last executing test programs:

3m2.910877774s ago: executing program 3 (id=755):
write$auto(0x3, 0x0, 0xffd8)
unshare$auto(0x40000080)
fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d)
rename$auto(&(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='./file0\x00')
open(&(0x7f0000000040)='./file0\x00', 0x1e9e02, 0x61)
mincore$auto(0x80000000001, 0x2, 0x0)
write$auto(0xca, &(0x7f0000000000)='\x04\x1d\x19\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa4Cn\xb2./jn>9\xd2\xdb\x88\xf4\x1aVj\x13j\xe1\x96\xf7\xc2\xd3qm\xe6q\xf9\xa6u\x8eZ\x00\xf8*C]\xfd)/\xf3\xa1\x92|\x06|\xd0\x82\x93\xa5\x9a5if\xd0\x8e%g,\xc5\xec\xef\x87\x19\x17\xb0\xe1s\xf6U\xc0\x90r\xc5\xc8H\xa3\x9d\xce\x98\xe7\xb1B:\x179\xdc8\xa8) \x15\xce\xd8\x86\xff-\x80\xf5jMj\xda\x8f\x03EO\xe6\xa4Q\x81+v\xc9\xb8\x00\xcf\x94_\xa7\xadV\xc9\x7f;1R\xa0\x7f\xbe\x1e\x83\an/w[i\th\x9c\xb8\xd1\xed\xba\\\v\xe1\v\x81\xcc\xba\x03-N@ \x14\x1e\n\xe9g\x9fF\x05\xc8\x9f\xe5[\xba\xd2V\x9b\xc1\x9f\xf1%\x9c\xba\xf9\xb4\xa8\xd4\x05G\xf6\x82\xf3m\xe6V\xba\xa0\xf9K\x15\xcc_H\xce\xfd\xe2\x88\"\xe0\xd5Ld\x7f\x1c\x90^\x8d%\xb4', 0x9)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/vm/dirty_bytes\x00', 0x8a042, 0x0)
r0 = socket(0x29, 0x2, 0x0)
mprotect$auto(0x200000000000, 0x806121, 0x8)
set_mempolicy$auto(0x6, &(0x7f00000003c0)=0xffffffffffffffff, 0x2)
sendfile$auto(r0, 0x3, 0x0, 0x40)
msgctl$auto_IPC_INFO(0x8, 0x3, &(0x7f0000000200)={{0x10000, <r1=>0x0, 0x0, 0x4, 0x6, 0x857, 0xfc2}, &(0x7f0000000180)=0x7, &(0x7f00000001c0)=0x9, 0xffffffffffffffff, 0xffffffff, 0x9, 0x81, 0x0, 0x40, 0xffd7, 0xffff, @inferred=0xffffffffffffffff, @raw=0x8})
statx$auto(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x9, 0x4, &(0x7f00000002c0)={0xffff, 0x7f, 0x401, 0xd76, <r2=>0xee00, 0xffffffffffffffff, 0xfff5, 0x1, 0xfffffffffffffff7, 0xfffffffffffff801, 0x3, 0x4, {0x8, 0x79}, {0xfffffffffffffff8, 0x7}, {0x7, 0x7f}, {0x10001, 0x800001}, 0x2, 0x0, 0x8, 0xd7, 0x0, 0x2065, 0x10000, 0x84, 0x7, 0x10003, 0x8, 0x3, [0x9, 0x80000000, 0x6, 0x10000, 0xc, 0x88, 0x8, 0x0, 0x4]})
r3 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0)
fcntl$auto_F_SETFL(r3, 0x4, 0x0)
ioctl$auto_KVM_GET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee2, &(0x7f00000003c0)={0x5de, <r4=>0xee00, 0x2d, 0x3})
r5 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyra\x00', 0x480800, 0x0)
ioctl$auto_TIOCMGET(r5, 0x5415, &(0x7f0000000440)="e371391a16e0eb3ad762bcb6463c5219967fd0923776830ddc2c4816abbf0134ee0f48ffaa7aedb4c1b1fc651ef6c9b246f31e966fdbef98e88cce29e30a4769f12a50f9ef01d76f489d3fb5b501be1808bb1def84489d1d6c0b8f78c945c6d395dabcfd7c07be14ad54600f1f6dea8f4057f738552a6baefbbc0ae3676cdc72127166e8d7987b50a2c772bd7712cc4cdb59980b9b7d052e2c131b796724b49d1b")
keyctl$auto(0x2, r1, r2, r4, 0x4)
r6 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/bus/usb/013/001\x00', 0xa901, 0x0)
kexec_load$auto(0x7ceb, 0x5, &(0x7f00000000c0)={@buf=&(0x7f0000000500)="8dbd46411486de45d0cae5969bc5784d76b8023552005fbf8b9525220f74d170155312ca7d7f2dcb5b42c6", 0xf1, 0x0, 0xfffffffffefffffb}, 0x102)
ioctl$auto_USBDEVFS_SUBMITURB(r6, 0x8038550a, &(0x7f0000000080)={0x2, 0x80, 0x10001, 0x5, &(0x7f0000000000), 0xd, 0x3, 0x2, @stream_id=0x2, 0x7, 0x476, 0x0})

2m55.681957503s ago: executing program 3 (id=779):
mmap$auto(0x0, 0x20009, 0x5, 0xeb2, 0x8, 0x1008000)
socket(0xf, 0x2, 0x7)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/pid_for_children\x00')
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f0000000000))
socket(0x2, 0x1, 0x106)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp1\x00', 0x20002, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/firmware/acpi/interrupts/gpe02\x00', 0x2, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000440)='/proc/sys/kernel/timer_migration\x00', 0x242, 0x0)
socket(0xa, 0x3, 0x2c)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
ioctl$auto_SNDCTL_DSP_POST(r1, 0x5008, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f0000000440)="0db1")
ioctl$auto_SNDCTL_DSP_GETOSPACE(r1, 0x8010500c, &(0x7f0000000040))
mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
r2 = io_uring_setup$auto(0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r3, 0x0, 0x0)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x26142, 0x4b)
write$auto(r4, 0x0, 0x100082)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'geneve1\x00'})
ioctl$auto_FS_IOC_SETFLAGS2(r4, 0x40086602, 0x0)
pwrite64$auto(r4, 0x0, 0x8, 0x200000000000003)
close_range$auto(0x2, 0xa, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x3f)

2m51.186857738s ago: executing program 3 (id=789):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
open(&(0x7f0000000040)='./file0\x00', 0x119083, 0x0)
socket(0x1f, 0x2, 0x1)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x129000, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xa083, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000180)='/dev/admmidi2\x00', 0x88042, 0x0)
read$auto(r0, 0x0, 0x20)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0xa, 0x73)
socket(0x2b, 0x1, 0x0)
setsockopt$auto(0x3, 0x1, 0x1, 0x0, 0x10001)
socket(0x2, 0x1, 0x106)
openat$auto_wakeup_sources_stats_fops_wakeup(0xffffffffffffff9c, &(0x7f0000000080), 0x18402, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/fs/ocfs2/cluster_stack\x00', 0x88282, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000001280)='/sys/kernel/security/tomoyo/query\x00', 0x80402, 0x0)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x8000000000000d3e, 0x2, 0x948f, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x6, 0x62, 0x80000000, 0x0, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
socket(0x2, 0x801, 0x100)
connect$auto(0x3, &(0x7f00000000c0)=@sco={0x1f, @none}, 0x1)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6d)
mmap$auto(0x0, 0x2, 0x3, 0xeb3, 0xffffffffffffffff, 0x8000)
listen$auto(0x3, 0x81)
socket(0x2b, 0x1, 0x0)

2m42.738828897s ago: executing program 3 (id=808):
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x5, 0x14, 0x944, 0x1ffe2, 0x3, 0x6, 0x7, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0xd, 0x5, 0x3, 0x40, 0x7, 0x20, 0x309, 0x6, 0x0, 0x7fffffff, 0x3, 0x0, 0x0, 0xffffffff, 0x0, 0x0, [0x0, 0x0, 0x0, 0x4, 0x9, 0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x4000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x800000000002, 0x9, 0x0, 0x0, 0x0, 0x100, 0xe, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x10, 0xfffffffffffffffe, 0xffffffffffffd059, 0x0, 0x0, 0x0, 0x2961]}, 0x1fb, 0x81)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/virtual/block/nbd3/queue/iosched/front_merges\x00', 0x2041, 0x0)
socket(0x2, 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/nbd12\x00', 0x6600, 0x0)
symlink$auto(&(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000000)='./file0\x00')
readlink$auto(&(0x7f0000000040)='./file0\x00', 0x0, 0x40)
socket(0xa, 0x1, 0x84)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
bind$auto(0x3, &(0x7f0000000040)=@generic={0xa, "02d0ac0c00e435826339c7328903"}, 0x6a)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/memfd_noexec\x00', 0x2, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x59, 0x0)
madvise$auto(0x0, 0xffffffffffff0006, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x400053, 0x9)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket(0xa, 0x2, 0x88)
write$auto(r0, &(0x7f00000002c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84U\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@\x025`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc,^U!*\xaf\x9df\xed`NGz\xc5\xdbQ\x9a\xab\xa1[\"\xa9Q\xbem\xe2\x1f>o\xf6\xed\x1c\v\x00x', 0x40000100000a3d9)
mmap$auto(0x0, 0x10000, 0x4000000000db, 0xeb1, 0x2, 0x8000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop2\x00', 0x24040, 0x0)

2m38.648638397s ago: executing program 3 (id=827):
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
futex$auto(&(0x7f00000003c0)=0x58, 0x5, 0x3, 0x0, 0x0, 0x2000005)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
socket(0xa, 0x1, 0x84)
semctl$auto(0x201, 0xfffffffffffffffa, 0x3, 0x0)
setsockopt$auto(0x3, 0x10000000084, 0xd, 0x0, 0x8)
bpf$auto(0xfffffffd, 0x0, 0xa3)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcsa\x00', 0x2a801, 0x0)
close_range$auto(0x2, 0x8, 0x0)
ioctl$auto_SNDCTL_DSP_SUBDIVIDE(0xffffffffffffffff, 0xc0045009, &(0x7f00000001c0))
acct$auto(0x0)
r1 = openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cpu/0/msr\x00', 0x80600, 0x0)
ioctl$auto_X86_IOC_RDMSR_REGS(r1, 0xc02063a0, 0x0)
move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2)

2m38.196450883s ago: executing program 3 (id=830):
write$auto(0xffffffffffffffff, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
r1 = socket(0x10, 0x2, 0x4)
close_range$auto(0x2, 0x8, 0x0)
r2 = socket(0x10, 0x2, 0xc)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002dbd7000f9dbdf25010000000600020001"], 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$auto_TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000003740)={&(0x7f0000000000)=ANY=[@ANYBLOB="b1000000", @ANYRES16, @ANYBLOB="01002dbd7000fddbdf25030000000c0001"], 0x20}, 0x1, 0x0, 0x0, 0x41}, 0x40080)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r2, @ANYRES8=r0], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x0)
write$auto(r1, &(0x7f0000000000)='-\x00', 0xfdef)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
r3 = io_uring_setup$auto(0x1d48, &(0x7f0000000340)={0x7fffffff, 0x10, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [0x2], {0x6, 0x100088, 0x1, 0x80000000, 0x100, 0x83, 0x101, 0x6, 0x8000000000000001}, {0x100, 0x1, 0x10000052, 0x94c2, 0x11, 0x101, 0x876c5, 0xc9, 0x3}})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000180)={0x34, r5, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0xd0}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x85}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0xe96b}]}, 0x34}}, 0x4000)
timer_create$auto(0x0, 0x0, 0x0)
r6 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r6, 0x0, 0x0)
mmap$auto(0x6, 0x4, 0x4000000000dd, 0x40eb1, r6, 0x300000000000)
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000020c0), 0xffffffffffffffff)
ioctl$auto_EVIOCSKEYCODE_V2(r3, 0x40284504, &(0x7f0000000000)={0x3, 0x81, 0x94b, 0x4, "d255d81b4a77afade4f30b242fd88458acc7311a3a8af4a051b56bf5a72e547f"})
sendmsg$auto_ETHTOOL_MSG_MM_GET(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, r8, 0x301, 0x70bd28, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x44808}, 0x2004c894)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)

2m34.039335436s ago: executing program 2 (id=843):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
msync$auto(0x0, 0x2000000005, 0x6)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
socket(0xa, 0x3, 0x3b)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/radio6\x00', 0x80100, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x1, 0x7)
mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
pwritev2$auto(r1, &(0x7f00000003c0)={0x0, 0x5}, 0x8000000000000004, 0xffffffffffffffff, 0x9, 0xb)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xfffffffffffffffd, 0x40)
r2 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0xc8201, 0x0)
r3 = socket(0x10, 0x3, 0x6)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r0)
sendmsg$auto_NL80211_CMD_GET_MESH_CONFIG(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=ANY=[@ANYBLOB="14000000", @ANYRES8=r2, @ANYRESDEC=r3], 0x14}, 0x1, 0x0, 0x0, 0x4080}, 0x48d0)
sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x110}, 0x1, 0x0, 0x0, 0x4}, 0x40000)
select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x6, 0x8d, 0x1, 0x948b, 0x23, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001d, 0x7, 0x6d41, 0x9, 0x2, 0x6]}, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xc2c02, 0x0)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0)
ioctl$auto_TCFLSH2(r4, 0x5453, 0x0)

2m32.219455155s ago: executing program 2 (id=848):
fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d)
rename$auto(0x0, &(0x7f0000000080)='./file0\x00')
open(0x0, 0x1e9e02, 0x61)
mincore$auto(0x80000000001, 0x2, 0x0)
write$auto(0xca, &(0x7f0000000000)='\x04\x1d\x19\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa4Cn\xb2./jn>9\xd2\xdb\x88\xf4\x1aVj\x13j\xe1\x96\xf7\xc2\xd3qm\xe6q\xf9\xa6u\x8eZ\x00\xf8*C]\xfd)/\xf3\xa1\x92|\x06|\xd0\x82\x93\xa5\x9a5if\xd0\x8e%g,\xc5\xec\xef\x87\x19\x17\xb0\xe1s\xf6U\xc0\x90r\xc5\xc8H\xa3\x9d\xce\x98\xe7\xb1B:\x179\xdc8\xa8) \x15\xce\xd8\x86\xff-\x80\xf5jMj\xda\x8f\x03EO\xe6\xa4Q\x81+v\xc9\xb8\x00\xcf\x94_\xa7\xadV\xc9\x7f;1R\xa0\x7f\xbe\x1e\x83\an/w[i\th\x9c\xb8\xd1\xed\xba\\\v\xe1\v\x81\xcc\xba\x03-N@ \x14\x1e\n\xe9g\x9fF\x05\xc8\x9f\xe5[\xba\xd2V\x9b\xc1\x9f\xf1%\x9c\xba\xf9\xb4\xa8\xd4\x05G\xf6\x82\xf3m\xe6V\xba\xa0\xf9K\x15\xcc_H\xce\xfd\xe2\x88\"\xe0\xd5Ld\x7f\x1c\x90^\x8d%\xb4', 0x9)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x8a042, 0x0)
socket(0x29, 0x2, 0x0)
mprotect$auto(0x200000000000, 0x806121, 0x8)
set_mempolicy$auto(0x6, 0x0, 0x2)
msgctl$auto_IPC_INFO(0x8, 0x3, 0x0)
statx$auto(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x9, 0x4, &(0x7f00000002c0)={0xffff, 0x7f, 0x401, 0xd76, 0xee00, 0xffffffffffffffff, 0xfff5, 0x1, 0xfffffffffffffff7, 0xfffffffffffff801, 0x3, 0x4, {0x8, 0x79}, {0xfffffffffffffff8, 0x7}, {0x7, 0x7f}, {0x10001, 0x800001}, 0x2, 0x0, 0x8, 0xd7, 0x0, 0x2065, 0x10000, 0x84, 0x7, 0x10003, 0x8, 0x3, [0x9, 0x80000000, 0x6, 0x10000, 0xc, 0x88, 0x8, 0x0, 0x4]})
r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0)
fcntl$auto_F_SETFL(r0, 0x4, 0x0)
ioctl$auto_KVM_GET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee2, 0x0)
r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyra\x00', 0x480800, 0x0)
ioctl$auto_TIOCMGET(r1, 0x5415, &(0x7f0000000440)="e371391a16e0eb3ad762bcb6463c5219967fd0923776830ddc2c4816abbf0134ee0f48ffaa7aedb4c1b1fc651ef6c9b246f31e966fdbef98e88cce29e30a4769f12a50f9ef01d76f489d3fb5b501be1808bb1def84489d1d6c0b8f78c945c6d395dabcfd7c07be14ad54600f1f6dea8f4057f738552a6baefbbc0ae3676cdc72127166e8d7987b50a2c772bd7712cc4cdb59980b9b7d052e2c131b796724b49d1b")

2m32.049089898s ago: executing program 2 (id=849):
write$auto(0x3, 0x0, 0xffd8)
unshare$auto(0x40000080)
fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d)
rename$auto(&(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='./file0\x00')
open(&(0x7f0000000040)='./file0\x00', 0x1e9e02, 0x61)
mincore$auto(0x80000000001, 0x2, 0x0)
write$auto(0xca, &(0x7f0000000000)='\x04\x1d\x19\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa4Cn\xb2./jn>9\xd2\xdb\x88\xf4\x1aVj\x13j\xe1\x96\xf7\xc2\xd3qm\xe6q\xf9\xa6u\x8eZ\x00\xf8*C]\xfd)/\xf3\xa1\x92|\x06|\xd0\x82\x93\xa5\x9a5if\xd0\x8e%g,\xc5\xec\xef\x87\x19\x17\xb0\xe1s\xf6U\xc0\x90r\xc5\xc8H\xa3\x9d\xce\x98\xe7\xb1B:\x179\xdc8\xa8) \x15\xce\xd8\x86\xff-\x80\xf5jMj\xda\x8f\x03EO\xe6\xa4Q\x81+v\xc9\xb8\x00\xcf\x94_\xa7\xadV\xc9\x7f;1R\xa0\x7f\xbe\x1e\x83\an/w[i\th\x9c\xb8\xd1\xed\xba\\\v\xe1\v\x81\xcc\xba\x03-N@ \x14\x1e\n\xe9g\x9fF\x05\xc8\x9f\xe5[\xba\xd2V\x9b\xc1\x9f\xf1%\x9c\xba\xf9\xb4\xa8\xd4\x05G\xf6\x82\xf3m\xe6V\xba\xa0\xf9K\x15\xcc_H\xce\xfd\xe2\x88\"\xe0\xd5Ld\x7f\x1c\x90^\x8d%\xb4', 0x9)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/vm/dirty_bytes\x00', 0x8a042, 0x0)
r0 = socket(0x29, 0x2, 0x0)
mprotect$auto(0x200000000000, 0x806121, 0x8)
sendfile$auto(r0, 0x3, 0x0, 0x40)

2m31.458686421s ago: executing program 2 (id=851):
mmap$auto(0x0, 0x20009, 0x5, 0xeb2, 0x8, 0x1008000)
socket(0x10, 0x2, 0x0)
bpf$auto_BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000200)=@query={@target_ifindex, 0x7, 0xa6ad, 0x6, 0xca4b, @prog_cnt=0x40, 0x0, 0x4, 0x1, 0x644f, 0x2}, 0x122)
mmap$auto(0x0, 0x1, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_hwsim_simulate_radar_(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy0/hwsim/dfs_simulate_radar\x00', 0x8346, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0)
read$auto(r1, 0x0, 0x20)
writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f0000000000))
socket(0x2, 0x1, 0x106)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0xfffffffffffffffe)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20002, 0x0)
ioctl$auto_SNDCTL_DSP_POST(r3, 0x5008, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r3, 0xc0045002, &(0x7f0000000440)='\r')
ioctl$auto_SNDCTL_DSP_GETOSPACE(r3, 0x8010500c, &(0x7f0000000040))
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x10}}, 0x2000054)
mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0xfff)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
mmap$auto(0xfffffffffffffffc, 0x2020009, 0x8, 0x800000eb1, 0xfffffffffffffffa, 0x8000)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0)

2m30.519209701s ago: executing program 2 (id=855):
getcwd$auto(0x0, 0x7)
sendmsg$auto_SMC_NETLINK_REMOVE_UEID(0xffffffffffffffff, 0x0, 0x20000000)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
getsockopt$auto(r0, 0x6, 0x18, 0x0, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/adsp1\x00', 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/tty51\x00', 0x80, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0xf3, 0x4, 0x8000000000000000, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyp6\x00', 0x610300, 0x0)
ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/gss_krb5_enctypes\x00', 0x2ca980, 0x0)
socket(0x11, 0x80003, 0x300)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
socket(0xa, 0x2, 0x0)
socket(0x11, 0x2, 0x9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/bus/usb/drivers/bcm203x/remove_id\x00', 0x501001, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)

2m29.501854443s ago: executing program 2 (id=860):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/ram8/queue/discard_max_bytes\x00', 0x80000, 0x0)
read$auto(r0, 0x0, 0x20)
mmap$auto(0x0, 0x2000b, 0x8, 0x40000000000eb1, r0, 0x8000)
socket(0x2, 0x2, 0x0)
mknod$auto(&(0x7f0000000180)=':,\x00', 0x7, 0x8)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
mount$auto(0x0, &(0x7f0000000100)=':,\x00', &(0x7f0000000580)='nfsd\x00\xee\x1a\x8fg\x1b\x04\xad>\x96\xe9IG\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\t\xf8p\xc6\x00\x00\x00\x00\xb9\xac\xde\x0e\x90\x18\xf1\x13I\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd\x14\x81\xbe\xab\xed\xd5MI\x830_\xc2\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xees\xf0\xc2\xad\xae\x99\xeb\xc5\xf0\"\x92\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9\xe8\xb2\x05\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14\x94o\x1b[\xa8]\x9b\x03\x95\xc3\xad\xad\x1d#oi|\x04\x93N\xfa\x17\xf3b\xf6E*\xc9\xdd.q\xdbAX\xf6\xfaD\xcdz\xbc~\xf30LE\xb5\x18Wf\xd3\x9b\\\x1c\xbb^\xfb9\xe5\x1b:\xa4\xdd\x81\x91\\\xbc\x1fUl\xfa)\xbf\x9dPV\xae\xa9\x9c)\x01|\xfe\xd0!Rx\a\xc4\xb1$\x8eE\xc2j\x83sLS\xa8H\xf6\xf2,R\x90:\x8fx\xab\x90\xfe$h\x80!\xe2\nY#\xee\x1b}O=\x8bn\xd7zZ\x18\xa7\x9e~\x94k\x8e\xdba\xf2\xc3G\x8egR3\x1d\x01J\x87\x14(}\f\xb1}%N|z,\xbe\x1fB\xd3\xeb\xec\x83X\x8f\x97\x95\xfd\xed\xe6wt\x1d\xb3\xa8\xfb)L~}\x9f\xbf\xd0\xc9\x9d\x82-C\xc3Ez@\x8c\xbf\xa2 \x88\\\r6M\x83', 0x4, 0x0)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', 0x0, 0x7, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x40, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000002dc0), 0xffffffffffffffff)
sendmsg$auto_OVS_METER_CMD_DEL(r2, &(0x7f0000002ec0)={0x0, 0x0, &(0x7f0000002e80)={&(0x7f00000001c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010003bd7000fb3630dd97c75ef51e9bdbdf250300efff03000978034923940202c5ff7c4f933e8ee03a64bc3dd588effd37e0322f58bce6100000b823d15a9a441f040fff4c62b1f1"], 0x2c}, 0x1, 0x0, 0x0, 0x4004894}, 0x0)
connect$auto(r1, &(0x7f0000000080)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xe}}, 0x40)
r4 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x4, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x801, 0x0)
r5 = socketpair$auto(0x7, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x1004, 0x1d2d, 0x3, 0xffff, 0x15f4da0e, 0x6, 0x9, 0xfffffffffffffffd, 0x8, 0x4, 0xfca, 0x9, 0xfffffffffffffffe, 0x4000000000000d]}, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
socket(0x1d, 0xa, 0x5)
ioctl$auto(r5, 0x4b41, r4)
mmap$auto(0x20410, 0x202000a, 0x401, 0xeb1, 0xfffffffffffffffa, 0x8002)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x7f, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0xfffffffe, 0x1, 0x8000000000000000, 0x0)
inotify_init1$auto(0x3000000000000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000900)='/proc/sys/kernel/pid_max\x00', 0x0, 0x0)

2m23.068466187s ago: executing program 32 (id=830):
write$auto(0xffffffffffffffff, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
r1 = socket(0x10, 0x2, 0x4)
close_range$auto(0x2, 0x8, 0x0)
r2 = socket(0x10, 0x2, 0xc)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002dbd7000f9dbdf25010000000600020001"], 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$auto_TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000003740)={&(0x7f0000000000)=ANY=[@ANYBLOB="b1000000", @ANYRES16, @ANYBLOB="01002dbd7000fddbdf25030000000c0001"], 0x20}, 0x1, 0x0, 0x0, 0x41}, 0x40080)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r2, @ANYRES8=r0], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x0)
write$auto(r1, &(0x7f0000000000)='-\x00', 0xfdef)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
r3 = io_uring_setup$auto(0x1d48, &(0x7f0000000340)={0x7fffffff, 0x10, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [0x2], {0x6, 0x100088, 0x1, 0x80000000, 0x100, 0x83, 0x101, 0x6, 0x8000000000000001}, {0x100, 0x1, 0x10000052, 0x94c2, 0x11, 0x101, 0x876c5, 0xc9, 0x3}})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000180)={0x34, r5, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0xd0}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x85}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0xe96b}]}, 0x34}}, 0x4000)
timer_create$auto(0x0, 0x0, 0x0)
r6 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r6, 0x0, 0x0)
mmap$auto(0x6, 0x4, 0x4000000000dd, 0x40eb1, r6, 0x300000000000)
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000020c0), 0xffffffffffffffff)
ioctl$auto_EVIOCSKEYCODE_V2(r3, 0x40284504, &(0x7f0000000000)={0x3, 0x81, 0x94b, 0x4, "d255d81b4a77afade4f30b242fd88458acc7311a3a8af4a051b56bf5a72e547f"})
sendmsg$auto_ETHTOOL_MSG_MM_GET(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, r8, 0x301, 0x70bd28, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x44808}, 0x2004c894)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)

2m14.166322045s ago: executing program 33 (id=860):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/ram8/queue/discard_max_bytes\x00', 0x80000, 0x0)
read$auto(r0, 0x0, 0x20)
mmap$auto(0x0, 0x2000b, 0x8, 0x40000000000eb1, r0, 0x8000)
socket(0x2, 0x2, 0x0)
mknod$auto(&(0x7f0000000180)=':,\x00', 0x7, 0x8)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
mount$auto(0x0, &(0x7f0000000100)=':,\x00', &(0x7f0000000580)='nfsd\x00\xee\x1a\x8fg\x1b\x04\xad>\x96\xe9IG\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\t\xf8p\xc6\x00\x00\x00\x00\xb9\xac\xde\x0e\x90\x18\xf1\x13I\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd\x14\x81\xbe\xab\xed\xd5MI\x830_\xc2\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xees\xf0\xc2\xad\xae\x99\xeb\xc5\xf0\"\x92\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9\xe8\xb2\x05\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14\x94o\x1b[\xa8]\x9b\x03\x95\xc3\xad\xad\x1d#oi|\x04\x93N\xfa\x17\xf3b\xf6E*\xc9\xdd.q\xdbAX\xf6\xfaD\xcdz\xbc~\xf30LE\xb5\x18Wf\xd3\x9b\\\x1c\xbb^\xfb9\xe5\x1b:\xa4\xdd\x81\x91\\\xbc\x1fUl\xfa)\xbf\x9dPV\xae\xa9\x9c)\x01|\xfe\xd0!Rx\a\xc4\xb1$\x8eE\xc2j\x83sLS\xa8H\xf6\xf2,R\x90:\x8fx\xab\x90\xfe$h\x80!\xe2\nY#\xee\x1b}O=\x8bn\xd7zZ\x18\xa7\x9e~\x94k\x8e\xdba\xf2\xc3G\x8egR3\x1d\x01J\x87\x14(}\f\xb1}%N|z,\xbe\x1fB\xd3\xeb\xec\x83X\x8f\x97\x95\xfd\xed\xe6wt\x1d\xb3\xa8\xfb)L~}\x9f\xbf\xd0\xc9\x9d\x82-C\xc3Ez@\x8c\xbf\xa2 \x88\\\r6M\x83', 0x4, 0x0)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', 0x0, 0x7, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x40, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000002dc0), 0xffffffffffffffff)
sendmsg$auto_OVS_METER_CMD_DEL(r2, &(0x7f0000002ec0)={0x0, 0x0, &(0x7f0000002e80)={&(0x7f00000001c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010003bd7000fb3630dd97c75ef51e9bdbdf250300efff03000978034923940202c5ff7c4f933e8ee03a64bc3dd588effd37e0322f58bce6100000b823d15a9a441f040fff4c62b1f1"], 0x2c}, 0x1, 0x0, 0x0, 0x4004894}, 0x0)
connect$auto(r1, &(0x7f0000000080)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xe}}, 0x40)
r4 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x4, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x801, 0x0)
r5 = socketpair$auto(0x7, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x1004, 0x1d2d, 0x3, 0xffff, 0x15f4da0e, 0x6, 0x9, 0xfffffffffffffffd, 0x8, 0x4, 0xfca, 0x9, 0xfffffffffffffffe, 0x4000000000000d]}, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
socket(0x1d, 0xa, 0x5)
ioctl$auto(r5, 0x4b41, r4)
mmap$auto(0x20410, 0x202000a, 0x401, 0xeb1, 0xfffffffffffffffa, 0x8002)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x7f, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0xfffffffe, 0x1, 0x8000000000000000, 0x0)
inotify_init1$auto(0x3000000000000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000900)='/proc/sys/kernel/pid_max\x00', 0x0, 0x0)

1m45.018160705s ago: executing program 1 (id=990):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x40, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB, @ANYRESOCT=r0, @ANYBLOB="1b0026bd70941214f9274fcdb10000000000000002ff070004"], 0x30}}, 0x4c880)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="db002cbd7000fbdbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20008810)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' '], 0x1ac}}, 0x40000)
sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0x5}, 0x7, 0x0)

1m44.433526122s ago: executing program 1 (id=992):
mmap$auto(0x0, 0x2020009, 0x3, 0x4000000000000eb1, 0xffffffffffffffff, 0x8000) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0x4000000000000eb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x80, 0x6, 0xeb1, 0x401, 0xffffffffffff7fff)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000400)='/proc/sys/net/ipv4/tcp_available_congestion_control\x00', 0x0, 0x0) (async)
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000400)='/proc/sys/net/ipv4/tcp_available_congestion_control\x00', 0x0, 0x0)
bpf$auto(0x0, 0x0, 0x4f4)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/class/devcoredump/disabled\x00', 0xe3102, 0x0)
sendfile$auto(r0, r1, 0x0, 0x1) (async)
sendfile$auto(r0, r1, 0x0, 0x1)
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) (async)
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0xffffffffffffffff, 0x0, 0x1, 0x0)
r3 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/pagemap\x00', 0x201, 0x0)
ioctl$auto_PAGEMAP_SCAN(r3, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0xffffffffffffaee1, 0xfffffffffffffffe, 0x2, 0x7, 0xbfb, 0x79, 0x30, 0x3, 0x2}) (async)
ioctl$auto_PAGEMAP_SCAN(r3, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0xffffffffffffaee1, 0xfffffffffffffffe, 0x2, 0x7, 0xbfb, 0x79, 0x30, 0x3, 0x2})
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x60042, 0x0)
io_uring_setup$auto(0x6, 0x0)
openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000040)='/proc/kmsg\x00', 0x80900, 0x0)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self/net/rt_cache\x00', 0x2000, 0x0)
select$auto(0x10, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x4, 0xd3e, 0x1, 0x948b, 0x3, 0x800295f4da0a, 0x400, 0x3, 0x462, 0x80000001, 0x50a7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) (async)
select$auto(0x10, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x4, 0xd3e, 0x1, 0x948b, 0x3, 0x800295f4da0a, 0x400, 0x3, 0x462, 0x80000001, 0x50a7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7f, 0xd, 0x1, 0x948f, 0x1005, 0x206, 0x7, 0xfffffffffffffff6, 0x6, 0x9, 0x79d, 0x6, 0x100000000000000, 0xfffffffffffffffe, 0xf]}, 0x0)
capget$auto(0x0, 0xfffffffffffffffe)
capset$auto(0x0, &(0x7f0000000180)={0x1, 0x7, 0x6})
r4 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000080), 0x200000, 0x0)
setsockopt$auto_SO_SELECT_ERR_QUEUE(r4, 0xf, 0x2d, &(0x7f0000000200)='::,+\x00', 0x101) (async)
setsockopt$auto_SO_SELECT_ERR_QUEUE(r4, 0xf, 0x2d, &(0x7f0000000200)='::,+\x00', 0x101)
r5 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/usb/usbmon/33u\x00', 0x20202, 0x0)
pread64$auto(r5, 0x0, 0x10001, 0x4000200000f)
close_range$auto(0x2, 0xa, 0x0)
kexec_load$auto(0xa9d, 0xffffffff7fffffff, &(0x7f0000000340)={@buf=&(0x7f0000000240)="04f354fd18a72c6c12050946e733d8c887968e288257204f9d8e6edec08568dbcaa8d7bdb4", 0x0, 0x8}, 0x4)
r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/pts/ptmx\x00', 0xa0540, 0x0)
ioctl$auto(r6, 0x80045430, 0x38)
close_range$auto(0x0, 0xffffffffffffffff, 0x2) (async)
close_range$auto(0x0, 0xffffffffffffffff, 0x2)
epoll_create$auto(0x12b8) (async)
epoll_create$auto(0x12b8)

