last executing test programs:

2m48.279206963s ago: executing program 2 (id=1380):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket(0xa, 0x3, 0x120003b)
bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x7, 0x4, 0x1ff, 0x3, 0x8, 0xc, 0x2e, 0x0, 0x3}, 0x6f4)
io_uring_setup$auto(0x2, &(0x7f0000000080)={0x8, 0x9, 0x4006, 0x16, 0x4, 0x8, 0xffffffffffffffff, [], {0x9, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x4000006, 0x2002}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x104, 0x8, 0x8e7e}})
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000002340), 0xffffffffffffffff)
unshare$auto(0x40000080)
mmap$auto(0xfffffffffffffffc, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x40e00, 0x0)
ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0)
r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000300), 0x8281, 0x0)
ioctl$auto_PPPIOCATTACH(r1, 0x4004743d, 0x0)
acct$auto(&(0x7f0000000280)='/sys/devices/virtual/mtd/mtd0/size\x00')
openat$auto_tk_debug_sleep_time_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)

2m47.812537795s ago: executing program 2 (id=1383):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket(0xa, 0x2, 0x0)
r1 = socket(0xa, 0x801, 0x84)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/netfs/cookies\x00', 0xd00, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0)
io_uring_setup$auto(0x401, 0x0)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x11}}, 0x54)
getsockopt$auto(r1, 0x84, 0x6c, 0x0, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
socket(0x18, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r0)
ioctl$auto_KVM_CREATE_VM(r2, 0x4048aecb, 0x0)

2m47.424654592s ago: executing program 2 (id=1387):
r0 = openat$auto_sco_debugfs_fops_(0xffffffffffffff9c, 0x0, 0x242, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000002640)='/sys/kernel/debug/tracing/set_event_pid\x00', 0x2002, 0x0)
r1 = openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/buffer_size_kb\x00', 0x40, 0x0)
readv$auto(r1, &(0x7f0000000140)={0x0, 0x3}, 0x1)
r2 = syz_clone(0x20020000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs$namespace(r2, 0x0)
r3 = openat$auto_rts_threshold_ops_(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/ieee80211/phy2/rts_threshold\x00', 0x163000, 0x0)
r4 = openat$auto_tracing_mark_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/trace_marker\x00', 0x341, 0x0)
write$auto_tracing_mark_fops_trace(r4, 0x0, 0x0)
pread64$auto(r3, 0x0, 0x440, 0xf25)
write$auto(0x3, 0x0, 0xfdef)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'bond0\x00', <r5=>0x0})
r6 = openat$auto_full_fops_mem(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'vlan0\x00'})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'veth1_to_batadv\x00', <r7=>0x0})
sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000940)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000900)={&(0x7f0000000980)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="08000300b68a000008", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=r5, @ANYBLOB="2504028008000b8004004180710094804f61c65cd529b9a76342ef9a0b8f36888a91d98b1b41ddda97ce660f9ca3216c6ad589d65f107805f4c0761f7c8285d9b8213cd4a4812747e506c3d6184b17ebe6e19c43718161cdc3250464295906b5692a8ee53c6da2456604538b90e94c7a1861a55002701bf88104000f80000000d45b575b3ebefc5298de5c5278adc20f1d697456227e336ac30c7f6dd8e7b86da386f1b7b5f92eb498711172368df1c72916ad14e4329e9866f9b9f039c308e3945d25dab150d15462f051a21ac0cdfd354a64c54d1b817ba1de0e77573ef37e842b728a48ca39d3ca4caa6c5cb7003480040030803078bd93126e87fcd5497c4680ca9b45c255429c006d7c697ca292f0250bbfbfdda4e7bd2b031b09055b5730d228488f029f78a17d2d2234e31cd1771c8e390cb902c5f7be31dae4ac2ffdfdc2d0da3b16273cb75715ffb456749fcc50ff83304206fbc91161287bd6fe0b62aa853292bebce2771133354d509cbb790b051bb8d3fa19043af2a9b92357546b34ba3edd1ec88365d1d8f1b1a44ebfd9c24da0071a5df1f6a8fee90400ac800400538000800254803091592ceaf24b4986909b36f2765415e7c0efd4ff7bc5248d8c37f2b26261ecb6fea03b330ff5a00ee719473dbb550de719bf6ab871e957ac055472cddec297053d92b87f207ed19c7fd23cdbc64e90ffe0be95f5873b5a5905843881dd9894859c37ee324f9e89f936be47120fe95d9cb1d91de0c1bc7586f3228225dbfd8026b93b4b66a9f40a43330df55ad3ec8a829f5917d6c32768d4e2a7d94071b67ca7e8cde940dfaa1c357c37b251360e83689f45a8b23b3f6850ca557121f41ee2c0f00cdf8eec4530f020d346fc95d9b539f8df43424722891a3a038097e0bb621e2852f31d60f2539475539bf80059781c13ee57f8c87c0904317e29e06a7881401f9a4218e622fc3211dfd7336fdd54684a5466a16c04c306fafff5c1eecf795c78866c7dda87bbeb8a2474d32343f0686449bd09854085b2ae36754647ab22a2ff1596c309fcd6a8d5be3065b1c60b90edca84441eb8004dddbad5c5e83ed43d1921fac6a2233e5703cd870400c680ff44ccd65cb94e82b1006cc6249a40b8ed6b08238e84c7ac29bea589f56337f7d35907ec1cfca9c7e9332893bf4bc0fe9db997b1ed294170b2d264c57ed62af3b33ca69d83617a2a57cda1a61fe1d0760a2a9cc3b6039dbfc714000d00000000000000000000000000000000001aef59", @ANYRES32=r6, @ANYBLOB="78c6d1298688d33ac6811184e4214238accc402858922255ce9f1f79dff9ac09230d90e5145050ee80ba6322369f", @ANYBLOB, @ANYRES32=r7, @ANYBLOB], 0x560}, 0x1, 0x0, 0x0, 0x28000}, 0x8800)
openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, 0x0, 0x800, 0x0)
select$auto(0x4, 0x0, &(0x7f0000000080)={[0x6, 0xe9e, 0x4, 0x5, 0x1000, 0x100000001, 0xf, 0xf, 0xfffffffffffffffc, 0x40, 0xc4, 0xd59, 0x2, 0xff, 0x2, 0x80080001]}, 0x0, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0xa40, 0x0)
ioctl$auto(0x3, 0x5521, 0x1)
openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f0000000380), 0x10000, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
migrate_pages$auto(0x0, 0x8, 0x0, &(0x7f00000001c0)=0x7b)
r8 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/adsp1\x00', 0x40440, 0x0)
ioctl$auto_SNDCTL_DSP_CHANNELS(r8, 0xc0045006, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/tcp\x00', 0x400, 0x0)
readv$auto(r8, &(0x7f0000000200)={0x0, 0xfffc}, 0x3)

2m46.390896171s ago: executing program 2 (id=1391):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x4)
socket(0x2, 0x3, 0x4)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f00000017c0)='/sys/kernel/debug/lru_gen\x00', 0x1, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/class/firmware/timeout\x00', 0x100, 0x0)
socket(0x2, 0x1, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/sit0/ifindex\x00', 0x80000, 0x0)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x202, 0x0)
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000003c0), 0x3d00, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8)
connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55)
r0 = socket(0x11, 0x80003, 0x300)
name_to_handle_at$auto(0xffffffffffffffff, 0x0, &(0x7f0000000200)={0x0, 0x6}, 0x0, 0x1001)
setsockopt$auto(r0, 0x107, 0x12, 0x0, 0x4)
write$auto(0x3, 0x0, 0xfdef)

2m46.043693252s ago: executing program 2 (id=1393):
symlink$auto(0x0, 0x0)
mount$auto(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x200, 0x0)
close_range$auto(0x2, 0x8, 0x0)
getpid()
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_SCAN(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
personality$auto(0x5)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/softnet_stat\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32=r1, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100000000000000000008000200", @ANYRES32=r1, @ANYBLOB="060006ff05000000080003009b"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
preadv$auto(0xffffffffffffffff, &(0x7f0000009180)={0x0, 0x7}, 0x26, 0x800000000080, 0x5)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x38000000)
sendmmsg$auto(r0, 0x0, 0x42, 0x5fa)

2m45.095449458s ago: executing program 2 (id=1401):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff)
madvise$auto(0x0, 0x2003f2, 0x15)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
r4 = openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, 0x0, 0x8006, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16, @ANYBLOB="010026bd7000fddbdf2507"], 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x4000800)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
write$auto_proc_uid_map_operations_base(r4, 0x0, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0x1c, r3, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0x1c}}, 0x4000)
madvise$auto(0x0, 0x200007, 0x19)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a)

2m40.78511013s ago: executing program 1 (id=1426):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x4)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f00000017c0)='/sys/kernel/debug/lru_gen\x00', 0x1, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/class/firmware/timeout\x00', 0x100, 0x0)
socket(0x2, 0x1, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/sit0/ifindex\x00', 0x80000, 0x0)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x202, 0x0)
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000003c0), 0x3d00, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8)
connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55)
r0 = socket(0x11, 0x80003, 0x300)
name_to_handle_at$auto(0xffffffffffffffff, &(0x7f00000000c0)='/\x00R\xa6\x00\xc8\xda\xdc\xb1\xb4#\xe4\xeb\xe1e/\x1b/\xb9L\xc6P\x82\xba\x90@\xb8\xb5\xb1\xe8\"\x88s\xdf\x15\xaa\x18\xa9\x86\xc7\x87g>8\xae\x99\xd4~\xc6\xa7\\\xcc\xfeV\x83\f\xdc\xdc~\x8e\xd5\x18\x13\x16\xc5\x93E\x10\xcb\x1c\x02\x00\xd2\xa4_\xa3\xdcS\xe2\xe2\xc6\x85p\xfa\xc3/G\x86\xea\x9f\xb0\x9a\xcc6\x1a\x06\x91\x9f\xcfC\xedU\x00f`\x02\x04\xef\xfe\x10\xec\x17\x83%K\x04\xd5s\x86\xe4\x9d\x15\f\x8c\xd9gj\xe5t\x82o7\xc05ul\xacU\xbf\xc0\xfe\xb4\xd7\t\xe0s]\xcd\xac\x87\xa5\xa6.t\xa9\xe8\xa6>\xf2\xd0\xb1\x83\x83\x91\a\xdc\xe9\xaa\x1dx\x06\xa77\xd6\xe1\xe9\x94\xb9Xi\xbbv_\x9a_bv%\xcb\xc7\xdd\xa3\xb4\tpr%\xdf\xc9\x06\xa2\xe7\xe1\xde\x16\xf7\x03x\xf8\v\v\x1a\xfcm\x87r\xc1\b\xca\x97\xb0\xeb\xd6F\x8f^\x94\xdf\x9ax\xf4\x03e[l\xa5', &(0x7f0000000200)={0x0, 0x6}, 0x0, 0x1001)
setsockopt$auto(r0, 0x107, 0x12, 0x0, 0x4)
write$auto(0x3, 0x0, 0xfdef)

2m40.663382072s ago: executing program 1 (id=1419):
symlink$auto(0x0, 0x0)
mount$auto(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x200, 0x0)
close_range$auto(0x2, 0x8, 0x0)
getpid()
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_SCAN(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
personality$auto(0x5)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/softnet_stat\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32=r1, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100000000000000000008000200", @ANYRES32=r1, @ANYBLOB="060006ff05000000080003009b"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
preadv$auto(0xffffffffffffffff, &(0x7f0000009180)={0x0, 0x7}, 0x26, 0x800000000080, 0x5)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x38000000)
sendmmsg$auto(r0, 0x0, 0x42, 0x5fa)

2m39.676618707s ago: executing program 1 (id=1425):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000004440), 0xffffffffffffffff)
sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004540)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01009b64c23ef155546b0104000008000900", @ANYBLOB="080005000600000008000200", @ANYRES32=0x0, @ANYBLOB="0c00010069"], 0x8d}, 0x1, 0x0, 0x0, 0x10}, 0x2000000)
sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r2, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HfR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x80)

2m39.531952668s ago: executing program 1 (id=1427):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x4)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f00000017c0)='/sys/kernel/debug/lru_gen\x00', 0x1, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/class/firmware/timeout\x00', 0x100, 0x0)
socket(0x2, 0x1, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/sit0/ifindex\x00', 0x80000, 0x0)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x202, 0x0)
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000003c0), 0x3d00, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8)
connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55)
r0 = socket(0x11, 0x80003, 0x300)
name_to_handle_at$auto(0xffffffffffffffff, &(0x7f00000000c0)='/\x00R\xa6\x00\xc8\xda\xdc\xb1\xb4#\xe4\xeb\xe1e/\x1b/\xb9L\xc6P\x82\xba\x90@\xb8\xb5\xb1\xe8\"\x88s\xdf\x15\xaa\x18\xa9\x86\xc7\x87g>8\xae\x99\xd4~\xc6\xa7\\\xcc\xfeV\x83\f\xdc\xdc~\x8e\xd5\x18\x13\x16\xc5\x93E\x10\xcb\x1c\x02\x00\xd2\xa4_\xa3\xdcS\xe2\xe2\xc6\x85p\xfa\xc3/G\x86\xea\x9f\xb0\x9a\xcc6\x1a\x06\x91\x9f\xcfC\xedU\x00f`\x02\x04\xef\xfe\x10\xec\x17\x83%K\x04\xd5s\x86\xe4\x9d\x15\f\x8c\xd9gj\xe5t\x82o7\xc05ul\xacU\xbf\xc0\xfe\xb4\xd7\t\xe0s]\xcd\xac\x87\xa5\xa6.t\xa9\xe8\xa6>\xf2\xd0\xb1\x83\x83\x91\a\xdc\xe9\xaa\x1dx\x06\xa77\xd6\xe1\xe9\x94\xb9Xi\xbbv_\x9a_bv%\xcb\xc7\xdd\xa3\xb4\tpr%\xdf\xc9\x06\xa2\xe7\xe1\xde\x16\xf7\x03x\xf8\v\v\x1a\xfcm\x87r\xc1\b\xca\x97\xb0\xeb\xd6F\x8f^\x94\xdf\x9ax\xf4\x03e[l\xa5', &(0x7f0000000200)={0x0, 0x6}, 0x0, 0x1001)
setsockopt$auto(r0, 0x107, 0x12, 0x0, 0x4)
write$auto(0x3, 0x0, 0xfdef)

2m39.445275204s ago: executing program 1 (id=1428):
r0 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000004440), 0xffffffffffffffff)
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004540)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01009b64c23ef155546b0104000008000900", @ANYBLOB="080005000600000008000200", @ANYRES32=0x0, @ANYBLOB="0c00010069"], 0x8d}, 0x1, 0x0, 0x0, 0x10}, 0x2000000)

2m39.336292274s ago: executing program 1 (id=1429):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff)
madvise$auto(0x0, 0x2003f2, 0x15)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
r4 = openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, 0x0, 0x8006, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16, @ANYBLOB="010026bd7000fddbdf2507"], 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x4000800)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
write$auto_proc_uid_map_operations_base(r4, 0x0, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0x1c, r3, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0x1c}}, 0x4000)
madvise$auto(0x0, 0x200007, 0x19)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/free_buffer\x00', 0x24001, 0x0)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x2000c, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x400000008000)

2m29.764284387s ago: executing program 32 (id=1401):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff)
madvise$auto(0x0, 0x2003f2, 0x15)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
r4 = openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, 0x0, 0x8006, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16, @ANYBLOB="010026bd7000fddbdf2507"], 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x4000800)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
write$auto_proc_uid_map_operations_base(r4, 0x0, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0x1c, r3, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0x1c}}, 0x4000)
madvise$auto(0x0, 0x200007, 0x19)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a)

2m24.498153268s ago: executing program 4 (id=1482):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff)
madvise$auto(0x0, 0x2003f2, 0x15)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
r4 = openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, 0x0, 0x8006, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16, @ANYBLOB="010026bd7000fddbdf2507"], 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x4000800)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
write$auto_proc_uid_map_operations_base(r4, 0x0, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0x1c, r3, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0x1c}}, 0x4000)
madvise$auto(0x0, 0x200007, 0x19)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/free_buffer\x00', 0x24001, 0x0)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54)

2m24.241564321s ago: executing program 33 (id=1429):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff)
madvise$auto(0x0, 0x2003f2, 0x15)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
r4 = openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, 0x0, 0x8006, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16, @ANYBLOB="010026bd7000fddbdf2507"], 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x4000800)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
write$auto_proc_uid_map_operations_base(r4, 0x0, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0x1c, r3, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0x1c}}, 0x4000)
madvise$auto(0x0, 0x200007, 0x19)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/free_buffer\x00', 0x24001, 0x0)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x2000c, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x400000008000)

2m18.514614722s ago: executing program 3 (id=1546):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
ppoll$auto(0x0, 0x2, 0x0, 0x0, 0x8)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
setsockopt$auto(0xffffffffffffffff, 0x6, 0x1f, 0x0, 0x0)
syz_clone3(&(0x7f000000dd80)={0xa04400, 0x0, 0x0, 0x0, {0x12}, 0x0, 0x0, 0x0, 0x0}, 0x58)

2m17.583279475s ago: executing program 3 (id=1553):
mmap$auto(0x100000000000000, 0x2020009, 0x1000000000000009, 0xf83e, 0xfffffffffffffffa, 0x9003)
socket(0xa, 0x3, 0x3b)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xffffffffffffffff, 0x300000000000)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14bf02", @ANYRES16=0x0, @ANYBLOB="10002cbd7000fd"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS2\x00', 0x101e81, 0x0)
ioctl$auto_SNDCTL_TMR_CONTINUE(r0, 0x5404, &(0x7f0000000040))

2m17.432646934s ago: executing program 3 (id=1555):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000004440), 0xffffffffffffffff)
sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004540)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01009b64c23ef155546b0104000008000900", @ANYBLOB="080005000600000008000200", @ANYRES32=0x0, @ANYBLOB="0c00010069"], 0x8d}, 0x1, 0x0, 0x0, 0x10}, 0x2000000)

2m17.285692264s ago: executing program 3 (id=1557):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
socket(0x2, 0x2, 0x0)
r0 = socket(0x2c, 0x4, 0x38)
bpf$auto(0x0, &(0x7f0000000000)=@bpf_attr_11={0x6, 0x10000000000, 0x9, 0x80000000, 0x40, 0x5, 0x7, r0}, 0x10)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/dummy_hcd.2/usb3/authorized\x00', 0x81, 0x0)
write$auto(r1, &(0x7f0000000080)='0\x81=\"\xad\xff\x8d\xf9P\x18\xa4\xb0\xb4\xd9\x82=\xe1P\x05\x00\xfb&\xe8\xbf\x901\a2\xa2X`\a\xf1y\xb3\"=', 0x48da548d)
socket(0x2c, 0x3, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtdblock0\x00', 0x1cb602, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000540)='./cgroup.net/blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
socket(0x2a, 0x80002, 0x77)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0)
write$auto_ocfs2_control_fops_stack_user(r2, 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/sunrpc/parameters/pool_mode\x00', 0x100800, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x9a6, 0x0)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/kernel/tainted\x00', 0x10002, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/virtual/mtd/mtd0/mtdblock0/queue/discard_max_bytes\x00', 0x10b142, 0x0)
sendfile$auto(r3, r4, 0x0, 0x1000200)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
r5 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
ioctl$auto(r5, 0x5608, r5)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x20080, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10001, 0x9, 0x2, 0xfffffffffffffffd, 0x10000, 0x4, 0x15f4da11, 0x8, 0x8000000009, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x9, 0x7, 0x40000000000010]}, 0x0)

2m16.362847012s ago: executing program 3 (id=1566):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ovs_datapath(0x0, 0xffffffffffffffff)
sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004540)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01009b64c23ef155546b0104000008000900", @ANYBLOB="080005000600000008000200", @ANYRES32=0x0, @ANYBLOB="0c00010069"], 0x8d}, 0x1, 0x0, 0x0, 0x10}, 0x2000000)

2m16.215814343s ago: executing program 3 (id=1568):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff)
madvise$auto(0x0, 0x2003f2, 0x15)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
r4 = openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, 0x0, 0x8006, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16, @ANYBLOB="010026bd7000fddbdf2507"], 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x4000800)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
write$auto_proc_uid_map_operations_base(r4, 0x0, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0x1c, r3, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0x1c}}, 0x4000)
madvise$auto(0x0, 0x200007, 0x19)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/free_buffer\x00', 0x24001, 0x0)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)

2m9.446921861s ago: executing program 34 (id=1482):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff)
madvise$auto(0x0, 0x2003f2, 0x15)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
r4 = openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, 0x0, 0x8006, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16, @ANYBLOB="010026bd7000fddbdf2507"], 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x4000800)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
write$auto_proc_uid_map_operations_base(r4, 0x0, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0x1c, r3, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0x1c}}, 0x4000)
madvise$auto(0x0, 0x200007, 0x19)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/free_buffer\x00', 0x24001, 0x0)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54)

2m0.967237011s ago: executing program 35 (id=1568):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff)
madvise$auto(0x0, 0x2003f2, 0x15)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
r4 = openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, 0x0, 0x8006, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16, @ANYBLOB="010026bd7000fddbdf2507"], 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x4000800)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
write$auto_proc_uid_map_operations_base(r4, 0x0, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0x1c, r3, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0x1c}}, 0x4000)
madvise$auto(0x0, 0x200007, 0x19)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/free_buffer\x00', 0x24001, 0x0)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)

1m23.868500324s ago: executing program 7 (id=1877):
sysfs$auto(0x2, 0x100001000000032, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/vidtv.0/i2c-0/0-0068/name\x00', 0x18b080, 0x0)
ioctl$auto_BLKPG2(0xffffffffffffffff, 0x1269, 0x0)
pwrite64$auto(0xc8, &(0x7f0000000340)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xa8\x11\x06\b\x00\x00\x00\x04!\x02\xba\xae\xb8-\x14\xe4\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\x00\x00\x9f\x1e\xf6\xa4*\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e#\xae\xa9\xc5\x93\x1dD\x811\xb9_\xdd*j\xfd\xeb\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;\x9e\x83\x120\x81\x11\x9a?g`sFh\x00\x00\xda,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xdex\xd8\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/228, 0xfdef, 0x2)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
r0 = socket(0xa, 0x2, 0x88)
setsockopt$auto(r0, 0x11, 0xb, 0x0, 0x8)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0xfffffffffffffe11, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x200440c4}, 0x40048c5)
lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x37, 0xfffffffffffffffe, 0x80000001, 0x0, 0x0, 0x0, 0x1000000009, 0x10001, 0x6, 0x400, 0x7ffffffb, 0x4, 0xdd79, 0x10000, 0x3, 0x104})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x89fc, &(0x7f0000000040)={'bridge0\x00'})

1m23.374432728s ago: executing program 7 (id=1881):
mq_open$auto(0x0, 0xe8, 0x3, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x261c2, 0x84)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_fd=r0, r1, 0x4, 0x302f, 0xffffffffffffffff, @relative_id=0x13, 0xe600}, 0xf)
bpf$auto(0x2, 0x0, 0x91)

1m23.185714878s ago: executing program 7 (id=1883):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000004440), 0xffffffffffffffff)
sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004540)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01009b64c23ef155546b0104000008000900", @ANYBLOB="080005000600", @ANYRES32=0x0, @ANYBLOB="0c00010069"], 0x8d}, 0x1, 0x0, 0x0, 0x10}, 0x2000000)

1m22.915782044s ago: executing program 7 (id=1884):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000004440), 0xffffffffffffffff)
sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004540)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="080005000600000008000200", @ANYRES32=0x0, @ANYBLOB="0c00010069"], 0x8d}, 0x1, 0x0, 0x0, 0x10}, 0x2000000)

1m22.734772962s ago: executing program 7 (id=1885):
socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x8, 0x1ff, 0x7, 0x21, 0x4909b6f5, 0x1, 0x7, 0x3, 0x9, 0x6, 0x3, 0x4, 0x2, 0xb4, 0x9, 0x208, 0x10003, 0x80, 0x3, 0x80, 0xa, 0x22000, 0x200, 0x7, 0x84, 0x0, 0x9, 0xffffffff, 0x0, 0x0, [0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x1f, 0x0, 0x2, 0x100000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000]}, 0x3, 0xd)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/wireless\x00', 0x80000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x2000001, 0x9, 0x7, 0x7, 0x0, 0x5, 0xffffffff, 0x2000000000210004, 0x0, 0x7, 0x5, 0x2, 0x7, 0xaf, 0x6, 0x8, 0x3, 0xa, 0x7, 0x0, 0x0, 0x10000005, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, [0x3, 0x0, 0x0, 0xc, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x80000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff7, 0x0, 0x0, 0xfffffffffffffffc, 0x4000000000000, 0x4, 0x0, 0x0, 0x200000000000000, 0x0, 0x200]}, 0x1fe, 0x81)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x10048080)
sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc7}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

1m21.052792343s ago: executing program 7 (id=1891):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, r1, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff)
madvise$auto(0x0, 0x2003f2, 0x15)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
r5 = openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, &(0x7f00000013c0)='/proc/self/uid_map\x00', 0x8006, 0x0)
write$auto_proc_uid_map_operations_base(r5, 0x0, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[@ANYBLOB="a8000000", @ANYRES16=r4, @ANYBLOB="01002cbd7000fddbdf2502000000810004006e66736600d8efe42d132b72f30c54315aa74a5b8103cf2ddf901f8fc81365e252374483326ace7da356b7a16f5ce613bc0ce3aeb87ed3d22b4a27c3ecc90c70c861befe60a7a9414b446427a001f61379e8caf4519e032a5dda1e1174e2d575772b93fc046cd3a674866b80d91473ece248c03d28f9398a63a785998700000008000300850000000800010002000000"], 0xa8}}, 0x4000)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x404001, 0x0)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
socket(0x1a, 0x6, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000340), r6)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000380)={'netdevsim0\x00', <r8=>0x0})
sendmsg$auto_ETHTOOL_MSG_FEC_GET(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000003c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r7, @ANYBLOB="050025bd70c8f0b1d07a0fba01000c00018008000100", @ANYRES32=r8], 0x20}}, 0x4000000)
mq_timedsend$auto(r2, &(0x7f0000000040)='/proc/thread-self/pagemap\x00', 0x7f, 0x3ff, &(0x7f00000002c0)={0x6, 0x81})

1m5.989166106s ago: executing program 36 (id=1891):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, r1, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff)
madvise$auto(0x0, 0x2003f2, 0x15)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
r5 = openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, &(0x7f00000013c0)='/proc/self/uid_map\x00', 0x8006, 0x0)
write$auto_proc_uid_map_operations_base(r5, 0x0, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[@ANYBLOB="a8000000", @ANYRES16=r4, @ANYBLOB="01002cbd7000fddbdf2502000000810004006e66736600d8efe42d132b72f30c54315aa74a5b8103cf2ddf901f8fc81365e252374483326ace7da356b7a16f5ce613bc0ce3aeb87ed3d22b4a27c3ecc90c70c861befe60a7a9414b446427a001f61379e8caf4519e032a5dda1e1174e2d575772b93fc046cd3a674866b80d91473ece248c03d28f9398a63a785998700000008000300850000000800010002000000"], 0xa8}}, 0x4000)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x404001, 0x0)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
socket(0x1a, 0x6, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000340), r6)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000380)={'netdevsim0\x00', <r8=>0x0})
sendmsg$auto_ETHTOOL_MSG_FEC_GET(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000003c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r7, @ANYBLOB="050025bd70c8f0b1d07a0fba01000c00018008000100", @ANYRES32=r8], 0x20}}, 0x4000000)
mq_timedsend$auto(r2, &(0x7f0000000040)='/proc/thread-self/pagemap\x00', 0x7f, 0x3ff, &(0x7f00000002c0)={0x6, 0x81})

