789c5ab821ef46e197a36986434b1569499ad2717db7b200afd77b7542ba00a46192341aee8fe3bfe3d6e0c2767cafca11ce2beaf97602ef9095e815ab6eaec42399865f724ee9d96217f45a84a0def5d87375c65e0430cdc83422b8d367982f2722e793c6ba37687d34f0e2068c114fae854a3158abba5f5689a40488d095de19071a71d8d7a17f4389f2d20c4c0f9c16760d52d166acc5c201cfaecc0fc54b7143c60aaaac0ae196b36f3e1447e3e0992be2642ca8302b24514bd06cce84279ce361bb8ce245ca5152848ab4cced61c67e4579c0db21efd26efc0780cf4a04b02ddaa54335fa327d57320307e0dc3fe1f6cdb686150e2235e05ddeba10a193d49408ee47f57229a6ff30351dedf61b8789900eb15db5b0069c57984ba31710509d88da1d78b3eface0ad5b2cb7f303e248cb68abfd5a0c3ac672d1f6178fe54ef67e034d38c01e3458d9b64a97eb0cccfae7efbbbc0c8b806e75ae5dbdf641d8daa862f90cac0d460c6f70a7765169cd1e9fe305db403e4e453ce84c35a3573751a93ca7dd478ba547449254f3d7ac7b05f345bf0eec346db042b982c964c81545bf05986d033df8e41e9e19d3561250514ed703444048f44763261a860aa3cf0b539544af9a1fc4ba7f989111e00dcab0e64b538a1019467c3b43641e13c2707a4fdc78648b92302a54a0e7e3de53488e852f0fe658557ad1df2cf12a898515769bcde0f4a3386764d5b2f0eba5eee1e3257215c005b3bad612ff43b4121efc277fe9b80c69eee2c1ffdcb3ef843485d636a0025848254e22cd2f51c1f85202ae22d53969072c1ec4dbb973a157059ed523b8dad9671f6bba68a9d4521564a826b208df019ea32eeaf5b8f973263fdcab4c2519ac0d5ce4c181b12ba71bb3fc02388e72e89a24152e07b264fb00b425633ca2b2aaccd7208d5df00002b7fa4502656593a8e84e4b620bc65a60bf3d3c8b0c1d0ac93bcc711b9cf206b1037d3437e515913badbd7ccf2a69b32cd5b828193dac41fe0ff1a869bf086927eff915e422be23f40a54a2384e478f74bb2a397ecd214224294d9300d921afad2f50960e9830dc1ac8ee08ea0ff474d40a23b1f7dbc7761120c889b3354281751342d2429eb2555a8a57063f61c6cb3115d99d41a040c4d9fb3c5ddec980abfef33562607b7ad6fc8ac67c8026d50f2e01d949d065a8ea488b3d0d7ba296c914352b99a6c36aad4c030d1f9bef8696cb6d9dee3835646695b2a43f8682405c118477dd6486699dcd9cb93d911dae691fabfdfcc76ae48bcdf5d5ea87fffdcaf4e14faaa36689da73c9012ff943a787ec0e83f52cf221219f3468bdc010698450a19717e4ed062ab7d682d9e18c4469581bd09cd31aeaf1d17afb02b9cd769f56830d0ad155e4898889b438edfb13fb40d46bfe082ae1cd0f287805e4f2d011f43cd070f883668f45612132b19ff2f406bf80a1e5e69c741c63bc366c102a7a7e78d92e058d1f771031e582094bc7536182ddf2b88ef13d6573d0d34183c5e4dff48654ec1d18a44f6b2c67b17eb06489523bc3e7908b612e5204985cad17ff99b41650e49e469d8d80f3a2e32e93826e02160fbf19d92ab300bee4319b333aa9e96ac46d22ed71cf8394663f62362fe145094d140588c2e6f3eadc0bc16f6f6172aeac1e9ca44d93fa1399c641729e21f97f25ce5b4163419235bb98a218fa9d50b7aaa835d122c0436352b27909dcab907e43630907b23713bb445b93b8ec840b17d3d4618dd38bf58f2a0a6c3272a00aa8704774078f565faa4195ddfc15b33b196e646ebd8ab55e74da11ab4c30d031785c7c168d30ca12d23dcfa4a5a4f883f3b887fb77d822dae0a161d6c3565037a1f36bb1cf1d8601d94e4111b4ee435a98c21577b1e647ba160921881339a00a2d04210e603dcd9dfe2c40d32e5d93d9e94a5c176ca6291d5befa75121ec0abd660e2bac1458bd5609a6d725af0895b0d559ad726f34b50a06fd45f86764508386ab65ade7c76d0ce07330bf0d342216a769c98edb854cad6f6b02e0d09e713bbb7e12c786edd9d1078f3c5d0a87d34d9326e938098d674fb2d1ab1e39e3683a3ef0e00d9b66d56582e9d5f2d61a60226ee2c9cda7d44ef0504d6109fcd7978207df3eb9ed5ac860e0172907362654efb54cd6d04f7a58578fa3853d65e9243730466085905cbf1e1b34ea7a2f9dd268495d49824045074debb4c9140dfdbfc81fc6d371ec49521ddd996fd8761ada5d427348503a57a73a3ac74a540df4c2af59a1ecf644c00ebfbffafbf2990776717a2687889da69fefd0b0cb33c8351d147bcf31f98c8909e554c7ffd2cc9f64e4eb6b9c4b232489a2d912f19f79108b73a38de79fafd4a885de47810bdc4658d6d773c97e523732997392f1e02396875eda8ff955ef0ad75145cc1819df6a53878b9f1c5964146dcd73eabed0df798aea5c533fc263bc8d2533e36cde59e2cdd2ffac12cd7e6bea69ccc14b0b22b7606a6f82e8528f8dc739cd5c0ed0795d49452f257be2068055dcfaa7589ca65820d31583a81834910d8d1327469e370339dce1d87c31a750a02270cdaef457da2d50abac6651357858c391464781009209d79cf4286045773fe247e705a14b162583cd89e850df91b7517bd0a4476ac02fdc1dbd0faa81fa1e829ad0a548236939efcdf63c15b868b8712ca05571d7c0b810cc02cba9d1ae63e987b59ec3281cd706d7571d6b69a92663f11a24a68dbc6b2436b8049986f78fbe8effcf94457d5085dbf8812abb1fd431c6b465203eb67070a936a665fb19273240ed1e3905ea27b996b74b31b1216a77734b106dd9752a5f430ac5aef718c6942379dbd342aa66537e655afa95ec78cadcfc80584045cd07d43911c4d7dc3a37a4cf3cdf6eea9904c441ec02cfe0515c6c360463237aa6b3fafebcb1a59be1bf5ebe4680819f3e78ccc1e517987db6220b45bf840fb8fc9b33757a0e258468a911f2504358981410b6daad15bb0ed81ff971ef3cc89f06dacfa45a37cb37e946f5010d0a308ff760227d439f07401839b7844bd4e5f5d1824c17797c5abfb5a326f6b4626f9789d8d7a074b7f223cc4183f68e14de037a197920a858c310e3602a3c6f319b506bc4c523af495a95b74eb88af2699cbbeecbab62811ed05a0ea5e292e72e565ccbeb3fda2f32ee05ff7bfa40bfead96ace132532026e553bc4438a65ea897d64e9cdec2baa75839f9ea4dba584b81a9b813dc648e3ac31c885ec5dcedda3efc7a3a700"})
r3 = openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, 0x0, 0x80101, 0x0)
recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x4, 0x0, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x10a, 0x8, 0x0)
writev$auto(r3, 0x0, 0x4)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
semget$auto(0x0, 0x13c, 0x0)
semctl$auto(0x0, 0x9, 0x0, 0x2)

1m22.351904714s ago: executing program 2 (id=2216):
mq_open$auto(&(0x7f0000000000)='\xbe\xf2\x82\xe7\x14g\xb5\xeeMQ\x13\xa2_g\xbf\t\xfa\xf2_N\xb0{\xf9\xb57v\xeeG\xd9l\xbf\x86q w\x96\xd9\xe9\xa8\xe1\xf0\xc7\x1f\x1e\xc4\xc4\x89u\x83\xe8}\xbd\x7fO\x91\xc1UVW.\xb6\xad\x04u\x02w.\xec`O\xc1\x0e\x15\xe7:\xc9\x1bK\xcddY\x03\x95\xd1\xae\xc1\x9b\x96\x9faj\xd2\xfc\xfc\x1f7\xaf\xcan\xf6\xc0wK\xce\xe7Q\xae\xc9Hg\x01\xef\xda[\xe5\xa3\xa3%\'\x8f\xcf\x96X:\x04Dkt\x7f\xde\x80\x01\xddX\x91\x88\xa1\t\xc3\xf1\xfe[\x93$O8 b\xb4\x92\xf4\xbc\xc5\xb9\x989\xfcF\xec\xdc@\xdd\xdaeM\xe0U\xc8;\xf5\xe7$Q8\xd2\x87\xdd\xc5\x9d\xc5\xe8\xb5\xb5\xb8\xdfD\xd0\xe8t\x8aS\xaa\xbe\xaa\xba\x9e^0\x1a\xf8Y\xf5Jp\bu\xba\x98\x00\xf0H5\xa9u\x0e\xc4\x04\x13\xf58p\x9f\x11\xc07\xefS*|\xd87\x12\xd8\xce\xde0\xd82;\xcd\x18\r\xccI\x99\n\xd2\x86', 0xdd1, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
adjtimex$auto(&(0x7f00000005c0)={0xf332b6f, 0x0, 0xcea4, 0xfffffffffffffffd, 0xd4, 0x1, 0x0, 0x0, 0x1, 0x3692, 0x2, {0x100000004, 0x10000}, 0x5, 0x101, 0xfffffffffffffffd, 0x1007c02, 0x0, 0x9, 0x2000000000ffff, 0xdfffffffffff628c, 0x2, 0xdeb1, 0x808})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x82, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
socket(0xa, 0x1, 0x100)
r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
pread64$auto(r0, 0x0, 0x7ff, 0x400)
socket(0x1a, 0x1, 0x0)
r1 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x361900, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000180)={[0x1fc, 0x7, 0xd, 0x1, 0x2, 0x3, 0x88, 0x3, 0x0, 0x62, 0x7ff, 0x10, 0x6d3e, 0xc, 0x2, 0x6]}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x8800)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004)
ioctl$auto(0x3, 0x2287, r1)
mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000)
r3 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0)
write$auto_proc_mem_operations_base(r3, &(0x7f0000001680)="a7", 0x80000)
madvise$auto(0x2000000000, 0x201ff, 0x15)
prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0)
prctl$auto(0x43, 0x0, 0x0, 0x0, 0x401000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0)

1m20.544219376s ago: executing program 2 (id=2222):
r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYRES16=r0, @ANYRES16=r0, @ANYRESDEC=r0], 0x44}}, 0x24048084)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SYNC(r1, 0x5001, 0xfffffffffffffffc)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/platform/dummy_udc.4/udc/dummy_udc.4/function\x00', 0x0, 0x0)
read$auto(r2, 0x0, 0x7)
socket(0x10, 0x2, 0x6)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff)
gettid()
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x4)
socket(0x10, 0x3, 0x6)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c003b"], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

1m16.853630014s ago: executing program 3 (id=2237):
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82000, 0x0)
r0 = socket(0xa, 0x1, 0x100)
getsockopt$auto_SO_RCVPRIORITY(r0, 0x2, 0x52, &(0x7f00000001c0)='/dev/virtual_nci\x00', &(0x7f0000000240)=0x7)
ioperm$auto(0x7, 0x5ad2, 0x8)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
socket(0x1e, 0x1, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x400000000000948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
process_mrelease$auto(0xffffffffffffffff, 0x0)
inotify_init1$auto(0x403)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
pselect6$auto(0x2, &(0x7f0000000340)={[0x100000001, 0x7fff, 0x8, 0xb, 0xfffffffffffffff9, 0xd65b, 0x3, 0xd, 0x9, 0x5, 0x548f, 0x1, 0x2, 0xb, 0x7f, 0x8001]}, &(0x7f00000003c0)={[0xff, 0x81, 0x5, 0x3, 0x0, 0x9, 0x5a17, 0x86, 0x200, 0x1, 0xd815, 0x2b, 0x400, 0x1, 0x2]}, &(0x7f0000000440)={[0x8000, 0xebf4, 0x2, 0x1ff, 0xffffffffffffffff, 0x5eb4db7a, 0x7dac, 0x2, 0x8000, 0x3, 0x10, 0x1ea12f0b, 0x2, 0x6, 0xd, 0x4]}, &(0x7f0000000280)={0x10001, 0xffffffff}, &(0x7f00000004c0)="4c41f417ff2a416fadc5331a019baebb429dbf84f29785e14e154606dd2aa73709f6b13124dfdef955a23a87062bb0ac9ab5f08d81926c924b332bbf75eb67512c")
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
r2 = socket(0xa, 0x2, 0x3a)
setsockopt$auto(r2, 0x29, 0x4e, &(0x7f0000000180)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91_\vBj\x0eQ\xce\x16\'C\x8c\x01\x80\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\x00\x00\x00\x00\xe4\xa5\xfe\xb5', 0x10000110)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
bind$auto(0x3, &(0x7f0000000040)=@generic={0xa, "02d0ac0c00e435826339c7328903"}, 0x6a)

1m15.315046887s ago: executing program 3 (id=2241):
r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYRES16=r0, @ANYRES16=r0, @ANYRESDEC=r0], 0x44}}, 0x24048084)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/platform/dummy_udc.4/udc/dummy_udc.4/function\x00', 0x0, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x4)
socket(0x10, 0x3, 0x6)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c003b"], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

1m15.101650937s ago: executing program 3 (id=2242):
r0 = openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
socket(0xa, 0x1, 0x100)
modify_ldt$auto(0x1, 0x0, 0x10)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
socket(0x1e, 0x1, 0x0)
r1 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socket(0x21, 0x3, 0x9)
ioctl$auto_USB_RAW_IOCTL_EVENT_FETCH(r0, 0x80085502, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/events/vmalloc/enable\x00', 0x80, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x400000000000948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xf, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x5, 0xd, 0x1, 0x56c, 0x3, 0x15f4da0a, 0x3, 0x10, 0x62, 0x8000001f, 0x4, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
mmap$auto(0xc, 0xffffffffffffff7f, 0xee2, 0xfffffffffffffffe, r1, 0x8000000000000000)
unshare$auto(0x40000080)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84)
mount$auto(0x0, &(0x7f0000001500)='./file0\x00', &(0x7f0000001540)='cifs\x00', 0x8002, 0x0)
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
modify_ldt$auto(0x5, &(0x7f0000000340)="5eddde67e1dfbc2bda26ff1c8cd2212b63e7f5cecf8275093a8b466fe97472601975ca776103fd41ee5e80408386f04837bb7349c2ede7505e9f0b4b6c5eb632ef207f0d8772d277e4fb2706f6fe64c90b0d9dcda597c236f86dd60a1f3d2ec11b2dc385a3801e3e7084f1a0d8715ada2897c15da1fbe149d29dee113abb4853d47a196c87a3b4986d8fc85f458c0714afdb3adb72703e42cb3b74ea007edaba9a1121eee433cbdb9a98c652e4961180f1d8b9934f03c0e40ad8", 0x9)

