last executing test programs:

11.893513273s ago: executing program 1 (id=231):
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
memfd_create$auto(0x0, 0xe)
r0 = socket(0x2, 0x1, 0x0)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x19, 0x0, 0x9, 0x0, 0x1f, 0x3}, 0x4}, 0x7, 0x20020004)
write$auto(0x3, 0x0, 0x7fffffff)
preadv2$auto(r0, &(0x7f0000001000)={0x0, 0x1000009}, 0x82b, 0x3, 0x7, 0x80000001)
r1 = openat$auto_drm_crtc_crc_control_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000100), 0x84400, 0x0)
fcntl$auto_F_SETSIG(r1, 0xa, 0xfffffffffffffffd)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon33\x00', 0x121200, 0x0)
mmap$auto(0x0, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
sendmsg$auto_NL802154_CMD_SET_CCA_ED_LEVEL(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x53, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYRES64=r2, @ANYRES16=0x0, @ANYBLOB="08002dbd7000fddbdf252dfffffff600120040000000"], 0x1c}, 0x1, 0x0, 0x0, 0x8001}, 0x40000)
io_setup$auto(0x5b6e4b94, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r3 = socket(0x2, 0x1, 0x106)
connect$auto(r3, 0x0, 0x54)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r4 = open(&(0x7f0000000040)='./file0\x00', 0x2041, 0xfa)
write$auto(r4, 0x0, 0xfffffdf1)
ioctl$auto_FS_IOC_SETFLAGS2(r4, 0x40086602, 0x0)
rename$auto(&(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='./file0\x00')
mprotect$auto(0x0, 0x8000000000000001, 0x8)

8.500230942s ago: executing program 2 (id=238):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x47, 0x8000)
socket(0x2, 0x3, 0x6)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/psched\x00', 0x40102, 0x0)
socket(0x2, 0x1, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
r0 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x11}}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x20000000)
setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000540)='/dev/mtdblock0\x00', 0x1efa02, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/irq/12/hwirq\x00', 0x2000, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp1\x00', 0x20342, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x101202, 0x0)
openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000240)='/dev/cuse\x00', 0x40d00, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty1\x00', 0x40, 0x0)
socket(0x15, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
io_uring_setup$auto(0x7, 0x0)
socketpair$auto(0x4, 0x5, 0x100000, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0xa2182, 0x0)
ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0)
write$auto(r2, 0x0, 0x4)
sendfile$auto(0x3, r1, 0x0, 0x400000000006)

7.691261188s ago: executing program 2 (id=240):
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x88841, 0x0)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/afs/addr_prefs\x00', 0x102, 0x0)
io_uring_setup$auto(0x1, &(0x7f0000000340)={0x7fffffdd, 0x6, 0x80402, 0xffff, 0x7, 0x9, 0xffffffffffffffff, [0xfffffffe], {0x1, 0x6, 0xf, 0x29f, 0x2, 0x8b, 0x2, 0x17f, 0x8}, {0x7e, 0x1, 0x52, 0x5, 0xffffffff, 0x40, 0x206, 0xa, 0x6}})
pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88ds\x1cJ\x99\x00:\x00!\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18\x0f\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;C\\\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x13, 0x7)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/pci0000:00/0000:00:03.0/resource1\x00', 0x0, 0x0)
mmap$auto(0x0, 0x2, 0x1000000000001, 0x11, r1, 0x0)
r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/security/tomoyo/manager\x00', 0xa0943, 0x0)
write$auto_tomoyo_operations_securityfs_if(r2, &(0x7f00000000c0)="f21a9a3c5c7b03f3492d006e163bb154d7886d87a5c2574c58e9867ecec3371cadbc48770dc8f745d1c77eed1672bb713aca464b9bbc23b50000000000000004c635fc08000000152ad1f7fa092703e98f867fefbe1470283d09f6e868f537ce22547d21bd301d757a77633ba27c09072f5127f2f9c0780c6ace813067c43272c56e84c6db276391b2cc83f52156ec61fab5bcd3ca74c584441d7e66b26f24c273716f0b2cce71b2a376dfb4031a386233914d8f5ed727e5f783953de50a", 0xbe)
write$auto(r0, &(0x7f0000000100)='/sys/devices/virtual/bluetooth/hci1/rfkill6\x00', 0x9)
openat$auto_ns_file_operations_nsfs(0xffffffffffffff9c, &(0x7f0000005dc0)='/proc/self/ns/cgroup\x00', 0x800, 0x0)
shmget$auto(0x100000000, 0x3, 0x79e56dc9)
mmap$auto(0x6, 0x5, 0x3, 0x12, 0xfffffffffffffffa, 0x8000)
r3 = socket(0x28, 0x1, 0x0)
getsockopt$auto(r3, 0x28, 0x1, 0x0, 0x0)
setsockopt$auto_SO_SNDTIMEO_OLD(r3, 0x5, 0x15, &(0x7f0000000080)='/sys/kernel/security/tomoyo/manager\x00', 0x10001)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, 0x0, 0x800)
timer_create$auto(0x9, 0x0, 0x0)
read$auto(0x3, 0x0, 0x8080)
mmap$auto(0x0, 0x4, 0xffffffff, 0x9b72, 0x2, 0x8000)
r4 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
ioctl$auto_PPPIOCSMRU(r4, 0xc004743e, 0x0)
write$auto(0x3, 0x0, 0xffd8)
unshare$auto(0x40000080)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000003c0), 0x1541, 0x0)
r5 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/bus/usb/021/001\x00', 0xa901, 0x0)
ioctl$auto_USBDEVFS_SUBMITURB(r5, 0x8038550a, &(0x7f0000000100)={0x2, 0x80, 0x8ffff, 0x5, &(0x7f0000000040)="5a47c610e193ca96", 0xc694, 0x3, 0x80005, @stream_id=0x2, 0x20047, 0xc, 0x0})
ioctl$auto_USBDEVFS_REAPURB32(r5, 0x4004550c, &(0x7f0000000300)=0x10003fe)

7.087273062s ago: executing program 1 (id=242):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-0/xps_cpus\x00', 0x10b062, 0x0)
write$auto(r0, &(0x7f0000000400)=',\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\x9b\xcf\x1a@4\x1d>\x9b\xb8\xe7\t\x88\xe0\x85\xee\x1a\a-T\xf8\xcfHx|j\xa0\n\xc7q\x93\x8e\bOp\xd8\x05\x94\xb77\x8d.\xb3t\xbd\x15\xfdR\xfd3\xa0\xe4\xecz8\x1a\xa1V8\xa4\xe3O\xc8w|\xd4\x7f\xea\xa2X\x86\xa0\xec\xd7\x91\xb1B\xcdd9\x1a[\x96\xf7=\x9aU\xeb\r\xb5\x8e\x8b\xaeq\xa12\xc9\\\xb2\xd5\xfd\xf5\xfb\x88R\xa7\xb5\xfd\xe3\xf9\x10\xf2f\xe7\t}\xe61\xcb\x14\x88\xa2\x0f\xfa\xb5T%\xc6 \\\xa3\xa1\x10@y\xbd\x16\xe1\xdfh\xee\xde\xaa\xa2U\xd7\xf4\xa8\xd6\xc1\xe0X\x8f{m\'(\xfb\xab\x8bXW\x9a>Hg\\\xcb\xa3T\x9a%\x1e\x92|a\x9f\xbc\xe4\xd0\xa7\xeb\xb1\xe6\x8e\xae\x02\x964q#u\x8c\x19\x17\xeb\xfc\x16\xab\xb7\b_\xdfh\r\f\xa8/N\xc6\f\xef\xda\xaay\xf8fm\f\xabH\x9f\f\xd1\xc2fZ8\xcd\xb61\xcd\xd8\xcc|p:7\x15\xb2\xcb\xf5\x13\xcc\xb6\x97\x18=[\x8a\x92<k9[\x1e\xf3\x9e$u\x00cWg\f\xe2\xfah\x9d \xaf\x9d\xb5\r6\x98\xae\x87\fx\x83N\'\xd8\xa3\xd9\xd4MC\xcc\x93%\xc1\xa1c\x94\xafd~\xbcn', 0x7fff)

6.749957718s ago: executing program 1 (id=245):
write$auto(0xca, &(0x7f0000000140)='\x04\x0e\x06\xd5\x89|d\v\x00\x00@\x00\x81\x00\x00\x00\xf6\xf5\x00\xdf\xff\x00', 0x10)
mmap$auto(0x0, 0x202000d, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20010840}, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYRES64=0x0, @ANYBLOB="1e00df"], 0x1ac}, 0x1, 0x0, 0x0, 0x20000800}, 0x8001)
socket(0x10, 0x2, 0x0)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x8, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/loop8/queue/scheduler\x00', 0x808040, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000001300)=""/4113, 0x1011)
fsopen$auto(0x0, 0x1)
sendmsg$auto_SMC_NETLINK_GET_DEV_SMCR(0xffffffffffffffff, 0x0, 0x40)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
mmap$auto(0x0, 0x8, 0xe2, 0xeb1, 0x69a5, 0xa800000000000000)
sysfs$auto(0x2, 0x100000000000033, 0x0)
r2 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r2, 0x8, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
r3 = socket(0x25, 0x1, 0x0)
sendto$auto(r3, 0x0, 0x0, 0x0, 0x0, 0xffffffff)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r4 = prctl$auto(0x45, 0x0, 0x0, 0x0, 0x2)
unshare$auto(0x800040000081)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1e, 0x5, 0x200000, 0x0)
r5 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000200)='/dev/usbmon37\x00', 0x640, 0x0)
read$auto_mon_fops_binary_mon_bin(r4, 0x0, 0x19)
ioctl$auto_MON_IOCG_STATS(r5, 0x80089203, 0x0)

5.973689944s ago: executing program 0 (id=246):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_802_15_4_mac(0x0, 0xffffffffffffffff)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
fadvise64$auto_POSIX_FADV_NORMAL(r0, 0x80, 0x8000000000000000, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socket(0x11, 0x80003, 0x300)
socket(0x8, 0xa, 0x300)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
socket(0x11, 0xa, 0x9)
sendmsg$auto_SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000e7", @ANYRES16=0x0, @ANYBLOB="000429bd7000fcdbdf2502000000"], 0x14}, 0x1, 0x0, 0x0, 0x20049844}, 0x20004485)
unshare$auto(0x40000080)
openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x8800, 0x0)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000280), 0xffffffffffffffff)
mmap$auto(0x0, 0x2020009, 0x3, 0x200000000000eb1, 0xfffffffffffffffa, 0x8000)
ioctl$auto_SNDRV_PCM_IOCTL_HW_PARAMS2(0xffffffffffffffff, 0xc2604111, &(0x7f0000001440)={0x1000, [{[0x7f, 0x7fffffff, 0x3, 0xa, 0xf, 0x1f1881d5, 0xfffffffe, 0x8]}, {[0x4, 0x100, 0xc8d86ea, 0x7, 0x3ff, 0xfffffffb, 0x3, 0x5]}, {[0x7b9a, 0x9, 0x9, 0x8, 0xf, 0xbb2, 0x3ff, 0xbf]}], [{[0x8, 0x9, 0x1, 0x8, 0xa, 0x5, 0x5, 0x3]}, {[0x3, 0xfffffffd, 0xffffffc0, 0x10, 0xfffffffb, 0x6, 0xfffffc01, 0x9]}, {[0x1, 0x4, 0x200, 0x81, 0x2, 0x3, 0x401, 0x25]}, {[0xfffffffe, 0x0, 0x2, 0x9, 0xa, 0x9, 0xdcb6, 0x2]}, {[0x0, 0x1, 0xc, 0xda, 0x7ff, 0x1, 0x40, 0x10000]}], [{0x5, 0x7, 0x1, 0x1, 0x1, 0x1}, {0x200, 0x1ff, 0x0, 0x0, 0x1, 0x1}, {0x5, 0x37d, 0x1, 0x1, 0x1, 0x1}, {0x1000, 0x5}, {0x7, 0x7000}, {0xe, 0x8}, {0x401, 0x2, 0x0, 0x0, 0x0, 0x1}, {0xffffff0c, 0x2, 0x0, 0x0, 0x0, 0x1}, {0x2, 0x4, 0x1, 0x1, 0x1, 0x1}, {0x9, 0x2e6, 0x1, 0x0, 0x1}, {0x7, 0x6, 0x0, 0x0, 0x1}, {0x1, 0x6, 0x0, 0x0, 0x1, 0x1}], [{0x4, 0x7fff, 0x1}, {0x8, 0x6, 0x0, 0x1, 0x1}, {0x8, 0x8, 0x0, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x0, 0x1}, {0x8, 0x40, 0x0, 0x1, 0x1}, {0x5, 0x80000, 0x1, 0x1}, {0x7fffffff, 0x1ff000, 0x0, 0x0, 0x1}, {0xed55, 0x6, 0x1, 0x1}, {0x1, 0x101, 0x1, 0x1, 0x0, 0x1}], 0x3, 0xaa, 0xff, 0x2c81bf06, 0x94, 0x7, 0x101, "d278f74488b0b2eca439242c66f02450", "da9dc3c98e5a032954ea8b7bf2931eb8c997582101cf653f9790bc4f72be96f638bfbdafb7bb1ccafd9901190f70dd07"})
socket(0xa, 0x801, 0x84)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
setsockopt$auto(0x3, 0x10000000084, 0x85, 0x0, 0x8)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
io_uring_setup$auto(0xfa51, 0x0)
r1 = getpid()
prctl$auto(0x3e, 0x1, r1, 0x1, 0x0)
prctl$auto_PR_TIMER_CREATE_RESTORE_IDS_GET(0x260, 0x2, r1, 0x0, 0x4)

