last executing test programs: 9m56.819771678s ago: executing program 2 (id=287): statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x44f, 0x759, 0x5, 0x7181, 0x1ffde, 0x7, 0xfffffffffffffffa, 0x8, 0x9, 0x80003, 0x4, 0x200000000005, 0x384, 0x9, 0xb10, 0x10006, 0x2, 0x7, 0x0, 0xe, 0x22000, 0x200, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x7, 0x0, 0x25c3, 0x0, 0x0, 0x1fffffffff, 0x0, 0x0, 0x0, 0x3, 0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x20000000000, 0x100000, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x196fc46e, 0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x400000000000000, 0x200000, 0x0, 0x0, 0x40000, 0x0, 0xfffffffffffffffd, 0x0, 0x8]}, 0x1fa, 0xd) r0 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000000c0), 0x2802, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r0, 0x2, &(0x7f0000000380)="dcbb5fd7054bed139fb7f9fb1dca8fe1d88f65ee057c0e6faac40d106e4f0d52edf6e31c48e8d983ae3431fa707225c2c387e1a200b38759ba8e9187200e6d044ef46a534de751b1436f20ed7071b254509700aa726ea003a1b7b9ce2313756dc84bc4556ddac694c4553d72ed13a885176712c9cff968f74bd1d14ff734ad08e60cf7e7a7dd07d2b6ca9cb21ddaae68d2969afcf6c734f6ee1c63b1c93abf32264f9ec022b64c903276298739ee8ae7ac1fe14534ad54004f39ea1b99964702554c1494e1742baeae527cf3007d50fc92e924f73b6288e5d9fd071d2fba76b2fabd3faf5229f4c3168226346e3087026d3d2c8aed398d4988971e05ff0ab9f5f2328e7f51d5061584b44581a4c83e413718d3a82f87daf87d1d5a2c32fbaa58f095fbf34ccc603b632155c27289cb5598049a7c9160dfe8a01d5a1983408082941eb39db2a09c5a34dc876dfa58a589687aa0cf6be7b5b084a8f753758332896ec3adad7a79b751908ee2b3d25131f44185a0ed8d20e9b6b8a1ed11402b02e544b67caf3177eda039e64aaf295eca7953c165fa73afca96d7750663711101c6e14e44817c6ad4b1474132dd441ca5c9d7776c871ffacbd96910496cad7010b9b526135e84") r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/bus/usb/036/001\x00', 0xa901, 0x0) ioctl$auto_USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000240)={0x3, 0x81, 0x5c, 0x4, &(0x7f0000000280), 0x9, 0xeb8d, 0x2, @stream_id=0xff, 0x7, 0x476, 0x0}) r2 = socket(0x2, 0x1, 0x0) setsockopt$auto_SO_RCVBUFFORCE(r2, 0x6, 0x21, 0x0, 0x9) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/fs/orangefs/stats/reads\x00', 0x2002, 0x0) r4 = open(&(0x7f0000000040)='./file0\x00', 0x1ebe02, 0x61) mmap$auto(0x0, 0x11, 0xdf, 0x9b72, r4, 0x8000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000740)='/dev/adsp1\x00', 0x4000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xffffeffe, 0x2) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0x83, 0x0, 0x8) r5 = socket(0xa, 0x3, 0x87) mq_notify$auto(0xffffffffffffffff, &(0x7f0000000180)={@sival_ptr=0x0, @inferred=r5, 0x2, @_sigev_thread={0x0, 0x0}}) ioctl$auto_FBIOPUTCMAP(r4, 0x4605, &(0x7f0000000640)="61fa062514627df3923e92b5ed36073efe0589d4665480791c402987767a864c447afb51683da14c333d84c6794cf8a8b823d5ebad7cc30cdf8d385911335dda05aac226cf2dc7305b9620b2795ac7f4e14f2bdcca80716a697fc514608d594106ca77f788dc95408774645c720d4b8420e9c14410affc3ed22e5202bb11fe50c091b3ef8992d0fd76a81eb02ed7ac418db6369e727e89a85f3c0588d2b4019625652e81df73f125f27d57a5177d9c753707187767a70173a1e6ea583e668cd9d87c71d23b456b2195fe0ad41d57cecc0fa0") write$auto(r3, &(0x7f0000000100)='\x15!\xa8^J/\xddCx4\xa1\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\x9e\x14\xe4\xa5\xfe\xb5', 0x5) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'geneve0\x00', 0x0}) bpf$auto_BPF_PROG_DETACH(0x9, &(0x7f0000000580)=@link_create={@map_fd=r1, @target_ifindex=r6, 0xff, 0x54f9, @tracing={0x9}}, 0x5) open(&(0x7f0000000040)='./file0\x00', 0x101000, 0x120) r7 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/tty/ldiscs\x00', 0x2, 0x0) pread64$auto(r7, &(0x7f00000002c0)='\x00', 0xffff, 0xb2) shmctl$auto_IPC_INFO(0x200, 0x3, 0x0) r8 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000000), 0x28002, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r8, 0xfffffff7effffd05, &(0x7f00000001c0)) timer_create$auto(0xd, &(0x7f0000000900)={@sival_int, @raw=0x10, 0x9, @_sigev_thread={&(0x7f00000007c0)=&(0x7f0000000780)=0x7, &(0x7f0000000800)="ed23ebc2a5204132ce4fab962e9d7ce2ead939df5582e95fc69df25f2a88c27676513c6eb6fe16e6f920bf4bf5020d04602561eac6fca2975679ef61c2af106a83b3b4e017b0be87b1eecd42e143ddbed8ce32b29dc9281e110b9cd44e8a3c1c070df6f2f2553d56d173d503a7c0386d7a34dd8893b70676f5870962f8b04d402dc475e5d6670af634b05662b2dcc005c3661dba3eba62579865c93f808d20d8ef05de3e6578de50b468f22617be2eb6838ee0d9cd2e20e8263d91e13bb70773454673d7654be179b77568496a8f796507aa262e3446d6cb2a1f714d3aed411b5ec3d297afec90b4eaf940"}}, &(0x7f0000000940)=0x4) 9m56.302081433s ago: executing program 2 (id=289): r0 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/mixer\x00', 0x2, 0x0) keyctl$auto_KEYCTL_ASSUME_AUTHORITY(0x10, 0x1, 0x2, 0x7fff, 0x1) ioctl$auto_OSS_GETVERSION(r0, 0x80044d76, 0xffffffffffffffff) 9m56.082567622s ago: executing program 2 (id=292): r0 = socket(0x1d, 0x2, 0x7) r1 = socket(0xa, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000000)=@can={0x1d, r2}, 0x6a) mmap$auto(0x0, 0x6, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'vcan0\x00', 0x0}) connect$auto(0x3, &(0x7f00000018c0)=@can={0x1d, r3}, 0x18) write$auto(0x3, 0x0, 0xfdef) io_uring_setup$auto(0x6, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'netdevsim0\x00'}) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0x5, 0x0) 9m55.249865546s ago: executing program 2 (id=294): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0x10, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x40000000009, 0x8, 0x1, 0x2, 0x4, 0x15f4da0e, 0x3, 0xd08, 0xc, 0x8, 0x4, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2c, 0x1, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capset$auto(&(0x7f0000000100)={0x20080522}, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) ioctl$auto(r0, 0x541c, 0xffffffffffffffff) madvise$auto(0x0, 0xffffffffffff0005, 0x19) bind$auto(0x3, 0x0, 0x6a) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) 9m53.088900186s ago: executing program 2 (id=299): r0 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000000), 0xc00, 0x0) io_uring_register$auto_IORING_REGISTER_SYNC_CANCEL(r0, 0x18, &(0x7f0000000040)="7e1fabd6093ffe44fd799790f470493c8bb42c6df325bf623691aa80f7ddeb954a1167447f91d0fcf87029557706a71ea3ee5321915fe750e2d24a61610ad03eda001731dce598d206428b26ffee3bd7cb00668d845a97ccdf441c8c5edcb97b367c4fd8fb995ef9c73f7add1d38ba950c22310440701deb0f28d7362123833c5e472228af09c183bfc0ad87854b53ae2810", 0x2) r1 = ioctl$auto_TUNSETVNETHDRSZ2(0xffffffffffffffff, 0x400454d8, &(0x7f0000000100)=0x7f) ioctl$auto_EXT4_IOC_SWAP_BOOT(r1, 0x6611, 0x0) madvise$auto(0x3, 0x0, 0x6) r2 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000180), r1) sendmsg$auto_NFC_CMD_DEACTIVATE_TARGET(r1, &(0x7f00000012c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000001280)={&(0x7f00000001c0)={0x109c, r2, 0x10, 0x70bd2c, 0x25dfdbfb, {}, [@NFC_ATTR_TM_PROTOCOLS={0x8, 0xe, 0x4}, @NFC_ATTR_LLC_SDP={0x107d, 0x13, 0x0, 0x1, [@generic="9a2761a4d6382f9afe8b91c0754312c089015aa6912f0f5ec7d7050835b3ee0221c73b2bf7af87ca265bb1811f0167eebc490e54784332f8d701ee49a388c945b18efb117dff87afc175f76cbbe859f1", @generic="0734d7648579a1c1140a25cf1233318e2f8daa5fe58a5a68787ce57239a195325538fdfc975e833980", @generic="c493b39a5d6fa9ba573c5d787b73f751937c8bdf7a9bfe74738a7df2eb0d6a0e34d2bcd85c54691b58513a269e63fe2771a74af15e06daa2534bb97ccb7448c25168baa68109cf52898f26e8f38b65388ee8e908da060ec8bc0b086e1d06daf2ba867ae74668eba29bdc6fdb6fa3f996186370ca14c1f7a4a51c167c941f2289f569037c5eaa2e81d68fe7f1ad58b306609dad4ecdaddf776609535f39e433c3b51131f2af6ce9cb7401788ba13a1bc165d48708d3b57677d11dc0ca460042022a72b6430a844d662e247449604f75d17b6caad00920b06ebf031268e5c9dc91926c4989e440d3fad4ed8d343f33b5fcd85131768ca9243a5355d396f32da952665f60f869e6e37df4754a1983913046ce5563af93ce98fe315de47b1c6ac618e3f364dbc24de65fd67d5bbbcceb249bea1a6b8ede9fdf8f1b468c11f19fc98baccc3e17d0a32366002f0435b248c420beeac6b46dc184ad6fc149bbf415bd6a79fe06d51702de44eadf8f45cd652902a1c347fea606167328e6301d0480ac28a433f03edff88c663cc0bc2d982975d796347b4f59a6f9af57d7acaff9e1453a1c485ff4b3ad0e8acee8e476bd528baebefa475d4292b614ec5a8e4b7cf597c0100c4d020be86ab97d38a657ec768296cd5db2674e1307463d3cfe8f3f4aefc56ba3cd4fa6424f4a6d4b94d2de29dc9d1a93c7f01b134f32c1acf39569f322b81d9f8d5d6e3b31ef60ae0655b6f595970eaf6db571ac19dc54f66493bd0c5b75f75c51752d925648bfa755503705c4b8f62a1d6b1099b16bd8783f6fc5f2ba37cf1ca89b1b88fec41975ae058ed612032d42fe9450cd9fbac4846884feb49688b371852423167bdce9cd39c52eec6650e604de8070167751cf67d17a5238735dd55d9ca45210226ec5620dce8002a71ecfef244e45ba9bdfb1f53c88a1e0ecc64051dafd5928f8823f7dc09f3b5e1ad323055139fac276cb96d657027d9845463439e28dc62e3452f05c35fdee768cb02381d661c3028c0fd694b43a760eff7800d0d911117c95ddd5252dabe7f351506319f29afc86b9b654c1abceb711ec91ae4c86765d05dfc434393795d084b5878ca5a86012e4b2020c21794c55f8f7c00ac5f37839be134700c83fc4e232ddd7e1a12c5b96dd01154bd1103a19149656243fb401abe394855966ac7fa37bee93890093354540c35219ed0ca233372878628e3a687a344a93300f9eec162ffa64de172119f3bb14ad39ce48562ff50449444be0a0ce57754ecf2a229e6677d45e7740ec7b43319f3db55274fe6d4a8d54ea0e07f5f169219b0fb62aeed06500aab1070548beddd568448939b4b5f8c894d229da693cd80660aa251b2467a79ae7097c378994dca25c3920793a7d9b9e30e313bfb65a5069c8d092c14d64ece696ad7b2032b70b2cecb581d4268d2c2d6d99c20da6480b11879f3838692142bfab8cf5aac8081319cc1fc285b48a6845c693d9a7b3487c9e303bb27865c3d88fc41dbc2c418c41045183fe577e0fd2f8497aaff0d39de6286f61e0a4ee64f5b1b1e9eb30d015fb1655314cfb1673c5340c32165d0170762f24011f42c297c9cf3727d043ab1593109f8994a25bf872a4f1c12f8c4eac4904d4558e1e805bf3adfa7461b6f03a7fc34ec60f99e89120aea37b20dc080441f6b9b3635802d47f4dbb96e9a257c39123e51f783b29a366eeb41b362c285e39b9bf357e4e68a11b49af98b1aa4b7fb32ad5c77ca06e5ddb046f45a6208a99b74b67bf46effa3c25ba6e2008620571f5301bbd0c1a632e50b227e78879795bb08e6b6a75210f85a7005173eafc0768bfd6a75ef63bb6016789f4e46e8371f73c660a2855c0732a161868476a3b6bb6d48c74c4efedef74c2508f95f7ce3ebe211ed977b1a93e7160225c626d4aed59579d7d300caf5b0050875ffd70628dd5f4bf4a8e69e1cc9a284cc0b1da7670e623793b457a6c97bb8e89d9fd1a487d6929db1068c859848dd6498693ee8b232cad5f50a665c93894f149d23a296362d4ce051cb4728e3d647fb337a40e552148c7940fa6c0058b3afdf7b049d0521d8c0e2454f5bd6451589dcbcccb3c4f1fe473e7f38d7ed47e5ea5658dfa795178a3f501faffea1b06e531397cb0312164bc38f400b933445c44ca79a57c27fe546e92903fd1e8faeac92ffa642eedd037573119d2f5a42ad6084e3bd27a4e5438e06e2081cc7a1ba25d9b4e92701bf7184d99999f2aa28f3d0fc947fc7c062095bb209c5c06863d52dc5b59fe0bb529854aea0ed45b4bd7366b9fcebb1f701393f86bdf3cb56875d09ec0fc1355a8396aa1eec1df0c131e6c34dfeee09a588ebfed8454b4eebee030704b53a7962a5cd5be6e7a5f0ebf4768578620c43683c12909551dc0314b532e2e45a233be6bf9785eea243669b0880202988be64e0210c69878eb952fe9839c540a351f808d7c68b19cadaee897195dc4fd8f8dfc578afc69e9483c82acff2f720ba0daefb1698cf76643c80999d2ac2793d4b59d8d3a25a5b2f2a864113619dc92850f8f1e7fc2e59278b0b80c129d51b7e3169a5a162f7110f04e50430ccbf151fdd483259ad4ec0a44e8fd6ce8787d610b933991a590cf990058e6199ccb63ca376805df0c928bec3b5a6921e96ba28f824086842e8535d85679497c5b5dde6cf041a61b777b52cf123d33f01e763827b4e081d81930a707f8ea34cc8749834c48354ad6c345937af818a4dbae54f3c1dae99f64681af7dd48f210b8feb8c879e2833180711b80a6d24dcce0a7547fb5a4a0a420f8cf6d1e34b3a04b7c232a4f593dc1c572f6ea11b331109c813e2bdee3323ac90be6918cad1677411ca7340d83227b887bb7a9c839efa14ce49320bcdedb0352143d5bfc83f83a98d6372cdacb78c4f3ae82ed39c199686a9d7117d442cfe0e13b0cd00ae66d6e1c5e6a3b1d84ae53ea79faa358047ecd24c26a7057dff84dd59d3dc9ee0444d21972cda9b7debbc55af561c9c49aba8c2b76e195dc6fb39003337a241b2c0c43640cb39a9df3b02e57bb85b64eaa4b1d735263ab1a3f6a90fa5458ea7350deb74f937b1286ba25fb79f167c940a7238cc30a9712cb48c43c6b6b7f6530d7ff9fe12d8ab04cbfe59ec9e9b20405b1a33ee8ee6a58963501f345136a865fe388b642b146147bc9fa49dd8a9abd2efd41c7bfb8b003192ff49550845f7a3ec6a2eff0ccf1897f86795c969fc9540cecbcd6beaa732d55d2b9a63db1850cc7896b3af57a13d8c3f09c46fdcb73287f33eda8c39ad9cfb7c11a7ad4b946fbd9cff082eb07f27b4cf3c35c5d49eda87eb8cf04887a2268cbaa8106dee6e3e4eb94872acc5334761132ceaab76295a40db60edda5c69a617e6d7b48ff809a13bc6cfecbc24453731aecffd210c5190c9ccce41955025e6b7db48e0b44872d96a69dfa8f2a3f44b5a9eec28f2ace40622e5b4e4b9fc711dd1d19f4b6a109c101c9998d3d298e6d614a334da349fdf66ca08b4020894cd019328d4669cd4e1f8a5b7efa209a45cdd648d8db1d6bc06639999d1679d5b8e96ec85b4bd3620d32a1b618310e4e083bfc4b4f7aca599518da73576a7e9e45bfb2646825dec5b096a69dfefd74d47772ed10d8033a1859322cde15564be249f9c87d6394bc3fcc38915d32d43824e6c42929f583dfedcaa458af0adf8d032a33d05e7f2e8d6743db7956943011202fae2febee2609819590ab1eda36d30f6074f054ec3521bff5bd922805f1a6b4dcf2752df6316ef7826dd4d555d56969335b27b6eacde00e1c9624f3093b0177c03d7bef2c0778853f2a859b256b1e5195af9c94a23c982d68982e67732d67be6d71c8bbd8df4eab03d3859b8325b9b40a244ad1fec451d7c3211298adcfa42d3ce66e0ce3bb9e2553046d35a69c6e72fdf1e715b368d671c3abd9897754650c51ca6f29ed56c4c4cad77249daa5f419e61b0745108ce536d9fa49b172f64bac28f50b724a07eec878b59c58403ce5633fcf092212cc484e82e0920f67cc98fc285d759278ac7247da8a678e9ef993f0d5eade591d8ad3644d45e21e51facf59f5b4b257d8dcc42c3198e766126aeebb945c0301a59463ba06a1573589152b4e223937e1f03333ec321e3cc615aeb4408dacaa36477105283e7d46a4c6d7c1705baea81b79472b2afbc514ddc20ec37b9a2808267032e55f6823161a23503872860bc1ce624df4fac20da5e57550d32d58cff0353621dece46168ff29a4fe7fd077e3e37d0d1d417f1d0bedf7dc725a68ba764229beeff2552eaab0b2f35c6adb7b39ad6d84393a5b226da35d7c3f42d1d2ee7891da4f8ce85cba10bd717ce838647653a93b4d5e22d459bd5f19380987c422898b9b4d53ce703101b5361d62b301518e1fe2f3709b4bb792f26e0a150e69626d0dd4b0f80797c4080c0ad489b2cd2362ed3e8e4697c27b83a88cf981418a7191b7cb6a275c3d735e663863f652d826cdc05e0acbded32806d8bd4f77448ebb79a75ad73ff25c47b6f9a4ed39b05b7d59fba275fcfcc962c508353dbeca32c0d284906af6e06751ba90dd32ff22aca14f64c7ab47af01341f150f65f98e67660ae04840ce9b75435aad61b04b020cdfce767a519603b1bece4c703b81b592f342905b1dff0ad16c3c81b7e3ee5e40796902913733e50d886d0764e875b5d54473c127170fb3de18d4d623f81629fe6eac0686b4ffba20b66253090ccd9a7d11864ffe58c98043fde49a496c0bc7feb4f0b5357d928405538b7b7c1d3d41d172bcb4ad5a1fbb58e45f1838bedf21b55c01327a20fd957ecc51b25b5c62eb7331746bab91ebd64c5d82a31d47bc10a241a63226a7e1a2b5f30762249e97e3537a57fa84e2e2f9d7f42e73923d120d2bd7e2f47e7f44d898c521a692e3fa885e310f32a8e8bac15afb57d4b52acd0a05583e6050e33e007eddb2d13fc8ec44f2dccba8bb035bb1c4849cb067b4582d21d5851e237713f08f41b4b588b5b925cca0444586ccd57de82bfb2bc897314ca024bae7030dcdbb5c1f386d6defad90eed2d07c30e73db6166f2a920afc00d671f22aa89076b3309e2c6039d366dda318f1c20e2473a951131fd0175188ed457e609e935d3fc7d69c21f5c10c93c4c63e30deaf9537d2c13eb6067ec7e6f8b87b7ed030edd7a53218fc31db478b90b2102dfddb81f7195a4f8f79d33f4384d761d6eabfb8f9b4b03ff9acabeb16cf80432bcd317f7a7661d3b7b83d7f9751a944d18a3aee058e3eb17ae68c8da73b7b7f88d5b7a56686dc9ca0c13c7b1ca6b7abb11e3db0ef708d3cdea3d4de467c578ba71ff9da783f6b83dd33fb45362bc46bc0ad19a386e22ed9cb5d49ffef08e6e89b8cdfe553696038364b5992c266049326abe6bb73c9aee0ad3420598751640d72b95b51f9fe250d16a015a06d124a322e37a81778863efa35743a08048a784c7cd262e96f123883e8d9d1fa2e68da72e7683c5fba876b1fe16c5042d33e8038c0f0e9a15c4a9932c8a3ada4fae2153fa7437fe6d91cd0599bcd7b673d9cddfcff400747fd9b834afdc265c36db58f10bc34849071a13a00b1e282dffcde01e8f816d908728a08be2493f607f6dece3543d102bf120e8bb56f23345abce9231bf1962794fdb0d71300832f4b5cd8e0d770cb4fe8a30bf598fe532c88ee0819f9202cc9cf9cc5bceacf81b12c8a572e9931d936a1cc1ae56e8b3f6889ed297f3eb3bb220c8670ca13084eef7711ec34becb800b5f3a3c023569dcde3d9d4ac445a25944cf7"]}]}, 0x109c}, 0x1, 0x0, 0x0, 0x841}, 0x0) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001340), r1) sendmsg$auto_NL80211_CMD_REGISTER_FRAME(r1, &(0x7f0000001780)={&(0x7f0000001300)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001740)={&(0x7f0000001380)={0x384, r3, 0x8, 0x70bd2b, 0x25dfdbfb, {}, [@NL80211_ATTR_REG_ALPHA2={0xd7, 0x21, "4e7742feea4f3a803e76f0796a87b36119d528bd0e810237457249f334f842dd87778040ec02797e07e0b2e29afab27a5dca100ce70e2ca590839d2c459d0c9341bcd325c72778b7418c049263aa3e59089dcbd1cff03e3763a81d34d31cbedfb1b436554a1fc32740f3a3fd9c354dbdabadc0ef91ed54c4d46f1fd5b8512c182700db579e0d3efd5c3845d05b6976b6cc7fc1aaa4a666348b1182dfead16b8bf0feb867e50c8eea9278ab532350984cc96b28d5bbd94833561d606d8a2f6a657fae454f68563e01a344ff371e33e1d602fd77"}, @NL80211_ATTR_HIDDEN_SSID={0x8, 0x7e, 0x3}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0xa}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x5}, @NL80211_ATTR_SCHED_SCAN_DELAY={0x8, 0xdc, 0x1}, @NL80211_ATTR_VIF_RADIO_MASK={0x8, 0x14d, 0x789d}, @NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0xcf, 0xbe, "b3b66bc38e82d516e5ef9fdd58404ad5880d67ebf9cbe0f1fc84aeced539968c3be35dcf1e0408b928a814f8043a212898d11d4358b83b5e92f2a038fa4e2a5b6311c175a4d7b1d63612cc053598bfede519a8b7be1fcc44283da5f57622cd90f474538a8216253e1f38a619abd7ac795caaf48605b2fb55359dccee82c0e1d67a5a18f4e1fae6207bce8484d9d0b2a4a8d6353a6ba4fee2b79225acfa3e36dd04b036be91e927fe6f083a6e861d832c828c0297fa364cc88e46bd87ddbafd706232f3602fe4e26b22dbfa"}, @NL80211_ATTR_STA_FLAGS={0x19b, 0x11, 0x0, 0x1, [@typed={0x14, 0xee, 0x0, 0x0, @ipv6=@private2={0xfc, 0x2, '\x00', 0x1}}, @generic="0f61400fa67a50c650047f7b73bf5e5c7d5f0ba85559311a4a3c", @typed={0x8, 0x70, 0x0, 0x0, @u32}, @generic="d9fa46934689d89e84286c495485f6310c4c3abd61283be173817204eafac861e9e3e121698748eaf21dddab0ec04c5386b064ae2d8286f3bef2bfda2fb18803738f27eb567489bc7fa01f724ffeeed074cca0cf7b6dafeee8aa1a106d7becd3cb6e189ebc271959fb46d25ff4b9740593edc028fac521691ac75eed6abc17eb19a8225ed7bc5b89173c7af1feb073010c3b953d1a1b3a43e0ce5af4bcb6656d14db09ea26b0fbdd6b2253d1ea2d39c2878b23a18d62b5dc5c960c2a898933cfb7cef220687e143f40fb3659cd1c7260531408", @typed={0x4, 0xca}, @generic="04a1daeb63c9cbe9131970a8512f99a68fd47d6c16e0899b7fc9eb42366476189cfafbd5229cabc5f0ec46e0b5aad70aee1db0b75667ccd8fc26e59c41eba87b3409c21401b5e37f1347aa3cd38c618a396e1c7fc56e9936cf210f28d2fc73cf8db5afb43450be72909a75168649a50cdbf652e1fdc976a77fb6e9e89b54be9d532a3c85287f3656f3ca"]}]}, 0x384}, 0x1, 0x0, 0x0, 0x4}, 0x20040000) epoll_wait$auto(r1, &(0x7f00000017c0)={0x7, 0x5}, 0x1, 0x4) r4 = syz_genetlink_get_family_id$auto_ila(&(0x7f0000001840), r1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001880)={'vxcan1\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000018c0)={'veth0_to_team\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001900)={'veth1_macvtap\x00', 0x0}) sendmsg$auto_ILA_CMD_ADD(r1, &(0x7f0000001a00)={&(0x7f0000001800)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000019c0)={&(0x7f0000001940)={0x54, r4, 0x200, 0x70bd2b, 0x25dfdbfd, {}, [@ILA_ATTR_LOCATOR_MATCH={0xc, 0x3, 0x4}, @ILA_ATTR_IFINDEX={0x8, 0x4, r5}, @ILA_ATTR_CSUM_MODE={0x5, 0x7, 0x5}, @ILA_ATTR_IFINDEX={0x8, 0x4, r6}, @ILA_ATTR_IDENT_TYPE={0x5, 0x8, 0xff}, @ILA_ATTR_LOCATOR_MATCH={0xc, 0x3, 0x4}, @ILA_ATTR_IFINDEX={0x8, 0x4, r7}]}, 0x54}, 0x1, 0x0, 0x0, 0x40801}, 0x0) membarrier$auto_MEMBARRIER_CMD_GLOBAL_EXPEDITED(0x2, 0x6, 0x200) sendmsg$auto_NL80211_CMD_DISCONNECT(r1, &(0x7f0000002380)={&(0x7f0000001a40)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000002340)={&(0x7f0000001a80)={0x894, r3, 0x300, 0x70bd26, 0x25dfdbfd, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0xfffffff7}, @NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5, 0x89, 0xa5}, @NL80211_ATTR_STA_CAPABILITY={0x6, 0xab, 0x6}, @NL80211_ATTR_IE_PROBE_RESP={0x791, 0x7f, "872ea44beab6d6cdfa6141324148795ef976ddfec1a8fa2b2aaff95c81becbc955e30c569cd8d5503c25c4ee8776906af0e4462c35aadb1f60c26bfffb2bd7439c8d98bcedfbc62a4a771a298ae59e90a40464199a8e12daa88c8a0892a35bc122c65c5ffc1d01c68e1b7b835db7e07bb0d838f60240848aa329b8f1333dd9760043e0e91838371707d6ab97d96080172befe8ca4904ba4678603048f30321f0c057d7b9ddc70959b7607c325a3c904df43a144d95d878b367b12d52629108ad5e0e3f6fbfc533c68138c3c9d7de5a9501d923f9e9d7cb09466aeb3ed64210f1121229e1dd52472887a30d65ea1a9768fbf9ffc050442f00e50f8181d4a7979f3aa73780f1f1092f8455c40dcde9b0ece89eb5eef1f692cc20dc5e0ba8e8c72f47e11231bc5efc2567afd77893d7b1961360bce07edd1fa67059b9e15df2a8a267bda2157989c5771d7c7aaf23bc2a02745850633c466d6becdc99f053eaf044f8d6253d985809d2eb59f23866e10c6a03094a95782440ce8f35d0931f0d33bf2fef4dbbd75b7fdedbdbc6f65fbac27bf4150e7ed88628251af4e79f37b890846e09f43ac2087103efb297dfe7fec07b38444a0a94f3594769176a6228a8b2a6ff5e19b345bdc6c40fc3d841a34e5f7cd77935573e58b8ca311ddbca7dd297e92bb71a4d91321032c0cd57e33d3c105ebdee4966e6942fbc41f03360e11e9e292b1af531a92f2f751757e8770ab81b63a846f0e417bc786dcfb281dd7775a4a95b37af82cadd8b4561f6e6c81e73163e183e16e944db248b3017b771fdb4286ec2474e76d610a6af6283942aa9dc1d2607eb3bc491f35e6706da8bf1cf752fb13119a43a1a121467cc2d0fda38cc48e9bbd5d4e7e693833381e5b674f631aa614e105fe76d4e757cf35424580ab07724a3761c8366b37ae0a046dbc12236fd5f088dd2fb7a9fb0739c351e7184d5493488d3238fc9d4e31a9079bb2a8342c0e24194a3462795bae763e59bc71a0923627e37551bf3ca476aeec8b50c7f7dc460c0b8624d907670c0a1ddb4b52afeeac2d9138163514c788892f0164ae65f2dd0b594a8262ef0eee71cbe228d9c716c926440678b0a21e2972644a94b0913667971e7b5b0a94a82faa5937b58bbd10ba5827e30985996e7d1b04d35bd0b2f652850411ff33b8b04ab2f3e7ca18c941d2467c2089eba06108bbfe30469d2407b58cd3f6c2cb69b22e3bccae758da7f621750e6079531acdf34442a39b8c300fc90cbce079045e2b8ebe3595e494ba8c8bec20af0dec48df5e5d6ad36824bb253dfe1468b950c2c2a975c1bf5fe7e4c3972b758f00e42e70a9d4f3525715c741a410aae10bce8d2a7cf7383b2210b90acc3eb8c2a1c6b68634a1d3478bbd44ec85351ccf32c7772a82246b4be14c642f8b975ce363ad3b99c8bb4887ceb6eba8259ccce4d446cc34f683b2ad0fd48a6da6514009e3c1a873858ff87214b364e176bf17ef3ad48d0e6f25aff864c9a688f3ef2a63ef4096214b417815df92b52bb365c9dccc2cb6ac8a79f073073fa1b8e22179aa806886b47469b629e5ec02abe493e5cf3b1cdea7b27e2a75b0f21eda3239ebe2383e92e08f2953da75ecd7f28bd4eff68d273bdf2412b2bf3582bd93e14cee2b84b6c6a6ee9029acb5bfd74168a061080c7ee6b3c58686bd8df5e68d85acb1c0a1d886b933172e80cc474adfe6a8c5b930b21564ed6ca5e105e3ea55ed617df95f74f6b0629b52af7a853b6f2fad34b73986be0e4579f418d826b4c726cc96e5059dff25248682176e14bc4a1004647cab1da842c38c0d3fa01c1b7ef0b2cf05d171950dde0e2f654534009881cfab847c5d2d46e9b3d9a4e3b545ab096a3469ae677903ad5bb0f0b05c95ec850f755f4cf6a7922b591cb3787f715149449de001d0e43f25b98b65117d327eb44b6c0c0d6f676526404beef3acf2cbc2389a6e7fdd3b081a26c8bf364228867150a536ecdce6c29ae8511966330d924aa3c7f98c2695a8fa28e61e8fe8791028f56eed5f4d670159d287e3c57ef1a987e4c0eaf3bcefef6fc3b6dd4ab1fdac0a69a3749c1b9ab4f50fc5940e744d6c44e5194f1c5b8008a93010416d35e3b352aa51f6fdbd90856ea82137343511b74b405c429382560c6bb05d5c4d834bf2b53b255035d860a8aaf635e20f42d8437595937550c98e4217c6ee5445676dcf9fab93cac45eac0205163941860e4edcc74a825d4b22d351f8cd0b655238a1dad0263967312591fb381897924d247c2183e1e2e90c8880604d63d0eb7a6427a6ee16297236de15eac2e8569b49abead8d004455fcdb5e2ecf51eb25092689e797aea17d5330cebaa3dba1f2d88dcdb2c65abc4947782fe3204030e30bc2b5eb0f81470841632c32022eaabfd4e31a15b41a2afff45d5f1eb6b1ffc6dcfc81ae63d7da40c07d254926d9a3977cf699c3fd5f64bebb33f0c29de58ea4b80e666c93134db9676482aa41b6bef45c42ac9d50040c5d6adc4548f159854e6f70b768a67bc5858c18a361b82e26ddb523410d1af670bd728cc9193bfc97702395a22befc3b5ed437762e7bbecda7e4383fbd4b310da4f33fbb1f1ead57b5a3d6b16d6e8a0c01cbd3f92128dbece5e38c16ffc8a7670b4f05304ac681ba3005a6f96e9c35f85e8df6a4cb43fc5aa380f795e32869bd1c0af3cbebf3e8e25d9bcf4a347ca88b88b1bceafcdca0dec39615e80"}, @NL80211_ATTR_WIPHY_TXQ_PARAMS={0xc4, 0x25, 0x0, 0x1, [@generic="098f5eebadf8a2eb9502beb0b119b2f15199b20c686b03d7ca80596048254fa71f8d9ae5fbd7a70a06596bdaead6ebd4b282bb70ef01ac293ed1ed7dc23e932ea6ec926596fb9e7e00d908b3d38b899f197023f62407e8e78b17cf92e67cd0bf114dd017a6f3e3d4af2da7f2e151414d5be51ad7c2a55e8b50e6f38974c15a179a5df49cfa88d5fd02b4b42db97f2c3718693855d857676b67794058a6b3fb77ed7abcf0f152a2bf31fe582f492a0d0308db6de9ef9d8e878b8aed64ea54e2a0"]}, @NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}, @NL80211_ATTR_DISABLE_HT={0x4}, @NL80211_ATTR_PMK_LIFETIME={0x8, 0x11f, 0x100}]}, 0x894}, 0x1, 0x0, 0x0, 0x2400c004}, 