1m10.338709049s ago: executing program 3 (id=2252):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x20000, 0xdf, 0x17, r0, 0x2000000000108000)
r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff)
epoll_create$auto(0x4)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
bpf$auto(0x0, 0x0, 0x6f3)
r2 = openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cpu/1/msr\x00', 0xf82, 0x0)
readv$auto(r2, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400)
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0xffffffffffffffff, 0x3)
getsockopt$auto_SO_BROADCAST(0xffffffffffffffff, 0xf7f, 0x6, 0x0, &(0x7f0000000180))
ioctl$auto_BTRFS_IOC_FORGET_DEV(r1, 0x50009405, &(0x7f00000011c0)={@inferred=r1, "147f624b05a2b22a62eb108f57b62c1a128c0f4a188dab9dc484db51686adb5a70d52b7f2f66145c31facd1cbb574c587628bd4cd6107b246f8f98fc23c6a864a492955d4c9350848a1d376d48008c8245ef620306a514c0e2f4dccf4932b8161402a453d31f6a2849bd701d53c73b5c87638db257f5ee75b4b2f3050dcd85bdda18e5f6c8f07bcbafc93b528f48baacd00dff67c662817347d58f7e2540061f146deeeb8a8fbea98e59c0ed49ac5898827aaa13b42a504dc9de98747915c70a39df9e7ad1373109c541923589e6364976cd3168fe3d0f085186627bde1577bbf260387eb8ecb5ad8d705de9f1e9b3d50ce454db9cbecf236dffbd3b274b5a7a63d3be027f04c7111ed622df2830ad588ef1d8b6c480b0f0772b5e7f621f8afa59a92859c296e01a7fa3f30f0d0d4337652988adb2b9d680d2c4f9896e1139548670c3598f33ba0f43def8ca1044626e75ca4d2b886f6db26ebb438a587407e59cf70e6cedf804044a4ccbccdcdcfd3e18152f5ac92af75d4deb491679de72f1b13ad5478ed08bb7acfc503580dae5c23583d01fdfecc9207f9e276540cf2328ba7a585937fd6acbda9a3a770277729be4f41177789decd4e0854b9861c08504c89215d7e8ce3473a0ad98f25d1d9e5fe2054a4ba9d3e0a67718ac00f384b74f5c8b24097e30e63af0c374c78f21d0af94486933450a311f8194051592e9e37607542244627393d338575c5a0a51815a01bd5ecf313cadddbb3c6bd4941a5c636b0c884ea266740b25c397ff3ea626070602d43ffbbebc0bddfdc47602432ecedce3bb6b0aba196f0eb714251d210bc979b4518005e41b5b6b0fc0ba793a8e77edd81553ce3a99cf9e7f4a9a41858e1971ac4127fa9995c888259e3436b7366e1344955ec1dd8628581a07056ec537e8196f87ab570af4fb4744f874fb283f8a54cae01cb32f70543eb60b6f65cc5269171d7e4cc0b76983aaba8d869d8848e496e2c5359251a39e5f9d1c0c6756456dcdd744e82594b2a6bfe3db7877c7fc123c259f8f70b36b3c48ae31875d5cf3eb6b00a32e107f419a079641e51c8233f4c304b4bf7942814ec1eb8166f0b168d76fb3c05cb1d0ccd66fd15cbb399f3730076246721f4d71f5bbcb63d2309c74878bb16ec592873f7514b66118673f808c2cb16b4a7b3be7b560b5183bb231be5829d9de866ecbf23c70779c6f9d37b7d185cdf53a328eeee8ea27931c68c68edad37f2a10fbfcffacbacb80e8c39a0504bddab3156c7c35ab417aee9c979bf14718975e59ec51a37516a71abd59ddc916de121937da400f09b85e96b554a1f5688b20e2df0f814163e46db2ef60268a6c57035008998b834560a7f9a69bcde2110f8d401321db671c7cd28fce473d9dd43d598ef1e576c93281a5a510fb48e7dbfe06451e2e9718ab0b6cd6ec02b6b62ae9d6cc7ec94af64311793125d92ef9ac91b0d99445c4dae30f46ef49f8068950a6a32661094ac22af30e313fc183ebe103e709be8bcb4e657a731ac05e55a5f3b772ec5f89074fce97e565f560d172c6975dd1edde80507a9e442b208fd57520cbbcac16ddcb26fc8ef1d19d2cfb07e80d32aab1769e628303478aff29f0143140478b50d392fb3e53e0d386ea97d901c27ae5911330f337ef7048cb7f5307fb0231066c100177c09722719372aa5dcffbfa6e84469bfa884446d5848d6af5c4a324f0805e5a1c82e97387239ba24e8406edccd92d37c0bafd97160cea312ba3ef96b6982d28e0d5e2b3bba83dcee9f5de3155d635deebc55bc030f9dadc659a0b6f5a84d539077e785ed5ed098115b576a7238c3532cea0fe9f00cfad2112908e57e66be5e86339812b5257a03e735727ea8c4cf5bcf0820dcf87a906bd962806a2767971f6079613acfb781d514111f35ba1fcdecaa15764d9ca817794c536cb4b1d4a2f60cf116520aa1cd2f7ade5d38c195ee6aaa196ceeaad0a3d642b0e4b54a5c9ffe8941e4f661aba9b9d77a0e2af0d1dd8120810f4b4f93bc56a2405b32ec460ccfae654ed07abfbfc3dab30d5e0b77538033ee73833910ecb297be29cf034a1133583e5afd7633e4a1b44c844cd34eb7d5e07d74e695b4abea1a70b5eb902385563e30134ec33ada8dc78433b4eefa2ead19df77dfc71148607e5c708f7692f1645e7a323f175849bd045f0bbed4f6a06169deceb2a4d361493ee6db8c7b0bd18b9782f48f7459c9d9033221dcf6a07464c04df0b11f99a943e12b1b0b6dc71c3bfef7128b2df83f1ee99952e4cc0a51189a21302e998fd2ed37b2ae8bfd96a47d50eb3d196fea3af714157e6a4e0630e0944de57556aa3225b485388faed23a9a9d595a5ff296e8e29452ef5541230954d4d0f916a27781041902f13cf0e962527e1a0f659a95a0c3831bb62841ba3e01c74859818283ad0725e76ed82f695405fffccd90ad1be0ad211891546a2ab3f75b9872c3ad68c2f5f4d8510cf1e087e789c5ab821ef46e197a36986434b1569499ad2717db7b200afd77b7542ba00a46192341aee8fe3bfe3d6e0c2767cafca11ce2beaf97602ef9095e815ab6eaec42399865f724ee9d96217f45a84a0def5d87375c65e0430cdc83422b8d367982f2722e793c6ba37687d34f0e2068c114fae854a3158abba5f5689a40488d095de19071a71d8d7a17f4389f2d20c4c0f9c16760d52d166acc5c201cfaecc0fc54b7143c60aaaac0ae196b36f3e1447e3e0992be2642ca8302b24514bd06cce84279ce361bb8ce245ca5152848ab4cced61c67e4579c0db21efd26efc0780cf4a04b02ddaa54335fa327d57320307e0dc3fe1f6cdb686150e2235e05ddeba10a193d49408ee47f57229a6ff30351dedf61b8789900eb15db5b0069c57984ba31710509d88da1d78b3eface0ad5b2cb7f303e248cb68abfd5a0c3ac672d1f6178fe54ef67e034d38c01e3458d9b64a97eb0cccfae7efbbbc0c8b806e75ae5dbdf641d8daa862f90cac0d460c6f70a7765169cd1e9fe305db403e4e453ce84c35a3573751a93ca7dd478ba547449254f3d7ac7b05f345bf0eec346db042b982c964c81545bf05986d033df8e41e9e19d3561250514ed703444048f44763261a860aa3cf0b539544af9a1fc4ba7f989111e00dcab0e64b538a1019467c3b43641e13c2707a4fdc78648b92302a54a0e7e3de53488e852f0fe658557ad1df2cf12a898515769bcde0f4a3386764d5b2f0eba5eee1e3257215c005b3bad612ff43b4121efc277fe9b80c69eee2c1ffdcb3ef843485d636a0025848254e22cd2f51c1f85202ae22d53969072c1ec4dbb973a157059ed523b8dad9671f6bba68a9d4521564a826b208df019ea32eeaf5b8f973263fdcab4c2519ac0d5ce4c181b12ba71bb3fc02388e72e89a24152e07b264fb00b425633ca2b2aaccd7208d5df00002b7fa4502656593a8e84e4b620bc65a60bf3d3c8b0c1d0ac93bcc711b9cf206b1037d3437e515913badbd7ccf2a69b32cd5b828193dac41fe0ff1a869bf086927eff915e422be23f40a54a2384e478f74bb2a397ecd214224294d9300d921afad2f50960e9830dc1ac8ee08ea0ff474d40a23b1f7dbc7761120c889b3354281751342d2429eb2555a8a57063f61c6cb3115d99d41a040c4d9fb3c5ddec980abfef33562607b7ad6fc8ac67c8026d50f2e01d949d065a8ea488b3d0d7ba296c914352b99a6c36aad4c030d1f9bef8696cb6d9dee3835646695b2a43f8682405c118477dd6486699dcd9cb93d911dae691fabfdfcc76ae48bcdf5d5ea87fffdcaf4e14faaa36689da73c9012ff943a787ec0e83f52cf221219f3468bdc010698450a19717e4ed062ab7d682d9e18c4469581bd09cd31aeaf1d17afb02b9cd769f56830d0ad155e4898889b438edfb13fb40d46bfe082ae1cd0f287805e4f2d011f43cd070f883668f45612132b19ff2f406bf80a1e5e69c741c63bc366c102a7a7e78d92e058d1f771031e582094bc7536182ddf2b88ef13d6573d0d34183c5e4dff48654ec1d18a44f6b2c67b17eb06489523bc3e7908b612e5204985cad17ff99b41650e49e469d8d80f3a2e32e93826e02160fbf19d92ab300bee4319b333aa9e96ac46d22ed71cf8394663f62362fe145094d140588c2e6f3eadc0bc16f6f6172aeac1e9ca44d93fa1399c641729e21f97f25ce5b4163419235bb98a218fa9d50b7aaa835d122c0436352b27909dcab907e43630907b23713bb445b93b8ec840b17d3d4618dd38bf58f2a0a6c3272a00aa8704774078f565faa4195ddfc15b33b196e646ebd8ab55e74da11ab4c30d031785c7c168d30ca12d23dcfa4a5a4f883f3b887fb77d822dae0a161d6c3565037a1f36bb1cf1d8601d94e4111b4ee435a98c21577b1e647ba160921881339a00a2d04210e603dcd9dfe2c40d32e5d93d9e94a5c176ca6291d5befa75121ec0abd660e2bac1458bd5609a6d725af0895b0d559ad726f34b50a06fd45f86764508386ab65ade7c76d0ce07330bf0d342216a769c98edb854cad6f6b02e0d09e713bbb7e12c786edd9d1078f3c5d0a87d34d9326e938098d674fb2d1ab1e39e3683a3ef0e00d9b66d56582e9d5f2d61a60226ee2c9cda7d44ef0504d6109fcd7978207df3eb9ed5ac860e0172907362654efb54cd6d04f7a58578fa3853d65e9243730466085905cbf1e1b34ea7a2f9dd268495d49824045074debb4c9140dfdbfc81fc6d371ec49521ddd996fd8761ada5d427348503a57a73a3ac74a540df4c2af59a1ecf644c00ebfbffafbf2990776717a2687889da69fefd0b0cb33c8351d147bcf31f98c8909e554c7ffd2cc9f64e4eb6b9c4b232489a2d912f19f79108b73a38de79fafd4a885de47810bdc4658d6d773c97e523732997392f1e02396875eda8ff955ef0ad75145cc1819df6a53878b9f1c5964146dcd73eabed0df798aea5c533fc263bc8d2533e36cde59e2cdd2ffac12cd7e6bea69ccc14b0b22b7606a6f82e8528f8dc739cd5c0ed0795d49452f257be2068055dcfaa7589ca65820d31583a81834910d8d1327469e370339dce1d87c31a750a02270cdaef457da2d50abac6651357858c391464781009209d79cf4286045773fe247e705a14b162583cd89e850df91b7517bd0a4476ac02fdc1dbd0faa81fa1e829ad0a548236939efcdf63c15b868b8712ca05571d7c0b810cc02cba9d1ae63e987b59ec3281cd706d7571d6b69a92663f11a24a68dbc6b2436b8049986f78fbe8effcf94457d5085dbf8812abb1fd431c6b465203eb67070a936a665fb19273240ed1e3905ea27b996b74b31b1216a77734b106dd9752a5f430ac5aef718c6942379dbd342aa66537e655afa95ec78cadcfc80584045cd07d43911c4d7dc3a37a4cf3cdf6eea9904c441ec02cfe0515c6c360463237aa6b3fafebcb1a59be1bf5ebe4680819f3e78ccc1e517987db6220b45bf840fb8fc9b33757a0e258468a911f2504358981410b6daad15bb0ed81ff971ef3cc89f06dacfa45a37cb37e946f5010d0a308ff760227d439f07401839b7844bd4e5f5d1824c17797c5abfb5a326f6b4626f9789d8d7a074b7f223cc4183f68e14de037a197920a858c310e3602a3c6f319b506bc4c523af495a95b74eb88af2699cbbeecbab62811ed05a0ea5e292e72e565ccbeb3fda2f32ee05ff7bfa40bfead96ace132532026e553bc4438a65ea897d64e9cdec2baa75839f9ea4dba584b81a9b813dc648e3ac31c885ec5dcedda3efc7a3a700"})
r3 = openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, 0x0, 0x80101, 0x0)
recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x4, 0x0, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x10a, 0x8, 0x0)
writev$auto(r3, 0x0, 0x4)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
semget$auto(0x0, 0x13c, 0x0)
semctl$auto(0x0, 0x9, 0x0, 0x2)

1m9.744410353s ago: executing program 3 (id=2256):
r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYRES16=r0, @ANYRES16=r0, @ANYRESDEC=r0], 0x44}}, 0x24048084)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SYNC(r1, 0x5001, 0xfffffffffffffffc)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/platform/dummy_udc.4/udc/dummy_udc.4/function\x00', 0x0, 0x0)
read$auto(r2, 0x0, 0x7)
openat$auto_cpu_latency_qos_fops_qos(0xffffffffffffff9c, &(0x7f0000000080), 0x10000, 0x0)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff)
gettid()
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x4)
socket(0x10, 0x3, 0x6)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c003b"], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

1m9.209338148s ago: executing program 3 (id=2258):
mmap$auto(0x0, 0x40000040000a, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x2, 0x1, 0x0)
r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x20401, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
ioctl$auto(r1, 0x541c, r2)
mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/lapb4/carrier\x00', 0x0, 0x0)
read$auto(r3, 0x0, 0x20)
r4 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r4, 0x0, 0x2)
r5 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, 0x0, 0x40, 0x0)
unlink$auto(0x0)
ioctl$auto_LOOP_CTL_ADD(r5, 0x4c80, 0xfffffffffffffffd)
r6 = setfsuid$auto(0xee01)
keyctl$auto(0x1d, 0xffffffffffffffff, r6, 0x0, 0x6)
msgctl$auto_IPC_STAT(0xfffff73c, 0x2, &(0x7f0000000100)={{0xd09b, <r7=>0xee01, 0xee00, 0xb, 0x3, 0x2, 0x10}, &(0x7f0000000040)=0x4, &(0x7f00000000c0)=0x3, 0x2, 0xb, 0x2, 0x9, 0x4, 0xf, 0x57, 0x7, @inferred, @inferred=0xffffffffffffffff})
setresuid$auto(r6, r7, r6)
ioctl$sock_SIOCGIFINDEX(r0, 0x4604, 0x0)

54.04480534s ago: executing program 33 (id=2258):
mmap$auto(0x0, 0x40000040000a, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x2, 0x1, 0x0)
r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x20401, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
ioctl$auto(r1, 0x541c, r2)
mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/lapb4/carrier\x00', 0x0, 0x0)
read$auto(r3, 0x0, 0x20)
r4 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r4, 0x0, 0x2)
r5 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, 0x0, 0x40, 0x0)
unlink$auto(0x0)
ioctl$auto_LOOP_CTL_ADD(r5, 0x4c80, 0xfffffffffffffffd)
r6 = setfsuid$auto(0xee01)
keyctl$auto(0x1d, 0xffffffffffffffff, r6, 0x0, 0x6)
msgctl$auto_IPC_STAT(0xfffff73c, 0x2, &(0x7f0000000100)={{0xd09b, <r7=>0xee01, 0xee00, 0xb, 0x3, 0x2, 0x10}, &(0x7f0000000040)=0x4, &(0x7f00000000c0)=0x3, 0x2, 0xb, 0x2, 0x9, 0x4, 0xf, 0x57, 0x7, @inferred, @inferred=0xffffffffffffffff})
setresuid$auto(r6, r7, r6)
ioctl$sock_SIOCGIFINDEX(r0, 0x4604, 0x0)

2.592763388s ago: executing program 4 (id=2463):
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0x1d, 0x3000, 0x6, 0x3, 0x400a, 0xffffffffffffffff, [0x0, 0xfffffffe], {0xa, 0x6, 0x0, 0x29b, 0x3, 0x7f, 0x0, 0x2, 0x3}, {0x100, 0x1, 0xc, 0x85, 0x40000001, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}})
io_uring_register$auto(0x2, 0x9, 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0x6, 0x8000)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x8080, 0x0)
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
keyctl$auto(0x7, 0xfffffffb, 0x2, 0x3e, 0x8)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
bpf$auto(0x6, 0xffffffffffffffff, 0x0)
semctl$auto(0x5, 0x0, 0x13, 0x7)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
futex$auto(0x0, 0x10d, 0x8, 0x0, 0x0, 0x8)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7e, 0x4)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
write$auto(0x3, 0x0, 0x7fffffff)
write$auto(0x1, 0x0, 0x80000000)
preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5)
mmap$auto(0x0, 0xfffffffffffffffd, 0xdf, 0x10, 0x2, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x3, 0x80000, 0x6)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = socketpair$auto(0x1, 0x2164, 0x8000000000000000, 0x0)
write$auto(r1, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x9a%\xab\xf4&\bG\xeeC\\\'\xcef\x912\x06`\x8e\xc1\x04D9R\xbb#\r\x00\xc8\x83\xd8\xa0\xd3\a\xabx\xbeN\xe3%\xcd[\xd1F`%\xd2\b~MH\x8c\xc0\xd2\x14\xd8\x9c|Ys\xc7W\xa1>\xfe\x96\xd5.\x19\xb4\xf1\xd8(\xf7\x06\xd1\xfb\xf8E\t\x0f\x1c\xf5\x85c\x8d\x90=\xc2\xe6\xef\xee\x19\x1cL\xa2\xc9\xd5\xc9:\x04\xa1\xc7\xb64M\xd2\x05^\xd78\xca\xf1\xdc\xa8-\x0f\x10MF\xd6#\xa5\xab\x84\x13\x18\xb1\xc9\xe7\xea:\xd0\xbd\rI\xa5\r\xd1\xe5\xea\xcb\xba&\xfc\x03\xcd\xf45\xb8SI\xc5:dd\xfe\xf0\xd6\xbaN6\x06\x817\x04\x00\x00\x00\xc7a\xa3+\xa7\x97\a\xb0\xc0\xfb<\x82/\xc9\x04oP\x0f\xdc\x97q6\xbf\xf5\x14\x87\xf9\r\xff\x05\x17=\x10\xebT\x9a\x01l\xb2\xbe\xfeh\x82\xf9\x06\xe9\xcd\x88^\xb9\xa7BB\xbe\xaa{\x7f.\xd7\xc4\x80\xb9\t\x98\xbd\x98\x88\xb1\x1a9\xd2H\x91[]z2\xbb\x9bO\xacx\xc8\xd7#\xfb\x18\x00'/279, 0x100000a3d9)

2.329851695s ago: executing program 4 (id=2465):
mmap$auto(0x0, 0x400008, 0xe3, 0x9b72, 0x2, 0x8000)
socket(0x1d, 0x2, 0x3ff)
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x300, 0x70bd36, 0x25dfdbfe, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x2}, @BATADV_ATTR_TT_CRC32={0x8, 0x13, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0xc005}, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

2.064708129s ago: executing program 4 (id=2466):
r0 = openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
socket(0xa, 0x1, 0x100)
modify_ldt$auto(0x1, 0x0, 0x10)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
socket(0x1e, 0x1, 0x0)
r1 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = socket(0x21, 0x3, 0x9)
ioctl$auto_USB_RAW_IOCTL_EVENT_FETCH(r0, 0x80085502, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/events/vmalloc/enable\x00', 0x80, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x400000000000948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'batadv_slave_0\x00'})
sendmsg$auto_NL80211_CMD_SET_WIPHY(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x404c0c0}, 0x80)
r5 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x3, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x8, 0x4008)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xf, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x5, 0xd, 0x1, 0x56c, 0x3, 0x15f4da0a, 0x3, 0x10, 0x62, 0x8000001f, 0x4, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
mmap$auto(0xc, 0xffffffffffffff7f, 0xee2, 0xfffffffffffffffe, r1, 0x8000000000000000)
unshare$auto(0x40000080)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0)
msync$auto(0x1ffff000, 0x17ffffffffffffc, 0x400000004)
open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84)
mount$auto(0x0, &(0x7f0000001500)='./file0\x00', &(0x7f0000001540)='cifs\x00', 0x8002, 0x0)
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0)

1.631929426s ago: executing program 1 (id=2471):
r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYRES16=r0, @ANYRES16=r0, @ANYRESDEC=r0], 0x44}}, 0x24048084)
ioctl$auto_SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, 0xfffffffffffffffc)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/platform/dummy_udc.4/udc/dummy_udc.4/function\x00', 0x0, 0x0)
read$auto(r1, 0x0, 0x7)
openat$auto_cpu_latency_qos_fops_qos(0xffffffffffffff9c, &(0x7f0000000080), 0x10000, 0x0)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
r2 = gettid()
rt_tgsigqueueinfo$auto(0x0, r2, 0x1e, &(0x7f0000000400)={@siginfo_0_0={0x77, 0x7fff, 0x7, @_sigfault={&(0x7f0000000480)="63ab5d1627efd9ab5457097eeeef551eb169c136518782103a0cc8016c912a75ffde11243decb7b083ef5c953baf5c7f635a96163996ec5250d38d0f0be5e3228d6bce7b76aeaa2506b1c62bdd96a2a5fb5a5c8b68809ecc5076b5a37a43a8566b7f088b816ebab73933f8f9c5198c5acd0bab8e2c698e6b90b399f1cca980ed41f4c16dcffe6aa1e659b055dd47ad127392a652176712ccd6b7a2d5fcb44918942983f6d08e03d6925945ff4a72e6a99bd7eb", @_addr_pkey={"53f8b65a83a57aa6", 0x80000000}}}})
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
close_range$auto(0x2, 0x8, 0x0)
r3 = socket(0x10, 0x2, 0x4)
socket(0x10, 0x3, 0x6)
r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="f0020000", @ANYRES16=r4, @ANYBLOB="01002dbd7000fedbdf2505000000da0203800800c000e000000204002a000400110008002e00", @ANYRES32, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b32"], 0x2f0}, 0x1, 0x0, 0x0, 0x40000}, 0x50)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c003b"], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000)

1.534886072s ago: executing program 1 (id=2472):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r2=>0x0})
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)={0x30, r1, 0xd0d58b333228212f, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r2}, @NL80211_ATTR_SCAN_FREQUENCIES={0x14, 0x2c, 0x0, 0x1, [@typed={0x8, 0xed, 0x0, 0x0, @fd}, @typed={0x8, 0xaa, 0x0, 0x0, @uid}]}]}, 0x30}}, 0x20000800) (fail_nth: 3)