1m43.068909869s ago: executing program 1 (id=996):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0xc, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000)
write$auto(0x3, 0x0, 0x1000)
syz_genetlink_get_family_id$auto_vdpa(0x0, r1)
sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x24000000}, 0x400c080)
r2 = userfaultfd$auto(0xff)
r3 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000080), r0)
sendmsg$auto_L2TP_CMD_NOOP(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000ec0)={0x1058, r3, 0x300, 0x70bd28, 0x25dfdbfd, {}, [@L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x7}, @L2TP_ATTR_L2SPEC_TYPE={0x5, 0x5, 0x8}, @L2TP_ATTR_NONE={0x1004, 0x0, "cc84c76750ef815b3b682d4409913b7a4fda48ba3a3a15ef65e99cc74e296798c3e2ea138bb867c086fa7ee249bff23069f9141575d7b180e5fe73321f1dd90ee3dabfa38249ad989100093bfa1686600699d196b81f59bfebdc6e61e357d9cc239077420bfde1633c0af369e30d4bb53b0dcc69d451d84320d88f6a4b30e6b90f88658771855bc16cae0b98cf91e9e3a717f751dba6384addf6fc72a97bf935dc62c137cdfc3a614b3618e094d8831b7c95b10003bd4ac35fceef0c7df6eced4a0e8569d279ab691b302ba10d49a3169f5d6325073fbc5424d3911b60ab8b2b6a44ed656b0f87c6af7287d81f8c10196875add2bf69c5225551105ae2f33297d6b30406bffb95f2d73cdf2c4c2859ae77abd59dc52461ed62cdfe4008a4888173dd75a0a54b2e7b00e2a917fbb8b5f71b737bb9d7865828841d85de6b5c7f197bd7a85727de993e715d527ca722ac74b58177f4f98cb6748b8f8556d7a841b5189868287623a1e056e933b05ff41bcdf7450ffdcc3221cb19b0a62438034e4bb9ffd28ec27c84e38ab64677732904afd23f4f869c825c5a04eb570e4f4e70a75294cf88344ea5e4a974d098b2c868ffd8f9fe8a4a12f3fb97aa4db0667496f1b33c20676d118fdf25240b5490c027c18494fd06c874863675c39be50448f43dff87da2c96f519064a1be7ef785bda9561c9c7d7c70dd99b831328effb0b98b00e2f06e7ea0c3b12a35c70130dcd866ab01ab813dc1be23c11fdf2eb3b33cdf82e618cfb314ad57234525b68dcf5c5daf736293c38585822af9105da80c5e73524b693f8d5c320e78a7fb1268271bb4d3c3a7670ac918eb84c49805310744879f97de9c8e37be7f1dcb8d48ee71323908f6153a3638c1206c9f2b182dac78cdeafe1589ab633f2a7c69892f0e32b33b845cd14486673fc69e1fde866954d37e88992e3d2d04a1aee5a0e265125d5ae7740242a87a78e0e91c117d6b3f08b948b90503b0a882c762f058b1331beb229d1fe80a5f4b84654b0b8b48f568477793649e91c6f8c2435f2e4815c6a77ed2c9b55f6d9b5d3ce40f6fc468e906a7291b7f7230195d3026f24d19bf3bdc77e271445bf2f09a535cf9be09369ee09f9bbd07936838b8c8884fe6d3d9e0035df496d559186933bed9ffa45c66ebb136721301ee49b954bc01e0795366a256791df4faad28952629ae575399ad99319b50992004140356c428465f42c76cd7c6a22bf24ce1baeec44684abedaf8dd336f94976d0501f9ee910712e8730aac3b90bea8522a9b2f210f5b77c54c77fe4c6344af90ee253c2600b16ec7337a908841c2ed6a0186dc5e86bea57de064fefa678bc710a94ca1aa486e657af4c736a80b598bd19f4e083da9f890dfacaf4c340dfee3d1d10f67713d29de66fe2c027f89264c769970b8f1e87e3add3c8fabb9e8947e30247f0d0478b3e96bccdf4058d3716ab0f6ad4ca8c6fd06cf1e4b5a315d70db5166269d1a3415f4bfece8faae31bb3f64763d4cff13bef9c10922a348291c49f42fbe1d8955f4ea162cb5e717eefd82fae6bb63a2245ba21bbd256531ff41ed7eb0ba735e9dac89d2a9aee6619f1fbaadb9541d504f7f9662e717b20049635021b0ca4cf9c2b79d9d1a43d4d3f84a8ccd97413a5147b4b6a4ed4d8b7222c5e35fe62370f341f7e6f67672f97008b080e9065fd2cdb4b8feb748878b04d1babb6b53ca6a5846789b5e526e4b111ef71b28634db02dbc4f38572b77a2fd35ea096c293a043b3051be28729d937768c544b0e61975db6ea70bdc4f65c150b771afde5a6b41030cd7d948048db580685fd5a35bac279b130974004280cfcced5e02baec0136791ef50391e250090d5b2f6f5bf75bdfe36ee4cda94e426d712868042981e5c9713505a37b1d749a9074c4723fcde591ebc94cf131a4bd2059a8a6f4a5fb7c8f6512492d3d0f7bece4581487adadb95fa82e388d1d3c97b7e01c6f98f13144e1a5d54dedd301e84c914ab6b8e2a844063a99bdfd630cd5563cf4296970692c8cfa704e49ed0e13b41c527170b6e938850ad9b73080cf0a8cae7a9ab1c1293ccb145219ad2a2d1603f62791df8a8601b6afc0913776562fa1bba6b565202a5d3c4135cf37ab62d8b232bcde3c3308595b1497a7170b9f70e9f6bb175532d62240758ddc6e3f56dfed0312a5dbb16437cac7c2b155b9ad03881c0b2f6f7ff0fc56700a788469c87828db25792fa109f43ee071aed5b0412e84160b3e00406a5fcc1c0c4d4accd551c2f69874de9d9a3ad7b2ef6fe3df0ac92d8225f3f596bfdbea0a9fb3b8bd11e516f3cb1257eb534824556218184c8969ac4a553466edd34bd493be23f87a053646e99b5bd40f2f7d44f463cf0ff6f6a53076ad93abe7a1c5cd5c2e83d32a19f3ed443977234f2ccccfb156126a07127444b45d40ef20705c9723b7638ada2eb66b2bce34476a16478d1a93e87c9542df164d5977b29055d2fb79665d2e51b92b029a053283fc6264af84f5ec7325f9ed4bd4f8a03e2257784d9d0b7d9e8d7d99e1f2a73c005c91a8f0f42e8c94b7c6e2e4bfbece102e7bcf8f113f5e10a728f915a7132657d3cda02913bf43d0b0e06a765ec52ee659dc0e306e312fd7484dd5a5ecdc4fefe65ae03a3bc318299a3196a27a6747533809db3de389c9b8e76dbf4995e1fa965043e677fd1413b3fa3ee1b20352cdcd43ec89c1434b66aafb9c93760779c4905e49b22e43778bcc47bd72a86e51a08456f4f8ee79f9064a2d6a9035a53b20d378cd32b197a81fb578e73a4d95eb2e1c1eccbc31e2fb83507982ff599dc9e4ed9ddacf05c65c4580c772e696879b672678aff7ec626881bc7e7d8f706103115a5bd45b0c943764c13a271068f7c46ea3ec29ef5f1fd33fd98239ad0a9e466856275bdc8326553bfe6d980a485b8c58fd2a995cbc420edcb7c1cdcad80b509d599730327e4fa276d466d7cab5bb5c7947813009e15ee3f7ef3288939d323c0262eeb33822c815493b77b937cc61033282c5099a56c8173258807a1f99b41f42f8b76fd3a20095df8365ebf5dc55c55179874c9a578276987c7c7367bcd87d826fd6382a6a32f22116ec2920aa81457905fbbd15cf3b90c257a1997f6940e32f3e1f90ccabdee8dde655f698135a9930b79254b73d504b61ddc65dfe2e18a7421a7067f01294fa14d0dae22e49aed130d2c1e8ae63c3e954bf86fdb8cf31e2707655f6f3ec50327877b323ae051ef4aff9fb20a2b83b170b8eda2e1455a26ee7bed0b9f9a1b5323d46ecf77d6267df3689c784f3003b8ae0162c2303351690d3c314712677502b8b72f9a1e4173183032dae6a2babe4add1c88e92da65bbeee076aae6e08ed74b571de820d46795d27b25ba6700d62e46b3d7b9119a29739d048f136df98f8554abe91e625ede578330717486ffe5e25ea586ab5f009def7c1d24462776ae17c546485de6e9c5820663dc4ce569999c62c96964c1cf0d86d134605fdbf8509253ba5d88383bfad088366847facdaf35a8a0c55315402ef4553080fa79ccb55163ff5b1ba8100280e5758607f928335efba5106c6d5936c272628e1b7417f2db4fb59c7cf9a62620d267c66b4ee56ce5577ca5e2445954403ec828c72ed13a615bcd8376147ba940d18b068b8cebdb9d3983b6c8ec511a2c4cccd3639789b95c810aa78813ba8bd17db64c730b5d89e0d1e709ef8912451b43de5e020a77bfe3496f0cef9efad1292a92cd9f9945ff611624da56962b72aefd29a28097ea272c6a45216fc359f5b5cc9b2e2870293c9d620b6db7e93b6a2ef5dcc7a2a6054f8759320c5e7614bcfa69c39f555008d5910eb479d1f0831b028569518f840832afe59d41229b8e3011b953fa69fa32c068c5ab3bd7a7d1f0191381eed81b9dce44142b06b049f195f346ceb7cc94d04e2be9e07bce8364e87f03554cbe32645b257f1292398d17db7c3c775d4b314352829ea65635fc62e60a5010865637f9c355c23dd19c7b57b4ed71f65b7c7e6b2285c23893e17442935182ebfb6d7b9f80d6b2095d99f635ffec5c1f8ebc12fa4da2b04191a540e2ec6e41f40c4266f7aebb58499a2d9e8f313aca3dda7ea4c2b2d7eed7493a03f39d4010e96386993afa329e5c11d1d4f89251e487f026749726b10c80714573f870858990af9f4ee87a6728d4050e9b006dee31228a32cd52eafc5921c19e38dbcfabdadf6d8535dee020e82c9d9aa55818ee7daa24b8905b367962bc5652bdc501cd154867676389b71514afca9e368529734a85f575d8007f2ce99bd766b1e6e111116a15de4342e71472313e61b748e7efe2dfa13128cb00bdefe97653089a9eacb19dd7394482d6a63dfb2f8e70f6336f40b9578124e62e6cf68790e7dcaa4c091df1f0d44834bc86841d543cf177c379c708f2f596affd7b7cc276caf22df8724eea3a02d304d59c584dbe8b4b6703bed5085f5a27d3dd0537fe2cde87f2d07003f2040850de230da4724d5eb5ad346ecb1774f07175d834b55525fd22ee24df1eb8eb87b02df3a8bcb40985fffecaed3bd603bbfdd7c84c4e32c38e21e11bb0cd8f2495a98d35336b65105f990905fa3ea77f07cb353ff745c28333c5180616171f2abba3b787a0be842b19acb27bce694370d7919f2719218166b3d9a1b41e4f12279b7a2787d95ff5f94d7a6de04ad5b0c066e718d3f6c8eb022ee5d34a6c59346f263a5a7ae55b310c12e139ac5700ab06d16b05ea9b5278d2d760611047f02e92721ef22a4298fc38d9d8729e92d8d4be84a59760a666ffecd7a1d9f6c7cf13c72559f2d57c8d0efb03e1cda935e9ac366c4526877443af82baed327154ce5c5f9653eb28a042099aa8363bdf41665e6f83737364e5463853c2a149feb659c685f08ff24c8a3d13ee1c3322db81ffac75fd82fed0a3e94d594968eb6c0ce2481869b3ab922096e960611e521ce6eea70ec9575c64230ab59f1453364a16e3a12e1841c668de545694572c586aea9d07469f52ca68942130c99e121c38055e18e3bfc00c0650ed269002b4468fe641da44f5ed6424e1fa209431294a19bb294235f544c739bc236585a887fec1c8167dedff8170d4dda1b284c9d8e307c1a067126a5b231aff4b1c16095d8ad45acde6a36a729d1f14dd6f63e9c0b983affceeb301c78dabd2d7a461a42088c8d9a77045f0f059afc5650462049e807a5ad2c1e57aee1cccc56f723df3b121a2b20d25dd837c81571e28d3f077528245fd325633b8b730f9e8039a74453965c3c5bf4cbc1b9f8c6dc84cb3dde0492b942a6b3aaf4902579a28f1a7d8a5b16ba9421441a2403c91b0ca1fc2c8e854eec21fd8f3af5fa87b690896581455c187a4152d5791a08e1afa1e337953b746513789a3898ff6cc457225482ab5c99cdd0a74db61d4e09688585583b1b5b2e4cff75c75656fee82239790460b802d3b2e445762a849002b84bf7e7fa7994ac18d15d8e8413890b608119261cdcc307c53b27004103fa409823d3c81b1d0f0aa11a8246df5821d91fa777e0ad6bddd57a103585fbd549a1a9a8474bedad347786af5210d16977f4b6a3e0bf77117443e4ad77b05d9925080d9b71f3e424a9e54c16992e09f98fb76a7c4f01b61adc9e9f0141dd2f1dad84f17d660e8f072151f302d92d98771150d7508fbd648b7bfaef3617ed6a2a6f46f8accded77362c6d823c0789e73d7f52c6531f3d4b96bfe24332f287d477623d30c61b041e91bb69fc03efedcb2472192daa43731219586d922d237361886"}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, 0x3}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, 0x3}, @L2TP_ATTR_UDP_CSUM={0x5, 0xd, 0xfe}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, 0xfffffe01}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, 0x8}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x81}]}, 0x1058}, 0x1, 0x0, 0x0, 0x40}, 0x90)
write$auto(0x3, 0x0, 0xfffffdef)
connect$auto(0x3, 0x0, 0x55)
r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_MODULE_FW_FLASH_ACT(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000e80)={0x2c, r4, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@ETHTOOL_A_MODULE_FW_FLASH_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}]}, 0x2c}}, 0x400c080)

1m42.698591693s ago: executing program 1 (id=997):
mmap$auto(0x0, 0x400006, 0xdf, 0x9b72, 0x2, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket(0x2, 0x80000, 0x0)
openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/netdevsim/netdevsim2/hwstats/l3/enable_ifindex\x00', 0x81242, 0x0)
lseek$auto(0x3, 0x0, 0x1)
mmap$auto(0x0, 0xfff, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090)
ioctl$auto_VHOST_SET_BACKEND_FEATURES(0xffffffffffffffff, 0x4008af25, 0x0)
r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x801, 0x0)
read$auto(r1, 0x0, 0x7)
ioctl$auto(0x4000000000000c8, 0x400454cc, 0x6f)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40)
execve$auto(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000080))
fsconfig$auto_JFFS2_COMPR_MODE_NONE(r0, 0xffff, &(0x7f00000000c0)='{/]-)\x00', &(0x7f00000004c0)="5ad332898d1f35c9956c7f71913d034085bf8ddae004264af84b3a48c0fa4c31d10a7072891c24ced7bafa45466a8e245a86f0edd23b3c1d99fb63f11fd88ab636481faa1a14f60864cea392f38e56d04512b4673f99fac78cdf0b902e04170ff1fd32564798bcbeb64a1d5a7ab4d92e10e9241d7a055adeb1619d3feb81ea73b62ff35784145fa63a46e568660467bf4f12d2de6b625c7232b083667e6b36bb57d5e409db6586cbaebeb8906479ba541d34dbd58f4cd5663db5363fcfa237b7e66a4afc4bc9874ebef06ebb3c7eae493d51bad3688230cf4c3b4e236427", 0x0)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x9}, 0x5)
mincore$auto(0x1ff, 0x2, 0x0)
r3 = openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000bc0)='/sys/kernel/tracing/dynamic_events\x00', 0x1, 0x0)
write$auto_dynamic_events_ops_trace_dynevent(r3, 0x0, 0x0)
r4 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
r5 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0xc0842, 0x95)
sendfile$auto(r5, r5, 0x0, 0x1)
sendmmsg$auto(r4, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x5, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
sendmsg$auto_OVS_DP_CMD_DEL(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="0063415d34abf34c0def0802dbe62d7ae9a3", @ANYBLOB="51c283190e62ec200c9ada71043ed22cb39519312657b4623cb6aa5e30e4d4e64ac132ff792469c238d5b13d4e35641a8da7bc00cb23e38727a1efa3970af62e9c15a006a84f2907f4557a90192628d93f4b53683a53f5e5eab2438755a293b6d6c5db0fb5dfe9b52c374bfdae5ad065345b22b5ab7207c42ff8a15592965a38ba0c4128e2c9834360f6c78ff6e6da343ae114dad551f54eb120b9b29deddd4ee2ea697df2e1", @ANYBLOB="000126bd7000fcdbdf2502000000"], 0x14}}, 0x4008010)
io_uring_setup$auto(0x2, 0x0)
close_range$auto(0x2, 0x8, 0x0)

1m42.016684761s ago: executing program 1 (id=1000):
socket(0x5, 0x1, 0x0)
mmap$auto(0x0, 0x202000a, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
socketpair$auto(0x6, 0x8000, 0x3, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
socket(0x2d, 0x2, 0x0)
ioctl$auto(0x3, 0x89e0, 0x91)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
ioctl$auto(0x3, 0x89e0, 0x91)
r0 = socket(0x1d, 0x2, 0x6)
r1 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
bind$auto(r0, &(0x7f0000000040)=@can={0x1d, r2, 0xfd}, 0x6a)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x21}}, 0x40)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff)
r4 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f00000001c0), 0xc80, 0x0)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r4, 0xc0285700, &(0x7f0000000200)={0x0, "3c37e6a2a8e7e7fffcabee9e16bdfa21c8ce28c36cda1b543f14cba13c6d57e1", @inferred=r3})
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
mount$auto(0x0, 0x0, &(0x7f0000000580)='nfsd\x00\xee\x1a\x8fg\x1b\x04\xad>\x96\xe9IG\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\t\xf8p\xc6\x00\x00\x00\x00\xb9\xac\xde\x0e\x90\x18\xf1\x13I\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd\x14\x81\xbe\xab\xed\xd5MI\x830_\xc2\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xees\xf0\xc2\xad\xae\x99\xeb\xc5\xf0\"\x92\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9\xe8\xb2\x05\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14\x94o\x1b[\xa8]\x9b\x03\x95\xc3\xad\xad\x1d#oi|\x04\x93N\xfa\x17\xf3b\xf6E*\xc9\xdd.q\xdbAX\xf6\xfaD\xcdz\xbc~\xf30LE\xb5\x18Wf\xd3\x9b\\\x1c\xbb^\xfb9\xe5\x1b:\xa4\xdd\x81\x91\\\xbc\x1fUl\xfa)\xbf\x9dPV\xae\xa9\x9c)\x01|\xfe\xd0!Rx\a\xc4\xb1$\x8eE\xc2j\x83sLS\xa8H\xf6\xf2,R\x90:\x8fx\xab\x90\xfe$h\x80!\xe2\nY#\xee\x1b}O=\x8bn\xd7zZ\x18\xa7\x9e~\x94k\x8e\xdba\xf2\xc3G\x8egR3\x1d\x01J\x87\x14(}\f\xb1}%N|z,\xbe\x1fB\xd3\xeb\xec\x83X\x8f\x97\x95\xfd\xed\xe6wt\x1d\xb3\xa8\xfb)L~}\x9f\xbf\xd0\xc9\x9d\x82-C\xc3Ez@\x8c\xbf\xa2 \x88\\\r6M\x83', 0x4, 0x0)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x7, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/mac80211_hwsim/hwsim1/net/wlan1/statistics/rx_crc_errors\x00', 0x0, 0x0)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x80a, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)

1m41.506132792s ago: executing program 1 (id=1003):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETFAMILY(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000780)={0x14, r1, 0x100, 0x70bd2f, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x24000000}, 0x8000)
syslog$auto(0x3, &(0x7f00000004c0)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1(\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2\x88#\tV\x1d.\xdc\x0f\f\xe7\x00\xa3Qk\xa7\x8e_\xf8\xb3\xf1\xa1\xa7\xc4\xd7Z\x87\xe2%\xebO\x80\xa0\x1e\xfb;U3}s\xfe=2\x00'/160, 0xffffffb9)
r2 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x0, 0x0)
read$auto_mon_fops_text_t_mon_text(r2, &(0x7f0000000040), 0x0)

1m34.326375444s ago: executing program 4 (id=1026):
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x4a0842, 0x0) (async)
r1 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder0\x00', 0x0, 0x0)
ioctl$auto_BINDER_WRITE_READ(r1, 0xc0306201, 0x0) (async)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) (async)
writev$auto(r0, 0x0, 0x3) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
socket(0x10, 0x2, 0x4) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_L2TP_CMD_SESSION_CREATE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010027bd7000fddbdf250500002708000900060000007503a9d3dd92ed58de0a404889d37091a9c12c22c8a872e59e8967c7eb01c51fdb58730c4742e68304a98c1f1fdcce120cc32b4b2ebbc166adf6a8fc2595381c0b856011d1cfc36767d1de90119d1aeed86be9f7d82fa676a9733efb6694e39dc9d43007803b6450a394b9470b3661ed9642f7ae7bc5cf0652453a5e5d6467cbd4d58dba5b363b0d78f081964e7cfc68c4c6568fd430f4a2f649d345"], 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x2000c854) (async)
r5 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0)
ioctl$auto_SNAPSHOT_ATOMIC_RESTORE(r5, 0x3304, 0x0) (async)
mmap$auto(0xfffffffffffffff9, 0x2000040009, 0xe2, 0x9b72, r2, 0x1)
socket(0x2, 0x3, 0x4)
r6 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
bpf$auto(0x7, &(0x7f0000000000)=@raw_tracepoint={0x4, r0}, 0x9)
newfstatat$auto(r6, 0x0, 0x0, 0xfffffffe) (async)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) (async)
set_mempolicy$auto(0x3, &(0x7f0000000000)=0x7, 0x9)
r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/mm/hugepages/hugepages-2048kB/nr_hugepages_mempolicy\x00', 0xa001, 0x0)
write$auto(r7, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) (async)
connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @local}, 0x55) (async)
r8 = socket(0x11, 0x80003, 0x300) (async)
r9 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/tty12\x00', 0x101440, 0x0) (async)
r10 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
ioctl$auto(r9, 0x4b67, r10) (async)
name_to_handle_at$auto(r10, &(0x7f00000000c0)='/\x00R\xa6\x00\xc8\xda\xdc\xb1\xb4#\xe4\xeb\xe1e/\x1b/\xb9L\xc6P\x82\xba\x90@\xb8\xb5\xb1\xe8\"\x88s\xdf\x15\xaa\x18\xa9\x86\xc7\x87g>8\xae\x99\xd4~\xc6\xa7\\\xcc\xfeV\x83\f\xdc\xdc~\x8e\xd5\x18\x13\x16\xc5\x93E\x10\xcb\x1c\x02\x00\xd2\xa4_\xa3\xdcS\xe2\xe2\xc6\x85p\xfa\xc3/G\x86\xea\x9f\xb0\x9a\xcc6\x1a\x06\x91\x9f\xcfC\xedU\x00f`\x02\x04\xef\xfe\x10\xec\x17\x83%K\x04\xd5s\x86\xe4\x9d\x15\f\x8c\xd9gj\xe5t\x82o7\xc05ul\xacU\xbf\xc0\xfe\xb4\xd7\t\xe0s]\xcd\xac\x87\xa5\xa6.t\xa9\xe8\xa6>\xf2\xd0\xb1\x83\x83\x91\a\xdc\xe9\xaa\x1dx\x06\xa77\xd6\xe1\xe9\x94\xb9Xi\xbbv_\x9a_bv%\xcb\xc7\xdd\xa3\xb4\tpr%\xdf\xc9\x06\xa2\xe7\xe1\xde\x16\xf7\x03x\xf8\v\v\x1a\xfcm\x87r\xc1\b\xca\x97\xb0\xeb\xd6F\x8f^\x94\xdf\x9ax\xf4\x03e[l\xa5', &(0x7f0000000200)={0x0, 0x6}, 0x0, 0x1001)
setsockopt$auto(r8, 0x107, 0x12, 0x0, 0x4) (async)
write$auto(0x3, 0x0, 0xfdef)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000)

1m32.766917308s ago: executing program 4 (id=1028):
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
unshare$auto(0x40000080)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000280)='/dev/nullb0\x00', 0x149e42, 0x0)
getsockopt$auto_SO_RCVTIMEO_NEW(r0, 0x2, 0x42, &(0x7f0000000300)='/dev/ppp\x00', &(0x7f0000000340)=0x6)
mmap$auto(0x0, 0x810002, 0xffb, 0x8000000008011, 0x3, 0x8000)
mmap$auto(0x2, 0x20009, 0x4000000000df, 0x694, 0x401, 0x8000)
socket(0xa, 0x5, 0x0)
r1 = socket(0xa, 0x2, 0x88)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
capset$auto(0x0, 0x0)
r2 = open(0x0, 0x22240, 0x154)
bpf$auto(0x0, &(0x7f0000000400)=@link_update={r2, @new_prog_fd=0x4, 0x4, @old_map_fd=0x3ff}, 0xa3)
bpf$auto(0x0, &(0x7f00000000c0)=@link_update={0xa, @new_map_fd=<r3=>r1, 0x100, @old_prog_fd=r1}, 0x10)
bpf$auto(0x2, &(0x7f00000001c0)=@bpf_attr_1={r3, 0xbb8, @value, 0x100000003}, 0xcd)
openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, 0x0, 0x300, 0x0)
r4 = socket(0xa, 0x80000, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000002c0)={'ip_vti0\x00', <r5=>0x0})
bpf$auto(0x0, &(0x7f0000001500)=@bpf_attr_5={@target_ifindex=r5, 0xffffffffffffffff, 0x9, 0x1, 0xffffffffffffffff, @relative_fd, 0x1}, 0x10)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x8002, 0x0)
r6 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000180), 0xc375111f31e0b3fc, 0x0)
ioctl$auto_PPPIOCSNPMODE(r6, 0x4008744b, 0x0)
readv$auto(0xffffffffffffffff, 0x0, 0x9)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1d, 0x3, 0xffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="050000007e2d5a90cf4e9e6a1f5e", @ANYRES16=0x0, @ANYBLOB="000200bd7000fedbdf250200000800130001"], 0x24}, 0x1, 0x0, 0x0, 0x4c894}, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="180027"], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)

1m31.73856617s ago: executing program 4 (id=1035):
r0 = syz_genetlink_get_family_id$auto_net_dm(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_NET_DM_CMD_STOP(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)={0xec, r0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@NET_DM_ATTR_HW_DROPS={0x4}, @NET_DM_ATTR_UNSPEC={0xcb, 0x0, "91af5753dc0ecbd7ddd30ca04d3edaf51822267506798b3675a53cd7e2b064ce17985c7d24128c3bd76313b176fc5fff23e74de45707c11625f48c87597dced41778a4acef9d2508d41cba3561c656567e33dfa5e35db21ab5f7221275d77e5b8084cfbeaf741f6bcab8a19af4131cd331a4ca29f57eec5e325a0c7ccb3ed964f76e3504c1136d515e3cb462e4e1784325db57371155dfcb7372b71ca2dffe931ed61a267bbb538ed5ceff442ff7c992b11a00e959ded4b6fce8839ae8268b6b507731c1bfcae4"}, @NET_DM_ATTR_QUEUE_LEN={0x8, 0xb, 0x664}]}, 0xec}, 0x1, 0x0, 0x0, 0x4000}, 0x24004085)
r1 = socket(0x1e, 0x5, 0x9)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000240), r1)
sendmsg$auto_NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x18, r2, 0x2, 0x70bd2b, 0x25dfdbfc, {}, [@NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sendmsg$auto_NL80211_CMD_GET_MPATH(r1, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x18, r2, 0x400, 0x70bd2a, 0x25dfdbfb, {}, [@NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0x18}}, 0x40)
fcntl$auto_F_NOTIFY(r1, 0x402, 0x7fff)
syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000440), r1)
r3 = prctl$auto_PR_SET_MM_ENV_START(0x1, 0xa, 0x0, 0x6, 0xb1b)
epoll_ctl$auto_EPOLL_CTL_MOD(r3, 0x3, r1, &(0x7f0000000480)={0x0, 0x5})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000004c0)={'syz_tun\x00', <r4=>0x0})
r5 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000540), r1)
r6 = gettid()
msgctl$auto_MSG_STAT(0xc, 0xb, &(0x7f0000000600)={{0x5, <r7=>0xffffffffffffffff, 0xee00, 0x7, 0x8001, 0x6}, &(0x7f0000000580)=0xff, &(0x7f00000005c0)=0x9, 0x8, 0x10, 0x8, 0x3, 0x9, 0x0, 0x1, 0x2, @inferred=0xffffffffffffffff, @raw=0xfffffff7})
sendmsg$auto_IPVS_CMD_GET_DEST(r3, &(0x7f0000001a40)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000001a00)={&(0x7f0000000680)={0x1364, r5, 0x8, 0x70bd28, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0x1342, 0x2, 0x0, 0x1, [@generic="2e848b7f22f06124ef3bab45ff14678c238aba281b6223e826218f561c423ce8efeb0b47aeadaeba2730719cc3790be15dabf61e49547753f1f48df9f9b2457c7b47670ae8e2338ba418e85543b053ecdf156b63e80ac19084bbee33652624ec4866d95f1755836b78b495de3051e48361c71ca424aa5d49c1ea3d9061677437a08e149ebe325aed671dbade4faf8f557d3773135f7e56fb919425db14cbbcb22e3a0f52af7bff6852d1eed9433c4e11f0e5d7d7c07f7873a18c4ae347dcc4c63a04cbb7e52951cacc2f12aed5fc9e9a7846d3e68270b8281c65748496651df6373fa37096f8d3a0af873512e387c49e", @nested={0x1156, 0x15, 0x0, 0x1, [@typed={0x8, 0x70, 0x0, 0x0, @u32=0x1}, @nested={0x4, 0x13}, @typed={0x8, 0xc9, 0x0, 0x0, @pid=r6}, @typed={0xf0, 0x86, 0x0, 0x0, @binary="650c231df03cd036cd98fe80a86c1fd9eb7a6277438efcee1712b12ebc0c36ccdabe888ca2dbba1fbd558a694371c2fa83d86152aeeed25434f77512d595c8af18270a96422a2a5cfb83670a165729965673066a7a49024e033de341d7153801362271e05ec275fdf6698c446e0918253fdd24ac0d250bfbff66174bec4be37e0ec15a1f9059f8877dd116e570a8ce69ff9d7f76b4f87f5a6b8ef56bf650bb6b7af82226446f56625d68dfb6b418752c2f94c21879eaf2152527e50bc1bde495ad6d755499e299f725a776055f0608bea604a17f4e64696f0b23d85e9d98e66677ce84607bf82096eea32366"}, @typed={0x8, 0x4b, 0x0, 0x0, @ipv4=@empty}, @generic="279dc346c151b9bfe5c4f8cb9017dc4aeb846b8bd2cc698bbee31f6f757e764725136465ce27ec1d9c9e3150ad6e5bbc1569cd8bb64347434810b385a694aa21a567b76ef12aba432003bcc1834483d64899a75abc360bb9a67a85536ace7c884b01ff642c8f7ec94aa4ed2ab949c4a54f0ac6230e1562dc0cd4f02d78caa8aafacb57113349f744663f766341ce4ff7c357394fe13e7be944eebb091a06172be9da10d81c6cb6fbfaa2942928aaa8d297b20176f4ffacdf95dbf216326f71bec3b99d2d45a7a4435f3638ba3dbd4de87e5b4e97d631aae80b7e4dc5de7e7b5f324e84c72b292fa90fef9043c7eab032a7e133367896bb0f35760ae882503ec863e6e21b99acf7928fccc353afba2189765cafa6cd85f016b33a72f9b363723577703fe2f17eeeb3fab016993c1748c89ee3474e7ae42b2ec352eb703e811f978fc65219d3a120627b5c035d24803e51a44363ffe992d5f6b6bf14061b70aa8ff9658ae32af203a3b82622f27344b9f7eac2448e601ba6917b7861fa618623822edcaca2dd2ed3b867761861ef724e800c4d7945e3877eeeba78150c2cf1e77701599a64793e39ff504f041233b15d8b31545459da6a70f3de3b7aaa622ae1cb437710c3ecf1f5156bd94afb2e58ae4ee370c7c33841a70b5bab22839ebccc0e439deba88f5daf7cfef0eff693487d18dfa9037c468594bd9f7ae5e0ff3264a955ce26a38ddaf424eeec2b225eaf7fd38b7c5fcd0dafd11e779a8e813844688effcaf69240c5ab978cb89a7901720977d6f7bea34b6089128c584eaf80a38f174dfe5f3f6f11d3ce5229658286ea7f91f514fae11a2ef04ab63813eadefe6e66ee67892450a352bbbbaf8ba41df8ba951465f15daf937ec286d7959770e98bdf0a4e2813b64d38422fadc90e68bd4239ebfb6863e525711bc81afbbef69a93f4e8c3bc6b709dcb9ef177399851afc72f11a9b4569a85f7e079d5a26fe0b039a88c31b881e95834ba98cc6634f326d031d50a9b1fd84fce01ea5c07c3c6d603a9193b81fa0c30850d4ad20e6452edb38f667cedcde70b46f46bb9fa09fcab7367f3ef811fe9fd818f6033a40e8ba804fc5b57441aa239b98900e1025d91cf6e438d29a9a575b2f23155af55cb3e852de6ea4d62ccc4ebadb616d97e78f87dd13cc65bbee9cd7a0a99011c9c159930d636f88034d7d62b2009455c11e7d3c5b3e377d82f948e11c07f17798bc2a5ff87e5c39e0e56aa41b906f52ea83f07902d32055347e2db9e4678739d71d2aeb9b129c3519da3f7e17bfb951a1e08908754d2ff3e153b040688ec77cc781f3e35ec37374cc2a5fd4594815e067d5509fb3fc1959b8cde499e29b0069bc715b39aa7246bd1bf189c90eab033f9c6c8ba16a8fe0d82ac794dac07367702bdf73514570ff6938164828a1e408560de3b553964b5e900e0670c200a964370cb2eba5a36a5bb47495b8a5af05fcbdade06386d7348736c1a300c984f25634adc31b63f1e51b354ece2e61cbd4edc7732f4880a937084d6f6f22a7367aca705d011c17695b0e6cad8056f6238a914e7fd9c47fed92c041f23c1b2ca4f0ef6717f709752983f5fd7a63c436030371aa5fac3070d8d86afb9314e1c55d845bf90a8a9b111080329c4f7924365b0d2d0c14df2763dd0fe2823910db4cbb0cd25fa9da5f310194ae6f9202f69f5503e248ab7561dad9bdb9fc070134850015031e9aa9b4dc391532686f93c72c760af889c3238fe3e7ab17394e47565d5d2195dfc082f85fd5094f976e6919ebfc7d05173c1b491c9083fd2b2fef1024d2910b7bff930ea1d69755e9d577bec0301846ce5dfacdef403c2d673c932b4be14892c310ed12c089f49520f8cf37fda9a39816a0da208b9e9378c354ff9126c2a0820ebdc85e23b9af9ec71a4ddfd7167d366a20ecdbc34dd88a067eac102f0f198ddb8f588444cfa35834939c6fb6b534feff9ce113f05962568097d1bee369285e77071394834f478d41186f539ca0bee1f3d08a026824ece5ee7aec40c4dfeb2ef6dd6e7224c74c87f5dfb6738d5d5f62a37e2706aa7f39123158eaf412a7467b8b04d5c56a5925f79ae171b540256f77ed928b22b7af597a66e69d5dbb93fd34dfa6ee1f1b0683e031038db57e1d168347b0599b7dacf4fd20fb2ea9726ab3e9cc993ffea7e013f8c9558fc3797cf87163415022b29dfff11eb7ca11915b4071f33fb924785186f93968c65c29e6e4883f3f9c9e8d506adcbfe88da9f8710123b3f6243b75fc8dfcb0d9ad18431acaf68ff2632be47f183facdd8b0fe0808aa4332d0c927f3da99d0e9c3741bf350bc72bbbe2ef6b8956ea29e7a465f4a90b79acc2a85515d574a7a54eb6338ac846ffd1a64f943dca5784eca03b168a176b3f4ef4fca16bc33349937ed1d2644f61399ec091ee5fc7879e8a31fad3287e3cb67a9a779c303e65268c951d10f71618f0cb373546ae42b4219aafc33702d4715872683d9c4347e1f5b9e00ac3a8b8c10949aece51fc1af9161941eeca708aff662d120f8aad024b648f33e1be0e765d0c95320b1ad8659a100fca8a14c38e70070c1d062c6bd7d06860b28ee6979c53ca4526cfad1c2368b03770bf23a95b8cc448c227fc738690023b190279966576186fcf3f30dc09f9b92caff9c1fad41636f622f105027bd50215148c4b4ff8c749023dfaebe2ab6b00d991c7833307c7ded818ceb379501e77d2f91f920fa831122a86f323e3a95e37fc94dfecf62b4a45ad99f4735ddd692e9f2a70122cf74dd5503bc0cfef445d39c83f8ef0e18ddd4cb8f754e6be032fbc221691b1886d7d3c436bae67f59294e5ce6e54007a2f648ff7eecbc895e5c0054a0a036fe7c1b665290c7aa5c1302dd060a630dfa393d7b7e6b820e31948a2eef5cfc56c17cfed92d44428b9f9e6147cbd6a28046544f1d8016b0765640e5d34f1718fda3a22f66da9973fbddbc542474efe003a7a84d123613345eaa3a003a9c3b5363d30bfdec484925d95996873c0fd59c274d45a5f42b19fcde720f002b31ebc63633ee34589885645b3a3027ce3c9df261da6807aba88bb52634d699494699ffdf17a278ff70e74a75c03e42cde606093181310cbf5084ec2792071a61f1199bd12f7c121da3810c5d8e2761d05fc2a3a60a2a7ab80f26cce3ffd98d16bd60f714e35fd4508f8abe6b06004ed5993c68c965a93d72a0efbb0c44d6a3a3a247491eec8b11f362647830992fd7aaca585108d7752f0f55a25ade6790479c14f3288a52f14cd767888a680baa0d72d10e0a2edea5476683d4be058e85f1ca111ca8b2f1a7e45bd0f46b1b5a8283fe7e4c4b892aebb8b68d5e7338305cdbb0c2759c1b8f33b9e1ad22f8541f59cb61cebb28fa6b830260be6942d0aa7e4cd02f4ef17c0fb2156f484ccaaa64cbb00028d98d136e1befa51968e72b18b736adda648b5bdb9fa5abfe148586e96a629dc1528c3a74d06fbd8b936711ad2a3e657e762da298d89392bc4478fae732a3ac2bf0b6ba7f71df827fd3925c854b778222a88757a5969f0adbeed48a0eb58a9bb0dad92b455fdcc2d11c75f50008e7cc042b3688c3e9bb5f1a0f22fa46daba236cf0461981a0306ccd02abad0d6fc1c19d725974d84b52851312ae59d2ac64e41f0de336a22fc51867dcd6f5483ea5d0943b2922b5b6790c9d3ebb3d5fb8d44db0f75daf54e7f0e3dabdb0f57ab782d79e1e82490546520b465408d04b3339e2ba26829654cdae384d303129e8aa87babecb12ea776a5c2fa501f4e26e0cc618a7d2ce37d15ed09586f8c321eb499f001840d731b69d81c93f8d64c5e76ddbab9cbb68330428b2dbbe327230c0e9a4ffd915b5604672bdb707b16dc0a835674e3a1b9e7be73eccbfacb922ea09e85dd498f126eaa8b3ca7807e42ecc8cac1ab320150961c0ac42479690150961a8ffd134afb9f0cdbe5f4ca91c92363343d5ced30d5db7bad0a90ce40636b402603bab3c07c2769693bdd4edd95f39d46e4020834118639e520361abdff6ae3260c221451722c695767f54a22548ddf597143f0cfc048fccf22819fb594aff13035b7794fa15493b66db534852ed4a2451624d2ff02659be3556a8ada1326f6093cf4ed5e2b0d487a1a516c0d7983dd3f61d59c9c8faf190bed1e003640683675fd6d7354f84bfdeb5baa189f1141ea36e481d4c63c9011c6e540e28b2c69421c31d9e2039d6f866be0a60feb68792898c4b73bb011021e348d37b204982173ff505969c2b98ad2dfcad140b766387b6bae886ae250495059859e4e0ef0f4684c359f418ac70e5016557405c1c17fe73c445c023c1e92ec13c7bebdf112e3f6172a8544500b0f5904e6265505c011ee6a60d669cf2c241e875163da87f36e5854cf162c80b98befa3e5ddf50806a0463bcfb73fb1e42672671385071181a49e5dd64186b4385c879875243281e5490dace26c867db1496e96cd2a955f3fffbb9e51300c08964fea511bb69ba5cfa051cc477ee5cb91952034db90cf296cde07b79c6b294f3ebafa709cb6e1ebea1663b3bac87ce92ffd9a7cf99945e3ae78fd52645e63cceaccf476e799b63318211c75ba5d8c4a2d02bc614f6579030e0703d11460a3ecdec878b4077787c152bf023050dad696b626a0bfe92330dcf974ed055ba00c78556ba328662987144b4f7b3606ff6af80df750db4411673cf4cd8e718c41ed6d92130a17ef4839d4cd2d675c8c1e36fe37b98335d0e0f1e73460a06447aa557c3dd6af5b2ed1d21d64bc3929fff1177d26c596a3c85f36f6589ccac638d3022b50f102585bee26d034f4e8cbaac3726c8fb40982293374a5fd256f1157a63d02a51aa2aa741bf83b52dd46afa069741d9ed0351a9726649b00a2c65dfe5bd057e7faec983a15c313b74c2778fb9d3ae9982b7a2d022c7c769beb56997b24182e4db3b3f8322e1e64c840be1377475d662286b059e17273c95a1e2a596aa7abb747758cd6b2bb72f286db4665a6a10d339be7c455c207bdd83989350fadc42fced2b411fc59f1c2522ed3bbc187307649187732987958a4b38d9d5bad1fe903086784533171540cdfb62d565338c7f20e6fa047874f914cc1f6411cc7b5f5e0e0791a995e1721a8582fafdc5eecb29cb5c58e2034e97ce0d311dd086ec9417bde8b76ebec17de20f8764fd90f224b1f10ce3d04da1719ef39b43b0c1340ef138d7be8b8ffb88e4934b7db9fcfe7b1656926b3a2041e5e93eb99bb2205b5dcfa2da97e741ae88c3e6b3b56ee96052e1db48e5a52001d313744c845aa0dca825173461fc3ff5134be51bf99883905f1a1c967bc5a7112c78d5e6483ef1f43834fe3b61ce7cc007d183369bbda71c850633d4c77aa587781e4efc09e92e2d0cff03bee8658511cb3f397eead4cffc82abd5fcc6d211b95afe560cb1c36202ffafd61061cfe2a222f8bbce49a0315faac33200b13e5a2a6fa570ad6b9fe7ab3dcb4c0c6d8645f0ed762af8108816da28c8c971719ca827147fe91dd0cb527fef92ae21178b6865e70913c129d130f6e243989c5ec52300d8f1b15c5f4c165410fa8a123d844e41240eebc572b87983187ed4b46ff2e89d0aa657da5583fe77a4d3da33fd60ed0e5f07bf8a7c2d51206dd5a10f330124c7a2f828707f61d176907597eb580b2adee44117c39b10144c13cfee1274f91ed22c5dabb772eaadfdf32f446e40a66de9d1b02d02bbb238f78b790deb3eb378ef2650828d63009d8dda8b84b38390fd47e3a959c2bf8179e701bb", @typed={0x8, 0x10e, 0x0, 0x0, @ipv4=@multicast1}, @generic="0490b0370656339b414bdb1892fad677d612fe7c666df9ca5e8e5cb1ee37dbda6537aa587eaa85e19fcede62d1f951bc10040a88b3e3656bcafac28c6082"]}, @typed={0x8, 0x123, 0x0, 0x0, @ipv4=@loopback}, @typed={0x8, 0x11b, 0x0, 0x0, @u32=0x5}, @typed={0x8, 0x79, 0x0, 0x0, @u32=0x3}, @typed={0x8, 0x118, 0x0, 0x0, @uid=0xee00}, @generic="52d71b72c9a06f30331500af84dc6c38dd5a0319e5382bbd597df2c3a1a9b27f8d6d1054f5278282", @generic="ad9c7dd8dc5a745d45233d4ba6ac9d03f4a6b6bfa828716fe9291449c1b0a960e752d20f69c8b4dc0e96c62d53a4d37f6201b20d0437fc4c61f06fb5d36a58a392d15a58f6dd1c5f5d220d18eff982b57f49f4bdafa290b7e3ca9d5b9a0b75df1883ac702893190986330b751174cdf92675ca4d94291a580bbde10e39ff24fd0522a32f9cd7c890ff0651bfcfed700ec4aea5a449e4975b5c049ff1217dc7c44bbd469a4653", @typed={0x8, 0x2a, 0x0, 0x0, @uid=r7}]}, @IPVS_CMD_ATTR_SERVICE={0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x8}]}, 0x1364}, 0x1, 0x0, 0x0, 0x2404c088}, 0x40)
sendmsg$auto_IPVS_CMD_FLUSH(r1, &(0x7f0000001e80)={&(0x7f0000001a80)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000001e40)={&(0x7f0000001ac0)={0x344, r5, 0x800, 0x70bd2a, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DEST={0x308, 0x2, 0x0, 0x1, [@generic="ccfcf25b58417801c1e9464578a6b79c414e9c7d3802de9b092fa259831df8e6fe91755ee6949206b9865ce0eb7370ad938407b279c4a41fb229636bfafac29eecac8fb529ac6b2dce732ac600eec210b1b943769e5ae13581589f4c8a654e6f217d77078601ef22b580852688d27c55c9cedbc54651ba800ff3e1aaadfcd933417f6f40a458273996d037ab75f8523ec3d8b7758d47c7c18428785e1a72e1588f766071191e3987fc2e2292bec01a4bb2926ff5ea10ec35a728c2ba796a99f0b67969ec94edc3ea74e8815cd2231fff4fefcc90ef3355e8bd97a8c968e8473e6b4fc7e7917668c920", @generic="3b99359bf99ca227c053e8c83f00bd35cf89469b5bc984d7438ba7549b1bd01a6023f49f41c3da0ebab663851ab0e3c8fbf8efab5af0f02d351ccd7bf6a33a18399ba0a45626248f686dc89d7ccafb29da11e83bfb27ad220a8581852dec298869001d65ce8883574628b2bcec9d609bd4c59d", @typed={0x8, 0x106, 0x0, 0x0, @fd=r1}, @typed={0x7, 0xe, 0x0, 0x0, @str='#\\\x00'}, @nested={0x8e, 0xa5, 0x0, 0x1, [@typed={0x47, 0xab, 0x0, 0x0, @binary="081adf11bfad168f62a5a3696c1d207b64465abbf93d6f7d9cb48095d68e76e1102457a73ae0f41d80e40d16066f44e15b6c062c4cc5584270f952b39d09a78066baf5"}, @nested={0x4, 0x13f}, @nested={0x4, 0x106}, @nested={0x4, 0x5c}, @generic="bdcf53317c87642c168d4077d94d1da5067d0d5a3d48469ee39a07105d55c840652754814515d66983a4954bd012", @typed={0x8, 0x2b, 0x0, 0x0, @uid=r7}]}, @nested={0x108, 0xcb, 0x0, 0x1, [@nested={0x4, 0x84}, @typed={0x8, 0xc3, 0x0, 0x0, @ipv4=@remote}, @nested={0x4, 0x107}, @generic="fc598409bc21267fc7b7a6561c9febdbfbf1ff0e1a9af6097cd32d32aa50d59c8e6a2caa093662744900cec542e40984991e31ca2b90cb0324b4e944db25c20c69aae0b2b67b387145f57f8cd635165cb4feb48d7a207616a63b6e3a641d0ae71af2de349f47acbb06fd9b9733e884d4b51c79b9f9b8a21f62cb264692151f731bc8b93062760bac77679190ff0193db2f396324f592209c886da91bf2777cf33701cec50644b9e0c5e20b69f1f1f5db991a6abee2e9f7dded45fb954ee4ec290e7dbeb1c10fe413b7", @typed={0x8, 0xf7, 0x0, 0x0, @fd=r3}, @generic="e9abb65eba770daf6362804407e5bc0a0add9f", @nested={0x4, 0x8b}, @typed={0xa, 0xb2, 0x0, 0x0, @str='%}@,.\x00'}]}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x200}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xa38}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xaaa2}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8}]}, 0x344}, 0x1, 0x0, 0x0, 0x40}, 0x4005)
r8 = dup$auto(r3)
madvise$auto(0x80000000, 0x8, 0x7)
r9 = prctl$auto_PR_SET_VMA_ANON_NAME(0x8001, 0x0, r6, 0x5e, 0x1)
sendmsg$auto_NL80211_CMD_AUTHENTICATE(r9, &(0x7f0000001f80)={&(0x7f0000001ec0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001f40)={&(0x7f0000001f00)={0x18, r2, 0x1, 0x70bd2c, 0x25dfdbfc, {}, [@NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x8000}, 0x800)
r10 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000002000), r9)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000002040)={'geneve1\x00', <r11=>0x0})
sendmsg$auto_ETHTOOL_MSG_COALESCE_GET(r3, &(0x7f0000002280)={&(0x7f0000001fc0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000002240)={&(0x7f0000002080)={0x19c, r10, 0x800, 0x70bd2d, 0x25dfdbfb, {}, [@ETHTOOL_A_COALESCE_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @ETHTOOL_A_COALESCE_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}]}, @ETHTOOL_A_COALESCE_HEADER={0x4}, @ETHTOOL_A_COALESCE_HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x81}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bond\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1000}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}, @ETHTOOL_A_COALESCE_HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xc}]}, @ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}, @ETHTOOL_A_COALESCE_HEADER={0x78, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xb9a9}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x43}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x40}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xd5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vxcan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xff}]}, @ETHTOOL_A_COALESCE_HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x10000}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}]}, @ETHTOOL_A_COALESCE_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1000}]}]}, 0x19c}, 0x1, 0x0, 0x0, 0x4004090}, 0x4)
ioctl$auto_SIOCGIFHWADDR2(0xffffffffffffffff, 0x8927, &(0x7f00000022c0)="85887ce319ff71ac62a7d3ebaa3d723d7a45d1cce4a1b52ac4f089d7052094b12c8b6af522a4b31c6d73ed5c2c")
r12 = socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000002340), r12)
r14 = syz_clone(0x20200, &(0x7f0000002380)="647f87f816b465c1d4c3117e75306ba5c32ed5c2f82a050123d1e57ce591bfebc5a276754054286392411a7cfd749ba6f6e8c41eef7a62a3136c79e36501f9f881c3d82db472b48892e78fe39b41b1753a018a1da59797760632ac5a03c4f554151b440651b108bd9bd4b36fd5797037cca0", 0x72, &(0x7f0000002400), &(0x7f0000002440), &(0x7f0000002480)="3c8e41a8720122cee075ed6c8d6ed282454be869f0aa54ef0fe0cd7899966698d3985c92db7a4d7ddaac99ede31a8572d4da96062cdc58ff3c898429e0aeeb287635f0bc0cc7018b29011c07b8ad07a4c06f2a200977871254a0d1736cd183097a41ae099097d6f0d6cfe3ae70b68a802ab31c99b0f24ab90c2ed9c90f024ad4e5cb5c9313cdd69e8f909a085a7fb0fadce3fd41ecd51dc46080d4ae8f725f243df43a208d3323e46f0ca05e26a3dd3d044e8d99993d8243c0f923f1ef4231282574bafc364f9ec977e590")
sendmsg$auto_NL802154_CMD_GET_SEC_KEY(r12, &(0x7f0000002640)={&(0x7f0000002300)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000002600)={&(0x7f0000002580)={0x60, r13, 0x800, 0x70bd2c, 0x25dfdbfe, {}, [@NL802154_ATTR_SCAN_DONE_REASON={0x5, 0x25, 0x81}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0xb7}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0xa29}, @NL802154_ATTR_PID={0x8, 0x1c, r14}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0x6}, @NL802154_ATTR_IFNAME={0x14, 0x4, 'ip_vti0\x00'}, @NL802154_ATTR_IFTYPE={0x8, 0x5, 0x7}]}, 0x60}, 0x1, 0x0, 0x0, 0x4}, 0x40000)
r15 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f00000026c0), r12)
sendmsg$auto_NET_SHAPER_CMD_SET(r1, &(0x7f0000002780)={&(0x7f0000002680)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000002740)={&(0x7f0000002700)={0x1c, r15, 0x1, 0x70bd27, 0x25dfdbfc, {}, [@NET_SHAPER_A_PRIORITY={0x8, 0x6, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4000890)

