last executing test programs:

9.586160416s ago: executing program 2 (id=274):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2)
syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = socket(0xa, 0x2, 0x3a)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x600002, 0x0)
ptrace$auto(0x1ff, r2, 0x4, 0x6)
ptrace$auto(0xf, r2, 0xfffffffffffffffe, 0x8000000000000000)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/adsp1\x00', 0x200, 0x0)
ioctl$auto_SNDCTL_DSP_GETTRIGGER(r3, 0x80045010, &(0x7f0000004440))
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x20007, 0xdf, 0x1f, r1, 0x3)
openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000000), 0x101080, 0x0)
lseek$auto(0x3, 0x7fffffffffffffff, 0x1)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x4, 0x9, 0xffff)
r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x101000, 0x0)
cachestat$auto(r4, &(0x7f00000000c0)={0x401, 0x428a}, &(0x7f0000000100)={0x8, 0x3, 0x18, 0x5, 0x4}, 0x0)
r5 = openat$auto_sco_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000280), 0x400800, 0x0)
read$auto_sco_debugfs_fops_(r5, &(0x7f00000001c0)=""/124, 0x7c)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0)
r6 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0)
read$auto(r6, 0x0, 0xb4d3)
write$auto(0x3, 0x0, 0xffd8)

8.559860604s ago: executing program 3 (id=276):
r0 = socket(0x25, 0x805, 0x3)
mmap$auto(0x0, 0x20009, 0x9c2e, 0xeb1, 0xffffffffffffffff, 0x0)
r1 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0)
r2 = ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000)
r5 = openat$auto_generic(0xffffffffffffff9c, 0x0, 0xbcbc0, 0x0)
read$auto_proc_page_owner_threshold_(r5, 0x0, 0x0)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/vhci_hcd.0/usb10/ep_00/interval\x00', 0x4642c3, 0x0)
sendfile$auto(r6, r6, 0x0, 0x5)
ioctl$auto_PPPIOCSPASS(r4, 0x40107447, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r7 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x3, 0x3, 0xeb1, 0x7, 0x8000)
r8 = socket(0xa, 0x1, 0x84)
getsockopt$auto(r8, 0x84, 0x80, 0x0, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="1b0026bd7000fddbdf2503000000040008000c00038008000c00", @ANYRES32, @ANYBLOB="12000100016a76f37bf001cad1a2e8b99d44a02200000100"], 0x3c}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
futimesat$auto(r7, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x10001, 0x6})
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x968b, 0x100, 0x15f4da07, 0x3, 0x3, 0x200000000fff, 0x8002001f, 0x1, 0x80080000002, 0x7, 0x2, 0x8]}, 0x0)
epoll_ctl$auto_EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, r2, &(0x7f0000000140)={0x2, 0xaad})
close_range$auto(0x0, 0xfffffffffffff000, 0x2)

7.286190404s ago: executing program 3 (id=280):
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000640)='/dev/snd/controlC0\x00', 0x80, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400)
socket(0xa, 0x1, 0x100)
ioperm$auto(0x7, 0x5ad2, 0x8)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000)
recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="180027"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
modify_ldt$auto(0x1, 0x0, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0)
r1 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
pread64$auto(r1, &(0x7f0000000040)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9e\xcb\xec\x9e{W\xed>\xe7l\xcb\x90\\/\x84\x99!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6', 0x7ff, 0x400)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/btrfs/features/supported_checksums\x00', 0x40a00, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000080)=""/19, 0x13)
socket(0x3, 0x1, 0x4)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x210040, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socket(0x9, 0x3, 0x9)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x4, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/fs/cifs/dfscache\x00', 0x0, 0x0)
pread64$auto(r4, 0x0, 0x3, 0x6c2)
unshare$auto(0x40000080)

6.977407181s ago: executing program 0 (id=281):
r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fb0\x00', 0x20401, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003140), r1)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
r2 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
fcntl$auto(r2, 0x400, 0x1)
execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
r3 = socket(0xa, 0x2, 0x84)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/ip6_mr_vif\x00', 0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000140)=""/12, 0xc)
setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd3/queue/iosched/write_expire\x00', 0x20681, 0x0)
r5 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
openat$auto_buffer_percent_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/buffer_percent\x00', 0x1, 0x0)
writev$auto(r3, 0x0, 0x9)
fcntl$auto(r5, 0xfffffffd, 0x0)
r6 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x101a02, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r6, 0xc1105517, &(0x7f00000001c0)={{@raw=0xfff, 0x100110d, 0xfffd, 0x6, "e927783f468fa2e92fe8ec7a46cbb766439daa1ee1aa0000000000040000660e0701000000000000008000"}, 0x6, 0x0, 0x4, @raw=0x404, @enumerated={0x55d3, 0x7, "bf154d70dcfcea02faacb07c4222db1f207fdb681dc9b0bf2c6c9ce16d51ebc73df6a7aa16659cd5e4dc8374caf945548e604179f1f87c3bd8701d3d5c3d998c", 0xffffffffffffffff, 0x91e0}, "a4699d30a05edbe0d28473c399a7dc920b153e9b1675451d7de94b4123f970bedd3460c667373fcc59b584d81592f6ab606c276852295e00af49e6de6e768034"})
execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
execve$auto(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f00000000c0)='-7', 0x2)
close_range$auto(0x2, 0x8, 0x0)
r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/vkms/graphics/fb0/blank\x00', 0xa001, 0x0)
write$auto(r7, &(0x7f0000000140)='7\x00\xb1\x9a\xc0\xf9\xc0e\xd2T\xbe\xb6I\x9d\xd9\x18\xf5\x91\xbfq\xfe\xf2\x9a\x02\x9fC0xb\xccW(\xc1n+\n|5\xa5\x9c=^\xf1\x11H\x1c\xf73\x16\xd2\a\xfaw\xcc\xf1\xff7\xab\xa1\xeaF\x04\x17\x99\xd3\xd1\x83\xccG^\xbbdC\x8a\n\x88\xbcW@+\xafD\xd1\x8a\xc13W\xf66\x86\xe5\xee\xa7\x1d\x0f\x90\x00\xcf\xdb\xf5\xbf\xd4\xc8\x84\xb3\xeeb\xb0\xc7kN\x80\x93\xfd\x89\xe1\xc9tp\xd4jm\x7f\xf0a\xc3\x02\x14\xcf\xcf\\e!\a\x82\t,\xa7\x00\xbd&\xcax\xf8P\xc1\x8f\x87\x83\x0f\x93z', 0x1)
ioctl$sock_SIOCGIFINDEX(r0, 0x4611, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @hyper}, 0x55)

6.199655441s ago: executing program 3 (id=282):
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
setresgid$auto(0x800, 0x28000000000000, 0xffffffffffffffff)
setregid$auto(0xffffffffffffffff, 0x0)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x102, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r0 = socket(0xa, 0x1, 0x100)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x58000, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xe3102, 0x0)
sendfile$auto(r2, r2, 0x0, 0x3)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x11a001, 0x0)
select$auto(0x1, 0x0, 0x0, &(0x7f0000000040)={[0x100000001ff, 0x7, 0x3, 0x8fd6, 0x948b, 0x1000, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x5, 0x1, 0x1000000000005, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
setfsgid$auto(0xee01)
setfsgid$auto(0xee01)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x2000000007, 0x6, 0xc, 0x2, 0x6]}, 0x0)
mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, r3, 0xfffffffffffffffb)
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/default/forwarding\x00', 0x141241, 0x0)
pwrite64$auto(r4, &(0x7f0000000000)='./cgroup/memory.pressure\x00', 0x6bc, 0x5)
mmap$auto(0x0, 0x7, 0x4000000000df, 0x78, 0x4, 0x300000000000)
io_uring_setup$auto(0x6, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC0\x00', 0x802, 0x0)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/tasks\x00', 0x63102, 0x0)
sendfile$auto(r0, r4, 0x0, 0x4)
sendfile$auto(r5, r5, 0x0, 0x2)
sysfs$auto(0x5, 0x100000074e, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
init_module$auto(0x0, 0xffff9, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)

5.876503081s ago: executing program 0 (id=283):
sched_setaffinity$auto(0x1, 0x1, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2b, 0x1, 0x0)
unshare$auto(0x40000080)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7fff)
ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0)
r1 = openat$auto_ns_file_operations_nsfs(0xffffffffffffff9c, &(0x7f0000000c00)='/proc/self/ns/cgroup\x00', 0x0, 0x0)
ioctl$auto_NS_GET_NSTYPE(r1, 0xb703, 0x0)
sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
listen$auto(0x3, 0x81)
poll$auto(&(0x7f0000000d40)={0x3, 0x1, 0xa}, 0x5, 0x400)
prctl$auto(0x23, 0x20000000000000a, 0x7fffffffefff, 0x0, 0x0)
shutdown$auto(0x200000003, 0x2)

5.679203852s ago: executing program 2 (id=284):
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000640)='/dev/snd/controlC0\x00', 0x80, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400)
socket(0xa, 0x1, 0x100)
ioperm$auto(0x7, 0x5ad2, 0x8)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000)
recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="180027"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
modify_ldt$auto(0x1, 0x0, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0)
r1 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
pread64$auto(r1, &(0x7f0000000040)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9e\xcb\xec\x9e{W\xed>\xe7l\xcb\x90\\/\x84\x99!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6', 0x7ff, 0x400)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/btrfs/features/supported_checksums\x00', 0x40a00, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000080)=""/19, 0x13)
socket(0x3, 0x1, 0x4)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x210040, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socket(0x9, 0x3, 0x9)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x4, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/fs/cifs/dfscache\x00', 0x0, 0x0)
pread64$auto(r4, 0x0, 0x3, 0x6c2)
write$auto(0x3, 0x0, 0xffd8)

5.397041035s ago: executing program 1 (id=285):
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000db, 0x12, 0x400, 0x18002)
r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40040, 0x0) (async)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/admmidi2\x00', 0x200, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
write$auto(r0, &(0x7f0000000040)='{\x00', 0xfff) (async)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
r2 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000)
read$auto(r2, &(0x7f0000002300)='MAC802154_HWSIM\x00', 0xfdef) (async)
r3 = socket(0x1, 0x1, 0x1)
bind$auto(r3, &(0x7f0000000280)=@generic={0x1c, "ac000cbb9ecb0700"}, 0x3) (async)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) (async)
connect$auto(0x3, &(0x7f0000000140), 0x55) (async)
openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/snd/pcmC1D1p\x00', 0x40341, 0x0)
mmap$auto(0x5, 0x40009, 0xe0, 0x9b72, 0xffffffffffffffff, 0x6) (async)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop2\x00', 0x200000, 0x0)
open(0x0, 0x161342, 0x0) (async)
msync$auto(0x1ffff000, 0x1800000ff010000, 0x400000004) (async)
listmount$auto(&(0x7f00000000c0)={0x2, @inferred=r4, 0x5, 0x2, 0x9}, &(0x7f00000001c0)=0x6, 0x4, 0x101)
r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000100), 0xffffffffffffffff) (async)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ETHTOOL_MSG_DEBUG_GET(r6, &(0x7f0000002880)={0x0, 0x0, &(0x7f0000002840)={&(0x7f00000027c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010027bd7000fcdbdf2507000000180001801400020064756d6d7930000000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x44005}, 0x20000000) (async)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETPOLICY(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x400c01d}, 0x0) (async)
syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000080), r7)
mmap$auto(0x2, 0x1, 0xdc, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x6, 0x0)

4.783899133s ago: executing program 1 (id=286):
r0 = socket(0x25, 0x805, 0x3)
mmap$auto(0x0, 0x20009, 0x9c2e, 0xeb1, 0xffffffffffffffff, 0x0)
r1 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0)
r2 = ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000)
r5 = openat$auto_generic(0xffffffffffffff9c, 0x0, 0xbcbc0, 0x0)
read$auto_proc_page_owner_threshold_(r5, 0x0, 0x0)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/vhci_hcd.0/usb10/ep_00/interval\x00', 0x4642c3, 0x0)
sendfile$auto(r6, r6, 0x0, 0x5)
ioctl$auto_PPPIOCSPASS(r4, 0x40107447, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r7 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x3, 0x3, 0xeb1, 0x7, 0x8000)
r8 = socket(0xa, 0x1, 0x84)
getsockopt$auto(r8, 0x84, 0x80, 0x0, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="1b0026bd7000fddbdf2503000000040008000c00038008000c00", @ANYRES32, @ANYBLOB="12000100016a76f37bf001cad1a2e8b99d44a02200000100"], 0x3c}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
futimesat$auto(r7, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x10001, 0x6})
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x968b, 0x100, 0x15f4da07, 0x3, 0x3, 0x200000000fff, 0x8002001f, 0x1, 0x80080000002, 0x7, 0x2, 0x8]}, 0x0)
epoll_ctl$auto_EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, r2, &(0x7f0000000140)={0x2, 0xaad})
socket(0x10, 0x800, 0x3)

4.680308008s ago: executing program 3 (id=287):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0)
ioctl$auto(r0, 0x5385, r0)
mmap$auto(0x0, 0x400008, 0x3, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
madvise$auto(0x0, 0x8, 0x3)

4.458189329s ago: executing program 2 (id=288):
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/vm/dirty_bytes\x00', 0x8a042, 0x0)
r1 = openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/ieee80211/phy3/statistics/dot11ACKFailureCount\x00', 0x0, 0x0)
read$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(r1, 0x0, 0x0)
r2 = signalfd$auto(r0, &(0x7f0000000000)={0x2}, 0x8)
sendfile$auto(r0, r2, 0x0, 0x48)

4.383612306s ago: executing program 0 (id=289):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = open(&(0x7f0000000800)='./file0\x00', 0x62240, 0x154)
execveat$auto(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x11000)
read$auto_wakeup_sources_stats_fops_wakeup(r1, &(0x7f0000000080)=""/126, 0x7e)
r2 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f00000009c0), 0xffffffffffffffff)
sendmsg$auto_IPVS_CMD_SET_SERVICE(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000002a80)={&(0x7f0000000040)=ANY=[@ANYRESOCT=r2, @ANYRES32=r2], 0x30}, 0x1, 0x0, 0x0, 0x4050}, 0x4000000)

3.898637021s ago: executing program 2 (id=290):
socket(0xa, 0x801, 0x106)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket(0xa, 0x1, 0x84)
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f00000001c0)=0x6)
unshare$auto(0x40000080)
socket(0x1e, 0x1, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0)
prctl$auto(0x3d, 0x1, 0x0, 0x5, 0x20000000000000)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000005800), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000006900)={&(0x7f0000001700)={0x10a0, r3, 0x1, 0x70bd29, 0x25dfdbff, {}, [@HWSIM_ATTR_PMSR_RESULT={0x108c, 0x1c, 0x0, 0x1, [@NL80211_PMSR_ATTR_PEERS={0x1084, 0x5, 0x0, 0x1, [{0x1080, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_RESP={0x24, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x7}, @NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0x5}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0x47, 0x1, "15498343c724307734086992dc1e25a2a9103e4bf48686438120218fc18eb8d92081607cef938d982b98b2ffabb3d4697d0e992a1ea9d3b471e918ae07e413f97503f8"}, @NL80211_PMSR_PEER_ATTR_RESP={0x4}, @NL80211_PMSR_PEER_ATTR_RESP={0x8, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_FINAL={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0x1004, 0x1, "1fb5becd41368ab779a0b29218e67556fc4604877ebfcbd398c11fb77c35a8bf6e74ddc9b04a9138098aecf779ea7e3d541edf3023425cada97c0dc587c6fa47716dd359907f0a162a0b886614c1a7e9546da002cc83e2ed566b0379129f985c460fbbf435e700a4b5580b8a56632571928f8f21f4d11364a0ef75b476ff3956f1c7da142f79c10a4876ffcc63f2d86a0e69b888fc4f296dee02ad8557cdbfb9f0235a183eca304867b40759629cbc72b1502c43b99766ba6d68b0c0ab3c3f028eac0d0571801e5df2a1d739c243a58bf16cfb3859743e905b7ba869f46438f8ae3034bf72d5e80c5484943de2b70c62ef38e5219cc8006f282faca545419374470f9a70397a1f81bc4623e08269594bbebf9b08b81b87ccaebf876dcaf1fa4562e3163b353cb8ff91dba36cfd929ec300388d9224fe45abcc42e157398da0642301b14d590dd9a490eeb4555c64ae48caedffd84b246834f69dfa63f173ce93ba2775a6f4aba2492fe9d62fcae89dab6719935a28c2d614d93e984df4b3a292e0e5d6754a30e52d52b951092a4df3b6abb5c8b74740d551a77c41d02f0ea667e8acb61eac844c20151dac7c08ae95aed291d11cd81365501d3fb0120e11566f94afe38fb008e05536f93364d00a43b8f486bd9aeed50d5a38947982f5f700f06aa7d6783f30abda22a3c9948a274bfae36f6a66c3229520089d65cbddde93a28dd2a72e93bc6c0d9b98f49c9d771f73b1d4dcb6c06829b15422f0c596401ba563a88ded070e2a05a79c8070085502fb3ca34fc767ff2d3b490bb9a6abc3019eefaa4bd9f345f6b94d597166754c5f95140dc5fa9ce51a7cc3257885d074c7cdfd88bb400fd6dbe2d4a830134967cacad9beaff366bf7e3b0a4fa0526473a70c1f44e343a5b9fadf9fc536113772f0f7b0bf16f9b7a7dd8eaa5f7fd9cf259565247f0e58375156005c30e25691d7f8fbd489af83a18f71a38b1996be1ca10bdcbe8d850603d9b81ba828c907753483e9ff23d1d861c36d8045acadaa640a61357fcf9aed13afdf56d13861dd74ce620e592230d3c8699e9adccf2920614ae13c1e3e88a830f36bfcd40ff7c767995044f2ba1661c5f977d9754c58a0d9dd7aad1fbfd94d36dfc61c532c5cb3093ccc0c125ee0e762469f8680500675d4404db12b7062c19c4f0c81c0de489b5eb725f1d7d4cbe7a1f4b51fe8faffb6a709c0a7a4ae7efe75bc66d6c2e705fbee29c0858d9891735c97a28aa15c16fa0444ac2caeeffae42f1fbf0f17adbc9ee40236a844add60741eb64c722811c6f9fd7d614f9620d6f07914b6e7d5eb5dc3d7d6d5f5323575a7c9f864d9d5793d4ca606ab3234930a32e44d8a08d624861a6b94c72f551e7adc8daee91594175bdba18c663ced5991c0846f1c03a96b5d8f858c10dea4886e12ee90186d2130891eb1b354abb1040dd571589b4b7884b31cff7f8b3cdef5a61bc9644883c852106d9be09e5f4d649c669a64fadd3a9b129ab1c956e33dd5ac7224439feb0ccae51aa092c36b4e8d720170d20c22a49e5919d203b312096d625e4316f141f26a9257af159b3c47e025fa40d0150b7dd969d2ec67c727b81653f679f6ebbf8b3ad9c3b0acf232d1b869982879c4a2722cc1e4f0740e9d0feb661e45c5b081ad0546761e6a025529086ca4d38a4b22193e792bbfe6ceb22be5ca954210d0f93f5e38550054b6ae80e64673158815af6cd6adc3b942b4371d33d9662ac80e3ef2eb4acd44ec66cb6d8948d67c3ba8e578f52ac30ab107723e5ce51c4e6d59b20ba7085fd8dbde58cf9a0bd3385e95db6b56a9a68e3160ad36a93e26dc8b915cd4e4767d3dbd3b74052f55e3a74b1edb1068c973a5ca70809c6aeab8ad627955a815315330c51153dcdcb6e77029b0a3712a9231f0c188659e5bb9f89b6a8fd91536a47db7e5d596fa93f0719502e442417ee11bfcb364c6ddadfc8581ce7779d107d6f7aa8739c3254ce9b1e2dbbc1e75566b6d80817e1820e02e8df220e1c9b2d98a15e9db86c5a32bf52b0f1de1be7636cb21e87d777fa1e7828be02578cac204a8e9c7ca6119aa0bdd165bbf7d0f799f0d2ae118bd9037982c1fed3e223b60cc86f21e8c1d9336cb76cb521bc9791abcd99af0bf70a198de0d678cc8bdc0f74fef28407bf09d93054d5e20f5452fad596ae036bec1109e4541d5cb9d287b5498934fad3963a53030dc2264668467716afee211f4dc8082800be3829050b2e26c447b001c076dda2e2b7f17c96612b0f594b6ef5193c5dc3affa5778896e1e40a3953e5557d39799c312b4126a6086dd85393ed3322a48ca0afb9e5dd96ac9461dc7cfc8b02a23b7a1486ea8c9bb204e39298b1017a67a8c1cf1e0582c6b8d95a611c0053eccc9592e1af600e4386680be35c29acfd9033058a4842006fe429188e6a4783a9bf5fd7d1c36c0530f6a42be785419ef2192ffe02470d376f084a4352cdc7e34b9f4891304499b1e0946832b187762d191d7e9cd9cc9112ad768e5132f804f304a9ba0572d0e1c7eac6ff606baf0f0f2e1c836d9a9f7f01fe748dd5ae7b34ed6d51f6e4c8575de14c8552026c4c82516080d919a706fa62958742cc2843ce88c04a19cb66781f2b75d9a81d3f4f2c078e35bacf3a69dc717b61c9c9557d82bdaa636fe80e37f41d63f2388da0b79555f2b3d2b7b30db6d2837aecd455814118a737d3d2845704f4b8a7156dd582477d0b9f0d2622b1f963d243c73646d35dd25547446fa94f47b63637e37b9c61ed88c97b185f9b8d09ffd768cd1c79ab31ff33e82423872f4b2642a1530a248b1dac5a776d5c5d6381e38f01fe8b23921c7b52175619bfe522c945e45ea5a0d35f35fb7c7f772f32657b8b936de258ab52fcf2bc4973c7d8da82d113bd59831b658c62b6913c9162f66a92bcdba85a33796028c8285083f65eec0168039af09f83e27d94fa22f4a595702cbd51d8f48ad8aff4a74c5fd50922b3eba0341c6718f34f3a59181722e330ccfc7d1997357fbb1c95213b082d6b6f119118bb24a98c2c53de48b8b1bdd9c51c88c89acbcd4de108fb32f4beda27743b4a04e5ebc677862da939c7dfc616e765b79b1359d8e5ae4eeae5cd38954a7b6f8693496bfd2624f1a83182440510d7de981a321ccf81b75ab23317598adcb3bff8454110a056ee64a3b088c3ed6d0cd1d2e7033f872106205e95f171e347f02d9583f59113e49386e30ad92537b577e9822f3ecfc1b1374bf2911f61168f30b8f1e3af513e8248409d25c1d3bc09e93a66fa2c4bb3caaf1f4bc28e730ffd78375136e8c32d9bc26b8958c62aa7912dcdf44bbb6668c872df81c6362a679e57860484f003506ab7e1bd7344261c761bc03a7a0167047c1c07e8e46e9af814ab2b93fbdd8536448ee939188ed5a79c6d5d962efe69afde6999a5d52d71090bcb11a1eacb07185f9f5199d44c9bb5c48a09b28cc10e3f84f04677c3052e57d5426d3f5fa852a8f4ed3c8495a4f79261bbf6d1405c9ee97fe3df651819907bf93e4bd0c0a7d2d454e7ba0e84eada5731bf373ae529a6a1f17f959c77931d2ae261b588e844e8c1deae11cf6bbc1433ecabd2715cca3c7471b6f8de376a72647f7bbe11659adb21af39f0b71ae0aaee207f1811cef018fc70717c38b14948f307302bebca0450c6d1670996a92eebe691e0f7395fc20c554a171472df72761fca5a73a242f15c39b7fe6e4c013d655cdd09e319727758beb367aaadf6e70bfef6f8fce3e7c3848279f88ebe8a10f00dfe8f4dd87f9437b8bfa4b7b1517902cc06887ec5a9b9eef923c0e72e9ff82226ae8bf7cef3b3cf91e0ff8408e62421a4d88875b9f6a9382722d42aaf8fea280198a23eda48f6ddc26411825dbfadd25301735d1f9c74f61b15d3b2181dc9d77a4115c7047b9c6520b55dd2fcf343c4f1cb7cf93c10c0e01e282f28cf54575924024819409c322dce701d88f78c94416ebf4c2275bac8c75299636f3a507b7f933c5e13d853725a5ce8f9ec33de647b87a1d0775d62dfa07fead5253cc18526b5ffd90312ff098b81dd01c59f882b0223e6cf768b2ee0d5e0e8d10a2f5c04aa3b97a3dc92e102b30d60f3f0ff5b6253e49d960bc6b8d3a5daf6f3f4c06fcaa315e8315fe71023875f318934414cfd10fd7625e084b132b1c37b1b3e10777c10a3f9c47cca710012a77bf342bd64ba5fb08e24908cbf07143a49c2acf74d0c4097b0a8c2efcb6dbda4433acd0f1e2ad24cbcb4462aa7ce3d12514d4aaaec95457ec06f197c0df614d484af7987458ed2e33552b7a1cf72a4c4b016e7a7399ef9998bd52f860d2ef0751e7e96ebc472af3e666f7778f8eedb12bbac921eac8436b31ab61d72c259a2473678d88743f0f768c1782ee4702646bf349308712ea8cbad36d90b5c770971a1ff70719cdfdeb01927a561fb67d7cb6a2feec1215bac6eeedfb930d3556b5547a7e1af3199de6929a745c5323dbc34624761bb1beff6508463a5b7cac6d1d0265c733cb609b8cdaa56042d29fb70fa58c64b1fed6028d3a2ee7d6f3046cd980bea9f9e1d82fd9beafe7d66cfcbdd49caa5ea4f43faca173cba614e02f407b5c791e460a3ee590b3780ad8cbab34ff0379cc1f947201e28d0cbfa9cc5beef86ecc7090eac13ff614bf73f24b335fcff38a57bce197f67a5816f3d11bb558f0485b4441fcddb6b33c211f19f263f35462349492e26d5fc8437e09539c06fd6b14f243e0a51cc7ed7482677c5a9e7c864b81ae890e6412b6b387e887c9a70e5470c0d17800bb4e39a971a30151c2d5717a9c1183fc5e43902b25130f5fe2d85a64b77a8e64dc59d0b1e3b022efb9c1cbdfebb071c0fbd09619577bb1e18b488091d5c239589805b8df254db031aaa7751bb0b71bffe4b307ebd8359271c2376f2c75a8bea9808725cca6254f89e211cae70dce4cefa123d29238ecb0057d28eeaaabea6e99ab64ebea4c2c62806e6a9e2bccb96a4d07e816ee378e094acee3a9f31b0d1033634310baef6bc7f5e0870a2f1f7f519861834935b1073f9a5c348a46b3be82932d3cf1823a60fb9d0b269b94e58614b5cca1bf2f47ad4e15a93fce9995e06583c41b84930fc26cfe19e9ce9028c7ed8f6f701ed97a74ff3d3affcacf957946fd675240ea08b362a4c1d15aa0722f4cec99aae7d167c49c6123b1ddc36285804044883676921d8b9feed089851e819b782c1fc4025c44874f1454e53e477838e6ff0a472331da69f8e4efb474db064a4b4325c08b4db60377a142c19512b7d1e9fdcfb599662e5448ef3fed112a62bad364467613c73a3385df9766446627c2658c87b56c069440d4e0406e1220c79c2c99116c3224a7a90fee8b6c04f3ff85cbe993c3bb4f7961a801dd893557cd0be736f17e3fa2c65ecc61b907c9d919612ac73a41f91d88733b5830d135a457b3c13fceb0bd294f412bde878315b32c91529b5d55383a1f79f949a8424865b474d784a7a89153b88fc7ec11589b01b9b1aece6585de4d6dbf329c09f35426525addf3e1aa57dddace18fdb219b5e4b32c29a24de709f180b6ff5578141158f467ee9f0cccb580e5b9929c59e47cc8ff27b8401a934769d99f26cc9a9f66ecd0879df8b5becf0cb9a41006396075455306059a7dce312f4e08c54d13bd5da696b32f2c8efbdaad768e372049a3a58bb8c6972d34f859c4ea29ec46aa7752f5d7e8bd3523a10de8b876cb1d61d143d55a1f343252f0927fd5d853b663a71dbb0fff6a7ff07f9cf1e1eb23e07009ffde16778c6f"}]}]}, @NL80211_PMSR_ATTR_PEERS={0x4}]}]}, 0x10a0}, 0x1, 0x0, 0x0, 0x20000041}, 0x800)
mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000)
syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
syz_open_procfs$namespace(0x0, &(0x7f0000000200)='ns/net\x00')
tgkill$auto(0x0, 0x1, 0x1)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
clone$auto(0x100000000021, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x4)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/memory/memory15/online\x00', 0xa001, 0x0)
write$auto(r4, &(0x7f0000000140)='0[.[\x00', 0xcd04)