1.379190451s ago: executing program 4 (id=2473):
mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0)
fstat$auto(0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$auto_gtp(0x0, 0xffffffffffffffff)
read$auto_ftrace_enable_fops_trace_events(0xffffffffffffffff, &(0x7f0000000200)=""/34, 0x22)
r1 = pipe$auto(&(0x7f0000000040))
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r2=>0x0})
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYRES32=r2, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100000000000000000008000200", @ANYRES32=r2, @ANYBLOB="060006ff050000000800"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$auto_VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000100)=<r4=>r0)
stat$auto(&(0x7f0000000380)='./file0\x00', &(0x7f0000000440)={0x7b2a, 0x3, 0x2, 0x5, <r5=>0xee00, 0xee01, 0x0, 0x8a, 0x4, 0x6, 0x4, 0x11b8c92, 0xffffffff, 0x9, 0xfffffffffffffffe, 0xe7, 0x80000001})
r6 = gettid()
sendmsg$auto_NL80211_CMD_GET_MPP(r4, &(0x7f0000001c40)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000500)={0x1720, r3, 0x300, 0x70bd27, 0x25dfdbfc, {}, [@NL80211_ATTR_AP_ISOLATE={0x5, 0x60, 0x4}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x9}, @NL80211_ATTR_FRAME_MATCH={0x5f, 0x5b, "fe5c8c6003d0e60b1697022d6d7c8b96921c441c326318a321c0ca54222fe69832676aa973f4fbef8f23c1bd15f93b25ecb1cc7f43ae2ec703d34053cc7006cfd31bf05e64354281dc94f150ff09401ee547549561816416f2b959"}, @NL80211_ATTR_REKEY_DATA={0x1699, 0x7a, 0x0, 0x1, [@nested={0x1c, 0x90, 0x0, 0x1, [@typed={0x14, 0x24, 0x0, 0x0, @ipv6=@remote}, @nested={0x4, 0x89}]}, @nested={0x140e, 0x106, 0x0, 0x1, [@typed={0x8, 0x100, 0x0, 0x0, @uid=r5}, @generic="56a8689314dfe943ee80332e25503bd767dc5ea792e39adf20809444a515ee40c6d6a920ffa19e66921c780ed6e5d727be1de4f49289f8f40a152fc604f3d3dfc83519729f6c9e36a7bb8293dacfc04a0c7dee78b81e006d1ea74ac3108bafbd4d19651e5f43b3636cc32e5c12ad76614e64af8d4fa6d8c3ebfee1c30aabac812e399b0dacd40944da28246d52b993e7b10d3504fd4d783861aef765864272698169160271c787b42e2eaff35ab20b804e0fc8c3bec2f96ef1a4a1f5685433d6295399afb978b01939c8ed6da46f34b3c8a911e25814", @generic="9198c2a56425a4337fc780afcc01a8aa7a20ca28d7952a39424c0180a4b1292979a81fda63f612267dcec6e4f4abb4292950814eab1d5c325242ba5a2af3af2b5869301cc4c65c3a1c8fa4c5f8608d5c7055133c0ab07e9f265fe82a4cd46bdbd8d4a5bc7ac0ec2174331fe1027e52ddc31c0a21d24fd23b55961d438677b5cdaae8ef0f66655367519920dbd1c1212de8fb6df3f624e225b8c2d9125b3243872d8144554ed363131be4f23c7d6ddc972b51ae34117a809d1f97ff43ee56e6d9cc79237792d7782f05a3968561636bf1bb90cd45ea811297fad2b7edb72f08d7e6dad6449ace7e678f26dcd64505318628e353d392fbdd5797d750926ba73c9cf7d19f494b4063d52e9f746445429a6d426004c74b697a7423a74a3a4582295c916ccd45198d93a63e0e167174151b354a09ab3ef4f70baf53ba361808eaf056a1015f327503c5266d655c5f4217b45df2c8aa301c06ea3c32767798272631c85625e11a7ac7a84eaacdc0b022e887b2e7e1d54f755c4970a6c8dc5219752722c0bb89d80fa8a67ba3e8aafc2cca663500d90e3f4b3ecc30c6f82c0476b1e2a2c22da183e137eab8cfd9c27bb1c1c560003c57292d759280f70f767c347277f1c6f155a107f043b5b692376ce124fea25b5f53f338dde3f61e7d5cb486cf82133c7ea059f5a8cf2cfd1832fba11b9bcb0543ed84bbfc1ce2161d7582ae08f02f68ecedfe7f142a16f3a584259caf8264c1642459dd33f1700a339cc1dd7da44965a7e64739b5ebe38a251811c2fab0580b85c67f519adba26e01cdd86be207bfd740710071ca205e480373aec92124b9430fa6cf6729cb6e3850be70e2b71c46f6b56d0e56c13a6a03b226449ad0d0ace9204eb8b0a501eb9bab4d64614b12005b07bb38458883c63e6dacd0fece9f5173410a34f66cdbf8bd5e43d4f0dcf6be9e31f5d206a878e8bf6abe2464030d52f8d66aac3360d61117b7030e4f1c9d9d34a6f8d2e9199706b417f079fa874f3b0dd11328f1d92b984bd3d5bde396f2a98b4a6fb9588c4435903e592d76a8fd6b0faa72977dd7cd87eed62b8d2ee4a2c84d49983b571f0f38c70959f3f08a9f1b811620fe78ffb14aaef3e8727c82884edee5dcb6305563f613a0b9fe25496f5fd933ecd1c84c4de5b64213d041cad19733e2ca614ecf016bc94bd712dd9c6830a32a1304fc4f22b8369995df5605be1b8be359f10fcafefa0dacb403b37d245fa6fa7cb978d0365d114eed6bc6c42c6219b6666746444b3ff9b11dc27a7c805d0a0746b0305137d6817586b4bbef244152d3748038bc92495e19bd86eca539e987486112d9f0e4ab5f3703e54a96cb6378d9f1e473dcae80ded76826f6d6cf857e09f56e2e32893dce906a0aee21aa10f797aa22d19754cf81f5d0018849cbf382998abbf825bc0a2dbc42cfde584abf98b12d54ce688f9c61b051dc4ff344a304a473c6b1e99f07473d858e66687b660dd7b828efbbb468dce55fca977b25e4ae32d81494144c81746f553fcda85dacde798de27a97784afee83db4ebdc96d7da2167855d6bb218893ecd861bceccd01d902892182665155dbabf318ed96a7f80af3c3625013b092daa6e928157c68a078c42b66e63b4c1822a60af66771d38e7e036b70221e6b941c78989a4813c579d7c07b87a51af80d9f52450d5dfa86750f8a2dba9032acb991d8aa03d09eb309ef457b7d3135ae85e857b9eb61b43b584c691a28a74c84a2c2c3cc97209d72a8c3a423bf7b1f9c8ab7b6168d88e721e5201cba18fad90112dc4cac1de7e076a24786c9063700e7c75ece1a7d2ecab4396025d61b4a579a75465bfa1f9ed917949fd765cdf48f0541f38b68016b5a3893720ffa9011a54003bb1a342608924b02e1eec31a1d949ddc0ce9dcbe7ca136d5650110bb9471f672029766b998ea4e320735dbea56da37921e331be11baea4de63d8fa191c9701308452c3cb4172848655c666d8b89f84faae6a893dcf1b69fbdf45e0a03bb496a0395fba17a370e511bb1418487048daf0419d967260cb1df82b08003079d09e61a6fd47b5593fb344ba9eab1a6a7fe38774e203d1d6268912b1aaecf880a706c374bf14262e27d5c6beb2dd7e6d5b4c2fb49eeb646f366e231d2ea738c2f887b3d322f1c57fccfc5f1c681045d21f6ee2beb4ab76617678eb3868a4581481c6db378d12c3e9e4f231c88e7d13d6325577fbc8bb578c8720f833e6ba58f6886bfe48942a5a1c0c69a20e243d14156e9d5f60cb32b8b2c7da74ab9d9e4565de3779a039d7c24328aac1e84a4e07349e480187205c55fde31a98894390ea84475ebb7a77298268c21f7259f667e5c46314cf96710c4b7d9fbd67a3e71fa81d80b6cbfff26753b399d95194bd6d8a27c064753414ae67d110fe97282379fef3a1c17eed29ff435f2ddce70aa42982a6cb366a0d9a16354c0137be388e010b3e1b12be2e5e1a295e3ec6f1e6dd11d333dcbf39797fb58b9801b643ca2a230f9cd8ff58984d39238834b045e398a65c43caf6270628205fc006420be93a22b0887ec900bb68b88c0514805830a3d5e58dc317af32f1688478153d4e9ae2a714506ad5184bb86fdbf50f3fe4ac67963568931323a46f21b3314de189cec83d27ed1681799c1ce91a99397a11fb6493d5564d959637bab7068cf7520ae7be55985edf138e5d714feb2f0577aa6fef01957989894236d27884dc916591824486799b1476dfe9daa704edc8a2af5676f12d3cbb6cc3a5cca0d3f4fa6f4e52a568f20c2e32770c9ade37522f42f5dd040dc0d93b33efa2090b0af1f40c30c004bd4629b80bcaccd15557b7c0979d84af56c99ab315b128a79bd934c82aa637c78d4d97da8cf889239758fc8d136167e262934877c940e62ecf99eea62cdb4df3d9102cd22cad144ddd899f734b0caa84548d206bf64de2cf4a8ea29e2732031dac668c94968c6e571796ac5debfbf17861047f9c8a99b7272ccf1263324d034390592de046e646a62491702dacfdf1df1e0f474c09303e47834a910214a27aafccb8571d18dd135a7e90eb8f292a8964d23bdaa4570f4718d8dc72400dbb912a38081dd587d1d6612c9481464373b5bf589be83863d7ab1c8359dcb83d4e3ce4bc570b74250cfd8d8ee40c9fbc5788a0ac9d90443fc99768f0dc2a7cc7cc396dfe921827f6ae66cb8b73dd0176563727fa81b94e77a24bc91cd2f775384b749447744a517f05a3800b5f730e19bf539551a50dfc4fb10d379b7869fb144b84d1d1663519e6b66ae5621ec7bb9d378f77867feb634c2a373a83199ad721838aab9f82a8432a24ac0ce898bd69901e0f14e0e0333bce000c13d2bfa86291a6162477fddd6ef512d6e04aa4f3c2a925e5b99fe41424174d0e7705f4a7c2298638148f967e105cc4a8f6c3986f116a555650955a7b6ebc5bce8bdef6b618cdb40d30892296bfcc92c7a6f4cdeba224aa13275fa09b31092c4108145de272d0024be2e745b269b20fe484272c8346da38b2d0ba0294910a6cc7b4841beb6eaaa415de490b7ca3d28d4ae7541fd1922727bb4af3682ba16a2d80ef4068054292f8aabda18596202e617ce2de0a9b9a148eb265c1842fa71524d25463f059e25c7c64bc975dd340635c5beb7efd97bce0e15f9292aaa1790998bf75e05412c3fc5d3c4ccda027f72e190b9c823aea2264b622d1652a35bdf442dc47d62d50e81fd7d58c6278bac0345723936cdf3cbbc3f98888c7b075a6afdb41968a395b209df719bed9ccc640c13b9aec009567e2ced40a8c91bff2745e4f83e375762696437d62f2c711ef01eb1aa2e6128b44a214cf2c6e3508cf114983b9f47607211dff37edb3808d90e2175fc275a9948b8f70c1e159e22e81bba9e05767deb83ea7f954e87f89111fbd7e2dc746556f9b04892418e81a23afc3a319a613b3d66fef5db851f353114da373409ead73d1ae48c658b8035989ce0a07c97df04cbac2d8d851736ecccd0854b412a2614860900639d52d115a27a2030a0ac54cb7996a5f892a5f4e24aac2982760544ae9cd65892a238536ce86eeafa979d2286f89b0126dd94a6a45af8bb4b3a7c2d7a7592b7aa7637d373160750a71318ecf0bd6ca510748cb69ff0cda5c5d1ab0b3b541f4e8682d7e902ec520027b08662df59b7c9966497f9a1f4a032ca90a4c7c7c32efb6a4428253d30a5dad01f73e7595bafde6483ae3a46c1267b434207404a979c9da33d4f18d97a4a1a83f25c6c86a4166a505a8e670e0604eee7042d72b004dc998fd4fb57dc9f47fdc194ca9a63d1b8868c88654a20aa0d37c667ac09ae1af78948970efb1a3fe4246dfb448b30b56448e5b023b9f490bf37019ec5d952ccff19d119b322d61616e12c17bc7367d23cf3aba4fb3761cc6cb749044e2296c993b8187447552b6504c3cc5a84fa4a2ff100871c4e136cc64b70d01165cb0230b23c491204f1bfe655690d995fc26c7f13b87f71c20049504b0d866dd2cfdbca393bb3256eb6e14a085d3f51c80a117c805f145a46a4c4056bc5e1b7694f868dfbdd14f892ad4c444f7f76f75422299dd2aff8e89def4dc9dca8204358aab44d276b1efd0b3bb64d1b9179f75c6fe3df4aa67c15d93cb4a5de572e3da11c76dc224257910358820e2e4ad2e04265c9126d41d0660327c9fb9066af6bc22bc3171bdad27f4f499aad9c21cf0106f469202bd77dc7724703f34d069969229e24786e5c5503c6c2dcddab7ad6061542c5d5b77fae20a0abb3e812edc3088b21c960838585ec327cd99cc9a7e9e3668a5ffcc788949e937c863f403cf7d5455c3765147d65129d84ac08a7ebed67f16996ae5e40c26048f1bd906ca0aa38bf744975807656d142d8a3c3707bad32c19e49717031ce591a51008d738ad4449577a7e7d413024dadb38c33ef655c7fdaf047218f22bba99f360845ff9bb9f324ce97bc557c262fbc1106541983bc392f486721f238e0abb4ab2b83f3e163250397c3022dd02854ffdb2807a60607b49f80762da5b9a7ef8ba44c2240f8da76a80a29f70ed886f98c41576ed5618522531c8772f6805d81b9950ac129df64d741508b05becf15cce04cc14e0ed1f9f6d6a9423be3bfb6e36ad5c9e1cb937e0478c546a26e4653aa777c4bfbe5d3818da2eef282e60f0eeb365327e7d38f0e96ec14a55686101fa299aebc6b64ad383c6176129caef92e89cc91146b40a889b241433696c8305975831f07d37198b867ab264786682b1b5109a4a50f7bba80fc545867dc2a89a515ae45b604513fe5593fe0a699e75c2f50601979d7a4c077c14bdd21f95ed934c09a5f1d5eae0d3419b5914eab74d4eee930056151619ff18f080b13a05ca65e4e6195f533e132322b3014144461422a6ef8c3e194cc88bd7003250e710bbab1399cd8e89ca2b7ef2f98d2a8fca707c124e8d90a3417f6a4decc086aaedd147e68bd70e32652a3d7c046252fd6ac3ae4ee0894f2a0a53c0e9a134d85657d3b50b93cede3f82b9d74c16941d8b4e33fad57d14077db62953f44b966060d5cb98f5d35d100c309a391148a5535d02e03d792e99ca20971fe175bda86ee80f803fdf44ca96fc0e516ae9ff40719ed157750f92137081ac134a043897587ca0bee184dcee2406fb7649de687b3552e64be2739923484f64148152bb57746bb164d6eccd40c2221c29127682be18c8039203a7db158ef89fe5946f38eff07ce22cba631c1d3c9d2cc0fd2b22d527d83d22aff789f612368beb677c8a3d8fbe857638fd7", @generic="d0fa280798614a479e94c664516fa51de8375caa14fe308efd79cd377d35ee2d24b8d42fd42733295ce7bebf3213e8f4d607b5c8da580a275da6d58fe3ca319b98a6acf1ae1b897a2b1e252adb5e881024f006141ccc9339e68d6a38399829af4d3ce7b7926040d8fc8eb93b48f33f922aa26d7ad364165bf39f43cfb7deabeab0db6bf5ee041dc1d13fafe767c9158a3a54641a27653ba987346821c8766c33eeed42c243327bf76eda1ada4fa1f6ca14fec5fa8afa2c0adb3e8461c0e84fa0e9a4798576a1c713f4b444d63b5ee97862ca4c4469ac617854b09296bd9cb92c6021b7c0f21ad58570fa3d1cafd567e3448c4d0c270b94", @nested={0x4, 0xc4}, @generic="4a71e34487b4eff19c5b9b9071ea53758244a577c886feb18d03cbf66c7660a54cdb03d267b7688397408fc4a96338e03ad48503450c20c8091cd5083ae1f9ee6c4e899fd04387a7abc56820641cf4d32afb86e6d05ec7b34724b3dce035adee748fe0ee4e8e2112a35dc744e1c5839acbefb6100c22f8b9d665e5cd7a2dc1f894ec082e8431d84cd04c8fede905083b89833e0d90682355ac0db5d8c82584683df08dc7e1bff208ee", @nested={0x4, 0x14e}, @generic="d3b790da85e030fd38de16164b5c8a5912e8bbd460fc90480cf7b23822e4cda95e7978ec3970c54f8dcb018cb7f5a4d3ed95c2fa4967a1a0915e128beb9115d69ba82a3394da60c3926633b2d3e2424da7bdbecfc42def058730b35489fc13bd1e2db8d9153401027dc5b1453757a01602243d5f045fac1bfdce7898783b4c6a0d9f965c908a5dbea7b003bdac82eb71da8b800385d1ea54a6ed2ea8660b9f7cbf9028fd7e3e1ac88f4c4a22ce6cd1305c0f86f434dd7d7208", @generic="c31040c7159b73b6ecb7c428d774cf3e35e1adac6c9a965485cb20f192ddbd68fc09e869f33bde972091b6b5a164386cc7ac65d1febbede5f218a1247df7001a581cb83c857d3abee7bc8236170d63b26b4fb3cc5c4032633f9b3b239d7caecef4f7473b347ddda9d87ebe6288bbde1901386e08fec294a05174194d83f6edc902242892c02f58062dc55f0f7aab39622ce25b2ad460a3b42ec1e53c0116c8f49a22822bf1214235708c41e3bacc07eeb2727576876b71218677ac56b3105c6fe2f0830138b9e52f7adae5"]}, @generic="e01f90f75aacbd6725b805ca1ff1b07a02e95f1a7e9a36accf42cd992da21e9902673a0d307b7b730083c03f58d348d35b709c26c886e79980b981446f658d4e5b50cf8cbeffac96278c492b1c81f0063efd82b5a77c9043f11aaa9063214410a8ce50895858d26b4b8c3c9b72", @typed={0x14, 0x121, 0x0, 0x0, @ipv6=@remote}, @nested={0x154, 0x97, 0x0, 0x1, [@generic="43bd59b2ac3946232f5c6b42b4989ad66ef35bd387435221ae871ac543d6281d83e5e46201fd6f1824016fae4623e0c6e819098f65a71464b6e0d2f06dbd15edb6d4b0664fb437e4244983cd9b2fe1643b28945ebe1e1b182d1350247b9413acf5a33201d44ddb", @generic="d2801cd3f00057aa924bc63a22b59c146487c47096fbb42e971b7a767b28c6d7b983b6ba39218e4098c8", @generic="fed2c492bc50901dd84d5f649bd4cafe4d822b1aadbf8667c60a90b075030085f09e0aa0747272c164288a46459bb74fbc08dec99bc55d6f221b9036f4e533fa2eda2d72f2b0d70e35aa01612d46c098bf0b8750af248ee1b255d61186131c89e595916cf13e2d2834d225", @typed={0x8, 0xf8, 0x0, 0x0, @fd=r1}, @typed={0x14, 0xf5, 0x0, 0x0, @ipv6=@private1}, @nested={0x4, 0x151}, @typed={0x14, 0x3e, 0x0, 0x0, @ipv6=@remote}, @typed={0x14, 0xf4, 0x0, 0x0, @ipv6=@mcast2}, @nested={0x4, 0x125}, @typed={0x8, 0x10c, 0x0, 0x0, @pid=r6}]}, @nested={0x94, 0x110, 0x0, 0x1, [@nested={0x4, 0x99}, @generic="1a849fee01e1f4f72bf522b48af2b915ad8b1bddd5bd017d04ea6233f26ce715e841b2600ebeeca57f8f96063b349e902447f1d9e890075ccbb711e25f80fb2375aa2ca793a2652c62b1f23be475bee92cbcb81be082b5eff9b053ebdf54305b52cb55a96c56d0a4fbe0ee3adda589b8e931be5c2dc9d7944652745c2e68ecdc8e65f6ae1b6ca532d21d2095"]}]}]}, 0x1720}, 0x1, 0x0, 0x0, 0x90}, 0xc0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r8=>0x0})
sendmsg$auto_NL80211_CMD_SET_WIPHY(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002dbd7000fddbdf250800030008000300", @ANYRES32=r8], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097f751b33e}, 0x80)
sendmsg$auto_ETHTOOL_MSG_LINKSTATE_GET(r4, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000240)={&(0x7f0000001c80)={0x7c, 0x0, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@ETHTOOL_A_LINKSTATE_HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x101}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}]}, @ETHTOOL_A_LINKSTATE_HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bridge\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x7c}, 0x1, 0x0, 0x0, 0x20040000}, 0x4)
mmap$auto(0x0, 0xdb33, 0xe2, 0xeb1, 0x405, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
r9 = io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_SIOCGIFHWADDR(r9, 0x8927, &(0x7f0000000100)="522e9c1dbf8883a53a")
madvise$auto(0x0, 0x2003f0, 0x15)
preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x3f, 0x5)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
io_uring_register$auto(0x2, 0x0, 0x0, 0x5)