1m31.474823145s ago: executing program 4 (id=1037):
write$auto(0x3, 0x0, 0xffd8)
unshare$auto(0x40000080)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/vm/dirty_bytes\x00', 0x8a042, 0x0)
r0 = socket(0x29, 0x2, 0x0)
sendfile$auto(r0, 0x3, 0x0, 0x40)

1m30.844826949s ago: executing program 4 (id=1040):
mmap$auto(0x0, 0x7, 0xe5, 0x40eb1, 0xffffffffffffffff, 0x8001)
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8003)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
fstat$auto(0x2, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0xa, 0x2, 0x73)
r0 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/video13\x00', 0x20000, 0x0)
ioctl$auto(0x3, 0xc0285628, 0x8)
mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0xf, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f00000001c0), r1)
mknodat$auto(r1, &(0x7f0000000040)='}[,&*}\x00', 0x3, 0x400)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r2 = socket(0x2, 0x801, 0x84)
r3 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_L2TP_CMD_SESSION_CREATE(r0, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="2c02040045002626bd7000fedbdf250500001006001a004e22000006000203e301000008000c001b000000"], 0x2c}, 0x1, 0x0, 0x0, 0x20044004}, 0x8000)
getsockopt$auto(r2, 0x84, 0x6d, 0x0, &(0x7f00000002c0)=0x8)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x0, 0x0)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0)
ioctl$auto_BLKFLSBUF(r4, 0x1261, 0x0)
keyctl$auto(0x4, 0xfffffffe, 0xffffffffffffffff, 0xffffffffffffffff, 0x8000000e)
lseek$auto(0x3, 0x7fffffffffffffff, 0x1)
ioctl$auto_BLKFLSBUF(r4, 0x1261, 0x0)
r5 = openat$auto_btrfs_ctl_fops_super(0xffffffffffffff9c, &(0x7f0000000f40), 0x2100, 0x0)
ioctl$auto_BTRFS_IOC_GET_SUPPORTED_FEATURES(r5, 0x80489439, 0x0)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x20800, 0x0)
statmount$auto(0x0, 0x0, 0x1fe, 0x5)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000)

1m30.124423337s ago: executing program 4 (id=1041):
r0 = openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/apparmor/prev\x00', 0x1, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r1, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
ioctl$auto_PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f000000c380)={0x61, 0x0, 0x40000000100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x3, 0x8, 0xbff, 0x28, 0x0, 0x3, 0x5})
fremovexattr$auto(r0, &(0x7f0000000080)='\x00')
write$auto_proc_pid_attr_operations_base(r0, 0x0, 0x0)
setsockopt$auto(r1, 0x4, 0x8, &(0x7f0000000000)=':({\x00', 0x40)

1m26.331474714s ago: executing program 34 (id=1003):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETFAMILY(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000780)={0x14, r1, 0x100, 0x70bd2f, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x24000000}, 0x8000)
syslog$auto(0x3, &(0x7f00000004c0)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1(\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2\x88#\tV\x1d.\xdc\x0f\f\xe7\x00\xa3Qk\xa7\x8e_\xf8\xb3\xf1\xa1\xa7\xc4\xd7Z\x87\xe2%\xebO\x80\xa0\x1e\xfb;U3}s\xfe=2\x00'/160, 0xffffffb9)
r2 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x0, 0x0)
read$auto_mon_fops_text_t_mon_text(r2, &(0x7f0000000040), 0x0)

1m14.668879248s ago: executing program 35 (id=1041):
r0 = openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/apparmor/prev\x00', 0x1, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r1, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
ioctl$auto_PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f000000c380)={0x61, 0x0, 0x40000000100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x3, 0x8, 0xbff, 0x28, 0x0, 0x3, 0x5})
fremovexattr$auto(r0, &(0x7f0000000080)='\x00')
write$auto_proc_pid_attr_operations_base(r0, 0x0, 0x0)
setsockopt$auto(r1, 0x4, 0x8, &(0x7f0000000000)=':({\x00', 0x40)

48.800044466s ago: executing program 7 (id=1155):
r0 = mq_open$auto(&(0x7f0000000000)='%*\xdb^]\\:[@!\\@.@.^\x00', 0x4, 0x1, &(0x7f00000000c0)={0xa46a, 0xf, 0x2, 0x7})
syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000ac0), 0xffffffffffffffff)
socket(0xa, 0x2, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0xeae22, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
setresuid$auto(0x2, 0x7, 0x8080)
madvise$auto(0x0, 0x2003f0, 0x15)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, 0x0, 0x10)
r1 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/manager\x00', 0x2, 0x0)
write$auto_tomoyo_operations_securityfs_if(r1, 0x0, 0x0)
shutdown$auto(0x200000003, 0x2)
listen$auto(0x3, 0x81)
timer_create$auto_CLOCK_BOOTTIME_ALARM(0x9, 0x0, 0x0)
bpf$auto_BPF_MAP_UPDATE_BATCH(0x1a, &(0x7f0000000100)=@link_detach={r0}, 0x1)
mmap$auto(0x0, 0x80005, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/pci0000:00/0000:00:04.0/broken_parity_status\x00', 0x2c3002, 0x0)
socket(0x11, 0x3, 0x9)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, 0x0, 0x10004010)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
ioctl$auto(0x3, 0x800005411, 0x38)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0x200000c4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
open(0x0, 0x161342, 0x0)

46.656464322s ago: executing program 7 (id=1161):
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x8000000000000001, 0x7352, 0x34, 0x400000000065f, 0x8001, 0x40007, 0x40000000007f, 0x20000005, 0x9, 0x1, 0x6, 0x400000004, 0xb4, 0x4, 0x6, 0x2, 0x1, 0xffc, 0xfffffff7, 0x7, 0x1fff, 0x0, 0x838b, 0x84, 0x2, 0x0, 0x5, 0x0, 0x2000000, [0x0, 0x0, 0x0, 0x40000000000, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x400, 0x0, 0x0, 0x401, 0x0, 0x1000, 0x7, 0x0, 0x81, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x251, 0x3, 0x3, 0x0, 0x8, 0x3, 0xfffffffffffff7cc, 0x4, 0x400000000000002, 0x0, 0x0, 0x200, 0x0, 0x9, 0x8, 0x2000]}, 0x1fe, 0x8)
personality$auto(0xfffff032)
r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec4\x00', 0x101901, 0x0)
ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000000100)={'\x00', 0x0, 0x6, 0x2, 0x9b3, 0x9, "0200000002000000997e763f222ce1", '\x00', "0001410c", '\x00', ["f5404de9641f0000000060c1", "70d9a9a3af9f39d000000001", "ef5ac4927ad89c5c00"]})
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x8)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dsp\x00', 0x8e40, 0x0)
ioctl$auto_SNDCTL_DSP_SETFMT(r1, 0xc0045005, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "f99c0301d407000000e50400"}, 0x55)
r3 = epoll_create$auto(0x8800001)
r4 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_hcd.0/usb1/bConfigurationValue\x00', 0x63102, 0x0)
sendfile$auto(r5, r5, 0x0, 0x2)
ioctl$auto_SNAPSHOT_FREE(r4, 0x3314, 0x0)
epoll_ctl$auto(r3, 0x1, 0xffffffffffffffff, 0x0)
process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x82942, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xfffffffffffefffe, 0x15)
pipe$auto(0x0)
ioctl$auto_BLKTRACESETUP32(r3, 0xc0401273, &(0x7f0000000000)={"8982d9b8368baa17729d80a3ee6476b2e68f5d89a72c47bc4d6829818a05074e", 0x7fff, 0x3, 0xffff, 0x0, 0x5})
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
ioctl$auto_PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0)

45.636430926s ago: executing program 7 (id=1165):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000140), r0)
statx$auto(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x2, 0x4, &(0x7f0000000180)={0x6, 0x0, 0xd57, 0xff, 0xee01, 0xffffffffffffffff, 0x5, 0x2, 0x444c59c2, 0x80, 0x6000000000, 0x9, {0xffffffffffffff38, 0xc78}, {0x0, 0x9}, {0x0, 0xfffffffd}, {0x7fffffff, 0x4}, 0xfffffff9, 0xfffffff9, 0x8f, 0x7c2b, 0x1000000000000004, 0x0, 0x0, 0x74a, 0x9, 0x9, 0x0, 0x40, [0x0, 0x10, 0xfffffffeffffffff, 0x3, 0x8, 0x9, 0x6, 0x1, 0x9]})
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000100)={{@raw=0xb, 0x3, 0xcf, 0x8, "16a0d89bf208384515b5375a677609aa1bc737276563c3d5a2fca999d5797ab7a10a4d2bc341c4bd369ae535", @raw=0x1}, 0x1, @integer=@value=[0x6d, 0x7, 0xb4, 0xbb, 0x4, 0x80000000, 0x1, 0x10001, 0x1, 0x400000000009, 0xc4, 0x9, 0x6, 0x4, 0x3, 0x6, 0x1, 0x3, 0x4, 0x401, 0x6, 0x0, 0xa0, 0x5, 0x2, 0x30, 0x5, 0xa, 0x8, 0x1, 0x8, 0x7f, 0xffffffffffffdb75, 0x100000000, 0x3, 0x7, 0x7fffffffffffffff, 0x7, 0xd, 0x1, 0x71, 0x0, 0x8, 0x2, 0x3, 0x3, 0x2d7, 0x1, 0x1, 0x6, 0x100000, 0x800000001, 0x6, 0x7, 0x2, 0x6, 0x4, 0x3, 0x40a, 0xd, 0x3fd, 0x8, 0x5, 0xffff, 0x50ce0883, 0xbd6, 0x5, 0x2, 0xd8f, 0x80000000, 0x0, 0x7, 0x46e, 0xa5cf, 0x8, 0x7, 0xc16b, 0x6, 0x9, 0x6, 0x8000002, 0x6, 0x1, 0x3, 0x3, 0xfffffffffffff16a, 0x6, 0xffffffffffff0001, 0x100000000, 0x4, 0x8, 0x4, 0x2, 0x2000000003, 0xfffffffffffffffe, 0x20007cf9, 0x40, 0x2, 0x7, 0x100, 0x14b, 0x2, 0x45f3, 0x2, 0x0, 0x4, 0x0, 0x8001, 0x0, 0x1, 0x7, 0xcf4, 0x1, 0x3, 0x0, 0x4, 0x7, 0x6, 0x25e2, 0xc9a, 0xd09, 0x40, 0x2, 0xffffffffffffff00, 0x7, 0x9, 0xfffffffffffffff8, 0x40], "f3fadb90a56b67d92a5b28b4b23f332550b1e5454e2027fb1a37efe81bbc27deaf7c3100aab088cdb3b40dad335c9174f18934845ac3152fef1e0f42b42471efc0225a4ebe7e05ce3d4ab429805d5921633ffbce8f1a82ff9dec6c288f431cb7005b85ca8633c55d49bbdf4bd9cac1046064001bca7ba37e4b5eacf1940c9a78"})
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
io_uring_setup$auto(0x8, &(0x7f0000000140)={0x0, 0x1, 0x9, 0x210001, 0xc, 0xc05, <r1=>0xffffffffffffffff, [0x7fd, 0x1001, 0x3], {0x9, 0x3, 0x6, 0x0, 0x4, 0x895, 0x3fdc, 0x6, 0x5}, {0x2, 0x1d11, 0x54ed, 0x0, 0x101, 0xff, 0x7, 0xa, 0xb}})
sendmsg$auto_NL802154_CMD_SET_CHANNEL(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16, @ANYBLOB="000329bd7000fedbdf250900000008000c000100008008000300", @ANYRES32, @ANYBLOB="08002c000001000008001d"], 0x3c}, 0x1, 0x0, 0x0, 0x20000828}, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x4008)
sendmsg$auto_SMC_NETLINK_ADD_UEID(0xffffffffffffffff, &(0x7f0000000940)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000900)={&(0x7f0000000680)=ANY=[@ANYBLOB="34020000", @ANYRES16=0x0, @ANYBLOB="000429bd7000fcdbdf250a0000008b0000005be2fdb89a4555bc0ab8fe1b8e4b4655d23babd081a509722b09545c7ad5b15ca3467eb11f74ec1e377cded66879fbe15c54ec9992338ae2d0a419c32c522f30bc4e4370bfae178ac65e63fbd8e692413b826bc301c4542c7efb16e35c150064a9e4e8259c24b140a3a8591f066a48f8c356516fe9edbf6a68cb19153f283eb8d53190f1ccefa000880000003ba25d07da672c3db6dd6dc67b9dd4a3c92a962f87b97f400b4c824450e38852c453e6975cea992a5b1a2fb3227a00c406494e75e8649b8f837b83137118a6e2f97eaf7cd4e3755e13530057b7a79b2ae4aba37bdd15b1376f983a5ac5348b8bf7157c1e8a9213dab3daf1375e34e0e2b945d59fdcfd7ba143d5b25c4266a8800671545ad00000009bfd36b23676e1676a1a0880ba1bbf8888c5fd90879a8e323b23d8b34d95a2b0ebdf481ca2325ebd345e239de065fff85e60d7b879a6bf635a03eaac2f88a4e4802265a6d7e376756740aa8520f5452af53cf7ad2ec33c0f9d8810f4a6a484a5b52f52ca2af73346ba26b789e5cb65bd17513d5d232b47839ecc214b304ce6c884f01617e11f92749e8c0c685107b0315772af3773d4ebcf7bf7a6e4aa0ce18533991cb44675cd5a0879ae1cd42619bc787182703edd015004f391846b93cacb900085d7d2e32a59c9ba00f20800010026275d29340000006b647518189034624ef645950c5c4080c4ab9c204ad1cc33d0bc224de2377c3dff6e6b835062851211dca584465acbc6"], 0x234}, 0x1, 0x0, 0x0, 0x5}, 0x8000)
open(0x0, 0x22040, 0x75)
sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01eb"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x3}, 0x3ef3}, 0x3, 0x0)
sysfs$auto(0x1, 0x0, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D3\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9)
pivot_root$auto(0x0, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
madvise$auto(0x0, 0x200007, 0x8)
madvise$auto(0x0, 0x2003f0, 0x15)
unshare$auto(0x40000080)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8402, 0x0)
mq_open$auto(&(0x7f0000000240)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5, 0x3, 0x0)

43.393393484s ago: executing program 7 (id=1172):
r0 = socket(0x23, 0x800, 0xe7)
unshare$auto(0x40000080)
settimeofday$auto(0x0, &(0x7f0000000100)={0x82, 0x4})
getsockopt$auto(r0, 0x10002, 0x800, 0x0, &(0x7f0000000040)=0x2000000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(r0, r0, 0x9)
socket(0x2, 0x1, 0x0)
socket(0xa, 0x5, 0x0)
r1 = socket(0x2, 0x5, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3d}}, 0x6a)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x4, 0x8000)
connect$auto(0x4, 0x0, 0x10)
setreuid$auto(0xffffffffffffffff, 0x8)
r2 = pidfd_open$auto(0x1, 0x0)
setns(r2, 0x2000000)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
read$auto(0x3, 0x0, 0x1f40)
read$auto(0x4, 0x0, 0xfdef)
listen$auto(0x3, 0x81)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/transparent_hugepage/use_zero_page\x00', 0x28442, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000040)=""/36, 0x24)
io_uring_setup$auto(0x3, &(0x7f00000001c0)={0x4, 0x80000000, 0x800, 0xfffffffc, 0x4, 0x9, <r4=>0xffffffffffffffff, [0x9, 0xfffffffb, 0x8], {0x6, 0x7, 0x6, 0x9, 0x1, 0x10001, 0xe, 0xdb9, 0xfffffffffffffff7}, {0xfffffc51, 0x5, 0x7, 0x0, 0x80000000, 0x3b9c, 0xd, 0x3, 0x4}})
r5 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0)
io_uring_register$auto_IORING_UNREGISTER_NAPI(r5, 0x1c, &(0x7f0000000180)="dc6d953bb5570478f58e1eea092c25be10b07ae7636a3531e2c8dede661c", 0xd8d)
close_range$auto(r4, 0x8, 0x0)
socket(0xa, 0x3, 0xff)
close_range$auto(0x2, 0x8, 0x0)

42.113327315s ago: executing program 7 (id=1178):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
socket(0x2, 0x2, 0x0) (async)
socket(0x2, 0x2, 0x0)
mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000580)='nfsd\x00\xee\x1a\x8fg\x1b\x04\xad>\x96\xe9IG\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\t\xf8p\xc6\x00\x00\x00\x00\xb9\xac\xde\x0e\x90\x18\xf1\x13I\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd\x14\x81\xbe\xab\xed\xd5MI\x830_\xc2\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xees\xf0\xc2\xad\xae\x99\xeb\xc5\xf0\"\x92\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9\xe8\xb2\x05\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14\x94o\x1b[\xa8]\x9b\x03\x95\xc3\xad\xad\x1d#oi|\x04\x93N\xfa\x17\xf3b\xf6E*\xc9\xdd.q\xdbAX\xf6\xfaD\xcdz\xbc~\xf30LE\xb5\x18Wf\xd3\x9b\\\x1c\xbb^\xfb9\xe5\x1b:\xa4\xdd\x81\x91\\\xbc\x1fUl\xfa)\xbf\x9dPV\xae\xa9\x9c)\x01|\xfe\xd0!Rx\a\xc4\xb1$\x8eE\xc2j\x83sLS\xa8H\xf6\xf2,R\x90:\x8fx\xab\x90\xfe$h\x80!\xe2\nY#\xee\x1b}O=\x8bn\xd7zZ\x18\xa7\x9e~\x94k\x8e\xdba\xf2\xc3G\x8egR3\x1d\x01J\x87\x14(}\f\xb1}%N|z,\xbe\x1fB\xd3\xeb\xec\x83X\x8f\x97\x95\xfd\xed\xe6wt\x1d\xb3\xa8\xfb)L~}\x9f\xbf\xd0\xc9\x9d\x82-C\xc3Ez@\x8c\xbf\xa2 \x88\\\r6M\x83', 0x4, 0x0) (async)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000580)='nfsd\x00\xee\x1a\x8fg\x1b\x04\xad>\x96\xe9IG\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\t\xf8p\xc6\x00\x00\x00\x00\xb9\xac\xde\x0e\x90\x18\xf1\x13I\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd\x14\x81\xbe\xab\xed\xd5MI\x830_\xc2\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xees\xf0\xc2\xad\xae\x99\xeb\xc5\xf0\"\x92\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9\xe8\xb2\x05\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14\x94o\x1b[\xa8]\x9b\x03\x95\xc3\xad\xad\x1d#oi|\x04\x93N\xfa\x17\xf3b\xf6E*\xc9\xdd.q\xdbAX\xf6\xfaD\xcdz\xbc~\xf30LE\xb5\x18Wf\xd3\x9b\\\x1c\xbb^\xfb9\xe5\x1b:\xa4\xdd\x81\x91\\\xbc\x1fUl\xfa)\xbf\x9dPV\xae\xa9\x9c)\x01|\xfe\xd0!Rx\a\xc4\xb1$\x8eE\xc2j\x83sLS\xa8H\xf6\xf2,R\x90:\x8fx\xab\x90\xfe$h\x80!\xe2\nY#\xee\x1b}O=\x8bn\xd7zZ\x18\xa7\x9e~\x94k\x8e\xdba\xf2\xc3G\x8egR3\x1d\x01J\x87\x14(}\f\xb1}%N|z,\xbe\x1fB\xd3\xeb\xec\x83X\x8f\x97\x95\xfd\xed\xe6wt\x1d\xb3\xa8\xfb)L~}\x9f\xbf\xd0\xc9\x9d\x82-C\xc3Ez@\x8c\xbf\xa2 \x88\\\r6M\x83', 0x4, 0x0)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x7, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@rc={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x1}, 0x6a)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/mac80211_hwsim/hwsim1/net/wlan1/statistics/rx_crc_errors\x00', 0x0, 0x0) (async)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/mac80211_hwsim/hwsim1/net/wlan1/statistics/rx_crc_errors\x00', 0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000100)=""/4096, 0x1000) (async)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000100)=""/4096, 0x1000)
pread64$auto(0xffffffffffffffff, 0x0, 0x10, 0xfffefffffffff72f)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x80a, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x801, 0x0) (async)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x801, 0x0)
r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x2, 0x1d2c, 0x3, 0x4, 0x15f4da0e, 0x6, 0x9, 0x100000000000000c, 0x8, 0x4, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
socket(0x2c, 0x1, 0x3) (async)
socket(0x2c, 0x1, 0x3)
write$auto_force_suspend_fops_hci_vhci(0xffffffffffffffff, 0x0, 0x0)
ioctl$auto(0xffffffffffffffff, 0x4b45, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
read$auto_tracing_pipe_fops_trace(r1, 0x0, 0x0) (async)
read$auto_tracing_pipe_fops_trace(r1, 0x0, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x7f, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001100)='/sys/bus/usb/drivers/bcm5974/new_id\x00', 0x212000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_START_SCHED_SCAN(r2, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)={0x178, r3, 0x200, 0x70bd26, 0x25dfdbfd, {}, [@NL80211_ATTR_QOS_MAP={0xdd, 0xc7, "d9baba80a8f9671ca00652e97df17fdd237858abbedd7c8f34445cc027f5901e1187ad8f36a44545d11acbf863b6a11dca75500f19bab6627c021f198d878001b622ee37465ed08c6c1f1e43c685e78225480a6ed1159bff0938b1a014e73560368cfacac1535ead2b0d40c718b925135742121c7f66b2cc8c86576f0f8c5e7dd76285ca15d04ce1a69db6b869807439738a93875dc6ee02be9f286fdb6536cfdb844bccff97ccf5485bdc6b336491e27d9fe9a39d9857ccf5a9a401a91d0c5fa5229e2e1df15fc373a19981c2c06321b2512c8813f23d190c"}, @NL80211_ATTR_MLO_RECONF_REM_LINKS={0x6, 0x14f, 0x8000}, @NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0x6d, 0xbe, "529fa747c6e7cb012dfe3cf46af9bf26f43adbaaf8f25195c395410b5dc9af78a8a7b75e5df6cd0c5ad1d4a94a3a0e993ba53bbf757881088bc153bfd578725d4ec57ba23fb0e3c1ec089f546172b11559e0172ee7a3a1cbb3a8326e99ab139d43b4cf5d844b5b1ca2"}, @NL80211_ATTR_HW_TIMESTAMP_ENABLED={0x4}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}]}, 0x178}, 0x1, 0x0, 0x0, 0x200c081}, 0x20000003)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/rose2/power/autosuspend_delay_ms\x00', 0x30000, 0x0)

41.630752762s ago: executing program 7 (id=1182):
socket(0x2, 0x1, 0x84) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
close_range$auto(0x0, 0xffffffffffffffff, 0x2) (async)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram1\x00', 0x4042, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
connect$auto(0x3, &(0x7f0000000080)=@generic={0xa, "0000e100"}, 0x58) (async)
getsockopt$auto(0xffffffffffffffff, 0x0, 0x483, 0x0, 0x0) (async)
ioctl$auto_BTRFS_IOC_SUBVOL_CREATE_V2(0xffffffffffffffff, 0x50009418, &(0x7f0000001900)={@raw=0x7, 0x400, 0x6, @unused, @devid=0x800080}) (async)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x403, 0x7) (async)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/thread-self/net/tls_stat\x00', 0x500, 0x0)
pread64$auto(r0, 0x0, 0x1ff, 0x8800000000) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
close_range$auto(0x2, 0xa, 0x0) (async)
socket(0xa, 0x2, 0x0) (async)
r1 = socket(0xa, 0x3, 0xff)
connect$auto(r1, &(0x7f00000018c0)=@generic={0xa}, 0x55) (async)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
write$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f0000001680)="a7", 0x80000)
syz_clone3(0x0, 0x0)
madvise$auto(0x1ffff000, 0x7, 0x100000000) (async)
mmap$auto(0x0, 0x400008, 0xb, 0x9b72, 0x2, 0x8000)
fsopen$auto(0x0, 0x1) (async)
r2 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x20081, 0x0)
bpf$auto(0x4, &(0x7f0000000180)=@test={r2, 0x8, 0x2, 0x4, 0x90, 0x2, 0x4, 0x1, 0x354dfa03, 0x3, 0x0, 0x6, 0x6, 0x3}, 0x7) (async)
mmap$auto(0x0, 0x1ff, 0x10000000000df, 0xeb2, 0x401, 0x8000) (async)
arch_prctl$auto(0x5005, 0x9) (async)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video57\x00', 0xa240, 0x0)

41.445314955s ago: executing program 6 (id=1184):
socket$nl_generic(0x10, 0x3, 0x10) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) (async, rerun: 32)
r0 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, 0x0, 0x8000, 0x0) (rerun: 32)
close_range$auto(0x2, r0, 0x2) (async, rerun: 32)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
close_range$auto(0x0, 0xfffffffffffff001, 0x2) (async)
socket(0x29, 0x6, 0x1000200) (async)
r2 = open(&(0x7f0000000040)='./cgroup\x00', 0x80c80, 0xb5d1af1605322def)
open_by_handle_at$auto(r2, &(0x7f0000001280)={0x8, 0x2, "0200000000000000"}, 0x6)
prctl$auto_PR_SET_SECCOMP(0x16, 0x911, 0x3ff, 0x98, 0x3) (async, rerun: 64)
sendfile$auto(r1, r1, 0x0, 0x2) (rerun: 64)
ioctl$auto_TUNSETVNETBE(r2, 0x400454de, &(0x7f0000000000))

40.699367744s ago: executing program 6 (id=1187):
r0 = socket(0x23, 0x800, 0xe7)
unshare$auto(0x40000080)
settimeofday$auto(0x0, &(0x7f0000000100)={0x82, 0x4})
getsockopt$auto(r0, 0x10002, 0x800, 0x0, &(0x7f0000000040)=0x2000000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(r0, r0, 0x9)
socket(0x2, 0x1, 0x0)
socket(0xa, 0x5, 0x0)
r1 = socket(0x2, 0x5, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3d}}, 0x6a)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x4, 0x8000)
connect$auto(0x4, 0x0, 0x10)
setreuid$auto(0xffffffffffffffff, 0x8)
r2 = pidfd_open$auto(0x1, 0x0)
setns(r2, 0x2000000)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
read$auto(0x3, 0x0, 0x1f40)
read$auto(0x4, 0x0, 0xfdef)
listen$auto(0x3, 0x81)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/transparent_hugepage/use_zero_page\x00', 0x28442, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000040)=""/36, 0x24)
io_uring_setup$auto(0x3, &(0x7f00000001c0)={0x4, 0x80000000, 0x800, 0xfffffffc, 0x4, 0x9, <r4=>0xffffffffffffffff, [0x9, 0xfffffffb, 0x8], {0x6, 0x7, 0x6, 0x9, 0x1, 0x10001, 0xe, 0xdb9, 0xfffffffffffffff7}, {0xfffffc51, 0x5, 0x7, 0x0, 0x80000000, 0x3b9c, 0xd, 0x3, 0x4}})
r5 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0)
io_uring_register$auto_IORING_UNREGISTER_NAPI(r5, 0x1c, &(0x7f0000000180)="dc6d953bb5570478f58e1eea092c25be10b07ae7636a3531e2c8dede661c", 0xd8d)
close_range$auto(r4, 0x8, 0x0)
socket(0xa, 0x3, 0xff)
close_range$auto(0x2, 0x8, 0x0)

39.869102717s ago: executing program 6 (id=1191):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400, 0x7}, 0x9, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
lstat$auto(0x0, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2, 0x4, 0x8000000a041000a, 0x40000402, 0x10000, 0x8, 0xffffffff80000000, 0xe0, 0x6, 0x240000100103})
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0)
r1 = socket(0x10, 0x2, 0x6)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL802154_CMD_SET_WPAN_PHY_NETNS(r2, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x3c, 0x0, 0x800, 0x70bd2d, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x5}, @NL802154_ATTR_MAX_ASSOCIATIONS={0x8, 0x27, 0x8}, @NL802154_ATTR_SUPPORTED_CHANNEL={0x8, 0x16, 0x1cbd}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20004005}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x0)
bpf$auto_BPF_MAP_LOOKUP_ELEM(0x1, &(0x7f0000000380)=@batch={0x2, 0x5a, 0x3, 0x1, 0x4, r0, 0x2, 0x6}, 0x5)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x0, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async)
close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async)
landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400, 0x7}, 0x9, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
lstat$auto(0x0, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2, 0x4, 0x8000000a041000a, 0x40000402, 0x10000, 0x8, 0xffffffff80000000, 0xe0, 0x6, 0x240000100103}) (async)
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) (async)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0) (async)
socket(0x10, 0x2, 0x6) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$auto_NL802154_CMD_SET_WPAN_PHY_NETNS(r2, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x3c, 0x0, 0x800, 0x70bd2d, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x5}, @NL802154_ATTR_MAX_ASSOCIATIONS={0x8, 0x27, 0x8}, @NL802154_ATTR_SUPPORTED_CHANNEL={0x8, 0x16, 0x1cbd}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20004005}, 0x8000) (async)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x0) (async)
bpf$auto_BPF_MAP_LOOKUP_ELEM(0x1, &(0x7f0000000380)=@batch={0x2, 0x5a, 0x3, 0x1, 0x4, r0, 0x2, 0x6}, 0x5) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) (async)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x0, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async)