5.434295978s ago: executing program 1 (id=248):
r0 = socket(0x15, 0x5, 0x0)
mmap$auto(0x0, 0x2020005, 0x3, 0x10, 0xfffffffffffffffa, 0x8000)
keyctl$auto_KEYCTL_GET_PERSISTENT(0x16, 0xee00, 0x7fffffffffffffff, 0x99a7, 0xc)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
r1 = syz_clone(0x4001000, 0x0, 0x0, 0x0, 0x0, 0x0)
socket(0xa, 0x3, 0x3b)
socket(0x27, 0x1, 0xa)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
select$auto(0x8, 0x0, 0x0, &(0x7f00000001c0)={[0x0, 0x6, 0x4002008d, 0x8001, 0x2, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001e, 0x9, 0xa, 0x9, 0x2, 0x6]}, 0x0)
wait4$auto(r1, 0x0, 0x80000001, 0x0)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
ppoll$auto(&(0x7f0000000000)={r2, 0x6, 0x6}, 0x6, &(0x7f0000000080)={0x2, 0x8001}, &(0x7f00000000c0)={0x6}, 0x8)
setsockopt$auto(0xffffffffffffffff, 0x3ffffff, 0x8001, 0x0, 0x8)
sendmsg$auto(r0, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0)
prctl$auto_PR_SCHED_CORE_CREATE(0x0, 0x1, 0xffffffffffffffff, 0x4, 0x7)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
fanotify_init$auto(0x65, 0x2)
r3 = socket(0x1d, 0x2, 0x2)
connect$auto(0x3, 0x0, 0x55)
socket(0x10, 0x2, 0x4b6f)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
recvfrom$auto(r3, 0x0, 0xe230, 0x5, 0x0, 0x0)
write$auto(0x3, 0x0, 0x5c8)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
write$auto(0x3, 0x0, 0x5c8)
ioctl$auto(0x3, 0x8906, 0xd)
close_range$auto(0x2, 0x8, 0x0)
ioctl$auto_VHOST_VSOCK_SET_GUEST_CID(0xffffffffffffffff, 0x4008af60, &(0x7f00000007c0)=0x8)

5.317420786s ago: executing program 0 (id=249):
connect$auto(0xffffffffffffffff, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x52)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)="9b5d4b611b34f9711adb5b8fac7591567ffe51d9865b09a8aae8044817dce827c477d72c9fef30a01d267f314f8b969052a2a8fac4bb72945b0e3804809a9c847ab1e43604ee93c0932818909d9dcd8200004b929c34ea45414458f490450c0c08c885f4642b73167c93773a8d1d270bccdd36ba860b0aff4769b74dc4e7e6db6c3ae9a7", 0xfc2}, 0x7, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
r0 = socket(0xa, 0x800, 0x84)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0300, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
mmap$auto(0x0, 0x40009, 0x1, 0x9b72, r0, 0xffff)
madvise$auto(0x0, 0xfffffffffffeffff, 0x15)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, 0x0, 0x54)
socket$nl_generic(0x10, 0x3, 0x10)
migrate_pages$auto(0x0, 0x99, 0x0, &(0x7f00000001c0)=0x7b)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dsp\x00', 0x80e42, 0x0)
ioctl$auto_SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f00000001c0))
mmap$auto(0x0, 0x10000000400008, 0xdf, 0x9b72, 0x2, 0x40000008000)
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC0D0c\x00', 0x80000, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r3)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r3, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r4, 0x805, 0x70bd2d, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa901, 0x0)
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x6)
r5 = socket(0x2, 0x1, 0x0)
bind$auto(r5, &(0x7f0000000040)=@in={0x2, 0x4e24, @remote}, 0x6a)
sendmmsg$auto(r5, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800008}, 0x10001c, 0x20000000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)

4.865779532s ago: executing program 0 (id=250):
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
io_setup$auto(0x1, 0x0)
io_uring_setup$auto(0x401, 0x0)
mlockall$auto(0x7)
r0 = io_uring_setup$auto(0x9, 0x0)
syz_genetlink_get_family_id$auto_nl80211(0x0, r0)
unshare$auto(0x40000080)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0)
sendfile$auto(r1, r1, 0x0, 0x3)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
madvise$auto(0x0, 0xfffffffffffeffff, 0x15)
r2 = prctl$auto_PR_SCHED_CORE_CREATE(0x8, 0x1, 0xffffffffffffffff, 0x4, 0x8001)
io_uring_setup$auto(0x3, &(0x7f00000000c0)={0x3ff, 0x1, 0x9, 0xfffffbc4, 0x7, 0x2, r2, [0x4, 0xba09, 0x8], {0xef9, 0x6, 0x800, 0x3, 0x8, 0x2, 0x2, 0x5, 0x3}, {0x4, 0x7fff, 0x3, 0x3, 0x7fffffff, 0x40, 0x81, 0x8, 0x3ff}})
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x2020009, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000)
unshare$auto(0x40000080)
timer_getoverrun$auto(0x5)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
ioctl$auto_KVM_GET_MSRS(r3, 0xc008ae88, &(0x7f0000000040)={0x10})
r4 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000180), 0x80000, 0x0)
ioctl$auto_RTC_SET_TIME(r4, 0x4024700a, &(0x7f00000001c0)={0x7, 0x7, 0x14, 0x8, 0x6, 0x63, 0xf, 0x81, 0x103})
r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/fs/quota/writes\x00', 0x0, 0x0)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyye\x00', 0x400000, 0x0)
r6 = openat$auto_lockdown_ops_lockdown(0xffffffffffffff9c, &(0x7f0000000000), 0xa0042, 0x0)
write$auto_lockdown_ops_lockdown(r6, 0x0, 0x0)
read$auto_proc_sys_file_operations_proc_sysctl(r5, 0x0, 0x0)
ioctl$auto_BINDER_ENABLE_ONEWAY_SPAM_DETECTION(r0, 0x40046210, &(0x7f0000000240)="ffca4c345469173a2b8f5c49b3d5990df59ec8afb220c798754561688d8256066faa4360efd0ebf8b6ab0c81a7e728f87e7467fe01cb0b5cd089aead28485ea984485de9ad673b5b351657114f1edb11fa092209e11813dcbfed9afbee0fe9297fc0bd53f93fe5b50e3fbf12404c03d572aa542046104524a0fa17ace632073c51d790999fcf34390d6feae2eb65ecbc413fc16a39a326b66451b24bbe4c556e3423cab2b0b3c2e11003ffebcdc1ebafcc55e1405d9bba08778e0b190841fded470b8075ef7b1625621276593b244bb77849c36b94cac2baf65286e1bd70478d2fa999b5afc1bff4131c751569b7bd1bded3f5bb83d20e")

4.395262873s ago: executing program 2 (id=252):
r0 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
r1 = prctl$auto(0x23, 0x20000000000000d, 0x7fffffffefff, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_BTRFS_IOC_INO_LOOKUP_USER(r1, 0xd000943e, &(0x7f0000000280)={0x4, 0x6, "5944d2d1dc1268388b7f0db33cad4f4f62299fb2e7f425e10c6aad76324e6a38939d433d713793a3bd89b3276a7d3c0b873d36a42d076581f45a5546f4418b61312a16104c24e37b1c731b19c13549128ed15725a5f51079b00775e35594bb4da4bddf1b3b0e0d07c5716d3405e5ecd74d892d2905da84e9016864f61cbd130e2a47ee1468161042b4b2a8fdf9573e6ce8b5e09ee0e82f9dcec1d5812b85858ad64e24973e3e7da53727703a2d22e17f86918cc907f2e836f160c5625f0059c2ddc1b882702c1f31746e10451de47bedafe5c20157de0a34268085f853f94828e8d973f6ce02ad37147cf7b1758187e0087a03f1a8d41f87aba0d8bc31a61c97", "a5c01e1d380ebc0601b41570be8288b85140de9754418e42bfc862696f3e7ac54e0047841cf9ec0854b88055a13ffc1488f06fb3fe072c96e9e97cf0a0e7fb5a8e6844934dab5b44e33d081fe62d432fb3d18d43ffffeca1829caf4e327cd318b3981cd4cab1f9765cb0828307bc786c0eabef553bab7ef936133ef80d5ab7329cb81ac0b699914a9c8e9b5b29b6341d47e21ee5cbcc9c9ba2b0137641d8569458491ff07a8bfaefbed0c448ba2ab9c122208ab2521db701e97a407210106e6f3f976b889390d83b0460da4becbe92ca8bad2e233794fa4e9464813cbb61a3493163b4eb841a22fdb2cd261ff89fa23f41a44bd1368eb0378ed12cfd6fa53f0a433f983fdf08c54ea00178a230fc2e24e4bba75b52cee0e69e74ec46bca3b8a53c43750182845727b5507de07b68fc2744b8e2aef1cac3387528b6e13a0de0e514c02a4dfcc3b72ab50110e1d9e129c4de2bf5f2549cb14dbc643ea9792b00140bc53ac5cf7e0c9fde30ebffb05b1c8500a8befde0345e70a9ab1aba16a5ffb5de453e9212c45fa564b45049804a905b60a41e9bb510eed83ede1afc8c53cc456a6cc59a013fe8b55cd8f92604132f7c3a4e5a99a08200dd44538b12ec770ad5fd302e9177c48aec07ce6717bf993e9875191c5489fbf5ce58c174e87634ada632a2bd70d7ea3df848eca3ee257141422a1a9251b946f0a4293752b1f646c3397d7f22f0085effea65b1b3ab83003109113627ce3040ce27aea15b3b80f1b5b09510dad9cfc0de260382efd9f5a266b9fd1a4daa2703094f7aaf99a5c954dbf2f6466519c26ec175adf6b096e9b511d28ee9e0b1f89c9c745b5b1ea80896fcce85fd482d0110a3b301d1d5fc2b02e45155e95d8f065dc1cc6840995b3d2b216a85472cdaf6cd3db2282900bcf913b988a64df83d993e5b488fe1a4f1317ca51ec3a4376c471155d21547fd012ad0837f16f7b0c499eee06b510c262ca2d72ce3145622244a99f95d8ec7d793cf65e41880ec85693cf6bdc10045c7747176ccdb518fdad2ee1b45925df31c9d9eab52f5895187883d7386e0a85b62e5c67b069a8c4a0a0ddcb335af74ee800cdbb007e6590732740ec060e865a623c3bcf27071a07cbeba5f087cd28889ed48f912bb405ec333126dca0f738a85bfab3a99ec981cb106d2c44901bc1da1cf91456b931d9742189ba772a64f46daf41f3c29bf55112728c0babeeb3d75d4fe4fa536bbe08a2d589bfbe1f74128ed1892a0e3a72094cbeae0135d85771ce52014c43a53652267f51ea4ba05b2dadf0b3bcadaf8ce49d09bf5015168104aa0c27ed35a41844ab8978c09f95e113653f0772d2ae58e4551bd7f43a58ebe9b3d0bd787bf5d2c8bd2540259a809a308a981ee39cf1ac35ebf7f982e9b9c2175508f47bf02d22c7f6f2b90e3dcf3847078f0a9f16bf0bc614feb89c72528e2b8a28167f8f6f740e8e6e3aa8fdd917a0200006d84e68605168898a93999ad67b7ccbde25dfb8ae58bbcd148b654d7d493fd71647da7b9eee31b340bfdaac2575f2d73e51c7cdc16b2af02bf18b4ee2bf37053c6d709a4109cb93320f9a75d0b01fa86771f6e32d08b38f5590088e69aded10f7f405ae751f16406285bda07fac418c70e34069da43be27512e41dad0026b58be9699f2c49ab8881b88c662fb2a98a75f4f0dcac87b7298294919ec5c46c6949cb14d029c68192e6989dacad5fe20c501c79117b3a78a3e0c3dd0471f6fe35984903a929e374b8ad4ad0965a32cd09657b01f257c01156fd19d78ae42c021942c0c4652195d1b7db73a138ae09cb6e791a7974eb07b412138478a8907aefdfce243f24d90c970a0a2d44893a1f41d994d0d268fe06f19cf1d5a0f75aadac7e412f592ad6db75668fbf64fce635c8b09b100fcf9c433f6aa4717e838a6bb3c2133a6123166861bdbcdf734d636319747d2f77dfeffe18ce2e41e15990c2b124be42698fdfd34d4af354627d5b6f23cc190991fb9b4515257673f36b4d927f83c301a7209eba5541b4395be5d9cba1f646d055fcbcc48bc323282a32b6768c9da9b21eaf32bdaee0ea3c527ddb3b986bb8ef01d0b1b3f3da2de27a94eed54cfb9ef000203210056383f421627b8edb1f4a5c83560e4c4b6ad65205d5493512d8443055f9c0a191ac4bfe6a409b2fccc597151b05e96b4e6843e46cff49e55dbce5a6445e0330597191572a06662cb7fbb756e39c5165dfeb0d64d54e2c43c8c3c7cd9fed2c5dc6713520713c19cffe3bc601322b57554ba1f6729c578057adb85a8c7c008cfe922bf46c97a766430d35290b315864fe4e44684bbc05c866631ae10115fde40686b07868da8ec1478f6f071b3ef4756a8f1e92aaa93a52ef6c953097b04bea7f614930741eb6c3adc0f369e07d843751695801ccee4a11cc3bf5bc1ed9f90d597dbee41dd0873eb7711315c9205080bef6a439eac53817ba0ca8eaf94ae921a218f90289bc828eb2ed1309d3f79ec56df27a756711cf62a2436609b3fcb09fbad4cc2263b83588f2bf87cd340d018178cb1341dd9c300407991690ace544cb6afe3501e091195f2cf1add95eb8c0987bd33a356e5b9cfc65615044baff0d7fc51d8d36ddfb3081fa4c2e3ec9c0f6ae3db3c38a0caa55691ce940fc8a6653c1280c261498aa4b614cc527d3d30167084010a6af6c1427215523db5968300b65fc095971acd5f7240940f7eab46a1403d6a27885185f343b6dc5d19f614514cfebd01eddf6a6906f1a9f07a63f664d8e2ae905bbaff7a921766fd32eca0494ec980e2638751a52ad2a41b82433fec9f82527acffc577604aefdb2f557e59ff23cd08eaf99c6820a83a8626b17cf5e52f36c88f6df6f50a150e36b115b1f495581aafa7b4d14dea9a04988a375eb0b9742a7df8f54c966eab15906939ebe43fbf2f58b550945a786b9d725205927d96f8be452c177b757feeac27909ed97fead09edf572e56d0d72ad885acadc8100d59ca30f4df3cb3446593d2905e93c380983feaffc2f54c468536e18155178f50bf1091500b8098f330be09abce1832059861b1a1fdda727b54d950da313d05817044e716be47fb023aeccc08c589a19671c948d899f655780439a98cd2d18c9c6a1a8cc7917a4e27e71dd3fa942240f34b2055de7153565dec2eab98df5f2368933bdd7672f47ae2b9104523b93930e3cf7fd69f14da5438a7d95fe24b9372cf6ab3ec9a94a2d6ba0f14d0b6bd62c7df659080f8038bacb8b7d5029f9293352ce7c273b173a31b5eb7d6f954a91158bd13f2e86215c5d4d4251c28a5335a3c64fdb6d392a016cd723278455d4b4f7c9f3910b847b6d4fe0331dcbf306495774458c21954bf3f2632796e3f8e60aa79b0c72e96525798713b37251ba0c56c9544f963532cdd5f25514d1e4c722e3b5b5abbbd4592319d9af720226ce20987d8cb806b9be61059766fe0b5299594304b84478dd21ef4b9787cfc861a0bd185804fd4258dd3e4444cbe94ed79a51638254ec57641a1603bc5af74ad44a6ce968948335cc6054a867a78b20f0905010f6a88649c954f2347ec9fecf90830d7244e34ba72f75cb8730e8fa66dabfe4390a842ba3bd2c9913b3345d5af1b76f624af55094e963ca8fa34cd2f27a93069962721c5f5e8ab268ef5c889f88e1d88a7da50e33a9fe8278d251ec4014c7d248d59603105a0cc2e083675adb89ef7d94035abd6019f253dabde1312688ed5e1582bd05f0869cd250d2ac03611f876ec1064edda45268b9fed071c50c78f558ca9ab55735218a3c037d791efc0705205abd1531900e95c0ea61c89a347b20abb8871a86960c3c93de030a0476562d75da53da54f7782b15aa7fdde10cf16799e9406198fbf254fc8318ad2f4766ecfbca589e45e56c74d21f82ff56e7d5813be009b21a9e5fec4dfbd01ce5103ea3b430691dbcd4cb353961e49268bb901ceba79bbbffe024a91520eec13c94ff97dcfd02d125d47026344e0631b62a8a9b0983617fb765f2d088ffe5721fbdac088908dffba5da26c5aa0a170afd9cf1b4857b88aa9d0b9dab4c27cc6cdf823e39711975cc4141ea0356f04c345897d6f5c59a01f9a3c56faa2b0ea6496e81407216917841293d2b9dd70406be2973066a18845ce77e0c3a73c5174c22c39786dc2afc80da90b47e4b8b98daa0909341dbba1824a0b64d148a0300ca94e65637816a033ccca6a82b482096313aa0e86f4c281d65505d3e6cad94acbe335032b6fdce634d8ff7ce2eb02aeee83d8f141e89c0a180044a1a3e9f8eabbf04f17da5f629a97cc1c8d45cc0e1e552ce1847b987e6b8e8bd8699f6ba70c0f9b46aca6c4d3533bc98fe58cd52fd59fcd800043f410b6f51ef2899fe8639f0990d7c8a74f7746227e4b583d64778e0a770a3105e0c197fa156357f2f190a28c405da8e200f36ca5ed441cc8159328d10b6c3ba3212728bada16ffe6e73270a34a98f5a5f3658009f629e9d393a29ce5b793be924571b8913849087c7ee06b6609f5da254dee486295b2b180accfca7793862e85f6914f09293fafab1412c1f00357c2a72cf7fcd72e200c03f6864b0f20bcb6f4395a6fcb042cd2d450da8f34244abb07fde1d3e5c4304afa726ac751e834fd9381fb8591894c519586ab3a858072986293ee48dc6c19448b00f89e07459497cae51bea0b3f357c510e09ef4ef67347e753f624a933db50eb51c54f0aedac15c32063675954584e0adb9e615f72c2f66f13b0b53fd97d4950ec0a5bcefefe5521ba0e78e1442830560143358fd9c90d1b4023c729d5e3b00a4588afecb2cc16aab0ba6c2865ec47665968a114e4d5bb3521f1f855cc375d024a2c12d3beac419e558c9b98056d8816db22a1f407b36e7e1ad5feb74b96ec74d71e81dc15e2c5f66ea5a7d30c666c8c346f4b90458caa121d0829abcd3d5d4fe0841784368cd4310485981b716b7706a5a770b0a608d1be15a271f4dd97fe8bb2c11bfb16bb7a22a88526a15ca5f3f137c4de897e22ac6a5530c4923b9494354e4039e48f89a7b61e357193e7d0eb8d2b30054856aaf70fe1854fb7d6aab831d4186d03f904f93ca9d4cd79ae07c11bc49b91333ff1d7859f06974059d03b3a0c898de4376303df0c1dc8b6847b213348d7c64c1e16d9b58354a544fdd26dfc651f9961715e45a69aacb253023f831bb251974a325f72da7d03f535b74b781d962e086f95e519b045d7e6174856d64665e935a2ab875391169cae1ae45daaed8e692d18fe38b94e3fb2d0141ba388dd0479abc239bec4c5eada4b9418282e82205c4057fc802fcc3945c203c2cd2445825127611d2b32c896858e8e455b3e0ba9428d2743649a1730ce33aa3de5137c6c1d2724f1f1e1c810f1e7bc540e25a0"})
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)={0x4c, r0, 0x1b, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x18, 0x3, 0x0, 0x1, [@typed={0x14, 0xc, 0x0, 0x0, @ipv6=@loopback={0x700000000000000}}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f17790485908286dd"}, @OVS_PACKET_ATTR_KEY={0x4}, @OVS_PACKET_ATTR_PROBE={0x4}]}, 0x4c}, 0x1, 0x0, 0x0, 0x44000884}, 0xc800)