53.867649085s ago: executing program 8 (id=2036):
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r0, &(0x7f00000000c0)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k]_\\\xf5\xc15\xe3-H\xff\xb1K\xd5)\xc5\x1e\xf9 \x8a\x7f^\x01\xcc', 0x4009)
madvise$auto_MADV_GUARD_INSTALL(0x5000000, 0x2021000, 0x66)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14fa02, 0x0)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dri/card0\x00', 0xe203422544c4c241, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
getsockopt$auto(0xffffffffffffffff, 0x84, 0x75, 0x0, &(0x7f0000000000)=0x9000c)
getsockopt$auto(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
mmap$auto(0x0, 0x20004, 0xaeb, 0xeb1, 0xffffffffffffffff, 0x5)

53.049266625s ago: executing program 8 (id=2039):
socket(0x29, 0x800, 0xa)
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
sysfs$auto(0x1, 0xffff, 0x100000001)
mmap$auto(0x0, 0x0, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendfile$auto(r0, 0x3, 0x0, 0x7ffff002)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/dirty_ratio\x00', 0x2, 0x0)
write$auto(0x1, 0x0, 0x80000000)
mmap$auto(0x0, 0x8000009, 0x800007, 0xeb1, 0x401, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0)
r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0)

51.769061792s ago: executing program 8 (id=2048):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0xffffffffffffffff, 0x300000000000)
gettid()
close_range$auto(0x2, 0xa, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x80000, 0x85556f8d)
get_robust_list$auto(0x0, 0x0, 0x0)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r2, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)
r3 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f00000000c0), r0)
sendmsg$auto_SMC_NETLINK_ENABLE_HS_LIMITATION(r1, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)={0xf8, r3, 0x200, 0x70bd25, 0x25dfdbfd, {}, "86cb0742fcacbec17559fce8f72f1e3d7e25373c7d00ded4fdea086cb0ea9b372b6a1cb81b8b5c5eb965f4d18fb0e79acf0df0035e92a367e4acf0f956c8ffd6160ee2302f84873774f8dd95672f9c0307609dde8bd31025def397016289dce895a299dc443305f3399e3103770e2ab057f5d3b83de307eb2c4fd1891081a53381a2a457838a86134ce6acefeb7b1192c679c93a772ce795d462fdaebc9943c69fbe3bfddc2c526baa6567d499ae5a08ce18e906796d3b53843291318caf7165730efd0634df175aafbd77cd1e3c4e5f9880f3e1f7f8b17fd72bf3544461827c4028"}, 0xf8}, 0x1, 0x0, 0x0, 0x4008000}, 0x4c001)

51.256725906s ago: executing program 8 (id=2049):
r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi15\x00', 0x802, 0x0)
write$auto(r0, &(0x7f0000000040)='%]{\fZ', 0xfffffffd)

51.079277523s ago: executing program 8 (id=2051):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000004440), 0xffffffffffffffff)
sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004540)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB, @ANYBLOB="080005000600000008000200", @ANYRES32=0x0, @ANYBLOB="0c000100"], 0x8d}, 0x1, 0x0, 0x0, 0x10}, 0x2000000)
sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r2, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HfR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x80)

50.788473956s ago: executing program 8 (id=2054):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
ustat$auto(0x801, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000480)={0x0, 0xe4, &(0x7f0000000440)={&(0x7f0000000200)={0x1c, r1, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0x1c}}, 0x4000)
close_range$auto(r0, r0, 0x2cf)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r2 = pidfd_open$auto(0x1, 0x0)
setns(r2, 0x8000000)
write$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f0000001680)="a7", 0xfffffc96)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)

35.699137788s ago: executing program 37 (id=2054):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
ustat$auto(0x801, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000480)={0x0, 0xe4, &(0x7f0000000440)={&(0x7f0000000200)={0x1c, r1, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0x1c}}, 0x4000)
close_range$auto(r0, r0, 0x2cf)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r2 = pidfd_open$auto(0x1, 0x0)
setns(r2, 0x8000000)
write$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f0000001680)="a7", 0xfffffc96)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)

4.773305475s ago: executing program 6 (id=2258):
r0 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000400)='/sys/kernel/debug/usb/usbmon/0u\x00', 0x22202, 0x0)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
setuid$auto(0xee00)
pread64$auto(r0, 0x0, 0x0, 0x9)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
ioctl$auto_IOCTL_VMCI_QUEUEPAIR_SETVA(0xffffffffffffffff, 0x7a4, 0x0)
read$auto_mon_fops_text_t_mon_text(r0, 0x0, 0x0)
r1 = pipe$auto(0x0)
vmsplice$auto(r1, &(0x7f0000000000)={0x0, 0x4000005}, 0x6, 0x8)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x40, 0x20)
ioctl$auto_XFS_IOC_ATTRMULTI_BY_HANDLE(r1, 0x4048587b, &(0x7f00000001c0)={{r2, &(0x7f0000000040)="38b27d6dab105e64c9b97eaf54d3b3f08abc", 0x0, &(0x7f0000000080), 0x401, &(0x7f00000000c0)="3a9d5d", &(0x7f0000000100)=0x9}, 0x6, &(0x7f0000000180)={0x5, 0x5, &(0x7f0000000140)="c570d0f5a55664a63de2f37d771c4bdeedaf37e887e543144eedb151dedf03c921e5fbc8f718214db651c6646fdfb2", &(0x7f0000000440)="94f788a2166550ed951667057070d01ab85105d3352f6c690ad70dbb9f4d27c0e4e2cf38919f0112fd0f1dda8d7d796fea17e516e2fc90a55368753e9313916ace345ca064efd31bf8293387f0c3a2af83203f44e5f0dc104c7f26490ed6fc90b9264f167688a3b6cd68350a34be13227eba6c24c9c2824396e1237d693e8785b2fdefaa03afebc475fa0c421e715091437dfb18e677da39b86e65f6d3f3ffdbc6c9318c9f2aec30109804fe86be0d67b90d10525cd2e78e1a909144ad39f1e7424be152444bb490059d154f58582045475beb1d657c30135aa797cba5ebfacd07dbcbf9e88d236ae7ca6098a49f615ea54227cea03819fea2e1661e9c053439d7838f9f4aec99aec56b8d58a9f43818d2c16ffd339c56b527d24d848ec52e84a69ce12f50af9b297aa8d9bc0d32c6339a14996783d567699ac149c81af925b7ed345c6622e286b1f427e518affce3db0a102da29cbaf45c8bfe598e5793ad485df97ac7c471221b7219b2c5a02b6eb5caf1f2070661137e31af6feda84b57aaf75f8fcdb75cc37e4d539c2a057756d8589e15a9dc0a06449d6a3a098bf482eb0423236c3cbea18a92ef2017f14b1f865a14454db9b2eea258ea1d553e153b9334945ab9a1779755a7a1b9a458af9c80c4e809daf226261a98f8dcbfbf3c98780129c9cfa156f6540a320d55e6bfbfc36548ee04ab66fbce7a462f2a52234fb5315932b28a7a5174886ca6eb6009a31fb98bc5dfa28589f6df512bbfe7810cb825e507c05d73b17b402cd938b35336ff7a4bf346d58d928fa7f1c4259afbe2fd1b22fadd7cd1c318ba79a04c923cdf217fe54c7eb3d9344d166307975c939878d393b24407eca88973f304c9ff28ad659963ccaff731da2cf280d45112c7ec52979a2a84a70774118e4f89fc6b21ba41c1dd7572ca470116e7c3912f3e96e1250cb53f7a98af25ff6dd0f22bcc2da4050c4467085d18cfed0ab8392eeeeedcd9ada92bbbd65d69bb0a8df451135238ba4ea1b8237b23ba2d36cb1f23e3df354e7eb3930d89deea9c15a53bfa3110cedcf5fd41af477b8fafc37028e148e59a868d97d48e2e98960b667e44b5e8608a08c342ab8e8471096c041ab0542452f1e66b9bdd092a57168e94f4a0831707c6531310026d3c8e870b23d8f77f24ad203eda4645dcd3f9f87a59088a69c4fb59874043f09a1595d066f921973c52c675b7a40e84976a4c87fab9a3bbb08b95ac6b3a4290e6e05da1cf5cc077928f2dac53027b921d5e935a54d5cc3ce284d9fa87673102ae590e700fd2d717a4f690d9a7751e43975550f8f63eccdb412b2272ec353a57db358c0cb1fec75f49be797601fe860c2c7a7f344107bc7dd95a5ca3a7caa0b1311de9db9a6a7a7b9d9c6afd3019dd6e6f803fa20881d2f5259a39b78ded935d70179023870750aec6efb4fbd3ff19697d6ee806219ee387192d676cf49ad2e58d401d3aeff584d483cb24f3bf9d1efc4d061bc6b10ebebe0804c1d2b5cf7475d02f5171af8670b45fc0b07fc77ddde0a3c333e3913d312dde3ee4718686c94af042cec772c08932dd8c14b08be172f57b15670a58d2a00cf746f6e52f4269ee261df343674be462a331974dd1504202ee5991d9e2fc35f92ae6c52c279ff5c168abf02202469af1d6dd66d616a9610e7e7f1d262b887224a9e0d5b2598cc29cf771899e0e5a456438d5c49b457fe87f5fc7dd1680a402905e726bde1065cb35035d54ac27c2db0e90a047af3a41f524593891fb6ae9f476e7bf57acbf0d8e5038b7825689cb120134bb7c5fc4432c0ef6203c8f9058fa7b7af493b907176722c7963dd610dad71275070a401a9ec68dbbeaa9d8457dead6e7d503de426156417870c048fc7c2de2a1e8390f50696281ffae19ee8754c26be6708f8d75c4be8c271e53e2a601661275c4d86bff1e5b577988d9da2ef1053e1b3e171c74cd8c017aec1ed40e7383f4314937dc50ca1f73187d3381d85ceb687aaaf8eb61e153b03e7ce19dfcbaf4b41ed80704076de4d19461a36a7c0ad103b6d237ee175a9afb24144f83204c20af7670568c5668115a0644f98358b116f6efce8130d58710ce60bd69ad72411b951f8b1ebfe08bf7e89497b8a981f3febd92699bcf166c44a37e68a9a1ce4101986c7898fe22dd5026a589af789455a7542d562e6994ff9b0743832ced8e57b7433af36a95b78e23939c46cb7fddcd57b16dd2aab10bba50f7aba5c64443bff9887352d333f81fcfc6c1b713c9c9ce72527ddba0c7fce4c7d2998fd1a1f5d702895a9a6c628d8e2e3cfa0f24748189898040dd30cd06d103e99896c3c8d0b3c589094032d7ba92c9d90795b3d0e2cd328bf8f21cecabc540f0a36aefe20848114a282b2ac0693ec1f674715f72db2de7d2f3024a8d8ad0b7d5146329152b053dae90ca83c2cf8a4f15108c1ea855c05917f56d5685cec0563777f98760ce3c14b927871b52811889fe28f2964ba9a83a467be5b8455fd64d609385babaef1be4d59af840b278787bc2229b8ed5294166ab79412af28be57947972e28bed3d9b9e02af2f273e87c7efacf2099ad9191e815b5a6d27afa83c327f1f1f3f241b8dce852b481e5f300deaa303da1302e3736e047cafe9240876f087d440d9c95dcd0a60ef93a650a29f2bdf2d51f62f9ef537d7dee547379f4b1f5d338e6354e589cff874a1e4a6ccc5fbfd4426e0946ba89ac5f0d1f743810d4414ac8deb04c0fafd37432026c560e473f9ebc587737cab3f8bbb8b89f8527cbe915c753057441405d96cb6d49ace528315eed3d5806314458eda8e7f7905c8cc9022f602d1cd8b58b612c49a750ee346fb5ab7a5fbcb9a48f6320737d34d4c8c87b098f92069d5d581e82e9c0b343a7e2c136f037c4c11f9ba7d2e6570c1374a0d7721eaf2149f0dd1bcfce805a9d3f7f8b91b18070e9cfa9aeab23c8fbf94bdeb738cd0ceead2607a1d465b206f26b58bfa99a74e540766e52ee83985237a35c12dade6f722fd0a358e0c9217091ad15912cbda1f23d31fefd3c62cf64a53035411fc3aebab0338d71e8840b019d884e3c9eb8c303a60a0ad132fb2904bcc40a659a86b1c93f43fdff3241179407d696f95e92a87fbf622caf14f9fe511de0e0cf705d4d4e39530e92271a452eb364c5f93a3cd48ffdc1803bc799731bb0cec0c722b60d0bcbbb4e981f7fa18a5a35945fb5ff42fb4e64ae7d7d19f56c90ded7d9a58d83a8cd04cdba8ee0dcbcf6ca3d3ada7c6ac0ee6f505a691074916b19bb45eb4c1c3d0270b0652a94b6e25c29852cf51b736f7b61e64a72549c41b0d5b77913f180bc84a3f731cafea4e085f773d04e8477b528f3a2ed5a1ac5895452ffdd79638a90ca15116793a0fc11cdfac6f7a0af07b0d9db49e582d25506e9d94543baeb907bac1d5bf0efaf4b4ce2a00056dacc553fa2c6e93443637e8fc5c47a3f2f91f97cdf8f5cbf5318ef29e366f44706cbb5e9ff208ac8fdc5819e040f53da06fb28854f667026ea7a032843dbd3b6efd2563da2b7d1fce79b933adfa937fedf708b2d2cfd49cb591205407a6fa302362bfcc895781a5bb793b7b15e9c805c3e664c52ab21d9e07fea7003b4d07c94311cc54e5bc6bf85722d650487dfe0048ee0f1ac014c061cc8b3bd5ab99c77a98343524e815a5d584c2225126e262bb48c23374c2506c2139419a48b751f8a62f473ae3961130718a5473378a94d727c60e18b1413811225d61ace0830361436cdb0284bb066bce34eeaad10856dd1391550d151a0b6f618b3032cf2456965d6f53a5b7a4b56cb0713b8aa4497c1573824e7bb0265aa67be99f66971fa1d8323daa47739f34ee14a42ec6a26cd3f79ce25753ee5b9a2796b911f35134c19a18097a8ee65b64d64ac89b9dea958791cf2799d8d07712f29b980f39d31c32de6d6b6a373323736ce7cc78217c20485d43d89e8f53c0b93774d9dcf27bf88f495deefe6e50cb4d7d1eeda7e3b8ee4949fedf17f6bffa26958e7a0b85b19684dd81a416370ee6e8187cdb63cce6d2979649960904f1e09d0f37cd7eeac7f480286e1b4cf1e85b1d3843f2d8a8635694cf830f0771c7c3e2fce95f882032943e6874df9cba1798463dc7b354aab3922ec7b0082eaed2bbb60cce77804cd0a390a9ac75489bf4cb28700686c5045ddc7fce279c875f7df1d42889606b8982f3c0a92a6bd9b9ce3f60897c1d85f7fbec3fafbfd876435424f04b674eb3ffd38219336197e2d2517c00387fb3de7251eec925c5b6b27249a83123e545cd405c14958d0f7bfcfdc30cd5a646c1dff8262f53d6d1667af1f53c194f52294b6acfa29f8cddb093ed1f45d965b75121e6e2ccfdbce9cda176c347225febb68dda67f69b74a8fc048bc0db67366408234f33bc2a04bb88acc909cecb74de1e0bb7c49ddcc7c9ac55d59e597242cab108ea00a1bc85fc4470122caa78ab4032a9d8d3a05e6e12a4cb5c57842feb440c25e868a0823eb162dea77a2c58a80a42ef3a565d69996fe43d5386f8518b818099d163b3064bf26eb8cd6e553759a948211dbbafc525ed7ed77ae58f3255a2ddd3931417daf87f28748b0b065082d6edca667b0f4d830c8adb0b0e6a80be8045f985082a6f3cc4c694f7fc6cdb71b3bff6ada6b8851695196c7a26ff14f19520c07199c83a191f4df7ad242db3518fe6387707c80786147bbdee913a2a2de380effdd793aa2c7f25048238b97d601ed944832ba45705c6544c87d2382d6d187754686fff886aac42c4d502e3ddf2de7332065b668a977015bfefec8d2bb341464f77e80ceb20a0583ba9964780f72c97a384e28feb1a74eab2c0dd6a179788e82652b72cea5d3d2a9b8b468e29be555f91e78efd7e13e2c799dd9e6244d5836e0fc60cedf3a33f68f93f4424079959007b51d5f3db74673f60a1287b8d7b5c71f08464507f5834f4f09f3ed87c1ba53afe162742805fc80bd29c23413418363b988e0899d70d8b3b39bdb6c4674f361092ca2898d40ba21d6299c324dce20888b4447a2676bca31c78da7c0b279e5200ba43655a715474f907c5ec84a72f7f15de34534777b76e9acf02038175817c9780c37fe0d71bc46207660e48e1fd13ed4ba671e4ca2ccc88d68620035c12a2e5c7b08d057c87e6a94087e1d88a14c4ae7b5835af4d5bfdfb17b52c05cc8ddc8ca10f2a8799b8d144455aff7fad38484e8e8641d04cd4d8266176180fba035e06c28e4952a1934931b66c56adb48db6889ec593b902399c9f90a3ac59e722e38f25d453d9a5bd5f953e8788b666c24a51fa7c039289c7b8d7518d4ba116ddbdf65ac424b2be820cf04148136eb3c027db2366c6b98131b2a6b35cc87bf94e5b2565eedb623336e1c88eb0b6184ff8dfcfe2067d3ee4c67a6adac0ef0a7e863a29a67ff44f4c642b7a976e69ae50da7c3593ce6b4052e07ce98402cc3d077e0d398c593390ca744239a5cd6c944005c7661c88fdef1d9bd26969f3c2e9baa5ad1a8ae25ef70b6f4628f2fd8544f4f14363575188b71e9bd5de5664a5953a19fb0d1583203d3561d7abd9b8ef4623b00ecc8a78a2c4b418edd5c68e046cdfcc119cd1aa3aa8e6032924ae33ae457cd27ab27f327dd1cd4de60e16c94034a08300f88eea3c2e40724f4c7f7d20d80d286923071de14efa56158b3ed4df19ad8369fde6dcfbeead0ea27b983ef76338afb5d45901f11f0ffbbc988b87c63d2d191fc9b2a26444cd74094c8441bf0d517cbc6aeb62cccf0572afeaf7c2d4bda1a8f94b11c7fa4", 0xfbe}})

4.543817097s ago: executing program 0 (id=2259):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000004440), 0xffffffffffffffff)
sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004540)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00', @ANYRES16=r1, @ANYBLOB="01009b64c23ef155546b0104000008000900", @ANYBLOB="080005000600000008000200", @ANYRES32=0x0, @ANYBLOB="0c00010069"], 0x8d}, 0x1, 0x0, 0x0, 0x10}, 0x2000000)

4.375667565s ago: executing program 0 (id=2260):
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000001480)='/proc/self/net/rxrpc/conns\x00', 0x0, 0x0)
pread64$auto(r0, &(0x7f0000000040)='jpth1\x00', 0x200000000006, 0x3ff)
ioctl$auto_RTC_IRQP_SET(0xffffffffffffffff, 0x4008700c, &(0x7f0000000440)=0x77b)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/nbd7/power/autosuspend_delay_ms\x00', 0x22902, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = socketcall$auto(0xa, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$auto(0x3, 0xae60, 0x10000000000402)
ioctl$auto(0x3, 0xae41, r2)
ioctl$auto_KVM_GET_MSRS(r1, 0x4400ae8f, &(0x7f00000000c0)={0xdd})
ioctl$auto_KVM_CREATE_VM(r1, 0xae80, 0x0)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, 0x0, 0x4048000)
write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r4 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x1, 0x0)
ioctl$auto(r4, 0x4018620d, 0x9)
open(0x0, 0x22240, 0x55)
socket(0x2, 0x3, 0xa)

4.231516497s ago: executing program 5 (id=2261):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0)
remap_file_pages$auto(0x6a2a, 0x1000, 0x0, 0x3f, 0x66a)
write$auto(r0, 0x0, 0x10007c)

4.120512051s ago: executing program 9 (id=2262):
socket(0x29, 0x800, 0xa)
mmap$auto(0x0, 0x0, 0xdf, 0xeb1, 0x401, 0x8000)
sendfile$auto(0xffffffffffffffff, 0x3, 0x0, 0x7ffff002)
vmsplice$auto(0x2, 0x0, 0x8000000000000001, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$auto(0x1, 0x0, 0x80000000)
mmap$auto(0x0, 0x8000009, 0x800007, 0xeb1, 0x401, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0)
r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0)