0x48c81) sendmsg$auto_NL80211_CMD_SET_POWER_SAVE(r1, &(0x7f0000002740)={&(0x7f00000023c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000002700)={&(0x7f0000002400)={0x2dc, r3, 0x20, 0x70bd2d, 0x25dfdbfe, {}, [@NL80211_ATTR_PMK_LIFETIME={0x8, 0x11f, 0x80000001}, @NL80211_ATTR_PREV_BSSID={0xd4, 0x4f, "f30c4ed1828e853d23c850455b9652fa4bbb6cc05aa10602e6bcd4f60c5fd7d34aa903c140f790eb890ef988c957a6e73fb15f030de5e0b4bf260def27c13349f2e6a43d73018b18f12199fb611972e8ed6feed5fdf7dc0ee6bed4ff7ac7fabf0b35a6b9a338b14c34ff400f350ab69a266f56f56161bb585f55f72d064f73f102f7445987f47049b5777b9a91c0fa3e00da90998af33d9e5998b3e391f70ad952575e0a5a0b2dee728a5b0a68078e0b79b78ae7b48dfb5faa5077c9107b8f6acdd15b928d27f9fc02cce806a4ad96c1"}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x3}, @NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@typed={0x8, 0xff, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}}]}, @NL80211_ATTR_SCAN_SSIDS={0x1d4, 0x2d, 0x0, 0x1, [@nested={0x1cc, 0x48, 0x0, 0x1, [@generic="e1afce9bb416dd2f6d3b7de00f5e53030b476cad3d0d057266097105be8654506ca7fd23f2c8915b26f36793941453f3a3427dd21463e2bf7dd5e260e865dedca48471dd218d90cfd89887b76f22720414ecfe728c895ff8f41ce3f7ce49ebce0dae7690ca47f389badfa43009ae6db628ec08dc73cb3b0f382360b7eba5de208fc4344b1992a24d24eff81fb37a2f4fbf7a796a38f3f9d1e0cc9506c4ff2d24ea9ebed5ca44d8c64bfd7f9131bb59639851b9197dc065549d7c99ee31db01b67566e34c6d2a292422b93069836738437021a73718e0c51f0af10fbb73e46c45f935fe42fa3488a766c19d5695c40d43b9fba939bc53d88e04b226", @generic="9892cd4d6724aa455b7f7431042d54c302f4cc4afe8b8627a1f7087dbbbd45143374ef4cc10e663335dc332b181f8205323741ef5e05d14516a45fbf8afce82c1bf1b47a08b2ecb8674fa0f7eb6ef4a952514774787e2bf20f1f5416bc5008b57d08560f37badf4de300fff603a0cbc5564aa6e1f81f938c88eb19a668b22a9177c55d102cb93c77d821f0ece287c4dbcca054d9b71af05605a3d93ce01ab8aedb48c2a867e9590df0", @typed={0x6, 0x6d, 0x0, 0x0, @str=']\x00'}, @typed={0x14, 0x50, 0x0, 0x0, @ipv6=@loopback}, @typed={0x8, 0x59, 0x0, 0x0, @ipv4=@local}]}, @typed={0x4, 0x9a}]}]}, 0x2dc}, 0x1, 0x0, 0x0, 0x1}, 0x8880) syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000002780), r1) r8 = clone3$auto(&(0x7f00000027c0)={0x7, 0xfffffffffffffff8, 0xc, 0x2a5, 0x80000001, 0x8, 0xffffffffffffffc3, 0x6, 0x100000001, 0x5, 0x7}, 0x7) r9 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x101, 0x3, r8, 0x8000000000000001, 0x29) r10 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000002880), r1) sendmsg$auto_NL802154_CMD_GET_SEC_LEVEL(r1, &(0x7f0000002b40)={&(0x7f0000002840)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000002b00)={&(0x7f00000028c0)={0x204, r10, 0x100, 0x70bd2d, 0x25dfdbfb, {}, [@NL802154_ATTR_MIN_BE={0x5, 0x11, 0x6}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0x11}, @NL802154_ATTR_SEC_OUT_KEY_ID={0x1d7, 0x2b, 0x0, 0x1, [@typed={0xc, 0xe4, 0x0, 0x0, @u64=0x9}, @generic="3b2c3ef71a51210feaf4ab825aea70adc893c48070155eb2826d3314d60e8d8a2222156db774b7195b75c2834b85f2ae0fa69c7b60030ea8519979cbda9154e566e30b02c5668bdff2212af9a4e223518d51daef2f7a05848862aa61f43ca8dab8384e9ed8d132c61e31b9f9c1c020f76fb753b371c17cfdf1bced0756ca8959ff4a0dc9a0ac851c6c26a54c2b3db781bc6d709a1a2883b4cbc30f50dd8afb10254435fb717e00a0965435002afa168f3ce0e2cfa8d511d123a9fdc2f37622917ec75a5857b350a9", @generic="c9476e697d222ae26e39960f8ccff8846dd64de14142733ff4ffe59d44e1cab7a07af4f9b2fc05ba3309fe6d7bf94156b806db1231b145f41039689bb5cd01c45a264958cef2cda403542a7dda4b62cdcd7347ccf871a35f64d44acc78a2d873d7ee12efa843d1fd5d305fdca1726865b4303a384689d320929a0aad0224d4818a4272c4d2b7a7d5701cf8ddb54f6543f1099abf1237ed332b1996e2e1154f14c8f660ab51c0d63148dc87f3b48ed09d72566a0bc866c62eb8044449d19ff54b81dbaafeb10a9e78229c6621e6e0102d0bd68f992e5af52884bc5243bc34089691c94ebfcc2680ace585ff8451956f0b041166f6e976aa576f4d63cc983683"]}, @NL802154_ATTR_COORDINATOR={0x8, 0x1e, 0x0, 0x1, [@generic="ae0a3339"]}]}, 0x204}, 0x1, 0x0, 0x0, 0x40010}, 0xd850) r11 = open_tree_attr$auto(r1, &(0x7f0000002b80)='./file0\x00', 0x2, &(0x7f0000002bc0)={0x8, 0x8000000000000000, 0x1, @raw=0xd0}, 0x10000) sendmsg$auto_NFC_CMD_DISABLE_SE(r1, &(0x7f0000002cc0)={&(0x7f0000002c00)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000002c80)={&(0x7f0000002c40)={0x1c, r2, 0x8, 0x70bd2c, 0x25dfdbfb, {}, [@NFC_ATTR_VENDOR_ID={0x8, 0x1d, 0xc}]}, 0x1c}}, 0x40000) membarrier$auto(0x76c, 0x22, 0x3) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_IEEE802154_LLSEC_ADD_DEVKEY(r9, &(0x7f0000002e00)={&(0x7f0000002d00)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000002dc0)={&(0x7f0000002d40)={0x44, 0x0, 0x10, 0x70bd27, 0x25dfdbfd, {}, [@IEEE802154_ATTR_CCA_MODE={0x5, 0x23, 0x4}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x7}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x26}, @IEEE802154_ATTR_CCA_ED_LEVEL={0x8, 0x24, 0xffff8000}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x1}, @IEEE802154_ATTR_DEST_PAN_ID={0x6, 0x10, 0x59}]}, 0x44}, 0x1, 0x0, 0x0, 0x24048080}, 0x4800) r12 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000002e80), r11) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r11, &(0x7f0000003f40)={&(0x7f0000002e40)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000003f00)={&(0x7f0000002ec0)={0x1014, r12, 0x4, 0x70bd26, 0x25dfdbff, {}, "7626d4f3d1fed85e9f0fd1e6112302ed076dd32d2ccda4f9f3193e18522a77c85ce4a872b92b055f41ee0df1ea3dc22052fdc52c2e9f70337449993513b78f048422308fa2ed9095dc996815116feca30397d702480c6a86bd3665dd95794bfb136cae0b1814b360feeee1a3ed1a34a761eb7ac3e94d37bdfc0baa6b547220c2bf38d0fbc32ccf82620e7a9b00b3a0a66699cfe95a7e6ac06ab6d8a036df7727b7146040446cc34b82e429c9b28be7e2bb8e262cefc45490ca8976474bfb2914fb7e24fc52d2fdb376cae52dd56324474febf78c9a5a4abe5deccd77fed7102816999cd17ad2f73668550ea9fd7e185a3b288e09fd1f2398006eabf0b8cc5d0bbfc630d2635c03e3245aa7e2b053140ba6eefda94ca35a8f617d7c5784030d7528aef129c39c1f65052326fc10bcc39a8ca3793f57ce86d6e9dceeb2110e3c1333a20505129c235dc665c36a493f27dac74642e973f15338ca0ddd8a54a551101e62d2d7023eab5947fb3d2e879162e9d68eb436b1148157a1773646f2367e1f7de5d74836bf91217a90acf995a5c609ba0851ea6ac76e5e3d75fb15061974c6b9962a347e7020a84992fceca840e94916b0f587c178511b4a44bcf4e891f572b02eb89d3264e3d847824f18ca9a65f6d92edc8a9d1d30c6e5402ca382f9ed1317873bd77f3928997417429cc11ab894ef2883136d4198891c76d391fa4d7057c19bf1d2b1a964ac8bf724370ec7b7753ad2a25878a8846afcb9f8876df1f509238af75344ffcd0dfab505bf0f22bf3f56ccd398aa3c7bacbc20e003b28d93330a322c504a7cd8e08c10bbd022e9d2b65940a4084ab13db049c6d2387db3229d009c3914e74b4ff3489bf3eeae5693597ef190ffa4a6389f7286149059fe59bece7f006d61b773c346af682184b556d11d431205e8a7f2066a14c5c0b124aa4a2cea98f4d8fb5c4bf7a68b0d85f3bd775e91997340e8f6dedeaf6f9265f43bfdb5c4bc0d9b74d950092ce8a90f1c38565e2af1a1eb6a22dfe3f1eda48beb5d242fa9299fb66c9f92d55fdb2c56239f54ade6719556e9fa924f4db7787c38416fa95069c780308d1a6e453f851ce2302be6e8c8e09605392e36013e6f3337dbb2f45ecef52a765bfa34e1e6cdea923844f51a1791ad8fbd2bf9c82c03961f4ad5d9f29d4d6aa172e302cbc9dd81cbe7cf5b993b2a706d15d84f3700739d80f5927d8a1308644d95620bf1a8838b91bfc88bfe4586b742dab171c4f377f1bcccbb076f1a539bc40b3dc29883254d1d98e56247bf583ce88d5d9f34627a2fc1c98a73224924a20b04b86b2e7e0fffd8fe71906fd30be52c332758d431dfb3d703dbda31699bb1eb413ed91cddf623c8dd128b69fa6e211dcc7bc83f73dbe08d3cb63c357328607d8b9d7090eb834a51f4172d8193936625cadd08d075e246caea58ead81aef06769143254c3960b86582581f9ed82a40d24bd75f2a3928171254e0599e85fb457add80b0861a090a982eb4e1d0e96b125a3d403a618469c7d8a550cc30f296cbd52832423c64ee1d4eb43afe5d060b8e022b8e5ad55dc42bf122a96b4c6cecd3d41aa0cf746f0e3b54f52f641fe28bb0e9b7911c03791675809be25382528a85844fd56676840399b1fc2287db08c58f1771c85da39c36b3e050a3188e9709d514c91a6d5a058563027822cb182b93d6e0bc4e7f3e66fbc32276ff0dca83bb5635207bc34cc2df35463082cc6a300e41e98bb4c4eeac37f57c87ac918cd75c2595e0132a3060f890365e59f94f3a5bcf5383f5b136509ca7f49c2002c5756c8fc371c28393defbd5034248ea834b5bd7fd5470f295de9f54f463371ddcab739f1923550448d348454f68b20b4b407165675ac1729e2ba5f467bd5d5e0a70a0d7b1ed12a0168ddb8d662c52373dc64880c568787ff9b5e1275fbd5d8a6824873b1b1d99d3995b7aa65b1d0891332d03f10c0251a20ee4a3461607ea8e32140d010ce3ec7203d163a8adc590fd6b14ff1943af499d937a1b23e487d6152528726702fb739327801e019bb0ac3d54b90877eaed18516ecea2055994f5adde218fe16b42c74027c2f28d82ea01fd53503afe31e79140b6c3b49c020138f2e7beccd24d264e4c4813f9548d62e9f351e41444b3f37f478daa90ba59c1d27b4373dd66d40cef2330454f75a6662d8fd6d15b98c2eac996b57291d2d9de1c79531ffc47193b2e8ccf8b01673207eea1174bcd916c94eb957823b3d68105a4e77f74a0eef004cb515d2175f7e87febdef29ed7c5a28ff6e216f8d4a677bf172a522cccbe12088ec4b9596e46a9b7ddfc6393655a87f37cc30dc2728cfa3c77a7172f727ecf8db2d7bc17ee3b74cbe8bb779e26683e4d1e4df76c983c4dfe92c1ef02e0d54276f2850281976ad71e86331c30b77592905548f1ebab0f24441bf9a9408cdc928bbd8dc17d09f6fb89f8158f6ad27998fc5ecab93e377329653e8450ded6bf4d064d08c5b95d6698248913faac4de3441584f1e97ec6daa4307b788b5aba280dcd61da4d120e92337c8deba6d64abd22238b2e892b0871eca573f712922791b93ead165994a8d7035bab87aa6160e5d2cd001c3907807eeede997b79747063717fbf1bf570b4ea35dafff322da44f472e5b501a1fac96a940882b1545e2d9b36641389c112ced7e8c0a99b75ad04c91282fa23a258ae62aae1d4baa7d7337f7ddcf8c5975608c2f5ad47c3e78894d9d990ff5102620c56f9d229f22b1875d85550ed34dbd2f9ff68a035cf873882a53ebaf6eb3be3a8f72835a9ee58a36cd3922c64efa46b92072d2dd64f26ad3299dee32dcb7164c420fee5182b2a9d6bde5c856f619c1ce6e538ba62a9994ff81a6f97a4e082e0dc42ed6e3aaf3b6d1350deb7a9ab71077f628a516ecf3193d2a416261fcfa8f017682629296c0c36b7b6ffea63b3f07cb98b5ceea3c7484d9058784a7f64da0e31abd93b4d92457634ae0c201a4830325b0ee1d8d2ea608db82456f1c74cc6862b0eac08554267ff4118006208e546f1706fd0c1985882aff7ef8500fbc8fc53e4a7b60539fdba72f51e05410ecaafa4bfe1699982ec057568a014697270e84a2d89c79995c737887784dea4e25d72785af5d5e4b11c9003dd18684b33042cb07870bf80ca87fc54f694adcc7eaf45a92a52ae05310d81bdfef3c60fef72b117f78d43a4d4ee7e992b022691bae9e35fa038ece6a190ca5005aa2b7ad367ce355834e3ca7b52ab79243a90611ca762194ab46173a256e0f2e2a6e033009a971d17a3a7a64a1810be70642fd3b3e14db2e712f11f3eb9d6deaf50b25eb51df128efe2f09a73f3a51f0cdd5fc552441e3874cacf634e483f925a78c4901203c6f70d003f5d515e451ab5c6f2b7cb155fd5195e8a39f3fb18b2bc643c8b9092114f635d1444b9aaeaaa41b02e3316545da52be803618ce45e1b57c7ec055d47d13023aebf0314fb6176d9d91fd48568e19c356264c78db7a27b7cea6994a584583be2eefd5796057abd9e147c7bd5f516fb886130691c4034011e0917a7ef2107f30cd43383c0d9e4b53d7bd0bfd486c9b9d9ec3a8b67bb761273059226e2bd4cefb6990b15d8cda83f295bfb19aeaf39c834c1d4189a038a2e1e63f4874c588b0b1072ea0b62fafa4cc675d24523a4052a2444d07df670c543574f475d9e254511d2e5f8094b685742bd0bd622c0513ad70d279c53440c429e397b7404a6d424fb7a61390a128ab553e2382f6d3c840a46599851ad2c82f117bfccec12877405763d3f87b4a50031d068bc4fa03e810ecadac04bb80b01f77b02b9faae98f1638e50042351f4d15b93ca63e8064d8d7a2c3e048792ed7489199a2fcae7204bee0caae26ab909f5b7e4947c4c7279ec76c9aab2af95b018b572ad24147743d248fba33e666a66d7b3291f234a25729ec5c7d4766eb66fc54f4c5551e5422fbdd1f643a086cf529e43ee9751a975845535a6e48b7ebd3169d0855891a72f1edb5fb239f3429f9f965781c2cc2f73369101b65dbf781c18e4b8f8408c85c1b7d4bcfdb768e9a56b750af1457ee002468285e64abecb9a9915b95cece986a9898f86920bf0f218a6f08667d8cadc91ab09ee6fafdbd5db61f27d98f9c36c2f08d4a121ea003e9bc53c40617bee9fa0f3d426ec892e5fc66e7cdfe1201b1b04bd2fa9fdadcb5bbeabb1200358627f4df2b629d7592068729a3364b50b8ef4fb0a1484872d7d61d8f0328f3fe08de796fc8021076b351c5eb522a77449d008dc058b3cd926bff668409bc2f622dc572bcca07774e3a7a0f34fc5f30bf10b29a86d43cfe876947982b1d03c282675256aaa11590759a7681487f41ac0d800e54ff9dc911894e2e314c2ac266e99d40c7d2434d7e7136a5c5ee0d497758bd9741f943e850d8b914238f6fc99f574114b5a48818e95eaf2f35060e2887df6d8a4c3bf92713b7f55d4a4674155e2b8e8023558c357bb54e0088d1b311ea5cbcc5129e93614ffe19ae637d65b3f430ecb0990d40dfec666bb7d350c8b7f98b0c34b3dc639e5f8d18238ab2ec5be9cecf63ddc55f707b625491f9fcbee4f5a7ecd66262117b1a338922b7afc4f8647ee3afc307f155bdd1f7e2b8e5ae1494e0bcd9f6e0a02f65e47f3eac15fe7f310319870475d145617997177026a3716c5b01d8af01c2f2fc87806f895c5aa58bd6fda127635e8700dedfe2666f73aead758f05c46b6991e04e9c461720a3fd8ae3c25735f3c6fa63cca4478942c781ed493ae4c504f6d2f7a257ad5c33693fdb799d6ffe6be59065983f947b2fe4549ee4659547b171a77d23670c245efa4d11fcf9f4d2819f53956c6fd13060d37c7ad745f172110b77590af977fa82372b3e072fa4088bbebed72bf59b6ff1b8e547fd0938dc064900bb52e4f60e9aa167cc51691c592bf4b1f30b79c1cd1c0e722ab8673a0c76bdc8a13a61862c690525627245b5f112f1086617f0e6e8c6d7ae8800b5a6a0404213645de5e1af1cb9b43c53caa6d924230ee808ca7b9593d3ec8132b4c9c2d77061203e3f53023b38b3b6f272f6b7ca6450688e9e17892c9295f634c63d51c8bba6f9e8b4fd616998679cb643f8659c6d7a0893a05221795b2b3217e450178ea7849ccfbc1adb92fef6f41b0ebda19f1c7e11221c66d2488299eefc3c27e6d2a8d427deefc7bf9833a6e6f636cc4ff8c7122d1799e854a3a0a64aa20b5ef4605aa0dce39aa11d6b334a6618281dc3c55e89f89fb0cf55f7cbbe83ebae61ad4c740f878030192acfbb483c9911ceed542f326f5a822a0c1cc3294739dba55842531869e868b41841316cada9389a8f88ac398dff3afa57df7aef721f476844948440f67fb664544e8acbdf74b14eb3f1202e79d005c93267c4b33f48888e733cb2829bf03c452e71efcdbb50a6929f2257ebd374d0294fb1103e5ba3c8d558d9358e93f1b145b75e250714d9e48945431e6978f1db7dd31f8e2d4859803ad905bbd36e87c24c782ff88c2e4baef8c5f8c4190e33e73c317f046b5205f3adbf64921905a191a5b33cee0e60dc9d539b3559b9b307b146373346e11c65fc0b37b98aa750b95db108f8913b8a1cf93142bb5abe6d812b23e3e4ed1083a0fcfd12baa8562c503d0cf2bf37a738214bacdd82dce9a7c714bb490f244a3ca23e59705f0bac55c666a6890659d526312eae36f795e884d9c99924ebcdac43f3aabaab9b0005447767357c9f0aa8f6a1c34ff3f3435b6cec1b26560d23c2c8d8bd8d54fd01db816ec61453e3d"}, 0x1014}, 0x1, 0x0, 0x0, 0xc000}, 0x800) 9m52.787686458s ago: executing program 2 (id=300): socket(0xa, 0x1, 0x84) setsockopt$auto(0x400000000000003, 0x29, 0xd3, 0x0, 0x567) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) writev$auto(0x3, 0x0, 0x8009) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_OVS_FLOW_CMD_DEL(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x18, r1, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@OVS_FLOW_ATTR_KEY={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x40}, 0x800) mmap$auto(0x0, 0x4020009, 0xe0, 0xeb1, 0x401, 0x8000) mmap$auto(0x2, 0x100000000000004, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) mmap$auto(0x3, 0x402000b, 0x2000006, 0xeb1, 0x401, 0xfff) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x200449a0}, 0x0) r2 = io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) unshare$auto(0x40000080) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/all_slaves_active\x00', 0xb02, 0x0) pwritev$auto(0x3, &(0x7f0000001000)={0x0, 0x8}, 0x5, 0x3, 0x9) read$auto(0x3, 0x0, 0xf34) read$auto(r2, &(0x7f00000000c0)='/sys/devices/virtual/net/bond0/bonding/all_slaves_active\x00', 0x5) write$auto(0x3, 0x0, 0xffd8) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) r3 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001cc0)='/dev/input/event1\x00', 0x40000, 0x0) ioctl$auto_EVIOCREVOKE(r3, 0x40044591, 0x0) ioctl$auto(0x3, 0x40081271, 0x38) ioctl$auto_NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0) 9m37.542885939s ago: executing program 32 (id=300): socket(0xa, 0x1, 0x84) setsockopt$auto(0x400000000000003, 0x29, 0xd3, 0x0, 0x567) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) writev$auto(0x3, 0x0, 0x8009) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_OVS_FLOW_CMD_DEL(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x18, r1, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@OVS_FLOW_ATTR_KEY={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x40}, 0x800) mmap$auto(0x0, 0x4020009, 0xe0, 0xeb1, 0x401, 0x8000) mmap$auto(0x2, 0x100000000000004, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) mmap$auto(0x3, 0x402000b, 0x2000006, 0xeb1, 0x401, 0xfff) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x200449a0}, 0x0) r2 = io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) unshare$auto(0x40000080) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/all_slaves_active\x00', 0xb02, 0x0) pwritev$auto(0x3, &(0x7f0000001000)={0x0, 0x8}, 0x5, 0x3, 0x9) read$auto(0x3, 0x0, 0xf34) read$auto(r2, &(0x7f00000000c0)='/sys/devices/virtual/net/bond0/bonding/all_slaves_active\x00', 0x5) write$auto(0x3, 0x0, 0xffd8) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) r3 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001cc0)='/dev/input/event1\x00', 0x40000, 0x0) ioctl$auto_EVIOCREVOKE(r3, 0x40044591, 0x0) ioctl$auto(0x3, 0x40081271, 0x38) ioctl$auto_NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0) 3m27.937978672s ago: executing program 3 (id=1432): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_OVS_CT_LIMIT_CMD_DEL(r0, &(0x7f0000003480)={0x0, 0x0, &(0x7f0000003440)={&(0x7f00000009c0)={0x1c, r1, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x4}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40c4}, 0xc000) r2 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0) close_range$auto(0xffffffffffffffff, r2, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x50, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_IF1_SEQ={0x6, 0x6, 0x4}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @link_local}, @HSR_A_NODE_ADDR={0xa, 0x1, @remote}, @HSR_A_NODE_ADDR={0xa}]}, 0x50}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 3m27.369613348s ago: executing program 3 (id=1438): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(0x0, r0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYRES32=r0, @ANYRES16=r1, @ANYRESDEC=r0, @ANYBLOB="b7cd6e1ee7a1d834e41dfd7adcf3f20176f3c9ecd0ddac13120b32a72400405786eb041f728a9ae80e335b269498"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='!\x00'], 0x1ac}, 0x1, 0x0, 0x0, 0x44}, 0x40090) r2 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r2, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0x5}, 0x3, 0x0) 3m24.9823793s ago: executing program 3 (id=1444): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) mmap$auto(0x2, 0x400007, 0xe895, 0x16, r0, 0x401) r1 = openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0) fadvise64$auto_POSIX_FADV_NORMAL(r1, 0x7, 0xd, 0x0) write$auto(0x3, 0x0, 0x7fffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x3) sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x14, r2, 0x300, 0x70bd26, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x24000000}, 0x2000c080) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x70, 0xdf, 0x9b72, 0x2, 0x80000000008000) setsockopt$auto(0xffffffffffffffff, 0x107, 0x5, 0x0, 0xce24) connect$auto(0x3, 0x0, 0x55) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) openat$auto_mgts_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0xa001, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getresgid$auto(&(0x7f0000000080)=0x4, 0x0, 0x0) bpf$auto(0x0, 0x0, 0x0) read$auto(0x3, 0x0, 0x80) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) ioctl$auto_BLKRRPART(r4, 0x125f, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x8000, 0x0) mmap$auto(0x7fffffff, 0x4, 0x5, 0x14, 0x4, 0x300000000000) 3m19.142133908s ago: executing program 3 (id=1464): r0 = socket(0x11, 0xa, 0xc) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @private=0xa010101}, 0x55) sendmsg$auto_GTP_CMD_NEWPDP(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x24004800}, 0x10d0a1d77280cf5d) mmap$auto(0x200000000, 0x0, 0xce, 0x9b7f, 0xffffffffffffffff, 0x9) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$auto(0x3, &(0x7f0000000280)=@phonet={0x23, 0x3, 0x7, 0x3}, 0x6a) connect$auto(0xffffffffffffffff, &(0x7f0000000080)=@ax25={0x3, @bcast, 0x6}, 0x8d7) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8001, 0x0) ioctl$auto_SCSI_IOCTL_SEND_COMMAND2(r2, 0x1, &(0x7f0000000000)="1404000000000000a5") syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) sendmsg$auto_BATADV_CMD_GET_DAT_CACHE(r1, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x10) ioctl$auto(0xffffffffffffffff, 0xab07, 0xffffffffffffffff) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/admmidi2\x00', 0x200, 0x0) sendmsg$auto_NL80211_CMD_SET_COALESCE(0xffffffffffffffff, &(0x7f0000002300)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20000004}, 0x48050) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) semctl$auto(0x8, 0x806, 0xfffffc00, 0x46) getpeername$auto(0xffffffffffffffff, &(0x7f0000000100)=@nl=@kern={0x10, 0x0, 0x0, 0x800000}, &(0x7f0000000140)=0x8) msgctl$auto_IPC_INFO(0x7, 0x3, &(0x7f0000000200)={{0x13b8, 0x0, 0xee01, 0x100, 0x3, 0x930, 0x3afa}, &(0x7f0000000180)=0x3, &(0x7f00000001c0)=0xa, 0x100000000, 0x2, 0x9, 0x2, 0x8, 0x100, 0xfffd, 0x6498, @raw=0x71, @raw=0x8}) sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_GET(0xffffffffffffffff, 0x0, 0x4004061) setsockopt$auto(r2, 0x125, 0x40, 0x0, 0xfffc) select$auto(0x11, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x1, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(r2, 0xa, 0x0) socket(0xf, 0x5, 0x45dc) socket(0x18, 0x0, 0x1) connect$auto(0x3, &(0x7f00000000c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x58) sync_file_range$auto(0xffffffffffffffff, 0x0, 0x8, 0xbeb) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/igmp\x00', 0x100, 0x0) 3m17.444919376s ago: executing program 3 (id=1470): r0 = socket(0xf, 0x3, 0x2) mmap$auto(0x0, 0x67, 0x3, 0xeb1, r0, 0x8000) setrlimit$auto(0x2, 0x0) mprotect$auto(0x200000000000, 0x806121, 0x6) mprotect$auto(0x2, 0x9, 0x8001) close_range$auto(0x2, 0x8, 0x0) 3m16.263824289s ago: executing program 3 (id=1474): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/lru_gen_full\x00', 0xc0200, 0x0) r1 = socket(0x1e, 0x6, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x2001, 0x0) write$auto(r2, &(0x7f0000000340)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccW\x1c\x94t\x98\xc6\xd7\x9dh\xdf\x91\xd9\x1ew\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5,\xcc\xfa`\xfa\x90\xf0C\xdc\xbebBW\x8a\x95\xf4\x14\xc7\x90V\xe7a\xfb*\xcc6\xba\x9ef\x19R\xff\xd2\xd8\x98\xa8\x17\xcb\x84\xe8\xfb\x00`\xc2\xce~U\xca\\\xc1\xb7\xf1\n\xb9\xbfk\x1e\xdb\xed\x81{\x1f\x18j\x16\rk\x0eO\xe3\xa78&Z\x9e\xbf\x84\xd6\x1f\xe8\x88\x1f\xbc\x1eT\xa6{9hb\xbc\x1a\\\xb3\x846&\x1a\xbb\x9c:e\x9c\x18\x11\xf0\x8eQ\xd8\x8a3^?\x13\x00\xcbx\xb2\x18e\x95$\x9d\x804', 0x100000a3d9) sendmsg$auto_HSR_C_GET_NODE_STATUS(r1, &(0x7f00000002c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4008000}, 0x8010) mmap$auto(0x0, 0x2020009, 0x8000000007, 0x11, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) sendmsg$auto_NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000600)={&(0x7f0000000500)=ANY=[@ANYBLOB="f4000000", @ANYRES16=0x0, @ANYBLOB="04002bbd7000fedbdf25600000000c002e0101fefffffffeffff04000b00d000a680cb00ed8004002c800400c6803a4ea28a4b2db9857ceaacd63d129d11ea132cf34e6e8d1d31060e89b2a0ee0b40691e21d6b7e40320491a491e3da2201e7d9df9ebb735ad2ca26f2ff95ba5269b48a3d6f098728896bb122478adea5828ed40ac024253cc7103fe8a50bc7094d01a914bfc44246d36233037de061a86b5dace4f272651a00a4f46bd97702db9fc7d72913170f4b12cedb4a476312715fc3ae5dba17806c2218d8c652cc79105d88536673e448d4af9bb8906b685259ebc42bf5000"/238], 0xf4}, 0x1, 0x0, 0x0, 0x20}, 0x4) getdents$auto(r4, 0x0, 0xfff) msync$auto(0x7f, 0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/loop15/queue/discard_granularity\x00', 0x8000, 0x0) clock_nanosleep$auto(0x8001, 0x9, &(0x7f00000001c0)={0xf5d, 0x7f}, &(0x7f0000000240)={0x0, 0x1}) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'}) r6 = socket(0x10, 0x2, 0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00'], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/conf/default/drop_gratuitous_arp\x00', 0x141241, 0x0) select$auto(0x4, 0x0, &(0x7f0000000080)={[0x209c, 0xe9e, 0x4, 0x5, 0x1000, 0x100000001, 0xc, 0xf, 0x0, 0x40, 0xe, 0xd59, 0x101, 0xff, 0x2, 0x80080001]}, 0x0, 0x0) write$auto(r6, &(0x7f0000000480)='\xd9\xfc_\x83X\xd1^\xd0 \x9aL\xa6\xc7\xbf%;\xb2\xc3\xab\x15\"MN\xc2\n\xbf8\xbd\xe4U\xa6b\x8a7vi\x0f\xcf\xfc\xbf\xc8\xf6-\xb90Y.k\v\xe9\x01\x8dr\xe9\xb3\xda&\x16\n!