3.836323071s ago: executing program 0 (id=291):
r0 = socket(0x25, 0x805, 0x3)
mmap$auto(0x0, 0x20009, 0x9c2e, 0xeb1, 0xffffffffffffffff, 0x0)
r1 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000)
r4 = openat$auto_generic(0xffffffffffffff9c, 0x0, 0xbcbc0, 0x0)
read$auto_proc_page_owner_threshold_(r4, 0x0, 0x0)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/vhci_hcd.0/usb10/ep_00/interval\x00', 0x4642c3, 0x0)
sendfile$auto(r5, r5, 0x0, 0x5)
ioctl$auto_PPPIOCSPASS(r3, 0x40107447, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x3, 0x3, 0xeb1, 0x7, 0x8000)
r6 = socket(0xa, 0x1, 0x84)
getsockopt$auto(r6, 0x84, 0x80, 0x0, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="1b0026bd7000fddbdf2503000000040008000c00038008000c00", @ANYRES32, @ANYBLOB="12000100016a76f37bf001cad1a2e8b99d44a02200000100"], 0x3c}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x968b, 0x100, 0x15f4da07, 0x3, 0x3, 0x200000000fff, 0x8002001f, 0x1, 0x80080000002, 0x7, 0x2, 0x8]}, 0x0)

3.724876002s ago: executing program 1 (id=292):
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000640)='/dev/snd/controlC0\x00', 0x80, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400)
socket(0xa, 0x1, 0x100)
ioperm$auto(0x7, 0x5ad2, 0x8)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000)
recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="180027"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
modify_ldt$auto(0x1, 0x0, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0)
r1 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
pread64$auto(r1, &(0x7f0000000040)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9e\xcb\xec\x9e{W\xed>\xe7l\xcb\x90\\/\x84\x99!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6', 0x7ff, 0x400)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/btrfs/features/supported_checksums\x00', 0x40a00, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000080)=""/19, 0x13)
socket(0x3, 0x1, 0x4)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x210040, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socket(0x9, 0x3, 0x9)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x4, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/fs/cifs/dfscache\x00', 0x0, 0x0)
write$auto(0x3, 0x0, 0xffd8)
unshare$auto(0x40000080)

3.457973541s ago: executing program 3 (id=293):
socket(0xa, 0x801, 0x106)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket(0xa, 0x1, 0x84)
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f00000001c0)=0x6)
unshare$auto(0x40000080)
socket(0x1e, 0x1, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0)
prctl$auto(0x3d, 0x1, 0x0, 0x5, 0x20000000000000)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000005800), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000006900)={&(0x7f0000001700)={0x11e4, r3, 0x1, 0x70bd29, 0x25dfdbff, {}, [@HWSIM_ATTR_PMSR_RESULT={0x11d0, 0x1c, 0x0, 0x1, [@NL80211_PMSR_ATTR_PEERS={0x1084, 0x5, 0x0, 0x1, [{0x1080, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_RESP={0x24, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x7}, @NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0x5}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0x47, 0x1, "15498343c724307734086992dc1e25a2a9103e4bf48686438120218fc18eb8d92081607cef938d982b98b2ffabb3d4697d0e992a1ea9d3b471e918ae07e413f97503f8"}, @NL80211_PMSR_PEER_ATTR_RESP={0x4}, @NL80211_PMSR_PEER_ATTR_RESP={0x8, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_FINAL={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0x1004, 0x1, "1fb5becd41368ab779a0b29218e67556fc4604877ebfcbd398c11fb77c35a8bf6e74ddc9b04a9138098aecf779ea7e3d541edf3023425cada97c0dc587c6fa47716dd359907f0a162a0b886614c1a7e9546da002cc83e2ed566b0379129f985c460fbbf435e700a4b5580b8a56632571928f8f21f4d11364a0ef75b476ff3956f1c7da142f79c10a4876ffcc63f2d86a0e69b888fc4f296dee02ad8557cdbfb9f0235a183eca304867b40759629cbc72b1502c43b99766ba6d68b0c0ab3c3f028eac0d0571801e5df2a1d739c243a58bf16cfb3859743e905b7ba869f46438f8ae3034bf72d5e80c5484943de2b70c62ef38e5219cc8006f282faca545419374470f9a70397a1f81bc4623e08269594bbebf9b08b81b87ccaebf876dcaf1fa4562e3163b353cb8ff91dba36cfd929ec300388d9224fe45abcc42e157398da0642301b14d590dd9a490eeb4555c64ae48caedffd84b246834f69dfa63f173ce93ba2775a6f4aba2492fe9d62fcae89dab6719935a28c2d614d93e984df4b3a292e0e5d6754a30e52d52b951092a4df3b6abb5c8b74740d551a77c41d02f0ea667e8acb61eac844c20151dac7c08ae95aed291d11cd81365501d3fb0120e11566f94afe38fb008e05536f93364d00a43b8f486bd9aeed50d5a38947982f5f700f06aa7d6783f30abda22a3c9948a274bfae36f6a66c3229520089d65cbddde93a28dd2a72e93bc6c0d9b98f49c9d771f73b1d4dcb6c06829b15422f0c596401ba563a88ded070e2a05a79c8070085502fb3ca34fc767ff2d3b490bb9a6abc3019eefaa4bd9f345f6b94d597166754c5f95140dc5fa9ce51a7cc3257885d074c7cdfd88bb400fd6dbe2d4a830134967cacad9beaff366bf7e3b0a4fa0526473a70c1f44e343a5b9fadf9fc536113772f0f7b0bf16f9b7a7dd8eaa5f7fd9cf259565247f0e58375156005c30e25691d7f8fbd489af83a18f71a38b1996be1ca10bdcbe8d850603d9b81ba828c907753483e9ff23d1d861c36d8045acadaa640a61357fcf9aed13afdf56d13861dd74ce620e592230d3c8699e9adccf2920614ae13c1e3e88a830f36bfcd40ff7c767995044f2ba1661c5f977d9754c58a0d9dd7aad1fbfd94d36dfc61c532c5cb3093ccc0c125ee0e762469f8680500675d4404db12b7062c19c4f0c81c0de489b5eb725f1d7d4cbe7a1f4b51fe8faffb6a709c0a7a4ae7efe75bc66d6c2e705fbee29c0858d9891735c97a28aa15c16fa0444ac2caeeffae42f1fbf0f17adbc9ee40236a844add60741eb64c722811c6f9fd7d614f9620d6f07914b6e7d5eb5dc3d7d6d5f5323575a7c9f864d9d5793d4ca606ab3234930a32e44d8a08d624861a6b94c72f551e7adc8daee91594175bdba18c663ced5991c0846f1c03a96b5d8f858c10dea4886e12ee90186d2130891eb1b354abb1040dd571589b4b7884b31cff7f8b3cdef5a61bc9644883c852106d9be09e5f4d649c669a64fadd3a9b129ab1c956e33dd5ac7224439feb0ccae51aa092c36b4e8d720170d20c22a49e5919d203b312096d625e4316f141f26a9257af159b3c47e025fa40d0150b7dd969d2ec67c727b81653f679f6ebbf8b3ad9c3b0acf232d1b869982879c4a2722cc1e4f0740e9d0feb661e45c5b081ad0546761e6a025529086ca4d38a4b22193e792bbfe6ceb22be5ca954210d0f93f5e38550054b6ae80e64673158815af6cd6adc3b942b4371d33d9662ac80e3ef2eb4acd44ec66cb6d8948d67c3ba8e578f52ac30ab107723e5ce51c4e6d59b20ba7085fd8dbde58cf9a0bd3385e95db6b56a9a68e3160ad36a93e26dc8b915cd4e4767d3dbd3b74052f55e3a74b1edb1068c973a5ca70809c6aeab8ad627955a815315330c51153dcdcb6e77029b0a3712a9231f0c188659e5bb9f89b6a8fd91536a47db7e5d596fa93f0719502e442417ee11bfcb364c6ddadfc8581ce7779d107d6f7aa8739c3254ce9b1e2dbbc1e75566b6d80817e1820e02e8df220e1c9b2d98a15e9db86c5a32bf52b0f1de1be7636cb21e87d777fa1e7828be02578cac204a8e9c7ca6119aa0bdd165bbf7d0f799f0d2ae118bd9037982c1fed3e223b60cc86f21e8c1d9336cb76cb521bc9791abcd99af0bf70a198de0d678cc8bdc0f74fef28407bf09d93054d5e20f5452fad596ae036bec1109e4541d5cb9d287b5498934fad3963a53030dc2264668467716afee211f4dc8082800be3829050b2e26c447b001c076dda2e2b7f17c96612b0f594b6ef5193c5dc3affa5778896e1e40a3953e5557d39799c312b4126a6086dd85393ed3322a48ca0afb9e5dd96ac9461dc7cfc8b02a23b7a1486ea8c9bb204e39298b1017a67a8c1cf1e0582c6b8d95a611c0053eccc9592e1af600e4386680be35c29acfd9033058a4842006fe429188e6a4783a9bf5fd7d1c36c0530f6a42be785419ef2192ffe02470d376f084a4352cdc7e34b9f4891304499b1e0946832b187762d191d7e9cd9cc9112ad768e5132f804f304a9ba0572d0e1c7eac6ff606baf0f0f2e1c836d9a9f7f01fe748dd5ae7b34ed6d51f6e4c8575de14c8552026c4c82516080d919a706fa62958742cc2843ce88c04a19cb66781f2b75d9a81d3f4f2c078e35bacf3a69dc717b61c9c9557d82bdaa636fe80e37f41d63f2388da0b79555f2b3d2b7b30db6d2837aecd455814118a737d3d2845704f4b8a7156dd582477d0b9f0d2622b1f963d243c73646d35dd25547446fa94f47b63637e37b9c61ed88c97b185f9b8d09ffd768cd1c79ab31ff33e82423872f4b2642a1530a248b1dac5a776d5c5d6381e38f01fe8b23921c7b52175619bfe522c945e45ea5a0d35f35fb7c7f772f32657b8b936de258ab52fcf2bc4973c7d8da82d113bd59831b658c62b6913c9162f66a92bcdba85a33796028c8285083f65eec0168039af09f83e27d94fa22f4a595702cbd51d8f48ad8aff4a74c5fd50922b3eba0341c6718f34f3a59181722e330ccfc7d1997357fbb1c95213b082d6b6f119118bb24a98c2c53de48b8b1bdd9c51c88c89acbcd4de108fb32f4beda27743b4a04e5ebc677862da939c7dfc616e765b79b1359d8e5ae4eeae5cd38954a7b6f8693496bfd2624f1a83182440510d7de981a321ccf81b75ab23317598adcb3bff8454110a056ee64a3b088c3ed6d0cd1d2e7033f872106205e95f171e347f02d9583f59113e49386e30ad92537b577e9822f3ecfc1b1374bf2911f61168f30b8f1e3af513e8248409d25c1d3bc09e93a66fa2c4bb3caaf1f4bc28e730ffd78375136e8c32d9bc26b8958c62aa7912dcdf44bbb6668c872df81c6362a679e57860484f003506ab7e1bd7344261c761bc03a7a0167047c1c07e8e46e9af814ab2b93fbdd8536448ee939188ed5a79c6d5d962efe69afde6999a5d52d71090bcb11a1eacb07185f9f5199d44c9bb5c48a09b28cc10e3f84f04677c3052e57d5426d3f5fa852a8f4ed3c8495a4f79261bbf6d1405c9ee97fe3df651819907bf93e4bd0c0a7d2d454e7ba0e84eada5731bf373ae529a6a1f17f959c77931d2ae261b588e844e8c1deae11cf6bbc1433ecabd2715cca3c7471b6f8de376a72647f7bbe11659adb21af39f0b71ae0aaee207f1811cef018fc70717c38b14948f307302bebca0450c6d1670996a92eebe691e0f7395fc20c554a171472df72761fca5a73a242f15c39b7fe6e4c013d655cdd09e319727758beb367aaadf6e70bfef6f8fce3e7c3848279f88ebe8a10f00dfe8f4dd87f9437b8bfa4b7b1517902cc06887ec5a9b9eef923c0e72e9ff82226ae8bf7cef3b3cf91e0ff8408e62421a4d88875b9f6a9382722d42aaf8fea280198a23eda48f6ddc26411825dbfadd25301735d1f9c74f61b15d3b2181dc9d77a4115c7047b9c6520b55dd2fcf343c4f1cb7cf93c10c0e01e282f28cf54575924024819409c322dce701d88f78c94416ebf4c2275bac8c75299636f3a507b7f933c5e13d853725a5ce8f9ec33de647b87a1d0775d62dfa07fead5253cc18526b5ffd90312ff098b81dd01c59f882b0223e6cf768b2ee0d5e0e8d10a2f5c04aa3b97a3dc92e102b30d60f3f0ff5b6253e49d960bc6b8d3a5daf6f3f4c06fcaa315e8315fe71023875f318934414cfd10fd7625e084b132b1c37b1b3e10777c10a3f9c47cca710012a77bf342bd64ba5fb08e24908cbf07143a49c2acf74d0c4097b0a8c2efcb6dbda4433acd0f1e2ad24cbcb4462aa7ce3d12514d4aaaec95457ec06f197c0df614d484af7987458ed2e33552b7a1cf72a4c4b016e7a7399ef9998bd52f860d2ef0751e7e96ebc472af3e666f7778f8eedb12bbac921eac8436b31ab61d72c259a2473678d88743f0f768c1782ee4702646bf349308712ea8cbad36d90b5c770971a1ff70719cdfdeb01927a561fb67d7cb6a2feec1215bac6eeedfb930d3556b5547a7e1af3199de6929a745c5323dbc34624761bb1beff6508463a5b7cac6d1d0265c733cb609b8cdaa56042d29fb70fa58c64b1fed6028d3a2ee7d6f3046cd980bea9f9e1d82fd9beafe7d66cfcbdd49caa5ea4f43faca173cba614e02f407b5c791e460a3ee590b3780ad8cbab34ff0379cc1f947201e28d0cbfa9cc5beef86ecc7090eac13ff614bf73f24b335fcff38a57bce197f67a5816f3d11bb558f0485b4441fcddb6b33c211f19f263f35462349492e26d5fc8437e09539c06fd6b14f243e0a51cc7ed7482677c5a9e7c864b81ae890e6412b6b387e887c9a70e5470c0d17800bb4e39a971a30151c2d5717a9c1183fc5e43902b25130f5fe2d85a64b77a8e64dc59d0b1e3b022efb9c1cbdfebb071c0fbd09619577bb1e18b488091d5c239589805b8df254db031aaa7751bb0b71bffe4b307ebd8359271c2376f2c75a8bea9808725cca6254f89e211cae70dce4cefa123d29238ecb0057d28eeaaabea6e99ab64ebea4c2c62806e6a9e2bccb96a4d07e816ee378e094acee3a9f31b0d1033634310baef6bc7f5e0870a2f1f7f519861834935b1073f9a5c348a46b3be82932d3cf1823a60fb9d0b269b94e58614b5cca1bf2f47ad4e15a93fce9995e06583c41b84930fc26cfe19e9ce9028c7ed8f6f701ed97a74ff3d3affcacf957946fd675240ea08b362a4c1d15aa0722f4cec99aae7d167c49c6123b1ddc36285804044883676921d8b9feed089851e819b782c1fc4025c44874f1454e53e477838e6ff0a472331da69f8e4efb474db064a4b4325c08b4db60377a142c19512b7d1e9fdcfb599662e5448ef3fed112a62bad364467613c73a3385df9766446627c2658c87b56c069440d4e0406e1220c79c2c99116c3224a7a90fee8b6c04f3ff85cbe993c3bb4f7961a801dd893557cd0be736f17e3fa2c65ecc61b907c9d919612ac73a41f91d88733b5830d135a457b3c13fceb0bd294f412bde878315b32c91529b5d55383a1f79f949a8424865b474d784a7a89153b88fc7ec11589b01b9b1aece6585de4d6dbf329c09f35426525addf3e1aa57dddace18fdb219b5e4b32c29a24de709f180b6ff5578141158f467ee9f0cccb580e5b9929c59e47cc8ff27b8401a934769d99f26cc9a9f66ecd0879df8b5becf0cb9a41006396075455306059a7dce312f4e08c54d13bd5da696b32f2c8efbdaad768e372049a3a58bb8c6972d34f859c4ea29ec46aa7752f5d7e8bd3523a10de8b876cb1d61d143d55a1f343252f0927fd5d853b663a71dbb0fff6a7ff07f9cf1e1eb23e07009ffde16778c6f"}]}]}, @NL80211_PMSR_ATTR_PEERS={0x148, 0x5, 0x0, 0x1, [{0x144, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_RESP={0xb4, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0xfffff7f7}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0xffffffff}, @NL80211_PMSR_RESP_ATTR_DATA={0x98, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x84, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_RX_RATE={0x1c, 0xc, 0x0, 0x1, [@HWSIM_RATE_INFO_ATTR_EHT_RU_ALLOC={0x5, 0xb, 0x7}, @HWSIM_RATE_INFO_ATTR_LEGACY={0x6, 0x3, 0x8}, @HWSIM_RATE_INFO_ATTR_EHT_GI={0x5, 0xa, 0x1}]}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_SPREAD={0xc}, @NL80211_PMSR_FTM_RESP_ATTR_BUSY_RETRY_TIME={0x5, 0x5, 0xe9}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_VARIANCE={0xc}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_FTMR_SUCCESSES={0x8, 0x4, 0x100}, @NL80211_PMSR_FTM_RESP_ATTR_CIVICLOC={0x6, 0x14, '+\x00'}, @NL80211_PMSR_FTM_RESP_ATTR_RX_RATE={0x34, 0xc, 0x0, 0x1, [@HWSIM_RATE_INFO_ATTR_BW={0x5, 0x5, 0x4}, @HWSIM_RATE_INFO_ATTR_LEGACY={0x6, 0x3, 0x2}, @HWSIM_RATE_INFO_ATTR_EHT_GI={0x5, 0xa, 0x3}, @HWSIM_RATE_INFO_ATTR_FLAGS={0x5, 0x1, 0x1}, @HWSIM_RATE_INFO_ATTR_HE_RU_ALLOC={0x5, 0x8, 0xc}, @HWSIM_RATE_INFO_ATTR_HE_DCM={0x5, 0x7, 0x8}]}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_RTT_SPREAD={0xc, 0xf, 0x5cbb}]}]}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0x8a, 0x1, "133545fe144249383690d25836a9e1b8e5920d3c13713ee7305edf6be0471098cc202f4a67a0e31975104f0fcf28f0a91d60c491bafd662d5189ef66ec9d55c87e31fce246529a8df8e4c3eaf65f8c4e22dceea70c0fddb7f3123af0530dafcc4115e99b12f090fec7ea0b83a4e11075905f4e0b5ed50036ed89ce55fd1aa9d127afec4444af"}]}]}]}]}, 0x11e4}, 0x1, 0x0, 0x0, 0x20000041}, 0x800)
mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000)
syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
syz_open_procfs$namespace(0x0, &(0x7f0000000200)='ns/net\x00')
tgkill$auto(0x0, 0x1, 0x1)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
clone$auto(0x100000000021, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x4)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/memory/memory15/online\x00', 0xa001, 0x0)
write$auto(r4, &(0x7f0000000140)='0[.[\x00', 0xcd04)

2.683420382s ago: executing program 1 (id=294):
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000640)='/dev/snd/controlC0\x00', 0x80, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400)
socket(0xa, 0x1, 0x100)
ioperm$auto(0x7, 0x5ad2, 0x8)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000)
recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="180027"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
modify_ldt$auto(0x1, 0x0, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0)
r1 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
pread64$auto(r1, &(0x7f0000000040)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9e\xcb\xec\x9e{W\xed>\xe7l\xcb\x90\\/\x84\x99!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6', 0x7ff, 0x400)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/btrfs/features/supported_checksums\x00', 0x40a00, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000080)=""/19, 0x13)
socket(0x3, 0x1, 0x4)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x210040, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socket(0x9, 0x3, 0x9)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/fs/cifs/dfscache\x00', 0x0, 0x0)
pread64$auto(r4, 0x0, 0x3, 0x6c2)