4.018172943s ago: executing program 5 (id=2263):
r0 = openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000000), 0x40001, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_seg6(&(0x7f00000000c0), r1)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
r3 = getuid()
r4 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/input/event2\x00', 0xbab177b9b677fdb7, 0x0)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000080), 0xffffffffffffffff)
clock_nanosleep$auto(0x2, 0x6, &(0x7f0000000840)={0x0, 0xc025}, 0x0)
r5 = open(&(0x7f0000000080)='./bus\x00', 0x40bc2, 0x1c0)
write$auto(r5, &(0x7f0000000100)='\xea\x85\x92\x06(#\xc4\xb6(\x9e\xfcKG\xc2\xd4\xc0\v\x02\x9f%C\x00\x01\x00@!\xa9\xce\x10Y\xd0\xeb\xed\x7f\xc8\xdc(\xd3\xe9\xf3\xddT\x18\x16#\xfdQ5\xaeA\xc3\xeay\x7f\xa2TR|js\xfd\n\xa3\x98\xc8\x91\xdd\x9e\x99}s\xe0x\a\x00\x00\x00\x00\x00\x00\x00.\xa8\xc5\xdbKx\x14l\xe6\x868\xb3\xd2\x00\xea\xf9\xd1z\x8f\xd9\x877J\"\xab\xf9\xdf\xbf\xa1\xa1ms\xaf\xd9&R\x03\x00\xc0u \xc3\xc2\xd61\x97V\xcah\r\x97M\xdb\xf9\x06\x95Z\xdfK\xbeY#/\xf5g\n\x10#\x10@Ft\x9c\xd9\xd3s\x94\x8aV\xeb\xee`e9(\xe0\x88\x06\xa6-;ZM\x9b\xe1-', 0x9)
sendfile$auto(r5, r5, &(0x7f0000000000)=0x1, 0xb5d)
setfsuid$auto(0xee01)
mknod$auto(0x0, 0x1081, 0x3)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x1a1301, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000014c0), 0x9c402, 0x0)
ioctl$auto_EVIOCGRAB(r4, 0x40044590, &(0x7f0000000000)=0xfffffffe)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
ioctl$auto_EVIOCGRAB(r4, 0x40044590, 0x0)
ioctl$auto_SW_SYNC_IOC_INC(0xffffffffffffffff, 0x40045701, 0x0)
setreuid$auto(r3, r3)
sendmsg$auto_NL80211_CMD_SET_REG(r1, &(0x7f0000001480)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000001440)={&(0x7f0000000100)={0x1270, r2, 0x100, 0x70bd25, 0x25dfdbfb, {}, [@NL80211_ATTR_WIPHY_TXQ_PARAMS={0x1224, 0x25, 0x0, 0x1, [@generic="ec458f3f7e", @generic="af93166d3202de1651900b10438c7bb6517af147ad3e0479048e77848991b5a747db52df6f80e2eb6d77ce402abbed3acf", @typed={0x14, 0x15, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @multicast2}}, @typed={0x16, 0x79, 0x0, 0x0, @str='/dev/input/event2\x00'}, @generic="5699dc9c0351ba8dbef7a17f16b6c72b86f3c98c88cc9b88acba20a08f5277767dfe09c204fc7d8d", @nested={0x1056, 0x74, 0x0, 0x1, [@nested={0x4, 0x9d}, @generic="474ec2f7e801c3f4212bb2f50f4b66fcd2d3d882882f710ffd89677c7c174fdb8cc1f7629e8bcce951061f55c2c61806d37e2d4e8000d43be4eb0c836654768a7822c2b0421baf03b6a8cc4ac6f4968868e93036e6be2dab24ccf5b799b28ee91a13b23802dbf1ffa8f21823c1a0614d3e11dc6e6b2eb2e5b5e1c0725e25c31b34829c1c415c1f89abfce4a3bd93fffb1ff4264efec6268441365258093caf6d55976413f45930bf9b0d6d05a449bd554122b719aee4ac9810c6c361859da94d7a3604f10ac716da42348628463a23492d941aeae2c55aa5dba7451b717ec748b07e261c4f6bb17c6d2f876c44b5b747246073e9adbfee3948e4b7a93ca68cd07e2600abe4f13ed5a7668f73bd17e1374486cc50421ab1560a8f5db4d3259cf707e31765fe3f81ec014436a680f51bde52114b891846d3a83c31769f37ae348fd413a8e93bbad060a21e3754705c0fb83ac9e29c4a044675f7636dba04b46804aa0b248eb048c4ee2f371c2791eb0b3c76d31d1e245fbf447124063eb71da24c61732f843f3157be28ab83d1ccb7f448291ed46857d58a63220a104b324d07cf380a9a8f884190e7cde6ac920a70d0b7fe32de50bf58b873d02133dcf85f44c3bc33aebf06bda243fb4ff3a14026cde2209e9766567397efaa3288d72ab8e249f14da222fc574a7d7dddff0897cf8cca765271b759dc7af6452ede2197271a3b2ff918db3794a69afabf9be20151db0b451e554e97f8478e6b65be6cf5e78f019d6ddd662cdf1d0211974d5555533b52be33690a2f8bc74e8789f1f1c621856e56c98e4993da4bcf25caa2e81362b2eeb4537236bade2837007fc3484962115706fcc0ca9d0df868a1a9587c056ab13bd8838eadbe2157c27797b3983ee1c697fe6d36bcaaf149114a9079c905d02375ca8ec1af85146c3baa352fea2643416d6aecce168307d8400cef55d740c8d66fb96840804eb6edb4b4c39d45459959eacbb16ae02bb1576065e944f57d59ac83d599a219eeb9a25824bcc252c603410165bdbad9c375fd43eb8fd6466b29b4023d179ba0e822db8cb3cf350844473de161da6566118a9b1504b333836b557c5b5ee612c7bfe32cb760bd202080ab9e554149105f16add389c3f18e04a71831bd95b757bf2c8784f9aa57b2bed31d9bebd1e44fb975e007357d0ef636a67e69a9cecab23b09811493b3dd73df8fa0323014b5fe5727f8b4cf9d8ff381602a9a56ddd34c03e44e6403f7fe5d2ca1a261b81eefe98cec400d5907ae3e348e5abf19a849f74e027d9a8543c12fb1773960f8887377fd6a56740f5ae18aa04735fb7b364c88191aca7dcfa479a9598ca8cd817bddf7f0c813a41debd0eb2f3150d5d0bee9d08f3febf5c8856b27fc121fa60df7041ee24a4578cb03a78d8e09bb4b6b203a2512ae4dd91f4dfcda089372f9ec0cd7a624e2780aa9725f62407814fe3c14402a25bec9fd6c37378f2ce2b019398f0ca6198461272807545e61464e8ebff3d9af66d3ae9c7ebc4bc8b8bd8a61220b37da5416770402d6a95f4a8e60e7113d429ca995f0d74d635b308d5dc1ba98a3e7a5e9d0b01c0e524ec074306aab784f690495506f871f345cfce868f02b38c3ba3a79e20150759b4454b37fddf520ec87f91818b38e95e2f99f045514c816e236938a294d4dc04fe6a943132a27154bfba931db928d748e1d2ad303588c0278f617252713321e79fcf5afc43de3a505098ab51220d51cb59f692a10f7e8d33df4a57a8188fd4058fe352ccd3595709cb9b4a3f6b78122003392b4d14a28b658ef50a91a878de60ea3d31ad06ae2b2554c58f4dacf2dbe6d10a5a8dad2ffc9ed7f2056d6162a62557c2c0c868f33eed2312694d327b94be4c9a725648850f37daeb373dcd0f1880d929133e2728c9f3aa7d8c377f204b7d20cb2a492cb4149eca3a8ae333005db0097de9be2da1d187fb5af65cdfd677dcb736e4020cfc0edc15fc91a4324f94a11c361a3009aaec0ef1b7a670167fbfacc4e0328d01bc9c6053c416ff91fe80ba4d9304683bebd97e094729c0c3de1009dc3c539e3465a3cca4953d12990622b04829e8afd9eae6ad6c5fafb748b16291dd629975226f60194ee9577f51f79ddcaf3d3f884d010901d3542a8f81b0e400188afad662d2e1de313b61ff96ac6db048ad4d9e9cdc65f03e1086b749856325fb8fc60c39dec5e904c3d21077fec198f583fd6f9afa2bdb3bd0e6042cbdeafcd7d783e2b2c9d2bf3f01370da4bf3bdf37258b0e0b0f4712ea2c161c0b6f03f84e89a25a6db5f9877e1cbba3c819c7617354d2bb99008568a17c86777309c3d128fc3c14bfc14ac2526cf34c7f4256fd22ad4b58fae8eb3c771c69dc8dfa2b596da7b1f2e62bcb9f8ca6f91df0569d1a42c989188b82d0609a1e6d65fd06d4c67d5678e073d57607f857e424d294b344e5d38f5a48ebeaaa6cedfa341b1af9688016a077b29d67225113edcfdc401b16e7189a9744746e2898e07ad2a83b55cd76af8280c4de6f2c7b1c06cf645db5e26abcbc3d78d4379198d4491b287df55f92e5ed73176d03e561a072f7fa6b6d02e5568c19da643f1671b014f41dd9ba1b8f88250cde183e0b158388fe93f0c37ae03a94674c09c39e4a89409285b6ef4f185262afb09674c607f4cdce84e9cfee258026b90898eb4e5cfd5a68969400987bcdd27fdb85af5d5aa6d9e7da292f2b93f9c49507feae6de4bbba25c80400a38794f393ee0a20b627ae4a26db967af48270e5e91ba01f661d08de784e3bd3bde56d12a5dca0219a9b24f190765ac6de3467049692456d7162eea4c3fb4a717a7bd9e58c5647c80096fe822c83afcc05ae9a56aa229eac58d9f783f44f8bfceff71995ac43d0e4c1fcafd00cd138f593507b17be7cae5c6873a4ecca9d7467822ebe5ae0a32ca0ec36d5f6e2114b3e4d798b95c75e0e0a60350167bbb95d0d3a658ecbae793a8d7e0fc92f76fbbbb66948cf10720de72a015f40131aaf7800dc05eb10f74a2de804c9ac78d74ee36727fc65e10f8c1686a2e69eac0743f80fcb7deb8c5097ce71e0023f0dd267683cf62c692d6d7a0760db3e30baf6a5c52606f327dc875eeaaded7f1bc95ed4f3e347d912a2fea3351d0ae23dca5585df8ec98e34cb43af05378d72c8ac969205ad4702c818abb65208c307219c74aa4a2bffda707bc467dd17cfde663b140652479417c732d07531843f2cf0db1026aef929bd508d3cd5fe3e290fd315745adca63fb98032113f14417ed05a15dd13a5ff62f9c96b9b93e2a644c057c9bf6f50b95d55ae18a3dc9dc70dca211a01fd1ab3be542a034854c5205b7422c133fbd473e45300261022e763266e8aabc7b241792d18db4fe5507d03a52d660f7778556a6b98b22889db71cf80d912c7a15534430a1dd9e9087c800be84359969672a0faf51209f566c4c6e4e39027232bbc2173cc8e51660b75a812766ec73f4ee769400641978f28812278e866bfbe4f05c4430b9a4bb25385180b14ffbffc5f3f55cda449a4edd3ec8a53948add31433a92ae1904e547f43155bf5379e10966add965cfe99f0583c3064afc7b988bf32816f5df390b6b10da95f7abed7727a6a691a37b9a9349a8dce5544b21de4b53b03e9a9baccc361eb160beec93d1fa8c27ea8433d9fe6ffde101641933652bc509d0cb35274b3a7eeb949e5e0c5c5d9da1b9205248aad425e6f11e0a53082710cff8b46b0de8bc69e107a96fd63e878d00a7e4d9a82089cc93acd5874a0a209cfbdfe78929e3a2cbb67c5e0656cff4e8ec8371cc85a3a1471676f030e9ab054ff37feb6073dda87e914244f4bcbf9e2ed7728acc8baed373e2afb971b671d1dec6f84545f1528ed95679274294ef96fd327cec3f618b5b3e7a0bbae1b3abc730473f114b9fd60585926e7a55c388bf98ab7788da723242b20b9230fd9424d7bf2bc3d068e7c616646e70e3ca1834f760f71b5edee1dbfa1e55f790e9e9a7ccbd86256b31a065e6f8ae1462d713de74dd695d759d53b567ec70ca23c60e205694c653ea6ea445c2c7daf8c1427f6e8922174164d30c6a2bafa07fd3cb5ed77c744c9ad2ddb2d5e7aa14152a2ddd688c81ed76286dfb3009eb8e328689c9ec1bab33001adea303cc2dbf39e1a5ef03c99ffdb52d4d3742878f697d8a282760d1e1f39031c5e688fbf60c46d27463baef011467543e7099eddb560478a37f68874060509fa397cb8423e0f644e6d7c5e95a342153de0819dc6a4b160a00555c80fc3185770a194a93c7ce75f40e3b4a4239e142242345953cda5c87520a8cf6b47bba2f34173be83dc86a1e089fb4c373cf286bda11f076eea786e7595a79c6840d253a26f91aa43f8f36510c9099e5f6fc0353d9a4e69e39c372f1a8edb44511bf7017668a82abb99942201dada71797046e3c23d40db9d985de15e53cdb0b61b1491d109dde778af645a82bc132768e1315f0167d60fc7eb48f78605bfc18bc3cb08801d53a214ecb5c4d1f1a6bb4684395c733e4dd0301ad2f1353250b0ad8c360b8ea548861b1732407db8684850e73ab23e28a70baaee2f72a41258c9acbaef9d8d252272d03ded30f744ee206f587f8553a37d4219817c0c67d8ee10862d52a2bba8dc1aae592d6991c50d04a356d7fa3420cadba91aa3ebeb6dda9308a35a9dcb2a800fe03de2ca17c1eca1b159bee44ebbfb60f6c1068139fcf0186a24ab76db1db748f403520be29ee4a10c3b67a1179888465d2a99ae132b03c61164e3b149f698aec23dc31fd576c7673edcd2708e1e8bcc55db53b831db1d28ec6c2d84e951b9a141e4806c1d00d71c26c58cc97fc0279d885d0edd69205790f2404487121c6d357e52cd8f25f742a70f6158a3625658a921dbf8570032d4ac2593ea77025d83aafdadc95e055c283943cf004d58bf6bea41161e2f7c33a6df0f94b0e7e01a5505854b2f811481e9e091cb9152246cd923118920159893e2afdb228980333dd4b904f4751b26c5c92aa98508a5768e1c0492a5f0060c143c1a23c390db1792885a9b09de111332a988831aead0e0b2341fec969e29554fb87516b85fc8df8838b3a335d06ad0a6794fad0e66c1b4bb9f550e99b5b2ace8f4acb0cf53bf11b82d3182da12f8eff6e0a7e9b07906f47e50eb7c680539407d4633affa7ec5b101dc0ea9dc7d34412c275465def3eb260959288cba52f601c59d405cf9192f39106a6a957bc21fa773beb7ffb3768122608651d2b681e71d013c94c30763cf0b0a801443b6fefa32dba34e1c6c77acb4423821435a8e28b2d20ddf545761d25636a6e39aa571a1ec905a0ec040f3b24eb72a1df1ce43b587d44375a45cd3126f770fed10c64df2073e4e2934147efcbf810e04d3d7e5ab4d777676b7df90974abe14381cc5e56ebf745c8c025d75cf04be9e3248ca7b82246bfb554373b877f50325055cdac6956d436f27ce953eb26c5ccb51351f413843beb7ff7d00b0226a90d64eae3c034677baed970388ca88dfdc93d64c26c5fd65c98ae84b444d4431758e30295e321dfa2c1ff78c6edfcd80ac62d2d0af5eb631324592781155ce08dd514d2cdec63594e567aa7bc49a30c8c157c8942e2ad54baa39d01ce365c078ba0f498e95d6575ee5687b709577f1ed96d6d6ef966e30d54f0390ba4af160fd6ee47a05c3c7ac288aef33a5e121e0937dd42f40a983dac143204d4f05c706cfbceca96fbe5d68adc97b53d7fdff3568c72130c9091e4d24dceb74bd1e8b805a432b0bb19c35ea0876", @generic="b82de957b6a9564e3af561a165536c20b24555e95ac4247e784c8f040d4b8c21d5c5dde4ce27378e7df05f2850f34a49571671ef4015d045ab3b68fe0ce9608586a526b08795", @typed={0x8, 0x15c, 0x0, 0x0, @uid=r3}]}, @generic="912463ac7ec0921fdfaf73f602414057bd5ce0e4adad5d1da0c21e1d9e7ad3471ce0", @nested={0x117, 0x8, 0x0, 0x1, [@generic="8e689bedc9bbf053efc439fbae7b536fb51b846acc607d3979e1827e7afdc7dba245fab64d939b72dcf74566b3bff5a22eb65bb06f254bae056b2d79167f78df70c87e9f7ddeaced953db8e0bdc856d212e9db9711", @generic="13a6c1841efe1d0aae5f20a6282914b61369d66470781e4a91368e6e5f36288b463992677904bd6203e2d82d1f9a80c6193ca8e34b3eac222f78b3b3b5419290f0bb30eedd12c06f7119c449681a2c6f1e2043a0d354fb8ef7a644835d7ae5ffe42f20ce754a112917185ccb51bb7f57ac9567cd0f34174df6499e6ba2fc08cc3694ff6771adbc7ea8b0555a3491b83c78238dfaa1fc75005645b2f2f16c067da54cb3e3833559dbefbd0d5fa192687a832fa7c6642f5fdb02f6", @nested={0x4, 0x17}]}, @generic="04e6d05d"]}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x5}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0xe}, @NL80211_ATTR_PMK={0x28, 0xfe, "0239112281d76f6733c8262eab87add2248e8619fa24d34f299f7ab12876423d710de2c8"}]}, 0x1270}}, 0x40080)
write$auto_kmsg_fops_printk(r0, &(0x7f0000000040)='<>', 0x2)

3.895918381s ago: executing program 9 (id=2264):
r0 = socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x8, 0x1ff, 0x19, r0, 0x8000)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
mmap$auto(0x3ff, 0x1, 0xdf, 0x100000000029b75, 0x2, 0x80000009)
write$auto(0x3, 0x0, 0x7fffffff)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0)
read$auto(r1, 0x0, 0x20)
getsockopt$auto_SO_LOCK_FILTER(r1, 0x80000000, 0x2c, &(0x7f0000000140)=')\'%/{\x00', &(0x7f0000000180))
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x3, 0x3}, 0x18, 0x0)
r3 = bpf$auto(0x0, &(0x7f0000000340)=@bpf_attr_1={0xffffffffffffffff, 0xfffffffffffffffc, @value=0x41, 0x6}, 0x6d4)
socket$nl_generic(0x10, 0x3, 0x10)
unshare$auto(0x40000080)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x442701, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x7, 0xffffffffffffffff, 0xeb1, r3, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0x5, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/cgroup\x00')
socket(0x2, 0xa, 0x1)
statx$auto(0xffffff9c, 0x0, 0x1000, 0x972, 0x0)
ioctl$auto(0x1, 0x890b, 0x8)

3.615271298s ago: executing program 5 (id=2265):
unshare$auto(0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x149041, 0x0)
mmap$auto(0x0, 0x2020009, 0x40000003, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0x20)
r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
ioctl$auto(r1, 0x4b52, r1)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty45\x00', 0x201, 0x0)
mmap$auto(0x0, 0x20009, 0x3, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sys/net/ipv6/conf/default/ignore_routes_with_linkdown\x00', 0x42a81, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = prctl$auto(0xd7cdcf79, 0xfffffffffffffffc, 0x0, 0x220000000000001, 0xfe0000)
mmap$auto(0x0, 0x8000, 0xdf, 0xeb1, 0x401, 0x8000)
open_tree_attr$auto(0xffffffffffffffff, 0x0, 0xda45, &(0x7f0000000080)={0xd2, 0x4, 0x800, @raw=0x3}, 0x6)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ipvlan1\x00'})
r4 = socket(0x2, 0xa, 0xa)
fstatfs$auto(r2, &(0x7f0000000380)={0x401, 0x6, 0xfffffffffffffff6, 0x4, 0x2c02ea72, 0x81, 0x4, {[0x7, 0xc]}, 0x1ff, 0x3, 0x6, [0xa6c, 0x3, 0x100000000, 0x840e]})
sendmmsg$auto(r4, &(0x7f0000000040)={{&(0x7f0000000380), 0xff, &(0x7f00000001c0)={0x0, 0x4f}, 0x7, 0x0, 0x4000, 0x3}, 0x5}, 0x9, 0xf0)
r5 = pipe2$auto(0x0, 0x80)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
unshare$auto(0x40000080)
sendmsg$auto_NFC_CMD_STOP_POLL(r3, &(0x7f0000000500)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x14, 0x0, 0x100, 0x70bd2b, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x4018080)
r6 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x0, 0x0)
write$auto(r6, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
setsockopt$auto_SO_TIMESTAMP_NEW(r5, 0x5, 0x3f, &(0x7f0000000300)='/dev/snd/midiC2D0\x00', 0xc)
seccomp$auto(0x3fc, 0x205, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)

3.339472891s ago: executing program 0 (id=2266):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
madvise$auto_MADV_GUARD_INSTALL(0x0, 0x2021000, 0x66)
mremap$auto(0x1ff000, 0xff, 0x843, 0x3, 0xfffff000)
ioctl$auto_TUNGETIFF2(0xffffffffffffffff, 0x800454d2, &(0x7f0000000040)=0x8)
waitid$auto(0x8, 0xffffffffffffffff, &(0x7f0000000100)={@siginfo_0_0={0xffff, 0x413, 0x0, @_sigsys={0x0, 0x0, 0x3ff}}}, 0x7fff, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
rseq$auto(0x0, 0x8000, 0x0, 0x6)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
clock_gettime$auto(0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0xfffffffffffffffe, 0x80000, 0x106)
bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
write$auto(0x3, 0x0, 0x1)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0xa00, 0x0, 0xfffffffffffffffd)
write$auto(0x3, 0x0, 0xfffffdef)
write$auto(0x1, 0x0, 0x80000000)
madvise$auto_MADV_GUARD_INSTALL(0x0, 0xfffffffffffffffb, 0x66)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
vmsplice$auto(0x2, &(0x7f00000000c0)={0x0, 0x7ff}, 0x8000000000000001, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mremap$auto(0xfffff000, 0x4, 0x1, 0x7, 0x1ff000)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x481, 0x0)
unshare$auto(0x40000080)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)

2.685375674s ago: executing program 9 (id=2267):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
socket(0x2, 0x2, 0x0)
r0 = socket(0x2c, 0x4, 0x38)
bpf$auto(0x0, &(0x7f0000000000)=@bpf_attr_11={0x6, 0x10000000000, 0x9, 0x80000000, 0x40, 0x5, 0x7, r0}, 0x10)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/dummy_hcd.2/usb3/authorized\x00', 0x81, 0x0)
write$auto(r1, &(0x7f0000000080)='0\x81=\"\xad\xff\x8d\xf9P\x18\xa4\xb0\xb4\xd9\x82=\xe1P\x05\x00\xfb&\xe8\xbf\x901\a2\xa2X`\a\xf1y\xb3\"=', 0x48da548d)
socket(0x2c, 0x3, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtdblock0\x00', 0x1cb602, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000540)='./cgroup.net/blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
socket(0x2a, 0x80002, 0x77)
write$auto_ocfs2_control_fops_stack_user(0xffffffffffffffff, 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/sunrpc/parameters/pool_mode\x00', 0x100800, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x9a6, 0x0)
r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/kernel/tainted\x00', 0x10002, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/virtual/mtd/mtd0/mtdblock0/queue/discard_max_bytes\x00', 0x10b142, 0x0)
sendfile$auto(r2, r3, 0x0, 0x1000200)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
r4 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
ioctl$auto(r4, 0x5608, r4)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x20080, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10001, 0x9, 0x2, 0xfffffffffffffffd, 0x10000, 0x4, 0x15f4da11, 0x8, 0x8000000009, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x9, 0x7, 0x40000000000010]}, 0x0)
openat$auto_deferred_devs_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x18800, 0x0)

2.336511079s ago: executing program 6 (id=2268):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000004440), 0xffffffffffffffff)
sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004540)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00', @ANYRES16=r1, @ANYBLOB="01009b64c23ef155546b0104000008000900", @ANYBLOB="080005000600000008000200", @ANYRES32=0x0, @ANYBLOB="0c00010069"], 0x8d}, 0x1, 0x0, 0x0, 0x10}, 0x2000000)

2.150592758s ago: executing program 6 (id=2269):
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000001480)='/proc/self/net/rxrpc/conns\x00', 0x0, 0x0)
pread64$auto(r0, &(0x7f0000000040)='jpth1\x00', 0x200000000006, 0x3ff)
ioctl$auto_RTC_IRQP_SET(0xffffffffffffffff, 0x4008700c, &(0x7f0000000440)=0x77b)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/nbd7/power/autosuspend_delay_ms\x00', 0x22902, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = socketcall$auto(0xa, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$auto(0x3, 0xae60, 0x10000000000402)
ioctl$auto(0x3, 0xae41, r2)
ioctl$auto_KVM_GET_MSRS(r1, 0x4400ae8f, &(0x7f00000000c0)={0xdd})
ioctl$auto_KVM_CREATE_VM(r1, 0xae80, 0x0)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, 0x0, 0x4048000)
write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r4 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x1, 0x0)
ioctl$auto(r4, 0x4018620d, 0x9)
open(0x0, 0x22240, 0x55)
socket(0x2, 0x3, 0xa)

1.847204985s ago: executing program 5 (id=2270):
socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x2000001, 0x9, 0x7, 0x7, 0x0, 0x5, 0xffffffff, 0x2000000000210004, 0x0, 0x7, 0x5, 0x2, 0x7, 0xaf, 0x6, 0x8, 0x3, 0xa, 0x7, 0x0, 0x0, 0x10000005, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, [0x3, 0x0, 0x0, 0xc, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x80000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff7, 0x0, 0x0, 0xfffffffffffffffc, 0x4000000000000, 0x4, 0x0, 0x0, 0x200000000000000, 0x0, 0x200]}, 0x1fe, 0x81)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x10048080)
sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc7}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

1.831818178s ago: executing program 0 (id=2271):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
socket(0x2, 0x2, 0x0)
r0 = socket(0x2c, 0x4, 0x38)
bpf$auto(0x0, &(0x7f0000000000)=@bpf_attr_11={0x6, 0x10000000000, 0x9, 0x80000000, 0x40, 0x5, 0x7, r0}, 0x10)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/dummy_hcd.2/usb3/authorized\x00', 0x81, 0x0)
write$auto(r1, &(0x7f0000000080)='0\x81=\"\xad\xff\x8d\xf9P\x18\xa4\xb0\xb4\xd9\x82=\xe1P\x05\x00\xfb&\xe8\xbf\x901\a2\xa2X`\a\xf1y\xb3\"=', 0x48da548d)
socket(0x2c, 0x3, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtdblock0\x00', 0x1cb602, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000540)='./cgroup.net/blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
socket(0x2a, 0x80002, 0x77)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/sunrpc/parameters/pool_mode\x00', 0x100800, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x9a6, 0x0)
r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/kernel/tainted\x00', 0x10002, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/virtual/mtd/mtd0/mtdblock0/queue/discard_max_bytes\x00', 0x10b142, 0x0)
sendfile$auto(r2, r3, 0x0, 0x1000200)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
r4 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
ioctl$auto(r4, 0x5608, r4)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x20080, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10001, 0x9, 0x2, 0xfffffffffffffffd, 0x10000, 0x4, 0x15f4da11, 0x8, 0x8000000009, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x9, 0x7, 0x40000000000010]}, 0x0)
openat$auto_deferred_devs_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x18800, 0x0)

1.671848904s ago: executing program 9 (id=2272):
socket(0x29, 0x800, 0xa)
mmap$auto(0x0, 0x0, 0xdf, 0xeb1, 0x401, 0x8000)
sendfile$auto(0xffffffffffffffff, 0x3, 0x0, 0x7ffff002)
vmsplice$auto(0x2, 0x0, 0x8000000000000001, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$auto(0x1, 0x0, 0x80000000)
mmap$auto(0x0, 0x8000009, 0x800007, 0xeb1, 0x401, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0)
r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0)

1.318069774s ago: executing program 6 (id=2273):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0)
io_uring_setup$auto(0x4005, 0x0)
ioctl$auto_dvb_demux_fops_dmxdev(r0, 0x403c6f2b, 0x0)
r1 = openat$auto_dev_fops_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x84a01, 0x0)
read$auto_dev_fops_plock(r1, &(0x7f0000000040)=""/148, 0x94)

1.161624451s ago: executing program 9 (id=2274):
futex$auto(&(0x7f0000000080)=0x1, 0x9, 0x1, 0x0, 0x0, 0xfffffffa)
bpf$auto(0x0, 0x0, 0xd)
syz_clone3(0x0, 0x0)
syz_clone3(0x0, 0x0)
futex$auto(&(0x7f0000000080)=0x2, 0xa, 0xf3b, 0x0, 0x0, 0x440a48ce)

968.487491ms ago: executing program 6 (id=2275):
r0 = openat$auto_proc_fault_inject_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/make-it-fail\x00', 0x282, 0x0)
exit$auto(0x4)
read$auto_proc_fault_inject_operations_base(r0, 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0xd, 0xeb1, r0, 0x8000)
mmap$auto(0x0, 0xaef, 0xdf, 0xeb1, 0x401, 0x8000)
r1 = socketcall$auto(0xffe, 0x0)
mmap$auto(0x0, 0x6, 0x3, 0xeb1, 0x7, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r2 = socket(0x10, 0x2, 0xc)
socket(0x2000000000000021, 0x2, 0x10000000000002)
io_uring_setup$auto(0x6, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000001080)='/proc/sys/kernel/random/boot_id\x00', 0x0, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0xc01)
close_range$auto(0x2, 0xa, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0xc0302, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$auto(0x3, 0xae60, r2)
ioctl$auto(0x3, 0x4008ae61, r1)
close_range$auto(0x2, 0x8, 0x8)
r4 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/console\x00', 0x20c41, 0x0)
ioctl$auto_TIOCCONS(r4, 0x541d, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r5 = socket(0x5, 0x1, 0x3)
connect$auto(r5, 0x0, 0x58)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @local}, 0x54)
connect$auto(0x3, 0x0, 0x54)

925.377409ms ago: executing program 9 (id=2276):
unshare$auto(0x40000080)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/bdi/43:192/max_ratio\x00', 0x2001, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0)
socket(0xa, 0x1, 0x0)
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
rt_sigprocmask$auto(0xffffffff, 0x0, 0x0, 0x8)
openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x40080, 0x0)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
socket(0x25, 0x80000, 0xfffffffe)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002cbd7000fbdbdf250a00000808000300000000000800010000000000080002"], 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x20008810)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="498c0f5117fafcfc3d00097028e96c304909a97ae0db575eaa57e58d731074d2d51fd0191875919c12f59dc5173a211a74e0d2c78d84dafed9c538157cb3965bccc58842ed51018e66d24c5a971ad309587edfa7ac1890e03ed91a0f3db68fc81121988e59194953c36133e93412ed04d1031711619b9d3d03c2ef1a28ef741184aa509f377964d934d39fcdfe26d65857b8b4eb6e02e8dfda3eee9f09"], 0x1ac}, 0x1, 0x0, 0x0, 0x4004811}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x7}, 0xa}, 0x3, 0x0)
r0 = socket(0xa, 0x5, 0x0)
mmap$auto(0x4000000004, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
rt_sigprocmask$auto(0x6, 0x0, &(0x7f0000000100)={0x400}, 0x8)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = socket(0xa, 0x1, 0x84)
ioctl$auto_FBIOPUTCMAP(0xffffffffffffffff, 0x4605, &(0x7f0000000080)="d786d318e2f67356a6bd48591c932386d5e8cdb0c7c62c479631cf644777a36a05e2dbcffb909b66cb918c2a30703fa6e9ecceedf37c4a2294f4ec72bb492753ad3494ea98ed13be78e35813c1d49158f6f059a098c54e1c2f064862bed9371fa0a566db5b99c57c5a53f9efbb1dabcba33455268e4ba9be49d6dd8ff5434f8f9b83624ab2fd47caad8170c89448ea0af74c13fafa74bff9667a95fd1f47d098318c6a638b050036f749c57bd0a510b8976e5da62eb4601fb7771a66056eff8c93006df62522f771430d669bd73260a96b2c4a105d388bbdb695f375cf3da39843")
r2 = getpid()
process_vm_readv$auto(r2, &(0x7f0000000080)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0)
setsockopt$auto(r1, 0x0, 0x60, 0x0, 0x6f7250c4)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40001, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)
sysfs$auto(0x2, 0x100000000000037, 0x0)
getsockopt$auto(r0, 0x84, 0x7a, 0x0, 0x0)

798.732573ms ago: executing program 0 (id=2277):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000004440), 0xffffffffffffffff)
sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004540)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00', @ANYRES16=r1, @ANYBLOB="01009b64c23ef155546b0104000008000900", @ANYBLOB="080005000600000008000200", @ANYRES32=0x0, @ANYBLOB="0c00010069"], 0x8d}, 0x1, 0x0, 0x0, 0x10}, 0x2000000)

611.597402ms ago: executing program 0 (id=2278):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
madvise$auto_MADV_GUARD_INSTALL(0x0, 0x2021000, 0x66)
mremap$auto(0x1ff000, 0xff, 0x843, 0x3, 0xfffff000)
ioctl$auto_TUNGETIFF2(0xffffffffffffffff, 0x800454d2, &(0x7f0000000040)=0x8)
waitid$auto(0x8, 0xffffffffffffffff, &(0x7f0000000100)={@siginfo_0_0={0xffff, 0x413, 0x0, @_sigsys={0x0, 0x0, 0x3ff}}}, 0x7fff, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
rseq$auto(0x0, 0x8000, 0x0, 0x6)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
clock_gettime$auto(0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0xfffffffffffffffe, 0x80000, 0x106)
bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
write$auto(0x3, 0x0, 0x1)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0xa00, 0x0, 0xfffffffffffffffd)
write$auto(0x3, 0x0, 0xfffffdef)
write$auto(0x1, 0x0, 0x80000000)
madvise$auto_MADV_GUARD_INSTALL(0x0, 0xfffffffffffffffb, 0x66)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
vmsplice$auto(0x2, &(0x7f00000000c0)={0x0, 0x7ff}, 0x8000000000000001, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mremap$auto(0xfffff000, 0x4, 0x1, 0x7, 0x1ff000)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x481, 0x0)
unshare$auto(0x40000080)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)

604.176231ms ago: executing program 5 (id=2279):
r0 = open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0)
mq_getsetattr$auto(0xd, &(0x7f0000000200)={0x100, 0x3, 0x7, 0x10}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000700), r1)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
sendmsg$auto_NL80211_CMD_SET_CHANNEL(r1, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000780)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010027bd7000fddbdf255c7c000008000300", @ANYRES32=r3], 0x1c}, 0x1, 0x0, 0x0, 0x4080}, 0x20000000)
r4 = socket(0x10, 0x2, 0x14)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r4, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="100000000214af"], 0x14}, 0x1, 0x0, 0x0, 0x20000045}, 0x24000044)
write$auto(r4, &(0x7f0000000100)='\x00', 0xfffffffffffffffa)
bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x0, 0x2, 0x1, 0x1ff, 0x7, r0, 0x3, "c5ab5265da6001b2f51c15a5140f7e5e", r3, r4, 0x4, 0x2, 0x9, 0x7, r0, r0}, 0x6f3)
mount$auto(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='nfs4\x00', 0x200, &(0x7f00000001c0))
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000040)='/dev/binderfs/binder1\x00', 0x2000, 0x0)
mmap$auto(0x0, 0x4000005, 0xfffffffffffffe01, 0x8051, 0x3, 0x10000000008000)
mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000)