4.27147171s ago: executing program 1 (id=253):
unshare$auto(0x40000080)
unshare$auto(0x40000080)
unshare$auto(0x2)
unshare$auto(0x40000080)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
lsm_list_modules$auto(&(0x7f0000000040)=0x7, &(0x7f0000000080)=0x100, 0x7ff)
r0 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)={0x40, r0, 0x1b, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0xc, 0x3, 0x0, 0x1, [@typed={0x8, 0xc, 0x0, 0x0, @u32=0x4}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f17790485908286dd"}, @OVS_PACKET_ATTR_KEY={0x4}, @OVS_PACKET_ATTR_PROBE={0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x44000884}, 0xc880)
close_range$auto(0xffffffffffffffff, r1, 0x2)
r2 = socket(0x11, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r2, 0x8954, 0x0)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x3, 0x3b)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
ioctl$auto(0xffffffffffffffff, 0x40104d01, 0xffffffffffffffff)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
close_range$auto(0x0, 0x5, 0x0)
mq_open$auto(&(0x7f00000000c0)='\x12\xe6D\b\x9e\x00\x80\x8d\f\xb9w-\xbd!\x9eb\xed\xfb\x0f\xe5\x9dZ\xc2\xd1\x01wBV\x91\x8f_\xc0.\x84\xfe\x84\xd1se\x01\x06\x00\xb3\x13_Y&\xa9\x88\xe4\xa2\xb0V\x85\x92<\xb6\xdcT \\\xf2\v\xb1\xe2\xd8\xfa\xd8V\xe5\x00\xfa\xe9!\xc5<\xce\x18=\x06\xdagq\xb5\r\t\xb2\xde\x99\xd50\xbb\x192\x1c4\x86\xc0\xc1-\xd5\x10\xc3\xfc*[8\x89h\xc5\xba\xff\xc8u5<y\xa5\x97\x13\xef\xc4g\xc3\xa4&\x81I6\v\xcc\x00\x00', 0x62, 0xfffc, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
fanotify_init$auto(0x65, 0x2)
pipe$auto(0x0)
socket$nl_generic(0x10, 0x3, 0x10)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x6, 0xd, 0xfffffffe, 0x6, 0x7fff, 0x8, 0xffffffffffffffff, [], {0x6, 0x10001, 0xb, 0x2de, 0x504, 0x1, 0x101, 0x6, 0x6}, {0xfff7ffff, 0x2, 0x52, 0x5, 0x10001, 0x40, 0x76c5, 0x8, 0x8000000000000000}})
r3 = getpid()
process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000080), 0x1ffffffff}, 0x6, 0x0)
socket(0xa, 0x2, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)

4.134812418s ago: executing program 2 (id=254):
unshare$auto(0x40000080)
mmap$auto(0x6, 0x2020005, 0x3, 0xeb1, 0xffffffffffffffff, 0x80000000)
r0 = socket(0x21, 0x1, 0x0)
getsockopt$auto(r0, 0x28, 0x2, 0x0, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtdblock0\x00', 0x14fe02, 0x0)
getsockopt$auto_SO_BSDCOMPAT(r1, 0x3, 0xe, &(0x7f00000000c0)='*\\\x00', &(0x7f0000000180)=0x40)
mmap$auto(0xfffffffffffffffd, 0x810004, 0xffb, 0xfff, 0x3, 0x7ff)
preadv2$auto(r1, &(0x7f0000000040)={0x0, 0x80000003}, 0x6, 0xffffffffffffffff, 0x8000000000000, 0x2f)
r2 = getpgrp(0x0)
r3 = prctl$auto(0x3e, 0xb, r2, 0x1, 0x0)
listen$auto(r1, 0x40000000)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyua\x00', 0x0, 0x0)
close_range$auto(0xffffffffffffffff, 0xa, 0x0)
mmap$auto(0x9, 0xffffffffffffe318, 0x3, 0xeb0, r3, 0x8)
futex$auto(0x0, 0x85, 0x38, 0x0, 0x0, 0x80800005)
r5 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x68082, 0x0)
ioctl$auto_BLKPG2(r5, 0x1269, 0x0)
ioctl$auto_MEMGETINFO(r5, 0x80204d01, 0x0)
mmap$auto(0x0, 0x10000000e983, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_tracing_fops_trace(0xffffffffffffff9c, 0x0, 0x40200, 0x0)
mmap$auto(0xfff, 0xfffffffffffffffb, 0x4af, 0x13, r4, 0x100)
mmap$auto(0x0, 0x20004020009, 0xdf, 0xeb1, 0x401, 0x8000)
socket(0x2, 0x800, 0x0)
setsockopt$auto(0x3, 0x1, 0x50, 0x0, 0x9)
open(&(0x7f0000000000)='./file0\x00', 0x621c2, 0x84)
read$auto(0x3, 0x0, 0xfffffdef)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000005bc0), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_ABORT_SCAN(r6, 0x0, 0x4c810)
syz_genetlink_get_family_id$auto_seg6(0x0, r6)

3.838781201s ago: executing program 3 (id=255):
mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/oom_adj\x00', 0x0, 0x0)
mmap$auto(0x0, 0x7fffffffffffffff, 0x3, 0x17, 0xfffffffffffffffa, 0x8000)
syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff)
mmap$auto(0x0, 0x5, 0xf633, 0x40eb2, 0xffffffffffffffff, 0x300000000000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/usb/usbmon/30t\x00', 0x504680, 0x0)
mkdir$auto(&(0x7f00000001c0)='./file0\x00', 0x0)
mount$auto(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000000)='cifs\x00', 0x8000, &(0x7f0000000240)="8983b4d503e98c29ac0907551c70860db5cca27b1ab4bc56020b5d379e3632275ddfcea8c9fa21b267c9caaecb3712fa39bdf3664db83c2a79a27345e968ee01e9943d")
bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x9, 0xb5, 0x2010, 0xb, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x1, 0x7, 0x6}, 0x10)
openat$auto_zero_fops_mem(0xffffffffffffff9c, 0x0, 0x80200, 0x0)
r1 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fb0\x00', 0xc2000, 0x0)
ioctl$auto(r1, 0x4611, r1)
timerfd_create$auto_CLOCK_REALTIME(0x0, 0x622)
read$auto(r0, 0x0, 0x4)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x111442, 0x0)
ioctl$auto_NS_GET_USERNS(0xffffffffffffffff, 0xb701, 0x0)
process_madvise$auto_MADV_DOFORK(0xffffffffffffffff, 0x0, 0x0, 0xb, 0x9)
unshare$auto(0x6c000000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22040, 0x75)
socket(0x840000000002, 0x3, 0xff)

3.187093878s ago: executing program 3 (id=256):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bdi/1:5/power/runtime_active_time\x00', 0x40402, 0x0)
write$auto(r0, &(0x7f0000000400)='3\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\x9b\xcf\x1a@4\x1d>\x9b\xb8\xe7\t\x88\xe0\x85\xee\x1a\a-T\xf8\xcfHx|j\xa0\n\xc7q\x93\x8e\bOp\xd8\x05\x94\xb77\x8d.\xb3t\xbd\x15\xfdR\xfd3\xa0\xe4\xecz8\x1a\xa1V8\xa4\xe3O\xc8w|\xd4\x7f\xea\xa2X\x86\xa0\xec\xd7\x91\xb1B\xcdd9\x1a[\x96\xf7=\x9aU\xeb\r\xb5\x8e\x8b\xaeq\xa12\xc9\\\xb2\xd5\xfd\xf5\xfb\x88R\xa7\xb5\xfd\xe3\xf9\x10\xf2f\xe7\t}\xe61\xcb\x14\x88\xa2\x0f\xfa\xb5T%\xc6 \\\xa3\xa1\x10@y\xbd\x16\xe1\xdfh\xee\xde\xaa\xa2U\xd7\xf4\xa8\xd6\xc1\xe0X\x8f{m\'(\xfb\xab\x8bXW\x9a>Hg\\\xcb\xa3T\x9a%\x1e\x92|a\x9f\xbc\xe4\xd0\xa7\xeb\xb1\xe6\x8e\xae\x02\x964q#u\x8c\x19\x17\xeb\xfc\x16\xab\xb7\b_\xdfh\r\f\xa8/N\xc6\f\xef\xda\xaay\xf8fm\f\xabH\x9f\f\xd1\xc2fZ8\xcd\xb61\xcd\xd8\xcc|p:7\x15\xb2\xcb\xf5\x13\xcc\xb6\x97\x18=[\x8a\x92<k9[\x1e\xf3\x9e$u\x00cWg\f\xe2\xfah\x9d \xaf\x9d\xb5\r6\x98\xae\x87\fx\x83N\'\xd8\xa3\xd9\xd4MC\xcc\x93%\xc1\xa1c\x94\xafd~\xbcn', 0x7fff)