1.320005833s ago: executing program 1 (id=2474):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x4)
socket(0x10, 0x3, 0x6)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB, @ANYBLOB="1c003b"], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

1.23729094s ago: executing program 1 (id=2475):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000001f80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r2=>0x0})
sendmsg$auto_BATADV_CMD_GET_BLA_CLAIM(r0, &(0x7f0000002040)={0x0, 0x0, &(0x7f0000002000)={&(0x7f00000000c0)={0x1c, r1, 0x59e638bc4fbb3f7d, 0x70bd2d, 0x25dfdbfd, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48018}, 0x400c880) (fail_nth: 6)

1.123249987s ago: executing program 1 (id=2476):
mmap$auto(0x0, 0x6, 0xdb, 0x9b72, 0xffffffffffffffff, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
read$auto_fake_panic_fops_(0xffffffffffffffff, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket(0x2, 0x3, 0x6)
r1 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
r2 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/security/tomoyo/version\x00', 0x20000, 0x0)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
ioctl$auto(r3, 0x4b41, 0x7)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
ioctl$auto_FS_IOC_ZERO_RANGE(r2, 0x40305839, 0x3)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x51)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000200), r0)
msgctl$auto(0x1, 0x9, &(0x7f0000000300)={{0x0, 0xffffffffffffffff, 0xee00, 0x6, 0x0, 0x8, 0x3}, &(0x7f0000000240)=0x8, &(0x7f0000000280)=0xa, 0x7, 0x0, 0x3, 0x1d4, 0x401, 0x8000, 0x6, 0x4, @inferred=0xffffffffffffffff})
socketpair$auto(0x1e, 0x3, 0xfffffffe, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x3}, 0x7}, 0x3, 0xcad7)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b7f, 0x2, 0x8000)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
write$auto(0x3, 0x0, 0x100085)

252.65764ms ago: executing program 4 (id=2477):
r0 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2)
syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff)
socket(0x3, 0x3, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r2 = getpid()
prctl$auto(0x0, 0x1, r2, 0x1, 0xc57)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000700)='/proc/thread-self/net/kcm_stats\x00', 0x60080, 0x0)
pread64$auto(r3, 0x0, 0x8, 0xffff)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/035/001\x00', 0x630001, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r4 = openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, &(0x7f00000004c0), 0x101202, 0x0)
write$auto_nvmf_dev_fops_fabrics(r4, 0x0, 0x0)
read$auto(r4, 0x0, 0x1f43)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0)
readv$auto(0x3, 0x0, 0x1)
close_range$auto(0x0, 0xfffffffffffff001, 0x2)
socket(0x18, 0x4, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
memfd_create$auto(&(0x7f0000000000)='\xc4--:\xdd:,./-${\x00', 0x4)
r5 = memfd_secret$auto(0x0)
finit_module$auto(r5, 0xfffffffffffffffe, 0x0)
ioctl$auto_BCH_IOCTL_FSCK_OFFLINE(r0, 0x4018bc13, &(0x7f0000000180)={0x4, 0xe9, 0x2, [0x2, 0x7e5]})
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0)
write$auto(0xca, &(0x7f00000001c0)='\x04\x13\xac\x04\x00\x00\x00\x00\x00\x00\x00\x01\n\xdc\x10\x00\x00\xef\xab\xe1ME:\xab \x87|\xe0Z\x1b\x9eZ\xa8\xff\x92+\xc9\x9fs\xbf\xd8\f\x00\x00\x00\xa5V\b\xf1Ne\xc6l\xd0\xdd7\x96gf\xb2\xa0\xf2cN\x8b\x95\xeb\xf3(\x9eM-\xdc\x84N\xc3\tts%\xe9\xbf<\xf1\xdav\xe0n\x04\xb33\x97\xd5\xb4\x02\x94B\xbb\x995\x1e\xf7@\xd8\xca\x8d\a0 \xfa\x87V\xeb1\xe4M%\xdd\xfd\xf6\x8d\xb4\xc7\x9b\x9d\xf5\xd9^\xcdL@\x0f\xd4\x15F,\xc1\xd1i\xa4f/{\xfa\xd5\n\xe1\x95l[\x91\xbfX\xea2\x1b\x8a\x85\t\x00\x05m\x1e\x9b\xca\xfb\x81\x9d{\x19S\xff\xe4\xd2k\x1b/wJ&\x03+{\x84R\xa8\x92\xad\xec\x1b\xb1\xe9\xa7XUo\x93\xd5\xfb\x94\xc4\xdf\x8e\xdd\x97\xfc\x00\x13\xd6\x80g\x7fR;\x88\xf7bm\x8f\xb5\x89\x1a\xb63\x98\xaa\xcc\xbf\x94\xbf#u\xb9', 0x2b)
ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0)
unshare$auto(0x40000080)

183.722881ms ago: executing program 1 (id=2478):
mmap$auto(0x0, 0x6, 0xdb, 0x9b72, 0xffffffffffffffff, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
read$auto_fake_panic_fops_(0xffffffffffffffff, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket(0x2, 0x3, 0x6)
r1 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
r2 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/security/tomoyo/version\x00', 0x20000, 0x0)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
ioctl$auto(r3, 0x4b41, 0x7)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
ioctl$auto_FS_IOC_ZERO_RANGE(r2, 0x40305839, 0x3)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x51)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000200), r0)
msgctl$auto(0x1, 0x9, &(0x7f0000000300)={{0x0, 0xffffffffffffffff, 0xee00, 0x6, 0x0, 0x8, 0x3}, &(0x7f0000000240)=0x8, &(0x7f0000000280)=0xa, 0x7, 0x0, 0x3, 0x1d4, 0x401, 0x8000, 0x6, 0x4, @inferred=0xffffffffffffffff})
socketpair$auto(0x1e, 0x3, 0xfffffffe, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x3}, 0x7}, 0x3, 0xcad7)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b7f, 0x2, 0x8000)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
write$auto(0x3, 0x0, 0x100085)

0s ago: executing program 4 (id=2479):
r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYRES16=r0, @ANYRES16=r0, @ANYRESDEC=r0], 0x44}}, 0x24048084)
ioctl$auto_SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, 0xfffffffffffffffc)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/platform/dummy_udc.4/udc/dummy_udc.4/function\x00', 0x0, 0x0)
read$auto(r1, 0x0, 0x7)
openat$auto_cpu_latency_qos_fops_qos(0xffffffffffffff9c, &(0x7f0000000080), 0x10000, 0x0)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
r2 = gettid()
rt_tgsigqueueinfo$auto(0x0, r2, 0x1e, &(0x7f0000000400)={@siginfo_0_0={0x77, 0x7fff, 0x7, @_sigfault={&(0x7f0000000480)="63ab5d1627efd9ab5457097eeeef551eb169c136518782103a0cc8016c912a75ffde11243decb7b083ef5c953baf5c7f635a96163996ec5250d38d0f0be5e3228d6bce7b76aeaa2506b1c62bdd96a2a5fb5a5c8b68809ecc5076b5a37a43a8566b7f088b816ebab73933f8f9c5198c5acd0bab8e2c698e6b90b399f1cca980ed41f4c16dcffe6aa1e659b055dd47ad127392a652176712ccd6b7a2d5fcb44918942983f6d08e03d6925945ff4a72e6a99bd7eb", @_addr_pkey={"53f8b65a83a57aa6", 0x80000000}}}})
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
close_range$auto(0x2, 0x8, 0x0)
r3 = socket(0x10, 0x2, 0x4)
socket(0x10, 0x3, 0x6)
r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="f0020000", @ANYRES16=r4, @ANYBLOB="01002dbd7000fedbdf2505000000da0203800800c000e000000204002a000400110008002e00", @ANYRES32, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b32"], 0x2f0}, 0x1, 0x0, 0x0, 0x40000}, 0x50)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c003b"], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000)

kernel console output (not intermixed with test programs):


			








	

	






	






	




	

		
	
	













	








	
	

	










	
	







	

	








		








	


	






	




	






		








	

	

				


		

				

	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	

	
		

	
		

	


	
	

		
	
		
	
	



			








	




	




	



















	



	


	

	

	

	



	





	






	




	





		







	
	
	
	
	
	
	

				


		

				

	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	

	
		
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	

				


		

				

			
	

	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	

				


		

				

	

				


		

				

	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	

	
		
	

	
		

	

	
		

	


		

		
	
		
	
	



			








	






	





	

	


	






	




	





		





		
	
		
	

				


		

				

	

				


		

				


	
		

	


	
	

		
	
		
	
	



			








	

	







	



	


	


	
	
	
	
	
	





	
	

	
	

	

	
	
	

	
	
	
	







	



	

	

	

	



		
	

	



	
	







	





	

	


	






	




	






		






	

				


		

				

	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	

	
	

	
	

	
		

	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	

				


		

				

	

	
		
	

				


		

				

	

				


		

				


	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	

	
		

	


		

		
	
		
	
	



			








	









	

		
	






	

	


	






	






	





		









	



	
	

	
	
	

	

	
				
	
		


	
	

				


		

				

	

				


		

				


	
		

	


		

		
	
		
	
	



			








	



	




	

	


	






	






	






		









	

	
	
	
	
	
	
	
		
		

		
	
		
		
		


	

		
	
	

	
	

				


		

				

	

				


		

				


	
		

	


		

		
	
		
	
	



			








	







	






	

	


	






	






	





		








	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	







	
		



	
		



	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
		



	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	

				


		

				

	
	

	

	
				
	
		


	
	


	

				


		

				



		



	
		
	
	

	

	

				


		

				

	

	
		
	
	
	
	
	
	
	

				


		

				

	

				


		

				

	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	

				


		

				



		



	
		
	
	
			
	

				


		

				

	

	
		
	
	
	
	
	
	
	

	
		
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	

				


		

				

	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	

				


		

				

	

	
		
	

	
		
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	

	
		

	


		

		
	
		
	
	



			








	












	




	







	






	





		








	

				


		

				

	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	

	
				
	
		
	


	
	

	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	

	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	

				


		

				


	
		

	


	
	

		
	

	
				
	
		
	
	
		
		
	
	



			








	




	







		







	


	






		



	









	




	




		






	
				
	
	



				
		
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	

	
		

	


	
	

		
	
		
	
	



			








	

	
	






	







		

		

	
	
		









	

	
	






	




	







	






	





		













			
		
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
		



	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	

	
		
	

	
		
		
		


	
			
	

	
				
		
		


	

	
		

	