\xda\xb1:\xf4/\xb7\x90\xe6\x02\x95[u', 0x2fb) unshare$auto(0x40000080) madvise$auto(0x0, 0xffffffffffff0001, 0x15) 3m0.969698832s ago: executing program 33 (id=1474): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/lru_gen_full\x00', 0xc0200, 0x0) r1 = socket(0x1e, 0x6, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x2001, 0x0) write$auto(r2, &(0x7f0000000340)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccW\x1c\x94t\x98\xc6\xd7\x9dh\xdf\x91\xd9\x1ew\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5,\xcc\xfa`\xfa\x90\xf0C\xdc\xbebBW\x8a\x95\xf4\x14\xc7\x90V\xe7a\xfb*\xcc6\xba\x9ef\x19R\xff\xd2\xd8\x98\xa8\x17\xcb\x84\xe8\xfb\x00`\xc2\xce~U\xca\\\xc1\xb7\xf1\n\xb9\xbfk\x1e\xdb\xed\x81{\x1f\x18j\x16\rk\x0eO\xe3\xa78&Z\x9e\xbf\x84\xd6\x1f\xe8\x88\x1f\xbc\x1eT\xa6{9hb\xbc\x1a\\\xb3\x846&\x1a\xbb\x9c:e\x9c\x18\x11\xf0\x8eQ\xd8\x8a3^?\x13\x00\xcbx\xb2\x18e\x95$\x9d\x804', 0x100000a3d9) sendmsg$auto_HSR_C_GET_NODE_STATUS(r1, &(0x7f00000002c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4008000}, 0x8010) mmap$auto(0x0, 0x2020009, 0x8000000007, 0x11, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) sendmsg$auto_NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000000640)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000600)={&(0x7f0000000500)=ANY=[@ANYBLOB="f4000000", @ANYRES16=0x0, @ANYBLOB="04002bbd7000fedbdf25600000000c002e0101fefffffffeffff04000b00d000a680cb00ed8004002c800400c6803a4ea28a4b2db9857ceaacd63d129d11ea132cf34e6e8d1d31060e89b2a0ee0b40691e21d6b7e40320491a491e3da2201e7d9df9ebb735ad2ca26f2ff95ba5269b48a3d6f098728896bb122478adea5828ed40ac024253cc7103fe8a50bc7094d01a914bfc44246d36233037de061a86b5dace4f272651a00a4f46bd97702db9fc7d72913170f4b12cedb4a476312715fc3ae5dba17806c2218d8c652cc79105d88536673e448d4af9bb8906b685259ebc42bf5000"/238], 0xf4}, 0x1, 0x0, 0x0, 0x20}, 0x4) getdents$auto(r4, 0x0, 0xfff) msync$auto(0x7f, 0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/loop15/queue/discard_granularity\x00', 0x8000, 0x0) clock_nanosleep$auto(0x8001, 0x9, &(0x7f00000001c0)={0xf5d, 0x7f}, &(0x7f0000000240)={0x0, 0x1}) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'}) r6 = socket(0x10, 0x2, 0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00'], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/conf/default/drop_gratuitous_arp\x00', 0x141241, 0x0) select$auto(0x4, 0x0, &(0x7f0000000080)={[0x209c, 0xe9e, 0x4, 0x5, 0x1000, 0x100000001, 0xc, 0xf, 0x0, 0x40, 0xe, 0xd59, 0x101, 0xff, 0x2, 0x80080001]}, 0x0, 0x0) write$auto(r6, &(0x7f0000000480)='\xd9\xfc_\x83X\xd1^\xd0 \x9aL\xa6\xc7\xbf%;\xb2\xc3\xab\x15\"MN\xc2\n\xbf8\xbd\xe4U\xa6b\x8a7vi\x0f\xcf\xfc\xbf\xc8\xf6-\xb90Y.k\v\xe9\x01\x8dr\xe9\xb3\xda&\x16\n!\xda\xb1:\xf4/\xb7\x90\xe6\x02\x95[u', 0x2fb) unshare$auto(0x40000080) madvise$auto(0x0, 0xffffffffffff0001, 0x15) 18.606214347s ago: executing program 4 (id=1859): r0 = openat$auto_proc_gid_map_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/gid_map\x00', 0x30040, 0x0) mmap$auto(0x0, 0x20007, 0x4000000000df, 0x1ff, r0, 0x8000) (async) mmap$auto(0x0, 0x20007, 0x4000000000df, 0x1ff, r0, 0x8000) socket(0x11, 0x80003, 0x300) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) (async) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) listmount$auto(&(0x7f0000000040)={0x40, @raw=0x7ff, 0x4, 0x7, 0x634}, &(0x7f00000000c0)=0x100000001, 0x1, 0xff) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) (async) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) (async) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) epoll_create$auto(0x4) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) openat$auto_msr_fops_msr(0xffffffffffffff9c, 0x0, 0xf82, 0x0) mmap$auto(0x3ff, 0x3, 0xffffffff, 0x100000eb1, 0x40000000000a1, 0x4000008000) setsockopt$auto_SO_OOBINLINE(0xffffffffffffffff, 0x3, 0xa, &(0x7f0000000080)='nlctrl\x00', 0x2) (async) setsockopt$auto_SO_OOBINLINE(0xffffffffffffffff, 0x3, 0xa, &(0x7f0000000080)='nlctrl\x00', 0x2) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) (async) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) (async) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) madvise$auto(0x3000, 0xffffffffffff0001, 0x15) (async) madvise$auto(0x3000, 0xffffffffffff0001, 0x15) 17.142120155s ago: executing program 4 (id=1864): rseq$auto(0x0, 0x8000, 0x0, 0x6) r0 = socket(0x10, 0x3, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) r1 = socket(0x10, 0x2, 0x6) r2 = syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_SET_MAX_CSMA_BACKOFFS(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="0100010051d7d329f97a559d1bb4b9f0a309629eebb4c8aee7153b2ade40dd4172fe0f1e1066682e36bb9da5f69c2f4edc537a5a695da042d2128341dda4e10caef6c88dcedec83f0bbc72ed0e05b36cdd982b6335a8623359f7645f6e84f00757761204ec5e7d5834f8eefbf32ff70cda25519841d913d3c5fefad2c435619809c5f79e53f7fed383f379cafa51d69c23776f0f81bb43f6655dbc9ee804685e52c2296aba39121fb73f230c3e2be0c9ff71dbb012bab61e4dd65a23553843e52f", @ANYRES16=r2, @ANYBLOB="010028bd7000fcdbdf251100000010001e800c005e80080046800400f780"], 0x24}, 0x1, 0x0, 0x0, 0x20008000}, 0x8044) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) r3 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket(0x10, 0x2, 0x15) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f0000000300)=@test={r4, 0x4, 0x10, 0x9, 0x133, 0x9, 0xf4, 0xec56, 0x1, 0x90, 0x2, 0x1, 0x5, 0x7, 0x714c}, 0x10) bpf$auto(0x18, &(0x7f0000000040)=@raw_tracepoint={0x7, r3, 0x0, 0xff}, 0x92) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'pimreg0\x00', 0x0}) r6 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) read$auto_ftrace_enable_fops_trace_events(r6, 0x0, 0x0) r7 = ioctl$auto_NS_GET_TGID_IN_PIDNS(0xffffffffffffffff, 0x8004b709, &(0x7f0000000080)=0x3) r8 = clone$auto(0x5711, 0x9, &(0x7f00000000c0)=0xf, &(0x7f0000000100)=0xfffffff8, 0x9) sendmsg$auto_NL802154_CMD_DEL_SEC_LEVEL(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB="44120000", @ANYRES16=r2, @ANYBLOB="20002cbd7000fcdbdf2521000000050007000700000005000f005500000008000300", @ANYRES32=r5, @ANYBLOB="08122f807200128004001280154525111435068e505d2d4d4cdaca7f62ad3cf5b2fc417bc4dddddca329ad0654d43e47d8e8e863eb73906cf82b1f5f97be13c187cb7f9a6f2c2aaa2f4070bded80d3e4d4e1ccb9a102bcdf3f6964579e644d82317c87b22be4510ff39e3655dcaa3ee684cd040013800000c0000e800400cc800400288008007d00", @ANYRES32=r6, @ANYBLOB="0800f700", @ANYRES32=r7, @ANYBLOB="b3e7a4d05e17c602f02a716c3fd6f8a0919f3f8cfa447b9044c94094b0d05f3cb160db7c2e48c3054589588fb4a5f96a1930535fefc191690057a65f1d8f6a2bf708c477a7eaca9172248a65ba711168d7f22c8352a5c9a5fc9278e3ad3706aa7e81d9a525141ae74e030c448cd29c917bd71b4d18481d1307c3aeb4100d5a0baa7f2d8546363a420fed013c6343a942c0641092c1a1a7aa69317c21022ba55255010c420400bb00ba002c80040034800400048004001a800800f600000400008c2eade6ff6ba23f8323e1779910913440db9c8405d4617321ef1f515819387d3603c8463a5239138b5045262ec99d3f4138a125dcb32abf5b01d8831d99a049f0dc1d10de378cdca335853fed3e3a813a699fe5efe60286fb2af2acedca0203ae3a0502818336bdf963266ebdb85b491e72d795c41a2b887466ec9a5a38df9dacb0c03a0df9e62545b2b65d8f5465fe1c965d8c6ba95148d8fd377eb008f2a7e68000000800b3800400488008100d80040007804dfc8137bfc64f4b4f1930596dce531de6627b8a9ddd7ada441dcbbc507ed3e155c79100c194db9795eb869340aa15cdafa8e125e47dc5a8e4f2da2232b6c47f5b2ab54f16f5e55536f6874168d754376dbaf0d2c25a64e0b50c11bcb22621a8ff39acf0a72fa2603a5ce2446b9a52e5e2d8c6ad444c5168b4c84182756bb0b1171f02dd363b57a1e6d2856eb3578735210d6f4307ad0576269c5eebc4c2a3944e7992fcc6fec702c3a4bb1e8d1798fa7e4e54c40ddd30cdfebe7c4f00324ab6dd04202ace8b50269d58167a1fbf90f5255bd4345673e2bafd889d38b1d44919f7e9f111152fa5da3f85ffe740834292f5a81676049b2efafc03a8fe28419fd067f2e6af4c8ab7e1b40a2890140fd32b9f58a70065450d858592281d5aaa3297c72822df9b2f9e1c82ef86fd397281ff87a81c920d04540b9dd3138d8eddb8e46daef6af0c52f139413b3c1a13fda7d650c52470e054be1eef8290737d1c4344889f1552089ecbbe526f2404fe0ab845ef814c24cb9f8d24eeb9cb9c55c5d064b05f8c8a29e41aa51f154bdecf18f7de5efd1e6d7f75bf7a825e6c9500e89863d2a61244a57bcef49677f4772442f8a65c94b4e535da8a1747e9d284bbcd59d09ca42a07eecc3932a682db15f0492326d4ede257b7aa2e86abdc4555b4a1f9f9940a4aba36dc6e0dada976673bb483841ffa6a7548d2290801ad42b7438aa2b4698a6d30a28d1094e7975de1dec5ee5091a100e09571cf6998129a7df5132c6a892cc45052ae1e0bbd0443310f0290b3b1e610ce32d0a67f1fd7b6269293617f977dd3129bf3e5706598ef10a18ca81a4f46de334da5e9e75a0fa297de3242f5d3d1fde43730a00e371fdbfe41d03a29a60429b230837910dc1e2c7583d1ec0e0c80820db89f36230f754d0c476b937f0d92847008ef8dff98fa387e9493985309144d356364cbf571099fd46d541f051dc278d59e0a5b8300a734a79e45eaf7e009855b14d83ac4742a2e3e1f0eb23ba962516e533f35edfbe7045180a0fb3b46d6cb18930e4c1458314bf9ad3bd71b06044e52673c5395aa0b953b29df49d1feb2f730740fd5ecacbdccd0cfdc852102bd4f7a0dd35b0e5263e65d13287ccc54b1cccf6be6976cc1af8cb93c860852c55d601ac334681c945a3df406591c889ca3f726fed7abe6041fbff7aad4255628adf3d8aec9eee2730e961852405d0f0d35f52abd05869ef283a0b7a7b15ee14e7ad2632a45b626a0603c36a874670152c8e3c5e2cf9ffcff631c65e704d173b729128f110caad4f72303dbe9ff4f012d034191c3f928cf3bd4144c7c3c6ae8182e852e8a2283bb78017d1cf1b098a8a53315817369c8aef325ab32b1578ad9792d2e51faa2fc297d40c68304ef72639a35ec7a536ee5550346c5d469787f5a3965434b8e5388cf72c4c74be1459fa9c11948f3cd3630e90c9f83b97d2186a666b2972d0bfe271cd57f42889d28ad21c52cc53d47470501912d78d7a7374f50ba3609847a996c43490704415a357f9d5c101797f6324216c50bc278a989dd3c83071840f827e0ac9447d603814d888fe195de9565be5dd579d1ef74dd4190eeb10d158b9c8c6e1fb08c0096cad41ce70e12cb24114950742be3924b39392719e763971695884ebed3b58aaef9498368f08b3cae83f77d106de734a468911a9e470c368f36ade183dedd6cf27ebe313eb91612bd5e2b30bbda5300bfed2cda3eaccee64504ed79a5cd1f9a2f049e65975afb3ae6f031c60c9ecb4c0eee976e80f51fa6f569e16e7d4f3bc45a6801cb886e869ba7b05a49fad8129934a0014bbd6b3aeee6fd28ba3190404622fe681966b0eb0dac0545c29b4604bd619650645783169b197d7c3400e9957ff977a2729627854f9d92c6aec4749400b17d325186a1ab627fd34ac7ed225a46ec58f25bdbee7a378c4fce148c6a6017a6df066e8a4c300fec68c1cdb039602f039d590de4a07edd817134f930ce3d453c1cd226e2446f2d8f597a65e4cf68d799a456c2c4bcdf8996ed406f52de93ad35821e9fac16e463ea7871daf01e03ff87e4c6a127d43c37f394bd4bd3067f9413a4dda07fb98c793d021552d01c178aa933552d2c079094c814a4e97809e9848233d6121dc06d8b4cf39a06bd2fa1a6360e3d989c8336b069ef92b0aa5264884196d3eae4b7f4b425c93315c1fc562f8be538a9f0f080bb6250c6d7ad563c73f87989429393de3c074f026e40dc0d87c15009b4fe8c7091ee8762d13847af6ae871f7fcabfb6bd0def01b9621893ce0e2f71cdb129fea9e2fb60433d48ca514c40ede98c18e86a7438b77eae90cade9b5cf8d2734b7126d56336ec25fdeb137d63aecaac71baa02571bde774237d37fa0729c7083f25c0624c29c902bf091e18022829245cbd51f82becded0399b5962e830bae8141f47ac9a9d54753c20d78ddc875b55235e9c8d38003dcfc5f06155ee8c1c4ae9285b08a8653897db3af63c4e35b6e158f9fa629516363bd2e94987ecbb73e02a8fd1b0e4470ab73a563450fc728dbdfa8bac6e616d0168f87be5607ffc811a3fac9b11351f9eff015fc151db7bf7755bfd7c6c050ca6ca4ccf16b7896df219c8fcec52d39150e0d0b281c7659bf89a91e3365fbcff6df20740c09d2ea3d806b319612803939156e34227080e342d9464d8dd19c587036c415d3c7132c274449ad9b33ad884d1331eec90e7f0633e4ab4a522bead3686eabf55daaaf79ad83d24c6b47941ecaa2ecd73885fcd2c322112e55dcda6e8a89b286367d39737e5e80c003626f50d25a5863b15b7635f196fab150e0e28a778680b4f2101637d65a56d0126b3a077933ab39a54332310ea3091dbf140a05ec3858e68b48071aa51f2bf51935936ac0b64150dbc91b9d6b6355e70ce893801e61c976a5ea2ad6684fb01cdfae5aa362a31c0e1cd2fbe49f48cb307407b328a3ca0b079fa54873e5ec7ee5539fdb643942768e51739e4ea8fce20a1a1bb8c83fd33eaeb25e2ab3f15c0de0ce9d558e80a03284fc4da0a5d422375fe6bcdbb44efb11c464ad55b98c32cac709f02163301d8d0089cb419c6ebbd827e9a382b0f78eef3f758b5f89ba32711bdc41b24da4a0b65a5f461ca776587e3d1d4a37b0b4eb2c28b81a7c19aed6c1fccd8592dfa15e15589afa8b180c3fec076746ede63bbc66054d662a035d254d0d1fa714514dd66431ecc94b03e29d7600d26a86187fbc6a7eb846b5cea191966624e3d6a6951728eac70c6b8aacebea00149bf36158c450f6e70a4c264beca44961d69269c77224d6ef82b39f8bbb859ae5b32f5e805e0323237bbabda94eda50e0ff8d06b2217dbb6a6388a3e2fa7c1d8b7df13ec7f7710a26cf3f568daba4df2529602973b279a207c326538fd105c8a6b5b325a40f27f0db034c68b7781c0110f90ed5a33e100eda81651530e1f1a18ec940ebd0d4ea7f6c016120be0b4aa7ec17dd98be049a185bebe41f126350a481d711a92dc514c26432305a27e18a154f9d8371c623204e9939fdbef3f5234fcd69dd03166673e81fad27b35d55ed883a15cf3bf96daa3014cd6c5de70870a0380a7a7cc0f9cbc1dc9c42f886b4eae147678950bb6b94a203b51878f0b3c0eb43ff51602f479d5e670180e9e82dabed6284ecc5bcb02701515d3f3ebd469df52a446109ef472716e705ba89f9e18b970520baa9912b97a86655acc960b26c9a64eb047a3e0b070903727d2ec30def95531fe7b2f508484dd4426caab9e292b1c7b9a97e8b3c291e8d1f988fa33feee577015916c9c01d44c3d7e7ecb182a89108c421b29faf46b0b422f54a02aec74541692d7a2e46633bf20b500a1da01565c2a5df1c6bfdb34d76869fd67b20441f41d66591495f4a111004d8047c5f4070d22b51d26dd8e884fceff28af0bdbc2d40eecd0e20a467fdb4614a966f357cd72cbcc5c6c9e9ac1fbb7456268f58244de2eb571f1d76532b08f943b85104f1072c7f183e3ce8944dbd7fcfc64fb2af8d70d6dff3bf459f3759f3198c29d53413344f6a278222b675687b619c640b53bd9c3e95aee0547913df33089c276fe15e018c393a65fbaa50ee1c244d5bf719917d3b91999166f5cf166ffc2a19ae0e04314680407645fe2f572168b8965d2cf487592371f1af1318a040be244a28fbd498a65fda74cce341bf7d94903b8bd2899096cad4d41d6ab0143cc6d7457ecc52c233a8f471a0508a0b3161ddb5c27f3b8f22cf52cee59fa70f9dd92fa880e9ebd5f5fc09a1714f25145d6d8f7d99605169e100f5107de6c2066104226be25e4bf680da9de20a23d3fe168208a1b9dc69ee095484cb6401080b9f93698ae0fca625f39484e43139b85d38536a99db1a41a5aff0de625d362d86ba3ec2bc72027cf74ed9f559332dbfe580a776e1165d6f28038b64942c52ca42d5d948a5d5ab8bc717bb56a7ab1656af222b8e50115128c68bdcf4a5fa9eae06079414011be25c90cf9bc0e12ec55dd19658e557c59b70881d0c3df19e464f8d965f25fe34525639e86313b819c6fa1e5bcab805d6bfdff4534ff0050c754a976b47f543a7253774941009dfdb266e22916b89e434141f72a9e59dfdbaed24cc78dc1abf487347f539a15a8ef8032cc6a72d7c6e976660ec2e0bc5cabeb512fdfb491e12252a69158b939fa4562e9ae5fbab07d13227a0b524fa09e3464616df4e209fa8b71f9f0ecd26c0817eb1788eaa750f89ceff3e7d8b85dde32e4249bd353dcfcada4ced6cf6825eb74ae2331c78442f7f799f426bc55cfa9ac030e2212f1616ac5eed8a2beeca544e414c0e3e98fc69a1c9228e761f36d8ccfbd71e50f3da7d9341197da8dec919dc39475b2ed5cee3c7b0a953326fc35b0581661e50eb2282ba8cd8d0c0f3448e5fa713afcbef33c43051f1ef95ce974367322da62d27f7f128e735c16b2d8db5ecb05d6366bbb9a2ec5c38a372052ea170d4ab3ddd1fbc8537f2394566f3ea5ce3fbea454634307278eb3dfaa118aa930aa111a46d85cb78a4486bfe064c088092ae007490928c85aae5aebaffe05f67bd0f0742d7abd2f0859e85ead35d196ca934d05148402cd66128f2aec2dd1ff5a52026c01667da1e9072b9d5337995264e335457a62ac5ba682a2bb5ce6deb93db9d0de895219bb012dec496c246623f04bd942ef8a338b7cf89c8dc93807295b84f4958add20186499d7048820aa41a0a06b43456a35e7458ae83be2d98bd2b771367cd166c988a56c92da1a20b651d8e33414c9ef762049917fb01d34b58d9bbb2725684a537d899dcddb90751253fef7e89dcc859b547027910fb4c482233af8b5e636bfbd0bbbecfb8c9730ec510d036317dd33604144ad363c2637230dbfb294b77dca65a2ea7cb4276e3052c63acd19c2fff373ed14e63286051553d0e8c07f897e0d787cf2dd01c234f10ea3f43e47d29d44335b7259abdf793b9fb162697589cca245bec1fd470e8e86438adeda94ded6843e448b5f6d3a6033f3f5fe503465153f049d7df93944041610d90e90938f3e441286ce3397e79babd4f46854bd3737d1942e06fef29d7a9b941f41469c8d80323e28b5549dcedd307e787494d4f716a9473284ea49befb4aff67476594783465b9c1803f60b9866ff06ffddbe15627bb40d0e6387a127ef9da0a71b07c1b1ee800ed8a2bc6a53d93d29f13ac69cd9d0a2d649891bf7b8da1562ff6cf7e78d3939df976b6722eb393669cb9237548268f6b8bea022a323b6a70090830fd917660f6a8b8098bb050013000100000008001c00", @ANYRES32=r8, @ANYBLOB], 0x1244}, 0x1, 0x0, 0x0, 0x40004894}, 0x0) r9 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_hcd.0/usb1/bConfigurationValue\x00', 0x63102, 0x0) sendfile$auto(r9, r9, 0x0, 0x1) 15.495542038s ago: executing program 4 (id=1871): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x8, 0x101, 0x6) mremap$auto(0x10000000004000, 0xb8, 0x6, 0x3, 0x400fffff003) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0xa, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) madvise$auto(0x97, 0xffffffff80000001, 0x4) open(0x0, 0x22240, 0x0) connect$auto(0x3, 0x0, 0x55) mmap$auto(0x0, 0x400008, 0xdc, 0x9b72, 0x2, 0x8000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/tcp\x00', 0x181800, 0x0) pread64$auto(r0, 0x0, 0x3ef, 0x9) add_key$auto_KEY_SPEC_USER_KEYRING(&(0x7f0000001c80)='\\\x00', &(0x7f0000001cc0)='\x00', 0x0, 0x0, 0xfffffffffffffffc) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0) ioctl$auto_UDMABUF_CREATE_LIST(0xffffffffffffffff, 0x40087543, &(0x7f0000000100)={0x5eea, 0x7, [{r1, 0x0, 0x4, 0x6}]}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mremap$auto(0x0, 0xffffffffffffffff, 0x3fd8, 0x3, 0x7fffffffb000) mmap$auto(0x1, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty12\x00', 0x800, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/zram0\x00', 0x103001, 0x0) write$auto(r2, &(0x7f0000000040)='//\xf2\x00', 0xce) socket(0x10, 0x6, 0x3a) setsockopt$auto(0x400000000000003, 0x2c, 0xd4, 0x0, 0x4) prctl$auto(0x23, 0x20000000000000b, 0x7fffffffefff, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="01002cbd7000fedbdf250400000004001d0004000e007b3e0ae60b53a1d5c5cbfae75514d72911810f2a74422dd9f6273dd5113757dbcce58fb7eb9125cd2fe665cb7cd1e6c5439bf2b23a3d0589f088b1a934eec318057852e313f7025b654dd0dd6b13adbf52c8438edf5255c27ba066d3b087bfc1bd1d9cf5aa2d31a8a1dce97d336c3bd31f172e3a6b023a0fece6099418"], 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) 10.794414626s ago: executing program 1 (id=1877): r0 = io_uring_setup$auto(0x59, &(0x7f0000000080)={0xe43, 0xd, 0x10400, 0xe, 0x4, 0x80000000, 0xffffffffffffffff, [0x0, 0x0, 0x20000000], {0x5, 0x6, 0x8c48, 0x2a3, 0x100, 0x7ffffffb, 0x100101, 0x6, 0x2}, {0xf8, 0x1, 0x1, 0x1, 0x9, 0x40, 0x76c5, 0x8, 0x100000000}}) bind$auto(0x3, 0x0, 0x6a) mmap$auto(0x3ffffd, 0x4020009, 0x7, 0xeb1, r0, 0xff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x4000000000eb1, 0x6, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x8, 0x41, 0xfffffffffffffff5, 0x15, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{0x0, 0x0, 0x0, 0x9, 0x0, 0xffffffffffbffff8, 0x104}, 0x800}, 0x100, 0x3) r1 = socket(0x1f, 0x3, 0x400001) sendmsg$auto_NL80211_CMD_GET_REG(r1, 0x0, 0x4c041) r2 = socket(0xf, 0x5, 0xf) setsockopt$auto(r2, 0x6, 0xc, 0x0, 0x7fffffff) mmap$auto(0x0, 0x20009, 0xdf, 0xebf, 0x401, 0x5) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/softirqs\x00', 0x4063c2, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r4, &(0x7f00000001c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20024010}, 0xc801) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) pidfd_open$auto(0xffffffffffffffff, 0x5) execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000100)=0x0) openat$auto_trace_clock_fops_trace(0xffffffffffffff9c, 0x0, 0x0, 0x0) set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21) semctl$auto_GETNCNT(0x80000000, 0xe, 0xe, 0x6) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:05/wakeup/wakeup4/expire_count\x00', 0xa001, 0x0) write$auto(r5, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mount$auto(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000040)='nfsd\x00', 0x3, 0x0) r6 = openat$auto_proc_mounts_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/mounts\x00', 0x2002, 0x0) pread64$auto(r6, 0x0, 0x3c02, 0x100007) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) 10.793485235s ago: executing program 5 (id=1879): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/virtual/block/nbd4/queue/optimal_io_size\x00', 0x40000, 0x0) read$auto(r0, 0x0, 0x20) (fail_nth: 7) 9.178058857s ago: executing program 4 (id=1882): creat$auto(&(0x7f0000000080)='++\x00', 0xd) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/oss\x00', 0xaa102, 0x0) write$auto(r0, 0x0, 0x7ef) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0) r1 = socket(0x10, 0x3, 0x1) ioperm$auto(0x7, 0x9, 0xc) modify_ldt$auto(0x1, 0x0, 0x10) r2 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r2, 0x0, 0x7ff, 0x400) socket(0x2, 0x1, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x12, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x400000000000948f, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x3d77, 0x9, 0x1]}, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/kernel/kexec_load_disabled\x00', 0x202, 0x0) sendfile$auto(r5, r5, 0x0, 0x0) mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000) mmap$auto(0x0, 0x10000, 0x4000000000db, 0xeb1, 0x2, 0x8000) r6 = open(0x0, 0x1, 0x1dc) newfstatat$auto(r6, 0x0, 0x0, 0x1000) r7 = socket(0x2b, 0x1, 0x1) ioctl$auto(r7, 0x8901, 0x4) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) madvise$auto(0x0, 0x8, 0x16) ioctl$auto_BLKTRACESETUP32(r4, 0xc0401273, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/ext4/sda1/trigger_fs_error\x00', 0xa801, 0x0) write$auto(r1, &(0x7f00000002c0)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\b\x86\xc6\xd7L\xc6\xd1\xf4h\xf2\xc4\x9aZ\x14\x83\f\x17\xf6\xb1u!\xbc\xbc8H\x94,3\xba\x8a\'\xef\b\x942W\xb5:\xb4\xe3[\x9d\xc1s\x13\xf9\xd5X\xe0\xfd\x7f\x95\xf8\xc9\x85\xe7\xd9u3\xc3\xcd\x1dJX\xcd\xab\xf5\xdf\xf1\xad\xa4\xf1\x9b\xc4\xf9\xac\xa2\x8f@W\x9d\xf4 \xd3di\x84\xff\xe2`\x9c7\xbc\xe7\xe1\x94\xcb\b\xf7\xa0\x93]\xba\t\x92\xca\x1f\xc3\x00\x00\x00\x00\xf8\xeb\xc65\xd3\xd1\xc5\xbb\x96{\xa3\xe7\\y\xa9Em\xd5\x19\xef\xf8\xac!\xff@K\x1d\xeaE\xce=\x90\xeeO\x82X\xc1\xbfI:5\xac\xb0\x98\xbf\xf1\xba\xa4\x10s\xfb\xc1j;!\xa4+{\xe6_\x177\xe4\xf14\xe0\nv\xef\xce\x19eM\xae\xe3\xd9jc\x10\xa7\xf1\xce&\xd7\xb6\x06\xf3\xeb\xe8\x87[f\xe7\xdf\x8c\x0f\x80\xed\x04Z!\x89R\x8b-\xbcI\t:\xcf\x9b\xd5a\v\xf0^d$\xb6\x06\xbb\xdf\xa5\x88\x96\xd2V{\xb7n\x1b5N\xb9\xdc\x97\x16\x9e\aag\x1b\xf0\xcb\xebtw\xe3\xf0\x03\xf8\xf2\xe3\xb7\x85\x8c\xe2\xca\xfdB\xa5\x82nlV\xac\xe6bK\xec\xa3?V\x85.\xe7qeOd\x19\xeaX\x94N\x84\xa51\xec7:\xef\xd1\x8f\xd4JP\x81\xc3\xa3/Mz\x91f\xcf\xdaO\xe1l\xcc\x8b\xb0\xe5\xc9n\x95\x9a\xa6\xf3Tk\xdf\xf5m\x7fbC\x8a\x97\xdcM\x06\x8a\xd3g\xe5\'\xf2\x8c\x1a\xd00Z\x06\xf2\xacL\xe0\xab\x1d\x1e\x94?', 0x81) close_range$auto(0xffffffffffffffff, 0x8, 0x0) 9.177789958s ago: executing program 5 (id=1883): mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x5, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/afs/sysname\x00', 0xaa102, 0x0) write$auto(r0, &(0x7f0000000080)='..