39.539014025s ago: executing program 6 (id=1193):
socket(0x21, 0x2, 0x2)
openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/ieee80211/phy7/queues\x00', 0x20000, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0xf1, 0x2, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_stats_fops_2(0xffffffffffffff9c, &(0x7f000000b000), 0x80, 0x0)
pread64$auto(r1, &(0x7f000000b040)='\x00', 0x7, 0x6)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/netdevsim0/del_port\x00', 0xa001, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
r4 = ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendfile$auto(r6, r6, 0x0, 0x3)
write$auto(r2, &(0x7f0000000380)='0\x81=\"\xad/\x8d\b\x00\x18\xa4\xb0\xb4\xd9\x82=~\x17\xfb&L\xeb=j\a\xf1y\xb3\"\xeb\a\xdd\xf4\xf4Ry\xee\xd7\x1e\x1c\x86\x0f\xcf\x7f\xbf\xab\x12{\xc2\xc2*\xc1M+6/v8\xea\xe9\x85s4\xfe\xe5\t\x7fc\xfb7^\xb86J_\x1d1s!\x01\xff\xff\xff\xff\xff\xff\xff\x1dF\xe6\xf6\x17\x10+\xc0\xb0\xafc\x99\xd4\x150Y~\x1e\xe2\xd6x4fW\x13\xc4U`\x9e-X\xd7\xe2H^\fLS`\xfc\xbb\r\f\x00\xeaN\xa5\xd2\x82;\x7f\xa0.\x9a\xfb\x8d\xf3l\xf2\xd3\x95\xc1M5\xcb\xa6I\x067\xe36\xea\xe9\xe3\xf44oT_`8\xb3\xef\x04 \x05K\xf9\x87pl\xac\x86\nE\xc7e\xc5Q\x89\xcd@\x1c\x92\x00\x87\x976\x9f>\xa2\xcfm\xec\r\x11\x7f\x00\x00\x00\xb1\xde@\x02\xce\x03\xb7\xb1\xfb\x9fr\v\xb2\xe3\xc7\b\x85K /zm\x7f\x8fg,p\a\xc8\x7f\xa5\x87\x02\x87\xbbR=A\x00\x1f\x8a\xa7/Q\"J\xbb\xb0m\xf2SP\x84\x84S\xf0\xba\x9a\xf6\xb6`WI\xba\xba*8\x9f\xea\xe8K/\x98\xbc7~>\x12\x9buB\xcb\xe4\x8aKf\xba\x8c\x19m\xe6I\x02\xde\x80\x9d\x87}\xf4\xbd9\xaa\xd6\xdb1]\xde\xa0r\x14\xca56^\x94\xd2\xd8\xe6}9\x91\xb6\xf7\xa1=\x96\x11\xf1\\\xa91\x0e\xd1\xe4z\xc1;Pw!\x8b\xf5{\xc7Xd\xf1\xf2}\x96EVf\xc9\xa8\xcd\xe4\xc9\x8d\x1d7\xd5\x94\\\xb5\r\xd2\xaa\xe6H\xfe)\xb3a\x04\x1eRMl\xa3F\xa8W0\x90\xc9Ky#\x03\xf5~\xd2Z\xe9(\x99\b\x00M\xde\x01]\r\xd09k\xc2\x84\xc1\xabN\x96\x8a6\x98@\xd3\xab\xa8m\xdf\x8d\x1d\b\x82\xfcP\x87\x93\x80\x97Q\x86\x8a\x9c\xf8L\x0f\xa8@VE2\x9d\x1e`#\xd8\xd7M\xd4k1\xe6\x13Y\\\x83E\xd0e\x0eM\xa9Q\xac\x0e\x1d]\a\x19H\x81\xd2\xccF\xc6\xd4\xe2R$\xfa\xd6}\xbdsN\x18\xdf\xf5\xffP\xf5\f\xccL\xef\x83\xb3$\xd4\xf4\xb5\xe6\xd0 \xb9\xa7\x8e6\t\x83q\xef\b\xd2\xdb', 0x1)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/net/sockstat\x00', 0x22000, 0x0)
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, r4, 0x8000)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
mmap$auto(0x0, 0x5, 0xffffffffffffffff, 0xeb1, 0xffffffffffffffff, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000800)='/sys/devices/virtual/net/rose15/address\x00', 0x0, 0x0)
mincore$auto(0x1000, 0x8001, 0x0)
r7 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/v4l-subdev1\x00', 0xe0800, 0x0)
ioctl$auto(r7, 0xc0205648, r7)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000140), r8)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x18, r9, 0x1, 0x70bd2d, 0x25dfdbff, {}, [@HWSIM_ATTR_SUPPORT_P2P_DEVICE={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x41}, 0x4004040)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="01002dbd7000fadbdf250400000004000d00"], 0x18}, 0x1, 0x0, 0x0, 0x4000004}, 0x4044820)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_GTP_CMD_NEWPDP(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16, @ANYBLOB="010027bd7000fedbdf2500000000060006000900000008000100ffffffff0c0003000700000000000000080002000000000008000700", @ANYRES8, @ANYRES16=r6], 0x40}, 0x1, 0x0, 0x0, 0x20040850}, 0x4048040)

38.028023806s ago: executing program 6 (id=1196):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
r0 = socket(0x2, 0x2, 0x0)
mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000580)='nfsd\x00\xee\x1a\x8fg\x1b\x04\xad>\x96\xe9IG\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\t\xf8p\xc6\x00\x00\x00\x00\xb9\xac\xde\x0e\x90\x18\xf1\x13I\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd\x14\x81\xbe\xab\xed\xd5MI\x830_\xc2\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xees\xf0\xc2\xad\xae\x99\xeb\xc5\xf0\"\x92\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9\xe8\xb2\x05\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14\x94o\x1b[\xa8]\x9b\x03\x95\xc3\xad\xad\x1d#oi|\x04\x93N\xfa\x17\xf3b\xf6E*\xc9\xdd.q\xdbAX\xf6\xfaD\xcdz\xbc~\xf30LE\xb5\x18Wf\xd3\x9b\\\x1c\xbb^\xfb9\xe5\x1b:\xa4\xdd\x81\x91\\\xbc\x1fUl\xfa)\xbf\x9dPV\xae\xa9\x9c)\x01|\xfe\xd0!Rx\a\xc4\xb1$\x8eE\xc2j\x83sLS\xa8H\xf6\xf2,R\x90:\x8fx\xab\x90\xfe$h\x80!\xe2\nY#\xee\x1b}O=\x8bn\xd7zZ\x18\xa7\x9e~\x94k\x8e\xdba\xf2\xc3G\x8egR3\x1d\x01J\x87\x14(}\f\xb1}%N|z,\xbe\x1fB\xd3\xeb\xec\x83X\x8f\x97\x95\xfd\xed\xe6wt\x1d\xb3\xa8\xfb)L~}\x9f\xbf\xd0\xc9\x9d\x82-C\xc3Ez@\x8c\xbf\xa2 \x88\\\r6M\x83', 0x4, 0x0)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x40000007, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/mac80211_hwsim/hwsim1/net/wlan1/statistics/rx_crc_errors\x00', 0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000100)=""/4096, 0x1000)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
recvmmsg$auto(r0, 0x0, 0x10001, 0x80a, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/fs/jfs/TxAnchor\x00', 0x80000, 0x0)
write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0x20, "0006945ee35cac7ed700"}, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x500, 0x0)
close_range$auto(0x2, 0xa, 0x0)
socket(0xa, 0x2, 0x0)
r2 = socket(0xa, 0x3, 0xff)
connect$auto(r2, &(0x7f00000018c0)=@generic={0xa}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
write$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f0000001680), 0x0)
syz_clone3(0x0, 0x0)
madvise$auto(0x1ffff000, 0x7, 0x100000000)

36.201287818s ago: executing program 6 (id=1201):
ioperm$auto(0x1, 0x1004, 0x7f)
iopl$auto(0x2)
r0 = openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/trigger\x00', 0x1, 0x0)
write$auto_event_trigger_fops_trace(r0, &(0x7f0000000240)='!', 0x1)
r1 = openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000540)='/sys/kernel/tracing/events/vmalloc/enable\x00', 0x181841, 0x0)
write$auto(r1, &(0x7f0000000100)='9\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400000, 0xee, 0x9b72, 0x2, 0x5)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = socket(0x11, 0x80003, 0x300)
sysfs$auto(0x2, 0x2, 0x0)
setsockopt$auto(r2, 0x107, 0x8, 0x0, 0x6)
read$auto(0x3, 0x0, 0x7)
madvise$auto(0x0, 0xffffffffffff0001, 0x80016)
r3 = prctl$auto_PR_SET_MM_START_BRK(0x9, 0x6, 0x0, 0x4, 0x3)
syz_genetlink_get_family_id$auto_tcp_metrics(0x0, r3)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
close_range$auto(0x2, 0x8, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
unshare$auto(0x40000080)
ioctl$auto_SNDRV_TIMER_IOCTL_INFO(r3, 0x80e85411, &(0x7f0000000280)={0x80000001, 0x81, "10186ce58990296ca0f7074403fee3872fe4c6a77ba82f5d4821fee8866d74a53938b59996ce7004792ec6676d3bb2134fcdfdbf44606596f1d867335c574e98", "5410a4726a453adb3ec72ac82d9c0c9473d789fa78e02c4785b514f209325e8fa3d3f055038af325f0670c22c6727106286c6bac13006b60363ec8a5b9b21db563a4094c6465cb9e25e4c0ee4def45b9", 0x3, 0x1a, "1741fc40b327f8c56f13a5698deb503a998e938b3bca631135980d9326f33a7c9a7b34271e718a1421bb0259a4529869ca4c0652bd5a77ee9b53754b2d471456"})
setsockopt$auto_SO_BUSY_POLL_BUDGET(r4, 0x0, 0x46, &(0x7f00000000c0)='[\x00', 0xfff)
openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/free_buffer\x00', 0x20103, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r5 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x80201, 0x0)
ioctl$auto_SNAPSHOT_AVAIL_SWAP_SIZE(r5, 0x80083313, &(0x7f0000000080)=0x6)
ioctl$auto_USBDEVFS_CONTROL32(0xffffffffffffffff, 0xc0105500, &(0x7f0000000080)={0x2, 0x1, 0x101, 0x0, 0x3, 0x4, 0x69})
keyctl$auto(0x1e, 0xfffffffffffffffc, 0xfffffffffffffffd, 0xee00, 0xfffffffffffffffd)

26.073593649s ago: executing program 36 (id=1182):
socket(0x2, 0x1, 0x84) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
close_range$auto(0x0, 0xffffffffffffffff, 0x2) (async)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram1\x00', 0x4042, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
connect$auto(0x3, &(0x7f0000000080)=@generic={0xa, "0000e100"}, 0x58) (async)
getsockopt$auto(0xffffffffffffffff, 0x0, 0x483, 0x0, 0x0) (async)
ioctl$auto_BTRFS_IOC_SUBVOL_CREATE_V2(0xffffffffffffffff, 0x50009418, &(0x7f0000001900)={@raw=0x7, 0x400, 0x6, @unused, @devid=0x800080}) (async)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x403, 0x7) (async)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/thread-self/net/tls_stat\x00', 0x500, 0x0)
pread64$auto(r0, 0x0, 0x1ff, 0x8800000000) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
close_range$auto(0x2, 0xa, 0x0) (async)
socket(0xa, 0x2, 0x0) (async)
r1 = socket(0xa, 0x3, 0xff)
connect$auto(r1, &(0x7f00000018c0)=@generic={0xa}, 0x55) (async)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
write$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f0000001680)="a7", 0x80000)
syz_clone3(0x0, 0x0)
madvise$auto(0x1ffff000, 0x7, 0x100000000) (async)
mmap$auto(0x0, 0x400008, 0xb, 0x9b72, 0x2, 0x8000)
fsopen$auto(0x0, 0x1) (async)
r2 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x20081, 0x0)
bpf$auto(0x4, &(0x7f0000000180)=@test={r2, 0x8, 0x2, 0x4, 0x90, 0x2, 0x4, 0x1, 0x354dfa03, 0x3, 0x0, 0x6, 0x6, 0x3}, 0x7) (async)
mmap$auto(0x0, 0x1ff, 0x10000000000df, 0xeb2, 0x401, 0x8000) (async)
arch_prctl$auto(0x5005, 0x9) (async)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video57\x00', 0xa240, 0x0)

21.05982117s ago: executing program 37 (id=1201):
ioperm$auto(0x1, 0x1004, 0x7f)
iopl$auto(0x2)
r0 = openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/trigger\x00', 0x1, 0x0)
write$auto_event_trigger_fops_trace(r0, &(0x7f0000000240)='!', 0x1)
r1 = openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000540)='/sys/kernel/tracing/events/vmalloc/enable\x00', 0x181841, 0x0)
write$auto(r1, &(0x7f0000000100)='9\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400000, 0xee, 0x9b72, 0x2, 0x5)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = socket(0x11, 0x80003, 0x300)
sysfs$auto(0x2, 0x2, 0x0)
setsockopt$auto(r2, 0x107, 0x8, 0x0, 0x6)
read$auto(0x3, 0x0, 0x7)
madvise$auto(0x0, 0xffffffffffff0001, 0x80016)
r3 = prctl$auto_PR_SET_MM_START_BRK(0x9, 0x6, 0x0, 0x4, 0x3)
syz_genetlink_get_family_id$auto_tcp_metrics(0x0, r3)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
close_range$auto(0x2, 0x8, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
unshare$auto(0x40000080)
ioctl$auto_SNDRV_TIMER_IOCTL_INFO(r3, 0x80e85411, &(0x7f0000000280)={0x80000001, 0x81, "10186ce58990296ca0f7074403fee3872fe4c6a77ba82f5d4821fee8866d74a53938b59996ce7004792ec6676d3bb2134fcdfdbf44606596f1d867335c574e98", "5410a4726a453adb3ec72ac82d9c0c9473d789fa78e02c4785b514f209325e8fa3d3f055038af325f0670c22c6727106286c6bac13006b60363ec8a5b9b21db563a4094c6465cb9e25e4c0ee4def45b9", 0x3, 0x1a, "1741fc40b327f8c56f13a5698deb503a998e938b3bca631135980d9326f33a7c9a7b34271e718a1421bb0259a4529869ca4c0652bd5a77ee9b53754b2d471456"})
setsockopt$auto_SO_BUSY_POLL_BUDGET(r4, 0x0, 0x46, &(0x7f00000000c0)='[\x00', 0xfff)
openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/free_buffer\x00', 0x20103, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r5 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x80201, 0x0)
ioctl$auto_SNAPSHOT_AVAIL_SWAP_SIZE(r5, 0x80083313, &(0x7f0000000080)=0x6)
ioctl$auto_USBDEVFS_CONTROL32(0xffffffffffffffff, 0xc0105500, &(0x7f0000000080)={0x2, 0x1, 0x101, 0x0, 0x3, 0x4, 0x69})
keyctl$auto(0x1e, 0xfffffffffffffffc, 0xfffffffffffffffd, 0xee00, 0xfffffffffffffffd)

12.858866136s ago: executing program 5 (id=1256):
set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7ffffffffffffffb, 0x3)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
unshare$auto(0x40000080)
unshare$auto(0x21)
openat$auto_kmsg_fops_printk(0xffffffffffffff9c, 0x0, 0x40001, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r0 = io_uring_setup$auto(0x9, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
set_mempolicy$auto(0x3, &(0x7f00000000c0)=0xffffffffffffffff, 0x3a)
init_module$auto(0x0, 0xffff9, 0x0)
syz_genetlink_get_family_id$auto_ovs_ct_limit(0x0, 0xffffffffffffffff)
rseq$auto(0xfffffffffffffffc, 0x1000, 0x4, 0x5)
r1 = geteuid()
keyctl$auto(0x1e, r1, r1, 0x0, 0x7)
fstat$auto(r0, &(0x7f0000000140)={0x8000, 0x0, 0x9, 0xe9e9, 0xee01, <r2=>0xffffffffffffffff, 0x0, 0x8, 0x3, 0x6f7, 0x2, 0xffff, 0x6, 0x1, 0x3, 0xa5f, 0x1})
mmap$auto(0x0, 0xdf33, 0xe2, 0xeb1, 0x405, 0x8000)
r3 = socket(0x2, 0x3, 0xa)
getsockopt$auto(r3, 0x0, 0x29, 0x0, 0x0)
r4 = syz_clone(0x40280500, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$auto(0x10, r4, 0x4, 0x8000040006)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000140), r5)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000040)='/dev/binderfs/binder0\x00', 0x200200, 0x0)
r6 = getpgrp(r4)
sendmsg$auto_TASKSTATS_CMD_GET(r5, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4001}, 0x20000000)
msgctl$auto_IPC_RMID(0x7, 0x0, &(0x7f0000000200)={{0xc, r1, r2, 0x5, 0x2, 0x3, 0x4}, 0x0, 0x0, 0x85, 0x4, 0x8000000000000000, 0x7, 0x4, 0x1, 0x3, 0x8, @inferred=r4, @inferred=r6})
close_range$auto(0x2, 0xa, 0x0)
readv$auto(0xffffffffffffffff, 0x0, 0x24000000000001)
sendmsg$auto_ETHTOOL_MSG_RSS_GET(r0, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000100)={&(0x7f0000000280)={0xc0, 0x0, 0x2, 0x70bd28, 0x25dfdbff, {}, [@ETHTOOL_A_RSS_START_CONTEXT={0x8, 0x7, 0x4}, @ETHTOOL_A_RSS_HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x10}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'hsr0\x00'}]}, @ETHTOOL_A_RSS_CONTEXT={0x8, 0x2, 0x7ff}, @ETHTOOL_A_RSS_CONTEXT={0x8, 0x2, 0xffff}, @ETHTOOL_A_RSS_CONTEXT={0x8, 0x2, 0x5}, @ETHTOOL_A_RSS_HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x8034}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @ETHTOOL_A_RSS_CONTEXT={0x8, 0x2, 0xfff}, @ETHTOOL_A_RSS_START_CONTEXT={0x8, 0x7, 0xffffffc0}, @ETHTOOL_A_RSS_CONTEXT={0x8, 0x2, 0x12000}]}, 0xc0}, 0x1, 0x0, 0x0, 0x4088022}, 0x0)
setgroups$auto(0xe32, 0x0)

11.843110301s ago: executing program 8 (id=1259):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
rseq$auto(&(0x7f0000000300)={0xe, 0x403, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6)
r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video54\x00', 0x42942, 0x0)
writev$auto(0x3, &(0x7f0000000100)={&(0x7f0000000140), 0x9}, 0x8)
openat$nci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
flock$auto(r0, 0x4)
socket(0xa, 0x3, 0x5)
openat$auto_stats_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0xc00, 0x0)
mmap$auto(0x0, 0x3, 0x4000000000df, 0xeb1, 0x7f, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x0, 0x4, 0x5, 0x3d3c)
timer_create$auto(0x3, 0x0, 0x0)
timer_settime$auto(0x0, 0x801, &(0x7f0000000100)={{0xa6, 0x7}, {0x0, 0x3}}, 0x0)
socket(0x29, 0x2, 0x0)
socket(0x1d, 0x2, 0x2)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/pci0000:00/0000:00:03.0/consistent_dma_mask_bits\x00', 0x0, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socket(0x2, 0x2, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000ac0)='/proc/thread-self/net/sctp/remaddr\x00', 0x8200, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0)
openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x80102, 0x0)
openat$auto_usbfs_devices_fops_usb(0xffffffffffffff9c, &(0x7f0000000000), 0x80100, 0x0)
r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000004180)='/dev/snd/controlC1\x00', 0x28180, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/slab/kmalloc-64/min_partial\x00', 0x501, 0x0)
socket(0x10, 0x2, 0x0)
r2 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_INFO(r1, 0xc1105511, 0x0)
ioctl$auto_USBDEVFS_BULK(r2, 0xc0185502, &(0x7f0000000040)={0xa1b, 0x855, 0x3, &(0x7f00000001c0)="da94e86c1133f19d41954e5e478867a6ce81e3a35fdfcb7218478bb35df4d94e3829f499ee8c3937725253b52a52f6ae937b8dbd55cfe0d4d330c0d563e17c3069d8747dbb7467ce1ace7b"})
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)

10.930575864s ago: executing program 5 (id=1260):
ioctl$auto(0x3, 0x50434901, 0x1)
socket(0x0, 0x2, 0x2000d)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000)
io_uring_setup$auto(0x401, 0x0)
close$auto(0xffffffffffffffff)
read$auto(0x3, 0x0, 0xfdef)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, 0x0, 0x800, 0x0)
close_range$auto(0x2, 0xa, 0x3)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x0, 0x0)
r1 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
read$auto_rng_chrdev_ops_core(r1, &(0x7f0000000040)=""/4096, 0xfffffe82)
mmap$auto(0x0, 0x2020009, 0x3, 0x4000000000000eb1, 0xffffffffffffffff, 0x8000)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_hsr(&(0x7f00000011c0), 0xffffffffffffffff)
sendmsg$auto_HSR_C_GET_NODE_STATUS(r2, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f0000001040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="290928bd7000fbdbdf250300000008000200", @ANYRES32=0x0, @ANYBLOB="41aa2b9dc46014ab0cb4811745694562053100d2497bbfbfee84d7806a5474fc48427ad8ced700"/48], 0x1c}, 0x1, 0x0, 0x0, 0x240008c5}, 0x48094)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
socketcall$auto(0x8000, 0x0)
set_mempolicy$auto(0x3, &(0x7f0000000040)=0x7, 0x3)
bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x2, 0x10001, 0x10, 0x2, 0x4, r0, 0x4, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x955b, 0x8, 0x5, 0x1, <r4=>0xffffffffffffffff}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000200), 0xffffffffffffffff)
r7 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/ieee80211/phy1/rate_ctrl_alg\x00', 0x0, 0x0)
readv$auto(r7, &(0x7f0000000100)={&(0x7f0000000280), 0x1}, 0x4)
sendmsg$auto_HWSIM_CMD_REPORT_PMSR(r5, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000140)=ANY=[@ANYBLOB=' \x00', @ANYRES16=r6, @ANYBLOB="01002cbd7000fddbdf250b0000000a000280019e695f99bb0e0000"], 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x0)
mmap$auto(0x0, 0x2020009, 0x8, 0xeb1, r4, 0x8000)

9.773097003s ago: executing program 5 (id=1263):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) (async)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x400084c, 0x0, 0x6, 0x0, 0x7, 0x10b}, 0x800007}, 0x1, 0x20000000) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fb0\x00', 0x2, 0x0)
ioctl$auto_FBIOPAN_DISPLAY(r0, 0x4606, &(0x7f0000000000)) (async)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sg0\x00', 0x20000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_IEEE802154_ASSOCIATE_RESP(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x4000000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async, rerun: 64)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) (async, rerun: 64)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0)
sigaltstack$auto(0x0, 0x0) (async)
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram2\x00', 0xc642, 0x0)
write$auto(r1, 0x0, 0x8000) (async, rerun: 64)
get_mempolicy$auto(0x0, &(0x7f0000000140)=0x1, 0x2, 0x86, 0x9) (async, rerun: 64)
socket(0xa, 0x1, 0x100)
syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5t\x03\x00\x00\x00\x00\x00\x00\x00\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2\x1d\xeb\x11wQ\x7fE\x82\xb5l\xa0\x04\xea\x02\xb6/\xc1\xe7\xb9\xce^\xf0)\x02\x1b2\x04\xb9X#u\xd4\x85M4<\xbe\x95\xc5b=\xc9\xb5$\x14*\x8fe?v]TZ\xb26_\x16[\xfa\xb5\xa1\xf6\xcf1\xadV\xdb8\x1azv7\x84]\xedE\xf7\xc9\x11[>\xa5[\x9f6\xba\xde-D\xef\x8b+\x82My\xb0\xdfo{YY~\x81\xc7\xd5\x0fp\x10F9\x04/\xcc\xa2\xdf\x01)\xaf\xd6Bm\xce\xac\xd9\xd7\xe5n/r\xde\xda\x9c\xae\t\xea\xbd\xc8|\xad\xa3\x9b\xd1t\xb9\xa3\x86\x98\xe5\xae\xf3\xe9\x19\xe6\xa3er4g\x95\x92\x90\x18ET\xda6\x0e\xda\xa8\x10\x86h|\b\xe5\xeb+\x82= \x85i\xd1)\x11\x875H\x1a8\xbbd\xb2w\x95\xb0\xa2HSA\xbf\xb3:\x03\x9b\xdc\xf4f|=\xb7m5^\xad\x9b\x19\xd8<\xa8\xac!\x10\va\xc7\xeb\xf7\x8a\xf5\"\xee\xf3\\\xe5\xb1\xf0C\x04\xa5\x8c\xd3\x9b/U\x17\x88\x9f\xe6\x12_\x0e\xdb\xc6\xeb\xc7\\\x1c\x9c\xa9fsQk\xce\x1dPg\xd1\xb7\x12\x9b\x16n\x9d(\xe6k\x13\x8c\xca\x1f\xe1d%{\x83N\x97\xe4\xcdZ\xbe[j\xdd\xe3\xca\xf3\x1e\x06}\xa5\x03iT=\xcc\xc6}@s', 0x5) (async, rerun: 32)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (rerun: 32)
close_range$auto(0x2, 0x8, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
timerfd_create$auto(0x9, 0x0) (async, rerun: 32)
getrandom$auto(0x0, 0x6000000, 0x3) (async, rerun: 32)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
ioctl$auto(0x3, 0x40085400, 0x5)
r2 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080))
lseek$auto(r2, 0xfffffffffffffffd, 0x1) (async)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)

9.156771557s ago: executing program 8 (id=1265):
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
pipe$auto(0x0)
mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000)
madvise$auto(0x0, 0x200007, 0x19)
io_uring_setup$auto(0x2, &(0x7f0000000080)={0x80000003, 0x9, 0x4002, 0x6, 0x4, 0x8, 0xffffffffffffffff, [], {0x9, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x4000006, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x104, 0x8, 0x100000000}})
sendmsg$auto_OVS_DP_CMD_GET(0xffffffffffffffff, 0x0, 0x20000008)
r0 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0)
ioctl$auto_VHOST_SET_BACKEND_FEATURES2(r0, 0x4008af25, &(0x7f00000000c0)=0x3)
mmap$auto(0x6, 0x40, 0x3, 0x18, 0xffffffffffffffff, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0xa, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000100), 0x400, 0x0)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty1\x00', 0xa0000, 0x0)
r3 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100)
copy_file_range$auto(0xffffffffffffffff, 0x0, r3, 0x0, 0xfffbfffffffffff8, 0x7)
prctl$auto(0x3c, 0x1, 0x0, 0x1, 0xfffffffffffffffc)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x7, 0x95f4da0a, 0xffffffffffffffff, 0x8000000000003, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x10, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x10000, 0xbc3, 0x800, 0x3, 0x8, 0xc, 0x400000010003, 0x3, 0x4, 0xfffffffffffffffe, 0x6, 0x9, 0xffffffffffffff81, 0x4]}, 0x0)
close_range$auto(0x2, 0x8, 0x0)
syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff)
madvise$auto(0x0, 0x454, 0x9)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=ANY=[@ANYBLOB="72010000", @ANYRESDEC=r1], 0x1ac}}, 0x0)
socket(0x10, 0x2, 0x0)
sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x6000000, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000002c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

8.647856182s ago: executing program 9 (id=1240):
msgctl$auto_IPC_RMID(0x4, 0x0, 0x0)
mmap$auto(0xb, 0x6, 0x4000000000df, 0x40eb1, 0x401, 0x10000)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card1/pcm1c/sub0/sw_params\x00', 0x183842, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = socketcall$auto(0x8000, 0x0)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_clone(0x80000100, &(0x7f00000001c0)="9ccf6fab2ab3377fc55c574f12c559722c8e89d513fcb51d950484334a6b43b999104166eef980225bb2d9e0b9c1e1842989f2647bd84433af046d305927437b2cd2391b676a68a95555415aa0622b4cb711a91b236fbb014612a8fd8ec19133716043b671ba0a89a0457810caf9960501e51cd02d5db9f1b3f7d6959c2a5d0d17c4165278b1a95c9ed8bc3e2a3f6442e7fed270ce046d8f2631c0d005ae1798c66ff441acc2dac21e5f0f0b70e280702a96524ff42584cd7fc3b4138aeb14d9009d711a02f669edd357402767ed4b6229c0fe1b62982f81596658b769222c63ac5a120da3583ec4cbfd09", 0xeb, &(0x7f0000000100), &(0x7f0000000140), &(0x7f00000002c0)="9b23c36be1bfcc7b4830136d43bd5dfdb5da269b89ab4ebbc710dfd07fc341e1c5fb8b35dcea3cdd5ad363ac6e5dde672d1d3a2a33")
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_KVM_GET_MSRS(0xffffffffffffffff, 0x4400ae8f, 0x0)
r2 = clone$auto(0x2000020003b4a, 0x6, 0x0, 0x0, 0x103)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008012, r3, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
statmount$auto(0x0, &(0x7f0000000040)={0x0, 0x2, 0x5ae, 0x5, 0x7, 0x6, 0x10000, 0x1, 0xa, 0x8, 0x6, 0x9, 0x200005, 0x4, 0x1ff, 0x2, 0x8, 0x10000, 0x0, 0x6, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, [0x80, 0x0, 0x0, 0x400000000, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0xfffffffffffffffc]}, 0x6, 0x1000000)
bpf$auto(0x12, &(0x7f0000000040)=@link_detach, 0x26)
madvise$auto(0x0, 0xfffffffffffefffd, 0x17)
r4 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x5, 0x3, r2, 0x8001, 0x1)
mount_setattr$auto(r1, &(0x7f00000000c0)='./file0\x00', 0x101, &(0x7f0000000180)={0x7, 0x0, 0x3, @raw=0x2}, 0x10000)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
write$auto(0x3, 0x0, 0x5c8)
mmap$auto(0x0, 0x5810, 0xffb, 0x8000000008011, 0x3, 0x0)
bind$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x3, @local}, 0x6a)
pread64$auto(0xffffffffffffffff, 0x0, 0x10001, 0x82d)
epoll_ctl$auto(0xffffffffffffffff, 0x0, r4, &(0x7f0000000080)={0x1000, 0x9})
write$auto(r0, 0x0, 0xc)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0xffffffffffffffff, 0x8000000000000000)

7.67788661s ago: executing program 8 (id=1268):
r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001140), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_sync_info_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000100), 0x81, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="030029bd7000fbdbdf253987f1ec08000300", @ANYRES32=r2], 0x24}, 0x1, 0x1400, 0x0, 0x80}, 0x20000084)

7.030566324s ago: executing program 8 (id=1269):
mmap$auto(0x200, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
set_mempolicy$auto(0x6, 0x0, 0x21)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/igmp6\x00', 0x0, 0x0)
pread64$auto(r0, &(0x7f0000000040)='veth1\x00', 0x200000000006, 0x8)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x40}, 0x6)
unshare$auto(0x40000080)
syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff)
mmap$auto(0x5, 0x400008, 0x8000df, 0x10, 0xffffffffffffffff, 0x7fff)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000001280)='/dev/ptyxd\x00', 0x801, 0x0)
ioctl$auto_TIOCSWINSZ2(r1, 0x5414, &(0x7f00000012c0)="98b78996b3ec")
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x4, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00022abd7000fbdbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYRESDEC=r2], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x404c850}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x1, 0x9}, 0x7}, 0x3, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
unshare$auto(0x40000080)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000980), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_ACT(0xffffffffffffffff, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000080)={0x2c, r3, 0x1, 0x70bd2d, 0x25dfdbff, {}, [@ETHTOOL_A_CABLE_TEST_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'hsr0\x00'}]}]}, 0x2c}}, 0x40000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x3, 0x0)
mmap$auto(0x0, 0x80, 0x4000000000de, 0xeb2, 0xffffffffffffffff, 0x8000)
socket(0x2, 0x2, 0x0)

6.955208117s ago: executing program 0 (id=1270):
socket(0x2, 0x2, 0x1)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0xffffffffffffffff, 0x0, 0x0)
write$auto(0xca, &(0x7f0000000040)='\x04\"\x00\x00\x00\x00\xa6\xb8\xd8\xc6\xb05>ha9\x89|d\x00\x00\x00\x00\x00\x00', 0xd)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000000), 0x141401, 0x0)
socket(0x2, 0x801, 0x106)
socket$nl_generic(0x10, 0x3, 0x10)
timerfd_create$auto(0x9, 0x0)
select$auto(0x80000a, 0x0, &(0x7f0000000100)={[0x20000000000d, 0x203, 0x0, 0xc, 0x5, 0x3, 0x5, 0x2000000000000002, 0x9, 0x8, 0x400000000fb, 0xa, 0x4, 0xaab, 0x5, 0x10000]}, 0x0, 0x0)
sendfile$auto(r0, r0, 0x0, 0x400000000003)
r1 = socket(0x1e, 0x1, 0x0)
mmap$auto(0x0, 0x4020009, 0xde, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r2 = socketcall$auto(0x8000, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$auto(0x3, 0xae60, 0x10000000000402)
ioctl$auto(0x3, 0xae41, r2)
ioctl$auto(0x3, 0xae41, 0x38)
openat$auto_objects_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x480000, 0x0)
ioctl$auto(r2, 0x4020aea4, r1)
bind$auto(r1, &(0x7f0000000040)=@tipc=@nameseq={0x1e, 0x1, 0x3, {0x0, 0x0, 0x2}}, 0x66)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/bus/pci/drivers/mei_me/new_id\x00', 0x34d800, 0x0)
write$auto_ocfs2_control_fops_stack_user(r4, &(0x7f0000003900)='\t', 0x1)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/sunrpc/parameters/pool_mode\x00', 0x181302, 0x0)
sendfile$auto(r5, r5, 0x0, 0x43)
r6 = prctl$auto_PR_SET_MM_START_DATA(0x80aa, 0x3, 0x0, 0x2, 0x4)
ioctl$auto_SOUND_MIXER_INFO2(r6, 0x805c4d65, &(0x7f0000000100)="afe8f496acf7744600713f73cc2638b1d5aa49ed98e56823fc892d3e64f8c71ad5be5a0dcac0a73f656b15837fc0a315757973f338970be55b2a5ff57cb0eb168dae17626deef902fa0ce11d625feda6d9f85cb301ae29b9561f04ef35e61b34f3de6ab11e14750d8aabc37f52dccceba90cd0602ef9d0545dd98a2bec0818589868a072e975ec0c6a2be47585939a1bdef8b34973dafd899db82e89a201")
bind$auto(0x3, 0x0, 0x68)

6.646194399s ago: executing program 5 (id=1271):
mmap$auto(0x0, 0x4020009, 0xdf, 0x40000eb1, 0x401, 0x8000)
clone$auto(0x100000008, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x4000006)
clone$auto(0x1, 0x1, 0x0, 0x0, 0x2)
socket(0xa, 0x5, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/admmidi2\x00', 0x0, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x109401, 0x0)
socket(0x15, 0x5, 0x0)
socket(0xa, 0x1, 0x84)
r1 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
write$auto(0x6, 0x0, 0x100000001)
mmap$auto(0x8, 0x7fffffffffffffff, 0x400006, 0x40eb1, r0, 0x300000000000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/zram-control/hot_remove\x00', 0x8001, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv6/conf/tunl0/disable_policy\x00', 0xd02, 0x0)
read$auto_clear_warn_once_fops_(r1, &(0x7f0000000300)=""/169, 0xa9)
mmap$auto(0x100000001, 0x100, 0x7fffffffffffffff, 0x7fff, 0xffffffffffffffff, 0x2)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xffff}, 0x1, 0x0, 0x0, 0x9}, 0x100007}, 0x3, 0x0)
r2 = socket(0x29, 0x2, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$auto(0x3, 0xaece, 0xffffffffffffffff)
read$auto(0x4, 0x0, 0x1ff)
read$auto(0x4, 0x0, 0xfdef)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x4000}, 0x40000)
ioctl$auto(r2, 0x8b0f, 0x24)
mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000)
close_range$auto(0xffffffffffffffff, 0x8, 0xfffffffe)

6.350919033s ago: executing program 0 (id=1272):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/resume\x00', 0x189002, 0x0)
syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\x84q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa24X@\xadD\xf8\x9d\xf3 \xd2]\xc4\x13G\x1d\x04!\xc1\xeb.e$\xfb\xa3KU\xcf\xc1\x7fFD\x99\xf5v\v\x9dS\xc11P\xa3\xe9\xb0SqL\x85\xea\xb2\x9cY\x83.I\xca\x92\x1c\xc4\x13CV=\x92\x17c\x87iOt\x14On\x15=\v\xf0 \xc5\x8b~\xd6\xd4\xc7\xa3a\x1c\x06\x17\xb3\x88\x8c\xf1L\xba\x89a\xfd\xa5\xc6\x7fU\x00\xe5\x9b', 0x5)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
close_range$auto(0x2, r0, 0xfffffffd)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000001380), 0x0, 0x0)
r2 = io_uring_setup$auto(0x7, 0x0)
read$auto(0x3, 0x0, 0x80)
close_range$auto(r1, 0x5, 0x0)
fanotify_init$auto(0x5, 0x2000000000002)
inotify_init1$auto(0x3000000000000)
socket(0x15, 0x5, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x103042, 0x0)
r3 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, 0x0, 0x1c1041, 0x0)
write$auto(r2, 0x0, 0xc5a6)
syz_genetlink_get_family_id$auto_802_15_4_mac(0x0, 0xffffffffffffffff)
r4 = syz_open_procfs$namespace(0xffffffffffffffff, 0x0)
fchdir$auto(r4)
sendfile$auto(r3, r0, 0x0, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x6, 0x0)
r5 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$auto_VHOST_SET_FEATURES(r5, 0x4008af00, &(0x7f0000000000)=0x200000000)
read$auto(r5, 0x0, 0x3ff)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/fs/xfs/panic_mask\x00', 0xa0202, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0)
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, 0x0, 0x47302, 0x0)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/bonding/num_grat_arp\x00', 0xc8282, 0x0)
sendfile$auto(r6, r6, 0x0, 0x1)

5.849986375s ago: executing program 9 (id=1273):
mmap$auto(0x0, 0x20009, 0x7, 0xeb1, 0x40000000000a5, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
shmctl$auto_SHM_LOCK(0x2, 0xb, &(0x7f0000000200)={{0xc2e, 0xee01, 0xffffffffffffffff, 0x600000, 0x7, 0x339dd76, 0x1000}, 0x6, 0x3, 0x8, 0x0, @inferred=0xffffffffffffffff, @raw=0x4, 0x1000, 0x0, &(0x7f0000000340)="7b5dedbbb82c51e6e65ae40bd85d81b3a7545391ee59a4ea2aaca0ec480370600bd76572405bed8fee7de0cf9426a4ca92c991bd1f047e7a2725ba6020f2f9436d52db515f26e81299032eff6cf6b0f46d4f4cc564ee8db3ef01f76b8d9b37e5e4f9fff2f493c542308923ff9a56c2a2eeb0bb705b9233a0cd43f620b5ef91cd6d79761a159c751286c206d2cb96c4b7ffff3e23de8826c7be8414bd6086bcb9190d5438d0aa840aa79c1f5d0fdf3dc95f8f72ef6bb020", &(0x7f0000000080)="6b41c7d1f4f085fc1a6347e2eb40f9a8cb74dc"})
mmap$auto(0x0, 0x80000001, 0x4000000000df, 0x40eb1, 0x401, 0xffff)
r0 = socket(0x2a, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
msync$auto(0x0, 0x2000000005, 0x6)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
r1 = socket(0xa, 0x3, 0x3b)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/radio28\x00', 0x19800, 0x0)
recvmmsg$auto(r1, 0x0, 0x3, 0x0, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
unshare$auto(0x40000080)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r3 = socket(0x2b, 0x1, 0x0)
ioctl$auto(r3, 0x7, r0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
madvise$auto(0x0, 0x80000000, 0x19)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)=ANY=[@ANYBLOB="0000000091a239f30b33d90c2075426b816b48b3e678c836b944a687c5e47fec5692111db476aad957c626081324204214f059f3bb364003f4571cf32724a2754cd61a97e687f201da1255752d4076b38308fee4781c5737663f8272854b792c2b036ac1b36d27a5ac7edb8899519e7150cd8db2d23c4960fa7978baef", @ANYRES8, @ANYBLOB="010031bd7000fddbdf250c0000000c0003800800038004000580"], 0x20}}, 0x24048084)
madvise$auto(0x0, 0x200007, 0x19)

5.244795403s ago: executing program 0 (id=1274):
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
setsockopt$auto(0xffffffffffffffff, 0x114, 0x8, 0x0, 0x4)
openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/set_event_pid\x00', 0xa0241, 0x0)
mlockall$auto(0x7)
mmap$auto(0x0, 0x40000b, 0xde, 0x9b72, 0xffffffffffffffff, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0)
r0 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64)
fchdir$auto(r0)
mkdir$auto(&(0x7f00000001c0)='./cgroup\x00', 0xa)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/cgroup.type\x00', 0x103042, 0x0)
rmdir$auto(&(0x7f0000000080)='./cgroup\x00')
readv$auto(r1, &(0x7f0000000040)={0x0, 0x3ff}, 0x1)
mkdir$auto(&(0x7f0000000140)='./file0\x00', 0xfffd)
mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x9)
mkdir$auto(&(0x7f0000000000)='./file0/file0\x00', 0x54c)
chdir$auto(&(0x7f0000000180)='./file0\x00')
rename$auto(&(0x7f0000000480)='./file1\x00', &(0x7f0000000040)='./file0/file0\x00')
r2 = gettid()
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14be02, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
getrlimit$auto(0x8, 0x0)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
prctl$auto(0x2f, 0x0, 0x10, 0x0, 0x0)
ioctl$auto_BLKZEROOUT(r3, 0x127f, 0x0)
kill$auto(r2, 0x7)
syz_clone3(&(0x7f0000000380)={0x4081080, 0x0, 0x0, 0x0, {0x37}, 0x0, 0x0, 0x0, 0x0}, 0x58)
sendmsg$auto_IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, 0x0, 0x4000)
ioctl$auto_CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, &(0x7f0000000100)={'\x00', 0x0, 0x6, 0x2, 0x9b3, 0x9, "0200000002000000997e763f222ce1", '\x00', "0001410c", '\x00', ["f5404de9641f0000000060c1", "70d9a9a3af9f39d000000001", "ef5ac4927ad89c5c00"]})
connect$auto(0x3, &(0x7f0000000080)=@qipcrtr={0x2a, 0x3, 0x2}, 0x52)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)