316.602491ms ago: executing program 5 (id=2280):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
socket(0x2, 0x2, 0x0)
r0 = socket(0x2c, 0x4, 0x38)
bpf$auto(0x0, &(0x7f0000000000)=@bpf_attr_11={0x6, 0x10000000000, 0x9, 0x80000000, 0x40, 0x5, 0x7, r0}, 0x10)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/dummy_hcd.2/usb3/authorized\x00', 0x81, 0x0)
write$auto(r1, &(0x7f0000000080)='0\x81=\"\xad\xff\x8d\xf9P\x18\xa4\xb0\xb4\xd9\x82=\xe1P\x05\x00\xfb&\xe8\xbf\x901\a2\xa2X`\a\xf1y\xb3\"=', 0x48da548d)
socket(0x2c, 0x3, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtdblock0\x00', 0x1cb602, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000540)='./cgroup.net/blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0)
write$auto_ocfs2_control_fops_stack_user(r2, 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/sunrpc/parameters/pool_mode\x00', 0x100800, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x9a6, 0x0)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/kernel/tainted\x00', 0x10002, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/virtual/mtd/mtd0/mtdblock0/queue/discard_max_bytes\x00', 0x10b142, 0x0)
sendfile$auto(r3, r4, 0x0, 0x1000200)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
r5 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
ioctl$auto(r5, 0x5608, r5)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x20080, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10001, 0x9, 0x2, 0xfffffffffffffffd, 0x10000, 0x4, 0x15f4da11, 0x8, 0x8000000009, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x9, 0x7, 0x40000000000010]}, 0x0)
openat$auto_deferred_devs_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x18800, 0x0)

0s ago: executing program 6 (id=2281):
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000001480)='/proc/self/net/rxrpc/conns\x00', 0x0, 0x0)
pread64$auto(r0, &(0x7f0000000040)='jpth1\x00', 0x200000000006, 0x3ff)
ioctl$auto_RTC_IRQP_SET(0xffffffffffffffff, 0x4008700c, &(0x7f0000000440)=0x77b)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/nbd7/power/autosuspend_delay_ms\x00', 0x22902, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = socketcall$auto(0xa, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$auto(0x3, 0xae60, 0x10000000000402)
ioctl$auto(0x3, 0xae41, r2)
ioctl$auto_KVM_GET_MSRS(r1, 0x4400ae8f, &(0x7f00000000c0)={0xdd})
ioctl$auto_KVM_CREATE_VM(r1, 0xae80, 0x0)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, 0x0, 0x4048000)
write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r4 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x1, 0x0)
ioctl$auto(r4, 0x4018620d, 0x9)
open(0x0, 0x22240, 0x55)
socket(0x2, 0x3, 0xa)

kernel console output (not intermixed with test programs):