2.577040721s ago: executing program 0 (id=295):
socket(0xa, 0x801, 0x106)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket(0xa, 0x1, 0x84)
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f00000001c0)=0x6)
unshare$auto(0x40000080)
socket(0x1e, 0x1, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0)
prctl$auto(0x3d, 0x1, 0x0, 0x5, 0x20000000000000)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000005800), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000006900)={&(0x7f0000001700)={0x13cc, r3, 0x1, 0x70bd29, 0x25dfdbff, {}, [@HWSIM_ATTR_PMSR_RESULT={0x13b8, 0x1c, 0x0, 0x1, [@NL80211_PMSR_ATTR_PEERS={0x1084, 0x5, 0x0, 0x1, [{0x1080, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_RESP={0x24, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x7}, @NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0x5}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0x47, 0x1, "15498343c724307734086992dc1e25a2a9103e4bf48686438120218fc18eb8d92081607cef938d982b98b2ffabb3d4697d0e992a1ea9d3b471e918ae07e413f97503f8"}, @NL80211_PMSR_PEER_ATTR_RESP={0x4}, @NL80211_PMSR_PEER_ATTR_RESP={0x8, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_FINAL={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0x1004, 0x1, "1fb5becd41368ab779a0b29218e67556fc4604877ebfcbd398c11fb77c35a8bf6e74ddc9b04a9138098aecf779ea7e3d541edf3023425cada97c0dc587c6fa47716dd359907f0a162a0b886614c1a7e9546da002cc83e2ed566b0379129f985c460fbbf435e700a4b5580b8a56632571928f8f21f4d11364a0ef75b476ff3956f1c7da142f79c10a4876ffcc63f2d86a0e69b888fc4f296dee02ad8557cdbfb9f0235a183eca304867b40759629cbc72b1502c43b99766ba6d68b0c0ab3c3f028eac0d0571801e5df2a1d739c243a58bf16cfb3859743e905b7ba869f46438f8ae3034bf72d5e80c5484943de2b70c62ef38e5219cc8006f282faca545419374470f9a70397a1f81bc4623e08269594bbebf9b08b81b87ccaebf876dcaf1fa4562e3163b353cb8ff91dba36cfd929ec300388d9224fe45abcc42e157398da0642301b14d590dd9a490eeb4555c64ae48caedffd84b246834f69dfa63f173ce93ba2775a6f4aba2492fe9d62fcae89dab6719935a28c2d614d93e984df4b3a292e0e5d6754a30e52d52b951092a4df3b6abb5c8b74740d551a77c41d02f0ea667e8acb61eac844c20151dac7c08ae95aed291d11cd81365501d3fb0120e11566f94afe38fb008e05536f93364d00a43b8f486bd9aeed50d5a38947982f5f700f06aa7d6783f30abda22a3c9948a274bfae36f6a66c3229520089d65cbddde93a28dd2a72e93bc6c0d9b98f49c9d771f73b1d4dcb6c06829b15422f0c596401ba563a88ded070e2a05a79c8070085502fb3ca34fc767ff2d3b490bb9a6abc3019eefaa4bd9f345f6b94d597166754c5f95140dc5fa9ce51a7cc3257885d074c7cdfd88bb400fd6dbe2d4a830134967cacad9beaff366bf7e3b0a4fa0526473a70c1f44e343a5b9fadf9fc536113772f0f7b0bf16f9b7a7dd8eaa5f7fd9cf259565247f0e58375156005c30e25691d7f8fbd489af83a18f71a38b1996be1ca10bdcbe8d850603d9b81ba828c907753483e9ff23d1d861c36d8045acadaa640a61357fcf9aed13afdf56d13861dd74ce620e592230d3c8699e9adccf2920614ae13c1e3e88a830f36bfcd40ff7c767995044f2ba1661c5f977d9754c58a0d9dd7aad1fbfd94d36dfc61c532c5cb3093ccc0c125ee0e762469f8680500675d4404db12b7062c19c4f0c81c0de489b5eb725f1d7d4cbe7a1f4b51fe8faffb6a709c0a7a4ae7efe75bc66d6c2e705fbee29c0858d9891735c97a28aa15c16fa0444ac2caeeffae42f1fbf0f17adbc9ee40236a844add60741eb64c722811c6f9fd7d614f9620d6f07914b6e7d5eb5dc3d7d6d5f5323575a7c9f864d9d5793d4ca606ab3234930a32e44d8a08d624861a6b94c72f551e7adc8daee91594175bdba18c663ced5991c0846f1c03a96b5d8f858c10dea4886e12ee90186d2130891eb1b354abb1040dd571589b4b7884b31cff7f8b3cdef5a61bc9644883c852106d9be09e5f4d649c669a64fadd3a9b129ab1c956e33dd5ac7224439feb0ccae51aa092c36b4e8d720170d20c22a49e5919d203b312096d625e4316f141f26a9257af159b3c47e025fa40d0150b7dd969d2ec67c727b81653f679f6ebbf8b3ad9c3b0acf232d1b869982879c4a2722cc1e4f0740e9d0feb661e45c5b081ad0546761e6a025529086ca4d38a4b22193e792bbfe6ceb22be5ca954210d0f93f5e38550054b6ae80e64673158815af6cd6adc3b942b4371d33d9662ac80e3ef2eb4acd44ec66cb6d8948d67c3ba8e578f52ac30ab107723e5ce51c4e6d59b20ba7085fd8dbde58cf9a0bd3385e95db6b56a9a68e3160ad36a93e26dc8b915cd4e4767d3dbd3b74052f55e3a74b1edb1068c973a5ca70809c6aeab8ad627955a815315330c51153dcdcb6e77029b0a3712a9231f0c188659e5bb9f89b6a8fd91536a47db7e5d596fa93f0719502e442417ee11bfcb364c6ddadfc8581ce7779d107d6f7aa8739c3254ce9b1e2dbbc1e75566b6d80817e1820e02e8df220e1c9b2d98a15e9db86c5a32bf52b0f1de1be7636cb21e87d777fa1e7828be02578cac204a8e9c7ca6119aa0bdd165bbf7d0f799f0d2ae118bd9037982c1fed3e223b60cc86f21e8c1d9336cb76cb521bc9791abcd99af0bf70a198de0d678cc8bdc0f74fef28407bf09d93054d5e20f5452fad596ae036bec1109e4541d5cb9d287b5498934fad3963a53030dc2264668467716afee211f4dc8082800be3829050b2e26c447b001c076dda2e2b7f17c96612b0f594b6ef5193c5dc3affa5778896e1e40a3953e5557d39799c312b4126a6086dd85393ed3322a48ca0afb9e5dd96ac9461dc7cfc8b02a23b7a1486ea8c9bb204e39298b1017a67a8c1cf1e0582c6b8d95a611c0053eccc9592e1af600e4386680be35c29acfd9033058a4842006fe429188e6a4783a9bf5fd7d1c36c0530f6a42be785419ef2192ffe02470d376f084a4352cdc7e34b9f4891304499b1e0946832b187762d191d7e9cd9cc9112ad768e5132f804f304a9ba0572d0e1c7eac6ff606baf0f0f2e1c836d9a9f7f01fe748dd5ae7b34ed6d51f6e4c8575de14c8552026c4c82516080d919a706fa62958742cc2843ce88c04a19cb66781f2b75d9a81d3f4f2c078e35bacf3a69dc717b61c9c9557d82bdaa636fe80e37f41d63f2388da0b79555f2b3d2b7b30db6d2837aecd455814118a737d3d2845704f4b8a7156dd582477d0b9f0d2622b1f963d243c73646d35dd25547446fa94f47b63637e37b9c61ed88c97b185f9b8d09ffd768cd1c79ab31ff33e82423872f4b2642a1530a248b1dac5a776d5c5d6381e38f01fe8b23921c7b52175619bfe522c945e45ea5a0d35f35fb7c7f772f32657b8b936de258ab52fcf2bc4973c7d8da82d113bd59831b658c62b6913c9162f66a92bcdba85a33796028c8285083f65eec0168039af09f83e27d94fa22f4a595702cbd51d8f48ad8aff4a74c5fd50922b3eba0341c6718f34f3a59181722e330ccfc7d1997357fbb1c95213b082d6b6f119118bb24a98c2c53de48b8b1bdd9c51c88c89acbcd4de108fb32f4beda27743b4a04e5ebc677862da939c7dfc616e765b79b1359d8e5ae4eeae5cd38954a7b6f8693496bfd2624f1a83182440510d7de981a321ccf81b75ab23317598adcb3bff8454110a056ee64a3b088c3ed6d0cd1d2e7033f872106205e95f171e347f02d9583f59113e49386e30ad92537b577e9822f3ecfc1b1374bf2911f61168f30b8f1e3af513e8248409d25c1d3bc09e93a66fa2c4bb3caaf1f4bc28e730ffd78375136e8c32d9bc26b8958c62aa7912dcdf44bbb6668c872df81c6362a679e57860484f003506ab7e1bd7344261c761bc03a7a0167047c1c07e8e46e9af814ab2b93fbdd8536448ee939188ed5a79c6d5d962efe69afde6999a5d52d71090bcb11a1eacb07185f9f5199d44c9bb5c48a09b28cc10e3f84f04677c3052e57d5426d3f5fa852a8f4ed3c8495a4f79261bbf6d1405c9ee97fe3df651819907bf93e4bd0c0a7d2d454e7ba0e84eada5731bf373ae529a6a1f17f959c77931d2ae261b588e844e8c1deae11cf6bbc1433ecabd2715cca3c7471b6f8de376a72647f7bbe11659adb21af39f0b71ae0aaee207f1811cef018fc70717c38b14948f307302bebca0450c6d1670996a92eebe691e0f7395fc20c554a171472df72761fca5a73a242f15c39b7fe6e4c013d655cdd09e319727758beb367aaadf6e70bfef6f8fce3e7c3848279f88ebe8a10f00dfe8f4dd87f9437b8bfa4b7b1517902cc06887ec5a9b9eef923c0e72e9ff82226ae8bf7cef3b3cf91e0ff8408e62421a4d88875b9f6a9382722d42aaf8fea280198a23eda48f6ddc26411825dbfadd25301735d1f9c74f61b15d3b2181dc9d77a4115c7047b9c6520b55dd2fcf343c4f1cb7cf93c10c0e01e282f28cf54575924024819409c322dce701d88f78c94416ebf4c2275bac8c75299636f3a507b7f933c5e13d853725a5ce8f9ec33de647b87a1d0775d62dfa07fead5253cc18526b5ffd90312ff098b81dd01c59f882b0223e6cf768b2ee0d5e0e8d10a2f5c04aa3b97a3dc92e102b30d60f3f0ff5b6253e49d960bc6b8d3a5daf6f3f4c06fcaa315e8315fe71023875f318934414cfd10fd7625e084b132b1c37b1b3e10777c10a3f9c47cca710012a77bf342bd64ba5fb08e24908cbf07143a49c2acf74d0c4097b0a8c2efcb6dbda4433acd0f1e2ad24cbcb4462aa7ce3d12514d4aaaec95457ec06f197c0df614d484af7987458ed2e33552b7a1cf72a4c4b016e7a7399ef9998bd52f860d2ef0751e7e96ebc472af3e666f7778f8eedb12bbac921eac8436b31ab61d72c259a2473678d88743f0f768c1782ee4702646bf349308712ea8cbad36d90b5c770971a1ff70719cdfdeb01927a561fb67d7cb6a2feec1215bac6eeedfb930d3556b5547a7e1af3199de6929a745c5323dbc34624761bb1beff6508463a5b7cac6d1d0265c733cb609b8cdaa56042d29fb70fa58c64b1fed6028d3a2ee7d6f3046cd980bea9f9e1d82fd9beafe7d66cfcbdd49caa5ea4f43faca173cba614e02f407b5c791e460a3ee590b3780ad8cbab34ff0379cc1f947201e28d0cbfa9cc5beef86ecc7090eac13ff614bf73f24b335fcff38a57bce197f67a5816f3d11bb558f0485b4441fcddb6b33c211f19f263f35462349492e26d5fc8437e09539c06fd6b14f243e0a51cc7ed7482677c5a9e7c864b81ae890e6412b6b387e887c9a70e5470c0d17800bb4e39a971a30151c2d5717a9c1183fc5e43902b25130f5fe2d85a64b77a8e64dc59d0b1e3b022efb9c1cbdfebb071c0fbd09619577bb1e18b488091d5c239589805b8df254db031aaa7751bb0b71bffe4b307ebd8359271c2376f2c75a8bea9808725cca6254f89e211cae70dce4cefa123d29238ecb0057d28eeaaabea6e99ab64ebea4c2c62806e6a9e2bccb96a4d07e816ee378e094acee3a9f31b0d1033634310baef6bc7f5e0870a2f1f7f519861834935b1073f9a5c348a46b3be82932d3cf1823a60fb9d0b269b94e58614b5cca1bf2f47ad4e15a93fce9995e06583c41b84930fc26cfe19e9ce9028c7ed8f6f701ed97a74ff3d3affcacf957946fd675240ea08b362a4c1d15aa0722f4cec99aae7d167c49c6123b1ddc36285804044883676921d8b9feed089851e819b782c1fc4025c44874f1454e53e477838e6ff0a472331da69f8e4efb474db064a4b4325c08b4db60377a142c19512b7d1e9fdcfb599662e5448ef3fed112a62bad364467613c73a3385df9766446627c2658c87b56c069440d4e0406e1220c79c2c99116c3224a7a90fee8b6c04f3ff85cbe993c3bb4f7961a801dd893557cd0be736f17e3fa2c65ecc61b907c9d919612ac73a41f91d88733b5830d135a457b3c13fceb0bd294f412bde878315b32c91529b5d55383a1f79f949a8424865b474d784a7a89153b88fc7ec11589b01b9b1aece6585de4d6dbf329c09f35426525addf3e1aa57dddace18fdb219b5e4b32c29a24de709f180b6ff5578141158f467ee9f0cccb580e5b9929c59e47cc8ff27b8401a934769d99f26cc9a9f66ecd0879df8b5becf0cb9a41006396075455306059a7dce312f4e08c54d13bd5da696b32f2c8efbdaad768e372049a3a58bb8c6972d34f859c4ea29ec46aa7752f5d7e8bd3523a10de8b876cb1d61d143d55a1f343252f0927fd5d853b663a71dbb0fff6a7ff07f9cf1e1eb23e07009ffde16778c6f"}]}]}, @NL80211_PMSR_ATTR_PEERS={0x330, 0x5, 0x0, 0x1, [{0x144, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_RESP={0xb4, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0xfffff7f7}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0xffffffff}, @NL80211_PMSR_RESP_ATTR_DATA={0x98, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x84, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_RX_RATE={0x1c, 0xc, 0x0, 0x1, [@HWSIM_RATE_INFO_ATTR_EHT_RU_ALLOC={0x5, 0xb, 0x7}, @HWSIM_RATE_INFO_ATTR_LEGACY={0x6, 0x3, 0x8}, @HWSIM_RATE_INFO_ATTR_EHT_GI={0x5, 0xa, 0x1}]}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_SPREAD={0xc}, @NL80211_PMSR_FTM_RESP_ATTR_BUSY_RETRY_TIME={0x5, 0x5, 0xe9}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_VARIANCE={0xc}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_FTMR_SUCCESSES={0x8, 0x4, 0x100}, @NL80211_PMSR_FTM_RESP_ATTR_CIVICLOC={0x6, 0x14, '+\x00'}, @NL80211_PMSR_FTM_RESP_ATTR_RX_RATE={0x34, 0xc, 0x0, 0x1, [@HWSIM_RATE_INFO_ATTR_BW={0x5, 0x5, 0x4}, @HWSIM_RATE_INFO_ATTR_LEGACY={0x6, 0x3, 0x2}, @HWSIM_RATE_INFO_ATTR_EHT_GI={0x5, 0xa, 0x3}, @HWSIM_RATE_INFO_ATTR_FLAGS={0x5, 0x1, 0x1}, @HWSIM_RATE_INFO_ATTR_HE_RU_ALLOC={0x5, 0x8, 0xc}, @HWSIM_RATE_INFO_ATTR_HE_DCM={0x5, 0x7, 0x8}]}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_RTT_SPREAD={0xc, 0xf, 0x5cbb}]}]}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0x8a, 0x1, "133545fe144249383690d25836a9e1b8e5920d3c13713ee7305edf6be0471098cc202f4a67a0e31975104f0fcf28f0a91d60c491bafd662d5189ef66ec9d55c87e31fce246529a8df8e4c3eaf65f8c4e22dceea70c0fddb7f3123af0530dafcc4115e99b12f090fec7ea0b83a4e11075905f4e0b5ed50036ed89ce55fd1aa9d127afec4444af"}]}, {0x1e8, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_RESP={0x184, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_DATA={0x148, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_CIVICLOC={0x17, 0x14, '/dev/snd/controlC0\x00'}, @NL80211_PMSR_FTM_RESP_ATTR_FAIL_REASON={0x8, 0x1, 0x7cbb}, @NL80211_PMSR_FTM_RESP_ATTR_RSSI_AVG={0x8, 0x9, 0x3}, @NL80211_PMSR_FTM_RESP_ATTR_FAIL_REASON={0x8, 0x1, 0x5}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_RTT_SPREAD={0xc, 0xf, 0x8001}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_DIST_SPREAD={0xc, 0x12, 0x1}, @NL80211_PMSR_FTM_RESP_ATTR_FTMS_PER_BURST={0x5, 0x8, 0x9}, @NL80211_PMSR_FTM_RESP_ATTR_RSSI_SPREAD={0x8, 0xa, 0x1000}, @NL80211_PMSR_FTM_RESP_ATTR_BURST_DURATION={0x5, 0x7, 0x9}]}, @NL80211_PMSR_TYPE_FTM={0x40, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_NUM_FTMR_SUCCESSES={0x8, 0x4, 0x3}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_AVG={0xc, 0xd, 0x3ca}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_VARIANCE={0xc, 0x11, 0x8b}, @NL80211_PMSR_FTM_RESP_ATTR_CIVICLOC={0x9, 0x14, '+$-{\x81'}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_FTMR_ATTEMPTS={0x8, 0x3, 0x7}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_BURSTS_EXP={0x5, 0x6, 0xc}]}, @NL80211_PMSR_TYPE_FTM={0x40, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_RTT_SPREAD={0xc, 0xf, 0xc}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_AVG={0xc}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_FTMR_ATTEMPTS={0x8, 0x3, 0x9}, @NL80211_PMSR_FTM_RESP_ATTR_FAIL_REASON={0x8, 0x1, 0x1}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_SPREAD={0xc}, @NL80211_PMSR_FTM_RESP_ATTR_LCI={0x7, 0x13, ',)}'}]}, @NL80211_PMSR_TYPE_FTM={0x48, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_NUM_FTMR_ATTEMPTS={0x8, 0x3, 0x401}, @NL80211_PMSR_FTM_RESP_ATTR_TX_RATE={0x3c, 0xb, 0x0, 0x1, [@HWSIM_RATE_INFO_ATTR_HE_RU_ALLOC={0x5, 0x8, 0x8}, @HWSIM_RATE_INFO_ATTR_EHT_GI={0x5, 0xa, 0x6}, @HWSIM_RATE_INFO_ATTR_BW={0x5, 0x5, 0xe4}, @HWSIM_RATE_INFO_ATTR_BW={0x5, 0x5, 0x9}, @HWSIM_RATE_INFO_ATTR_EHT_RU_ALLOC={0x5, 0xb, 0x7}, @HWSIM_RATE_INFO_ATTR_EHT_RU_ALLOC={0x5, 0xb, 0x49}, @HWSIM_RATE_INFO_ATTR_LEGACY={0x6, 0x3, 0x7}]}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_RTT_AVG={0xc, 0xd, 0x3}]}]}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x4}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x628}, @NL80211_PMSR_RESP_ATTR_AP_TSF={0xc}, @NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0x10000}, @NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0x8}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0x5e, 0x1, "8716d5aef5b56e84513447c6abc18aa837c5054ab6c21bc51be46ed94173b596123983fbf5b1a1edcc8359d99c3d689565de49e01c9b6411c5b9bddcebe61b11fa6f4e44185e1a6770b8fd64aeee937f669a4bf1111e6aa437e9"}]}]}]}]}, 0x13cc}, 0x1, 0x0, 0x0, 0x20000041}, 0x800)
mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000)
syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x1, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000200)='ns/net\x00')
tgkill$auto(0x0, 0x1, 0x1)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
modify_ldt$auto(0x6, &(0x7f0000000240)="2ca89c40fcbcc98297b5", 0x3)
clone$auto(0x100000000021, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x4)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/memory/memory15/online\x00', 0xa001, 0x0)
write$auto(r4, &(0x7f0000000140)='0[.[\x00', 0xcd04)
sendmsg$auto_NLBL_MGMT_C_REMOVE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000", @ANYRES16=0x0, @ANYBLOB="01002bbddbb0000000000000d311"], 0x14}, 0x1, 0x0, 0x0, 0x44000}, 0x400000c)

1.648434667s ago: executing program 1 (id=296):
unshare$auto(0x40000080)
close_range$auto(0x2, 0xfffffffffffff000, 0x2)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aab4)
flock$auto(r0, 0x1)
r1 = open(0x0, 0x0, 0x173)
flock$auto(r1, 0x2)
r2 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
write$auto_mousedev_fops_mousedev(r2, 0x0, 0x0)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f00000003c0)="80e08ca631b90e5e9a4997a0a2f075172c2529fea5d2b4b06119e7cc493e3c68f5e114fe74f6ec1d4e94daec10b05cb281b0922bcba475cea32ccf0eda11471e9c15d15fbcc3bebe4bc005053b7459c5ecbae956634304a2b3c20d024a0df7b468626e493968743cc5ed35ab320b6ffd85d87720f947e83e96c03fca21e0c585095bf40d010cd4fba6c371232889fd43cb084df47b56ff93efb0f707d371175d4dcd1c13802f7a4550e4ef765842dadd3e2bc2df160655b78b5a9438f2f8be466e2b3782469b16c9310ff6307403770f5c225820d582ab93c7ca472e799fe10d61abbfc87ea3846f44cb04eef9ed7c16b2483588")
mmap$auto(0x450cecf1, 0x9, 0x3, 0xeb2, r1, 0x7ffe)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setregid$auto(0x0, 0x3)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
setsockopt$auto(0x400000000000003, 0x29, 0x1c, 0x0, 0x56b)
syz_clone(0x800000, 0x0, 0x0, 0x0, 0x0, 0x0)

1.554976067s ago: executing program 2 (id=297):
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
setresgid$auto(0x800, 0x28000000000000, 0xffffffffffffffff)
setregid$auto(0xffffffffffffffff, 0x0)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x102, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r0 = socket(0xa, 0x1, 0x100)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x58000, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xe3102, 0x0)
sendfile$auto(r2, r2, 0x0, 0x3)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x11a001, 0x0)
select$auto(0x1, 0x0, 0x0, &(0x7f0000000040)={[0x100000001ff, 0x7, 0x3, 0x8fd6, 0x948b, 0x1000, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x5, 0x1, 0x1000000000005, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
setfsgid$auto(0xee01)
setfsgid$auto(0xee01)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x2000000007, 0x6, 0xc, 0x2, 0x6]}, 0x0)
mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, r3, 0xfffffffffffffffb)
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/default/forwarding\x00', 0x141241, 0x0)
pwrite64$auto(r4, &(0x7f0000000000)='./cgroup/memory.pressure\x00', 0x6bc, 0x5)
mmap$auto(0x0, 0x7, 0x4000000000df, 0x78, 0x4, 0x300000000000)
io_uring_setup$auto(0x6, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC0\x00', 0x802, 0x0)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/tasks\x00', 0x63102, 0x0)
sendfile$auto(r0, r4, 0x0, 0x4)
sendfile$auto(r5, r5, 0x0, 0x2)
sysfs$auto(0x5, 0x100000074e, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
init_module$auto(0x0, 0xffff9, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)

534.549524ms ago: executing program 1 (id=298):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x100000001, 0xb)
mmap$auto(0x0, 0x400009, 0x2, 0x9b74, 0xffffffffffffffff, 0xae6)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x4000, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x8, 0x20009, 0xf, 0x800000000000ebf, 0xffffffffffffffff, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x163340, 0x6a)
r0 = socket(0x18, 0x80802, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
mmap$auto(0x0, 0x8, 0x0, 0x9b74, r0, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001c00)='/sys/devices/virtual/block/zram0/debug_stat\x00', 0x80, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000001c40)=""/214, 0xd6)
lsm_list_modules$auto(0x0, 0x0, 0x0)
getsockopt$auto(0xffffffffffffffff, 0x11c, 0x3, 0x0, 0x0)
connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x4e32, @rand_addr=0x64010101}, 0x51)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
prctl$auto_PR_SET_MM_ENV_START(0x2b, 0xa, 0xffffffffffffffff, 0x1ff, 0xffff)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
write$auto(0x1, 0x0, 0x80000000)
close_range$auto(0x2, 0xa, 0x0)
write$auto(0xca, 0x0, 0x2b)
r2 = socket(0xa, 0x2, 0x2)
io_uring_setup$auto(0x401, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$auto_SHMEM_HUGE_NEVER(0xffffffffffffffff, 0x0, &(0x7f0000000000)='\x00', &(0x7f0000000040)="0910a566133d919c906466541198e4284116bb2a919b39ee0a0496b890edbafc4fc53d2e79b3138b8f270105091dc1afd576b7d6701fed8020c7a861eae4167f7e1d1d5da5d77c3942aa9cff913ed5dcecf0654252bd06410a0fa615902e1e9b7347e92adae343c61969b5855118270b528835af9a3a17de160c41da75bfa4bd4a9468a32962f5aabd2746e515fe403a4b3172788880d5d032b3f6afb3e8b59e5b6081ad5b77952194a8", 0x0)
getsockopt$auto(r2, 0x84, 0x0, 0x0, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)

505.570861ms ago: executing program 3 (id=299):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
io_uring_setup$auto(0x1, 0x0) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0) (async)
mmap$auto(0x0, 0x40009, 0xa, 0x9b72, 0x2, 0x28000)
socket(0x2, 0x3, 0xa) (async)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (async)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async, rerun: 64)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) (rerun: 64)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) (async)
mmap$auto(0x0, 0x4936b5de, 0xdc, 0xeb6, 0x401, 0xb705) (async)
socket(0x2, 0x1, 0x0)
setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x28)
setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x28) (async)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x1ac}}, 0x2004c0c4) (async)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) (async)
sendmsg$auto_NL80211_CMD_SET_WIPHY(r0, 0x0, 0x20040894) (async)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb5, 0x401, 0x300000000000) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/usb/usbmon/38u\x00', 0x0, 0x0)
pread64$auto(r2, 0x0, 0x59, 0x7) (async)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0) (async)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x1, 0x0)

239.208826ms ago: executing program 2 (id=300):
openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, 0x0, 0x90203, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x6, 0x800, 0x8)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
write$auto(r1, &(0x7f0000000040)='nbd\x00', 0x4)
r2 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
mmap$auto(0x0, 0xffff, 0xdf, 0x9b7e, 0xffffffffffffffff, 0x8000)
io_uring_setup$auto(0x87, 0x0)
clone$auto(0x1ff00, 0x0, 0x0, 0x0, 0x9)
exit$auto(0x7)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_FLOW_CMD_GET(r3, 0x0, 0x800)
getsockopt$auto(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0xa2741, 0x0)
adjtimex$auto(&(0x7f00000004c0)={0x23, 0x0, 0x0, 0xfffffffffffffffd, 0x3, 0x3, 0x2, 0x0, 0x3, 0x8, 0x2, {0x2100000000, 0x1000010000}, 0xfffffffffffffffc, 0x73d, 0xffffffffffffffdd, 0x1008001, 0x0, 0x6, 0x21b, 0xffffffff, 0xa745, 0x6, 0xfff})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0xa2100, 0x0)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS0\x00', 0x101c81, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, r0, 0x300000000000)
set_mempolicy$auto(0x8003, &(0x7f0000000280)=0x7b, 0x3)
gettid()
kexec_load$auto(0x7, 0x2, &(0x7f0000000040)={@buf=&(0x7f0000000140)="5bafd56c2c122bc0003f91ad0e2963b1259c512c75114cd1bf833777c5f1aa905ac6eaa258e2aca172f1b2fb7932baaa9e6bdd5d4c193da127fe2ae6116f2ad909a5ee204ca4094f82cb444aed85374298875fd1e2c861610242a6b8c01c0e2bb8d7896b6d6286d95dcd06fbd7120d0e562fe7fb9f334d7067ea429bd6914891fa48b2bea45968c3fe24052221cec0fd646ebea2baa46ac5f8e8af6bdfaa451cd4e6da", 0x2aa7, 0x6c0000c000, 0xc000}, 0x4)
write$auto_console_fops_tty_io(r2, &(0x7f0000000440)="671d264add69b6440843b6e6688a2b5ad9df2669e6f9cd236532b20ed763ac8caf4bde4c30b530ac6ebbff950e1a647d6a08a1b55dde5a409b4d", 0x3a)
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
unshare$auto(0x4)
socket$nl_generic(0x10, 0x3, 0x10)

0s ago: executing program 0 (id=301):
r0 = socket(0x25, 0x805, 0x3)
mmap$auto(0x0, 0x20009, 0x9c2e, 0xeb1, 0xffffffffffffffff, 0x0)
r1 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0)
r2 = ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000)
r5 = openat$auto_generic(0xffffffffffffff9c, 0x0, 0xbcbc0, 0x0)
read$auto_proc_page_owner_threshold_(r5, 0x0, 0x0)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/vhci_hcd.0/usb10/ep_00/interval\x00', 0x4642c3, 0x0)
sendfile$auto(r6, r6, 0x0, 0x5)
ioctl$auto_PPPIOCSPASS(r4, 0x40107447, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r7 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x3, 0x3, 0xeb1, 0x7, 0x8000)
r8 = socket(0xa, 0x1, 0x84)
getsockopt$auto(r8, 0x84, 0x80, 0x0, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="1b0026bd7000fddbdf2503000000040008000c00038008000c00", @ANYRES32, @ANYBLOB="12000100016a76f37bf001cad1a2e8b99d44a02200000100"], 0x3c}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
futimesat$auto(r7, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x10001, 0x6})
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x968b, 0x100, 0x15f4da07, 0x3, 0x3, 0x200000000fff, 0x8002001f, 0x1, 0x80080000002, 0x7, 0x2, 0x8]}, 0x0)
epoll_ctl$auto_EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, r2, &(0x7f0000000140)={0x2, 0xaad})
socket(0x10, 0x800, 0x3)

kernel console output (not intermixed with test programs):

> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.341366][ T6126] RSP: 002b:00007f2b9ca46038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  111.349802][ T6126] RAX: ffffffffffffffda RBX: 00007f2b9bdb5fa0 RCX: 00007f2b9bb8e929
[  111.357792][ T6126] RDX: 0000000000000003 RSI: 0000200000000240 RDI: 0000000000000003
[  111.365775][ T6126] RBP: 00007f2b9bc10b39 R08: 0000000000000000 R09: 0000000000000000
[  111.373759][ T6126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  111.381743][ T6126] R13: 0000000000000000 R14: 00007f2b9bdb5fa0 R15: 00007fffd5db6958
[  111.389743][ T6126]  </TASK>
[  111.392961][    C0] vkms_vblank_simulate: vblank timer overrun
[  111.400201][ T6112] head: 00fff00000000003 ffffea0001e00201 00000000ffffffff 00000000ffffffff
[  111.416537][ T6112] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  111.429966][ T6112] page dumped because: unmovable page
[  111.435360][ T6112] page_owner tracks the page as allocated
[  111.441219][ T6112] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5214, tgid 5214 (udevd), ts 56050520762, free_ts 56043402679
[  111.461331][ T6112]  post_alloc_hook+0x1c0/0x230
[  111.467880][ T6112]  get_page_from_freelist+0x1321/0x3890
[  111.473524][ T6112]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  111.483656][ T6112]  alloc_pages_mpol+0x1fb/0x550
[  111.492469][ T6112]  new_slab+0x23b/0x330
[  111.497723][ T6112]  ___slab_alloc+0xd9c/0x1940
[  111.502459][ T6112]  __slab_alloc.constprop.0+0x56/0xb0
[  111.515336][ T6112]  __kmalloc_noprof+0x2f2/0x510
[  111.520451][ T6112]  tomoyo_realpath_from_path+0xc2/0x6e0
[  111.538280][ T6112]  tomoyo_path2_perm+0x2a1/0x710
[  111.546197][ T6112]  tomoyo_path_rename+0xfc/0x1a0
[  111.566571][ T6112]  security_path_rename+0x18e/0x3c0
[  111.585784][ T6112]  do_renameat2+0x735/0xc90
[  111.598431][ T6112]  __x64_sys_rename+0x7d/0xa0
[  111.603673][ T6112]  do_syscall_64+0xcd/0x490
[  111.646333][ T6112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.652283][ T6112] page last free pid 5212 tgid 5212 stack trace:
[  111.666316][ T6112]  __free_frozen_pages+0x7fe/0x1180
[  111.678727][ T6135] nbd: couldn't find a device at index 925970439
[  111.737431][ T6130] netlink: 'syz.1.37': attribute type 11 has an invalid length.
[  111.782027][ T6112]  __put_partials+0x16d/0x1c0
[  111.810277][ T6130] netlink: 'syz.1.37': attribute type 11 has an invalid length.
[  111.819588][ T6130] netlink: 'syz.1.37': attribute type 11 has an invalid length.
[  111.827523][ T6126] program syz.2.36 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  112.149066][ T6112]  qlist_free_all+0x4d/0x120
[  112.153714][ T6112]  kasan_quarantine_reduce+0x195/0x1e0
[  112.159703][ T6130] netlink: 'syz.1.37': attribute type 11 has an invalid length.
[  112.186885][ T6112]  __kasan_slab_alloc+0x69/0x90
[  112.191785][ T6112]  __kmalloc_noprof+0x1d4/0x510
[  112.259077][ T6112]  tomoyo_realpath_from_path+0xc2/0x6e0
[  112.265222][ T6112]  tomoyo_path_perm+0x274/0x460
[  112.270533][ T6112]  security_inode_getattr+0x116/0x290
[  112.276319][ T6112]  vfs_statx+0x121/0x3e0
[  112.280598][ T6112]  vfs_fstatat+0x7b/0xf0
[  112.284849][ T6112]  __do_sys_newfstatat+0x97/0x120
[  112.290507][ T6112]  do_syscall_64+0xcd/0x490
[  112.295049][ T6112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.593869][ T6130] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78008
[  112.603148][ T6130] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  112.614401][ T6130] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  112.624449][ T6130] page_type: f5(slab)
[  112.628913][ T6130] raw: 00fff00000000040 ffff88801b442140 0000000000000000 dead000000000001
[  112.638339][ T6130] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  112.647679][ T6130] head: 00fff00000000040 ffff88801b442140 0000000000000000 dead000000000001
[  112.656432][ T6130] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  112.676602][ T6126] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  112.682761][ T6130] head: 00fff00000000003 ffffea0001e00201 00000000ffffffff 00000000ffffffff
[  112.699174][ T6130] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  112.708167][ T6130] page dumped because: unmovable page
[  112.713578][ T6130] page_owner tracks the page as allocated
[  112.720005][ T6130] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5214, tgid 5214 (udevd), ts 56050520762, free_ts 56043402679
[  112.744027][ T6131] futex_wake_op: syz.2.36 tries to shift op by -9; fix this program
[  112.747240][ T6126] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  112.761804][ T6130]  post_alloc_hook+0x1c0/0x230
[  112.769378][ T6130]  get_page_from_freelist+0x1321/0x3890
[  112.775040][ T6130]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  112.784993][ T6130]  alloc_pages_mpol+0x1fb/0x550
[  112.790202][ T6130]  new_slab+0x23b/0x330
[  112.794554][ T6130]  ___slab_alloc+0xd9c/0x1940
[  112.799362][ T6130]  __slab_alloc.constprop.0+0x56/0xb0
[  112.804927][ T6130]  __kmalloc_noprof+0x2f2/0x510
[  112.809930][ T6130]  tomoyo_realpath_from_path+0xc2/0x6e0
[  112.815669][ T6130]  tomoyo_path2_perm+0x2a1/0x710
[  112.820763][ T6130]  tomoyo_path_rename+0xfc/0x1a0
[  112.825888][ T6130]  security_path_rename+0x18e/0x3c0
[  112.831253][ T6130]  do_renameat2+0x735/0xc90
[  112.835850][ T6130]  __x64_sys_rename+0x7d/0xa0
[  112.841836][ T6130]  do_syscall_64+0xcd/0x490
[  112.858378][ T6130]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.865120][ T6126] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  112.874488][ T6130] page last free pid 5212 tgid 5212 stack trace:
[  112.888131][ T6130]  __free_frozen_pages+0x7fe/0x1180
[  112.905815][ T6130]  __put_partials+0x16d/0x1c0
[  112.944235][ T6126] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  113.232117][ T6130]  qlist_free_all+0x4d/0x120
[  113.255143][ T6130]  kasan_quarantine_reduce+0x195/0x1e0
[  113.287573][ T6130]  __kasan_slab_alloc+0x69/0x90
[  113.307833][ T6130]  __kmalloc_noprof+0x1d4/0x510
[  113.312763][ T6130]  tomoyo_realpath_from_path+0xc2/0x6e0
[  113.366393][ T6130]  tomoyo_path_perm+0x274/0x460
[  113.371291][ T6130]  security_inode_getattr+0x116/0x290
[  113.415623][ T6130]  vfs_statx+0x121/0x3e0
[  113.442980][ T6130]  vfs_fstatat+0x7b/0xf0
[  113.455595][ T6130]  __do_sys_newfstatat+0x97/0x120
[  113.499753][ T6130]  do_syscall_64+0xcd/0x490
[  113.504295][ T6130]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.607436][   T51] Bluetooth: hci2: command 0x0c1a tx timeout
[  114.766538][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  114.821961][ T6164] netlink: 'syz.2.40': attribute type 11 has an invalid length.
[  114.866185][ T6164] netlink: 'syz.2.40': attribute type 11 has an invalid length.
[  114.906330][ T6164] netlink: 'syz.2.40': attribute type 11 has an invalid length.
[  114.928652][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  114.934930][ T6164] netlink: 'syz.2.40': attribute type 11 has an invalid length.
[  115.015286][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[  115.689802][ T6162] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78008
[  115.706240][ T6162] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  115.714911][ T6162] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  115.723014][ T6162] page_type: f5(slab)
[  115.758292][ T6162] raw: 00fff00000000040 ffff88801b442140 0000000000000000 dead000000000001
[  115.855342][ T6162] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  115.874366][ T6162] head: 00fff00000000040 ffff88801b442140 0000000000000000 dead000000000001
[  115.884211][ T6162] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  115.906364][ T6162] head: 00fff00000000003 ffffea0001e00201 00000000ffffffff 00000000ffffffff
[  115.918584][ T6162] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  115.928188][ T6162] page dumped because: unmovable page
[  115.933598][ T6162] page_owner tracks the page as allocated
[  115.940076][ T6162] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5214, tgid 5214 (udevd), ts 56050520762, free_ts 56043402679
[  115.970339][ T6162]  post_alloc_hook+0x1c0/0x230
[  115.980477][ T6162]  get_page_from_freelist+0x1321/0x3890
[  115.996142][ T6162]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  116.002347][ T6162]  alloc_pages_mpol+0x1fb/0x550
[  116.007578][ T6162]  new_slab+0x23b/0x330
[  116.011777][ T6162]  ___slab_alloc+0xd9c/0x1940
[  116.035122][ T6162]  __slab_alloc.constprop.0+0x56/0xb0
[  116.085139][ T6162]  __kmalloc_noprof+0x2f2/0x510
[  116.098379][ T6162]  tomoyo_realpath_from_path+0xc2/0x6e0
[  116.168025][ T6162]  tomoyo_path2_perm+0x2a1/0x710
[  116.191247][ T6162]  tomoyo_path_rename+0xfc/0x1a0
[  116.201350][ T6162]  security_path_rename+0x18e/0x3c0
[  116.211969][ T6162]  do_renameat2+0x735/0xc90
[  116.250011][ T6162]  __x64_sys_rename+0x7d/0xa0
[  116.250041][ T6162]  do_syscall_64+0xcd/0x490
[  116.250066][ T6162]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.250088][ T6162] page last free pid 5212 tgid 5212 stack trace:
[  116.250101][ T6162]  __free_frozen_pages+0x7fe/0x1180
[  116.250128][ T6162]  __put_partials+0x16d/0x1c0
[  116.250154][ T6162]  qlist_free_all+0x4d/0x120
[  116.250182][ T6162]  kasan_quarantine_reduce+0x195/0x1e0
[  116.250212][ T6162]  __kasan_slab_alloc+0x69/0x90
[  116.250244][ T6162]  __kmalloc_noprof+0x1d4/0x510
[  116.250273][ T6162]  tomoyo_realpath_from_path+0xc2/0x6e0
[  116.250303][ T6162]  tomoyo_path_perm+0x274/0x460
[  116.250326][ T6162]  security_inode_getattr+0x116/0x290
[  116.250350][ T6162]  vfs_statx+0x121/0x3e0
[  116.251263][ T6162]  vfs_fstatat+0x7b/0xf0
[  116.251288][ T6162]  __do_sys_newfstatat+0x97/0x120
[  116.251309][ T6162]  do_syscall_64+0xcd/0x490
[  116.251328][ T6162]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.478063][ T6184] netlink: 'syz.1.45': attribute type 11 has an invalid length.
[  116.478094][ T6184] netlink: 'syz.1.45': attribute type 11 has an invalid length.
[  116.806573][ T6187] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78008
[  116.806690][ T6187] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  116.806730][ T6187] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  116.806760][ T6187] page_type: f5(slab)
[  116.806785][ T6187] raw: 00fff00000000040 ffff88801b442140 0000000000000000 dead000000000001
[  116.806813][ T6187] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  116.806842][ T6187] head: 00fff00000000040 ffff88801b442140 0000000000000000 dead000000000001
[  116.806871][ T6187] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  116.806901][ T6187] head: 00fff00000000003 ffffea0001e00201 00000000ffffffff 00000000ffffffff
[  116.806929][ T6187] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  116.806946][ T6187] page dumped because: unmovable page
[  116.806960][ T6187] page_owner tracks the page as allocated
[  116.806972][ T6187] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5214, tgid 5214 (udevd), ts 56050520762, free_ts 56043402679
[  116.807031][ T6187]  post_alloc_hook+0x1c0/0x230
[  116.807070][ T6187]  get_page_from_freelist+0x1321/0x3890
[  116.807109][ T6187]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  116.807150][ T6187]  alloc_pages_mpol+0x1fb/0x550
[  116.807173][ T6187]  new_slab+0x23b/0x330
[  116.807202][ T6187]  ___slab_alloc+0xd9c/0x1940
[  116.807235][ T6187]  __slab_alloc.constprop.0+0x56/0xb0
[  116.807269][ T6187]  __kmalloc_noprof+0x2f2/0x510
[  116.807306][ T6187]  tomoyo_realpath_from_path+0xc2/0x6e0
[  116.807345][ T6187]  tomoyo_path2_perm+0x2a1/0x710
[  116.807375][ T6187]  tomoyo_path_rename+0xfc/0x1a0
[  116.807414][ T6187]  security_path_rename+0x18e/0x3c0
[  116.807446][ T6187]  do_renameat2+0x735/0xc90
[  116.807488][ T6187]  __x64_sys_rename+0x7d/0xa0
[  116.807512][ T6187]  do_syscall_64+0xcd/0x490
[  116.807536][ T6187]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.807564][ T6187] page last free pid 5212 tgid 5212 stack trace:
[  116.807580][ T6187]  __free_frozen_pages+0x7fe/0x1180
[  116.807614][ T6187]  __put_partials+0x16d/0x1c0
[  116.811347][ T6187]  qlist_free_all+0x4d/0x120
[  116.811411][ T6187]  kasan_quarantine_reduce+0x195/0x1e0
[  116.812891][ T6187]  __kasan_slab_alloc+0x69/0x90
[  116.812946][ T6187]  __kmalloc_noprof+0x1d4/0x510
[  116.812993][ T6187]  tomoyo_realpath_from_path+0xc2/0x6e0
[  116.813050][ T6187]  tomoyo_path_perm+0x274/0x460
[  116.813085][ T6187]  security_inode_getattr+0x116/0x290
[  116.813121][ T6187]  vfs_statx+0x121/0x3e0
[  116.813148][ T6187]  vfs_fstatat+0x7b/0xf0
[  116.813178][ T6187]  __do_sys_newfstatat+0x97/0x120
[  116.813211][ T6187]  do_syscall_64+0xcd/0x490
[  116.813238][ T6187]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.559270][ T6205] nbd: couldn't find a device at index 925970439
[  118.056563][ T6207] program syz.0.48 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  118.607551][ T6207] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  118.613721][ T6207] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  118.666263][ T6207] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  118.696208][ T6207] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  118.852129][ T6207] futex_wake_op: syz.0.48 tries to shift op by -9; fix this program
[  119.066013][ T6227] process 'syz.3.49' launched './file0' with NULL argv: empty string added
[  120.526525][   T51] Bluetooth: hci2: command 0x0c1a tx timeout
[  120.689682][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  120.706187][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[  120.706198][ T5848] Bluetooth: hci1: command 0x0c1a tx timeout
[  121.074199][ T6247] nbd: couldn't find a device at index 925970439
[  121.698790][ T6254] nbd: couldn't find a device at index 925970439
[  123.116763][ T6265] Invalid ELF header magic: != ELF
[  124.856197][ T6277] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78008
[  124.865140][ T6277] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  124.996533][ T6277] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  125.004581][ T6277] page_type: f5(slab)
[  125.009674][ T6277] raw: 00fff00000000040 ffff88801b442140 0000000000000000 dead000000000001
[  125.054530][ T6277] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  125.065996][ T6277] head: 00fff00000000040 ffff88801b442140 0000000000000000 dead000000000001
[  125.075092][ T6277] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  125.084333][ T6277] head: 00fff00000000003 ffffea0001e00201 00000000ffffffff 00000000ffffffff
[  125.101783][ T6277] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  125.111330][ T6277] page dumped because: unmovable page
[  125.117075][ T6277] page_owner tracks the page as allocated
[  125.122979][ T6277] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5214, tgid 5214 (udevd), ts 56050520762, free_ts 56043402679
[  125.207511][ T6277]  post_alloc_hook+0x1c0/0x230
[  125.212361][ T6277]  get_page_from_freelist+0x1321/0x3890
[  125.227618][ T6277]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  125.235309][ T6277]  alloc_pages_mpol+0x1fb/0x550
[  125.539163][ T6277]  new_slab+0x23b/0x330
[  125.543638][ T6277]  ___slab_alloc+0xd9c/0x1940
[  125.672239][ T6277]  __slab_alloc.constprop.0+0x56/0xb0
[  125.696761][ T6277]  __kmalloc_noprof+0x2f2/0x510
[  125.737739][ T6298] nbd: couldn't find a device at index 925970439
[  125.821719][ T6277]  tomoyo_realpath_from_path+0xc2/0x6e0
[  125.869164][ T6277]  tomoyo_path2_perm+0x2a1/0x710
[  125.897973][ T6277]  tomoyo_path_rename+0xfc/0x1a0
[  125.909695][ T6277]  security_path_rename+0x18e/0x3c0
[  125.914950][ T6277]  do_renameat2+0x735/0xc90
[  125.925336][ T6277]  __x64_sys_rename+0x7d/0xa0
[  125.930185][ T6277]  do_syscall_64+0xcd/0x490
[  125.934728][ T6277]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.940759][ T6277] page last free pid 5212 tgid 5212 stack trace:
[  125.948247][ T6277]  __free_frozen_pages+0x7fe/0x1180
[  125.953502][ T6277]  __put_partials+0x16d/0x1c0
[  125.958328][ T6277]  qlist_free_all+0x4d/0x120
[  125.963707][ T6277]  kasan_quarantine_reduce+0x195/0x1e0
[  125.970364][ T6277]  __kasan_slab_alloc+0x69/0x90
[  125.976337][ T6277]  __kmalloc_noprof+0x1d4/0x510
[  125.981243][ T6277]  tomoyo_realpath_from_path+0xc2/0x6e0
[  126.162853][ T6277]  tomoyo_path_perm+0x274/0x460
[  126.249640][ T6277]  security_inode_getattr+0x116/0x290
[  126.269719][ T6277]  vfs_statx+0x121/0x3e0
[  126.314153][ T6277]  vfs_fstatat+0x7b/0xf0
[  126.320796][ T6277]  __do_sys_newfstatat+0x97/0x120
[  126.325969][ T6277]  do_syscall_64+0xcd/0x490
[  126.333556][ T6277]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.239971][ T6319] nbd: couldn't find a device at index 925970439
[  128.018845][ T6326] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  128.079158][ T6326] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  128.085963][ T6326] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  128.092176][ T6326] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  129.772853][ T6340] nla_validate_range_unsigned: 2 callbacks suppressed
[  129.772870][ T6340] netlink: 'syz.3.72': attribute type 11 has an invalid length.
[  129.903894][ T6340] netlink: 'syz.3.72': attribute type 11 has an invalid length.
[  130.039226][ T6340] netlink: 'syz.3.72': attribute type 11 has an invalid length.
[  130.050360][ T5848] Bluetooth: hci0: command 0x0c1a tx timeout
[  130.057989][   T51] Bluetooth: hci2: command 0x0c1a tx timeout
[  130.127098][ T5848] Bluetooth: hci3: command 0x0c1a tx timeout
[  130.132834][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  130.197589][ T6340] netlink: 'syz.3.72': attribute type 11 has an invalid length.
[  130.615571][ T6348] nbd: couldn't find a device at index 925970439
[  130.787642][ T6342] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78008
[  130.806247][ T6342] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  130.820341][ T6342] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  130.843979][ T6342] page_type: f5(slab)
[  130.887754][ T6342] raw: 00fff00000000040 ffff88801b442140 0000000000000000 dead000000000001
[  130.897935][ T6342] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  131.030297][ T6342] head: 00fff00000000040 ffff88801b442140 0000000000000000 dead000000000001
[  131.039326][ T6342] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  131.048314][ T6342] head: 00fff00000000003 ffffea0001e00201 00000000ffffffff 00000000ffffffff
[  131.057312][ T6342] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  131.067632][ T6342] page dumped because: unmovable page
[  131.073047][ T6342] page_owner tracks the page as allocated
[  131.079534][ T6342] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5214, tgid 5214 (udevd), ts 56050520762, free_ts 56043402679
[  131.100180][ T6342]  post_alloc_hook+0x1c0/0x230
[  131.106373][ T6342]  get_page_from_freelist+0x1321/0x3890
[  131.112063][ T6342]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  131.206175][ T6342]  alloc_pages_mpol+0x1fb/0x550
[  131.211094][ T6342]  new_slab+0x23b/0x330
[  131.234239][ T6342]  ___slab_alloc+0xd9c/0x1940
[  131.276146][ T6342]  __slab_alloc.constprop.0+0x56/0xb0
[  131.281854][ T6342]  __kmalloc_noprof+0x2f2/0x510
[  131.306150][ T6342]  tomoyo_realpath_from_path+0xc2/0x6e0
[  131.383777][ T6342]  tomoyo_path2_perm+0x2a1/0x710
[  131.393874][ T6342]  tomoyo_path_rename+0xfc/0x1a0
[  131.398954][ T6342]  security_path_rename+0x18e/0x3c0
[  131.404301][ T6342]  do_renameat2+0x735/0xc90
[  131.409031][ T6342]  __x64_sys_rename+0x7d/0xa0
[  131.413752][ T6342]  do_syscall_64+0xcd/0x490
[  131.418428][ T6342]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.432316][ T6342] page last free pid 5212 tgid 5212 stack trace:
[  131.438714][ T6342]  __free_frozen_pages+0x7fe/0x1180
[  131.444039][ T6342]  __put_partials+0x16d/0x1c0
[  131.480950][ T6342]  qlist_free_all+0x4d/0x120
[  131.485811][ T6342]  kasan_quarantine_reduce+0x195/0x1e0
[  131.491892][ T6342]  __kasan_slab_alloc+0x69/0x90
[  131.497187][ T6342]  __kmalloc_noprof+0x1d4/0x510
[  131.502214][ T6342]  tomoyo_realpath_from_path+0xc2/0x6e0
[  131.508232][ T6342]  tomoyo_path_perm+0x274/0x460
[  131.513266][ T6342]  security_inode_getattr+0x116/0x290
[  131.519154][ T6342]  vfs_statx+0x121/0x3e0
[  131.523556][ T6342]  vfs_fstatat+0x7b/0xf0
[  131.528238][ T6342]  __do_sys_newfstatat+0x97/0x120
[  131.533318][ T6342]  do_syscall_64+0xcd/0x490
[  131.571315][ T6342]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.773515][ T6362] =======================================================
[  131.773515][ T6362] WARNING: The mand mount option has been deprecated and
[  131.773515][ T6362]          and is ignored by this kernel. Remove the mand
[  131.773515][ T6362]          option from the mount to silence this warning.
[  131.773515][ T6362] =======================================================
[  132.243733][ T6370] nbd: couldn't find a device at index 925970439
[  135.182795][ T6394] zram0: detected capacity change from 0 to 8
[  135.719475][ T6407] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  135.770320][ T6407] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  135.846030][ T6407] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  135.920675][ T6407] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  136.865475][ T6416] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0xffff888078016000 pfn:0x78010
[  136.914998][ T6416] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  136.926700][ T6416] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  136.934398][ T6416] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  136.948011][ T6426] netlink: 'syz.2.88': attribute type 11 has an invalid length.
[  136.955880][ T6416] raw: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  136.967672][ T6416] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  136.977604][ T6426] netlink: 'syz.2.88': attribute type 11 has an invalid length.
[  136.985363][ T6416] head: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  137.024446][ T6416] head: 00fff00000000003 ffffea0001e00401 00000000ffffffff 00000000ffffffff
[  137.044568][ T6416] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  137.061705][ T6416] page dumped because: unmovable page
[  137.071977][ T6416] page_owner tracks the page as allocated
[  137.080561][ T6416] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5686, tgid 5686 (sftp-server), ts 73525452252, free_ts 73116963513
[  137.103900][ T6416]  post_alloc_hook+0x1c0/0x230
[  137.123516][ T6416]  get_page_from_freelist+0x1321/0x3890
[  137.142773][ T6416]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  137.161021][ T6416]  alloc_pages_mpol+0x1fb/0x550
[  137.236880][ T6426] netlink: 'syz.2.88': attribute type 11 has an invalid length.
[  137.244608][ T6426] netlink: 'syz.2.88': attribute type 11 has an invalid length.
[  137.246160][ T6416]  alloc_pages_noprof+0x131/0x390
[  137.284071][ T6416]  skb_page_frag_refill+0x186/0x5a0
[  137.318850][ T6416]  try_fill_recv+0x7e4/0x28a0
[  137.339758][ T6416]  virtnet_poll+0x1984/0x3c30
[  137.344479][ T6416]  __napi_poll.constprop.0+0xba/0x550
[  137.373185][ T6416]  net_rx_action+0xa9f/0xfe0
[  137.424963][ T6416]  handle_softirqs+0x219/0x8e0
[  137.503477][ T6416]  __irq_exit_rcu+0x109/0x170
[  137.523760][ T6416]  irq_exit_rcu+0x9/0x30
[  137.533889][ T6416]  common_interrupt+0xbf/0xe0
[  137.554596][ T6416]  asm_common_interrupt+0x26/0x40
[  137.577298][ T6416] page last free pid 5684 tgid 5684 stack trace:
[  137.608331][ T6416]  __free_frozen_pages+0x7fe/0x1180
[  137.678814][ T6416]  __put_partials+0x16d/0x1c0
[  137.683532][ T6416]  qlist_free_all+0x4d/0x120
[  137.707030][ T6416]  kasan_quarantine_reduce+0x195/0x1e0
[  137.741894][   T51] Bluetooth: hci2: command 0x0c1a tx timeout
[  137.749386][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[  137.755771][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[  137.769100][ T6416]  __kasan_slab_alloc+0x69/0x90
[  137.784684][ T6416]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  137.808920][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  137.886186][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  137.898661][ T6416]  vm_area_alloc+0x1f/0x160
[  137.903210][ T6416]  do_brk_flags+0x293/0x13f0
[  137.956909][ T6416]  __do_sys_brk+0x704/0xaa0
[  137.968053][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[  137.977041][ T6416]  do_syscall_64+0xcd/0x490
[  137.977070][ T6416]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.778826][ T6470] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0xffff888078016000 pfn:0x78010
[  141.882062][ T6470] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  141.964182][ T6470] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  141.974518][ T6470] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  141.985479][ T6470] raw: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  141.998559][ T6470] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  142.117618][ T6470] head: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  142.188000][ T6470] head: 00fff00000000003 ffffea0001e00401 00000000ffffffff 00000000ffffffff
[  142.228516][ T6470] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  142.237936][ T6470] page dumped because: unmovable page
[  142.245085][ T6470] page_owner tracks the page as allocated
[  142.349444][ T6470] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5686, tgid 5686 (sftp-server), ts 73525452252, free_ts 73116963513
[  142.369608][ T6470]  post_alloc_hook+0x1c0/0x230
[  142.376479][ T6470]  get_page_from_freelist+0x1321/0x3890
[  142.391963][ T6470]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  142.398363][ T6470]  alloc_pages_mpol+0x1fb/0x550
[  142.403243][ T6470]  alloc_pages_noprof+0x131/0x390
[  142.408816][ T6470]  skb_page_frag_refill+0x186/0x5a0
[  142.414051][ T6470]  try_fill_recv+0x7e4/0x28a0
[  142.419257][ T6470]  virtnet_poll+0x1984/0x3c30