4.162166447s ago: executing program 0 (id=1275):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x80100, 0x0)
ioctl$auto_dvb_demux_fops_dmxdev(r0, 0x6f2d, 0x0) (async)
sendmsg$auto_CGROUPSTATS_CMD_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="13000000", @ANYRES16=0x0, @ANYBLOB="2586f2bd7000fedbdf2504000000080001"], 0x1c}, 0x1, 0x0, 0x0, 0x400c9d0}, 0x4080) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
r1 = socket(0x2a, 0x2, 0x1)
connect$auto(r1, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0xfffffffe}, 0x55) (async)
io_uring_setup$auto(0x1, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07) (async)
getsockopt$auto(0x3, 0x200000000001, 0x1c, 0x0, 0x0)
ioctl$auto_USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, 0x0)
fcntl$auto(0x3, 0x4, 0xa553) (async, rerun: 32)
write$auto(0x3, 0x0, 0xfdef) (async, rerun: 32)
close_range$auto(0x2, 0x8, 0x0)
r2 = socket(0x10, 0x2, 0x14)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000140)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x10095) (async, rerun: 64)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bdi/43:288/max_bytes\x00', 0x82942, 0x0) (rerun: 64)
sendfile$auto(r3, r3, 0x0, 0x441)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$auto_NBD_CMD_RECONFIGURE(r4, &(0x7f0000001900)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000004c0)={0x1c, r5, 0x1, 0x70bd29, 0x25dfdbff, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x8b3c}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x90) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB='r'], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x200440c0) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}}, 0x51) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async, rerun: 64)
r6 = socket(0x10, 0x2, 0xf) (rerun: 64)
r7 = bpf$auto(0x0, &(0x7f0000000080)=@bpf_attr_4={0x1e, r6, 0xffffffff}, 0xd)
bpf$auto(0x2, &(0x7f0000000080)=@iter_create={r7, 0x98}, 0x5)
sendmmsg$auto(r2, &(0x7f0000000080)={{0x0, 0x8001c01, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x1}, 0x7}, 0x3d55, 0x0)

3.7088099s ago: executing program 5 (id=1276):
close_range$auto(0x2, 0xa, 0x0)
socket(0xb, 0x2, 0x0)
r0 = socket(0xa, 0x3, 0x3) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = memfd_secret$auto(0x9)
close_range$auto(0x2, 0x8, 0x0) (async)
socket(0x1f, 0x80002, 0x0) (async)
socket(0x2, 0x80805, 0x0) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
setsockopt$auto(0x3, 0x10000000084, 0x40, 0x0, 0x8)
read$auto_proc_sessionid_operations_base(r1, &(0x7f0000000000)=""/145, 0x91) (async)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x2, 0x0) (async)
socket(0xa, 0x1, 0x6) (async)
socket(0x11, 0x80003, 0x300) (async)
socket(0x10, 0x2, 0x0)
socket(0x2, 0x3, 0x2) (async)
socket$nl_generic(0x10, 0x3, 0x10)
futex$auto(&(0x7f00000000c0)=0x1, 0x8c, 0x1, 0x0, 0x0, 0x1) (async)
r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x101082, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x4) (async)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
ioctl$auto(r2, 0xc0045543, 0xffffffffffffffff) (async)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x40, 0x0)
socketpair$auto(0x3, 0x5, 0x7, 0x0) (async)
connect$auto(r0, 0x0, 0x55)
mmap$auto(0x4, 0xb, 0xdf, 0x9b72, 0x2, 0x8000) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x0)
get_robust_list$auto(0x1, 0xffffffffffffffff, 0x0)

3.406729112s ago: executing program 0 (id=1277):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) (async)
r0 = socket(0x2, 0x2, 0x0) (async)
mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa) (async)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) (async)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000580)='nfsd\x00\xee\x1a\x8fg\x1b\x04\xad>\x96\xe9IG\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\t\xf8p\xc6\x00\x00\x00\x00\xb9\xac\xde\x0e\x90\x18\xf1\x13I\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd\x14\x81\xbe\xab\xed\xd5MI\x830_\xc2\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xees\xf0\xc2\xad\xae\x99\xeb\xc5\xf0\"\x92\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9\xe8\xb2\x05\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14\x94o\x1b[\xa8]\x9b\x03\x95\xc3\xad\xad\x1d#oi|\x04\x93N\xfa\x17\xf3b\xf6E*\xc9\xdd.q\xdbAX\xf6\xfaD\xcdz\xbc~\xf30LE\xb5\x18Wf\xd3\x9b\\\x1c\xbb^\xfb9\xe5\x1b:\xa4\xdd\x81\x91\\\xbc\x1fUl\xfa)\xbf\x9dPV\xae\xa9\x9c)\x01|\xfe\xd0!Rx\a\xc4\xb1$\x8eE\xc2j\x83sLS\xa8H\xf6\xf2,R\x90:\x8fx\xab\x90\xfe$h\x80!\xe2\nY#\xee\x1b}O=\x8bn\xd7zZ\x18\xa7\x9e~\x94k\x8e\xdba\xf2\xc3G\x8egR3\x1d\x01J\x87\x14(}\f\xb1}%N|z,\xbe\x1fB\xd3\xeb\xec\x83X\x8f\x97\x95\xfd\xed\xe6wt\x1d\xb3\xa8\xfb)L~}\x9f\xbf\xd0\xc9\x9d\x82-C\xc3Ez@\x8c\xbf\xa2 \x88\\\r6M\x83', 0x4, 0x0) (async)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x7, 0x0) (async)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) (async)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/dummy_udc.3/udc/dummy_udc.3/state\x00', 0x349102, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000100)=""/4096, 0x1000) (async)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (async)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x80a, 0x0)
mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, r1, 0x8000) (async)
madvise$auto(0x0, 0xffffffffffff0005, 0x17) (async)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/fs/jfs/TxAnchor\x00', 0x80000, 0x0) (async)
write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) (async)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300004000000)
socket(0xa, 0x3, 0x3b) (async)
connect$auto(0x3, &(0x7f0000000000)=@generic={0x20, "0006945ee35cac7ed700"}, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
recvmmsg$auto(0xffffffffffffffff, 0x0, 0x34, 0x0, 0x0) (async)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) (async)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x500, 0x0) (async)
close_range$auto(0x2, 0xa, 0x0) (async)
socket(0xa, 0x2, 0x0)
r2 = socket(0x22, 0x3, 0xff)
connect$auto(r2, &(0x7f00000018c0)=@generic={0xa}, 0x55) (async)
sendmmsg$auto(r0, 0x0, 0x3, 0x7fffffe) (async)
write$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f0000001680), 0x0) (async)
syz_clone3(0x0, 0xfffffffffffffe5e) (async)
madvise$auto(0x1ffff000, 0x7, 0x100000000)

2.319541357s ago: executing program 5 (id=1278):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, r0, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000100)={0x3, 0x0, [{0x4d0, 0x10, 0x1}]})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000200), 0xffffffffffffffff)
r4 = socket(0x2, 0x1, 0x106)
setsockopt$auto(r4, 0x6, 0x17, &(0x7f0000000280)='lp\x00h\x85M\xdf\xdc\x83\x8a\xa7\xe4]U(\x01\t=\x1e\x00\x00', 0x4)
sendmsg$auto_TIPC_NL_BEARER_SET(r2, &(0x7f0000002040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES16=r3, @ANYBLOB="01002dbd700008dbdf251500000004000180"], 0x18}, 0x1, 0x0, 0x0, 0x44}, 0x40044)
mmap$auto(0x0, 0x3, 0x10, 0xeb1, 0x403, 0x8000)
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
pkey_mprotect$auto(0x800000000000, 0xb, 0x6, 0x0)
r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0)
r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000140)='/dev/pts/ptmx\x00', 0x20100, 0x0)
open_by_handle_at$auto(r5, &(0x7f0000000180)={0x1a, 0xfac0, "d2370953f676e6d77777763d34f70b28107a5992fe9dc5d8e3e1"}, 0x3)
ioctl$auto_TCFLSH2(r6, 0x80045439, 0x0)
ioctl$auto_TIOCSETD2(r5, 0x5423, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000010c0), 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETPOLICY(r7, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000001100)={0x1c, r8, 0x301, 0x70bd25, 0x25dfdbff, {}, [@CTRL_ATTR_FAMILY_NAME={0x8, 0x2, '${,\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000800}, 0xc040810)
ioctl$auto(r5, 0x89f3, r5)
ioctl$auto_BLKTRACESETUP32(0xffffffffffffffff, 0xc0401273, &(0x7f00000000c0)={"5e3edcb13449df128a90844543a96660e11100ee65756d955812caeac91661e5", 0x100, 0x0, 0x7, 0x5, 0xfffffffffffffff9, 0xffffffffffffffff})

1.314648468s ago: executing program 0 (id=1279):
openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy0/reset\x00', 0x82, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
ioctl$auto(0xffffffffffffffff, 0x80046f46, 0x38)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
ioctl$auto_FIOASYNC(r0, 0x5452, 0x2)
r1 = openat$auto_fuse_conn_congestion_threshold_ops_control(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
setsockopt$auto_SO_BSDCOMPAT(r1, 0x4a4, 0xe, &(0x7f00000000c0)='$\x00', 0x9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x8, 0x20009, 0x4, 0xeb1, 0x401, 0x8803)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
r2 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408)
write$auto(r2, 0x0, 0xfffffdf1)
linkat$auto(r2, 0x0, 0xffffffffffffff9c, 0x0, 0x1000)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/set_event\x00', 0x44082, 0x0)
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x7, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0xf1, 0x2, 0x8000)
remap_file_pages$auto(0x5, 0x1000, 0x0, 0x8, 0x10007)
ioctl$auto_TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000180)="681d22619b3590c343d201c38088e7d4107e38dd2530d7e75de4d22936676ceef62211a867a06ca4dcfb568c08ae625cd010c5517e1c86d10f96a19131b85856b82cfc17fb0e04af6381ed305dfaa66e5d37123e36ffb2807e1c97e92f05ace013494bab570d4d745ae2db9e35362f8ff030dc91b1894edba1f4c9e7")
getsockopt$auto_SO_RCVTIMEO_NEW(r2, 0x8000, 0x42, &(0x7f0000000000)='%\x00', &(0x7f0000000040)=0x9eaf)
ioctl$auto_SNDRV_PCM_IOCTL_RESET2(0xffffffffffffffff, 0x4141, 0x0)
r3 = userfaultfd$auto(0x1)
close_range$auto(0x2, r3, 0x0)
r4 = openat$auto_lockdown_ops_lockdown(0xffffffffffffff9c, &(0x7f0000000000), 0x1b1040, 0x0)
write$auto(r4, 0x0, 0xffd1)

1.160916438s ago: executing program 8 (id=1280):
mmap$auto(0x2, 0x400008, 0xdf, 0x9b72, 0x2, 0x10000000008000)
mmap$auto(0x9, 0x20009, 0xe2, 0xeb1, 0xf6f6, 0x8000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000)
socket(0x10, 0x2, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
msgctl$auto_IPC_STAT(0x0, 0x2, 0x0)
pread64$auto(0xffffffffffffffff, 0x0, 0x200000000003, 0x2f4a3a23)
read$auto_proc_pid_set_timerslack_ns_operations_base(0xffffffffffffffff, &(0x7f0000000180)=""/18, 0x12)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0)
r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$auto(0x3, 0xae60, 0x10000000000402)
r2 = openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x2482, 0x0)
pread64$auto(r2, 0x0, 0x20000000001, 0x7fff)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x2, 0x0)
writev$auto(r3, 0x0, 0x3)
process_madvise$auto_MADV_RANDOM(r1, 0x0, 0xfffffffffffffffb, 0x1, 0xfffffffe)
ioctl$auto(0x3, 0x4020afa4, r0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/vm/dirty_bytes\x00', 0x8a042, 0x0)
openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000d00), 0x1, 0x0)
r4 = prctl$auto_PR_SET_SECCOMP(0x16, 0xf555, 0xac, 0x1654, 0xc5d6)
pwrite64$auto(r4, &(0x7f0000000080)='/proc/self/pa\x81\x94\x14\xe7p\x00\x176\x80\x9f\xa6r\xe94\xf5\xf4\x03\x03\xf4\xaeH\x8e\xeaS\x9a\xbc\xd4\xe5\xea}\xdd\x89\xba\x13\x8e\xda\xa7\x1a^*q\xe7\a\x81\b\xb0\x0f\xfa\xdb\xf0B!\x81\xf9\xe9\xecf#J\xae\xb2\xff\a\xceQ\x92\xef\x1d\x81\x9d\x83\xf1xG\xb4\xef\x94%~\x11_6u\x01\xc3\xf6\xe9f\x86\xcb0\x99}\x19\xbb7\xd0\x8dr9g\xa2)y\xa57\x99\xf0H>\x9f2\xa2\x82\xfd\nUOQ\xb1\xc2E\xd9\xdbc\x053', 0x1, 0x2)
r5 = socket(0x29, 0x2, 0x0)
sendfile$auto(r5, 0x3, 0x0, 0x40)

265.419334ms ago: executing program 9 (id=1281):
alarm$auto(0x81)
fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d)
rename$auto(0x0, &(0x7f0000000080)='./file0\x00')
open(0x0, 0x1e9e02, 0x61)
mincore$auto(0x80000000001, 0x2, 0x0)
write$auto(0xca, &(0x7f0000000000)='\x04\x1d\x19\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa4Cn\xb2./jn>9\xd2\xdb\x88\xf4\x1aVj\x13j\xe1\x96\xf7\xc2\xd3qm\xe6q\xf9\xa6u\x8eZ\x00\xf8*C]\xfd)/\xf3\xa1\x92|\x06|\xd0\x82\x93\xa5\x9a5if\xd0\x8e%g,\xc5\xec\xef\x87\x19\x17\xb0\xe1s\xf6U\xc0\x90r\xc5\xc8H\xa3\x9d\xce\x98\xe7\xb1B:\x179\xdc8\xa8) \x15\xce\xd8\x86\xff-\x80\xf5jMj\xda\x8f\x03EO\xe6\xa4Q\x81+v\xc9\xb8\x00\xcf\x94_\xa7\xadV\xc9\x7f;1R\xa0\x7f\xbe\x1e\x83\an/w[i\th\x9c\xb8\xd1\xed\xba\\\v\xe1\v\x81\xcc\xba\x03-N@ \x14\x1e\n\xe9g\x9fF\x05\xc8\x9f\xe5[\xba\xd2V\x9b\xc1\x9f\xf1%\x9c\xba\xf9\xb4\xa8\xd4\x05G\xf6\x82\xf3m\xe6V\xba\xa0\xf9K\x15\xcc_H\xce\xfd\xe2\x88\"\xe0\xd5Ld\x7f\x1c\x90^\x8d%\xb4', 0x9)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x8a042, 0x0)
socket(0x29, 0x2, 0x0)
mprotect$auto(0x200000000000, 0x806121, 0x8)
set_mempolicy$auto(0x6, 0x0, 0x2)
msgctl$auto_IPC_INFO(0x8, 0x3, 0x0)
statx$auto(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x9, 0x4, &(0x7f00000002c0)={0xffff, 0x7f, 0x401, 0xd76, 0xee00, 0xffffffffffffffff, 0xfff5, 0x1, 0xfffffffffffffff7, 0xfffffffffffff801, 0x3, 0x4, {0x8, 0x79}, {0xfffffffffffffff8, 0x7}, {0x7, 0x7f}, {0x10001, 0x800001}, 0x2, 0x0, 0x8, 0xd7, 0x0, 0x2065, 0x10000, 0x84, 0x7, 0x10003, 0x8, 0x3, [0x9, 0x80000000, 0x6, 0x10000, 0xc, 0x88, 0x8, 0x0, 0x4]})
r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0)
fcntl$auto_F_SETFL(r0, 0x4, 0x0)
ioctl$auto_KVM_GET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee2, &(0x7f00000003c0)={0x5de, 0xee00, 0x2d, 0x3})
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio\x00', 0x2000, 0x0)
r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyra\x00', 0x480800, 0x0)
ioctl$auto_TIOCMGET(r1, 0x5415, &(0x7f0000000440)="e371391a16e0eb3ad762bcb6463c5219967fd0923776830ddc2c4816abbf0134ee0f48ffaa7aedb4c1b1fc651ef6c9b246f31e966fdbef98e88cce29e30a4769f12a50f9ef01d76f489d3fb5b501be1808bb1def84489d1d6c0b8f78c945c6d395dabcfd7c07be14ad54600f1f6dea8f4057f738552a6baefbbc0ae3676cdc72127166e8d7987b50a2c772bd7712cc4cdb59980b9b7d052e2c131b796724b49d1b")

0s ago: executing program 8 (id=1282):
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/vm/dirty_bytes\x00', 0x8a042, 0x0)
r0 = socket(0x29, 0x2, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/node/node0/cpulist\x00', 0x28000, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
bpf$auto_BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=@bpf_attr_7={@start_id=0x7, 0x2, 0x10000, r1}, 0xac)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
sendfile$auto(r0, 0x3, 0x0, 0x40)
r2 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000140), r0)
sendmsg$auto_NFC_CMD_STOP_POLL(r0, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000180)={0xdc, r2, 0x100, 0x70bd29, 0x25dfdbff, {}, [@NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x9ad1}, @NFC_ATTR_LLC_PARAM_LTO={0x5, 0xf, 0x2}, @NFC_ATTR_LLC_PARAM_RW={0x5}, @NFC_ATTR_DEVICE_NAME={0xf, 0x2, '*(*/\\\',@-#!'}, @NFC_ATTR_VENDOR_DATA={0x82, 0x1f, "bfb3aeb63a8c1acc14e06c1650238c32d332906dce387499afd1569c797636f2af75605c3ddabcafd402d4cf73e48c4f60f3935cd834ffaa408267bd02c224bc73b7418fea0c46d5d60374d537527f0d685ef290322df582d3891dbd704e5a5d01a57cc2f29738aa112052c4cba954c6e6c3cec20e17115f63bc3a0d9d71"}, @NFC_ATTR_FIRMWARE_NAME={0x7, 0x14, '#\x17\\'}, @NFC_ATTR_DEVICE_POWERED={0x5, 0xc, 0xc}, @NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x8}, @NFC_ATTR_DEVICE_NAME={0x4}]}, 0xdc}, 0x1, 0x0, 0x0, 0x8400}, 0x20000000)

kernel console output (not intermixed with test programs):