+*@sys\x00', 0x1) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = socket(0xa, 0x2, 0x3a) mmap$auto(0x0, 0x3ff, 0x1ff, 0xeb1, r2, 0x8000) r3 = io_uring_setup$auto(0xfffffffd, 0x0) sendmsg$auto_NL802154_CMD_SET_SEC_PARAMS(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[], 0xb5c}, 0x1, 0x0, 0x0, 0x4001}, 0x48880) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x55) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xffff}, 0x1, 0x0, 0x0, 0x9}, 0x100007}, 0x3, 0x0) syz_clone(0x80800000, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r5 = openat$auto_proc_tid_children_operations_internal(0xffffffffffffff9c, &(0x7f0000000000), 0x82000, 0x0) pread64$auto(r5, 0x0, 0x14f7ebd9, 0x4) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000ccd2294778f5e9a6ff080ee4369d4c6b9bd5e81a28a12ab1baa3e283a8d7eba5aae19c73dc07db", @ANYRES16=r1, @ANYRESOCT=r4], 0x38}, 0x1, 0x0, 0x0, 0x440a0}, 0x800) pipe$auto(&(0x7f0000000040)) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/fs/cifs/LinuxExtensionsEnabled\x00', 0x842, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) read$auto(0x3, 0x0, 0x8080) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r6 = socket(0x29, 0x2, 0x0) r7 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) ioctl$auto(r6, 0x8b0f, 0x24) 9.17312073s ago: executing program 1 (id=1884): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x40000008000) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x184) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000080)='/proc/kpageflags\x00', 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyz7\x00', 0x5e141, 0x0) readv$auto(0x3, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400) 8.285605565s ago: executing program 5 (id=1885): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyx3\x00', 0x42880, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x10b842, 0x0) socket(0xa, 0x2, 0x88) mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) bpf$auto(0x1, 0x0, 0xc) futex$auto(0x0, 0x5, 0xf4, 0x0, 0x0, 0xc0040000) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth0/accept_ra_pinfo\x00', 0x2000, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mincore$auto(0x0, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/system/cpu/vulnerabilities/spec_rstack_overflow\x00', 0x40, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000380)=""/11, 0xb) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x6) socket(0xf, 0x3, 0x2) socket(0x2, 0xa, 0xe57a) r3 = socket(0x2b, 0x1, 0x1) setsockopt$auto(r0, 0x6, 0x3ff, 0x0, 0xfffffffd) sendmsg$auto_NL80211_CMD_SET_REG(r3, 0x0, 0x20000000) readv$auto(0x6, &(0x7f00000000c0)={0x0, 0x1}, 0x1) read$auto(r1, 0x0, 0x1ff) clock_getres$auto(0xfffffffd, 0x0) write$auto(0x3, 0x0, 0x400007) 6.689767473s ago: executing program 1 (id=1887): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x40000008000) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x184) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000080)='/proc/kpageflags\x00', 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyz7\x00', 0x5e141, 0x0) readv$auto(0x3, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400) 6.689657007s ago: executing program 5 (id=1888): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x40000008000) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x184) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000080)='/proc/kpageflags\x00', 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyz7\x00', 0x5e141, 0x0) readv$auto(0x3, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400) 5.016500993s ago: executing program 0 (id=1891): mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0x23, 0x80805, 0x0) inotify_init1$auto(0x3000000000000) mmap$auto(0x0, 0x2020009, 0x126, 0xf8, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) bind$auto(r0, &(0x7f0000000040)=@ethernet={0x1, @broadcast}, 0x6a) ioctl$auto(0x3, 0x89e0, 0x38) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x80081, 0x0) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000001140)='/proc/sys/net/ipv4/conf/macvlan0/proxy_arp\x00', 0x8a042, 0x0) sendfile$auto(r2, r2, 0x0, 0x10000) write$auto_seq_oss_f_ops_seq_oss(r1, &(0x7f00000002c0)="f618deadf7e888b1ff8bff71c49054428f819e30236ce79200d01532f2ed0d000000008d5d8e9dea0337f5095b82a54456f845800adbfbd11b66630e687bbca2612c912a6f57eb9f9944281954e2c5da22daf73acc711a3d9b6758b7a6e74bae890345225264da35ac3be11d2f555b8d08cef68f4a3aa938391dfbc0841813c93c41ee53b7e310c21563c1d8cbcde6549675fbe14b917c5b0a23069452100c3110990884271e91b8f6497e89091dc41c4cdd1769725f5f6d78aaac636711", 0xbe) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TCFLSH2(r4, 0x80045439, 0x0) ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0) mmap$auto(0x0, 0x6, 0xdd, 0x9b72, 0xffffffffffffffff, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) close_range$auto(r4, 0x8, 0x0) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0) mmap$auto(0x0, 0x5, 0xdf, 0x9b72, 0x7, 0x28000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r5 = socket(0xa, 0x800, 0xff) mmap$auto(0x0, 0x3ff, 0x1ff, 0xeb1, r5, 0x8000) r6 = io_uring_setup$auto(0xfffffffd, 0x0) sendmsg$auto_NL802154_CMD_SET_SEC_PARAMS(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[], 0xb5c}, 0x1, 0x0, 0x0, 0x4001}, 0x48880) 4.694327806s ago: executing program 5 (id=1892): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x8, 0x101, 0x6) mremap$auto(0x10000000004000, 0xb8, 0x6, 0x3, 0x400fffff003) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0xa, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) madvise$auto(0x97, 0xffffffff80000001, 0x4) open(0x0, 0x22240, 0x0) connect$auto(0x3, 0x0, 0x55) mmap$auto(0x0, 0x400008, 0xdc, 0x9b72, 0x2, 0x8000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/tcp\x00', 0x181800, 0x0) pread64$auto(r0, 0x0, 0x3ef, 0x9) add_key$auto_KEY_SPEC_USER_KEYRING(&(0x7f0000001c80)='\\\x00', &(0x7f0000001cc0)='\x00', 0x0, 0x0, 0xfffffffffffffffc) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0) ioctl$auto_UDMABUF_CREATE_LIST(0xffffffffffffffff, 0x40087543, &(0x7f0000000100)={0x5eea, 0x7, [{r1, 0x0, 0x4, 0x6}]}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mremap$auto(0x0, 0xffffffffffffffff, 0x3fd8, 0x3, 0x7fffffffb000) mmap$auto(0x1, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty12\x00', 0x800, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/zram0\x00', 0x103001, 0x0) write$auto(r2, &(0x7f0000000040)='//\xf2\x00', 0xce) socket(0x10, 0x6, 0x3a) setsockopt$auto(0x400000000000003, 0x2c, 0xd4, 0x0, 0x4) prctl$auto(0x23, 0x20000000000000b, 0x7fffffffefff, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="01002cbd7000fedbdf250400000004001d0004000e007b3e0ae60b53a1d5c5cbfae75514d72911810f2a74422dd9f6273dd5113757dbcce58fb7eb9125cd2fe665cb7cd1e6c5439bf2b23a3d0589f088b1a934eec318057852e313f7025b654dd0dd6b13adbf52c8438edf5255c27ba066d3b087bfc1bd1d9cf5aa2d31a8a1dce97d336c3bd31f172e3a6b023a0fece6099418"], 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) 4.182956509s ago: executing program 4 (id=1893): open(&(0x7f00009e1000)='./file0\x00', 0xc162, 0x0) mmap$auto(0x0, 0x8, 0x200000000df, 0x9b72, 0x2, 0x8000) (async) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0) (async) r1 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x8a403, 0x0) close_range$auto(0x2, 0x8, 0x0) (async) socket(0x2b, 0x1, 0x0) (async) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy1/airtime_flags\x00', 0x2, 0x0) (async) read$auto(r1, &(0x7f0000000580)='\x00', 0xa3eb) (async) mlockall$auto(0x2) setsockopt$auto_SO_RESERVE_MEM(r0, 0xd, 0x49, &(0x7f0000000080)='/dev/vmci\x00', 0x5) setresuid$auto(0x2, 0x7, 0x8080) (async) mmap$auto(0xf000, 0x8, 0x7009, 0x9b72, 0x2, 0x8000) (async) mlockall$auto(0x3) (async) r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000026d00)='/dev/dri/card1\x00', 0x2000, 0x0) ioctl$auto(r2, 0x64c9, r2) (async) write$auto(0x3, 0x0, 0xffd8) 3.753558959s ago: executing program 0 (id=1894): mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x5, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/afs/sysname\x00', 0xaa102, 0x0) write$auto(r0, &(0x7f0000000080)='..+*@sys\x00', 0x1) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = socket(0xa, 0x2, 0x3a) mmap$auto(0x0, 0x3ff, 0x1ff, 0xeb1, r2, 0x8000) r3 = io_uring_setup$auto(0xfffffffd, 0x0) sendmsg$auto_NL802154_CMD_SET_SEC_PARAMS(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[], 0xb5c}, 0x1, 0x0, 0x0, 0x4001}, 0x48880) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x55) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xffff}, 0x1, 0x0, 0x0, 0x9}, 0x100007}, 0x3, 0x0) syz_clone(0x80800000, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r5 = openat$auto_proc_tid_children_operations_internal(0xffffffffffffff9c, &(0x7f0000000000), 0x82000, 0x0) pread64$auto(r5, 0x0, 0x14f7ebd9, 0x4) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000ccd2294778f5e9a6ff080ee4369d4c6b9bd5e81a28a12ab1baa3e283a8d7eba5aae19c73dc07db", @ANYRES16=r1, @ANYRESOCT=r4], 0x38}, 0x1, 0x0, 0x0, 0x440a0}, 0x800) pipe$auto(&(0x7f0000000040)) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/fs/cifs/LinuxExtensionsEnabled\x00', 0x842, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) read$auto(0x3, 0x0, 0x8080) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r6 = socket(0x29, 0x2, 0x0) r7 = socket(0x10, 0x2, 0x0) recvmmsg$auto(r7, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r6, 0x8b0f, 0x24) 3.574857955s ago: executing program 1 (id=1895): mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x5, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/afs/sysname\x00', 0xaa102, 0x0) write$auto(r0, &(0x7f0000000080)='..+*@sys\x00', 0x1) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = socket(0xa, 0x2, 0x3a) mmap$auto(0x0, 0x3ff, 0x1ff, 0xeb1, r2, 0x8000) r3 = io_uring_setup$auto(0xfffffffd, 0x0) sendmsg$auto_NL802154_CMD_SET_SEC_PARAMS(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[], 0xb5c}, 0x1, 0x0, 0x0, 0x4001}, 0x48880) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x55) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xffff}, 0x1, 0x0, 0x0, 0x9}, 0x100007}, 0x3, 0x0) syz_clone(0x80800000, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r5 = openat$auto_proc_tid_children_operations_internal(0xffffffffffffff9c, &(0x7f0000000000), 0x82000, 0x0) pread64$auto(r5, 0x0, 0x14f7ebd9, 0x4) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000ccd2294778f5e9a6ff080ee4369d4c6b9bd5e81a28a12ab1baa3e283a8d7eba5aae19c73dc07db", @ANYRES16=r1, @ANYRESOCT=r4], 0x38}, 0x1, 0x0, 0x0, 0x440a0}, 0x800) pipe$auto(&(0x7f0000000040)) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/fs/cifs/LinuxExtensionsEnabled\x00', 0x842, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) read$auto(0x3, 0x0, 0x8080) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r6 = socket(0x29, 0x2, 0x0) r7 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) ioctl$auto(r6, 0x8b0f, 0x24) 2.836872337s ago: executing program 0 (id=1897): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x40000008000) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x184) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000080)='/proc/kpageflags\x00', 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyz7\x00', 0x5e141, 0x0) readv$auto(0x3, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400) 2.396598732s ago: executing program 0 (id=1898): creat$auto(&(0x7f0000000080)='++\x00', 0xd) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/oss\x00', 0xaa102, 0x0) write$auto(r0, 0x0, 0x7ef) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0) socket(0xa, 0x1, 0x100) ioperm$auto(0x7, 0x5ad2, 0xc) modify_ldt$auto(0x1, 0x0, 0x10) r1 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r1, 0x0, 0x7ff, 0x400) socket(0x2, 0x1, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x12, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x400000000000948f, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x9, 0x1]}, 0x0) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/net/rpc/nfs4.idtoname/channel\x00', 0x8f3b7a51b80ebd01, 0x0) write$auto_proc_reg_file_ops_compat_inode(r4, &(0x7f0000000040)="04000000027e0dc0023acb0c00000c000000fad4de9a20350a", 0x19) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/kernel/kexec_load_disabled\x00', 0x202, 0x0) sendfile$auto(r5, r5, 0x0, 0x0) mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000) mmap$auto(0x0, 0x10000, 0x4000000000db, 0xeb1, 0x2, 0x8000) r6 = open(0x0, 0x0, 0x187) newfstatat$auto(r6, 0x0, 0x0, 0x1000) r7 = socket(0x2b, 0x1, 0x1) ioctl$auto(r7, 0x8901, 0x4) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) madvise$auto(0x0, 0x8, 0x16) ioctl$auto_BLKTRACESETUP32(r3, 0xc0401273, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) close_range$auto(0x2, 0x8, 0x0) 1.848443129s ago: executing program 1 (id=1899): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyx3\x00', 0x42880, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x10b842, 0x0) socket(0xa, 0x2, 0x88) mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) bpf$auto(0x1, 0x0, 0xc) futex$auto(0x0, 0x5, 0xf4, 0x0, 0x0, 0xc0040000) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth0/accept_ra_pinfo\x00', 0x2000, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mincore$auto(0x0, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/system/cpu/vulnerabilities/spec_rstack_overflow\x00', 0x40, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000380)=""/11, 0xb) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x6) socket(0xf, 0x3, 0x2) socket(0x2, 0xa, 0xe57a) r3 = socket(0x2b, 0x1, 0x1) setsockopt$auto(r0, 0x6, 0x3ff, 0x0, 0xfffffffd) sendmsg$auto_NL80211_CMD_SET_REG(r3, 0x0, 0x20000000) readv$auto(0x6, &(0x7f00000000c0)={0x0, 0x1}, 0x1) read$auto(r1, 0x0, 0x1ff) clock_getres$auto(0xfffffffd, 0x0) write$auto(0x3, 0x0, 0x400007) 1.377286665s ago: executing program 0 (id=1900): mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x5, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/afs/sysname\x00', 0xaa102, 0x0) write$auto(r0, &(0x7f0000000080)='..+*@sys\x00', 0x1) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = socket(0xa, 0x2, 0x3a) mmap$auto(0x0, 0x3ff, 0x1ff, 0xeb1, r2, 0x8000) r3 = io_uring_setup$auto(0xfffffffd, 0x0) sendmsg$auto_NL802154_CMD_SET_SEC_PARAMS(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[], 0xb5c}, 0x1, 0x0, 0x0, 0x4001}, 0x48880) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x55) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xffff}, 0x1, 0x0, 0x0, 0x9}, 0x100007}, 0x3, 0x0) syz_clone(0x80800000, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r5 = openat$auto_proc_tid_children_operations_internal(0xffffffffffffff9c, &(0x7f0000000000), 0x82000, 0x0) pread64$auto(r5, 0x0, 0x14f7ebd9, 0x4) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000ccd2294778f5e9a6ff080ee4369d4c6b9bd5e81a28a12ab1baa3e283a8d7eba5aae19c73dc07db", @ANYRES16=r1, @ANYRESOCT=r4], 0x38}, 0x1, 0x0, 0x0, 0x440a0}, 0x800) pipe$auto(&(0x7f0000000040)) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/fs/cifs/LinuxExtensionsEnabled\x00', 0x842, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) read$auto(0x3, 0x0, 0x8080) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r6 = socket(0x29, 0x2, 0x0) r7 = socket(0x10, 0x2, 0x0) recvmmsg$auto(r7, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r6, 0x8b0f, 0x24) 1.022119656s ago: executing program 4 (id=1901): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x141000, 0x0) unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) setresuid$auto(0xffffffffffffffff, 0x0, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) timer_create$auto(0x2, 0x0, 0x0) timer_create$auto(0x3, 0x0, 0x0) timer_delete$auto(0x1) 406.953347ms ago: executing program 0 (id=1902): mq_open$auto(0x0, 0xdd1, 0x8, 0x0) (async) mq_notify$auto(0x4, 0x0) (async) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async) setsockopt$auto(0xffffffffffffffff, 0x114, 0x9, 0xffffffffffffffff, 0x7f) socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0x1e, 0x5, 0x8000) mmap$auto(0x0, 0x20009, 0x10000df, 0xeb1, 0x401, 0x8000) (async) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r0 = open(&(0x7f0000000000)='./cgroup\x00', 0x140, 0xa2) fchdir$auto(r0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = open(&(0x7f0000000100)='.\x00', 0x40000, 0x0) getdents64$auto(r1, 0x0, 0x400) (async) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) rename$auto(&(0x7f0000000040)='./cgroup\x00', 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async) r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/security/tomoyo/stat\x00', 0x2, 0x0) read$auto_tomoyo_operations_securityfs_if(r2, 0x0, 0x0) (async) pread64$auto(r2, 0x0, 0xb69c, 0x2) (async) r3 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000600), 0x142, 0x0) writev$auto(r3, &(0x7f0000000c00)={0x0, 0x7}, 0x4) (async) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) (async) shmctl$auto(0x691, 0x3, 0x0) (async) kexec_load$auto(0x5, 0x2, 0x0, 0x20000000000005) (async) r4 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) (async) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, 0x0, 0x1c1041, 0x0) (async) fcntl$auto(0x3, 0x4, 0xa553) (async) sendmmsg$auto(r4, &(0x7f0000000140)={{&(0x7f0000000040), 0x8000012, 0x0, 0x9, 0x0, 0x5, 0xb}, 0x9}, 0x2, 0x20000000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc0}, 0x1, 0x0, 0x0, 0x9}, 0x100007}, 0x31cd3c7c, 0xd) 125.672271ms ago: executing program 5 (id=1904): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x8600, 0x0) r0 = fcntl$auto(0x3, 0x4, 0xa553) mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_CRIT_PROTOCOL_START(r0, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000025bd7000fddbdf25620000000800620451e14b00ff0100000500ee000000000004008e00"], 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x404c091) mmap$auto(0x0, 0x5, 0xdf, 0x9b72, 0x7, 0x28000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r1 = socket(0x2a, 0x2, 0x0) getpeername$auto(0x3, 0x0, 0x0) r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = socket(0xa, 0x2, 0x3a) mmap$auto(0x0, 0x3ff, 0x1ff, 0xeb1, r3, 0x8000) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000) r4 = socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e20, @empty}, 0xff) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(r1, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x34, 0x0, 0x400, 0x70bd28, 0x25dfdbff, {}, [@ETHTOOL_A_RINGS_TX_PUSH_BUF_LEN={0x8, 0xf, 0x10000}, @ETHTOOL_A_RINGS_RX_PUSH={0x5, 0xe, 0xb}, @ETHTOOL_A_RINGS_RX_PUSH={0x5, 0xe, 0xfa}, @ETHTOOL_A_RINGS_RX_PUSH={0x5, 0xe, 0xd}]}, 0x34}, 0x1, 0x0, 0x0, 0x4}, 0x8d7ec969d3a4a676) sendmsg$auto(r4, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) r5 = io_uring_setup$auto(0xfffffffd, 0x0) sendmsg$auto_NL802154_CMD_SET_SEC_PARAMS(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[], 0xb5c}, 0x1, 0x0, 0x0, 0x4001}, 0x14) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x55) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xffff}, 0x1, 0x0, 0x0, 0x9}, 0x100007}, 0x3, 0x0) syz_clone(0x80800000, 0x0, 0x0, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000180), r3) r6 = syz_clone(0x1042111, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_vrr_range_fops_(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/dri/vkms/Writeback-1/vrr_range\x00', 0x80100, 0x0) r7 = openat$auto_proc_tid_children_operations_internal(0xffffffffffffff9c, &(0x7f0000000000), 0x82000, 0x0) pread64$auto(r7, 0x0, 0x14f7ebd9, 0x4) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000ccd2294778f5e9a6ff080ee4369d4c6b9bd5e81a28a12ab1baa3e283a8d7eba5aae19c73dc07db", @ANYRES16=r2, @ANYRESOCT=r6], 0x38}, 0x1, 0x0, 0x0, 0x440a0}, 0x800) pipe$auto(&(0x7f0000000040)=0xffffffffffffffff) read$auto_console_fops_tty_io(r8, &(0x7f0000000080)=""/72, 0x48) close_range$auto(0x2, 0xffffffffffffffff, 0x0) 0s ago: executing program 1 (id=1905): open(&(0x7f0000000100)='.\x00', 0x591002, 0x408) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0001, 0x15) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) mmap$auto(0x0, 0x20009, 0x20004000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) fallocate$auto(0x8000000000000003, 0xcc000000, 0xd, 0xcbd5d) mmap$auto(0xfffffffffffffffb, 0x2, 0x100000021, 0x400009b75, 0xea8a, 0x8000) kernel console output (not intermixed with test programs):                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            [ 491.682399][T11474] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1067'. [ 495.073737][T11517] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 495.079939][T11517] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 495.094057][T11517] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 495.103317][T11517] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 495.109595][T11517] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 495.541341][T11528] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1077'. [ 495.760579][T11528] ipvlan1: entered allmulticast mode [ 495.777251][T11528] veth0_vlan: entered allmulticast mode [ 496.175552][T11535] FAULT_INJECTION: forcing a failure. [ 496.175552][T11535] name fail_futex, interval 1, probability 0, space 0, times 0 [ 496.204108][T11535] CPU: 0 UID: 0 PID: 11535 Comm: syz.0.1079 Tainted: G U 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 496.204158][T11535] Tainted: [U]=USER [ 496.204167][T11535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 496.204184][T11535] Call Trace: [ 496.204193][T11535] [ 496.204204][T11535] dump_stack_lvl+0x16c/0x1f0 [ 496.204242][T11535] should_fail_ex+0x512/0x640 [ 496.204280][T11535] get_futex_key+0x1d0/0x1540 [ 496.204321][T11535] ? __pfx_get_futex_key+0x10/0x10 [ 496.204355][T11535] ? __mutex_trylock_common+0xe9/0x250 [ 496.204408][T11535] futex_wake+0xe7/0x4e0 [ 496.204452][T11535] ? __pfx_futex_wake+0x10/0x10 [ 496.204488][T11535] ? __lock_acquire+0xb8a/0x1c90 [ 496.204545][T11535] do_futex+0x1e3/0x350 [ 496.204589][T11535] ? __pfx_do_futex+0x10/0x10 [ 496.204622][T11535] ? __might_fault+0xe3/0x190 [ 496.204666][T11535] mm_release+0x24e/0x300 [ 496.204704][T11535] do_exit+0x68b/0x2bd0 [ 496.204755][T11535] ? __pfx_do_exit+0x10/0x10 [ 496.204794][T11535] ? do_raw_spin_lock+0x12c/0x2b0 [ 496.204837][T11535] ? find_held_lock+0x2b/0x80 [ 496.204875][T11535] do_group_exit+0xd3/0x2a0 [ 496.204919][T11535] get_signal+0x2673/0x26d0 [ 496.204972][T11535] ? __pfx_get_signal+0x10/0x10 [ 496.205004][T11535] ? do_futex+0x122/0x350 [ 496.205041][T11535] ? __pfx_do_futex+0x10/0x10 [ 496.205081][T11535] arch_do_signal_or_restart+0x8f/0x790 [ 496.205119][T11535] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 496.205170][T11535] ? xfd_validate_state+0x61/0x180 [ 496.205207][T11535] ? __pfx___do_sys_close_range+0x10/0x10 [ 496.205248][T11535] exit_to_user_mode_loop+0x84/0x110 [ 496.205296][T11535] do_syscall_64+0x3f6/0x490 [ 496.205330][T11535] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 496.205360][T11535] RIP: 0033:0x7fc6bef8e9a9 [ 496.205384][T11535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 496.205411][T11535] RSP: 002b:00007fc6bfe7a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 496.205439][T11535] RAX: fffffffffffffe00 RBX: 00007fc6bf1b6088 RCX: 00007fc6bef8e9a9 [ 496.205458][T11535] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fc6bf1b6088 [ 496.205475][T11535] RBP: 00007fc6bf1b6080 R08: 0000000000000000 R09: 0000000000000000 [ 496.205493][T11535] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc6bf1b608c [ 496.205510][T11535] R13: 0000000000000000 R14: 00007ffc22f24e20 R15: 00007ffc22f24f08 [ 496.205548][T11535] [ 497.122318][ T5850] Bluetooth: hci4: command 0x0406 tx timeout [ 497.128479][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 497.134612][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 497.140757][T11542] Bluetooth: hci1: command 0x0c1a tx timeout [ 497.140762][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 497.321487][T11550] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18 [ 497.802333][T11554] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19 [ 498.686872][ T30] audit: type=1800 audit(4294967384.013:28): pid=11581 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1088" name="dummy_udc" dev="gadgetfs" ino=5101 res=0 errno=0 [ 498.876690][T11582] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1087'. [ 502.085487][T11616] Process accounting paused [ 504.676238][T11652] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1104'. [ 504.700420][T11652] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1104'. [ 506.642498][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.648945][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 508.087621][T11694] netlink: 334 bytes leftover after parsing attributes in process `syz.4.1111'. [ 510.721583][T11735] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1118'. [ 513.917330][T11767] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1125'. [ 513.942728][T11767] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1125'. [ 517.118998][T11800] FAULT_INJECTION: forcing a failure. [ 517.118998][T11800] name failslab, interval 1, probability 0, space 0, times 0 [ 517.176668][T11800] CPU: 0 UID: 0 PID: 11800 Comm: syz.1.1132 Tainted: G U 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 517.176721][T11800] Tainted: [U]=USER [ 517.176732][T11800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 517.176748][T11800] Call Trace: [ 517.176758][T11800] [ 517.176770][T11800] dump_stack_lvl+0x16c/0x1f0 [ 517.176808][T11800] should_fail_ex+0x512/0x640 [ 