[  142.423995][ T6470]  __napi_poll.constprop.0+0xba/0x550
[  142.430690][ T6470]  net_rx_action+0xa9f/0xfe0
[  142.436818][ T6470]  handle_softirqs+0x219/0x8e0
[  142.442163][ T6470]  __irq_exit_rcu+0x109/0x170
[  142.447408][ T6470]  irq_exit_rcu+0x9/0x30
[  142.451688][ T6470]  common_interrupt+0xbf/0xe0
[  142.466211][ T6470]  asm_common_interrupt+0x26/0x40
[  142.471375][ T6470] page last free pid 5684 tgid 5684 stack trace:
[  142.478176][ T6470]  __free_frozen_pages+0x7fe/0x1180
[  142.493640][ T6470]  __put_partials+0x16d/0x1c0
[  142.543081][ T6470]  qlist_free_all+0x4d/0x120
[  142.558083][ T6470]  kasan_quarantine_reduce+0x195/0x1e0
[  142.564729][ T6470]  __kasan_slab_alloc+0x69/0x90
[  142.571026][ T6470]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  142.576936][ T6470]  vm_area_alloc+0x1f/0x160
[  142.581581][ T6470]  do_brk_flags+0x293/0x13f0
[  142.587513][ T6470]  __do_sys_brk+0x704/0xaa0
[  142.592142][ T6470]  do_syscall_64+0xcd/0x490
[  142.597187][ T6470]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.586488][ T6486] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0xffff888078016000 pfn:0x78010
[  143.633436][ T6486] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  143.769281][ T6486] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  143.798322][ T6486] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  143.807373][ T6491] netlink: 'syz.3.98': attribute type 11 has an invalid length.
[  143.815197][ T6486] raw: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  143.828794][ T6491] netlink: 'syz.3.98': attribute type 11 has an invalid length.
[  143.846205][ T6491] netlink: 'syz.3.98': attribute type 11 has an invalid length.
[  143.857441][ T6491] netlink: 'syz.3.98': attribute type 11 has an invalid length.
[  143.915396][ T6486] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  143.925445][ T6486] head: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  143.945572][ T6486] head: 00fff00000000003 ffffea0001e00401 00000000ffffffff 00000000ffffffff
[  143.955376][ T6486] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  143.964179][ T6486] page dumped because: unmovable page
[  143.970761][ T6486] page_owner tracks the page as allocated
[  143.977475][ T6486] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5686, tgid 5686 (sftp-server), ts 73525452252, free_ts 73116963513
[  144.006201][ T6486]  post_alloc_hook+0x1c0/0x230
[  144.011101][ T6486]  get_page_from_freelist+0x1321/0x3890
[  144.021241][ T6486]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  144.031366][ T6486]  alloc_pages_mpol+0x1fb/0x550
[  144.041502][ T6486]  alloc_pages_noprof+0x131/0x390
[  144.048521][ T6486]  skb_page_frag_refill+0x186/0x5a0
[  144.053856][ T6486]  try_fill_recv+0x7e4/0x28a0
[  144.063997][ T6486]  virtnet_poll+0x1984/0x3c30
[  144.074156][ T6486]  __napi_poll.constprop.0+0xba/0x550
[  144.084343][ T6486]  net_rx_action+0xa9f/0xfe0
[  144.094440][ T6486]  handle_softirqs+0x219/0x8e0
[  144.104548][ T6486]  __irq_exit_rcu+0x109/0x170
[  144.114675][ T6486]  irq_exit_rcu+0x9/0x30
[  144.156653][ T6486]  common_interrupt+0xbf/0xe0
[  144.166368][ T6486]  asm_common_interrupt+0x26/0x40
[  144.186586][ T6486] page last free pid 5684 tgid 5684 stack trace:
[  144.203417][ T6486]  __free_frozen_pages+0x7fe/0x1180
[  144.219273][ T6486]  __put_partials+0x16d/0x1c0
[  144.230633][ T6486]  qlist_free_all+0x4d/0x120
[  144.235255][ T6486]  kasan_quarantine_reduce+0x195/0x1e0
[  144.256223][ T6486]  __kasan_slab_alloc+0x69/0x90
[  144.271359][ T6486]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  144.315357][ T6486]  vm_area_alloc+0x1f/0x160
[  144.330234][ T6486]  do_brk_flags+0x293/0x13f0
[  144.340349][ T6486]  __do_sys_brk+0x704/0xaa0
[  144.351556][ T6486]  do_syscall_64+0xcd/0x490
[  144.365104][ T6486]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.400956][ T6498] netlink: 'syz.2.99': attribute type 10 has an invalid length.
[  144.410615][ T6498] netlink: 230 bytes leftover after parsing attributes in process `syz.2.99'.
[  144.513636][ T6493] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0xffff888078016000 pfn:0x78010
[  144.558512][ T6493] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  144.567670][ T6493] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  144.575295][ T6493] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  144.585025][ T6493] raw: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  144.593884][ T6493] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  144.606904][ T6493] head: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  144.696415][ T6493] head: 00fff00000000003 ffffea0001e00401 00000000ffffffff 00000000ffffffff
[  144.724100][ T6493] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  144.767298][ T6493] page dumped because: unmovable page
[  144.808640][ T6493] page_owner tracks the page as allocated
[  144.838900][ T6493] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5686, tgid 5686 (sftp-server), ts 73525452252, free_ts 73116963513
[  144.860327][ T6493]  post_alloc_hook+0x1c0/0x230
[  144.865133][ T6493]  get_page_from_freelist+0x1321/0x3890
[  144.969854][ T6493]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  145.075396][ T6493]  alloc_pages_mpol+0x1fb/0x550
[  145.081124][ T6493]  alloc_pages_noprof+0x131/0x390
[  145.088602][ T6493]  skb_page_frag_refill+0x186/0x5a0
[  145.095971][ T6493]  try_fill_recv+0x7e4/0x28a0
[  145.109743][ T6493]  virtnet_poll+0x1984/0x3c30
[  145.116137][ T6493]  __napi_poll.constprop.0+0xba/0x550
[  145.124679][ T6493]  net_rx_action+0xa9f/0xfe0
[  145.129481][ T6493]  handle_softirqs+0x219/0x8e0
[  145.134269][ T6493]  __irq_exit_rcu+0x109/0x170
[  145.473329][ T6493]  irq_exit_rcu+0x9/0x30
[  145.580128][ T6493]  common_interrupt+0xbf/0xe0
[  145.585002][ T6493]  asm_common_interrupt+0x26/0x40
[  145.595380][ T6493] page last free pid 5684 tgid 5684 stack trace:
[  145.650630][ T6493]  __free_frozen_pages+0x7fe/0x1180
[  145.681754][ T6493]  __put_partials+0x16d/0x1c0
[  145.700669][ T6493]  qlist_free_all+0x4d/0x120
[  145.744306][ T6493]  kasan_quarantine_reduce+0x195/0x1e0
[  145.793015][ T6493]  __kasan_slab_alloc+0x69/0x90
[  145.814285][ T6493]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  146.058203][ T6493]  vm_area_alloc+0x1f/0x160
[  146.065939][ T6493]  do_brk_flags+0x293/0x13f0
[  146.071942][ T6493]  __do_sys_brk+0x704/0xaa0
[  146.079449][ T6493]  do_syscall_64+0xcd/0x490
[  146.094668][ T6493]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.141933][ T6498] team0: Port device team_slave_1 removed
[  147.660013][ T6534] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0xffff888078016000 pfn:0x78010
[  147.670345][ T6534] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  147.680085][ T6534] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  147.689409][ T6534] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  147.698588][ T6534] raw: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  147.709852][ T6534] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  147.718742][ T6534] head: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  147.728438][ T6534] head: 00fff00000000003 ffffea0001e00401 00000000ffffffff 00000000ffffffff
[  147.739026][ T6534] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  147.770591][ T6534] page dumped because: unmovable page
[  147.776005][ T6534] page_owner tracks the page as allocated
[  147.852138][ T6534] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5686, tgid 5686 (sftp-server), ts 73525452252, free_ts 73116963513
[  147.976146][ T6534]  post_alloc_hook+0x1c0/0x230
[  147.989551][ T6534]  get_page_from_freelist+0x1321/0x3890
[  148.028681][ T6534]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  148.034623][ T6534]  alloc_pages_mpol+0x1fb/0x550
[  148.076661][ T6534]  alloc_pages_noprof+0x131/0x390
[  148.108265][ T6534]  skb_page_frag_refill+0x186/0x5a0
[  148.154963][ T6534]  try_fill_recv+0x7e4/0x28a0
[  148.182466][ T6534]  virtnet_poll+0x1984/0x3c30
[  148.216194][ T6534]  __napi_poll.constprop.0+0xba/0x550
[  148.235383][ T6534]  net_rx_action+0xa9f/0xfe0
[  148.251902][ T6534]  handle_softirqs+0x219/0x8e0
[  148.280541][ T6534]  __irq_exit_rcu+0x109/0x170
[  148.285306][ T6534]  irq_exit_rcu+0x9/0x30
[  148.337716][ T6534]  common_interrupt+0xbf/0xe0
[  148.352768][ T6534]  asm_common_interrupt+0x26/0x40
[  148.382595][ T6534] page last free pid 5684 tgid 5684 stack trace:
[  148.389781][ T6534]  __free_frozen_pages+0x7fe/0x1180
[  148.398370][ T6534]  __put_partials+0x16d/0x1c0
[  148.403884][ T6534]  qlist_free_all+0x4d/0x120
[  148.414979][ T6534]  kasan_quarantine_reduce+0x195/0x1e0
[  148.426631][ T6534]  __kasan_slab_alloc+0x69/0x90
[  148.440840][ T6534]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  148.447395][ T6534]  vm_area_alloc+0x1f/0x160
[  148.451937][ T6534]  do_brk_flags+0x293/0x13f0
[  148.460271][ T6534]  __do_sys_brk+0x704/0xaa0
[  148.466716][ T6534]  do_syscall_64+0xcd/0x490
[  148.475067][ T6534]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.163808][   T30] audit: type=1800 audit(6044417951.032:3): pid=6549 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.107" name="file0" dev="tmpfs" ino=165 res=0 errno=0
[  151.078547][ T6572] netlink: 'syz.2.111': attribute type 11 has an invalid length.
[  151.136748][ T6572] netlink: 'syz.2.111': attribute type 11 has an invalid length.
[  151.376173][ T6572] netlink: 'syz.2.111': attribute type 11 has an invalid length.
[  151.393962][ T6572] netlink: 'syz.2.111': attribute type 11 has an invalid length.
[  152.127315][ T6573] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0xffff888078016000 pfn:0x78010
[  152.244470][ T6573] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  152.313712][ T6573] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  152.326383][ T6573] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  152.408969][ T6573] raw: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  152.426148][ T6573] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  152.441668][ T6573] head: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  152.464769][ T6573] head: 00fff00000000003 ffffea0001e00401 00000000ffffffff 00000000ffffffff
[  152.491703][ T6573] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  152.503780][ T6573] page dumped because: unmovable page
[  152.510375][ T6573] page_owner tracks the page as allocated
[  152.546329][ T6573] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5686, tgid 5686 (sftp-server), ts 73525452252, free_ts 73116963513
[  152.600097][ T6573]  post_alloc_hook+0x1c0/0x230
[  152.615102][ T6573]  get_page_from_freelist+0x1321/0x3890
[  152.626283][ T6573]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  152.644147][ T6573]  alloc_pages_mpol+0x1fb/0x550
[  152.651630][ T6573]  alloc_pages_noprof+0x131/0x390
[  152.657114][ T6573]  skb_page_frag_refill+0x186/0x5a0
[  152.662353][ T6573]  try_fill_recv+0x7e4/0x28a0
[  152.669915][ T6573]  virtnet_poll+0x1984/0x3c30
[  152.677471][ T6573]  __napi_poll.constprop.0+0xba/0x550
[  152.682888][ T6573]  net_rx_action+0xa9f/0xfe0
[  152.693199][ T6573]  handle_softirqs+0x219/0x8e0
[  152.698438][ T6573]  __irq_exit_rcu+0x109/0x170
[  152.703306][ T6573]  irq_exit_rcu+0x9/0x30
[  152.714263][ T6573]  common_interrupt+0xbf/0xe0
[  152.719251][ T6573]  asm_common_interrupt+0x26/0x40
[  152.724413][ T6573] page last free pid 5684 tgid 5684 stack trace:
[  152.734809][ T6573]  __free_frozen_pages+0x7fe/0x1180
[  152.740287][ T6573]  __put_partials+0x16d/0x1c0
[  152.745127][ T6573]  qlist_free_all+0x4d/0x120
[  152.753104][ T6573]  kasan_quarantine_reduce+0x195/0x1e0
[  152.758989][ T6573]  __kasan_slab_alloc+0x69/0x90
[  152.763883][ T6573]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  152.780255][ T6573]  vm_area_alloc+0x1f/0x160
[  152.784889][ T6573]  do_brk_flags+0x293/0x13f0
[  152.856137][ T6573]  __do_sys_brk+0x704/0xaa0
[  152.896576][ T6573]  do_syscall_64+0xcd/0x490
[  152.901985][ T6573]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.410598][ T6617] random: crng reseeded on system resumption
[  155.439913][ T6613] writes to the poll attribute are ignored.
[  155.450182][ T6613] please use driver specific parameters instead.
[  155.781824][ T6621] netlink: 'syz.1.119': attribute type 11 has an invalid length.
[  155.868639][ T6621] netlink: 'syz.1.119': attribute type 11 has an invalid length.
[  155.879854][ T6618] Unrecognized hibernate image header format!
[  155.906164][ T6618] PM: hibernation: Image mismatch: architecture specific data
[  155.916322][ T6621] netlink: 'syz.1.119': attribute type 11 has an invalid length.
[  155.929593][ T6621] netlink: 'syz.1.119': attribute type 11 has an invalid length.
[  156.367856][ T6620] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0xffff888078016000 pfn:0x78010
[  156.382566][ T6620] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  156.397807][ T6620] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  156.408278][ T6620] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  156.449463][ T6620] raw: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  156.559655][ T6620] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  156.569146][ T6620] head: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  156.596260][ T6620] head: 00fff00000000003 ffffea0001e00401 00000000ffffffff 00000000ffffffff
[  156.609711][ T6620] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  156.621886][ T6620] page dumped because: unmovable page
[  156.628643][ T6620] page_owner tracks the page as allocated
[  156.635523][ T6620] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5686, tgid 5686 (sftp-server), ts 73525452252, free_ts 73116963513
[  156.676455][ T6638] netlink: 'syz.2.121': attribute type 11 has an invalid length.
[  156.684287][ T6638] netlink: 'syz.2.121': attribute type 11 has an invalid length.
[  156.692650][ T6638] netlink: 'syz.2.121': attribute type 11 has an invalid length.
[  156.700700][ T6638] netlink: 'syz.2.121': attribute type 11 has an invalid length.
[  156.720702][ T6620]  post_alloc_hook+0x1c0/0x230
[  156.725598][ T6620]  get_page_from_freelist+0x1321/0x3890
[  156.753436][ T6620]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  156.759681][ T6620]  alloc_pages_mpol+0x1fb/0x550
[  156.784172][ T6620]  alloc_pages_noprof+0x131/0x390
[  156.801141][ T6620]  skb_page_frag_refill+0x186/0x5a0
[  156.807098][ T6620]  try_fill_recv+0x7e4/0x28a0
[  156.813170][ T6620]  virtnet_poll+0x1984/0x3c30
[  156.854285][ T6620]  __napi_poll.constprop.0+0xba/0x550
[  156.862684][ T6620]  net_rx_action+0xa9f/0xfe0
[  156.867620][ T6620]  handle_softirqs+0x219/0x8e0
[  156.878830][ T6620]  __irq_exit_rcu+0x109/0x170
[  156.888955][ T6620]  irq_exit_rcu+0x9/0x30
[  156.893239][ T6620]  common_interrupt+0xbf/0xe0
[  156.948875][ T6620]  asm_common_interrupt+0x26/0x40
[  156.993927][ T6620] page last free pid 5684 tgid 5684 stack trace:
[  157.004778][ T6620]  __free_frozen_pages+0x7fe/0x1180
[  157.023003][ T6620]  __put_partials+0x16d/0x1c0
[  157.046021][ T6620]  qlist_free_all+0x4d/0x120
[  157.053151][ T6620]  kasan_quarantine_reduce+0x195/0x1e0
[  157.058930][ T6620]  __kasan_slab_alloc+0x69/0x90
[  157.063857][ T6620]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  157.077760][ T6620]  vm_area_alloc+0x1f/0x160
[  157.083771][ T6620]  do_brk_flags+0x293/0x13f0
[  157.089793][ T6620]  __do_sys_brk+0x704/0xaa0
[  157.104839][ T6620]  do_syscall_64+0xcd/0x490
[  157.142851][ T6620]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.202812][ T6639] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0xffff888078016000 pfn:0x78010
[  157.238460][ T6639] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  157.328040][ T6639] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  157.336252][ T6639] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  157.344912][ T6639] raw: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  157.353861][ T6639] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  157.362652][ T6639] head: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  157.371466][ T6639] head: 00fff00000000003 ffffea0001e00401 00000000ffffffff 00000000ffffffff
[  157.414671][ T6639] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  157.424523][ T6639] page dumped because: unmovable page
[  157.430098][ T6639] page_owner tracks the page as allocated
[  157.435873][ T6639] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5686, tgid 5686 (sftp-server), ts 73525452252, free_ts 73116963513
[  157.455238][ T6639]  post_alloc_hook+0x1c0/0x230
[  157.460243][ T6639]  get_page_from_freelist+0x1321/0x3890
[  157.465891][ T6639]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  157.471896][ T6639]  alloc_pages_mpol+0x1fb/0x550
[  157.476956][ T6639]  alloc_pages_noprof+0x131/0x390
[  157.482051][ T6639]  skb_page_frag_refill+0x186/0x5a0
[  157.564881][ T6639]  try_fill_recv+0x7e4/0x28a0
[  157.570736][ T6639]  virtnet_poll+0x1984/0x3c30
[  157.575522][ T6639]  __napi_poll.constprop.0+0xba/0x550
[  157.583064][ T6639]  net_rx_action+0xa9f/0xfe0
[  157.639736][ T6639]  handle_softirqs+0x219/0x8e0
[  157.644568][ T6639]  __irq_exit_rcu+0x109/0x170
[  157.892900][ T6639]  irq_exit_rcu+0x9/0x30
[  157.898841][ T6639]  common_interrupt+0xbf/0xe0
[  157.903697][ T6639]  asm_common_interrupt+0x26/0x40
[  157.916766][ T6639] page last free pid 5684 tgid 5684 stack trace:
[  157.936225][ T6639]  __free_frozen_pages+0x7fe/0x1180
[  157.945406][ T6639]  __put_partials+0x16d/0x1c0
[  158.022407][ T6639]  qlist_free_all+0x4d/0x120
[  158.054807][ T6639]  kasan_quarantine_reduce+0x195/0x1e0
[  158.079426][ T6639]  __kasan_slab_alloc+0x69/0x90
[  158.306483][ T6639]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  158.331314][ T6639]  vm_area_alloc+0x1f/0x160
[  158.335900][ T6639]  do_brk_flags+0x293/0x13f0
[  158.364349][ T6639]  __do_sys_brk+0x704/0xaa0
[  158.369383][ T6639]  do_syscall_64+0xcd/0x490
[  158.376530][ T6639]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.033373][ T6661] netlink: 'syz.3.125': attribute type 11 has an invalid length.
[  159.106214][ T6661] netlink: 'syz.3.125': attribute type 11 has an invalid length.
[  159.114032][ T6661] netlink: 'syz.3.125': attribute type 11 has an invalid length.
[  159.122360][ T6661] netlink: 'syz.3.125': attribute type 11 has an invalid length.
[  159.269106][ T6663] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0xffff888078016000 pfn:0x78010
[  159.288725][ T6663] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  159.458182][ T6663] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  159.469967][ T6663] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  159.478908][ T6663] raw: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  159.502850][ T6663] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  159.512745][ T6663] head: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  159.522752][ T6663] head: 00fff00000000003 ffffea0001e00401 00000000ffffffff 00000000ffffffff
[  159.546819][ T6663] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  159.591717][ T6663] page dumped because: unmovable page
[  159.599880][ T6663] page_owner tracks the page as allocated
[  159.699878][ T6663] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5686, tgid 5686 (sftp-server), ts 73525452252, free_ts 73116963513
[  159.836556][ T6663]  post_alloc_hook+0x1c0/0x230
[  159.842702][ T6663]  get_page_from_freelist+0x1321/0x3890
[  159.914363][ T6663]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  159.920733][ T6663]  alloc_pages_mpol+0x1fb/0x550
[  159.925635][ T6663]  alloc_pages_noprof+0x131/0x390
[  159.956913][ T6663]  skb_page_frag_refill+0x186/0x5a0
[  159.988217][ T6663]  try_fill_recv+0x7e4/0x28a0
[  160.000162][ T6663]  virtnet_poll+0x1984/0x3c30
[  160.004903][ T6663]  __napi_poll.constprop.0+0xba/0x550
[  160.020965][ T6663]  net_rx_action+0xa9f/0xfe0
[  160.025623][ T6663]  handle_softirqs+0x219/0x8e0
[  160.030843][ T6663]  __irq_exit_rcu+0x109/0x170
[  160.035576][ T6663]  irq_exit_rcu+0x9/0x30
[  160.061242][ T6663]  common_interrupt+0xbf/0xe0
[  160.078067][ T6663]  asm_common_interrupt+0x26/0x40
[  160.087129][ T6663] page last free pid 5684 tgid 5684 stack trace:
[  160.103574][ T6663]  __free_frozen_pages+0x7fe/0x1180
[  160.109063][ T6663]  __put_partials+0x16d/0x1c0
[  160.125169][ T6663]  qlist_free_all+0x4d/0x120
[  160.139472][ T6663]  kasan_quarantine_reduce+0x195/0x1e0
[  160.150873][ T6663]  __kasan_slab_alloc+0x69/0x90
[  160.155771][ T6663]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  160.172766][ T6663]  vm_area_alloc+0x1f/0x160
[  160.180968][ T6663]  do_brk_flags+0x293/0x13f0
[  160.194699][ T6663]  __do_sys_brk+0x704/0xaa0
[  160.204352][ T6663]  do_syscall_64+0xcd/0x490
[  160.214007][ T6663]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.152998][ T6685] nbd: couldn't find a device at index 925970439
[  161.184057][ T6684] HfR: entered promiscuous mode
[  161.715317][ T6671] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0xffff888078016000 pfn:0x78010
[  161.803780][ T6671] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  161.873484][ T6671] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  161.886682][ T6671] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  161.898003][ T6671] raw: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  161.911361][ T6671] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  161.920385][ T6671] head: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  161.929210][ T6671] head: 00fff00000000003 ffffea0001e00401 00000000ffffffff 00000000ffffffff
[  161.988079][ T6671] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  161.998954][ T6671] page dumped because: unmovable page
[  162.004726][ T6671] page_owner tracks the page as allocated
[  162.018217][ T6671] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5686, tgid 5686 (sftp-server), ts 73525452252, free_ts 73116963513
[  162.054817][ T6671]  post_alloc_hook+0x1c0/0x230
[  162.147121][ T6671]  get_page_from_freelist+0x1321/0x3890
[  162.152749][ T6671]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  162.185583][ T6699] netlink: 'syz.0.132': attribute type 11 has an invalid length.
[  162.215465][ T6671]  alloc_pages_mpol+0x1fb/0x550
[  162.221319][ T6699] netlink: 'syz.0.132': attribute type 11 has an invalid length.
[  162.229373][ T6699] netlink: 'syz.0.132': attribute type 11 has an invalid length.
[  162.245910][ T6671]  alloc_pages_noprof+0x131/0x390
[  162.252118][ T6671]  skb_page_frag_refill+0x186/0x5a0
[  162.260802][ T6671]  try_fill_recv+0x7e4/0x28a0
[  162.265540][ T6671]  virtnet_poll+0x1984/0x3c30
[  162.278504][ T6671]  __napi_poll.constprop.0+0xba/0x550
[  162.284198][ T6671]  net_rx_action+0xa9f/0xfe0
[  162.292223][ T6699] netlink: 'syz.0.132': attribute type 11 has an invalid length.
[  162.306121][ T6671]  handle_softirqs+0x219/0x8e0
[  162.310926][ T6671]  __irq_exit_rcu+0x109/0x170
[  162.321642][ T6671]  irq_exit_rcu+0x9/0x30
[  162.344648][ T6671]  common_interrupt+0xbf/0xe0
[  162.353932][ T6671]  asm_common_interrupt+0x26/0x40
[  162.361168][ T6671] page last free pid 5684 tgid 5684 stack trace:
[  162.372475][ T6671]  __free_frozen_pages+0x7fe/0x1180
[  162.381246][ T6671]  __put_partials+0x16d/0x1c0
[  162.397154][ T6671]  qlist_free_all+0x4d/0x120
[  162.405175][ T6671]  kasan_quarantine_reduce+0x195/0x1e0
[  162.412830][ T6671]  __kasan_slab_alloc+0x69/0x90
[  162.423277][ T6671]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  162.432815][ T6671]  vm_area_alloc+0x1f/0x160
[  162.449468][ T6671]  do_brk_flags+0x293/0x13f0
[  162.516798][ T6671]  __do_sys_brk+0x704/0xaa0
[  162.552423][ T6671]  do_syscall_64+0xcd/0x490
[  162.567329][ T6706] netlink: 'syz.2.133': attribute type 11 has an invalid length.
[  162.575493][ T6671]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.947449][ T6706] netlink: 'syz.2.133': attribute type 11 has an invalid length.
[  162.955459][ T6706] netlink: 'syz.2.133': attribute type 11 has an invalid length.
[  162.963409][ T6706] netlink: 'syz.2.133': attribute type 11 has an invalid length.
[  163.353206][ T6696] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0xffff888078016000 pfn:0x78010
[  163.384305][ T6696] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  163.393175][ T6696] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  163.400997][ T6696] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  163.410801][ T6696] raw: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  163.495663][ T6696] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  163.514311][ T6696] head: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  163.729325][ T6696] head: 00fff00000000003 ffffea0001e00401 00000000ffffffff 00000000ffffffff
[  163.763905][ T6696] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  163.816169][ T6696] page dumped because: unmovable page
[  163.821592][ T6696] page_owner tracks the page as allocated
[  163.856739][ T6696] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5686, tgid 5686 (sftp-server), ts 73525452252, free_ts 73116963513
[  163.966711][ T6696]  post_alloc_hook+0x1c0/0x230
[  164.005965][ T6696]  get_page_from_freelist+0x1321/0x3890
[  164.036108][ T6696]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  164.043384][ T6696]  alloc_pages_mpol+0x1fb/0x550
[  164.048724][ T6696]  alloc_pages_noprof+0x131/0x390
[  164.066186][ T6696]  skb_page_frag_refill+0x186/0x5a0
[  164.071425][ T6696]  try_fill_recv+0x7e4/0x28a0
[  164.076241][ T6696]  virtnet_poll+0x1984/0x3c30
[  164.080958][ T6696]  __napi_poll.constprop.0+0xba/0x550
[  164.086596][ T6696]  net_rx_action+0xa9f/0xfe0
[  164.091215][ T6696]  handle_softirqs+0x219/0x8e0
[  164.095989][ T6696]  __irq_exit_rcu+0x109/0x170
[  164.111023][ T6696]  irq_exit_rcu+0x9/0x30
[  164.115295][ T6696]  common_interrupt+0xbf/0xe0
[  164.146112][ T6696]  asm_common_interrupt+0x26/0x40
[  164.156017][ T6696] page last free pid 5684 tgid 5684 stack trace:
[  164.169386][ T6696]  __free_frozen_pages+0x7fe/0x1180
[  164.176245][ T6696]  __put_partials+0x16d/0x1c0
[  164.180948][ T6696]  qlist_free_all+0x4d/0x120
[  164.185696][ T6696]  kasan_quarantine_reduce+0x195/0x1e0
[  164.195839][ T6696]  __kasan_slab_alloc+0x69/0x90
[  164.220784][ T6696]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  164.238109][ T6696]  vm_area_alloc+0x1f/0x160
[  164.244323][ T6696]  do_brk_flags+0x293/0x13f0
[  164.259830][ T6696]  __do_sys_brk+0x704/0xaa0
[  164.274743][ T6696]  do_syscall_64+0xcd/0x490
[  164.288727][ T6696]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.379491][ T6716] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  164.404288][ T6716] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  165.185591][ T6727] nbd: couldn't find a device at index 925970439
[  167.275732][ T6747] netlink: 'syz.2.142': attribute type 11 has an invalid length.
[  167.303887][ T6747] netlink: 'syz.2.142': attribute type 11 has an invalid length.
[  167.320053][ T6747] netlink: 'syz.2.142': attribute type 11 has an invalid length.
[  167.354583][ T6747] netlink: 'syz.2.142': attribute type 11 has an invalid length.
[  169.238224][ T6769] netlink: 'syz.2.146': attribute type 11 has an invalid length.
[  169.254438][ T6769] netlink: 'syz.2.146': attribute type 11 has an invalid length.
[  169.265261][ T6769] netlink: 'syz.2.146': attribute type 11 has an invalid length.
[  169.277138][ T6769] netlink: 'syz.2.146': attribute type 11 has an invalid length.
[  169.441123][ T6774] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6
[  169.620738][ T6777] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input7
[  169.746476][ T6766] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0xffff888078016000 pfn:0x78010
[  169.789746][ T6766] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  169.799818][ T6766] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  169.808788][ T6766] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  169.818939][ T6766] raw: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  169.829857][ T6766] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  169.846181][ T6766] head: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  169.994947][ T6766] head: 00fff00000000003 ffffea0001e00401 00000000ffffffff 00000000ffffffff
[  170.008847][ T6766] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  170.023566][ T6766] page dumped because: unmovable page
[  170.065511][ T6766] page_owner tracks the page as allocated
[  170.120495][ T6784] netlink: 28 bytes leftover after parsing attributes in process `syz.0.150'.
[  170.138822][ T6766] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5686, tgid 5686 (sftp-server), ts 73525452252, free_ts 73116963513
[  170.298905][ T6784] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  170.346156][ T6766]  post_alloc_hook+0x1c0/0x230
[  170.350972][ T6766]  get_page_from_freelist+0x1321/0x3890
[  170.377974][ T6766]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  170.394151][ T6766]  alloc_pages_mpol+0x1fb/0x550
[  170.406121][ T6766]  alloc_pages_noprof+0x131/0x390
[  170.426328][ T6766]  skb_page_frag_refill+0x186/0x5a0
[  170.439306][ T6766]  try_fill_recv+0x7e4/0x28a0
[  170.459033][ T6766]  virtnet_poll+0x1984/0x3c30
[  170.481952][ T6766]  __napi_poll.constprop.0+0xba/0x550
[  170.516342][ T6766]  net_rx_action+0xa9f/0xfe0
[  170.539439][ T6766]  handle_softirqs+0x219/0x8e0
[  170.565538][ T6766]  __irq_exit_rcu+0x109/0x170
[  170.583858][ T6766]  irq_exit_rcu+0x9/0x30
[  170.596611][ T6766]  common_interrupt+0xbf/0xe0
[  170.601358][ T6766]  asm_common_interrupt+0x26/0x40
[  170.609743][ T6766] page last free pid 5684 tgid 5684 stack trace:
[  170.616678][ T6766]  __free_frozen_pages+0x7fe/0x1180
[  170.630700][ T6766]  __put_partials+0x16d/0x1c0
[  170.647761][ T6766]  qlist_free_all+0x4d/0x120
[  170.657887][ T6766]  kasan_quarantine_reduce+0x195/0x1e0
[  170.684209][ T6766]  __kasan_slab_alloc+0x69/0x90
[  170.705096][ T6766]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  170.718238][ T6766]  vm_area_alloc+0x1f/0x160
[  170.723015][ T6766]  do_brk_flags+0x293/0x13f0
[  170.732021][ T6766]  __do_sys_brk+0x704/0xaa0
[  170.738916][ T6766]  do_syscall_64+0xcd/0x490
[  170.746915][ T6766]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.182137][ T6793] netlink: 'syz.0.152': attribute type 11 has an invalid length.
[  171.200456][ T6793] netlink: 'syz.0.152': attribute type 11 has an invalid length.
[  171.409043][ T6797] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888078000000 pfn:0x78000
[  171.421678][ T6797] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  171.436178][ T6797] memcg:ffff888034912201
[  171.440837][ T6797] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[  171.456174][ T6797] page_type: f5(slab)
[  171.460395][ T6797] raw: 00fff00000000240 ffff88801b44b500 ffffea0000d39e10 ffffea0000a22a10
[  171.469967][ T6797] raw: ffff888078000000 0000000000040003 00000000f5000000 ffff888034912201
[  171.478756][ T6797] head: 00fff00000000240 ffff88801b44b500 ffffea0000d39e10 ffffea0000a22a10
[  171.487713][ T6797] head: ffff888078000000 0000000000040003 00000000f5000000 ffff888034912201
[  171.496617][ T6792] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  171.502592][ T6797] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  171.511411][ T6797] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  171.521401][ T6797] page dumped because: unmovable page
[  171.526972][ T6797] page_owner tracks the page as allocated
[  171.532771][ T6797] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5850, tgid 5850 (udevd), ts 93412929067, free_ts 93292827304
[  171.553823][ T6797]  post_alloc_hook+0x1c0/0x230
[  171.561871][ T6797]  get_page_from_freelist+0x1321/0x3890
[  171.573465][ T6797]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  171.581881][ T6792] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  171.594238][ T6792] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  171.600356][ T6792] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  171.648026][ T6797]  alloc_pages_mpol+0x1fb/0x550
[  171.653041][ T6797]  new_slab+0x23b/0x330
[  171.662364][ T6797]  ___slab_alloc+0xd9c/0x1940
[  171.689828][ T6797]  __slab_alloc.constprop.0+0x56/0xb0
[  171.702074][ T6797]  __kvmalloc_node_noprof+0x3b1/0x620
[  171.719904][ T6797]  seq_read_iter+0x826/0x12c0
[  171.753833][ T6797]  kernfs_fop_read_iter+0x40f/0x5a0
[  171.759409][ T6797]  vfs_read+0x8bc/0xc60
[  171.764245][ T6797]  ksys_read+0x12a/0x250
[  171.916657][ T6797]  do_syscall_64+0xcd/0x490
[  171.921319][ T6797]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.928564][ T6797] page last free pid 5831 tgid 5831 stack trace:
[  171.934938][ T6797]  __free_frozen_pages+0x7fe/0x1180
[  171.940366][ T6797]  qlist_free_all+0x4d/0x120
[  171.945048][ T6797]  kasan_quarantine_reduce+0x195/0x1e0
[  171.950779][ T6797]  __kasan_slab_alloc+0x69/0x90
[  171.955692][ T6797]  kmem_cache_alloc_lru_noprof+0x1d0/0x3b0
[  172.056177][ T6797]  alloc_inode+0x61/0x240
[  172.063427][ T6797]  new_inode+0x22/0x1c0
[  172.093437][ T6797]  __debugfs_create_file+0x11c/0x6b0
[  172.113242][ T6797]  debugfs_create_file_unsafe+0x3c/0x50
[  172.182753][ T6797]  debugfs_create_bool+0x70/0xa0
[  172.192087][ T6797]  nsim_drv_probe+0x9b0/0x1490
[  172.353374][ T6797]  really_probe+0x241/0xa90
[  172.358420][ T6797]  __driver_probe_device+0x1de/0x440
[  172.363801][ T6797]  driver_probe_device+0x4c/0x1b0
[  172.451223][ T6797]  __device_attach_driver+0x1df/0x310
[  172.593486][ T6797]  bus_for_each_drv+0x159/0x1e0
[  172.919711][ T6820] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0xffff888078016000 pfn:0x78010
[  172.944172][ T6820] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  173.015226][ T6820] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  173.167680][ T6820] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  173.234615][ T6820] raw: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  173.329063][ T6820] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  173.407698][ T6820] head: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  173.528429][ T6820] head: 00fff00000000003 ffffea0001e00401 00000000ffffffff 00000000ffffffff
[  173.586249][ T5848] Bluetooth: hci2: command 0x0c1a tx timeout
[  173.616640][ T6820] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  173.625454][ T6820] page dumped because: unmovable page
[  173.631376][ T6820] page_owner tracks the page as allocated
[  173.651428][ T5848] Bluetooth: hci1: command 0x0c1a tx timeout
[  173.651442][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  173.657850][ T5848] Bluetooth: hci3: command 0x0c1a tx timeout
[  173.758984][ T6820] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5686, tgid 5686 (sftp-server), ts 73525452252, free_ts 73116963513
[  173.800128][ T6820]  post_alloc_hook+0x1c0/0x230
[  173.862098][ T6820]  get_page_from_freelist+0x1321/0x3890
[  174.101839][ T6820]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  174.124428][ T6820]  alloc_pages_mpol+0x1fb/0x550
[  174.129846][ T6820]  alloc_pages_noprof+0x131/0x390
[  174.139862][ T6820]  skb_page_frag_refill+0x186/0x5a0
[  174.175654][ T6820]  try_fill_recv+0x7e4/0x28a0
[  174.202917][ T6820]  virtnet_poll+0x1984/0x3c30
[  174.208040][ T6820]  __napi_poll.constprop.0+0xba/0x550
[  174.213875][ T6820]  net_rx_action+0xa9f/0xfe0
[  174.223221][ T6820]  handle_softirqs+0x219/0x8e0
[  174.244078][ T6820]  __irq_exit_rcu+0x109/0x170
[  174.249204][ T6820]  irq_exit_rcu+0x9/0x30
[  174.253521][ T6820]  common_interrupt+0xbf/0xe0
[  174.258759][ T6820]  asm_common_interrupt+0x26/0x40
[  174.263851][ T6820] page last free pid 5684 tgid 5684 stack trace:
[  174.270297][ T6820]  __free_frozen_pages+0x7fe/0x1180
[  174.275546][ T6820]  __put_partials+0x16d/0x1c0
[  174.281967][ T6820]  qlist_free_all+0x4d/0x120
[  174.350686][ T6820]  kasan_quarantine_reduce+0x195/0x1e0
[  174.360786][ T6820]  __kasan_slab_alloc+0x69/0x90
[  174.367829][ T6820]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  174.376310][ T6820]  vm_area_alloc+0x1f/0x160
[  174.382641][ T6820]  do_brk_flags+0x293/0x13f0
[  174.388260][ T6820]  __do_sys_brk+0x704/0xaa0
[  174.392833][ T6820]  do_syscall_64+0xcd/0x490
[  174.397862][ T6820]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.820744][ T6851] nla_validate_range_unsigned: 6 callbacks suppressed
[  174.820759][ T6851] netlink: 'syz.2.162': attribute type 11 has an invalid length.
[  174.870798][ T6851] netlink: 'syz.2.162': attribute type 11 has an invalid length.
[  174.918775][ T6851] netlink: 'syz.2.162': attribute type 11 has an invalid length.
[  175.026248][ T6851] netlink: 'syz.2.162': attribute type 11 has an invalid length.
[  175.078399][ T6854] nbd: couldn't find a device at index 925970439
[  175.733777][ T6851] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0xffff888078016000 pfn:0x78010
[  175.785645][ T6851] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  175.828896][ T6851] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  175.846155][ T6851] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  175.854935][ T6851] raw: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  175.864545][ T6851] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  175.875217][ T6851] head: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  175.884083][ T6851] head: 00fff00000000003 ffffea0001e00401 00000000ffffffff 00000000ffffffff
[  175.895482][ T6851] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  175.925992][ T6851] page dumped because: unmovable page
[  175.934766][ T6851] page_owner tracks the page as allocated
[  175.943633][ T6851] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5686, tgid 5686 (sftp-server), ts 73525452252, free_ts 73116963513
[  175.966127][ T6851]  post_alloc_hook+0x1c0/0x230
[  175.970942][ T6851]  get_page_from_freelist+0x1321/0x3890
[  176.028224][ T6851]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  176.034245][ T6851]  alloc_pages_mpol+0x1fb/0x550
[  176.048198][ T6851]  alloc_pages_noprof+0x131/0x390
[  176.053660][ T6851]  skb_page_frag_refill+0x186/0x5a0
[  176.059715][ T6851]  try_fill_recv+0x7e4/0x28a0
[  176.064435][ T6851]  virtnet_poll+0x1984/0x3c30
[  176.069650][ T6851]  __napi_poll.constprop.0+0xba/0x550
[  176.075181][ T6851]  net_rx_action+0xa9f/0xfe0
[  176.080297][ T6851]  handle_softirqs+0x219/0x8e0
[  176.085088][ T6851]  __irq_exit_rcu+0x109/0x170
[  176.093689][ T6851]  irq_exit_rcu+0x9/0x30
[  176.098264][ T6851]  common_interrupt+0xbf/0xe0
[  176.103147][ T6851]  asm_common_interrupt+0x26/0x40
[  176.108555][ T6851] page last free pid 5684 tgid 5684 stack trace:
[  176.115087][ T6851]  __free_frozen_pages+0x7fe/0x1180
[  176.135317][ T6851]  __put_partials+0x16d/0x1c0
[  176.145454][ T6851]  qlist_free_all+0x4d/0x120
[  176.163039][ T6851]  kasan_quarantine_reduce+0x195/0x1e0
[  176.176081][ T6851]  __kasan_slab_alloc+0x69/0x90
[  176.186272][ T6851]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  176.202032][ T6851]  vm_area_alloc+0x1f/0x160
[  176.212140][ T6851]  do_brk_flags+0x293/0x13f0
[  176.222287][ T6851]  __do_sys_brk+0x704/0xaa0
[  176.232404][ T6851]  do_syscall_64+0xcd/0x490
[  176.252628][ T6851]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.653635][ T6867] nbd: couldn't find a device at index 925970439
[  177.938239][ T6878] netlink: 'syz.0.166': attribute type 11 has an invalid length.
[  177.978602][ T6878] netlink: 'syz.0.166': attribute type 11 has an invalid length.
[  177.988365][ T6878] netlink: 'syz.0.166': attribute type 11 has an invalid length.
[  178.005056][ T6878] netlink: 'syz.0.166': attribute type 11 has an invalid length.
[  178.752947][ T6875] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0xffff888078016000 pfn:0x78010
[  178.763606][ T6875] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  178.772388][ T6875] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  178.803253][ T6875] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  178.931905][ T6875] raw: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  178.962043][ T6875] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  178.975907][ T6875] head: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  179.008278][ T6884] netlink: 'syz.3.167': attribute type 1 has an invalid length.
[  179.092877][ T6875] head: 00fff00000000003 ffffea0001e00401 00000000ffffffff 00000000ffffffff
[  179.132178][ T6875] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  179.144132][ T6875] page dumped because: unmovable page
[  179.204840][ T6875] page_owner tracks the page as allocated
[  179.210901][ T6875] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5686, tgid 5686 (sftp-server), ts 73525452252, free_ts 73116963513
[  179.236758][ T6875]  post_alloc_hook+0x1c0/0x230
[  179.250057][ T6875]  get_page_from_freelist+0x1321/0x3890
[  179.255658][ T6875]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  179.277128][ T6875]  alloc_pages_mpol+0x1fb/0x550
[  179.297778][ T6875]  alloc_pages_noprof+0x131/0x390
[  179.329428][ T6875]  skb_page_frag_refill+0x186/0x5a0
[  179.440255][ T6875]  try_fill_recv+0x7e4/0x28a0
[  179.445000][ T6875]  virtnet_poll+0x1984/0x3c30
[  179.481750][ T6875]  __napi_poll.constprop.0+0xba/0x550
[  179.492259][ T6875]  net_rx_action+0xa9f/0xfe0
[  179.499316][ T6875]  handle_softirqs+0x219/0x8e0
[  179.506877][ T6875]  __irq_exit_rcu+0x109/0x170
[  179.531817][ T6875]  irq_exit_rcu+0x9/0x30
[  179.557419][ T6875]  common_interrupt+0xbf/0xe0
[  179.574365][ T6875]  asm_common_interrupt+0x26/0x40
[  179.595896][ T6875] page last free pid 5684 tgid 5684 stack trace:
[  179.607799][ T6875]  __free_frozen_pages+0x7fe/0x1180
[  179.616294][ T6875]  __put_partials+0x16d/0x1c0
[  179.625580][ T6875]  qlist_free_all+0x4d/0x120
[  179.658646][ T6875]  kasan_quarantine_reduce+0x195/0x1e0
[  179.664143][ T6875]  __kasan_slab_alloc+0x69/0x90
[  179.686093][ T6875]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  179.696639][ T6875]  vm_area_alloc+0x1f/0x160
[  179.708732][ T6875]  do_brk_flags+0x293/0x13f0
[  179.726158][ T6875]  __do_sys_brk+0x704/0xaa0
[  179.736314][ T6875]  do_syscall_64+0xcd/0x490
[  179.747189][ T6875]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  180.028389][ T6895] FAULT_INJECTION: forcing a failure.
[  180.028389][ T6895] name failslab, interval 1, probability 0, space 0, times 1
[  180.043550][ T6895] CPU: 0 UID: 0 PID: 6895 Comm: syz.1.169 Not tainted 6.15.0-syzkaller-13804-g939f15e640f1 #0 PREEMPT(full) 
[  180.043595][ T6895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  180.043611][ T6895] Call Trace:
[  180.043621][ T6895]  <TASK>
[  180.043631][ T6895]  dump_stack_lvl+0x16c/0x1f0
[  180.043683][ T6895]  should_fail_ex+0x512/0x640
[  180.043725][ T6895]  ? __kmalloc_noprof+0xbf/0x510
[  180.043768][ T6895]  ? lsm_blob_alloc+0x68/0x90
[  180.043809][ T6895]  should_failslab+0xc2/0x120
[  180.043835][ T6895]  __kmalloc_noprof+0xd2/0x510
[  180.043883][ T6895]  lsm_blob_alloc+0x68/0x90
[  180.043925][ T6895]  security_sk_alloc+0x30/0x270
[  180.043956][ T6895]  sk_prot_alloc+0xfb/0x2a0
[  180.043993][ T6895]  sk_alloc+0x36/0xc20
[  180.044036][ T6895]  inet_create+0x3a1/0x1090
[  180.044077][ T6895]  ? inet_create+0x93/0x1090
[  180.044123][ T6895]  __sock_create+0x338/0x8d0
[  180.044165][ T6895]  inet_ctl_sock_create+0x94/0x230
[  180.044205][ T6895]  ? __pfx_inet_ctl_sock_create+0x10/0x10
[  180.044243][ T6895]  ? lockdep_init_map_type+0x5c/0x280
[  180.044281][ T6895]  ? lockdep_init_map_type+0x5c/0x280
[  180.044320][ T6895]  ? __pfx_igmp_net_init+0x10/0x10
[  180.044362][ T6895]  igmp_net_init+0xd0/0x1a0
[  180.044405][ T6895]  ops_init+0x1df/0x5f0
[  180.044437][ T6895]  setup_net+0x1ff/0x510
[  180.044463][ T6895]  ? lockdep_init_map_type+0x5c/0x280
[  180.044501][ T6895]  ? __pfx_setup_net+0x10/0x10
[  180.044532][ T6895]  ? debug_mutex_init+0x37/0x70
[  180.044563][ T6895]  copy_net_ns+0x2a6/0x5f0
[  180.044604][ T6895]  create_new_namespaces+0x3ea/0xa90
[  180.044643][ T6895]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  180.044676][ T6895]  ksys_unshare+0x45b/0xa40
[  180.044714][ T6895]  ? __pfx_ksys_unshare+0x10/0x10
[  180.044751][ T6895]  ? xfd_validate_state+0x61/0x180
[  180.044798][ T6895]  __x64_sys_unshare+0x31/0x40
[  180.044833][ T6895]  do_syscall_64+0xcd/0x490
[  180.044862][ T6895]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  180.044890][ T6895] RIP: 0033:0x7f8b1e78e929
[  180.044918][ T6895] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  180.044945][ T6895] RSP: 002b:00007f8b1f664038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  180.044975][ T6895] RAX: ffffffffffffffda RBX: 00007f8b1e9b5fa0 RCX: 00007f8b1e78e929
[  180.044993][ T6895] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  180.045008][ T6895] RBP: 00007f8b1e810b39 R08: 0000000000000000 R09: 0000000000000000
[  180.045024][ T6895] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  180.045039][ T6895] R13: 0000000000000000 R14: 00007f8b1e9b5fa0 R15: 00007ffd83031cf8
[  180.045074][ T6895]  </TASK>
[  180.045155][ T6895] Failed to initialize the IGMP autojoin socket (err -12)
[  181.258492][ T6910] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0xffff888078016000 pfn:0x78010
[  181.273363][ T6910] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  181.284316][ T6910] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  181.293898][ T6910] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  181.309743][ T6910] raw: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  181.319547][ T6910] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  181.329476][ T6910] head: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  181.348459][ T6910] head: 00fff00000000003 ffffea0001e00401 00000000ffffffff 00000000ffffffff
[  181.361786][ T6910] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  181.391086][ T6912] netlink: 'syz.2.172': attribute type 11 has an invalid length.
[  181.399506][ T6912] netlink: 'syz.2.172': attribute type 11 has an invalid length.
[  181.573985][ T6910] page dumped because: unmovable page
[  181.580891][ T6912] netlink: 'syz.2.172': attribute type 11 has an invalid length.
[  181.600797][ T6910] page_owner tracks the page as allocated
[  181.619644][ T6910] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5686, tgid 5686 (sftp-server), ts 73525452252, free_ts 73116963513
[  181.641538][ T6912] netlink: 'syz.2.172': attribute type 11 has an invalid length.
[  181.680040][ T6910]  post_alloc_hook+0x1c0/0x230
[  181.684939][ T6910]  get_page_from_freelist+0x1321/0x3890
[  181.690992][ T6910]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  181.700408][ T6910]  alloc_pages_mpol+0x1fb/0x550
[  181.705333][ T6910]  alloc_pages_noprof+0x131/0x390
[  181.710782][ T6910]  skb_page_frag_refill+0x186/0x5a0
[  181.716393][ T6910]  try_fill_recv+0x7e4/0x28a0
[  181.721975][ T6910]  virtnet_poll+0x1984/0x3c30
[  181.727192][ T6910]  __napi_poll.constprop.0+0xba/0x550
[  181.732657][ T6910]  net_rx_action+0xa9f/0xfe0
[  181.738384][ T6910]  handle_softirqs+0x219/0x8e0
[  181.743644][ T6910]  __irq_exit_rcu+0x109/0x170
[  181.750354][ T6910]  irq_exit_rcu+0x9/0x30
[  181.756516][ T6910]  common_interrupt+0xbf/0xe0
[  181.764358][ T6910]  asm_common_interrupt+0x26/0x40
[  181.771016][ T6910] page last free pid 5684 tgid 5684 stack trace:
[  181.781345][ T6910]  __free_frozen_pages+0x7fe/0x1180
[  181.787742][ T6910]  __put_partials+0x16d/0x1c0
[  181.792479][ T6910]  qlist_free_all+0x4d/0x120
[  181.929929][ T6910]  kasan_quarantine_reduce+0x195/0x1e0
[  181.935570][ T6910]  __kasan_slab_alloc+0x69/0x90
[  181.948596][ T6910]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  181.956563][ T6910]  vm_area_alloc+0x1f/0x160
[  181.973324][ T6910]  do_brk_flags+0x293/0x13f0
[  181.980114][ T6910]  __do_sys_brk+0x704/0xaa0
[  181.984680][ T6910]  do_syscall_64+0xcd/0x490
[  182.044097][ T6910]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.201396][ T6912] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0xffff888078016000 pfn:0x78010
[  182.296174][ T6912] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  182.304824][ T6912] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  182.350882][ T6912] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  182.398969][ T6912] raw: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  182.437628][ T6912] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  182.448817][ T6912] head: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  182.459150][ T6912] head: 00fff00000000003 ffffea0001e00401 00000000ffffffff 00000000ffffffff
[  182.535749][ T6912] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  182.574064][ T6912] page dumped because: unmovable page
[  182.579657][ T6912] page_owner tracks the page as allocated
[  182.585447][ T6912] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5686, tgid 5686 (sftp-server), ts 73525452252, free_ts 73116963513
[  182.605731][ T6912]  post_alloc_hook+0x1c0/0x230
[  182.610844][ T6912]  get_page_from_freelist+0x1321/0x3890
[  182.618074][ T6912]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  182.638456][ T6912]  alloc_pages_mpol+0x1fb/0x550
[  182.643459][ T6912]  alloc_pages_noprof+0x131/0x390
[  182.648781][ T6912]  skb_page_frag_refill+0x186/0x5a0
[  182.654135][ T6912]  try_fill_recv+0x7e4/0x28a0
[  182.659151][ T6912]  virtnet_poll+0x1984/0x3c30
[  182.663919][ T6912]  __napi_poll.constprop.0+0xba/0x550
[  182.669554][ T6912]  net_rx_action+0xa9f/0xfe0
[  182.674229][ T6912]  handle_softirqs+0x219/0x8e0
[  182.679842][ T6912]  __irq_exit_rcu+0x109/0x170
[  182.684587][ T6912]  irq_exit_rcu+0x9/0x30
[  182.756151][ T6912]  common_interrupt+0xbf/0xe0
[  182.776355][ T6912]  asm_common_interrupt+0x26/0x40
[  182.794289][ T6912] page last free pid 5684 tgid 5684 stack trace:
[  182.800832][ T6912]  __free_frozen_pages+0x7fe/0x1180
[  182.809464][ T6912]  __put_partials+0x16d/0x1c0
[  182.826146][ T6912]  qlist_free_all+0x4d/0x120
[  182.831153][ T6912]  kasan_quarantine_reduce+0x195/0x1e0
[  182.851523][ T6912]  __kasan_slab_alloc+0x69/0x90
[  182.858701][ T6912]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  182.864288][ T6912]  vm_area_alloc+0x1f/0x160
[  182.871906][ T6912]  do_brk_flags+0x293/0x13f0
[  182.876974][ T6912]  __do_sys_brk+0x704/0xaa0
[  182.882588][ T6912]  do_syscall_64+0xcd/0x490
[  182.887428][ T6912]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.269427][ T6953] netlink: 'syz.3.179': attribute type 11 has an invalid length.
[  184.286126][ T6953] netlink: 'syz.3.179': attribute type 11 has an invalid length.
[  184.300543][ T6953] netlink: 'syz.3.179': attribute type 11 has an invalid length.
[  184.309582][ T6953] netlink: 'syz.3.179': attribute type 11 has an invalid length.
[  184.996323][ T6946] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0xffff888078016000 pfn:0x78010
[  185.006724][ T6946] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  185.015281][ T6946] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  185.023455][ T6946] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  185.033142][ T6946] raw: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  185.042525][ T6946] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  185.051400][ T6946] head: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  185.060184][ T6946] head: 00fff00000000003 ffffea0001e00401 00000000ffffffff 00000000ffffffff
[  185.069024][ T6946] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  185.077805][ T6946] page dumped because: unmovable page
[  185.083253][ T6946] page_owner tracks the page as allocated
[  185.089121][ T6946] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5686, tgid 5686 (sftp-server), ts 73525452252, free_ts 73116963513
[  185.108588][ T6946]  post_alloc_hook+0x1c0/0x230
[  185.113415][ T6946]  get_page_from_freelist+0x1321/0x3890