3.143419723s ago: executing program 3 (id=257):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'veth1_to_batadv\x00'})
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0)
mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x1, 0x0)
getsockopt$auto(0x4, 0x6, 0x1b, 0xfffffffffffffffc, 0x0)
open(&(0x7f0000000140)='./file0\x00', 0x123040, 0x1d4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
close$auto(0xffffffffffffffff)
io_uring_register$auto(0xffffffffffffffff, 0x8, 0x0, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(0xffffffffffffffff, 0x0, 0x2)
syz_clone(0x80000980, 0x0, 0x0, 0x0, 0x0, 0x0)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
open(0x0, 0x0, 0x408)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006)
preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_tcp_metrics(0x0, r1)
sendmsg$auto_TCP_METRICS_CMD_DEL(r1, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000180)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x40)
openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fb1\x00', 0x4000, 0x0)
bpf$auto(0xfffffffd, 0x0, 0x6f4)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/irq/11/smp_affinity\x00', 0xe0182, 0x0)
readv$auto(0x3, &(0x7f0000000000)={0x0, 0x10000ffff}, 0x1)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/dynamic_debug/control\x00', 0x334e82, 0x0)
r3 = openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/tracing_cpumask\x00', 0x28902, 0x0)
read$auto_tracing_cpumask_fops_trace(r3, &(0x7f0000000140)=""/193, 0xc1)
ioctl$auto_BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000040)={"f41f50c77fc60a73f782c5e4bb49d2786071a0b96037115c0d70d88ebf94c477", 0x0, 0x40, 0x7, 0x5, 0x5, <r4=>0x0})
process_vm_readv$auto(r4, 0x0, 0x3, &(0x7f0000000280)={0x0, 0xffffffff}, 0x6, 0x0)
mmap$auto(0x0, 0x2020009, 0x1, 0xeb1, 0xfffffffffffffffa, 0x8000)

2.732557626s ago: executing program 0 (id=258):
mmap$auto(0x0, 0x402000b, 0xdd, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/sctp/assocs\x00', 0x101080, 0x0)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x8000003, 0x0, 0x7, 0x0, 0x7, 0x201d55}, 0x2}, 0x800, 0x80000000)
r1 = socket(0xa, 0x5, 0x84)
sendto$auto(r1, 0x0, 0x401, 0x6358c0, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c)
r2 = socket(0x2, 0x3, 0xa)
connect$auto(r2, &(0x7f0000000080)=@in={0x2, 0x0, @empty}, 0x54)
mmap$auto(0x0, 0x4994, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0xffa6}, 0x1, 0x0, 0x0, 0x20040000}, 0x880)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x3}, 0xed7138c}, 0x7, 0x0)
pread64$auto(r0, 0x0, 0x7, 0xffff)
r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000d80), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
ioctl$auto(0x4000000000000c8, 0x800454cf, 0x3)
r5 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r5, 0x107, 0x12, 0x0, 0x4)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
setsockopt$auto(r5, 0x1, 0x21, 0x0, 0x9)
pwrite64$auto(0xc8, 0x0, 0xfdef, 0x3)
read$auto(0x3, 0x0, 0x7ffffffff000)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x9, 0x7, 0xc, 0x1, 0x948b, 0x8, 0x15f4da0a, 0x81, 0x80000000, 0x5f, 0x80000001, 0x7, 0x6d3f, 0x7, 0x2, 0x7ffffffffffffffd]}, 0x0)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_ETHTOOL_MSG_PLCA_SET_CFG(r4, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000000340)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0a002cbd7000fddbd5252800000018007d8014000010000000f63789ccc891ee1a2d228c39219dcb79781ddfe4350a6470bc7408aec174f30101000000000000961e7ef89fad7b92a92b72652ac179ac672e631c3694e6231b5f0ef02402abba792fe6626abe2bb081c606231f4eb78d16493da63e3f08a46ac3be98b4a907879c43ea5c35ed589dba4c9dc89c864f0b5f466af736e79eb568c3f32143214ecedffc2ef62568154155260b1b64f66f293c790270c4e37dfa9fa1e05f7afa79ce3f"], 0x2c}, 0x1, 0x6000, 0x0, 0x1}, 0x20008800)
r6 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
sendmsg$auto_ETHTOOL_MSG_RINGS_SET(r4, &(0x7f0000000140)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x34, r3, 0x0, 0x70bd2d, 0x25dfdbfd, {}, [@ETHTOOL_A_RINGS_CQE_SIZE={0x8, 0xc, 0xd}, @ETHTOOL_A_RINGS_RX_MINI={0x8, 0x7, 0x790c}, @ETHTOOL_A_RINGS_RX_PUSH={0x5, 0xe, 0xc7}, @ETHTOOL_A_RINGS_RX_MINI={0x8, 0x7, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x4010}, 0x10)
r7 = accept4$auto(r6, &(0x7f0000000040)=@sco={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, &(0x7f0000000180)=0x80000000, 0x1b)
ioctl$auto_SNDRV_CTL_IOCTL_POWER_STATE(r7, 0x800455d1, &(0x7f00000001c0)=0xfffffffb)
write$auto_console_fops_tty_io(r6, &(0x7f0000000000)="c80d1b5d399b39", 0xfdef)
socket(0xa, 0x1, 0x84)

1.948291749s ago: executing program 3 (id=259):
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x802, 0x0)
r0 = openat$auto_stats_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000bc0)='/sys/kernel/tracing/dynamic_events\x00', 0x1, 0x0)
write$auto_dynamic_events_ops_trace_dynevent(r1, &(0x7f0000000300)="234751a0cc0bafad59f83847854e875d850a4d197ec4b029fba4d9ea9aee6b48844ea09e2bbf5fd0fd3bb02ffd2773db9383c7153478f9420e66317eed986a03b01f4e058639651a79481bb55990570866369eeccabb9dcc25ed8b92057516ae28b8cbbe6582f0e6e0b276407aaaa436ee10ac38c3afb7d5b517ae864eff15684ef3c720d504b99e878905e7e4b2bb6b5e01d0ce0cf498295599b79a7c0283", 0x9f)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram15/make-it-fail\x00', 0x22100, 0x0) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram15/make-it-fail\x00', 0x22100, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
mmap$auto(0x0, 0x400008, 0x5f, 0x9b72, r0, 0x8000) (async)
mmap$auto(0x0, 0x400008, 0x5f, 0x9b72, r0, 0x8000)
close_range$auto(0x2, 0x8, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
getsockopt$auto(0x3, 0x200000000001, 0x2d, 0xfffffffffffffffe, 0x0)
unshare$auto(0x40000080)
socket(0x2, 0x5, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) (async)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8)
r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video6\x00', 0x280, 0x0)
ioctl$auto_v4l2_fops_v4l2_dev(r2, 0x80085617, 0x0) (async)
ioctl$auto_v4l2_fops_v4l2_dev(r2, 0x80085617, 0x0)
madvise$auto(0x0, 0x2c, 0x19)
bpf$auto_BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000003c0)=@iter_create={r0, 0x6}, 0x2)
madvise$auto(0x0, 0x2003f2, 0x15) (async)
madvise$auto(0x0, 0x2003f2, 0x15)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) (async)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
madvise$auto(0x0, 0x200007, 0x19)
r3 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r4, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002bbd7000fcdbdf2504000000"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) (async)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r4, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002bbd7000fcdbdf2504000000"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800)
sendmsg$auto_CTRL_CMD_GETPOLICY(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01032cb57000fbdbdf250a00000005003b607127b39d031d75020000000000060001004002000006000100030000f7f45a0d985e118e57520fcfe02c9fd2d366f8e17ba50892ae416098d7d756dd8b8b2d2001f42dc4bcfeeebe14187518831ebf2ad95c4b228707ec48c8cf"], 0x34}, 0x1, 0x0, 0x0, 0x400c01d}, 0x0) (async)
sendmsg$auto_CTRL_CMD_GETPOLICY(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01032cb57000fbdbdf250a00000005003b607127b39d031d75020000000000060001004002000006000100030000f7f45a0d985e118e57520fcfe02c9fd2d366f8e17ba50892ae416098d7d756dd8b8b2d2001f42dc4bcfeeebe14187518831ebf2ad95c4b228707ec48c8cf"], 0x34}, 0x1, 0x0, 0x0, 0x400c01d}, 0x0)
getcpu$auto(0xfffffffffffffffc, 0xffffffffffffffff, 0xfffffffffffffffd)
fanotify_init$auto(0x65, 0x2)
unshare$auto(0x20000080)

1.794297086s ago: executing program 0 (id=260):
connect$auto(0xffffffffffffffff, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x52)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)="9b5d4b611b34f9711adb5b8fac7591567ffe51d9865b09a8aae8044817dce827c477d72c9fef30a01d267f314f8b969052a2a8fac4bb72945b0e3804809a9c847ab1e43604ee93c0932818909d9dcd8200004b929c34ea45414458f490450c0c08", 0xfc2}, 0x7, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
r0 = socket(0xa, 0x800, 0x84)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0300, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0x80111500, 0xffffffffffffffff)
mmap$auto(0x0, 0x40009, 0x1, 0x9b72, r0, 0xffff)
madvise$auto(0x0, 0xfffffffffffeffff, 0x15)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, 0x0, 0x54)
socket$nl_generic(0x10, 0x3, 0x10)
migrate_pages$auto(0x0, 0x99, 0x0, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dsp\x00', 0x80e42, 0x0)
mmap$auto(0x0, 0x10000000400008, 0xdf, 0x9b72, 0x2, 0x40000008000)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r2, 0x805, 0x70bd2d, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000)
gettid()
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa901, 0x0)
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x6)
r3 = socket(0x2, 0x1, 0x0)
bind$auto(r3, &(0x7f0000000040)=@in={0x2, 0x4e24, @remote}, 0x6a)
sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800008}, 0x10001c, 0x20000000)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0)
sendfile$auto(0x3, r4, 0x0, 0x400000000006)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)

1.575860456s ago: executing program 2 (id=261):
mmap$auto(0x0, 0xe, 0xdf, 0x40000eb1, 0x401, 0x8000)
pidfd_open$auto(0x1, 0x0)
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/pcmC1D0c\x00', 0x20000, 0x0)
timer_create$auto(0x9, 0x0, 0x0)
r0 = socket(0xa, 0x1, 0x100)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000340)='/dev/tty41\x00', 0x68000, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
eventfd$auto(0x4)
r2 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0)
r3 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$auto_VHOST_SET_OWNER(r3, 0xaf01, 0x5)
ioctl$auto(r3, 0x4004af07, r2)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/nbd7/power/autosuspend_delay_ms\x00', 0x22902, 0x0)
r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0)
close_range$auto(r2, r0, 0x7)
r5 = socketcall$auto(0xa, 0x0)
r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r5)
ioctl$auto_KVM_GET_MSRS(r4, 0x4008ae93, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8\xa6\xb6\xaa\x96/OX\xba\x02\xc5\xc6B\x1d}Y\xbc@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf\xd6f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8', 0x100000a3d6)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x802, 0x0)
r7 = socket(0x2, 0x80002, 0x73)
bind$auto(r7, &(0x7f0000000340)=@l2tp={0x2, 0x0, @multicast2, 0x4}, 0x6b)

1.130958256s ago: executing program 2 (id=262):
mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000)
r0 = open(&(0x7f0000000180)='.\x00', 0x595082, 0x0)
write$auto(r0, 0x0, 0xfffffdf1)
r1 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x28641, 0x0)
getsockopt$auto_SO_PEERCRED(r1, 0x91, 0x11, &(0x7f0000000080)='S\x00\x00\x00\xfe\xff\xff\xff', &(0x7f00000000c0)=0xfffff000)
sendmsg$auto_HWSIM_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x8000)
setsockopt$auto_SO_NOFCS(r1, 0x32, 0x2b, &(0x7f0000000140)='\x00', 0x2)
alarm$auto(0xe)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nbd0\x00', 0x24000, 0x0)
ioctl$auto(r2, 0xab01, 0xffffffffffffffff)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x20001, 0x0)
r3 = set_tid_address$auto(&(0x7f0000000000)=0x800)
getsid$auto(0x0)
waitid$auto_P_PID(0x1, r3, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000d40), 0xffffffffffffffff)
flock$auto(0xffffffffffffffff, 0xffffffff)
alarm$auto(0x49755df6)
write$auto(0xffffffffffffffff, &(0x7f0000000040)='S\x00\x00\x00\xfe\xff\xff\xff', 0x8587)
writev$auto(0x3, &(0x7f0000000100)={&(0x7f0000000180), 0x7112}, 0x8)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_IOAM6_CMD_ADD_SCHEMA(r4, 0x0, 0x2400cc03)
keyctl$auto(0x80000001, 0xfffffbfffffffffe, 0x2, 0x0, 0xfff)
mmap$auto(0x7f, 0x8000000000000000, 0x2, 0x330, r4, 0x9)
fcntl$auto_F_ADD_SEALS(r0, 0x409, 0x9)
linkat$auto(r0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000)

772.763424ms ago: executing program 0 (id=263):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
read$auto(r0, 0x0, 0x20)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_0={0x9, 0xb5, 0x4, 0x48d0, 0x4, 0xffffffffffffffff, 0x74b, "2af051a940806ec05be276cfc83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x4, 0xe5, 0x3}, 0x10)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
madvise$auto(0x0, 0x2000040080000004, 0xe)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/tty/ttyv7/power/control\x00', 0x22902, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x109401, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socketcall$auto(0x5, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
r2 = socket(0x11, 0x3, 0x9)
syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000080), r2)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000)
close_range$auto(0x2, 0xa, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x801, 0x106)
mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/sit0/accept_dad\x00', 0x2, 0x0)
sendfile$auto(r3, r3, 0x0, 0x1)
ioctl$auto(0x3, 0xae60, 0x10000000000402)