00000000080 RDI: ffffffffffffff9c
[  286.838392][ T8884] RBP: 00007ff831c13f91 R08: 0000000000000000 R09: 0000000000000000
[  286.838406][ T8884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  286.838419][ T8884] R13: 00007ff831de6038 R14: 00007ff831de5fa0 R15: 00007ffc23767db8
[  286.838450][ T8884]  </TASK>
[  287.717988][ T8888] syz.3.593 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  287.774379][ T8888] CPU: 0 UID: 0 PID: 8888 Comm: syz.3.593 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  287.774418][ T8888] Tainted: [L]=SOFTLOCKUP
[  287.774426][ T8888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  287.774440][ T8888] Call Trace:
[  287.774447][ T8888]  <TASK>
[  287.774456][ T8888]  dump_stack_lvl+0x16c/0x1f0
[  287.774509][ T8888]  dump_header+0x101/0x960
[  287.774549][ T8888]  oom_kill_process+0x176/0x910
[  287.774587][ T8888]  out_of_memory+0x350/0x1700
[  287.774629][ T8888]  ? __pfx_out_of_memory+0x10/0x10
[  287.774674][ T8888]  mem_cgroup_out_of_memory+0x118/0x130
[  287.774700][ T8888]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  287.774734][ T8888]  ? do_raw_spin_unlock+0x172/0x230
[  287.774776][ T8888]  try_charge_memcg+0x689/0xd40
[  287.774818][ T8888]  ? __pfx_try_charge_memcg+0x10/0x10
[  287.774853][ T8888]  ? find_held_lock+0x2b/0x80
[  287.774892][ T8888]  ? rcu_read_unlock+0x17/0x60
[  287.774938][ T8888]  obj_cgroup_charge_account+0x292/0x500
[  287.774980][ T8888]  __memcg_slab_post_alloc_hook+0x2e3/0x880
[  287.775023][ T8888]  ? kasan_save_track+0x14/0x30
[  287.775055][ T8888]  kmem_cache_alloc_lru_noprof+0x58f/0x770
[  287.775081][ T8888]  ? alloc_inode+0x64/0x240
[  287.775111][ T8888]  ? __pfx_debugfs_alloc_inode+0x10/0x10
[  287.775146][ T8888]  ? alloc_inode+0x64/0x240
[  287.775169][ T8888]  alloc_inode+0x64/0x240
[  287.775194][ T8888]  new_inode+0x22/0x1c0
[  287.775222][ T8888]  __debugfs_create_file+0x105/0x530
[  287.775265][ T8888]  debugfs_create_file_full+0x41/0x60
[  287.775306][ T8888]  blk_mq_debugfs_register_hctx+0x1f7/0x570
[  287.775335][ T8888]  ? dput.part.0+0xce/0x570
[  287.775363][ T8888]  ? __pfx_blk_mq_debugfs_register_hctx+0x10/0x10
[  287.775394][ T8888]  ? find_held_lock+0x2b/0x80
[  287.775434][ T8888]  ? queue_hctx+0xe4/0x2a0
[  287.775463][ T8888]  blk_mq_debugfs_register+0x1cb/0x2b0
[  287.775502][ T8888]  blk_register_queue+0x1a0/0x4e0
[  287.775539][ T8888]  __add_disk+0x74a/0xf00
[  287.775572][ T8888]  add_disk_fwnode+0x13f/0x5d0
[  287.775604][ T8888]  loop_add+0x903/0xb70
[  287.775640][ T8888]  ? __pfx_loop_add+0x10/0x10
[  287.775694][ T8888]  ? find_held_lock+0x2b/0x80
[  287.775737][ T8888]  loop_control_ioctl+0x13e/0x630
[  287.775773][ T8888]  ? __pfx_loop_control_ioctl+0x10/0x10
[  287.775813][ T8888]  ? __pfx_loop_control_ioctl+0x10/0x10
[  287.775849][ T8888]  __x64_sys_ioctl+0x18e/0x210
[  287.775880][ T8888]  do_syscall_64+0xcd/0xf80
[  287.775919][ T8888]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  287.775944][ T8888] RIP: 0033:0x7f5f9f98f7c9
[  287.775962][ T8888] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  287.775985][ T8888] RSP: 002b:00007f5fa0756038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  287.776007][ T8888] RAX: ffffffffffffffda RBX: 00007f5f9fbe6180 RCX: 00007f5f9f98f7c9
[  287.776023][ T8888] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007
[  287.776037][ T8888] RBP: 00007f5f9fa13f91 R08: 0000000000000000 R09: 0000000000000000
[  287.776052][ T8888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  287.776066][ T8888] R13: 00007f5f9fbe6218 R14: 00007f5f9fbe6180 R15: 00007ffea62cb7c8
[  287.776099][ T8888]  </TASK>
[  287.776107][ T8888] memory: usage 3040kB, limit 3072kB, failcnt 31066
[  289.440362][ T8888] memory+swap: usage 63540kB, limit 9007199254740988kB, failcnt 0
[  289.479341][ T8888] kmem: usage 1388kB, limit 9007199254740988kB, failcnt 0
[  289.544365][ T8888] Memory cgroup stats for /syz3:
[  289.544600][ T8888] cache 1224704
[  289.607789][ T8888] rss 376832
[  289.629944][ T8888] rss_huge 0
[  289.647442][ T8888] shmem 1224704
[  289.665082][ T8888] mapped_file 0
[  289.699159][ T8888] dirty 0
[  289.708949][ T8888] writeback 0
[  289.720240][ T8888] workingset_refault_anon 2904
[  289.746059][ T8888] workingset_refault_file 8722
[  289.776566][ T8888] swap 61919232
[  289.800369][ T8888] swapcached 90112
[  289.811602][ T8888] pgpgin 99678
[  289.834675][ T8869] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20
[  289.900696][ T8888] pgpgout 100287
[  289.915340][ T8888] pgfault 125893
[  289.937291][ T8888] pgmajfault 1339
[  289.986256][ T8888] inactive_anon 770048
[  290.027063][ T8888] active_anon 704512
[  290.055565][ T8888] inactive_file 0
[  290.077805][ T8888] active_file 0
[  290.093634][ T8888] unevictable 0
[  290.137572][ T8888] hierarchical_memory_limit 3145728
[  290.165073][ T8888] hierarchical_memsw_limit 9223372036854771712
[  290.185825][ T8888] total_cache 1224704
[  290.200793][ T8888] total_rss 376832
[  290.210488][ T8888] total_rss_huge 0
[  290.230243][ T8888] total_shmem 1224704
[  290.240374][ T8888] total_mapped_file 0
[  290.255325][ T8888] total_dirty 0
[  290.266465][ T8888] total_writeback 0
[  290.280239][ T8888] total_workingset_refault_anon 2904
[  290.300287][ T8888] total_workingset_refault_file 8722
[  290.316075][ T8888] total_swap 61919232
[  290.330217][ T8888] total_swapcached 90112
[  290.344756][ T8888] total_pgpgin 99678
[  290.358483][ T8888] total_pgpgout 100287
[  290.375152][ T8888] total_pgfault 125893
[  290.388292][ T8888] total_pgmajfault 1339
[  290.402923][ T8888] total_inactive_anon 770048
[  290.416642][ T8888] total_active_anon 704512
[  290.433769][ T8888] total_inactive_file 0
[  290.449203][ T8888] total_active_file 0
[  290.457364][ T8888] total_unevictable 0
[  290.471940][ T8888] anon_cost 0
[  290.481993][ T8888] file_cost 0
[  290.498450][ T8888] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.499,pid=8358,uid=0
[  290.548685][ T8888] Memory cgroup out of memory: Killed process 8358 (syz.3.499) total-vm:104080kB, anon-rss:1172kB, file-rss:55680kB, shmem-rss:0kB, UID:0 pgtables:208kB oom_score_adj:1000
[  291.160889][ T5154] Bluetooth: hci1: unexpected event 0x1d length: 6 > 5
[  292.382168][ T8930] delete_channel: no stack
[  292.456973][ T8923] delete_channel: no stack
[  292.495806][ T8930] syz.1.607 (8930) used greatest stack depth: 19776 bytes left
[  292.616876][ T8923] syz.1.607 (8923) used greatest stack depth: 19648 bytes left
[  293.593557][ T8358] syz.3.499 (8358) used greatest stack depth: 18976 bytes left
[  295.310806][ T8988] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  295.328618][ T8988] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  295.336921][ T8988] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  295.358603][ T8988] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  297.123240][ T8998] input: f�
 as /devices/virtual/input/input21
[  297.160693][ T8996] program syz.3.621 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  297.389697][ T5847] Bluetooth: hci0: command 0x0c1a tx timeout
[  297.395893][ T5845] Bluetooth: hci1: command 0x0c1a tx timeout
[  297.402700][ T5154] Bluetooth: hci3: command 0x0c1a tx timeout
[  297.408844][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout
[  298.853288][ T8996] ubi31: attaching mtd0
[  298.873197][ T8996] ubi31: scanning is finished
[  298.900685][ T8996] ubi31: empty MTD device detected
[  299.564492][ T8996] ubi31 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt31d", error -4
[  299.744150][ T9026] zswap: compressor  not available
[  301.218798][ T9044] FAULT_INJECTION: forcing a failure.
[  301.218798][ T9044] name failslab, interval 1, probability 0, space 0, times 0
[  301.272493][ T9044] CPU: 0 UID: 0 PID: 9044 Comm: syz.2.632 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  301.272531][ T9044] Tainted: [L]=SOFTLOCKUP
[  301.272539][ T9044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  301.272564][ T9044] Call Trace:
[  301.272572][ T9044]  <TASK>
[  301.272581][ T9044]  dump_stack_lvl+0x16c/0x1f0
[  301.272624][ T9044]  should_fail_ex+0x512/0x640
[  301.272662][ T9044]  ? __kvmalloc_node_noprof+0x129/0xa40
[  301.272694][ T9044]  should_failslab+0xc2/0x120
[  301.272727][ T9044]  __kvmalloc_node_noprof+0x14a/0xa40
[  301.272754][ T9044]  ? __pfx_dev_addr_init+0x10/0x10
[  301.272798][ T9044]  ? alloc_netdev_mqs+0xaef/0x1550
[  301.272832][ T9044]  ? alloc_netdev_mqs+0xaef/0x1550
[  301.272861][ T9044]  alloc_netdev_mqs+0xaef/0x1550
[  301.272897][ T9044]  __ip_tunnel_create+0x3ad/0x6b0
[  301.272935][ T9044]  ? __pfx___ip_tunnel_create+0x10/0x10
[  301.272980][ T9044]  ip_tunnel_init_net+0x22f/0x7d0
[  301.273022][ T9044]  ? __pfx_ip_tunnel_init_net+0x10/0x10
[  301.273067][ T9044]  ? trace_kmalloc+0x2b/0xb0
[  301.273100][ T9044]  ? __kmalloc_noprof+0x35d/0x910
[  301.273140][ T9044]  ? __pfx_vti_init_net+0x10/0x10
[  301.273163][ T9044]  vti_init_net+0x2e/0x140
[  301.273187][ T9044]  ops_init+0x1e2/0x5f0
[  301.273220][ T9044]  setup_net+0x11d/0x3a0
[  301.273248][ T9044]  ? __pfx_setup_net+0x10/0x10
[  301.273274][ T9044]  ? lockdep_init_map_type+0x5c/0x270
[  301.273307][ T9044]  ? mutex_init_lockep+0x110/0x150
[  301.273342][ T9044]  copy_net_ns+0x351/0x5d0
[  301.273376][ T9044]  create_new_namespaces+0x3ea/0xab0
[  301.273422][ T9044]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  301.273465][ T9044]  ksys_unshare+0x45b/0xa40
[  301.273492][ T9044]  ? __pfx_ksys_unshare+0x10/0x10
[  301.273520][ T9044]  ? xfd_validate_state+0x61/0x180
[  301.273554][ T9044]  __x64_sys_unshare+0x31/0x40
[  301.273581][ T9044]  do_syscall_64+0xcd/0xf80
[  301.273620][ T9044]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  301.273653][ T9044] RIP: 0033:0x7f3bccd8f7c9
[  301.273672][ T9044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  301.273696][ T9044] RSP: 002b:00007f3bcdd0b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  301.273718][ T9044] RAX: ffffffffffffffda RBX: 00007f3bccfe5fa0 RCX: 00007f3bccd8f7c9
[  301.273734][ T9044] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  301.273748][ T9044] RBP: 00007f3bcce13f91 R08: 0000000000000000 R09: 0000000000000000
[  301.273763][ T9044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  301.273777][ T9044] R13: 00007f3bccfe6038 R14: 00007f3bccfe5fa0 R15: 00007ffdabb5cce8
[  301.273809][ T9044]  </TASK>
[  302.346147][ T9053] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input22
[  303.128443][ T9060] zswap: compressor  not available
[  303.872265][ T9086] netlink: 5380 bytes leftover after parsing attributes in process `syz.0.641'.
[  304.293599][ T9091] netlink: 4 bytes leftover after parsing attributes in process `syz.3.642'.
[  304.408809][ T9091] openvswitch: netlink: Geneve opt len 2 is not a multiple of 4.
[  304.745028][ T9106] netlink: 4 bytes leftover after parsing attributes in process `syz.1.645'.
[  304.924838][ T9082] kexec: Could not allocate control_code_buffer
[  306.313204][ T9146] netlink: 'syz.2.653': attribute type 1 has an invalid length.
[  306.355483][ T9146] netlink: 334 bytes leftover after parsing attributes in process `syz.2.653'.
[  307.332003][ T9153] netlink: 330 bytes leftover after parsing attributes in process `syz.2.655'.
[  308.967636][ T5852] Bluetooth: hci0: SCO packet too small
[  310.962410][ T9194] netlink: 342 bytes leftover after parsing attributes in process `syz.2.665'.
[  311.098726][ T9194] binder: BINDER_SET_CONTEXT_MGR already set
[  311.129955][ T9194] binder: 9193:9194 ioctl 4018620d 9 returned -16
[  312.035687][ T9213] random: crng reseeded on system resumption
[  312.109025][ T9213] hub 1-0:1.0: USB hub found
[  312.136362][ T9213] hub 1-0:1.0: 1 port detected
[  312.184996][ T9214] Restarting kernel threads ...
[  312.208159][ T9214] Done restarting kernel threads.
[  312.251287][ T9213] Restarting kernel threads ...
[  312.277230][ T9213] Done restarting kernel threads.
[  314.353759][ T5852] Bluetooth: hci1: unexpected event 0x1d length: 6 > 5
[  314.426146][ T9233] zswap: compressor  not available
[  314.459172][   T30] audit: type=1800 audit(4294967423.696:38): pid=9242 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.674" name="dbroot" dev="configfs" ino=26157 res=0 errno=0
[  314.850709][ T9227] random: crng reseeded on system resumption
[  316.181165][ T9265] zswap: compressor 000 not available
[  318.542935][ T9292] __vm_enough_memory: pid: 9292, comm: syz.3.683, bytes: 4398046511104 not enough memory for the allocation
[  318.740670][ T5852] Bluetooth: hci2: unexpected event 0x1d length: 6 > 5
[  319.545099][ T9302] Console: switching to colour frame buffer device 128x48
[  320.211034][   T30] audit: type=1800 audit(4294967429.456:39): pid=9312 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.688" name="SYSV00010001" dev="tmpfs" ino=0 res=0 errno=0
[  321.400327][ T5852] Bluetooth: hci0: unexpected subevent 0x01 length: 122 > 18
[  321.408135][ T5852] Bluetooth: hci0: Invalid handle: 0x3a4a > 0x0eff
[  321.819324][ T5852] Bluetooth: hci1: unexpected event 0x1d length: 6 > 5
[  323.326422][ T5852] Bluetooth: hci2: unexpected event 0x1d length: 6 > 5
[  323.552208][ T9342] Unable to find swap-space signature
[  327.422168][ T9383] zswap: compressor 000 not available
[  327.625011][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  327.631466][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  327.814204][ T9430] syz.0.710 (9430) used obsolete PPPIOCDETACH ioctl
[  331.909458][ T9574] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23
[  332.468268][ T9600] hub 1-0:1.0: USB hub found
[  332.513146][ T9600] hub 1-0:1.0: 1 port detected
[  332.625872][ T9607] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(4.128.4294967291), cmd(3)
[  333.699535][ T9623] zswap: compressor  not available
[  334.631233][ T5852] Bluetooth: hci3: unexpected event 0x1d length: 6 > 5
[  335.951660][ T9689] netlink: 302 bytes leftover after parsing attributes in process `syz.3.732'.
[  336.788401][ T9728] random: crng reseeded on system resumption
[  336.849121][ T9737] device-mapper: ioctl: Invalid ioctl structure: uuid �, name , dev 400000000
[  337.083376][ T9745] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(4.128.4294967291), cmd(3)
[  339.214061][ T9785] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  340.792896][ T9815] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24
[  340.813086][ T9813] FAULT_INJECTION: forcing a failure.
[  340.813086][ T9813] name fail_futex, interval 1, probability 0, space 0, times 0
[  340.875934][ T9813] CPU: 0 UID: 0 PID: 9813 Comm: syz.1.744 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  340.875974][ T9813] Tainted: [L]=SOFTLOCKUP
[  340.875982][ T9813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  340.875998][ T9813] Call Trace:
[  340.876005][ T9813]  <TASK>
[  340.876014][ T9813]  dump_stack_lvl+0x16c/0x1f0
[  340.876055][ T9813]  should_fail_ex+0x512/0x640
[  340.876098][ T9813]  get_futex_key+0x1d0/0x15f0
[  340.876136][ T9813]  ? __pfx_get_futex_key+0x10/0x10
[  340.876179][ T9813]  futex_wake+0xea/0x530
[  340.876203][ T9813]  ? kasan_quarantine_put+0x10a/0x240
[  340.876234][ T9813]  ? __pfx_futex_wake+0x10/0x10
[  340.876261][ T9813]  ? putname+0xf5/0x1a0
[  340.876304][ T9813]  do_futex+0x1e3/0x350
[  340.876340][ T9813]  ? __pfx_do_futex+0x10/0x10
[  340.876384][ T9813]  __x64_sys_futex+0x1e0/0x4c0
[  340.876422][ T9813]  ? __x64_sys_openat+0x174/0x210
[  340.876449][ T9813]  ? __pfx___x64_sys_futex+0x10/0x10
[  340.876496][ T9813]  do_syscall_64+0xcd/0xf80
[  340.876536][ T9813]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.876560][ T9813] RIP: 0033:0x7f162038f7c9
[  340.876578][ T9813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  340.876602][ T9813] RSP: 002b:00007f161e5ee0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  340.876625][ T9813] RAX: ffffffffffffffda RBX: 00007f16205e5fa8 RCX: 00007f162038f7c9
[  340.876641][ T9813] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f16205e5fac
[  340.876656][ T9813] RBP: 00007f16205e5fa0 R08: 00007f16201f8000 R09: 0000000000000000
[  340.876672][ T9813] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000
[  340.876697][ T9813] R13: 00007f16205e6038 R14: 00007fff28da2320 R15: 00007fff28da2408
[  340.876728][ T9813]  </TASK>
[  341.735514][ T9817] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input25
[  344.038633][ T9902] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  345.464044][ T9926] FAULT_INJECTION: forcing a failure.
[  345.464044][ T9926] name fail_futex, interval 1, probability 0, space 0, times 0
[  345.488960][ T9926] CPU: 0 UID: 0 PID: 9926 Comm: syz.0.756 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  345.488999][ T9926] Tainted: [L]=SOFTLOCKUP
[  345.489007][ T9926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  345.489021][ T9926] Call Trace:
[  345.489028][ T9926]  <TASK>
[  345.489037][ T9926]  dump_stack_lvl+0x16c/0x1f0
[  345.489080][ T9926]  should_fail_ex+0x512/0x640
[  345.489123][ T9926]  get_futex_key+0x1d0/0x15f0
[  345.489161][ T9926]  ? __pfx_get_futex_key+0x10/0x10
[  345.489204][ T9926]  futex_wake+0xea/0x530
[  345.489228][ T9926]  ? kasan_quarantine_put+0x10a/0x240
[  345.489265][ T9926]  ? __pfx_futex_wake+0x10/0x10
[  345.489292][ T9926]  ? putname+0xf5/0x1a0
[  345.489336][ T9926]  do_futex+0x1e3/0x350
[  345.489372][ T9926]  ? __pfx_do_futex+0x10/0x10
[  345.489416][ T9926]  __x64_sys_futex+0x1e0/0x4c0
[  345.489454][ T9926]  ? __x64_sys_openat+0x174/0x210
[  345.489481][ T9926]  ? __pfx___x64_sys_futex+0x10/0x10
[  345.489530][ T9926]  do_syscall_64+0xcd/0xf80
[  345.489569][ T9926]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  345.489595][ T9926] RIP: 0033:0x7ff831b8f7c9
[  345.489613][ T9926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  345.489637][ T9926] RSP: 002b:00007ff832ac70e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  345.489659][ T9926] RAX: ffffffffffffffda RBX: 00007ff831de5fa8 RCX: 00007ff831b8f7c9
[  345.489675][ T9926] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007ff831de5fac
[  345.489690][ T9926] RBP: 00007ff831de5fa0 R08: 00007ff832ac8000 R09: 0000000000000000
[  345.489705][ T9926] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000
[  345.489719][ T9926] R13: 00007ff831de6038 R14: 00007ffc23767cd0 R15: 00007ffc23767db8
[  345.489749][ T9926]  </TASK>
[  346.937589][ T9963] netlink: 16 bytes leftover after parsing attributes in process `syz.0.760'.
[  347.504442][ T5852] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[  347.818357][ T9972] zswap: compressor  not available
[  348.277882][ T5852] Bluetooth: hci3: unexpected event 0x1d length: 6 > 5
[  348.420477][ T9987] zswap: compressor  not available
[  349.449250][T10016] FAULT_INJECTION: forcing a failure.
[  349.449250][T10016] name fail_futex, interval 1, probability 0, space 0, times 0
[  349.479453][T10016] CPU: 0 UID: 0 PID: 10016 Comm: syz.0.770 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  349.479493][T10016] Tainted: [L]=SOFTLOCKUP
[  349.479501][T10016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  349.479516][T10016] Call Trace:
[  349.479524][T10016]  <TASK>
[  349.479533][T10016]  dump_stack_lvl+0x16c/0x1f0
[  349.479575][T10016]  should_fail_ex+0x512/0x640
[  349.479612][T10016]  ? __schedule+0x114c/0x6150
[  349.479648][T10016]  get_futex_key+0x1d0/0x15f0
[  349.479689][T10016]  ? __pfx_get_futex_key+0x10/0x10
[  349.479733][T10016]  futex_wait_setup+0x9d/0x570
[  349.479766][T10016]  __futex_wait+0x193/0x2f0
[  349.479791][T10016]  ? __pfx___futex_wait+0x10/0x10
[  349.479824][T10016]  ? __pfx_futex_wake_mark+0x10/0x10
[  349.479852][T10016]  ? futex_hash+0x2c5/0x380
[  349.479898][T10016]  ? futex_private_hash_put+0x160/0x1b0
[  349.479936][T10016]  futex_wait+0xe8/0x380
[  349.479962][T10016]  ? __pfx_futex_wait+0x10/0x10
[  349.479984][T10016]  ? shmctl_stat+0x4f6/0x720
[  349.480025][T10016]  ? ksys_shmctl.constprop.0+0x1d4/0x380
[  349.480051][T10016]  ? vfs_fstat+0xc9/0xe0
[  349.480077][T10016]  do_futex+0x229/0x350
[  349.480113][T10016]  ? __pfx_do_futex+0x10/0x10
[  349.480147][T10016]  ? __pfx___do_sys_newfstatat+0x10/0x10
[  349.480172][T10016]  ? __pfx___do_sys_wait4+0x10/0x10
[  349.480210][T10016]  __x64_sys_futex+0x1e0/0x4c0
[  349.480250][T10016]  ? __pfx___x64_sys_futex+0x10/0x10
[  349.480298][T10016]  do_syscall_64+0xcd/0xf80
[  349.480338][T10016]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.480363][T10016] RIP: 0033:0x7ff831b8f7c9
[  349.480382][T10016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  349.480406][T10016] RSP: 002b:00007ff832ac70e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  349.480429][T10016] RAX: ffffffffffffffda RBX: 00007ff831de5fa8 RCX: 00007ff831b8f7c9
[  349.480445][T10016] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007ff831de5fa8
[  349.480459][T10016] RBP: 00007ff831de5fa0 R08: 0000000000000000 R09: 0000000000000000
[  349.480474][T10016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  349.480488][T10016] R13: 00007ff831de6038 R14: 00007ffc23767cd0 R15: 00007ffc23767db8
[  349.480519][T10016]  </TASK>
[  351.467073][ T5852] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[  355.025838][T10184] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input26
[  355.702513][ T5852] Bluetooth: hci2: unexpected event 0x1d length: 6 > 5
[  355.775445][T10186] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input27
[  357.273911][T10282] netlink: 4 bytes leftover after parsing attributes in process `syz.1.791'.
[  357.346907][T10280] ovs_����?: entered promiscuous mode
[  358.918777][ T5852] Bluetooth: hci1: unexpected event 0x1d length: 6 > 5
[  358.964987][ T5852] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[  360.429050][ T8984] syz.3.615 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  360.693997][ T8984] CPU: 0 UID: 0 PID: 8984 Comm: syz.3.615 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  360.694038][ T8984] Tainted: [L]=SOFTLOCKUP
[  360.694047][ T8984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  360.694061][ T8984] Call Trace:
[  360.694068][ T8984]  <TASK>
[  360.694076][ T8984]  dump_stack_lvl+0x16c/0x1f0
[  360.694119][ T8984]  dump_header+0x101/0x960
[  360.694157][ T8984]  oom_kill_process+0x176/0x910
[  360.694194][ T8984]  out_of_memory+0x350/0x1700
[  360.694234][ T8984]  ? __pfx_out_of_memory+0x10/0x10
[  360.694277][ T8984]  mem_cgroup_out_of_memory+0x118/0x130
[  360.694304][ T8984]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  360.694336][ T8984]  ? do_raw_spin_unlock+0x172/0x230
[  360.694377][ T8984]  try_charge_memcg+0x689/0xd40
[  360.694417][ T8984]  ? __pfx_try_charge_memcg+0x10/0x10
[  360.694451][ T8984]  ? __print_lock_name+0x91/0xe0
[  360.694489][ T8984]  ? rcu_read_unlock+0x17/0x60
[  360.694532][ T8984]  charge_memcg+0x8a/0x230
[  360.694579][ T8984]  __mem_cgroup_charge+0x2b/0x1e0
[  360.694618][ T8984]  shmem_alloc_and_add_folio+0x50c/0xc20
[  360.694751][ T8984]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  360.694789][ T8984]  ? shmem_allowable_huge_orders+0xd4/0x3f0
[  360.694833][ T8984]  shmem_get_folio_gfp+0x67f/0x1610
[  360.694876][ T8984]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  360.694924][ T8984]  shmem_write_begin+0x160/0x300
[  360.694964][ T8984]  ? __pfx_shmem_write_begin+0x10/0x10
[  360.695001][ T8984]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1260
[  360.695029][ T8984]  ? lockdep_hardirqs_on+0x7c/0x110
[  360.695069][ T8984]  generic_perform_write+0x3c4/0x900
[  360.695110][ T8984]  ? __pfx_generic_perform_write+0x10/0x10
[  360.695146][ T8984]  ? file_update_time_flags+0x35c/0x520
[  360.695173][ T8984]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  360.695197][ T8984]  shmem_file_write_iter+0x10e/0x140
[  360.695224][ T8984]  __kernel_write_iter+0x31a/0xb10
[  360.695260][ T8984]  ? __pfx___kernel_write_iter+0x10/0x10
[  360.695292][ T8984]  ? __up_read+0x2d1/0x700
[  360.695330][ T8984]  ? dump_user_range+0x756/0xb70
[  360.695372][ T8984]  dump_user_range+0x413/0xb70
[  360.695414][ T8984]  ? __pfx_dump_user_range+0x10/0x10
[  360.695451][ T8984]  ? elf_coredump_extra_notes_write+0xbd/0x4f0
[  360.695487][ T8984]  ? __pfx_writenote+0x10/0x10
[  360.695534][ T8984]  elf_core_dump+0x29c3/0x3c10
[  360.695572][ T8984]  ? __pfx_elf_core_dump+0x10/0x10
[  360.695592][ T8984]  ? kasan_save_stack+0x33/0x60
[  360.695619][ T8984]  ? kasan_save_track+0x14/0x30
[  360.695651][ T8984]  ? __kasan_kmalloc+0xaa/0xb0
[  360.695677][ T8984]  ? __kvmalloc_node_noprof+0x3ac/0xa40
[  360.695704][ T8984]  ? vfs_coredump+0x1dd9/0x55e0
[  360.695739][ T8984]  ? arch_do_signal_or_restart+0x8f/0x7a0
[  360.695775][ T8984]  ? irqentry_exit+0x38a/0x8c0
[  360.695810][ T8984]  ? asm_exc_page_fault+0x26/0x30
[  360.695841][ T8984]  ? 0xffffffffff600000
[  360.695912][ T8984]  ? vfs_coredump+0x2b85/0x55e0
[  360.695947][ T8984]  vfs_coredump+0x2b85/0x55e0
[  360.695994][ T8984]  ? __pfx_vfs_coredump+0x10/0x10
[  360.696032][ T8984]  ? __lock_acquire+0x433/0x22f0
[  360.696061][ T8984]  ? lock_acquire+0x179/0x330
[  360.696098][ T8984]  ? lock_acquire+0x179/0x330
[  360.696134][ T8984]  ? lock_acquire+0x179/0x330
[  360.696182][ T8984]  ? arch_stack_walk+0xa6/0x100
[  360.696226][ T8984]  ? stack_trace_save+0x8e/0xc0
[  360.696256][ T8984]  ? __pfx_stack_trace_save+0x10/0x10
[  360.696285][ T8984]  ? stack_depot_save_flags+0x29/0x9b0
[  360.696330][ T8984]  ? kasan_save_stack+0x42/0x60
[  360.696407][ T8984]  ? proc_coredump_connector+0x2d1/0x4f0
[  360.696442][ T8984]  ? __pfx_proc_coredump_connector+0x10/0x10
[  360.696484][ T8984]  ? rcu_is_watching+0x12/0xc0
[  360.696514][ T8984]  get_signal+0x22e1/0x26d0
[  360.696546][ T8984]  ? __pfx_force_sig_fault+0x10/0x10
[  360.696586][ T8984]  ? __pfx_get_signal+0x10/0x10
[  360.696608][ T8984]  ? find_held_lock+0x2b/0x80
[  360.696651][ T8984]  ? fixup_vdso_exception+0x34b/0x400
[  360.696694][ T8984]  arch_do_signal_or_restart+0x8f/0x7a0
[  360.696733][ T8984]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  360.696777][ T8984]  ? rcu_is_watching+0x12/0xc0
[  360.696809][ T8984]  irqentry_exit+0x38a/0x8c0
[  360.696850][ T8984]  asm_exc_page_fault+0x26/0x30
[  360.696874][ T8984] RIP: 0033:0x0
[  360.696890][ T8984] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[  360.696901][ T8984] RSP: 002b:000000000000000e EFLAGS: 00010217
[  360.696921][ T8984] RAX: 0000000000000000 RBX: 00007f5f9fbe5fa0 RCX: 00007f5f9f98f7c9
[  360.696936][ T8984] RDX: 0000200000000080 RSI: 0000000000000006 RDI: 0000000000000004
[  360.696950][ T8984] RBP: 00007f5f9fa13f91 R08: 0000000000001000 R09: 0000000000000000
[  360.696965][ T8984] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000000
[  360.696979][ T8984] R13: 00007f5f9fbe6038 R14: 00007f5f9fbe5fa0 R15: 00007ffea62cb7c8
[  360.697013][ T8984]  </TASK>
[  360.697023][ T8984] memory: usage 3072kB, limit 3072kB, failcnt 61676
[  361.748112][ T8984] memory+swap: usage 94660kB, limit 9007199254740988kB, failcnt 0
[  361.813586][ T8984] kmem: usage 2172kB, limit 9007199254740988kB, failcnt 0
[  361.854795][ T8984] Memory cgroup stats for /syz3:
[  361.855045][ T8984] cache 4096
[  361.895795][ T8984] rss 0
[  361.898602][ T8984] rss_huge 0
[  361.933550][ T8984] shmem 0
[  361.951010][ T8984] mapped_file 0
[  361.954511][ T8984] dirty 0
[  361.982178][ T8984] writeback 0
[  362.018815][ T8984] workingset_refault_anon 4484
[  362.037831][ T8984] workingset_refault_file 17054
[  362.043600][ T5852] Bluetooth: hci2: Received unexpected HCI Event 0x00
[  362.069405][ T8984] swap 93786112
[  362.086044][ T8984] swapcached 917504
[  362.109791][ T8984] pgpgin 146945
[  362.129871][ T8984] pgpgout 148253
[  362.154026][ T8984] pgfault 144701
[  362.178367][ T8984] pgmajfault 2172
[  362.187720][ T8984] inactive_anon 917504
[  362.215712][ T8984] active_anon 0
[  362.219248][ T8984] inactive_file 0
[  362.239706][ T8984] active_file 4096
[  362.249153][ T8984] unevictable 0
[  362.276222][ T8984] hierarchical_memory_limit 3145728
[  362.316343][ T8984] hierarchical_memsw_limit 9223372036854771712
[  362.334341][ T8984] total_cache 4096
[  362.338141][ T8984] total_rss 0
[  362.370775][ T8984] total_rss_huge 0
[  362.374580][ T8984] total_shmem 0
[  362.378201][ T8984] total_mapped_file 0
[  362.409343][ T8984] total_dirty 0
[  362.425198][ T8984] total_writeback 0
[  362.460241][ T8984] total_workingset_refault_anon 4484
[  362.465589][ T8984] total_workingset_refault_file 17054
[  362.505425][ T8984] total_swap 93786112
[  362.505514][ T8984] total_swapcached 917504
[  362.505524][ T8984] total_pgpgin 146945
[  362.505534][ T8984] total_pgpgout 148253
[  362.505544][ T8984] total_pgfault 144701
[  362.505553][ T8984] total_pgmajfault 2172
[  362.505563][ T8984] total_inactive_anon 917504
[  362.505574][ T8984] total_active_anon 0
[  362.505583][ T8984] total_inactive_file 0
[  362.505593][ T8984] total_active_file 4096
[  362.505603][ T8984] total_unevictable 0
[  362.505612][ T8984] anon_cost 0
[  362.505621][ T8984] file_cost 0
[  362.505632][ T8984] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.615,pid=8984,uid=0
[  362.505953][ T8984] Memory cgroup out of memory: Killed process 8984 (syz.3.615) total-vm:135196kB, anon-rss:1268kB, file-rss:54928kB, shmem-rss:0kB, UID:0 pgtables:276kB oom_score_adj:1000
[  364.840661][T10404] zswap: compressor  not available
[  365.025773][T10384] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  365.099801][T10384] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  365.140886][T10384] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  365.170517][T10384] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  365.831610][T10427] netlink: 'syz.2.811': attribute type 6 has an invalid length.
[  365.881613][T10427] netlink: 13 bytes leftover after parsing attributes in process `syz.2.811'.
[  366.504223][T10438] netlink: 8 bytes leftover after parsing attributes in process `syz.1.815'.
[  367.060407][ T5852] Bluetooth: hci0: command 0x0c1a tx timeout
[  367.141893][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout
[  367.220243][ T5154] Bluetooth: hci2: command 0x0c1a tx timeout
[  367.229775][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout
[  367.887258][ T5852] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[  368.522499][ T8984] syz.3.615 (8984) used greatest stack depth: 18824 bytes left
[  369.807426][T10501] netlink: 4 bytes leftover after parsing attributes in process `syz.3.830'.
[  369.889729][T10501] netlink: 13 bytes leftover after parsing attributes in process `syz.3.830'.
[  371.676345][ T5852] Bluetooth: hci1: unexpected event 0x1d length: 6 > 5
[  374.210956][T10781] bond0: option all_slaves_active: invalid value (15)
[  375.136148][T10842] futex_wake_op: syz.0.845 tries to shift op by -2048; fix this program
[  375.157877][T10842] futex_wake_op: syz.0.845 tries to shift op by -2048; fix this program
[  375.183553][T10842] 0x000000000001-0x000000020000 : ""
[  375.216970][T10842] ftl_cs: FTL header corrupt!
[  375.702318][ T5852] Bluetooth: hci1: unexpected event 0x1d length: 6 > 5
[  375.729102][T10871] FAULT_INJECTION: forcing a failure.
[  375.729102][T10871] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  375.801709][T10871] CPU: 0 UID: 0 PID: 10871 Comm: syz.1.847 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  375.801758][T10871] Tainted: [L]=SOFTLOCKUP
[  375.801766][T10871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  375.801779][T10871] Call Trace:
[  375.801787][T10871]  <TASK>
[  375.801795][T10871]  dump_stack_lvl+0x16c/0x1f0
[  375.801835][T10871]  should_fail_ex+0x512/0x640
[  375.801884][T10871]  should_fail_alloc_page+0xe7/0x130
[  375.801925][T10871]  prepare_alloc_pages+0x401/0x670
[  375.801956][T10871]  ? kmem_cache_alloc_lru_noprof+0x2b3/0x770
[  375.801979][T10871]  ? rcu_is_watching+0x12/0xc0
[  375.802006][T10871]  __alloc_frozen_pages_noprof+0x18b/0x2430
[  375.802036][T10871]  ? __lock_acquire+0x433/0x22f0
[  375.802065][T10871]  ? css_rstat_updated+0x1c2/0x510
[  375.802104][T10871]  ? __pfx_css_rstat_updated+0x10/0x10
[  375.802134][T10871]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  375.802162][T10871]  ? rcu_is_watching+0x12/0xc0
[  375.802184][T10871]  ? mod_memcg_lruvec_state+0x381/0x5f0
[  375.802217][T10871]  ? __lock_acquire+0x433/0x22f0
[  375.802247][T10871]  ? __lock_acquire+0x433/0x22f0
[  375.802274][T10871]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  375.802303][T10871]  ? policy_nodemask+0xea/0x4e0
[  375.802336][T10871]  alloc_pages_mpol+0x1fb/0x550
[  375.802369][T10871]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  375.802398][T10871]  ? find_held_lock+0x2b/0x80
[  375.802435][T10871]  ? filemap_get_entry+0x1a7/0x3b0
[  375.802476][T10871]  folio_alloc_noprof+0x1e/0xd0
[  375.802511][T10871]  filemap_alloc_folio_noprof.part.0+0x39d/0x470
[  375.802539][T10871]  ? filemap_add_folio+0x110/0x610
[  375.802576][T10871]  ? __pfx_filemap_alloc_folio_noprof.part.0+0x10/0x10
[  375.802613][T10871]  __filemap_get_folio_mpol+0x610/0xc60
[  375.802659][T10871]  ioctx_alloc+0x771/0x2110
[  375.802694][T10871]  ? __pfx_ioctx_alloc+0x10/0x10
[  375.802713][T10871]  ? __might_fault+0x13b/0x190
[  375.802757][T10871]  __x64_sys_io_setup+0xc9/0x210
[  375.802782][T10871]  do_syscall_64+0xcd/0xf80
[  375.802821][T10871]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.802846][T10871] RIP: 0033:0x7f162038f7c9
[  375.802864][T10871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  375.802887][T10871] RSP: 002b:00007f161e5ee038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[  375.802914][T10871] RAX: ffffffffffffffda RBX: 00007f16205e5fa0 RCX: 00007f162038f7c9
[  375.802929][T10871] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000fff4
[  375.802944][T10871] RBP: 00007f1620413f91 R08: 0000000000000000 R09: 0000000000000000
[  375.802957][T10871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  375.802971][T10871] R13: 00007f16205e6038 R14: 00007f16205e5fa0 R15: 00007fff28da2408
[  375.803002][T10871]  </TASK>
[  376.313707][ T5852] Bluetooth: hci1: unexpected event 0x1d length: 6 > 5
[  377.917198][ T5852] Bluetooth: hci2: unexpected event 0x1d length: 6 > 5
[  378.672554][T11047] can: request_module (can-proto-5) failed.
[  378.755670][ T5852] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[  379.272582][T11063] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  379.342962][T11067] netlink: 186 bytes leftover after parsing attributes in process `syz.1.862'.
[  380.599802][T11100] nla_validate_range_unsigned: 3 callbacks suppressed
[  380.599822][T11100] netlink: 'syz.0.865': attribute type 11 has an invalid length.
[  381.114302][T11113] wlan1: mtu less than device minimum
[  381.423501][T11115] openvswitch: HfR: Dropping previously announced user features
[  381.671013][ T5852] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[  381.824716][   T30] audit: type=1800 audit(4294967491.066:40): pid=11119 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.869" name="SYSV00000400" dev="tmpfs" ino=0 res=0 errno=0
[  381.903588][T11121] FAULT_INJECTION: forcing a failure.
[  381.903588][T11121] name failslab, interval 1, probability 0, space 0, times 0
[  381.981722][T11121] CPU: 0 UID: 0 PID: 11121 Comm: syz.0.870 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  381.981762][T11121] Tainted: [L]=SOFTLOCKUP
[  381.981770][T11121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  381.981784][T11121] Call Trace:
[  381.981792][T11121]  <TASK>
[  381.981800][T11121]  dump_stack_lvl+0x16c/0x1f0
[  381.981842][T11121]  should_fail_ex+0x512/0x640
[  381.981879][T11121]  ? kmem_cache_alloc_noprof+0x62/0x770
[  381.981924][T11121]  should_failslab+0xc2/0x120
[  381.981957][T11121]  kmem_cache_alloc_noprof+0x83/0x770
[  381.981998][T11121]  ? __anon_vma_prepare+0xae/0x5e0
[  381.982041][T11121]  ? __anon_vma_prepare+0xae/0x5e0
[  381.982075][T11121]  __anon_vma_prepare+0xae/0x5e0
[  381.982111][T11121]  ? do_raw_spin_lock+0x12c/0x2b0
[  381.982150][T11121]  __vmf_anon_prepare+0x11c/0x240
[  381.982181][T11121]  do_huge_pmd_anonymous_page+0x161/0x2200
[  381.982212][T11121]  ? __pmd_alloc+0x6aa/0x9c0
[  381.982243][T11121]  __handle_mm_fault+0x2525/0x2cf0
[  381.982287][T11121]  ? __pfx___handle_mm_fault+0x10/0x10
[  381.982353][T11121]  handle_mm_fault+0x3fe/0xad0
[  381.982394][T11121]  __get_user_pages+0x605/0x33a0
[  381.982436][T11121]  ? __pfx___get_user_pages+0x10/0x10
[  381.982473][T11121]  populate_vma_page_range+0x267/0x3f0
[  381.982507][T11121]  ? __pfx_populate_vma_page_range+0x10/0x10
[  381.982538][T11121]  ? __pfx_find_vma_intersection+0x10/0x10
[  381.982567][T11121]  ? do_mmap+0x69c/0x1210
[  381.982598][T11121]  __mm_populate+0x1d8/0x380
[  381.982629][T11121]  ? __pfx___mm_populate+0x10/0x10
[  381.982662][T11121]  ? up_write+0x282/0x4e0
[  381.982698][T11121]  vm_mmap_pgoff+0x37f/0x470
[  381.982727][T11121]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  381.982760][T11121]  ? __x64_sys_futex+0x1e0/0x4c0
[  381.982795][T11121]  ? __x64_sys_futex+0x1e9/0x4c0
[  381.982835][T11121]  ksys_mmap_pgoff+0x7d/0x5c0
[  381.982861][T11121]  ? xfd_validate_state+0x61/0x180
[  381.982885][T11121]  ? __pfx_ksys_write+0x10/0x10
[  381.982922][T11121]  __x64_sys_mmap+0x125/0x190
[  381.982952][T11121]  do_syscall_64+0xcd/0xf80
[  381.982991][T11121]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  381.983016][T11121] RIP: 0033:0x7ff831b8f7c9
[  381.983035][T11121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  381.983059][T11121] RSP: 002b:00007ff832ac7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  381.983081][T11121] RAX: ffffffffffffffda RBX: 00007ff831de5fa0 RCX: 00007ff831b8f7c9
[  381.983097][T11121] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000
[  381.983112][T11121] RBP: 00007ff831c13f91 R08: 0000000000000002 R09: 0000000000008000
[  381.983126][T11121] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[  381.983141][T11121] R13: 00007ff831de6038 R14: 00007ff831de5fa0 R15: 00007ffc23767db8
[  381.983172][T11121]  </TASK>
[  384.863390][T11184] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 0, inode_bitmap = 137
[  384.953433][T11184] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 1, inode_bitmap = 138
[  385.012586][T11184] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 0: bad block bitmap checksum
[  385.653492][ T5154] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  385.665258][ T5154] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  385.673513][ T5154] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  385.681487][ T5154] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  385.688945][ T5154] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  386.197877][ T5154] Bluetooth: hci2: unexpected event 0x1d length: 6 > 5
[  386.797832][T11220] chnl_net:caif_netlink_parms(): no params data found
[  387.006436][ T5154] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[  387.129598][T11220] bridge0: port 1(bridge_slave_0) entered blocking state
[  387.176090][T11220] bridge0: port 1(bridge_slave_0) entered disabled state
[  387.191633][T11220] bridge_slave_0: entered allmulticast mode
[  387.231813][T11220] bridge_slave_0: entered promiscuous mode
[  387.362757][T11220] bridge0: port 2(bridge_slave_1) entered blocking state
[  387.369915][T11220] bridge0: port 2(bridge_slave_1) entered disabled state
[  387.414409][T11220] bridge_slave_1: entered allmulticast mode
[  387.444440][T11220] bridge_slave_1: entered promiscuous mode
[  387.456541][T11381] zswap: compressor  not available
[  387.540906][T11220] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  387.573142][T11220] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  387.659962][T11220] team0: Port device team_slave_0 added
[  387.678730][T11220] team0: Port device team_slave_1 added
[  387.760327][T11220] batman_adv: batadv0: Adding interface: batadv_slave_0
[  387.781116][ T5154] Bluetooth: hci4: command tx timeout
[  387.787421][T11220] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  387.850620][T11220] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  387.881878][T11220] batman_adv: batadv0: Adding interface: batadv_slave_1
[  387.899268][T11220] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  387.960309][T11220] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  388.074040][T11220] hsr_slave_0: entered promiscuous mode
[  388.090789][T11220] hsr_slave_1: entered promiscuous mode
[  388.101580][T11220] debugfs: 'hsr0' already exists in 'hsr'
[  388.115813][T11220] Cannot create hsr debugfs directory
[  388.554295][T11220] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  388.574674][T11220] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  388.594256][T11220] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  388.617654][T11220] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  388.810834][T11220] 8021q: adding VLAN 0 to HW filter on device bond0
[  388.854677][T11220] 8021q: adding VLAN 0 to HW filter on device team0
[  388.886567][ T9488] bridge0: port 1(bridge_slave_0) entered blocking state
[  388.893784][ T9488] bridge0: port 1(bridge_slave_0) entered forwarding state
[  388.939350][ T9488] bridge0: port 2(bridge_slave_1) entered blocking state
[  388.946536][ T9488] bridge0: port 2(bridge_slave_1) entered forwarding state
[  389.054040][T11220] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  389.084726][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  389.093147][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  389.451535][T11220] 8021q: adding VLAN 0 to HW filter on device batadv0
[  389.861000][ T5154] Bluetooth: hci4: command tx timeout
[  389.968743][T11220] veth0_vlan: entered promiscuous mode
[  390.008450][T11220] veth1_vlan: entered promiscuous mode
[  390.103157][T11220] veth0_macvtap: entered promiscuous mode
[  390.128858][T11220] veth1_macvtap: entered promiscuous mode
[  390.170996][T11220] batman_adv: batadv0: Interface activated: batadv_slave_0
[  390.204707][T11220] batman_adv: batadv0: Interface activated: batadv_slave_1
[  390.240010][ T7158] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  390.249327][ T7158] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  390.289562][ T7158] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  390.334218][ T7158] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  390.456827][ T6113] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  390.482645][ T6113] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  390.565223][ T1150] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  390.591084][ T1150] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  390.904865][ T5154] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[  390.933764][T11587] netlink: 8 bytes leftover after parsing attributes in process `syz.4.876'.
[  391.551319][T11607] netlink: 8 bytes leftover after parsing attributes in process `syz.0.882'.
[  391.940565][ T5154] Bluetooth: hci4: command tx timeout
[  393.203941][T11639] netlink: 'syz.4.885': attribute type 12 has an invalid length.
[  394.022135][ T5154] Bluetooth: hci4: command tx timeout
[  394.229477][ T5154] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[  394.246352][ T5852] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  394.269052][ T5852] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  394.277939][ T5852] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  394.303999][ T5852] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  394.316279][ T5852] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  394.871164][ T5852] Bluetooth: hci2: unexpected event 0x1d length: 6 > 5
[  395.119577][ T5852] Bluetooth: hci4: unexpected event 0x1d length: 6 > 5
[  395.451782][T11771] netlink: 28 bytes leftover after parsing attributes in process `syz.1.894'.
[  395.738225][T11664] chnl_net:caif_netlink_parms(): no params data found
[  396.341752][ T5852] Bluetooth: hci5: command tx timeout
[  396.384118][T11869] futex_wake_op: syz.1.897 tries to shift op by -2048; fix this program