3.283797][T11311] bridge0: port 1(bridge_slave_0) entered disabled state
[  363.291239][T11311] bridge_slave_0: entered allmulticast mode
[  363.307107][T11311] bridge_slave_0: entered promiscuous mode
[  363.351257][T11311] bridge0: port 2(bridge_slave_1) entered blocking state
[  363.361683][T11311] bridge0: port 2(bridge_slave_1) entered disabled state
[  363.369526][T11311] bridge_slave_1: entered allmulticast mode
[  363.376867][T11311] bridge_slave_1: entered promiscuous mode
[  363.465294][T11311] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  363.488826][T11311] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  363.558195][T11311] team0: Port device team_slave_0 added
[  363.572519][T11311] team0: Port device team_slave_1 added
[  363.631511][T11311] batman_adv: batadv0: Adding interface: batadv_slave_0
[  363.638880][T11311] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  363.665686][T11311] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  363.680762][T11311] batman_adv: batadv0: Adding interface: batadv_slave_1
[  363.691860][T11311] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  363.721191][T11311] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  363.792863][T11311] hsr_slave_0: entered promiscuous mode
[  363.800130][T11311] hsr_slave_1: entered promiscuous mode
[  363.807600][T11311] debugfs: 'hsr0' already exists in 'hsr'
[  363.813580][T11311] Cannot create hsr debugfs directory
[  364.333770][T11311] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  364.392917][T11311] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  364.407810][T11311] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  364.468148][T11311] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  364.552194][   T51] Bluetooth: hci4: command tx timeout
[  364.837494][T11311] 8021q: adding VLAN 0 to HW filter on device bond0
[  364.866409][T11311] 8021q: adding VLAN 0 to HW filter on device team0
[  364.887300][  T169] bridge0: port 1(bridge_slave_0) entered blocking state
[  364.894838][  T169] bridge0: port 1(bridge_slave_0) entered forwarding state
[  364.936032][  T169] bridge0: port 2(bridge_slave_1) entered blocking state
[  364.943548][  T169] bridge0: port 2(bridge_slave_1) entered forwarding state
[  365.320116][T11371] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1498'.
[  365.375152][T11374] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1499'.
[  365.775587][T11381] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  365.825480][T11311] 8021q: adding VLAN 0 to HW filter on device batadv0
[  366.448231][T11311] veth0_vlan: entered promiscuous mode
[  366.471027][T11311] veth1_vlan: entered promiscuous mode
[  366.530798][T11311] veth0_macvtap: entered promiscuous mode
[  366.572140][T11311] veth1_macvtap: entered promiscuous mode
[  366.632475][   T51] Bluetooth: hci4: command tx timeout
[  366.688747][T11311] batman_adv: batadv0: Interface activated: batadv_slave_0
[  366.740508][T11311] batman_adv: batadv0: Interface activated: batadv_slave_1
[  366.789351][   T36] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  366.802084][   T36] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  366.821297][   T36] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  366.830901][   T36] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  367.047532][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  367.156104][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  367.213414][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  367.221294][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  367.459952][T11415] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1508'.
[  367.828894][T11427] FAULT_INJECTION: forcing a failure.
[  367.828894][T11427] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  367.872240][T11427] CPU: 0 UID: 0 PID: 11427 Comm: syz.0.1509 Not tainted syzkaller #0 PREEMPT(full) 
[  367.872281][T11427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  367.872298][T11427] Call Trace:
[  367.872309][T11427]  <TASK>
[  367.872321][T11427]  dump_stack_lvl+0x100/0x190
[  367.872370][T11427]  should_fail_ex.cold+0x5/0xa
[  367.872406][T11427]  _copy_to_user+0x32/0xd0
[  367.872445][T11427]  simple_read_from_buffer+0xcb/0x170
[  367.872489][T11427]  proc_fail_nth_read+0x1af/0x230
[  367.872523][T11427]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  367.872559][T11427]  ? rw_verify_area+0xce/0x6d0
[  367.872601][T11427]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  367.872643][T11427]  vfs_read+0x1e4/0xb30
[  367.872692][T11427]  ? __pfx_vfs_read+0x10/0x10
[  367.872738][T11427]  ? __fget_files+0x215/0x3d0
[  367.872774][T11427]  ? __fget_files+0x21f/0x3d0
[  367.872816][T11427]  ksys_read+0x12a/0x250
[  367.872842][T11427]  ? __pfx_ksys_read+0x10/0x10
[  367.872883][T11427]  do_syscall_64+0x106/0xf80
[  367.872922][T11427]  ? clear_bhb_loop+0x40/0x90
[  367.872958][T11427]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.872988][T11427] RIP: 0033:0x7f2f0ad5cfce
[  367.873013][T11427] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  367.873041][T11427] RSP: 002b:00007f2f08fd4fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  367.873069][T11427] RAX: ffffffffffffffda RBX: 00007f2f08fd56c0 RCX: 00007f2f0ad5cfce
[  367.873087][T11427] RDX: 000000000000000f RSI: 00007f2f08fd50a0 RDI: 0000000000000004
[  367.873105][T11427] RBP: 00007f2f08fd5090 R08: 0000000000000000 R09: 0000000000000000
[  367.873122][T11427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  367.873139][T11427] R13: 00007f2f0b016218 R14: 00007f2f0b016180 R15: 00007fff9ce34838
[  367.873189][T11427]  </TASK>
[  368.354760][T11433] program syz.3.1512 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  368.508241][ T5146] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  368.522823][ T5146] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  368.531644][ T5146] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  368.560061][ T5824] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  368.570146][ T5824] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  368.712162][   T51] Bluetooth: hci4: command tx timeout
[  368.907500][T11443] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input109
[  369.264876][T11436] chnl_net:caif_netlink_parms(): no params data found
[  369.375258][T11443] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input110
[  369.459958][T11436] bridge0: port 1(bridge_slave_0) entered blocking state
[  369.471612][T11436] bridge0: port 1(bridge_slave_0) entered disabled state
[  369.482238][T11436] bridge_slave_0: entered allmulticast mode
[  369.491240][T11436] bridge_slave_0: entered promiscuous mode
[  369.514960][T11436] bridge0: port 2(bridge_slave_1) entered blocking state
[  369.522500][T11436] bridge0: port 2(bridge_slave_1) entered disabled state
[  369.529757][T11436] bridge_slave_1: entered allmulticast mode
[  369.550471][T11436] bridge_slave_1: entered promiscuous mode
[  369.601058][T11436] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  369.622307][T11436] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  369.663428][T11436] team0: Port device team_slave_0 added
[  369.674307][T11436] team0: Port device team_slave_1 added
[  369.713797][T11436] batman_adv: batadv0: Adding interface: batadv_slave_0
[  369.720790][T11436] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  369.748698][T11436] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  369.766799][T11436] batman_adv: batadv0: Adding interface: batadv_slave_1
[  369.775021][T11436] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  369.801554][T11436] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  369.850678][T11436] hsr_slave_0: entered promiscuous mode
[  369.857902][T11436] hsr_slave_1: entered promiscuous mode
[  369.864247][T11436] debugfs: 'hsr0' already exists in 'hsr'
[  369.870036][T11436] Cannot create hsr debugfs directory
[  370.257224][T11436] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  370.277852][T11436] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  370.289674][T11436] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  370.302848][T11436] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  370.474387][T11436] 8021q: adding VLAN 0 to HW filter on device bond0
[  370.633473][T11436] 8021q: adding VLAN 0 to HW filter on device team0
[  370.635274][   T51] Bluetooth: hci5: command tx timeout
[  370.655844][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  370.663232][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  370.707350][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  370.714784][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  370.735907][T11481] netlink: 314 bytes leftover after parsing attributes in process `syz.3.1522'.
[  370.777677][T11477] zswap: compressor  not available
[  370.793163][   T51] Bluetooth: hci4: command tx timeout
[  371.151732][T11436] 8021q: adding VLAN 0 to HW filter on device batadv0
[  371.625305][T11436] veth0_vlan: entered promiscuous mode
[  371.649921][T11436] veth1_vlan: entered promiscuous mode
[  371.845937][T11436] veth0_macvtap: entered promiscuous mode
[  371.896823][T11436] veth1_macvtap: entered promiscuous mode
[  371.948534][T11436] batman_adv: batadv0: Interface activated: batadv_slave_0
[  371.977067][T11436] batman_adv: batadv0: Interface activated: batadv_slave_1
[  372.001119][   T13] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  372.010706][   T13] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  372.034571][   T13] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  372.053935][  T169] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  372.337023][T11520] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  372.417519][  T169] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  372.449088][  T169] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  372.566370][ T2991] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  372.574339][ T2991] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  372.713875][   T51] Bluetooth: hci5: command tx timeout
[  373.057415][T11542] HfR: entered promiscuous mode
[  373.207783][T11548] bridge0: port 3(vlan0) entered blocking state
[  373.214897][T11548] bridge0: port 3(vlan0) entered disabled state
[  373.221410][T11548] vlan0: entered allmulticast mode
[  373.226792][T11548] veth0_vlan: entered allmulticast mode
[  373.235261][T11548] vlan0: entered promiscuous mode
[  373.241231][T11548] bridge0: port 3(vlan0) entered blocking state
[  373.247880][T11548] bridge0: port 3(vlan0) entered forwarding state
[  373.704846][T11561] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  374.154983][T11573] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  374.279598][T11581] openvswitch: HfR: Dropping previously announced user features
[  374.476056][T11588] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1555'.
[  374.804987][   T51] Bluetooth: hci5: command tx timeout
[  374.814413][T11593] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  375.803898][T11619] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  376.777207][T11635] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  376.883414][   T51] Bluetooth: hci5: command tx timeout
[  377.899402][T11661] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  378.687071][T11672] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  378.805595][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  378.811960][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  379.612221][T11687] openvswitch: netlink: VXLAN extension 64 out of range max 1
[  380.034198][T11696] openvswitch: HfR: Dropping previously announced user features
[  380.398237][T11707] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  380.453824][T11707] binder: 11705:11707 ioctl 4018620d 9 returned -22
[  381.784537][T11731] openvswitch: HfR: Dropping previously announced user features
[  381.893574][T11736] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1598'.
[  382.184546][T11742] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  382.213097][T11742] binder: 11740:11742 ioctl 4018620d 9 returned -22
[  382.314995][T11739] openvswitch: netlink: VXLAN extension 64 out of range max 1
[  382.699272][ T5824] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  382.713563][ T5824] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  382.726822][ T5824] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  382.755556][ T5824] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  382.768130][ T5824] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  383.201778][T11757] chnl_net:caif_netlink_parms(): no params data found
[  383.378575][T11768] openvswitch: HfR: Dropping previously announced user features
[  383.495919][T11773] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1607'.
[  383.544228][T11757] bridge0: port 1(bridge_slave_0) entered blocking state
[  383.551444][T11757] bridge0: port 1(bridge_slave_0) entered disabled state
[  383.570848][T11757] bridge_slave_0: entered allmulticast mode
[  383.579226][T11757] bridge_slave_0: entered promiscuous mode
[  383.615370][T11757] bridge0: port 2(bridge_slave_1) entered blocking state
[  383.635813][T11757] bridge0: port 2(bridge_slave_1) entered disabled state
[  383.644066][T11757] bridge_slave_1: entered allmulticast mode
[  383.667650][T11757] bridge_slave_1: entered promiscuous mode
[  383.760298][T11757] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  383.778106][T11757] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  383.881733][T11757] team0: Port device team_slave_0 added
[  383.893553][T11757] team0: Port device team_slave_1 added
[  383.967879][T11757] batman_adv: batadv0: Adding interface: batadv_slave_0
[  383.977395][T11757] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  384.007415][T11757] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  384.021458][T11757] batman_adv: batadv0: Adding interface: batadv_slave_1
[  384.029154][T11757] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  384.057253][T11757] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  384.165142][T11787] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  384.205459][T11781] binder: 11780:11781 ioctl 4018620d 9 returned -22
[  384.240096][T11757] hsr_slave_0: entered promiscuous mode
[  384.257025][T11757] hsr_slave_1: entered promiscuous mode
[  384.266659][T11757] debugfs: 'hsr0' already exists in 'hsr'
[  384.273079][T11757] Cannot create hsr debugfs directory
[  384.412930][T11796] openvswitch: HfR: Dropping previously announced user features
[  384.527666][T11799] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1615'.
[  384.698101][T11757] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  384.710086][T11757] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  384.735810][T11757] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  384.778018][T11757] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  384.872794][   T51] Bluetooth: hci6: command tx timeout
[  385.001567][T11757] 8021q: adding VLAN 0 to HW filter on device bond0
[  385.036679][T11757] 8021q: adding VLAN 0 to HW filter on device team0
[  385.073495][  T169] bridge0: port 1(bridge_slave_0) entered blocking state
[  385.080812][  T169] bridge0: port 1(bridge_slave_0) entered forwarding state
[  385.271403][  T169] bridge0: port 2(bridge_slave_1) entered blocking state
[  385.279016][  T169] bridge0: port 2(bridge_slave_1) entered forwarding state
[  385.454603][T11757] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  385.830967][T11757] 8021q: adding VLAN 0 to HW filter on device batadv0
[  386.793098][T11809] program syz.5.1616 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  386.952583][   T51] Bluetooth: hci6: command tx timeout
[  387.023150][T11757] veth0_vlan: entered promiscuous mode
[  387.082552][T11757] veth1_vlan: entered promiscuous mode
[  387.179128][T11757] veth0_macvtap: entered promiscuous mode
[  387.237402][T11757] veth1_macvtap: entered promiscuous mode
[  387.321655][T11757] batman_adv: batadv0: Interface activated: batadv_slave_0
[  387.384790][T11757] batman_adv: batadv0: Interface activated: batadv_slave_1
[  387.438151][   T12] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  387.469041][   T12] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  387.496388][   T12] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  387.536616][   T12] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  387.656570][T11840] openvswitch: HfR: Dropping previously announced user features
[  387.656635][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  387.702153][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  387.742931][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  387.751084][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  387.846793][T11842] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1623'.
[  387.860957][T11843] openvswitch: netlink: VXLAN extension 64 out of range max 1
[  388.582645][T11853] openvswitch: netlink: VXLAN extension 64 out of range max 1
[  389.053681][   T51] Bluetooth: hci6: command tx timeout
[  389.363557][T11876] openvswitch: HfR: Dropping previously announced user features
[  389.478995][T11878] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1632'.
[  389.871746][T11890] zswap: compressor  not available
[  390.253295][T11904] HfR: entered promiscuous mode
[  390.645377][T11910] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  391.123202][   T51] Bluetooth: hci6: command tx timeout
[  391.183254][ T5824] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  391.200044][ T5824] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  391.208687][ T5824] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  391.221079][ T5824] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  391.236241][ T5824] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  391.288533][T11921] zswap: compressor  not available
[  391.644771][T11944] openvswitch: HfR: Dropping previously announced user features
[  391.706790][T11928] chnl_net:caif_netlink_parms(): no params data found
[  391.739769][T11936] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  391.985485][T11928] bridge0: port 1(bridge_slave_0) entered blocking state
[  391.986733][T11928] bridge0: port 1(bridge_slave_0) entered disabled state
[  391.987260][T11928] bridge_slave_0: entered allmulticast mode
[  391.998347][T11928] bridge_slave_0: entered promiscuous mode
[  392.045525][T11928] bridge0: port 2(bridge_slave_1) entered blocking state
[  392.055552][T11928] bridge0: port 2(bridge_slave_1) entered disabled state
[  392.064894][T11928] bridge_slave_1: entered allmulticast mode
[  392.077271][T11928] bridge_slave_1: entered promiscuous mode
[  392.163165][T11928] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  392.207770][T11928] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  392.307301][T11956] openvswitch: netlink: VXLAN extension 64 out of range max 1
[  392.308635][T11928] team0: Port device team_slave_0 added
[  392.346772][T11928] team0: Port device team_slave_1 added
[  392.417190][T11928] batman_adv: batadv0: Adding interface: batadv_slave_0
[  392.426634][T11928] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  392.454318][T11928] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  392.496960][T11928] batman_adv: batadv0: Adding interface: batadv_slave_1
[  392.504774][T11928] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  392.513630][T11959] openvswitch: netlink: VXLAN extension 64 out of range max 1
[  392.533157][T11928] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  392.891863][T11928] hsr_slave_0: entered promiscuous mode
[  392.931062][T11928] hsr_slave_1: entered promiscuous mode
[  392.940855][T11928] debugfs: 'hsr0' already exists in 'hsr'
[  392.950505][T11928] Cannot create hsr debugfs directory
[  393.272685][   T51] Bluetooth: hci7: command tx timeout
[  393.725498][T11928] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  393.741673][T11928] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  393.797325][T11928] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  393.855946][T11928] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  393.918689][T11979] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1663'.
[  393.955942][T11979] openvswitch: HfR: Dropping previously announced user features
[  394.209720][T11928] 8021q: adding VLAN 0 to HW filter on device bond0
[  394.316254][T11928] 8021q: adding VLAN 0 to HW filter on device team0
[  394.370280][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  394.377642][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  394.447151][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  394.454485][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  395.353814][   T51] Bluetooth: hci7: command tx timeout
[  395.692978][T11928] 8021q: adding VLAN 0 to HW filter on device batadv0
[  397.104085][T12032] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1673'.
[  397.173667][T12033] openvswitch: HfR: Dropping previously announced user features
[  397.202469][T11992] program syz.0.1666 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  397.443460][   T51] Bluetooth: hci7: command tx timeout
[  397.705958][T11928] veth0_vlan: entered promiscuous mode
[  397.749402][T11928] veth1_vlan: entered promiscuous mode
[  397.808132][T11928] veth0_macvtap: entered promiscuous mode
[  397.828451][T11928] veth1_macvtap: entered promiscuous mode
[  397.877282][T11928] batman_adv: batadv0: Interface activated: batadv_slave_0
[  397.920626][T11928] batman_adv: batadv0: Interface activated: batadv_slave_1
[  397.961145][  T200] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  398.012132][  T200] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  398.260789][  T200] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  398.313295][  T200] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  398.444686][  T200] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  398.518054][  T200] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  398.699018][  T200] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  398.719347][  T200] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  399.515121][   T51] Bluetooth: hci7: command tx timeout
[  400.383555][T12077] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  401.342627][T12106] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1693'.
[  402.035426][T12124] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1697'.
[  402.116844][T12118] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  402.524372][T12138] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1703'.
[  402.728113][T12143] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  403.065471][T12152] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1709'.
[  403.209620][T12161] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1712'.
[  403.919294][T12175] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1717'.
[  403.951380][T12175] openvswitch: HfR: Dropping previously announced user features
[  404.377860][T12182] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1720'.
[  404.538436][T12184] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1721'.
[  404.769511][   T51] Bluetooth: hci6: unexpected subevent 0x04 length: 122 > 11
[  404.904145][T12164] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input111
[  405.204446][T12172] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input112
[  405.339926][T12211] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1728'.
[  405.417203][T12211] openvswitch: HfR: Dropping previously announced user features
[  405.974712][T12216] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1731'.
[  406.167005][T12222] bridge0: port 3(vlan0) entered blocking state
[  406.185924][T12222] bridge0: port 3(vlan0) entered disabled state
[  406.207282][T12222] vlan0: entered allmulticast mode
[  406.232324][T12222] veth0_vlan: entered allmulticast mode
[  406.268271][T12222] vlan0: entered promiscuous mode
[  406.295961][T12222] bridge0: port 3(vlan0) entered blocking state
[  406.302563][T12222] bridge0: port 3(vlan0) entered forwarding state
[  406.641856][T12235] __nla_validate_parse: 1 callbacks suppressed
[  406.641882][T12235] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1737'.
[  406.680523][T12235] HfR: entered promiscuous mode
[  407.145805][T12243] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  407.538777][T12249] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1741'.
[  407.625116][T12251] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1742'.
[  407.971102][T12260] bridge0: port 3(vlan0) entered blocking state
[  407.990792][T12260] bridge0: port 3(vlan0) entered disabled state
[  408.029335][T12260] vlan0: entered allmulticast mode
[  408.038049][T12260] veth0_vlan: entered allmulticast mode
[  408.074661][T12260] vlan0: entered promiscuous mode
[  408.080469][T12260] bridge0: port 3(vlan0) entered blocking state
[  408.087090][T12260] bridge0: port 3(vlan0) entered forwarding state
[  409.145416][T12283] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1752'.
[  409.298751][T12287] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1754'.
[  409.583008][T12296] bridge0: port 3(vlan0) entered blocking state
[  409.589543][T12296] bridge0: port 3(vlan0) entered disabled state
[  409.622438][T12296] vlan0: entered allmulticast mode
[  409.630302][T12296] veth0_vlan: entered allmulticast mode
[  409.645463][T12296] vlan0: entered promiscuous mode
[  409.654387][T12296] bridge0: port 3(vlan0) entered blocking state
[  409.660985][T12296] bridge0: port 3(vlan0) entered forwarding state
[  410.488391][T12312] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1761'.
[  410.525406][T12312] openvswitch: HfR: Dropping previously announced user features
[  411.058483][T12325] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1765'.
[  412.099955][T12343] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1770'.
[  412.248384][T12347] vhci_hcd vhci_hcd.2: invalid port number 194
[  412.262162][T12347] vhci_hcd vhci_hcd.2: invalid port number 194
[  412.451696][T12350] bridge0: port 3(vlan0) entered blocking state
[  412.483516][T12358] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1774'.
[  412.495191][T12350] bridge0: port 3(vlan0) entered disabled state
[  412.519829][T12350] vlan0: entered allmulticast mode
[  412.590202][T12350] veth0_vlan: entered allmulticast mode
[  412.632441][T12350] vlan0: entered promiscuous mode
[  412.655421][T12350] bridge0: port 3(vlan0) entered blocking state
[  412.663236][T12350] bridge0: port 3(vlan0) entered forwarding state
[  412.684739][T12341] futex_wake_op: syz.7.1768 tries to shift op by -2048; fix this program
[  412.705007][T12341] futex_wake_op: syz.7.1768 tries to shift op by -2048; fix this program
[  412.723127][T12364] FAULT_INJECTION: forcing a failure.
[  412.723127][T12364] name failslab, interval 1, probability 0, space 0, times 0
[  412.742133][T12364] CPU: 0 UID: 0 PID: 12364 Comm: syz.5.1775 Not tainted syzkaller #0 PREEMPT(full) 
[  412.742177][T12364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  412.742192][T12364] Call Trace:
[  412.742202][T12364]  <TASK>
[  412.742213][T12364]  dump_stack_lvl+0x100/0x190
[  412.742260][T12364]  should_fail_ex.cold+0x5/0xa
[  412.742293][T12364]  ? tomoyo_encode2+0xfb/0x3c0
[  412.742329][T12364]  should_failslab+0xc2/0x120
[  412.742360][T12364]  __kmalloc_noprof+0xe0/0x850
[  412.742401][T12364]  ? d_absolute_path+0x136/0x1b0
[  412.742448][T12364]  tomoyo_encode2+0xfb/0x3c0
[  412.742491][T12364]  tomoyo_encode+0x29/0x50
[  412.742536][T12364]  tomoyo_realpath_from_path+0x18c/0x690
[  412.742584][T12364]  tomoyo_path_number_perm+0x23c/0x580
[  412.742616][T12364]  ? tomoyo_path_number_perm+0x22e/0x580
[  412.742651][T12364]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  412.742724][T12364]  ? find_held_lock+0x2b/0x80
[  412.742752][T12364]  ? __fget_files+0x215/0x3d0
[  412.742777][T12364]  ? hook_file_ioctl_common+0x146/0x410
[  412.742818][T12364]  ? __fget_files+0x21f/0x3d0
[  412.742853][T12364]  security_file_ioctl+0xd3/0x230
[  412.742888][T12364]  __x64_sys_ioctl+0xb7/0x210
[  412.742933][T12364]  do_syscall_64+0x106/0xf80
[  412.742974][T12364]  ? clear_bhb_loop+0x40/0x90
[  412.743009][T12364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  412.743040][T12364] RIP: 0033:0x7f61c4b9c799
[  412.743065][T12364] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  412.743093][T12364] RSP: 002b:00007f61c2df6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  412.743121][T12364] RAX: ffffffffffffffda RBX: 00007f61c4e15fa0 RCX: 00007f61c4b9c799
[  412.743140][T12364] RDX: 0000200000000000 RSI: 00000000c0185500 RDI: 0000000000000003
[  412.743159][T12364] RBP: 00007f61c2df6090 R08: 0000000000000000 R09: 0000000000000000
[  412.743176][T12364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  412.743192][T12364] R13: 00007f61c4e16038 R14: 00007f61c4e15fa0 R15: 00007ffc585a64d8
[  412.743232][T12364]  </TASK>
[  412.743259][T12364] ERROR: Out of memory at tomoyo_realpath_from_path.
[  412.982455][T12364] vhci_hcd vhci_hcd.2: invalid port number 194
[  413.025761][T12364] vhci_hcd vhci_hcd.2: invalid port number 194
[  413.078881][T12366] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1777'.
[  413.831297][T12382] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1782'.
[  417.134682][T12458] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  418.704231][T12502] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1816'.
[  419.121282][T12500] netlink: 'syz.7.1815': attribute type 33 has an invalid length.
[  420.307693][T12535] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1825'.
[  421.714919][T12567] netlink: 40 bytes leftover after parsing attributes in process `syz.7.1835'.
[  422.070497][T12576] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1845'.
[  422.449261][T12590] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1841'.
[  422.714275][T12588] netlink: 'syz.7.1840': attribute type 33 has an invalid length.
[  423.052184][T12597] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1852'.
[  423.085044][T12597] openvswitch: HfR: Dropping previously announced user features
[  423.883645][T12615] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1847'.
[  424.496018][T12631] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1853'.
[  424.603564][T12618] netlink: 'syz.0.1848': attribute type 33 has an invalid length.
[  424.656274][T12636] netlink: 40 bytes leftover after parsing attributes in process `syz.7.1855'.
[  424.682162][T12636] openvswitch: HfR: Dropping previously announced user features
[  425.951107][T12649] netlink: 338 bytes leftover after parsing attributes in process `syz.6.1858'.
[  426.358038][T12665] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1863'.
[  427.649010][T12717] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1875'.
[  427.663760][T12717] openvswitch: HfR: Dropping previously announced user features
[  428.698066][T12741] netlink: 32 bytes leftover after parsing attributes in process `syz.7.1883'.
[  429.905778][T12742] futex_wake_op: syz.5.1880 tries to shift op by -2048; fix this program
[  429.914952][T12742] futex_wake_op: syz.5.1880 tries to shift op by -2048; fix this program
[  430.061133][T12753] netlink: 'syz.7.1885': attribute type 33 has an invalid length.
[  431.767139][T12790] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1895'.
[  431.821178][T12790] openvswitch: HfR: Dropping previously announced user features
[  433.704139][T12814] netlink: 'syz.0.1901': attribute type 33 has an invalid length.
[  433.730593][T12825] netlink: 32 bytes leftover after parsing attributes in process `syz.6.1906'.
[  433.748237][T12827] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1907'.
[  433.782534][T12828] openvswitch: HfR: Dropping previously announced user features
[  434.702917][T12851] FAULT_INJECTION: forcing a failure.
[  434.702917][T12851] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  434.736822][T12851] CPU: 0 UID: 0 PID: 12851 Comm: syz.5.1915 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  434.736874][T12851] Tainted: [L]=SOFTLOCKUP
[  434.736885][T12851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  434.736902][T12851] Call Trace:
[  434.736913][T12851]  <TASK>
[  434.736926][T12851]  dump_stack_lvl+0x100/0x190
[  434.736977][T12851]  should_fail_ex.cold+0x5/0xa
[  434.737005][T12851]  ? prepare_alloc_pages+0x16d/0x5f0
[  434.737045][T12851]  should_fail_alloc_page+0xeb/0x140
[  434.737079][T12851]  prepare_alloc_pages+0x1f0/0x5f0
[  434.737119][T12851]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  434.737168][T12851]  ? __pfx_mas_split+0x10/0x10
[  434.737216][T12851]  ? __lock_acquire+0x4a5/0x2630
[  434.737248][T12851]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  434.737313][T12851]  ? __lock_acquire+0x4a5/0x2630
[  434.737348][T12851]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  434.737394][T12851]  ? policy_nodemask+0xed/0x4f0
[  434.737439][T12851]  alloc_pages_mpol+0x1fb/0x550