481.771551ms ago: executing program 3 (id=264):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/system/cpu/cpu1/hotplug/target\x00', 0x2, 0x0)
write$auto(r0, &(0x7f0000000380)='0\x81=\"\xad/\x8d\b\xf5\x18\xa4\xb0\xb4\xd9\x82=~\x17\xfb&L\xeb=j\a\xf1y\xb3\"\xeb\a\xdd\xf4\xf4Ry\xee\xd7\x1e\x1c\x86\x0f\xcf\x7f\xbf\xab\x12{\xc2\xc2*\xc1M+6/v8\xea\xe9\x85s4\xfe\xe5\t\x7fc\xfb7^\xb86J_\x1d1s!\x01\xff\xff\xff\xff\xff\xff\xff\x1dF\xe6\xf6\x17\x10+\xc0\xb0\xafc\x99\xd4\x150Y~\x1e\xe2\xd6x4fW\x13\xc4U`\x9e-X\xd7\xe2H^\fLS`\xfc\xbb\r\f\x00\xeaN\t\x00\x82;\x7f\xa0.\x9a\xfb\x8d\xf3l\xf2\xd3\x95\xc1M5\xcb\xa6I\x067\xe36\xea\xe9\xe3\xf44oT_`8\xb3\xef\x04 \x05K\xf9\x87pl\xac\x86\nE\xc7e\xc5Q\x89\xcd@\x1c\x92\x00\x87\x976\x9f>\xa2\xcfm\xec\r\x11\x7f\x00\x00\x00\xb1\xde@\x02\xce\x03\xb7\xb1\xfb\x9fr\v\xb2\xe3\xc7\b\x85\x00 /zm\x7f\x8fg,p\a\xc8\x7f\xa5\x87\x02\x87\xbbR=A\x00\x1f\x8a\xa7/Q\"J\xbb\xb0m\xf2SP\x84\x84S\xf0\xba\x9a\xf6\xb6`WI\xba\xba*8\x9f\xea\xe8K/\x98\xbc7~>\x12\x9buB\xcb\xe4\x8aKf\xba\x8c\x19m\xe6I\x02\xde\x80\x9d\x87}\xf4\xbd9\xaa\xd6\xdb1]\xde\xa0r\x14\xca56^\x94\xd2\xd8\xe6}9\x91\xb6\xf7\xa1=\x96\x11\xf1\\\xa91\x0e\xd1\xe4z\xc1;Pw!\x8b\xf5{\xc7Xd\xf1\xf2}\x96EVf\xc9\xa8\xcd\xe4\xc9\x8d\x1d7\xd5\x94\\\xb5\r\xd2\xaa\xe6H\xfe)\xb3a\x04\x1eRMl\xa3F\xa8W0\x90\xc9Ky#\x03\xf5~\xd2Z\xe9(\x99\b\x00\r\xde\x01]\r\xd09k\xc2\x84\xc1\xabN\x96\x8a6\x98@\xd3\xab\xa8m\xdf\x8d\x1d\b\x82\xfcP\x87\x93\x80\x97Q\x86\x8a\x9c\xf8L\x0f\xa8@VE2\x9d\x1e`#\xd8\xd7M\xd4k1\xe6\x13Y\\\x83E\xd0e\x0eM\xa9Q\xac\x0e\x1d]\a\x19H\x81\xd2\xccF\xc6\xd4\xe2R$\xfa\xd6}\xbdsN\x18\xdf\xf5\xffP\xf5\f\xccL\xef\x83\xb3$\xd4\xf4\xb5\xe6\xd0 \xb9\xa7\x8e6\t\x83q\xef\b\xd2\xdb', 0x1)

290.159948ms ago: executing program 3 (id=265):
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x5, 0x20000000)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0xffffffffffffffff, 0x8000)
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
getcwd$auto(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x5, 0x0)
inotify_init1$auto(0x3000000000000)
inotify_add_watch$auto(0x4, 0x0, 0xe6e)
chdir$auto(&(0x7f0000000000)='}[,&*}\x00')
openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x40000, 0x0)
close_range$auto(0x0, 0xfffffffffffff001, 0x2)
r0 = socket(0x29, 0x2, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000)
recvmmsg$auto(r1, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x40}, 0x803}, 0xfffffff9, 0x10, 0x0)
ioctl$auto(r0, 0x8910, 0x24)
openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, 0x0, 0x20a00, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
r2 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000180), 0x40900, 0x0)
ioctl$auto_UBI_IOCATT(r2, 0x40186f40, 0x0)
ioctl$auto_UBI_IOCDET(r2, 0x40046f41, 0x0)
msync$auto(0x1ffff004, 0x180000000000000, 0x400000004)
mmap$auto(0x0, 0x4020009, 0xdf, 0x40000eb1, 0x401, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)

0s ago: executing program 1 (id=266):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd15/queue/scheduler\x00', 0x103a42, 0x0)
sendfile$auto(r0, r0, 0x0, 0x9)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000400)={{0x0, 0x5a7, &(0x7f0000000000)={&(0x7f0000000300)="669b0c0c4afa", 0x28}, 0x1, 0x0, 0x5, 0x100001}, 0x2}, 0x2, 0x8)
close_range$auto(0x2, 0xa, 0x0)
r1 = socket(0xa, 0x1, 0x84)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd15/queue/scheduler\x00', 0x103a42, 0x0)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006)
r2 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsa1\x00', 0x101041, 0x0)
poll$auto(&(0x7f0000000000)={0x3, 0x1, 0xa}, 0x5, 0x108)
write$auto(r2, &(0x7f0000000000)='/sys/kernel/security/integrity/evm/evm_xattrs\x00', 0x20000003)
lseek$auto(0x3, 0x7fffffffffffffff, 0x0)
r3 = socket(0x2a, 0x2, 0x1)
mmap$auto(0x0, 0x2020009, 0x2, 0xeb5, 0xffffffffffffffff, 0x8000)
connect$auto(r3, &(0x7f0000000140)=@qipcrtr={0x2a, 0x1, 0x4000}, 0x57)
write$auto(0x3, 0x0, 0x3f00)
write$auto_fops_ulong_ro_(0xffffffffffffffff, 0x0, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07)
io_uring_register$auto(0x2, 0x11, 0x0, 0x83)
r4 = timerfd_create$auto(0x0, 0x0)
close_range$auto(r1, r4, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r5 = socket(0x15, 0x5, 0x0)
getsockopt$auto(r5, 0x114, 0x2716, 0xfffffffffffffffc, 0x0)
ioctl$auto(0x1, 0x890c, 0x8)
r6 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/netfilter/nf_hooks_lwtunnel\x00', 0x101001, 0x0)
mmap$auto(0x0, 0x20009, 0xb17a, 0xeb1, 0x3fd, 0x8000)
write$auto(r6, 0x0, 0x7)
wait4$auto(0xffffffffffffffff, 0x0, 0x2, 0x0)
r7 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
ioctl$auto_I2C_RDWR(r7, 0x707, &(0x7f0000000180))