syzkaller
syzkaller login: [  873.859420][T15589] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1947'.
[  873.871278][T15589] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1947'.
[  874.138137][T15593] netlink: 252 bytes leftover after parsing attributes in process `syz.1.1949'.
[  875.512789][T15611] netlink: 350 bytes leftover after parsing attributes in process `syz.3.1953'.
[  875.551292][ T5849] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  876.866109][T15620] Setting dangerous option i915.mitigations - tainting kernel
[  877.233841][T15628] ubi: mtd0 is already attached to ubi0
[  878.951638][T15641] netlink: 350 bytes leftover after parsing attributes in process `syz.3.1958'.
[  880.356476][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  880.362948][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  884.077179][T15694] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21
[  885.574615][T15696] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input22
[  890.133751][T15758] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1981'.
[  890.493505][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  890.506404][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  890.516786][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  890.523507][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  890.544287][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  890.550688][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  890.563247][T15765] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1983'.
[  890.574042][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  890.580431][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  891.008014][T15762] CIFS mount error: No usable UNC path provided in device string!
[  891.008014][T15762] 
[  891.021363][T15762] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  892.046828][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  892.053939][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  892.187656][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  892.196509][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  892.217481][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  892.225338][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  892.385874][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  892.394763][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  893.395298][T15803] netlink: 252 bytes leftover after parsing attributes in process `syz.3.1993'.
[  894.453172][T15818] FAULT_INJECTION: forcing a failure.
[  894.453172][T15818] name failslab, interval 1, probability 0, space 0, times 0
[  894.491095][T15818] CPU: 0 UID: 0 PID: 15818 Comm: syz.1.1996 Tainted: G     U              6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[  894.491157][T15818] Tainted: [U]=USER
[  894.491167][T15818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  894.491186][T15818] Call Trace:
[  894.491199][T15818]  <TASK>
[  894.491212][T15818]  dump_stack_lvl+0x16c/0x1f0
[  894.491268][T15818]  should_fail_ex+0x512/0x640
[  894.491316][T15818]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  894.491373][T15818]  should_failslab+0xc2/0x120
[  894.491404][T15818]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  894.491456][T15818]  ? __d_alloc+0x31/0xaa0
[  894.491511][T15818]  __d_alloc+0x31/0xaa0
[  894.491566][T15818]  d_alloc_pseudo+0x1c/0xc0
[  894.491604][T15818]  alloc_file_pseudo_noaccount+0xcf/0x230
[  894.491644][T15818]  ? __pfx_alloc_file_pseudo_noaccount+0x10/0x10
[  894.491695][T15818]  bdev_file_open_by_dev+0x143/0x210
[  894.491744][T15818]  disk_scan_partitions+0x1ed/0x320
[  894.491795][T15818]  blkdev_common_ioctl+0x2f6/0x2480
[  894.491833][T15818]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  894.491872][T15818]  ? futex_wake+0x1ad/0x530
[  894.491912][T15818]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  894.491967][T15818]  ? __pfx_blkdev_common_ioctl+0x10/0x10
[  894.492017][T15818]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  894.492080][T15818]  ? find_held_lock+0x2b/0x80
[  894.492116][T15818]  blkdev_ioctl+0x1cb/0x6d0
[  894.492154][T15818]  ? __pfx_blkdev_ioctl+0x10/0x10
[  894.492198][T15818]  ? __pfx_blkdev_ioctl+0x10/0x10
[  894.492237][T15818]  __x64_sys_ioctl+0x18e/0x210
[  894.492276][T15818]  do_syscall_64+0xcd/0x490
[  894.492328][T15818]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  894.492359][T15818] RIP: 0033:0x7fd8bd78e929
[  894.492386][T15818] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  894.492419][T15818] RSP: 002b:00007fd8be526038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  894.492450][T15818] RAX: ffffffffffffffda RBX: 00007fd8bd9b6160 RCX: 00007fd8bd78e929
[  894.492471][T15818] RDX: 0000000000000000 RSI: 000000000000125f RDI: 0000000000000003
[  894.492491][T15818] RBP: 00007fd8bd810b39 R08: 0000000000000000 R09: 0000000000000000
[  894.492510][T15818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  894.492529][T15818] R13: 0000000000000000 R14: 00007fd8bd9b6160 R15: 00007ffe80988d78
[  894.492570][T15818]  </TASK>
[  894.788798][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  894.795480][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  894.810210][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  894.816622][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  894.829531][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  894.836026][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  894.915069][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  894.922647][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  896.798718][T15853] CIFS mount error: No usable UNC path provided in device string!
[  896.798718][T15853] 
[  896.809269][T15853] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  900.739865][T15895] netlink: 252 bytes leftover after parsing attributes in process `syz.3.2013'.
[  901.012824][T15902] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  902.186520][T15921] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23
[  902.209030][T15920] netlink: 350 bytes leftover after parsing attributes in process `syz.3.2018'.
[  902.853341][T15922] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24
[  903.584427][T15928] Process accounting resumed
[  904.438310][T15950] netlink: 252 bytes leftover after parsing attributes in process `syz.2.2024'.
[  904.859538][T15957] CIFS mount error: No usable UNC path provided in device string!
[  904.859538][T15957] 
[  905.166362][T15957] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  906.313629][T15967] netlink: 350 bytes leftover after parsing attributes in process `syz.2.2025'.
[  906.560319][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  906.567087][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  906.576392][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  906.583205][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  906.592345][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  906.599749][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  906.608720][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  906.616313][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  908.984014][T15999] CIFS mount error: No usable UNC path provided in device string!
[  908.984014][T15999] 
[  909.077474][T15999] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  910.033642][T16013] netlink: 350 bytes leftover after parsing attributes in process `syz.4.2036'.
[  910.634119][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  910.640984][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  910.656503][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  910.668765][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  910.685017][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  910.691624][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  910.704914][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  910.714438][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  914.212154][T16067] netlink: 252 bytes leftover after parsing attributes in process `syz.2.2047'.
[  914.926762][T16083] CIFS mount error: No usable UNC path provided in device string!
[  914.926762][T16083] 
[  914.937268][T16083] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  917.027762][T16117] tc_dump_action: action bad kind
[  917.571794][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  917.578200][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  917.608220][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  917.615662][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  917.645125][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  917.651594][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  917.673303][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  917.690633][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  918.130766][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  918.137782][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  918.147835][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  918.154751][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  918.173744][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  918.180206][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  918.200820][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  918.208715][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  922.003431][T16182] netlink: 350 bytes leftover after parsing attributes in process `syz.3.2068'.
[  922.954992][T16209] CIFS mount error: No usable UNC path provided in device string!
[  922.954992][T16209] 
[  922.969879][T16209] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  923.013598][T16207] netlink: 296 bytes leftover after parsing attributes in process `syz.1.2078'.
[  924.505699][T16230] netlink: 'syz.2.2083': attribute type 4 has an invalid length.
[  924.521875][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  924.531226][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  924.546440][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  924.553244][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  924.579735][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  924.587563][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  924.732212][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  924.738722][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  926.379630][T16252] netlink: 350 bytes leftover after parsing attributes in process `syz.2.2091'.
[  926.933499][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  926.940129][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  926.953643][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  926.960000][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  926.980502][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  926.987060][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  926.997612][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  927.004267][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  928.578734][T16282] netlink: 330 bytes leftover after parsing attributes in process `syz.3.2096'.
[  928.938625][T16287] netlink: 350 bytes leftover after parsing attributes in process `syz.1.2097'.
[  932.388388][T16331] netlink: 350 bytes leftover after parsing attributes in process `syz.4.2110'.
[  932.897024][T16333] netlink: 252 bytes leftover after parsing attributes in process `syz.4.2119'.
[  933.837938][T16348] Process accounting paused
[  933.968421][T16347] FAULT_INJECTION: forcing a failure.
[  933.968421][T16347] name failslab, interval 1, probability 0, space 0, times 0
[  933.991430][T16347] CPU: 1 UID: 0 PID: 16347 Comm: syz.4.2116 Tainted: G     U              6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[  933.991489][T16347] Tainted: [U]=USER
[  933.991499][T16347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  933.991532][T16347] Call Trace:
[  933.991542][T16347]  <TASK>
[  933.991555][T16347]  dump_stack_lvl+0x16c/0x1f0
[  933.991613][T16347]  should_fail_ex+0x512/0x640
[  933.991654][T16347]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  933.991705][T16347]  should_failslab+0xc2/0x120
[  933.991732][T16347]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  933.991775][T16347]  ? rcu_is_watching+0x12/0xc0
[  933.991803][T16347]  ? prepare_creds+0x2c/0x7d0
[  933.991847][T16347]  prepare_creds+0x2c/0x7d0
[  933.991888][T16347]  cap_task_prctl+0x46a/0xa80
[  933.991923][T16347]  security_task_prctl+0xc2/0x160
[  933.991983][T16347]  __do_sys_prctl+0xaa/0x24c0
[  933.992029][T16347]  ? __pfx___do_sys_prctl+0x10/0x10
[  933.992080][T16347]  do_syscall_64+0xcd/0x490
[  933.992127][T16347]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  933.992157][T16347] RIP: 0033:0x7f7238b8e929
[  933.992181][T16347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  933.992210][T16347] RSP: 002b:00007f7239992038 EFLAGS: 00000246 ORIG_RAX: 000000000000009d
[  933.992237][T16347] RAX: ffffffffffffffda RBX: 00007f7238db5fa0 RCX: 00007f7238b8e929
[  933.992256][T16347] RDX: 0000000100000000 RSI: 0000000000000005 RDI: 000001000000001c
[  933.992379][T16347] RBP: 00007f7238c10b39 R08: 0000003fffffffff R09: 0000000000000000
[  933.992402][T16347] R10: 000040000000000c R11: 0000000000000246 R12: 0000000000000000
[  933.992421][T16347] R13: 0000000000000000 R14: 00007f7238db5fa0 R15: 00007fffa1221598
[  933.992471][T16347]  </TASK>
[  934.609601][T16367] netlink: 252 bytes leftover after parsing attributes in process `syz.3.2123'.
[  938.279543][T16399] CIFS mount error: No usable UNC path provided in device string!
[  938.279543][T16399] 
[  938.311598][T16399] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  939.105929][T16408] FAULT_INJECTION: forcing a failure.
[  939.105929][T16408] name fail_futex, interval 1, probability 0, space 0, times 0
[  939.156192][T16408] CPU: 1 UID: 0 PID: 16408 Comm: syz.3.2133 Tainted: G     U              6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[  939.156252][T16408] Tainted: [U]=USER
[  939.156263][T16408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  939.156284][T16408] Call Trace:
[  939.156295][T16408]  <TASK>
[  939.156310][T16408]  dump_stack_lvl+0x16c/0x1f0
[  939.156372][T16408]  should_fail_ex+0x512/0x640
[  939.156429][T16408]  get_futex_key+0x1d0/0x1540
[  939.156475][T16408]  ? __pfx_get_futex_key+0x10/0x10
[  939.156529][T16408]  futex_wake+0xea/0x530
[  939.156576][T16408]  ? aa_get_newest_label+0x375/0x680
[  939.156611][T16408]  ? __pfx_futex_wake+0x10/0x10
[  939.156651][T16408]  ? trace_kmalloc+0x2b/0xd0
[  939.156680][T16408]  ? __kmalloc_noprof+0x242/0x510
[  939.156728][T16408]  ? commit_creds+0x6e3/0x1040
[  939.156772][T16408]  do_futex+0x1e3/0x350
[  939.156805][T16408]  ? __pfx_do_futex+0x10/0x10
[  939.156840][T16408]  ? cap_task_prctl+0x2af/0xa80
[  939.156874][T16408]  __x64_sys_futex+0x1e0/0x4c0
[  939.156913][T16408]  ? __pfx___x64_sys_futex+0x10/0x10
[  939.156958][T16408]  ? __pfx___do_sys_prctl+0x10/0x10
[  939.157013][T16408]  do_syscall_64+0xcd/0x490
[  939.157062][T16408]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  939.157091][T16408] RIP: 0033:0x7f22c098e929
[  939.157114][T16408] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  939.157142][T16408] RSP: 002b:00007f22c17350e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  939.157168][T16408] RAX: ffffffffffffffda RBX: 00007f22c0bb5fa8 RCX: 00007f22c098e929
[  939.157187][T16408] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f22c0bb5fac
[  939.157204][T16408] RBP: 00007f22c0bb5fa0 R08: 00007f22c1736000 R09: 0000000000000000
[  939.157222][T16408] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f22c0bb5fac
[  939.157239][T16408] R13: 0000000000000000 R14: 00007ffc584e9580 R15: 00007ffc584e9668
[  939.157274][T16408]  </TASK>
[  939.640049][T16420] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input25
[  940.040686][T16421] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input26
[  940.506511][T16433] netlink: 330 bytes leftover after parsing attributes in process `syz.4.2138'.
[  941.801492][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  941.810625][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  942.211395][T16461] netlink: 350 bytes leftover after parsing attributes in process `syz.1.2149'.
[  943.156215][T16478] netlink: 350 bytes leftover after parsing attributes in process `syz.1.2155'.
[  944.180565][T16490] netlink: 350 bytes leftover after parsing attributes in process `syz.3.2158'.
[  944.272924][T16491] netlink: 350 bytes leftover after parsing attributes in process `syz.2.2159'.
[  944.684960][T16505] random: crng reseeded on system resumption
[  946.874990][T16528] netlink: 350 bytes leftover after parsing attributes in process `syz.2.2170'.
[  947.571628][T16533] netlink: 350 bytes leftover after parsing attributes in process `syz.2.2171'.
[  948.125265][T16549] CIFS mount error: No usable UNC path provided in device string!
[  948.125265][T16549] 
[  948.143676][T16549] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  949.510725][T16563] netlink: 350 bytes leftover after parsing attributes in process `syz.3.2180'.
[  949.515395][T16564] netlink: 252 bytes leftover after parsing attributes in process `syz.2.2181'.
[  950.763382][T16579] netlink: 252 bytes leftover after parsing attributes in process `syz.3.2185'.
[  953.570064][T16603] CIFS mount error: No usable UNC path provided in device string!
[  953.570064][T16603] 
[  953.581243][T16603] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  954.124486][T16621] netlink: 350 bytes leftover after parsing attributes in process `syz.2.2194'.
[  955.287856][T16643] netlink: 252 bytes leftover after parsing attributes in process `syz.3.2201'.
[  957.215338][T16667] FAULT_INJECTION: forcing a failure.
[  957.215338][T16667] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  957.243358][T16667] CPU: 0 UID: 0 PID: 16667 Comm: syz.3.2205 Tainted: G     U              6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[  957.243411][T16667] Tainted: [U]=USER
[  957.243421][T16667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  957.243440][T16667] Call Trace:
[  957.243451][T16667]  <TASK>
[  957.243464][T16667]  dump_stack_lvl+0x16c/0x1f0
[  957.243516][T16667]  should_fail_ex+0x512/0x640
[  957.243567][T16667]  should_fail_alloc_page+0xe7/0x130
[  957.243602][T16667]  prepare_alloc_pages+0x3c2/0x610
[  957.243646][T16667]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  957.243701][T16667]  ? find_held_lock+0x2b/0x80
[  957.243734][T16667]  ? is_bpf_text_address+0x8a/0x1a0
[  957.243772][T16667]  ? bpf_ksym_find+0x124/0x1c0
[  957.243803][T16667]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  957.243842][T16667]  ? is_bpf_text_address+0x94/0x1a0
[  957.243882][T16667]  ? __kernel_text_address+0xd/0x40
[  957.243923][T16667]  ? unwind_get_return_address+0x59/0xa0
[  957.243973][T16667]  ? __lock_acquire+0x622/0x1c90
[  957.244013][T16667]  ? _parse_integer_limit+0x17f/0x1d0
[  957.244051][T16667]  ? iovec_from_user+0x108/0x140
[  957.244092][T16667]  __alloc_pages_noprof+0xb/0x1b0
[  957.244131][T16667]  ___kmalloc_large_node+0x84/0x1e0
[  957.244177][T16667]  ? iovec_from_user+0x108/0x140
[  957.244218][T16667]  __kmalloc_large_node_noprof+0x1c/0x70
[  957.244256][T16667]  __kmalloc_noprof.cold+0xc/0x61
[  957.244295][T16667]  ? __lock_acquire+0x622/0x1c90
[  957.244335][T16667]  iovec_from_user+0x108/0x140
[  957.244381][T16667]  __import_iovec+0x88/0x650
[  957.244433][T16667]  import_iovec+0x86/0xb0
[  957.244461][T16667]  vfs_readv+0x19a/0x8b0
[  957.244503][T16667]  ? __pfx_vfs_readv+0x10/0x10
[  957.244562][T16667]  ? __fget_files+0x20e/0x3c0
[  957.244595][T16667]  ? __fget_files+0x1e0/0x3c0
[  957.244639][T16667]  ? do_readv+0x132/0x340
[  957.244671][T16667]  do_readv+0x132/0x340
[  957.244705][T16667]  ? __pfx_do_readv+0x10/0x10
[  957.244749][T16667]  do_syscall_64+0xcd/0x490
[  957.244795][T16667]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  957.244823][T16667] RIP: 0033:0x7f22c098e929
[  957.244844][T16667] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  957.244871][T16667] RSP: 002b:00007f22c1714038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  957.244897][T16667] RAX: ffffffffffffffda RBX: 00007f22c0bb6080 RCX: 00007f22c098e929
[  957.244916][T16667] RDX: 0000000000000400 RSI: 00002000000000c0 RDI: 0000000000000007
[  957.244933][T16667] RBP: 00007f22c1714090 R08: 0000000000000000 R09: 0000000000000000
[  957.244953][T16667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  957.244971][T16667] R13: 0000000000000000 R14: 00007f22c0bb6080 R15: 00007ffc584e9668
[  957.245006][T16667]  </TASK>
[  958.368767][T16683] netlink: 252 bytes leftover after parsing attributes in process `syz.3.2211'.
[  959.417365][T16700] netlink: 350 bytes leftover after parsing attributes in process `syz.3.2213'.
[  959.820259][T16706] netlink: 504 bytes leftover after parsing attributes in process `syz.3.2217'.
[  960.479606][T16717] netlink: 350 bytes leftover after parsing attributes in process `syz.4.2219'.
[  961.563931][T16725] netlink: 350 bytes leftover after parsing attributes in process `syz.1.2223'.
[  961.586545][T16729] netlink: 350 bytes leftover after parsing attributes in process `syz.2.2222'.
[  962.575863][T16742] netlink: 350 bytes leftover after parsing attributes in process `syz.4.2229'.