517.176836][T11800] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 517.176874][T11800] should_failslab+0xc2/0x120 [ 517.176909][T11800] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 517.176941][T11800] ? ovs_flow_alloc+0x10e/0x210 [ 517.176992][T11800] ovs_flow_alloc+0x10e/0x210 [ 517.177036][T11800] ovs_packet_cmd_execute+0x536/0x15b0 [ 517.177072][T11800] ? __pfx_ovs_packet_cmd_execute+0x10/0x10 [ 517.177107][T11800] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 517.177149][T11800] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 517.177199][T11800] genl_family_rcv_msg_doit+0x209/0x2f0 [ 517.177242][T11800] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 517.177298][T11800] ? trace_cap_capable+0x18d/0x200 [ 517.177342][T11800] ? bpf_lsm_capable+0x9/0x10 [ 517.177382][T11800] ? security_capable+0x7e/0x260 [ 517.177418][T11800] ? ns_capable+0xd7/0x110 [ 517.177451][T11800] genl_rcv_msg+0x55c/0x800 [ 517.177498][T11800] ? __pfx_genl_rcv_msg+0x10/0x10 [ 517.177539][T11800] ? __pfx_ovs_packet_cmd_execute+0x10/0x10 [ 517.177587][T11800] netlink_rcv_skb+0x158/0x420 [ 517.177623][T11800] ? __pfx_genl_rcv_msg+0x10/0x10 [ 517.177663][T11800] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 517.177716][T11800] ? netlink_deliver_tap+0x1ae/0xd30 [ 517.177755][T11800] genl_rcv+0x28/0x40 [ 517.177791][T11800] netlink_unicast+0x58a/0x850 [ 517.177835][T11800] ? __pfx_netlink_unicast+0x10/0x10 [ 517.177883][T11800] netlink_sendmsg+0x8d1/0xdd0 [ 517.177926][T11800] ? __pfx_netlink_sendmsg+0x10/0x10 [ 517.177976][T11800] ____sys_sendmsg+0xa95/0xc70 [ 517.178017][T11800] ? copy_msghdr_from_user+0x10a/0x160 [ 517.178046][T11800] ? __pfx_____sys_sendmsg+0x10/0x10 [ 517.178091][T11800] ? try_to_wake_up+0xa2f/0x1680 [ 517.178130][T11800] ___sys_sendmsg+0x134/0x1d0 [ 517.178164][T11800] ? __pfx____sys_sendmsg+0x10/0x10 [ 517.178192][T11800] ? __lock_acquire+0x622/0x1c90 [ 517.178291][T11800] __sys_sendmsg+0x16d/0x220 [ 517.178325][T11800] ? __pfx___sys_sendmsg+0x10/0x10 [ 517.178356][T11800] ? __x64_sys_futex+0x1e0/0x4c0 [ 517.178419][T11800] do_syscall_64+0xcd/0x490 [ 517.178454][T11800] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 517.178484][T11800] RIP: 0033:0x7f254cd8e9a9 [ 517.178509][T11800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 517.178534][T11800] RSP: 002b:00007f254db34038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 517.178562][T11800] RAX: ffffffffffffffda RBX: 00007f254cfb5fa0 RCX: 00007f254cd8e9a9 [ 517.178581][T11800] RDX: 000000000000c800 RSI: 0000200000000000 RDI: 0000000000000008 [ 517.178599][T11800] RBP: 00007f254ce10d69 R08: 0000000000000000 R09: 0000000000000000 [ 517.178616][T11800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 517.178633][T11800] R13: 0000000000000000 R14: 00007f254cfb5fa0 R15: 00007ffd9f4a7558 [ 517.178673][T11800] [ 517.713024][T11807] net_ratelimit: 67 callbacks suppressed [ 517.713051][T11807] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 518.442136][T11819] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1135'. [ 519.996873][T11838] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1139'. [ 521.140653][T11850] ima: policy update failed [ 521.149702][ T30] audit: type=1802 audit(4294967406.485:29): pid=11850 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.1142" res=0 errno=0 [ 521.715511][T11854] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1150'. [ 522.562929][T11869] phram: parameter too long [ 522.700638][T11869] sd 0:0:1:0: PR command failed: 1026 [ 522.728868][T11869] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 522.766046][T11869] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 525.445648][T11903] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1161'. [ 531.075808][T11958] netlink: 'syz.3.1162': attribute type 20 has an invalid length. [ 531.083803][T11958] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1162'. [ 531.208499][T11958] IPv6: NLM_F_CREATE should be specified when creating new route [ 531.444450][T11970] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1164'. [ 531.552731][T11970] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1164'. [ 532.037728][ C0] vcan0: j1939_tp_rxtimer: 0xffff88803133a400: rx timeout, send abort [ 532.192670][T11961] Process accounting resumed [ 532.308342][T11984] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1167'. [ 532.523275][T11985] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1168'. [ 532.545811][ C0] vcan0: j1939_tp_rxtimer: 0xffff88803133a400: abort rx timeout. Force session deactivation [ 532.577195][T11985] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1168'. [ 538.111776][T12042] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1180'. [ 538.874598][T12050] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1183'. [ 538.895745][T12050] hub 8-0:1.0: USB hub found [ 538.902460][T12050] hub 8-0:1.0: 1 port detected [ 539.474545][T12056] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1181'. [ 540.191092][T12065] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1184'. [ 540.270479][T12068] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1184'. [ 543.928142][T12109] sp0: Synchronizing with TNC [ 545.371013][T12126] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1196'. [ 548.462296][T12172] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1204'. [ 548.713758][T12178] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1205'. [ 549.812247][T12180] sp0: Synchronizing with TNC [ 550.337461][T12202] HfR: entered promiscuous mode [ 550.517030][T12202] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1210'. [ 550.568379][T12202] HfR: left promiscuous mode [ 550.725738][T12202] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1210'. [ 551.185675][T12208] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1212'. [ 551.236105][T12215] futex_wake_op: syz.4.1214 tries to shift op by -2048; fix this program [ 554.677221][T12258] sp0: Synchronizing with TNC [ 555.454704][T12274] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1226'. [ 555.469884][T12270] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1225'. [ 555.480365][T12270] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1225'. [ 556.120957][T12285] ICMPv6: process `syz.3.1229' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 557.056648][T12301] device-mapper: ioctl: Unable to rename non-existent device,  to uuid T>fUj5SETK!Z,HmTP [ 557.372591][T12305] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 558.433392][T12310] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 558.489741][T12310] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 558.511145][T12310] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 558.565744][T12310] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 558.629718][T12310] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 558.963774][T12331] sp0: Synchronizing with TNC [ 559.473882][T12336] openvswitch: .SR: Dropping previously announced user features [ 559.970332][ T5846] Bluetooth: hci0: command 0x0c1a tx timeout [ 560.535573][ T5846] Bluetooth: hci2: command 0x0c1a tx timeout [ 560.550636][T11542] Bluetooth: hci1: command 0x0c1a tx timeout [ 560.609863][T11542] Bluetooth: hci3: command 0x0c1a tx timeout [ 560.695798][T11542] Bluetooth: hci4: command 0x0406 tx timeout [ 561.090156][T12364] bond0: Unable to set down delay as MII monitoring is disabled [ 561.609584][T12372] netlink: 18 bytes leftover after parsing attributes in process `syz.1.1242'. [ 562.705191][T12383] Process accounting paused [ 563.079617][T12406] FAULT_INJECTION: forcing a failure. [ 563.079617][T12406] name failslab, interval 1, probability 0, space 0, times 0 [ 563.125385][T12406] CPU: 1 UID: 0 PID: 12406 Comm: syz.1.1250 Tainted: G U 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 563.125442][T12406] Tainted: [U]=USER [ 563.125452][T12406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 563.125471][T12406] Call Trace: [ 563.125481][T12406] [ 563.125493][T12406] dump_stack_lvl+0x16c/0x1f0 [ 563.125531][T12406] should_fail_ex+0x512/0x640 [ 563.125562][T12406] ? __kmalloc_noprof+0xbf/0x510 [ 563.125596][T12406] ? lsm_blob_alloc+0x68/0x90 [ 563.125627][T12406] should_failslab+0xc2/0x120 [ 563.125663][T12406] __kmalloc_noprof+0xd2/0x510 [ 563.125704][T12406] lsm_blob_alloc+0x68/0x90 [ 563.125738][T12406] security_sk_alloc+0x30/0x270 [ 563.125779][T12406] sk_prot_alloc+0xfb/0x2a0 [ 563.125825][T12406] sk_alloc+0x36/0xc20 [ 563.125857][T12406] inet6_create+0x381/0x12b0 [ 563.125892][T12406] ? inet6_create+0x7f/0x12b0 [ 563.125928][T12406] __sock_create+0x335/0x8d0 [ 563.125978][T12406] smc_create_clcsk+0x37/0xd0 [ 563.126022][T12406] ? __pfx_smc_inet_init_sock+0x10/0x10 [ 563.126057][T12406] inet6_create+0xb30/0x12b0 [ 563.126093][T12406] ? inet6_create+0x7f/0x12b0 [ 563.126140][T12406] __sock_create+0x335/0x8d0 [ 563.126190][T12406] __sys_socket+0x14d/0x260 [ 563.126231][T12406] ? __pfx___sys_socket+0x10/0x10 [ 563.126272][T12406] ? xfd_validate_state+0x61/0x180 [ 563.126311][T12406] ? __pfx_do_writev+0x10/0x10 [ 563.126364][T12406] __x64_sys_socket+0x72/0xb0 [ 563.126404][T12406] ? lockdep_hardirqs_on+0x7c/0x110 [ 563.126434][T12406] do_syscall_64+0xcd/0x490 [ 563.126470][T12406] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 563.126500][T12406] RIP: 0033:0x7f254cd8e9a9 [ 563.126524][T12406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 563.126553][T12406] RSP: 002b:00007f254db34038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 563.126584][T12406] RAX: ffffffffffffffda RBX: 00007f254cfb5fa0 RCX: 00007f254cd8e9a9 [ 563.126603][T12406] RDX: 0000000000000100 RSI: 0000000000000001 RDI: 000000000000000a [ 563.126620][T12406] RBP: 00007f254ce10d69 R08: 0000000000000000 R09: 0000000000000000 [ 563.126639][T12406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 563.126656][T12406] R13: 0000000000000000 R14: 00007f254cfb5fa0 R15: 00007ffd9f4a7558 [ 563.126696][T12406] [ 563.421357][T12414] sp0: Synchronizing with TNC [ 563.664805][T12418] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 564.501617][T12427] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1255'. [ 564.658473][T12427] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1255'. [ 565.369919][T12441] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1254'. [ 565.495474][T12448] kmem.limit_in_bytes is deprecated and will be removed. Writing any value to this file has no effect. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 567.704468][T12493] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1268'. [ 568.059997][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 568.066461][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 568.145567][T12493] bond0: (slave bond_slave_1): Releasing backup interface [ 569.304204][T12525] svc: failed to register nfsdv3 RPC service (errno 111). [ 569.321297][T12525] svc: failed to register nfsaclv3 RPC service (errno 111). [ 573.959837][T12647] FAULT_INJECTION: forcing a failure. [ 573.959837][T12647] name fail_futex, interval 1, probability 0, space 0, times 0 [ 574.029843][T12647] CPU: 1 UID: 0 PID: 12647 Comm: syz.1.1294 Tainted: G U 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 574.029894][T12647] Tainted: [U]=USER [ 574.029904][T12647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 574.029921][T12647] Call Trace: [ 574.029930][T12647] [ 574.029942][T12647] dump_stack_lvl+0x16c/0x1f0 [ 574.029979][T12647] should_fail_ex+0x512/0x640 [ 574.030012][T12647] get_futex_key+0x1d0/0x1540 [ 574.030050][T12647] ? __pfx_get_futex_key+0x10/0x10 [ 574.030093][T12647] ? __mutex_trylock_common+0xe9/0x250 [ 574.030142][T12647] futex_wake+0xe7/0x4e0 [ 574.030184][T12647] ? __pfx_futex_wake+0x10/0x10 [ 574.030219][T12647] ? __lock_acquire+0xb8a/0x1c90 [ 574.030276][T12647] do_futex+0x1e3/0x350 [ 574.030312][T12647] ? __pfx_do_futex+0x10/0x10 [ 574.030360][T12647] ? __might_fault+0xe3/0x190 [ 574.030399][T12647] mm_release+0x24e/0x300 [ 574.030432][T12647] do_exit+0x68b/0x2bd0 [ 574.030475][T12647] ? __pfx_do_exit+0x10/0x10 [ 574.030511][T12647] ? do_raw_spin_lock+0x12c/0x2b0 [ 574.030552][T12647] ? find_held_lock+0x2b/0x80 [ 574.030587][T12647] do_group_exit+0xd3/0x2a0 [ 574.030627][T12647] get_signal+0x2673/0x26d0 [ 574.030672][T12647] ? __pfx_get_signal+0x10/0x10 [ 574.030702][T12647] ? do_futex+0x122/0x350 [ 574.030736][T12647] ? __pfx_do_futex+0x10/0x10 [ 574.030775][T12647] arch_do_signal_or_restart+0x8f/0x790 [ 574.030810][T12647] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 574.030854][T12647] ? xfd_validate_state+0x61/0x180 [ 574.030891][T12647] ? __pfx_do_writev+0x10/0x10 [ 574.030941][T12647] exit_to_user_mode_loop+0x84/0x110 [ 574.030988][T12647] do_syscall_64+0x3f6/0x490 [ 574.031021][T12647] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 574.031050][T12647] RIP: 0033:0x7f254cd8e9a9 [ 574.031084][T12647] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 574.031112][T12647] RSP: 002b:00007f254db130e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 574.031140][T12647] RAX: fffffffffffffe00 RBX: 00007f254cfb6088 RCX: 00007f254cd8e9a9 [ 574.031159][T12647] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f254cfb6088 [ 574.031176][T12647] RBP: 00007f254cfb6080 R08: 0000000000000000 R09: 0000000000000000 [ 574.031193][T12647] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f254cfb608c [ 574.031210][T12647] R13: 0000000000000000 R14: 00007ffd9f4a7470 R15: 00007ffd9f4a7558 [ 574.031249][T12647] [ 576.485404][T12696] input: jJǸ-9%vJ86 as /devices/virtual/input/input21 [ 577.753387][T12698] FAULT_INJECTION: forcing a failure. [ 577.753387][T12698] name failslab, interval 1, probability 0, space 0, times 0 [ 577.817517][T12698] CPU: 1 UID: 0 PID: 12698 Comm: syz.1.1302 Tainted: G U 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 577.817572][T12698] Tainted: [U]=USER [ 577.817583][T12698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 577.817600][T12698] Call Trace: [ 577.817610][T12698] [ 577.817621][T12698] dump_stack_lvl+0x16c/0x1f0 [ 577.817659][T12698] should_fail_ex+0x512/0x640 [ 577.817688][T12698] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 577.817725][T12698] should_failslab+0xc2/0x120 [ 577.817761][T12698] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 577.817793][T12698] ? __kernfs_new_node+0xd2/0x8e0 [ 577.817847][T12698] __kernfs_new_node+0xd2/0x8e0 [ 577.817901][T12698] ? __pfx___kernfs_new_node+0x10/0x10 [ 577.817972][T12698] ? find_held_lock+0x2b/0x80 [ 577.818005][T12698] ? kernfs_root+0xee/0x2a0 [ 577.818040][T12698] kernfs_new_node+0x13c/0x1e0 [ 577.818082][T12698] __kernfs_create_file+0x53/0x350 [ 577.818125][T12698] sysfs_add_file_mode_ns+0x207/0x3c0 [ 577.818182][T12698] internal_create_group+0x578/0xf30 [ 577.818235][T12698] ? __pfx_internal_create_group+0x10/0x10 [ 577.818271][T12698] ? kernfs_create_link+0x1bd/0x240 [ 577.818318][T12698] internal_create_groups+0x9d/0x150 [ 577.818351][T12698] device_add+0xf30/0x1a70 [ 577.818396][T12698] ? __pfx_device_add+0x10/0x10 [ 577.818435][T12698] ? lockdep_init_map_type+0x5c/0x280 [ 577.818485][T12698] ? __init_waitqueue_head+0xca/0x150 [ 577.818524][T12698] netdev_register_kobject+0x182/0x3a0 [ 577.818570][T12698] register_netdevice+0x13dc/0x2270 [ 577.818616][T12698] ? __pfx_register_netdevice+0x10/0x10 [ 577.818654][T12698] ? net_generic+0xea/0x2a0 [ 577.818690][T12698] register_netdev+0x34/0x50 [ 577.818718][T12698] ip6_tnl_init_net+0x2c7/0x4d0 [ 577.818749][T12698] ? __pfx_ip6_tnl_init_net+0x10/0x10 [ 577.818781][T12698] ops_init+0x1df/0x5f0 [ 577.818820][T12698] setup_net+0x1ff/0x510 [ 577.818852][T12698] ? lockdep_init_map_type+0x5c/0x280 [ 577.818894][T12698] ? __pfx_setup_net+0x10/0x10 [ 577.818940][T12698] ? debug_mutex_init+0x37/0x70 [ 577.818977][T12698] copy_net_ns+0x2a6/0x5f0 [ 577.819020][T12698] create_new_namespaces+0x3ea/0xa90 [ 577.819065][T12698] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 577.819105][T12698] ksys_unshare+0x45b/0xa40 [ 577.819147][T12698] ? __pfx_ksys_unshare+0x10/0x10 [ 577.819190][T12698] ? xfd_validate_state+0x61/0x180 [ 577.819242][T12698] __x64_sys_unshare+0x31/0x40 [ 577.819280][T12698] do_syscall_64+0xcd/0x490 [ 577.819316][T12698] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 577.819347][T12698] RIP: 0033:0x7f254cd8e9a9 [ 577.819372][T12698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 577.819401][T12698] RSP: 002b:00007f254db34038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 577.819431][T12698] RAX: ffffffffffffffda RBX: 00007f254cfb5fa0 RCX: 00007f254cd8e9a9 [ 577.819450][T12698] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 577.819468][T12698] RBP: 00007f254ce10d69 R08: 0000000000000000 R09: 0000000000000000 [ 577.819486][T12698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 577.819503][T12698] R13: 0000000000000000 R14: 00007f254cfb5fa0 R15: 00007ffd9f4a7558 [ 577.819543][T12698] [ 578.753891][T12733] Process accounting resumed [ 579.170495][ T30] audit: type=1804 audit(4294967306.504:30): pid=12737 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1307" name="/newroot/326/file0" dev="tmpfs" ino=1783 res=1 errno=0 [ 580.160769][T12763] FAULT_INJECTION: forcing a failure. [ 580.160769][T12763] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 580.240761][T12763] CPU: 1 UID: 0 PID: 12763 Comm: syz.4.1314 Tainted: G U 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 580.240815][T12763] Tainted: [U]=USER [ 580.240825][T12763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 580.240844][T12763] Call Trace: [ 580.240854][T12763] [ 580.240866][T12763] dump_stack_lvl+0x16c/0x1f0 [ 580.240905][T12763] should_fail_ex+0x512/0x640 [ 580.240943][T12763] should_fail_alloc_page+0xe7/0x130 [ 580.240982][T12763] prepare_alloc_pages+0x3c2/0x610 [ 580.241040][T12763] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 580.241072][T12763] ? bio_kmalloc+0x41/0x70 [ 580.241102][T12763] ? kasan_save_stack+0x33/0x60 [ 580.241130][T12763] ? kasan_save_track+0x14/0x30 [ 580.241159][T12763] ? __kasan_kmalloc+0xaa/0xb0 [ 580.241186][T12763] ? __kmalloc_noprof+0x223/0x510 [ 580.241214][T12763] ? bio_kmalloc+0x41/0x70 [ 580.241242][T12763] ? blk_rq_map_kern+0x387/0x6d0 [ 580.241279][T12763] ? scsi_execute_cmd+0xbd9/0xef0 [ 580.241313][T12763] ? sd_pr_out_command.isra.0+0x26e/0x3d0 [ 580.241354][T12763] ? blkdev_pr_preempt+0x2a9/0x310 [ 580.241393][T12763] ? blkdev_common_ioctl+0x8d1/0x2480 [ 580.241432][T12763] ? blkdev_ioctl+0x1cb/0x6d0 [ 580.241470][T12763] ? __x64_sys_ioctl+0x18e/0x210 [ 580.241509][T12763] ? do_syscall_64+0xcd/0x490 [ 580.241538][T12763] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 580.241575][T12763] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 580.241633][T12763] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 580.241684][T12763] ? policy_nodemask+0xea/0x4e0 [ 580.241724][T12763] alloc_pages_mpol+0x1fb/0x550 [ 580.241761][T12763] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 580.241796][T12763] ? __kmalloc_noprof+0x242/0x510 [ 580.241825][T12763] ? __pfx___debug_object_init+0x10/0x10 [ 580.241865][T12763] ? __pfx_is_bpf_text_address+0x1/0x10 [ 580.241913][T12763] alloc_pages_noprof+0x131/0x390 [ 580.241950][T12763] blk_rq_map_kern+0x403/0x6d0 [ 580.242002][T12763] scsi_execute_cmd+0xbd9/0xef0 [ 580.242052][T12763] ? stack_trace_save+0x8e/0xc0 [ 580.242087][T12763] ? __pfx_stack_trace_save+0x10/0x10 [ 580.242128][T12763] ? __lock_acquire+0xb8a/0x1c90 [ 580.242171][T12763] ? __pfx_scsi_execute_cmd+0x10/0x10 [ 580.242212][T12763] ? kasan_save_stack+0x42/0x60 [ 580.242240][T12763] ? kasan_save_stack+0x33/0x60 [ 580.242268][T12763] ? kasan_save_track+0x14/0x30 [ 580.242296][T12763] ? kasan_save_free_info+0x3b/0x60 [ 580.242345][T12763] sd_pr_out_command.isra.0+0x26e/0x3d0 [ 580.242401][T12763] ? __pfx_sd_pr_out_command.isra.0+0x10/0x10 [ 580.242445][T12763] ? __lock_acquire+0xb8a/0x1c90 [ 580.242514][T12763] ? find_held_lock+0x2b/0x80 [ 580.242543][T12763] ? __might_fault+0xe3/0x190 [ 580.242573][T12763] ? __might_fault+0x13b/0x190 [ 580.242609][T12763] ? block_pr_type_to_scsi+0x62/0x80 [ 580.242651][T12763] blkdev_pr_preempt+0x2a9/0x310 [ 580.242696][T12763] ? __pfx_blkdev_pr_preempt+0x10/0x10 [ 580.242755][T12763] blkdev_common_ioctl+0x8d1/0x2480 [ 580.242795][T12763] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 580.242839][T12763] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 580.242886][T12763] ? __pfx_blkdev_common_ioctl+0x10/0x10 [ 580.242931][T12763] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 580.242998][T12763] ? find_held_lock+0x2b/0x80 [ 580.243046][T12763] blkdev_ioctl+0x1cb/0x6d0 [ 580.243096][T12763] ? __pfx_blkdev_ioctl+0x10/0x10 [ 580.243146][T12763] ? __pfx_blkdev_ioctl+0x10/0x10 [ 580.243192][T12763] __x64_sys_ioctl+0x18e/0x210 [ 580.243238][T12763] do_syscall_64+0xcd/0x490 [ 580.243272][T12763] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 580.243302][T12763] RIP: 0033:0x7f2cee18e9a9 [ 580.243329][T12763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 580.243359][T12763] RSP: 002b:00007f2cef0c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 580.243389][T12763] RAX: ffffffffffffffda RBX: 00007f2cee3b5fa0 RCX: 00007f2cee18e9a9 [ 580.243411][T12763] RDX: 0000000000000007 RSI: 00000000401870cb RDI: 0000000000000007 [ 580.243429][T12763] RBP: 00007f2cee210d69 R08: 0000000000000000 R09: 0000000000000000 [ 580.243448][T12763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 580.243466][T12763] R13: 0000000000000000 R14: 00007f2cee3b5fa0 R15: 00007fff29359468 [ 580.243506][T12763] [ 582.357288][T12804] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1324'. [ 582.521891][T12802] netlink: 326 bytes leftover after parsing attributes in process `syz.1.1322'. [ 583.004411][T12813] vivid-003: ================= START STATUS ================= [ 583.054458][T12813] vivid-003: Radio HW Seek Mode: Bounded [ 583.070340][T12813] vivid-003: Radio Programmable HW Seek: false [ 583.085848][T12813] vivid-003: RDS Rx I/O Mode: Block I/O [ 583.094150][T12813] vivid-003: Generate RBDS Instead of RDS: false [ 583.103418][T12813] vivid-003: RDS Reception: true [ 583.116848][T12813] vivid-003: RDS Program Type: 0 inactive [ 583.142159][T12813] vivid-003: RDS PS Name: inactive [ 583.157376][T12813] vivid-003: RDS Radio Text: inactive [ 583.163245][T12813] vivid-003: RDS Traffic Announcement: false inactive [ 583.234526][T12813] vivid-003: RDS Traffic Program: false inactive [ 583.421076][T12813] vivid-003: RDS Music: false inactive [ 583.466990][T12813] vivid-003: ================== END STATUS ================== [ 583.939400][T12832] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input22 [ 584.790699][T12836] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23 [ 585.824131][T12873] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1339'. [ 585.843935][T12873] ipvlan1: entered allmulticast mode [ 585.902642][T12873] veth0_vlan: entered allmulticast mode [ 585.985996][T12873] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1339'. [ 588.828998][T12925] sp0: Synchronizing with TNC [ 591.350500][T12952] sp0: Synchronizing with TNC [ 593.941080][T12969] Process accounting resumed [ 594.045895][T12980] netlink: 'syz.0.1360': attribute type 16 has an invalid length. [ 594.056260][T12980] netlink: 326 bytes leftover after parsing attributes in process `syz.0.1360'. [ 594.484357][T12984] zswap: compressor not available [ 594.910097][T12999] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1364'. [ 596.501998][T13017] Ignoring unsupported numa_zonelist_order value: [ 596.501998][T13017] [ 596.875280][T13018] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 596.885076][T13018] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 601.091704][T13073] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1379'. [ 