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.112' (ED25519) to the list of known hosts.
[   88.270853][ T5620] cgroup: Unknown subsys name 'net'
[   88.411151][ T5620] cgroup: Unknown subsys name 'cpuset'
[   88.420492][ T5620] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   90.234918][ T5620] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   92.245632][ T5641] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   92.259563][ T5645] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   92.262491][ T5641] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   92.269190][ T5645] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   92.278725][ T5641] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   92.290666][ T5641] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   92.293593][ T5645] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   92.302896][ T5641] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   92.307336][ T5648] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   92.314153][ T5641] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   92.321620][ T5645] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   92.331417][ T5641] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   92.335226][ T5648] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   92.350729][ T5648] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   92.358301][ T5645] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   92.363571][   T24] cfg80211: failed to load regulatory.db
[   92.366982][ T5648] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   92.381609][ T4950] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   92.393274][ T4950] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   92.401153][ T5648] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   92.411036][ T5648] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   93.861962][ T5632] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.869417][ T5632] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.876779][ T5632] bridge_slave_0: entered allmulticast mode
[   93.884451][ T5632] bridge_slave_0: entered promiscuous mode
[   93.943625][ T5632] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.951044][ T5632] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.958379][ T5632] bridge_slave_1: entered allmulticast mode
[   93.966435][ T5632] bridge_slave_1: entered promiscuous mode
[   94.083515][ T5632] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   94.139412][ T5632] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   94.238368][ T5632] team0: Port device team_slave_0 added
[   94.273477][ T5632] team0: Port device team_slave_1 added
[   94.330455][ T5634] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.337707][ T5634] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.345056][ T5634] bridge_slave_0: entered allmulticast mode
[   94.352705][ T5634] bridge_slave_0: entered promiscuous mode
[   94.377877][ T5639] Bluetooth: hci0: command tx timeout
[   94.397104][ T5634] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.404988][ T5634] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.412813][ T5634] bridge_slave_1: entered allmulticast mode
[   94.420269][ T5634] bridge_slave_1: entered promiscuous mode
[   94.428499][ T5632] batman_adv: batadv0: Adding interface: batadv_slave_0
[   94.435475][ T5632] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   94.457129][ T5639] Bluetooth: hci1: command tx timeout
[   94.464119][ T5648] Bluetooth: hci3: command tx timeout
[   94.470036][   T50] Bluetooth: hci2: command tx timeout
[   94.476695][ T5632] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   94.550062][ T5632] batman_adv: batadv0: Adding interface: batadv_slave_1
[   94.557101][ T5632] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   94.583651][ T5632] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   94.612184][ T5631] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.620142][ T5631] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.627780][ T5631] bridge_slave_0: entered allmulticast mode
[   94.635973][ T5631] bridge_slave_0: entered promiscuous mode
[   94.658533][ T5634] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   94.669433][ T5633] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.676797][ T5633] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.684469][ T5633] bridge_slave_0: entered allmulticast mode
[   94.693086][ T5633] bridge_slave_0: entered promiscuous mode
[   94.702322][ T5631] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.710063][ T5631] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.717747][ T5631] bridge_slave_1: entered allmulticast mode
[   94.724975][ T5631] bridge_slave_1: entered promiscuous mode
[   94.735397][ T5634] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   94.746243][ T5633] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.754103][ T5633] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.761968][ T5633] bridge_slave_1: entered allmulticast mode
[   94.769400][ T5633] bridge_slave_1: entered promiscuous mode
[   94.880891][ T5631] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   94.892665][ T5634] team0: Port device team_slave_0 added
[   94.908322][ T5632] hsr_slave_0: entered promiscuous mode
[   94.915511][ T5632] hsr_slave_1: entered promiscuous mode
[   94.925019][ T5633] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   94.938007][ T5631] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   94.962383][ T5634] team0: Port device team_slave_1 added
[   94.984987][ T5633] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   95.008027][ T5631] team0: Port device team_slave_0 added
[   95.046623][ T5631] team0: Port device team_slave_1 added
[   95.053018][ T5634] batman_adv: batadv0: Adding interface: batadv_slave_0
[   95.060231][ T5634] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   95.087619][ T5634] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   95.129135][ T5634] batman_adv: batadv0: Adding interface: batadv_slave_1
[   95.136521][ T5634] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   95.163644][ T5634] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   95.177367][ T5633] team0: Port device team_slave_0 added
[   95.214575][ T5633] team0: Port device team_slave_1 added
[   95.228789][ T5631] batman_adv: batadv0: Adding interface: batadv_slave_0
[   95.236049][ T5631] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   95.263189][ T5631] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   95.275889][ T5631] batman_adv: batadv0: Adding interface: batadv_slave_1
[   95.283314][ T5631] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   95.309420][ T5631] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   95.388483][ T5633] batman_adv: batadv0: Adding interface: batadv_slave_0
[   95.395556][ T5633] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   95.422831][ T5633] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   95.452864][ T5633] batman_adv: batadv0: Adding interface: batadv_slave_1
[   95.460326][ T5633] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   95.487364][ T5633] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   95.525220][ T5634] hsr_slave_0: entered promiscuous mode
[   95.531791][ T5634] hsr_slave_1: entered promiscuous mode
[   95.538138][ T5634] debugfs: 'hsr0' already exists in 'hsr'
[   95.544028][ T5634] Cannot create hsr debugfs directory
[   95.590287][ T5631] hsr_slave_0: entered promiscuous mode
[   95.596826][ T5631] hsr_slave_1: entered promiscuous mode
[   95.603482][ T5631] debugfs: 'hsr0' already exists in 'hsr'
[   95.609396][ T5631] Cannot create hsr debugfs directory
[   95.701625][ T5633] hsr_slave_0: entered promiscuous mode
[   95.708459][ T5633] hsr_slave_1: entered promiscuous mode
[   95.714554][ T5633] debugfs: 'hsr0' already exists in 'hsr'
[   95.720464][ T5633] Cannot create hsr debugfs directory
[   96.066505][ T5632] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   96.079580][ T5632] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[   96.104711][ T5632] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   96.115590][ T5632] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[   96.132582][ T5632] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   96.143484][ T5632] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[   96.160900][ T5632] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   96.171508][ T5632] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[   96.241968][ T5631] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   96.255424][ T5631] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[   96.264609][ T5631] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   96.274944][ T5631] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[   96.285258][ T5631] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   96.295363][ T5631] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[   96.313170][ T5631] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   96.323773][ T5631] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[   96.440312][ T5634] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   96.450602][ T5634] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[   96.460371][ T5634] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   96.468269][   T50] Bluetooth: hci0: command tx timeout
[   96.478628][ T5634] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[   96.496800][ T5634] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   96.507812][ T5634] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[   96.516336][ T5634] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   96.528262][ T5634] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[   96.537255][   T50] Bluetooth: hci3: command tx timeout
[   96.547575][ T5639] Bluetooth: hci1: command tx timeout
[   96.551259][   T50] Bluetooth: hci2: command tx timeout
[   96.654067][ T5633] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   96.664844][ T5633] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[   96.678143][ T5632] 8021q: adding VLAN 0 to HW filter on device bond0
[   96.691633][ T5633] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   96.704198][ T5633] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[   96.712467][ T5633] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   96.724658][ T5633] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[   96.735554][ T5633] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   96.746352][ T5633] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[   96.790164][ T5632] 8021q: adding VLAN 0 to HW filter on device team0
[   96.836983][   T75] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.844324][   T75] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.874680][   T75] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.882019][   T75] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.930463][ T5631] 8021q: adding VLAN 0 to HW filter on device bond0
[   97.015316][ T5631] 8021q: adding VLAN 0 to HW filter on device team0
[   97.044320][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.051626][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   97.094791][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.102402][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   97.124962][ T5634] 8021q: adding VLAN 0 to HW filter on device bond0
[   97.216438][ T5634] 8021q: adding VLAN 0 to HW filter on device team0
[   97.254552][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.262232][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   97.298688][ T5633] 8021q: adding VLAN 0 to HW filter on device bond0
[   97.320482][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.328373][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   97.417821][ T5633] 8021q: adding VLAN 0 to HW filter on device team0
[   97.458975][   T75] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.466513][   T75] bridge0: port 1(bridge_slave_0) entered forwarding state
[   97.502332][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.509649][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[   98.128946][ T5632] 8021q: adding VLAN 0 to HW filter on device batadv0
[   98.357295][ T5632] veth0_vlan: entered promiscuous mode
[   98.414008][ T5632] veth1_vlan: entered promiscuous mode
[   98.539764][   T50] Bluetooth: hci0: command tx timeout
[   98.547584][ T5632] veth0_macvtap: entered promiscuous mode
[   98.573260][ T5632] veth1_macvtap: entered promiscuous mode
[   98.620163][   T50] Bluetooth: hci1: command tx timeout
[   98.621333][ T5639] Bluetooth: hci2: command tx timeout
[   98.626022][ T5648] Bluetooth: hci3: command tx timeout
[   98.644146][ T5631] 8021q: adding VLAN 0 to HW filter on device batadv0
[   98.703034][ T5632] batman_adv: batadv0: Interface activated: batadv_slave_0
[   98.751383][ T5632] batman_adv: batadv0: Interface activated: batadv_slave_1
[   98.766044][ T5634] 8021q: adding VLAN 0 to HW filter on device batadv0
[   98.806372][   T75] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.821760][   T75] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.840674][   T75] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.852304][   T75] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.874411][ T5633] 8021q: adding VLAN 0 to HW filter on device batadv0
[   99.049118][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.057875][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.078636][ T5631] veth0_vlan: entered promiscuous mode
[   99.134176][ T5634] veth0_vlan: entered promiscuous mode
[   99.145012][ T5633] veth0_vlan: entered promiscuous mode
[   99.160732][   T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.162913][ T5631] veth1_vlan: entered promiscuous mode
[   99.170576][   T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.192508][ T5633] veth1_vlan: entered promiscuous mode
[   99.206815][ T5634] veth1_vlan: entered promiscuous mode
[   99.322361][ T5633] veth0_macvtap: entered promiscuous mode
[   99.335332][ T5632] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   99.346525][ T5634] veth0_macvtap: entered promiscuous mode
[   99.374054][ T5631] veth0_macvtap: entered promiscuous mode
[   99.393215][ T5634] veth1_macvtap: entered promiscuous mode
[   99.405381][ T5633] veth1_macvtap: entered promiscuous mode
[   99.449360][ T5631] veth1_macvtap: entered promiscuous mode
[   99.513138][ T5633] batman_adv: batadv0: Interface activated: batadv_slave_0
[   99.546488][ T5633] batman_adv: batadv0: Interface activated: batadv_slave_1
[   99.565292][ T5634] batman_adv: batadv0: Interface activated: batadv_slave_0
[   99.582567][ T5631] batman_adv: batadv0: Interface activated: batadv_slave_0
[   99.606002][ T1170] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.615442][ T1170] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.629582][ T5634] batman_adv: batadv0: Interface activated: batadv_slave_1
[   99.643541][ T1170] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.670731][ T5631] batman_adv: batadv0: Interface activated: batadv_slave_1
[   99.682010][ T1170] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.719211][ T1170] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.743685][ T1170] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.767993][ T1170] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.794764][ T1170] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.806068][ T1170] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.831302][ T1170] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.840438][ T1170] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.879222][ T1170] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.919444][ T5793] process 'syz.2.5' launched './file0' with NULL argv: empty string added