[  962.809716][T12783] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  962.820262][T12783] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  962.829448][T12783] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  962.840691][T12783] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  962.861200][T12783] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  963.049697][ T6888] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  963.376030][ T6888] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  963.548587][ T6888] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  963.856855][ T6888] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  964.299810][T16748] chnl_net:caif_netlink_parms(): no params data found
[  964.467695][T16769] netlink: 350 bytes leftover after parsing attributes in process `syz.1.2234'.
[  964.614938][ T6888] bridge_slave_1: left allmulticast mode
[  964.641631][ T6888] bridge_slave_1: left promiscuous mode
[  964.648802][ T6888] bridge0: port 2(bridge_slave_1) entered disabled state
[  964.735279][ T6888] bridge_slave_0: left allmulticast mode
[  964.747147][ T6888] bridge_slave_0: left promiscuous mode
[  964.758002][ T6888] bridge0: port 1(bridge_slave_0) entered disabled state
[  964.913237][ T5849] Bluetooth: hci1: command tx timeout
[  965.030376][T16765] Process accounting resumed
[  966.718107][T16802] netlink: 350 bytes leftover after parsing attributes in process `syz.3.2241'.
[  967.001338][ T5849] Bluetooth: hci1: command tx timeout
[  967.610025][ T6888] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  967.666949][ T6888] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  967.704803][T16812] CIFS mount error: No usable UNC path provided in device string!
[  967.704803][T16812] 
[  967.715329][T16812] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  967.719261][ T6888] bond0 (unregistering): Released all slaves
[  968.336139][T16816] netlink: 504 bytes leftover after parsing attributes in process `syz.4.2244'.
[  968.359370][T16748] bridge0: port 1(bridge_slave_0) entered blocking state
[  968.376784][T16748] bridge0: port 1(bridge_slave_0) entered disabled state
[  968.414713][T16748] bridge_slave_0: entered allmulticast mode
[  968.426135][T16748] bridge_slave_0: entered promiscuous mode
[  968.501436][T16748] bridge0: port 2(bridge_slave_1) entered blocking state
[  968.508696][T16748] bridge0: port 2(bridge_slave_1) entered disabled state
[  968.525136][T16748] bridge_slave_1: entered allmulticast mode
[  968.533876][T16748] bridge_slave_1: entered promiscuous mode
[  968.697281][T16823] netlink: 350 bytes leftover after parsing attributes in process `syz.1.2247'.
[  968.735170][T16748] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  968.763052][T16748] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  969.071584][ T5849] Bluetooth: hci1: command tx timeout
[  969.490061][T16748] team0: Port device team_slave_0 added
[  969.500250][T16748] team0: Port device team_slave_1 added
[  970.490731][T16748] batman_adv: batadv0: Adding interface: batadv_slave_0
[  970.624782][T16748] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  971.151287][ T5849] Bluetooth: hci1: command tx timeout
[  971.161615][T16748] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  971.337478][T16748] batman_adv: batadv0: Adding interface: batadv_slave_1
[  971.351422][T16748] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  971.380384][T16748] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  971.768221][T16748] hsr_slave_0: entered promiscuous mode
[  971.776732][T16748] hsr_slave_1: entered promiscuous mode
[  971.787805][T16748] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  971.805263][T16748] Cannot create hsr debugfs directory
[  972.379259][T16871] netlink: 350 bytes leftover after parsing attributes in process `syz.3.2256'.
[  976.158649][ T6888] hsr_slave_0: left promiscuous mode
[  976.167790][ T6888] hsr_slave_1: left promiscuous mode
[  976.175199][ T6888] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  976.229584][ T6888] batman_adv: batadv0: Removing interface: batadv_slave_0
[  976.308951][ T6888] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  976.317106][ T6888] batman_adv: batadv0: Removing interface: batadv_slave_1
[  976.390454][ T6888] veth1_vlan: left promiscuous mode
[  976.426506][ T6888] veth0_vlan: left promiscuous mode
[  977.398149][ T6888] team0 (unregistering): Port device team_slave_1 removed
[  977.470225][ T6888] team0 (unregistering): Port device team_slave_0 removed
[  979.818588][T16984] netlink: 252 bytes leftover after parsing attributes in process `syz.4.2268'.
[  981.346408][T16995] netlink: 350 bytes leftover after parsing attributes in process `syz.1.2271'.
[  981.452587][T16997] netlink: 350 bytes leftover after parsing attributes in process `syz.1.2272'.
[  982.040036][T17003] CIFS mount error: No usable UNC path provided in device string!
[  982.040036][T17003] 
[  982.057256][T17003] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  982.715500][T17007] netlink: 350 bytes leftover after parsing attributes in process `syz.4.2274'.
[  982.979449][T17016] netlink: 504 bytes leftover after parsing attributes in process `syz.1.2277'.
[  983.257809][T17022] FAULT_INJECTION: forcing a failure.
[  983.257809][T17022] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  983.257857][T17022] CPU: 0 UID: 0 PID: 17022 Comm: syz.1.2279 Tainted: G     U              6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[  983.257894][T17022] Tainted: [U]=USER
[  983.257902][T17022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  983.257917][T17022] Call Trace:
[  983.257925][T17022]  <TASK>
[  983.257934][T17022]  dump_stack_lvl+0x16c/0x1f0
[  983.257990][T17022]  should_fail_ex+0x512/0x640
[  983.258030][T17022]  _copy_to_user+0x32/0xd0
[  983.258071][T17022]  msr_read+0x14e/0x250
[  983.258098][T17022]  ? __pfx_msr_read+0x10/0x10
[  983.258122][T17022]  ? bpf_lsm_file_permission+0x9/0x10
[  983.258148][T17022]  ? security_file_permission+0x71/0x210
[  983.258183][T17022]  ? rw_verify_area+0xcf/0x680
[  983.258215][T17022]  ? __pfx_msr_read+0x10/0x10
[  983.258238][T17022]  vfs_readv+0x5be/0x8b0
[  983.258275][T17022]  ? __pfx_vfs_readv+0x10/0x10
[  983.258328][T17022]  ? __fget_files+0x20e/0x3c0
[  983.258369][T17022]  ? __fget_files+0x1e0/0x3c0
[  983.258420][T17022]  ? do_readv+0x132/0x340
[  983.258456][T17022]  do_readv+0x132/0x340
[  983.258497][T17022]  ? __pfx_do_readv+0x10/0x10
[  983.258549][T17022]  do_syscall_64+0xcd/0x490
[  983.258601][T17022]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  983.258634][T17022] RIP: 0033:0x7fd8bd78e929
[  983.258660][T17022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  983.258692][T17022] RSP: 002b:00007fd8be547038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  983.258720][T17022] RAX: ffffffffffffffda RBX: 00007fd8bd9b6080 RCX: 00007fd8bd78e929
[  983.258740][T17022] RDX: 0000000000000400 RSI: 00002000000000c0 RDI: 0000000000000007
[  983.258759][T17022] RBP: 00007fd8be547090 R08: 0000000000000000 R09: 0000000000000000
[  983.258778][T17022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  983.258796][T17022] R13: 0000000000000000 R14: 00007fd8bd9b6080 R15: 00007ffe80988d78
[  983.258836][T17022]  </TASK>
[  983.868896][T17028] netlink: 350 bytes leftover after parsing attributes in process `syz.4.2281'.
[  985.374108][T17054] CIFS mount error: No usable UNC path provided in device string!
[  985.374108][T17054] 
[  985.440354][T17054] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  985.866327][T17057] netlink: 504 bytes leftover after parsing attributes in process `syz.1.2286'.
[  987.652109][T17082] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2293'.
[  988.661442][T12783] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  988.672487][T12783] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  988.686233][T12783] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  988.697059][T12783] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  988.714282][T12783] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  989.123894][T17105] netlink: 252 bytes leftover after parsing attributes in process `syz.1.2298'.
[  989.290435][T17099] chnl_net:caif_netlink_parms(): no params data found
[  989.628843][T17099] bridge0: port 1(bridge_slave_0) entered blocking state
[  989.636568][T17099] bridge0: port 1(bridge_slave_0) entered disabled state
[  989.661435][T17099] bridge_slave_0: entered allmulticast mode
[  989.669633][T17099] bridge_slave_0: entered promiscuous mode
[  989.693954][T17099] bridge0: port 2(bridge_slave_1) entered blocking state
[  989.711747][T17099] bridge0: port 2(bridge_slave_1) entered disabled state
[  989.719486][T17099] bridge_slave_1: entered allmulticast mode
[  989.742750][T17099] bridge_slave_1: entered promiscuous mode
[  989.750829][T17112] netlink: 350 bytes leftover after parsing attributes in process `syz.4.2299'.
[  989.907044][T17099] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  989.936322][T17099] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  990.073953][T17099] team0: Port device team_slave_0 added
[  990.094477][T17099] team0: Port device team_slave_1 added
[  990.166079][T17099] batman_adv: batadv0: Adding interface: batadv_slave_0
[  990.189906][T17099] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  990.281396][T17099] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  990.307643][T17099] batman_adv: batadv0: Adding interface: batadv_slave_1
[  990.321284][T17099] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  990.348538][T17099] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  990.530390][T17099] hsr_slave_0: entered promiscuous mode
[  990.560013][T17099] hsr_slave_1: entered promiscuous mode
[  990.592324][T17099] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  990.599988][T17099] Cannot create hsr debugfs directory
[  990.751338][ T5849] Bluetooth: hci3: command tx timeout
[  992.839255][ T5849] Bluetooth: hci3: command tx timeout
[  993.649847][T17138] netlink: 252 bytes leftover after parsing attributes in process `syz.4.2308'.
[  993.872197][T17141] netlink: 350 bytes leftover after parsing attributes in process `syz.4.2309'.
[  994.177961][T17147] netlink: 252 bytes leftover after parsing attributes in process `syz.1.2312'.
[  994.911405][ T5849] Bluetooth: hci3: command tx timeout
[  996.184655][T17159] netlink: 350 bytes leftover after parsing attributes in process `syz.4.2316'.
[  996.477552][T17167] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2318'.
[  996.504181][T16074] udevd[16074]: inotify_add_watch(7, /dev/nbd4128, 10) failed: No such file or directory
[  996.588469][T17171] RDS: rds_bind could not find a transport for ::ffff:10.1.1.2, load rds_tcp or rds_rdma?
[  996.662391][T17174] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2319'.
[  996.681925][T17174] veth1_macvtap: left promiscuous mode
[  996.687495][T17174] macsec0: entered allmulticast mode
[  996.740800][T17171] could not allocate digest TFM handle 
[  997.001321][ T5849] Bluetooth: hci3: command tx timeout
[  997.097827][T17191] netlink: 504 bytes leftover after parsing attributes in process `syz.4.2323'.
[  998.212273][T17205] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2328'.
[  998.345525][T17208] nvme_fcloop: unknown parameter or missing value '^/]'
[  998.554779][T16071] udevd[16071]: inotify_add_watch(7, /dev/nbd4128, 10) failed: No such file or directory
[  998.584103][T16074] udevd[16074]: inotify_add_watch(7, /dev/nbd4128, 10) failed: No such file or directory
[  998.716715][T17222] sctp: [Deprecated]: syz.1.2332 (pid 17222) Use of int in max_burst socket option deprecated.
[  998.716715][T17222] Use struct sctp_assoc_value instead
[  998.878121][T17227] netlink: 252 bytes leftover after parsing attributes in process `syz.1.2334'.
[ 1000.159818][T17237] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2336'.
[ 1001.310623][T17248] FAULT_INJECTION: forcing a failure.
[ 1001.310623][T17248] name failslab, interval 1, probability 0, space 0, times 0
[ 1001.323628][T17248] CPU: 1 UID: 0 PID: 17248 Comm: syz.4.2341 Tainted: G     U              6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[ 1001.323670][T17248] Tainted: [U]=USER
[ 1001.323679][T17248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1001.323695][T17248] Call Trace:
[ 1001.323704][T17248]  <TASK>
[ 1001.323713][T17248]  dump_stack_lvl+0x16c/0x1f0
[ 1001.323764][T17248]  should_fail_ex+0x512/0x640
[ 1001.323806][T17248]  should_failslab+0xc2/0x120
[ 1001.323829][T17248]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1001.323868][T17248]  ? skb_clone+0x190/0x3f0
[ 1001.323913][T17248]  skb_clone+0x190/0x3f0
[ 1001.323954][T17248]  netlink_deliver_tap+0xabd/0xd30
[ 1001.323986][T17248]  netlink_unicast+0x5df/0x7f0
[ 1001.324018][T17248]  ? __pfx_netlink_unicast+0x10/0x10
[ 1001.324054][T17248]  netlink_sendmsg+0x8d1/0xdd0
[ 1001.324087][T17248]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1001.324135][T17248]  ____sys_sendmsg+0xa98/0xc70
[ 1001.324166][T17248]  ? copy_msghdr_from_user+0x10a/0x160
[ 1001.324206][T17248]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1001.324244][T17248]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1001.324285][T17248]  ___sys_sendmsg+0x134/0x1d0
[ 1001.324334][T17248]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1001.324383][T17248]  ? __lock_acquire+0x622/0x1c90
[ 1001.324471][T17248]  __sys_sendmsg+0x16d/0x220
[ 1001.324512][T17248]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1001.324552][T17248]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1001.324601][T17248]  do_syscall_64+0xcd/0x490
[ 1001.324643][T17248]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1001.324669][T17248] RIP: 0033:0x7f7238b8e929
[ 1001.324689][T17248] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1001.324715][T17248] RSP: 002b:00007f7239992038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1001.324739][T17248] RAX: ffffffffffffffda RBX: 00007f7238db5fa0 RCX: 00007f7238b8e929
[ 1001.324756][T17248] RDX: 00000000040000c0 RSI: 0000200000000300 RDI: 0000000000000008
[ 1001.324773][T17248] RBP: 00007f7238c10b39 R08: 0000000000000000 R09: 0000000000000000
[ 1001.324789][T17248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1001.324804][T17248] R13: 0000000000000000 R14: 00007f7238db5fa0 R15: 00007fffa1221598
[ 1001.324835][T17248]  </TASK>
[ 1001.827309][T17252] netlink: 504 bytes leftover after parsing attributes in process `syz.1.2342'.
[ 1003.238169][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[ 1003.244778][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[ 1004.468205][T17271] netlink: 504 bytes leftover after parsing attributes in process `syz.1.2346'.
[ 1004.501912][T17273] netlink: 350 bytes leftover after parsing attributes in process `syz.4.2347'.
[ 1004.894197][T17282] netlink: 504 bytes leftover after parsing attributes in process `syz.4.2350'.
[ 1006.453565][T17290] netlink: 350 bytes leftover after parsing attributes in process `syz.4.2352'.
[ 1006.556574][T17294] netlink: 504 bytes leftover after parsing attributes in process `syz.1.2355'.
[ 1007.515200][T17309] FAULT_INJECTION: forcing a failure.
[ 1007.515200][T17309] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1007.530562][T17309] CPU: 0 UID: 0 PID: 17309 Comm: syz.1.2358 Tainted: G     U              6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[ 1007.530618][T17309] Tainted: [U]=USER
[ 1007.530630][T17309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1007.530710][T17309] Call Trace:
[ 1007.530723][T17309]  <TASK>
[ 1007.530737][T17309]  dump_stack_lvl+0x16c/0x1f0
[ 1007.530796][T17309]  should_fail_ex+0x512/0x640
[ 1007.530848][T17309]  _copy_to_user+0x32/0xd0
[ 1007.530898][T17309]  simple_read_from_buffer+0xcb/0x170
[ 1007.530943][T17309]  proc_fail_nth_read+0x197/0x270
[ 1007.530981][T17309]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1007.531020][T17309]  ? rw_verify_area+0xcf/0x680
[ 1007.531055][T17309]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1007.531083][T17309]  vfs_read+0x1e1/0xc60
[ 1007.531137][T17309]  ? __pfx___mutex_lock+0x10/0x10
[ 1007.531185][T17309]  ? __pfx_vfs_read+0x10/0x10
[ 1007.531239][T17309]  ? __fget_files+0x20e/0x3c0
[ 1007.531295][T17309]  ksys_read+0x12a/0x250
[ 1007.531337][T17309]  ? __pfx_ksys_read+0x10/0x10
[ 1007.531392][T17309]  do_syscall_64+0xcd/0x490
[ 1007.531442][T17309]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1007.531468][T17309] RIP: 0033:0x7fd8bd78d33c
[ 1007.531489][T17309] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1007.531514][T17309] RSP: 002b:00007fd8be547030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1007.531538][T17309] RAX: ffffffffffffffda RBX: 00007fd8bd9b6080 RCX: 00007fd8bd78d33c
[ 1007.531555][T17309] RDX: 000000000000000f RSI: 00007fd8be5470a0 RDI: 0000000000000005
[ 1007.531570][T17309] RBP: 00007fd8be547090 R08: 0000000000000000 R09: 0000000000000000
[ 1007.531586][T17309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1007.531602][T17309] R13: 0000000000000000 R14: 00007fd8bd9b6080 R15: 00007ffe80988d78
[ 1007.531633][T17309]  </TASK>
[ 1009.120903][T17326] netlink: 350 bytes leftover after parsing attributes in process `syz.1.2362'.
[ 1009.255488][T17329] netlink: 504 bytes leftover after parsing attributes in process `syz.1.2363'.
[ 1009.430680][T17335] FAULT_INJECTION: forcing a failure.
[ 1009.430680][T17335] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1009.444450][T17335] CPU: 0 UID: 0 PID: 17335 Comm: syz.4.2365 Tainted: G     U              6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[ 1009.444501][T17335] Tainted: [U]=USER
[ 1009.444513][T17335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1009.444532][T17335] Call Trace:
[ 1009.444543][T17335]  <TASK>
[ 1009.444555][T17335]  dump_stack_lvl+0x16c/0x1f0
[ 1009.444620][T17335]  should_fail_ex+0x512/0x640
[ 1009.444673][T17335]  _copy_from_user+0x2e/0xd0
[ 1009.444725][T17335]  kvm_vm_ioctl_set_pmu_event_filter+0xc6/0xb60
[ 1009.444773][T17335]  ? __pfx_kvm_vm_ioctl_set_pmu_event_filter+0x10/0x10
[ 1009.444820][T17335]  ? stack_depot_save_flags+0x28/0xa40
[ 1009.444878][T17335]  kvm_arch_vm_ioctl+0xcdd/0x1cf0
[ 1009.444915][T17335]  ? ima_match_policy+0x7f9/0x22e0
[ 1009.444948][T17335]  ? __pfx_kvm_arch_vm_ioctl+0x10/0x10
[ 1009.444990][T17335]  ? __lock_acquire+0x622/0x1c90
[ 1009.445039][T17335]  ? __lock_acquire+0x622/0x1c90
[ 1009.445090][T17335]  ? __lock_acquire+0x622/0x1c90
[ 1009.445142][T17335]  ? __lock_acquire+0x622/0x1c90
[ 1009.445217][T17335]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1009.445254][T17335]  ? is_bpf_text_address+0x94/0x1a0
[ 1009.445299][T17335]  ? kernel_text_address+0x8d/0x100
[ 1009.445350][T17335]  ? __kernel_text_address+0xd/0x40
[ 1009.445418][T17335]  ? unwind_get_return_address+0x59/0xa0
[ 1009.445467][T17335]  ? arch_stack_walk+0xa6/0x100
[ 1009.445533][T17335]  ? stack_trace_save+0x8e/0xc0
[ 1009.445579][T17335]  ? __pfx_stack_trace_save+0x10/0x10
[ 1009.445614][T17335]  ? stack_depot_save_flags+0x28/0xa40
[ 1009.445666][T17335]  ? __lock_acquire+0xb8a/0x1c90
[ 1009.445711][T17335]  ? kasan_save_stack+0x42/0x60
[ 1009.445756][T17335]  ? kasan_save_stack+0x33/0x60
[ 1009.445800][T17335]  ? kasan_save_track+0x14/0x30
[ 1009.445846][T17335]  ? kasan_save_free_info+0x3b/0x60
[ 1009.445882][T17335]  ? __kasan_slab_free+0x51/0x70
[ 1009.445929][T17335]  ? kfree+0x2b4/0x4d0
[ 1009.445966][T17335]  ? tomoyo_path_number_perm+0x470/0x580
[ 1009.446003][T17335]  ? security_file_ioctl+0x9b/0x240
[ 1009.446041][T17335]  ? __x64_sys_ioctl+0xb7/0x210
[ 1009.446076][T17335]  ? do_syscall_64+0xcd/0x490
[ 1009.446131][T17335]  kvm_vm_ioctl+0x19bb/0x3da0
[ 1009.446198][T17335]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[ 1009.446269][T17335]  ? kasan_quarantine_put+0x10a/0x240
[ 1009.446313][T17335]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1009.446366][T17335]  ? find_held_lock+0x2b/0x80
[ 1009.446399][T17335]  ? tomoyo_path_number_perm+0x295/0x580
[ 1009.446444][T17335]  ? tomoyo_path_number_perm+0x18d/0x580
[ 1009.446485][T17335]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1009.446523][T17335]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1009.446561][T17335]  ? do_vfs_ioctl+0x523/0x1a60
[ 1009.446606][T17335]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1009.446673][T17335]  ? find_held_lock+0x2b/0x80
[ 1009.446705][T17335]  ? hook_file_ioctl_common+0x145/0x410
[ 1009.446739][T17335]  ? __fget_files+0x20e/0x3c0
[ 1009.446777][T17335]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[ 1009.446816][T17335]  __x64_sys_ioctl+0x18e/0x210
[ 1009.446847][T17335]  do_syscall_64+0xcd/0x490
[ 1009.446888][T17335]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1009.446914][T17335] RIP: 0033:0x7f7238b8e929
[ 1009.446934][T17335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1009.446957][T17335] RSP: 002b:00007f7239992038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1009.446981][T17335] RAX: ffffffffffffffda RBX: 00007f7238db5fa0 RCX: 00007f7238b8e929
[ 1009.446998][T17335] RDX: 0000000000000006 RSI: 000000004020aeb2 RDI: 0000000000000003
[ 1009.447013][T17335] RBP: 00007f7239992090 R08: 0000000000000000 R09: 0000000000000000
[ 1009.447029][T17335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1009.447044][T17335] R13: 0000000000000000 R14: 00007f7238db5fa0 R15: 00007fffa1221598
[ 1009.447074][T17335]  </TASK>
[ 1010.015484][T17339] program syz.1.2367 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1010.047436][T17339] FAULT_INJECTION: forcing a failure.
[ 1010.047436][T17339] name failslab, interval 1, probability 0, space 0, times 0
[ 1010.060770][T17339] CPU: 0 UID: 0 PID: 17339 Comm: syz.1.2367 Tainted: G     U              6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[ 1010.060824][T17339] Tainted: [U]=USER
[ 1010.060836][T17339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1010.060856][T17339] Call Trace:
[ 1010.060868][T17339]  <TASK>