[  396.425474][T11664] bridge0: port 1(bridge_slave_0) entered blocking state
[  396.441784][T11869] futex_wake_op: syz.1.897 tries to shift op by -2048; fix this program
[  396.453040][T11664] bridge0: port 1(bridge_slave_0) entered disabled state
[  396.477307][T11664] bridge_slave_0: entered allmulticast mode
[  396.503135][T11664] bridge_slave_0: entered promiscuous mode
[  396.640923][T11664] bridge0: port 2(bridge_slave_1) entered blocking state
[  396.668761][T11664] bridge0: port 2(bridge_slave_1) entered disabled state
[  396.711239][T11664] bridge_slave_1: entered allmulticast mode
[  396.737909][T11664] bridge_slave_1: entered promiscuous mode
[  396.923461][T11664] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  396.977392][T11664] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  397.159704][T11664] team0: Port device team_slave_0 added
[  397.216719][T11664] team0: Port device team_slave_1 added
[  397.350882][T11922] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  397.364701][T11664] batman_adv: batadv0: Adding interface: batadv_slave_0
[  397.408967][T11664] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  397.564505][T11664] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  397.635562][T11664] batman_adv: batadv0: Adding interface: batadv_slave_1
[  397.681870][T11664] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  397.822140][T11664] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  398.165128][T11664] hsr_slave_0: entered promiscuous mode
[  398.196210][T11664] hsr_slave_1: entered promiscuous mode
[  398.223635][T11664] debugfs: 'hsr0' already exists in 'hsr'
[  398.245284][T11664] Cannot create hsr debugfs directory
[  398.420995][ T5852] Bluetooth: hci5: command tx timeout
[  399.529575][T11664] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  399.624034][T11664] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  399.764604][T11664] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  399.935210][T11664] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  400.185767][ T5852] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[  400.500187][ T5852] Bluetooth: hci5: command tx timeout
[  400.882831][T11664] 8021q: adding VLAN 0 to HW filter on device bond0
[  400.964172][T11664] 8021q: adding VLAN 0 to HW filter on device team0
[  401.068260][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  401.075610][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  401.270201][ T5852] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260
[  401.270241][ T5852] Bluetooth: hci2: unexpected subevent 0x0e length: 725 > 15
[  401.287423][ T5852] Bluetooth: hci2: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f
[  401.340466][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  401.347632][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  401.898770][T12209] zswap: compressor  not available
[  402.262643][ T5154] Bluetooth: hci2: command 0x0c1a tx timeout
[  402.580314][ T5852] Bluetooth: hci5: command tx timeout
[  402.970013][T11664] 8021q: adding VLAN 0 to HW filter on device batadv0
[  403.637710][ T5852] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[  403.945381][T12293] zswap: compressor  not available
[  404.268530][T11664] veth0_vlan: entered promiscuous mode
[  404.332267][T11664] veth1_vlan: entered promiscuous mode
[  404.344670][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout
[  404.355505][T12303] uvcvideo: [Deprecated]: nodrop parameter will be eventually removed.
[  404.412120][T12322] netlink: 4 bytes leftover after parsing attributes in process `syz.1.916'.
[  404.522316][T12329] netlink: 8 bytes leftover after parsing attributes in process `syz.4.917'.
[  404.988206][T11664] veth0_macvtap: entered promiscuous mode
[  405.056584][T11664] veth1_macvtap: entered promiscuous mode
[  405.573770][T11664] batman_adv: batadv0: Interface activated: batadv_slave_0
[  405.634739][T11664] batman_adv: batadv0: Interface activated: batadv_slave_1
[  405.703727][ T3467] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  405.742644][ T3467] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  405.857165][ T3467] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  405.944482][ T3467] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  406.062810][ T5154] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[  406.246319][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  406.338440][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  406.506964][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  406.535381][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  407.012412][ T5154] Bluetooth: hci2: unexpected event 0x1d length: 6 > 5
[  407.096629][ T5154] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  407.103642][ T5154] Bluetooth: hci0: unexpected subevent 0x0e length: 725 > 15
[  407.119274][ T5154] Bluetooth: hci0: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f
[  407.841689][T12467] zswap: compressor  not available
[  408.650326][T12508] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  408.705273][T12508] vhci_hcd: invalid port number 252
[  408.846895][T12508] vhci_hcd: default hub control req: 040f v0772 i00fc l2
[  409.165661][ T5154] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[  409.881511][ T5154] Bluetooth: hci2: unexpected event 0x1d length: 6 > 5
[  411.976501][T12659] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  412.013284][T12649] could not allocate digest TFM handle 
[  412.080591][T12659] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  412.113779][T12659] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  412.160698][T12659] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  412.215155][T12659] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  412.265849][T12659] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  412.340529][T12659] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  412.374812][T12659] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  412.399352][T12659] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  412.423916][T12659] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  413.024629][T12709] FAULT_INJECTION: forcing a failure.
[  413.024629][T12709] name failslab, interval 1, probability 0, space 0, times 0
[  413.072829][T12709] CPU: 0 UID: 0 PID: 12709 Comm: syz.5.945 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  413.072876][T12709] Tainted: [L]=SOFTLOCKUP
[  413.072884][T12709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  413.072899][T12709] Call Trace:
[  413.072907][T12709]  <TASK>
[  413.072915][T12709]  dump_stack_lvl+0x16c/0x1f0
[  413.072958][T12709]  should_fail_ex+0x512/0x640
[  413.072996][T12709]  ? kmem_cache_alloc_noprof+0x62/0x770
[  413.073041][T12709]  ? __pfx_nst_fop_open+0x10/0x10
[  413.073071][T12709]  should_failslab+0xc2/0x120
[  413.073104][T12709]  kmem_cache_alloc_noprof+0x83/0x770
[  413.073151][T12709]  ? seq_open+0x55/0x170
[  413.073185][T12709]  ? __pfx_nst_fop_open+0x10/0x10
[  413.073210][T12709]  ? seq_open+0x55/0x170
[  413.073234][T12709]  seq_open+0x55/0x170
[  413.073260][T12709]  __seq_open_private+0x3e/0xd0
[  413.073291][T12709]  nst_fop_open+0x24/0x120
[  413.073318][T12709]  full_proxy_open_regular+0x1b9/0x350
[  413.073353][T12709]  do_dentry_open+0x748/0x1590
[  413.073387][T12709]  ? __pfx_full_proxy_open_regular+0x10/0x10
[  413.073427][T12709]  vfs_open+0x82/0x3f0
[  413.073455][T12709]  path_openat+0x2078/0x3140
[  413.073499][T12709]  ? __pfx_path_openat+0x10/0x10
[  413.073545][T12709]  do_filp_open+0x20b/0x470
[  413.073581][T12709]  ? __pfx_do_filp_open+0x10/0x10
[  413.073638][T12709]  ? alloc_fd+0x471/0x7d0
[  413.073679][T12709]  do_sys_openat2+0x11f/0x280
[  413.073705][T12709]  ? __pfx_do_sys_openat2+0x10/0x10
[  413.073741][T12709]  __x64_sys_openat+0x174/0x210
[  413.073768][T12709]  ? __pfx___x64_sys_openat+0x10/0x10
[  413.073796][T12709]  ? syscall_user_dispatch+0x78/0x140
[  413.073843][T12709]  do_syscall_64+0xcd/0xf80
[  413.073889][T12709]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  413.073914][T12709] RIP: 0033:0x7fb2dad8f7c9
[  413.073933][T12709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  413.073957][T12709] RSP: 002b:00007fb2dbc03038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  413.073980][T12709] RAX: ffffffffffffffda RBX: 00007fb2dafe5fa0 RCX: 00007fb2dad8f7c9
[  413.073996][T12709] RDX: 0000000000101080 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  413.074011][T12709] RBP: 00007fb2dae13f91 R08: 0000000000000000 R09: 0000000000000000
[  413.074026][T12709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  413.074041][T12709] R13: 00007fb2dafe6038 R14: 00007fb2dafe5fa0 R15: 00007ffcd69df488
[  413.074071][T12709]  </TASK>
[  413.515019][ T5852] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[  414.043482][ T5852] Bluetooth: hci0: command 0x0c1a tx timeout
[  414.100761][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout
[  414.181756][ T5154] Bluetooth: hci2: command 0x0c1a tx timeout
[  414.187822][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout
[  414.260462][ T5852] Bluetooth: hci4: command 0x0c1a tx timeout
[  414.421215][ T5852] Bluetooth: hci5: command 0x0c1a tx timeout
[  414.641358][T12808] netlink: 342 bytes leftover after parsing attributes in process `syz.0.952'.
[  414.753451][T12814] netlink: 4 bytes leftover after parsing attributes in process `syz.0.952'.
[  416.340442][ T5852] Bluetooth: hci4: command 0x0c1a tx timeout
[  416.500228][ T5852] Bluetooth: hci5: command 0x0c1a tx timeout
[  417.851215][T12972] FAULT_INJECTION: forcing a failure.
[  417.851215][T12972] name failslab, interval 1, probability 0, space 0, times 0
[  417.954234][T12974] TCP: TCP_TX_DELAY enabled
[  417.974587][T12972] CPU: 0 UID: 0 PID: 12972 Comm: syz.0.967 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  417.974623][T12972] Tainted: [L]=SOFTLOCKUP
[  417.974631][T12972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  417.974644][T12972] Call Trace:
[  417.974651][T12972]  <TASK>
[  417.974658][T12972]  dump_stack_lvl+0x16c/0x1f0
[  417.974701][T12972]  should_fail_ex+0x512/0x640
[  417.974735][T12972]  ? kmem_cache_alloc_noprof+0x62/0x770
[  417.974775][T12972]  should_failslab+0xc2/0x120
[  417.974806][T12972]  kmem_cache_alloc_noprof+0x83/0x770
[  417.974842][T12972]  ? prepare_creds+0x2c/0x740
[  417.974885][T12972]  ? prepare_creds+0x2c/0x740
[  417.974916][T12972]  prepare_creds+0x2c/0x740
[  417.974952][T12972]  __sys_setfsuid+0xda/0x350
[  417.974971][T12972]  ? rcu_is_watching+0x12/0xc0
[  417.974998][T12972]  do_syscall_64+0xcd/0xf80
[  417.975035][T12972]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  417.975058][T12972] RIP: 0033:0x7ff831b8f7c9
[  417.975077][T12972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  417.975100][T12972] RSP: 002b:00007ff832ac7038 EFLAGS: 00000246 ORIG_RAX: 000000000000007a
[  417.975122][T12972] RAX: ffffffffffffffda RBX: 00007ff831de5fa0 RCX: 00007ff831b8f7c9
[  417.975138][T12972] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000ee01
[  417.975152][T12972] RBP: 00007ff831c13f91 R08: 0000000000000000 R09: 0000000000000000
[  417.975166][T12972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  417.975180][T12972] R13: 00007ff831de6038 R14: 00007ff831de5fa0 R15: 00007ffc23767db8
[  417.975211][T12972]  </TASK>
[  418.470658][ T5852] Bluetooth: hci4: command 0x0c1a tx timeout
[  418.675505][ T5852] Bluetooth: hci5: command 0x0c1a tx timeout
[  418.960204][T13005] Process accounting resumed
[  419.042437][T13004] netlink: 4 bytes leftover after parsing attributes in process `syz.5.972'.
[  419.614520][T13016] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  419.663619][T13016] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  419.690380][T13016] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  419.724369][T13016] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  419.761215][T13016] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  419.819654][T13016] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  420.654751][ T5852] Bluetooth: hci5: unexpected subevent 0x01 length: 123 > 18
[  421.300227][ T5852] Bluetooth: hci0: command 0x0c1a tx timeout
[  421.668759][T13126] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0]
[  421.702694][ T5847] Bluetooth: hci1: command 0x0c1a tx timeout
[  421.708881][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout
[  421.780662][ T5847] Bluetooth: hci3: command 0x0c1a tx timeout
[  421.788975][ T5852] Bluetooth: hci4: command 0x0c1a tx timeout
[  421.861125][ T5852] Bluetooth: hci5: command 0x0c1a tx timeout
[  422.911672][ T5852] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[  423.105180][T13183] netlink: 342 bytes leftover after parsing attributes in process `syz.1.990'.
[  423.941783][ T5852] Bluetooth: hci5: command 0x0c1a tx timeout
[  425.390938][T13228] ERROR: Out of memory at tomoyo_memory_ok.
[  425.658239][T13233] hub 1-0:1.0: USB hub found
[  425.692184][T13233] hub 1-0:1.0: 1 port detected
[  426.021933][ T5154] Bluetooth: hci5: command 0x0c1a tx timeout
[  426.300459][T13255] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1002'.
[  426.339179][T13259] netlink: 'syz.5.1002': attribute type 1 has an invalid length.
[  426.364375][T13259] netlink: 'syz.5.1002': attribute type 2 has an invalid length.
[  426.392606][T13259] netlink: 'syz.5.1002': attribute type 7 has an invalid length.
[  426.447609][T13259] netlink: 274 bytes leftover after parsing attributes in process `syz.5.1002'.
[  427.858443][T13308] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  429.286104][T13359] mkiss: ax0: crc mode is auto.
[  429.534259][T13381] ptp ptp0: new virtual clock ptp1
[  429.613148][T13381] ptp ptp0: new virtual clock ptp2
[  429.672872][T13381] ptp ptp0: new virtual clock ptp3
[  429.728008][T13381] ptp ptp0: guarantee physical clock free running
[  433.389846][T13570] netlink: NAT attribute type 6 has unexpected length (4 != 2)
[  433.452384][T13570] FAULT_INJECTION: forcing a failure.
[  433.452384][T13570] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  433.525588][T13570] CPU: 0 UID: 0 PID: 13570 Comm: syz.5.1025 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  433.525626][T13570] Tainted: [L]=SOFTLOCKUP
[  433.525634][T13570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  433.525649][T13570] Call Trace:
[  433.525656][T13570]  <TASK>
[  433.525665][T13570]  dump_stack_lvl+0x16c/0x1f0
[  433.525713][T13570]  should_fail_ex+0x512/0x640
[  433.525756][T13570]  should_fail_alloc_page+0xe7/0x130
[  433.525792][T13570]  prepare_alloc_pages+0x401/0x670
[  433.525825][T13570]  ? rcu_is_watching+0x12/0xc0
[  433.525853][T13570]  __alloc_frozen_pages_noprof+0x18b/0x2430
[  433.525880][T13570]  ? __pfx_stack_trace_save+0x10/0x10
[  433.525916][T13570]  ? __lock_acquire+0x433/0x22f0
[  433.525946][T13570]  ? __lock_acquire+0x433/0x22f0
[  433.525975][T13570]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  433.525999][T13570]  ? relay_open+0x653/0xad0
[  433.526047][T13570]  ? rcu_read_unlock+0x17/0x60
[  433.526083][T13570]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  433.526118][T13570]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  433.526146][T13570]  ? policy_nodemask+0xea/0x4e0
[  433.526181][T13570]  alloc_pages_mpol+0x1fb/0x550
[  433.526214][T13570]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  433.526244][T13570]  ? trace_kmalloc+0x2b/0xb0
[  433.526274][T13570]  ? trace_kmalloc+0x2b/0xb0
[  433.526301][T13570]  ? __kmalloc_noprof.cold+0x5d/0x62
[  433.526336][T13570]  ? relay_open_buf.part.0+0x194/0xc40
[  433.526379][T13570]  alloc_pages_noprof+0x12d/0x180
[  433.526412][T13570]  relay_open_buf.part.0+0x262/0xc40
[  433.526461][T13570]  relay_open+0x653/0xad0
[  433.526499][T13570]  ? debugfs_create_file_full+0x41/0x60
[  433.526552][T13570]  blk_trace_setup_prepare+0x38e/0x700
[  433.526594][T13570]  blk_trace_setup+0x1c5/0x3b0
[  433.526638][T13570]  ? __pfx_blk_trace_setup+0x10/0x10
[  433.526709][T13570]  ? vsnprintf+0x331/0x11e0
[  433.526749][T13570]  ? __pfx_vsnprintf+0x10/0x10
[  433.526800][T13570]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  433.526829][T13570]  ? do_vfs_ioctl+0x128/0x14f0
[  433.526861][T13570]  blk_trace_ioctl+0x2ce/0x300
[  433.526900][T13570]  ? __pfx_blk_trace_ioctl+0x10/0x10
[  433.526943][T13570]  ? find_held_lock+0x2b/0x80
[  433.526982][T13570]  ? hook_file_ioctl_common+0x144/0x410
[  433.527025][T13570]  blkdev_ioctl+0x1fa/0x6e0
[  433.527048][T13570]  ? __pfx_blkdev_ioctl+0x10/0x10
[  433.527074][T13570]  ? __pfx_blkdev_ioctl+0x10/0x10
[  433.527097][T13570]  __x64_sys_ioctl+0x18e/0x210
[  433.527128][T13570]  do_syscall_64+0xcd/0xf80
[  433.527167][T13570]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  433.527191][T13570] RIP: 0033:0x7fb2dad8f7c9
[  433.527210][T13570] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  433.527234][T13570] RSP: 002b:00007fb2dbc03038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  433.527257][T13570] RAX: ffffffffffffffda RBX: 00007fb2dafe5fa0 RCX: 00007fb2dad8f7c9
[  433.527273][T13570] RDX: 0000200000000240 RSI: 00000000c0481273 RDI: 000000000000000a
[  433.527288][T13570] RBP: 00007fb2dae13f91 R08: 0000000000000000 R09: 0000000000000000
[  433.527303][T13570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  433.527317][T13570] R13: 00007fb2dafe6038 R14: 00007fb2dafe5fa0 R15: 00007ffcd69df488
[  433.527348][T13570]  </TASK>
[  434.854039][T13588] device-mapper: ioctl: Invalid ioctl structure: name , dev 200010007
[  434.880513][T13588] device-mapper: ioctl: Invalid ioctl structure: name , dev 200010007
[  434.907138][T13595] binder: 13593:13595 ioctl c0306201 0 returned -14
[  434.921736][T13588] device-mapper: ioctl: Invalid ioctl structure: name , dev 200010007
[  434.951577][T13588] device-mapper: ioctl: Invalid ioctl structure: name , dev 200010007
[  434.989669][T13588] device-mapper: ioctl: Invalid ioctl structure: name , dev 200010007
[  435.050390][T13588] device-mapper: ioctl: Invalid ioctl structure: name , dev 200010007
[  435.092210][T13588] device-mapper: ioctl: Invalid ioctl structure: name , dev 200010007
[  435.113347][T13588] device-mapper: ioctl: Invalid ioctl structure: name , dev 200010007
[  435.158466][T13588] device-mapper: ioctl: Invalid ioctl structure: name , dev 200010007
[  435.196844][T13588] device-mapper: ioctl: Invalid ioctl structure: name , dev 200010007
[  435.229150][T13588] device-mapper: ioctl: Invalid ioctl structure: name , dev 200010007
[  435.258699][T13588] device-mapper: ioctl: Invalid ioctl structure: name , dev 200010007
[  435.284547][T13588] device-mapper: ioctl: Invalid ioctl structure: name , dev 200010007
[  435.671984][T13631] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1029'.
[  436.430388][T13652] netlink: 'syz.0.1034': attribute type 2 has an invalid length.
[  436.508749][T13652] ACPI: EC: Assuming SCI_EVT clearing on QR_EC writes
[  436.756077][T13672] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.5.1038: iget: checksum invalid
[  436.872368][T13672] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[  436.990919][T13672] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.5.1038: iget: checksum invalid
[  437.090694][T13672] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[  437.191807][T13672] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.5.1038: iget: checksum invalid
[  437.247382][T13672] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[  437.328790][T13672] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.5.1038: iget: checksum invalid
[  437.454093][T13672] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  437.506130][T13672] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  437.548910][T13672] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  437.856504][T13723] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(8.0.1), cmd(2)
[  439.915651][ T5154] Bluetooth: hci5: unexpected event 0x1d length: 6 > 5
[  440.405311][T13778] bonding: no command found in bonding_masters - use +ifname or -ifname
[  441.539713][T13811] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  441.564229][T13811] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  441.809903][ T5852] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  441.819509][ T5852] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  441.834574][ T5852] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  441.842483][ T5852] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  441.851160][ T5852] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  441.948961][ T5852] Bluetooth: hci5: unexpected event 0x1d length: 6 > 5
[  442.712028][T13820] chnl_net:caif_netlink_parms(): no params data found
[  443.268538][T13820] bridge0: port 1(bridge_slave_0) entered blocking state
[  443.309962][T13820] bridge0: port 1(bridge_slave_0) entered disabled state
[  443.339058][T13820] bridge_slave_0: entered allmulticast mode
[  443.359484][T13820] bridge_slave_0: entered promiscuous mode
[  443.384125][T13820] bridge0: port 2(bridge_slave_1) entered blocking state
[  443.415827][T13820] bridge0: port 2(bridge_slave_1) entered disabled state
[  443.437632][T13820] bridge_slave_1: entered allmulticast mode
[  443.455774][ T5852] Bluetooth: hci5: unexpected event 0x1d length: 6 > 5
[  443.457018][T13820] bridge_slave_1: entered promiscuous mode
[  443.655495][T13820] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  443.748684][T13820] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  443.894087][T13820] team0: Port device team_slave_0 added
[  443.940217][ T5852] Bluetooth: hci6: command tx timeout
[  444.112965][T13820] team0: Port device team_slave_1 added
[  444.425799][T13820] batman_adv: batadv0: Adding interface: batadv_slave_0
[  444.447280][T13820] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  444.551585][T13820] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  444.598544][T13820] batman_adv: batadv0: Adding interface: batadv_slave_1
[  444.625186][T13820] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  444.709149][T13820] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  445.086508][T13820] hsr_slave_0: entered promiscuous mode
[  445.105603][T13820] hsr_slave_1: entered promiscuous mode
[  445.126038][T13820] debugfs: 'hsr0' already exists in 'hsr'
[  445.144120][T13820] Cannot create hsr debugfs directory
[  445.634898][ T5852] Bluetooth: hci5: unexpected event 0x1d length: 6 > 5
[  446.021264][ T5852] Bluetooth: hci6: command tx timeout
[  446.152497][T14211] random: crng reseeded on system resumption
[  446.177398][T13820] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  446.221320][T13820] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  446.257292][T13820] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  446.297168][T13820] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  446.654414][T14240] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000
[  446.715424][T14240] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff)
[  446.809869][T14240] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000
[  446.848884][T14240] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[  446.919606][T13820] 8021q: adding VLAN 0 to HW filter on device bond0
[  446.938194][T14240] page dumped because: unmovable page
[  446.988497][T13820] 8021q: adding VLAN 0 to HW filter on device team0
[  447.009241][T14240] page_owner info is not present (never set?)
[  447.063283][ T6113] bridge0: port 1(bridge_slave_0) entered blocking state
[  447.070486][ T6113] bridge0: port 1(bridge_slave_0) entered forwarding state
[  447.165115][ T6113] bridge0: port 2(bridge_slave_1) entered blocking state
[  447.172317][ T6113] bridge0: port 2(bridge_slave_1) entered forwarding state
[  447.918163][T14278] FAULT_INJECTION: forcing a failure.
[  447.918163][T14278] name failslab, interval 1, probability 0, space 0, times 0
[  447.967582][T14278] CPU: 0 UID: 0 PID: 14278 Comm: syz.5.1070 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  447.967624][T14278] Tainted: [L]=SOFTLOCKUP
[  447.967632][T14278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  447.967645][T14278] Call Trace:
[  447.967652][T14278]  <TASK>
[  447.967660][T14278]  dump_stack_lvl+0x16c/0x1f0
[  447.967700][T14278]  should_fail_ex+0x512/0x640
[  447.967735][T14278]  ? __kmalloc_noprof+0xca/0x910
[  447.967775][T14278]  should_failslab+0xc2/0x120
[  447.967808][T14278]  __kmalloc_noprof+0xeb/0x910
[  447.967843][T14278]  ? kobject_get_path+0xd2/0x2a0
[  447.967885][T14278]  ? kobject_get_path+0xd2/0x2a0
[  447.967920][T14278]  kobject_get_path+0xd2/0x2a0
[  447.967963][T14278]  kobject_uevent_env+0x289/0x1870
[  447.967988][T14278]  ? __pfx_dev_uevent_name+0x10/0x10
[  447.968029][T14278]  ? bus_to_subsys+0x131/0x160
[  447.968065][T14278]  device_add+0x10dd/0x1950
[  447.968104][T14278]  ? __pfx_device_add+0x10/0x10
[  447.968137][T14278]  ? kfree_const+0x55/0x60
[  447.968177][T14278]  device_create_groups_vargs+0x1f8/0x270
[  447.968211][T14278]  device_create+0xed/0x130
[  447.968242][T14278]  ? __pfx_device_create+0x10/0x10
[  447.968273][T14278]  ? do_init_timer+0xc9/0x110
[  447.968305][T14278]  ? ieee80211_roc_setup+0x136/0x270
[  447.968337][T14278]  ? ieee80211_alloc_hw_nm+0x231/0x22b0
[  447.968379][T14278]  mac80211_hwsim_new_radio+0x36a/0x50c0
[  447.968416][T14278]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  447.968446][T14278]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  447.968480][T14278]  hwsim_new_radio_nl+0xba2/0x1330
[  447.968507][T14278]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  447.968541][T14278]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  447.968580][T14278]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  447.968625][T14278]  genl_family_rcv_msg_doit+0x209/0x2f0
[  447.968664][T14278]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  447.968701][T14278]  ? genl_get_cmd+0x194/0x580
[  447.968740][T14278]  ? bpf_lsm_capable+0x9/0x10
[  447.968763][T14278]  ? security_capable+0x7e/0x260
[  447.968795][T14278]  ? ns_capable+0xd7/0x110
[  447.968833][T14278]  genl_rcv_msg+0x55c/0x800
[  447.968873][T14278]  ? __pfx_genl_rcv_msg+0x10/0x10
[  447.968909][T14278]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  447.968944][T14278]  netlink_rcv_skb+0x158/0x420
[  447.968975][T14278]  ? __pfx_genl_rcv_msg+0x10/0x10
[  447.969013][T14278]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  447.969057][T14278]  ? netlink_deliver_tap+0x1ae/0xd30
[  447.969096][T14278]  genl_rcv+0x28/0x40
[  447.969128][T14278]  netlink_unicast+0x5aa/0x870
[  447.969164][T14278]  ? __pfx_netlink_unicast+0x10/0x10
[  447.969206][T14278]  netlink_sendmsg+0x8c8/0xdd0
[  447.969243][T14278]  ? __pfx_netlink_sendmsg+0x10/0x10
[  447.969277][T14278]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  447.969315][T14278]  ____sys_sendmsg+0xa5d/0xc30
[  447.969349][T14278]  ? copy_msghdr_from_user+0x10a/0x160
[  447.969374][T14278]  ? __pfx_____sys_sendmsg+0x10/0x10
[  447.969412][T14278]  ? __pfx_futex_wake_mark+0x10/0x10
[  447.969440][T14278]  ___sys_sendmsg+0x134/0x1d0
[  447.969467][T14278]  ? __pfx____sys_sendmsg+0x10/0x10
[  447.969491][T14278]  ? __lock_acquire+0x433/0x22f0
[  447.969555][T14278]  __sys_sendmsg+0x16d/0x220
[  447.969581][T14278]  ? __pfx___sys_sendmsg+0x10/0x10
[  447.969605][T14278]  ? __x64_sys_futex+0x1e0/0x4c0
[  447.969657][T14278]  do_syscall_64+0xcd/0xf80
[  447.969696][T14278]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  447.969720][T14278] RIP: 0033:0x7fb2dad8f7c9
[  447.969737][T14278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  447.969761][T14278] RSP: 002b:00007fb2dbc03038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  447.969783][T14278] RAX: ffffffffffffffda RBX: 00007fb2dafe5fa0 RCX: 00007fb2dad8f7c9
[  447.969799][T14278] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007
[  447.969814][T14278] RBP: 00007fb2dae13f91 R08: 0000000000000000 R09: 0000000000000000
[  447.969828][T14278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  447.969842][T14278] R13: 00007fb2dafe6038 R14: 00007fb2dafe5fa0 R15: 00007ffcd69df488
[  447.969873][T14278]  </TASK>
[  449.021111][ T5852] Bluetooth: hci6: command tx timeout
[  449.072781][T13820] 8021q: adding VLAN 0 to HW filter on device batadv0
[  449.839573][T13820] veth0_vlan: entered promiscuous mode
[  449.889038][T13820] veth1_vlan: entered promiscuous mode
[  449.902521][ T5852] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[  449.949318][T13820] veth0_macvtap: entered promiscuous mode
[  449.992914][T13820] veth1_macvtap: entered promiscuous mode
[  450.051755][T13820] batman_adv: batadv0: Interface activated: batadv_slave_0
[  450.107454][T13820] batman_adv: batadv0: Interface activated: batadv_slave_1
[  450.171433][T14301] can0: slcan on ttyS2.
[  450.176273][ T4736] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  450.222726][ T4736] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  450.259343][ T4736] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  450.318912][T14300] can0 (unregistered): slcan off ttyS2.
[  450.344555][ T4736] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  450.478335][ T4736] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  450.505164][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  450.512364][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  450.543756][ T4736] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  450.629953][ T4736] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  450.659129][ T4736] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  450.867821][T14328] random: crng reseeded on system resumption
[  451.060442][ T5852] Bluetooth: hci6: command tx timeout
[  451.257344][T14343] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  451.312827][T14343] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  451.355192][ T5852] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[  451.812720][ T5852] Bluetooth: hci5: unexpected event 0x1d length: 6 > 5
[  453.588265][T14429] netlink: 330 bytes leftover after parsing attributes in process `syz.5.1086'.
[  453.775035][ T5154] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  453.788015][ T5154] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  453.796249][ T5154] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  453.804068][ T5154] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  453.813492][ T5154] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  453.930941][T14438] random: crng reseeded on system resumption
[  454.802082][ T5154] Bluetooth: hci5: unexpected event 0x1d length: 6 > 5
[  454.937317][T14431] chnl_net:caif_netlink_parms(): no params data found
[  455.024047][T14529] FAULT_INJECTION: forcing a failure.
[  455.024047][T14529] name failslab, interval 1, probability 0, space 0, times 0
[  455.078847][T14531] sctp: [Deprecated]: syz.5.1093 (pid 14531) Use of int in maxseg socket option.
[  455.078847][T14531] Use struct sctp_assoc_value instead
[  455.188865][T14529] CPU: 0 UID: 0 PID: 14529 Comm: syz.0.1091 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  455.188903][T14529] Tainted: [L]=SOFTLOCKUP
[  455.188912][T14529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  455.188926][T14529] Call Trace:
[  455.188934][T14529]  <TASK>
[  455.188942][T14529]  dump_stack_lvl+0x16c/0x1f0
[  455.188988][T14529]  should_fail_ex+0x512/0x640
[  455.189026][T14529]  ? __kmalloc_noprof+0xca/0x910
[  455.189067][T14529]  should_failslab+0xc2/0x120
[  455.189101][T14529]  __kmalloc_noprof+0xeb/0x910
[  455.189138][T14529]  ? copy_splice_read+0x1a8/0xc20
[  455.189177][T14529]  ? copy_splice_read+0x1a8/0xc20
[  455.189209][T14529]  ? ktime_get_coarse_real_ts64_mg+0x240/0x300
[  455.189246][T14529]  copy_splice_read+0x1a8/0xc20
[  455.189285][T14529]  ? __lock_acquire+0x433/0x22f0
[  455.189314][T14529]  ? __pfx_copy_splice_read+0x10/0x10
[  455.189347][T14529]  ? __pfx_current_time+0x10/0x10
[  455.189370][T14529]  ? lock_acquire+0x179/0x330
[  455.189406][T14529]  ? find_held_lock+0x2b/0x80
[  455.189447][T14529]  ? __pfx_copy_splice_read+0x10/0x10
[  455.189481][T14529]  do_splice_read+0x285/0x370
[  455.189519][T14529]  splice_direct_to_actor+0x2a1/0xa30
[  455.189562][T14529]  ? __pfx_direct_splice_actor+0x10/0x10
[  455.189604][T14529]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  455.189639][T14529]  ? do_raw_spin_lock+0x12c/0x2b0
[  455.189682][T14529]  do_splice_direct+0x174/0x240
[  455.189718][T14529]  ? __pfx_do_splice_direct+0x10/0x10
[  455.189755][T14529]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  455.189794][T14529]  ? rw_verify_area+0xcf/0x6c0
[  455.189826][T14529]  do_sendfile+0xb06/0xe50
[  455.189862][T14529]  ? __pfx_do_sendfile+0x10/0x10
[  455.189893][T14529]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  455.189940][T14529]  __x64_sys_sendfile64+0x1d8/0x220
[  455.189981][T14529]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  455.190019][T14529]  ? rcu_is_watching+0x12/0xc0
[  455.190051][T14529]  do_syscall_64+0xcd/0xf80
[  455.190090][T14529]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  455.190115][T14529] RIP: 0033:0x7ff831b8f7c9
[  455.190133][T14529] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  455.190157][T14529] RSP: 002b:00007ff832ac7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  455.190180][T14529] RAX: ffffffffffffffda RBX: 00007ff831de5fa0 RCX: 00007ff831b8f7c9
[  455.190196][T14529] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000005
[  455.190210][T14529] RBP: 00007ff831c13f91 R08: 0000000000000000 R09: 0000000000000000
[  455.190225][T14529] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000000
[  455.190239][T14529] R13: 00007ff831de6038 R14: 00007ff831de5fa0 R15: 00007ffc23767db8
[  455.190270][T14529]  </TASK>
[  455.916907][ T5154] Bluetooth: hci7: command tx timeout
[  456.789064][T14431] bridge0: port 1(bridge_slave_0) entered blocking state
[  456.826365][T14431] bridge0: port 1(bridge_slave_0) entered disabled state
[  456.850456][T14431] bridge_slave_0: entered allmulticast mode
[  456.878950][T14431] bridge_slave_0: entered promiscuous mode
[  456.920625][T14431] bridge0: port 2(bridge_slave_1) entered blocking state
[  456.951174][T14431] bridge0: port 2(bridge_slave_1) entered disabled state
[  456.981607][T14431] bridge_slave_1: entered allmulticast mode
[  457.010543][T14431] bridge_slave_1: entered promiscuous mode
[  457.141112][ T5154] Bluetooth: hci5: unexpected event 0x1d length: 6 > 5
[  457.243992][T14431] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  457.325206][T14431] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  457.488997][T14431] team0: Port device team_slave_0 added
[  457.553560][T14431] team0: Port device team_slave_1 added
[  457.747277][T14431] batman_adv: batadv0: Adding interface: batadv_slave_0
[  457.784776][T14431] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  457.835537][T14717] FAULT_INJECTION: forcing a failure.
[  457.835537][T14717] name failslab, interval 1, probability 0, space 0, times 0
[  457.871924][T14717] CPU: 0 UID: 0 PID: 14717 Comm: syz.6.1099 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  457.871963][T14717] Tainted: [L]=SOFTLOCKUP
[  457.871972][T14717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  457.871986][T14717] Call Trace:
[  457.871994][T14717]  <TASK>
[  457.872003][T14717]  dump_stack_lvl+0x16c/0x1f0
[  457.872052][T14717]  should_fail_ex+0x512/0x640
[  457.872090][T14717]  ? __kvmalloc_node_noprof+0x129/0xa40
[  457.872121][T14717]  should_failslab+0xc2/0x120
[  457.872155][T14717]  __kvmalloc_node_noprof+0x14a/0xa40
[  457.872185][T14717]  ? io_alloc_cache_init+0x38/0x170
[  457.872224][T14717]  ? io_alloc_cache_init+0x38/0x170
[  457.872254][T14717]  ? __init_waitqueue_head+0xca/0x150
[  457.872289][T14717]  io_alloc_cache_init+0x38/0x170
[  457.872323][T14717]  io_uring_setup+0x5da/0x1f60
[  457.872352][T14717]  ? __pfx_io_uring_setup+0x10/0x10
[  457.872379][T14717]  ? do_futex+0x122/0x350
[  457.872415][T14717]  ? __pfx_do_futex+0x10/0x10
[  457.872448][T14717]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  457.872505][T14717]  ? xfd_validate_state+0x61/0x180
[  457.872529][T14717]  ? __pfx_do_writev+0x10/0x10
[  457.872566][T14717]  __x64_sys_io_uring_setup+0xc2/0x170
[  457.872594][T14717]  do_syscall_64+0xcd/0xf80
[  457.872633][T14717]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  457.872657][T14717] RIP: 0033:0x7ff99ed8f7c9
[  457.872676][T14717] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  457.872701][T14717] RSP: 002b:00007ff99cfd5038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[  457.872724][T14717] RAX: ffffffffffffffda RBX: 00007ff99efe6180 RCX: 00007ff99ed8f7c9
[  457.872740][T14717] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  457.872754][T14717] RBP: 00007ff99ee13f91 R08: 0000000000000000 R09: 0000000000000000
[  457.872768][T14717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  457.872782][T14717] R13: 00007ff99efe6218 R14: 00007ff99efe6180 R15: 00007ffd19b51e18
[  457.872812][T14717]  </TASK>
[  458.109148][ T5154] Bluetooth: hci7: command tx timeout
[  458.310127][T14431] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  458.378079][ T5154] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[  458.564474][T14431] batman_adv: batadv0: Adding interface: batadv_slave_1
[  458.582177][T14431] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  458.689708][T14431] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  459.001681][T14431] hsr_slave_0: entered promiscuous mode
[  459.016585][T14431] hsr_slave_1: entered promiscuous mode
[  459.043435][T14431] debugfs: 'hsr0' already exists in 'hsr'
[  459.049225][T14431] Cannot create hsr debugfs directory
[  460.180573][ T5154] Bluetooth: hci7: command tx timeout
[  460.801401][T14431] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  460.924136][T14431] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  461.061967][T14431] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  461.117112][T14431] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  461.877666][T14431] 8021q: adding VLAN 0 to HW filter on device bond0
[  461.968312][T14431] 8021q: adding VLAN 0 to HW filter on device team0
[  462.093109][ T9488] bridge0: port 1(bridge_slave_0) entered blocking state
[  462.100345][ T9488] bridge0: port 1(bridge_slave_0) entered forwarding state
[  462.236537][ T9488] bridge0: port 2(bridge_slave_1) entered blocking state
[  462.243772][ T9488] bridge0: port 2(bridge_slave_1) entered forwarding state
[  462.261308][ T5154] Bluetooth: hci7: command tx timeout
[  462.986048][T14431] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  463.036417][T14431] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  464.159182][T14431] 8021q: adding VLAN 0 to HW filter on device batadv0
[  465.268339][ T5154] Bluetooth: hci5: unexpected event 0x1d length: 6 > 5
[  465.815253][T14431] veth0_vlan: entered promiscuous mode
[  465.946790][T14431] veth1_vlan: entered promiscuous mode
[  466.966531][T14431] veth0_macvtap: entered promiscuous mode
[  467.035101][T14431] veth1_macvtap: entered promiscuous mode
[  467.784234][T14431] batman_adv: batadv0: Interface activated: batadv_slave_0
[  467.916601][T14431] batman_adv: batadv0: Interface activated: batadv_slave_1
[  468.013374][ T6112] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  468.054223][ T6112] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  468.082067][ T6112] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  468.140382][T15225] FAULT_INJECTION: forcing a failure.
[  468.140382][T15225] name failslab, interval 1, probability 0, space 0, times 0
[  468.275657][ T6112] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  468.393054][T15225] CPU: 0 UID: 0 PID: 15225 Comm: syz.0.1121 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  468.393093][T15225] Tainted: [L]=SOFTLOCKUP
[  468.393101][T15225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  468.393116][T15225] Call Trace:
[  468.393124][T15225]  <TASK>
[  468.393139][T15225]  dump_stack_lvl+0x16c/0x1f0
[  468.393181][T15225]  should_fail_ex+0x512/0x640
[  468.393219][T15225]  ? kmem_cache_alloc_noprof+0x62/0x770
[  468.393264][T15225]  should_failslab+0xc2/0x120
[  468.393297][T15225]  kmem_cache_alloc_noprof+0x83/0x770
[  468.393338][T15225]  ? alloc_uid+0x13d/0x4c0
[  468.393368][T15225]  ? alloc_uid+0x13d/0x4c0
[  468.393390][T15225]  alloc_uid+0x13d/0x4c0
[  468.393413][T15225]  ? apparmor_cred_prepare+0x173/0x370
[  468.393448][T15225]  ? __pfx_alloc_uid+0x10/0x10
[  468.393473][T15225]  ? security_prepare_creds+0xa6/0x270
[  468.393505][T15225]  __sys_setresuid+0x507/0x1160
[  468.393548][T15225]  do_syscall_64+0xcd/0xf80
[  468.393588][T15225]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  468.393613][T15225] RIP: 0033:0x7ff831b8f7c9
[  468.393632][T15225] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  468.393657][T15225] RSP: 002b:00007ff832a64038 EFLAGS: 00000246 ORIG_RAX: 0000000000000075
[  468.393679][T15225] RAX: ffffffffffffffda RBX: 00007ff831de6270 RCX: 00007ff831b8f7c9
[  468.393695][T15225] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000008
[  468.393710][T15225] RBP: 00007ff831c13f91 R08: 0000000000000000 R09: 0000000000000000
[  468.393725][T15225] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  468.393739][T15225] R13: 00007ff831de6308 R14: 00007ff831de6270 R15: 00007ffc23767db8
[  468.393770][T15225]  </TASK>
[  468.693892][T15239] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1122'.
[  468.783204][T15239] veth1_macvtap: left promiscuous mode
[  468.940372][T12723] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  469.004407][T12723] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  469.153203][T12723] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  469.167097][T12723] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  469.595375][T15268] can0: slcan on ttyS2.
[  469.936562][T15267] can0 (unregistered): slcan off ttyS2.
[  470.567805][ T5154] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[  471.010984][T15327] random: crng reseeded on system resumption
[  473.598702][T15460] netlink: 342 bytes leftover after parsing attributes in process `syz.6.1135'.
[  473.676621][T15460] netlink: 342 bytes leftover after parsing attributes in process `syz.6.1135'.
[  473.752878][T15460] netlink: 342 bytes leftover after parsing attributes in process `syz.6.1135'.
[  474.345699][T15450] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  474.385208][   T30] audit: type=1800 audit(4294967583.626:41): pid=15500 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.1137" name="dbroot" dev="configfs" ino=41605 res=0 errno=0
[  474.421924][T15450] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  474.427985][T15450] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  474.481588][T15500] db_root: cannot open: 
[  474.506917][T15450] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  474.563621][T15450] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  474.601799][T15450] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  474.645889][T15450] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  474.686419][T15450] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  474.716079][T15450] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  474.765834][T15450] Bluetooth: hci7: Opcode 0x0c1a failed: -4
[  474.808213][T15450] Bluetooth: hci7: Opcode 0x0406 failed: -4
[  474.875775][T15450] Bluetooth: hci7: Opcode 0x0406 failed: -4
[  475.461907][ T5154] Bluetooth: hci0: command 0x0c1a tx timeout
[  476.223963][T15610] dyndbg: expected <4096 bytes into control
[  476.500563][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout
[  476.506826][ T5154] Bluetooth: hci1: command 0x0c1a tx timeout
[  476.580649][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout
[  476.588693][ T5154] Bluetooth: hci4: command 0x0c1a tx timeout
[  476.662724][ T5852] Bluetooth: hci5: command 0x0c1a tx timeout