601.169247][T13073] ipvlan1: entered allmulticast mode [ 601.213791][T13073] veth0_vlan: entered allmulticast mode [ 601.238770][T13071] sp0: Synchronizing with TNC [ 601.385990][T13073] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1379'. [ 606.296397][T13153] qrtr: Invalid version 5 [ 606.379471][T13141] sp0: Synchronizing with TNC [ 611.062767][T13182] vivid-003: ================= START STATUS ================= [ 611.072900][T13182] vivid-003: Radio HW Seek Mode: Bounded [ 611.078796][T13182] vivid-003: Radio Programmable HW Seek: false [ 611.086344][T13182] vivid-003: RDS Rx I/O Mode: Block I/O [ 611.091935][T13182] vivid-003: Generate RBDS Instead of RDS: false [ 611.099159][T13182] vivid-003: RDS Reception: true [ 611.104131][T13182] vivid-003: RDS Program Type: 0 inactive [ 611.112642][T13182] vivid-003: RDS PS Name: inactive [ 611.120943][T13182] vivid-003: RDS Radio Text: inactive [ 611.133537][T13182] vivid-003: RDS Traffic Announcement: false inactive [ 611.153637][T13182] vivid-003: RDS Traffic Program: false inactive [ 611.183984][T13182] vivid-003: RDS Music: false inactive [ 611.192918][T13182] vivid-003: ================== END STATUS ================== [ 612.021869][T13188] FAULT_INJECTION: forcing a failure. [ 612.021869][T13188] name failslab, interval 1, probability 0, space 0, times 0 [ 612.035229][T13188] CPU: 1 UID: 0 PID: 13188 Comm: syz.0.1401 Tainted: G U 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 612.035260][T13188] Tainted: [U]=USER [ 612.035266][T13188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 612.035277][T13188] Call Trace: [ 612.035283][T13188] [ 612.035289][T13188] dump_stack_lvl+0x16c/0x1f0 [ 612.035313][T13188] should_fail_ex+0x512/0x640 [ 612.035331][T13188] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 612.035361][T13188] should_failslab+0xc2/0x120 [ 612.035382][T13188] __kmalloc_cache_noprof+0x6a/0x3e0 [ 612.035410][T13188] ? nexthop_net_init+0x73/0x140 [ 612.035430][T13188] ? __pfx_nexthop_net_init+0x10/0x10 [ 612.035449][T13188] nexthop_net_init+0x73/0x140 [ 612.035466][T13188] ? tcf_net_init+0x55/0x150 [ 612.035484][T13188] ops_init+0x1df/0x5f0 [ 612.035507][T13188] setup_net+0x1ff/0x510 [ 612.035533][T13188] ? lockdep_init_map_type+0x5c/0x280 [ 612.035559][T13188] ? __pfx_setup_net+0x10/0x10 [ 612.035581][T13188] ? debug_mutex_init+0x37/0x70 [ 612.035602][T13188] copy_net_ns+0x2a6/0x5f0 [ 612.035628][T13188] create_new_namespaces+0x3ea/0xa90 [ 612.035654][T13188] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 612.035677][T13188] ksys_unshare+0x45b/0xa40 [ 612.035702][T13188] ? __pfx_ksys_unshare+0x10/0x10 [ 612.035727][T13188] ? xfd_validate_state+0x61/0x180 [ 612.035759][T13188] __x64_sys_unshare+0x31/0x40 [ 612.035783][T13188] do_syscall_64+0xcd/0x490 [ 612.035803][T13188] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 612.035821][T13188] RIP: 0033:0x7fc6bef8e9a9 [ 612.035837][T13188] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 612.035855][T13188] RSP: 002b:00007fc6bfe9b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 612.035872][T13188] RAX: ffffffffffffffda RBX: 00007fc6bf1b5fa0 RCX: 00007fc6bef8e9a9 [ 612.035884][T13188] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 612.035894][T13188] RBP: 00007fc6bf010d69 R08: 0000000000000000 R09: 0000000000000000 [ 612.035905][T13188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 612.035915][T13188] R13: 0000000000000000 R14: 00007fc6bf1b5fa0 R15: 00007ffc22f24f08 [ 612.035937][T13188] [ 612.965647][T13166] Process accounting paused [ 614.300745][T13223] random: crng reseeded on system resumption [ 614.777661][T13240] netlink: 'syz.4.1406': attribute type 64 has an invalid length. [ 614.798039][T13240] netlink: 74 bytes leftover after parsing attributes in process `syz.4.1406'. [ 616.696553][T13276] FAULT_INJECTION: forcing a failure. [ 616.696553][T13276] name failslab, interval 1, probability 0, space 0, times 0 [ 616.718352][T13279] openvswitch: netlink: Tunnel attr 7 has unexpected len 5556 expected 0 [ 616.721787][T13276] CPU: 0 UID: 0 PID: 13276 Comm: syz.4.1414 Tainted: G U 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 616.721832][T13276] Tainted: [U]=USER [ 616.721841][T13276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 616.721857][T13276] Call Trace: [ 616.721866][T13276] [ 616.721877][T13276] dump_stack_lvl+0x16c/0x1f0 [ 616.721910][T13276] should_fail_ex+0x512/0x640 [ 616.721937][T13276] ? __kmalloc_noprof+0xbf/0x510 [ 616.721966][T13276] ? realloc_user_queue+0x270/0x310 [ 616.721999][T13276] should_failslab+0xc2/0x120 [ 616.722030][T13276] __kmalloc_noprof+0xd2/0x510 [ 616.722065][T13276] realloc_user_queue+0x270/0x310 [ 616.722100][T13276] ? __pfx_snd_timer_user_open+0x10/0x10 [ 616.722136][T13276] snd_timer_user_open+0xfc/0x180 [ 616.722179][T13276] snd_open+0x1fe/0x450 [ 616.722210][T13276] ? __pfx_snd_open+0x10/0x10 [ 616.722244][T13276] chrdev_open+0x231/0x6a0 [ 616.722280][T13276] ? __pfx_apparmor_file_open+0x10/0x10 [ 616.722318][T13276] ? __pfx_chrdev_open+0x10/0x10 [ 616.722349][T13276] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 616.722395][T13276] do_dentry_open+0x744/0x1c10 [ 616.722424][T13276] ? __pfx_chrdev_open+0x10/0x10 [ 616.722460][T13276] vfs_open+0x82/0x3f0 [ 616.722498][T13276] path_openat+0x1de4/0x2cb0 [ 616.722538][T13276] ? __pfx_path_openat+0x10/0x10 [ 616.722567][T13276] ? __lock_acquire+0xb8a/0x1c90 [ 616.722608][T13276] do_filp_open+0x20b/0x470 [ 616.722634][T13276] ? __pfx_do_filp_open+0x10/0x10 [ 616.722692][T13276] ? alloc_fd+0x471/0x7d0 [ 616.722750][T13276] do_sys_openat2+0x11b/0x1d0 [ 616.722784][T13276] ? __pfx_do_sys_openat2+0x10/0x10 [ 616.722835][T13276] __x64_sys_openat+0x174/0x210 [ 616.722870][T13276] ? __pfx___x64_sys_openat+0x10/0x10 [ 616.722922][T13276] do_syscall_64+0xcd/0x490 [ 616.722953][T13276] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 616.722980][T13276] RIP: 0033:0x7f2cee18e9a9 [ 616.723002][T13276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 616.723029][T13276] RSP: 002b:00007f2cef0c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 616.723055][T13276] RAX: ffffffffffffffda RBX: 00007f2cee3b5fa0 RCX: 00007f2cee18e9a9 [ 616.723073][T13276] RDX: 0000000000101440 RSI: 0000200000001cc0 RDI: ffffffffffffff9c [ 616.723090][T13276] RBP: 00007f2cee210d69 R08: 0000000000000000 R09: 0000000000000000 [ 616.723107][T13276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 616.723123][T13276] R13: 0000000000000000 R14: 00007f2cee3b5fa0 R15: 00007fff29359468 [ 616.723157][T13276] [ 617.595524][T13301] FAULT_INJECTION: forcing a failure. [ 617.595524][T13301] name failslab, interval 1, probability 0, space 0, times 0 [ 617.608272][T13301] CPU: 1 UID: 0 PID: 13301 Comm: syz.0.1420 Tainted: G U 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 617.608304][T13301] Tainted: [U]=USER [ 617.608310][T13301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 617.608321][T13301] Call Trace: [ 617.608328][T13301] [ 617.608336][T13301] dump_stack_lvl+0x16c/0x1f0 [ 617.608360][T13301] should_fail_ex+0x512/0x640 [ 617.608378][T13301] ? __kmalloc_noprof+0xbf/0x510 [ 617.608399][T13301] ? net_alloc_generic+0x1e/0x70 [ 617.608419][T13301] should_failslab+0xc2/0x120 [ 617.608440][T13301] __kmalloc_noprof+0xd2/0x510 [ 617.608457][T13301] ? inc_ucount+0x240/0x2f0 [ 617.608485][T13301] net_alloc_generic+0x1e/0x70 [ 617.608507][T13301] copy_net_ns+0xc6/0x5f0 [ 617.608529][T13301] ? copy_cgroup_ns+0x71/0x700 [ 617.608552][T13301] create_new_namespaces+0x3ea/0xa90 [ 617.608578][T13301] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 617.608601][T13301] ksys_unshare+0x45b/0xa40 [ 617.608626][T13301] ? __pfx_ksys_unshare+0x10/0x10 [ 617.608652][T13301] ? xfd_validate_state+0x61/0x180 [ 617.608696][T13301] __x64_sys_unshare+0x31/0x40 [ 617.608721][T13301] do_syscall_64+0xcd/0x490 [ 617.608742][T13301] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 617.608761][T13301] RIP: 0033:0x7fc6bef8e9a9 [ 617.608777][T13301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 617.608795][T13301] RSP: 002b:00007fc6bfe9b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 617.608812][T13301] RAX: ffffffffffffffda RBX: 00007fc6bf1b5fa0 RCX: 00007fc6bef8e9a9 [ 617.608824][T13301] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 617.608834][T13301] RBP: 00007fc6bf010d69 R08: 0000000000000000 R09: 0000000000000000 [ 617.608845][T13301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 617.608855][T13301] R13: 0000000000000000 R14: 00007fc6bf1b5fa0 R15: 00007ffc22f24f08 [ 617.608877][T13301] [ 618.571871][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 619.328058][ C1] vcan0: j1939_tp_rxtimer: 0xffff88802ab4c000: rx timeout, send abort [ 619.836271][ C1] vcan0: j1939_tp_rxtimer: 0xffff88802ab4c000: abort rx timeout. Force session deactivation [ 621.560926][T13346] usb usb37: usbfs: process 13346 (syz.0.1428) did not claim interface 0 before use [ 621.580062][T13346] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 621.764272][T13351] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24 [ 622.635504][T13357] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1430'. [ 624.094301][T13391] aoe: can't write to that file. [ 624.382186][T13383] Process accounting paused [ 625.146948][T13407] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 629.439362][T13496] FAULT_INJECTION: forcing a failure. [ 629.439362][T13496] name failslab, interval 1, probability 0, space 0, times 0 [ 629.474194][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 629.506161][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 629.516571][ T9848] sl0: compressed packet ignored [ 629.526968][T13496] CPU: 0 UID: 0 PID: 13496 Comm: syz.1.1458 Tainted: G U 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 629.527003][T13496] Tainted: [U]=USER [ 629.527009][T13496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 629.527020][T13496] Call Trace: [ 629.527026][T13496] [ 629.527034][T13496] dump_stack_lvl+0x16c/0x1f0 [ 629.527058][T13496] should_fail_ex+0x512/0x640 [ 629.527077][T13496] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 629.527108][T13496] should_failslab+0xc2/0x120 [ 629.527130][T13496] __kmalloc_cache_noprof+0x6a/0x3e0 [ 629.527157][T13496] ? __pfx_ndisc_net_init+0x10/0x10 [ 629.527183][T13496] ? ipv6_inetpeer_init+0x3f/0xb0 [ 629.527201][T13496] ? __pfx_ipv6_inetpeer_init+0x10/0x10 [ 629.527219][T13496] ipv6_inetpeer_init+0x3f/0xb0 [ 629.527235][T13496] ops_init+0x1df/0x5f0 [ 629.527259][T13496] setup_net+0x1ff/0x510 [ 629.527278][T13496] ? lockdep_init_map_type+0x5c/0x280 [ 629.527315][T13496] ? __pfx_setup_net+0x10/0x10 [ 629.527339][T13496] ? debug_mutex_init+0x37/0x70 [ 629.527360][T13496] copy_net_ns+0x2a6/0x5f0 [ 629.527386][T13496] create_new_namespaces+0x3ea/0xa90 [ 629.527414][T13496] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 629.527438][T13496] ksys_unshare+0x45b/0xa40 [ 629.527463][T13496] ? __pfx_ksys_unshare+0x10/0x10 [ 629.527490][T13496] ? syscall_user_dispatch+0x78/0x140 [ 629.527524][T13496] __x64_sys_unshare+0x31/0x40 [ 629.527548][T13496] do_syscall_64+0xcd/0x490 [ 629.527569][T13496] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 629.527587][T13496] RIP: 0033:0x7f254cd8e9a9 [ 629.527603][T13496] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 629.527621][T13496] RSP: 002b:00007f254db34038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 629.527639][T13496] RAX: ffffffffffffffda RBX: 00007f254cfb5fa0 RCX: 00007f254cd8e9a9 [ 629.527651][T13496] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 629.527661][T13496] RBP: 00007f254ce10d69 R08: 0000000000000000 R09: 0000000000000000 [ 629.527672][T13496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 629.527682][T13496] R13: 0000000000000000 R14: 00007f254cfb5fa0 R15: 00007ffd9f4a7558 [ 629.527704][T13496] [ 631.242751][T13500] tty tty23: ldisc open failed (-12), clearing slot 22 [ 631.281692][T13501] ttyS ttyS2: ldisc open failed (-12), clearing slot 2 [ 631.316163][T13504] tty tty17: ldisc open failed (-12), clearing slot 16 [ 632.334620][T13529] program syz.3.1464 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 638.533688][T13636] ICMPv6: process `syz.0.1482' is using deprecated sysctl (syscall) net.ipv6.neigh.erspan0.retrans_time - use net.ipv6.neigh.erspan0.retrans_time_ms instead [ 641.649864][T13654] sctp: [Deprecated]: syz.4.1484 (pid 13654) Use of struct sctp_assoc_value in delayed_ack socket option. [ 641.649864][T13654] Use struct sctp_sack_info instead [ 643.411459][T13681] netlink: 'syz.0.1493': attribute type 11 has an invalid length. [ 643.757009][T13612] Process accounting resumed [ 643.978908][T13694] binder: BINDER_SET_CONTEXT_MGR already set [ 643.985247][T13694] binder: 13692:13694 ioctl 40046207 0 returned -16 [ 644.536620][T13711] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT [ 647.298165][T13749] netlink: 206 bytes leftover after parsing attributes in process `syz.0.1494'. [ 647.332134][T13749] netlink: 206 bytes leftover after parsing attributes in process `syz.0.1494'. [ 647.372511][T13749] netlink: 206 bytes leftover after parsing attributes in process `syz.0.1494'. [ 647.385942][T13749] netlink: 206 bytes leftover after parsing attributes in process `syz.0.1494'. [ 647.395367][T13749] netlink: 206 bytes leftover after parsing attributes in process `syz.0.1494'. [ 647.404773][T13749] netlink: 206 bytes leftover after parsing attributes in process `syz.0.1494'. [ 647.414123][T13749] netlink: 206 bytes leftover after parsing attributes in process `syz.0.1494'. [ 647.424350][T13749] netlink: 206 bytes leftover after parsing attributes in process `syz.0.1494'. [ 647.433917][T13749] netlink: 206 bytes leftover after parsing attributes in process `syz.0.1494'. [ 647.443349][T13749] netlink: 206 bytes leftover after parsing attributes in process `syz.0.1494'. [ 647.753866][T13752] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 647.999194][T13774] ceph: Failed to parse sending metrics switch value 'P^' [ 650.215429][T13796] usb usb8: usbfs: interface 0 claimed by hub while 'syz.0.1504' sets config #0 [ 650.557550][T13800] blktrace: Concurrent blktraces are not allowed on loop2 [ 650.701225][T13789] binder: 13788:13789 ioctl c0306201 0 returned -14 [ 652.079963][T13830] syz.4.1511 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 652.364332][ T5846] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 652.414672][ T5846] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 652.444102][ T5846] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 652.464150][ T5846] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 652.484047][ T5846] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 652.627908][T13836] blktrace: Concurrent blktraces are not allowed on loop2 [ 652.777338][T13837] mkiss: ax0: crc mode is auto. [ 653.311379][T13853] vhci_hcd: invalid port number 23 [ 653.319108][T13853] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub. [ 653.676162][ T9829] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 654.229998][ T9829] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 654.427856][T13868] Process accounting resumed [ 654.457512][ T9829] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 654.563407][ T5846] Bluetooth: hci1: command tx timeout [ 654.968745][ T9829] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 655.804634][T13832] chnl_net:caif_netlink_parms(): no params data found [ 656.643278][ T5846] Bluetooth: hci1: command tx timeout [ 657.470217][ T9829] bridge_slave_1: left allmulticast mode [ 657.495941][ T9829] bridge_slave_1: left promiscuous mode [ 657.522811][ T9829] bridge0: port 2(bridge_slave_1) entered disabled state [ 657.604384][ T9829] bridge_slave_0: left allmulticast mode [ 657.620377][ T9829] bridge_slave_0: left promiscuous mode [ 657.634552][ T9829] bridge0: port 1(bridge_slave_0) entered disabled state [ 658.733195][ T5846] Bluetooth: hci1: command tx timeout [ 658.748819][ T9829] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 658.763762][ T9829] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 658.785488][ T9829] bond0 (unregistering): Released all slaves [ 658.825732][T13832] bridge0: port 1(bridge_slave_0) entered blocking state [ 658.832839][T13832] bridge0: port 1(bridge_slave_0) entered disabled state [ 658.854434][T13832] bridge_slave_0: entered allmulticast mode [ 658.866302][T13832] bridge_slave_0: entered promiscuous mode [ 658.928771][ T9829] .SR: left promiscuous mode [ 659.010988][T13832] bridge0: port 2(bridge_slave_1) entered blocking state [ 659.024288][T13832] bridge0: port 2(bridge_slave_1) entered disabled state [ 659.045802][T13832] bridge_slave_1: entered allmulticast mode [ 659.071383][T13832] bridge_slave_1: entered promiscuous mode [ 659.656139][T13832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 659.728566][T13832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 660.244154][T13832] team0: Port device team_slave_0 added [ 660.403007][T13832] team0: Port device team_slave_1 added [ 660.411382][T13953] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input26 [ 660.820565][ T5846] Bluetooth: hci1: command tx timeout [ 660.963806][T13832] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 660.970830][T13832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 661.050061][T13832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 661.214290][T13832] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 661.231678][T13832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 661.299685][T13832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 661.836206][T13832] hsr_slave_0: entered promiscuous mode [ 661.844200][T13832] hsr_slave_1: entered promiscuous mode [ 661.851102][T13832] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 661.860833][T13832] Cannot create hsr debugfs directory [ 661.869675][T13974] __nla_validate_parse: 55 callbacks suppressed [ 661.869697][T13974] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1537'. [ 662.494390][T13985] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 663.139921][T13996] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input27 [ 665.306131][ T9829] hsr_slave_1: left promiscuous mode [ 665.322060][ T9829] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 665.344680][ T9829] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 665.364701][ T9829] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 665.382467][ T9829] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 665.427953][ T9829] veth0_macvtap: left promiscuous mode [ 665.440499][ T9829] veth1_vlan: left promiscuous mode [ 665.453651][ T9829] veth0_vlan: left promiscuous mode [ 665.595351][T14024] vhci_hcd: invalid port number 16 [ 665.600679][T14024] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 666.717798][ T9829] team0 (unregistering): Port device team_slave_0 removed [ 667.559963][T13832] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 667.614455][T13832] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 667.714630][T13832] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 667.870958][T13832] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 668.428823][T14052] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 668.986849][T13832] 8021q: adding VLAN 0 to HW filter on device bond0 [ 669.089972][T13832] 8021q: adding VLAN 0 to HW filter on device team0 [ 669.281656][ T9824] bridge0: port 1(bridge_slave_0) entered blocking state [ 669.288950][ T9824] bridge0: port 1(bridge_slave_0) entered forwarding state [ 669.499820][ T9824] bridge0: port 2(bridge_slave_1) entered blocking state [ 669.507032][ T9824] bridge0: port 2(bridge_slave_1) entered forwarding state [ 669.812778][T13832] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 671.971505][T13832] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 673.698855][T13832] veth0_vlan: entered promiscuous mode [ 673.801644][T13832] veth1_vlan: entered promiscuous mode [ 674.178323][T13832] veth0_macvtap: entered promiscuous mode [ 674.307447][T13832] veth1_macvtap: entered promiscuous mode [ 674.557428][T13832] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 674.754432][T13832] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 674.785520][T13832] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 674.832967][T13832] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 674.866021][T13832] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 674.932009][T13832] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 676.358644][ T9837] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 676.435185][ T9837] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 676.821840][ T9848] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 676.903596][ T9848] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 682.735739][T14275] openvswitch: netlink: Duplicate key (type 15). [ 685.162916][T14308] Process accounting paused [ 685.453418][T14320] svc: failed to register nfsdv3 RPC service (errno 111). [ 685.462369][T14320] svc: failed to register nfsaclv3 RPC service (errno 111). [ 685.518588][T14325] vhci_hcd: invalid port number 16 [ 685.550936][T14325] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 686.105146][T14337] Invalid ELF header magic: != ELF [ 688.873117][ T30] audit: type=1800 audit(4294967467.015:31): pid=14377 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1591" name="dbroot" dev="configfs" ino=46827 res=0 errno=0 [ 690.888627][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 690.895117][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 691.245387][T14404] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1598'. [ 696.922056][T14474] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1606'. [ 697.205546][T14492] FAULT_INJECTION: forcing a failure. [ 697.205546][T14492] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 697.285511][T14492] CPU: 1 UID: 0 PID: 14492 Comm: syz.0.1612 Tainted: G U 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 697.285563][T14492] Tainted: [U]=USER [ 697.285573][T14492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 697.285591][T14492] Call Trace: [ 697.285602][T14492] [ 697.285613][T14492] dump_stack_lvl+0x16c/0x1f0 [ 697.285650][T14492] should_fail_ex+0x512/0x640 [ 697.285689][T14492] should_fail_alloc_page+0xe7/0x130 [ 697.285747][T14492] prepare_alloc_pages+0x3c2/0x610 [ 697.285796][T14492] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 697.285832][T14492] ? __lock_acquire+0xb8a/0x1c90 [ 697.285891][T14492] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 697.285923][T14492] ? do_raw_spin_lock+0x12c/0x2b0 [ 697.285968][T14492] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 697.286022][T14492] ? find_held_lock+0x2b/0x80 [ 697.286065][T14492] ? __lock_acquire+0xb8a/0x1c90 [ 697.286104][T14492] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 697.286147][T14492] ? policy_nodemask+0xea/0x4e0 [ 697.286184][T14492] alloc_pages_mpol+0x1fb/0x550 [ 697.286216][T14492] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 697.286261][T14492] folio_alloc_mpol_noprof+0x36/0x2f0 [ 697.286301][T14492] shmem_alloc_folio+0x135/0x160 [ 697.286343][T14492] shmem_alloc_and_add_folio+0x499/0xc20 [ 697.286398][T14492] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 697.286450][T14492] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 697.286486][T14492] shmem_get_folio_gfp+0x67f/0x1600 [ 697.286529][T14492] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 697.286559][T14492] ? __pfx___might_resched+0x10/0x10 [ 697.286597][T14492] shmem_fallocate+0x795/0xf50 [ 697.286643][T14492] ? __pfx_shmem_fallocate+0x10/0x10 [ 697.286668][T14492] ? aa_file_perm+0x4d6/0xfb0 [ 697.286707][T14492] ? __lock_acquire+0xb8a/0x1c90 [ 697.286749][T14492] ? __lock_acquire+0x622/0x1c90 [ 697.286811][T14492] ? __pfx_shmem_fallocate+0x10/0x10 [ 697.286840][T14492] vfs_fallocate+0x608/0x10c0 [ 697.286875][T14492] ? __pfx_vfs_fallocate+0x10/0x10 [ 697.286916][T14492] __x64_sys_fallocate+0xd5/0x150 [ 697.286952][T14492] do_syscall_64+0xcd/0x490 [ 697.287000][T14492] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 697.287029][T14492] RIP: 0033:0x7fc6bef8e9a9 [ 697.287054][T14492] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 697.287079][T14492] RSP: 002b:00007fc6bfe59038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 697.287105][T14492] RAX: ffffffffffffffda RBX: 00007fc6bf1b6160 RCX: 00007fc6bef8e9a9 [ 697.287122][T14492] RDX: 000000000000000d RSI: 0000000000000000 RDI: 8000000000000003 [ 697.287137][T14492] RBP: 00007fc6bfe59090 R08: 0000000000000000 R09: 0000000000000000 [ 697.287151][T14492] R10: 00000000000cbd5d R11: 0000000000000246 R12: 0000000000000001 [ 697.287167][T14492] R13: 0000000000000000 R14: 00007fc6bf1b6160 R15: 00007ffc22f24f08 [ 697.287206][T14492] [ 699.320464][T14502] ieee80211 phy72: Failed to add default virtual iface [ 701.579353][T14514] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1616'. [ 701.746378][T14514] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1616'. [ 703.749943][T14559] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1623'. [ 703.773974][T14559] netlink: 206 bytes leftover after parsing attributes in process `syz.0.1623'. [ 704.562208][T14561] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1622'. [ 704.752762][T14566] netlink: 218 bytes leftover after parsing attributes in process `syz.4.1622'. [ 707.863554][T14603] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1628'. [ 708.161667][T14603] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1628'. [ 714.328366][T14682] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1638'. [ 716.387171][T14703] Process accounting resumed [ 718.835267][T14724] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1652'. [ 721.195995][T14762] netlink: 'syz.5.1649': attribute type 11 has an invalid length. [ 723.689028][T14796] Invalid ELF header magic: != ELF [ 725.063374][T14801] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1655'. [ 725.143778][T14801] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1655'. [ 728.517466][T14858] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1670'. [ 728.535815][T14858] netlink: 206 bytes leftover after parsing attributes in process `syz.0.1670'. [ 729.194177][T14865] netlink: 'syz.1.1662': attribute type 11 has an invalid length. [ 732.073618][T14886] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1665'. [ 732.192350][T14896] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1665'. [ 732.875442][T14902] Invalid ELF header magic: != ELF [ 734.475731][T14915] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1668'. [ 734.499162][T14915] netlink: 218 bytes leftover after parsing attributes in process `syz.4.1668'. [ 735.112208][T14928] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1673'. [ 737.865623][T14940] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1687'. [ 738.633807][T14947] netlink: 'syz.4.1675': attribute type 11 has an invalid length. [ 739.436237][T14948] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1678'. [ 739.495363][T14960] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 739.544669][T14948] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1678'. [ 741.137027][T14978] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1682'. [ 741.216064][T14978] netlink: 206 bytes leftover after parsing attributes in process `syz.0.1682'. [ 742.547933][T14992] FAULT_INJECTION: forcing a failure. [ 742.547933][T14992] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 742.573128][T14992] CPU: 1 UID: 0 PID: 14992 Comm: syz.0.1686 Tainted: G U 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 742.573178][T14992] Tainted: [U]=USER [ 742.573187][T14992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 742.573204][T14992] Call Trace: [ 742.573213][T14992] [ 742.573225][T14992] dump_stack_lvl+0x16c/0x1f0 [ 742.573261][T14992] should_fail_ex+0x512/0x640 [ 742.573298][T14992] should_fail_alloc_page+0xe7/0x130 [ 742.573337][T14992] prepare_alloc_pages+0x3c2/0x610 [ 742.573386][T14992] ? rcu_is_watching+0x12/0xc0 [ 742.573423][T14992] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 742.573457][T14992] ? __lock_acquire+0xb8a/0x1c90 [ 742.573514][T14992] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 742.573546][T14992] ? do_raw_spin_lock+0x12c/0x2b0 [ 742.573592][T14992] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 742.573635][T14992] ? find_held_lock+0x2b/0x80 [ 742.573679][T14992] ? __lock_acquire+0xb8a/0x1c90 [ 742.573717][T14992] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 742.573764][T14992] ? policy_nodemask+0xea/0x4e0 [ 742.573802][T14992] alloc_pages_mpol+0x1fb/0x550 [ 742.573839][T14992] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 742.573885][T14992] folio_alloc_mpol_noprof+0x36/0x2f0 [ 742.573927][T14992] shmem_alloc_folio+0x135/0x160 [ 742.573971][T14992] shmem_alloc_and_add_folio+0x499/0xc20 [ 742.574028][T14992] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 742.574080][T14992] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 742.574117][T14992] shmem_get_folio_gfp+0x67f/0x1600 [ 742.574155][T14992] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 742.574187][T14992] ? __pfx___might_resched+0x10/0x10 [ 742.574226][T14992] shmem_fallocate+0x795/0xf50 [ 742.574274][T14992] ? __pfx_shmem_fallocate+0x10/0x10 [ 742.574300][T14992] ? aa_file_perm+0x4d6/0xfb0 [ 742.574341][T14992] ? __lock_acquire+0xb8a/0x1c90 [ 742.574392][T14992] ? __lock_acquire+0x622/0x1c90 [ 742.574455][T14992] ? __pfx_shmem_fallocate+0x10/0x10 [ 742.574485][T14992] vfs_fallocate+0x608/0x10c0 [ 742.574519][T14992] ? __pfx_vfs_fallocate+0x10/0x10 [ 742.574563][T14992] __x64_sys_fallocate+0xd5/0x150 [ 742.574598][T14992] do_syscall_64+0xcd/0x490 [ 742.574631][T14992] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 742.574661][T14992] RIP: 0033:0x7fc6bef8e9a9 [ 742.574685][T14992] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 742.574713][T14992] RSP: 002b:00007fc6bfe7a038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 742.574741][T14992] RAX: ffffffffffffffda RBX: 00007fc6bf1b6080 RCX: 00007fc6bef8e9a9 [ 742.574761][T14992] RDX: 000000000000000d RSI: 0000000000000000 RDI: 8000000000000003 [ 742.574779][T14992] RBP: 00007fc6bfe7a090 R08: 0000000000000000 R09: 0000000000000000 [ 742.574796][T14992] R10: 00000000000cbd5d R11: 0000000000000246 R12: 0000000000000001 [ 742.574813][T14992] R13: 0000000000000000 R14: 00007fc6bf1b6080 R15: 00007ffc22f24f08 [ 742.574852][T14992] [ 744.224361][T14996] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1688'. [ 744.721444][T14998] netlink: 218 bytes leftover after parsing attributes in process `syz.4.1688'. [ 745.147159][T15008] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1692'. [ 745.193534][T15008] netlink: 206 bytes leftover after parsing attributes in process `syz.0.1692'. [ 745.711850][T15005] hub 1-0:1.0: USB hub found [ 745.863165][T15005] hub 1-0:1.0: 1 port detected [ 746.404771][T15010] Process accounting paused [ 748.078427][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805b56f400: rx timeout, send abort [ 748.501076][T15037] FAULT_INJECTION: forcing a failure. [ 748.501076][T15037] name failslab, interval 1, probability 0, space 0, times 0 [ 748.517137][T15037] CPU: 1 UID: 0 PID: 15037 Comm: syz.0.1699 Tainted: G U 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 748.517189][T15037] Tainted: [U]=USER [ 748.517199][T15037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 748.517216][T15037] Call Trace: [ 748.517226][T15037] [ 748.517238][T15037] dump_stack_lvl+0x16c/0x1f0 [ 748.517277][T15037] should_fail_ex+0x512/0x640 [ 748.517309][T15037] ? __kmalloc_noprof+0xbf/0x510 [ 748.517344][T15037] ? constrain_params_by_rules+0x175/0xca0 [ 748.517382][T15037] should_failslab+0xc2/0x120 [ 748.517411][T15037] __kmalloc_noprof+0xd2/0x510 [ 748.517437][T15037] ? unwind_get_return_address+0x59/0xa0 [ 748.517496][T15037] constrain_params_by_rules+0x175/0xca0 [ 748.517539][T15037] ? register_lock_class+0x41/0x4c0 [ 748.517597][T15037] ? __lock_acquire+0xb8a/0x1c90 [ 748.517649][T15037] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 748.517704][T15037] ? __mutex_trylock_common+0xe9/0x250 [ 748.517761][T15037] ? rcu_is_watching+0x12/0xc0 [ 748.517795][T15037] ? snd_interval_refine+0x2fa/0x580 [ 748.517832][T15037] snd_pcm_hw_refine+0x7de/0xad0 [ 748.517883][T15037] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 748.517936][T15037] ? do_raw_spin_lock+0x12c/0x2b0 [ 748.517992][T15037] ? mark_held_locks+0x49/0x80 [ 748.518040][T15037] snd_pcm_hw_params+0x3e4/0x1b40 [ 748.518085][T15037] ? snd_pcm_hw_param_first+0x30d/0x6f0 [ 748.518122][T15037] ? snd_pcm_hw_param_near.constprop.0+0x72f/0x8e0 [ 748.518168][T15037] ? __pfx_snd_pcm_hw_params+0x10/0x10 [ 748.518216][T15037] ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0 [ 748.518264][T15037] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 748.518307][T15037] ? __asan_memset+0x23/0x50 [ 748.518356][T15037] snd_pcm_kernel_ioctl+0x147/0x2e0 [ 748.518403][T15037] snd_pcm_oss_change_params_locked+0x1432/0x3a30 [ 748.518466][T15037] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 748.518544][T15037] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 748.518595][T15037] snd_pcm_oss_ioctl+0x21e9/0x37a0 [ 748.518660][T15037] ? hook_file_ioctl_common+0x145/0x410 [ 748.518703][T15037] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 748.518748][T15037] ? __fget_files+0x20e/0x3c0 [ 748.518790][T15037] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 748.518823][T15037] __x64_sys_ioctl+0x18e/0x210 [ 748.518858][T15037] do_syscall_64+0xcd/0x490 [ 748.518885][T15037] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 748.518908][T15037] RIP: 0033:0x7fc6bef8e9a9 [ 748.518929][T15037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 748.518952][T15037] RSP: 002b:00007fc6bfe7a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 748.518976][T15037] RAX: ffffffffffffffda RBX: 00007fc6bf1b6080 RCX: 00007fc6bef8e9a9 [ 748.518992][T15037] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000009 [ 748.519007][T15037] RBP: 00007fc6bf010d69 R08: 0000000000000000 R09: 0000000000000000 [ 748.519022][T15037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 748.519036][T15037] R13: 0000000000000000 R14: 00007fc6bf1b6080 R15: 00007ffc22f24f08 [ 748.519069][T15037] [ 748.834447][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805b56f400: abort rx timeout. Force session deactivation [ 749.148710][T15042] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1698'. [ 749.531050][T15040] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1697'. [ 749.578007][T15040] netlink: 218 bytes leftover after parsing attributes in process `syz.4.1697'. [ 751.829350][T15061] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1701'. [ 752.030394][T15062] netlink: 218 bytes leftover after parsing attributes in process `syz.5.1701'. [ 752.327849][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 752.334310][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 753.687433][T15072] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1702'. [ 753.975319][T15072] netlink: 218 bytes leftover after parsing attributes in process `syz.4.1702'. [ 756.044698][T15093] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1706'. [ 757.161607][T15116] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1712'. [ 757.280834][T15116] netlink: 218 bytes leftover after parsing attributes in process `syz.4.1712'. [ 757.735642][T15121] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1714'. [ 758.148872][T15123] netlink: 206 bytes leftover after parsing attributes in process `syz.0.1714'. [ 758.363781][T15125] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1713'. [ 758.522920][T15129] netlink: 218 bytes leftover after parsing attributes in process `syz.5.1713'. [ 759.422783][T15133] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1716'. [ 759.580081][T15136] netlink: 206 bytes leftover after parsing attributes in process `syz.0.1716'. [ 760.861362][T15146] netlink: 'syz.0.1720': attribute type 11 has an invalid length. [ 764.409644][T15168] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1723'. [ 764.432073][T15168] netlink: 218 bytes leftover after parsing attributes in process `syz.5.1723'. [ 764.635970][T15173] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1725'. [ 764.666064][T15173] netlink: 206 bytes leftover after parsing attributes in process `syz.0.1725'. [ 765.676031][T15188] FAULT_INJECTION: forcing a failure. [ 765.676031][T15188] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 765.721320][T15188] CPU: 1 UID: 0 PID: 15188 Comm: syz.0.1727 Tainted: G U 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 765.721369][T15188] Tainted: [U]=USER [ 765.721379][T15188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 765.721395][T15188] Call Trace: [ 765.721405][T15188] [ 765.721415][T15188] dump_stack_lvl+0x16c/0x1f0 [ 765.721451][T15188] should_fail_ex+0x512/0x640 [ 765.721487][T15188] should_fail_alloc_page+0xe7/0x130 [ 765.721534][T15188] prepare_alloc_pages+0x3c2/0x610 [ 765.721574][T15188] ? rcu_is_watching+0x12/0xc0 [ 765.721608][T15188] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 765.721641][T15188] ? __lock_acquire+0xb8a/0x1c90 [ 765.721696][T15188] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 765.721727][T15188] ? do_raw_spin_lock+0x12c/0x2b0 [ 765.721773][T15188] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 765.721817][T15188] ? find_held_lock+0x2b/0x80 [ 765.721859][T15188] ? __lock_acquire+0xb8a/0x1c90 [ 765.721896][T15188] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 765.721941][T15188] ? policy_nodemask+0xea/0x4e0 [ 765.721978][T15188] alloc_pages_mpol+0x1fb/0x550 [ 765.722013][T15188] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 765.722060][T15188] folio_alloc_mpol_noprof+0x36/0x2f0 [ 765.722102][T15188] shmem_alloc_folio+0x135/0x160 [ 765.722145][T15188] shmem_alloc_and_add_folio+0x499/0xc20 [ 765.722200][T15188] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 765.722250][T15188] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 765.722286][T15188] shmem_get_folio_gfp+0x67f/0x1600 [ 765.722323][T15188] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 765.722354][T15188] ? __pfx___might_resched+0x10/0x10 [ 765.722393][T15188] shmem_fallocate+0x795/0xf50 [ 765.722439][T15188] ? __pfx_shmem_fallocate+0x10/0x10 [ 765.722464][T15188] ? aa_file_perm+0x4d6/0xfb0 [ 765.722510][T15188] ? __lock_acquire+0xb8a/0x1c90 [ 765.722553][T15188] ? __lock_acquire+0x622/0x1c90 [ 765.722615][T15188] ? __pfx_shmem_fallocate+0x10/0x10 [ 765.722644][T15188] vfs_fallocate+0x608/0x10c0 [ 765.722679][T15188] ? __pfx_vfs_fallocate+0x10/0x10 [ 765.722721][T15188] __x64_sys_fallocate+0xd5/0x150 [ 765.722756][T15188] do_syscall_64+0xcd/0x490 [ 765.722789][T15188] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 765.722817][T15188] RIP: 0033:0x7fc6bef8e9a9 [ 765.722841][T15188] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 765.722867][T15188] RSP: 002b:00007fc6bfe59038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 765.722894][T15188] RAX: ffffffffffffffda RBX: 00007fc6bf1b6160 RCX: 00007fc6bef8e9a9 [ 765.722913][T15188] RDX: 000000000000000d RSI: 0000000000000000 RDI: 8000000000000003 [ 765.722930][T15188] RBP: 00007fc6bfe59090 R08: 0000000000000000 R09: 0000000000000000 [ 765.722947][T15188] R10: 00000000000cbd5d R11: 0000000000000246 R12: 0000000000000001 [ 765.722963][T15188] R13: 0000000000000001 R14: 00007fc6bf1b6160 R15: 00007ffc22f24f08 [ 765.723008][T15188] [ 769.874181][T15212] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1733'. [ 770.903594][T15233] ICMPv6: process `syz.0.1738' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 772.314655][T15254] FAULT_INJECTION: forcing a failure. [ 772.314655][T15254] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 772.333517][T15254] CPU: 1 UID: 0 PID: 15254 Comm: syz.0.1740 Tainted: G U 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 772.333566][T15254] Tainted: [U]=USER [ 772.333576][T15254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 772.333593][T15254] Call Trace: [ 772.333603][T15254] [ 772.333614][T15254] dump_stack_lvl+0x16c/0x1f0 [ 772.333651][T15254] should_fail_ex+0x512/0x640 [ 772.333689][T15254] should_fail_alloc_page+0xe7/0x130 [ 772.333728][T15254] prepare_alloc_pages+0x3c2/0x610 [ 772.333768][T15254] ? rcu_is_watching+0x12/0xc0 [ 772.333806][T15254] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 772.333841][T15254] ? __lock_acquire+0xb8a/0x1c90 [ 772.333898][T15254] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 772.333930][T15254] ? do_raw_spin_lock+0x12c/0x2b0 [ 772.333976][T15254] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 772.334021][T15254] ? find_held_lock+0x2b/0x80 [ 772.334065][T15254] ? __lock_acquire+0xb8a/0x1c90 [ 772.334104][T15254] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 772.334150][T15254] ? policy_nodemask+0xea/0x4e0 [ 772.334189][T15254] alloc_pages_mpol+0x1fb/0x550 [ 772.334225][T15254] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 772.334271][T15254] folio_alloc_mpol_noprof+0x36/0x2f0 [ 772.334314][T15254] shmem_alloc_folio+0x135/0x160 [ 772.334358][T15254] shmem_alloc_and_add_folio+0x499/0xc20 [ 772.334413][T15254] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 772.334460][T15254] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 772.334507][T15254] shmem_get_folio_gfp+0x67f/0x1600 [ 772.334546][T15254] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 772.334585][T15254] ? __pfx___might_resched+0x10/0x10 [ 772.334625][T15254] shmem_fallocate+0x795/0xf50 [ 772.334673][T15254] ? __pfx_shmem_fallocate+0x10/0x10 [ 772.334700][T15254] ? aa_file_perm+0x4d6/0xfb0 [ 772.334742][T15254] ? __lock_acquire+0xb8a/0x1c90 [ 772.334785][T15254] ? __lock_acquire+0x622/0x1c90 [ 772.334850][T15254] ? __pfx_shmem_fallocate+0x10/0x10 [ 772.334880][T15254] vfs_fallocate+0x608/0x10c0 [ 772.334917][T15254] ? __pfx_vfs_fallocate+0x10/0x10 [ 772.334960][T15254] __x64_sys_fallocate+0xd5/0x150 [ 772.334996][T15254] do_syscall_64+0xcd/0x490 [ 772.335032][T15254] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 772.335062][T15254] RIP: 0033:0x7fc6bef8e9a9 [ 772.335087][T15254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 772.335115][T15254] RSP: 002b:00007fc6bfe59038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 772.335143][T15254] RAX: ffffffffffffffda RBX: 00007fc6bf1b6160 RCX: 00007fc6bef8e9a9 [ 772.335164][T15254] RDX: 000000000000000d RSI: 0000000000000000 RDI: 8000000000000003 [ 772.335183][T15254] RBP: 00007fc6bfe59090 R08: 0000000000000000 R09: 0000000000000000 [ 772.335202][T15254] R10: 00000000000cbd5d R11: 0000000000000246 R12: 0000000000000001 [ 772.335220][T15254] R13: 0000000000000001 R14: 00007fc6bf1b6160 R15: 00007ffc22f24f08 [ 772.335257][T15254] [ 773.363530][T15258] netlink: 'syz.5.1742': attribute type 11 has an invalid length. [ 774.760979][T15268] netlink: 'syz.0.1751': attribute type 11 has an invalid length. [ 774.885593][T11542] Bluetooth: hci1: command 0x0406 tx timeout [ 775.232522][T15272] FAULT_INJECTION: forcing a failure. [ 775.232522][T15272] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 775.363247][T15272] CPU: 0 UID: 0 PID: 15272 Comm: syz.4.1745 Tainted: G U 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 775.363298][T15272] Tainted: [U]=USER [ 775.363308][T15272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 775.363326][T15272] Call Trace: [ 775.363336][T15272] [ 775.363347][T15272] dump_stack_lvl+0x16c/0x1f0 [ 775.363382][T15272] should_fail_ex+0x512/0x640 [ 775.363416][T15272] _copy_from_user+0x2e/0xd0 [ 775.363451][T15272] restore_altstack+0x93/0x170 [ 775.363493][T15272] ? __pfx_restore_altstack+0x10/0x10 [ 775.363533][T15272] ? _raw_spin_unlock_irq+0x23/0x50 [ 775.363573][T15272] ? lockdep_hardirqs_on+0x7c/0x110 [ 775.363601][T15272] ? _raw_spin_unlock_irq+0x2e/0x50 [ 775.363643][T15272] ? set_current_blocked+0xdd/0x120 [ 775.363674][T15272] __do_sys_rt_sigreturn+0x13c/0x230 [ 775.363710][T15272] ? __pfx___do_sys_rt_sigreturn+0x10/0x10 [ 775.363756][T15272] do_syscall_64+0xcd/0x490 [ 775.363789][T15272] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 775.363818][T15272] RIP: 0033:0x7f2cee12ab89 [ 775.363842][T15272] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25 [ 775.363871][T15272] RSP: 002b:00007f2cef0c2a80 EFLAGS: 00000246 ORIG_RAX: 000000000000000f [ 775.363900][T15272] RAX: ffffffffffffffda RBX: 00007f2cee3b5fa0 RCX: 00007f2cee12ab89 [ 775.363920][T15272] RDX: 00007f2cef0c2a80 RSI: 00007f2cef0c2bb0 RDI: 0000000000000011 [ 775.363938][T15272] RBP: 00007f2cef0c3090 R08: 0000000000000000 R09: 0000000000000000 [ 775.363955][T15272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 775.363973][T15272] R13: 0000000000000000 R14: 00007f2cee3b5fa0 R15: 00007fff29359468 [ 775.364010][T15272] [ 775.656180][T15269] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1744'. [ 776.470005][T15292] openvswitch: netlink: IP tunnel dst address not specified [ 776.766353][T15297] Process accounting resumed [ 777.235405][T15306] blktrace: Concurrent blktraces are not allowed on loop2 [ 777.418409][T15309] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 779.898037][T15330] netlink: 'syz.5.1755': attribute type 11 has an invalid length. [ 780.039226][T15329] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1754'. [ 780.158570][T15329] netlink: 218 bytes leftover after parsing attributes in process `syz.4.1754'. [ 782.284491][T15346] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1759'. [ 782.323800][T15346] netlink: 218 bytes leftover after parsing attributes in process `syz.5.1759'. [ 783.959553][T15380] netlink: 'syz.0.1769': attribute type 11 has an invalid length. [ 784.908313][T15396] blktrace: Concurrent blktraces are not allowed on loop2 [ 785.115424][T15379] .SR: entered promiscuous mode [ 786.354807][T15418] FAULT_INJECTION: forcing a failure. [ 786.354807][T15418] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 786.372617][T15418] CPU: 1 UID: 0 PID: 15418 Comm: syz.0.1777 Tainted: G U 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 786.372666][T15418] Tainted: [U]=USER [ 786.372676][T15418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 786.372694][T15418] Call Trace: [ 786.372703][T15418] [ 786.372714][T15418] dump_stack_lvl+0x16c/0x1f0 [ 786.372750][T15418] should_fail_ex+0x512/0x640 [ 786.372783][T15418] should_fail_alloc_page+0xe7/0x130 [ 786.372817][T15418] prepare_alloc_pages+0x3c2/0x610 [ 786.372856][T15418] ? rcu_is_watching+0x12/0xc0 [ 786.372890][T15418] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 786.372923][T15418] ? __lock_acquire+0xb8a/0x1c90 [ 786.372974][T15418] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 786.373011][T15418] ? do_raw_spin_lock+0x12c/0x2b0 [ 786.373055][T15418] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 786.373100][T15418] ? find_held_lock+0x2b/0x80 [ 786.373144][T15418] ? __lock_acquire+0xb8a/0x1c90 [ 786.373182][T15418] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 786.373228][T15418] ? policy_nodemask+0xea/0x4e0 [ 786.373265][T15418] alloc_pages_mpol+0x1fb/0x550 [ 786.373309][T15418] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 786.373354][T15418] folio_alloc_mpol_noprof+0x36/0x2f0 [ 786.373396][T15418] shmem_alloc_folio+0x135/0x160 [ 