[ 1010.060882][T17339]  dump_stack_lvl+0x16c/0x1f0
[ 1010.060938][T17339]  should_fail_ex+0x512/0x640
[ 1010.060986][T17339]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1010.061043][T17339]  should_failslab+0xc2/0x120
[ 1010.061076][T17339]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1010.061132][T17339]  ? ptlock_alloc+0x1f/0x70
[ 1010.061178][T17339]  ptlock_alloc+0x1f/0x70
[ 1010.061222][T17339]  pte_alloc_one+0x82/0x3a0
[ 1010.061274][T17339]  __pte_alloc+0x6d/0x3c0
[ 1010.061305][T17339]  ? __pfx___pte_alloc+0x10/0x10
[ 1010.061336][T17339]  ? __pfx___might_resched+0x10/0x10
[ 1010.061369][T17339]  ? copy_page_range+0x13f0/0x5740
[ 1010.061416][T17339]  copy_page_range+0x1aed/0x5740
[ 1010.061476][T17339]  ? __lock_acquire+0x622/0x1c90
[ 1010.061565][T17339]  ? __pfx_copy_page_range+0x10/0x10
[ 1010.061623][T17339]  ? __pfx___might_resched+0x10/0x10
[ 1010.061657][T17339]  ? __vma_enter_locked+0x163/0x3f0
[ 1010.061708][T17339]  ? dup_mmap+0xe38/0x21d0
[ 1010.061746][T17339]  ? down_write+0x14d/0x200
[ 1010.061785][T17339]  ? up_write+0x1b2/0x520
[ 1010.061838][T17339]  dup_mmap+0xe88/0x21d0
[ 1010.061895][T17339]  ? __pfx_dup_mmap+0x10/0x10
[ 1010.061965][T17339]  copy_process+0x4081/0x76a0
[ 1010.062006][T17339]  ? __pfx___futex_wait+0x10/0x10
[ 1010.062051][T17339]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1010.062115][T17339]  ? __pfx_copy_process+0x10/0x10
[ 1010.062178][T17339]  kernel_clone+0xfc/0x960
[ 1010.062221][T17339]  ? __pfx_kernel_clone+0x10/0x10
[ 1010.062288][T17339]  __do_sys_clone+0xce/0x120
[ 1010.062330][T17339]  ? __pfx___do_sys_clone+0x10/0x10
[ 1010.062369][T17339]  ? ksys_unshare+0x687/0xa40
[ 1010.062431][T17339]  ? xfd_validate_state+0x61/0x180
[ 1010.062490][T17339]  do_syscall_64+0xcd/0x490
[ 1010.062554][T17339]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1010.062589][T17339] RIP: 0033:0x7fd8bd78e929
[ 1010.062617][T17339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1010.062650][T17339] RSP: 002b:00007fd8be567fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1010.062682][T17339] RAX: ffffffffffffffda RBX: 00007fd8bd9b5fa0 RCX: 00007fd8bd78e929
[ 1010.062705][T17339] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411
[ 1010.062726][T17339] RBP: 00007fd8bd810b39 R08: 0000000000000000 R09: 0000000000000000
[ 1010.062747][T17339] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1010.062766][T17339] R13: 0000000000000000 R14: 00007fd8bd9b5fa0 R15: 00007ffe80988d78
[ 1010.062811][T17339]  </TASK>
[ 1012.826063][T17366] netlink: 504 bytes leftover after parsing attributes in process `syz.4.2373'.
[ 1012.980502][T17370] FAULT_INJECTION: forcing a failure.
[ 1012.980502][T17370] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1012.995113][T17370] CPU: 1 UID: 0 PID: 17370 Comm: syz.1.2375 Tainted: G     U              6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[ 1012.995165][T17370] Tainted: [U]=USER
[ 1012.995175][T17370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1012.995194][T17370] Call Trace:
[ 1012.995206][T17370]  <TASK>
[ 1012.995218][T17370]  dump_stack_lvl+0x16c/0x1f0
[ 1012.995272][T17370]  should_fail_ex+0x512/0x640
[ 1012.995326][T17370]  _copy_from_user+0x2e/0xd0
[ 1012.995371][T17370]  copy_msghdr_from_user+0x98/0x160
[ 1012.995416][T17370]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1012.995476][T17370]  ___sys_sendmsg+0xfe/0x1d0
[ 1012.995520][T17370]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1012.995560][T17370]  ? __lock_acquire+0x622/0x1c90
[ 1012.995638][T17370]  __sys_sendmsg+0x16d/0x220
[ 1012.995682][T17370]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1012.995747][T17370]  do_syscall_64+0xcd/0x490
[ 1012.995792][T17370]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1012.995821][T17370] RIP: 0033:0x7fd8bd78e929
[ 1012.995843][T17370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1012.995872][T17370] RSP: 002b:00007fd8be568038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1012.995899][T17370] RAX: ffffffffffffffda RBX: 00007fd8bd9b5fa0 RCX: 00007fd8bd78e929
[ 1012.995919][T17370] RDX: 000000000400c880 RSI: 0000200000002040 RDI: 0000000000000003
[ 1012.995937][T17370] RBP: 00007fd8be568090 R08: 0000000000000000 R09: 0000000000000000
[ 1012.995954][T17370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1012.995973][T17370] R13: 0000000000000000 R14: 00007fd8bd9b5fa0 R15: 00007ffe80988d78
[ 1012.996014][T17370]  </TASK>
[ 1013.007145][T17368] FAULT_INJECTION: forcing a failure.
[ 1013.007145][T17368] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1013.196858][T17368] CPU: 0 UID: 0 PID: 17368 Comm: syz.4.2374 Tainted: G     U              6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[ 1013.196920][T17368] Tainted: [U]=USER
[ 1013.196932][T17368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1013.196954][T17368] Call Trace:
[ 1013.196969][T17368]  <TASK>
[ 1013.196985][T17368]  dump_stack_lvl+0x16c/0x1f0
[ 1013.197051][T17368]  should_fail_ex+0x512/0x640
[ 1013.197111][T17368]  should_fail_alloc_page+0xe7/0x130
[ 1013.197150][T17368]  prepare_alloc_pages+0x3c2/0x610
[ 1013.197321][T17368]  ? rcu_is_watching+0x12/0xc0
[ 1013.197370][T17368]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 1013.197434][T17368]  ? css_rstat_updated+0x9d/0xd30
[ 1013.197481][T17368]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1013.197530][T17368]  ? __lock_acquire+0x622/0x1c90
[ 1013.197602][T17368]  ? __lock_acquire+0x622/0x1c90
[ 1013.197648][T17368]  ? __lock_acquire+0x622/0x1c90
[ 1013.197692][T17368]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1013.197753][T17368]  ? policy_nodemask+0xea/0x4e0
[ 1013.197815][T17368]  alloc_pages_mpol+0x1fb/0x550
[ 1013.197872][T17368]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1013.197934][T17368]  folio_alloc_mpol_noprof+0x36/0x2f0
[ 1013.197973][T17368]  vma_alloc_folio_noprof+0xed/0x1e0
[ 1013.198010][T17368]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 1013.198040][T17368]  ? find_held_lock+0x2b/0x80
[ 1013.198068][T17368]  ? __handle_mm_fault+0x1092/0x5490
[ 1013.198110][T17368]  __handle_mm_fault+0x2f21/0x5490
[ 1013.198156][T17368]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1013.198194][T17368]  ? __pte_offset_map_lock+0x174/0x310
[ 1013.198222][T17368]  ? find_held_lock+0x2b/0x80
[ 1013.198247][T17368]  ? find_held_lock+0x2b/0x80
[ 1013.198289][T17368]  ? follow_page_pte+0x3af/0x14c0
[ 1013.198329][T17368]  handle_mm_fault+0x589/0xd10
[ 1013.198373][T17368]  __get_user_pages+0x589/0x3b80
[ 1013.198414][T17368]  ? __pfx_mt_find+0x10/0x10
[ 1013.198444][T17368]  ? __pfx___get_user_pages+0x10/0x10
[ 1013.198488][T17368]  populate_vma_page_range+0x278/0x3a0
[ 1013.198524][T17368]  ? __pfx_populate_vma_page_range+0x10/0x10
[ 1013.198557][T17368]  ? __pfx_find_vma_intersection+0x10/0x10
[ 1013.198590][T17368]  ? do_mmap+0x69c/0x1210
[ 1013.198625][T17368]  __mm_populate+0x1d8/0x380
[ 1013.198660][T17368]  ? __pfx___mm_populate+0x10/0x10
[ 1013.198697][T17368]  ? up_write+0x1b2/0x520
[ 1013.198740][T17368]  vm_mmap_pgoff+0x362/0x450
[ 1013.198773][T17368]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1013.198797][T17368]  ? __fget_files+0x204/0x3c0
[ 1013.198842][T17368]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1013.198875][T17368]  ? __x64_sys_futex+0x1e9/0x4c0
[ 1013.198931][T17368]  ksys_mmap_pgoff+0x7d/0x5c0
[ 1013.198961][T17368]  ? xfd_validate_state+0x61/0x180
[ 1013.199002][T17368]  __x64_sys_mmap+0x125/0x190
[ 1013.199045][T17368]  do_syscall_64+0xcd/0x490
[ 1013.199092][T17368]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1013.199122][T17368] RIP: 0033:0x7f7238b8e929
[ 1013.199145][T17368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1013.199174][T17368] RSP: 002b:00007f7239992038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1013.199201][T17368] RAX: ffffffffffffffda RBX: 00007f7238db5fa0 RCX: 00007f7238b8e929
[ 1013.199220][T17368] RDX: 00000000000000df RSI: 0000000000040009 RDI: 0000000000000000
[ 1013.199239][T17368] RBP: 00007f7238c10b39 R08: 0000000000000007 R09: 0000000000028000
[ 1013.199264][T17368] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[ 1013.199281][T17368] R13: 0000000000000000 R14: 00007f7238db5fa0 R15: 00007fffa1221598
[ 1013.199316][T17368]  </TASK>
[ 1013.863017][T17377] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2383'.
[ 1016.558879][T17414] netlink: 504 bytes leftover after parsing attributes in process `syz.1.2382'.
[ 1016.709158][T17419] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2390'.
[ 1016.730638][T17418] netlink: 504 bytes leftover after parsing attributes in process `syz.4.2384'.
[ 1017.193480][T17428] FAULT_INJECTION: forcing a failure.
[ 1017.193480][T17428] name failslab, interval 1, probability 0, space 0, times 0
[ 1017.207141][T17428] CPU: 0 UID: 0 PID: 17428 Comm: syz.1.2387 Tainted: G     U              6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[ 1017.207195][T17428] Tainted: [U]=USER
[ 1017.207208][T17428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1017.207229][T17428] Call Trace:
[ 1017.207241][T17428]  <TASK>
[ 1017.207255][T17428]  dump_stack_lvl+0x16c/0x1f0
[ 1017.207313][T17428]  should_fail_ex+0x512/0x640
[ 1017.207361][T17428]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 1017.207412][T17428]  should_failslab+0xc2/0x120
[ 1017.207442][T17428]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1017.207487][T17428]  ? snd_seq_create_port+0xf7/0xad0
[ 1017.207548][T17428]  snd_seq_create_port+0xf7/0xad0
[ 1017.207614][T17428]  snd_seq_ioctl_create_port+0x253/0x950
[ 1017.207670][T17428]  ? __pfx_snd_seq_ioctl_create_port+0x10/0x10
[ 1017.207728][T17428]  ? kasan_save_stack+0x42/0x60
[ 1017.207774][T17428]  ? kasan_save_stack+0x33/0x60
[ 1017.207821][T17428]  ? kasan_save_track+0x14/0x30
[ 1017.207883][T17428]  snd_seq_kernel_client_ctl+0x10a/0x1c0
[ 1017.207926][T17428]  create_port+0x197/0x260
[ 1017.207959][T17428]  ? __pfx_create_port+0x10/0x10
[ 1017.208001][T17428]  ? __pfx_snd_seq_oss_event_input+0x10/0x10
[ 1017.208039][T17428]  ? __pfx_free_devinfo+0x10/0x10
[ 1017.208104][T17428]  ? mark_held_locks+0x49/0x80
[ 1017.208149][T17428]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1017.208201][T17428]  snd_seq_oss_open+0x36c/0xa20
[ 1017.208245][T17428]  odev_open+0x6f/0x90
[ 1017.208274][T17428]  ? __pfx_odev_open+0x10/0x10
[ 1017.208304][T17428]  soundcore_open+0x40c/0x580
[ 1017.208362][T17428]  ? __pfx_soundcore_open+0x10/0x10
[ 1017.208415][T17428]  chrdev_open+0x234/0x6a0
[ 1017.208466][T17428]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1017.208510][T17428]  ? __pfx_chrdev_open+0x10/0x10
[ 1017.208564][T17428]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 1017.208637][T17428]  do_dentry_open+0x741/0x1c10
[ 1017.208690][T17428]  ? __pfx_chrdev_open+0x10/0x10
[ 1017.208750][T17428]  vfs_open+0x82/0x3f0
[ 1017.208791][T17428]  path_openat+0x1de4/0x2cb0
[ 1017.208853][T17428]  ? __pfx_path_openat+0x10/0x10
[ 1017.208910][T17428]  ? __lock_acquire+0xb8a/0x1c90
[ 1017.208958][T17428]  do_filp_open+0x20b/0x470
[ 1017.209005][T17428]  ? __pfx_do_filp_open+0x10/0x10
[ 1017.209084][T17428]  ? alloc_fd+0x471/0x7d0
[ 1017.209143][T17428]  do_sys_openat2+0x11b/0x1d0
[ 1017.209181][T17428]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1017.209237][T17428]  __x64_sys_openat+0x174/0x210
[ 1017.209277][T17428]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1017.209334][T17428]  do_syscall_64+0xcd/0x490
[ 1017.209391][T17428]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1017.209425][T17428] RIP: 0033:0x7fd8bd78e929
[ 1017.209453][T17428] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1017.209487][T17428] RSP: 002b:00007fd8be568038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1017.209518][T17428] RAX: ffffffffffffffda RBX: 00007fd8bd9b5fa0 RCX: 00007fd8bd78e929
[ 1017.209540][T17428] RDX: 00000000001c8340 RSI: 0000200000000540 RDI: ffffffffffffff9c
[ 1017.209561][T17428] RBP: 00007fd8bd810b39 R08: 0000000000000000 R09: 0000000000000000
[ 1017.209580][T17428] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1017.209600][T17428] R13: 0000000000000000 R14: 00007fd8bd9b5fa0 R15: 00007ffe80988d78
[ 1017.209643][T17428]  </TASK>
[ 1017.209659][T17428] ALSA: seq_oss: can't create port
[ 1017.960363][T17440] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2392'.
[ 1018.049472][T17443] netlink: 350 bytes leftover after parsing attributes in process `syz.1.2393'.
[ 1018.120864][T17445] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2394'.
[ 1021.449904][T17488] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2402'.
[ 1023.116190][T12783] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1023.128016][T12783] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1023.138419][T12783] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1023.148256][T12783] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1023.156543][T12783] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1024.762104][T17502] chnl_net:caif_netlink_parms(): no params data found
[ 1025.114821][T17502] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1025.136413][T17502] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1025.147384][T17502] bridge_slave_0: entered allmulticast mode
[ 1025.239496][ T5849] Bluetooth: hci5: command tx timeout
[ 1025.252079][T17502] bridge_slave_0: entered promiscuous mode
[ 1025.265591][T17502] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1025.309360][T17502] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1025.346191][T17502] bridge_slave_1: entered allmulticast mode
[ 1025.365026][T17502] bridge_slave_1: entered promiscuous mode
[ 1025.503642][T17502] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1025.659330][T17502] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1026.070810][T17502] team0: Port device team_slave_0 added
[ 1026.244282][T17502] team0: Port device team_slave_1 added
[ 1026.407500][T17502] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1026.407571][T17502] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1026.407631][T17502] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1026.410269][T17502] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1026.463435][T17502] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1026.463522][T17502] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1026.620344][T17502] hsr_slave_0: entered promiscuous mode
[ 1026.632739][T17502] hsr_slave_1: entered promiscuous mode
[ 1026.639316][T17502] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1026.648917][T17502] Cannot create hsr debugfs directory
[ 1027.050166][T17542] netlink: 350 bytes leftover after parsing attributes in process `syz.4.2412'.
[ 1027.311455][ T5849] Bluetooth: hci5: command tx timeout
[ 1027.527130][T17553] CIFS mount error: No usable UNC path provided in device string!
[ 1027.527130][T17553] 
[ 1027.537707][T17553] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1028.544570][T17561] netlink: 350 bytes leftover after parsing attributes in process `syz.4.2415'.
[ 1029.392351][ T5849] Bluetooth: hci5: command tx timeout
[ 1029.563578][T17570] CIFS mount error: No usable UNC path provided in device string!
[ 1029.563578][T17570] 
[ 1029.579677][T17570] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1031.338846][T17596] CIFS mount error: No usable UNC path provided in device string!
[ 1031.338846][T17596] 
[ 1031.352794][T17596] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1031.471504][ T5849] Bluetooth: hci5: command tx timeout
[ 1032.122572][T17609] FAULT_INJECTION: forcing a failure.
[ 1032.122572][T17609] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1032.165102][T17609] CPU: 0 UID: 0 PID: 17609 Comm: syz.4.2424 Tainted: G     U              6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[ 1032.165155][T17609] Tainted: [U]=USER
[ 1032.165164][T17609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1032.165184][T17609] Call Trace:
[ 1032.165194][T17609]  <TASK>
[ 1032.165206][T17609]  dump_stack_lvl+0x16c/0x1f0
[ 1032.165266][T17609]  should_fail_ex+0x512/0x640
[ 1032.165318][T17609]  _copy_to_user+0x32/0xd0
[ 1032.165381][T17609]  msr_read+0x14e/0x250
[ 1032.165416][T17609]  ? __pfx_msr_read+0x10/0x10
[ 1032.165448][T17609]  ? bpf_lsm_file_permission+0x9/0x10
[ 1032.165482][T17609]  ? security_file_permission+0x71/0x210
[ 1032.165526][T17609]  ? rw_verify_area+0xcf/0x680
[ 1032.165567][T17609]  ? __pfx_msr_read+0x10/0x10
[ 1032.165596][T17609]  vfs_readv+0x5be/0x8b0
[ 1032.165638][T17609]  ? __pfx_vfs_readv+0x10/0x10
[ 1032.165696][T17609]  ? __fget_files+0x20e/0x3c0
[ 1032.165731][T17609]  ? __fget_files+0x1e0/0x3c0
[ 1032.165775][T17609]  ? do_readv+0x132/0x340
[ 1032.165806][T17609]  do_readv+0x132/0x340
[ 1032.165841][T17609]  ? __pfx_do_readv+0x10/0x10
[ 1032.165885][T17609]  do_syscall_64+0xcd/0x490
[ 1032.165930][T17609]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1032.165958][T17609] RIP: 0033:0x7f7238b8e929
[ 1032.165979][T17609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1032.166005][T17609] RSP: 002b:00007f7239971038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[ 1032.166031][T17609] RAX: ffffffffffffffda RBX: 00007f7238db6080 RCX: 00007f7238b8e929
[ 1032.166049][T17609] RDX: 0000000000000400 RSI: 00002000000000c0 RDI: 0000000000000007
[ 1032.166066][T17609] RBP: 00007f7239971090 R08: 0000000000000000 R09: 0000000000000000
[ 1032.166083][T17609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1032.166099][T17609] R13: 0000000000000000 R14: 00007f7238db6080 R15: 00007fffa1221598
[ 1032.166133][T17609]  </TASK>
[ 1033.628426][T17629] netlink: 2468 bytes leftover after parsing attributes in process `syz.1.2429'.
[ 1034.198888][T17634] netlink: 504 bytes leftover after parsing attributes in process `syz.4.2437'.
[ 1034.217337][T17636] netlink: 350 bytes leftover after parsing attributes in process `syz.1.2431'.
[ 1035.637927][T17658] netlink: 504 bytes leftover after parsing attributes in process `syz.4.2440'.
[ 1037.774422][T17695] netlink: 504 bytes leftover after parsing attributes in process `syz.4.2449'.
[ 1038.906021][T17718] netlink: 206 bytes leftover after parsing attributes in process `syz.4.2457'.
[ 1038.942381][T17718] netlink: 146 bytes leftover after parsing attributes in process `syz.4.2457'.
[ 1039.085432][T17722] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2459'.
[ 1040.013293][T17742] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2468'.
[ 1040.230676][T17743] CIFS mount error: No usable UNC path provided in device string!
[ 1040.230676][T17743] 
[ 1040.240843][T17743] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1040.348399][T17749] netlink: 504 bytes leftover after parsing attributes in process `syz.1.2471'.
[ 1040.769188][T17758] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2473'.
[ 1041.987256][T17775] netlink: 504 bytes leftover after parsing attributes in process `syz.4.2479'.
[ 1048.755148][T12783] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1048.772913][T12783] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1048.782075][T12783] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1048.790889][T12783] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1048.802222][T12783] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1049.006910][T17781] chnl_net:caif_netlink_parms(): no params data found
[ 1049.100036][T17781] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1049.108640][T17781] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1049.116324][T17781] bridge_slave_0: entered allmulticast mode
[ 1049.124950][T17781] bridge_slave_0: entered promiscuous mode
[ 1049.133369][T17781] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1049.140578][T17781] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1049.148410][T17781] bridge_slave_1: entered allmulticast mode
[ 1049.157860][T17781] bridge_slave_1: entered promiscuous mode
[ 1049.197950][T17781] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1049.213016][T17781] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1049.258137][T17781] team0: Port device team_slave_0 added
[ 1049.268448][T17781] team0: Port device team_slave_1 added
[ 1049.307148][T17781] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1049.315393][T17781] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1049.343824][T17781] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1049.356328][T17781] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1049.363639][T17781] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1049.389659][T17781] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1049.448239][T17781] hsr_slave_0: entered promiscuous mode
[ 1049.455369][T17781] hsr_slave_1: entered promiscuous mode
[ 1049.461836][T17781] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1049.469473][T17781] Cannot create hsr debugfs directory
[ 1050.832373][ T5849] Bluetooth: hci6: command tx timeout
[ 1052.911450][ T5849] Bluetooth: hci6: command tx timeout
[ 1054.991498][ T5849] Bluetooth: hci6: command tx timeout
[ 1057.071258][ T5849] Bluetooth: hci6: command tx timeout
[ 1064.676299][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[ 1064.682838][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[ 1082.795730][T12783] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 1082.808810][T12783] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 1082.819883][T12783] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 1082.830097][T12783] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 1082.839418][T12783] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 1083.063250][T17793] chnl_net:caif_netlink_parms(): no params data found
[ 1083.157373][T17793] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1083.165025][T17793] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1083.172511][T17793] bridge_slave_0: entered allmulticast mode