[  476.668840][ T5154] Bluetooth: hci6: command 0x0c1a tx timeout
[  476.820877][ T5154] Bluetooth: hci7: command 0x0c1a tx timeout
[  477.422103][T15655] tc_dump_action: action bad kind
[  477.559617][T15658] FAULT_INJECTION: forcing a failure.
[  477.559617][T15658] name failslab, interval 1, probability 0, space 0, times 0
[  477.673064][T15658] CPU: 0 UID: 0 PID: 15658 Comm: syz.0.1146 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  477.673101][T15658] Tainted: [L]=SOFTLOCKUP
[  477.673109][T15658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  477.673123][T15658] Call Trace:
[  477.673130][T15658]  <TASK>
[  477.673138][T15658]  dump_stack_lvl+0x16c/0x1f0
[  477.673179][T15658]  should_fail_ex+0x512/0x640
[  477.673216][T15658]  ? __kvmalloc_node_noprof+0x129/0xa40
[  477.673246][T15658]  should_failslab+0xc2/0x120
[  477.673285][T15658]  __kvmalloc_node_noprof+0x14a/0xa40
[  477.673313][T15658]  ? proc_sys_call_handler+0x286/0x570
[  477.673351][T15658]  ? proc_sys_call_handler+0x286/0x570
[  477.673381][T15658]  proc_sys_call_handler+0x286/0x570
[  477.673414][T15658]  ? __pfx_proc_sys_call_handler+0x10/0x10
[  477.673447][T15658]  ? copy_splice_read+0x1a8/0xc20
[  477.673486][T15658]  copy_splice_read+0x618/0xc20
[  477.673526][T15658]  ? __pfx_copy_splice_read+0x10/0x10
[  477.673562][T15658]  ? look_up_lock_class+0x59/0x130
[  477.673601][T15658]  ? lockdep_init_map_type+0x5c/0x270
[  477.673634][T15658]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[  477.673668][T15658]  ? __pfx_copy_splice_read+0x10/0x10
[  477.673701][T15658]  do_splice_read+0x285/0x370
[  477.673737][T15658]  splice_direct_to_actor+0x2a1/0xa30
[  477.673774][T15658]  ? __pfx_direct_splice_actor+0x10/0x10
[  477.673814][T15658]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  477.673899][T15658]  ? get_pid_task+0xfc/0x250
[  477.673934][T15658]  do_splice_direct+0x174/0x240
[  477.673969][T15658]  ? __pfx_do_splice_direct+0x10/0x10
[  477.674004][T15658]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  477.674039][T15658]  ? bpf_lsm_file_permission+0x9/0x10
[  477.674076][T15658]  ? security_file_permission+0x71/0x210
[  477.674100][T15658]  ? rw_verify_area+0xcf/0x6c0
[  477.674131][T15658]  do_sendfile+0xb06/0xe50
[  477.674167][T15658]  ? __pfx_do_sendfile+0x10/0x10
[  477.674198][T15658]  ? __fget_files+0x20e/0x3c0
[  477.674239][T15658]  __x64_sys_sendfile64+0x1d8/0x220
[  477.674276][T15658]  ? ksys_write+0x1ac/0x250
[  477.674309][T15658]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  477.674356][T15658]  do_syscall_64+0xcd/0xf80
[  477.674395][T15658]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  477.674420][T15658] RIP: 0033:0x7ff831b8f7c9
[  477.674439][T15658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  477.674462][T15658] RSP: 002b:00007ff832ac7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  477.674484][T15658] RAX: ffffffffffffffda RBX: 00007ff831de5fa0 RCX: 00007ff831b8f7c9
[  477.674499][T15658] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[  477.674513][T15658] RBP: 00007ff832ac7090 R08: 0000000000000000 R09: 0000000000000000
[  477.674527][T15658] R10: 0000000000000040 R11: 0000000000000246 R12: 0000000000000001
[  477.674542][T15658] R13: 00007ff831de6038 R14: 00007ff831de5fa0 R15: 00007ffc23767db8
[  477.674572][T15658]  </TASK>
[  478.259190][T15664] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4)
[  478.708825][T15686] Page cache invalidation failure on direct I/O.  Possible data corruption due to collision with buffered I/O!
[  478.740283][ T5154] Bluetooth: hci6: command 0x0c1a tx timeout
[  478.778030][T15686] File: /dev/nullb0 PID: 15686 Comm: syz.5.1153
[  478.905142][ T5154] Bluetooth: hci7: command 0x0c1a tx timeout
[  479.392219][T15720] FAULT_INJECTION: forcing a failure.
[  479.392219][T15720] name failslab, interval 1, probability 0, space 0, times 0
[  479.476063][T15720] CPU: 0 UID: 0 PID: 15720 Comm: syz.0.1156 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  479.476102][T15720] Tainted: [L]=SOFTLOCKUP
[  479.476110][T15720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  479.476125][T15720] Call Trace:
[  479.476132][T15720]  <TASK>
[  479.476141][T15720]  dump_stack_lvl+0x16c/0x1f0
[  479.476183][T15720]  should_fail_ex+0x512/0x640
[  479.476220][T15720]  ? kmem_cache_alloc_noprof+0x62/0x770
[  479.476264][T15720]  should_failslab+0xc2/0x120
[  479.476297][T15720]  kmem_cache_alloc_noprof+0x83/0x770
[  479.476338][T15720]  ? do_timer_create+0x201/0x14c0
[  479.476382][T15720]  ? do_timer_create+0x201/0x14c0
[  479.476419][T15720]  do_timer_create+0x201/0x14c0
[  479.476459][T15720]  ? do_futex+0x122/0x350
[  479.476493][T15720]  ? __pfx_do_timer_create+0x10/0x10
[  479.476530][T15720]  ? __pfx_do_futex+0x10/0x10
[  479.476575][T15720]  __x64_sys_timer_create+0x199/0x1d0
[  479.476615][T15720]  ? __pfx___x64_sys_timer_create+0x10/0x10
[  479.476664][T15720]  ? fput+0x70/0xf0
[  479.476686][T15720]  ? xfd_validate_state+0x61/0x180
[  479.476711][T15720]  ? __pfx_ksys_write+0x10/0x10
[  479.476754][T15720]  do_syscall_64+0xcd/0xf80
[  479.476793][T15720]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  479.476818][T15720] RIP: 0033:0x7ff831b8f7c9
[  479.476836][T15720] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  479.476861][T15720] RSP: 002b:00007ff832ac7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000de
[  479.476883][T15720] RAX: ffffffffffffffda RBX: 00007ff831de5fa0 RCX: 00007ff831b8f7c9
[  479.476899][T15720] RDX: 0000200000000000 RSI: 0000000000000000 RDI: 0000000000000009
[  479.476913][T15720] RBP: 00007ff831c13f91 R08: 0000000000000000 R09: 0000000000000000
[  479.476928][T15720] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  479.476942][T15720] R13: 00007ff831de6038 R14: 00007ff831de5fa0 R15: 00007ffc23767db8
[  479.476973][T15720]  </TASK>
[  480.139911][T15728] FAULT_INJECTION: forcing a failure.
[  480.139911][T15728] name failslab, interval 1, probability 0, space 0, times 0
[  480.237061][T15728] CPU: 0 UID: 0 PID: 15728 Comm: syz.0.1158 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  480.237097][T15728] Tainted: [L]=SOFTLOCKUP
[  480.237104][T15728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  480.237116][T15728] Call Trace:
[  480.237123][T15728]  <TASK>
[  480.237132][T15728]  dump_stack_lvl+0x16c/0x1f0
[  480.237173][T15728]  should_fail_ex+0x512/0x640
[  480.237214][T15728]  ? kmem_cache_alloc_node_noprof+0x65/0x800
[  480.237243][T15728]  should_failslab+0xc2/0x120
[  480.237274][T15728]  kmem_cache_alloc_node_noprof+0x86/0x800
[  480.237297][T15728]  ? __alloc_skb+0x156/0x410
[  480.237340][T15728]  ? __alloc_skb+0x156/0x410
[  480.237375][T15728]  __alloc_skb+0x156/0x410
[  480.237410][T15728]  ? __alloc_skb+0x35d/0x410
[  480.237447][T15728]  ? __pfx___alloc_skb+0x10/0x10
[  480.237490][T15728]  ? __local_bh_enable_ip+0xa4/0x120
[  480.237517][T15728]  kcm_sendmsg+0x2005/0x2ca0
[  480.237571][T15728]  ? unwind_get_return_address+0x59/0xa0
[  480.237610][T15728]  ? aa_sk_perm+0x2f2/0xae0
[  480.237656][T15728]  ? __pfx_kcm_sendmsg+0x10/0x10
[  480.237683][T15728]  ? __pfx_stack_trace_save+0x10/0x10
[  480.237716][T15728]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  480.237754][T15728]  sock_sendmsg+0x3cc/0x470
[  480.237791][T15728]  ? do_splice_read+0x285/0x370
[  480.237824][T15728]  ? __pfx_sock_sendmsg+0x10/0x10
[  480.237855][T15728]  ? __x64_sys_sendfile64+0x1d8/0x220
[  480.237920][T15728]  splice_to_socket+0xaf4/0x1110
[  480.237971][T15728]  ? __pfx_splice_to_socket+0x10/0x10
[  480.238044][T15728]  ? lockdep_init_map_type+0x5c/0x270
[  480.238077][T15728]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[  480.238110][T15728]  ? __pfx_splice_to_socket+0x10/0x10
[  480.238148][T15728]  direct_splice_actor+0x192/0x6c0
[  480.238196][T15728]  splice_direct_to_actor+0x345/0xa30
[  480.238232][T15728]  ? __pfx_direct_splice_actor+0x10/0x10
[  480.238274][T15728]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  480.238308][T15728]  ? get_pid_task+0xfc/0x250
[  480.238344][T15728]  do_splice_direct+0x174/0x240
[  480.238379][T15728]  ? __pfx_do_splice_direct+0x10/0x10
[  480.238415][T15728]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  480.238450][T15728]  ? bpf_lsm_file_permission+0x9/0x10
[  480.238486][T15728]  ? security_file_permission+0x71/0x210
[  480.238510][T15728]  ? rw_verify_area+0xcf/0x6c0
[  480.238549][T15728]  do_sendfile+0xb06/0xe50
[  480.238585][T15728]  ? __pfx_do_sendfile+0x10/0x10
[  480.238617][T15728]  ? __fget_files+0x20e/0x3c0
[  480.238658][T15728]  __x64_sys_sendfile64+0x1d8/0x220
[  480.238694][T15728]  ? ksys_write+0x1ac/0x250
[  480.238726][T15728]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  480.238775][T15728]  do_syscall_64+0xcd/0xf80
[  480.238814][T15728]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  480.238839][T15728] RIP: 0033:0x7ff831b8f7c9
[  480.238857][T15728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  480.238881][T15728] RSP: 002b:00007ff832ac7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  480.238902][T15728] RAX: ffffffffffffffda RBX: 00007ff831de5fa0 RCX: 00007ff831b8f7c9
[  480.238918][T15728] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[  480.238932][T15728] RBP: 00007ff832ac7090 R08: 0000000000000000 R09: 0000000000000000
[  480.238946][T15728] R10: 0000000000000040 R11: 0000000000000246 R12: 0000000000000001
[  480.238960][T15728] R13: 00007ff831de6038 R14: 00007ff831de5fa0 R15: 00007ffc23767db8
[  480.238992][T15728]  </TASK>
[  480.960203][ T5852] Bluetooth: hci6: command 0x0c1a tx timeout
[  481.175159][ T5852] Bluetooth: hci7: command 0x0c1a tx timeout
[  481.242836][T15737] random: crng reseeded on system resumption
[  481.383905][T15737] hub 1-0:1.0: USB hub found
[  481.402856][T15737] hub 1-0:1.0: 1 port detected
[  481.521282][T15751] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1162'.
[  481.566055][T15751] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  482.522203][T15772] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1164'.
[  482.861425][T15777] random: crng reseeded on system resumption
[  484.868080][   T10] Process accounting resumed
[  485.376533][ T5852] Bluetooth: hci5: unexpected event 0x1d length: 6 > 5
[  485.817794][T15924] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1177'.
[  486.603800][ T5852] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[  487.999604][T16027] bdi 43:192: the stable_pages_required attribute has been removed. Use the stable_writes queue attribute instead.
[  488.076523][T16030] netlink: 186 bytes leftover after parsing attributes in process `syz.6.1191'.
[  488.308069][T16037] cougar: G6 mapped to F18
[  488.426817][T16045] ptrace attach of "./syz-executor exec"[5839] was attempted by ""[16045]
[  489.474861][ T5852] Bluetooth: hci5: unexpected event 0x1d length: 6 > 5
[  489.567719][ T5852] Bluetooth: hci0: unexpected event 0x35 length: 13 > 6
[  489.947178][T16103] netlink: 'syz.5.1197': attribute type 10 has an invalid length.
[  489.993172][T16103] netlink: 230 bytes leftover after parsing attributes in process `syz.5.1197'.
[  490.039968][T16103] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  490.106475][T16116] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1197'.
[  492.488963][T16184] random: crng reseeded on system resumption
[  493.973944][T16210] FAULT_INJECTION: forcing a failure.
[  493.973944][T16210] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  494.007678][T16210] CPU: 0 UID: 0 PID: 16210 Comm: syz.5.1208 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  494.007716][T16210] Tainted: [L]=SOFTLOCKUP
[  494.007724][T16210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  494.007737][T16210] Call Trace:
[  494.007745][T16210]  <TASK>
[  494.007754][T16210]  dump_stack_lvl+0x16c/0x1f0
[  494.007794][T16210]  should_fail_ex+0x512/0x640
[  494.007833][T16210]  should_fail_alloc_page+0xe7/0x130
[  494.007868][T16210]  prepare_alloc_pages+0x401/0x670
[  494.007903][T16210]  __alloc_frozen_pages_noprof+0x18b/0x2430
[  494.007931][T16210]  ? stack_trace_save+0x8e/0xc0
[  494.007959][T16210]  ? __pfx_stack_trace_save+0x10/0x10
[  494.007987][T16210]  ? stack_depot_save_flags+0x29/0x9b0
[  494.008024][T16210]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  494.008066][T16210]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  494.008089][T16210]  ? kasan_save_stack+0x33/0x60
[  494.008115][T16210]  ? __kasan_kmalloc+0xaa/0xb0
[  494.008141][T16210]  ? copy_splice_read+0x1a8/0xc20
[  494.008172][T16210]  ? do_splice_read+0x285/0x370
[  494.008203][T16210]  ? splice_direct_to_actor+0x2a1/0xa30
[  494.008235][T16210]  ? do_splice_direct+0x174/0x240
[  494.008267][T16210]  ? do_sendfile+0xb06/0xe50
[  494.008295][T16210]  ? __x64_sys_sendfile64+0x1d8/0x220
[  494.008331][T16210]  ? do_syscall_64+0xcd/0xf80
[  494.008387][T16210]  alloc_pages_bulk_noprof+0x77b/0x1010
[  494.008420][T16210]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  494.008452][T16210]  ? copy_splice_read+0x1a8/0xc20
[  494.008490][T16210]  copy_splice_read+0x1e1/0xc20
[  494.008530][T16210]  ? __pfx_copy_splice_read+0x10/0x10
[  494.008572][T16210]  ? lockdep_init_map_type+0x5c/0x270
[  494.008604][T16210]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[  494.008638][T16210]  ? __pfx_copy_splice_read+0x10/0x10
[  494.008670][T16210]  do_splice_read+0x285/0x370
[  494.008707][T16210]  splice_direct_to_actor+0x2a1/0xa30
[  494.008743][T16210]  ? __pfx_direct_splice_actor+0x10/0x10
[  494.008784][T16210]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  494.008816][T16210]  ? get_pid_task+0xfc/0x250
[  494.008850][T16210]  do_splice_direct+0x174/0x240
[  494.008884][T16210]  ? __pfx_do_splice_direct+0x10/0x10
[  494.008919][T16210]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  494.008954][T16210]  ? bpf_lsm_file_permission+0x9/0x10
[  494.008989][T16210]  ? security_file_permission+0x71/0x210
[  494.009012][T16210]  ? rw_verify_area+0xcf/0x6c0
[  494.009047][T16210]  do_sendfile+0xb06/0xe50
[  494.009083][T16210]  ? __pfx_do_sendfile+0x10/0x10
[  494.009114][T16210]  ? __fget_files+0x20e/0x3c0
[  494.009154][T16210]  __x64_sys_sendfile64+0x1d8/0x220
[  494.009191][T16210]  ? ksys_write+0x1ac/0x250
[  494.009222][T16210]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  494.009268][T16210]  do_syscall_64+0xcd/0xf80
[  494.009306][T16210]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  494.009331][T16210] RIP: 0033:0x7fb2dad8f7c9
[  494.009349][T16210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  494.009372][T16210] RSP: 002b:00007fb2dbc03038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  494.009394][T16210] RAX: ffffffffffffffda RBX: 00007fb2dafe5fa0 RCX: 00007fb2dad8f7c9
[  494.009410][T16210] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[  494.009423][T16210] RBP: 00007fb2dbc03090 R08: 0000000000000000 R09: 0000000000000000
[  494.009437][T16210] R10: 0000000000000040 R11: 0000000000000246 R12: 0000000000000002
[  494.009451][T16210] R13: 00007fb2dafe6038 R14: 00007fb2dafe5fa0 R15: 00007ffcd69df488
[  494.009481][T16210]  </TASK>
[  495.295535][T16215] input: jJǸ���;9�%v����l��Q�	J86�� as /devices/virtual/input/input31
[  495.323425][T16215] FAULT_INJECTION: forcing a failure.
[  495.323425][T16215] name failslab, interval 1, probability 0, space 0, times 0
[  495.377748][T16215] CPU: 0 UID: 0 PID: 16215 Comm: syz.5.1210 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  495.377789][T16215] Tainted: [L]=SOFTLOCKUP
[  495.377797][T16215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  495.377813][T16215] Call Trace:
[  495.377820][T16215]  <TASK>
[  495.377829][T16215]  dump_stack_lvl+0x16c/0x1f0
[  495.377871][T16215]  should_fail_ex+0x512/0x640
[  495.377909][T16215]  ? kmem_cache_alloc_noprof+0x62/0x770
[  495.377953][T16215]  should_failslab+0xc2/0x120
[  495.377996][T16215]  kmem_cache_alloc_noprof+0x83/0x770
[  495.378036][T16215]  ? __kernfs_new_node+0xd2/0x990
[  495.378071][T16215]  ? __kernfs_new_node+0xd2/0x990
[  495.378098][T16215]  __kernfs_new_node+0xd2/0x990
[  495.378131][T16215]  ? __pfx___kernfs_new_node+0x10/0x10
[  495.378167][T16215]  ? find_held_lock+0x2b/0x80
[  495.378207][T16215]  ? kernfs_root+0xee/0x2a0
[  495.378241][T16215]  kernfs_new_node+0x13c/0x1e0
[  495.378279][T16215]  __kernfs_create_file+0x53/0x350
[  495.378322][T16215]  sysfs_add_file_mode_ns+0x207/0x3c0
[  495.378361][T16215]  sysfs_merge_group+0x1aa/0x340
[  495.378392][T16215]  ? __pfx_sysfs_merge_group+0x10/0x10
[  495.378426][T16215]  ? __pfx_dev_add_physical_location+0x10/0x10
[  495.378458][T16215]  ? bus_to_subsys+0x131/0x160
[  495.378495][T16215]  dpm_sysfs_add+0x237/0x280
[  495.378523][T16215]  device_add+0x9a6/0x1950
[  495.378556][T16215]  ? __pfx_device_add+0x10/0x10
[  495.378585][T16215]  ? __pfx_exact_lock+0x10/0x10
[  495.378625][T16215]  ? kobject_get+0xbb/0x150
[  495.378666][T16215]  cdev_device_add+0xc2/0x1e0
[  495.378704][T16215]  evdev_connect+0x3a4/0x4c0
[  495.378736][T16215]  input_attach_handler.isra.0+0x176/0x250
[  495.378767][T16215]  input_register_device+0xab9/0x1180
[  495.378792][T16215]  ? input_ff_create+0x221/0x350
[  495.378829][T16215]  uinput_ioctl_handler.isra.0+0x1357/0x1df0
[  495.378867][T16215]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  495.378896][T16215]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[  495.378941][T16215]  ? find_held_lock+0x2b/0x80
[  495.378999][T16215]  ? __pfx_uinput_ioctl+0x10/0x10
[  495.379042][T16215]  __x64_sys_ioctl+0x18e/0x210
[  495.379073][T16215]  do_syscall_64+0xcd/0xf80
[  495.379112][T16215]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  495.379137][T16215] RIP: 0033:0x7fb2dad8f7c9
[  495.379156][T16215] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  495.379180][T16215] RSP: 002b:00007fb2dbc03038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  495.379203][T16215] RAX: ffffffffffffffda RBX: 00007fb2dafe5fa0 RCX: 00007fb2dad8f7c9
[  495.379219][T16215] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000009
[  495.379233][T16215] RBP: 00007fb2dae13f91 R08: 0000000000000000 R09: 0000000000000000
[  495.379248][T16215] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  495.379262][T16215] R13: 00007fb2dafe6038 R14: 00007fb2dafe5fa0 R15: 00007ffcd69df488
[  495.379294][T16215]  </TASK>
[  495.967554][T16224] serio: Serial port pty6
[  496.006351][T16215] input: failed to attach handler evdev to device input31, error: -12
[  497.291093][ T5852] Bluetooth: hci5: unexpected event 0x35 length: 13 > 6
[  497.352270][T16243] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  497.377579][T16243] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  497.406928][T16243] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  497.448182][T16243] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  497.490799][T16243] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  497.513672][T16243] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  497.590957][T16243] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  497.661064][T16243] Bluetooth: hci7: Opcode 0x0c1a failed: -4
[  498.180927][T16296] random: crng reseeded on system resumption
[  498.361139][T16302] FAULT_INJECTION: forcing a failure.
[  498.361139][T16302] name failslab, interval 1, probability 0, space 0, times 0
[  498.392437][T16302] CPU: 0 UID: 0 PID: 16302 Comm: syz.0.1218 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  498.392473][T16302] Tainted: [L]=SOFTLOCKUP
[  498.392481][T16302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  498.392493][T16302] Call Trace:
[  498.392500][T16302]  <TASK>
[  498.392508][T16302]  dump_stack_lvl+0x16c/0x1f0
[  498.392549][T16302]  should_fail_ex+0x512/0x640
[  498.392584][T16302]  ? __kvmalloc_node_noprof+0x129/0xa40
[  498.392621][T16302]  should_failslab+0xc2/0x120
[  498.392654][T16302]  __kvmalloc_node_noprof+0x14a/0xa40
[  498.392682][T16302]  ? proc_sys_call_handler+0x286/0x570
[  498.392720][T16302]  ? proc_sys_call_handler+0x286/0x570
[  498.392750][T16302]  proc_sys_call_handler+0x286/0x570
[  498.392784][T16302]  ? __pfx_proc_sys_call_handler+0x10/0x10
[  498.392816][T16302]  ? copy_splice_read+0x1a8/0xc20
[  498.392854][T16302]  copy_splice_read+0x618/0xc20
[  498.392895][T16302]  ? __pfx_copy_splice_read+0x10/0x10
[  498.392937][T16302]  ? lockdep_init_map_type+0x5c/0x270
[  498.392969][T16302]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[  498.393003][T16302]  ? __pfx_copy_splice_read+0x10/0x10
[  498.393035][T16302]  do_splice_read+0x285/0x370
[  498.393072][T16302]  splice_direct_to_actor+0x2a1/0xa30
[  498.393108][T16302]  ? __pfx_direct_splice_actor+0x10/0x10
[  498.393148][T16302]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  498.393181][T16302]  ? get_pid_task+0xfc/0x250
[  498.393216][T16302]  do_splice_direct+0x174/0x240
[  498.393250][T16302]  ? __pfx_do_splice_direct+0x10/0x10
[  498.393287][T16302]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  498.393321][T16302]  ? bpf_lsm_file_permission+0x9/0x10
[  498.393357][T16302]  ? security_file_permission+0x71/0x210
[  498.393381][T16302]  ? rw_verify_area+0xcf/0x6c0
[  498.393412][T16302]  do_sendfile+0xb06/0xe50
[  498.393449][T16302]  ? __pfx_do_sendfile+0x10/0x10
[  498.393480][T16302]  ? __fget_files+0x20e/0x3c0
[  498.393520][T16302]  __x64_sys_sendfile64+0x1d8/0x220
[  498.393557][T16302]  ? ksys_write+0x1ac/0x250
[  498.393592][T16302]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  498.393639][T16302]  do_syscall_64+0xcd/0xf80
[  498.393678][T16302]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  498.393703][T16302] RIP: 0033:0x7ff831b8f7c9
[  498.393721][T16302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  498.393745][T16302] RSP: 002b:00007ff832ac7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  498.393767][T16302] RAX: ffffffffffffffda RBX: 00007ff831de5fa0 RCX: 00007ff831b8f7c9
[  498.393783][T16302] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[  498.393797][T16302] RBP: 00007ff832ac7090 R08: 0000000000000000 R09: 0000000000000000
[  498.393812][T16302] R10: 0000000000000040 R11: 0000000000000246 R12: 0000000000000002
[  498.393826][T16302] R13: 00007ff831de6038 R14: 00007ff831de5fa0 R15: 00007ffc23767db8
[  498.393857][T16302]  </TASK>
[  499.386022][ T5154] Bluetooth: hci0: command 0x0c1a tx timeout
[  499.392436][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout
[  499.464672][ T5154] Bluetooth: hci2: command 0x0c1a tx timeout
[  499.471615][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout
[  499.540707][ T5847] Bluetooth: hci4: command 0x0c1a tx timeout
[  499.546804][ T5154] Bluetooth: hci5: command 0x0c1a tx timeout
[  499.553330][ T5852] Bluetooth: hci6: command 0x0c1a tx timeout
[  499.700606][ T5852] Bluetooth: hci7: command 0x0c1a tx timeout
[  499.994733][T16364] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1222'.
[  502.364297][ T5847] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  502.373936][ T5847] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  502.382145][ T5847] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  502.390351][ T5847] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  502.414720][ T5847] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  503.659497][T16466] chnl_net:caif_netlink_parms(): no params data found
[  504.126216][T16466] bridge0: port 1(bridge_slave_0) entered blocking state
[  504.153429][ T5847] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[  504.170223][T16466] bridge0: port 1(bridge_slave_0) entered disabled state
[  504.251338][T16466] bridge_slave_0: entered allmulticast mode
[  504.305350][T16466] bridge_slave_0: entered promiscuous mode
[  504.324697][T16466] bridge0: port 2(bridge_slave_1) entered blocking state
[  504.369409][T16466] bridge0: port 2(bridge_slave_1) entered disabled state
[  504.422762][T16466] bridge_slave_1: entered allmulticast mode
[  504.463084][T16466] bridge_slave_1: entered promiscuous mode
[  504.500260][ T5847] Bluetooth: hci8: command tx timeout
[  504.554940][T16634] netlink: 'syz.0.1236': attribute type 5 has an invalid length.
[  504.612265][T16466] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  504.639973][T16634] netlink: 4158 bytes leftover after parsing attributes in process `syz.0.1236'.
[  504.664981][T16466] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  504.821513][T16466] team0: Port device team_slave_0 added
[  504.829608][T16466] team0: Port device team_slave_1 added
[  504.995677][T16466] batman_adv: batadv0: Adding interface: batadv_slave_0
[  505.013093][T16466] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  505.074956][T16466] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  505.109428][T16466] batman_adv: batadv0: Adding interface: batadv_slave_1
[  505.126686][T16466] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  505.185269][T16466] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  505.364284][T16466] hsr_slave_0: entered promiscuous mode
[  505.373799][T16466] hsr_slave_1: entered promiscuous mode
[  505.396350][T16466] debugfs: 'hsr0' already exists in 'hsr'
[  505.430395][T16466] Cannot create hsr debugfs directory
[  506.580249][ T5847] Bluetooth: hci8: command tx timeout
[  506.656338][T16466] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  506.734887][T16466] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  506.790703][T16466] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  506.874958][T16466] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  507.187147][T16884] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1238'.
[  507.457296][ T5852] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  507.469360][ T5852] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  507.478016][ T5852] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  507.485968][ T5852] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  507.506089][ T5852] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  507.591394][T16466] 8021q: adding VLAN 0 to HW filter on device bond0
[  507.711485][T16466] 8021q: adding VLAN 0 to HW filter on device team0
[  507.800084][ T4736] bridge0: port 1(bridge_slave_0) entered blocking state
[  507.807333][ T4736] bridge0: port 1(bridge_slave_0) entered forwarding state
[  507.907724][ T4736] bridge0: port 2(bridge_slave_1) entered blocking state
[  507.915046][ T4736] bridge0: port 2(bridge_slave_1) entered forwarding state
[  508.661882][ T5852] Bluetooth: hci8: command tx timeout
[  508.720188][T16886] chnl_net:caif_netlink_parms(): no params data found
[  509.268007][T16466] 8021q: adding VLAN 0 to HW filter on device batadv0
[  509.295753][T16886] bridge0: port 1(bridge_slave_0) entered blocking state
[  509.324061][T16886] bridge0: port 1(bridge_slave_0) entered disabled state
[  509.359664][T16886] bridge_slave_0: entered allmulticast mode
[  509.410832][T16886] bridge_slave_0: entered promiscuous mode
[  509.499739][T16886] bridge0: port 2(bridge_slave_1) entered blocking state
[  509.524055][T16886] bridge0: port 2(bridge_slave_1) entered disabled state
[  509.542463][ T5852] Bluetooth: hci9: command tx timeout
[  509.573088][T16886] bridge_slave_1: entered allmulticast mode
[  509.601197][T16886] bridge_slave_1: entered promiscuous mode
[  509.744228][T16886] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  509.857460][T16886] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  510.065708][T16886] team0: Port device team_slave_0 added
[  510.094036][T16886] team0: Port device team_slave_1 added
[  510.217521][T16886] batman_adv: batadv0: Adding interface: batadv_slave_0
[  510.249847][T16886] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  510.314802][T16886] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  510.353170][T16886] batman_adv: batadv0: Adding interface: batadv_slave_1
[  510.383318][T16886] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  510.480829][T16886] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  510.621709][T17160] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1245'.
[  510.743483][ T5852] Bluetooth: hci8: command tx timeout
[  510.956122][T16886] hsr_slave_0: entered promiscuous mode
[  510.988292][T16886] hsr_slave_1: entered promiscuous mode
[  511.048664][T16886] debugfs: 'hsr0' already exists in 'hsr'
[  511.090461][T16886] Cannot create hsr debugfs directory
[  511.174307][T16466] veth0_vlan: entered promiscuous mode
[  511.583038][T16466] veth1_vlan: entered promiscuous mode
[  511.620756][ T5852] Bluetooth: hci9: command tx timeout
[  511.947204][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  511.954045][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  512.346184][T16466] veth0_macvtap: entered promiscuous mode
[  512.394062][T16466] veth1_macvtap: entered promiscuous mode
[  512.562303][T16466] batman_adv: batadv0: Interface activated: batadv_slave_0
[  512.625117][T16466] batman_adv: batadv0: Interface activated: batadv_slave_1
[  512.712529][T16886] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  512.749309][ T3539] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  512.775722][T16886] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  512.789714][T17332] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1251'.
[  512.808208][ T3539] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  512.834624][T16886] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  512.892826][ T3539] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  512.928512][T16886] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  512.999536][ T3539] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  513.379512][ T1150] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  513.429342][ T1150] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  513.704544][ T5852] Bluetooth: hci9: command tx timeout
[  513.757026][ T1150] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  513.815453][ T1150] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  513.970637][T16886] 8021q: adding VLAN 0 to HW filter on device bond0
[  514.089065][T16886] 8021q: adding VLAN 0 to HW filter on device team0
[  514.166653][ T3513] bridge0: port 1(bridge_slave_0) entered blocking state
[  514.173990][ T3513] bridge0: port 1(bridge_slave_0) entered forwarding state
[  514.263365][ T3513] bridge0: port 2(bridge_slave_1) entered blocking state
[  514.270587][ T3513] bridge0: port 2(bridge_slave_1) entered forwarding state
[  514.482504][ T5852] Bluetooth: hci8: unexpected event 0x1d length: 6 > 5
[  515.254090][T17451] Invalid ELF header magic: != ELF
[  515.781002][ T5852] Bluetooth: hci9: command tx timeout
[  515.809251][T17478] random: crng reseeded on system resumption
[  515.881498][T16886] 8021q: adding VLAN 0 to HW filter on device batadv0
[  517.390844][T16886] veth0_vlan: entered promiscuous mode
[  517.444200][T16886] veth1_vlan: entered promiscuous mode
[  517.786930][T16886] veth0_macvtap: entered promiscuous mode
[  517.857102][T16886] veth1_macvtap: entered promiscuous mode
[  517.992411][T16886] batman_adv: batadv0: Interface activated: batadv_slave_0
[  518.099652][T16886] batman_adv: batadv0: Interface activated: batadv_slave_1
[  518.205812][ T6108] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  518.206638][ T6108] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  518.206684][ T6108] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  518.206726][ T6108] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  518.668105][ T1150] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  518.668160][ T1150] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  518.888185][ T6109] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  518.888211][ T6109] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  520.514095][T17679] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1268'.
[  522.266558][T17708] [U] 	
[  522.269587][T17708] [U] 
[  522.272303][T17708] [U] 
[  522.275015][T17708] [U] 
[  522.277725][T17708] [U] 
[  522.631526][T17708] [U] 
[  522.634288][T17708] [U] 
[  522.637005][T17708] [U] 
[  522.640066][T17708] [U] 
[  523.002497][T17708] [U] 
[  523.005259][T17708] [U] 
[  523.007978][T17708] [U] 
[  523.010694][T17708] [U] 
[  523.314217][T17708] [U] 
[  523.316975][T17708] [U] 
[  523.319688][T17708] [U] 
[  523.322405][T17708] [U] 
[  523.604207][T17708] [U] 
[  523.980409][T17793] nbd: couldn't find a device at index 35644
[  527.830504][ T5852] Bluetooth: hci9: unexpected event 0x1d length: 6 > 5
[  527.944265][   T31] INFO: task syz.2.860:11036 blocked for more than 143 seconds.
[  527.974446][   T31]       Tainted: G             L      syzkaller #0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  528.016120][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  528.087214][   T31] task:syz.2.860       state:D stack:28584 pid:11036 tgid:11035 ppid:5841   task_flags:0x400140 flags:0x00080002
[  528.169239][   T31] Call Trace:
[  528.189353][   T31]  <TASK>
[  528.253590][   T31]  ? __schedule+0x10b9/0x6150
[  528.306369][   T31]  __schedule+0x1139/0x6150
[  528.362426][   T31]  ? __pfx___schedule+0x10/0x10
[  528.422553][   T31]  ? find_held_lock+0x2b/0x80
[  528.427311][   T31]  ? schedule+0x2d7/0x3a0
[  528.492298][   T31]  schedule+0xe7/0x3a0
[  528.496447][   T31]  schedule_preempt_disabled+0x13/0x30
[  528.550075][   T31]  __mutex_lock+0xcf8/0x1b10
[  528.554727][   T31]  ? nfsd_shutdown_threads+0x5b/0xf0
[  528.620326][   T31]  ? __lock_acquire+0x433/0x22f0
[  528.625345][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  528.674164][   T31]  ? net_generic+0xea/0x2a0
[  528.678831][   T31]  ? nfsd_shutdown_threads+0x5b/0xf0
[  528.720090][   T31]  nfsd_shutdown_threads+0x5b/0xf0
[  528.725483][   T31]  nfsd_umount+0x3b/0x60
[  528.729764][   T31]  deactivate_locked_super+0xc1/0x1a0
[  528.760130][   T31]  deactivate_super+0xde/0x100
[  528.794145][   T31]  cleanup_mnt+0x225/0x450
[  528.798639][   T31]  task_work_run+0x150/0x240
[  528.822981][   T31]  ? __pfx_task_work_run+0x10/0x10
[  528.828161][   T31]  ? __x64_sys_mount+0x23e/0x310
[  528.868370][   T31]  exit_to_user_mode_loop+0xfb/0x540
[  528.874082][   T31]  do_syscall_64+0x4ee/0xf80
[  528.878720][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  528.937737][   T31] RIP: 0033:0x7f3bccd8f7c9
[  528.970518][   T31] RSP: 002b:00007f3bcdd0b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  528.978990][   T31] RAX: ffffffffffffffec RBX: 00007f3bccfe5fa0 RCX: 00007f3bccd8f7c9
[  529.050127][   T31] RDX: 0000200000000580 RSI: 0000200000000100 RDI: 0000000000000000
[  529.058157][   T31] RBP: 00007f3bcce13f91 R08: 0000000000000000 R09: 0000000000000000
[  529.115470][   T31] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000
[  529.175600][   T31] R13: 00007f3bccfe6038 R14: 00007f3bccfe5fa0 R15: 00007ffdabb5cce8
[  529.210176][   T31]  </TASK>
[  529.246341][   T31] 
[  529.246341][   T31] Showing all locks held in the system:
[  529.280392][   T31] 1 lock held by khungtaskd/31:
[  529.285286][   T31]  #0: ffffffff8e3c92e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0
[  529.360870][   T31] 2 locks held by syz-executor/5839:
[  529.366199][   T31]  #0: ffff8880302a60e0 (&type->s_umount_key#51){+.+.}-{4:4}, at: deactivate_super+0xd6/0x100
[  529.427854][   T31]  #1: ffffffff8e7ff868 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0
[  529.540230][   T31] 2 locks held by syz-executor/5843:
[  529.545566][   T31]  #0: ffff88806b2740e0 (&type->s_umount_key#51){+.+.}-{4:4}, at: deactivate_super+0xd6/0x100
[  529.630174][   T31]  #1: ffffffff8e7ff868 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0
[  529.708310][   T31] 4 locks held by kworker/0:5/5925:
[  529.753815][   T31]  #0: ffff8880b843add8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130
[  529.820166][   T31]  #1: ffff8880b8424608 (psi_seq){-.-.}-{0:0}, at: __schedule+0x19b1/0x6150
[  529.828961][   T31]  #2: ffffffff8e5672c8 (vmap_purge_lock){+.+.}-{4:4}, at: drain_vmap_area_work+0x17/0x40
[  529.930162][   T31]  #3: ffffffff9ae39c08 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_object_assert_init+0x146/0x2f0
[  529.993949][   T31] 2 locks held by getty/6840:
[  529.998673][   T31]  #0: ffff88814ebed0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  530.096398][   T31]  #1: ffffc90003a2b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0
[  530.154353][   T31] 2 locks held by syz.3.830/10514:
[  530.159510][   T31]  #0: ffffffff901d5d90 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  530.250085][   T31]  #1: ffffffff8e7ff868 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x687/0xbc0
[  530.322021][   T31] 2 locks held by syz.2.860/11036:
[  530.327178][   T31]  #0: ffff8880595920e0 (&type->s_umount_key#51){+.+.}-{4:4}, at: deactivate_super+0xd6/0x100
[  530.424774][   T31]  #1: ffffffff8e7ff868 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0
[  530.460126][   T31] 2 locks held by syz-executor/11220:
[  530.465551][   T31]  #0: ffff88802a1000e0 (&type->s_umount_key#51){+.+.}-{4:4}, at: deactivate_super+0xd6/0x100
[  530.550162][   T31]  #1: ffffffff8e7ff868 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0
[  530.586606][   T31] 2 locks held by syz-executor/13820:
[  530.620084][   T31]  #0: ffff88807ba220e0 (&type->s_umount_key#51){+.+.}-{4:4}, at: deactivate_super+0xd6/0x100
[  530.650116][   T31]  #1: ffffffff8e7ff868 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0
[  530.673820][   T31] 2 locks held by syz-executor/14431:
[  530.679233][   T31]  #0: ffff88805be3c0e0 (&type->s_umount_key#51){+.+.}-{4:4}, at: deactivate_super+0xd6/0x100
[  530.711052][   T31]  #1: ffffffff8e7ff868 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0
[  530.730137][   T31] 3 locks held by kworker/0:13/15719:
[  530.735553][   T31]  #0: ffff88813ff55948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20
[  530.770141][   T31]  #1: ffffc9000ba97c90 (free_ipc_work){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20
[  530.779883][   T31]  #2: ffffffff8e3d4a38 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x1a3/0x3c0
[  530.820391][   T31] 3 locks held by syz-executor/16886:
[  530.825910][   T31]  #0: ffff8880551f8ec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_close+0x26/0x90
[  530.841287][   T31]  #1: ffff8880551f80c0 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x3ae/0x11d0
[  530.851361][   T31]  #2: ffffffff903ac7c8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xbb/0x260
[  530.865612][   T31] 3 locks held by syz.5.1278/17851:
[  530.871291][   T31]  #0: ffff88808a3d00a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_release+0x153/0x2e0
[  530.881411][   T31]  #1: ffff88808a3d10a0 (&tty->ldisc_sem/1){+.+.}-{0:0}, at: tty_ldisc_release+0x17d/0x2e0
[  530.891738][   T31]  #2: ffffffff8e3d4a38 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x1a3/0x3c0
[  530.902821][   T31] 4 locks held by syz.8.1282/17872:
[  530.908041][   T31]  #0: ffff888036904ec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_close+0x26/0x90
[  530.928073][   T31]  #1: ffff8880369040c0 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x3ae/0x11d0
[  530.938044][   T31]  #2: ffffffff903ac7c8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xbb/0x260
[  530.948486][   T31]  #3: ffff88807d383338 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x80/0x730
[  531.060889][   T31] 
[  531.063279][   T31] =============================================
[  531.063279][   T31] 
[  531.110272][   T31] NMI backtrace for cpu 0
[  531.110294][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  531.110324][   T31] Tainted: [L]=SOFTLOCKUP
[  531.110331][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  531.110345][   T31] Call Trace:
[  531.110351][   T31]  <TASK>
[  531.110360][   T31]  dump_stack_lvl+0x116/0x1f0
[  531.110400][   T31]  nmi_cpu_backtrace+0x27b/0x390
[  531.110428][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  531.110457][   T31]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[  531.110487][   T31]  watchdog+0xf14/0x1140
[  531.110517][   T31]  ? rcu_is_watching+0x12/0xc0
[  531.110541][   T31]  ? __pfx_watchdog+0x10/0x10
[  531.110565][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  531.110602][   T31]  ? __kthread_parkme+0x19e/0x250
[  531.110628][   T31]  ? __pfx_watchdog+0x10/0x10
[  531.110652][   T31]  kthread+0x3c5/0x780
[  531.110681][   T31]  ? __pfx_kthread+0x10/0x10
[  531.110711][   T31]  ? rcu_is_watching+0x12/0xc0
[  531.110734][   T31]  ? __pfx_kthread+0x10/0x10
[  531.110763][   T31]  ret_from_fork+0x983/0xb10
[  531.110789][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  531.110817][   T31]  ? __switch_to+0x7af/0x10d0
[  531.110849][   T31]  ? __pfx_kthread+0x10/0x10
[  531.110878][   T31]  ret_from_fork_asm+0x1a/0x30
[  531.110927][   T31]  </TASK>
[  531.838713][ T6833] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  531.989534][ T6833] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  532.084456][ T6833] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  532.232165][ T6833] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  532.603188][ T6833] bridge_slave_1: left allmulticast mode
[  532.609157][ T6833] bridge_slave_1: left promiscuous mode
[  532.645252][ T6833] bridge0: port 2(bridge_slave_1) entered disabled state
[  532.705753][ T6833] bridge_slave_0: left allmulticast mode
[  532.723183][ T6833] bridge_slave_0: left promiscuous mode
[  532.728977][ T6833] bridge0: port 1(bridge_slave_0) entered disabled state
[  533.126413][ T6833] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  533.141300][ T6833] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  533.152699][ T6833] bond0 (unregistering): Released all slaves
[  533.555141][ T6833] hsr_slave_0: left promiscuous mode
[  533.572480][ T6833] hsr_slave_1: left promiscuous mode
[  533.591465][ T6833] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  533.599023][ T6833] batman_adv: batadv0: Removing interface: batadv_slave_0
[  533.630437][ T6833] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  533.637859][ T6833] batman_adv: batadv0: Removing interface: batadv_slave_1
[  533.748867][ T6833] veth1_macvtap: left promiscuous mode
[  533.762415][ T6833] veth0_macvtap: left promiscuous mode
[  533.768364][ T6833] veth1_vlan: left promiscuous mode
[  533.800416][ T6833] veth0_vlan: left promiscuous mode
[  534.644908][ T6833] team0 (unregistering): Port device team_slave_1 removed
[  534.703835][ T6833] team0 (unregistering): Port device team_slave_0 removed
[  535.504639][ T6833] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  535.606556][ T6833] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  535.722890][ T6833] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  535.820258][ T6833] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  536.072858][ T6833] bridge_slave_1: left allmulticast mode
[  536.078723][ T6833] bridge_slave_1: left promiscuous mode
[  536.111935][ T6833] bridge0: port 2(bridge_slave_1) entered disabled state
[  536.123975][ T6833] bridge_slave_0: left allmulticast mode
[  536.129693][ T6833] bridge_slave_0: left promiscuous mode
[  536.165284][ T6833] bridge0: port 1(bridge_slave_0) entered disabled state
[  536.522419][ T6833] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  536.539751][ T6833] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  536.557506][ T6833] bond0 (unregistering): Released all slaves
[  536.864086][ T6833] hsr_slave_0: left promiscuous mode
[  536.886074][ T6833] hsr_slave_1: left promiscuous mode
[  536.905357][ T6833] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  536.921441][ T6833] batman_adv: batadv0: Removing interface: batadv_slave_0
[  536.942502][ T6833] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  536.949936][ T6833] batman_adv: batadv0: Removing interface: batadv_slave_1
[  537.018991][ T6833] veth1_macvtap: left promiscuous mode
[  537.040264][ T6833] veth0_macvtap: left promiscuous mode
[  537.045924][ T6833] veth1_vlan: left promiscuous mode
[  537.062569][ T6833] veth0_vlan: left promiscuous mode