786.373438][T15418] shmem_alloc_and_add_folio+0x499/0xc20 [ 786.373494][T15418] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 786.373547][T15418] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 786.373584][T15418] shmem_get_folio_gfp+0x67f/0x1600 [ 786.373622][T15418] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 786.373653][T15418] ? __pfx___might_resched+0x10/0x10 [ 786.373693][T15418] shmem_fallocate+0x795/0xf50 [ 786.373740][T15418] ? __pfx_shmem_fallocate+0x10/0x10 [ 786.373766][T15418] ? aa_file_perm+0x4d6/0xfb0 [ 786.373806][T15418] ? __lock_acquire+0xb8a/0x1c90 [ 786.373850][T15418] ? __lock_acquire+0x622/0x1c90 [ 786.373914][T15418] ? __pfx_shmem_fallocate+0x10/0x10 [ 786.373945][T15418] vfs_fallocate+0x608/0x10c0 [ 786.373980][T15418] ? __pfx_vfs_fallocate+0x10/0x10 [ 786.374021][T15418] __x64_sys_fallocate+0xd5/0x150 [ 786.374056][T15418] do_syscall_64+0xcd/0x490 [ 786.374091][T15418] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 786.374119][T15418] RIP: 0033:0x7fc6bef8e9a9 [ 786.374144][T15418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 786.374171][T15418] RSP: 002b:00007fc6bfe59038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 786.374200][T15418] RAX: ffffffffffffffda RBX: 00007fc6bf1b6160 RCX: 00007fc6bef8e9a9 [ 786.374220][T15418] RDX: 000000000000000d RSI: 0000000000000000 RDI: 8000000000000003 [ 786.374239][T15418] RBP: 00007fc6bfe59090 R08: 0000000000000000 R09: 0000000000000000 [ 786.374256][T15418] R10: 00000000000cbd5d R11: 0000000000000246 R12: 0000000000000002 [ 786.374273][T15418] R13: 0000000000000000 R14: 00007fc6bf1b6160 R15: 00007ffc22f24f08 [ 786.374325][T15418] [ 788.093650][T15442] netlink: 'syz.0.1781': attribute type 11 has an invalid length. [ 790.478821][T15468] netlink: 'syz.0.1793': attribute type 11 has an invalid length. [ 790.591431][T15469] blktrace: Concurrent blktraces are not allowed on loop2 [ 791.472704][T15486] netlink: 'syz.0.1797': attribute type 11 has an invalid length. [ 791.880345][T15497] FAULT_INJECTION: forcing a failure. [ 791.880345][T15497] name failslab, interval 1, probability 0, space 0, times 0 [ 791.934568][T15497] CPU: 1 UID: 0 PID: 15497 Comm: syz.5.1787 Tainted: G U 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 791.934621][T15497] Tainted: [U]=USER [ 791.934631][T15497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 791.934650][T15497] Call Trace: [ 791.934661][T15497] [ 791.934673][T15497] dump_stack_lvl+0x16c/0x1f0 [ 791.934710][T15497] should_fail_ex+0x512/0x640 [ 791.934743][T15497] ? __kmalloc_noprof+0xbf/0x510 [ 791.934777][T15497] ? sk_prot_alloc+0x1a8/0x2a0 [ 791.934815][T15497] should_failslab+0xc2/0x120 [ 791.934850][T15497] __kmalloc_noprof+0xd2/0x510 [ 791.934892][T15497] sk_prot_alloc+0x1a8/0x2a0 [ 791.934937][T15497] sk_alloc+0x36/0xc20 [ 791.934971][T15497] __netlink_create+0x5e/0x2c0 [ 791.934995][T15497] ? __wake_up+0x3f/0x60 [ 791.935027][T15497] netlink_create+0x39e/0x620 [ 791.935055][T15497] ? __pfx_rtnetlink_bind+0x10/0x10 [ 791.935104][T15497] __sock_create+0x335/0x8d0 [ 791.935154][T15497] __sys_socket+0x14d/0x260 [ 791.935192][T15497] ? __pfx___sys_socket+0x10/0x10 [ 791.935245][T15497] ? xfd_validate_state+0x61/0x180 [ 791.935284][T15497] ? __pfx_ksys_write+0x10/0x10 [ 791.935323][T15497] __x64_sys_socket+0x72/0xb0 [ 791.935365][T15497] ? lockdep_hardirqs_on+0x7c/0x110 [ 791.935393][T15497] do_syscall_64+0xcd/0x490 [ 791.935426][T15497] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 791.935454][T15497] RIP: 0033:0x7fd93b78e9a9 [ 791.935480][T15497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 791.935508][T15497] RSP: 002b:00007fd93c53b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 791.935537][T15497] RAX: ffffffffffffffda RBX: 00007fd93b9b6080 RCX: 00007fd93b78e9a9 [ 791.935600][T15497] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000010 [ 791.935619][T15497] RBP: 00007fd93b810d69 R08: 0000000000000000 R09: 0000000000000000 [ 791.935639][T15497] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 791.935657][T15497] R13: 0000000000000000 R14: 00007fd93b9b6080 R15: 00007ffc19199a98 [ 791.935697][T15497] [ 795.724616][T15568] svc: failed to register nfsdv3 RPC service (errno 111). [ 795.727394][T15571] input: jJǸ-9%vJ86 as /devices/virtual/input/input30 [ 795.752611][T15568] svc: failed to register nfsaclv3 RPC service (errno 111). [ 797.099638][T15590] blktrace: Concurrent blktraces are not allowed on loop2 [ 797.500288][T15594] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1806'. [ 797.558937][T15594] netlink: 218 bytes leftover after parsing attributes in process `syz.4.1806'. [ 797.875182][T15603] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1809'. [ 798.691949][T15620] input: jJǸ-9%vJ86 as /devices/virtual/input/input31 [ 799.854718][T15636] FAULT_INJECTION: forcing a failure. [ 799.854718][T15636] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 800.003112][T15636] CPU: 0 UID: 0 PID: 15636 Comm: syz.5.1817 Tainted: G U 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 800.003163][T15636] Tainted: [U]=USER [ 800.003173][T15636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 800.003190][T15636] Call Trace: [ 800.003200][T15636] [ 800.003212][T15636] dump_stack_lvl+0x16c/0x1f0 [ 800.003248][T15636] should_fail_ex+0x512/0x640 [ 800.003284][T15636] _copy_to_iter+0x29f/0x16f0 [ 800.003318][T15636] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 800.003350][T15636] ? __pfx__copy_to_iter+0x10/0x10 [ 800.003384][T15636] ? kernfs_seq_stop+0xcd/0x120 [ 800.003428][T15636] ? kernfs_put_active+0x86/0xe0 [ 800.003463][T15636] seq_read_iter+0xcf8/0x12c0 [ 800.003525][T15636] kernfs_fop_read_iter+0x40f/0x5a0 [ 800.003558][T15636] ? rw_verify_area+0xcf/0x680 [ 800.003603][T15636] vfs_read+0x8bc/0xc60 [ 800.003633][T15636] ? __pfx___mutex_lock+0x10/0x10 [ 800.003662][T15636] ? __pfx_vfs_read+0x10/0x10 [ 800.003713][T15636] ksys_read+0x12a/0x250 [ 800.003739][T15636] ? __pfx_ksys_read+0x10/0x10 [ 800.003776][T15636] do_syscall_64+0xcd/0x490 [ 800.003811][T15636] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 800.003839][T15636] RIP: 0033:0x7fd93b78e9a9 [ 800.003864][T15636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 800.003892][T15636] RSP: 002b:00007fd93c55c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 800.003919][T15636] RAX: ffffffffffffffda RBX: 00007fd93b9b5fa0 RCX: 00007fd93b78e9a9 [ 800.003938][T15636] RDX: 0000000000000020 RSI: 0000000000000000 RDI: 0000000000000003 [ 800.003955][T15636] RBP: 00007fd93c55c090 R08: 0000000000000000 R09: 0000000000000000 [ 800.003971][T15636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 800.003998][T15636] R13: 0000000000000000 R14: 00007fd93b9b5fa0 R15: 00007ffc19199a98 [ 800.004044][T15636] [ 801.177727][T15655] ima: policy update failed [ 801.188123][ T30] audit: type=1802 audit(4294967579.495:32): pid=15655 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1830" res=0 errno=0 [ 801.218374][T15655] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1830'. [ 801.655364][T15669] blktrace: Concurrent blktraces are not allowed on loop2 [ 802.138009][T15666] netlink: 'syz.4.1822': attribute type 11 has an invalid length. [ 802.884396][T15690] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1831'. [ 803.416612][T15700] netlink: 298 bytes leftover after parsing attributes in process `syz.1.1831'. [ 803.519403][T15708] blktrace: Concurrent blktraces are not allowed on loop2 [ 806.921714][T15744] netlink: 'syz.4.1842': attribute type 11 has an invalid length. [ 807.118770][T15740] Process accounting paused [ 808.480699][T15752] could not allocate digest TFM handle [ 809.926704][T15786] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1851'. [ 810.019268][T15789] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1851'. [ 810.089217][T15794] blktrace: Concurrent blktraces are not allowed on loop2 [ 810.129476][T15786] netlink: 218 bytes leftover after parsing attributes in process `syz.5.1851'. [ 810.316279][T15797] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1853'. [ 810.327808][T15797] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1853'. [ 813.756443][T15846] blktrace: Concurrent blktraces are not allowed on loop2 [ 813.770524][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 813.770607][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 814.356079][T15857] netlink: 'syz.0.1867': attribute type 11 has an invalid length. [ 815.071238][T15865] hub 1-0:1.0: USB hub found [ 815.170351][T15865] hub 1-0:1.0: 1 port detected [ 815.536900][T15876] netlink: 'syz.0.1869': attribute type 11 has an invalid length. [ 817.336497][T15898] hub 1-0:1.0: USB hub found [ 817.363404][T15898] hub 1-0:1.0: 1 port detected [ 818.319555][T15901] futex_wake_op: syz.0.1873 tries to shift op by 64; fix this program [ 819.239905][T15906] blktrace: Concurrent blktraces are not allowed on loop2 [ 820.294091][T15919] FAULT_INJECTION: forcing a failure. [ 820.294091][T15919] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 820.366330][T15919] CPU: 0 UID: 0 PID: 15919 Comm: syz.5.1879 Tainted: G U 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 820.366380][T15919] Tainted: [U]=USER [ 820.366390][T15919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 820.366407][T15919] Call Trace: [ 820.366417][T15919] [ 820.366429][T15919] dump_stack_lvl+0x16c/0x1f0 [ 820.366464][T15919] should_fail_ex+0x512/0x640 [ 820.366501][T15919] should_fail_alloc_page+0xe7/0x130 [ 820.366539][T15919] prepare_alloc_pages+0x3c2/0x610 [ 820.366586][T15919] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 820.366619][T15919] ? __lock_acquire+0x622/0x1c90 [ 820.366668][T15919] ? __lock_acquire+0x622/0x1c90 [ 820.366712][T15919] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 820.366758][T15919] ? find_held_lock+0x2b/0x80 [ 820.366789][T15919] ? is_bpf_text_address+0x8a/0x1a0 [ 820.366829][T15919] ? bpf_ksym_find+0x124/0x1c0 [ 820.366861][T15919] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 820.366895][T15919] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 820.366943][T15919] ? policy_nodemask+0xea/0x4e0 [ 820.366983][T15919] alloc_pages_mpol+0x1fb/0x550 [ 820.367028][T15919] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 820.367075][T15919] folio_alloc_mpol_noprof+0x36/0x2f0 [ 820.367118][T15919] shmem_alloc_folio+0x135/0x160 [ 820.367163][T15919] shmem_alloc_and_add_folio+0x499/0xc20 [ 820.367220][T15919] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 820.367272][T15919] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 820.367309][T15919] shmem_get_folio_gfp+0x67f/0x1600 [ 820.367354][T15919] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 820.367398][T15919] shmem_fault+0x1fe/0xa30 [ 820.367428][T15919] ? __pfx_shmem_fault+0x10/0x10 [ 820.367454][T15919] ? mod_memcg_lruvec_state+0x394/0x610 [ 820.367497][T15919] ? find_held_lock+0x2b/0x80 [ 820.367531][T15919] ? pte_alloc_one+0x2b6/0x3a0 [ 820.367562][T15919] __do_fault+0x10d/0x490 [ 820.367592][T15919] ? __pfx_filemap_map_pages+0x10/0x10 [ 820.367623][T15919] __handle_mm_fault+0x374c/0x5490 [ 820.367678][T15919] ? __pfx___handle_mm_fault+0x10/0x10 [ 820.367718][T15919] ? __pfx_mt_find+0x10/0x10 [ 820.367772][T15919] ? find_vma+0xbf/0x140 [ 820.367806][T15919] ? __pfx_find_vma+0x10/0x10 [ 820.367847][T15919] handle_mm_fault+0x589/0xd10 [ 820.367893][T15919] ? __pkru_allows_pkey+0x51/0xb0 [ 820.367936][T15919] do_user_addr_fault+0x7a6/0x1370 [ 820.367981][T15919] ? rcu_is_watching+0x12/0xc0 [ 820.368026][T15919] exc_page_fault+0x5c/0xb0 [ 820.368057][T15919] asm_exc_page_fault+0x26/0x30 [ 820.368084][T15919] RIP: 0010:rep_movs_alternative+0x11/0x90 [ 820.368125][T15919] Code: e9 84 11 04 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f 8a 06 <88> 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 4d 11 04 00 66 66 2e 0f [ 820.368151][T15919] RSP: 0018:ffffc9000b917af0 EFLAGS: 00050202 [ 820.368174][T15919] RAX: 0000000000000031 RBX: 0000000000000007 RCX: 0000000000000007 [ 820.368191][T15919] RDX: ffffed1005737801 RSI: ffff88802b9bc000 RDI: 0000000000000000 [ 820.368209][T15919] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffed1005737800 [ 820.368226][T15919] R10: ffff88802b9bc006 R11: 0000000000000001 R12: ffffc9000b917da0 [ 820.368243][T15919] R13: 0000000000000007 R14: ffff88802b9bc000 R15: 00007ffffffff000 [ 820.368287][T15919] _copy_to_iter+0x383/0x16f0 [ 820.368324][T15919] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 820.368362][T15919] ? __pfx__copy_to_iter+0x10/0x10 [ 820.368398][T15919] ? kernfs_seq_stop+0xcd/0x120 [ 820.368444][T15919] ? kernfs_put_active+0x86/0xe0 [ 820.368479][T15919] seq_read_iter+0xcf8/0x12c0 [ 820.368542][T15919] kernfs_fop_read_iter+0x40f/0x5a0 [ 820.368578][T15919] ? rw_verify_area+0xcf/0x680 [ 820.368626][T15919] vfs_read+0x8bc/0xc60 [ 820.368661][T15919] ? __pfx___mutex_lock+0x10/0x10 [ 820.368690][T15919] ? __pfx_vfs_read+0x10/0x10 [ 820.368752][T15919] ksys_read+0x12a/0x250 [ 820.368779][T15919] ? __pfx_ksys_read+0x10/0x10 [ 820.368823][T15919] do_syscall_64+0xcd/0x490 [ 820.368858][T15919] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 820.368888][T15919] RIP: 0033:0x7fd93b78e9a9 [ 820.368911][T15919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 820.368938][T15919] RSP: 002b:00007fd93c55c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 820.368965][T15919] RAX: ffffffffffffffda RBX: 00007fd93b9b5fa0 RCX: 00007fd93b78e9a9 [ 820.368984][T15919] RDX: 0000000000000020 RSI: 0000000000000000 RDI: 0000000000000003 [ 820.369001][T15919] RBP: 00007fd93c55c090 R08: 0000000000000000 R09: 0000000000000000 [ 820.369028][T15919] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 820.369046][T15919] R13: 0000000000000000 R14: 00007fd93b9b5fa0 R15: 00007ffc19199a98 [ 820.369087][T15919] [ 821.899925][T15925] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1890'. [ 821.914365][T15925] netlink: 206 bytes leftover after parsing attributes in process `syz.0.1890'. [ 822.989289][T15947] futex_wake_op: syz.5.1885 tries to shift op by 64; fix this program [ 823.551146][T15952] blktrace: Concurrent blktraces are not allowed on loop2 [ 824.310478][T15955] blktrace: Concurrent blktraces are not allowed on loop2 [ 824.744260][T15959] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1889'. [ 825.143086][T15963] netlink: 206 bytes leftover after parsing attributes in process `syz.0.1889'. [ 829.581014][T16031] futex_wake_op: syz.1.1899 tries to shift op by 64; fix this program [ 831.498184][T13008] ------------[ cut here ]------------ [ 831.503868][T13008] ODEBUG: free active (active state 0) object: ffff888035689318 object type: timer_list hint: hci_devcd_timeout+0x0/0x2e0 [ 831.539043][T13008] WARNING: CPU: 0 PID: 13008 at lib/debugobjects.c:612 debug_print_object+0x1a2/0x2b0 [ 831.548764][T13008] Modules linked in: [ 831.552680][T13008] CPU: 0 UID: 0 PID: 13008 Comm: syz.0.1367 Tainted: G U 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 831.567141][T13008] Tainted: [U]=USER [ 831.571070][T13008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 831.581200][T13008] RIP: 0010:debug_print_object+0x1a2/0x2b0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 831.587148][T13008] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd c0 6f 15 8c 4c 89 e6 48 c7 c7 40 64 15 8c e8 ff d1 9d fc 90 <0f> 0b 90 90 58 83 05 b6 b1 cc 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 831.606896][ C0] vkms_vblank_simulate: vblank timer overrun [ 831.613546][T13008] RSP: 0018:ffffc9001b857768 EFLAGS: 00010286 [ 831.619642][T13008] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817ab108 [ 831.627706][T13008] RDX: ffff88801fb1da00 RSI: ffffffff817ab115 RDI: 0000000000000001 [ 831.636542][T13008] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 831.645598][T13008] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff8c156ae0 [ 831.653924][T13008] R13: ffffffff8baff040 R14: ffffffff8a8e0850 R15: ffffc9001b857868 [ 831.661934][T13008] FS: 0000000000000000(0000) GS:ffff88812472d000(0000) knlGS:0000000000000000 [ 831.671219][T13008] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 831.677899][T13008] CR2: 00007fd93c53bd58 CR3: 0000000028124000 CR4: 00000000003526f0 [ 831.686141][T13008] Call Trace: [ 831.689436][T13008] [ 831.692399][T13008] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 831.697928][T13008] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 831.703813][T13008] debug_check_no_obj_freed+0x4b7/0x600 [ 831.709440][T13008] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 831.715579][T13008] ? rcu_is_watching+0x12/0xc0 [ 831.720358][T13008] ? kmem_cache_free+0x2d1/0x4d0 [ 831.725355][T13008] kfree+0x28f/0x4d0 [ 831.729271][T13008] ? hci_release_dev+0x4d8/0x600 [ 831.734252][T13008] hci_release_dev+0x4d8/0x600 [ 831.739843][T13008] ? __pfx_hci_release_dev+0x10/0x10 [ 831.746069][T13008] ? rcu_is_watching+0x12/0xc0 [ 831.750964][T13008] ? kfree+0x24f/0x4d0 [ 831.755376][T13008] bt_host_release+0x6a/0xb0 [ 831.760007][T13008] ? __pfx_bt_host_release+0x10/0x10 [ 831.765415][T13008] device_release+0xa4/0x240 [ 831.770052][T13008] kobject_put+0x1e7/0x5a0 [ 831.774515][T13008] ? __pfx_vhci_release+0x10/0x10 [ 831.779739][T13008] put_device+0x1f/0x30 [ 831.783953][T13008] vhci_release+0x81/0xf0 [ 831.788383][T13008] __fput+0x402/0xb70 [ 831.792402][T13008] task_work_run+0x14d/0x240 [ 831.797233][T13008] ? __pfx_task_work_run+0x10/0x10 [ 831.802539][T13008] do_exit+0x86c/0x2bd0 [ 831.806873][T13008] ? __pfx_do_exit+0x10/0x10 [ 831.811485][T13008] ? cgroup_update_frozen_flag+0x107/0x210 [ 831.817347][T13008] ? find_held_lock+0x2b/0x80 [ 831.822065][T13008] do_group_exit+0xd3/0x2a0 [ 831.826931][T13008] get_signal+0x2673/0x26d0 [ 831.831477][T13008] ? hrtimer_nanosleep+0x187/0x380 [ 831.836832][T13008] ? __pfx_get_signal+0x10/0x10 [ 831.842601][T13008] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 831.848883][T13008] arch_do_signal_or_restart+0x8f/0x790 [ 831.854712][T13008] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 831.860909][T13008] ? __pfx___x64_sys_clock_nanosleep+0x10/0x10 [ 831.867315][T13008] exit_to_user_mode_loop+0x84/0x110 [ 831.872627][T13008] do_syscall_64+0x3f6/0x490 [ 831.877280][T13008] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 831.883210][T13008] RIP: 0033:0x7fc6befc1265 [ 831.887629][T13008] Code: Unable to access opcode bytes at 0x7fc6befc123b. [ 831.894687][T13008] RSP: 002b:00007fc6bfe58f80 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6 [ 831.903240][T13008] RAX: fffffffffffffdfc RBX: 00007fc6bf1b6160 RCX: 00007fc6befc1265 [ 831.911232][T13008] RDX: 00007fc6bfe58fc0 RSI: 0000000000000000 RDI: 0000000000000000 [ 831.919272][T13008] RBP: 00007fc6bf010d69 R08: 0000000000000000 R09: 0000000000000000 [ 831.928253][T13008] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 831.936366][T13008] R13: 0000000000000001 R14: 00007fc6bf1b6160 R15: 00007ffc22f24f08 [ 831.945192][T13008] [ 831.949103][T13008] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 831.956397][T13008] CPU: 0 UID: 0 PID: 13008 Comm: syz.0.1367 Tainted: G U 6.16.0-rc7-syzkaller-00140-gec2df4364666 #0 PREEMPT(full) [ 831.970216][T13008] Tainted: [U]=USER [ 831.974048][T13008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 831.984212][T13008] Call Trace: [ 831.987496][T13008] [ 831.990441][T13008] dump_stack_lvl+0x3d/0x1f0 [ 831.995049][T13008] panic+0x71c/0x800 [ 831.998960][T13008] ? __pfx_panic+0x10/0x10 [ 832.003395][T13008] ? show_trace_log_lvl+0x29b/0x3e0 [ 832.008627][T13008] ? check_panic_on_warn+0x1f/0xb0 [ 832.013845][T13008] ? debug_print_object+0x1a2/0x2b0 [ 832.019058][T13008] check_panic_on_warn+0xab/0xb0 [ 832.024015][T13008] __warn+0xf6/0x3c0 [ 832.027936][T13008] ? debug_print_object+0x1a2/0x2b0 [ 832.033149][T13008] report_bug+0x3c3/0x580 [ 832.037502][T13008] ? debug_print_object+0x1a2/0x2b0 [ 832.042722][T13008] handle_bug+0x184/0x210 [ 832.047079][T13008] exc_invalid_op+0x17/0x50 [ 832.051594][T13008] asm_exc_invalid_op+0x1a/0x20 [ 832.056452][T13008] RIP: 0010:debug_print_object+0x1a2/0x2b0 [ 832.062270][T13008] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd c0 6f 15 8c 4c 89 e6 48 c7 c7 40 64 15 8c e8 ff d1 9d fc 90 <0f> 0b 90 90 58 83 05 b6 b1 cc 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 832.081913][T13008] RSP: 0018:ffffc9001b857768 EFLAGS: 00010286 [ 832.088179][T13008] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817ab108 [ 832.096182][T13008] RDX: ffff88801fb1da00 RSI: ffffffff817ab115 RDI: 0000000000000001 [ 832.104159][T13008] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 832.112220][T13008] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff8c156ae0 [ 832.120202][T13008] R13: ffffffff8baff040 R14: ffffffff8a8e0850 R15: ffffc9001b857868 [ 832.128184][T13008] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 832.133736][T13008] ? __warn_printk+0x198/0x350 [ 832.138537][T13008] ? __warn_printk+0x1a5/0x350 [ 832.143340][T13008] ? debug_print_object+0x1a1/0x2b0 [ 832.148569][T13008] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 832.154525][T13008] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 832.160369][T13008] debug_check_no_obj_freed+0x4b7/0x600 [ 832.165958][T13008] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 832.172054][T13008] ? rcu_is_watching+0x12/0xc0 [ 832.176838][T13008] ? kmem_cache_free+0x2d1/0x4d0 [ 832.181909][T13008] kfree+0x28f/0x4d0 [ 832.185821][T13008] ? hci_release_dev+0x4d8/0x600 [ 832.191075][T13008] hci_release_dev+0x4d8/0x600 [ 832.195860][T13008] ? __pfx_hci_release_dev+0x10/0x10 [ 832.201168][T13008] ? rcu_is_watching+0x12/0xc0 [ 832.205961][T13008] ? kfree+0x24f/0x4d0 [ 832.210161][T13008] bt_host_release+0x6a/0xb0 [ 832.214796][T13008] ? __pfx_bt_host_release+0x10/0x10 [ 832.220099][T13008] device_release+0xa4/0x240 [ 832.224710][T13008] kobject_put+0x1e7/0x5a0 [ 832.229140][T13008] ? __pfx_vhci_release+0x10/0x10 [ 832.234173][T13008] put_device+0x1f/0x30 [ 832.238350][T13008] vhci_release+0x81/0xf0 [ 832.242688][T13008] __fput+0x402/0xb70 [ 832.246716][T13008] task_work_run+0x14d/0x240 [ 832.251357][T13008] ? __pfx_task_work_run+0x10/0x10 [ 832.256497][T13008] do_exit+0x86c/0x2bd0 [ 832.260965][T13008] ? __pfx_do_exit+0x10/0x10 [ 832.265585][T13008] ? cgroup_update_frozen_flag+0x107/0x210 [ 832.271424][T13008] ? find_held_lock+0x2b/0x80 [ 832.276125][T13008] do_group_exit+0xd3/0x2a0 [ 832.280669][T13008] get_signal+0x2673/0x26d0 [ 832.285195][T13008] ? hrtimer_nanosleep+0x187/0x380 [ 832.290319][T13008] ? __pfx_get_signal+0x10/0x10 [ 832.295194][T13008] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 832.300414][T13008] arch_do_signal_or_restart+0x8f/0x790 [ 832.305999][T13008] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 832.312169][T13008] ? __pfx___x64_sys_clock_nanosleep+0x10/0x10 [ 832.318422][T13008] exit_to_user_mode_loop+0x84/0x110 [ 832.323725][T13008] do_syscall_64+0x3f6/0x490 [ 832.328332][T13008] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 832.334233][T13008] RIP: 0033:0x7fc6befc1265 [ 832.338652][T13008] Code: Unable to access opcode bytes at 0x7fc6befc123b. [ 832.345877][T13008] RSP: 002b:00007fc6bfe58f80 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6 [ 832.354304][T13008] RAX: fffffffffffffdfc RBX: 00007fc6bf1b6160 RCX: 00007fc6befc1265 [ 832.362295][T13008] RDX: 00007fc6bfe58fc0 RSI: 0000000000000000 RDI: 0000000000000000 [ 832.370291][T13008] RBP: 00007fc6bf010d69 R08: 0000000000000000 R09: 0000000000000000 [ 832.378265][T13008] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 832.386246][T13008] R13: 0000000000000001 R14: 00007fc6bf1b6160 R15: 00007ffc22f24f08 [ 832.394323][T13008] [ 832.397508][T13008] Kernel Offset: disabled [ 832.401839][T13008] Rebooting in 86400 seconds..