[ 1083.179926][T17793] bridge_slave_0: entered promiscuous mode
[ 1083.189852][T17793] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1083.197384][T17793] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1083.204806][T17793] bridge_slave_1: entered allmulticast mode
[ 1083.213876][T17793] bridge_slave_1: entered promiscuous mode
[ 1083.254206][T17793] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1083.267676][T17793] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1083.313922][T17793] team0: Port device team_slave_0 added
[ 1083.323703][T17793] team0: Port device team_slave_1 added
[ 1083.359005][T17793] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1083.366435][T17793] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1083.399183][T17793] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1083.413211][T17793] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1083.420214][T17793] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1083.446439][T17793] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1083.503904][T17793] hsr_slave_0: entered promiscuous mode
[ 1083.510899][T17793] hsr_slave_1: entered promiscuous mode
[ 1083.517753][T17793] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1083.525778][T17793] Cannot create hsr debugfs directory
[ 1084.911339][ T5849] Bluetooth: hci7: command tx timeout
[ 1086.991272][T17802] Bluetooth: hci7: command tx timeout
[ 1087.231339][T17802] Bluetooth: hci1: command 0x0406 tx timeout
[ 1089.071272][T12783] Bluetooth: hci7: command tx timeout
[ 1091.151294][T12783] Bluetooth: hci7: command tx timeout
[ 1109.328392][T17802] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[ 1109.342078][T17802] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[ 1109.350497][T17802] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[ 1109.359244][T17802] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[ 1109.367263][T17802] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[ 1109.598739][T17811] chnl_net:caif_netlink_parms(): no params data found
[ 1109.711187][T17811] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1109.718378][T17811] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1109.726517][T17811] bridge_slave_0: entered allmulticast mode
[ 1109.735552][T17811] bridge_slave_0: entered promiscuous mode
[ 1109.744903][T17811] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1109.752755][T17811] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1109.760085][T17811] bridge_slave_1: entered allmulticast mode
[ 1109.768405][T17811] bridge_slave_1: entered promiscuous mode
[ 1109.818570][T17811] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1109.834636][T17811] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1109.877216][T17811] team0: Port device team_slave_0 added
[ 1109.888139][T17811] team0: Port device team_slave_1 added
[ 1109.928277][T17811] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1109.935644][T17811] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1109.962556][T17811] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1109.975768][T17811] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1109.982840][T17811] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1110.009440][T17811] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1110.067912][T17811] hsr_slave_0: entered promiscuous mode
[ 1110.074537][T17811] hsr_slave_1: entered promiscuous mode
[ 1110.080731][T17811] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1110.088675][T17811] Cannot create hsr debugfs directory
[ 1111.391580][T12783] Bluetooth: hci8: command tx timeout
[ 1112.831539][T12783] Bluetooth: hci3: command 0x0406 tx timeout
[ 1113.471332][T17802] Bluetooth: hci8: command tx timeout
[ 1115.551300][T17802] Bluetooth: hci8: command tx timeout
[ 1117.641309][T17802] Bluetooth: hci8: command tx timeout
[ 1122.271515][   T31] INFO: task syz-executor:16748 blocked for more than 143 seconds.
[ 1122.279513][   T31]       Tainted: G     U              6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0
[ 1122.293294][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1122.302109][   T31] task:syz-executor    state:D stack:24264 pid:16748 tgid:16748 ppid:1      task_flags:0x480140 flags:0x00004006
[ 1122.314401][   T31] Call Trace:
[ 1122.317738][   T31]  <TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1122.321133][   T31]  __schedule+0x116a/0x5de0
[ 1122.327031][   T31]  ? finish_task_switch.isra.0+0x221/0xc10
[ 1122.333889][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1122.339220][   T31]  ? __pfx___schedule+0x10/0x10
[ 1122.344573][   T31]  ? find_held_lock+0x2b/0x80
[ 1122.349326][   T31]  ? schedule+0x2d7/0x3a0
[ 1122.354524][   T31]  schedule+0xe7/0x3a0
[ 1122.358867][   T31]  schedule_timeout+0x257/0x290
[ 1122.364234][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[ 1122.369690][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 1122.375892][   T31]  __wait_for_common+0x2ff/0x4e0
[ 1122.380918][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[ 1122.386895][   T31]  ? __pfx___wait_for_common+0x10/0x10
[ 1122.392859][   T31]  remove_one+0x312/0x420
[ 1122.397270][   T31]  ? find_next_child+0x18f/0x280
[ 1122.402729][   T31]  ? __pfx_remove_one+0x10/0x10
[ 1122.407668][   T31]  simple_recursive_removal+0x21b/0x690
[ 1122.413800][   T31]  ? do_raw_spin_unlock+0x172/0x230
[ 1122.419100][   T31]  ? __pfx_remove_one+0x10/0x10
[ 1122.425105][   T31]  debugfs_remove+0x5d/0x80
[ 1122.430286][   T31]  nsim_dev_health_exit+0x3b/0xe0
[ 1122.446487][   T31]  nsim_dev_reload_destroy+0x144/0x4d0
[ 1122.454946][   T31]  nsim_drv_remove+0x52/0x1d0
[ 1122.459707][   T31]  ? __pfx_nsim_bus_remove+0x10/0x10
[ 1122.470689][   T31]  device_remove+0xcb/0x170
[ 1122.478257][   T31]  device_release_driver_internal+0x44b/0x620
[ 1122.489871][   T31]  bus_remove_device+0x22f/0x420
[ 1122.496408][   T31]  device_del+0x396/0x9f0
[ 1122.500851][   T31]  ? __pfx_device_del+0x10/0x10
[ 1122.506453][   T31]  device_unregister+0x1d/0xc0
[ 1122.511646][   T31]  del_device_store+0x355/0x4a0
[ 1122.516561][   T31]  ? __pfx_del_device_store+0x10/0x10
[ 1122.522466][   T31]  ? find_held_lock+0x2b/0x80
[ 1122.527640][   T31]  ? sysfs_file_kobj+0xe4/0x290
[ 1122.533663][   T31]  ? __pfx_del_device_store+0x10/0x10
[ 1122.539137][   T31]  bus_attr_store+0x74/0xb0
[ 1122.544287][   T31]  ? __pfx_bus_attr_store+0x10/0x10
[ 1122.549565][   T31]  sysfs_kf_write+0xf2/0x150
[ 1122.554716][   T31]  kernfs_fop_write_iter+0x351/0x510
[ 1122.560076][   T31]  ? __pfx_sysfs_kf_write+0x10/0x10
[ 1122.565860][   T31]  vfs_write+0x6c4/0x1150
[ 1122.570391][   T31]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[ 1122.577048][   T31]  ? __pfx_vfs_write+0x10/0x10
[ 1122.582221][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1122.587535][   T31]  ksys_write+0x12a/0x250
[ 1122.592444][   T31]  ? __pfx_ksys_write+0x10/0x10
[ 1122.597429][   T31]  do_syscall_64+0xcd/0x490
[ 1122.605059][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1122.611562][   T31] RIP: 0033:0x7fa69798d3df
[ 1122.621257][   T31] RSP: 002b:00007ffce10afb30 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1122.668254][   T31] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007fa69798d3df
[ 1122.708349][   T31] RDX: 0000000000000001 RSI: 00007ffce10afb80 RDI: 0000000000000005
[ 1122.751131][   T31] RBP: 00007fa697a11d8d R08: 0000000000000000 R09: 00007ffce10af987
[ 1122.759209][   T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[ 1122.771017][   T31] R13: 00007ffce10afb80 R14: 00007fa6986e4620 R15: 0000000000000003
[ 1122.780485][   T31]  </TASK>
[ 1122.791203][   T31] INFO: task syz.3.2258:16887 blocked for more than 143 seconds.
[ 1122.799009][   T31]       Tainted: G     U              6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0
[ 1122.811577][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1122.820333][   T31] task:syz.3.2258      state:D stack:27096 pid:16887 tgid:16885 ppid:5838   task_flags:0x400140 flags:0x00004004
[ 1122.842737][   T31] Call Trace:
[ 1122.846106][   T31]  <TASK>
[ 1122.849087][   T31]  __schedule+0x116a/0x5de0
[ 1122.854416][   T31]  ? __pfx___schedule+0x10/0x10
[ 1122.859356][   T31]  ? find_held_lock+0x2b/0x80
[ 1122.864629][   T31]  ? schedule+0x2d7/0x3a0
[ 1122.869052][   T31]  schedule+0xe7/0x3a0
[ 1122.873741][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1122.879326][   T31]  __mutex_lock+0x6c7/0xb90
[ 1122.885624][   T31]  ? netlink_has_listeners+0x219/0x430
[ 1122.891865][   T31]  ? devlink_health_report+0x3ba/0x9c0
[ 1122.897434][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1122.903033][   T31]  ? lock_acquire+0x62/0x350
[ 1122.907718][   T31]  ? devlink_health_report+0x3ba/0x9c0
[ 1122.920283][   T31]  devlink_health_report+0x3ba/0x9c0
[ 1122.925988][   T31]  ? __pfx_devlink_health_report+0x10/0x10
[ 1122.932227][   T31]  ? _copy_from_user+0x59/0xd0
[ 1122.937496][   T31]  nsim_dev_health_break_write+0x166/0x210
[ 1122.944306][   T31]  ? __pfx_nsim_dev_health_break_write+0x10/0x10
[ 1122.950736][   T31]  full_proxy_write+0x13f/0x200
[ 1122.956155][   T31]  ? __pfx_full_proxy_write+0x10/0x10
[ 1122.961922][   T31]  vfs_write+0x2a0/0x1150
[ 1122.966340][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1122.971903][   T31]  ? __pfx_vfs_write+0x10/0x10
[ 1122.976766][   T31]  ? __fget_files+0x20e/0x3c0
[ 1122.981939][   T31]  ksys_write+0x12a/0x250
[ 1122.986346][   T31]  ? __pfx_ksys_write+0x10/0x10
[ 1122.992183][   T31]  do_syscall_64+0xcd/0x490
[ 1122.996782][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1123.003445][   T31] RIP: 0033:0x7f22c098e929
[ 1123.007942][   T31] RSP: 002b:00007f22c1735038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1123.016965][   T31] RAX: ffffffffffffffda RBX: 00007f22c0bb5fa0 RCX: 00007f22c098e929
[ 1123.025311][   T31] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000007
[ 1123.033671][   T31] RBP: 00007f22c0a10b39 R08: 0000000000000000 R09: 0000000000000000
[ 1123.042843][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1123.050886][   T31] R13: 0000000000000000 R14: 00007f22c0bb5fa0 R15: 00007ffc584e9668
[ 1123.059477][   T31]  </TASK>
[ 1123.062911][   T31] 
[ 1123.062911][   T31] Showing all locks held in the system:
[ 1123.070749][   T31] 1 lock held by khungtaskd/31:
[ 1123.076610][   T31]  #0: ffffffff8e3c46c0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0
[ 1123.087429][   T31] 1 lock held by syz-executor/5836:
[ 1123.093096][   T31] 1 lock held by syz.4.452/7991:
[ 1123.098117][   T31]  #0: ffffffff8e3cfcb8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x1a3/0x3c0
[ 1123.108867][   T31] 2 locks held by getty/15572:
[ 1123.114022][   T31]  #0: ffff8880315960a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[ 1123.124256][   T31]  #1: ffffc900030442f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0
[ 1123.134805][   T31] 7 locks held by syz-executor/16748:
[ 1123.140633][   T31]  #0: ffff888035592428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 1123.150600][   T31]  #1: ffff888030e25c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1123.161175][   T31]  #2: ffff8881413c5878 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1123.171780][   T31]  #3: ffffffff8f6eab08 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0
[ 1123.182541][   T31]  #4: ffff88807a9780e8 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xa4/0x620
[ 1123.193557][   T31]  #5: ffff88807a979250 (&devlink->lock_key#3){+.+.}-{4:4}, at: nsim_drv_remove+0x4a/0x1d0
[ 1123.204108][   T31]  #6: ffff88804fa67438 (&sb->s_type->i_mutex_key#3){++++}-{4:4}, at: simple_recursive_removal+0x2c5/0x690
[ 1123.216127][   T31] 3 locks held by syz.3.2258/16887:
[ 1123.228478][   T31]  #0: ffff88802e7e60f8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370
[ 1123.254016][   T31]  #1: ffff88801faa2428 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 1123.270179][   T31]  #2: ffff88807a979250 (&devlink->lock_key#3){+.+.}-{4:4}, at: devlink_health_report+0x3ba/0x9c0
[ 1123.288919][   T31] 4 locks held by syz-executor/17099:
[ 1123.294430][   T31]  #0: ffff888035592428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 1123.303872][   T31]  #1: ffff88802557c088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1123.313804][   T31]  #2: ffff8881413c5878 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1123.323979][   T31]  #3: ffffffff8f6eab08 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0
[ 1123.334744][   T31] 2 locks held by kworker/u8:6/17477:
[ 1123.340248][   T31] 4 locks held by syz-executor/17502:
[ 1123.346548][   T31]  #0: ffff888035592428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 1123.356050][   T31]  #1: ffff88805e1de888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1123.366453][   T31]  #2: ffff8881413c5878 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1123.376636][   T31]  #3: ffffffff8f6eab08 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0
[ 1123.387166][   T31] 4 locks held by syz-executor/17781:
[ 1123.392691][   T31]  #0: ffff888035592428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 1123.401876][   T31]  #1: ffff88805e4c3888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1123.411795][   T31]  #2: ffff8881413c5878 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1123.422037][   T31]  #3: ffffffff8f6eab08 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0
[ 1123.432474][   T31] 4 locks held by syz-executor/17793:
[ 1123.437889][   T31]  #0: ffff888035592428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 1123.447406][   T31]  #1: ffff88805dc5c888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1123.457597][   T31]  #2: ffff8881413c5878 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1123.467841][   T31]  #3: ffffffff8f6eab08 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0
[ 1123.478345][   T31] 4 locks held by syz-executor/17811:
[ 1123.484759][   T31]  #0: ffff888035592428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 1123.494301][   T31]  #1: ffff88805c340088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1123.504280][   T31]  #2: ffff8881413c5878 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1123.514517][   T31]  #3: ffffffff8f6eab08 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0
[ 1123.525410][   T31] 
[ 1123.527871][   T31] =============================================
[ 1123.527871][   T31] 
[ 1123.558900][   T31] NMI backtrace for cpu 1
[ 1123.558928][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Tainted: G     U              6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[ 1123.558968][   T31] Tainted: [U]=USER
[ 1123.558993][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1123.559009][   T31] Call Trace:
[ 1123.559020][   T31]  <TASK>
[ 1123.559031][   T31]  dump_stack_lvl+0x116/0x1f0
[ 1123.559082][   T31]  nmi_cpu_backtrace+0x27b/0x390
[ 1123.559116][   T31]  ? _raw_spin_unlock_irqrestore+0x61/0x80
[ 1123.559163][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1123.559203][   T31]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[ 1123.559248][   T31]  watchdog+0xf70/0x12c0
[ 1123.559313][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1123.559358][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1123.559411][   T31]  ? __kthread_parkme+0x19e/0x250
[ 1123.559450][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1123.559497][   T31]  kthread+0x3c2/0x780
[ 1123.559542][   T31]  ? __pfx_kthread+0x10/0x10
[ 1123.559589][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1123.559621][   T31]  ? __pfx_kthread+0x10/0x10
[ 1123.559666][   T31]  ret_from_fork+0x5d4/0x6f0
[ 1123.559709][   T31]  ? __pfx_kthread+0x10/0x10
[ 1123.559754][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1123.559806][   T31]  </TASK>
[ 1123.559817][   T31] Sending NMI from CPU 1 to CPUs 0:
[ 1123.691632][    C0] NMI backtrace for cpu 0
[ 1123.691656][    C0] CPU: 0 UID: 0 PID: 9 Comm: kworker/0:0 Tainted: G     U              6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[ 1123.691697][    C0] Tainted: [U]=USER
[ 1123.691706][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1123.691725][    C0] Workqueue: events drain_vmap_area_work
[ 1123.691757][    C0] RIP: 0010:mark_lock+0x52/0x610
[ 1123.691791][    C0] Code: 87 8d 00 00 00 49 89 ff 49 89 f4 89 d3 83 fa 08 74 6d 41 bd 01 00 00 00 89 d9 41 d3 e5 4d 63 ed 41 0f b7 44 24 20 66 25 ff 1f <0f> b7 c0 48 0f a3 05 e3 fb 1a 14 0f 83 86 00 00 00 48 8d 04 80 48
[ 1123.691817][    C0] RSP: 0018:ffffc900000e73f0 EFLAGS: 00000002
[ 1123.691837][    C0] RAX: 0000000000000007 RBX: 0000000000000009 RCX: ffffffff95b2db58
[ 1123.691855][    C0] RDX: 0000000000000008 RSI: ffff88801e298b90 RDI: ffff88801e298000
[ 1123.691872][    C0] RBP: ffffc900000e7490 R08: 0000000000000000 R09: 0000000000000000
[ 1123.691889][    C0] R10: 00000000000000a0 R11: 0000000000000001 R12: ffff88801e298b90
[ 1123.691905][    C0] R13: 0000000000000200 R14: 0000000000000004 R15: ffff88801e298000
[ 1123.691922][    C0] FS:  0000000000000000(0000) GS:ffff888124962000(0000) knlGS:0000000000000000
[ 1123.691946][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1123.691964][    C0] CR2: 00007fd8be4e7d60 CR3: 000000000e182000 CR4: 00000000003526f0
[ 1123.691982][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1123.692007][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1123.692024][    C0] Call Trace:
[ 1123.692032][    C0]  <TASK>
[ 1123.692045][    C0]  ? __lock_acquire+0x622/0x1c90
[ 1123.692082][    C0]  __lock_acquire+0x3e9/0x1c90
[ 1123.692118][    C0]  ? __lock_acquire+0x622/0x1c90
[ 1123.692152][    C0]  lock_acquire+0x179/0x350
[ 1123.692185][    C0]  ? unwind_next_frame+0xbd/0x20a0
[ 1123.692225][    C0]  ? lock_acquire+0x179/0x350
[ 1123.692262][    C0]  unwind_next_frame+0xd1/0x20a0
[ 1123.692300][    C0]  ? unwind_next_frame+0xbd/0x20a0
[ 1123.692338][    C0]  ? __unwind_start+0x574/0x7f0
[ 1123.692375][    C0]  ? get_stack_info_noinstr+0x18/0x120
[ 1123.692411][    C0]  __unwind_start+0x45f/0x7f0
[ 1123.692450][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1123.692482][    C0]  arch_stack_walk+0x73/0x100
[ 1123.692525][    C0]  ? __unwind_start+0x574/0x7f0
[ 1123.692565][    C0]  stack_trace_save+0x8e/0xc0
[ 1123.692593][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[ 1123.692623][    C0]  ? __lock_acquire+0x622/0x1c90
[ 1123.692658][    C0]  save_stack+0x160/0x1f0
[ 1123.692693][    C0]  ? __pfx_save_stack+0x10/0x10
[ 1123.692736][    C0]  ? page_ext_put+0x3e/0xd0
[ 1123.692777][    C0]  __reset_page_owner+0x84/0x1a0
[ 1123.692816][    C0]  __free_frozen_pages+0x7fe/0x1180
[ 1123.692853][    C0]  ? __pfx_kasan_depopulate_vmalloc_pte+0x10/0x10
[ 1123.692892][    C0]  kasan_depopulate_vmalloc_pte+0x5f/0x80
[ 1123.692929][    C0]  __apply_to_page_range+0xa92/0x1350
[ 1123.692967][    C0]  ? __pfx_kasan_depopulate_vmalloc_pte+0x10/0x10
[ 1123.693012][    C0]  ? __pfx___apply_to_page_range+0x10/0x10
[ 1123.693045][    C0]  ? find_held_lock+0x2b/0x80
[ 1123.693070][    C0]  ? purge_vmap_node+0x78f/0xa30
[ 1123.693097][    C0]  kasan_release_vmalloc+0xd1/0xe0
[ 1123.693133][    C0]  purge_vmap_node+0x1c4/0xa30
[ 1123.693164][    C0]  ? __pfx_purge_vmap_node+0x10/0x10
[ 1123.693191][    C0]  ? on_each_cpu_cond_mask+0x5a/0x90
[ 1123.693218][    C0]  __purge_vmap_area_lazy+0xa06/0xc60
[ 1123.693250][    C0]  drain_vmap_area_work+0x27/0x40
[ 1123.693276][    C0]  process_one_work+0x9cf/0x1b70
[ 1123.693321][    C0]  ? __pfx_process_one_work+0x10/0x10
[ 1123.693365][    C0]  ? assign_work+0x1a0/0x250
[ 1123.693401][    C0]  worker_thread+0x6c8/0xf10
[ 1123.693447][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 1123.693485][    C0]  kthread+0x3c2/0x780
[ 1123.693520][    C0]  ? __pfx_kthread+0x10/0x10
[ 1123.693556][    C0]  ? rcu_is_watching+0x12/0xc0
[ 1123.693581][    C0]  ? __pfx_kthread+0x10/0x10
[ 1123.693616][    C0]  ret_from_fork+0x5d4/0x6f0
[ 1123.693650][    C0]  ? __pfx_kthread+0x10/0x10
[ 1123.693685][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1123.693720][    C0]  </TASK>
[ 1123.694730][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 1124.093826][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Tainted: G     U              6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[ 1124.107238][   T31] Tainted: [U]=USER
[ 1124.111073][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1124.121164][   T31] Call Trace:
[ 1124.124466][   T31]  <TASK>
[ 1124.127422][   T31]  dump_stack_lvl+0x3d/0x1f0
[ 1124.132070][   T31]  panic+0x71c/0x800
[ 1124.136043][   T31]  ? __pfx_panic+0x10/0x10
[ 1124.140513][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 1124.145943][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1124.151978][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 1124.157397][   T31]  ? watchdog+0xdda/0x12c0
[ 1124.161867][   T31]  ? watchdog+0xdcd/0x12c0
[ 1124.166342][   T31]  watchdog+0xdeb/0x12c0
[ 1124.170644][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1124.175369][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1124.180623][   T31]  ? __kthread_parkme+0x19e/0x250
[ 1124.185705][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1124.190445][   T31]  kthread+0x3c2/0x780
[ 1124.194580][   T31]  ? __pfx_kthread+0x10/0x10
[ 1124.199238][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1124.204046][   T31]  ? __pfx_kthread+0x10/0x10
[ 1124.208687][   T31]  ret_from_fork+0x5d4/0x6f0
[ 1124.213326][   T31]  ? __pfx_kthread+0x10/0x10
[ 1124.217964][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1124.222804][   T31]  </TASK>
[ 1124.226240][   T31] Kernel Offset: disabled
[ 1124.230599][   T31] Rebooting in 86400 seconds..