[  100.118069][   T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.126959][   T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.249964][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.260311][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.291747][   T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.307914][   T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.372348][   T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.383081][   T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.441913][ T1170] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.450959][ T1170] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.555401][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.577231][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.617177][ T5648] Bluetooth: hci0: command tx timeout
[  100.705127][   T50] Bluetooth: hci1: command tx timeout
[  100.705144][ T5639] Bluetooth: hci2: command tx timeout
[  100.716782][ T5648] Bluetooth: hci3: command tx timeout
[  101.066968][ T5809] Zero length message leads to an empty skb
[  102.685924][ T5836] =======================================================
[  102.685924][ T5836] WARNING: The mand mount option has been deprecated and
[  102.685924][ T5836]          and is ignored by this kernel. Remove the mand
[  102.685924][ T5836]          option from the mount to silence this warning.
[  102.685924][ T5836] =======================================================
[  103.085557][ T5833] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  104.134208][ T5861] syz.0.16 uses obsolete (PF_INET,SOCK_PACKET)
[  107.115177][ T5894] syz.2.22 (5894) used greatest stack depth: 17496 bytes left
[  107.556395][ T5914] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  107.866357][   T30] audit: type=1800 audit(1780168181.847:2): pid=5914 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.25" name="dbroot" dev="configfs" ino=8132 res=0 errno=0
[  108.818311][ T5930] netlink: zone id is out of range
[  108.825626][ T5930] netlink: zone id is out of range
[  108.831881][ T5930] netlink: zone id is out of range
[  108.843448][ T5930] netlink: zone id is out of range
[  108.852438][ T5930] netlink: zone id is out of range
[  108.869609][ T5930] netlink: zone id is out of range
[  108.874844][ T5930] netlink: zone id is out of range
[  108.896982][ T5930] netlink: zone id is out of range
[  108.902682][ T5930] netlink: zone id is out of range
[  108.940532][ T5930] netlink: zone id is out of range
[  109.044829][   T30] audit: type=1804 audit(1780168183.027:3): pid=5911 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.24" name="/newroot/7/file0" dev="tmpfs" ino=54 res=1 errno=0
[  109.119896][   T30] audit: type=1804 audit(1780168183.097:4): pid=5913 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.24" name="/newroot/7/file0" dev="tmpfs" ino=54 res=1 errno=0
[  109.121085][   T30] audit: type=1800 audit(1780168183.107:5): pid=5911 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.24" name="file0" dev="tmpfs" ino=54 res=0 errno=0
[  111.093356][ T5963] netlink: 16 bytes leftover after parsing attributes in process `syz.0.36'.
[  111.631807][ T5972] netlink: 28 bytes leftover after parsing attributes in process `syz.3.35'.
[  111.707665][ T5972] ipvlan1: entered promiscuous mode
[  111.724172][ T5972] ipvlan1: entered allmulticast mode
[  111.731916][ T5972] veth0_vlan: entered allmulticast mode
[  111.904671][ T5977] futex_wake_op: syz.0.37 tries to shift op by -2048; fix this program
[  112.172020][ T5977] futex_wake_op: syz.0.37 tries to shift op by -2048; fix this program
[  112.782992][ T5988] vivid-007: =================  START STATUS  =================
[  112.825953][ T5988] vivid-007: Generate PTS: true
[  112.851510][ T5988] vivid-007: Generate SCR: true
[  112.868564][ T5988] tpg source WxH: 320x240 (Y'CbCr)
[  112.879819][ T5988] tpg field: 1
[  112.883328][ T5988] tpg crop: (0,0)/320x240
[  112.893593][ T5988] tpg compose: (0,0)/320x240
[  112.900039][ T5988] tpg colorspace: 8
[  112.936805][ T5988] tpg transfer function: 0/0
[  112.968432][ T5988] tpg Y'CbCr encoding: 0/0
[  112.992812][ T5988] tpg quantization: 0/0
[  113.013366][ T5988] tpg RGB range: 0/2
[  113.026910][ T5988] vivid-007: ==================  END STATUS  ==================
[  113.353749][ T5994] futex_wake_op: syz.1.41 tries to shift op by -2048; fix this program
[  113.383359][ T5994] 0x000000000001-0x000000020000 : ""
[  113.459348][ T5994] ftl_cs: FTL header corrupt!
[  113.732861][ T6000] ubi1: attaching mtd0
[  113.984770][ T6000] ubi1: scanning is finished
[  114.131110][ T6000] ubi1: empty MTD device detected
[  114.439044][ T6000] ubi1 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt1d", error -4
[  114.530470][ T6004] ubi0: attaching mtd0
[  114.577515][ T6004] ubi0: scanning is finished
[  115.229564][ T6004] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[  115.273082][ T6004] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  115.301051][ T6026] capability: warning: `syz.3.47' uses 32-bit capabilities (legacy support in use)
[  115.312784][ T6004] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[  115.347604][ T6004] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[  115.380966][ T6004] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  115.406547][ T6004] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[  115.423645][ T6004] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 3369675620
[  115.472820][ T6004] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  115.536407][ T6022] ubi0: background thread "ubi_bgt0d" started, PID 6022
[  116.922041][ T6043] netlink: 4 bytes leftover after parsing attributes in process `syz.3.50'.
[  116.938034][ T6043] binder: 6042:6043 ioctl c0046209 ffffffffffffffff returned -22
[  117.860982][ T6030] Process accounting resumed
[  119.708289][ T6103] netlink: 50 bytes leftover after parsing attributes in process `syz.3.62'.
[  119.756224][ T6107] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  120.780665][ T6117] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  120.809713][ T6117] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  120.897162][ T6117] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  120.991238][ T6117] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  121.017187][ T6137] futex_wake_op: syz.0.70 tries to shift op by -2048; fix this program
[  121.034659][ T6117] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  121.044613][ T6137] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  121.062754][ T6117] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  121.089051][ T6117] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  121.100141][ T6137] netlink: 8 bytes leftover after parsing attributes in process `syz.0.70'.
[  121.111314][ T6117] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  121.132008][ T6117] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  121.157593][ T6117] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  121.171452][ T6117] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  121.199770][ T6117] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  122.226990][ T5648] Bluetooth: hci1: command 0x0c1a tx timeout
[  122.584875][ T6164] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  122.682317][ T6165] random: crng reseeded on system resumption
[  123.030658][ T5648] Bluetooth: hci0: command 0x0c1a tx timeout
[  123.107794][ T5648] Bluetooth: hci2: command 0x0c1a tx timeout
[  123.177304][ T5648] Bluetooth: hci3: command 0x0c1a tx timeout
[  124.315418][ T5648] Bluetooth: hci1: command 0x0c1a tx timeout
[  125.097706][ T5648] Bluetooth: hci0: command 0x0c1a tx timeout
[  125.176926][ T5648] Bluetooth: hci2: command 0x0c1a tx timeout
[  125.256981][ T5648] Bluetooth: hci3: command 0x0c1a tx timeout
[  125.357751][ T6227] netlink: 36 bytes leftover after parsing attributes in process `syz.2.85'.
[  126.376963][ T5648] Bluetooth: hci1: command 0x0c1a tx timeout
[  126.524757][ T6249] FAULT_INJECTION: forcing a failure.
[  126.524757][ T6249] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  126.569273][ T6249] CPU: 1 UID: 0 PID: 6249 Comm: syz.2.89 Not tainted syzkaller #0 PREEMPT(full) 
[  126.569311][ T6249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  126.569327][ T6249] Call Trace:
[  126.569337][ T6249]  <TASK>
[  126.569348][ T6249]  dump_stack_lvl+0x100/0x190
[  126.569402][ T6249]  should_fail_ex.cold+0x5/0xa
[  126.569431][ T6249]  ? prepare_alloc_pages+0x16d/0x5f0
[  126.569470][ T6249]  should_fail_alloc_page+0xeb/0x140
[  126.569507][ T6249]  prepare_alloc_pages+0x1f0/0x5f0
[  126.569549][ T6249]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[  126.569603][ T6249]  ? __lock_acquire+0x4a5/0x2630
[  126.569653][ T6249]  ? __lock_acquire+0x4a5/0x2630
[  126.569693][ T6249]  ? __css_rstat_updated+0x1ce/0x5a0
[  126.569736][ T6249]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  126.569785][ T6249]  ? do_raw_spin_lock+0x128/0x260
[  126.569816][ T6249]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  126.569846][ T6249]  ? find_held_lock+0x2b/0x80
[  126.569891][ T6249]  ? __lock_acquire+0x4a5/0x2630
[  126.569957][ T6249]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  126.569998][ T6249]  ? policy_nodemask+0xed/0x4f0
[  126.570045][ T6249]  alloc_pages_mpol+0x1fb/0x540
[  126.570081][ T6249]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  126.570114][ T6249]  ? __folio_batch_add_and_move+0x5e5/0xc60
[  126.570141][ T6249]  ? __folio_batch_add_and_move+0x5e5/0xc60
[  126.570176][ T6249]  folio_alloc_mpol_noprof+0x36/0x260
[  126.570219][ T6249]  shmem_alloc_folio+0x135/0x160
[  126.570260][ T6249]  shmem_alloc_and_add_folio+0x371/0xd40
[  126.570316][ T6249]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  126.570365][ T6249]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  126.570402][ T6249]  shmem_get_folio_gfp+0x6ab/0x1900
[  126.570439][ T6249]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  126.570471][ T6249]  ? inode_maybe_inc_iversion+0x169/0x220
[  126.570508][ T6249]  shmem_fault+0x1f9/0xa20
[  126.570535][ T6249]  ? __lock_acquire+0x4a5/0x2630
[  126.570578][ T6249]  ? __pfx_shmem_fault+0x10/0x10
[  126.570608][ T6249]  ? __up_read+0x2c1/0x6e0
[  126.570636][ T6249]  ? __mark_inode_dirty+0x55c/0x1720
[  126.570684][ T6249]  ? __pfx_filemap_map_pages+0x10/0x10
[  126.570727][ T6249]  __do_fault+0x10b/0x440
[  126.570755][ T6249]  ? find_held_lock+0x2b/0x80
[  126.570791][ T6249]  do_fault+0x2db/0x1750
[  126.570833][ T6249]  __handle_mm_fault+0x187d/0x2a00
[  126.570878][ T6249]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  126.570914][ T6249]  ? __pfx___handle_mm_fault+0x10/0x10
[  126.570959][ T6249]  ? pte_offset_map_lock+0x174/0x320
[  126.570991][ T6249]  ? find_held_lock+0x2b/0x80
[  126.571085][ T6249]  ? follow_page_pte+0x4d0/0x13f0
[  126.571127][ T6249]  handle_mm_fault+0x37b/0xa30
[  126.571177][ T6249]  __get_user_pages+0x1178/0x32a0
[  126.571223][ T6249]  ? down_read_killable+0x307/0x4b0
[  126.571255][ T6249]  ? __pfx___get_user_pages+0x10/0x10
[  126.571301][ T6249]  faultin_page_range+0x1f1/0x9e0
[  126.571347][ T6249]  madvise_do_behavior+0x354/0x510
[  126.571391][ T6249]  ? __pfx_madvise_do_behavior+0x10/0x10
[  126.571453][ T6249]  do_madvise+0x195/0x240
[  126.571496][ T6249]  ? __pfx_do_madvise+0x10/0x10
[  126.571533][ T6249]  ? do_futex+0x192/0x350
[  126.571569][ T6249]  ? rcu_is_watching+0x12/0xc0
[  126.571629][ T6249]  __x64_sys_madvise+0xa9/0x110
[  126.571664][ T6249]  ? lockdep_hardirqs_on+0x78/0x100
[  126.571704][ T6249]  do_syscall_64+0x115/0x840
[  126.571742][ T6249]  ? clear_bhb_loop+0x40/0x90
[  126.571777][ T6249]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.571806][ T6249] RIP: 0033:0x7efe6499ce59
[  126.571830][ T6249] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  126.571855][ T6249] RSP: 002b:00007efe65819028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  126.571895][ T6249] RAX: ffffffffffffffda RBX: 00007efe64c16270 RCX: 00007efe6499ce59
[  126.571913][ T6249] RDX: 0000000000000017 RSI: ffffffffffff0005 RDI: 0000000000000000
[  126.571929][ T6249] RBP: 00007efe64a32d6f R08: 0000000000000000 R09: 0000000000000000
[  126.571945][ T6249] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  126.571961][ T6249] R13: 00007efe64c16308 R14: 00007efe64c16270 R15: 00007ffc245ce018
[  126.572000][ T6249]  </TASK>
[  127.177778][ T5648] Bluetooth: hci0: command 0x0c1a tx timeout
[  127.260775][ T5648] Bluetooth: hci2: command 0x0c1a tx timeout
[  127.342423][ T5648] Bluetooth: hci3: command 0x0c1a tx timeout
[  127.919511][ T6291] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  128.539001][ T6294] futex_wake_op: syz.2.95 tries to shift op by -2046; fix this program
[  130.902569][ T6354] FAULT_INJECTION: forcing a failure.
[  130.902569][ T6354] name failslab, interval 1, probability 0, space 0, times 1
[  130.956989][ T6354] CPU: 1 UID: 0 PID: 6354 Comm: syz.1.105 Not tainted syzkaller #0 PREEMPT(full) 
[  130.957042][ T6354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  130.957059][ T6354] Call Trace:
[  130.957070][ T6354]  <TASK>
[  130.957082][ T6354]  dump_stack_lvl+0x100/0x190
[  130.957138][ T6354]  should_fail_ex.cold+0x5/0xa
[  130.957176][ T6354]  ? __register_sysctl_table+0xbe4/0x1650
[  130.957215][ T6354]  should_failslab+0xc2/0x120
[  130.957252][ T6354]  __kmalloc_noprof+0xe0/0x850
[  130.957309][ T6354]  __register_sysctl_table+0xbe4/0x1650
[  130.957358][ T6354]  ? __pfx___register_sysctl_table+0x10/0x10
[  130.957395][ T6354]  ? is_module_address+0x69/0xf0
[  130.957422][ T6354]  ? register_net_sysctl_sz+0x222/0x430
[  130.957475][ T6354]  __addrconf_sysctl_register+0x1a2/0x360
[  130.957519][ T6354]  ? __pfx___addrconf_sysctl_register+0x10/0x10
[  130.957567][ T6354]  ? __asan_memcpy+0x3c/0x60
[  130.957616][ T6354]  addrconf_init_net+0x4fb/0x8e0
[  130.957656][ T6354]  ? __pfx_addrconf_init_net+0x10/0x10
[  130.957693][ T6354]  ops_init+0x1e2/0x5f0
[  130.957729][ T6354]  setup_net+0x118/0x3a0
[  130.957761][ T6354]  ? __pfx_setup_net+0x10/0x10
[  130.957792][ T6354]  ? mutex_init_lockdep+0xf1/0x120
[  130.957829][ T6354]  copy_net_ns+0x46f/0x7c0
[  130.957869][ T6354]  create_new_namespaces+0x3ea/0xac0
[  130.957916][ T6354]  unshare_nsproxy_namespaces+0xf2/0x220
[  130.957958][ T6354]  ksys_unshare+0x438/0xab0
[  130.958017][ T6354]  ? __pfx_ksys_unshare+0x10/0x10
[  130.958057][ T6354]  ? xfd_validate_state+0x129/0x190
[  130.958086][ T6354]  ? exit_to_user_mode_loop+0xf3/0x670
[  130.958149][ T6354]  __x64_sys_unshare+0x31/0x40
[  130.958194][ T6354]  do_syscall_64+0x115/0x840
[  130.958236][ T6354]  ? clear_bhb_loop+0x40/0x90
[  130.958272][ T6354]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.958303][ T6354] RIP: 0033:0x7fe639d9ce59
[  130.958328][ T6354] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  130.958355][ T6354] RSP: 002b:00007fe63ac9a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  130.958385][ T6354] RAX: ffffffffffffffda RBX: 00007fe63a015fa0 RCX: 00007fe639d9ce59
[  130.958404][ T6354] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  130.958421][ T6354] RBP: 00007fe639e32d6f R08: 0000000000000000 R09: 0000000000000000
[  130.958439][ T6354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  130.958455][ T6354] R13: 00007fe63a016038 R14: 00007fe63a015fa0 R15: 00007ffd4c1c4a88
[  130.958494][ T6354]  </TASK>
[  130.963482][ T6354] sysctl could not get directory: /net/ipv6/conf/all -12
[  131.275737][ T6367] netlink: 12 bytes leftover after parsing attributes in process `syz.2.107'.
[  131.530640][ T6309] Process accounting resumed
[  132.972022][ T5648] Bluetooth: hci3: SCO packet for unknown connection handle 0
[  133.262102][ T1318] ieee802154 phy0 wpan0: encryption failed: -22
[  133.293072][ T1318] ieee802154 phy1 wpan1: encryption failed: -22
[  134.962891][ T6469] nfs: Unknown parameter '�m?���LH>�｢^�e���ko}*	 �'
[  135.790347][   T30] audit: type=1800 audit(1780168209.777:6): pid=6479 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.126" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0
[  137.192677][ T6520] cifs: Unknown parameter '�����)�	Up��̢{��V]7�62']�Ψ��!�g�ʮ�7�9��fM�<*y�sE�h�
�'
[  137.788839][ T6535] vivid-007: =================  START STATUS  =================
[  137.843485][ T6535] vivid-007: ==================  END STATUS  ==================
[  138.276224][ T6551] mmap: syz.3.131 (6551) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  139.402736][ T5648] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18
[  141.147170][ T6615] input: jJǸ-���9�%v����l��Q�	J8hǙn�?aԙ/rk