[  434.737473][T12851]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  434.737504][T12851]  ? __lock_acquire+0x4a5/0x2630
[  434.737543][T12851]  alloc_pages_noprof+0x131/0x390
[  434.737577][T12851]  pte_alloc_one+0x1c/0x3d0
[  434.737608][T12851]  do_fault+0x88e/0x1990
[  434.737646][T12851]  __handle_mm_fault+0x180f/0x2b60
[  434.737690][T12851]  ? mt_find+0x45e/0x8e0
[  434.737731][T12851]  ? __pfx___handle_mm_fault+0x10/0x10
[  434.737766][T12851]  ? __pfx_mt_find+0x10/0x10
[  434.737835][T12851]  handle_mm_fault+0x36d/0xa20
[  434.737882][T12851]  __get_user_pages+0xf9c/0x34d0
[  434.737923][T12851]  ? down_read_killable+0x30e/0x4c0
[  434.737952][T12851]  ? __pfx___get_user_pages+0x10/0x10
[  434.737994][T12851]  __gup_longterm_locked+0x87d/0x16f0
[  434.738040][T12851]  ? __pfx___gup_longterm_locked+0x10/0x10
[  434.738079][T12851]  ? find_held_lock+0x2b/0x80
[  434.738104][T12851]  ? gup_fast_fallback+0x146d/0x2460
[  434.738134][T12851]  ? sanity_check_pinned_pages+0x5f6/0x1250
[  434.738170][T12851]  gup_fast_fallback+0x18c6/0x2460
[  434.738233][T12851]  ? __pfx_gup_fast_fallback+0x10/0x10
[  434.738268][T12851]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  434.738302][T12851]  ? is_bpf_text_address+0x94/0x1a0
[  434.738348][T12851]  ? kernel_text_address+0x8d/0x100
[  434.738392][T12851]  ? __kernel_text_address+0xd/0x30
[  434.738446][T12851]  ? unwind_get_return_address+0x59/0xa0
[  434.738486][T12851]  pin_user_pages_fast+0xa7/0xf0
[  434.738521][T12851]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  434.738566][T12851]  iov_iter_extract_pages+0xa0d/0x1ef0
[  434.738615][T12851]  ? __blkdev_direct_IO_simple+0x112/0x890
[  434.738653][T12851]  ? kasan_save_stack+0x3f/0x50
[  434.738703][T12851]  ? kasan_save_stack+0x30/0x50
[  434.738747][T12851]  ? kasan_save_track+0x14/0x30
[  434.738792][T12851]  ? __pfx_iov_iter_extract_pages+0x10/0x10
[  434.738821][T12851]  ? blkdev_direct_IO+0xc76/0x1fb0
[  434.738869][T12851]  ? blkdev_write_iter+0x703/0xd70
[  434.738908][T12851]  ? vfs_write+0x6ac/0x1070
[  434.738939][T12851]  ? __lock_acquire+0x4a5/0x2630
[  434.738986][T12851]  iov_iter_extract_bvecs+0x10e/0xf40
[  434.739032][T12851]  ? find_held_lock+0x2b/0x80
[  434.739060][T12851]  ? bio_associate_blkg_from_css+0x394/0x13f0
[  434.739104][T12851]  ? __pfx_iov_iter_extract_bvecs+0x10/0x10
[  434.739141][T12851]  ? bio_associate_blkg_from_css+0x550/0x13f0
[  434.739184][T12851]  bio_iov_iter_get_pages+0x26a/0x970
[  434.739231][T12851]  __blkdev_direct_IO_simple+0x3a7/0x890
[  434.739283][T12851]  ? __pfx___blkdev_direct_IO_simple+0x10/0x10
[  434.739361][T12851]  ? ktime_get_coarse_real_ts64_mg+0x249/0x300
[  434.739400][T12851]  ? ktime_get_coarse_real_ts64_mg+0x1e0/0x300
[  434.739454][T12851]  blkdev_direct_IO+0xc76/0x1fb0
[  434.739518][T12851]  ? __pfx_blkdev_direct_IO+0x10/0x10
[  434.739557][T12851]  ? rcu_is_watching+0x12/0xc0
[  434.739597][T12851]  ? __mark_inode_dirty+0x55c/0x1790
[  434.739639][T12851]  ? filemap_check_errors+0xa9/0x150
[  434.739783][T12851]  blkdev_write_iter+0x703/0xd70
[  434.739835][T12851]  vfs_write+0x6ac/0x1070
[  434.739864][T12851]  ? __pfx_blkdev_write_iter+0x10/0x10
[  434.739907][T12851]  ? __pfx_vfs_write+0x10/0x10
[  434.739931][T12851]  ? find_held_lock+0x2b/0x80
[  434.739981][T12851]  ksys_write+0x12a/0x250
[  434.740009][T12851]  ? __pfx_ksys_write+0x10/0x10
[  434.740057][T12851]  do_syscall_64+0x106/0xf80
[  434.740108][T12851]  ? clear_bhb_loop+0x40/0x90
[  434.740143][T12851]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  434.740171][T12851] RIP: 0033:0x7f61c4b9c799
[  434.740195][T12851] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  434.740222][T12851] RSP: 002b:00007f61c2df6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  434.740249][T12851] RAX: ffffffffffffffda RBX: 00007f61c4e15fa0 RCX: 00007f61c4b9c799
[  434.740266][T12851] RDX: 000000000010007c RSI: 0000000000000000 RDI: 0000000000000003
[  434.740283][T12851] RBP: 00007f61c2df6090 R08: 0000000000000000 R09: 0000000000000000
[  434.740311][T12851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  434.740326][T12851] R13: 00007f61c4e16038 R14: 00007f61c4e15fa0 R15: 00007ffc585a64d8
[  434.740364][T12851]  </TASK>
[  435.992816][T12856] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1917'.
[  436.041595][T12857] openvswitch: HfR: Dropping previously announced user features
[  436.607720][T12869] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1921'.
[  436.744944][T12873] FAULT_INJECTION: forcing a failure.
[  436.744944][T12873] name failslab, interval 1, probability 0, space 0, times 0
[  436.772157][T12873] CPU: 1 UID: 0 PID: 12873 Comm: syz.6.1923 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  436.772207][T12873] Tainted: [L]=SOFTLOCKUP
[  436.772217][T12873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  436.772234][T12873] Call Trace:
[  436.772245][T12873]  <TASK>
[  436.772257][T12873]  dump_stack_lvl+0x100/0x190
[  436.772306][T12873]  should_fail_ex.cold+0x5/0xa
[  436.772341][T12873]  ? tomoyo_encode2+0xfb/0x3c0
[  436.772388][T12873]  should_failslab+0xc2/0x120
[  436.772419][T12873]  __kmalloc_noprof+0xe0/0x850
[  436.772463][T12873]  ? d_absolute_path+0x136/0x1b0
[  436.772509][T12873]  tomoyo_encode2+0xfb/0x3c0
[  436.772554][T12873]  tomoyo_encode+0x29/0x50
[  436.772590][T12873]  tomoyo_realpath_from_path+0x18c/0x690
[  436.772639][T12873]  tomoyo_path_number_perm+0x23c/0x580
[  436.772671][T12873]  ? tomoyo_path_number_perm+0x22e/0x580
[  436.772707][T12873]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  436.772782][T12873]  ? find_held_lock+0x2b/0x80
[  436.772809][T12873]  ? __fget_files+0x215/0x3d0
[  436.772836][T12873]  ? hook_file_ioctl_common+0x146/0x410
[  436.772880][T12873]  ? __fget_files+0x21f/0x3d0
[  436.772914][T12873]  security_file_ioctl+0xd3/0x230
[  436.772950][T12873]  __x64_sys_ioctl+0xb7/0x210
[  436.772996][T12873]  do_syscall_64+0x106/0xf80
[  436.773037][T12873]  ? clear_bhb_loop+0x40/0x90
[  436.773074][T12873]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  436.773105][T12873] RIP: 0033:0x7f73ce59c799
[  436.773130][T12873] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  436.773177][T12873] RSP: 002b:00007f73cf4be028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  436.773208][T12873] RAX: ffffffffffffffda RBX: 00007f73ce815fa0 RCX: 00007f73ce59c799
[  436.773227][T12873] RDX: 0000000000000000 RSI: 00000000403c6f2b RDI: 0000000000000003
[  436.773246][T12873] RBP: 00007f73cf4be090 R08: 0000000000000000 R09: 0000000000000000
[  436.773264][T12873] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  436.773281][T12873] R13: 00007f73ce816038 R14: 00007f73ce815fa0 R15: 00007ffec4488ae8
[  436.773324][T12873]  </TASK>
[  436.773353][T12873] ERROR: Out of memory at tomoyo_realpath_from_path.
[  437.196971][T12873] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed
[  437.226144][T12873] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff)
[  437.489623][T12879] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed
[  437.498272][T12879] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff)
[  437.976083][T12888] program syz.6.1927 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  438.134873][T12892] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1929'.
[  438.925436][T12911] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed
[  438.972470][T12911] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff)
[  439.034883][T12904] netlink: 'syz.5.1934': attribute type 33 has an invalid length.
[  439.591619][T12916] zswap: compressor  not available
[  439.835351][T12922] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1939'.
[  440.180304][T12929] FAULT_INJECTION: forcing a failure.
[  440.180304][T12929] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  440.251934][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  440.259238][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  440.270298][T12929] CPU: 1 UID: 0 PID: 12929 Comm: syz.5.1941 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  440.270342][T12929] Tainted: [L]=SOFTLOCKUP
[  440.270352][T12929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  440.270368][T12929] Call Trace:
[  440.270377][T12929]  <TASK>
[  440.270387][T12929]  dump_stack_lvl+0x100/0x190
[  440.270436][T12929]  should_fail_ex.cold+0x5/0xa
[  440.270471][T12929]  _copy_from_user+0x2e/0xd0
[  440.270507][T12929]  copy_from_sockptr_offset.constprop.0+0x12c/0x150
[  440.270543][T12929]  ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10
[  440.270576][T12929]  ? tcp_setsockopt+0xae/0x100
[  440.270609][T12929]  smc_setsockopt+0x299/0xa10
[  440.270631][T12929]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  440.270659][T12929]  ? __pfx_smc_setsockopt+0x10/0x10
[  440.270686][T12929]  ? aa_sock_opt_perm+0xfe/0x1b0
[  440.270721][T12929]  ? __pfx_smc_setsockopt+0x10/0x10
[  440.270749][T12929]  do_sock_setsockopt+0xf3/0x1d0
[  440.270791][T12929]  __sys_setsockopt+0x119/0x190
[  440.270830][T12929]  __x64_sys_setsockopt+0xbd/0x160
[  440.270859][T12929]  ? do_syscall_64+0x95/0xf80
[  440.270890][T12929]  ? lockdep_hardirqs_on+0x78/0x100
[  440.270921][T12929]  do_syscall_64+0x106/0xf80
[  440.270951][T12929]  ? clear_bhb_loop+0x40/0x90
[  440.270981][T12929]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  440.271005][T12929] RIP: 0033:0x7f61c4b9c799
[  440.271027][T12929] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  440.271049][T12929] RSP: 002b:00007f61c2dd5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  440.271072][T12929] RAX: ffffffffffffffda RBX: 00007f61c4e16090 RCX: 00007f61c4b9c799
[  440.271100][T12929] RDX: 000000000000000c RSI: 0000000000000006 RDI: 0000000000000003
[  440.271112][T12929] RBP: 00007f61c2dd5090 R08: 0000000000000fb3 R09: 0000000000000000
[  440.271126][T12929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  440.271139][T12929] R13: 00007f61c4e16128 R14: 00007f61c4e16090 R15: 00007ffc585a64d8
[  440.271171][T12929]  </TASK>
[  440.951865][T12938] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1944'.
[  440.990855][T12938] openvswitch: HfR: Dropping previously announced user features
[  441.740249][T12953] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1948'.
[  444.882249][T13018] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1963'.
[  445.022425][T13022] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  446.306207][ T5824] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  446.320046][ T5824] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  446.332333][ T5824] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  446.344486][ T5824] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  446.357309][ T5824] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  446.691654][T13036] chnl_net:caif_netlink_parms(): no params data found
[  446.966496][T13036] bridge0: port 1(bridge_slave_0) entered blocking state
[  446.982550][T13036] bridge0: port 1(bridge_slave_0) entered disabled state
[  446.990522][T13036] bridge_slave_0: entered allmulticast mode
[  447.005378][T13036] bridge_slave_0: entered promiscuous mode
[  447.036095][T13036] bridge0: port 2(bridge_slave_1) entered blocking state
[  447.061437][T13036] bridge0: port 2(bridge_slave_1) entered disabled state
[  447.092309][T13036] bridge_slave_1: entered allmulticast mode
[  447.100923][T13036] bridge_slave_1: entered promiscuous mode
[  447.236941][T13036] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  447.256379][T13036] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  447.414270][T13036] team0: Port device team_slave_0 added
[  447.445602][T13036] team0: Port device team_slave_1 added
[  447.575988][T13036] batman_adv: batadv0: Adding interface: batadv_slave_0
[  447.581191][T13060] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1972'.
[  447.599150][T13036] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  447.633870][T13036] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  447.648135][T13036] batman_adv: batadv0: Adding interface: batadv_slave_1
[  447.655486][T13036] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  447.686934][T13062] FAULT_INJECTION: forcing a failure.
[  447.686934][T13062] name failslab, interval 1, probability 0, space 0, times 0
[  447.715572][T13062] CPU: 0 UID: 0 PID: 13062 Comm: syz.6.1973 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  447.715618][T13062] Tainted: [L]=SOFTLOCKUP
[  447.715629][T13062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  447.715644][T13062] Call Trace:
[  447.715653][T13062]  <TASK>
[  447.715665][T13062]  dump_stack_lvl+0x100/0x190
[  447.715714][T13062]  should_fail_ex.cold+0x5/0xa
[  447.715749][T13062]  should_failslab+0xc2/0x120
[  447.715785][T13062]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  447.715831][T13062]  ? __alloc_skb+0x140/0x710
[  447.715878][T13062]  __alloc_skb+0x140/0x710
[  447.715915][T13062]  ? __alloc_skb+0x5b7/0x710
[  447.715954][T13062]  ? __pfx___alloc_skb+0x10/0x10
[  447.715994][T13062]  ? __pfx___might_resched+0x10/0x10
[  447.716054][T13062]  ? __lock_acquire+0x4a5/0x2630
[  447.716100][T13062]  netlink_alloc_large_skb+0x69/0x150
[  447.716152][T13062]  netlink_sendmsg+0x680/0xda0
[  447.716214][T13062]  ? __pfx_netlink_sendmsg+0x10/0x10
[  447.716259][T13062]  ? __import_iovec+0x1d2/0x640
[  447.716302][T13062]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  447.716356][T13062]  ____sys_sendmsg+0x9e1/0xb70
[  447.716397][T13062]  ? __pfx_netlink_sendmsg+0x10/0x10
[  447.716450][T13062]  ? __pfx_____sys_sendmsg+0x10/0x10
[  447.716499][T13062]  ___sys_sendmsg+0x190/0x1e0
[  447.716536][T13062]  ? __pfx____sys_sendmsg+0x10/0x10
[  447.716614][T13062]  __sys_sendmsg+0x170/0x220
[  447.716655][T13062]  ? __pfx___sys_sendmsg+0x10/0x10
[  447.716721][T13062]  do_syscall_64+0x106/0xf80
[  447.716846][T13062]  ? clear_bhb_loop+0x40/0x90
[  447.717125][T13062]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  447.717156][T13062] RIP: 0033:0x7f73ce59c799
[  447.717182][T13062] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  447.717209][T13062] RSP: 002b:00007f73cf4be028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  447.717249][T13062] RAX: ffffffffffffffda RBX: 00007f73ce815fa0 RCX: 00007f73ce59c799
[  447.717268][T13062] RDX: 0700000000000000 RSI: 0000200000002f40 RDI: 0000000000000003
[  447.717287][T13062] RBP: 00007f73cf4be090 R08: 0000000000000000 R09: 0000000000000000
[  447.717304][T13062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  447.717332][T13062] R13: 00007f73ce816038 R14: 00007f73ce815fa0 R15: 00007ffec4488ae8
[  447.717377][T13062]  </TASK>
[  448.009686][T13036] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  448.077319][T13036] hsr_slave_0: entered promiscuous mode
[  448.087252][T13036] hsr_slave_1: entered promiscuous mode
[  448.094881][T13036] debugfs: 'hsr0' already exists in 'hsr'
[  448.100757][T13036] Cannot create hsr debugfs directory
[  448.392094][ T5824] Bluetooth: hci8: command tx timeout
[  448.776588][T13036] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  448.789394][T13036] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  448.806529][T13036] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  448.821067][T13036] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  449.131647][T13036] 8021q: adding VLAN 0 to HW filter on device bond0
[  449.285421][T13036] 8021q: adding VLAN 0 to HW filter on device team0
[  449.331565][ T2991] bridge0: port 1(bridge_slave_0) entered blocking state
[  449.339115][ T2991] bridge0: port 1(bridge_slave_0) entered forwarding state
[  449.474352][ T2991] bridge0: port 2(bridge_slave_1) entered blocking state
[  449.481643][ T2991] bridge0: port 2(bridge_slave_1) entered forwarding state
[  449.825210][T13106] FAULT_INJECTION: forcing a failure.
[  449.825210][T13106] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  449.893681][T13106] CPU: 0 UID: 0 PID: 13106 Comm: syz.6.1983 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  449.893727][T13106] Tainted: [L]=SOFTLOCKUP
[  449.893736][T13106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  449.893752][T13106] Call Trace:
[  449.893761][T13106]  <TASK>
[  449.893771][T13106]  dump_stack_lvl+0x100/0x190
[  449.893820][T13106]  should_fail_ex.cold+0x5/0xa
[  449.893855][T13106]  _copy_from_user+0x2e/0xd0
[  449.893889][T13106]  load_msg+0x19e/0x4a0
[  449.893934][T13106]  do_mq_timedsend+0x3ce/0xc40
[  449.893980][T13106]  ? __pfx_do_mq_timedsend+0x10/0x10
[  449.894020][T13106]  ? __mutex_unlock_slowpath+0x15c/0x790
[  449.894060][T13106]  ? __fget_files+0x215/0x3d0
[  449.894089][T13106]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  449.894139][T13106]  ? __fget_files+0x21f/0x3d0
[  449.894175][T13106]  __x64_sys_mq_timedsend+0x1cd/0x260
[  449.894205][T13106]  ? ksys_write+0x1ac/0x250
[  449.894232][T13106]  ? __pfx___x64_sys_mq_timedsend+0x10/0x10
[  449.894271][T13106]  do_syscall_64+0x106/0xf80
[  449.894309][T13106]  ? clear_bhb_loop+0x40/0x90
[  449.894346][T13106]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  449.894376][T13106] RIP: 0033:0x7f73ce59c799
[  449.894400][T13106] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  449.894427][T13106] RSP: 002b:00007f73cf49d028 EFLAGS: 00000246 ORIG_RAX: 00000000000000f2
[  449.894455][T13106] RAX: ffffffffffffffda RBX: 00007f73ce816090 RCX: 00007f73ce59c799
[  449.894474][T13106] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000004
[  449.894556][T13106] RBP: 00007f73cf49d090 R08: 0000000000000000 R09: 0000000000000000
[  449.894574][T13106] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000001
[  449.894590][T13106] R13: 00007f73ce816128 R14: 00007f73ce816090 R15: 00007ffec4488ae8
[  449.894627][T13106]  </TASK>
[  450.473979][ T5824] Bluetooth: hci8: command tx timeout
[  450.538326][T13114] zswap: compressor  not available
[  450.798873][T13036] 8021q: adding VLAN 0 to HW filter on device batadv0
[  451.511346][T13036] veth0_vlan: entered promiscuous mode
[  451.532634][T13036] veth1_vlan: entered promiscuous mode
[  451.780535][T13036] veth0_macvtap: entered promiscuous mode
[  451.825884][T13036] veth1_macvtap: entered promiscuous mode
[  451.877815][T13036] batman_adv: batadv0: Interface activated: batadv_slave_0
[  451.945114][T13036] batman_adv: batadv0: Interface activated: batadv_slave_1
[  451.982413][T13157] openvswitch: HfR: Dropping previously announced user features
[  452.016515][   T36] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  452.031941][   T36] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  452.089566][   T36] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  452.211825][   T36] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  452.339309][T13166] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1996'.
[  452.349206][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  452.367907][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  452.546711][  T200] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  452.554973][ T5824] Bluetooth: hci8: command tx timeout
[  452.567146][  T200] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  453.115653][T13193] openvswitch: HfR: Dropping previously announced user features
[  453.567832][T13208] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2007'.
[  454.024834][T13210] FAULT_INJECTION: forcing a failure.
[  454.024834][T13210] name failslab, interval 1, probability 0, space 0, times 0
[  454.086179][T13210] CPU: 0 UID: 0 PID: 13210 Comm: syz.6.2008 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  454.086222][T13210] Tainted: [L]=SOFTLOCKUP
[  454.086229][T13210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  454.086239][T13210] Call Trace:
[  454.086246][T13210]  <TASK>
[  454.086253][T13210]  dump_stack_lvl+0x100/0x190
[  454.086284][T13210]  should_fail_ex.cold+0x5/0xa
[  454.086305][T13210]  ? tomoyo_encode2+0xfb/0x3c0
[  454.086327][T13210]  should_failslab+0xc2/0x120
[  454.086346][T13210]  __kmalloc_noprof+0xe0/0x850
[  454.086377][T13210]  tomoyo_encode2+0xfb/0x3c0
[  454.086404][T13210]  tomoyo_encode+0x29/0x50
[  454.086426][T13210]  tomoyo_realpath_from_path+0x18c/0x690
[  454.086462][T13210]  tomoyo_path_number_perm+0x23c/0x580
[  454.086482][T13210]  ? tomoyo_path_number_perm+0x22e/0x580
[  454.086503][T13210]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  454.086544][T13210]  ? find_held_lock+0x2b/0x80
[  454.086561][T13210]  ? __fget_files+0x215/0x3d0
[  454.086576][T13210]  ? hook_file_ioctl_common+0x146/0x410
[  454.086601][T13210]  ? __fget_files+0x21f/0x3d0
[  454.086621][T13210]  security_file_ioctl+0xd3/0x230
[  454.086642][T13210]  __x64_sys_ioctl+0xb7/0x210
[  454.086670][T13210]  do_syscall_64+0x106/0xf80
[  454.086695][T13210]  ? clear_bhb_loop+0x40/0x90
[  454.086717][T13210]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  454.086736][T13210] RIP: 0033:0x7f73ce59c799
[  454.086751][T13210] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  454.086769][T13210] RSP: 002b:00007f73cf4be028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  454.086787][T13210] RAX: ffffffffffffffda RBX: 00007f73ce815fa0 RCX: 00007f73ce59c799
[  454.086798][T13210] RDX: 0000000000000003 RSI: 000000000000ae41 RDI: 0000000000000003
[  454.086808][T13210] RBP: 00007f73cf4be090 R08: 0000000000000000 R09: 0000000000000000
[  454.086818][T13210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  454.086828][T13210] R13: 00007f73ce816038 R14: 00007f73ce815fa0 R15: 00007ffec4488ae8
[  454.086851][T13210]  </TASK>
[  454.086866][T13210] ERROR: Out of memory at tomoyo_realpath_from_path.
[  454.633870][ T5824] Bluetooth: hci8: command tx timeout
[  454.982723][T13226] HfR: entered promiscuous mode
[  455.175212][T13236] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  455.239568][T13240] netlink: 40 bytes leftover after parsing attributes in process `syz.6.2018'.
[  455.841037][T13251] netlink: 342 bytes leftover after parsing attributes in process `syz.6.2020'.
[  456.587170][T13268] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2024'.
[  456.636175][T13268] openvswitch: HfR: Dropping previously announced user features
[  456.838853][T13273] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2027'.
[  457.234837][T13290] FAULT_INJECTION: forcing a failure.
[  457.234837][T13290] name failslab, interval 1, probability 0, space 0, times 0
[  457.248331][T13290] CPU: 0 UID: 0 PID: 13290 Comm: syz.6.2033 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  457.248377][T13290] Tainted: [L]=SOFTLOCKUP
[  457.248386][T13290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  457.248402][T13290] Call Trace:
[  457.248411][T13290]  <TASK>
[  457.248421][T13290]  dump_stack_lvl+0x100/0x190
[  457.248464][T13290]  should_fail_ex.cold+0x5/0xa
[  457.248496][T13290]  should_failslab+0xc2/0x120
[  457.248528][T13290]  __kmalloc_cache_noprof+0x7a/0x6f0
[  457.248567][T13290]  ? sctp_endpoint_new+0xfc/0xb20
[  457.248610][T13290]  ? __debug_object_init+0x2de/0x3d0
[  457.248646][T13290]  sctp_endpoint_new+0xfc/0xb20
[  457.248693][T13290]  ? __pfx_sctp_endpoint_new+0x10/0x10
[  457.248740][T13290]  ? lockdep_init_map_type+0x5c/0x250
[  457.248784][T13290]  ? lockdep_init_map_type+0x5c/0x250
[  457.248826][T13290]  ? lockdep_init_map_type+0x5c/0x250
[  457.248874][T13290]  sctp_init_sock+0xe2b/0x1300
[  457.248917][T13290]  ? __pfx_sctp_v6_init_sock+0x10/0x10
[  457.248963][T13290]  sctp_v6_init_sock+0x16/0x70
[  457.249006][T13290]  ? __pfx_sctp_v6_init_sock+0x10/0x10
[  457.249051][T13290]  inet6_create+0xb21/0x12b0
[  457.249099][T13290]  ? inet6_create+0x7f/0x12b0
[  457.249152][T13290]  __sock_create+0x339/0x860
[  457.249195][T13290]  __sys_socket+0x14d/0x260
[  457.249231][T13290]  ? __pfx___sys_socket+0x10/0x10
[  457.249278][T13290]  __x64_sys_socket+0x72/0xb0
[  457.249310][T13290]  ? lockdep_hardirqs_on+0x78/0x100
[  457.249352][T13290]  do_syscall_64+0x106/0xf80
[  457.249390][T13290]  ? clear_bhb_loop+0x40/0x90
[  457.249425][T13290]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  457.249455][T13290] RIP: 0033:0x7f73ce59c799
[  457.249478][T13290] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  457.249506][T13290] RSP: 002b:00007f73cf4be028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  457.249533][T13290] RAX: ffffffffffffffda RBX: 00007f73ce815fa0 RCX: 00007f73ce59c799
[  457.249553][T13290] RDX: 0000000000000084 RSI: 0000000000000801 RDI: 000000000000000a
[  457.249569][T13290] RBP: 00007f73ce632c99 R08: 0000000000000000 R09: 0000000000000000
[  457.249586][T13290] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  457.249603][T13290] R13: 00007f73ce816038 R14: 00007f73ce815fa0 R15: 00007ffec4488ae8
[  457.249642][T13290]  </TASK>
[  458.046951][T13305] FAULT_INJECTION: forcing a failure.
[  458.046951][T13305] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  458.086679][T13305] CPU: 1 UID: 0 PID: 13305 Comm: syz.8.2036 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  458.086730][T13305] Tainted: [L]=SOFTLOCKUP
[  458.086741][T13305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  458.086757][T13305] Call Trace:
[  458.086767][T13305]  <TASK>
[  458.086779][T13305]  dump_stack_lvl+0x100/0x190
[  458.086828][T13305]  should_fail_ex.cold+0x5/0xa
[  458.086855][T13305]  ? prepare_alloc_pages+0x16d/0x5f0
[  458.086893][T13305]  should_fail_alloc_page+0xeb/0x140
[  458.086926][T13305]  prepare_alloc_pages+0x1f0/0x5f0
[  458.086964][T13305]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  458.087009][T13305]  ? stack_trace_save+0x8e/0xc0
[  458.087038][T13305]  ? __pfx_stack_trace_save+0x10/0x10
[  458.087068][T13305]  ? stack_depot_save_flags+0x27/0x9d0
[  458.087111][T13305]  ? kasan_save_stack+0x3f/0x50
[  458.087159][T13305]  ? kasan_save_stack+0x30/0x50
[  458.087200][T13305]  ? kasan_save_track+0x14/0x30
[  458.087246][T13305]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  458.087287][T13305]  ? __handle_mm_fault+0xa99/0x2b60
[  458.087322][T13305]  ? handle_mm_fault+0x36d/0xa20
[  458.087356][T13305]  ? do_user_addr_fault+0x74c/0x12f0
[  458.087396][T13305]  ? asm_exc_page_fault+0x26/0x30
[  458.087423][T13305]  ? do_getname+0x78/0x390
[  458.087456][T13305]  ? do_sys_openat2+0xc5/0x1e0
[  458.087490][T13305]  ? __x64_sys_openat+0x12d/0x210
[  458.087524][T13305]  ? do_syscall_64+0x106/0xf80
[  458.087563][T13305]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  458.087611][T13305]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  458.087660][T13305]  ? policy_nodemask+0xed/0x4f0
[  458.087693][T13305]  alloc_pages_mpol+0x1fb/0x550
[  458.087726][T13305]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  458.087768][T13305]  alloc_pages_noprof+0x131/0x390
[  458.087800][T13305]  pte_alloc_one+0x1c/0x3d0
[  458.087831][T13305]  do_fault+0x88e/0x1990
[  458.087861][T13305]  ? __pmd_alloc+0x3fb/0x950
[  458.087897][T13305]  __handle_mm_fault+0x180f/0x2b60
[  458.087941][T13305]  ? mt_find+0x45e/0x8e0
[  458.087983][T13305]  ? __pfx___handle_mm_fault+0x10/0x10
[  458.088015][T13305]  ? __pfx_mt_find+0x10/0x10
[  458.088077][T13305]  ? find_vma+0xbf/0x140
[  458.088103][T13305]  ? __pfx_find_vma+0x10/0x10
[  458.088147][T13305]  handle_mm_fault+0x36d/0xa20
[  458.088195][T13305]  do_user_addr_fault+0x74c/0x12f0
[  458.088254][T13305]  exc_page_fault+0x6f/0xd0
[  458.088292][T13305]  asm_exc_page_fault+0x26/0x30
[  458.088321][T13305] RIP: 0010:strncpy_from_user+0xfd/0x2d0
[  458.088356][T13305] Code: 00 4d 89 64 1d 00 48 83 ed 08 bf 07 00 00 00 48 83 c3 08 48 89 ee e8 32 b9 df fc 48 83 fd 07 0f 86 bb 00 00 00 e8 43 be df fc <4d> 8b 24 1e e8 3a be df fc 4c 89 e2 31 ff 4d 8d 7c 1d 00 48 b8 ff
[  458.088382][T13305] RSP: 0018:ffffc90018e2fd00 EFLAGS: 00050287
[  458.088408][T13305] RAX: 0000000000000035 RBX: 0000000000000000 RCX: ffffc900233db000
[  458.088426][T13305] RDX: 0000000000080000 RSI: ffffffff85285a1d RDI: ffff88802df0bd00
[  458.088444][T13305] RBP: 00000000000000a8 R08: 0000000000000007 R09: 0000000000000007
[  458.088462][T13305] R10: 00000000000000a8 R11: 0000000000000000 R12: 0000000000000000
[  458.088480][T13305] R13: ffff88804753b618 R14: 0000000000000000 R15: 00000000000000a8
[  458.088511][T13305]  ? strncpy_from_user+0xfd/0x2d0
[  458.088556][T13305]  do_getname+0x78/0x390
[  458.088600][T13305]  do_sys_openat2+0xc5/0x1e0
[  458.088642][T13305]  ? __pfx_do_sys_openat2+0x10/0x10
[  458.088699][T13305]  __x64_sys_openat+0x12d/0x210
[  458.088743][T13305]  ? __pfx___x64_sys_openat+0x10/0x10
[  458.088801][T13305]  do_syscall_64+0x106/0xf80
[  458.088844][T13305]  ? clear_bhb_loop+0x40/0x90
[  458.088883][T13305]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  458.088917][T13305] RIP: 0033:0x7fa034d9c799
[  458.088942][T13305] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  458.088972][T13305] RSP: 002b:00007fa035c5f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  458.088999][T13305] RAX: ffffffffffffffda RBX: 00007fa035015fa0 RCX: 00007fa034d9c799
[  458.089019][T13305] RDX: 000000000014fa02 RSI: 0000000000000000 RDI: ffffffffffffff9c
[  458.089039][T13305] RBP: 00007fa034e32c99 R08: 0000000000000000 R09: 0000000000000000
[  458.089058][T13305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  458.089076][T13305] R13: 00007fa035016038 R14: 00007fa035015fa0 R15: 00007ffd44de1cf8
[  458.089119][T13305]  </TASK>
[  458.998436][T13318] openvswitch: HfR: Dropping previously announced user features
[  460.132496][T13327] netlink: 'syz.5.2043': attribute type 33 has an invalid length.
[  460.144958][T13343] FAULT_INJECTION: forcing a failure.
[  460.144958][T13343] name failslab, interval 1, probability 0, space 0, times 0
[  460.168622][T13343] CPU: 1 UID: 0 PID: 13343 Comm: syz.8.2048 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  460.168670][T13343] Tainted: [L]=SOFTLOCKUP
[  460.168676][T13343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  460.168688][T13343] Call Trace:
[  460.168694][T13343]  <TASK>
[  460.168702][T13343]  dump_stack_lvl+0x100/0x190
[  460.168735][T13343]  should_fail_ex.cold+0x5/0xa
[  460.168757][T13343]  should_failslab+0xc2/0x120
[  460.168777][T13343]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  460.168804][T13343]  ? mas_alloc_nodes+0x280/0x390
[  460.168831][T13343]  mas_alloc_nodes+0x280/0x390
[  460.168856][T13343]  mas_preallocate+0x39c/0xf10
[  460.168886][T13343]  ? __memcg_slab_post_alloc_hook+0x420/0x990
[  460.168912][T13343]  ? __pfx_mas_preallocate+0x10/0x10
[  460.168974][T13343]  ? anon_vma_name+0x5a/0x250
[  460.169023][T13343]  __split_vma+0x33d/0xd90
[  460.169068][T13343]  ? __pfx___split_vma+0x10/0x10
[  460.169116][T13343]  ? __pfx_mas_prev+0x10/0x10
[  460.169153][T13343]  vms_gather_munmap_vmas+0x39f/0x1500
[  460.169180][T13343]  ? validate_mm+0x261/0x4e0
[  460.169203][T13343]  ? validate_mm+0x261/0x4e0
[  460.169229][T13343]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  460.169259][T13343]  ? validate_mm+0x392/0x4e0
[  460.169287][T13343]  ? __pfx_validate_mm+0x10/0x10
[  460.169317][T13343]  do_vmi_align_munmap+0x287/0x5f0
[  460.169346][T13343]  ? __pfx_do_vmi_align_munmap+0x10/0x10
[  460.169413][T13343]  do_vmi_munmap+0x1f8/0x3e0
[  460.169442][T13343]  __vm_munmap+0x196/0x390
[  460.169471][T13343]  ? __pfx___vm_munmap+0x10/0x10
[  460.169513][T13343]  __x64_sys_munmap+0x59/0x80
[  460.169535][T13343]  do_syscall_64+0x106/0xf80
[  460.169560][T13343]  ? clear_bhb_loop+0x40/0x90
[  460.169583][T13343]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  460.169602][T13343] RIP: 0033:0x7fa034d9c5c7
[  460.169619][T13343] Code: 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0b 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  460.169637][T13343] RSP: 002b:00007fa035c5dd18 EFLAGS: 00000206 ORIG_RAX: 000000000000000b
[  460.169655][T13343] RAX: ffffffffffffffda RBX: 00007fa02c000000 RCX: 00007fa034d9c5c7
[  460.169669][T13343] RDX: 0000000000000000 RSI: 0000000001200000 RDI: 00007fa02ae00000
[  460.169681][T13343] RBP: 0000000000021000 R08: 00000000ffffffff R09: 0000000000000000
[  460.169692][T13343] R10: 0000000000000022 R11: 0000000000000206 R12: 0000000004000000
[  460.169703][T13343] R13: 0000000000001000 R14: 00007fa030000000 R15: 0000000001200000
[  460.169726][T13343]  </TASK>
[  460.951043][T13354] openvswitch: HfR: Dropping previously announced user features
[  462.921924][T13392] openvswitch: HfR: Dropping previously announced user features
[  462.976196][T13396] openvswitch: HfR: Dropping previously announced user features
[  463.392912][T13409] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2070'.
[  463.711621][T13411] netlink: 'syz.5.2071': attribute type 33 has an invalid length.
[  464.282320][T13422] openvswitch: HfR: Dropping previously announced user features
[  464.462112][T13424] openvswitch: HfR: Dropping previously announced user features
[  464.598646][T13428] openvswitch: HfR: Dropping previously announced user features
[  464.888492][T13437] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2079'.
[  466.556152][T13462] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2086'.
[  466.608341][T13462] openvswitch: HfR: Dropping previously announced user features
[  467.215734][T13473] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2089'.