[  185.156420][ T6946]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  185.172239][ T6946]  alloc_pages_mpol+0x1fb/0x550
[  185.177410][ T6946]  alloc_pages_noprof+0x131/0x390
[  185.183477][ T6946]  skb_page_frag_refill+0x186/0x5a0
[  185.203885][ T6946]  try_fill_recv+0x7e4/0x28a0
[  185.208879][ T6946]  virtnet_poll+0x1984/0x3c30
[  185.213715][ T6946]  __napi_poll.constprop.0+0xba/0x550
[  185.219415][ T6946]  net_rx_action+0xa9f/0xfe0
[  185.224172][ T6946]  handle_softirqs+0x219/0x8e0
[  185.229440][ T6946]  __irq_exit_rcu+0x109/0x170
[  185.234170][ T6946]  irq_exit_rcu+0x9/0x30
[  185.242824][ T6961] netlink: 'syz.1.181': attribute type 11 has an invalid length.
[  185.255109][ T6961] netlink: 'syz.1.181': attribute type 11 has an invalid length.
[  185.271623][ T6946]  common_interrupt+0xbf/0xe0
[  185.276695][ T6946]  asm_common_interrupt+0x26/0x40
[  185.281770][ T6946] page last free pid 5684 tgid 5684 stack trace:
[  185.306364][ T6946]  __free_frozen_pages+0x7fe/0x1180
[  185.325700][ T6946]  __put_partials+0x16d/0x1c0
[  185.378086][ T6946]  qlist_free_all+0x4d/0x120
[  185.382801][ T6946]  kasan_quarantine_reduce+0x195/0x1e0
[  185.420744][ T6946]  __kasan_slab_alloc+0x69/0x90
[  185.425645][ T6946]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  185.476280][ T6946]  vm_area_alloc+0x1f/0x160
[  185.480833][ T6946]  do_brk_flags+0x293/0x13f0
[  185.539923][ T6946]  __do_sys_brk+0x704/0xaa0
[  185.581494][ T6946]  do_syscall_64+0xcd/0x490
[  185.591496][ T6946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.692678][ T6963] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0xffff888078016000 pfn:0x78010
[  185.761109][ T6963] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  185.790655][ T6963] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  185.801231][ T6963] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  185.832117][ T6963] raw: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  185.842238][ T6963] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  185.856507][ T6963] head: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  186.079917][ T6963] head: 00fff00000000003 ffffea0001e00401 00000000ffffffff 00000000ffffffff
[  186.143926][ T6963] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  186.230505][ T6963] page dumped because: unmovable page
[  186.235993][ T6963] page_owner tracks the page as allocated
[  186.242077][ T6963] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5686, tgid 5686 (sftp-server), ts 73525452252, free_ts 73116963513
[  186.262092][ T6963]  post_alloc_hook+0x1c0/0x230
[  186.301107][ T6963]  get_page_from_freelist+0x1321/0x3890
[  186.307741][ T6963]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  186.313769][ T6963]  alloc_pages_mpol+0x1fb/0x550
[  186.319266][ T6963]  alloc_pages_noprof+0x131/0x390
[  186.324353][ T6963]  skb_page_frag_refill+0x186/0x5a0
[  186.332285][ T6963]  try_fill_recv+0x7e4/0x28a0
[  186.338167][ T6963]  virtnet_poll+0x1984/0x3c30
[  186.342916][ T6963]  __napi_poll.constprop.0+0xba/0x550
[  186.348706][ T6963]  net_rx_action+0xa9f/0xfe0
[  186.372004][ T6963]  handle_softirqs+0x219/0x8e0
[  186.410529][ T6963]  __irq_exit_rcu+0x109/0x170
[  186.415680][ T6963]  irq_exit_rcu+0x9/0x30
[  186.420450][ T6963]  common_interrupt+0xbf/0xe0
[  186.425340][ T6963]  asm_common_interrupt+0x26/0x40
[  186.466191][ T6963] page last free pid 5684 tgid 5684 stack trace:
[  186.475223][ T6963]  __free_frozen_pages+0x7fe/0x1180
[  186.480688][ T6963]  __put_partials+0x16d/0x1c0
[  186.491349][ T6963]  qlist_free_all+0x4d/0x120
[  186.496284][ T6963]  kasan_quarantine_reduce+0x195/0x1e0
[  186.524769][ T6963]  __kasan_slab_alloc+0x69/0x90
[  186.552891][ T6963]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  186.560090][ T6963]  vm_area_alloc+0x1f/0x160
[  186.564806][ T6963]  do_brk_flags+0x293/0x13f0
[  186.572241][ T6963]  __do_sys_brk+0x704/0xaa0
[  186.585642][ T6963]  do_syscall_64+0xcd/0x490
[  186.599319][ T6963]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.800030][   T30] audit: type=1800 audit(6044417989.732:4): pid=6986 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.185" name="file0" dev="tmpfs" ino=250 res=0 errno=0
[  188.319995][ T6994] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  188.726197][ T7009] nla_validate_range_unsigned: 2 callbacks suppressed
[  188.726218][ T7009] netlink: 'syz.0.188': attribute type 11 has an invalid length.
[  188.751073][ T7009] netlink: 'syz.0.188': attribute type 11 has an invalid length.
[  188.761154][ T7009] netlink: 'syz.0.188': attribute type 11 has an invalid length.
[  188.810830][ T7009] netlink: 'syz.0.188': attribute type 11 has an invalid length.
[  194.216170][ T7078] netlink: 'syz.1.199': attribute type 11 has an invalid length.
[  194.295635][ T7078] netlink: 'syz.1.199': attribute type 11 has an invalid length.
[  194.733325][ T7083] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0xffff888078016000 pfn:0x78010
[  194.956093][ T7083] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  195.161646][ T7083] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  195.385883][ T7083] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  195.434233][ T7083] raw: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  195.539562][ T7083] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  195.548495][ T7083] head: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  195.557318][ T7083] head: 00fff00000000003 ffffea0001e00401 00000000ffffffff 00000000ffffffff
[  195.566143][ T7083] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  195.586081][ T7083] page dumped because: unmovable page
[  195.591487][ T7083] page_owner tracks the page as allocated
[  195.636164][ T7083] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5686, tgid 5686 (sftp-server), ts 73525452252, free_ts 73116963513
[  195.799853][ T7083]  post_alloc_hook+0x1c0/0x230
[  195.804791][ T7083]  get_page_from_freelist+0x1321/0x3890
[  195.811002][ T7083]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  195.831012][ T7083]  alloc_pages_mpol+0x1fb/0x550
[  195.886407][ T7083]  alloc_pages_noprof+0x131/0x390
[  195.891473][ T7083]  skb_page_frag_refill+0x186/0x5a0
[  195.955759][ T7083]  try_fill_recv+0x7e4/0x28a0
[  196.010535][ T7083]  virtnet_poll+0x1984/0x3c30
[  196.020669][ T7083]  __napi_poll.constprop.0+0xba/0x550
[  196.030783][ T7083]  net_rx_action+0xa9f/0xfe0
[  196.035434][ T7083]  handle_softirqs+0x219/0x8e0
[  196.076456][ T7083]  __irq_exit_rcu+0x109/0x170
[  196.081261][ T7083]  irq_exit_rcu+0x9/0x30
[  196.085527][ T7083]  common_interrupt+0xbf/0xe0
[  196.116529][ T7083]  asm_common_interrupt+0x26/0x40
[  196.130562][ T7083] page last free pid 5684 tgid 5684 stack trace:
[  196.148879][ T7083]  __free_frozen_pages+0x7fe/0x1180
[  196.161225][ T7083]  __put_partials+0x16d/0x1c0
[  196.174040][ T7083]  qlist_free_all+0x4d/0x120
[  196.192683][ T7083]  kasan_quarantine_reduce+0x195/0x1e0
[  196.212944][ T7083]  __kasan_slab_alloc+0x69/0x90
[  196.243303][ T7083]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  196.259705][ T7083]  vm_area_alloc+0x1f/0x160
[  196.284728][ T7083]  do_brk_flags+0x293/0x13f0
[  196.300862][ T7083]  __do_sys_brk+0x704/0xaa0
[  196.315612][ T7083]  do_syscall_64+0xcd/0x490
[  196.325724][ T7083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.534861][ T7099] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0xffff888078016000 pfn:0x78010
[  196.545223][ T7099] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  196.642518][ T7099] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  196.677149][ T7099] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  196.919802][ T7099] raw: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  196.996319][ T7099] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  197.050877][ T7099] head: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  197.091431][ T7099] head: 00fff00000000003 ffffea0001e00401 00000000ffffffff 00000000ffffffff
[  197.110541][ T7099] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  197.133877][ T7099] page dumped because: unmovable page
[  197.139651][ T7099] page_owner tracks the page as allocated
[  197.145531][ T7099] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5686, tgid 5686 (sftp-server), ts 73525452252, free_ts 73116963513
[  197.206157][ T7099]  post_alloc_hook+0x1c0/0x230
[  197.219109][ T7099]  get_page_from_freelist+0x1321/0x3890
[  197.235374][ T7099]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  197.242644][ T7099]  alloc_pages_mpol+0x1fb/0x550
[  197.256309][ T7099]  alloc_pages_noprof+0x131/0x390
[  197.261381][ T7099]  skb_page_frag_refill+0x186/0x5a0
[  197.276421][ T7099]  try_fill_recv+0x7e4/0x28a0
[  197.352397][ T7099]  virtnet_poll+0x1984/0x3c30
[  197.372574][ T7099]  __napi_poll.constprop.0+0xba/0x550
[  197.378300][ T7099]  net_rx_action+0xa9f/0xfe0
[  197.397518][ T7099]  handle_softirqs+0x219/0x8e0
[  197.412665][ T7099]  __irq_exit_rcu+0x109/0x170
[  197.436108][ T7099]  irq_exit_rcu+0x9/0x30
[  197.447672][ T7099]  common_interrupt+0xbf/0xe0
[  197.459589][ T7112] netlink: 'syz.1.207': attribute type 11 has an invalid length.
[  197.478575][ T7112] netlink: 'syz.1.207': attribute type 11 has an invalid length.
[  197.482157][ T7099]  asm_common_interrupt+0x26/0x40
[  197.491768][ T7099] page last free pid 5684 tgid 5684 stack trace:
[  197.529320][ T7099]  __free_frozen_pages+0x7fe/0x1180
[  197.550710][ T7099]  __put_partials+0x16d/0x1c0
[  197.563266][ T7099]  qlist_free_all+0x4d/0x120
[  197.586178][ T7099]  kasan_quarantine_reduce+0x195/0x1e0
[  197.626875][ T7099]  __kasan_slab_alloc+0x69/0x90
[  197.673012][ T7099]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  197.701139][ T7099]  vm_area_alloc+0x1f/0x160
[  197.705686][ T7099]  do_brk_flags+0x293/0x13f0
[  197.767917][ T7099]  __do_sys_brk+0x704/0xaa0
[  197.775001][ T7099]  do_syscall_64+0xcd/0x490
[  197.809084][ T7099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.195970][ T7109] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0xffff888078016000 pfn:0x78010
[  198.206545][ T7109] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  198.215119][ T7109] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  198.223602][ T7109] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  198.328722][ T7109] raw: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  198.343038][ T7109] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  198.392458][ T7109] head: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  198.401380][ T7109] head: 00fff00000000003 ffffea0001e00401 00000000ffffffff 00000000ffffffff
[  198.410313][ T7109] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  198.446997][ T7109] page dumped because: unmovable page
[  198.452733][ T7109] page_owner tracks the page as allocated
[  198.494541][ T7109] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5686, tgid 5686 (sftp-server), ts 73525452252, free_ts 73116963513
[  198.516072][ T7109]  post_alloc_hook+0x1c0/0x230
[  198.523718][ T7109]  get_page_from_freelist+0x1321/0x3890
[  198.543969][ T7109]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  198.561353][ T7109]  alloc_pages_mpol+0x1fb/0x550
[  198.566681][ T7109]  alloc_pages_noprof+0x131/0x390
[  198.574655][ T7109]  skb_page_frag_refill+0x186/0x5a0
[  198.581275][ T7109]  try_fill_recv+0x7e4/0x28a0
[  198.668558][ T7109]  virtnet_poll+0x1984/0x3c30
[  198.716254][ T7109]  __napi_poll.constprop.0+0xba/0x550
[  198.721703][ T7109]  net_rx_action+0xa9f/0xfe0
[  198.726576][ T7109]  handle_softirqs+0x219/0x8e0
[  198.731381][ T7109]  __irq_exit_rcu+0x109/0x170
[  198.736186][ T7109]  irq_exit_rcu+0x9/0x30
[  198.740600][ T7109]  common_interrupt+0xbf/0xe0
[  198.746169][ T7109]  asm_common_interrupt+0x26/0x40
[  198.757065][ T7109] page last free pid 5684 tgid 5684 stack trace:
[  198.763571][ T7109]  __free_frozen_pages+0x7fe/0x1180
[  198.768991][ T7109]  __put_partials+0x16d/0x1c0
[  198.773864][ T7109]  qlist_free_all+0x4d/0x120
[  198.783994][ T7109]  kasan_quarantine_reduce+0x195/0x1e0
[  198.789683][ T7109]  __kasan_slab_alloc+0x69/0x90
[  198.795348][ T7109]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  198.825769][ T7109]  vm_area_alloc+0x1f/0x160
[  198.835879][ T7109]  do_brk_flags+0x293/0x13f0
[  198.851931][ T7109]  __do_sys_brk+0x704/0xaa0
[  198.876168][ T7109]  do_syscall_64+0xcd/0x490
[  198.888853][ T7109]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.171193][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[  199.177820][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[  199.923801][ T7141] netlink: 'syz.0.211': attribute type 11 has an invalid length.
[  199.932396][ T7141] netlink: 'syz.0.211': attribute type 11 has an invalid length.
[  199.941233][ T7141] netlink: 'syz.0.211': attribute type 11 has an invalid length.
[  200.079558][ T7145] netlink: 342 bytes leftover after parsing attributes in process `syz.1.214'.
[  200.587663][ T7150] netlink: 'syz.3.213': attribute type 11 has an invalid length.
[  200.609615][ T7150] netlink: 'syz.3.213': attribute type 11 has an invalid length.
[  200.627769][ T7150] netlink: 'syz.3.213': attribute type 11 has an invalid length.
[  200.706568][ T7148] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0xffff888078016000 pfn:0x78010
[  200.726803][ T7148] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  200.735408][ T7148] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  200.820396][ T7148] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  200.846127][ T7148] raw: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  200.864716][ T7148] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  200.896194][ T7148] head: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  200.905732][ T7148] head: 00fff00000000003 ffffea0001e00401 00000000ffffffff 00000000ffffffff
[  200.935681][ T7148] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  200.951653][ T7148] page dumped because: unmovable page
[  200.958364][ T7148] page_owner tracks the page as allocated
[  200.964126][ T7148] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5686, tgid 5686 (sftp-server), ts 73525452252, free_ts 73116963513
[  200.983894][ T7148]  post_alloc_hook+0x1c0/0x230
[  201.016196][ T7148]  get_page_from_freelist+0x1321/0x3890
[  201.023402][ T7148]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  201.034492][ T7148]  alloc_pages_mpol+0x1fb/0x550
[  201.039911][ T7148]  alloc_pages_noprof+0x131/0x390
[  201.045994][ T7148]  skb_page_frag_refill+0x186/0x5a0
[  201.051948][ T7148]  try_fill_recv+0x7e4/0x28a0
[  201.057153][ T7148]  virtnet_poll+0x1984/0x3c30
[  201.067348][ T7148]  __napi_poll.constprop.0+0xba/0x550
[  201.072862][ T7148]  net_rx_action+0xa9f/0xfe0
[  201.081089][ T7148]  handle_softirqs+0x219/0x8e0
[  201.118648][ T7148]  __irq_exit_rcu+0x109/0x170
[  201.177048][ T7148]  irq_exit_rcu+0x9/0x30
[  201.217894][ T7148]  common_interrupt+0xbf/0xe0
[  201.222651][ T7148]  asm_common_interrupt+0x26/0x40
[  201.228340][ T7148] page last free pid 5684 tgid 5684 stack trace:
[  201.234708][ T7148]  __free_frozen_pages+0x7fe/0x1180
[  201.261254][ T7148]  __put_partials+0x16d/0x1c0
[  201.272841][ T7148]  qlist_free_all+0x4d/0x120
[  201.276733][ T7154] netlink: 8 bytes leftover after parsing attributes in process `syz.1.216'.
[  201.296201][ T7148]  kasan_quarantine_reduce+0x195/0x1e0
[  201.314588][ T7148]  __kasan_slab_alloc+0x69/0x90
[  201.320678][ T7148]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  201.327817][ T7148]  vm_area_alloc+0x1f/0x160
[  201.332373][ T7148]  do_brk_flags+0x293/0x13f0
[  201.337444][ T7148]  __do_sys_brk+0x704/0xaa0
[  201.341999][ T7148]  do_syscall_64+0xcd/0x490
[  201.346927][ T7148]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.149381][ T7172] netlink: 'syz.0.219': attribute type 11 has an invalid length.
[  202.157526][ T7172] netlink: 'syz.0.219': attribute type 11 has an invalid length.
[  202.434551][ T7177] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0xffff888078016000 pfn:0x78010
[  202.457824][ T7175] netlink: 28 bytes leftover after parsing attributes in process `syz.2.218'.
[  202.557207][ T7177] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  202.579331][ T7177] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  202.593201][ T7177] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  202.604100][ T7177] raw: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  202.613979][ T7174] netlink: 28 bytes leftover after parsing attributes in process `syz.2.218'.
[  202.629787][ T7175] bridge0: port 2(bridge_slave_1) entered disabled state
[  202.647995][ T7177] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  202.664079][ T7177] head: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  202.673089][ T7177] head: 00fff00000000003 ffffea0001e00401 00000000ffffffff 00000000ffffffff
[  202.682627][ T7177] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  202.691755][ T7177] page dumped because: unmovable page
[  202.699083][ T7177] page_owner tracks the page as allocated
[  202.704837][ T7177] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5686, tgid 5686 (sftp-server), ts 73525452252, free_ts 73116963513
[  202.734809][ T7177]  post_alloc_hook+0x1c0/0x230
[  202.741378][ T7177]  get_page_from_freelist+0x1321/0x3890
[  202.808453][ T7177]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  202.814486][ T7177]  alloc_pages_mpol+0x1fb/0x550
[  202.820722][ T7177]  alloc_pages_noprof+0x131/0x390
[  202.827548][ T7177]  skb_page_frag_refill+0x186/0x5a0
[  202.834596][ T7177]  try_fill_recv+0x7e4/0x28a0
[  202.870289][ T7177]  virtnet_poll+0x1984/0x3c30
[  202.904240][ T7177]  __napi_poll.constprop.0+0xba/0x550
[  202.948241][ T7177]  net_rx_action+0xa9f/0xfe0
[  202.972631][ T7177]  handle_softirqs+0x219/0x8e0
[  202.978192][ T7177]  __irq_exit_rcu+0x109/0x170
[  202.990832][ T7177]  irq_exit_rcu+0x9/0x30
[  202.995221][ T7177]  common_interrupt+0xbf/0xe0
[  203.043239][ T7177]  asm_common_interrupt+0x26/0x40
[  203.061927][ T7177] page last free pid 5684 tgid 5684 stack trace:
[  203.076118][ T7177]  __free_frozen_pages+0x7fe/0x1180
[  203.090261][ T7177]  __put_partials+0x16d/0x1c0
[  203.095025][ T7177]  qlist_free_all+0x4d/0x120
[  203.099960][ T7177]  kasan_quarantine_reduce+0x195/0x1e0
[  203.108919][ T7177]  __kasan_slab_alloc+0x69/0x90
[  203.115810][ T7177]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  203.136142][ T7177]  vm_area_alloc+0x1f/0x160
[  203.140697][ T7177]  do_brk_flags+0x293/0x13f0
[  203.145305][ T7177]  __do_sys_brk+0x704/0xaa0
[  203.155899][ T7177]  do_syscall_64+0xcd/0x490
[  203.161090][ T7177]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.180555][ T7175] bridge_slave_1 (unregistering): left allmulticast mode
[  203.190908][ T7175] bridge_slave_1 (unregistering): left promiscuous mode
[  203.213327][ T7175] bridge0: port 2(bridge_slave_1) entered disabled state
[  204.184134][ T7225] netlink: 'syz.0.224': attribute type 11 has an invalid length.
[  204.192104][ T7225] netlink: 'syz.0.224': attribute type 11 has an invalid length.
[  204.255372][ T7229] netlink: 342 bytes leftover after parsing attributes in process `syz.3.227'.
[  204.948329][ T7217] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0xffff888078016000 pfn:0x78010
[  204.963221][ T7217] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  204.990576][ T7217] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  204.999294][ T7217] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  205.008911][ T7217] raw: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  205.017656][ T7217] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  205.026519][ T7217] head: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  205.035242][ T7217] head: 00fff00000000003 ffffea0001e00401 00000000ffffffff 00000000ffffffff
[  205.049665][ T7217] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  205.058589][ T7217] page dumped because: unmovable page
[  205.063991][ T7217] page_owner tracks the page as allocated
[  205.071371][ T7217] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5686, tgid 5686 (sftp-server), ts 73525452252, free_ts 73116963513
[  205.094721][ T7217]  post_alloc_hook+0x1c0/0x230
[  205.094766][ T7217]  get_page_from_freelist+0x1321/0x3890
[  205.094806][ T7217]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  205.094845][ T7217]  alloc_pages_mpol+0x1fb/0x550
[  205.094868][ T7217]  alloc_pages_noprof+0x131/0x390
[  205.094891][ T7217]  skb_page_frag_refill+0x186/0x5a0
[  205.094923][ T7217]  try_fill_recv+0x7e4/0x28a0
[  205.094956][ T7217]  virtnet_poll+0x1984/0x3c30
[  205.094996][ T7217]  __napi_poll.constprop.0+0xba/0x550
[  205.095033][ T7217]  net_rx_action+0xa9f/0xfe0
[  205.095068][ T7217]  handle_softirqs+0x219/0x8e0
[  205.095094][ T7217]  __irq_exit_rcu+0x109/0x170
[  205.095117][ T7217]  irq_exit_rcu+0x9/0x30
[  205.095141][ T7217]  common_interrupt+0xbf/0xe0
[  205.095168][ T7217]  asm_common_interrupt+0x26/0x40
[  205.095192][ T7217] page last free pid 5684 tgid 5684 stack trace:
[  205.095208][ T7217]  __free_frozen_pages+0x7fe/0x1180
[  205.095239][ T7217]  __put_partials+0x16d/0x1c0
[  205.095276][ T7217]  qlist_free_all+0x4d/0x120
[  205.095313][ T7217]  kasan_quarantine_reduce+0x195/0x1e0
[  205.095353][ T7217]  __kasan_slab_alloc+0x69/0x90
[  205.095395][ T7217]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  205.095436][ T7217]  vm_area_alloc+0x1f/0x160
[  205.095470][ T7217]  do_brk_flags+0x293/0x13f0
[  205.095512][ T7217]  __do_sys_brk+0x704/0xaa0
[  205.095541][ T7217]  do_syscall_64+0xcd/0x490
[  205.095565][ T7217]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.214295][ T7243] nla_validate_range_unsigned: 1 callbacks suppressed
[  205.214311][ T7243] netlink: 'syz.1.228': attribute type 11 has an invalid length.
[  205.214327][ T7243] netlink: 'syz.1.228': attribute type 11 has an invalid length.
[  205.214349][ T7243] netlink: 'syz.1.228': attribute type 11 has an invalid length.
[  205.430010][ T7247] nbd: couldn't find a device at index 925970439
[  206.032803][ T7245] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0xffff888078016000 pfn:0x78010
[  206.032839][ T7245] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  206.032857][ T7245] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  206.032890][ T7245] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  206.032912][ T7245] raw: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  206.032932][ T7245] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  206.032953][ T7245] head: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  206.032973][ T7245] head: 00fff00000000003 ffffea0001e00401 00000000ffffffff 00000000ffffffff
[  206.032994][ T7245] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  206.033007][ T7245] page dumped because: unmovable page
[  206.033018][ T7245] page_owner tracks the page as allocated
[  206.033027][ T7245] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5686, tgid 5686 (sftp-server), ts 73525452252, free_ts 73116963513
[  206.033063][ T7245]  post_alloc_hook+0x1c0/0x230
[  206.033093][ T7245]  get_page_from_freelist+0x1321/0x3890
[  206.033123][ T7245]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  206.033156][ T7245]  alloc_pages_mpol+0x1fb/0x550
[  206.033174][ T7245]  alloc_pages_noprof+0x131/0x390
[  206.033192][ T7245]  skb_page_frag_refill+0x186/0x5a0
[  206.033218][ T7245]  try_fill_recv+0x7e4/0x28a0
[  206.033243][ T7245]  virtnet_poll+0x1984/0x3c30
[  206.033268][ T7245]  __napi_poll.constprop.0+0xba/0x550
[  206.033300][ T7245]  net_rx_action+0xa9f/0xfe0
[  206.033330][ T7245]  handle_softirqs+0x219/0x8e0
[  206.033351][ T7245]  __irq_exit_rcu+0x109/0x170
[  206.033371][ T7245]  irq_exit_rcu+0x9/0x30
[  206.033392][ T7245]  common_interrupt+0xbf/0xe0
[  206.033416][ T7245]  asm_common_interrupt+0x26/0x40
[  206.033437][ T7245] page last free pid 5684 tgid 5684 stack trace:
[  206.033449][ T7245]  __free_frozen_pages+0x7fe/0x1180
[  206.033475][ T7245]  __put_partials+0x16d/0x1c0
[  206.033501][ T7245]  qlist_free_all+0x4d/0x120
[  206.033529][ T7245]  kasan_quarantine_reduce+0x195/0x1e0
[  206.033558][ T7245]  __kasan_slab_alloc+0x69/0x90
[  206.033590][ T7245]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  206.033621][ T7245]  vm_area_alloc+0x1f/0x160
[  206.033646][ T7245]  do_brk_flags+0x293/0x13f0
[  206.033677][ T7245]  __do_sys_brk+0x704/0xaa0
[  206.033698][ T7245]  do_syscall_64+0xcd/0x490
[  206.033716][ T7245]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.600193][ T7259] nbd: couldn't find a device at index 925970439
[  207.225981][ T7267] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0xffff888078016000 pfn:0x78010
[  207.266496][ T7267] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  207.293897][ T7267] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  207.322978][ T7267] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  207.347250][ T7267] raw: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  207.357357][ T7267] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  207.496544][ T7267] head: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  207.552354][ T7267] head: 00fff00000000003 ffffea0001e00401 00000000ffffffff 00000000ffffffff
[  207.575448][ T7274] netlink: 'syz.1.233': attribute type 11 has an invalid length.
[  207.582898][ T7267] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  207.592410][ T7267] page dumped because: unmovable page
[  207.598307][ T7274] netlink: 'syz.1.233': attribute type 11 has an invalid length.
[  207.605897][ T7267] page_owner tracks the page as allocated
[  207.620856][ T7267] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5686, tgid 5686 (sftp-server), ts 73525452252, free_ts 73116963513
[  207.689407][ T7267]  post_alloc_hook+0x1c0/0x230
[  207.694328][ T7267]  get_page_from_freelist+0x1321/0x3890
[  207.721827][ T7267]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  207.730227][ T7267]  alloc_pages_mpol+0x1fb/0x550