[  141.147170][ T6615] l6���x� �b6�Yh$X�.=��_ as /devices/virtual/input/input5
[  141.506946][   T50] Bluetooth: hci3: command 0x0c1a tx timeout
[  143.586971][ T5648] Bluetooth: hci3: command 0x0c1a tx timeout
[  149.458148][ T6737] netlink: 186 bytes leftover after parsing attributes in process `syz.2.168'.
[  150.401614][ T6744] netlink: 186 bytes leftover after parsing attributes in process `syz.1.174'.
[  152.805655][ T6765] kexec: Could not allocate control_code_buffer
[  152.926952][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  154.811311][ T6829] vhci_hcd vhci_hcd.0: default hub control req: 0701 v0008 i0005 l2047
[  155.130137][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  155.177510][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  158.703047][   T50] Bluetooth: hci2: unexpected subevent 0x01 length: 3 < 18
[  159.452089][ T6881] kexec: Could not allocate control_code_buffer
[  159.509994][   T50] Bluetooth: hci3: unexpected subevent 0x03 length: 253 > 9
[  159.819069][ T6897] smpboot: CPU 1 is now offline
[  160.427167][ T6919] futex_wake_op: syz.2.201 tries to shift op by -2048; fix this program
[  161.613681][ T6935] Process accounting paused
[  161.999914][ T6945] netlink: 'syz.0.207': attribute type 2 has an invalid length.
[  163.183670][   T50] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260
[  163.183699][   T50] Bluetooth: hci1: unexpected subevent 0x0e length: 725 > 15
[  163.198506][   T50] Bluetooth: hci1: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f
[  167.051690][ T7000] netlink: 8 bytes leftover after parsing attributes in process `syz.2.220'.
[  169.369511][ T7026] NFSD: Failed to start, no listeners configured.
[  169.398852][ T7008] vhci_hcd: not connected 4
[  172.164702][ T7040] zswap: compressor 00000000 not available
[  173.801183][ T7101] FAULT_INJECTION: forcing a failure.
[  173.801183][ T7101] name failslab, interval 1, probability 0, space 0, times 0
[  173.883923][ T7101] CPU: 0 UID: 0 PID: 7101 Comm: syz.3.235 Not tainted syzkaller #0 PREEMPT(full) 
[  173.883950][ T7101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  173.883960][ T7101] Call Trace:
[  173.883967][ T7101]  <TASK>
[  173.883974][ T7101]  dump_stack_lvl+0x100/0x190
[  173.884013][ T7101]  should_fail_ex.cold+0x5/0xa
[  173.884036][ T7101]  ? __netif_set_xps_queue+0x8a3/0x2340
[  173.884067][ T7101]  should_failslab+0xc2/0x120
[  173.884089][ T7101]  __kmalloc_noprof+0xe0/0x850
[  173.884124][ T7101]  __netif_set_xps_queue+0x8a3/0x2340
[  173.884157][ T7101]  netif_set_xps_queue+0x2a/0x40
[  173.884176][ T7101]  xps_cpus_store+0x279/0x320
[  173.884207][ T7101]  ? __pfx_xps_cpus_store+0x10/0x10
[  173.884238][ T7101]  ? find_held_lock+0x2b/0x80
[  173.884261][ T7101]  ? sysfs_file_kobj+0xe4/0x290
[  173.884293][ T7101]  ? __pfx_xps_cpus_store+0x10/0x10
[  173.884321][ T7101]  netdev_queue_attr_store+0x61/0x90
[  173.884346][ T7101]  ? __pfx_netdev_queue_attr_store+0x10/0x10
[  173.884370][ T7101]  sysfs_kf_write+0xf2/0x150
[  173.884402][ T7101]  kernfs_fop_write_iter+0x3e0/0x5f0
[  173.884428][ T7101]  ? __pfx_sysfs_kf_write+0x10/0x10
[  173.884460][ T7101]  vfs_write+0x6ac/0x1070
[  173.884482][ T7101]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  173.884511][ T7101]  ? __pfx_vfs_write+0x10/0x10
[  173.884548][ T7101]  ksys_write+0x12a/0x250
[  173.884569][ T7101]  ? __pfx_ksys_write+0x10/0x10
[  173.884592][ T7101]  ? rcu_is_watching+0x12/0xc0
[  173.884617][ T7101]  do_syscall_64+0x115/0x840
[  173.884644][ T7101]  ? clear_bhb_loop+0x40/0x90
[  173.884666][ T7101]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.884685][ T7101] RIP: 0033:0x7f9eeb19ce59
[  173.884701][ T7101] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  173.884718][ T7101] RSP: 002b:00007f9eebfe2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  173.884736][ T7101] RAX: ffffffffffffffda RBX: 00007f9eeb415fa0 RCX: 00007f9eeb19ce59
[  173.884747][ T7101] RDX: 0000000000007fff RSI: 0000200000000400 RDI: 0000000000000003
[  173.884757][ T7101] RBP: 00007f9eebfe2090 R08: 0000000000000000 R09: 0000000000000000
[  173.884768][ T7101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  173.884778][ T7101] R13: 00007f9eeb416038 R14: 00007f9eeb415fa0 R15: 00007ffddbffeaf8
[  173.884802][ T7101]  </TASK>
[  175.740733][ T7127] kafs: addr_prefs: Invalid Command
[  175.977528][ T7130] netlink: 'syz.0.236': attribute type 1 has an invalid length.
[  176.033931][ T7130] netlink: 314 bytes leftover after parsing attributes in process `syz.0.236'.
[  176.095968][ T7133] net_ratelimit: 47 callbacks suppressed
[  176.095987][ T7133] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  176.109249][ T7133] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  176.409318][ T7134] usb usb21: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  176.654373][   T50] Bluetooth: hci3: unexpected event for opcode 0x7c89
[  179.008383][ T7156] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  179.245944][ T7205] futex_wake_op: syz.2.254 tries to shift op by -2048; fix this program
[  179.578012][ T7217] cifs: Unknown parameter '�����)�	Up��̢{��V]7�62']�Ψ��!�g�ʮ�7�9��fM�<*y�sE�h�
�'
[  179.682201][ T7213] FAULT_INJECTION: forcing a failure.
[  179.682201][ T7213] name failslab, interval 1, probability 0, space 0, times 0
[  179.709630][ T7213] CPU: 0 UID: 0 PID: 7213 Comm: syz.3.255 Not tainted syzkaller #0 PREEMPT(full) 
[  179.709655][ T7213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  179.709666][ T7213] Call Trace:
[  179.709673][ T7213]  <TASK>
[  179.709679][ T7213]  dump_stack_lvl+0x100/0x190
[  179.709715][ T7213]  should_fail_ex.cold+0x5/0xa
[  179.709737][ T7213]  ? lsm_blob_alloc+0x68/0x90
[  179.709764][ T7213]  should_failslab+0xc2/0x120
[  179.709786][ T7213]  __kmalloc_noprof+0xe0/0x850
[  179.709815][ T7213]  ? down_write_nested+0x14f/0x200
[  179.709838][ T7213]  lsm_blob_alloc+0x68/0x90
[  179.709866][ T7213]  security_sb_alloc+0x25/0x240
[  179.709884][ T7213]  alloc_super+0x24c/0xd20
[  179.709907][ T7213]  ? __pfx_mqueue_fill_super+0x10/0x10
[  179.709952][ T7213]  sget_fc+0x117/0xc70
[  179.709971][ T7213]  ? __pfx_set_anon_super_fc+0x10/0x10
[  179.709990][ T7213]  ? __pfx_mqueue_fill_super+0x10/0x10
[  179.710017][ T7213]  get_tree_nodev+0x28/0x190
[  179.710045][ T7213]  mqueue_get_tree+0xf1/0x130
[  179.710073][ T7213]  vfs_get_tree+0x92/0x320
[  179.710090][ T7213]  fc_mount_longterm+0x1a/0x270
[  179.710110][ T7213]  mq_init_ns+0x482/0x820
[  179.710131][ T7213]  copy_ipcs+0x3dd/0x7e0
[  179.710153][ T7213]  create_new_namespaces+0x20a/0xac0
[  179.710175][ T7213]  ? security_capable+0x80/0x260
[  179.710196][ T7213]  unshare_nsproxy_namespaces+0xf2/0x220
[  179.710221][ T7213]  ksys_unshare+0x438/0xab0
[  179.710246][ T7213]  ? __pfx_ksys_unshare+0x10/0x10
[  179.710270][ T7213]  ? xfd_validate_state+0x129/0x190
[  179.710295][ T7213]  __x64_sys_unshare+0x31/0x40
[  179.710320][ T7213]  do_syscall_64+0x115/0x840
[  179.710345][ T7213]  ? clear_bhb_loop+0x40/0x90
[  179.710367][ T7213]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.710385][ T7213] RIP: 0033:0x7f9eeb19ce59
[  179.710400][ T7213] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  179.710416][ T7213] RSP: 002b:00007f9eebfe2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  179.710434][ T7213] RAX: ffffffffffffffda RBX: 00007f9eeb415fa0 RCX: 00007f9eeb19ce59
[  179.710445][ T7213] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006c000000
[  179.710455][ T7213] RBP: 00007f9eeb232d6f R08: 0000000000000000 R09: 0000000000000000
[  179.710465][ T7213] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  179.710475][ T7213] R13: 00007f9eeb416038 R14: 00007f9eeb415fa0 R15: 00007ffddbffeaf8
[  179.710497][ T7213]  </TASK>
[  180.252823][ T7223] Page cache invalidation failure on direct I/O.  Possible data corruption due to collision with buffered I/O!
[  180.345440][ T7223] File: /dev/nullb0 PID: 7223 Comm: syz.3.257
[  181.100421][ T7156] Bluetooth: hci0: command 0x0c1a tx timeout
[  181.945647][ T7235] netlink: 12 bytes leftover after parsing attributes in process `syz.3.259'.
[  182.258630][ T7234] netlink: 12 bytes leftover after parsing attributes in process `syz.3.259'.
[  182.601985][ T7255] syz.2.262(7255): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[  183.151340][ T7268] ubi: mtd0 is already attached to ubi0
[  183.177922][ T7156] Bluetooth: hci0: command 0x0c1a tx timeout
[  183.228944][ T7268] ubi0: detaching mtd0
[  183.333404][ T7268] ubi0: mtd0 is detached
[  183.482529][ T7274] ==================================================================
[  183.482542][ T7274] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x19fb/0x1d60
[  183.482572][ T7274] Write of size 8 at addr ffffc90004a69be0 by task syz.1.266/7274
[  183.482587][ T7274] 
[  183.482596][ T7274] CPU: 0 UID: 0 PID: 7274 Comm: syz.1.266 Not tainted syzkaller #0 PREEMPT(full) 
[  183.482616][ T7274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  183.482627][ T7274] Call Trace:
[  183.482633][ T7274]  <TASK>
[  183.482639][ T7274]  dump_stack_lvl+0x100/0x190
[  183.482670][ T7274]  print_report+0x13d/0x4b0
[  183.482697][ T7274]  ? sys_imageblit+0x19fb/0x1d60
[  183.482717][ T7274]  kasan_report+0xdf/0x1d0
[  183.482738][ T7274]  ? sys_imageblit+0x19fb/0x1d60
[  183.482762][ T7274]  sys_imageblit+0x19fb/0x1d60
[  183.482786][ T7274]  ? __pfx_sys_imageblit+0x10/0x10
[  183.482809][ T7274]  ? drm_fb_helper_damage_area+0xb4/0xe0
[  183.482838][ T7274]  drm_fbdev_shmem_defio_imageblit+0x20/0x130
[  183.482868][ T7274]  soft_cursor+0x524/0xa10
[  183.482887][ T7274]  ? fb_get_color_depth+0x120/0x250
[  183.482915][ T7274]  bit_cursor+0xca1/0x1490
[  183.482936][ T7274]  ? __pfx_bit_cursor+0x10/0x10
[  183.482963][ T7274]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  183.482988][ T7274]  ? get_color+0x1da/0x450
[  183.483014][ T7274]  ? __pfx_bit_cursor+0x10/0x10
[  183.483030][ T7274]  fbcon_cursor+0x43c/0x5e0
[  183.483056][ T7274]  ? add_softcursor+0x150/0x290
[  183.483074][ T7274]  ? hide_cursor+0xa3/0x230
[  183.483092][ T7274]  set_cursor+0x1db/0x250
[  183.483111][ T7274]  vcs_write+0xba9/0xd60
[  183.483129][ T7274]  ? __bpf_trace_sched_exit_tp+0x90/0xc0
[  183.483151][ T7274]  ? __pfx_vcs_write+0x10/0x10
[  183.483168][ T7274]  ? apparmor_file_permission+0x13f/0x1c0
[  183.483189][ T7274]  ? bpf_lsm_file_permission+0x9/0x10
[  183.483205][ T7274]  ? security_file_permission+0x76/0x210
[  183.483228][ T7274]  ? rw_verify_area+0xce/0x6d0
[  183.483246][ T7274]  vfs_write+0x2aa/0x1070
[  183.483265][ T7274]  ? __pfx_vcs_write+0x10/0x10
[  183.483282][ T7274]  ? __pfx_vfs_write+0x10/0x10
[  183.483300][ T7274]  ? find_held_lock+0x2b/0x80
[  183.483321][ T7274]  ? __fget_files+0x215/0x3d0
[  183.483341][ T7274]  ? __fget_files+0x215/0x3d0
[  183.483361][ T7274]  ? __fget_files+0x21f/0x3d0
[  183.483383][ T7274]  ksys_write+0x12a/0x250
[  183.483402][ T7274]  ? __pfx_ksys_write+0x10/0x10
[  183.483423][ T7274]  ? rcu_is_watching+0x12/0xc0
[  183.483443][ T7274]  do_syscall_64+0x115/0x840
[  183.483468][ T7274]  ? clear_bhb_loop+0x40/0x90
[  183.483488][ T7274]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.483505][ T7274] RIP: 0033:0x7fe639d9ce59
[  183.483519][ T7274] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  183.483536][ T7274] RSP: 002b:00007fe63ac58028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  183.483554][ T7274] RAX: ffffffffffffffda RBX: 00007fe63a016180 RCX: 00007fe639d9ce59
[  183.483566][ T7274] RDX: 0000000020000003 RSI: 0000200000000000 RDI: 0000000000000004
[  183.483577][ T7274] RBP: 00007fe639e32d6f R08: 0000000000000000 R09: 0000000000000000
[  183.483587][ T7274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  183.483598][ T7274] R13: 00007fe63a016218 R14: 00007fe63a016180 R15: 00007ffd4c1c4a88
[  183.483614][ T7274]  </TASK>
[  183.483620][ T7274] 
[  183.483625][ T7274] The buggy address belongs to a vmalloc virtual mapping
[  183.483638][ T7274] Memory state around the buggy address:
[  183.483647][ T7274]  ffffc90004a69a80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  183.483665][ T7274]  ffffc90004a69b00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  183.483677][ T7274] >ffffc90004a69b80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  183.483687][ T7274]                                                        ^
[  183.483697][ T7274]  ffffc90004a69c00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  183.483709][ T7274]  ffffc90004a69c80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  183.483719][ T7274] ==================================================================
[  183.491046][ T7274] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  183.491064][ T7274] CPU: 0 UID: 0 PID: 7274 Comm: syz.1.266 Not tainted syzkaller #0 PREEMPT(full) 
[  183.491086][ T7274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  183.491097][ T7274] Call Trace:
[  183.491103][ T7274]  <TASK>
[  183.491111][ T7274]  dump_stack_lvl+0x100/0x190
[  183.491143][ T7274]  vpanic+0x552/0x970
[  183.491161][ T7274]  ? __pfx_vpanic+0x10/0x10
[  183.491177][ T7274]  ? mark_held_locks+0x40/0x70
[  183.491206][ T7274]  ? sys_imageblit+0x19fb/0x1d60
[  183.491228][ T7274]  panic+0xd1/0xe0
[  183.491244][ T7274]  ? __pfx_panic+0x10/0x10
[  183.491260][ T7274]  ? sys_imageblit+0x19fb/0x1d60
[  183.491282][ T7274]  ? preempt_schedule_common+0x42/0xc0
[  183.491309][ T7274]  check_panic_on_warn.cold+0x19/0x34
[  183.491327][ T7274]  end_report.part.0+0x3a/0x90
[  183.491352][ T7274]  kasan_report.cold+0xe/0x18
[  183.491378][ T7274]  ? sys_imageblit+0x19fb/0x1d60
[  183.491402][ T7274]  sys_imageblit+0x19fb/0x1d60
[  183.491426][ T7274]  ? __pfx_sys_imageblit+0x10/0x10
[  183.491449][ T7274]  ? drm_fb_helper_damage_area+0xb4/0xe0
[  183.491474][ T7274]  drm_fbdev_shmem_defio_imageblit+0x20/0x130
[  183.491506][ T7274]  soft_cursor+0x524/0xa10
[  183.491526][ T7274]  ? fb_get_color_depth+0x120/0x250
[  183.491554][ T7274]  bit_cursor+0xca1/0x1490
[  183.491573][ T7274]  ? __pfx_bit_cursor+0x10/0x10
[  183.491593][ T7274]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  183.491618][ T7274]  ? get_color+0x1da/0x450
[  183.491643][ T7274]  ? __pfx_bit_cursor+0x10/0x10
[  183.491659][ T7274]  fbcon_cursor+0x43c/0x5e0
[  183.491686][ T7274]  ? add_softcursor+0x150/0x290
[  183.491704][ T7274]  ? hide_cursor+0xa3/0x230
[  183.491722][ T7274]  set_cursor+0x1db/0x250
[  183.491741][ T7274]  vcs_write+0xba9/0xd60
[  183.491758][ T7274]  ? __bpf_trace_sched_exit_tp+0x90/0xc0
[  183.491779][ T7274]  ? __pfx_vcs_write+0x10/0x10
[  183.491795][ T7274]  ? apparmor_file_permission+0x13f/0x1c0
[  183.491816][ T7274]  ? bpf_lsm_file_permission+0x9/0x10
[  183.491833][ T7274]  ? security_file_permission+0x76/0x210
[  183.491857][ T7274]  ? rw_verify_area+0xce/0x6d0
[  183.491875][ T7274]  vfs_write+0x2aa/0x1070
[  183.491894][ T7274]  ? __pfx_vcs_write+0x10/0x10
[  183.491911][ T7274]  ? __pfx_vfs_write+0x10/0x10
[  183.491929][ T7274]  ? find_held_lock+0x2b/0x80
[  183.491957][ T7274]  ? __fget_files+0x215/0x3d0
[  183.491978][ T7274]  ? __fget_files+0x215/0x3d0
[  183.491998][ T7274]  ? __fget_files+0x21f/0x3d0
[  183.492020][ T7274]  ksys_write+0x12a/0x250
[  183.492039][ T7274]  ? __pfx_ksys_write+0x10/0x10
[  183.492061][ T7274]  ? rcu_is_watching+0x12/0xc0
[  183.492083][ T7274]  do_syscall_64+0x115/0x840
[  183.492107][ T7274]  ? clear_bhb_loop+0x40/0x90
[  183.492127][ T7274]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.492145][ T7274] RIP: 0033:0x7fe639d9ce59
[  183.492160][ T7274] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  183.492176][ T7274] RSP: 002b:00007fe63ac58028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  183.492194][ T7274] RAX: ffffffffffffffda RBX: 00007fe63a016180 RCX: 00007fe639d9ce59
[  183.492206][ T7274] RDX: 0000000020000003 RSI: 0000200000000000 RDI: 0000000000000004
[  183.492217][ T7274] RBP: 00007fe639e32d6f R08: 0000000000000000 R09: 0000000000000000
[  183.492228][ T7274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  183.492238][ T7274] R13: 00007fe63a016218 R14: 00007fe63a016180 R15: 00007ffd4c1c4a88
[  183.492254][ T7274]  </TASK>
[  183.492317][ T7274] Kernel Offset: disabled