[  469.455309][T13500] netlink: 'syz.0.2096': attribute type 33 has an invalid length.
[  471.255466][T13525] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2102'.
[  471.464960][T13525] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  471.819668][T13525] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  471.912847][T13525] bond0 (unregistering): Released all slaves
[  472.214395][T13538] futex_wake_op: syz.6.2105 tries to shift op by -2048; fix this program
[  472.223741][T13538] futex_wake_op: syz.6.2105 tries to shift op by -2048; fix this program
[  472.247193][T13538] 0x000000000001-0x000000020000 : ""
[  472.301888][T13538] ftl_cs: FTL header corrupt!
[  472.432181][T13544] FAULT_INJECTION: forcing a failure.
[  472.432181][T13544] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  472.443709][T13540] netlink: 'syz.5.2106': attribute type 33 has an invalid length.
[  472.446044][T13544] CPU: 1 UID: 0 PID: 13544 Comm: syz.0.2107 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  472.446087][T13544] Tainted: [L]=SOFTLOCKUP
[  472.446097][T13544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  472.446113][T13544] Call Trace:
[  472.446124][T13544]  <TASK>
[  472.446134][T13544]  dump_stack_lvl+0x100/0x190
[  472.446181][T13544]  should_fail_ex.cold+0x5/0xa
[  472.446208][T13544]  ? prepare_alloc_pages+0x16d/0x5f0
[  472.446241][T13544]  should_fail_alloc_page+0xeb/0x140
[  472.446272][T13544]  prepare_alloc_pages+0x1f0/0x5f0
[  472.446309][T13544]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  472.446357][T13544]  ? __lock_acquire+0x4a5/0x2630
[  472.446401][T13544]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  472.446444][T13544]  ? find_held_lock+0x2b/0x80
[  472.446479][T13544]  ? lockdep_hardirqs_on+0x78/0x100
[  472.446516][T13544]  ? finish_task_switch.isra.0+0x205/0xb80
[  472.446550][T13544]  ? __lock_acquire+0x4a5/0x2630
[  472.446581][T13544]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  472.446635][T13544]  ? policy_nodemask+0xed/0x4f0
[  472.446667][T13544]  alloc_pages_mpol+0x1fb/0x550
[  472.446699][T13544]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  472.446754][T13544]  alloc_pages_noprof+0x131/0x390
[  472.446786][T13544]  pte_alloc_one+0x1c/0x3d0
[  472.446816][T13544]  __pte_alloc+0x6d/0x3e0
[  472.446843][T13544]  ? __pfx___pte_alloc+0x10/0x10
[  472.446874][T13544]  ? __rcu_read_unlock+0x27f/0x5e0
[  472.446912][T13544]  walk_pgd_range+0xb83/0x1eb0
[  472.446959][T13544]  ? __pfx_guard_install_set_pte+0x10/0x10
[  472.446988][T13544]  ? __pfx_guard_install_pte_entry+0x10/0x10
[  472.447020][T13544]  ? __pfx_guard_install_set_pte+0x10/0x10
[  472.447060][T13544]  ? __pfx_guard_install_set_pte+0x10/0x10
[  472.447089][T13544]  ? __pfx_guard_install_set_pte+0x10/0x10
[  472.447119][T13544]  ? __pfx_walk_pgd_range+0x10/0x10
[  472.447170][T13544]  __walk_page_range+0x163/0x820
[  472.447210][T13544]  ? process_measurement+0x4c8/0x2350
[  472.447265][T13544]  walk_page_range_vma_unsafe+0x209/0x8f0
[  472.447308][T13544]  ? css_rstat_updated+0x1ce/0x5a0
[  472.447337][T13544]  ? __pfx_walk_page_range_vma_unsafe+0x10/0x10
[  472.447378][T13544]  ? __pfx_css_rstat_updated+0x10/0x10
[  472.447422][T13544]  madvise_guard_install+0x43f/0x7c0
[  472.447462][T13544]  ? __pfx_madvise_guard_install+0x10/0x10
[  472.447497][T13544]  ? __pfx_guard_install_pud_entry+0x10/0x10
[  472.447525][T13544]  ? __pfx_guard_install_pmd_entry+0x10/0x10
[  472.447553][T13544]  ? __pfx_guard_install_pte_entry+0x10/0x10
[  472.447587][T13544]  ? __pfx_guard_install_set_pte+0x10/0x10
[  472.447620][T13544]  ? __lock_acquire+0x4a5/0x2630
[  472.447658][T13544]  madvise_vma_behavior+0x11f1/0x3050
[  472.447694][T13544]  ? __pfx_madvise_vma_behavior+0x10/0x10
[  472.447725][T13544]  ? reacquire_held_locks+0xce/0x1e0
[  472.447757][T13544]  ? lock_vma_under_rcu+0x11d/0x590
[  472.447801][T13544]  ? lock_vma_under_rcu+0x17c/0x590
[  472.447840][T13544]  ? lock_vma_under_rcu+0x25/0x590
[  472.447872][T13544]  ? lock_vma_under_rcu+0x1f9/0x590
[  472.447907][T13544]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[  472.447951][T13544]  ? __futex_wait+0x256/0x300
[  472.447998][T13544]  madvise_walk_vmas+0x71c/0xa90
[  472.448042][T13544]  ? __pfx_madvise_walk_vmas+0x10/0x10
[  472.448076][T13544]  ? find_held_lock+0x2b/0x80
[  472.448106][T13544]  madvise_do_behavior+0x1ea/0x510
[  472.448141][T13544]  ? __pfx_madvise_do_behavior+0x10/0x10
[  472.448171][T13544]  ? futex_wait+0x125/0x380
[  472.448219][T13544]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  472.448268][T13544]  do_madvise+0x195/0x240
[  472.448297][T13544]  ? __pfx_do_madvise+0x10/0x10
[  472.448328][T13544]  ? do_futex+0x192/0x350
[  472.448383][T13544]  ? ksys_write+0x1ac/0x250
[  472.448408][T13544]  ? __pfx_ksys_write+0x10/0x10
[  472.448439][T13544]  __x64_sys_madvise+0xa9/0x110
[  472.448471][T13544]  ? lockdep_hardirqs_on+0x78/0x100
[  472.448508][T13544]  do_syscall_64+0x106/0xf80
[  472.448543][T13544]  ? clear_bhb_loop+0x40/0x90
[  472.448577][T13544]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  472.448605][T13544] RIP: 0033:0x7f2f0ad9c799
[  472.448630][T13544] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  472.448655][T13544] RSP: 002b:00007f2f0bb79028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  472.448683][T13544] RAX: ffffffffffffffda RBX: 00007f2f0b015fa0 RCX: 00007f2f0ad9c799
[  472.448702][T13544] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000
[  472.448719][T13544] RBP: 00007f2f0ae32c99 R08: 0000000000000000 R09: 0000000000000000
[  472.448737][T13544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  472.448754][T13544] R13: 00007f2f0b016038 R14: 00007f2f0b015fa0 R15: 00007fff9ce34838
[  472.448792][T13544]  </TASK>
[  474.007586][T13563] FAULT_INJECTION: forcing a failure.
[  474.007586][T13563] name failslab, interval 1, probability 0, space 0, times 0
[  474.042048][T13563] CPU: 1 UID: 0 PID: 13563 Comm: syz.5.2111 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  474.042102][T13563] Tainted: [L]=SOFTLOCKUP
[  474.042113][T13563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  474.042132][T13563] Call Trace:
[  474.042143][T13563]  <TASK>
[  474.042157][T13563]  dump_stack_lvl+0x100/0x190
[  474.042210][T13563]  should_fail_ex.cold+0x5/0xa
[  474.042248][T13563]  should_failslab+0xc2/0x120
[  474.042282][T13563]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  474.042329][T13563]  ? do_getname+0x35/0x390
[  474.042377][T13563]  do_getname+0x35/0x390
[  474.042421][T13563]  do_sys_openat2+0xc5/0x1e0
[  474.042464][T13563]  ? __pfx_do_sys_openat2+0x10/0x10
[  474.042508][T13563]  ? find_held_lock+0x2b/0x80
[  474.042548][T13563]  __x64_sys_openat+0x12d/0x210
[  474.042590][T13563]  ? __pfx___x64_sys_openat+0x10/0x10
[  474.042649][T13563]  do_syscall_64+0x106/0xf80
[  474.042693][T13563]  ? clear_bhb_loop+0x40/0x90
[  474.042734][T13563]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  474.042767][T13563] RIP: 0033:0x7f61c4b9c799
[  474.042793][T13563] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  474.042824][T13563] RSP: 002b:00007f61c2dd5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  474.042854][T13563] RAX: ffffffffffffffda RBX: 00007f61c4e16090 RCX: 00007f61c4b9c799
[  474.042874][T13563] RDX: 0000000000040000 RSI: 0000000000000000 RDI: ffffffffffffff9c
[  474.042894][T13563] RBP: 00007f61c4c32c99 R08: 0000000000000000 R09: 0000000000000000
[  474.042912][T13563] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  474.042930][T13563] R13: 00007f61c4e16128 R14: 00007f61c4e16090 R15: 00007ffc585a64d8
[  474.042971][T13563]  </TASK>
[  475.306004][T13587] futex_wake_op: syz.6.2118 tries to shift op by -2048; fix this program
[  475.777460][T13597] FAULT_INJECTION: forcing a failure.
[  475.777460][T13597] name failslab, interval 1, probability 0, space 0, times 0
[  475.825400][T13597] CPU: 0 UID: 0 PID: 13597 Comm: syz.0.2120 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  475.825445][T13597] Tainted: [L]=SOFTLOCKUP
[  475.825454][T13597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  475.825471][T13597] Call Trace:
[  475.825479][T13597]  <TASK>
[  475.825490][T13597]  dump_stack_lvl+0x100/0x190
[  475.825535][T13597]  should_fail_ex.cold+0x5/0xa
[  475.825568][T13597]  ? copy_splice_read+0x1a3/0xb90
[  475.825594][T13597]  should_failslab+0xc2/0x120
[  475.825625][T13597]  __kmalloc_noprof+0xe0/0x850
[  475.825673][T13597]  copy_splice_read+0x1a3/0xb90
[  475.825710][T13597]  ? __pfx_copy_splice_read+0x10/0x10
[  475.825739][T13597]  ? look_up_lock_class+0x55/0x120
[  475.825784][T13597]  ? lockdep_init_map_type+0x5c/0x250
[  475.825828][T13597]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[  475.825873][T13597]  ? __pfx_filemap_splice_read+0x10/0x10
[  475.825902][T13597]  do_splice_read+0x2bd/0x370
[  475.825933][T13597]  splice_direct_to_actor+0x2a1/0xa30
[  475.825964][T13597]  ? __pfx_direct_splice_actor+0x10/0x10
[  475.825997][T13597]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  475.826037][T13597]  do_splice_direct+0x174/0x240
[  475.826066][T13597]  ? __pfx_do_splice_direct+0x10/0x10
[  475.826095][T13597]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  475.826144][T13597]  ? bpf_lsm_file_permission+0x9/0x10
[  475.826188][T13597]  ? security_file_permission+0x76/0x210
[  475.826234][T13597]  ? rw_verify_area+0xce/0x6d0
[  475.826277][T13597]  do_sendfile+0xadc/0xe20
[  475.826329][T13597]  ? __pfx_do_sendfile+0x10/0x10
[  475.826373][T13597]  ? __fget_files+0x21f/0x3d0
[  475.826410][T13597]  __x64_sys_sendfile64+0x1d8/0x220
[  475.826442][T13597]  ? ksys_write+0x1ac/0x250
[  475.826467][T13597]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  475.826509][T13597]  do_syscall_64+0x106/0xf80
[  475.826547][T13597]  ? clear_bhb_loop+0x40/0x90
[  475.826583][T13597]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  475.826611][T13597] RIP: 0033:0x7f2f0ad9c799
[  475.826636][T13597] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  475.826662][T13597] RSP: 002b:00007f2f08ff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  475.826689][T13597] RAX: ffffffffffffffda RBX: 00007f2f0b016090 RCX: 00007f2f0ad9c799
[  475.826707][T13597] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  475.826723][T13597] RBP: 00007f2f08ff6090 R08: 0000000000000000 R09: 0000000000000000
[  475.826740][T13597] R10: 0000400000000006 R11: 0000000000000246 R12: 0000000000000001
[  475.826757][T13597] R13: 00007f2f0b016128 R14: 00007f2f0b016090 R15: 00007fff9ce34838
[  475.826794][T13597]  </TASK>
[  476.331286][   T51] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  476.343085][   T51] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  476.354245][   T51] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  476.368572][   T51] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  476.400436][   T51] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  477.728310][T13630] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (1077952576 ns). Using initial count to start timer.
[  477.759400][T13606] chnl_net:caif_netlink_parms(): no params data found
[  478.225037][T13606] bridge0: port 1(bridge_slave_0) entered blocking state
[  478.241480][T13606] bridge0: port 1(bridge_slave_0) entered disabled state
[  478.251162][T13606] bridge_slave_0: entered allmulticast mode
[  478.269784][T13606] bridge_slave_0: entered promiscuous mode
[  478.299974][T13606] bridge0: port 2(bridge_slave_1) entered blocking state
[  478.309645][T13638] zswap: compressor  not available
[  478.338753][T13606] bridge0: port 2(bridge_slave_1) entered disabled state
[  478.362375][T13606] bridge_slave_1: entered allmulticast mode
[  478.370528][T13606] bridge_slave_1: entered promiscuous mode
[  478.456321][T13652] loop12: detected capacity change from 0 to 8192
[  478.475323][ T5824] Bluetooth: hci9: command tx timeout
[  478.518853][T13654] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2133'.
[  478.533652][T13652] tc_dump_action: action bad kind
[  478.579582][T13606] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  478.629713][T13606] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  478.835742][T13606] team0: Port device team_slave_0 added
[  478.847629][T13660] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2135'.
[  478.851240][T13606] team0: Port device team_slave_1 added
[  478.891018][T13660] openvswitch: HfR: Dropping previously announced user features
[  478.984084][T13606] batman_adv: batadv0: Adding interface: batadv_slave_0
[  478.991089][T13606] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  479.035251][T13606] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  479.076147][T13664] tipc: Started in network mode
[  479.081587][T13664] tipc: Node identity ffffffff, cluster identity 4711
[  479.093340][T13664] tipc: Node number set to 4294967295
[  479.100536][T13606] batman_adv: batadv0: Adding interface: batadv_slave_1
[  479.107796][T13606] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  479.173300][T13606] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  479.472162][T13606] hsr_slave_0: entered promiscuous mode
[  479.508035][T13606] hsr_slave_1: entered promiscuous mode
[  479.516120][T13606] debugfs: 'hsr0' already exists in 'hsr'
[  479.524717][T13606] Cannot create hsr debugfs directory
[  480.130314][T13606] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  480.155035][T13606] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  480.183247][T13606] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  480.208131][T13606] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  480.388823][T13606] 8021q: adding VLAN 0 to HW filter on device bond0
[  480.431659][T13606] 8021q: adding VLAN 0 to HW filter on device team0
[  480.473385][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  480.480753][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  480.515672][T13684] netlink: 'syz.6.2140': attribute type 33 has an invalid length.
[  480.538083][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  480.545960][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  480.564327][ T5824] Bluetooth: hci9: command tx timeout
[  480.903508][T13696] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2141'.
[  481.186496][T13606] 8021q: adding VLAN 0 to HW filter on device batadv0
[  481.569903][T13707] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2144'.
[  481.588103][T13709] FAULT_INJECTION: forcing a failure.
[  481.588103][T13709] name failslab, interval 1, probability 0, space 0, times 0
[  481.604416][T13709] CPU: 1 UID: 0 PID: 13709 Comm: syz.6.2145 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  481.604460][T13709] Tainted: [L]=SOFTLOCKUP
[  481.604470][T13709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  481.604487][T13709] Call Trace:
[  481.604495][T13709]  <TASK>
[  481.604507][T13709]  dump_stack_lvl+0x100/0x190
[  481.604555][T13709]  should_fail_ex.cold+0x5/0xa
[  481.604589][T13709]  should_failslab+0xc2/0x120
[  481.604622][T13709]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  481.604664][T13709]  ? alloc_empty_file+0x55/0x1c0
[  481.604696][T13709]  ? unwind_get_return_address+0x59/0xa0
[  481.604754][T13709]  alloc_empty_file+0x55/0x1c0
[  481.604792][T13709]  path_openat+0xe8/0x31a0
[  481.604823][T13709]  ? stack_trace_save+0x8e/0xc0
[  481.604851][T13709]  ? __pfx_stack_trace_save+0x10/0x10
[  481.604882][T13709]  ? stack_depot_save_flags+0x27/0x9d0
[  481.604916][T13709]  ? __pfx_path_openat+0x10/0x10
[  481.604944][T13709]  ? kasan_save_stack+0x3f/0x50
[  481.604977][T13709]  ? kasan_save_stack+0x30/0x50
[  481.605015][T13709]  ? kasan_save_track+0x14/0x30
[  481.605055][T13709]  ? __kasan_slab_alloc+0x89/0x90
[  481.605082][T13709]  ? kmem_cache_alloc_noprof+0x241/0x6e0
[  481.605124][T13709]  ? do_getname+0x35/0x390
[  481.605174][T13709]  do_file_open+0x20e/0x430
[  481.605208][T13709]  ? __pfx_do_file_open+0x10/0x10
[  481.605273][T13709]  ? find_held_lock+0x2b/0x80
[  481.605301][T13709]  ? __might_fault+0xc5/0x140
[  481.605341][T13709]  ? __might_fault+0xc5/0x140
[  481.605383][T13709]  file_open_name+0x198/0x3b0
[  481.605422][T13709]  ? __pfx_file_open_name+0x10/0x10
[  481.605468][T13709]  ? do_getname+0x191/0x390
[  481.605505][T13709]  acct_on+0xa4/0x9e0
[  481.605547][T13709]  ? __pfx_acct_on+0x10/0x10
[  481.605589][T13709]  ? bpf_lsm_capable+0x9/0x10
[  481.605615][T13709]  ? security_capable+0x80/0x260
[  481.605661][T13709]  __x64_sys_acct+0x81/0x1e0
[  481.605702][T13709]  ? lockdep_hardirqs_on+0x78/0x100
[  481.605744][T13709]  do_syscall_64+0x106/0xf80
[  481.605783][T13709]  ? clear_bhb_loop+0x40/0x90
[  481.605821][T13709]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  481.605851][T13709] RIP: 0033:0x7f73ce59c799
[  481.605878][T13709] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  481.605918][T13709] RSP: 002b:00007f73cf4be028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3
[  481.605947][T13709] RAX: ffffffffffffffda RBX: 00007f73ce815fa0 RCX: 00007f73ce59c799
[  481.605966][T13709] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000c40
[  481.605983][T13709] RBP: 00007f73cf4be090 R08: 0000000000000000 R09: 0000000000000000
[  481.606000][T13709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  481.606017][T13709] R13: 00007f73ce816038 R14: 00007f73ce815fa0 R15: 00007ffec4488ae8
[  481.606058][T13709]  </TASK>
[  481.606194][T13707] openvswitch: HfR: Dropping previously announced user features
[  482.103577][T13717] FAULT_INJECTION: forcing a failure.
[  482.103577][T13717] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  482.132232][T13717] CPU: 1 UID: 0 PID: 13717 Comm: syz.0.2147 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  482.132275][T13717] Tainted: [L]=SOFTLOCKUP
[  482.132285][T13717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  482.132300][T13717] Call Trace:
[  482.132310][T13717]  <TASK>
[  482.132320][T13717]  dump_stack_lvl+0x100/0x190
[  482.132367][T13717]  should_fail_ex.cold+0x5/0xa
[  482.132396][T13717]  ? prepare_alloc_pages+0x16d/0x5f0
[  482.132435][T13717]  should_fail_alloc_page+0xeb/0x140
[  482.132470][T13717]  prepare_alloc_pages+0x1f0/0x5f0
[  482.132504][T13717]  ? is_bpf_text_address+0x8a/0x1a0
[  482.132555][T13717]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  482.132601][T13717]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  482.132636][T13717]  ? is_bpf_text_address+0x94/0x1a0
[  482.132680][T13717]  ? kernel_text_address+0x8d/0x100
[  482.132724][T13717]  ? __kernel_text_address+0xd/0x30
[  482.132791][T13717]  ? unwind_get_return_address+0x59/0xa0
[  482.132834][T13717]  ? __lock_acquire+0x4a5/0x2630
[  482.132872][T13717]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  482.132929][T13717]  ? tomoyo_check_open_permission+0x1a2/0x3c0
[  482.132965][T13717]  ? stack_trace_save+0x8e/0xc0
[  482.132998][T13717]  ? look_up_lock_class+0x55/0x120
[  482.133043][T13717]  ? find_held_lock+0x2b/0x80
[  482.133070][T13717]  ? ima_match_policy+0x8c4/0x2350
[  482.133104][T13717]  ? ima_match_policy+0x8c4/0x2350
[  482.133143][T13717]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  482.133195][T13717]  ? policy_nodemask+0xed/0x4f0
[  482.133231][T13717]  alloc_pages_mpol+0x1fb/0x550
[  482.133266][T13717]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  482.133307][T13717]  alloc_pages_noprof+0x131/0x390
[  482.133338][T13717]  __pmd_alloc+0x3b/0x950
[  482.133376][T13717]  __handle_mm_fault+0xa99/0x2b60
[  482.133424][T13717]  ? mt_find+0x45e/0x8e0
[  482.133469][T13717]  ? __pfx___handle_mm_fault+0x10/0x10
[  482.133507][T13717]  ? __pfx_mt_find+0x10/0x10
[  482.133576][T13717]  ? find_vma+0xbf/0x140
[  482.133605][T13717]  ? __pfx_find_vma+0x10/0x10
[  482.133639][T13717]  handle_mm_fault+0x36d/0xa20
[  482.133689][T13717]  do_user_addr_fault+0x74c/0x12f0
[  482.133751][T13717]  exc_page_fault+0x6f/0xd0
[  482.133792][T13717]  asm_exc_page_fault+0x26/0x30
[  482.133822][T13717] RIP: 0010:rep_movs_alternative+0x11/0x90
[  482.133855][T13717] Code: c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f 8a 06 <88> 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 fd 93 04 00 66 66 2e 0f
[  482.133883][T13717] RSP: 0018:ffffc90022d379f8 EFLAGS: 00050202
[  482.133917][T13717] RAX: 0000000000000037 RBX: 0000000000000002 RCX: 0000000000000002
[  482.133934][T13717] RDX: 0000000000000001 RSI: ffff888047c2c000 RDI: 0000000000000000
[  482.133952][T13717] RBP: ffffc90022d37c08 R08: 0000000000000000 R09: ffffed1008f85800
[  482.133971][T13717] R10: ffff888047c2c001 R11: 0000000000000000 R12: ffff888047c2c000
[  482.133989][T13717] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000002
[  482.134029][T13717]  _copy_to_iter+0x4c5/0x1720
[  482.134074][T13717]  ? __pfx__copy_to_iter+0x10/0x10
[  482.134111][T13717]  ? find_held_lock+0x2b/0x80
[  482.134137][T13717]  ? p_stop+0x31/0x100
[  482.134191][T13717]  seq_read_iter+0xdab/0x1270
[  482.134256][T13717]  seq_read+0x33b/0x4c0
[  482.134302][T13717]  ? __pfx_seq_read+0x10/0x10
[  482.134343][T13717]  ? __pfx___might_resched+0x10/0x10
[  482.134412][T13717]  ? rw_verify_area+0xce/0x6d0
[  482.134454][T13717]  ? __pfx_seq_read+0x10/0x10
[  482.134499][T13717]  vfs_read+0x1e4/0xb30
[  482.134552][T13717]  ? __pfx_vfs_read+0x10/0x10
[  482.134598][T13717]  ? __fget_files+0x215/0x3d0
[  482.134636][T13717]  ? __fget_files+0x21f/0x3d0
[  482.134678][T13717]  ksys_read+0x12a/0x250
[  482.134706][T13717]  ? __pfx_ksys_read+0x10/0x10
[  482.134747][T13717]  do_syscall_64+0x106/0xf80
[  482.134786][T13717]  ? clear_bhb_loop+0x40/0x90
[  482.134822][T13717]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  482.134852][T13717] RIP: 0033:0x7f2f0ad9c799
[  482.134877][T13717] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  482.134912][T13717] RSP: 002b:00007f2f0bb79028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  482.134939][T13717] RAX: ffffffffffffffda RBX: 00007f2f0b015fa0 RCX: 00007f2f0ad9c799
[  482.134959][T13717] RDX: 0000000000001f42 RSI: 0000000000000000 RDI: 0000000000000003
[  482.134976][T13717] RBP: 00007f2f0bb79090 R08: 0000000000000000 R09: 0000000000000000
[  482.134993][T13717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  482.135010][T13717] R13: 00007f2f0b016038 R14: 00007f2f0b015fa0 R15: 00007fff9ce34838
[  482.135053][T13717]  </TASK>
[  482.270694][T13606] veth0_vlan: entered promiscuous mode
[  482.422263][T13712] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input113
[  482.646593][ T5824] Bluetooth: hci9: command tx timeout
[  482.706972][T13606] veth1_vlan: entered promiscuous mode
[  482.881103][T13714] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input114
[  482.904655][T13606] veth0_macvtap: entered promiscuous mode
[  482.964248][T13606] veth1_macvtap: entered promiscuous mode
[  483.151010][T13723] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input115
[  483.196435][T13606] batman_adv: batadv0: Interface activated: batadv_slave_0
[  483.290062][T13606] batman_adv: batadv0: Interface activated: batadv_slave_1
[  483.396164][   T36] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  483.461545][T13726] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input116
[  483.579438][   T36] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  483.588735][   T36] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  483.745502][   T13] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  484.430603][T13755] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2154'.
[  484.461898][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  484.472771][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  484.584219][T13755] openvswitch: HfR: Dropping previously announced user features
[  484.723533][ T5824] Bluetooth: hci9: command tx timeout
[  484.782280][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  484.818023][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  485.252344][T13767] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  485.261883][T13767] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  485.297595][T13767] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  485.351386][T13767] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  485.371254][T13767] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  485.401277][T13767] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  485.551915][T13767] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  485.644822][T13767] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  485.720705][T13767] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  485.785369][T13767] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  485.811416][T13767] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  485.830399][T13767] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  485.877647][T13767] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  485.894966][T13767] Bluetooth: hci7: Opcode 0x0c1a failed: -4
[  485.928064][T13767] Bluetooth: hci7: Opcode 0x0406 failed: -4
[  485.971619][T13767] Bluetooth: hci7: Opcode 0x0406 failed: -4
[  486.066824][T13767] Bluetooth: hci8: Opcode 0x0c1a failed: -4
[  486.090404][T13767] Bluetooth: hci8: Opcode 0x0406 failed: -4
[  486.112458][T13767] Bluetooth: hci8: Opcode 0x0406 failed: -4
[  486.169873][T13767] Bluetooth: hci9: Opcode 0x0c1a failed: -4
[  486.185409][T13767] Bluetooth: hci9: Opcode 0x0406 failed: -4
[  486.204883][T13767] Bluetooth: hci9: Opcode 0x0406 failed: -4
[  486.738429][T13794] openvswitch: HfR: Dropping previously announced user features
[  487.272120][ T5824] Bluetooth: hci1: command 0x0c1a tx timeout
[  487.273097][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  487.352663][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[  487.353692][ T5824] Bluetooth: hci2: command 0x0c1a tx timeout
[  487.432447][ T5824] Bluetooth: hci4: command 0x0c1a tx timeout
[  487.546952][   T30] audit: type=1326 audit(1773932131.563:33): auid=4294967295 uid=8 gid=0 ses=4294967295 subj=unconfined pid=13815 comm="syz.0.2170" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2f0ad9c799 code=0x0
[  487.611378][ T5824] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[  487.672274][ T5824] Bluetooth: hci5: command 0x0c1a tx timeout
[  487.832170][ T5824] Bluetooth: hci6: command 0x0c1a tx timeout
[  487.912511][ T5824] Bluetooth: hci7: command 0x0c1a tx timeout
[  488.072231][ T5824] Bluetooth: hci8: command 0x0c1a tx timeout
[  488.234925][ T5824] Bluetooth: hci9: command 0x0c1a tx timeout
[  489.024253][T13836] netlink: 'syz.0.2172': attribute type 33 has an invalid length.
[  489.223447][T13846] openvswitch: HfR: Dropping previously announced user features
[  489.515290][ T5824] Bluetooth: hci4: command 0x0c1a tx timeout
[  489.711453][T13862] FAULT_INJECTION: forcing a failure.
[  489.711453][T13862] name failslab, interval 1, probability 0, space 0, times 0
[  489.732209][T13862] CPU: 0 UID: 0 PID: 13862 Comm: syz.9.2180 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  489.732255][T13862] Tainted: [L]=SOFTLOCKUP
[  489.732265][T13862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  489.732281][T13862] Call Trace:
[  489.732291][T13862]  <TASK>
[  489.732302][T13862]  dump_stack_lvl+0x100/0x190
[  489.732347][T13862]  should_fail_ex.cold+0x5/0xa
[  489.732379][T13862]  should_failslab+0xc2/0x120
[  489.732410][T13862]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  489.732453][T13862]  ? dst_alloc+0x99/0x1a0
[  489.732484][T13862]  ? find_held_lock+0x2b/0x80
[  489.732509][T13862]  ? ip_check_mc_rcu+0x60e/0x780
[  489.732554][T13862]  dst_alloc+0x99/0x1a0
[  489.732589][T13862]  rt_dst_alloc+0x35/0x3a0
[  489.732635][T13862]  ip_route_output_key_hash_rcu+0x87a/0x2870
[  489.732682][T13862]  ip_route_output_key_hash+0x118/0x2b0
[  489.732741][T13862]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  489.732787][T13862]  ? find_held_lock+0x2b/0x80
[  489.732819][T13862]  ip_route_output_flow+0x27/0x150
[  489.732857][T13862]  raw_sendmsg+0xb1d/0x35f0
[  489.732888][T13862]  ? bpf_ksym_find+0x30/0x1c0
[  489.732928][T13862]  ? __pfx_raw_sendmsg+0x10/0x10
[  489.732954][T13862]  ? unwind_get_return_address+0x59/0xa0
[  489.732983][T13862]  ? arch_stack_walk+0xa6/0xf0
[  489.733017][T13862]  ? __lock_acquire+0x4a5/0x2630
[  489.733102][T13862]  ? __pfx_raw_sendmsg+0x10/0x10
[  489.733137][T13862]  inet_sendmsg+0x11c/0x140
[  489.733182][T13862]  sock_write_iter+0x4ea/0x5a0
[  489.733212][T13862]  ? __pfx_inet_sendmsg+0x10/0x10
[  489.733244][T13862]  ? __pfx_sock_write_iter+0x10/0x10
[  489.733288][T13862]  ? bpf_lsm_file_permission+0x9/0x10
[  489.733333][T13862]  ? security_file_permission+0x76/0x210
[  489.733372][T13862]  ? rw_verify_area+0xce/0x6d0
[  489.733417][T13862]  vfs_write+0x6ac/0x1070
[  489.733447][T13862]  ? __pfx_sock_write_iter+0x10/0x10
[  489.733481][T13862]  ? __pfx_vfs_write+0x10/0x10
[  489.733506][T13862]  ? find_held_lock+0x2b/0x80
[  489.733558][T13862]  ksys_write+0x1f8/0x250
[  489.733586][T13862]  ? __pfx_ksys_write+0x10/0x10
[  489.733627][T13862]  do_syscall_64+0x106/0xf80
[  489.733666][T13862]  ? clear_bhb_loop+0x40/0x90
[  489.733711][T13862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  489.733741][T13862] RIP: 0033:0x7f99f3b9c799
[  489.733767][T13862] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  489.733793][T13862] RSP: 002b:00007f99f49bc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  489.733822][T13862] RAX: ffffffffffffffda RBX: 00007f99f3e15fa0 RCX: 00007f99f3b9c799
[  489.733841][T13862] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003
[  489.733858][T13862] RBP: 00007f99f49bc090 R08: 0000000000000000 R09: 0000000000000000
[  489.733875][T13862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  489.733892][T13862] R13: 00007f99f3e16038 R14: 00007f99f3e15fa0 R15: 00007ffc18b97068
[  489.733930][T13862]  </TASK>
[  490.062132][ T5824] Bluetooth: hci5: command 0x0c1a tx timeout
[  490.068585][   T51] Bluetooth: hci6: command 0x0c1a tx timeout
[  490.068649][   T51] Bluetooth: hci7: command 0x0c1a tx timeout
[  490.220889][ T5824] Bluetooth: hci8: command 0x0c1a tx timeout
[  490.312314][ T5824] Bluetooth: hci9: command 0x0c1a tx timeout
[  490.447706][ T5146] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  490.460036][ T5146] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  490.469828][ T5146] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  490.486823][ T5146] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  490.506402][ T5146] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  490.781678][T13877] openvswitch: HfR: Dropping previously announced user features
[  491.039907][T13880] openvswitch: HfR: Dropping previously announced user features
[  491.299464][T13884] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  491.497475][T13897] random: crng reseeded on system resumption
[  491.593351][ T5824] Bluetooth: hci4: command 0x0c1a tx timeout
[  491.599967][T13869] chnl_net:caif_netlink_parms(): no params data found
[  491.677343][T13897] hub 1-0:1.0: USB hub found
[  491.695999][T13897] hub 1-0:1.0: 1 port detected
[  491.787582][T13869] bridge0: port 1(bridge_slave_0) entered blocking state
[  491.795403][T13869] bridge0: port 1(bridge_slave_0) entered disabled state
[  491.803550][T13869] bridge_slave_0: entered allmulticast mode
[  491.824078][T13869] bridge_slave_0: entered promiscuous mode
[  491.835493][T13869] bridge0: port 2(bridge_slave_1) entered blocking state
[  491.852296][T13869] bridge0: port 2(bridge_slave_1) entered disabled state
[  491.860082][T13869] bridge_slave_1: entered allmulticast mode
[  491.868593][T13869] bridge_slave_1: entered promiscuous mode
[  491.928746][T13869] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  491.942718][T13869] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  492.078366][T13869] team0: Port device team_slave_0 added
[  492.084449][ T5824] Bluetooth: hci7: command 0x0c1a tx timeout
[  492.090506][ T5824] Bluetooth: hci6: command 0x0c1a tx timeout
[  492.101397][T13869] team0: Port device team_slave_1 added
[  492.166094][ T5146] Bluetooth: hci5: command 0x0c1a tx timeout
[  492.195470][T13869] batman_adv: batadv0: Adding interface: batadv_slave_0
[  492.221352][T13869] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  492.248665][ T5146] Bluetooth: hci8: command 0x0c1a tx timeout
[  492.263785][T13869] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  492.329661][T13869] batman_adv: batadv0: Adding interface: batadv_slave_1
[  492.347452][T13869] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  492.402284][ T5146] Bluetooth: hci9: command 0x0c1a tx timeout
[  492.411372][T13869] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  492.552705][ T5146] Bluetooth: hci10: command tx timeout
[  492.668065][T13869] hsr_slave_0: entered promiscuous mode
[  492.675448][T13869] hsr_slave_1: entered promiscuous mode
[  492.685431][T13869] debugfs: 'hsr0' already exists in 'hsr'
[  492.699369][T13869] Cannot create hsr debugfs directory