[  207.744537][ T7267]  alloc_pages_noprof+0x131/0x390
[  207.777285][ T7267]  skb_page_frag_refill+0x186/0x5a0
[  207.797495][ T7267]  try_fill_recv+0x7e4/0x28a0
[  207.861497][ T7267]  virtnet_poll+0x1984/0x3c30
[  207.898061][ T7267]  __napi_poll.constprop.0+0xba/0x550
[  207.908294][ T7267]  net_rx_action+0xa9f/0xfe0
[  207.936179][ T7267]  handle_softirqs+0x219/0x8e0
[  208.016183][ T7267]  __irq_exit_rcu+0x109/0x170
[  208.029478][ T7267]  irq_exit_rcu+0x9/0x30
[  208.039454][ T7267]  common_interrupt+0xbf/0xe0
[  208.060798][ T7267]  asm_common_interrupt+0x26/0x40
[  208.092451][ T7267] page last free pid 5684 tgid 5684 stack trace:
[  208.129611][ T7267]  __free_frozen_pages+0x7fe/0x1180
[  208.150034][ T7267]  __put_partials+0x16d/0x1c0
[  208.154765][ T7267]  qlist_free_all+0x4d/0x120
[  208.210664][ T7267]  kasan_quarantine_reduce+0x195/0x1e0
[  208.219258][ T7267]  __kasan_slab_alloc+0x69/0x90
[  208.224183][ T7267]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  208.230077][ T7267]  vm_area_alloc+0x1f/0x160
[  208.234614][ T7267]  do_brk_flags+0x293/0x13f0
[  208.246351][ T7267]  __do_sys_brk+0x704/0xaa0
[  208.328926][ T7267]  do_syscall_64+0xcd/0x490
[  208.333465][ T7267]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.038842][ T7291] netlink: 'syz.1.235': attribute type 11 has an invalid length.
[  209.048282][ T7291] netlink: 'syz.1.235': attribute type 11 has an invalid length.
[  209.389664][ T7298] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888078000000 pfn:0x78000
[  209.414048][ T7298] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  209.447273][ T7298] memcg:ffff888034912201
[  209.451843][ T7298] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[  209.464071][ T7298] page_type: f5(slab)
[  209.469589][ T7298] raw: 00fff00000000240 ffff88801b44b500 ffffea0000cab210 ffffea0000cccc10
[  209.484235][ T7298] raw: ffff888078000000 0000000000040003 00000000f5000000 ffff888034912201
[  209.564405][ T7298] head: 00fff00000000240 ffff88801b44b500 ffffea0000cab210 ffffea0000cccc10
[  209.620314][ T7309] snd_aloop snd_aloop.0: control 16781581:65533:6:�'x?F���/��zF˷fC���:0 is already present
[  209.654023][ T7298] head: ffff888078000000 0000000000040003 00000000f5000000 ffff888034912201
[  209.681288][ T7298] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  209.704093][ T7298] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  209.719189][ T7298] page dumped because: unmovable page
[  209.724819][ T7298] page_owner tracks the page as allocated
[  209.760077][ T7298] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5850, tgid 5850 (udevd), ts 93412929067, free_ts 93292827304
[  209.788522][ T7298]  post_alloc_hook+0x1c0/0x230
[  209.795676][ T7298]  get_page_from_freelist+0x1321/0x3890
[  209.901362][ T7298]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  209.953837][ T7298]  alloc_pages_mpol+0x1fb/0x550
[  209.960567][ T7298]  new_slab+0x23b/0x330
[  210.005552][ T7298]  ___slab_alloc+0xd9c/0x1940
[  210.047427][ T7275] kexec: Could not allocate control_code_buffer
[  210.053795][ T7298]  __slab_alloc.constprop.0+0x56/0xb0
[  210.068714][ T7298]  __kvmalloc_node_noprof+0x3b1/0x620
[  210.078142][ T7298]  seq_read_iter+0x826/0x12c0
[  210.086264][ T7298]  kernfs_fop_read_iter+0x40f/0x5a0
[  210.094491][ T7298]  vfs_read+0x8bc/0xc60
[  210.101715][ T7298]  ksys_read+0x12a/0x250
[  210.106279][ T7298]  do_syscall_64+0xcd/0x490
[  210.112934][ T7298]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.122417][ T7298] page last free pid 5831 tgid 5831 stack trace:
[  210.133009][ T7298]  __free_frozen_pages+0x7fe/0x1180
[  210.141356][ T7298]  qlist_free_all+0x4d/0x120
[  210.148090][ T7298]  kasan_quarantine_reduce+0x195/0x1e0
[  210.153676][ T7298]  __kasan_slab_alloc+0x69/0x90
[  210.162659][ T7298]  kmem_cache_alloc_lru_noprof+0x1d0/0x3b0
[  210.178835][ T7298]  alloc_inode+0x61/0x240
[  210.183189][ T7298]  new_inode+0x22/0x1c0
[  210.187900][ T7298]  __debugfs_create_file+0x11c/0x6b0
[  210.193338][ T7298]  debugfs_create_file_unsafe+0x3c/0x50
[  210.202207][ T7298]  debugfs_create_bool+0x70/0xa0
[  210.207505][ T7298]  nsim_drv_probe+0x9b0/0x1490
[  210.219276][ T7298]  really_probe+0x241/0xa90
[  210.226290][ T7298]  __driver_probe_device+0x1de/0x440
[  210.231717][ T7298]  driver_probe_device+0x4c/0x1b0
[  210.241215][ T7298]  __device_attach_driver+0x1df/0x310
[  210.247587][ T7298]  bus_for_each_drv+0x159/0x1e0
[  210.523024][ T7319] netlink: 4 bytes leftover after parsing attributes in process `syz.2.242'.
[  211.737681][ T7343] FAULT_INJECTION: forcing a failure.
[  211.737681][ T7343] name failslab, interval 1, probability 0, space 0, times 0
[  211.851090][ T7343] CPU: 1 UID: 0 PID: 7343 Comm: syz.0.246 Not tainted 6.15.0-syzkaller-13804-g939f15e640f1 #0 PREEMPT(full) 
[  211.851120][ T7343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  211.851133][ T7343] Call Trace:
[  211.851139][ T7343]  <TASK>
[  211.851150][ T7343]  dump_stack_lvl+0x16c/0x1f0
[  211.851189][ T7343]  should_fail_ex+0x512/0x640
[  211.851220][ T7343]  ? fs_reclaim_acquire+0xae/0x150
[  211.851247][ T7343]  should_failslab+0xc2/0x120
[  211.851266][ T7343]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  211.851304][ T7343]  ? security_inode_alloc+0x3b/0x2b0
[  211.851332][ T7343]  security_inode_alloc+0x3b/0x2b0
[  211.851356][ T7343]  inode_init_always_gfp+0xce4/0x1030
[  211.851390][ T7343]  alloc_inode+0x86/0x240
[  211.851410][ T7343]  new_inode+0x22/0x1c0
[  211.851433][ T7343]  debugfs_create_dir+0xdd/0x5f0
[  211.851463][ T7343]  ptp_open+0x307/0x520
[  211.851494][ T7343]  ? __pfx_ptp_open+0x10/0x10
[  211.851527][ T7343]  ? __pfx_ptp_open+0x10/0x10
[  211.851551][ T7343]  posix_clock_open+0x17b/0x290
[  211.851576][ T7343]  ? __pfx_posix_clock_open+0x10/0x10
[  211.851598][ T7343]  chrdev_open+0x231/0x6a0
[  211.851630][ T7343]  ? __pfx_apparmor_file_open+0x10/0x10
[  211.851656][ T7343]  ? __pfx_chrdev_open+0x10/0x10
[  211.851691][ T7343]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  211.851724][ T7343]  do_dentry_open+0x744/0x1c10
[  211.851755][ T7343]  ? __pfx_chrdev_open+0x10/0x10
[  211.851793][ T7343]  vfs_open+0x82/0x3f0
[  211.851817][ T7343]  path_openat+0x1de4/0x2cb0
[  211.851856][ T7343]  ? __pfx_path_openat+0x10/0x10
[  211.851887][ T7343]  ? __lock_acquire+0xb8a/0x1c90
[  211.851917][ T7343]  do_filp_open+0x20b/0x470
[  211.851948][ T7343]  ? __pfx_do_filp_open+0x10/0x10
[  211.851996][ T7343]  ? alloc_fd+0x471/0x7d0
[  211.852031][ T7343]  do_sys_openat2+0x11b/0x1d0
[  211.852053][ T7343]  ? __pfx_do_sys_openat2+0x10/0x10
[  211.852086][ T7343]  __x64_sys_openat+0x174/0x210
[  211.852110][ T7343]  ? __pfx___x64_sys_openat+0x10/0x10
[  211.852144][ T7343]  do_syscall_64+0xcd/0x490
[  211.852165][ T7343]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.852186][ T7343] RIP: 0033:0x7f048d78e929
[  211.852202][ T7343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  211.852222][ T7343] RSP: 002b:00007f048b5d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  211.852242][ T7343] RAX: ffffffffffffffda RBX: 00007f048d9b6080 RCX: 00007f048d78e929
[  211.852256][ T7343] RDX: 0000000000000440 RSI: 0000200000000280 RDI: ffffffffffffff9c
[  211.852269][ T7343] RBP: 00007f048d810b39 R08: 0000000000000000 R09: 0000000000000000
[  211.852287][ T7343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  211.852299][ T7343] R13: 0000000000000000 R14: 00007f048d9b6080 R15: 00007ffea79bb0c8
[  211.852326][ T7343]  </TASK>
[  211.852370][ T7343] debugfs: out of free dentries, can not create directory '0xffff88807d630000'
[  212.840749][ T7353] random: crng reseeded on system resumption
[  213.118332][ T7351] netlink: 'syz.2.248': attribute type 11 has an invalid length.
[  213.136346][ T7351] netlink: 'syz.2.248': attribute type 11 has an invalid length.
[  213.144290][ T7351] netlink: 'syz.2.248': attribute type 11 has an invalid length.
[  213.264403][ T7364] ubi0: attaching mtd0
[  213.351123][ T7364] ubi0: scanning is finished
[  213.355787][ T7364] ubi0: empty MTD device detected
[  213.391236][ T7366] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0xffff888078016000 pfn:0x78010
[  213.459488][ T7366] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  213.526484][ T7366] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  213.534222][ T7366] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  213.599071][ T7366] raw: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  213.616212][ T7366] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  213.729615][ T7364] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[  213.747693][ T7366] head: ffff888078016000 0000000000000000 00000008ffffffff 0000000000000000
[  213.806550][ T7364] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  213.819773][ T7364] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[  213.827109][ T7364] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[  213.834540][ T7364] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  213.841928][ T7364] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[  213.850266][ T7364] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1382187641
[  213.860682][ T7364] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  213.876166][ T7366] head: 00fff00000000003 ffffea0001e00401 00000000ffffffff 00000000ffffffff
[  213.884997][ T7366] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  213.895716][ T7366] page dumped because: unmovable page
[  213.901454][ T7366] page_owner tracks the page as allocated
[  213.909088][ T7366] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5686, tgid 5686 (sftp-server), ts 73525452252, free_ts 73116963513
[  213.928687][ T7366]  post_alloc_hook+0x1c0/0x230
[  213.933493][ T7366]  get_page_from_freelist+0x1321/0x3890
[  213.941080][ T7375] ubi0: background thread "ubi_bgt0d" started, PID 7375
[  214.061316][ T7366]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  214.155355][ T7366]  alloc_pages_mpol+0x1fb/0x550
[  214.187589][ T7366]  alloc_pages_noprof+0x131/0x390
[  214.239299][ T7366]  skb_page_frag_refill+0x186/0x5a0
[  214.244536][ T7366]  try_fill_recv+0x7e4/0x28a0
[  214.326146][ T7366]  virtnet_poll+0x1984/0x3c30
[  214.353866][ T7366]  __napi_poll.constprop.0+0xba/0x550
[  214.367864][ T7366]  net_rx_action+0xa9f/0xfe0
[  214.372628][ T7366]  handle_softirqs+0x219/0x8e0
[  214.392899][ T7366]  __irq_exit_rcu+0x109/0x170
[  214.420594][ T7366]  irq_exit_rcu+0x9/0x30
[  214.435055][ T7366]  common_interrupt+0xbf/0xe0
[  214.454350][ T7366]  asm_common_interrupt+0x26/0x40
[  214.468175][ T7366] page last free pid 5684 tgid 5684 stack trace:
[  214.487233][ T7366]  __free_frozen_pages+0x7fe/0x1180
[  214.505510][ T7366]  __put_partials+0x16d/0x1c0
[  214.525749][ T7366]  qlist_free_all+0x4d/0x120
[  214.573943][ T7366]  kasan_quarantine_reduce+0x195/0x1e0
[  214.586303][ T7366]  __kasan_slab_alloc+0x69/0x90
[  214.597947][ T7366]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  214.610263][ T7366]  vm_area_alloc+0x1f/0x160
[  214.623015][ T7366]  do_brk_flags+0x293/0x13f0
[  214.640691][ T7366]  __do_sys_brk+0x704/0xaa0
[  214.658925][ T7366]  do_syscall_64+0xcd/0x490
[  214.669868][ T7366]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.940133][ T7378] netlink: 4 bytes leftover after parsing attributes in process `syz.0.252'.
[  216.321393][ T7388] snd_aloop snd_aloop.0: control 16781581:65533:6:�'x?F���/��zF˷fC���:0 is already present
[  216.408941][ T7381] snd_aloop snd_aloop.0: control 16781581:65533:6:�'x?F���/��zF˷fC���:0 is already present
[  219.362786][ T7439] Invalid ELF header magic: != ELF
[  220.162382][ T7460] snd_aloop snd_aloop.0: control 16781581:65533:6:�'x?F���/��zF˷fC���:0 is already present
[  220.896911][ T7467] Invalid ELF header magic: != ELF
[  224.022572][ T7529] snd_aloop snd_aloop.0: control 16781581:65533:6:�'x?F���/��zF˷fC���:0 is already present
[  225.288556][ T7547] snd_aloop snd_aloop.0: control 16781581:65533:6:�'x?F���/��zF˷fC���:0 is already present
[  226.317190][ T7556] Invalid ELF header magic: != ELF
[  228.326556][ T7588] netlink: 'syz.2.290': attribute type 11 has an invalid length.
[  228.335120][ T7588] netlink: 'syz.2.290': attribute type 11 has an invalid length.
[  229.034099][ T7597] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[  229.108302][ T7597] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  229.136267][ T7597] memcg:ffff888034912201
[  229.140555][ T7597] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  229.226226][ T7597] page_type: f5(slab)
[  229.258871][ T7597] raw: 00fff00000000040 ffff88801b44b500 0000000000000000 dead000000000001
[  229.295728][ T7597] raw: 0000000000000000 0000000000040004 00000000f5000000 ffff888034912201
[  229.363532][ T7597] head: 00fff00000000040 ffff88801b44b500 0000000000000000 dead000000000001
[  229.393445][ T7608] netlink: 'syz.3.293': attribute type 11 has an invalid length.
[  229.403034][ T7608] netlink: 'syz.3.293': attribute type 11 has an invalid length.
[  229.427737][ T7597] head: 0000000000000000 0000000000040004 00000000f5000000 ffff888034912201
[  229.441762][ T7608] netlink: 'syz.3.293': attribute type 11 has an invalid length.
[  229.453413][ T7597] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  229.500902][ T7597] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  229.530619][ T7597] page dumped because: unmovable page
[  229.551789][ T7597] page_owner tracks the page as allocated
[  229.682621][ T7597] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5850, tgid 5850 (udevd), ts 93412929067, free_ts 93292827304
[  229.703783][ T7597]  post_alloc_hook+0x1c0/0x230
[  229.708710][ T7597]  get_page_from_freelist+0x1321/0x3890
[  229.714427][ T7597]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  229.720658][ T7597]  alloc_pages_mpol+0x1fb/0x550
[  229.725678][ T7597]  new_slab+0x23b/0x330
[  229.730032][ T7597]  ___slab_alloc+0xd9c/0x1940
[  229.734845][ T7597]  __slab_alloc.constprop.0+0x56/0xb0
[  229.741105][ T7597]  __kvmalloc_node_noprof+0x3b1/0x620
[  229.746858][ T7597]  seq_read_iter+0x826/0x12c0
[  229.751703][ T7597]  kernfs_fop_read_iter+0x40f/0x5a0
[  229.795291][ T7597]  vfs_read+0x8bc/0xc60
[  229.809014][ T7597]  ksys_read+0x12a/0x250
[  229.823128][ T7597]  do_syscall_64+0xcd/0x490
[  229.834169][ T7597]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.850486][ T7597] page last free pid 5831 tgid 5831 stack trace:
[  229.867251][ T7597]  __free_frozen_pages+0x7fe/0x1180
[  229.894958][ T7597]  qlist_free_all+0x4d/0x120
[  229.899673][ T7597]  kasan_quarantine_reduce+0x195/0x1e0
[  229.911024][ T7597]  __kasan_slab_alloc+0x69/0x90
[  229.943725][ T7614] netlink: 'syz.0.295': attribute type 11 has an invalid length.
[  229.953111][ T7614] netlink: 'syz.0.295': attribute type 11 has an invalid length.
[  229.961948][ T7614] netlink: 'syz.0.295': attribute type 11 has an invalid length.
[  229.963372][ T7597]  kmem_cache_alloc_lru_noprof+0x1d0/0x3b0
[  229.985585][ T7597]  alloc_inode+0x61/0x240
[  230.001044][ T7597]  new_inode+0x22/0x1c0
[  230.005357][ T7597]  __debugfs_create_file+0x11c/0x6b0
[  230.015771][ T7597]  debugfs_create_file_unsafe+0x3c/0x50
[  230.024296][ T7614] netlink: 'syz.0.295': attribute type 11 has an invalid length.
[  230.046254][ T7597]  debugfs_create_bool+0x70/0xa0
[  230.058675][ T7597]  nsim_drv_probe+0x9b0/0x1490
[  230.092348][ T7597]  really_probe+0x241/0xa90
[  230.103184][ T7597]  __driver_probe_device+0x1de/0x440
[  230.121708][ T7597]  driver_probe_device+0x4c/0x1b0
[  230.135045][ T7597]  __device_attach_driver+0x1df/0x310
[  230.174783][ T7597]  bus_for_each_drv+0x159/0x1e0
[  230.383306][ T7614] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[  230.403750][ T7614] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  230.413030][ T7614] memcg:ffff888034912201
[  230.420149][ T7614] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  230.430322][ T7614] page_type: f5(slab)
[  230.440532][ T7614] raw: 00fff00000000040 ffff88801b44b500 0000000000000000 dead000000000001
[  230.450634][ T7614] raw: 0000000000000000 0000000000040004 00000000f5000000 ffff888034912201
[  230.462554][ T7614] head: 00fff00000000040 ffff88801b44b500 0000000000000000 dead000000000001
[  230.474824][ T7614] head: 0000000000000000 0000000000040004 00000000f5000000 ffff888034912201
[  230.505058][ T7614] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  230.515208][ T7614] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  230.586107][ T7614] page dumped because: unmovable page
[  230.601719][ T7614] page_owner tracks the page as allocated
[  230.608395][ T7614] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5850, tgid 5850 (udevd), ts 93412929067, free_ts 93292827304
[  230.633392][ T7614]  post_alloc_hook+0x1c0/0x230
[  230.639710][ T7614]  get_page_from_freelist+0x1321/0x3890
[  230.650844][ T7614]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  230.721983][ T7614]  alloc_pages_mpol+0x1fb/0x550
[  230.730905][ T7614]  new_slab+0x23b/0x330
[  230.735171][ T7614]  ___slab_alloc+0xd9c/0x1940
[  230.740116][ T7614]  __slab_alloc.constprop.0+0x56/0xb0
[  230.745639][ T7614]  __kvmalloc_node_noprof+0x3b1/0x620
[  230.813092][ T7614]  seq_read_iter+0x826/0x12c0
[  230.822347][ T7614]  kernfs_fop_read_iter+0x40f/0x5a0
[  230.831678][ T7614]  vfs_read+0x8bc/0xc60
[  230.842475][ T7614]  ksys_read+0x12a/0x250
[  230.847664][ T7614]  do_syscall_64+0xcd/0x490
[  230.852298][ T7614]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.858493][ T7614] page last free pid 5831 tgid 5831 stack trace:
[  230.864961][ T7614]  __free_frozen_pages+0x7fe/0x1180
[  230.871062][ T7614]  qlist_free_all+0x4d/0x120
[  230.931430][ T7614]  kasan_quarantine_reduce+0x195/0x1e0
[  230.966362][ T7614]  __kasan_slab_alloc+0x69/0x90
[  230.986250][ T7614]  kmem_cache_alloc_lru_noprof+0x1d0/0x3b0
[  230.994543][ T7614]  alloc_inode+0x61/0x240
[  230.999255][ T7614]  new_inode+0x22/0x1c0
[  231.003546][ T7614]  __debugfs_create_file+0x11c/0x6b0
[  231.013465][ T7614]  debugfs_create_file_unsafe+0x3c/0x50
[  231.019349][ T7614]  debugfs_create_bool+0x70/0xa0
[  231.024427][ T7614]  nsim_drv_probe+0x9b0/0x1490
[  231.029595][ T7614]  really_probe+0x241/0xa90
[  231.034222][ T7614]  __driver_probe_device+0x1de/0x440
[  231.039918][ T7614]  driver_probe_device+0x4c/0x1b0
[  231.045542][ T7614]  __device_attach_driver+0x1df/0x310
[  231.052487][ T7614]  bus_for_each_drv+0x159/0x1e0
[  231.080971][ T7630] Invalid ELF header magic: != ELF
[  232.076425][ T7653] ==================================================================
[  232.076445][ T7653] BUG: KASAN: vmalloc-out-of-bounds in sys_fillrect+0x15d4/0x17b0
[  232.076493][ T7653] Write of size 8 at addr ffffc90003959000 by task syz.2.300/7653
[  232.076517][ T7653] 
[  232.076532][ T7653] CPU: 0 UID: 0 PID: 7653 Comm: syz.2.300 Not tainted 6.15.0-syzkaller-13804-g939f15e640f1 #0 PREEMPT(full) 
[  232.076583][ T7653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  232.076601][ T7653] Call Trace:
[  232.076611][ T7653]  <TASK>
[  232.076622][ T7653]  dump_stack_lvl+0x116/0x1f0
[  232.076670][ T7653]  print_report+0xcd/0x680
[  232.076696][ T7653]  ? __virt_addr_valid+0x81/0x610
[  232.076728][ T7653]  ? sys_fillrect+0x15d4/0x17b0
[  232.076761][ T7653]  kasan_report+0xe0/0x110
[  232.076788][ T7653]  ? sys_fillrect+0x15d4/0x17b0
[  232.076826][ T7653]  sys_fillrect+0x15d4/0x17b0
[  232.076867][ T7653]  ? __pfx_sys_fillrect+0x10/0x10
[  232.076909][ T7653]  drm_fbdev_shmem_defio_fillrect+0x22/0x140
[  232.076949][ T7653]  bit_clear+0x17a/0x220
[  232.076975][ T7653]  ? __pfx_bit_clear+0x10/0x10
[  232.077002][ T7653]  ? __pfx___might_resched+0x10/0x10
[  232.077030][ T7653]  ? fb_get_color_depth+0x120/0x250
[  232.077072][ T7653]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  232.077117][ T7653]  ? __pfx_bit_clear+0x10/0x10
[  232.077143][ T7653]  __fbcon_clear+0x600/0x780
[  232.077189][ T7653]  fbcon_scroll+0x48b/0x690
[  232.077234][ T7653]  con_scroll+0x45f/0x690
[  232.077281][ T7653]  do_con_write+0x5560/0x8280
[  232.077320][ T7653]  ? __pfx_do_con_write+0x10/0x10
[  232.077361][ T7653]  con_write+0x23/0xb0
[  232.077388][ T7653]  n_tty_write+0x40f/0x1160
[  232.077428][ T7653]  ? __pfx_n_tty_write+0x10/0x10
[  232.077459][ T7653]  ? rcu_is_watching+0x12/0xc0
[  232.077489][ T7653]  ? __pfx_woken_wake_function+0x10/0x10
[  232.077534][ T7653]  ? kfree+0x24f/0x4d0
[  232.077567][ T7653]  ? file_tty_write.constprop.0+0x6ef/0x9b0
[  232.077615][ T7653]  ? __pfx_n_tty_write+0x10/0x10
[  232.077649][ T7653]  file_tty_write.constprop.0+0x504/0x9b0
[  232.077700][ T7653]  redirected_tty_write+0xd4/0x150
[  232.077752][ T7653]  vfs_write+0x6c4/0x1150
[  232.077793][ T7653]  ? __pfx_redirected_tty_write+0x10/0x10
[  232.077841][ T7653]  ? __pfx_vfs_write+0x10/0x10
[  232.077878][ T7653]  ? find_held_lock+0x2b/0x80
[  232.077915][ T7653]  ksys_write+0x12a/0x250
[  232.077954][ T7653]  ? __pfx_ksys_write+0x10/0x10
[  232.077998][ T7653]  do_syscall_64+0xcd/0x490
[  232.078026][ T7653]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.078055][ T7653] RIP: 0033:0x7f2b9bb8e929
[  232.078077][ T7653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  232.078106][ T7653] RSP: 002b:00007f2b9c9e3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  232.078133][ T7653] RAX: ffffffffffffffda RBX: 00007f2b9bdb6240 RCX: 00007f2b9bb8e929
[  232.078152][ T7653] RDX: 000000000000003a RSI: 0000200000000440 RDI: 0000000000000005
[  232.078168][ T7653] RBP: 00007f2b9bc10b39 R08: 0000000000000000 R09: 0000000000000000
[  232.078186][ T7653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  232.078203][ T7653] R13: 0000000000000001 R14: 00007f2b9bdb6240 R15: 00007fffd5db6958
[  232.078230][ T7653]  </TASK>
[  232.078239][ T7653] 
[  232.078378][ T7653] The buggy address ffffc90003959000 belongs to a vmalloc virtual mapping
[  232.078396][ T7653] Memory state around the buggy address:
[  232.078411][ T7653]  ffffc90003958f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  232.078433][ T7653]  ffffc90003958f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  232.078454][ T7653] >ffffc90003959000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  232.078469][ T7653]                    ^
[  232.078484][ T7653]  ffffc90003959080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  232.078505][ T7653]  ffffc90003959100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  232.078521][ T7653] ==================================================================
[  232.082084][ T7653] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  232.082106][ T7653] CPU: 0 UID: 0 PID: 7653 Comm: syz.2.300 Not tainted 6.15.0-syzkaller-13804-g939f15e640f1 #0 PREEMPT(full) 
[  232.082143][ T7653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  232.082161][ T7653] Call Trace:
[  232.082170][ T7653]  <TASK>
[  232.082182][ T7653]  dump_stack_lvl+0x3d/0x1f0
[  232.082230][ T7653]  panic+0x71c/0x800
[  232.082269][ T7653]  ? __pfx_panic+0x10/0x10
[  232.082309][ T7653]  ? mark_held_locks+0x49/0x80
[  232.082390][ T7653]  ? preempt_schedule_thunk+0x16/0x30
[  232.082424][ T7653]  ? sys_fillrect+0x15d4/0x17b0
[  232.082459][ T7653]  ? preempt_schedule_common+0x44/0xc0
[  232.082507][ T7653]  ? sys_fillrect+0x15d4/0x17b0
[  232.082541][ T7653]  check_panic_on_warn+0xab/0xb0
[  232.082623][ T7653]  end_report+0x107/0x170
[  232.082682][ T7653]  kasan_report+0xee/0x110
[  232.082711][ T7653]  ? sys_fillrect+0x15d4/0x17b0
[  232.082752][ T7653]  sys_fillrect+0x15d4/0x17b0
[  232.082792][ T7653]  ? __pfx_sys_fillrect+0x10/0x10
[  232.082834][ T7653]  drm_fbdev_shmem_defio_fillrect+0x22/0x140
[  232.082873][ T7653]  bit_clear+0x17a/0x220
[  232.082899][ T7653]  ? __pfx_bit_clear+0x10/0x10
[  232.082926][ T7653]  ? __pfx___might_resched+0x10/0x10
[  232.082955][ T7653]  ? fb_get_color_depth+0x120/0x250
[  232.082997][ T7653]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  232.083044][ T7653]  ? __pfx_bit_clear+0x10/0x10
[  232.083069][ T7653]  __fbcon_clear+0x600/0x780
[  232.083115][ T7653]  fbcon_scroll+0x48b/0x690
[  232.083159][ T7653]  con_scroll+0x45f/0x690
[  232.083203][ T7653]  do_con_write+0x5560/0x8280
[  232.083243][ T7653]  ? __pfx_do_con_write+0x10/0x10
[  232.083279][ T7653]  con_write+0x23/0xb0
[  232.083305][ T7653]  n_tty_write+0x40f/0x1160
[  232.083357][ T7653]  ? __pfx_n_tty_write+0x10/0x10
[  232.083389][ T7653]  ? rcu_is_watching+0x12/0xc0
[  232.083418][ T7653]  ? __pfx_woken_wake_function+0x10/0x10
[  232.083464][ T7653]  ? kfree+0x24f/0x4d0
[  232.083497][ T7653]  ? file_tty_write.constprop.0+0x6ef/0x9b0
[  232.083545][ T7653]  ? __pfx_n_tty_write+0x10/0x10
[  232.083579][ T7653]  file_tty_write.constprop.0+0x504/0x9b0
[  232.083631][ T7653]  redirected_tty_write+0xd4/0x150
[  232.083676][ T7653]  vfs_write+0x6c4/0x1150
[  232.083716][ T7653]  ? __pfx_redirected_tty_write+0x10/0x10
[  232.083762][ T7653]  ? __pfx_vfs_write+0x10/0x10
[  232.083800][ T7653]  ? find_held_lock+0x2b/0x80
[  232.083838][ T7653]  ksys_write+0x12a/0x250
[  232.083878][ T7653]  ? __pfx_ksys_write+0x10/0x10
[  232.083924][ T7653]  do_syscall_64+0xcd/0x490
[  232.083952][ T7653]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.083982][ T7653] RIP: 0033:0x7f2b9bb8e929
[  232.084004][ T7653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  232.084031][ T7653] RSP: 002b:00007f2b9c9e3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  232.084058][ T7653] RAX: ffffffffffffffda RBX: 00007f2b9bdb6240 RCX: 00007f2b9bb8e929
[  232.084078][ T7653] RDX: 000000000000003a RSI: 0000200000000440 RDI: 0000000000000005
[  232.084097][ T7653] RBP: 00007f2b9bc10b39 R08: 0000000000000000 R09: 0000000000000000
[  232.084115][ T7653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  232.084132][ T7653] R13: 0000000000000001 R14: 00007f2b9bdb6240 R15: 00007fffd5db6958
[  232.084160][ T7653]  </TASK>
[  232.084502][ T7653] Kernel Offset: disabled