[  493.448274][T13869] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  493.663350][T13918] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  493.676928][T13918] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  493.689331][T13918] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  493.756957][T13918] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  493.824969][T13918] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  493.842431][T13918] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  493.937249][T13918] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  494.024603][T13869] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  494.177337][T13918] Bluetooth: hci7: Opcode 0x0c1a failed: -4
[  494.209286][T13918] Bluetooth: hci8: Opcode 0x0c1a failed: -4
[  494.221252][T13921] netlink: 'syz.5.2203': attribute type 33 has an invalid length.
[  494.231679][T13918] Bluetooth: hci9: Opcode 0x0c1a failed: -4
[  494.258575][T13918] Bluetooth: hci10: Opcode 0x0c1a failed: -4
[  494.269063][T13918] Bluetooth: hci10: Opcode 0x0406 failed: -4
[  494.376573][T13918] Bluetooth: hci10: Opcode 0x0406 failed: -4
[  494.384838][T13869] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  494.581811][T13869] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  494.648478][T13925] HfR: entered promiscuous mode
[  495.000418][T13869] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  495.033831][T13869] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  495.095146][T13869] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  495.119217][T13869] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  495.379363][T13869] 8021q: adding VLAN 0 to HW filter on device bond0
[  495.449808][T13869] 8021q: adding VLAN 0 to HW filter on device team0
[  495.482017][T12556] bridge0: port 1(bridge_slave_0) entered blocking state
[  495.490414][T12556] bridge0: port 1(bridge_slave_0) entered forwarding state
[  495.546434][T12556] bridge0: port 2(bridge_slave_1) entered blocking state
[  495.555532][T12556] bridge0: port 2(bridge_slave_1) entered forwarding state
[  495.674479][ T5146] Bluetooth: hci1: command 0x0c1a tx timeout
[  495.680689][ T5146] Bluetooth: hci0: command 0x0c1a tx timeout
[  495.752236][ T5824] Bluetooth: hci2: command 0x0c1a tx timeout
[  495.758636][ T5146] Bluetooth: hci3: command 0x0c1a tx timeout
[  495.803297][T13952] FAULT_INJECTION: forcing a failure.
[  495.803297][T13952] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  495.818098][T13952] CPU: 0 UID: 0 PID: 13952 Comm: syz.6.2204 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  495.818143][T13952] Tainted: [L]=SOFTLOCKUP
[  495.818153][T13952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  495.818169][T13952] Call Trace:
[  495.818178][T13952]  <TASK>
[  495.818189][T13952]  dump_stack_lvl+0x100/0x190
[  495.818238][T13952]  should_fail_ex.cold+0x5/0xa
[  495.818266][T13952]  ? prepare_alloc_pages+0x16d/0x5f0
[  495.818301][T13952]  should_fail_alloc_page+0xeb/0x140
[  495.818334][T13952]  prepare_alloc_pages+0x1f0/0x5f0
[  495.818368][T13952]  ? find_held_lock+0x2b/0x80
[  495.818398][T13952]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  495.818446][T13952]  ? __lock_acquire+0x4a5/0x2630
[  495.818501][T13952]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  495.818552][T13952]  ? find_held_lock+0x2b/0x80
[  495.818578][T13952]  ? process_measurement+0x4c8/0x2350
[  495.818623][T13952]  ? process_measurement+0x4c8/0x2350
[  495.818675][T13952]  ? up_write+0x290/0x4f0
[  495.818721][T13952]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  495.818772][T13952]  ? policy_nodemask+0xed/0x4f0
[  495.818804][T13952]  alloc_pages_mpol+0x1fb/0x550
[  495.818857][T13952]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  495.818899][T13952]  folio_alloc_mpol_noprof+0x36/0x340
[  495.818938][T13952]  vma_alloc_folio_noprof+0xed/0x1d0
[  495.818974][T13952]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  495.819022][T13952]  do_anonymous_page+0xb3a/0x1fb0
[  495.819085][T13952]  __handle_mm_fault+0x1d42/0x2b60
[  495.819131][T13952]  ? mt_find+0x45e/0x8e0
[  495.819176][T13952]  ? __pfx___handle_mm_fault+0x10/0x10
[  495.819212][T13952]  ? __pfx_mt_find+0x10/0x10
[  495.819276][T13952]  ? find_vma+0xbf/0x140
[  495.819305][T13952]  ? __pfx_find_vma+0x10/0x10
[  495.819337][T13952]  handle_mm_fault+0x36d/0xa20
[  495.819385][T13952]  do_user_addr_fault+0x74c/0x12f0
[  495.819443][T13952]  exc_page_fault+0x6f/0xd0
[  495.819485][T13952]  asm_exc_page_fault+0x26/0x30
[  495.819513][T13952] RIP: 0010:rep_stos_alternative+0x40/0x80
[  495.819543][T13952] Code: c9 75 f6 e9 42 a1 04 00 48 89 07 48 83 c7 08 83 e9 08 74 ef 83 f9 08 73 ef eb de 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 <48> 89 07 48 89 47 08 48 89 47 10 48 89 47 18 48 89 47 20 48 89 47
[  495.819570][T13952] RSP: 0018:ffffc90018dc7cb8 EFLAGS: 00050206
[  495.819594][T13952] RAX: 0000000000000000 RBX: 000000007ffff000 RCX: 0000000000000240
[  495.819612][T13952] RDX: ffff888026ba8000 RSI: ffffffff825601b1 RDI: 0000200000001000
[  495.819630][T13952] RBP: 0000000000001000 R08: 0000000000000001 R09: 00000000000001c5
[  495.819646][T13952] R10: 0000000000000200 R11: 0000000000000000 R12: 0000000000001000
[  495.819663][T13952] R13: ffff888026ba8000 R14: dffffc0000000000 R15: 0000200000000240
[  495.819694][T13952]  ? __might_fault+0x111/0x140
[  495.819741][T13952]  read_zero+0xed/0x1f0
[  495.819786][T13952]  ? __pfx_read_zero+0x10/0x10
[  495.819832][T13952]  vfs_read+0x1e4/0xb30
[  495.819882][T13952]  ? __pfx_vfs_read+0x10/0x10
[  495.819923][T13952]  ? find_held_lock+0x2b/0x80
[  495.819949][T13952]  ? __fget_files+0x215/0x3d0
[  495.819976][T13952]  ? __fget_files+0x215/0x3d0
[  495.820010][T13952]  ? __fget_files+0x21f/0x3d0
[  495.820057][T13952]  __x64_sys_pread64+0x1eb/0x250
[  495.820089][T13952]  ? __pfx___x64_sys_pread64+0x10/0x10
[  495.820130][T13952]  do_syscall_64+0x106/0xf80
[  495.820169][T13952]  ? clear_bhb_loop+0x40/0x90
[  495.820205][T13952]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  495.820233][T13952] RIP: 0033:0x7f73ce59c799
[  495.820258][T13952] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  495.820284][T13952] RSP: 002b:00007f73cf4be028 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  495.820313][T13952] RAX: ffffffffffffffda RBX: 00007f73ce815fa0 RCX: 00007f73ce59c799
[  495.820331][T13952] RDX: 0000000100000002 RSI: 0000200000000240 RDI: 0000000000000003
[  495.820349][T13952] RBP: 00007f73cf4be090 R08: 0000000000000000 R09: 0000000000000000
[  495.820366][T13952] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000001
[  495.820383][T13952] R13: 00007f73ce816038 R14: 00007f73ce815fa0 R15: 00007ffec4488ae8
[  495.820425][T13952]  </TASK>
[  496.269971][ T5146] Bluetooth: hci4: command 0x0c1a tx timeout
[  496.276207][ T5146] Bluetooth: hci5: command 0x0c1a tx timeout
[  496.282884][ T5146] Bluetooth: hci6: command 0x0c1a tx timeout
[  496.286172][ T5824] Bluetooth: hci8: command 0x0c1a tx timeout
[  496.289415][ T5146] Bluetooth: hci7: command 0x0c1a tx timeout
[  496.318000][ T5146] Bluetooth: hci10: command 0x040f tx timeout
[  496.324951][ T5146] Bluetooth: hci9: command 0x0c1a tx timeout
[  496.607572][T13869] 8021q: adding VLAN 0 to HW filter on device batadv0
[  496.790212][T13869] veth0_vlan: entered promiscuous mode
[  496.798753][T13959] openvswitch: HfR: Dropping previously announced user features
[  496.858770][T13869] veth1_vlan: entered promiscuous mode
[  497.049377][T13869] veth0_macvtap: entered promiscuous mode
[  497.066853][T13869] veth1_macvtap: entered promiscuous mode
[  497.136822][T13869] batman_adv: batadv0: Interface activated: batadv_slave_0
[  497.162900][T13965] FAULT_INJECTION: forcing a failure.
[  497.162900][T13965] name failslab, interval 1, probability 0, space 0, times 0
[  497.166758][T13869] batman_adv: batadv0: Interface activated: batadv_slave_1
[  497.212464][T13965] CPU: 0 UID: 0 PID: 13965 Comm: syz.9.2209 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  497.212508][T13965] Tainted: [L]=SOFTLOCKUP
[  497.212518][T13965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  497.212534][T13965] Call Trace:
[  497.212543][T13965]  <TASK>
[  497.212553][T13965]  dump_stack_lvl+0x100/0x190
[  497.212599][T13965]  should_fail_ex.cold+0x5/0xa
[  497.212650][T13965]  should_failslab+0xc2/0x120
[  497.212681][T13965]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  497.212723][T13965]  ? __alloc_skb+0x140/0x710
[  497.212777][T13965]  __alloc_skb+0x140/0x710
[  497.212810][T13965]  ? __alloc_skb+0x5b7/0x710
[  497.212851][T13965]  ? __pfx___alloc_skb+0x10/0x10
[  497.212897][T13965]  netlink_alloc_large_skb+0x69/0x150
[  497.212943][T13965]  netlink_sendmsg+0x680/0xda0
[  497.213004][T13965]  ? __pfx_netlink_sendmsg+0x10/0x10
[  497.213043][T13965]  ? __import_iovec+0x1d2/0x640
[  497.213081][T13965]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  497.213131][T13965]  ____sys_sendmsg+0x9e1/0xb70
[  497.213158][T13965]  ? __pfx_netlink_sendmsg+0x10/0x10
[  497.213203][T13965]  ? __pfx_____sys_sendmsg+0x10/0x10
[  497.213252][T13965]  ___sys_sendmsg+0x190/0x1e0
[  497.213284][T13965]  ? __pfx____sys_sendmsg+0x10/0x10
[  497.213363][T13965]  __sys_sendmsg+0x170/0x220
[  497.213404][T13965]  ? __pfx___sys_sendmsg+0x10/0x10
[  497.213469][T13965]  do_syscall_64+0x106/0xf80
[  497.213507][T13965]  ? clear_bhb_loop+0x40/0x90
[  497.213542][T13965]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  497.213570][T13965] RIP: 0033:0x7f99f3b9c799
[  497.213594][T13965] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  497.213619][T13965] RSP: 002b:00007f99f49bc028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  497.213646][T13965] RAX: ffffffffffffffda RBX: 00007f99f3e15fa0 RCX: 00007f99f3b9c799
[  497.213663][T13965] RDX: 00000000040008c4 RSI: 0000200000000180 RDI: 0000000000000003
[  497.213680][T13965] RBP: 00007f99f49bc090 R08: 0000000000000000 R09: 0000000000000000
[  497.213697][T13965] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  497.213713][T13965] R13: 00007f99f3e16038 R14: 00007f99f3e15fa0 R15: 00007ffc18b97068
[  497.213750][T13965]  </TASK>
[  497.261782][  T169] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  497.517317][  T169] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  497.527912][  T169] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  497.562381][T13966] netlink: 'syz.6.2207': attribute type 33 has an invalid length.
[  497.570820][  T169] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  497.893698][  T169] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  497.901860][  T169] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  498.077719][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  498.090482][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  498.392729][T13953] Bluetooth: hci10: command 0x040f tx timeout
[  499.189844][T13998] FAULT_INJECTION: forcing a failure.
[  499.189844][T13998] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  499.240782][T13998] CPU: 1 UID: 0 PID: 13998 Comm: syz.5.2217 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  499.240840][T13998] Tainted: [L]=SOFTLOCKUP
[  499.240850][T13998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  499.240867][T13998] Call Trace:
[  499.240876][T13998]  <TASK>
[  499.240886][T13998]  dump_stack_lvl+0x100/0x190
[  499.240937][T13998]  should_fail_ex.cold+0x5/0xa
[  499.240972][T13998]  _copy_to_user+0x32/0xd0
[  499.241011][T13998]  simple_read_from_buffer+0xcb/0x170
[  499.241061][T13998]  proc_fail_nth_read+0x1af/0x230
[  499.241099][T13998]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  499.241139][T13998]  ? rw_verify_area+0xce/0x6d0
[  499.241181][T13998]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  499.241217][T13998]  vfs_read+0x1e4/0xb30
[  499.241269][T13998]  ? __pfx_vfs_read+0x10/0x10
[  499.241314][T13998]  ? __fget_files+0x215/0x3d0
[  499.241352][T13998]  ? __fget_files+0x21f/0x3d0
[  499.241392][T13998]  ksys_read+0x12a/0x250
[  499.241418][T13998]  ? __pfx_ksys_read+0x10/0x10
[  499.241454][T13998]  do_syscall_64+0x106/0xf80
[  499.241494][T13998]  ? clear_bhb_loop+0x40/0x90
[  499.241526][T13998]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  499.241553][T13998] RIP: 0033:0x7f61c4b5cfce
[  499.241575][T13998] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  499.241600][T13998] RSP: 002b:00007f61c2dd4fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  499.241627][T13998] RAX: ffffffffffffffda RBX: 00007f61c2dd56c0 RCX: 00007f61c4b5cfce
[  499.241646][T13998] RDX: 000000000000000f RSI: 00007f61c2dd50a0 RDI: 0000000000000005
[  499.241662][T13998] RBP: 00007f61c2dd5090 R08: 0000000000000000 R09: 0000000000000000
[  499.241679][T13998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  499.241696][T13998] R13: 00007f61c4e16128 R14: 00007f61c4e16090 R15: 00007ffc585a64d8
[  499.241736][T13998]  </TASK>
[  499.818875][T14005] vhci_hcd vhci_hcd.2: invalid port number 194
[  499.843819][T14005] vhci_hcd vhci_hcd.2: invalid port number 194
[  500.385313][T14015] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  500.482090][T13953] Bluetooth: hci10: command 0x040f tx timeout
[  500.488337][T14013] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2222'.
[  500.640644][T14022] openvswitch: HfR: Dropping previously announced user features
[  500.657528][T14025] futex_wake_op: syz.6.2225 tries to shift op by -2048; fix this program
[  500.692363][T14025] futex_wake_op: syz.6.2225 tries to shift op by -2048; fix this program
[  500.705706][T14025] 0x000000000001-0x000000020000 : ""
[  500.736752][T14025] ftl_cs: FTL header corrupt!
[  500.757904][T14026] FAULT_INJECTION: forcing a failure.
[  500.757904][T14026] name failslab, interval 1, probability 0, space 0, times 0
[  500.844661][T14026] CPU: 0 UID: 0 PID: 14026 Comm: syz.6.2225 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  500.844710][T14026] Tainted: [L]=SOFTLOCKUP
[  500.844720][T14026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  500.844744][T14026] Call Trace:
[  500.844754][T14026]  <TASK>
[  500.844769][T14026]  dump_stack_lvl+0x100/0x190
[  500.844816][T14026]  should_fail_ex.cold+0x5/0xa
[  500.844849][T14026]  ? tomoyo_encode2+0xfb/0x3c0
[  500.844883][T14026]  should_failslab+0xc2/0x120
[  500.844913][T14026]  __kmalloc_noprof+0xe0/0x850
[  500.844952][T14026]  ? d_absolute_path+0x136/0x1b0
[  500.844996][T14026]  tomoyo_encode2+0xfb/0x3c0
[  500.845039][T14026]  tomoyo_encode+0x29/0x50
[  500.845072][T14026]  tomoyo_realpath_from_path+0x18c/0x690
[  500.845119][T14026]  tomoyo_path_number_perm+0x23c/0x580
[  500.845147][T14026]  ? tomoyo_path_number_perm+0x22e/0x580
[  500.845178][T14026]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  500.845247][T14026]  ? find_held_lock+0x2b/0x80
[  500.845274][T14026]  ? __fget_files+0x215/0x3d0
[  500.845299][T14026]  ? hook_file_ioctl_common+0x146/0x410
[  500.845338][T14026]  ? __fget_files+0x21f/0x3d0
[  500.845372][T14026]  security_file_ioctl+0xd3/0x230
[  500.845407][T14026]  __x64_sys_ioctl+0xb7/0x210
[  500.845453][T14026]  do_syscall_64+0x106/0xf80
[  500.845491][T14026]  ? clear_bhb_loop+0x40/0x90
[  500.845527][T14026]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  500.845558][T14026] RIP: 0033:0x7f73ce59c799
[  500.845583][T14026] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  500.845611][T14026] RSP: 002b:00007f73cf49d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  500.845641][T14026] RAX: ffffffffffffffda RBX: 00007f73ce816090 RCX: 00007f73ce59c799
[  500.845661][T14026] RDX: 0000000000000000 RSI: 0000000080204d01 RDI: 0000000000000003
[  500.845679][T14026] RBP: 00007f73cf49d090 R08: 0000000000000000 R09: 0000000000000000
[  500.845695][T14026] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  500.845712][T14026] R13: 00007f73ce816128 R14: 00007f73ce816090 R15: 00007ffec4488ae8
[  500.845761][T14026]  </TASK>
[  500.845871][T14026] ERROR: Out of memory at tomoyo_realpath_from_path.
[  501.715263][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  501.723508][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  502.552378][T13953] Bluetooth: hci10: command 0x040f tx timeout
[  503.144002][T14056] openvswitch: HfR: Dropping previously announced user features
[  503.304182][T14060] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  503.576212][T14068] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  504.440275][   T30] audit: type=1800 audit(1773932148.453:34): pid=14087 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.2241" name="lu_gp_id" dev="configfs" ino=68373 res=0 errno=0
[  504.537189][T14083] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2238'.
[  504.636171][T13953] Bluetooth: hci10: command 0x040f tx timeout
[  506.293758][T14132] HfR: entered promiscuous mode
[  506.976306][T14141] netlink: 338 bytes leftover after parsing attributes in process `syz.5.2254'.
[  507.715809][T14166] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  509.897334][T14204] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  510.756446][T14221] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed
[  510.764827][T14221] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff)
[  511.928554][   T31] INFO: task syz.1.1429:11138 blocked for more than 143 seconds.
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  511.970604][   T31]       Tainted: G             L      syzkaller #0
[  512.001666][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  512.028381][   T31] task:syz.1.1429      state:D stack:24408 pid:11138 tgid:11133 ppid:5830   task_flags:0x400140 flags:0x00080002
[  512.062097][   T31] Call Trace:
[  512.071592][   T31]  <TASK>
[  512.079869][   T31]  __schedule+0xfee/0x6120
[  512.094051][T14251] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  512.160508][   T31]  ? __lock_acquire+0x4a5/0x2630
[  512.191003][   T31]  ? __pfx___schedule+0x10/0x10
[  512.205805][   T31]  ? find_held_lock+0x2b/0x80
[  512.234924][   T31]  ? schedule+0x2bf/0x390
[  512.256548][   T31]  schedule+0xdd/0x390
[  512.280769][   T31]  schedule_preempt_disabled+0x13/0x30
[  512.304046][   T31]  __mutex_lock+0xc9a/0x1b90
[  512.329449][   T31]  ? nfsd_nl_threads_set_doit+0x6c1/0xc00
[  512.350517][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  512.366774][   T31]  ? net_generic+0xea/0x2a0
[  512.384289][   T31]  ? net_generic+0xea/0x2a0
[  512.420724][   T31]  ? nfsd_nl_threads_set_doit+0x6c1/0xc00
[  512.445255][   T31]  nfsd_nl_threads_set_doit+0x6c1/0xc00
[  512.529389][   T31]  genl_family_rcv_msg_doit+0x214/0x300
[  512.554554][   T31]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  512.562082][   T31]  ? preempt_schedule_common+0x42/0xc0
[  512.568124][   T31]  ? genl_get_cmd+0x3ef/0x720
[  512.573233][   T31]  ? bpf_lsm_capable+0x9/0x10
[  512.577986][   T31]  ? security_capable+0x80/0x260
[  512.584923][   T31]  genl_rcv_msg+0x560/0x800
[  512.589526][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[  512.596871][   T31]  ? __pfx_nfsd_nl_threads_set_doit+0x10/0x10
[  512.603355][   T31]  netlink_rcv_skb+0x159/0x420
[  512.608194][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[  512.613355][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  512.619977][   T31]  ? rcu_is_watching+0x12/0xc0
[  512.625025][   T31]  ? __rcu_read_unlock+0x26a/0x5e0
[  512.630391][   T31]  ? rcu_is_watching+0x12/0xc0
[  512.640609][   T31]  genl_rcv+0x28/0x40
[  512.644788][   T31]  netlink_unicast+0x5aa/0x870
[  512.649725][   T31]  ? __pfx_netlink_unicast+0x10/0x10
[  512.655671][   T31]  netlink_sendmsg+0x8b0/0xda0
[  512.660630][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  512.666276][   T31]  ? __import_iovec+0x1d2/0x640
[  512.682136][   T31]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  512.690415][   T31]  ____sys_sendmsg+0x9e1/0xb70
[  512.698109][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  512.703610][   T31]  ? __pfx_____sys_sendmsg+0x10/0x10
[  512.710009][   T31]  ? __pfx_futex_wake_mark+0x10/0x10
[  512.715859][   T31]  ___sys_sendmsg+0x190/0x1e0
[  512.720616][   T31]  ? __pfx____sys_sendmsg+0x10/0x10
[  512.740319][   T31]  __sys_sendmsg+0x170/0x220
[  512.753255][   T31]  ? __pfx___sys_sendmsg+0x10/0x10
[  512.759119][   T31]  ? __x64_sys_futex+0x34f/0x4d0
[  512.764719][   T31]  do_syscall_64+0x106/0xf80
[  512.772053][   T31]  ? clear_bhb_loop+0x40/0x90
[  512.777267][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  512.801488][   T31] RIP: 0033:0x7f3daa19c799
[  512.812012][   T31] RSP: 002b:00007f3daaf81028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  512.820684][   T31] RAX: ffffffffffffffda RBX: 00007f3daa416180 RCX: 00007f3daa19c799
[  512.842077][   T31] RDX: 0000000000004000 RSI: 0000200000000480 RDI: 0000000000000005
[  512.859780][   T31] RBP: 00007f3daa232c99 R08: 0000000000000000 R09: 0000000000000000
[  512.878160][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  512.891996][   T31] R13: 00007f3daa416218 R14: 00007f3daa416180 R15: 00007ffe76e99f38
[  512.910330][   T31]  </TASK>
[  512.913726][   T31] INFO: task syz.4.1482:11419 blocked for more than 144 seconds.
[  512.921544][   T31]       Tainted: G             L      syzkaller #0
[  512.942055][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  512.961151][   T31] task:syz.4.1482      state:D stack:24408 pid:11419 tgid:11412 ppid:11311  task_flags:0x400140 flags:0x00080002
[  512.982163][   T31] Call Trace:
[  512.985644][   T31]  <TASK>
[  512.988786][   T31]  __schedule+0xfee/0x6120
[  513.002047][   T31]  ? __lock_acquire+0x4a5/0x2630
[  513.012184][   T31]  ? __pfx___schedule+0x10/0x10
[  513.017284][   T31]  ? find_held_lock+0x2b/0x80
[  513.032246][   T31]  ? schedule+0x2bf/0x390
[  513.036987][   T31]  schedule+0xdd/0x390
[  513.152017][   T31]  schedule_preempt_disabled+0x13/0x30
[  513.157581][   T31]  __mutex_lock+0xc9a/0x1b90
[  513.182142][   T31]  ? nfsd_nl_threads_set_doit+0x6c1/0xc00
[  513.216172][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  513.221505][   T31]  ? net_generic+0xea/0x2a0
[  513.252932][   T31]  ? net_generic+0xea/0x2a0
[  513.257707][   T31]  ? nfsd_nl_threads_set_doit+0x6c1/0xc00
[  513.264389][   T31]  nfsd_nl_threads_set_doit+0x6c1/0xc00
[  513.271086][   T31]  genl_family_rcv_msg_doit+0x214/0x300
[  513.284430][   T31]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  513.291298][   T31]  ? preempt_schedule_common+0x42/0xc0
[  513.300069][   T31]  ? genl_get_cmd+0x3ef/0x720
[  513.305140][   T31]  ? bpf_lsm_capable+0x9/0x10
[  513.309901][   T31]  ? security_capable+0x80/0x260
[  513.324674][   T31]  genl_rcv_msg+0x560/0x800
[  513.330053][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[  513.335716][   T31]  ? __pfx_nfsd_nl_threads_set_doit+0x10/0x10
[  513.342436][   T31]  netlink_rcv_skb+0x159/0x420
[  513.347543][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[  513.358548][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  513.364069][   T31]  ? rcu_is_watching+0x12/0xc0
[  513.368916][   T31]  ? __rcu_read_unlock+0x26a/0x5e0
[  513.374364][   T31]  ? rcu_is_watching+0x12/0xc0
[  513.379298][   T31]  genl_rcv+0x28/0x40
[  513.385744][   T31]  netlink_unicast+0x5aa/0x870
[  513.390583][   T31]  ? __pfx_netlink_unicast+0x10/0x10
[  513.412307][   T31]  netlink_sendmsg+0x8b0/0xda0
[  513.427303][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  513.458208][   T31]  ? __import_iovec+0x1d2/0x640
[  513.465562][   T31]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  513.471688][   T31]  ____sys_sendmsg+0x9e1/0xb70
[  513.482218][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  513.488313][   T31]  ? __pfx_____sys_sendmsg+0x10/0x10
[  513.513025][   T31]  ? try_to_wake_up+0x644/0x1a80
[  513.520470][   T31]  ___sys_sendmsg+0x190/0x1e0
[  513.532299][   T31]  ? __pfx____sys_sendmsg+0x10/0x10
[  513.537856][   T31]  ? futex_private_hash_put+0x107/0x1c0
[  513.552087][   T31]  __sys_sendmsg+0x170/0x220
[  513.556762][   T31]  ? __pfx___sys_sendmsg+0x10/0x10
[  513.577100][   T31]  ? __x64_sys_futex+0x34f/0x4d0
[  513.582226][   T31]  do_syscall_64+0x106/0xf80
[  513.586890][   T31]  ? clear_bhb_loop+0x40/0x90
[  513.591686][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  513.598754][   T31] RIP: 0033:0x7f82f1b9c799
[  513.603422][   T31] RSP: 002b:00007f82f2aab028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  513.612059][   T31] RAX: ffffffffffffffda RBX: 00007f82f1e16180 RCX: 00007f82f1b9c799
[  513.622323][   T31] RDX: 0000000000004000 RSI: 0000200000000480 RDI: 0000000000000005
[  513.630474][   T31] RBP: 00007f82f1c32c99 R08: 0000000000000000 R09: 0000000000000000
[  513.638707][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  513.646808][   T31] R13: 00007f82f1e16218 R14: 00007f82f1e16180 R15: 00007ffcf6a9d2f8
[  513.654935][   T31]  </TASK>
[  513.658408][   T31] 
[  513.658408][   T31] Showing all locks held in the system:
[  513.732025][   T31] 3 locks held by kworker/1:1/29:
[  513.740826][   T31]  #0: ffff88813fe63148 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x1310/0x19a0
[  513.802327][   T31]  #1: ffff8880466e8008 (&____s->seqcount#13){.-.-}-{0:0}, at: trace_ignore_this_task+0x56/0x100
[  513.852190][   T31]  #2: ffff88803f531020 (&r->consumer_lock#2){+...}-{3:3}, at: wg_packet_decrypt_worker+0x2b2/0x540
[  513.884267][   T31] 1 lock held by khungtaskd/31:
[  513.889380][   T31]  #0: ffffffff8e7e74e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x3d/0x184
[  513.912385][   T31] 5 locks held by kworker/u8:10/3028:
[  513.918127][   T31]  #0: ffff88801c6ae948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x1310/0x19a0
[  513.952052][   T31]  #1: ffffc9000d51fd08 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x988/0x19a0
[  513.972035][   T31]  #2: ffffffff905fbc10 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xb8/0x920
[  513.981734][   T31]  #3: ffffffff90614468 (rtnl_mutex){+.+.}-{4:4}, at: ops_undo_list+0x7ec/0xab0
[  514.012342][   T31]  #4: ffffffff8e7f30f8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x19e/0x3c0
[  514.030852][   T31] 2 locks held by syz-executor/5822:
[  514.042005][   T31]  #0: ffff8880562d00e0 (&type->s_umount_key#55){+.+.}-{4:4}, at: deactivate_super+0xdf/0x110
[  514.079192][   T31]  #1: ffffffff8ec58228 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0
[  514.102073][   T31] 2 locks held by syz.2.1401/11037:
[  514.107662][   T31]  #0: ffffffff906c07d0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  514.134702][   T31]  #1: ffffffff8ec58228 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x6c1/0xc00
[  514.154692][   T31] 2 locks held by getty/11064:
[  514.159787][   T31]  #0: ffff8880378ca0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  514.192048][   T31]  #1: ffffc900043b32f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x419/0x1500
[  514.212027][   T31] 2 locks held by syz.1.1429/11138:
[  514.217818][   T31]  #0: ffffffff906c07d0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  514.244453][   T31]  #1: ffffffff8ec58228 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x6c1/0xc00
[  514.256525][   T31] 2 locks held by syz.4.1482/11419:
[  514.261734][   T31]  #0: ffffffff906c07d0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  514.270050][   T31]  #1: ffffffff8ec58228 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x6c1/0xc00
[  514.280405][   T31] 1 lock held by syz-executor/11436:
[  514.285833][   T31]  #0: ffffffff90614468 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x220
[  514.299767][   T31] 2 locks held by syz.3.1568/11627:
[  514.305178][   T31]  #0: ffffffff906c07d0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  514.314126][   T31]  #1: ffffffff8ec58228 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x6c1/0xc00
[  514.324433][   T31] 2 locks held by syz.7.1891/12775:
[  514.330035][   T31]  #0: ffffffff906c07d0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  514.341607][   T31]  #1: ffffffff8ec58228 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x6c1/0xc00
[  514.352107][   T31] 2 locks held by syz.8.2054/13358:
[  514.357617][   T31]  #0: ffffffff906c07d0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  514.366383][   T31]  #1: ffffffff8ec58228 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x6c1/0xc00
[  514.376722][   T31] 1 lock held by syz-executor/13869:
[  514.382089][   T31]  #0: ffffffff90614468 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x220
[  514.391088][   T31] 1 lock held by syz.9.2276/14230:
[  514.396994][   T31]  #0: ffffffff90614468 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x220
[  514.406497][   T31] 
[  514.408994][   T31] =============================================
[  514.408994][   T31] 
[  514.452624][   T31] NMI backtrace for cpu 0
[  514.452663][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  514.452704][   T31] Tainted: [L]=SOFTLOCKUP
[  514.452714][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  514.452730][   T31] Call Trace:
[  514.452739][   T31]  <TASK>
[  514.452751][   T31]  dump_stack_lvl+0x100/0x190
[  514.452798][   T31]  nmi_cpu_backtrace.cold+0x12d/0x151
[  514.452843][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  514.452885][   T31]  nmi_trigger_cpumask_backtrace+0x1d7/0x230
[  514.452922][   T31]  sys_info+0x141/0x190
[  514.452948][   T31]  watchdog+0xd25/0x1050
[  514.452989][   T31]  ? __pfx_watchdog+0x10/0x10
[  514.453019][   T31]  ? __kthread_parkme+0x18c/0x230
[  514.453057][   T31]  ? kthread+0x13a/0x450
[  514.453091][   T31]  ? __pfx_watchdog+0x10/0x10
[  514.453115][   T31]  kthread+0x370/0x450
[  514.453150][   T31]  ? __pfx_kthread+0x10/0x10
[  514.453189][   T31]  ret_from_fork+0x754/0xd80
[  514.453234][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  514.453279][   T31]  ? __switch_to+0x7b4/0x1120
[  514.453311][   T31]  ? __pfx_kthread+0x10/0x10
[  514.453350][   T31]  ret_from_fork_asm+0x1a/0x30
[  514.453408][   T31]  </TASK>
[  514.453418][   T31] Sending NMI from CPU 0 to CPUs 1:
[  514.588438][    C1] NMI backtrace for cpu 1
[  514.588462][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  514.588495][    C1] Tainted: [L]=SOFTLOCKUP
[  514.588503][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  514.588516][    C1] RIP: 0010:pv_native_safe_halt+0xf/0x20
[  514.588552][    C1] Code: 78 85 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 43 10 1e 00 fb f4 <e9> fc 35 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[  514.588574][    C1] RSP: 0018:ffffc90000197df0 EFLAGS: 00000242
[  514.588594][    C1] RAX: 00000000001b3f5b RBX: ffff88801e688000 RCX: ffffffff8b8d7c75
[  514.588609][    C1] RDX: 0000000000000000 RSI: ffffffff8de7fa43 RDI: ffffffff8c1b0aa0
[  514.588624][    C1] RBP: 0000000000000001 R08: 0000000000000001 R09: ffffed10170a6795
[  514.588639][    C1] R10: ffff8880b8533cab R11: 0000000000000000 R12: ffffed1003cd1000
[  514.588653][    C1] R13: 0000000000000001 R14: ffffffff90d9c010 R15: 0000000000000000
[  514.588667][    C1] FS:  0000000000000000(0000) GS:ffff888124449000(0000) knlGS:0000000000000000
[  514.588690][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  514.588705][    C1] CR2: 00007f61c5947e20 CR3: 000000007f00a000 CR4: 00000000003526f0
[  514.588720][    C1] Call Trace:
[  514.588728][    C1]  <TASK>
[  514.588736][    C1]  default_idle+0x9/0x10
[  514.588756][    C1]  default_idle_call+0x6c/0xb0
[  514.588777][    C1]  do_idle+0x43a/0x550
[  514.588801][    C1]  ? __pfx_do_idle+0x10/0x10
[  514.588826][    C1]  cpu_startup_entry+0x4f/0x60
[  514.588848][    C1]  start_secondary+0x21d/0x2d0
[  514.588886][    C1]  ? __pfx_start_secondary+0x10/0x10
[  514.588918][    C1]  common_startup_64+0x13e/0x148
[  514.588948][    C1]  </TASK>
[  514.792431][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  514.799834][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  514.811096][   T31] Tainted: [L]=SOFTLOCKUP
[  514.815583][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  514.826179][   T31] Call Trace:
[  514.829645][   T31]  <TASK>
[  514.832932][   T31]  dump_stack_lvl+0x100/0x190
[  514.837739][   T31]  vpanic+0x552/0x970
[  514.842095][   T31]  ? __pfx_vpanic+0x10/0x10
[  514.846992][   T31]  ? nmi_trigger_cpumask_backtrace+0x182/0x230
[  514.853376][   T31]  panic+0xd1/0xe0
[  514.857129][   T31]  ? __pfx_panic+0x10/0x10
[  514.861577][   T31]  ? nmi_trigger_cpumask_backtrace+0x1b5/0x230
[  514.867834][   T31]  ? nmi_trigger_cpumask_backtrace+0x1f6/0x230
[  514.874364][   T31]  ? nmi_trigger_cpumask_backtrace+0x200/0x230
[  514.880632][   T31]  ? watchdog.cold+0x198/0x1ca
[  514.885451][   T31]  ? watchdog+0xd35/0x1050
[  514.890107][   T31]  watchdog.cold+0x1a9/0x1ca
[  514.894761][   T31]  ? __pfx_watchdog+0x10/0x10
[  514.899496][   T31]  ? __kthread_parkme+0x18c/0x230
[  514.904653][   T31]  ? kthread+0x13a/0x450
[  514.908949][   T31]  ? __pfx_watchdog+0x10/0x10
[  514.913843][   T31]  kthread+0x370/0x450
[  514.918157][   T31]  ? __pfx_kthread+0x10/0x10
[  514.922831][   T31]  ret_from_fork+0x754/0xd80
[  514.927579][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  514.932794][   T31]  ? __switch_to+0x7b4/0x1120
[  514.937620][   T31]  ? __pfx_kthread+0x10/0x10
[  514.942357][   T31]  ret_from_fork_asm+0x1a/0x30
[  514.947272][   T31]  </TASK>
[  514.951056][   T31] Kernel Offset: disabled
[  514.955550][   T31] Rebooting in 86400 seconds..